last executing test programs: 2m48.151413021s ago: executing program 3 (id=1283): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) mmap$auto(0x8, 0x313, 0x0, 0x19, r0, 0x7) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xb}]}, 0x24}}, 0x4000) select$auto(0xd, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x6, 0x1000000005e, 0x80000000, 0x9, 0x6d3f, 0x9, 0x10, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) unshare$auto(0x4) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x7, 0xa, 0x0, 0x46) 2m32.821135817s ago: executing program 32 (id=1283): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) mmap$auto(0x8, 0x313, 0x0, 0x19, r0, 0x7) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xb}]}, 0x24}}, 0x4000) select$auto(0xd, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x6, 0x1000000005e, 0x80000000, 0x9, 0x6d3f, 0x9, 0x10, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) unshare$auto(0x4) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x7, 0xa, 0x0, 0x46) 2m2.770446309s ago: executing program 33 (id=1327): socket(0x1b, 0x3, 0x1) madvise$auto(0x0, 0x2000040080000004, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r2 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0xf728, 0x8000000000000, 0xfffffffffffffffe, 0x11, r2, 0x1) socket(0x5, 0xa, 0x2000) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xd551) 1m57.774692195s ago: executing program 34 (id=1338): socket(0x1b, 0x3, 0x1) madvise$auto(0x0, 0x2000040080000004, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0xf728, 0x8000000000000, 0xfffffffffffffffe, 0x11, r2, 0x1) socket(0x5, 0xa, 0x2000) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xd551) 1m54.173033737s ago: executing program 35 (id=1351): r0 = open(&(0x7f0000000180)='./file0\x00', 0x400200, 0x174) fcntl$auto(r0, 0x400, 0x1) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) gettid() rt_sigtimedwait$auto(&(0x7f0000000040)={0xfffffffffffffbff}, 0x0, 0x0, 0x8) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop2\x00', 0x101080, 0x0) ioctl$auto_BLKSECTGET(r1, 0x1267, 0x20000000000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) timer_create$auto(0x9, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x8000, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x5) ustat$auto(0x1, &(0x7f0000000140)={0x6, 0x0, "621ccee07646", "ab5ab79fcccd"}) timer_gettime$auto(0x0, 0x0) r3 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$auto_virtual_ncidev_fops_virtual_ncidev(r3, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0xa, 0x0) lsetxattr$auto(&(0x7f0000003080)='./file0\x00', &(0x7f00000030c0)='-\x00', &(0x7f0000003100), 0x7, 0x3) 1m41.263074275s ago: executing program 36 (id=1359): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x2, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x2c, r2, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x14, 0x1, 0x0, 0x1, [@nested={0x10, 0x4, 0x0, 0x1, [@typed={0xfffffffffffffe10, 0x88, 0x0, 0x0, @u64=0xffffffffffffffff}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x4000800) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) getpeername$auto(r1, &(0x7f0000000180)=@in={0x2, 0x4e22, @empty}, &(0x7f00000001c0)=0x1000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x120e2, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f00000011c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0004, 0x1a) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r5, &(0x7f00000020c0)=""/4092, 0xffc) madvise$auto(0x8, 0xc89, 0xffffff33) 1m39.14494887s ago: executing program 37 (id=1363): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0) preadv2$auto(r1, 0x0, 0x20000000000001, 0xffffffffffffff02, 0xb, 0x806) write$auto_tty_fops_tty_io(r0, &(0x7f0000000280)="352c8efa618c0bcf83a4ebdb278754e15f", 0x11) ioctl$auto(0xffffffffffffffff, 0x8913, r1) sendmmsg$auto(r1, &(0x7f0000000340)={{&(0x7f0000000180)="d059cc01dba2b3d2525d932bd6177fa4acedcbd2d86b1af13839a98248fa5e0b718c79785aa3066c80248f6d2d954608be029605f271faeeb4f3927bf4f83b335c9ee485a2c3716e22e848e5b258cc515a4db4a6bf672e747b292cea2d53a3c0", 0x7a, &(0x7f00000002c0)={&(0x7f0000000200)="59ce586997364d6c39f1e053d66c7c5518ed907ed8bd14cade5414ca7a04e5d5e0937e970afc432ed8d6f64fe715da2dba083a83508c48ebd0ad8403f4d5c5b8a309b22b52abd2f6e879548c1b2787ccfc", 0x7}, 0x3, &(0x7f0000000300)="e59f99aff9edb86e7a261562cdc862662ad589d1", 0x37, 0x1d03}, 0x6de20413}, 0x401, 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1ff, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x101800, 0xbf) r3 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0xc075) open(0x0, 0x64842, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x50001, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) ioctl$auto(r1, 0x80047457, r0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) swapon$auto(&(0x7f0000000100)='/dev/radio2\x00', 0x800) r5 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000001680)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x511200, 0x0) write$auto_uprobe_events_ops_trace_uprobe(r5, &(0x7f0000000000)="706f3a82d9e5cc7c2ceda8d50bfc94be9fe6c22ffaf8493a38", 0x19) writev$auto(r3, &(0x7f0000000140)={0x0, 0x10446}, 0xfffffffffffffffd) r6 = prctl$auto(0x35, 0x0, 0x2, 0x0, 0x0) write$auto(r2, &(0x7f0000000440)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) ioctl$auto_SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000380)="da8660fa7ac62cdf19daddbd51a10d59ce29ba21f545a2e2d20687e080db5f5f33aee3025851734613447c608ad9fbaa4cd2e8828c1fb7b85b1acfa080e572680976a12f37e0dd4b34c7284cc3143e018f6723247b61a9b95ff97fbc4fa5d61ba2d8b5ab6e143ed41ae99a9690a5fcc7a1b0e4e9c6f647847135bcb7d9b3c08d7dbdecf4e386da149f935f1f6a0110aee9a1dd3074d2273677143e3cc1bf9d6f02dd920139453d427255257df1") mmap$auto(0x0, 0x2000c, 0xdf, 0x17, r6, 0x7ffd) 1m39.037889985s ago: executing program 8 (id=1380): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) r0 = socket(0x10, 0x4, 0xffffffc0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x120e2, 0x0) ioperm$auto(0x2, 0x1, 0x7f) write$auto(r2, 0x0, 0x81) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="2800ec00", @ANYBLOB="010325bd7040ffdbdf250a0000"], 0x28}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810) write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x3e, 0x336, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) io_uring_register$auto_IORING_REGISTER_RESIZE_RINGS(r0, 0x21, &(0x7f0000000340)="1f6cf0c919ac35a7472ad3c830e4d793855acf2d331944515494f1a24137989a419a14d86e38faca9218f0038149ad57cb04e6fce7ac12cf8fe01bb6a6724fdeffec14a826d21aad719e3b80d00cfd85cadc81f21def3b4788cba7d92e912d365939950669a237882aa71a539af436c6b7ebab70f53ca5a6790e2c9dcb73cc523ec83bf58febfa0c6fc0677db669e73efc94d2ecc087", 0x363) madvise$auto(0x0, 0xffffffffffff0004, 0x1a) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) r3 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r3, &(0x7f00000010c0)=""/4082, 0xff2) setgroups$auto(0x1e9, &(0x7f0000000180)=0x400000) madvise$auto(0x8, 0xc89, 0xffffff33) 1m37.567977136s ago: executing program 8 (id=1381): r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4}, 0xa3) (fail_nth: 2) 1m37.165543864s ago: executing program 8 (id=1382): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x96141, 0x0) r0 = socket(0x1b, 0x3, 0x76) madvise$auto(0x0, 0x2000040080000003, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x20010, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000600), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x1c, r3, 0x9, 0x70bd2c, 0x25dfdbfb, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x8001}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x808) setuid$auto(0x1f) ioctl$auto_SNAPSHOT_PLATFORM_SUPPORT(0xffffffffffffffff, 0x330f, 0x0) 1m36.234307996s ago: executing program 8 (id=1383): fcntl$auto(0xffffffffffffffff, 0x400, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) gettid() rt_sigtimedwait$auto(&(0x7f0000000040)={0xfffffffffffffbff}, 0x0, 0x0, 0x8) read$auto(0x3, 0x0, 0x80) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop2\x00', 0x101080, 0x0) ioctl$auto_BLKSECTGET(r0, 0x1267, 0x20000000000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) timer_create$auto(0x9, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x8000, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x5) ustat$auto(0x1, &(0x7f0000000140)={0x6, 0x0, "621ccee07646", "ab5ab79fcccd"}) timer_gettime$auto(0x0, 0x0) r2 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$auto_virtual_ncidev_fops_virtual_ncidev(r2, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0xa, 0x0) lsetxattr$auto(&(0x7f0000003080)='./file0\x00', &(0x7f00000030c0)='-\x00', &(0x7f0000003100), 0x7, 0x3) 1m34.791942613s ago: executing program 8 (id=1384): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) fsync$auto(r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) io_uring_setup$auto(0x48, 0x0) r3 = socket(0xa, 0x3, 0x73) setsockopt$auto(r3, 0xff, 0x7, 0x0, 0xfff) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="a0000000", @ANYRES16=0x0, @ANYBLOB="010029bd7000fedbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x40014}, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x1f, 0x0) r4 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r4, 0x0, 0x5) 1m33.643685637s ago: executing program 8 (id=1385): r0 = open(&(0x7f0000000180)='./file0\x00', 0x400200, 0x174) fcntl$auto(r0, 0x400, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) gettid() rt_sigtimedwait$auto(&(0x7f0000000040)={0xfffffffffffffbff}, 0x0, 0x0, 0x8) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop2\x00', 0x101080, 0x0) ioctl$auto_BLKSECTGET(r1, 0x1267, 0x20000000000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) timer_create$auto(0x9, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x8000, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x5) ustat$auto(0x1, &(0x7f0000000140)={0x6, 0x0, "621ccee07646", "ab5ab79fcccd"}) timer_gettime$auto(0x0, 0x0) r3 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$auto_virtual_ncidev_fops_virtual_ncidev(r3, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0xa, 0x0) lsetxattr$auto(&(0x7f0000003080)='./file0\x00', &(0x7f00000030c0)='-\x00', &(0x7f0000003100), 0x7, 0x3) 1m32.987419201s ago: executing program 9 (id=1379): r0 = prctl$auto(0x10000000017, 0x28, 0x4, 0x8000000156, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000) remap_file_pages$auto(0x5, 0x1000, 0x0, 0x8, 0x10007) r1 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, 0x0, 0x2000, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, 0x0, 0x0) (async) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, 0x0, 0x0) ioctl$auto_BLKFRASET(r0, 0x1264, 0x0) mmap$auto(0x9, 0x3, 0x5, 0x17, r1, 0x8001) sendfile$auto(0x3, r2, 0x0, 0x400000000006) open(0x0, 0x1e1401, 0xe5) (async) r3 = open(0x0, 0x1e1401, 0xe5) syz_genetlink_get_family_id$auto_taskstats(&(0x7f00000000c0), r3) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x800001, 0x0) (async) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x800001, 0x0) ioctl$auto_SNDCTL_TMR_START(r4, 0x5402, &(0x7f00000001c0)="a65259c64803ea6cbedf191c4c081ffa71a48d91ec4cfd8a7653a16b24ecd46734fdd5b25ed59916e0eb23ab1c3c5426b563de5ecfce159bfe0711867e02cbe80e84ad13c19246af01f5c55f8f71faa3b8b27c1fd55ef1c77aff74fa9ab268bf87cf0986105f6b3d483fd59827454266c6a18af3d5f6dec84e2019eed42947117d807d4492354e0069") tkill$auto(0x0, 0x7) (async) tkill$auto(0x0, 0x7) write$auto(0x3, 0x0, 0x100082) socket(0x11, 0x3, 0x7ff) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x1d, 0x2, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x20) (async) read$auto(0xffffffffffffffff, 0x0, 0x20) ioctl$auto_TUNSETOFFLOAD2(r0, 0x400454d0, &(0x7f0000000100)=0x7) (async) r5 = ioctl$auto_TUNSETOFFLOAD2(r0, 0x400454d0, &(0x7f0000000100)=0x7) close_range$auto(0xffffffffffffffff, r5, 0x1) (async) close_range$auto(0xffffffffffffffff, r5, 0x1) bpf$auto_BPF_MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)=@link_detach={r3}, 0xfff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/dev\x00', 0xc8082, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/net/dev\x00', 0xc8082, 0x0) move_mount$auto(0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x77) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x10000000001013, 0x2, 0x8000) setsockopt$auto(r6, 0x114, 0x800, 0x0, 0x4) unshare$auto(0x40000080) 1m32.623296541s ago: executing program 38 (id=1374): r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/enable\x00', 0x0, 0x0) ioctl$auto(r0, 0x9, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) ioctl$auto(0x3, 0x541b, 0x38) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/audit\x00', 0x200, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x1000000004, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto(r2, 0x545c, 0xffffffffffffffff) ioctl$auto_SNDRV_TIMER_IOCTL_PAUSE(0xffffffffffffffff, 0x54a3, 0x0) syz_clone3(&(0x7f0000000100)={0x80a08680, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) unshare$auto(0x40000080) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) 1m32.581272621s ago: executing program 9 (id=1387): r0 = open(&(0x7f0000000180)='./file0\x00', 0x400200, 0x174) fcntl$auto(r0, 0x400, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) gettid() rt_sigtimedwait$auto(&(0x7f0000000040)={0xfffffffffffffbff}, 0x0, 0x0, 0x8) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop2\x00', 0x101080, 0x0) ioctl$auto_BLKSECTGET(r1, 0x1267, 0x20000000000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) timer_create$auto(0x9, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x8000, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x5) ustat$auto(0x1, &(0x7f0000000140)={0x6, 0x0, "621ccee07646", "ab5ab79fcccd"}) timer_gettime$auto(0x0, 0x0) r3 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$auto_virtual_ncidev_fops_virtual_ncidev(r3, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0xa, 0x0) lsetxattr$auto(&(0x7f0000003080)='./file0\x00', &(0x7f00000030c0)='-\x00', &(0x7f0000003100), 0x7, 0x3) 1m31.523134432s ago: executing program 9 (id=1388): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) fsync$auto(r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) io_uring_setup$auto(0x48, 0x0) r3 = socket(0xa, 0x3, 0x73) setsockopt$auto(r3, 0xff, 0x7, 0x0, 0xfff) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="a0000000", @ANYRES16=0x0, @ANYBLOB="010029bd7000fedbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x40014}, 0x0) r4 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r4, 0x0, 0x5) 1m31.056968306s ago: executing program 39 (id=1377): r0 = socket(0x2, 0x3, 0xa) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x203, @dev={0xac, 0x14, 0x14, 0x20}}, 0x54) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram10/queue/max_sectors_kb\x00', 0xe3102, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) setresuid$auto(0x0, 0x8, 0x0) setfsuid$auto(0x0) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NFC_ATTR_SE_APDU={0x35, 0x19, "2db690516cb652b8120b509e63dd0a0b4813d4946d144fcc611a824d011748602f4eea625e38aace9c89df7d6f8e018037"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x24000000) sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x5c, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_FIRMWARE_NAME={0x15, 0x14, '/proc/interrupts\x00'}, @NFC_ATTR_DEVICE_NAME={0x8, 0x2, 'nbd\x00'}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x3}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0x1}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0xff}, @NFC_ATTR_RF_MODE={0x5, 0xb, 0xfa}, @NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x100000}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x8000) r3 = socket(0x11, 0x3, 0x2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001f00), r4) sendmsg$auto_NBD_CMD_STATUS(r4, &(0x7f00000023c0)={0x0, 0x0, &(0x7f0000002380)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="010029bd7000fcdbdf2505000000080401000080000058fb681d43"], 0x1c}, 0x1, 0x0, 0x0, 0x40004}, 0x4008050) getsockopt$auto(r3, 0x107, 0x1, 0x0, 0x0) madvise$auto(0x0, 0x240007, 0x19) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r6 = socket(0x2, 0x1, 0x20000) sendmmsg$auto(r6, 0x0, 0x5, 0x7) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101000, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) 1m30.098859225s ago: executing program 9 (id=1390): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) fsync$auto(r0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) io_uring_setup$auto(0x48, 0x0) socket(0xa, 0x3, 0x73) r2 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r2, 0x0, 0x5) 1m27.644202709s ago: executing program 3 (id=1386): prctl$auto_PR_SET_MM_START_DATA(0xfffffffe, 0x3, 0x0, 0x800000000000008, 0x8) r0 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x29, 0x21, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x10009b72, 0x7, 0x28000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0x1043, 0x0) readv$auto(r0, &(0x7f0000000100)={&(0x7f0000000040)="aeaa491b1a0548684996fad6f23ac2f7633284a949a5685083b3197f9ae9dc12", 0x7fff}, 0x8001) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/options/blk_classic\x00', 0x942, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(r1, r1, 0x7) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x1, 0x4020009, 0xdf, 0xeb1, r2, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000240)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x80008, r3, [0x0, 0x1, 0x4000020], {0x7, 0x80000001, 0xf, 0x2a2, 0x100, 0x5, 0x105, 0x6, 0x9935}, {0x100, 0x1, 0x51, 0x5, 0x20000001, 0x40, 0x1076c5, 0x6, 0x81}}) mmap$auto(0xfffffffffffffffc, 0x200004, 0x4000000ffffffff, 0x19, r2, 0x6) connect$auto(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x40000, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) close_range$auto(0x2, 0x8, 0x4) 1m27.191577837s ago: executing program 3 (id=1391): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) socket(0xa, 0x801, 0x84) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfdef) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) r1 = openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x22800, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/range\x00', 0x100, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd4\x00', 0x40001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) listen$auto(0x3, 0x81) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x7) pread64$auto(r1, &(0x7f0000000080)=']$,]/\x00', 0x8, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x9, 0x5, 0x3) getrandom$auto(&(0x7f0000000040)='-.*\'.$%*%\xf1\x00', 0x7, 0x0) io_submit$auto(0x1, 0x6, &(0x7f00000000c0)=&(0x7f0000000000)={0x57, 0x40, 0x9, 0xffff, 0x0, 0xffffffffffffffff, 0x2, 0x7, 0x7ff, 0x0, 0x3, r1}) 1m26.612936238s ago: executing program 3 (id=1392): r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@raw_tracepoint={0x100000000, r0, 0x0, 0x7fff}, 0x2) r1 = mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xce\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0xdd1, 0x8, 0x0) mmap$auto(0x0, 0x10000, 0x7, 0x14, r1, 0x8000) r2 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000140), r0) sendmsg$auto_OVS_METER_CMD_GET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r2, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0xfffffffa}, @OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_USED={0xc, 0x5, 0x4}, @OVS_METER_ATTR_USED={0xc, 0x5, 0x1}, @OVS_METER_ATTR_STATS={0x14, 0x3, {0x8000000000000000, 0x80000001}}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x2}]}, 0x54}}, 0x4) mmap$auto(0x1000000000000007, 0x2000b, 0x4000000000df, 0xebd, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r3 = socket(0xa, 0x3, 0x2c) setsockopt$auto(r3, 0x1, 0x49, 0x0, 0xa95e) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bpq2/testing\x00', 0x40000, 0x0) 1m26.415319996s ago: executing program 3 (id=1393): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) fsync$auto(r0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r2 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r2, 0x0, 0x5) 1m23.320591542s ago: executing program 3 (id=1396): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"8911bd3a", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6512", "f34cae3a", "10a991b3", ["3ae887a128f1d8c79420d880", "b11feafce4d296d8c985d069", "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]}) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) mmap$auto(0x3, 0x0, 0x3, 0x9b72, 0xffffffffffffffff, 0x28000) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time\x00') mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, r3, 0x28000) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xd3, 0xfffffffffffffffc, 0xfd72) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(0xffffffffffffffff, 0x4018bc13, &(0x7f0000000100)={0x0, 0x9d, 0x1, [0x0]}) ppoll$auto(&(0x7f0000000240)={r3, 0x7, 0xc}, 0x800007b, 0x0, 0x0, 0x8) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) 1m21.053283384s ago: executing program 4 (id=1399): prctl$auto_PR_SET_MM_START_DATA(0xfffffffe, 0x3, 0x0, 0x800000000000008, 0x8) r0 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r0, 0x29, 0x21, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x10009b72, 0x7, 0x28000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000080), 0x1043, 0x0) readv$auto(r0, &(0x7f0000000100)={&(0x7f0000000040)="aeaa491b1a0548684996fad6f23ac2f7633284a949a5685083b3197f9ae9dc12", 0x7fff}, 0x8001) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/options/blk_classic\x00', 0x942, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(r1, r1, 0x7) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x1, 0x4020009, 0xdf, 0xeb1, r2, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000240)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x80008, r3, [0x0, 0x1, 0x4000020], {0x7, 0x80000001, 0xf, 0x2a2, 0x100, 0x5, 0x105, 0x6, 0x9935}, {0x100, 0x1, 0x51, 0x5, 0x20000001, 0x40, 0x1076c5, 0x6, 0x81}}) mmap$auto(0xfffffffffffffffc, 0x200004, 0x4000000ffffffff, 0x19, r2, 0x6) connect$auto(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x40000, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) close_range$auto(0x2, 0x8, 0x4) 1m20.866252198s ago: executing program 4 (id=1400): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) socket(0xa, 0x801, 0x84) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfdef) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) r1 = openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x22800, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/range\x00', 0x100, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd4\x00', 0x40001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) listen$auto(0x3, 0x81) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x7) pread64$auto(r1, &(0x7f0000000080)=']$,]/\x00', 0x8, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x9, 0x5, 0x3) getrandom$auto(&(0x7f0000000040)='-.*\'.$%*%\xf1\x00', 0x7, 0x0) io_submit$auto(0x1, 0x6, &(0x7f00000000c0)=&(0x7f0000000000)={0x57, 0x40, 0x9, 0xffff, 0x0, 0xffffffffffffffff, 0x2, 0x7, 0x7ff, 0x0, 0x3, r1}) 1m20.641137355s ago: executing program 4 (id=1401): mmap$auto(0x0, 0x3, 0xfffffffffffffff8, 0x200000eb1, 0xfffffffffffffffa, 0x1000000000000006) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) socket(0x1e, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x101, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x104, 0x3, 0x3739aae3, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x948b, 0x1, 0x15f4da0a, 0x1a000, 0xffffffffd09d8d67, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_ECCGETSTATS(r1, 0x80104d12, 0x0) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x40840, 0x0) read$auto_proc_pid_maps_operations_internal(r2, &(0x7f00000010c0)=""/4082, 0xff2) setsockopt$auto_SO_DEBUG(r2, 0x7, 0x1, 0x0, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x25, 0x805, 0x3) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) 1m20.081467677s ago: executing program 4 (id=1402): r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@raw_tracepoint={0x100000000, r0, 0x0, 0x7fff}, 0x2) r1 = mq_open$auto(&(0x7f0000000000)='\xbe\xf2\x82\xe7\x14g\xb5\xeeMQ\x13\xa2_g\xbf\t\xfa\xf2_N\xb0{\xf9\xb57v\xeeG\xd9l\xbf\x86q w\x96\xd9\xe9\xa8\xe1\xf0\xc7\x1f\x1e\xc4\xc4\x89u\x83\xe8}\xbd\x7fO\x91\xc1UVW.\xb6\xad\x04u\x02w.