last executing test programs: 2m47.681288937s ago: executing program 0 (id=693): shmget$auto(0x400, 0x1274, 0xa) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) mprotect$auto(0x1ffff000, 0x8007, 0x0) shmdt$auto(&(0x7f0000000000)=':-h!/-^@(\']@%]/\x00') openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x101a83, 0x0) shmdt$auto(&(0x7f0000000080)='!\x00') r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/irq/3/node\x00', 0x82340, 0x0) read$auto(r0, &(0x7f0000000040)='!\x00', 0x7) shmat$auto(0x0, &(0x7f0000000040)='-]*,[\x00', 0x8) 2m43.693336769s ago: executing program 0 (id=706): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8000, 0x0) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg1\x00', 0x10000, 0x0) read$auto_sg_fops_sg(r0, &(0x7f0000000280)=""/4096, 0x1000) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x803, 0x8000000000000000, 0x0) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0xc) close_range$auto(0x2, 0x8000, 0x0) 2m38.258769095s ago: executing program 0 (id=707): openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0\x00', 0x8080, 0x0) mmap$auto(0x3ff, 0x20009, 0x4000000000df, 0xeb3, 0x401, 0x8000) r0 = socket(0x2, 0x6, 0x0) listen$auto(0x3, 0x81) poll$auto(&(0x7f0000000100)={r0, 0x1, 0x5}, 0x3, 0x10000) shutdown$auto(0x200000003, 0x2) ioctl$auto(0x3, 0x80204d01, 0x38) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) read$auto_fault_around_bytes_fops_(0xffffffffffffffff, &(0x7f0000000080)=""/125, 0x7d) mknod$auto(&(0x7f0000000040)=':,\x00', 0xc9, 0xc8) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) r1 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r1, 0x0, 0x25, 0x0, 0xc) r2 = socket(0xa, 0x1, 0x84) futex$auto(0x0, 0x85, 0x6, 0x0, 0x0, 0x7fffffff) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) getsockopt$auto(r2, 0x0, 0x53, 0x0, &(0x7f0000000040)=0x3) 2m27.601204058s ago: executing program 0 (id=735): openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, 0x0, 0x9c0, 0x0) mmap$auto(0xb, 0x3cb, 0x582d, 0x9516, 0x7, 0x2) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/bond_slave_1/disable_policy\x00', 0x202, 0x0) write$auto(0x3, 0x0, 0x3f00) syz_genetlink_get_family_id$auto_netdev(&(0x7f00000002c0), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000005dc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200000c9}, 0x4000000) r1 = socket(0x1, 0x1, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x37, 0x5, 0x3) r3 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) write$auto(0x3, 0x0, 0xfdef) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r4, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003980)={&(0x7f0000003940)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="01032c0500"/14], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0xc4) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'}) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r4, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="655a130c17d5de6edee884b41e238676ace9b51c494a5ebe749e9f0419d124f018ef6ab81f45975bb6cef4ae9801bd1f1fe2ffa69b4a21d8e3a5bd9ec348142a64a4b461a3c9864e9a01969958ac43f465711ac3d992e8811fe9f13233e547864f064d3f59ece670811ae13a518f5a834a7a7de06eb99c5d82507cfc0651b2b5801676d7abeb1c8fd4c6474835d6146064cceccbac01c7ee297c2200117d03713a5e02b300d9d26016b1235e3609de4e59dc47a634887308dfe1adfa30acabe6e99e2255968fdfba9da9ba0a61286dee289459c79865ca45623ea3742ea84a727fef8f757a8542ee684d27ce0ea526b3a5e3cc51c42316cf35217810f0b1c38a8fc6148db9e733a74cf73ca43a8ad26660c4200c360a40ca98c0cbef561a3b26790ea7586d8519235059e96985eca90f17662b068dd5ee701c2eba0d9bd87f9f18e1fcbab8d602ad3456efd89d2699bddd337d247273c91bfe2686244b607803089eea9f7cf292cee54ab95b1f1bcf9fd4aed9ae138eb7f0d2308b7a813f58e15c13149bb0e31f8fb3d77b7092ea030c7ad559d39789b03a3c6eee0528e4df071e8bc991281d1e4e7ce94cb596826fbbfa29fed9259bcf1c5e0b94006f35efd4b7fc2ca549776265c0fc30d7eda0fcacee1b82927c3a92ba6666c848cd9dd860699a47c44beb7f8c315928771fc164949e6d9c83f43aaf634341fd99f70ba536d74c4e40fe8986c8e0af7c6b76e09e01dde264031b55eb90cd49a668c5f6e3193d88c8ff37296017a5eedaf579806e0f554e67d5e19082220a9265eb76757774ebf226640a31814d52fafc8e7445c12fdff4b667f183b47f276071d233a4dcfe17f04094f951e2a70382dba448d2d724edbeba34e9dab0076d844ed22c430be78f3f67f8f4aae96dbfc7de237c3e5f77c45cb9b0e5d1bc033471763eb9a71568b12e36fc9c1dd84a3bd30846b16bd84479384ea324119e3e376d1b7f9bde09bec1486958c50b0c51373f45e68fc9b93a4e34dc9b5fe6d5e4b53df93728a0557dc265f22d7d99ca6681adaefd1fe2fe3d2d5666f4c613daa908545a3af422339ff2a1209d5cc79bc61567a034a2d65afe131ef282c8729265aa8eaaac1822c6879f0038fa93fb1089398854079033e50cad974f6065016fc3564862089dc4f2eeffe5c3e15a247eeb6f316073909c291c57b743eb882101b66fcb0bed4038cf50f6f382704e242a00766304ac5d060b3dc338fd769f391c7a68cf7231be83f85032941628b903fd016056edd3bfd653234eba45f4cee31a069c79d479fbfbdd7758c0167286e77ef159244913655264f29b2f53a9706638d671c1f754a7296fe1e363d7ca95b6df8389f0c83b9a6a7ddd6d9bf77ce67cfbdf81c2b9c726e7aa154d63cf8c7e7e7589bb31ae8b222cacd0521b388ab72dd306d56fb3d7e1fee91cc8f6e88e11e5615793540af0bd64de2dc8f07a45382be4f9d1a9670f6a92aa11fb40c43cf92ad75261db65974d14ceb4a22293b53525b677f001d021a568944fa6f55c9a4ce58ea11c7fbf81ca0158915b9b68b81c0a88c22d6dcb587e36d30068a6f842740eeae165eb3781cdde39ad335af79dc63ab5f84a1dcbcaa3401f49c68b38349f0051c16943c5ebb12d924d9e9a6af8b83c250893c5426449364a3e15741f50264f316d01990849bebc2abd6c0f2708f53b67a551cbf67db842517ce3dbc34cfb530d3c594c663f267e4e5ca09d97c0a546bd4c07d8c3f57fa6510c1dd494ec27d0eabba65fe63605855f6f710714b45d3b81aafb3170673238945eff8918d5a78f780ed9ddb66442ba43635517990c9faf2499c4afd4a5cfc623a07632493f51457d1c38178ff7d923cdf945d8db2322cf0f8d8f5a138e37a29291199550114eff8c37249effef04a4a6c1a50ce923ae268f96f576b9b4a4fda04a337c38c480b7d09d29cda16e2fd935e61f5b28c0b4067394700f984fa49365d9ad6c548a99d6c3ef809e245cfe884ccde115ec9d360fc3a709cb4b62afa41c9133627cc41c3727953af439d3007253a2f65960a8712705a0380c8649818e0c20b1ee80762d203cdd0956775383c38015b5e051638517cd760ccb7e25c21ecf80f0b7c651c4a2471ea2f5ac83cbd2c9a0c762c962cf42d786357bd9e131e3fdb82f88799b9cdc2cdbcf4545d5ba972a2f8d5232883be066ead0d1325d8eb19c26c62ce22fc27e33ad8a8dea6f104ca4903b6daf30bb4d24fedef2deb5df83381a5c15645aa29858cabe3de635bae373e4ad511f073f220561a6d776e1edeec06fb88d9afb08107e22ebff677718832b693badc271f064b0a14690dc0c01d9ea3026e49822eb8c58d570d6a6e563724708fb412189b04f4db3f150c0cac492d7f3c23db03882c4b0df26c84d16630835782c9b1a98cfa4f95402054db809d373bc48ee9bd4b65b096b8b6f8e5328ba3b407aa88b47b0e21986fad5211a94a30c46a0ed14f163d6d836b9d1b63052556c6e1b5baf7e8de9aadbe3e559f5b91610df14e7b2efb100afd81f3dc5989d5ca169c757916fd603817ea6c5c2fd180c140e0b519e2ddb491cbf37361158dbdc0e3cc45eed87757fca3a854d8369156259c165cf59d600a508cb5ec428e43b3ef3aa2271c9c295244353fc2fa5186e4f42726ec526c797b830df3f5c3cb89b3051168751993aab2ca942d1c0a5363d3c23a19c84ed14b66d80e9b8d688b52fced330080208baf2fa19e8308364dd88f504619d4b5270893c877252f03fc46e6b547c00ac615e5f125ba556df7df214045369f565609a509f412221a4737c913eba931871af50db2af0797a24be32e78d94e9accf33251d73d299241f311fa3e170ed5b8c8b4b01277de102043366d46fe69fd0971fccb6b57fe4d01db959670db80739758f2417b7a1e8e4a6874627aa7c535748cdbe9012e18bd41e1946c09821c9ee5db52445a9bf298bb55cd477aa5dfff48aafb12abd9d6d3031d04e3bdf0221242e322919d82c3d4738a65ac738f622339c0c659ec2ff1298410560b0997fd0c5a04e62a7fea201b172baca6a3856174269815bb8deda33d0bb2fb683e2cc5e0f4bb5a961db6c5fdb978c673968e82f456d5caa534ac5d82516b91fc1fbdab1b3bc5391928f9e2e4ac8d22db22fda0c0a9ba8696fdd3447a5bd5696753f6e8e17b7d651ff014088b3feb075567c6fe177b0949adc34006050210922a52f968f2ace59e3756b27c3eae5eaf6b27ad5332b0cc40e0fb106a4aa501b976f0ae7133beb30ef71af0a81ea1dd6c22ddbc900f6d54a468020222d5872faaf0162ebf7fbe38f7ea1a998db60f638aee9cddfc2b7034f18fb1de078fa42e5ae29e418785aa3093d9bd599815389278a654cbf1709d71ee32ac9b04b7b0cd044b669a1be79c40be2692041a6d85b3f1d6cc4a78a2264ce29abc4bdd938c2cb95a778751b762ff1f7db8319608154254418dda4322e6922b64f6aa7ca24047bc7a52c130ba00e2ff2cf969ec207cb2f276f046e4977d983ea49c36ede8a87806d5d0345615ea3d55396182006074bf494d298e10a1304cb8dbe80eaf95e3bb3df4329ac77e3806a8695f61c31e4b5ff9118a99033da7d3ee220fcde79b42aa9586106f7d5df8c6b24206b575d8327422f9cc274dc799c86818eb2d22b255e9a6701e86ee172a5252571709a9d5116a5e13d954b97c72f08adf17443bdfb9115db8f5aba3b4e424e504079ffe37d2ea8ba1d1084e9107a70bff21ab9699f0ce38e981d53f88c99fc359bcbb194f20253f7ef33bcf80647839cf44aab16c5f1a200b68e8e95e7d78813d36aed488e94964240047769a525e01bb479f1499152a361241bffc96061923b8e7ba8ee02ca5e43ff9b4f46a7ad74ceb5cfa837030c2bdfc0eed433e9c53c2ae9ecc41f504551eba6b41b87cbdfff8e31704cf1c1360177779ef7f055c8ae2d692bdfc690eaa2ed482b59f1e4402bbed15ace42479ed4c18df35b43f02e0fd071be2b294186575c883b13027087f6da0155b2fd1adabdb86f0a508b9350ed8582cf3b862ad6d3f0e470c9e5910640025a72d1eabf5b394a10d325766620127e1919372da2e588c856648de54713515d02461da93398c518c50523bfd44169e16ffc9ca48675cf1169611e4acdd6e07c55bdf90907ecb2545ada2ab8dc95c525458d250c0cfda08bcd9550459936f08431b4e2e88a7443bf27597dd20cae637cf04dfa45d2b8dc08ade33208a07e45bc043ec723fad30f14aca159c90bb38fddeff6758093432a97a46878f697b8efe7efa6c5fde21bdaf9641bcf92b7bcd6db124ad0cd45e77b1a551bd12659777efe9710f604ca0cb148195b37faff1433fa546f1cd60d77c544c6fb3cd21d73195893e09db6b0c2f4b560cd9d71a645db8cf2215bb9480e6f8f51501564905fddac056cc899c2deb6161990e8ad66fc8dd5f876a3b69fbeed51f3a006fff3a402327bf792ec574c3ee9ce4e3a6d72b23772c959a4a1d176c762da39e19c5c5ac2f7944128c10220ddd0f9d84390eff3fc51edf05a4a20accdefeaa672f1e7e443b799884b219e21d92fe687d19e88e78630fd30975f16332e60cfab428d4c7c6d5596aab69a51b547742501dcbfa29cb3e088b6d3ba264dcbfe47699a5f108e4f84279a0c3b723543e02532fe5fce20ccc251dcef5491785e1bfddb8475b798d78b540493621fe8489f3554e43187ecb30c7a3ffff9ce294fb1e369a1dea774e3e9c9fda720e3385786329a2f2697599e02455800edfb02ae9a6a7c556850a5d30dfd3f121df04986e62e49416a2c3e8c47d7e532598465cbfe427381ccee91bb5e30c7b9eb5474807a454ee4f62e027574f1a620d473afa9c625e251aaf5688d39c77b57be7c8f2e366c2bc475ec49e044c6cfc85298d510c141c3bed59730f556c3beda19a65af6dec20f1cd812fa625cd0d1b6ee0726e93094736d18b2d94588771ad9caf8dc4cf465f36b17ceb55ddd52324e3d0f21c7b1d6444ba9968219099d81c0daa6d8a226d9722176f5d6b395124da7183812c1107675789796bea4fd7634c47ac8d43885747aae91231b14c8d84e49661bfcf0f683685d85b0cda8b84b4263f9ccde3efc533d32ad913751d2df3f7e3a640dd0fbefaa91c7de86418da90a55e209d5fb12b63a0e0c242780e657ce0c58046b64dc02ff709be2aa3c2457cde9fd6536ade559796d81e1218b0fce4d9ec6621ab846768121016a475b09548e5cd19767640994c253f7efd0f5805b22359fcdeb1f8087818f54d4caf5e6b18f698a314eec2a51297024d22406edcd66747ad893acea7fc90f107d142ddd5363bd0d3a450fb87fcee0dfcbea4c0ee21bbbab41c03e262d4790c77190adf21e7bf4515eecf1c0891ad53b9c92d406f9f7cce18774c88dcc4b64095b388d4d1d5d6f453a1242a7984814007f1ceea22d0e94daaef7350730b708fa0e9170ab738fe89b1c637016f75f28ff2264ad316e1efc8a4798dc8665ed9c423ce1bb796dec7af170a7eef52eed0a5fe8ab499369985ee75a67f1f8ee3aafc6a5fcb2d4eaeb302c404c0b9930e631f88795b7b76456c6b826b5e8904efb5814f5c40a550d756e81febaa1eae1a5a8b85b0849a061547c57d34502ce86e92aa49cc3ddf2bf6e3f25e954d24ec9c8ecbb936111cdcbe4e9edeffc4c2e9dd3f55eb58d8236b58652c8ef580df13963c03d12f2891e83743830bce40c359ad079d5485924138a39da383a70f7aa52f2bc7d1052d573c1e7ce8c276fae328347ef6c", @ANYBLOB="010027bd7000ffdbdf250a000000080001000100000008ffff00", @ANYRES32=r4, @ANYBLOB="0800010001000000"], 0x2c}, 0x1, 0x0, 0x0, 0xd0}, 0xc000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r5 = open(0x0, 0x14d27e, 0x72) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5f) copy_file_range$auto(r5, 0x0, r5, &(0x7f0000000080)=0x8, 0x2, 0x0) 2m23.083465338s ago: executing program 0 (id=736): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x940, 0x1fee0, 0x3, 0x6, 0x80000002, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x7, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, 0x1fe, 0x82) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = open$dir(&(0x7f0000000040)='./file0\x00', 0x8000, 0xad) r1 = getuid() setresuid$auto(0x0, r1, 0xee00) lstat$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)={0x4, 0xffffffff, 0x7fffffffffffffff, 0x4, 0xee01, 0xee01, 0x0, 0x81, 0xc60, 0x10001, 0x6, 0xf, 0x2e8, 0xa60, 0xff, 0x5, 0x9}) r3 = setfsgid$auto(0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xffffffffffffff7c, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYRES64=r4], 0x1c}, 0x1, 0x0, 0x0, 0xae31e9c9e702e50}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRES32=r5, @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) newfstatat$auto(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x7fff, 0x10000000, 0xd, 0xfffff447, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x79, 0xa, 0x29, 0xe, 0x6, 0x4, 0xfff, 0x918, 0x8}, 0x22e1) r7 = getgid() lstat$auto(&(0x7f0000000440)='./file0\x00', &(0x7f0000000540)={0xa, 0x1ff, 0x3, 0x5, 0x0, r7, 0x0, 0xfffffffffffffffa, 0x5, 0x200, 0x4, 0x2, 0x40000000800, 0x2, 0x6, 0x9e, 0x8}) lstat$auto(&(0x7f00000000c0)='./file0\x00', &(0x7f00000002c0)={0xfb8, 0x0, 0x202, 0xf1, r8, r7, 0x0, 0x40, 0x8, 0xa, 0x7e, 0x3, 0x915, 0x7, 0x5, 0x401, 0x2}) lstat$auto(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)={0x6, 0x6, 0xd6d, 0x400, r6, r7, 0x0, 0x0, 0x6, 0xe, 0x0, 0x3d6b71cd, 0x0, 0x2, 0x2, 0xd, 0xffffffff8a7abdad}) setresgid$auto(r2, r3, r7) newfstatat$auto(r0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000380)={0x1, 0x100, 0x1, 0x0, r1, r7, 0x0, 0x76, 0x29, 0x3, 0xfb52, 0x0, 0x6, 0x5, 0x8, 0xfffffffffffffffe, 0xdef}, 0x51) r9 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) setresgid$auto(0xffffffffffffffff, 0x28000000000000, 0x7) sendmmsg$auto(r9, &(0x7f0000000200)={{0x0, 0x2000000, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r10 = syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) r11 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x3c, r10, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @u32=0x2}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) 2m14.584361143s ago: executing program 0 (id=758): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) r2 = socket(0xa, 0x2, 0x88) r3 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/beacon_timeout\x00', 0x8000, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r3, 0x0, 0x0) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_map_fd=r1}, 0xa3) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000000280)=ANY=[@ANYRES16=r4, @ANYBLOB="14000000", @ANYBLOB='\v', @ANYRESDEC=r2], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x20000850) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) fstat$auto(r5, &(0x7f0000000a40)={0x4, 0x7, 0x8, 0xfffffff9, 0xee01, 0xee01, 0x0, 0x35, 0x3, 0x2, 0x800, 0x8000000000000001, 0x9, 0xb5, 0x10, 0x9fb, 0x3}) read$auto(r0, &(0x7f0000000180)='nl80211\x00', 0xbe62) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/pci/devices\x00', 0x8080, 0x0) read$auto_proc_iter_file_ops_compat_inode(r7, &(0x7f0000000180), 0x0) unshare$auto(0x40000080) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x2c, r9, 0x1, 0x70bd27, 0x25dfdc01, {}, [@ETHTOOL_A_PLCA_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24008081}, 0x4000004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vkms/graphics/fb0/rotate\x00', 0x141c01, 0x0) socket(0x10, 0x3, 0x6) ioctl$auto(0x3, 0x8070ae9f, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x3, 0x0, &(0x7f0000000280)=0x6) exit$auto(0x2) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 1m54.923638329s ago: executing program 32 (id=758): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) r2 = socket(0xa, 0x2, 0x88) r3 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/netdev:wlan0/beacon_timeout\x00', 0x8000, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r3, 0x0, 0x0) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_map_fd=r1}, 0xa3) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000000280)=ANY=[@ANYRES16=r4, @ANYBLOB="14000000", @ANYBLOB='\v', @ANYRESDEC=r2], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x20000850) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) fstat$auto(r5, &(0x7f0000000a40)={0x4, 0x7, 0x8, 0xfffffff9, 0xee01, 0xee01, 0x0, 0x35, 0x3, 0x2, 0x800, 0x8000000000000001, 0x9, 0xb5, 0x10, 0x9fb, 0x3}) read$auto(r0, &(0x7f0000000180)='nl80211\x00', 0xbe62) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/pci/devices\x00', 0x8080, 0x0) read$auto_proc_iter_file_ops_compat_inode(r7, &(0x7f0000000180), 0x0) unshare$auto(0x40000080) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x2c, r9, 0x1, 0x70bd27, 0x25dfdc01, {}, [@ETHTOOL_A_PLCA_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24008081}, 0x4000004) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vkms/graphics/fb0/rotate\x00', 0x141c01, 0x0) socket(0x10, 0x3, 0x6) ioctl$auto(0x3, 0x8070ae9f, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) timer_create$auto(0x3, 0x0, &(0x7f0000000280)=0x6) exit$auto(0x2) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xf, 0x10007}, {0x9}}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 12.656926554s ago: executing program 2 (id=1133): r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/mm/ksm/full_scans\x00', 0x103280, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x4040, 0x75) socket(0xa, 0x2, 0x3a) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000340)={0x80, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@HWSIM_ATTR_ADDR_TRANSMITTER={0x61, 0x2, "d985676638e0dfd36e2094dc1619653f003c46a07abfa3909c5c03852f4f6506304f7964d9eb47b08e35922533315871b53819dcdb8269bc08b18b603c59346b3f9598cf04531958ce6cf4297a9a5e92efb2c5858c3e51c11f064f641f"}, @HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x6}]}, 0x80}, 0x1, 0x0, 0x0, 0x4040014}, 0x4010) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(0xca, 0x0, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000005c0)={0x14, r0, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000060}, 0x0) bind$auto(r1, 0x0, 0xfffffffa) getpeername$auto(0x3, 0x0, 0x0) setrlimit$auto(0x0, &(0x7f0000000000)={0x0, 0x3ff}) unshare$auto(0x20000080) setitimer$auto(0x2, &(0x7f0000000040)={{0x0, 0x5}, {0x0, 0x8}}, 0x0) unshare$auto(0x40000080) 12.337747818s ago: executing program 3 (id=1135): openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x80001, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio1\x00', 0x20342, 0x0) unshare$auto(0x40000080) socket(0x11, 0x3, 0x9) unshare$auto(0x4) ioctl$auto_USB_RAW_IOCTL_INIT(0xffffffffffffffff, 0x41015500, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x7ffc) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ioctl$auto_media_devnode_fops_mc_devnode(r0, 