\xec`O\xc1\x0e\x15\xe7:\xc9\x1bK\xcddY\x03\x95\xd1\xae\xc1\x9b\x96\x9faj\xd2\xfc\xfc\x1f7\xaf\xcan\xf6\xc0wK\xce\xe7Q\xae\xc9Hg\x01\xef\xda[\xe5\xa3\xa3%\'\x8f\xcf\x96X:\x04Dkt\x7f\xde\x80\x01\xddX\x91\x88\xa1\t\xc3\xf1\xfe[\x93$O8 b\xb4\x92\xf4\xbc\xc5\xb9\x989\xfcF\xec\xdc@\xdd\xdaeM\xe0U\xc8;\xf5\xe7$Q8\xd2\x87\xdd\xc5\x9d\xc5\xe8\xb5\xb5\xb8\xdfD\xd0\xe8t\x8aS\xaa\xbe\xaa\xba\x9e^0\x1a\xf8Y\xf5Jp\bu\xba\x98\x00\xf0H5\xa9u\x0e\xc4\x04\x13\xf58p\x9f\x11\xc07\xefS*|\xd87\x12\xd8\xce\xde0\xd82;\xcd\x18\r\xccI\x99\n\xd2\x86', 0xdd1, 0x8, 0x0) mmap$auto(0x0, 0x10000, 0x7, 0x14, r1, 0x8000) r2 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000140), r0) sendmsg$auto_OVS_METER_CMD_GET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x54, r2, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0xfffffffa}, @OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_USED={0xc, 0x5, 0x4}, @OVS_METER_ATTR_USED={0xc, 0x5, 0x1}, @OVS_METER_ATTR_STATS={0x14, 0x3, {0x8000000000000000, 0x80000001}}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x2}]}, 0x54}}, 0x4) mmap$auto(0x1000000000000007, 0x2000b, 0x4000000000df, 0xebd, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r3 = socket(0xa, 0x3, 0x2c) setsockopt$auto(r3, 0x1, 0x49, 0x0, 0xa95e) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bpq2/testing\x00', 0x40000, 0x0) 1m19.948510003s ago: executing program 4 (id=1403): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) fsync$auto(r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) io_uring_setup$auto(0x48, 0x0) r3 = socket(0xa, 0x3, 0x73) setsockopt$auto(r3, 0xff, 0x7, 0x0, 0xfff) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="a0000000", @ANYRES16=0x0, @ANYBLOB="010029bd7000fedbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x40014}, 0x0) r4 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r4, 0x0, 0x5) 1m18.734227193s ago: executing program 4 (id=1404): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) fsync$auto(r0) r2 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r2, 0x0, 0x5) 1m18.230200684s ago: executing program 40 (id=1385): r0 = open(&(0x7f0000000180)='./file0\x00', 0x400200, 0x174) fcntl$auto(r0, 0x400, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) gettid() rt_sigtimedwait$auto(&(0x7f0000000040)={0xfffffffffffffbff}, 0x0, 0x0, 0x8) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop2\x00', 0x101080, 0x0) ioctl$auto_BLKSECTGET(r1, 0x1267, 0x20000000000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) timer_create$auto(0x9, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x8000, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x5) ustat$auto(0x1, &(0x7f0000000140)={0x6, 0x0, "621ccee07646", "ab5ab79fcccd"}) timer_gettime$auto(0x0, 0x0) r3 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$auto_virtual_ncidev_fops_virtual_ncidev(r3, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0xa, 0x0) lsetxattr$auto(&(0x7f0000003080)='./file0\x00', &(0x7f00000030c0)='-\x00', &(0x7f0000003100), 0x7, 0x3) 1m14.709084199s ago: executing program 41 (id=1390): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) fsync$auto(r0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) io_uring_setup$auto(0x48, 0x0) socket(0xa, 0x3, 0x73) r2 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r2, 0x0, 0x5) 1m11.969396239s ago: executing program 1 (id=1412): openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x600, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) (fail_nth: 2) 1m11.639738452s ago: executing program 1 (id=1413): r0 = open(&(0x7f0000000180)='./file0\x00', 0x400200, 0x174) fcntl$auto(r0, 0x400, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) gettid() rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop2\x00', 0x101080, 0x0) ioctl$auto_BLKSECTGET(r1, 0x1267, 0x20000000000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) timer_create$auto(0x9, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x8000, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x5) ustat$auto(0x1, &(0x7f0000000140)={0x6, 0x0, "621ccee07646", "ab5ab79fcccd"}) timer_gettime$auto(0x0, 0x0) r3 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$auto_virtual_ncidev_fops_virtual_ncidev(r3, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0xa, 0x0) lsetxattr$auto(&(0x7f0000003080)='./file0\x00', &(0x7f00000030c0)='-\x00', &(0x7f0000003100), 0x7, 0x3) 1m11.003489287s ago: executing program 1 (id=1414): sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/lockdep\x00', 0x2, 0x0) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000240)=""/255, 0xff) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x2000, 0x43, 0x4}, 0x18) r2 = open(0x0, 0xa22c0, 0x155) sendmsg$auto_NLBL_UNLABEL_C_STATICREMOVEDEF(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="00082bbd7000ffdbdf2507005f00"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4001) move_mount$auto(r1, &(0x7f0000000200)='./file0\x00', r2, &(0x7f0000000340)='./file0\x00', 0x7) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) write$auto(0x3, 0x0, 0xfdef) write$auto(0x3, 0x0, 0xfdef) 1m10.734000765s ago: executing program 1 (id=1415): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) mmap$auto(0x2, 0xaa06, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, 0x0) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r5, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="01012bbd7000fddbdf250d00000008000300", @ANYRES32=0x0], 0x28}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) msgctl$auto_MSG_INFO(0x9, 0xc, &(0x7f0000000240)={{0x80020000, 0xee00, 0xee01, 0x9, 0x0, 0x7, 0x8}, &(0x7f00000001c0)=0x65, &(0x7f0000000200)=0xd5, 0xa, 0xfffffffffffff90b, 0x1fa1ac89, 0x10, 0x1000, 0x598, 0xf, 0x3, @raw=0xfffffffc, @raw=0xffffffff}) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x200400, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) adjtimex$auto(&(0x7f0000000440)={0x6, 0x0, 0xfffffffffffffffe, 0xffffffffffffff00, 0x8, 0x0, 0x2, 0x0, 0x9, 0x100000000, 0xb4, {0xffffffffffffac55}, 0x0, 0x7, 0x1aaa, 0x4, 0x0, 0x4, 0xf442, 0x81, 0x200, 0xdc, 0xa}) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4000c, 0xdf, 0x9b72, r2, 0x0) prctl$auto(0x1000000003b, 0x7, 0x0, 0x9, 0x7) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_TIPC_NL_NODE_GET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001e40)={0x14, r1, 0x301, 0x70bd28, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) 1m10.342167909s ago: executing program 1 (id=1416): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) fsync$auto(r0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r2 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r2, 0x0, 0x5) 1m9.047943444s ago: executing program 1 (id=1417): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) r1 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r1, 0x0, 0x5) 1m8.220403314s ago: executing program 42 (id=1396): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000001c0)={"8911bd3a", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6512", "f34cae3a", "10a991b3", ["3ae887a128f1d8c79420d880", "b11feafce4d296d8c985d069", "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]}) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) mmap$auto(0x3, 0x0, 0x3, 0x9b72, 0xffffffffffffffff, 0x28000) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/time\x00') mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, r3, 0x28000) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xd3, 0xfffffffffffffffc, 0xfd72) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(0xffffffffffffffff, 0x4018bc13, &(0x7f0000000100)={0x0, 0x9d, 0x1, [0x0]}) ppoll$auto(&(0x7f0000000240)={r3, 0x7, 0xc}, 0x800007b, 0x0, 0x0, 0x8) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) 1m3.552377569s ago: executing program 43 (id=1404): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) fsync$auto(r0) r2 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r2, 0x0, 0x5) 1m0.188510629s ago: executing program 5 (id=1432): r0 = open(&(0x7f0000000180)='./file0\x00', 0x400200, 0x174) fcntl$auto(r0, 0x400, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) gettid() rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) gettid() rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8) read$auto(0x3, 0x0, 0x80) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop2\x00', 0x101080, 0x0) ioctl$auto_BLKSECTGET(r1, 0x1267, 0x20000000000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) timer_create$auto(0x9, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x8000, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x5) ustat$auto(0x1, &(0x7f0000000140)={0x6, 0x0, "621ccee07646", "ab5ab79fcccd"}) timer_gettime$auto(0x0, 0x0) r3 = openat$auto_virtual_ncidev_fops_virtual_ncidev(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) write$auto_virtual_ncidev_fops_virtual_ncidev(r3, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0xa, 0x0) lsetxattr$auto(&(0x7f0000003080)='./file0\x00', &(0x7f00000030c0)='-\x00', &(0x7f0000003100), 0x7, 0x3) 58.781611234s ago: executing program 5 (id=1435): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r0, 0x40104d00, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) fcntl$auto(0x8000000000000001, 0x5, 0x8) close_range$auto(0x2, 0x8000, 0x0) r1 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) ioctl$auto_IOCTL_VM_SOCKETS_GET_LOCAL_CID(r1, 0x7b9, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) sysfs$auto(0x2, 0x100001000000032, 0x0) fsopen$auto(0x0, 0x1) set_mempolicy$auto(0x1, &(0x7f0000000180)=0x2, 0x6) r2 = openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim1/ports/2/pp_hold\x00', 0x201, 0x0) execveat$auto(r2, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=&(0x7f0000000100)='/dev/vsock\x00', &(0x7f0000000200)=&(0x7f00000001c0)='\x00', 0x5) unshare$auto(0x40000080) close_range$auto(0x2, 0x8000, 0x0) 58.120606419s ago: executing program 5 (id=1437): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)="58fcb282bcbc38bfaef257e019406ea6c445cd4f7f7662ac0f8834baa918d5b3cea133243c4f2b9a39e536b67f5a1a2bfdf589da2b1c980e1ce53883444996d1721d7f3ae627c6c604000000000000007910fbc02d899ab93d002d849884a5377ff11be2ed012110f2f520") r1 = socket(0x10, 0x2, 0x4) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ip6gre0/power/control\x00', 0x10b142, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0xc, 0x3, 0x0, 0x0, 0x2) socket(0x3, 0x3, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5e, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r4, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r4, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9 \xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffff7f0001, 0x15) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) r5 = socket(0x15, 0x5, 0x0) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r6, 0x5, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_RX_BUF_LEN={0x8, 0xa, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80080) getsockopt$auto(r5, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) sendfile$auto(r2, r2, 0x0, 0x1000200) 56.122374024s ago: executing program 5 (id=1439): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x6, 0x20000000) write$auto(0xffffffffffffffff, 0x0, 0xfffffdee) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) r2 = epoll_create$auto(0x8800001) epoll_ctl$auto(r2, 0x1, r1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/use_zero_page\x00', 0x28442, 0x0) writev$auto(r3, &(0x7f0000000100)={&(0x7f0000000080), 0x2}, 0x6) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x8000, 0x0) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) unshare$auto(0x40000080) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 55.424035821s ago: executing program 5 (id=1441): mmap$auto(0x0, 0x20009, 0x8, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/saved_cmdlines_size\x00', 0x80002, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7, 0x0, 0x4) unshare$auto(0x40000080) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xffff, 0x3, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYRES16=0x0, @ANYBLOB], 0x588}, 0x1, 0x0, 0x0, 0x48010}, 0x20000800) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) socket(0x0, 0x5, 0xffffffff) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x2000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0) pwrite64$auto(r1, 0x0, 0x1, 0x8) madvise$auto(0x0, 0x8000000000000000, 0x15) mmap$auto(0x0, 0x40008, 0xb3, 0x9b72, 0xffffffffffffffff, 0x28000) r2 = socket(0x28, 0x1, 0x0) getsockopt$auto(r2, 0x28, 0x2, 0x0, 0x0) 54.696511066s ago: executing program 5 (id=1445): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r2, 0x0, 0x800003, 0x270) socket(0xf, 0x3, 0x2) madvise$auto_MADV_PAGEOUT(0xd, 0x8000, 0x15) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x2e4041, 0x44) fchdir$auto(r4) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000040)='.\x00', 0x4) umount2$auto(&(0x7f0000000000)='.\x00', 0x4) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) sendmsg$auto_NL80211_CMD_SET_PMKSA(r4, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="94b8501371b7bc8f4b40598e264b628786aee7207da34fd1f14ec5b3b53ccd6151b45f7b7d879b22fc792b49247a34c97cf0509e1dc790cd0f1466014a1c54376076b7bd72221c724ab939a16be989e055ff0716bcf143f572559efa38dd854b070e2a20d18f68fc1e57b0f0ac4f52adee40df957018574f1afc85eed14836659c7eab6cc981615c20e2baa0837925fcd29a7c1be71c81a8fff96ebcb31be020cbb1d8c9268d4b6a2a65ab2b0e86d582ecc0596f132e37e28d559b574b5a731a22799da4b667cf94bcb7504c5c65136539c2b64aac47fa5d3eb16d9f3e33e9933c5a23", @ANYRES16=0x0, @ANYBLOB="000427bd7000fcdbdf25340000000600140105000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x1) write$auto(r3, &(0x7f0000000100)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xf, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x80d, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) symlinkat$auto(0x0, r5, 0x0) close_range$auto(r1, 0xffffffffffffffff, 0x0) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x4, 0x1ff, 0xffffffffffffffff, @relative_fd, 0xe600}, 0xf) bpf$auto(0x2, 0x0, 0xc) read$auto_proc_timers_operations_base(0xffffffffffffffff, &(0x7f0000000280)=""/43, 0x2b) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r0) socket(0x1d, 0x80002, 0x73) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 53.811987484s ago: executing program 44 (id=1417): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) r1 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080), 0x109c41, 0x0) write$auto(r1, 0x0, 0x5) 38.978672721s ago: executing program 45 (id=1445): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r2, 0x0, 0x800003, 0x270) socket(0xf, 0x3, 0x2) madvise$auto_MADV_PAGEOUT(0xd, 0x8000, 0x15) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x2e4041, 0x44) fchdir$auto(r4) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000040)='.\x00', 0x4) umount2$auto(&(0x7f0000000000)='.\x00', 0x4) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) sendmsg$auto_NL80211_CMD_SET_PMKSA(r4, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="94b8501371b7bc8f4b40598e264b628786aee7207da34fd1f14ec5b3b53ccd6151b45f7b7d879b22fc792b49247a34c97cf0509e1dc790cd0f1466014a1c54376076b7bd72221c724ab939a16be989e055ff0716bcf143f572559efa38dd854b070e2a20d18f68fc1e57b0f0ac4f52adee40df957018574f1afc85eed14836659c7eab6cc981615c20e2baa0837925fcd29a7c1be71c81a8fff96ebcb31be020cbb1d8c9268d4b6a2a65ab2b0e86d582ecc0596f132e37e28d559b574b5a731a22799da4b667cf94bcb7504c5c65136539c2b64aac47fa5d3eb16d9f3e33e9933c5a23", @ANYRES16=0x0, @ANYBLOB="000427bd7000fcdbdf25340000000600140105000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x1) write$auto(r3, &(0x7f0000000100)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xf, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x3, 0x3, 0x80d, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) symlinkat$auto(0x0, r5, 0x0) close_range$auto(r1, 0xffffffffffffffff, 0x0) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x4, 0x1ff, 0xffffffffffffffff, @relative_fd, 0xe600}, 0xf) bpf$auto(0x2, 0x0, 0xc) read$auto_proc_timers_operations_base(0xffffffffffffffff, &(0x7f0000000280)=""/43, 0x2b) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r0) socket(0x1d, 0x80002, 0x73) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 7.509867884s ago: executing program 7 (id=1551): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x401008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) write$auto(r3, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0xc) r4 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r4, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x400000000) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0x10000000d, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x16, 0xa, 0xd, 0x465, 0x948b, 0x3, 0x15f4da0a, 0x20000003, 0x6, 0x62, 0xd77a, 0x5, 0x6d3e, 0x9, 0xfffffffffffffffd, 0x100000001]}, 0x0) close_range$auto(r3, 0xffffffffffffffff, 0xb) r6 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon6\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r6, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/026/001\x00', 0x28080, 0x0) 7.50967532s ago: executing program 2 (id=1559): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0x2020049, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) socket(0x15, 0x5, 0x0) (async, rerun: 32) syz_open_procfs$namespace(0x0, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r1) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) write$auto(0xffffffffffffffff, 0x0, 0x1) (async, rerun: 32) r2 = socket(0x2, 0x2, 0x88) (rerun: 32) setsockopt$auto(r2, 0x88, 0xa, &(0x7f0000000200)='\xba\xba\xd3\xc8[&P\x9c\xe7AJz\'\x91\xce=B}v+7n\xa2r0\x92\xc3\x0eE\x96\xf63\xec\xe0\xb2\f\xa86v\xeb\xf1\xcb\xd4\xa9\v\xe1\xcc\xa10\x11J\xb9\x06#K:7\xb9+\xb8\xeb\x18', 0x80000e) mmap$auto(0x0, 0xc, 0x2, 0x40eb2, 0x401, 0x300000000000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000140)={0x0, 0xa841}, 0x1, 0x0, 0xbed0, 0x9}, 0x7}, 0x80a145, 0x0) readv$auto(r2, &(0x7f0000000100)={0x0, 0x100000001}, 0x8) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000002c0), 0xffffffffffffffff) (async, rerun: 32) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'netdevsim0\x00'}) (rerun: 32) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r3, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000300)=ANY=[@ANYBLOB="20020000e55bcf2f5fafa1623b883c1ddf2ea69705a0ea502964b86deaf0f015abd5adcd59de9d4bc434588d04040071ddbb5680042d48d121e2", @ANYRES16=r0, @ANYBLOB="010026bd7000fbdbdf251a0000000c00018008000100", @ANYRES8=r2, @ANYRES64=r1], 0x20}, 0x1, 0x0, 0x0, 0x40801}, 0x80) read$auto_state_fops_(0xffffffffffffffff, &(0x7f0000000180)=""/81, 0x51) (async) writev$auto(0x3, 0x0, 0x8) (async) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async, rerun: 32) close_range$auto(0xffffffffffffffff, 0xa, 0x800) (rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) (async, rerun: 32) r4 = socket(0x1e, 0x4, 0x0) (rerun: 32) read$auto(0x3, 0x0, 0x80) (async, rerun: 32) get_robust_list$auto(0x0, 0x0, 0x0) (async, rerun: 32) setsockopt$auto(r4, 0x10f, 0x87, 0x0, 0x14) (async) setsockopt$auto(0xffffffffffffffff, 0x5, 0x8b, 0x0, 0x2) 5.907920615s ago: executing program 7 (id=1553): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) socket(0xa, 0x801, 0x84) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfdef) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x22800, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/range\x00', 0x100, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd4\x00', 0x40001, 0x0) 5.906507758s ago: executing program 2 (id=1563): unshare$auto(0x40000080) adjtimex$auto(&(0x7f0000000280)={0xf, 0x0, 0x8, 0x100000001, 0x7f, 0x0, 0x2, 0x0, 0xe, 0x0, 0x10001, {0xf, 0x4}, 0x7ffffffffffffffe, 0x3a9d, 0x5, 0x10001, 0x0, 0x6, 0x4, 0x7, 0x8, 0x5, 0x1015c8}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) semctl$auto(0x7ff, 0x2, 0x13, 0x3) mbind$auto(0x0, 0x40, 0x4, 0x0, 0x3, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x8000002, 0x20009, 0x8000000400000003, 0xeb1, 0x401, 0x8001) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) socket(0x18, 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/memfd_noexec\x00', 0x2, 0x0) r2 = geteuid() fstat$auto(0xffffffffffffffff, &(0x7f0000000040)={0x4, 0xc, 0x200, 0x3, 0xee01, 0x0, 0x0, 0x3, 0x8, 0xfffffffffffffff8, 0x5, 0x9, 0xfffffffffffffffc, 0x80000001, 0x9, 0x8, 0x800002}) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) keyctl$auto_KEY_REQKEY_DEFL_PROCESS_KEYRING(0xa, 0x2, r2, r3, 0x42) stat$auto(0x0, &(0x7f0000000380)={0xc000000, 0x0, 0x8, 0xfffffd5f, r2, 0xee01, 0x0, 0x93, 0x6a01e59f, 0x9e2e, 0x1009, 0x0, 0x1, 0x6, 0x6b62612e, 0xfffffffffffffffc, 0x456}) msgctl$auto_IPC_RMID(0xffffff4b, 0x0, &(0x7f00000001c0)={{0x7f28, 0xee01, r5, 0xb024, 0x9, 0x6, 0x2}, &(0x7f0000000140)=0x5f, 0x0, 0xffffffffffffffff, 0x30ba, 0x80000001, 0x4, 0x4, 0xc, 0x2, 0x6, @raw=0x4, @inferred=0xffffffffffffffff}) sendmsg$auto_IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000780)=ANY=[], 0x1e4}, 0x1, 0x0, 0x0, 0x20000040}, 0x4) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) set_mempolicy$auto(0x8003, 0x0, 0x4) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) 5.789852745s ago: executing program 6 (id=1555): r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffff5fdffe00, &(0x7f0000000400)=';') openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x8) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x840, 0xc) socket(0x1d, 0x2, 0x6) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x7, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) socket(0x10, 0x2, 0x0) io_uring_setup$auto(0x4, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x109500, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) io_uring_setup$auto(0x85, 0x0) socket(0x1d, 0x2, 0x7) socketpair$auto(0x4004, 0x7, 0x4, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/fail-nth\x00', 0x90500, 0x0) ioctl$auto_TCFLSH2(r1, 0xc0384707, 0x0) 5.170623418s ago: executing program 7 (id=1556): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x20) ioctl$auto_BLKSECDISCARD(0xffffffffffffffff, 0x127d, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) shmctl$auto_SHM_UNLOCK(0x200, 0xc, &(0x7f0000001340)={{0x33c, 0xee00, 0x0, 0xffff129a, 0x6, 0x4, 0x101}, 0x3ff, 0x200, 0x1, 0x3, @inferred, @raw=0x1, 0xb0fc, 0x0, &(0x7f0000001140), &(0x7f0000001240)="b84715281ddec019e72aeaf72098c1e75dc7c1d6e353dff804f7f17598a5e3727bb531248c92fb8cf667076b3e2b25215de9b7bd27a303622c2d4c6cb8f7b3a5b6bcad6a5bf011c6afd8df9427bd8a0cd16a92c8e72b0d5b4e88f6e3923d34b937272c40fc3ae19a067a6b4144b8af52f218faf71590e7f419c446474d10b867ea631caa867d0789138c5185af52b1ff821ad46ebf43e410b8c499202b9efbe3ee07720c67378c95ae5f00d9159207dde5176393b738b1ee61937f71ae85973859600e766a175a54909b919ebb85595880631f2fd2ae00ce"}) sendmsg$auto_OVS_METER_CMD_SET(r3, &(0x7f0000001700)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={0x14e, 0x0, 0x4, 0x70bd2a, 0x25dfdbff, {}, [@OVS_METER_ATTR_MAX_BANDS={0x8, 0x8, 0x401}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x9}, @OVS_METER_ATTR_ID={0x0, 0x1, 0x6}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0x1}, @OVS_METER_ATTR_MAX_BANDS={0x8, 0x8, 0x8}, @OVS_METER_ATTR_MAX_BANDS={0x8, 0x8, 0x4}, @OVS_METER_ATTR_BANDS={0xfb}]}, 0x13c}, 0x1, 0x0, 0x0, 0x24000001}, 0x40) r4 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r4, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)='./file0\x00') rename$auto(&(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)='./file1\x00') openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x202082, 0x0) openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000100), 0x28000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) r5 = ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)=';') syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), r5) 5.159938553s ago: executing program 6 (id=1557): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) r0 = epoll_create$auto(0x2) epoll_pwait2$auto(r0, 0x0, 0x8, &(0x7f0000002780)={0x10000000000, 0x5}, 0x0, 0x8) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x18, 0x10, 0x808, 0x7fb, &(0x7f0000000340)="2e87ae255faea9bca16821e73660a43c98f81f056a20818dde63d3c3436ada5521c127417b70c848d2f0b41c9954b52c56fd29b722f89cb8e96cfabaead96bc484c33f7fb2b8e8aeaeeb962fd2017e70de4a4892c560daf3d83461a5c527c6ca6471a2d3bb0714224c0002a6ed62432b4a635d9cb072fba6cc4049f67aced3906e0af971d833a8a1d53e32a133a5b4c89ec915deff"}) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b8162d21, 0x0) write$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000040)="5cedd9d1027e0dc0023af10e9bfa1babfa3a3753ca9aee370a", 0x19) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) keyctl$auto(0x2000000000000016, 0x0, 0xfffffffe, 0x400040, 0xa8) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) mmap$auto(0x2000000000000002, 0x20000020009, 0x7, 0xeb1, 0x40000000000a5, 0x8000) ioctl$auto(0xffffffffffffffff, 0x3, r2) setsockopt$auto(r3, 0x80, 0xfffffffe, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x3ff) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x407, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3b, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r4, 0x0, 0x100000a3d9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r5, 0x4, 0x7ff) open(&(0x7f00000000c0)='./file0\x00', 0x200000, 0x60) io_uring_setup$auto(0x25a8c, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) pipe2$auto(0x0, 0x80) 4.229909755s ago: executing program 0 (id=1558): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r0, 0x0, 0xb4d3) socket(0x10, 0x4, 0xffffffc0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) write$auto(0xffffffffffffffff, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) clock_settime$auto(0xa, 0x0) open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001540)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_GROUP(r2, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000000200)={0x28, r3, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@NET_SHAPER_A_HANDLE={0x4}, @NET_SHAPER_A_LEAVES={0x8, 0xa, 0x0, 0x1, [@NET_SHAPER_A_HANDLE={0x4}]}, @NET_SHAPER_A_IFINDEX={0x8, 0x8, r4}]}, 0x28}, 0x1, 0x0, 0x0, 0x44000}, 0x14) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) r5 = socket(0x2, 0x801, 0x100) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) socket(0x15, 0x5, 0x0) sendmsg$auto_TASKSTATS_CMD_GET(r5, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, 0x0, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@TASKSTATS_CMD_ATTR_PID={0x8}]}, 0x1c}}, 0x4000040) rmdir$auto(&(0x7f0000000300)='./cgroup\x00') close_range$auto(0x2, 0x8, 0x0) socket(0x2a, 0x1, 0xffe) socket(0x2, 0x1, 0x84) listen$auto(0x3, 0x81) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x4ea06, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r6, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x10040, 0x0) r7 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) sendfile$auto(r7, r7, 0x0, 0x10000800000003) 4.02062266s ago: executing program 6 (id=1560): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mice\x00', 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto_mousedev_fops_mousedev(r0, &(0x7f00000000c0)="13", 0x1) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000300)={{@raw=0x1, 0xa, 0xf8, 0x4671, "a401d243991a4dc376cc2bd4dbe3040e3cff152230323227f8d6c24be7ceeed84366bbadec197ea40209a468", @raw}, 0x1ea, 0x81, 0x1, @raw=0x8f10, @reserved="b2089ab0bbaab63c40853405fb772ade9448008d0040560232dbb586cf8f11ca82a2ba37174118952b850ad2099d3a3bc1c77e916330e96e2989bebf719430efe8c9a59c9349eac701c2bbb3122607916561a6da1cfdfc5dc83f4cc979d6dbf96bcb58d1f9042592b39ceec6193960c9a37975bc0153c5fce4d94f329d47f6d4", "2bb2d72b107f03a0ef0c6760e2e1fd64b8ae4a5be70b75810dfa4cc7182ed519d3613ea5b4243440fc9595b760cee784decb284ff015aa97d8f86dd61fd4f929"}) 3.940124141s ago: executing program 2 (id=1561): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mice\x00', 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (fail_nth: 1) write$auto_mousedev_fops_mousedev(r0, &(0x7f00000000c0)="13", 0x1) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000300)={{@raw=0x1, 0xa, 0xf8, 0x4671, "a401d243991a4dc376cc2bd4dbe3040e3cff152230323227f8d6c24be7ceeed84366bbadec197ea40209a468", @raw}, 0x1ea, 0x81, 0x1, @raw=0x8f10, @reserved="b2089ab0bbaab63c40853405fb772ade9448008d0040560232dbb586cf8f11ca82a2ba37174118952b850ad2099d3a3bc1c77e916330e96e2989bebf719430efe8c9a59c9349eac701c2bbb3122607916561a6da1cfdfc5dc83f4cc979d6dbf96bcb58d1f9042592b39ceec6193960c9a37975bc0153c5fce4d94f329d47f6d4", "2bb2d72b107f03a0ef0c6760e2e1fd64b8ae4a5be70b75810dfa4cc7182ed519d3613ea5b4243440fc9595b760cee784decb284ff015aa97d8f86dd61fd4f929"}) 3.840847161s ago: executing program 6 (id=1562): r0 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r0, 0x29, 0x13, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/fs/cifs/DebugData\x00', 0x2000, 0x0) read$auto(r1, &(0x7f0000000000)='/proc/scsi/sg/devices\x00', 0xc9e3) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x800, 0x0) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mice\x00', 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto_mousedev_fops_mousedev(r2, &(0x7f00000000c0)="13", 0x1) r3 = openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) pread64$auto(r3, 0x0, 0x6, 0x50f29b09) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000300)={{@raw=0x1, 0xa, 0xf8, 0x4671, "a401d243991a4dc376cc2bd4dbe3040e3cff152230323227f8d6c24be7ceeed84366bbadec197ea40209a468", @raw}, 0x1ea, 0x81, 0x1, @raw=0x8f10, @reserved="b2089ab0bbaab63c40853405fb772ade9448008d0040560232dbb586cf8f11ca82a2ba37174118952b850ad2099d3a3bc1c77e916330e96e2989bebf719430efe8c9a59c9349eac701c2bbb3122607916561a6da1cfdfc5dc83f4cc979d6dbf96bcb58d1f9042592b39ceec6193960c9a37975bc0153c5fce4d94f329d47f6d4", "2bb2d72b107f03a0ef0c6760e2e1fd64b8ae4a5be70b75810dfa4cc7182ed519d3613ea5b4243440fc9595b760cee784decb284ff015aa97d8f86dd61fd4f929"}) 3.460359913s ago: executing program 7 (id=1564): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) r0 = socket(0xa, 0x1, 0x84) getsockopt$auto(r0, 0x400099b6, 0x484, 0x0, 0x0) r1 = openat$auto_lsm_ops_inode(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) close_range$auto(0x0, r1, 0x2) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) process_vm_writev$auto(0x0, &(0x7f00000011c0)={&(0x7f00000001c0)="42777dd1330b458d0b5c44ca32e94fc00cfbce962ee7d8f31c0f90c327830f55adfdceafcc0f7b5a21ea23bdf5344d47d49d60218e57bb33118d04fdd37f5fd17f96a318132a5dd282784244bd58b9a0c8adc60d2f8535b3", 0x5}, 0x7, 0x0, 0x7, 0x5) socket(0x11, 0x3, 0x9) r2 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000240), 0x2c00, 0x0) preadv2$auto(r2, &(0x7f0000000380)={&(0x7f0000000280)="556f8268de2f96a2373b0992669c37ea40b06d2516beb396d5771f9f3e21d85a8b371515eca7f1d00f8ce46a77cfdb4a4e6778a3e69db940074655199abe107796c9a75ea3cf6283ca38939309efe83a7112f962552371822b3d246cf686d1c4f973d8e7f6c85155d5c8ceddc1579fd448a7c502ec45593cbe8d9369cfddf211eb57d7fc05e3396b2778d1ff7ef90c920dab48592e2ad68c45d10d0fb81e212e2c551d5f38ac54ee15b03eda9d007d4e6766e03f3b1ddd76733e1f16b66f4c76274328b1fad42182ea53e75e72dae86f1b24fe82d47ac3d6dbfe781ec8644fba0e47c65c02cbade95e4aba", 0x2}, 0x0, 0x3, 0x10000, 0xf) mmap$auto(0x100000001, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(r0, &(0x7f0000000180)='\x00', 0x7) capget$auto(0x0, 0xfffffffffffffffe) r3 = socket(0x2, 0x1, 0x0) setsockopt$auto(r3, 0x6, 0x24, 0x0, 0x40) capset$auto(0x0, &(0x7f0000000040)={0x1, 0xfffffffd, 0x6}) ioctl$auto_UBI_IOCATT(0xffffffffffffffff, 0x40186f40, &(0x7f0000000080)={0x4, 0x1, 0xf7b, 0x4, 0x1, 0x10}) socket(0xa, 0x6, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000000)='.\x00', 0xc00, 0x409) sysfs$auto(0x2, 0x2, 0x0) unshare$auto(0x40000080) mbind$auto(0x200, 0x10000100000003, 0x2000000000005, 0x0, 0x7fffffffffffffff, 0xe) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0) write$auto(0xca, &(0x7f0000000140)='\x04>\x01\x01\b\x03\x00\x00\x00I}\xe8N\x94\xf2\xa2\x00\x00\f\x15\xd8a\xed\x84\xb7\f\x00\x00\x80\x00\x00\x00\x001.\xb0`W\xd3M\x00\xbf\xe9\x83\xea8\xd1\xda\xcf9\x02u@\xeb\xcd\xb2\tBAh\xf8', 0x3ff) setsockopt$auto(0x4, 0x1, 0xf, 0x0, 0xd) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x40000) 3.319639717s ago: executing program 6 (id=1565): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x40, 0x0, 0xee01, 0x0, 0x2000000006, 0x20080000000003, 0x0, 0x5, 0x8, 0x5, 0x1000000001, 0x0, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/stat/synproxy\x00', 0xc0a00, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x402000, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x842, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x8000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x6a742, 0x0) r4 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x301802, 0x0) write$auto(r4, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x121042, 0x110) unshare$auto(0x40000080) pread64$auto(r1, &(0x7f0000000040)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\x8d\xa8\xcfM9\\\xd6\xcfUq\x05#\xed\x1c\xd1G\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xbasG\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1', 0x3ff, 0x9) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) 3.23735188s ago: executing program 2 (id=1566): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x119040, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x100, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x4, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) read$auto_dvb_dvr_fops_dmxdev(r0, &(0x7f0000000240)=""/138, 0x8a) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) mmap$auto(0x0, 0x20009, 0x3, 0xeb4, 0x401, 0x8001) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) socket(0x25, 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x1948b, 0x9, 0x15f4da07, 0x3, 0x0, 0x9, 0x9, 0x2, 0x6d3e, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0xffffffffffffffff, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd9\x00', 0x0, 0x0) r3 = gettid() process_vm_writev$auto(r3, &(0x7f0000002980)={0x0, 0x20000000000008}, 0x1007, 0x0, 0x9, 0x0) 3.044097376s ago: executing program 0 (id=1567): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0x200000000580f, 0x1, 0x8000000008011, 0x3, 0x8000000000000001) mmap$auto(0xfffffffffffffffc, 0x10, 0x80000dd, 0x9b72, 0xffffffffffffffff, 0x7) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nbd9\x00', 0x60542, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) mmap$auto(0xfffffffffffffffd, 0x4, 0x4000000000df, 0x40eb1, r0, 0x300000000000) r1 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x8000000001, 0x7ff) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) socket(0x26, 0x3, 0x3ae) ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f0000000080)) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(r3, 0x0, 0x5cc) mmap$auto(0xffffffffffffffff, 0x7f, 0xff7, 0x8000000008014, 0x3, 0x0) r4 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000001480), 0x400, 0x0) pread64$auto(r4, 0x0, 0x101, 0x800005c2b) setsockopt$auto(r1, 0x8000, 0x0, 0x0, 0x1e) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) unshare$auto(0x200009) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x2000000006, 0x20000000000003, 0x3, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x40, 0x40000e2, 0xeb1, 0x401, 0x8000) 2.590537463s ago: executing program 7 (id=1568): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) socket(0x10, 0x2, 0xc) socket(0x2000000000000021, 0x2, 0x10000000000002) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1d, &(0x7f00000003c0), 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x14, 0x0, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40014}, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x1f, 0x0) ioctl$auto_OSS_GETVERSION2(r2, 0x80044d76, &(0x7f0000000080)) lseek$auto(0x3, 0x1, 0x1) munmap$auto(0x8000, 0xffffffff) 1.989319336s ago: executing program 7 (id=1569): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r0, 0x0, 0xb4d3) socket(0x10, 0x4, 0xffffffc0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) write$auto(r0, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x108000) open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) r2 = socket(0x2, 0x801, 0x100) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) socket(0x15, 0x5, 0x0) sendmsg$auto_TASKSTATS_CMD_GET(r2, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c000000474b3086d7841d2b60b44b0fee02443b2d91494eca779e391acab2b9ba56f92dbfd5aa2afdccc70200001088315dfbf1fb4344ec6bb65689f883907677415322bb45", @ANYRES16=0x0, @ANYBLOB="080029bd7000fbdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x4000040) rmdir$auto(&(0x7f0000000300)='./cgroup\x00') close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) fstat$auto(0x2, 0x0) r3 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsu1\x00', 0x28180, 0x0) ioctl$auto_FIOASYNC(r3, 0x5452, 0x805) socket(0xa, 0x1, 0x0) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x200007, 0x19) mremap$auto(0x0, 0x2, 0x9, 0x3, 0x7fffffffb000) listen$auto(r0, 0x7d) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x4ea06, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r4, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x10040, 0x0) 1.501539255s ago: executing program 2 (id=1570): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x1, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000340)='/dev/nbd2\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80080, 0x0) write$auto(0x1, 0x0, 0x80000000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x8, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x20000000000003, 0x0, 0x7, 0x8, 0x5, 0x1000000001, 0x4, 0x1, 0x53}, 0x1) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/010/001\x00', 0x20000, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_size_kb\x00', 0x40, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1a1a, 0x2, 0x3, 0x95f4da0a, 0x7f, 0x20000003, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/021/001\x00', 0x25003, 0x0) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x0, &(0x7f0000000180)="9193df3d4aeec1522bd7c873c684ddcbd977c6cf3191c25bb2a2b06b81cf9fba375a17ca16df325093d319b0e4a7f93931b72be16d85fe6e940a47d815cb1fd5df326746e3f10c41eab24644f7ae8e5f0f3586e2bfb0bf9710ee79de29e531cdc0ccaefad8ab56c88b25e0194cea8ca0d95196891147f88349d7532dfda3557a636f1cc029fcec4afc3533d7337bce31f267964fbd27a9f7f51ebc62bcd943955e01e9757a531dea385a315012dade5dc4ddc5094c2dab1e5cf93959609aa75c44708ef46a3c80b91bf4f1") mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000004c0)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xcd\x10\x92\xe2\x03Op\x14Fe\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uin', 0x800, 0x0) mount$auto(0x0, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x3375, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000f7", @ANYRES16=0x0, @ANYBLOB="010029bd7000fedbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x40014}, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x1f, 0x0) ioctl$auto_OSS_GETVERSION2(r3, 0x80044d76, &(0x7f0000000080)) 1.410730649s ago: executing program 0 (id=1571): socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) socket(0xa, 0x801, 0x84) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfdef) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x22800, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd6/range\x00', 0x100, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd4\x00', 0x40001, 0x0) 1.410342489s ago: executing program 6 (id=1572): unshare$auto(0x40000080) adjtimex$auto(&(0x7f0000000280)={0xf, 0x0, 0x8, 0x100000001, 0x7f, 0x0, 0x2, 0x0, 0xe, 0x0, 0x10001, {0xf, 0x4}, 0x7ffffffffffffffe, 0x3a9d, 0x5, 0x10001, 0x0, 0x6, 0x4, 0x7, 0x8, 0x5, 0x1015c8}) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) semctl$auto(0x7ff, 0x2, 0x13, 0x3) mbind$auto(0x0, 0x40, 0x4, 0x0, 0x3, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x8000002, 0x20009, 0x8000000400000003, 0xeb1, 0x401, 0x8001) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) socket(0x18, 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/memfd_noexec\x00', 0x2, 0x0) r2 = geteuid() fstat$auto(0xffffffffffffffff, &(0x7f0000000040)={0x4, 0xc, 0x200, 0x3, 0xee01, 0x0, 0x0, 0x3, 0x8, 0xfffffffffffffff8, 0x5, 0x9, 0xfffffffffffffffc, 0x80000001, 0x9, 0x8, 0x800002}) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) keyctl$auto_KEY_REQKEY_DEFL_PROCESS_KEYRING(0xa, 0x2, r2, r3, 0x42) stat$auto(0x0, &(0x7f0000000380)={0xc000000, 0x0, 0x8, 0xfffffd5f, r2, 0xee01, 0x0, 0x93, 0x6a01e59f, 0x9e2e, 0x1009, 0x0, 0x1, 0x6, 0x6b62612e, 0xfffffffffffffffc, 0x456}) msgctl$auto_IPC_RMID(0xffffff4b, 0x0, &(0x7f00000001c0)={{0x7f28, 0xee01, r5, 0xb024, 0x9, 0x6, 0x2}, &(0x7f0000000140)=0x5f, 0x0, 0xffffffffffffffff, 0x30ba, 0x80000001, 0x4, 0x4, 0xc, 0x2, 0x6, @raw=0x4, @inferred=0xffffffffffffffff}) sendmsg$auto_IPVS_CMD_ZERO(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000780)=ANY=[], 0x1e4}, 0x1, 0x0, 0x0, 0x20000040}, 0x4) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) set_mempolicy$auto(0x8003, 0x0, 0x4) write$auto(0x3, 0x0, 0x7fffffff) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) 1.135734897s ago: executing program 0 (id=1573): unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) (async) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) socket(0x1d, 0x2, 0x7) (async) bpf$auto(0xd, 0x0, 0x6f5) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000640), 0x401, 0x0) write$auto(r1, 0x0, 0xff) (async) read$auto(0x3, 0x0, 0xf34) r2 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000001680)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x2, 0x0) write$auto_uprobe_events_ops_trace_uprobe(r2, &(0x7f00000000c0)="706f3a02d9e5cc7c2ceda8d50bfc94be9fe6c2604d6a3e1d534b60f41c0900482ffaf8493a38", 0x26) (async) socket(0x10, 0x100807, 0x2) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0xd29, 0x52, 0x3) (async) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r3 = socket(0x2, 0x1, 0x106) bind$auto(r3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) bind$auto(0x3, 0x0, 0x6a) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) 474.117995ms ago: executing program 2 (id=1574): mmap$auto(0x0, 0x3, 0xfffffffffffffff8, 0x200000eb1, 0xfffffffffffffffa, 0x1000000000000006) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) ioctl$auto(0x3, 0x4020565a, 0x38) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) socket(0x1e, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x101, 0x0) socket(0x2c, 0x6, 0x10000009) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x104, 0x3, 0x3739aae3, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x948b, 0x1, 0x15f4da0a, 0x1, 0xffffffffd09d8d67, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_BLKBSZSET(0xffffffffffffffff, 0x40081271, 0x0) unshare$auto(0x40000080) ioctl$auto_ECCGETSTATS(r1, 0x80104d12, &(0x7f0000000440)={0x3, 0xfffffff8, 0x8, 0x5}) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/smaps_rollup\x00', 0x40840, 0x0) setsockopt$auto_SO_DEBUG(r2, 0x7, 0x1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) munmap$auto(0xfffffffffffff34b, 0x8592) mkdir$auto(0x0, 0x9) socket(0x25, 0x805, 0x3) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) 157.64254ms ago: executing program 0 (id=1575): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x580f, 0x80000001, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC1D0c\x00', 0x80000, 0x0) write$auto(r0, 0x0, 0x2) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x3, 0x6, 0x5, 0x0, 0x0, 0xee01, 0x0, 0x2000000006, 0x1, 0x80, 0x7, 0x8, 0x4, 0x4000001000000001, 0x4, 0xfffffffffffffffd, 0x53}, 0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x1ff}, 0x7f, 0x0, 0x0, 0x8) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x40, 0x0) prctl$auto(0x7e, 0x7, 0x0, 0x1, 0x103) socketpair$auto(0x1, 0x2164, 0x8000000000000000, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0x3, 0x0, 0x7fffffff) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000200)='}[,&*}\x00', &(0x7f0000000240)='nfsd\x00~T\x93Q\x92-|\x1ei=\'8&\x13~\xd9t\xec\v\xc3\xfd\x8b\x1a\xd0wWXfa\f\v_\x9e:\x88\x9ej\x1aYAW\xa5a\x13\x9c\xae\x17\x7fob\xde\xb3\\\x94\xfal\xf2Y\xfd+\xf2\xf8\x88\xc4\xb8fI\xde6#mP\xe7\x85\'\x1b\x04\xcd\x1fW\x88T\xe9\x1e\xb7\xa20\t\x17\xc16\f\x05?-\xb2\x91\x1f\x8b}\n\xd7~\xdd\xb6\xee\xf1 \x9d\xd8\xd2kt}\xe3\xe4Q\xc4\x81\x11\xc0,\x89\xa5)\xf0y4\xb6\x9e\xf0h\x7f\x04\x91\x92|b\xe9\xdd\x10\x02\x00\x00\x00\x00\x00\x00\x00\xb6\x11\x9c\xe5\xe4X+\x94\xe4rJ\xf1\xa6\x86\xf0\xbd\x04uinL\x899\xd7\x1b\xeda\xdc\x9c9n\xcb]\ah\x02\xb9t3\x90\xd9\xf8e\xe65$\xb7\r\xde\x8aw2\xc9\x02\x86', 0x800, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/dummy_hcd.4/usb5/5-0:1.0/ep_81/bInterval\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r3, &(0x7f0000003900), 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/start_ro\x00', 0x80302, 0x0) sendfile$auto(0xffffffffffffffff, r4, 0x0, 0x3) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) mmap$auto(0x9, 0x2, 0x4, 0x1ff, r5, 0x1) write$auto(r5, 0x0, 0x9) r6 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_enter$auto(r6, 0x9, 0x820e, 0x2, 0x0, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000b80), r7) sendmsg$auto_IOAM6_CMD_NS_SET_SCHEMA(r7, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000580)=ANY=[@ANYRESOCT=r1, @ANYRES16=r8, @ANYBLOB="000228bd7000fcdbdf25070000000d733030a13ff1e4e02520590396050f33dfb716cea2881ea737ac7df0498453c8c5558008a20d8801254f8dd34f7aac3eb81fc2ac719c4172069135302163d12ccd3801c42bcc674a0c793b86815f515b7299a8f0fb161cb71946eb94515d4da4f16ffd8bb727b68e1725655648f9f7c3b6fbb84af70a07c8bf7154298d3af2da4e1a67b0e092fb8dbedf96d60287f888b564490cb1811b9e59e9ae55effaeb9c40e0aa542ab224983e04cbafd27727d0cce6dac8a338e42f64ea8ddf9c7673300d8b5c8c324bc338f04c0648dd8a2e8d5e"], 0x14}, 0x1, 0x0, 0x0, 0x40080c1}, 0x4011) sendmsg$auto_IOAM6_CMD_DEL_SCHEMA(r7, 0x0, 0x40040) sendmsg$auto_IOAM6_CMD_DUMP_NAMESPACES(r6, 0x0, 0x4880) 0s ago: executing program 0 (id=1576): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x5) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_marker_raw\x00', 0x401, 0x0) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto_TIOCSWINSZ(r2, 0x5414, &(0x7f0000000000)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ip6_mr_vif\x00', 0x0, 0x0) mmap$auto(0x2, 0x40000000008, 0x6, 0x7ffffffffffffffd, 0xffffffffffffffff, 0x8000) socket(0x11, 0x3, 0x9) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3) sendmsg$auto_NL80211_CMD_GET_WIPHY(r3, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r4, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r3, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x202002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(r3, 0x0, 0x1e) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) unshare$auto(0x40000080) write$auto(0x3, 0x0, 0x5c8) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0xe1, 0x400, 0x9}]}) r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/010/001\x00', 0x20a583, 0x0) ioctl$auto_FS_IOC_FSGETXATTR(r5, 0x801c581f, 0x5) kernel console output (not intermixed with test programs): c2/0x120 [ 298.312573][ T8771] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 298.312596][ T8771] ? security_inode_alloc+0x3b/0x2b0 [ 298.312615][ T8771] security_inode_alloc+0x3b/0x2b0 [ 298.312630][ T8771] inode_init_always_gfp+0xce4/0x1030 [ 298.312653][ T8771] alloc_inode+0x86/0x240 [ 298.312667][ T8771] sock_alloc+0x40/0x280 [ 298.312681][ T8771] __sock_create+0xc1/0x8d0 [ 298.312700][ T8771] __sys_socket+0x14d/0x260 [ 298.312714][ T8771] ? fput+0x70/0xf0 [ 298.312727][ T8771] ? __pfx___sys_socket+0x10/0x10 [ 298.312743][ T8771] ? xfd_validate_state+0x61/0x180 [ 298.312761][ T8771] ? __pfx_ksys_write+0x10/0x10 [ 298.312796][ T8771] __x64_sys_socket+0x72/0xb0 [ 298.312812][ T8771] ? lockdep_hardirqs_on+0x7c/0x110 [ 298.312832][ T8771] do_syscall_64+0xcd/0x490 [ 298.312855][ T8771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.312870][ T8771] RIP: 0033:0x7f3d53b8e929 [ 298.312882][ T8771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.312896][ T8771] RSP: 002b:00007f3d54983038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 298.312909][ T8771] RAX: ffffffffffffffda RBX: 00007f3d53db6240 RCX: 00007f3d53b8e929 [ 298.312918][ T8771] RDX: 0000000000000003 RSI: 0000000000000805 RDI: 0000000000000025 [ 298.312927][ T8771] RBP: 00007f3d53c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 298.312936][ T8771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.312944][ T8771] R13: 0000000000000000 R14: 00007f3d53db6240 R15: 00007ffcd1e51c28 [ 298.312962][ T8771] [ 298.313017][ T8771] socket: no more sockets [ 300.830503][ T8804] warning: `syz.3.567' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 301.506602][ T8819] FAULT_INJECTION: forcing a failure. [ 301.506602][ T8819] name failslab, interval 1, probability 0, space 0, times 0 [ 301.519514][ T8819] CPU: 1 UID: 0 PID: 8819 Comm: syz.1.570 