0x2e, &(0x7f0000000040)="d2d4136f8ebf1ca868defb8118eb544c2b118064e9f3d37e1f8bb79e13f94dd87e4b1cb793f43889e6e3c30c446c3ae359c395124d2f2cabc15e230902746804e34676292898c4666de8d72f5c1a700ada383d2f64dead9b72ba40397f09f04f59f33c492f05295fc7b11903f75d93e0b6f47462e7f2b58c67eed215aed995f109674ff62ed3ca2c2f2f6e42abda5a0109d2220cf860739883a0c043758df465b7e035ee8c0b8dda009aeb36b707f2c70678f8890caa3f29dea48af4931bb0f298c5614ed5d828a85029e1") write$auto(0x3, 0x0, 0xfffffdef) 11.854560133s ago: executing program 3 (id=1137): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x149) fanotify_init$auto(0x5, 0x2000000000002) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) pidfd_open$auto(0x1, 0x0) ioctl$auto(0x1, 0x890b, 0x8) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) pidfd_getfd$auto(0x3, 0x1, 0x100000000) bpf$auto(0x1, &(0x7f0000000040)=@bpf_attr_5={@target_fd=r0, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x0, &(0x7f00000000c0)=@link_update={0xa, @new_map_fd=0xffffffffffffffff, 0x100}, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@bpf_attr_1={r1, 0xbb8, @value, 0x100000003}, 0xcd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) fanotify_init$auto(0x3, 0x2010000000000) sysfs$auto(0x2, 0x1e, 0x0) fsopen$auto(0x0, 0x1) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) socket(0x840000000002, 0x3, 0xff) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, 0x0, 0x55) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) read$auto(0xffffffffffffffff, &(0x7f0000000000)=',}`}($\x00', 0x9) 11.747158833s ago: executing program 2 (id=1138): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = getpgid$auto(0x0) move_pages$auto(r0, 0x6, &(0x7f0000000040)=&(0x7f0000000000)="155be66beeb4c20164451528a1a1e3fd7013eadb184ee9ac3077524e19c703cf96ab8f812862021d3d883888b7f2ca5f58a39d4b0143", &(0x7f0000000080)=0x3, &(0x7f00000000c0)=0xf, 0x1) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000080)={0x0, r2, r1, 0x401}) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(r3, 0x7a4, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) futex_waitv$auto(&(0x7f0000000100)={0x8, 0x25d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) r4 = io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x6, 0x1, 0x401, 0x7, 0x1005, 0x6, 0x7, [0x4, 0x2e9, 0x8], {0x0, 0x1, 0x8, 0xa, 0x5, 0x100005, 0x1, 0xfffffffc, 0x7}, {0x4000004, 0xfff, 0xffff7fff, 0x2, 0x8, 0x200, 0x3, 0x0, 0x3}}) madvise$auto(0x108000, 0x800034, 0x9) ioctl$auto_TCSBRKP(r4, 0x5425, 0x0) bpf$auto(0xb, 0x0, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) socket(0x26, 0x80805, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x10009b72, 0x7, 0x28000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_POST(r5, 0x5008, 0x9) ioctl$auto(0x3, 0xff01, 0x0) 10.919496575s ago: executing program 3 (id=1143): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x800, 0xffffffff) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, 0x0, 0x5, 0x20000000) socket(0x18, 0x5, 0x2) r1 = syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x2, r1, 0xfffffbfffffffff8, 0xd79) wait4$auto(r1, 0x0, 0x3, 0x0) mmap$auto(0xdb1, 0x6, 0xffffffffffffffef, 0x8000000000010, 0xffffffffffffffff, 0x8001) unshare$auto(0x40000080) openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000140), 0x141002, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x101000, 0x0) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) lchown$auto(&(0x7f0000000000)='.\x00', 0x0, 0x6) read$auto(r2, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) io_uring_setup$auto(0xfffffffb, 0x0) r3 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="41004bbd7000fbdbdf250a000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) open(&(0x7f0000000000)='./file0\x00', 0xa61c2, 0x84) bind$auto(0x3, 0x0, 0x6b) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) write$auto(r3, 0x0, 0x62f) r4 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/uprobe_events\x00', 0x101000, 0x0) fallocate$auto(r4, 0x0, 0xd, 0x2) socket(0x25, 0x2, 0xfffffffd) close_range$auto(0x2, 0x8, 0x0) 8.316475409s ago: executing program 1 (id=1152): sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/block/nbd9/queue/physical_block_size\x00', 0x80800, 0x0) (async) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) semctl$auto(0x4, 0xa4, 0x5, 0x400) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000) (async) move_pages$auto(0x0, 0xd0, 0x0, &(0x7f0000000280), 0x0, 0x2) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) (async) io_uring_setup$auto(0x6, 0x0) (async) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) (async) connect$auto(0x3, 0x0, 0x55) (async) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) (async) readv$auto(0x3, &(0x7f0000000040)={0x0, 0xffff}, 0x1) r1 = socket(0x10, 0x2, 0x4) sendmsg$auto_SEG6_CMD_SETHMAC(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="408d8da019da4389c02916a6010025bd7000fcdbdf25010000000800030001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40012}, 0x24000090) (async) execve$auto(&(0x7f0000000340)='./file0\x00', &(0x7f00000003c0)=&(0x7f0000000380)='nl80211\x00', &(0x7f0000000440)=&(0x7f0000000400)='wlan1\x00') write$auto(0x1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) (async) r2 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0xd, 0x0, 0x4}, 0x800009}, 0x5, 0x20000000) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x100007}, 0x31cd3c7c, 0xb1) (async) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001100)={'syz_tun\x00'}) connect$auto(r2, &(0x7f00000000c0)=@generic={0x5, "f562119237f5221d7a7ddea21751"}, 0xe) (async) close_range$auto(r0, r0, 0xc8a) (async) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000180), 0xffffffffffffffff) 7.549042517s ago: executing program 1 (id=1154): socket(0x10, 0x2, 0x2) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000001c0), 0xffffffffffffffff) socket(0xa, 0x3, 0x100) socket(0xa, 0x2, 0x88) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/nr_hugepages\x00', 0x642, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x6, 0x2) epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd) epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x7ffd, 0x12) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f00000000c0)={0x1, 0x6, 0x4}) ioctl$auto(0xffffffffffffffff, 0x5609, 0xffffffffffffffff) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2) epoll_ctl$auto(0x5, 0x1, 0xffffffffffffffff, 0x0) 7.410579912s ago: executing program 4 (id=1155): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r0 = open(0x0, 0x400, 0x1e) mmap$auto(0x0, 0x5, 0x5c, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x1000) lseek$auto(0x3, 0x10000, 0x9345) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setns(0xffffffffffffffff, 0x0) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) r1 = socket(0xa, 0x2, 0x73) write$auto_msr_fops_msr(r0, 0x0, 0x0) getsockname$auto(r1, &(0x7f0000000240), &(0x7f0000000280)=0xaea) fcntl$auto(0x0, 0x407, 0x100000) mlockall$auto(0x7) mmap$auto(0x100000000000000, 0x200004, 0x4000000000df, 0x40eb2, r1, 0x7ff) memfd_create$auto(&(0x7f0000000000)='A\x00\x00\x00\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\f\x00\x00\v\x00E\xdb\x81\xd9\xd8\xe640\xc6\xa4Sr\x82\xcc\"K\xe1IIT\x00\x00\x00', 0xe) rseq$auto(0x0, 0x8000, 0x0, 0x6) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/clear_refs\x00', 0x404241, 0x0) mknod$auto(&(0x7f0000000080)=':,\x00', 0xcc, 0x8) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) socket(0x2c, 0x80000, 0x20000009) r2 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r2, &(0x7f0000000200)='\x00', 0x0, &(0x7f0000000100)=&(0x7f00000000c0)='\\\x00', 0x1000) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) 7.362540178s ago: executing program 2 (id=1156): ioperm$auto(0x7, 0x6, 0x2) ioperm$auto(0x162, 0x6, 0xfffffff2) munmap$auto(0x1000000, 0x2000000c) madvise$auto(0x0, 0xffffffffffff0001, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='X'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mlockall$auto(0x3) ioperm$auto(0x7, 0x6, 0x2) (async) ioperm$auto(0x162, 0x6, 0xfffffff2) (async) munmap$auto(0x1000000, 0x2000000c) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x9) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) socket(0x10, 0x2, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='X'], 0x1ac}}, 0x40000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) mlockall$auto(0x3) (async) 7.049517321s ago: executing program 3 (id=1157): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x20000080) r0 = openat$auto_ptdump_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) connect$auto(r0, &(0x7f0000000100)=@l2tp={0x2, 0x0, @private=0xa010100, 0xffffffff}, 0xfffffffe) r1 = socket(0x21, 0x1, 0xc) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'syzkaller0\x00'}) open(&(0x7f00000000c0)='./cgroup.cpu/cgroup.procs\x00', 0x4242, 0xe1d2b27bdc14aabc) mmap$auto(0x6, 0x8, 0xdb, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x87df96c880e6862c, 0x0) r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0xc0842, 0x95) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/bridge_slave_0/gc_stale_time\x00', 0x169282, 0x0) sendfile$auto(r3, r4, 0x0, 0x7) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/phonet\x00', 0x8000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xc008ae09, 0x0) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000001140), 0xa0100, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60301, 0x0) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x1) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x40) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/aoe/err/uevent\x00', 0x381340, 0x0) sendfile$auto(r6, r6, 0x0, 0x3) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x2) brk$auto(0x7) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0xffffffff, 0x10000000000002d, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 5.930673722s ago: executing program 1 (id=1158): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x904, 0x5, 0xfffffffffffffffc, 0x9b72, 0xc76, 0x4008000) ioctl$auto_TIOCSTI2(0xffffffffffffffff, 0x5412, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0xfffffffffffffffd, 0x9, 0x2) syz_clone3(&(0x7f0000000200)={0x182000080, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0}, 0x58) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) r0 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mprotect$auto(0x1ffff000, 0x7ffffffffffffffe, 0x4) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x2, 0xdf, 0x9b72, 0x5, 0xffffffffffffffff) connect$auto(0x3, &(0x7f0000000140), 0x55) madvise$auto(0x1, 0x77bd, 0x3) r1 = openat$auto_fake_panic_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x1}, 0x3b9) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) madvise$auto(0x5, 0x10001, 0x80) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm1p/sub0/info\x00', 0x101c00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x88) mincore$auto(0x9, 0x8003, 0x0) setsockopt$auto(0x3, 0x0, 0x4, 0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) 1.917165575s ago: executing program 1 (id=1159): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="2f212abd7000fcdbdf252100000008000300", @ANYRES32=r1, @ANYBLOB="d5"], 0x1c}}, 0x4000000) mmap$auto(0xffffffffffffffff, 0x8, 0x72, 0x8b72, 0x2, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r2) sendmsg$auto_ETHTOOL_MSG_FEC_GET(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="11f8c25de65fed24c4a863c4ebeba3662ce051581a493c"], 0x20}, 0x1, 0x0, 0x0, 0x4010}, 0x800) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x62240, 0x0) execveat$auto(r4, &(0x7f0000000200)='\x00', 0x0, 0x0, 0x1000) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r2) sendmsg$auto_NL80211_CMD_GET_COALESCE(r4, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000540)={0x11dc, r5, 0x20, 0x70bd28, 0x25dfdbff, {}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x130, 0x2c, 0x0, 0x1, [@typed={0x8, 0xd2, 0x0, 0x0, @u32=0x800}, @nested={0x11e, 0x97, 0x0, 0x1, [@nested={0x4, 0xb5}, @generic="6676fdddd47de1e847bbd08e0c3b73e8c20e78033302d86825cc7d81f1519808fd7612068ee414fbfe56d33ab2460fe7b91194d1a11f4c18bc715f799764c4aaea6a33689e2ca5755353a3e2a106af7672910a52e88d509dbbebe98e1dfcd34b513cfea1dd99c083c7e5eef71c67d9d2465b67d4a6cd23ad6b8975de7d95c2f640ca4e1421ffafc333c838b42730de08", @typed={0x8, 0x12, 0x0, 0x0, @ipv4=@broadcast}, @nested={0x4, 0x2f}, @nested={0x4, 0xae}, @nested={0x4, 0x8d}, @generic="0206caffd6ad5c35bdc36746bf3b2572d0e0e3418c4adada50fece28d840d1f20090a259b8322876fae52d8c515212423d123c9fed15b988bb6a2b14c4db4bbc01075b15b56368655cf6c4d0a8bbdbe1234a3bf1b6ec4a028e7604cc6eb34a415cf171cc333de2774b0cbe167e52cf0de0d7"]}, @typed={0x4, 0xc9}]}, @NL80211_ATTR_COLOR_CHANGE_COUNT={0x5, 0x12f, 0x32}, @NL80211_ATTR_STA_AID={0x6, 0x10, 0x7fff}, @NL80211_ATTR_MESH_ID={0x10, 0x18, "f571d0d3dc9f1fccc24e123b"}, @NL80211_ATTR_HT_CAPABILITY={0x1004, 0x1f, "e817d5a0b1b7fb3c05ca9ed0fe959a4dadda793d0306e15949dbe3a656a51392f3486fa5426d89cd0a9ae7f02e138c6493526eef434e7077e522b2ec53fe777c047c633649b08c8585187cd98da90d0b964fc09e2c9183aa85bfd52257808b784b183a66854a969f4bfadf5a1fea46381fe8ec4ce2c40ff44fdba826c0beeaab76906803decfd8f6ea4f4d0f2065ba11303ffdde5ea36dc4a15f94cff0dad7b7fa15d086f395122c8fe11a7819d5e937125e417605c938bd1a9dd7602b47d79faf75e47b0b4a4e0bf1afa6330e5b930f95cfe57f56a22e51a0bae9db74f9da8ee6b07060b5884f316d5567492adc87b981c411efc8680f799f527cf8578099b77f49d70fa1f835e71a90bdf281a9b81aebfa1d6384c5b2f993d80451170d7c545e42ab1a5d501e9dcba8557b0b1b50fefd26b00ed2e8e3dc20ad7c88f7dd8afff69ea5567c93eb2c63ceb0d0e8264ac8b9021e40d00933546a740f9840677c5466fd23676c503fee34fa9d53b81977cc429a2d5b66350eca6783af068bfdf226fd4c836530da5cf23e7d6acd014747983314b1d486c20cb787b6e29f39bb189ab06293012b1c143c1181b203cc63dcde82faeb7de22952d694d6a1569d8ba5ca1a54ea8c50e01a368b427518321e476842092d17a4814533397e01f8465199a54c34bcfa38de5d997cb57fc52730fae1eafb66d4c81be545f63efd23240bffd2f4727bfe3acbf6867e6cc12f4398dc8a294c7d14f1194342a5310f10c28f89909d0e584d373840e7bfa6f8247603276ef521b3ac754d04313265af8e725e2617321871373604cc65ca0dca8939ec4e5bd2d23dc4233fe2fe6764ffc080059c32df8ea2cff8cb46391e09450d2edab4292edf3a276d4daa88ca17a1f4f9cbac6a14b2406fc8ef0218654f73dd1a176286796b3cc6b4a1514114f06abecb78c34b15964bfa85134792cf048f6f4947c6aeea7001c093afc699fbe6a3098458db28f7bc6170c879c89dd07330c140e4c4c5b306a1cd5160d46912346836d61dcabef8ab0d0ce67c773083868e215e0062c9e44a131b9ea5a3fff811846f9ffee8f5f7ba815969da47752710b616f90e42123036e981c77288102356cded771a388cff0ec7885f402535f14c641e6b559f1f60828eaeef6689e1a1a8816c1d50920d1f66826934c47f72869aafd96afa17a7dc44083a9f467d6cb74605220ad3a4cea4a9e2dfbd5827fc8e2456806a3920882dfdf22795aac5d911225b5c1bab2e126bd9fa97778ceb75312092ac1049c9a991c4c11258accc23c6e2d76bbaa41659241ec2b85aa0cdb50fc5c152e416417c4e33d71b04b867b206de9ccfd6c69b2dab0dd76d11d29efb94993a5b23fc241ec22418c8a5d64430217f7abbbf330bc112376cd1a8ad5312e77d016a7d1eb6fdd2a97f93cef333fee66526c7dd769b122b784c3f37b3e2b581ab1551d27bdd6befe2376483bcb0dc4bc86654a29ed95d671bc23962e1a91353996e000bbe827a952d256b0aa4745eb3f345ab6f04fbeb541d7dc68d4dff0596216da99d18327c09853b4a84190a75b184bed4e46acc0b1a5742420595ccfcd8787549bbe65dcd1a22bed4f9009acd2d9e341910f4cabd96854a295fd591847f0a47d25f421a24341f866fe57cbd1edbe0ae050a3661fcc203fbf71625119630906b105809ffe82c62e3e5f83c9e34190e8542588148210bf103cfe64bf185bc4beccbaa8aefc90de53545bbbc5a6812358e3327d06638d00294e1b7a8eea97f955d94d322b9842c4efe2172f9ee6803513bcde3416acb931da405a61685020376d4700fa32485832d39dfeefe4ddd9b24b599a9aea3d428505300de4c5a814f7c89a73867638d6408e8149a364abb47bccf451dd57d7b25a2390ce882d4f8e44114a3abd1cee03667391c6c314df8171b900ca7850d29368bdfa525cc8e3186679bb7e3277dfd4103d90ab48da6f052a665ec63f3725ddbe2ab1e151e358c1992bca06eb0132b4024343a8fe9b6332d01776423f150398bb688ba3464ef44b98bba19ff21de3e40ca3d9b3e9491c8dd36b375e3fcd7a4920e41a03d1f392d59708ff07c7909751efd18987aac2503a818a80876d99d5ba3077dacd1a6328b89a5e19e7df17af8fd9115ec8d84cbb48b57001838e97bdea2ef0758c140affe2dc5a420e324beb8ff6b39a9bd0ec98ce1a046ab36aad1cf935b9a4ab28cf9e177d680d995cecc66f94018f9d6227c7c01c93748da432875c4d1da90c1ed49323848264d63d3d34f25a53508ff1b81bb5d0a09f11946e4fa5982a671cf4ee6cea42c6c638885f0fc0c6ef06262d6a8daf9edbb3d56bd85e418043d3beb5ea0f98ac0a671abe66e088a014eb5c2897ce97f5e3d2ca56a9c6749bdebc2878fee4d549aaa147c556e59bfc7010dd43ed9a0c877609f83cc2df895830d43300a906a41537f6e5c41caf2c651e33aa1d8ec67cb8d89a0e44636a0fb6926786e0c30a40eefea074b90fed27a297762298fc40d6c37abebd4deed3cfbf9892b119e1bfc45f767582137d2a84085d4ff955f75c80db307fda12b45c9a9023a1ff5af9485d8ce6bf0362573deb5c8a055070cf50c160609a7a9fc079d688d21d0a1c4cbfc115e5d0a6a94c755c4c3f24d8ab0564d837415098fcd9f676dcaaadc1e841e8432327a18953dcb68279261956f1c2c82f359c616112c5a184d5f6eceafbc57f8568394f4a4b94ae9ed0118d772361ae8b55a06c347296294aac30d36379782602b9301e9fd734ad2ce82d957f4d5870668e5a7529a8a7fa5e49e6c26da63705f08632f43c700c96ffc6f8dc2d0d6fbe210a740e362cf9ea6d4716ff859d76406fa882ef750f77276c530a3b661243f5ea685540df99bca8a8903e4acc618d37d992650aa0db21d2e073994c7c0a367f833f86d4b55f9dc65b68226121fce8dce389ca38376aaa164c7c29bb4cc1ab33c9d80d7e2cad38116e6327472fc39987eb1f7a4879823f5042e7d7aaf556d795753127696f4e6736a44cb1bb38d39ae83122894f92e4d869ed2a67368ebe710002478deb1c3660d5fc3c2dd132169fea45873325ce4de925359665845f12b3958c18ecb6f37cd2f0fbbc792dac5bb685330dca869971a788739e0cb0c52b853df6b34851b30e26da35475f3a9a6daa32b32d54830d88b868b14d401cffc833e6a4cc4a185014ce5e27439aa792071d085a3b618eccad0d829a722273281d5c0e46437b4d361ec5fbb34b0f22a45507194f9519ad16367f489518a11b9eba0b89bf5f9c5d4773babb3b1157cc5d1510da94cb267ca8d1feba2b69abdc7eb0b36595cc13d87caad4b9dcdee3a09c0fdbfc12c88872273c8a6fc405e959e01c04705b55ce379668660f0feb7a98c4e706abf4ebb6a98cec68eb3f019cbb0130202bb361925362474172fa10dc668187f6de8cf8f6914d63645c2276417e420177514aa621adc58eb7bfbe17a37fa0abd284ab71f993603ff22f4d2ad141c8a1c09ecc746e637373681e651e4bdea91713d8512e64d1a58fc4a9535b60a63c6d25d9785f8eb5a5c32a3d4eb83a2b08c547b94ede1b8453f4c36d2e38c111caf3a5986e0a97a5f152c6582ecb4595fca0436ec786621b247acbe2d3d0e08e6ffcc56da7aa0a4345be20dd828beb1ec1c5b00c1ff253d8cd541aaa7223fd74d9ccd331e508c96c9992bc5c0142692169e501230e18ab98d7f3c2310cd70a49c2e005b6546819581bd3d522fff250b5cb6d53ee02b0607f12c83b4672a927e6a2fb5699db7bc07c091aa2b4535162bea7fa0d13a58d99d9ce1c6d8dff23dc19283cbbc0b68a67133e8584d2cf59cd7131db995270c4feab3004df0aa795c2a8c6783147c5c2db58d1c766967c0ee61a256399f1b155c3f1485bdd5548dc54da8d2a17261fef0971081665b0e5713c92cccc477b60ab754d039ef86fd3b43c894dcc5ac