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 301.519547][ T8819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 301.519562][ T8819] Call Trace: [ 301.519572][ T8819] [ 301.519582][ T8819] dump_stack_lvl+0x16c/0x1f0 [ 301.519625][ T8819] should_fail_ex+0x512/0x640 [ 301.519657][ T8819] ? fs_reclaim_acquire+0xae/0x150 [ 301.519677][ T8819] should_failslab+0xc2/0x120 [ 301.519691][ T8819] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 301.519714][ T8819] ? security_inode_alloc+0x3b/0x2b0 [ 301.519732][ T8819] security_inode_alloc+0x3b/0x2b0 [ 301.519748][ T8819] inode_init_always_gfp+0xce4/0x1030 [ 301.519770][ T8819] alloc_inode+0x86/0x240 [ 301.519785][ T8819] sock_alloc+0x40/0x280 [ 301.519799][ T8819] __sock_create+0xc1/0x8d0 [ 301.519817][ T8819] __sys_socket+0x14d/0x260 [ 301.519832][ T8819] ? fput+0x70/0xf0 [ 301.519844][ T8819] ? __pfx___sys_socket+0x10/0x10 [ 301.519861][ T8819] ? xfd_validate_state+0x61/0x180 [ 301.519880][ T8819] ? __pfx_ksys_write+0x10/0x10 [ 301.519902][ T8819] __x64_sys_socket+0x72/0xb0 [ 301.519917][ T8819] ? lockdep_hardirqs_on+0x7c/0x110 [ 301.519936][ T8819] do_syscall_64+0xcd/0x490 [ 301.519958][ T8819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.519972][ T8819] RIP: 0033:0x7f652a78e929 [ 301.519984][ T8819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.519997][ T8819] RSP: 002b:00007f652b649038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 301.520011][ T8819] RAX: ffffffffffffffda RBX: 00007f652a9b6240 RCX: 00007f652a78e929 [ 301.520022][ T8819] RDX: 0000000000000003 RSI: 0000000000000805 RDI: 0000000000000025 [ 301.520031][ T8819] RBP: 00007f652a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 301.520040][ T8819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.520048][ T8819] R13: 0000000000000000 R14: 00007f652a9b6240 R15: 00007fff21297f68 [ 301.520067][ T8819] [ 301.520171][ T8819] socket: no more sockets [ 305.521131][ T8879] FAULT_INJECTION: forcing a failure. [ 305.521131][ T8879] name failslab, interval 1, probability 0, space 0, times 0 [ 305.536187][ T8879] CPU: 0 UID: 0 PID: 8879 Comm: syz.2.580 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 305.536223][ T8879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 305.536247][ T8879] Call Trace: [ 305.536256][ T8879] [ 305.536266][ T8879] dump_stack_lvl+0x16c/0x1f0 [ 305.536305][ T8879] should_fail_ex+0x512/0x640 [ 305.536339][ T8879] ? __kmalloc_noprof+0xbf/0x510 [ 305.536378][ T8879] ? lsm_blob_alloc+0x68/0x90 [ 305.536412][ T8879] should_failslab+0xc2/0x120 [ 305.536437][ T8879] __kmalloc_noprof+0xd2/0x510 [ 305.536480][ T8879] lsm_blob_alloc+0x68/0x90 [ 305.536517][ T8879] security_sk_alloc+0x30/0x270 [ 305.536545][ T8879] sk_prot_alloc+0x1c7/0x2a0 [ 305.536575][ T8879] sk_alloc+0x36/0xc20 [ 305.536611][ T8879] caif_create+0x10b/0x430 [ 305.536647][ T8879] __sock_create+0x335/0x8d0 [ 305.536681][ T8879] __sys_socket+0x14d/0x260 [ 305.536705][ T8879] ? fput+0x70/0xf0 [ 305.536728][ T8879] ? __pfx___sys_socket+0x10/0x10 [ 305.536763][ T8879] ? xfd_validate_state+0x61/0x180 [ 305.536793][ T8879] ? __pfx_ksys_write+0x10/0x10 [ 305.536835][ T8879] __x64_sys_socket+0x72/0xb0 [ 305.536859][ T8879] ? lockdep_hardirqs_on+0x7c/0x110 [ 305.536891][ T8879] do_syscall_64+0xcd/0x490 [ 305.536931][ T8879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.536957][ T8879] RIP: 0033:0x7f3d53b8e929 [ 305.536978][ T8879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.537003][ T8879] RSP: 002b:00007f3d549a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 305.537028][ T8879] RAX: ffffffffffffffda RBX: 00007f3d53db6160 RCX: 00007f3d53b8e929 [ 305.537045][ T8879] RDX: 0000000000000003 RSI: 0000000000000805 RDI: 0000000000000025 [ 305.537060][ T8879] RBP: 00007f3d53c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 305.537084][ T8879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 305.537099][ T8879] R13: 0000000000000000 R14: 00007f3d53db6160 R15: 00007ffcd1e51c28 [ 305.537131][ T8879] [ 310.103966][ T8979] FAULT_INJECTION: forcing a failure. [ 310.103966][ T8979] name failslab, interval 1, probability 0, space 0, times 0 [ 310.161997][ T8979] CPU: 0 UID: 0 PID: 8979 Comm: syz.2.599 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 310.162033][ T8979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 310.162048][ T8979] Call Trace: [ 310.162057][ T8979] [ 310.162067][ T8979] dump_stack_lvl+0x16c/0x1f0 [ 310.162110][ T8979] should_fail_ex+0x512/0x640 [ 310.162148][ T8979] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 310.162188][ T8979] should_failslab+0xc2/0x120 [ 310.162212][ T8979] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 310.162249][ T8979] ? sock_alloc_inode+0x25/0x1c0 [ 310.162279][ T8979] ? __pfx_sock_alloc_inode+0x10/0x10 [ 310.162303][ T8979] sock_alloc_inode+0x25/0x1c0 [ 310.162326][ T8979] alloc_inode+0x64/0x240 [ 310.162351][ T8979] sock_alloc+0x40/0x280 [ 310.162374][ T8979] __sock_create+0xc1/0x8d0 [ 310.162405][ T8979] __sys_socket+0x14d/0x260 [ 310.162434][ T8979] ? __pfx___sys_socket+0x10/0x10 [ 310.162460][ T8979] ? xfd_validate_state+0x61/0x180 [ 310.162489][ T8979] ? __pfx___do_sys_close_range+0x10/0x10 [ 310.162532][ T8979] __x64_sys_socket+0x72/0xb0 [ 310.162559][ T8979] ? lockdep_hardirqs_on+0x7c/0x110 [ 310.162594][ T8979] do_syscall_64+0xcd/0x490 [ 310.162629][ T8979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.162664][ T8979] RIP: 0033:0x7f3d53b8e929 [ 310.162686][ T8979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.162711][ T8979] RSP: 002b:00007f3d549a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 310.162733][ T8979] RAX: ffffffffffffffda RBX: 00007f3d53db6160 RCX: 00007f3d53b8e929 [ 310.162749][ T8979] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000002b [ 310.162763][ T8979] RBP: 00007f3d53c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 310.162776][ T8979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.162784][ T8979] R13: 0000000000000000 R14: 00007f3d53db6160 R15: 00007ffcd1e51c28 [ 310.162803][ T8979] [ 310.362407][ T8979] socket: no more sockets [ 313.839924][ T9064] FAULT_INJECTION: forcing a failure. [ 313.839924][ T9064] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 313.895823][ T9063] loop6: detected capacity change from 0 to 2097152 [ 313.927702][ T9064] CPU: 1 UID: 0 PID: 9064 Comm: syz.3.615 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 313.927737][ T9064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 313.927751][ T9064] Call Trace: [ 313.927759][ T9064] [ 313.927769][ T9064] dump_stack_lvl+0x16c/0x1f0 [ 313.927808][ T9064] should_fail_ex+0x512/0x640 [ 313.927848][ T9064] _copy_from_user+0x2e/0xd0 [ 313.927885][ T9064] __sys_bpf+0x21d/0x4d80 [ 313.927912][ T9064] ? __pfx___sys_bpf+0x10/0x10 [ 313.927936][ T9064] ? ksys_write+0x190/0x250 [ 313.927974][ T9064] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 313.928031][ T9064] ? fput+0x70/0xf0 [ 313.928053][ T9064] ? ksys_write+0x1ac/0x250 [ 313.928085][ T9064] ? __pfx_ksys_write+0x10/0x10 [ 313.928123][ T9064] __x64_sys_bpf+0x78/0xc0 [ 313.928146][ T9064] ? lockdep_hardirqs_on+0x7c/0x110 [ 313.928179][ T9064] do_syscall_64+0xcd/0x490 [ 313.928215][ T9064] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.928239][ T9064] RIP: 0033:0x7f3f6518e929 [ 313.928263][ T9064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 313.928286][ T9064] RSP: 002b:00007f3f66081038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 313.928316][ T9064] RAX: ffffffffffffffda RBX: 00007f3f653b5fa0 RCX: 00007f3f6518e929 [ 313.928333][ T9064] RDX: 00000000000000a3 RSI: 0000200000000000 RDI: 0000000000000000 [ 313.928348][ T9064] RBP: 00007f3f66081090 R08: 0000000000000000 R09: 0000000000000000 [ 313.928363][ T9064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 313.928378][ T9064] R13: 0000000000000000 R14: 00007f3f653b5fa0 R15: 00007ffe19c803f8 [ 313.928411][ T9064] [ 314.517224][ T9070] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 314.685666][ T9029] kexec: Could not allocate control_code_buffer [ 314.767723][ T9071] netlink: 28 bytes leftover after parsing attributes in process `syz.2.617'. [ 315.105728][ T9071] bond0: (slave bond_slave_1): Releasing backup interface [ 316.064045][ T9109] FAULT_INJECTION: forcing a failure. [ 316.064045][ T9109] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 316.098267][ T9109] CPU: 0 UID: 0 PID: 9109 Comm: syz.0.625 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 316.098299][ T9109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 316.098312][ T9109] Call Trace: [ 316.098320][ T9109] [ 316.098329][ T9109] dump_stack_lvl+0x16c/0x1f0 [ 316.098364][ T9109] should_fail_ex+0x512/0x640 [ 316.098396][ T9109] _copy_to_user+0x32/0xd0 [ 316.098430][ T9109] simple_read_from_buffer+0xcb/0x170 [ 316.098463][ T9109] proc_fail_nth_read+0x197/0x270 [ 316.098490][ T9109] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 316.098520][ T9109] ? rw_verify_area+0xcf/0x680 [ 316.098548][ T9109] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 316.098576][ T9109] vfs_read+0x1e4/0xc60 [ 316.098612][ T9109] ? __pfx___mutex_lock+0x10/0x10 [ 316.098647][ T9109] ? __pfx_vfs_read+0x10/0x10 [ 316.098689][ T9109] ? __fget_files+0x20e/0x3c0 [ 316.098730][ T9109] ksys_read+0x12a/0x250 [ 316.098759][ T9109] ? __pfx_ksys_read+0x10/0x10 [ 316.098802][ T9109] do_syscall_64+0xcd/0x490 [ 316.098838][ T9109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.098870][ T9109] RIP: 0033:0x7f8504b8d33c [ 316.098890][ T9109] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 316.098912][ T9109] RSP: 002b:00007f8505a2d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 316.098936][ T9109] RAX: ffffffffffffffda RBX: 00007f8504db5fa0 RCX: 00007f8504b8d33c [ 316.098952][ T9109] RDX: 000000000000000f RSI: 00007f8505a2d0a0 RDI: 0000000000000006 [ 316.098967][ T9109] RBP: 00007f8505a2d090 R08: 0000000000000000 R09: 0000000000000000 [ 316.098982][ T9109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 316.098995][ T9109] R13: 0000000000000000 R14: 00007f8504db5fa0 R15: 00007ffe40853b58 [ 316.099028][ T9109] [ 316.755676][ T9116] ptrace attach of "./syz-executor exec"[9126] was attempted by "./syz-executor exec"[9116] [ 317.099021][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.105702][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.843256][ T9132] syz.2.630 (9132) used greatest stack depth: 19768 bytes left [ 318.485006][ T9153] FAULT_INJECTION: forcing a failure. [ 318.485006][ T9153] name failslab, interval 1, probability 0, space 0, times 0 [ 318.498022][ T9153] CPU: 1 UID: 0 PID: 9153 Comm: syz.0.634 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 318.498056][ T9153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 318.498072][ T9153] Call Trace: [ 318.498081][ T9153] [ 318.498090][ T9153] dump_stack_lvl+0x16c/0x1f0 [ 318.498135][ T9153] should_fail_ex+0x512/0x640 [ 318.498171][ T9153] ? fs_reclaim_acquire+0xae/0x150 [ 318.498206][ T9153] should_failslab+0xc2/0x120 [ 318.498232][ T9153] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 318.498271][ T9153] ? security_inode_alloc+0x3b/0x2b0 [ 318.498305][ T9153] security_inode_alloc+0x3b/0x2b0 [ 318.498333][ T9153] inode_init_always_gfp+0xce4/0x1030 [ 318.498373][ T9153] alloc_inode+0x86/0x240 [ 318.498400][ T9153] sock_alloc+0x40/0x280 [ 318.498427][ T9153] __sock_create+0xc1/0x8d0 [ 318.498457][ T9153] ? __pfx___schedule+0x10/0x10 [ 318.498494][ T9153] __sys_socket+0x14d/0x260 [ 318.498522][ T9153] ? fput+0x70/0xf0 [ 318.498545][ T9153] ? __pfx___sys_socket+0x10/0x10 [ 318.498576][ T9153] ? xfd_validate_state+0x61/0x180 [ 318.498618][ T9153] __x64_sys_socket+0x72/0xb0 [ 318.498644][ T9153] ? lockdep_hardirqs_on+0x7c/0x110 [ 318.498680][ T9153] do_syscall_64+0xcd/0x490 [ 318.498720][ T9153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 318.498746][ T9153] RIP: 0033:0x7f8504b8e929 [ 318.498768][ T9153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 318.498793][ T9153] RSP: 002b:00007f8505a0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 318.498818][ T9153] RAX: ffffffffffffffda RBX: 00007f8504db6080 RCX: 00007f8504b8e929 [ 318.498836][ T9153] RDX: 0000000000000003 RSI: 0000000000000805 RDI: 0000000000000025 [ 318.498852][ T9153] RBP: 00007f8504c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 318.498868][ T9153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 318.498883][ T9153] R13: 0000000000000000 R14: 00007f8504db6080 R15: 00007ffe40853b58 [ 318.498926][ T9153] [ 318.499137][ T9153] socket: no more sockets [ 321.459647][ T9201] FAULT_INJECTION: forcing a failure. [ 321.459647][ T9201] name failslab, interval 1, probability 0, space 0, times 0 [ 321.474844][ T9201] CPU: 1 UID: 0 PID: 9201 Comm: syz.3.644 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 321.474881][ T9201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 321.474897][ T9201] Call Trace: [ 321.474906][ T9201] [ 321.474916][ T9201] dump_stack_lvl+0x16c/0x1f0 [ 321.474960][ T9201] should_fail_ex+0x512/0x640 [ 321.474983][ T9201] ? fs_reclaim_acquire+0xae/0x150 [ 321.475003][ T9201] should_failslab+0xc2/0x120 [ 321.475018][ T9201] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 321.475039][ T9201] ? security_inode_alloc+0x3b/0x2b0 [ 321.475058][ T9201] security_inode_alloc+0x3b/0x2b0 [ 321.475073][ T9201] inode_init_always_gfp+0xce4/0x1030 [ 321.475095][ T9201] alloc_inode+0x86/0x240 [ 321.475110][ T9201] sock_alloc+0x40/0x280 [ 321.475124][ T9201] __sock_create+0xc1/0x8d0 [ 321.475143][ T9201] __sys_socket+0x14d/0x260 [ 321.475157][ T9201] ? fput+0x70/0xf0 [ 321.475170][ T9201] ? __pfx___sys_socket+0x10/0x10 [ 321.475186][ T9201] ? xfd_validate_state+0x61/0x180 [ 321.475205][ T9201] ? __pfx_ksys_write+0x10/0x10 [ 321.475228][ T9201] __x64_sys_socket+0x72/0xb0 [ 321.475243][ T9201] ? lockdep_hardirqs_on+0x7c/0x110 [ 321.475262][ T9201] do_syscall_64+0xcd/0x490 [ 321.475284][ T9201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.475298][ T9201] RIP: 0033:0x7f3f6518e929 [ 321.475310][ T9201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.475324][ T9201] RSP: 002b:00007f3f66060038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 321.475337][ T9201] RAX: ffffffffffffffda RBX: 00007f3f653b6080 RCX: 00007f3f6518e929 [ 321.475347][ T9201] RDX: 0000000000000003 RSI: 0000000000000805 RDI: 0000000000000025 [ 321.475355][ T9201] RBP: 00007f3f65210b39 R08: 0000000000000000 R09: 0000000000000000 [ 321.475363][ T9201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 321.475371][ T9201] R13: 0000000000000000 R14: 00007f3f653b6080 R15: 00007ffe19c803f8 [ 321.475389][ T9201] [ 321.475411][ T9201] socket: no more sockets [ 324.317178][ T30] audit: type=1800 audit(6047472042.638:2): pid=9256 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.656" name="dbroot" dev="configfs" ino=21210 res=0 errno=0 [ 324.348879][ T9261] FAULT_INJECTION: forcing a failure. [ 324.348879][ T9261] name failslab, interval 1, probability 0, space 0, times 0 [ 324.394024][ T9261] CPU: 0 UID: 0 PID: 9261 Comm: syz.1.657 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 324.394070][ T9261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 324.394087][ T9261] Call Trace: [ 324.394096][ T9261] [ 324.394105][ T9261] dump_stack_lvl+0x16c/0x1f0 [ 324.394151][ T9261] should_fail_ex+0x512/0x640 [ 324.394189][ T9261] ? __kmalloc_noprof+0xbf/0x510 [ 324.394227][ T9261] ? lsm_blob_alloc+0x68/0x90 [ 324.394269][ T9261] should_failslab+0xc2/0x120 [ 324.394293][ T9261] __kmalloc_noprof+0xd2/0x510 [ 324.394342][ T9261] lsm_blob_alloc+0x68/0x90 [ 324.394393][ T9261] security_sk_alloc+0x30/0x270 [ 324.394430][ T9261] sk_prot_alloc+0x1c7/0x2a0 [ 324.394460][ T9261] sk_alloc+0x36/0xc20 [ 324.394500][ T9261] caif_create+0x10b/0x430 [ 324.394536][ T9261] __sock_create+0x335/0x8d0 [ 324.394583][ T9261] __sys_socket+0x14d/0x260 [ 324.394611][ T9261] ? fput+0x70/0xf0 [ 324.394635][ T9261] ? __pfx___sys_socket+0x10/0x10 [ 324.394664][ T9261] ? xfd_validate_state+0x61/0x180 [ 324.394696][ T9261] ? __pfx_ksys_write+0x10/0x10 [ 324.394736][ T9261] __x64_sys_socket+0x72/0xb0 [ 324.394763][ T9261] ? lockdep_hardirqs_on+0x7c/0x110 [ 324.394806][ T9261] do_syscall_64+0xcd/0x490 [ 324.394848][ T9261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.394874][ T9261] RIP: 0033:0x7f652a78e929 [ 324.394895][ T9261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 324.394920][ T9261] RSP: 002b:00007f652b68b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 324.394946][ T9261] RAX: ffffffffffffffda RBX: 00007f652a9b6080 RCX: 00007f652a78e929 [ 324.394963][ T9261] RDX: 0000000000000003 RSI: 0000000000000805 RDI: 0000000000000025 [ 324.394979][ T9261] RBP: 00007f652a810b39 R08: 0000000000000000 R09: 0000000000000000 [ 324.394995][ T9261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 324.395010][ T9261] R13: 0000000000000000 R14: 00007f652a9b6080 R15: 00007fff21297f68 [ 324.395044][ T9261] [ 324.604276][ C0] vkms_vblank_simulate: vblank timer overrun [ 324.958034][ T9242] random: crng reseeded on system resumption [ 325.966077][ T9299] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 326.346308][ T9300] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 327.975003][ T9326] FAULT_INJECTION: forcing a failure. [ 327.975003][ T9326] name failslab, interval 1, probability 0, space 0, times 0 [ 328.091478][ T9326] CPU: 0 UID: 0 PID: 9326 Comm: syz.3.669 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 328.091503][ T9326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 328.091512][ T9326] Call Trace: [ 328.091517][ T9326] [ 328.091523][ T9326] dump_stack_lvl+0x16c/0x1f0 [ 328.091550][ T9326] should_fail_ex+0x512/0x640 [ 328.091570][ T9326] ? fs_reclaim_acquire+0xae/0x150 [ 328.091589][ T9326] should_failslab+0xc2/0x120 [ 328.091603][ T9326] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 328.091624][ T9326] ? security_inode_alloc+0x3b/0x2b0 [ 328.091643][ T9326] security_inode_alloc+0x3b/0x2b0 [ 328.091658][ T9326] inode_init_always_gfp+0xce4/0x1030 [ 328.091681][ T9326] alloc_inode+0x86/0x240 [ 328.091695][ T9326] sock_alloc+0x40/0x280 [ 328.091709][ T9326] __sock_create+0xc1/0x8d0 [ 328.091728][ T9326] __sys_socket+0x14d/0x260 [ 328.091742][ T9326] ? fput+0x70/0xf0 [ 328.091761][ T9326] ? __pfx___sys_socket+0x10/0x10 [ 328.091777][ T9326] ? xfd_validate_state+0x61/0x180 [ 328.091798][ T9326] ? __pfx_ksys_write+0x10/0x10 [ 328.091822][ T9326] __x64_sys_socket+0x72/0xb0 [ 328.091837][ T9326] ? lockdep_hardirqs_on+0x7c/0x110 [ 328.091858][ T9326] do_syscall_64+0xcd/0x490 [ 328.091879][ T9326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.091893][ T9326] RIP: 0033:0x7f3f6518e929 [ 328.091905][ T9326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 328.091918][ T9326] RSP: 002b:00007f3f66060038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 328.091932][ T9326] RAX: ffffffffffffffda RBX: 00007f3f653b6080 RCX: 00007f3f6518e929 [ 328.091941][ T9326] RDX: 0000000000000003 RSI: 0000000000000805 RDI: 0000000000000025 [ 328.091950][ T9326] RBP: 00007f3f65210b39 R08: 0000000000000000 R09: 0000000000000000 [ 328.091958][ T9326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 328.091966][ T9326] R13: 0000000000000000 R14: 00007f3f653b6080 R15: 00007ffe19c803f8 [ 328.091984][ T9326] [ 328.092005][ T9326] socket: no more sockets [ 328.447464][ T9330] netlink: zone id is out of range [ 328.452636][ T9330] netlink: zone id is out of range [ 328.458075][ T9330] netlink: zone id is out of range [ 328.467659][ T9330] netlink: zone id is out of range [ 328.472834][ T9330] netlink: zone id is out of range [ 328.550906][ T9330] netlink: zone id is out of range [ 328.604153][ T9330] netlink: zone id is out of range [ 328.609383][ T9330] netlink: zone id is out of range [ 328.619550][ T9330] netlink: zone id is out of range [ 329.343527][ T9351] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 329.402958][ T9351] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 330.293867][ T9407] FAULT_INJECTION: forcing a failure. [ 330.293867][ T9407] name failslab, interval 1, probability 0, space 0, times 0 [ 330.327993][ T9407] CPU: 1 UID: 0 PID: 9407 Comm: syz.3.681 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 330.328029][ T9407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 330.328044][ T9407] Call Trace: [ 330.328053][ T9407] [ 330.328062][ T9407] dump_stack_lvl+0x16c/0x1f0 [ 330.328105][ T9407] should_fail_ex+0x512/0x640 [ 330.328140][ T9407] ? fs_reclaim_acquire+0xae/0x150 [ 330.328174][ T9407] should_failslab+0xc2/0x120 [ 330.328198][ T9407] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 330.328237][ T9407] ? security_inode_alloc+0x3b/0x2b0 [ 330.328270][ T9407] security_inode_alloc+0x3b/0x2b0 [ 330.328298][ T9407] inode_init_always_gfp+0xce4/0x1030 [ 330.328340][ T9407] alloc_inode+0x86/0x240 [ 330.328368][ T9407] sock_alloc+0x40/0x280 [ 330.328393][ T9407] __sock_create+0xc1/0x8d0 [ 330.328425][ T9407] __sys_socket+0x14d/0x260 [ 330.328450][ T9407] ? fput+0x70/0xf0 [ 330.328472][ T9407] ? __pfx___sys_socket+0x10/0x10 [ 330.328497][ T9407] ? xfd_validate_state+0x61/0x180 [ 330.328539][ T9407] ? __pfx_ksys_write+0x10/0x10 [ 330.328579][ T9407] __x64_sys_socket+0x72/0xb0 [ 330.328606][ T9407] ? lockdep_hardirqs_on+0x7c/0x110 [ 330.328640][ T9407] do_syscall_64+0xcd/0x490 [ 330.328679][ T9407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.328707][ T9407] RIP: 0033:0x7f3f6518e929 [ 330.328729][ T9407] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.328753][ T9407] RSP: 002b:00007f3f66060038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 330.328776][ T9407] RAX: ffffffffffffffda RBX: 00007f3f653b6080 RCX: 00007f3f6518e929 [ 330.328793][ T9407] RDX: 0000000000000003 RSI: 0000000000000805 RDI: 0000000000000025 [ 330.328808][ T9407] RBP: 00007f3f65210b39 R08: 0000000000000000 R09: 0000000000000000 [ 330.328823][ T9407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.328837][ T9407] R13: 0000000000000000 R14: 00007f3f653b6080 R15: 00007ffe19c803f8 [ 330.328868][ T9407] [ 613.576495][ T8684] Bluetooth: hci7: command tx timeout [ 614.302155][ T8684] Bluetooth: hci6: command tx timeout [ 615.653740][ T8684] Bluetooth: hci7: command tx timeout [ 617.733794][ T8684] Bluetooth: hci7: command tx timeout [ 622.155526][T10279] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 622.164906][T10279] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 622.173913][T10279] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 622.181942][T10279] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 622.191564][T10279] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 622.403779][T17923] chnl_net:caif_netlink_parms(): no params data found [ 622.499134][T17923] bridge0: port 1(bridge_slave_0) entered blocking state [ 622.506493][T17923] bridge0: port 1(bridge_slave_0) entered disabled state [ 622.514328][T17923] bridge_slave_0: entered allmulticast mode [ 622.521465][T17923] bridge_slave_0: entered promiscuous mode [ 622.529666][T17923] bridge0: port 2(bridge_slave_1) entered blocking state [ 622.537245][T17923] bridge0: port 2(bridge_slave_1) entered disabled state [ 622.550028][T17923] bridge_slave_1: entered allmulticast mode [ 622.562350][T17923] bridge_slave_1: entered promiscuous mode [ 622.597607][T17923] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 622.609421][T17923] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 622.651348][T17923] team0: Port device team_slave_0 added [ 622.661497][T17923] team0: Port device team_slave_1 added [ 622.700878][T17923] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 622.708656][T17923] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 622.735326][T17923] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 622.747726][T17923] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 622.754974][T17923] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 622.783657][T17923] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 622.835234][T17923] hsr_slave_0: entered promiscuous mode [ 622.841692][T17923] hsr_slave_1: entered promiscuous mode [ 622.848067][T17923] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 622.855839][T17923] Cannot create hsr debugfs directory [ 623.035881][T17923] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 623.047201][T17923] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 623.057488][T17923] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 623.070568][T17923] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 623.101796][T17923] bridge0: port 2(bridge_slave_1) entered blocking state [ 623.109090][T17923] bridge0: port 2(bridge_slave_1) entered forwarding state [ 623.116609][T17923] bridge0: port 1(bridge_slave_0) entered blocking state [ 623.123808][T17923] bridge0: port 1(bridge_slave_0) entered forwarding state [ 623.189830][T17923] 8021q: adding VLAN 0 to HW filter on device bond0 [ 623.207546][ T9400] bridge0: port 1(bridge_slave_0) entered disabled state [ 623.215982][ T9400] bridge0: port 2(bridge_slave_1) entered disabled state [ 623.232929][T17923] 8021q: adding VLAN 0 to HW filter on device team0 [ 623.256904][ T9381] bridge0: port 1(bridge_slave_0) entered blocking state [ 623.264055][ T9381] bridge0: port 1(bridge_slave_0) entered forwarding state [ 623.277323][ T9381] bridge0: port 2(bridge_slave_1) entered blocking state [ 623.284472][ T9381] bridge0: port 2(bridge_slave_1) entered forwarding state [ 623.484410][T17923] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 623.705221][T17923] veth0_vlan: entered promiscuous mode [ 623.716327][T17923] veth1_vlan: entered promiscuous mode [ 623.744826][T17923] veth0_macvtap: entered promiscuous mode [ 623.755302][T17923] veth1_macvtap: entered promiscuous mode [ 623.773798][T17923] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 623.788450][T17923] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 623.806271][T17923] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 623.815357][T17923] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 623.824677][T17923] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 623.833927][T17923] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 623.919151][ T9381] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 623.930579][ T9381] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 623.956671][ T9381] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 623.965341][ T9381] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 624.301178][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.301502][ T8684] Bluetooth: hci8: command tx timeout [ 624.307746][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 624.417367][T10279] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 624.426707][T10279] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 624.435765][T10279] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 624.446891][T10279] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 624.455197][T10279] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 625.137504][T18286] chnl_net:caif_netlink_parms(): no params data found [ 625.475294][T18286] bridge0: port 1(bridge_slave_0) entered blocking state [ 625.482852][T18286] bridge0: port 1(bridge_slave_0) entered disabled state [ 625.491816][T18286] bridge_slave_0: entered allmulticast mode [ 625.505709][T18286] bridge_slave_0: entered promiscuous mode [ 625.523991][T18286] bridge0: port 2(bridge_slave_1) entered blocking state [ 625.531325][T18286] bridge0: port 2(bridge_slave_1) entered disabled state [ 625.539082][T18286] bridge_slave_1: entered allmulticast mode [ 625.573301][T18286] bridge_slave_1: entered promiscuous mode [ 625.674341][T18286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 625.691735][T18286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 625.735644][T18475] FAULT_INJECTION: forcing a failure. [ 625.735644][T18475] name failslab, interval 1, probability 0, space 0, times 0 [ 625.749082][T18475] CPU: 1 UID: 0 PID: 18475 Comm: syz.8.1381 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 625.749115][T18475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 625.749128][T18475] Call Trace: [ 625.749136][T18475] [ 625.749144][T18475] dump_stack_lvl+0x16c/0x1f0 [ 625.749186][T18475] should_fail_ex+0x512/0x640 [ 625.749218][T18475] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 625.749252][T18475] should_failslab+0xc2/0x120 [ 625.749277][T18475] __kmalloc_cache_noprof+0x6a/0x3e0 [ 625.749306][T18475] ? find_held_lock+0x2b/0x80 [ 625.749330][T18475] ? prog_array_map_alloc+0x45/0x2a0 [ 625.749364][T18475] prog_array_map_alloc+0x45/0x2a0 [ 625.749392][T18475] map_create+0x58f/0x1db0 [ 625.749435][T18475] ? __pfx_map_create+0x10/0x10 [ 625.749466][T18475] ? __might_fault+0xe3/0x190 [ 625.749497][T18475] ? __might_fault+0xe3/0x190 [ 625.749528][T18475] ? __might_fault+0x13b/0x190 [ 625.749576][T18475] __sys_bpf+0x47cc/0x4d80 [ 625.749603][T18475] ? __pfx___sys_bpf+0x10/0x10 [ 625.749626][T18475] ? ksys_write+0x190/0x250 [ 625.749665][T18475] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 625.749730][T18475] ? fput+0x70/0xf0 [ 625.749754][T18475] ? ksys_write+0x1ac/0x250 [ 625.749786][T18475] ? __pfx_ksys_write+0x10/0x10 [ 625.749826][T18475] __x64_sys_bpf+0x78/0xc0 [ 625.749849][T18475] ? lockdep_hardirqs_on+0x7c/0x110 [ 625.749882][T18475] do_syscall_64+0xcd/0x490 [ 625.749919][T18475] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 625.749945][T18475] RIP: 0033:0x7fd6a8d8e929 [ 625.749966][T18475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 625.749989][T18475] RSP: 002b:00007fd6a9bf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 625.750013][T18475] RAX: ffffffffffffffda RBX: 00007fd6a8fb5fa0 RCX: 00007fd6a8d8e929 [ 625.750030][T18475] RDX: 00000000000000a3 RSI: 0000200000000000 RDI: 0000000000000000 [ 625.750045][T18475] RBP: 00007fd6a9bf7090 R08: 0000000000000000 R09: 0000000000000000 [ 625.750060][T18475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 625.750075][T18475] R13: 0000000000000000 R14: 00007fd6a8fb5fa0 R15: 00007ffecb2fba58 [ 625.750108][T18475] [ 626.041914][T18286] team0: Port device team_slave_0 added [ 626.051935][T18286] team0: Port device team_slave_1 added [ 626.113668][T18286] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 626.120702][T18286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 626.206221][T18286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 626.229106][T18286] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 626.236461][T18286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 626.268024][T18286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 626.373829][T10279] Bluetooth: hci8: command tx timeout [ 626.421661][T18286] hsr_slave_0: entered promiscuous mode [ 626.428649][T18286] hsr_slave_1: entered promiscuous mode [ 626.451063][T18286] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 626.493176][T18286] Cannot create hsr debugfs directory [ 626.533682][T10279] Bluetooth: hci9: command tx timeout [ 627.096284][T18286] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 627.109742][T18286] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 627.129779][T18286] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 627.146349][T18286] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 627.413362][T18286] 8021q: adding VLAN 0 to HW filter on device bond0 [ 627.486609][T18286] 8021q: adding VLAN 0 to HW filter on device team0 [ 627.504188][ T9400] bridge0: port 1(bridge_slave_0) entered blocking state [ 627.511382][ T9400] bridge0: port 1(bridge_slave_0) entered forwarding state [ 627.568946][ T9400] bridge0: port 2(bridge_slave_1) entered blocking state [ 627.576192][ T9400] bridge0: port 2(bridge_slave_1) entered forwarding state [ 628.454275][T10279] Bluetooth: hci8: command tx timeout [ 628.614874][T10279] Bluetooth: hci9: command tx timeout [ 628.671167][T18286] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 629.489487][T18286] veth0_vlan: entered promiscuous mode [ 629.517103][T18286] veth1_vlan: entered promiscuous mode [ 629.597060][T18286] veth0_macvtap: entered promiscuous mode [ 629.628043][T18286] veth1_macvtap: entered promiscuous mode [ 629.688475][T18286] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 629.739317][T18286] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 629.769823][T18286] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.783853][T18286] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.792573][T18286] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 629.801652][T18286] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 630.015832][ T9386] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.151153][ T9386] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 630.177351][ T9400] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 630.187037][ T9400] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 630.472387][T18684] can: request_module (can-proto-0) failed. [ 630.534122][T10279] Bluetooth: hci8: command tx timeout [ 630.700905][T10279] Bluetooth: hci9: command tx timeout [ 631.096760][ T8684] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 631.111502][ T8684] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 631.120802][ T8684] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 631.147819][ T8684] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 631.160821][ T8684] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 631.645983][T18743] chnl_net:caif_netlink_parms(): no params data found [ 631.864452][T18743] bridge0: port 1(bridge_slave_0) entered blocking state [ 631.872424][T18743] bridge0: port 1(bridge_slave_0) entered disabled state [ 631.882564][T18743] bridge_slave_0: entered allmulticast mode [ 631.891236][T18743] bridge_slave_0: entered promiscuous mode [ 631.903193][T18743] bridge0: port 2(bridge_slave_1) entered blocking state [ 631.910609][T18743] bridge0: port 2(bridge_slave_1) entered disabled state [ 631.920282][T18743] bridge_slave_1: entered allmulticast mode [ 631.928657][T18743] bridge_slave_1: entered promiscuous mode [ 632.038758][T18743] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 632.059580][T18743] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 632.148091][T18743] team0: Port device team_slave_0 added [ 632.162255][T18743] team0: Port device team_slave_1 added [ 632.368426][T18743] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 632.401619][T18743] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 632.438870][T18743] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 632.468618][T18743] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 632.475824][T18743] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 632.503227][T18743] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 632.591388][T18743] hsr_slave_0: entered promiscuous mode [ 632.620012][T18743] hsr_slave_1: entered promiscuous mode [ 632.627977][T18743] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 632.635819][T18743] Cannot create hsr debugfs directory [ 632.774230][ T8684] Bluetooth: hci9: command tx timeout [ 632.925487][T10279] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 632.937799][T10279] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 632.973795][T10279] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 632.982927][T10279] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 632.992152][T10279] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 633.194342][T18743] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.256484][T10279] Bluetooth: hci10: command tx timeout [ 633.309072][T18743] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.426844][T18743] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.453166][T19051] chnl_net:caif_netlink_parms(): no params data found [ 633.528588][T18743] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 633.580147][T19051] bridge0: port 1(bridge_slave_0) entered blocking state [ 633.587763][T19051] bridge0: port 1(bridge_slave_0) entered disabled state [ 633.599519][T19051] bridge_slave_0: entered allmulticast mode [ 633.607118][T19051] bridge_slave_0: entered promiscuous mode [ 633.621549][T19051] bridge0: port 2(bridge_slave_1) entered blocking state [ 633.629055][T19051] bridge0: port 2(bridge_slave_1) entered disabled state [ 633.637720][T19051] bridge_slave_1: entered allmulticast mode [ 633.645678][T19051] bridge_slave_1: entered promiscuous mode [ 633.701185][T19051] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 633.720200][T19051] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 633.780486][T19051] team0: Port device team_slave_0 added [ 633.804806][T19051] team0: Port device team_slave_1 added [ 633.847537][T19051] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 633.854921][T19051] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 633.881511][T19051] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 633.941014][T19051] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 633.949875][T19051] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 633.977083][T19051] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 634.027365][T18743] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 634.038213][T18743] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 634.050210][T18743] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 634.091855][T18743] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 634.107202][T19051] hsr_slave_0: entered promiscuous mode [ 634.115116][T19051] hsr_slave_1: entered promiscuous mode [ 634.121360][T19051] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 634.130031][T19051] Cannot create hsr debugfs directory [ 634.323332][T19051] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 634.374840][T18743] 8021q: adding VLAN 0 to HW filter on device bond0 [ 634.408032][T19051] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 634.445344][T18743] 8021q: adding VLAN 0 to HW filter on device team0 [ 634.459220][ T9393] bridge0: port 1(bridge_slave_0) entered blocking state [ 634.466460][ T9393] bridge0: port 1(bridge_slave_0) entered forwarding state [ 634.496466][T19051] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 634.517552][ T8647] bridge0: port 2(bridge_slave_1) entered blocking state [ 634.524808][ T8647] bridge0: port 2(bridge_slave_1) entered forwarding state [ 634.566121][T19051] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 634.778480][T19051] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 634.790503][T19051] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 634.802681][T19051] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 634.815284][T19051] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 634.954977][T18743] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 634.971190][T19051] 8021q: adding VLAN 0 to HW filter on device bond0 [ 635.005269][T19051] 8021q: adding VLAN 0 to HW filter on device team0 [ 635.030379][ T9406] bridge0: port 1(bridge_slave_0) entered blocking state [ 635.037732][ T9406] bridge0: port 1(bridge_slave_0) entered forwarding state [ 635.063140][ T9400] bridge0: port 2(bridge_slave_1) entered blocking state [ 635.070370][ T9400] bridge0: port 2(bridge_slave_1) entered forwarding state [ 635.090893][T18743] veth0_vlan: entered promiscuous mode [ 635.094012][T10279] Bluetooth: hci11: command tx timeout [ 635.125349][T18743] veth1_vlan: entered promiscuous mode [ 635.191417][T19051] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 635.211368][T18743] veth0_macvtap: entered promiscuous mode [ 635.221080][T18743] veth1_macvtap: entered promiscuous mode [ 635.256322][T18743] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 635.272591][T18743] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 635.289453][T18743] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.298742][T18743] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.308607][T18743] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.318042][T18743] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 635.335137][T10279] Bluetooth: hci10: command tx timeout [ 635.427847][ T9393] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 635.461152][ T9393] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.506523][ T9400] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 635.524931][ T9400] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 635.650908][T19051] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 635.666936][T19466] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 635.673349][T19466] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 635.688451][T19466] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 635.699719][T19466] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 635.706669][T19466] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 635.712918][T19466] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 635.725956][T19466] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 635.739413][T19466] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 635.746557][T19466] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 635.755092][T19466] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 635.767273][T19466] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 635.774383][T19466] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 635.784775][T19466] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 635.793194][T19466] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 635.799910][T19466] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 635.812822][T19466] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 635.830216][T19466] Bluetooth: hci8: Opcode 0x0c1a failed: -4 [ 635.836893][T19466] Bluetooth: hci8: Opcode 0x0406 failed: -4 [ 635.852501][T19466] Bluetooth: hci8: Opcode 0x0406 failed: -4 [ 635.863006][T19466] Bluetooth: hci9: Opcode 0x0c1a failed: -4 [ 635.870619][T19466] Bluetooth: hci9: Opcode 0x0406 failed: -4 [ 635.880872][T19466] Bluetooth: hci9: Opcode 0x0406 failed: -4 [ 635.891277][T19466] Bluetooth: hci10: Opcode 0x0c1a failed: -4 [ 635.898049][T19466] Bluetooth: hci10: Opcode 0x0406 failed: -4 [ 635.908329][T19466] Bluetooth: hci10: Opcode 0x0406 failed: -4 [ 635.919176][T19466] Bluetooth: hci11: Opcode 0x0c1a failed: -4 [ 635.926748][T19466] Bluetooth: hci11: Opcode 0x0406 failed: -4 [ 635.939424][T19466] Bluetooth: hci11: Opcode 0x0406 failed: -4 [ 636.187710][T19051] veth0_vlan: entered promiscuous mode [ 636.210664][T19051] veth1_vlan: entered promiscuous mode [ 636.259687][T19051] veth0_macvtap: entered promiscuous mode [ 636.278119][T19051] veth1_macvtap: entered promiscuous mode [ 636.317117][T19051] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 636.338271][T19051] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 636.360306][T19051] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.370459][T19051] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.380627][T19051] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.390143][T19051] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 636.525126][ T9400] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 636.535861][ T9400] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 636.608739][ T9386] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 636.631688][ T9386] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 636.661865][T19507] kernel read not supported for file /gMQ_g _N{7vGlq wĉu}OUVW.uw.`O:KdYѮaj7nwKQHg[壣%'ϖX:DktހX [$O8 bŹ9F@eMU;$Q8҇ŝ赵DtS^0YJpu (pid: 19507 comm: syz.3.1392) [ 636.715606][ T30] audit: type=1800 audit(6047472355.048:3): pid=19507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1392" name=BEF282E71467B5EE4D5113A25F67BF09FAF25F4EB07BF9B53776EE47D96CBF8671207796D9E9A8E1F0C71F1EC4C4897583E87DBD7F4F91C15556572EB6AD047502772EEC604FC10E15E73AC91B4BCD64590395D1AEC19B969F616AD2FCFC1F37AFCA6EF6C0774BCEE751AEC9486701EFDA5BE5A3A325278FCF96583A04446B747FDE8001DD589188A109C3F1FE5B93244F382062B492F4BCC5B99839FC46ECDC40DDDA654DE055C83BF5E7245138D287DDC59DC5E8B5B5B8DF44D0E8748A53AABEAABA9E5E301AF859F54A700875BA98 dev="mqueue" ino=42312 res=0 errno=0 [ 637.738542][T10279] Bluetooth: hci4: command 0x0c1a tx timeout [ 637.744814][ T8684] Bluetooth: hci3: command 0x0c1a tx timeout [ 637.750839][ T8684] Bluetooth: hci2: command 0x0c1a tx timeout [ 637.756940][T10880] Bluetooth: hci1: command 0x0c1a tx timeout [ 637.762971][T10880] Bluetooth: hci0: command 0x0c1a tx timeout [ 637.832864][ T8684] Bluetooth: hci5: command 0x0c1a tx timeout [ 637.840874][ T8648] Bluetooth: hci6: command 0x0c1a tx timeout [ 637.847049][T19521] Bluetooth: hci7: command 0x0c1a tx timeout [ 637.894648][T19521] Bluetooth: hci10: command 0x0419 tx timeout [ 637.900829][ T8648] Bluetooth: hci9: command 0x0c1a tx timeout [ 637.906896][ T8684] Bluetooth: hci8: command 0x0c1a tx timeout [ 637.976909][T19521] Bluetooth: hci11: command 0x040f tx timeout [ 639.814059][T19521] Bluetooth: hci4: command 0x0c1a tx timeout [ 639.900870][ T8684] Bluetooth: hci6: command 0x0c1a tx timeout [ 639.906998][ T8648] Bluetooth: hci5: command 0x0c1a tx timeout [ 639.913196][T19521] Bluetooth: hci7: command 0x0c1a tx timeout [ 639.975209][ T8684] Bluetooth: hci8: command 0x0c1a tx timeout [ 639.981374][ T8648] Bluetooth: hci9: command 0x0c1a tx timeout [ 639.990459][T19521] Bluetooth: hci10: command 0x0419 tx timeout [ 640.054854][T19521] Bluetooth: hci11: command 0x040f tx timeout [ 641.321867][T19546] random: crng reseeded on system resumption [ 641.894776][T19521] Bluetooth: hci4: command 0x0c1a tx timeout [ 641.977347][T19521] Bluetooth: hci7: command 0x0c1a tx timeout [ 641.983515][ T8684] Bluetooth: hci6: command 0x0c1a tx timeout [ 641.989568][ T8684] Bluetooth: hci5: command 0x0c1a tx timeout [ 642.054055][T19521] Bluetooth: hci8: command 0x0c1a tx timeout [ 642.060111][ T8648] Bluetooth: hci9: command 0x0c1a tx timeout [ 642.066278][ T8684] Bluetooth: hci10: command 0x0419 tx timeout [ 642.134314][ T8684] Bluetooth: hci11: command 0x040f tx timeout [ 642.235086][T19561] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 642.241272][T19561] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 642.247566][T19561] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 642.253731][T19561] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 642.260598][T19561] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 642.266969][T19561] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 642.273054][T19561] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 642.279290][T19561] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 642.285474][T19561] Bluetooth: hci8: Opcode 0x0c1a failed: -4 [ 642.291561][T19561] Bluetooth: hci9: Opcode 0x0c1a failed: -4 [ 642.298056][T19561] Bluetooth: hci10: Opcode 0x0c1a failed: -4 [ 642.306053][T19561] Bluetooth: hci11: Opcode 0x0c1a failed: -4 [ 643.159466][T19573] kernel read not supported for file /gMQ_g _N{7vGlq wĉu}OUVW.uw.