3d22b950ef136f5cf19a7667d7d8188d89628813117a8eb49e63b8c0ac181ee3a220fd815194b44f12a331b7afc1a3f888afc3d17cbfe26e21ad2a8dad6f5ac64d85a0aa3fd9ba241ee0ccb8f8bf6c53d7d46878609a71546ce33c5914eb5f347768965e1b7adef758c1bf9be9eca09554b7e052f9e8b1c7a4ba11def6fc6f7134daf1db7f2dd836667da75750bb3d5fb54f1f8694df7d4ce2dff2de17f6b5f92dfb966167492c63a5cd2d478290428de993f0c8e5fc8e548e8a8b3ad9d464be4b84f0c8503a603eee6122e878fdd1436338c7c58354ab2a5a808b9f74a558f4d6353a9264889ded7761542e6528408a41f067046e47c72982736ff7ea4341d921192593adbbb4ea6778723ed251050f635cbcef54ef35632f9faf92f1f3e10555d049bf4a48fc75068321a3511d55a3f6886e18da4edf4a85c8ae947e821e3a7d819b1d2daf63b759a450db1901ebefb32e3de6ea8b0f8d08abf2e9683318f333804fc88e8dfff441203c9c2418214baddd8948a5c7380c3566caa69bb6427a10f55c15aedbf68af0626bfdfb52fd307059187eb0c0d77f58a554f5f41eee5caf42e6e91fc0a43e610971087c6708e5dbb7b523e1a36c3d301671c97583eba8d36a297186224ebe54b396e7f1ae1345ea528be1f5d3efc86880e08c182e666efb1f3f87572d80f16070ac761f1576934db0d3d6732a617ce0b523e7b131e44bf3e8629aedc695f31e1e4a8314a4d969e57003d993faab5e63c3a2ffa55665826b9111490ccb589d231d0051e92a93fd1ab10f5d45081e5002cbd0c976f38fb6a1e6207f9a41a9eea19892db6142f9d54535d56b571d3560f29d6de4b8deae28126c7f2df959e701277e12c9c181c1a256bc9361431c419e58fae1e8b442fbc46caa5fdbdd5a164bb0661d79673eaecb2ad3c6d8d5914a17371af0196d56184ab5100457576ae4f660255e4db46071c63118bb4684911511219e6285f4dc9b7f4d7115d09ebf9bc5fef0b15ab51619405fb4bd225a37eaf37965918ce3601f481fdc2d0b0ecd0a554510d83148568d1bbe1aa5d366d47a63d0534ec36cd40ea38fe3113a209f8e07490dfca577f3becddfe3b047967b1b237ea9592357796324edd5395313f4399ac086ac1afc779ac8ba3356959eb8f5b21eafbd74f6421f6933554373e6e2f696b157fa36f1b67ed0a709eb8ec7626a2c61108f7d1ea31b1bee6ac983270b079dd865db4035bdee1284ce5cd41c2fbc16a0d61004bda38616729f7cdea940914721799e33060ae6f24cdbc33a2abca49b145efb9bfc86792c4cc5f1f4873848a4bc87f50a1b5845cc79f3f6eee367f7eca2520ec680cc54a54680e149d3848656315e3a869e1628485dd7b9bb97d6ccd02bc9964c10f7902936bbca6bfe50c2da55e5638cdfe1918fa2375bddcce64d62fb9a05cd5036b23c5da403c4930b12db6c425ccb2b75bae95b4407f3de8dddbf1dbad67229639c92370955366ae53a6fd615914ad26bbe4e7679b72f2702bca21ba113c44962e695e8fabaaec21ea95623cb25dc896cd56c19072cb79e485ed64cd43eac68d60271b80aa3d8555c56894bac93a421f80c018cf2435d7dd36a6b617a6581979b3f5aa39618699f75cce034a028fa2f50a1a0c782fdc1e6c8909413f243142795c188d86d5a5e7bd3ab4533a6395cdef55cbe6122314811bc993b42296bade9c9805739f920ef47ca681e6ab51cd048416faa61dae124651522de511347eec999da94f3bdb39615ae227c374943fe8bbfc3bafcfd949ffc4968f9f546fed0e3f82c469fa68fb247b0ddad88"}, @NL80211_ATTR_SCAN_FREQ_KHZ={0x6d, 0x124, 0x0, 0x1, [@generic="19eb8856a81c3479cfc850a8c6f4085a7114a5b27952dcafcf158b8842a3fc47f42baf6e54d8b4d568a275abf1b4de2aa384c6fd325802b2f4d35b1ad67ea4af8dce21823d8179a9728f91b1981064502a414c562d", @typed={0x14, 0x57, 0x0, 0x0, @ipv6=@private1}]}, @NL80211_ATTR_TX_RATES={0x4}]}, 0x11dc}, 0x1, 0x0, 0x0, 0x4884}, 0x810) close_range$auto(r4, r4, 0x6) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000100)={0x4, "8169b504e7723085de7eb4d3b73b259130d6e5cfe25d4bb52adfff7aaf5df8ff", @raw=0x7}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r6, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) setsockopt$auto(0xffffffffffffffff, 0xfffffffd, 0x16, 0x0, 0x4) prctl$auto(0x2f, 0x4, 0x0, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x9, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x5, 0x9, 0x8, 0x10006, 0x400007f, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0xffffffffffffffff, 0x2, 0x0, 0x402000, 0x0, 0x20000000e, 0x1, 0x0, 0x5380000000, 0xffffffffffffffff, 0x8, 0x1, 0x6, 0x0, 0x8, 0x7, 0x8, 0x401, 0xffffffffffffffff, 0x6d, 0x1000000000002f, 0x0, 0x0, 0x1006, 0x9, 0xffff, 0x0, 0x100, 0x0, 0x6, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0xb, 0xa38, 0x1, 0x3, 0xfffffffffffffffc, 0x3, 0x8, 0x10000000007, 0xc567, 0xffffffffffffffff]}, 0x8001, 0xd) r7 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) io_setup$auto(0x7, &(0x7f0000000440)=0x7fffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd12\x00', 0x8001, 0x0) r8 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd12\x00', 0x8001, 0x0) ioctl$auto_def_blk_fops_fs(r8, 0xab04, 0x0) read$auto_ep0_operations_inode(r4, &(0x7f0000000380)=""/92, 0x5c) ioctl$auto__ctl_fops_dm_ioctl(r7, 0xfffffff7effffd05, &(0x7f00000001c0)) pread64$auto(0xffffffffffffffff, 0x0, 0x1, 0xfffffffffffffe01) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) 1.916995461s ago: executing program 4 (id=1160): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x10000, 0x0) read$auto_sg_fops_sg(r0, 0x0, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid_for_children\x00') r2 = ioctl$NS_GET_PARENT(r1, 0xb701, 0x0) r3 = socket(0xa, 0x2, 0x88) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x1ff, r3, @relative_id=0x13, 0xe600}, 0xf) open_tree$auto(0xffffffffffffffff, 0x0, 0x8800) socketpair$auto(0x1, 0x803, 0x8000000000000000, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r6, 0x0, 0x3}, 0xc) r7 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f00000002c0), 0xfa801, 0x0) epoll_pwait$auto(r2, &(0x7f0000000180)={0xb, 0x6e585bdf}, 0xb5, 0x2, &(0x7f0000000280)={0x3}, 0x8) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x30, 0x0, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x11}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}]}, 0x30}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r8 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='X'], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_RNDADDENTROPY2(r7, 0x40085203, &(0x7f0000000080)=[0x2, 0x400]) close_range$auto(0x2, 0x8000, 0x0) 1.529131314s ago: executing program 3 (id=1161): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000440), r0) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000540)=ANY=[@ANYBLOB="97df1a74", @ANYRES16=r1, @ANYBLOB="01002bbd7000ffdbdf250200000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x24004080) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2a, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) setsockopt$auto(0xffffffffffffffff, 0x4, 0x8001, 0x0, 0x7) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0xfffffffffffffff9, r2, 0x8000) sysfs$auto(0x2, 0x10000000000002d, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0xf000, 0x8, 0x1000000003, 0x9b72, 0x2, 0x8000) semctl$auto(0x0, 0xfffffffffffffffa, 0x100000001, 0x95cc) clone$auto(0x200021006, 0x8, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) connect$auto(0xffffffffffffffff, 0x0, 0x55) unshare$auto(0x40000080) madvise$auto(0x0, 0x20200, 0x15) open(&(0x7f0000000200)='./cgroup\x00', 0x400, 0x23) 1.44133179s ago: executing program 4 (id=1162): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) futex_wake$auto(0x0, 0x7, 0x0, 0x82) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r1, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0) mmap$auto(0x0, 0x1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statx$auto(0x2, 0x0, 0x1000, 0xbdfa, 0x0) r2 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r3, 0x5393, r2) 1.321328493s ago: executing program 2 (id=1163): mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000) socket(0x10, 0x2, 0x0) socket(0xa, 0x1, 0x84) r0 = socket(0xa, 0x801, 0x84) capget$auto(0x0, 0xfffffffffffffffe) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) setsockopt$auto(r0, 0x10000000084, 0x0, 0x0, 0x10) syz_clone3(&(0x7f0000000380)={0x20200000, 0x0, 0x0, 0x0, {0x6}, 0x0, 0x0, 0x0, 0x0}, 0x58) 1.29107355s ago: executing program 1 (id=1164): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x448080, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x80, 0x0) ioctl$auto_SNDCTL_DSP_STEREO(r0, 0xc0045003, 0x0) 1.169833445s ago: executing program 1 (id=1165): mmap$auto(0x0, 0x1, 0x1, 0xeb1, 0x401, 0x8003) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(0x4, &(0x7f0000000200)={{0x0, 0x4, &(0x7f0000000140)={0x0, 0x4da}, 0xffffffff, 0x0, 0x8, 0xe0be}, 0x3}, 0x7, 0xa, 0x0) write$auto(0x3, 0x0, 0xfdef) r1 = socket(0x2, 0x1, 0x0) prctl$auto(0x1000000001c, 0x5, 0x8, 0x9, 0x80001) setreuid$auto(0x15, 0x5) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x2, 0x0) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) mmap$auto(0x7ff, 0x2020009, 0xffffffffffffffff, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) process_vm_writev$auto(0x1, &(0x7f0000002980)={0x0, 0x4}, 0x0, &(0x7f0000002a40)={0x0, 0x7fffffff}, 0x6, 0x5) r2 = open(0x0, 0x4242, 0xe1d2b27bdc14aabc) fanotify_mark$auto(0x400000000000, 0x101, 0xdd, r2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001980)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="2f212cbd8966efb91b2e4f1f000008000300", @ANYRES32=r6], 0x28}}, 0x4000000) getuid() sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000000c0)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB='\x00#\x00\x00', @ANYRES16=r5, @ANYBLOB="020025bd7000fcdbdf251f000000060043010200000004009300c8125a80c5002a8004001a800400e980e0fcb7695ba2d45f20a4bb162d9b95c2040005800400b3807903a00db118fed403ab8034921d39de48b34b77242eb426faa2a6eef451f6c4be2be5e60d1ad87fd3fd464e8dd5dd93eefc00f78f650c1a94cf973ea3c74fb314f9f7251808bdb48605b06ab5604c1cc309aacf278ac40286f0bbd2e13a78f5b7e6c15fa1d75250939de59a1422291a6a013b3749724033aef6b8fd9c234f6a000000000000000000000100000008002c00a80d8842bb3d3360749381e03bf742bf07352aea3248e0aaf3d981970e9bef213549509817ea016d0eb7605680acd9a20a1159b0292659b70c168bb903d197951fdd5b26a580443301ac1ed7d321ad78a714e337f0aa217e7cea65cf00baf378bcfc0f16a8f278895e82eaf168a280aa68d40c27cc9aca06f9f522485299e84a411ea361568bd5850e00d6ad65273182908299fccef0eeda57364ccdad2920249df2cf1e690a98b2fa868aa082cf46c090a6496e9a5d3aa0c2d5db04d8fb26565adff7aa8d01000000c76871de9f55eb615a09798c23ccc9d4ab6990ccde5ff361c44657faa48b00628b25abfe379117785aa0031144479400f0ff0000000000", @ANYRES32=r1, @ANYRESHEX=r7, @ANYRES32=r5, @ANYRES16=r4], 0x2300}}, 0x40408c4) ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0x0) bind$auto(r3, &(0x7f0000000100)=@l2={0x1f, 0x72, @none, 0x5a}, 0x6a) 880.046143ms ago: executing program 2 (id=1166): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/ipv6_route\x00', 0x8000, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x9, 0x3, 0x7, 0x2, 0x9, 0x5, 0x2, 0x7, 0x2000000b3, 0xc, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x7, 0xb0b, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000, 0x0, 0x0, 0x9, 0x55, 0x8000000000000000, 0x4000100000000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x8000000000000, 0x8, 0x3ff, 0xbc]}, 0x1fa, 0x81) socket(0x11, 0x800, 0x7) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x3, 0x6) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f00000000c0)='./cgroup\x00', 0x204040, 0x12f) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/tty34\x00', 0x629042, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/controlC2\x00', 0x141200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000004c80)='/sys/devices/virtual/block/loop7/events_poll_msecs\x00', 0x8081, 0x0) openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/nfsfs/servers\x00', 0x400, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000004680)='/sys/kernel/debug/tracing/dynamic_events\x00', 0x502, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/sound/ctl-led/mic/brightness\x00', 0x109140, 0x0) sysfs$auto(0x2, 0x4, 0x4) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x80043, 0x0) mincore$auto(0x1000, 0x8001, 0x0) r0 = io_uring_setup$auto(0x877, 0x0) io_uring_enter$auto(r0, 0xcd00, 0xcd00, 0x7, 0x0, 0xffffffffffffffff) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) 879.114613ms ago: executing program 4 (id=1174): socket(0x10, 0x2, 0x0) (async) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0x0, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000002081, 0x8, 0x2, 0xfffffffffffffff8}) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) (async) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x2000c0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) madvise$auto(0x0, 0x8000000000000000, 0x15) (async) madvise$auto(0x0, 0x1010001, 0x100000003) (async) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) (async) r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) ioctl$auto_VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, 0x0) (async) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) (async) socketpair$auto(0xf, 0x7fff, 0x4, &(0x7f00000000c0)=0xe9) (async) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) readv$auto(0x0, &(0x7f0000000080)={&(0x7f0000000040), 0x6}, 0x7ff) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000de44f13168e599c53bad6fb29b8c8f51ddc82fe8de3c017adca19cd3ba97da597663835bdae79c066524c1921dd50ff9224657", @ANYRES16=0x0, @ANYBLOB="010325bd7000ffdbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810) (async) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) (async) read$auto(0x4, 0x0, 0xfdef) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/options/trace_printk_dest\x00', 0x200000, 0x0) (async) close_range$auto(0x0, 0x5, 0x0) (async) fanotify_init$auto(0x5, 0x2000000000002) inotify_init1$auto(0x3000000000000) (async) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) (async) socket(0x15, 0x5, 0x0) 712.640697ms ago: executing program 3 (id=1167): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r0 = open(0x0, 0x400, 0x1e) mmap$auto(0x0, 0x5, 0x5c, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x1000) lseek$auto(0x3, 0x10000, 0x9345) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setns(0xffffffffffffffff, 0x0) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) r1 = socket(0xa, 0x2, 0x73) write$auto_msr_fops_msr(r0, 0x0, 0x0) getsockname$auto(r1, &(0x7f0000000240), &(0x7f0000000280)=0xaea) fcntl$auto(0x0, 0x407, 0x100000) mlockall$auto(0x7) mmap$auto(0x100000000000000, 0x200004, 0x4000000000df, 0x40eb2, r1, 0x7ff) memfd_create$auto(&(0x7f0000000000)='A\x00\x00\x00\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\f\x00\x00\v\x00E\xdb\x81\xd9\xd8\xe640\xc6\xa4Sr\x82\xcc\"K\xe1IIT\x00\x00\x00', 0xe) rseq$auto(0x0, 0x8000, 0x0, 0x6) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/clear_refs\x00', 0x404241, 0x0) mknod$auto(&(0x7f0000000080)=':,\x00', 0xcc, 0x8) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) socket(0x2c, 0x80000, 0x20000009) r2 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r2, &(0x7f0000000200)='\x00', 0x0, &(0x7f0000000100)=&(0x7f00000000c0)='\\\x00', 0x1000) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) 421.321598ms ago: executing program 4 (id=1168): socket(0xa, 0x2, 0x73) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) (async) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x2000c041) bind$auto(0x3, 0x0, 0x6b) (async) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, 0x0, 0x40) (async) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) (async) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) sysfs$auto(0x2, 0x6, 0x0) ioctl$auto(r0, 0x5393, 0x5) (async) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) setsockopt$auto(0x400000000000003, 0x29, 0x10, 0x0, 0x40020000) socket$nl_generic(0x10, 0x3, 0x10) (async) bind$auto(0x3, &(0x7f0000000000)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x40}, 0x68) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/netlink\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x8, 0x8000) (async) sendto$auto(0x3, 0x0, 0xf, 0x10, &(0x7f0000000140), 0x19) 96.261548ms ago: executing program 2 (id=1169): socket(0x10, 0x2, 0x2) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) syz_genetlink_get_family_id$auto_ipvs(&(0x7f00000001c0), 0xffffffffffffffff) socket(0xa, 0x3, 0x100) socket(0xa, 0x2, 0x88) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/nr_hugepages\x00', 0x642, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x6, 0x2) epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd) epoll_wait$auto(0x5, 0x0, 0x2, 0xfffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x7ffd, 0x12) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f00000000c0)={0x1, 0x6, 0x4}) ioctl$auto(0xffffffffffffffff, 0x5609, 0xffffffffffffffff) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) move_pages$auto(0x0, 0xd0, 0x0, 0x0, 0x0, 0x2) epoll_ctl$auto(0x5, 0x1, 0xffffffffffffffff, 0x0) 0s ago: executing program 4 (id=1170): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x801, 0x100) (async) socket(0x2, 0x801, 0x100) connect$auto(0x3, &(0x7f00000018c0), 0x55) (async) connect$auto(0x3, &(0x7f00000018c0), 0x55) bind$auto(0x3, 0x0, 0x68) (async) bind$auto(0x3, 0x0, 0x68) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x9, 0x21e9, 0x7ff, 0x6, 0x2, 0xb, 0x2e, 0x0, 0x3}, 0x6f4) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x2, 0x1) mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, r1, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) brk$auto(0xf065) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) bind$auto(r0, &(0x7f0000000040)=@xdp={0x2c, 0x0, 0x0, 0x5}, 0x6a) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x8000) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x53, 0x9) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/est_cpulist\x00', 0x4000, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/net/ipv4/vs/est_cpulist\x00', 0x4000, 0x0) kernel console output (not intermixed with test programs): 6245] netlink: 146 bytes leftover after parsing attributes in process `syz.0.76'. [ 107.432858][ T6251] netlink: 338 bytes leftover after parsing attributes in process `syz.3.77'. [ 107.479552][ T6251] netlink: 338 bytes leftover after parsing attributes in process `syz.3.77'. [ 107.532544][ T6254] openvswitch: netlink: IP tunnel dst address not specified [ 108.570326][ T6257] blktrace: Concurrent blktraces are not allowed on sg0 [ 109.155810][ T6254] kstrtoul() returned -22 for lu_gp_id [ 109.436835][ T6278] netlink: 338 bytes leftover after parsing attributes in process `syz.1.91'. [ 109.483960][ T6280] netlink: 338 bytes leftover after parsing attributes in process `syz.1.91'. [ 110.020863][ T6279] mkiss: ax0: crc mode is auto. [ 110.719469][ T6292] netlink: 4 bytes leftover after parsing attributes in process `syz.2.83'. [ 110.991380][ T6296] netlink: 326 bytes leftover after parsing attributes in process `syz.0.84'. [ 111.182022][ T6280] kstrtoul() returned -22 for lu_gp_id [ 111.864642][ T6299] netlink: 'syz.3.85': attribute type 4 has an invalid length. [ 112.056015][ T6297] kstrtoul() returned -22 for lu_gp_id [ 112.242765][ T6313] kstrtoul() returned -22 for lu_gp_id [ 112.860705][ T6235] kstrtoul() returned -22 for lu_gp_id [ 113.487810][ T6325] openvswitch: netlink: IP tunnel dst address not specified [ 114.941768][ T6302] kstrtoul() returned -22 for lu_gp_id [ 115.168538][ T29] audit: type=1804 audit(1736074961.199:4): pid=6351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.101" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=7526 res=1 errno=0 [ 115.374783][ T6352] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 115.380997][ T6352] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 115.403182][ T6312] kstrtoul() returned -22 for lu_gp_id [ 115.435618][ T6352] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 115.444234][ T6352] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 115.450471][ T6352] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 115.485749][ T6352] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 115.511439][ T6352] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 115.530288][ T6352] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 115.562675][ T6352] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 115.668961][ T6352] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 115.692378][ T6352] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 115.726933][ T6352] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 115.939171][ T6352] kstrtoul() returned -22 for lu_gp_id [ 116.060255][ T6365] netlink: 'syz.3.106': attribute type 1 has an invalid length. y string added ounting paused [ 117.432215][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 117.490054][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 117.562664][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 117.742219][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 118.868770][ T6401] netlink: 4 bytes leftover after parsing attributes in process `syz.0.113'. [ 119.482389][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 119.566464][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 119.642364][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 119.820573][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 120.352387][ T6469] Invalid ELF header len 3 [ 121.566532][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 121.647795][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 121.724987][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 121.894844][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 122.012370][ T29] audit: type=1800 audit(1736074968.049:5): pid=6514 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.143" name="discovery_nqn" dev="configfs" ino=9598 res=0 errno=0 [ 122.826133][ T6526] aoe: invalid device specification [ 124.091714][ T6555] netlink: 330 bytes leftover after parsing attributes in process `syz.0.153'. [ 124.574115][ T6563] netlink: 1204 bytes leftover after parsing attributes in process `syz.0.155'. [ 124.593725][ T6564] netlink: 1204 bytes leftover after parsing attributes in process `syz.0.155'. [ 124.649826][ T6562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.155'. [ 125.945916][ T6588] Process accounting resumed [ 126.275673][ T6592] netlink: 28 bytes leftover after parsing attributes in process `syz.2.161'. [ 126.876286][ T6586] kexec: Could not allocate control_code_buffer [ 127.680333][ T6616] netlink: 4 bytes leftover after parsing attributes in process `syz.0.170'. [ 129.097654][ T6641] netlink: 20 bytes leftover after parsing attributes in process `syz.2.175'. [ 129.662444][ T6640] netlink: 28 bytes leftover after parsing attributes in process `syz.3.174'. [ 129.789226][ T6640] ip6gre0: entered promiscuous mode [ 129.819004][ T6633] RDS: rds_bind could not find a transport for ::ffff:3.0.0.0, load rds_tcp or rds_rdma? [ 130.138287][ T6657] netlink: 4 bytes leftover after parsing attributes in process `syz.0.182'. [ 130.575380][ T29] audit: type=1804 audit(1736074976.619:6): pid=6663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.183" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 130.625598][ T6662] Process accounting resumed [ 130.630297][ T6662] kstrtoul() returned -22 for lu_gp_id [ 130.643872][ T29] audit: type=1800 audit(1736074976.619:7): pid=6663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.183" name="lu_gp_id" dev="configfs" ino=10006 res=0 errno=0 [ 132.996909][ T6668] kstrtoul() returned -22 for lu_gp_id [ 133.331543][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.338183][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.418519][ T6695] netlink: 28 bytes leftover after parsing attributes in process `syz.0.192'. [ 134.598899][ T6695] kstrtoul() returned -22 for lu_gp_id [ 135.538582][ T6721] can: request_module (can-proto-0) failed. [ 135.555965][ T29] audit: type=1804 audit(1736074981.599:8): pid=6724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.199" name="#)-\&[}" dev="mqueue" ino=10140 res=1 errno=0 [ 135.576841][ T6724] kernel read not supported for file /#)-\&[} (pid: 6724 comm: syz.3.199) [ 135.642481][ T29] audit: type=1800 audit(1736074981.679:9): pid=6724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.199" name="#)-\&[}" dev="mqueue" ino=10140 res=0 errno=0 [ 136.578472][ T6749] .': entered promiscuous mode [ 137.327384][ T6717] kstrtoul() returned -22 for lu_gp_id [ 138.213475][ T6767] kstrtoul() returned -22 for lu_gp_id [ 138.785341][ T6665] kstrtoul() returned -22 for lu_gp_id [ 138.788543][ T6785] netlink: 34 bytes leftover after parsing attributes in process `syz.1.214'. [ 138.946018][ T6782] kstrtoul() returned -22 for lu_gp_id [ 139.161703][ T29] audit: type=1804 audit(1736074985.199:10): pid=6775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.210" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 139.245223][ T6790] syz.2.215 uses obsolete (PF_INET,SOCK_PACKET) [ 139.377824][ T6775] Process accounting resumed [ 139.438440][ T6775] kstrtoul() returned -22 for lu_gp_id [ 139.573132][ T6801] kstrtoul() returned -22 for lu_gp_id [ 139.897119][ T6805] kstrtoul() returned -22 for lu_gp_id [ 140.302891][ T6816] kstrtoul() returned -22 for lu_gp_id [ 140.891725][ T6823] kstrtoul() returned -22 for lu_gp_id [ 142.045422][ T6825] kstrtoul() returned -22 for lu_gp_id [ 142.473654][ T6831] kstrtoul() returned -22 for lu_gp_id [ 142.639234][ T6863] kstrtoul() returned -22 for lu_gp_id [ 142.815354][ T6867] kstrtoul() returned -22 for lu_gp_id [ 142.964149][ T6676] kstrtoul() returned -22 for lu_gp_id [ 143.145229][ T6870] kstrtoul() returned -22 for lu_gp_id [ 143.229152][ T29] audit: type=1804 audit(1736074989.269:11): pid=6865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.227" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 143.524387][ T6868] Process accounting resumed [ 143.529094][ T6868] kstrtoul() returned -22 for lu_gp_id [ 143.687841][ T6881] kstrtoul() returned -22 for lu_gp_id [ 144.133639][ T6873] kstrtoul() returned -22 for lu_gp_id [ 145.249320][ T6752] kstrtoul() returned -22 for lu_gp_id [ 145.657718][ T6896] kstrtoul() returned -22 for lu_gp_id [ 145.690606][ T6759] kstrtoul() returned -22 for lu_gp_id [ 146.603682][ T6876] kstrtoul() returned -22 for lu_gp_id [ 148.418948][ T6906] kstrtoul() returned -22 for lu_gp_id [ 148.423118][ T6812] kstrtoul() returned -22 for lu_gp_id [ 148.563271][ T6902] smc: net device syz_tun applied user defined pnetid ETHTOOL [ 148.811746][ T6911] kstrtoul() returned -22 for lu_gp_id [ 149.191651][ T6917] kstrtoul() returned -22 for lu_gp_id [ 149.191817][ T6887] kstrtoul() returned -22 for lu_gp_id [ 149.301656][ T6899] kstrtoul() returned -22 for lu_gp_id [ 149.470149][ T6925] WARNING! power/level is deprecated; use power/control instead [ 149.562004][ T6920] kstrtoul() returned -22 for lu_gp_id [ 149.701701][ T6934] netlink: 28 bytes leftover after parsing attributes in process `syz.1.242'. [ 149.870360][ T6934] veth1_macvtap: left promiscuous mode [ 149.878426][ T6932] kstrtoul() returned -22 for lu_gp_id [ 150.319857][ T6938] kstrtoul() returned -22 for lu_gp_id [ 150.505147][ T6934] kstrtoul() returned -22 for lu_gp_id [ 150.976270][ T6935] kstrtoul() returned -22 for lu_gp_id [ 151.101696][ T6955] kstrtoul() returned -22 for lu_gp_id [ 151.384376][ T6963] kstrtoul() returned -22 for lu_gp_id [ 152.411459][ T6958] kstrtoul() returned -22 for lu_gp_id [ 153.984792][ T6973] kstrtoul() returned -22 for lu_gp_id [ 154.183967][ T6990] netlink: 306 bytes leftover after parsing attributes in process `syz.2.254'. [ 154.367580][ T6992] kstrtoul() returned -22 for lu_gp_id [ 154.787965][ T6871] kstrtoul() returned -22 for lu_gp_id [ 154.869677][ T7001] kstrtoul() returned -22 for lu_gp_id [ 154.961240][ T6980] kstrtoul() returned -22 for lu_gp_id [ 154.961918][ T6880] kstrtoul() returned -22 for lu_gp_id [ 155.018866][ T6927] kstrtoul() returned -22 for lu_gp_id [ 155.078966][ T6796] kstrtoul() returned -22 for lu_gp_id [ 155.096608][ T6699] kstrtoul() returned -22 for lu_gp_id [ 155.142997][ T7003] : entered promiscuous mode [ 155.236909][ T6975] kstrtoul() returned -22 for lu_gp_id [ 155.369505][ T7003] kstrtoul() returned -22 for lu_gp_id [ 155.754080][ T7008] netlink: 28 bytes leftover after parsing attributes in process `syz.2.261'. [ 155.771406][ T7010] kstrtoul() returned -22 for