`O:KdYѮaj7nwKQHg[壣%'ϖX:DktހX [$O8 bŹ9F@eMU;$Q8҇ŝ赵DtS^0YJpu (pid: 19573 comm: syz.4.1402) [ 643.186462][ T30] audit: type=1800 audit(6047472361.518:4): pid=19573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1402" name=BEF282E71467B5EE4D5113A25F67BF09FAF25F4EB07BF9B53776EE47D96CBF8671207796D9E9A8E1F0C71F1EC4C4897583E87DBD7F4F91C15556572EB6AD047502772EEC604FC10E15E73AC91B4BCD64590395D1AEC19B969F616AD2FCFC1F37AFCA6EF6C0774BCEE751AEC9486701EFDA5BE5A3A325278FCF96583A04446B747FDE8001DD589188A109C3F1FE5B93244F382062B492F4BCC5B99839FC46ECDC40DDDA654DE055C83BF5E7245138D287DDC59DC5E8B5B5B8DF44D0E8748A53AABEAABA9E5E301AF859F54A700875BA98 dev="mqueue" ino=41281 res=0 errno=0 [ 644.293856][ T8684] Bluetooth: hci9: command 0x0c1a tx timeout [ 644.299948][T19521] Bluetooth: hci8: command 0x0c1a tx timeout [ 644.306019][ T8648] Bluetooth: hci7: command 0x0c1a tx timeout [ 644.312056][ T8648] Bluetooth: hci6: command 0x0c1a tx timeout [ 644.318111][T10880] Bluetooth: hci5: command 0x0c1a tx timeout [ 644.324860][T10880] Bluetooth: hci4: command 0x0c1a tx timeout [ 644.331019][ T8684] Bluetooth: hci3: command 0x0c1a tx timeout [ 644.337448][T19521] Bluetooth: hci2: command 0x0c1a tx timeout [ 644.343583][T10880] Bluetooth: hci1: command 0x0c1a tx timeout [ 644.349759][ T8648] Bluetooth: hci0: command 0x0c1a tx timeout [ 644.378051][T10279] Bluetooth: hci11: command 0x040f tx timeout [ 644.384321][T19578] Bluetooth: hci10: command 0x0419 tx timeout [ 645.181297][T10279] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 645.197610][T10279] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 645.207454][T10279] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 645.217004][T10279] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 645.225282][T10279] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 645.465092][T19580] chnl_net:caif_netlink_parms(): no params data found [ 645.562638][T19580] bridge0: port 1(bridge_slave_0) entered blocking state [ 645.570131][T19580] bridge0: port 1(bridge_slave_0) entered disabled state [ 645.577881][T19580] bridge_slave_0: entered allmulticast mode [ 645.586411][T19580] bridge_slave_0: entered promiscuous mode [ 645.596987][T19580] bridge0: port 2(bridge_slave_1) entered blocking state [ 645.604971][T19580] bridge0: port 2(bridge_slave_1) entered disabled state [ 645.612256][T19580] bridge_slave_1: entered allmulticast mode [ 645.620832][T19580] bridge_slave_1: entered promiscuous mode [ 645.659226][T19580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 645.671209][T19580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 645.719980][T19580] team0: Port device team_slave_0 added [ 645.731413][T19580] team0: Port device team_slave_1 added [ 645.768134][T19580] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 645.775606][T19580] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 645.802949][T19580] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 645.816197][T19580] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 645.823193][T19580] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 645.849667][T19580] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 645.902081][T19580] hsr_slave_0: entered promiscuous mode [ 645.909215][T19580] hsr_slave_1: entered promiscuous mode [ 645.917028][T19580] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 645.925221][T19580] Cannot create hsr debugfs directory [ 646.081544][T19580] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.173293][T19580] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.235120][T19580] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.317097][T19580] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 646.453693][T10279] Bluetooth: hci11: command 0x040f tx timeout [ 646.476409][T19580] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 646.488413][T19580] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 646.501330][T19580] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 646.518923][T19580] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 646.600443][T19580] 8021q: adding VLAN 0 to HW filter on device bond0 [ 646.623201][T19580] 8021q: adding VLAN 0 to HW filter on device team0 [ 646.641121][ T9378] bridge0: port 1(bridge_slave_0) entered blocking state [ 646.648397][ T9378] bridge0: port 1(bridge_slave_0) entered forwarding state [ 646.663128][ T9378] bridge0: port 2(bridge_slave_1) entered blocking state [ 646.670315][ T9378] bridge0: port 2(bridge_slave_1) entered forwarding state [ 646.723143][T19580] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 646.886794][T19580] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 646.935899][T19580] veth0_vlan: entered promiscuous mode [ 646.948122][T19580] veth1_vlan: entered promiscuous mode [ 646.980033][T19580] veth0_macvtap: entered promiscuous mode [ 646.990269][T19580] veth1_macvtap: entered promiscuous mode [ 647.010165][T19580] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 647.027361][T19580] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 647.040085][T19580] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.050678][T19580] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.059767][T19580] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.069524][T19580] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 647.148113][ T8651] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 647.164258][ T8651] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 647.199624][ T9406] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 647.214330][ T9406] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 647.254899][T10279] Bluetooth: hci12: command tx timeout [ 649.015846][T19578] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 649.036370][T19578] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 649.063570][T19578] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 649.103590][T19578] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 649.123572][T19578] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 649.343482][T10279] Bluetooth: hci12: command tx timeout [ 649.565351][T19947] ALSA: mixer_oss: invalid OSS volume '0' [ 649.571152][T19947] ALSA: mixer_oss: invalid OSS volume '' [ 649.839981][T19953] chnl_net:caif_netlink_parms(): no params data found [ 650.010449][T19953] bridge0: port 1(bridge_slave_0) entered blocking state [ 650.017851][T19953] bridge0: port 1(bridge_slave_0) entered disabled state [ 650.026517][T19953] bridge_slave_0: entered allmulticast mode [ 650.036287][T19953] bridge_slave_0: entered promiscuous mode [ 650.045822][T19953] bridge0: port 2(bridge_slave_1) entered blocking state [ 650.053352][T19953] bridge0: port 2(bridge_slave_1) entered disabled state [ 650.061547][T19953] bridge_slave_1: entered allmulticast mode [ 650.070035][T19953] bridge_slave_1: entered promiscuous mode [ 650.127955][T19953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 650.149253][T19953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 650.224577][T19953] team0: Port device team_slave_0 added [ 650.238421][T19953] team0: Port device team_slave_1 added [ 650.320683][T19953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 650.332004][T19953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 650.358990][T19953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 650.375710][T19953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 650.382746][T19953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 650.414135][T19953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 650.489413][T19953] hsr_slave_0: entered promiscuous mode [ 650.496511][T19953] hsr_slave_1: entered promiscuous mode [ 650.502824][T19953] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 650.512302][T19953] Cannot create hsr debugfs directory [ 650.676823][T19953] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 650.751910][T19953] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 650.836574][T19953] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 650.915199][T19953] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 651.068463][T19953] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 651.079803][T19953] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 651.090124][T19953] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 651.100886][T19953] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 651.216995][T19953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 651.259718][T10279] Bluetooth: hci13: command tx timeout [ 651.268915][T19953] 8021q: adding VLAN 0 to HW filter on device team0 [ 651.286334][T20306] FAULT_INJECTION: forcing a failure. [ 651.286334][T20306] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 651.301999][ T9387] bridge0: port 1(bridge_slave_0) entered blocking state [ 651.304540][T20306] CPU: 1 UID: 0 PID: 20306 Comm: syz.1.1412 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 651.304573][T20306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 651.304599][T20306] Call Trace: [ 651.304607][T20306] [ 651.304618][T20306] dump_stack_lvl+0x16c/0x1f0 [ 651.304660][T20306] should_fail_ex+0x512/0x640 [ 651.304700][T20306] should_fail_alloc_page+0xe7/0x130 [ 651.304726][T20306] prepare_alloc_pages+0x3c2/0x610 [ 651.304761][T20306] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 651.304800][T20306] ? copy_splice_read+0x1a8/0xba0 [ 651.304829][T20306] ? stack_trace_save+0x8e/0xc0 [ 651.304858][T20306] ? __pfx_stack_trace_save+0x10/0x10 [ 651.304884][T20306] ? stack_depot_save_flags+0x28/0xa40 [ 651.304926][T20306] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 651.304959][T20306] ? kasan_save_stack+0x42/0x60 [ 651.304992][T20306] ? kasan_save_track+0x14/0x30 [ 651.305024][T20306] ? __kmalloc_noprof+0x223/0x510 [ 651.305055][T20306] ? copy_splice_read+0x1a8/0xba0 [ 651.305081][T20306] ? do_splice_read+0x285/0x370 [ 651.305108][T20306] ? splice_file_to_pipe+0x109/0x120 [ 651.305138][T20306] ? do_sendfile+0x400/0xe50 [ 651.305166][T20306] ? __x64_sys_sendfile64+0x1d8/0x220 [ 651.305187][T20306] ? do_syscall_64+0xcd/0x490 [ 651.305246][T20306] alloc_pages_bulk_noprof+0x71c/0x1410 [ 651.305298][T20306] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 651.305343][T20306] ? trace_kmalloc+0x2b/0xd0 [ 651.305365][T20306] ? __kmalloc_noprof+0x242/0x510 [ 651.305405][T20306] copy_splice_read+0x1e1/0xba0 [ 651.305436][T20306] ? trace_contention_end+0xdd/0x130 [ 651.305469][T20306] ? __mutex_lock+0x1ca/0xb90 [ 651.305506][T20306] ? __pfx_copy_splice_read+0x10/0x10 [ 651.305538][T20306] ? __pfx___mutex_lock+0x10/0x10 [ 651.305580][T20306] ? __fget_files+0x204/0x3c0 [ 651.305615][T20306] ? __pfx_copy_splice_read+0x10/0x10 [ 651.305643][T20306] do_splice_read+0x285/0x370 [ 651.305676][T20306] splice_file_to_pipe+0x109/0x120 [ 651.305710][T20306] do_sendfile+0x400/0xe50 [ 651.305748][T20306] ? __pfx_do_sendfile+0x10/0x10 [ 651.305780][T20306] ? __fget_files+0x20e/0x3c0 [ 651.305820][T20306] __x64_sys_sendfile64+0x1d8/0x220 [ 651.305843][T20306] ? ksys_write+0x1ac/0x250 [ 651.305874][T20306] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 651.305909][T20306] do_syscall_64+0xcd/0x490 [ 651.305945][T20306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.305969][T20306] RIP: 0033:0x7f037f78e929 [ 651.305989][T20306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.306013][T20306] RSP: 002b:00007f038053e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 651.306036][T20306] RAX: ffffffffffffffda RBX: 00007f037f9b5fa0 RCX: 00007f037f78e929 [ 651.306052][T20306] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 651.306067][T20306] RBP: 00007f038053e090 R08: 0000000000000000 R09: 0000000000000000 [ 651.306083][T20306] R10: 000000000000074c R11: 0000000000000246 R12: 0000000000000001 [ 651.306097][T20306] R13: 0000000000000000 R14: 00007f037f9b5fa0 R15: 00007ffe919b89a8 [ 651.306132][T20306] [ 651.617244][ T9387] bridge0: port 1(bridge_slave_0) entered forwarding state [ 651.638883][T10279] Bluetooth: hci12: command tx timeout [ 651.700097][ T9406] bridge0: port 2(bridge_slave_1) entered blocking state [ 651.707394][ T9406] bridge0: port 2(bridge_slave_1) entered forwarding state [ 652.180716][T19953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 652.277237][T19953] veth0_vlan: entered promiscuous mode [ 652.300886][T19953] veth1_vlan: entered promiscuous mode [ 652.379631][T19953] veth0_macvtap: entered promiscuous mode [ 652.397475][T19953] veth1_macvtap: entered promiscuous mode [ 652.427697][T19953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 652.486647][T19953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 652.502874][T19953] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 652.514296][T19953] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 652.523059][T19953] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 652.533255][T19953] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 652.704205][ T8718] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 652.712086][ T8718] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 652.751947][ T8718] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 652.786411][ T8718] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 653.333857][T10279] Bluetooth: hci13: command tx timeout [ 653.653932][T10279] Bluetooth: hci12: command tx timeout [ 653.809241][T20350] random: crng reseeded on system resumption [ 655.360196][T19578] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 655.370974][T19578] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 655.382428][T19578] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 655.394028][T19578] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 655.401723][T19578] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 655.413878][T10279] Bluetooth: hci13: command tx timeout [ 655.958689][T20394] chnl_net:caif_netlink_parms(): no params data found [ 656.175798][T20394] bridge0: port 1(bridge_slave_0) entered blocking state [ 656.182990][T20394] bridge0: port 1(bridge_slave_0) entered disabled state [ 656.193180][T20394] bridge_slave_0: entered allmulticast mode [ 656.207014][T20394] bridge_slave_0: entered promiscuous mode [ 656.217347][T20394] bridge0: port 2(bridge_slave_1) entered blocking state [ 656.229023][T20394] bridge0: port 2(bridge_slave_1) entered disabled state [ 656.237536][T20394] bridge_slave_1: entered allmulticast mode [ 656.250090][T20394] bridge_slave_1: entered promiscuous mode [ 656.286981][T20394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 656.302596][T20394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 656.382262][T20394] team0: Port device team_slave_0 added [ 656.391873][T20394] team0: Port device team_slave_1 added [ 656.476402][T20394] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 656.483548][T20394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 656.516188][T20394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 656.529759][T20394] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 656.541467][T20394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 656.585103][T20394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 656.721785][T20394] hsr_slave_0: entered promiscuous mode [ 656.730982][T20394] hsr_slave_1: entered promiscuous mode [ 656.738427][T20394] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 656.746290][T20394] Cannot create hsr debugfs directory [ 657.097571][T20394] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 657.217886][T20394] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 657.303968][T20394] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 657.384264][T20394] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 657.494423][T19578] Bluetooth: hci14: command tx timeout [ 657.505796][T10279] Bluetooth: hci13: command tx timeout [ 657.686021][T20394] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 657.697795][T20394] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 657.753527][T20394] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 657.783807][T20394] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 657.951568][T20394] 8021q: adding VLAN 0 to HW filter on device bond0 [ 657.977939][T20394] 8021q: adding VLAN 0 to HW filter on device team0 [ 657.999754][ T9393] bridge0: port 1(bridge_slave_0) entered blocking state [ 658.006997][ T9393] bridge0: port 1(bridge_slave_0) entered forwarding state [ 658.019203][ T9393] bridge0: port 2(bridge_slave_1) entered blocking state [ 658.026458][ T9393] bridge0: port 2(bridge_slave_1) entered forwarding state [ 658.464668][T20394] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 658.981655][T20394] veth0_vlan: entered promiscuous mode [ 658.995829][T20394] veth1_vlan: entered promiscuous mode [ 659.069961][T20394] veth0_macvtap: entered promiscuous mode [ 659.132090][T20394] veth1_macvtap: entered promiscuous mode [ 659.201310][T20394] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 659.235031][T20394] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 659.278417][T20394] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 659.287591][T20394] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 659.296885][T20394] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 659.306282][T20394] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 659.462182][ T9402] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 659.487301][ T9380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 659.510688][ T9402] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 659.528580][ T9380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 659.573698][T19578] Bluetooth: hci14: command tx timeout [ 660.188098][T20859] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 660.390804][T10279] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 660.402243][T10279] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 660.410867][T10279] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 660.422414][T10279] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 660.431279][T10279] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 660.739099][T20869] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 661.657991][T19578] Bluetooth: hci14: command tx timeout [ 661.809534][T20878] chnl_net:caif_netlink_parms(): no params data found [ 662.149431][T20878] bridge0: port 1(bridge_slave_0) entered blocking state [ 662.167570][T20878] bridge0: port 1(bridge_slave_0) entered disabled state [ 662.176523][T20878] bridge_slave_0: entered allmulticast mode [ 662.198624][T20878] bridge_slave_0: entered promiscuous mode [ 662.219550][T20878] bridge0: port 2(bridge_slave_1) entered blocking state [ 662.238547][T20878] bridge0: port 2(bridge_slave_1) entered disabled state [ 662.250198][T20878] bridge_slave_1: entered allmulticast mode [ 662.259392][T20878] bridge_slave_1: entered promiscuous mode [ 662.364770][T20878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 662.397678][T20878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 662.482189][T20878] team0: Port device team_slave_0 added [ 662.533607][T19578] Bluetooth: hci15: command tx timeout [ 662.539728][T20878] team0: Port device team_slave_1 added [ 662.670633][T20878] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 662.694462][T20878] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 662.720620][ C1] vkms_vblank_simulate: vblank timer overrun [ 662.750193][T20878] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 662.771439][T20878] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 662.780677][T20878] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 662.836003][T20878] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 662.957774][T20878] hsr_slave_0: entered promiscuous mode [ 662.965044][T20878] hsr_slave_1: entered promiscuous mode [ 662.971638][T20878] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 662.980894][T20878] Cannot create hsr debugfs directory [ 663.734246][T19578] Bluetooth: hci14: command tx timeout [ 664.034181][T20878] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 664.176078][T20878] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 664.325633][T20878] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 664.434908][T20878] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 664.512238][T21303] zero sized request [ 664.624529][T19578] Bluetooth: hci15: command tx timeout [ 664.869498][T20878] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 664.892579][T20878] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 664.910870][T20878] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 664.932501][T20878] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 665.120953][T20878] 8021q: adding VLAN 0 to HW filter on device bond0 [ 665.179362][T20878] 8021q: adding VLAN 0 to HW filter on device team0 [ 665.190481][ T9402] bridge0: port 1(bridge_slave_0) entered blocking state [ 665.190578][ T9402] bridge0: port 1(bridge_slave_0) entered forwarding state [ 665.202090][ T9402] bridge0: port 2(bridge_slave_1) entered blocking state [ 665.202197][ T9402] bridge0: port 2(bridge_slave_1) entered forwarding state [ 665.270643][T20878] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 665.270678][T20878] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 665.422094][T21367] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 665.747894][T21378] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 665.940363][T20878] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 666.000421][T20878] veth0_vlan: entered promiscuous mode [ 666.018277][T20878] veth1_vlan: entered promiscuous mode [ 666.059705][T20878] veth0_macvtap: entered promiscuous mode [ 666.091551][T20878] veth1_macvtap: entered promiscuous mode [ 666.113537][T20878] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 666.147409][T20878] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 666.217539][T20878] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.251741][T20878] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.263678][T20878] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.272699][T20878] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 666.620591][ T9393] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 666.634489][ T9393] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 666.694407][T10279] Bluetooth: hci15: command tx timeout [ 666.864078][ T9381] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 666.923680][ T9381] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 667.332139][T21458] FAULT_INJECTION: forcing a failure. [ 667.332139][T21458] name failslab, interval 1, probability 0, space 0, times 0 [ 667.347588][T21458] CPU: 0 UID: 0 PID: 21458 Comm: syz.0.1440 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 667.347625][T21458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 667.347649][T21458] Call Trace: [ 667.347658][T21458] [ 667.347668][T21458] dump_stack_lvl+0x16c/0x1f0 [ 667.347709][T21458] should_fail_ex+0x512/0x640 [ 667.347744][T21458] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 667.347783][T21458] should_failslab+0xc2/0x120 [ 667.347807][T21458] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 667.347840][T21458] ? __might_fault+0x13b/0x190 [ 667.347874][T21458] ? getname_flags.part.0+0x4c/0x550 [ 667.347906][T21458] getname_flags.part.0+0x4c/0x550 [ 667.347937][T21458] getname_flags+0x93/0xf0 [ 667.347968][T21458] path_removexattrat+0x3a2/0x5e0 [ 667.348002][T21458] ? __pfx_path_removexattrat+0x10/0x10 [ 667.348063][T21458] ? ksys_write+0x1ac/0x250 [ 667.348095][T21458] ? __pfx_ksys_write+0x10/0x10 [ 667.348136][T21458] __x64_sys_removexattr+0x5b/0x80 [ 667.348172][T21458] do_syscall_64+0xcd/0x490 [ 667.348210][T21458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.348235][T21458] RIP: 0033:0x7f20bb98e929 [ 667.348255][T21458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 667.348277][T21458] RSP: 002b:00007f20bc7b5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c5 [ 667.348301][T21458] RAX: ffffffffffffffda RBX: 00007f20bbbb5fa0 RCX: 00007f20bb98e929 [ 667.348318][T21458] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 00002000000003c0 [ 667.348333][T21458] RBP: 00007f20bc7b5090 R08: 0000000000000000 R09: 0000000000000000 [ 667.348349][T21458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 667.348364][T21458] R13: 0000000000000001 R14: 00007f20bbbb5fa0 R15: 00007ffe6111c7c8 [ 667.348397][T21458] [ 668.774239][T10279] Bluetooth: hci15: command tx timeout [ 670.199846][T19578] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1 [ 670.218094][T19578] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9 [ 670.227372][T19578] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9 [ 670.237673][T19578] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4 [ 670.250084][T19578] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2 [ 670.258222][T21565] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 670.522266][T21574] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 670.952838][T21561] chnl_net:caif_netlink_parms(): no params data found [ 671.245942][T21561] bridge0: port 1(bridge_slave_0) entered blocking state [ 671.256942][T21561] bridge0: port 1(bridge_slave_0) entered disabled state [ 671.273957][T21561] bridge_slave_0: entered allmulticast mode [ 671.289405][T21561] bridge_slave_0: entered promiscuous mode [ 671.299661][T21561] bridge0: port 2(bridge_slave_1) entered blocking state [ 671.307253][T21561] bridge0: port 2(bridge_slave_1) entered disabled state [ 671.316753][T21561] bridge_slave_1: entered allmulticast mode [ 671.325710][T21561] bridge_slave_1: entered promiscuous mode [ 671.402138][T21561] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 671.437311][T21561] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 671.561853][T21561] team0: Port device team_slave_0 added [ 671.570921][T21561] team0: Port device team_slave_1 added [ 671.628584][T21561] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 671.635767][T21561] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 671.668549][T21561] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 671.682157][T21561] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 671.689551][T21561] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 671.716813][T21561] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 671.824415][T21561] hsr_slave_0: entered promiscuous mode [ 671.831046][T21561] hsr_slave_1: entered promiscuous mode [ 671.849626][T21561] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 671.857416][T21561] Cannot create hsr debugfs directory [ 672.160004][T21561] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 672.350921][T21561] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 672.373735][T19578] Bluetooth: hci16: command tx timeout [ 672.608178][T21561] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 672.809013][T21561] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 673.295030][T22006] zero sized request [ 673.401100][T21561] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 673.475173][T21561] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 673.489429][T21561] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 673.521179][T21561] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 673.840322][T21561] 8021q: adding VLAN 0 to HW filter on device bond0 [ 673.892862][T21561] 8021q: adding VLAN 0 to HW filter on device team0 [ 673.930153][ T8718] bridge0: port 1(bridge_slave_0) entered blocking state [ 673.937492][ T8718] bridge0: port 1(bridge_slave_0) entered forwarding state [ 673.981245][ T8718] bridge0: port 2(bridge_slave_1) entered blocking state [ 673.988552][ T8718] bridge0: port 2(bridge_slave_1) entered forwarding state [ 674.459621][T19578] Bluetooth: hci16: command tx timeout [ 674.909316][T21561] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 674.965044][T22058] FAULT_INJECTION: forcing a failure. [ 674.965044][T22058] name fail_futex, interval 1, probability 0, space 0, times 1 [ 674.993867][T22058] CPU: 0 UID: 0 PID: 22058 Comm: syz.0.1457 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 674.993901][T22058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 674.993914][T22058] Call Trace: [ 674.993920][T22058] [ 674.993926][T22058] dump_stack_lvl+0x16c/0x1f0 [ 674.993953][T22058] should_fail_ex+0x512/0x640 [ 674.993978][T22058] get_futex_key+0xf36/0x1540 [ 674.993999][T22058] ? __pfx_get_futex_key+0x10/0x10 [ 674.994016][T22058] ? __mutex_trylock_common+0xe9/0x250 [ 674.994042][T22058] futex_wake+0xe7/0x4e0 [ 674.994064][T22058] ? __pfx_futex_wake+0x10/0x10 [ 674.994082][T22058] ? __lock_acquire+0xb8a/0x1c90 [ 674.994117][T22058] do_futex+0x1e3/0x350 [ 674.994141][T22058] ? __pfx_do_futex+0x10/0x10 [ 674.994157][T22058] ? __might_fault+0xe3/0x190 [ 674.994183][T22058] mm_release+0x24e/0x300 [ 674.994201][T22058] do_exit+0x68b/0x2bd0 [ 674.994224][T22058] ? __pfx_do_exit+0x10/0x10 [ 674.994243][T22058] ? do_raw_spin_lock+0x12c/0x2b0 [ 674.994270][T22058] ? find_held_lock+0x2b/0x80 [ 674.994289][T22058] do_group_exit+0xd3/0x2a0 [ 674.994310][T22058] get_signal+0x2673/0x26d0 [ 674.994329][T22058] ? kmem_cache_free+0x2d1/0x4d0 [ 674.994348][T22058] ? fd_install+0x225/0x750 [ 674.994371][T22058] ? __pfx_get_signal+0x10/0x10 [ 674.994387][T22058] ? do_futex+0x122/0x350 [ 674.994404][T22058] ? __pfx_do_futex+0x10/0x10 [ 674.994426][T22058] arch_do_signal_or_restart+0x8f/0x790 [ 674.994445][T22058] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 674.994468][T22058] ? xfd_validate_state+0x61/0x180 [ 674.994493][T22058] exit_to_user_mode_loop+0x84/0x110 [ 674.994516][T22058] do_syscall_64+0x3f6/0x490 [ 674.994539][T22058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 674.994554][T22058] RIP: 0033:0x7f20bb98e929 [ 674.994567][T22058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 674.994582][T22058] RSP: 002b:00007f20bc7b50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 674.994597][T22058] RAX: fffffffffffffe00 RBX: 00007f20bbbb5fa8 RCX: 00007f20bb98e929 [ 674.994607][T22058] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f20bbbb5fa8 [ 674.994616][T22058] RBP: 00007f20bbbb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 674.994625][T22058] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f20bbbb5fac [ 674.994634][T22058] R13: 0000000000000000 R14: 00007ffe6111c6e0 R15: 00007ffe6111c7c8 [ 674.994653][T22058] [ 675.550665][T21561] veth0_vlan: entered promiscuous mode [ 675.562122][T21561] veth1_vlan: entered promiscuous mode [ 675.608491][T21561] veth0_macvtap: entered promiscuous mode [ 675.618839][T21561] veth1_macvtap: entered promiscuous mode [ 675.637093][T21561] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 675.653859][T21561] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 675.668368][T21561] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.677267][T21561] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.686696][T21561] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.695712][T21561] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 675.778812][ T9379] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 675.788148][ T9379] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 675.836209][ T9379] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 675.844566][ T9379] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 676.533908][T19578] Bluetooth: hci16: command tx timeout [ 677.006127][T22120] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39 [ 677.558852][T22125] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 678.658804][T19578] Bluetooth: hci16: command tx timeout [ 680.888591][T22238] ptrace attach of "./syz-executor exec"[21561] was attempted by "./syz-executor exec"[22238] [ 682.861921][T22304] netlink: 110 bytes leftover after parsing attributes in process `syz.2.1477'. [ 683.342894][T22320] FAULT_INJECTION: forcing a failure. [ 683.342894][T22320] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 683.358899][T22320] CPU: 1 UID: 0 PID: 22320 Comm: syz.0.1479 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 683.358937][T22320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 683.358954][T22320] Call Trace: [ 683.358964][T22320] [ 683.358974][T22320] dump_stack_lvl+0x16c/0x1f0 [ 683.359017][T22320] should_fail_ex+0x512/0x640 [ 683.359058][T22320] should_fail_alloc_page+0xe7/0x130 [ 683.359086][T22320] prepare_alloc_pages+0x3c2/0x610 [ 683.359122][T22320] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 683.359167][T22320] ? __lock_acquire+0x622/0x1c90 [ 683.359206][T22320] ? __lock_acquire+0x622/0x1c90 [ 683.359241][T22320] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 683.359279][T22320] ? find_held_lock+0x2b/0x80 [ 683.359300][T22320] ? is_bpf_text_address+0x8a/0x1a0 [ 683.359326][T22320] ? bpf_ksym_find+0x124/0x1c0 [ 683.359347][T22320] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 683.359370][T22320] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 683.359399][T22320] ? policy_nodemask+0xea/0x4e0 [ 683.359421][T22320] alloc_pages_mpol+0x1fb/0x550 [ 683.359441][T22320] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 683.359467][T22320] folio_alloc_mpol_noprof+0x36/0x2f0 [ 683.359491][T22320] shmem_alloc_folio+0x135/0x160 [ 683.359516][T22320] shmem_alloc_and_add_folio+0x499/0xc20 [ 683.359549][T22320] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 683.359578][T22320] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 683.359609][T22320] shmem_get_folio_gfp+0x67f/0x1600 [ 683.359642][T22320] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 683.359676][T22320] shmem_fault+0x1fe/0xa30 [ 683.359704][T22320] ? __pfx_shmem_fault+0x10/0x10 [ 683.359728][T22320] ? mod_memcg_lruvec_state+0x394/0x610 [ 683.359755][T22320] ? find_held_lock+0x2b/0x80 [ 683.359779][T22320] ? pte_alloc_one+0x2b6/0x3a0 [ 683.359801][T22320] __do_fault+0x10a/0x490 [ 683.359829][T22320] ? __pfx_filemap_map_pages+0x10/0x10 [ 683.359858][T22320] __handle_mm_fault+0x374c/0x5490 [ 683.359891][T22320] ? __pfx___handle_mm_fault+0x10/0x10 [ 683.359913][T22320] ? __pfx_mt_find+0x10/0x10 [ 683.359947][T22320] ? find_vma+0xbf/0x140 [ 683.359965][T22320] ? __pfx_find_vma+0x10/0x10 [ 683.359988][T22320] handle_mm_fault+0x589/0xd10 [ 683.360013][T22320] ? __pkru_allows_pkey+0x51/0xb0 [ 683.360040][T22320] do_user_addr_fault+0x7a6/0x1370 [ 683.360069][T22320] ? rcu_is_watching+0x12/0xc0 [ 683.360094][T22320] exc_page_fault+0x5c/0xb0 [ 683.360121][T22320] asm_exc_page_fault+0x26/0x30 [ 683.360140][T22320] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 683.360168][T22320] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 683.360187][T22320] RSP: 0018:ffffc9001ebffe18 EFLAGS: 00050212 [ 683.360204][T22320] RAX: 732e6d6574737973 RBX: 0000000000000015 RCX: 0000000000000015 [ 683.360217][T22320] RDX: ffffed100ef92463 RSI: ffff888077c92300 RDI: 0000000000000000 [ 683.360229][T22320] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100ef92462 [ 683.360241][T22320] R10: ffff888077c92314 R11: 0000000000000001 R12: ffff888077c92300 [ 683.360258][T22320] R13: 0000000000000015 R14: 00007ffffffff000 R15: 0000000000000000 [ 683.360285][T22320] _copy_to_user+0xbb/0xd0 [ 683.360316][T22320] listxattr+0xbb/0x1a0 [ 683.360341][T22320] path_listxattrat+0x2b1/0x370 [ 683.360371][T22320] ? ksys_write+0x1ac/0x250 [ 683.360396][T22320] ? __pfx_path_listxattrat+0x10/0x10 [ 683.360430][T22320] do_syscall_64+0xcd/0x490 [ 683.360459][T22320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.360477][T22320] RIP: 0033:0x7f20bb98e929 [ 683.360493][T22320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.360511][T22320] RSP: 002b:00007f20bc7b5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c4 [ 683.360528][T22320] RAX: ffffffffffffffda RBX: 00007f20bbbb5fa0 RCX: 00007f20bb98e929 [ 683.360541][T22320] RDX: 0000000000000095 RSI: 0000000000000000 RDI: 0000000000000003 [ 683.360553][T22320] RBP: 00007f20bc7b5090 R08: 0000000000000000 R09: 0000000000000000 [ 683.360564][T22320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 683.360576][T22320] R13: 0000000000000000 R14: 00007f20bbbb5fa0 R15: 00007ffe6111c7c8 [ 683.360601][T22320] [ 683.911637][ T8647] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 684.260563][ T8647] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 684.501907][ T8647] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 684.590262][T10279] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1 [ 684.600055][T10279] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9 [ 684.626553][T10279] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9 [ 684.647162][T10279] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4 [ 684.656679][T10279] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2 [ 684.805140][ T8647] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 685.151376][T22344] FAULT_INJECTION: forcing a failure. [ 685.151376][T22344] name failslab, interval 1, probability 0, space 0, times 0 [ 685.192113][T22344] CPU: 1 UID: 0 PID: 22344 Comm: syz.6.1482 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 685.192149][T22344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 685.192162][T22344] Call Trace: [ 685.192170][T22344] [ 685.192180][T22344] dump_stack_lvl+0x16c/0x1f0 [ 685.192219][T22344] should_fail_ex+0x512/0x640 [ 685.192260][T22344] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 685.192297][T22344] should_failslab+0xc2/0x120 [ 685.192318][T22344] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 685.192349][T22344] ? __pfx_acct_collect+0x10/0x10 [ 685.192383][T22344] ? taskstats_exit+0x654/0xbe0 [ 685.192422][T22344] taskstats_exit+0x654/0xbe0 [ 685.192459][T22344] ? __pfx_taskstats_exit+0x10/0x10 [ 685.192502][T22344] do_exit+0x5d9/0x2bd0 [ 685.192542][T22344] ? __pfx_do_exit+0x10/0x10 [ 685.192573][T22344] ? do_raw_spin_lock+0x12c/0x2b0 [ 685.192607][T22344] ? find_held_lock+0x2b/0x80 [ 685.192638][T22344] do_group_exit+0xd3/0x2a0 [ 685.192669][T22344] get_signal+0x2673/0x26d0 [ 685.192696][T22344] ? kmem_cache_free+0x2d1/0x4d0 [ 685.192727][T22344] ? fd_install+0x225/0x750 [ 685.192759][T22344] ? __pfx_get_signal+0x10/0x10 [ 685.192786][T22344] ? do_futex+0x122/0x350 [ 685.192815][T22344] ? __pfx_do_futex+0x10/0x10 [ 685.192848][T22344] arch_do_signal_or_restart+0x8f/0x790 [ 685.192879][T22344] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 685.192918][T22344] ? xfd_validate_state+0x61/0x180 [ 685.192959][T22344] exit_to_user_mode_loop+0x84/0x110 [ 685.192997][T22344] do_syscall_64+0x3f6/0x490 [ 685.193035][T22344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 685.193061][T22344] RIP: 0033:0x7fd7b638e929 [ 685.193082][T22344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 685.193106][T22344] RSP: 002b:00007fd7b722a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 685.193131][T22344] RAX: fffffffffffffe00 RBX: 00007fd7b65b6088 RCX: 00007fd7b638e929 [ 685.193147][T22344] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd7b65b6088 [ 685.193162][T22344] RBP: 00007fd7b65b6080 R08: 0000000000000000 R09: 0000000000000000 [ 685.193176][T22344] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd7b65b608c [ 685.193192][T22344] R13: 0000000000000000 R14: 00007fffc2aca7c0 R15: 00007fffc2aca8a8 [ 685.193226][T22344] [ 685.568142][T10279] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1 [ 685.596001][T10279] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9 [ 685.628522][T22380] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41 [ 685.649975][T10279] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9 [ 685.667955][T10279] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4 [ 685.680252][T10279] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2 [ 685.743821][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 685.750214][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 685.791888][ T8647] bridge_slave_1: left allmulticast mode [ 685.798665][ T8647] bridge_slave_1: left promiscuous mode [ 685.807148][ T8647] bridge0: port 2(bridge_slave_1) entered disabled state [ 685.827344][ T8647] bridge_slave_0: left allmulticast mode [ 685.833058][ T8647] bridge_slave_0: left promiscuous mode [ 685.867238][ T8647] bridge0: port 1(bridge_slave_0) entered disabled state [ 686.510360][ T8647] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 686.527147][ T8647] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 686.561817][ T8647] bond0 (unregistering): Released all slaves [ 686.693804][T10279] Bluetooth: hci14: command tx timeout [ 687.160217][T22330] chnl_net:caif_netlink_parms(): no params data found [ 687.713801][ T8647] hsr_slave_0: left promiscuous mode [ 687.733366][ T8647] hsr_slave_1: left promiscuous mode [ 687.740019][ T8647] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 687.747828][T10279] Bluetooth: hci15: command tx timeout [ 687.763260][ T8647] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 687.806594][ T8647] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 687.824079][ T8647] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 687.935234][ T8647] veth1_macvtap: left promiscuous mode [ 687.941325][ T8647] veth0_macvtap: left promiscuous mode [ 687.966137][ T8647] veth1_vlan: left promiscuous mode [ 687.971915][ T8647] veth0_vlan: left promiscuous mode [ 688.776589][T10279] Bluetooth: hci14: command tx timeout [ 689.178639][ T8647] team0 (unregistering): Port device team_slave_1 removed [ 689.239521][ T8647] team0 (unregistering): Port device team_slave_0 removed [ 689.822302][T10279] Bluetooth: hci15: command tx timeout [ 690.846247][T22330] bridge0: port 1(bridge_slave_0) entered blocking state [ 690.862112][T22330] bridge0: port 1(bridge_slave_0) entered disabled state [ 690.877887][T10279] Bluetooth: hci14: command tx timeout [ 690.882104][T22330] bridge_slave_0: entered allmulticast mode [ 690.903930][T22330] bridge_slave_0: entered promiscuous mode [ 690.919298][T22330] bridge0: port 2(bridge_slave_1) entered blocking state [ 690.942550][T22330] bridge0: port 2(bridge_slave_1) entered disabled state [ 690.961032][T22330] bridge_slave_1: entered allmulticast mode [ 690.974146][T22330] bridge_slave_1: entered promiscuous mode [ 691.115031][T22373] chnl_net:caif_netlink_parms(): no params data found [ 691.219019][T22330] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 691.302911][T22330] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 691.542846][T22330] team0: Port device team_slave_0 added [ 691.609681][T22330] team0: Port device team_slave_1 added [ 691.893999][T10279] Bluetooth: hci15: command tx timeout [ 691.917227][T22330] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 691.924420][T22330] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 691.950957][T22330] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 691.970610][T22373] bridge0: port 1(bridge_slave_0) entered blocking state [ 691.988087][T22373] bridge0: port 1(bridge_slave_0) entered disabled state [ 692.018818][T22373] bridge_slave_0: entered allmulticast mode [ 692.035523][T22373] bridge_slave_0: entered promiscuous mode [ 692.048124][T22330] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 692.059272][T22330] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 692.103687][T22330] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 692.140885][T22373] bridge0: port 2(bridge_slave_1) entered blocking state [ 692.155732][T22373] bridge0: port 2(bridge_slave_1) entered disabled state [ 692.163118][T22373] bridge_slave_1: entered allmulticast mode [ 692.196564][T22373] bridge_slave_1: entered promiscuous mode [ 692.416230][T22373] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 692.448552][T22373] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 692.498498][T22330] hsr_slave_0: entered promiscuous mode [ 692.512151][T22330] hsr_slave_1: entered promiscuous mode [ 692.529623][T22330] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 692.547738][T22330] Cannot create hsr debugfs directory [ 692.841912][T22373] team0: Port device team_slave_0 added [ 692.855534][T22373] team0: Port device team_slave_1 added [ 692.933887][T10279] Bluetooth: hci14: command tx timeout [ 693.549656][T22373] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 693.570174][T22373] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 693.616110][T22373] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 693.683177][T22373] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 693.716118][T22373] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 693.768285][T22373] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 693.973910][T10279] Bluetooth: hci15: command tx timeout [ 694.027861][T22373] hsr_slave_0: entered promiscuous mode [ 694.035206][T22373] hsr_slave_1: entered promiscuous mode [ 694.043282][T22373] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 694.051998][T22373] Cannot create hsr debugfs directory [ 694.810869][T22373] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 694.834559][T22330] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 694.853377][T22330] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 694.888983][T22373] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 694.908847][T22330] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 694.919010][T22330] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 694.980085][T22373] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 695.066664][T22373] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 695.120720][T22330] 8021q: adding VLAN 0 to HW filter on device bond0 [ 695.165227][T22330] 8021q: adding VLAN 0 to HW filter on device team0 [ 695.199970][ T8718] bridge0: port 1(bridge_slave_0) entered blocking state [ 695.207226][ T8718] bridge0: port 1(bridge_slave_0) entered forwarding state [ 695.268251][ T8718] bridge0: port 2(bridge_slave_1) entered blocking state [ 695.275502][ T8718] bridge0: port 2(bridge_slave_1) entered forwarding state [ 695.458229][T22373] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 695.518271][T22373] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 695.561429][T22373] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 695.606598][T22373] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 695.909807][T22373] 8021q: adding VLAN 0 to HW filter on device bond0 [ 695.954621][T22330] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 695.967690][T22373] 8021q: adding VLAN 0 to HW filter on device team0 [ 696.071253][ T8651] bridge0: port 1(bridge_slave_0) entered blocking state [ 696.078552][ T8651] bridge0: port 1(bridge_slave_0) entered forwarding state [ 696.112677][ T8651] bridge0: port 2(bridge_slave_1) entered blocking state [ 696.119942][ T8651] bridge0: port 2(bridge_slave_1) entered forwarding state [ 696.228817][T22330] veth0_vlan: entered promiscuous mode [ 696.290966][T22330] veth1_vlan: entered promiscuous mode [ 696.426483][T22330] veth0_macvtap: entered promiscuous mode [ 696.449201][T22330] veth1_macvtap: entered promiscuous mode [ 696.530385][T22330] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 696.560383][T22330] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 696.611768][T22330] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 696.628541][T22330] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 696.638429][T22330] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 696.647359][T22330] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 696.857688][ T8651] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 696.883936][ T8651] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 696.984040][ T9406] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 696.991938][ T9406] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 697.037831][T22373] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 697.523199][T23334] tc_dump_action: action bad kind [ 699.107559][T23357] ptrace attach of "./syz-executor exec"[19953] was attempted by "./syz-executor exec"[23357] [ 699.236239][T22373] veth0_vlan: entered promiscuous mode [ 699.324946][T22373] veth1_vlan: entered promiscuous mode [ 699.385870][T22373] veth0_macvtap: entered promiscuous mode [ 699.952791][T22373] veth1_macvtap: entered promiscuous mode [ 699.994696][T22373] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 700.035643][T22373] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 700.150343][T22373] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 700.196971][T22373] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 700.229732][T22373] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 700.283862][T22373] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 700.580173][ T9387] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 700.606185][ T9387] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 700.730113][ T9380] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 700.746736][ T9380] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 701.591189][T23470] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42 [ 701.902294][T23487] FAULT_INJECTION: forcing a failure. [ 701.902294][T23487] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 701.951824][T23487] CPU: 1 UID: 0 PID: 23487 Comm: syz.6.1507 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 701.951866][T23487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 701.951881][T23487] Call Trace: [ 701.951890][T23487] [ 701.951901][T23487] dump_stack_lvl+0x16c/0x1f0 [ 701.951942][T23487] should_fail_ex+0x512/0x640 [ 701.951981][T23487] _copy_to_user+0x32/0xd0 [ 701.952019][T23487] simple_read_from_buffer+0xcb/0x170 [ 701.952053][T23487] proc_fail_nth_read+0x197/0x270 [ 701.952084][T23487] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 701.952114][T23487] ? rw_verify_area+0xcf/0x680 [ 701.952143][T23487] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 701.952172][T23487] vfs_read+0x1e4/0xc60 [ 701.952209][T23487] ? __pfx___mutex_lock+0x10/0x10 [ 701.952244][T23487] ? __pfx_vfs_read+0x10/0x10 [ 701.952285][T23487] ? __fget_files+0x20e/0x3c0 [ 701.952323][T23487] ksys_read+0x12a/0x250 [ 701.952352][T23487] ? __pfx_ksys_read+0x10/0x10 [ 701.952389][T23487] do_syscall_64+0xcd/0x490 [ 701.952425][T23487] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 701.952451][T23487] RIP: 0033:0x7fd7b638d33c [ 701.952473][T23487] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 701.952494][T23487] RSP: 002b:00007fd7b724b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 701.952515][T23487] RAX: ffffffffffffffda RBX: 00007fd7b65b5fa0 RCX: 00007fd7b638d33c [ 701.952530][T23487] RDX: 000000000000000f RSI: 00007fd7b724b0a0 RDI: 0000000000000003 [ 701.952544][T23487] RBP: 00007fd7b724b090 R08: 0000000000000000 R09: 0000000000000000 [ 701.952559][T23487] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 701.952572][T23487] R13: 0000000000000001 R14: 00007fd7b65b5fa0 R15: 00007fffc2aca8a8 [ 701.952604][T23487] [ 702.558182][T23474] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 705.349030][T23529] ptrace attach of "./syz-executor exec"[22330] was attempted by "./syz-executor exec"[23529] [ 705.803888][T23614] binder: 23613:23614 ioctl c00c620f 200000000180 returned -22 [ 705.833966][T23620] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44 [ 708.377142][T23780] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 708.409015][T23780] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 708.419838][T23780] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 708.454992][T23780] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 708.514835][T23780] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 708.546027][T23780] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 708.556563][T23780] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 708.570710][T23780] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 708.586848][T23780] Bluetooth: hci8: Opcode 0x0c1a failed: -4 [ 708.637437][T23780] Bluetooth: hci9: Opcode 0x0c1a failed: -4 [ 708.752720][T23780] Bluetooth: hci10: Opcode 0x0c1a failed: -4 [ 708.759724][T23780] Bluetooth: hci11: Opcode 0x0c1a failed: -4 [ 708.766110][T23780] Bluetooth: hci12: Opcode 0x0c1a failed: -4 [ 708.795827][T23780] Bluetooth: hci12: Opcode 0x0406 failed: -4 [ 708.869331][T23780] Bluetooth: hci12: Opcode 0x0406 failed: -4 [ 708.911468][T23780] Bluetooth: hci13: Opcode 0x0c1a failed: -4 [ 708.929124][T23780] Bluetooth: hci13: Opcode 0x0406 failed: -4 [ 708.987977][T23780] Bluetooth: hci13: Opcode 0x0406 failed: -4 [ 709.009667][T23780] Bluetooth: hci16: Opcode 0x0c1a failed: -4 [ 709.043802][T23780] Bluetooth: hci16: Opcode 0x0406 failed: -4 [ 709.065421][T23780] Bluetooth: hci16: Opcode 0x0406 failed: -4 [ 709.075491][T23780] Bluetooth: hci14: Opcode 0x0c1a failed: -4 [ 709.095744][T23780] Bluetooth: hci14: Opcode 0x0406 failed: -4 [ 709.104778][T23780] Bluetooth: hci14: Opcode 0x0406 failed: -4 [ 709.121620][T23780] Bluetooth: hci15: Opcode 0x0c1a failed: -4 [ 709.194709][T23780] Bluetooth: hci15: Opcode 0x0406 failed: -4 [ 709.214733][T23780] Bluetooth: hci15: Opcode 0x0406 failed: -4 [ 710.453776][T10279] Bluetooth: hci2: command 0x0c1a tx timeout [ 710.459906][T10279] Bluetooth: hci1: command 0x0c1a tx timeout [ 710.469411][T19578] Bluetooth: hci0: command 0x0c1a tx timeout [ 710.537683][T10279] Bluetooth: hci4: command 0x0c1a tx timeout [ 710.537757][T10279] Bluetooth: hci3: command 0x0c1a tx timeout [ 710.613947][ T8648] Bluetooth: hci8: command 0x0c1a tx timeout [ 710.629688][T10279] Bluetooth: hci7: command 0x0c1a tx timeout [ 710.635867][T19578] Bluetooth: hci6: command 0x0c1a tx timeout [ 710.641927][T19578] Bluetooth: hci5: command 0x0c1a tx timeout [ 710.698510][T10279] Bluetooth: hci9: command 0x0c1a tx timeout [ 710.773641][T10279] Bluetooth: hci12: command 0x0c1a tx timeout [ 710.779849][T10279] Bluetooth: hci11: command 0x040f tx timeout [ 710.786269][T19578] Bluetooth: hci10: command 0x0419 tx timeout [ 710.939233][T10279] Bluetooth: hci13: command 0x0c1a tx timeout [ 711.013920][T10279] Bluetooth: hci16: command 0x0c1a tx timeout [ 711.093690][T10279] Bluetooth: hci14: command 0x0c1a tx timeout [ 711.174506][T10279] Bluetooth: hci15: command 0x0c1a tx timeout [ 712.859162][T10279] Bluetooth: hci12: command 0x0c1a tx timeout [ 713.013729][T10279] Bluetooth: hci13: command 0x0c1a tx timeout [ 713.093712][T10279] Bluetooth: hci16: command 0x0c1a tx timeout [ 713.174268][T10279] Bluetooth: hci14: command 0x0c1a tx timeout [ 713.283558][T10279] Bluetooth: hci15: command 0x0c1a tx timeout [ 713.935263][T23972] FAULT_INJECTION: forcing a failure. [ 713.935263][T23972] name failslab, interval 1, probability 0, space 0, times 0 [ 713.993619][T23972] CPU: 1 UID: 0 PID: 23972 Comm: syz.2.1544 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 713.993656][T23972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 713.993671][T23972] Call Trace: [ 713.993681][T23972] [ 713.993691][T23972] dump_stack_lvl+0x16c/0x1f0 [ 713.993730][T23972] should_fail_ex+0x512/0x640 [ 713.993764][T23972] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 713.993807][T23972] should_failslab+0xc2/0x120 [ 713.993832][T23972] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 713.993869][T23972] ? arch_stack_walk+0xa6/0x100 [ 713.993894][T23972] ? nvmf_parse_options+0x407/0x2240 [ 713.993930][T23972] kstrdup+0x53/0x100 [ 713.993967][T23972] nvmf_parse_options+0x407/0x2240 [ 713.993996][T23972] ? stack_trace_save+0x8e/0xc0 [ 713.994040][T23972] ? __pfx_nvmf_parse_options+0x10/0x10 [ 713.994068][T23972] ? __kasan_kmalloc+0xaa/0xb0 [ 713.994099][T23972] ? nvmf_dev_write+0x161/0xc70 [ 713.994126][T23972] ? vfs_write+0x29d/0x1150 [ 713.994158][T23972] ? do_syscall_64+0xcd/0x490 [ 713.994243][T23972] ? kasan_save_track+0x14/0x30 [ 713.994281][T23972] nvmf_dev_write+0x186/0xc70 [ 713.994314][T23972] ? rw_verify_area+0xcf/0x680 [ 713.994347][T23972] ? __pfx_nvmf_dev_write+0x10/0x10 [ 713.994374][T23972] vfs_write+0x29d/0x1150 [ 713.994432][T23972] ? __pfx_vfs_write+0x10/0x10 [ 713.994463][T23972] ? find_held_lock+0x2b/0x80 [ 713.994488][T23972] ? __fget_files+0x204/0x3c0 [ 713.994523][T23972] ? __fget_files+0x20e/0x3c0 [ 713.994562][T23972] ksys_write+0x12a/0x250 [ 713.994594][T23972] ? __pfx_ksys_write+0x10/0x10 [ 713.994642][T23972] do_syscall_64+0xcd/0x490 [ 713.994676][T23972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 713.994699][T23972] RIP: 0033:0x7f42a4d8e929 [ 713.994719][T23972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 713.994740][T23972] RSP: 002b:00007f42a5b8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 713.994761][T23972] RAX: ffffffffffffffda RBX: 00007f42a4fb5fa0 RCX: 00007f42a4d8e929 [ 713.994777][T23972] RDX: 0000000000000001 RSI: 0000200000001500 RDI: 0000000000000003 [ 713.994792][T23972] RBP: 00007f42a5b8e090 R08: 0000000000000000 R09: 0000000000000000 [ 713.994806][T23972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 713.994821][T23972] R13: 0000000000000000 R14: 00007f42a4fb5fa0 R15: 00007ffe68229868 [ 713.994857][T23972] [ 714.839773][T23990] FAULT_INJECTION: forcing a failure. [ 714.839773][T23990] name failslab, interval 1, probability 0, space 0, times 0 [ 714.909584][T23990] CPU: 1 UID: 0 PID: 23990 Comm: syz.0.1547 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 714.909618][T23990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 714.909633][T23990] Call Trace: [ 714.909640][T23990] [ 714.909649][T23990] dump_stack_lvl+0x16c/0x1f0 [ 714.909687][T23990] should_fail_ex+0x512/0x640 [ 714.909720][T23990] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 714.909755][T23990] should_failslab+0xc2/0x120 [ 714.909781][T23990] __kmalloc_cache_noprof+0x6a/0x3e0 [ 714.909810][T23990] ? copy_net_ns+0x135/0x5f0 [ 714.909838][T23990] copy_net_ns+0x135/0x5f0 [ 714.909861][T23990] ? copy_cgroup_ns+0x71/0x700 [ 714.909890][T23990] create_new_namespaces+0x3ea/0xa90 [ 714.909927][T23990] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 714.909959][T23990] ksys_unshare+0x45b/0xa40 [ 714.909994][T23990] ? __pfx_ksys_unshare+0x10/0x10 [ 714.910027][T23990] ? ksys_write+0x1ac/0x250 [ 714.910074][T23990] __x64_sys_unshare+0x31/0x40 [ 714.910106][T23990] do_syscall_64+0xcd/0x490 [ 714.910143][T23990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.910168][T23990] RIP: 0033:0x7f20bb98e929 [ 714.910189][T23990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 714.910212][T23990] RSP: 002b:00007f20bc7b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 714.910236][T23990] RAX: ffffffffffffffda RBX: 00007f20bbbb5fa0 RCX: 00007f20bb98e929 [ 714.910252][T23990] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 714.910267][T23990] RBP: 00007f20bc7b5090 R08: 0000000000000000 R09: 0000000000000000 [ 714.910282][T23990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 714.910297][T23990] R13: 0000000000000000 R14: 00007f20bbbb5fa0 R15: 00007ffe6111c7c8 [ 714.910330][T23990] [ 715.094388][ T8648] Bluetooth: hci12: command 0x0c1a tx timeout [ 715.108990][ T8648] Bluetooth: hci13: command 0x0c1a tx timeout [ 715.175796][T10279] Bluetooth: hci16: command 0x0c1a tx timeout [ 715.266604][T10279] Bluetooth: hci14: command 0x0c1a tx timeout [ 715.344827][T10279] Bluetooth: hci15: command 0x0c1a tx timeout [ 717.798173][T24065] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46 [ 718.087457][T24045] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input45 [ 718.276365][T24104] vhci_hcd: invalid port number 16 [ 718.287589][T24104] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 718.322901][T24088] FAULT_INJECTION: forcing a failure. [ 718.322901][T24088] name failslab, interval 1, probability 0, space 0, times 0 [ 718.401760][T24088] CPU: 1 UID: 0 PID: 24088 Comm: syz.7.1556 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 718.401802][T24088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 718.401820][T24088] Call Trace: [ 718.401829][T24088] [ 718.401840][T24088] dump_stack_lvl+0x16c/0x1f0 [ 718.401894][T24088] should_fail_ex+0x512/0x640 [ 718.401933][T24088] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 718.401978][T24088] should_failslab+0xc2/0x120 [ 718.402004][T24088] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 718.402040][T24088] ? __proc_create+0xc3/0x8c0 [ 718.402096][T24088] ? __proc_create+0x2ce/0x8c0 [ 718.402139][T24088] __proc_create+0x2ce/0x8c0 [ 718.402178][T24088] ? __pfx___proc_create+0x10/0x10 [ 718.402232][T24088] proc_create_reg+0x7d/0x180 [ 718.402258][T24088] proc_create_net_data+0x8e/0x1b0 [ 718.402285][T24088] ? __pfx_proc_create_net_data+0x10/0x10 [ 718.402320][T24088] ? __pfx_ip6mr_net_init+0x10/0x10 [ 718.402354][T24088] ip6mr_net_init+0x27d/0x4e0 [ 718.402389][T24088] ? __pfx_ip6mr_net_init+0x10/0x10 [ 718.402422][T24088] ops_init+0x1df/0x5f0 [ 718.402465][T24088] setup_net+0x1ff/0x510 [ 718.402502][T24088] ? lockdep_init_map_type+0x5c/0x280 [ 718.402538][T24088] ? __pfx_setup_net+0x10/0x10 [ 718.402580][T24088] ? debug_mutex_init+0x37/0x70 [ 718.402611][T24088] copy_net_ns+0x2a6/0x5f0 [ 718.402641][T24088] create_new_namespaces+0x3ea/0xa90 [ 718.402679][T24088] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 718.402714][T24088] ksys_unshare+0x45b/0xa40 [ 718.402749][T24088] ? __pfx_ksys_unshare+0x10/0x10 [ 718.402787][T24088] ? xfd_validate_state+0x61/0x180 [ 718.402832][T24088] __x64_sys_unshare+0x31/0x40 [ 718.402867][T24088] do_syscall_64+0xcd/0x490 [ 718.402917][T24088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.402941][T24088] RIP: 0033:0x7fc84858e929 [ 718.402964][T24088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 718.402989][T24088] RSP: 002b:00007fc8493ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 718.403014][T24088] RAX: ffffffffffffffda RBX: 00007fc8487b5fa0 RCX: 00007fc84858e929 [ 718.403032][T24088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 718.403048][T24088] RBP: 00007fc848610b39 R08: 0000000000000000 R09: 0000000000000000 [ 718.403064][T24088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 718.403079][T24088] R13: 0000000000000000 R14: 00007fc8487b5fa0 R15: 00007fffd8babf18 [ 718.403117][T24088] [ 719.388102][T24125] FAULT_INJECTION: forcing a failure. [ 719.388102][T24125] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 719.450674][T24125] CPU: 0 UID: 0 PID: 24125 Comm: syz.2.1561 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 719.450711][T24125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 719.450727][T24125] Call Trace: [ 719.450736][T24125] [ 719.450747][T24125] dump_stack_lvl+0x16c/0x1f0 [ 719.450789][T24125] should_fail_ex+0x512/0x640 [ 719.450837][T24125] _copy_to_user+0x32/0xd0 [ 719.450877][T24125] mousedev_read+0x3a9/0x7d0 [ 719.450915][T24125] ? __pfx_mousedev_read+0x10/0x10 [ 719.450947][T24125] ? __pfx_autoremove_wake_function+0x10/0x10 [ 719.450981][T24125] ? apparmor_file_permission+0x251/0x400 [ 719.451011][T24125] ? bpf_lsm_file_permission+0x9/0x10 [ 719.451038][T24125] ? security_file_permission+0x71/0x210 [ 719.451071][T24125] ? rw_verify_area+0xcf/0x680 [ 719.451104][T24125] ? __pfx_mousedev_read+0x10/0x10 [ 719.451132][T24125] vfs_readv+0x5c1/0x8b0 [ 719.451172][T24125] ? __pfx_vfs_readv+0x10/0x10 [ 719.451228][T24125] ? __fget_files+0x20e/0x3c0 [ 719.451264][T24125] ? __fget_files+0x180/0x3c0 [ 719.451304][T24125] ? do_readv+0x28c/0x340 [ 719.451332][T24125] do_readv+0x28c/0x340 [ 719.451364][T24125] ? __pfx_do_readv+0x10/0x10 [ 719.451405][T24125] do_syscall_64+0xcd/0x490 [ 719.451444][T24125] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 719.451470][T24125] RIP: 0033:0x7f42a4d8e929 [ 719.451490][T24125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 719.451514][T24125] RSP: 002b:00007f42a5b8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 719.451538][T24125] RAX: ffffffffffffffda RBX: 00007f42a4fb5fa0 RCX: 00007f42a4d8e929 [ 719.451555][T24125] RDX: 0000000000000001 RSI: 0000200000000a80 RDI: 0000000000000003 [ 719.451571][T24125] RBP: 00007f42a5b8e090 R08: 0000000000000000 R09: 0000000000000000 [ 719.451586][T24125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 719.451601][T24125] R13: 0000000000000000 R14: 00007f42a4fb5fa0 R15: 00007ffe68229868 [ 719.451634][T24125] [ 719.652317][ C0] vkms_vblank_simulate: vblank timer overrun [ 720.212823][T10279] Bluetooth: hci15: unexpected event 0x3e length: 1020 > 260 [ 720.212866][T10279] Bluetooth: hci15: unexpected subevent 0x01 length: 1019 > 18 [ 722.658742][T24265] Line length is too long: Should be less than 4094 [ 730.527237][ T31] INFO: task syz-executor:15771 blocked for more than 143 seconds. [ 730.535195][ T31] Not tainted 6.16.0-rc6-syzkaller #0 [ 730.541469][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 730.550537][ T31] task:syz-executor state:D stack:24104 pid:15771 tgid:15771 ppid:1 task_flags:0x400140 flags:0x00004004 [ 730.563156][ T31] Call Trace: [ 730.566471][ T31] [ 730.569562][ T31] __schedule+0x116a/0x5de0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 730.574116][ T31] ? __lock_acquire+0x622/0x1c90 [ 730.592375][ T31] ? __pfx___schedule+0x10/0x10 [ 730.597371][ T31] ? find_held_lock+0x2b/0x80 [ 730.602081][ T31] ? schedule+0x2d7/0x3a0 [ 730.606454][ T31] schedule+0xe7/0x3a0 [ 730.610800][ T31] schedule_preempt_disabled+0x13/0x30 [ 730.616302][ T31] __mutex_lock+0x6c7/0xb90 [ 730.625713][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 730.631330][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 730.636613][ T31] ? net_generic+0xea/0x2a0 [ 730.641274][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 730.646596][ T31] nfsd_shutdown_threads+0x5b/0xf0 [ 730.651864][ T31] nfsd_umount+0x48/0xe0 [ 730.656140][ T31] deactivate_locked_super+0xbe/0x1a0 [ 730.665470][ T31] deactivate_super+0xde/0x100 [ 730.671340][ T31] cleanup_mnt+0x225/0x450 [ 730.675820][ T31] task_work_run+0x150/0x240 [ 730.695964][ T31] ? __pfx_task_work_run+0x10/0x10 [ 730.701570][ T31] ? __pfx___x64_sys_umount+0x10/0x10 [ 730.707197][ T31] exit_to_user_mode_loop+0xeb/0x110 [ 730.712539][ T31] do_syscall_64+0x3f6/0x490 [ 730.717785][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 730.723722][ T31] RIP: 0033:0x7f321fb8fc57 [ 730.733095][ T31] RSP: 002b:00007ffef1a5fd18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 730.741675][ T31] RAX: 0000000000000000 RBX: 00007f321fc10925 RCX: 00007f321fb8fc57 [ 730.749718][ T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffef1a5fdd0 [ 730.757837][ T31] RBP: 00007ffef1a5fdd0 R08: 0000000000000000 R09: 0000000000000000 [ 730.765844][ T31] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffef1a60e60 [ 730.778813][ T31] R13: 00007f321fc10925 R14: 000000000008eb6e R15: 00007ffef1a60ea0 [ 730.802404][ T31] [ 730.805619][ T31] [ 730.805619][ T31] Showing all locks held in the system: [ 730.814410][ T31] 1 lock held by khungtaskd/31: [ 730.819370][ T31] #0: ffffffff8e5c4c80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 730.830021][ T31] 2 locks held by getty/5609: [ 730.834734][ T31] #0: ffff88814c9fd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 730.850688][ T31] #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 730.861046][ T31] 2 locks held by syz-executor/5835: [ 730.866357][ T31] 2 locks held by syz-executor/5844: [ 730.871751][ T31] #0: ffff8880296a40e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 730.902492][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 730.912384][ T31] 2 locks held by syz-executor/5849: [ 730.918404][ T31] #0: ffff8880796600e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 730.929647][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 730.939438][ T31] 2 locks held by syz-executor/5856: [ 730.944748][ T31] #0: ffff888048b380e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 730.960108][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 730.969885][ T31] 2 locks held by kworker/u10:33/9402: [ 730.975365][ T31] #0: ffff888022301948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 730.986162][ T31] #1: ffffc90004e17d10 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 731.019809][ T31] 2 locks held by syz.3.1283/15555: [ 731.025084][ T31] #0: ffffffff90408f90 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 731.033752][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 731.044803][ T31] 2 locks held by syz-executor/15771: [ 731.076231][ T31] #0: ffff888058a620e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.126462][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.136814][ T31] 2 locks held by syz-executor/16662: [ 731.136839][ T31] #0: ffff8880287bc0e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.136918][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.136982][ T31] 2 locks held by syz-executor/17063: [ 731.137008][ T31] #0: ffff888058a0c0e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.137086][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.137151][ T31] 2 locks held by syz-executor/17445: [ 731.137167][ T31] #0: ffff88807e3fc0e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.137243][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.137308][ T31] 2 locks held by syz-executor/17923: [ 731.137324][ T31] #0: ffff88807cf060e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.137401][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.137466][ T31] 2 locks held by syz-executor/18286: [ 731.137482][ T31] #0: ffff88803bcf40e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.137560][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.137625][ T31] 2 locks held by syz-executor/18743: [ 731.137641][ T31] #0: ffff88802564c0e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.137716][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.137779][ T31] 2 locks held by syz-executor/19051: [ 731.137794][ T31] #0: ffff888044a940e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.137869][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.137935][ T31] 2 locks held by syz-executor/19580: [ 731.137951][ T31] #0: ffff8880467fc0e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.138034][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.138099][ T31] 2 locks held by syz-executor/19953: [ 731.138114][ T31] #0: ffff88803bb0a0e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.138190][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.138257][ T31] 2 locks held by syz.5.1445/21529: [ 731.138273][ T31] #0: ffff88805baa60e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.138349][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.138413][ T31] 2 locks held by syz-executor/21561: [ 731.138429][ T31] #0: ffff888083f620e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.138507][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.138572][ T31] 2 locks held by syz-executor/22330: [ 731.138588][ T31] #0: ffff88806a4640e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.138666][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.138729][ T31] 2 locks held by syz-executor/22373: [ 731.138745][ T31] #0: ffff8880598e60e0 (&type->s_umount_key#53){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 731.138819][ T31] #1: ffffffff8e9de628 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 731.472027][ T31] [ 731.474377][ T31] ============================================= [ 731.474377][ T31] [ 731.483113][ T31] NMI backtrace for cpu 0 [ 731.483133][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 731.483157][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 731.483170][ T31] Call Trace: [ 731.483178][ T31] [ 731.483188][ T31] dump_stack_lvl+0x116/0x1f0 [ 731.483227][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 731.483257][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 731.483290][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 731.483322][ T31] watchdog+0xf70/0x12c0 [ 731.483363][ T31] ? __pfx_watchdog+0x10/0x10 [ 731.483394][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 731.483430][ T31] ? __kthread_parkme+0x19e/0x250 [ 731.483463][ T31] ? __pfx_watchdog+0x10/0x10 [ 731.483498][ T31] kthread+0x3c2/0x780 [ 731.483533][ T31] ? __pfx_kthread+0x10/0x10 [ 731.483570][ T31] ? rcu_is_watching+0x12/0xc0 [ 731.483597][ T31] ? __pfx_kthread+0x10/0x10 [ 731.483632][ T31] ret_from_fork+0x5d7/0x6f0 [ 731.483665][ T31] ? __pfx_kthread+0x10/0x10 [ 731.483698][ T31] ret_from_fork_asm+0x1a/0x30 [ 731.483749][ T31] [ 731.483758][ T31] Sending NMI from CPU 0 to CPUs 1: [ 731.612530][ C1] NMI backtrace for cpu 1 [ 731.612549][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 731.612578][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 731.612593][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 731.612632][ C1] Code: 1b 6f 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 97 25 00 fb f4 8c fb 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 731.612656][ C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c6 [ 731.612676][ C1] RAX: 0000000000596e95 RBX: 0000000000000001 RCX: ffffffff8b847c69 [ 731.612692][ C1] RDX: 0000000000000000 RSI: ffffffff8de2c764 RDI: ffffffff8c1578e0 [ 731.612708][ C1] RBP: ffffed1003cd7b40 R08: 0000000000000001 R09: ffffed10170a6645 [ 731.612725][ C1] R10: ffff8880b853322b R11: 0000000000000001 R12: 0000000000000001 [ 731.612740][ C1] R13: ffff88801e6bda00 R14: ffffffff90a9a150 R15: 0000000000000000 [ 731.612757][ C1] FS: 0000000000000000(0000) GS:ffff888124820000(0000) knlGS:0000000000000000 [ 731.612780][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 731.612797][ C1] CR2: 000055fca2763000 CR3: 0000000035a44000 CR4: 00000000003526f0 [ 731.612814][ C1] Call Trace: [ 731.612822][ C1] [ 731.612831][ C1] default_idle+0x13/0x20 [ 731.612854][ C1] default_idle_call+0x6d/0xb0 [ 731.612876][ C1] do_idle+0x391/0x510 [ 731.612905][ C1] ? __pfx_do_idle+0x10/0x10 [ 731.612931][ C1] ? trace_sched_exit_tp+0x31/0x130 [ 731.612993][ C1] cpu_startup_entry+0x4f/0x60 [ 731.613020][ C1] start_secondary+0x21d/0x2b0 [ 731.613051][ C1] ? __pfx_start_secondary+0x10/0x10 [ 731.613085][ C1] common_startup_64+0x13e/0x148 [ 731.613118][ C1] [ 731.613568][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 731.790934][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 731.801013][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 731.811078][ T31] Call Trace: [ 731.814360][ T31] [ 731.817300][ T31] dump_stack_lvl+0x3d/0x1f0 [ 731.821944][ T31] panic+0x71c/0x800 [ 731.825884][ T31] ? __pfx_panic+0x10/0x10 [ 731.830338][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 731.835747][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 731.841750][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 731.847146][ T31] ? watchdog+0xdda/0x12c0 [ 731.851579][ T31] ? watchdog+0xdcd/0x12c0 [ 731.856014][ T31] watchdog+0xdeb/0x12c0 [ 731.860278][ T31] ? __pfx_watchdog+0x10/0x10 [ 731.864976][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 731.870195][ T31] ? __kthread_parkme+0x19e/0x250 [ 731.875242][ T31] ? __pfx_watchdog+0x10/0x10 [ 731.879944][ T31] kthread+0x3c2/0x780 [ 731.884034][ T31] ? __pfx_kthread+0x10/0x10 [ 731.888639][ T31] ? rcu_is_watching+0x12/0xc0 [ 731.893415][ T31] ? __pfx_kthread+0x10/0x10 [ 731.898037][ T31] ret_from_fork+0x5d7/0x6f0 [ 731.902657][ T31] ? __pfx_kthread+0x10/0x10 [ 731.907277][ T31] ret_from_fork_asm+0x1a/0x30 [ 731.912086][ T31] [ 731.915480][ T31] Kernel Offset: disabled [ 731.919802][ T31] Rebooting in 86400 seconds..