lu_gp_id [ 155.854972][ T7015] kstrtoul() returned -22 for lu_gp_id [ 155.985117][ T7014] kstrtoul() returned -22 for lu_gp_id [ 156.021916][ T7004] kstrtoul() returned -22 for lu_gp_id [ 156.105352][ T29] audit: type=1804 audit(1736075002.149:12): pid=7015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.262" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 156.317631][ T7019] kstrtoul() returned -22 for lu_gp_id [ 156.331834][ T7011] Process accounting resumed [ 156.404108][ T7011] kstrtoul() returned -22 for lu_gp_id [ 156.495577][ T7025] netlink: 306 bytes leftover after parsing attributes in process `syz.2.265'. [ 156.616176][ T7027] kstrtoul() returned -22 for lu_gp_id [ 157.054288][ T7016] kstrtoul() returned -22 for lu_gp_id [ 157.099699][ T7033] kstrtoul() returned -22 for lu_gp_id [ 157.561735][ T7039] kstrtoul() returned -22 for lu_gp_id [ 158.676043][ T7051] kstrtoul() returned -22 for lu_gp_id [ 158.782328][ T7029] kstrtoul() returned -22 for lu_gp_id [ 159.136450][ T7059] kstrtoul() returned -22 for lu_gp_id [ 159.243918][ T29] audit: type=1804 audit(1736075005.279:13): pid=7068 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.276" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 159.344724][ T7064] Process accounting resumed [ 159.359703][ T7064] kstrtoul() returned -22 for lu_gp_id [ 159.360046][ T7040] kstrtoul() returned -22 for lu_gp_id [ 159.568026][ T7079] kstrtoul() returned -22 for lu_gp_id [ 159.579598][ T7077] kstrtoul() returned -22 for lu_gp_id [ 159.595607][ T7073] kstrtoul() returned -22 for lu_gp_id [ 159.798595][ T7057] kstrtoul() returned -22 for lu_gp_id [ 159.936304][ T7074] kstrtoul() returned -22 for lu_gp_id [ 160.099343][ T7083] kstrtoul() returned -22 for lu_gp_id [ 160.386154][ T7072] kstrtoul() returned -22 for lu_gp_id [ 160.590826][ T7094] kstrtoul() returned -22 for lu_gp_id [ 160.634861][ T7086] kstrtoul() returned -22 for lu_gp_id [ 160.826011][ T7101] kstrtoul() returned -22 for lu_gp_id [ 161.115260][ T7109] kstrtoul() returned -22 for lu_gp_id [ 161.210544][ T29] audit: type=1804 audit(1736075007.249:14): pid=7109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.287" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 161.306814][ T7107] Process accounting resumed [ 161.311500][ T7107] kstrtoul() returned -22 for lu_gp_id [ 161.483226][ T7105] kstrtoul() returned -22 for lu_gp_id [ 161.735201][ T7087] kstrtoul() returned -22 for lu_gp_id [ 161.771646][ T7112] kstrtoul() returned -22 for lu_gp_id [ 161.943098][ T7120] kstrtoul() returned -22 for lu_gp_id [ 162.105666][ T7125] Invalid ELF header magic: != ELF [ 162.275301][ T7118] kstrtoul() returned -22 for lu_gp_id [ 163.677410][ T7125] kstrtoul() returned -22 for lu_gp_id [ 164.576035][ T7116] kstrtoul() returned -22 for lu_gp_id [ 164.892847][ T7138] kstrtoul() returned -22 for lu_gp_id [ 165.073509][ T7133] kstrtoul() returned -22 for lu_gp_id [ 165.077514][ T7148] kstrtoul() returned -22 for lu_gp_id [ 165.281514][ T7157] kstrtoul() returned -22 for lu_gp_id [ 165.512353][ T7154] kstrtoul() returned -22 for lu_gp_id [ 165.542300][ T29] audit: type=1804 audit(1736075011.559:15): pid=7152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.297" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 165.630516][ T7151] Process accounting resumed [ 165.640678][ T7151] kstrtoul() returned -22 for lu_gp_id [ 165.651452][ T7161] FAULT_INJECTION: forcing a failure. [ 165.651452][ T7161] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 165.692455][ T7161] CPU: 1 UID: 0 PID: 7161 Comm: syz.0.298 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 165.703111][ T7161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 165.713209][ T7161] Call Trace: [ 165.716516][ T7161] [ 165.719553][ T7161] dump_stack_lvl+0x16c/0x1f0 [ 165.724269][ T7161] should_fail_ex+0x497/0x5b0 [ 165.728998][ T7161] _copy_to_user+0x32/0xd0 [ 165.733458][ T7161] msr_read+0x14f/0x250 [ 165.737661][ T7161] ? __pfx_msr_read+0x10/0x10 [ 165.742382][ T7161] ? bpf_lsm_file_permission+0x9/0x10 [ 165.747800][ T7161] ? security_file_permission+0x71/0x210 [ 165.753475][ T7161] ? __pfx_msr_read+0x10/0x10 [ 165.758191][ T7161] vfs_readv+0x6bf/0x890 [ 165.762331][ T7063] kstrtoul() returned -22 for lu_gp_id [ 165.762443][ T7161] ? find_held_lock+0x2d/0x110 [ 165.772826][ T7161] ? __pfx_vfs_readv+0x10/0x10 [ 165.777628][ T7161] ? find_held_lock+0x2d/0x110 [ 165.782493][ T7161] ? __pfx_lock_release+0x10/0x10 [ 165.787547][ T7161] ? trace_lock_acquire+0x14e/0x1f0 [ 165.792890][ T7161] ? __fget_files+0x206/0x3a0 [ 165.797640][ T7161] ? do_readv+0x133/0x340 [ 165.802109][ T7161] do_readv+0x133/0x340 [ 165.806318][ T7161] ? __pfx_do_readv+0x10/0x10 [ 165.811132][ T7161] do_syscall_64+0xcd/0x250 [ 165.815698][ T7161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.821724][ T7161] RIP: 0033:0x7f71a8f85d29 [ 165.826192][ T7161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.845847][ T7161] RSP: 002b:00007f71a9e2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 165.854310][ T7161] RAX: ffffffffffffffda RBX: 00007f71a9175fa0 RCX: 00007f71a8f85d29 [ 165.862311][ T7161] RDX: 0000000000000049 RSI: 0000000020000040 RDI: 0000000000000003 [ 165.870378][ T7161] RBP: 00007f71a9e2e090 R08: 0000000000000000 R09: 0000000000000000 [ 165.878353][ T7161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.886552][ T7161] R13: 0000000000000000 R14: 00007f71a9175fa0 R15: 00007fff3602e968 [ 165.894565][ T7161] [ 165.915108][ T7111] kstrtoul() returned -22 for lu_gp_id [ 166.018406][ T7161] kstrtoul() returned -22 for lu_gp_id [ 166.157777][ T7026] kstrtoul() returned -22 for lu_gp_id [ 166.308768][ T7070] kstrtoul() returned -22 for lu_gp_id [ 166.503109][ T7162] kstrtoul() returned -22 for lu_gp_id [ 166.646546][ T7155] kstrtoul() returned -22 for lu_gp_id [ 166.799231][ T7171] kstrtoul() returned -22 for lu_gp_id [ 166.916428][ T7166] kstrtoul() returned -22 for lu_gp_id [ 167.086854][ T7176] kstrtoul() returned -22 for lu_gp_id [ 167.809667][ T7174] kstrtoul() returned -22 for lu_gp_id [ 167.869668][ T7183] kstrtoul() returned -22 for lu_gp_id [ 167.946988][ T7178] kstrtoul() returned -22 for lu_gp_id [ 168.656881][ T7201] kstrtoul() returned -22 for lu_gp_id [ 168.678335][ T7194] kstrtoul() returned -22 for lu_gp_id [ 168.699010][ T7191] kstrtoul() returned -22 for lu_gp_id [ 168.862447][ T7195] kstrtoul() returned -22 for lu_gp_id [ 168.928429][ T7129] kstrtoul() returned -22 for lu_gp_id [ 168.984330][ T7205] kstrtoul() returned -22 for lu_gp_id [ 169.370891][ T7207] kstrtoul() returned -22 for lu_gp_id [ 170.382767][ T7159] kstrtoul() returned -22 for lu_gp_id [ 171.009695][ T7211] kstrtoul() returned -22 for lu_gp_id [ 171.363972][ T7223] kstrtoul() returned -22 for lu_gp_id [ 171.386663][ T7209] Process accounting paused [ 171.550400][ T7226] kstrtoul() returned -22 for lu_gp_id [ 171.809940][ T7238] kstrtoul() returned -22 for lu_gp_id [ 171.848193][ T7229] kstrtoul() returned -22 for lu_gp_id [ 171.972768][ T7239] netlink: 4 bytes leftover after parsing attributes in process `syz.0.317'. [ 172.107878][ T7239] kstrtoul() returned -22 for lu_gp_id [ 172.120316][ T7245] kstrtoul() returned -22 for lu_gp_id [ 172.163448][ T7250] kstrtoul() returned -22 for lu_gp_id [ 172.415715][ T7248] kstrtoul() returned -22 for lu_gp_id [ 172.759397][ T7255] kstrtoul() returned -22 for lu_gp_id [ 172.970488][ T29] audit: type=1800 audit(1736075019.009:16): pid=7264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.325" name="dbroot" dev="configfs" ino=12834 res=0 errno=0 [ 173.051551][ T29] audit: type=1804 audit(1736075019.089:17): pid=7264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.325" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=12834 res=1 errno=0 [ 173.454235][ T7256] kstrtoul() returned -22 for lu_gp_id [ 173.509284][ T7260] kstrtoul() returned -22 for lu_gp_id [ 173.882427][ T7271] Process accounting paused [ 174.555181][ T7278] kstrtoul() returned -22 for lu_gp_id [ 174.783476][ T7291] kstrtoul() returned -22 for lu_gp_id [ 175.009449][ T7295] kstrtoul() returned -22 for lu_gp_id [ 175.270944][ T7304] kstrtoul() returned -22 for lu_gp_id [ 175.420425][ T7307] netlink: 'syz.2.338': attribute type 2 has an invalid length. [ 175.465333][ T7309] netlink: 'syz.2.338': attribute type 2 has an invalid length. [ 175.521625][ T7309] kstrtoul() returned -22 for lu_gp_id [ 175.600024][ T7313] kstrtoul() returned -22 for lu_gp_id [ 176.025883][ T7267] kstrtoul() returned -22 for lu_gp_id [ 176.402300][ T29] audit: type=1807 audit(949.203:18): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 176.455809][ T7323] kstrtoul() returned -22 for lu_gp_id [ 176.511129][ T29] audit: type=1802 audit(949.323:19): pid=7331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.344" res=0 errno=0 [ 176.528910][ T7331] ima: policy update failed [ 176.564886][ T29] audit: type=1802 audit(949.373:20): pid=7331 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.344" res=0 errno=0 [ 177.406237][ T29] audit: type=1804 audit(950.223:21): pid=7335 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.345" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 177.677420][ T7334] kstrtoul() returned -22 for lu_gp_id [ 177.704744][ T7336] kstrtoul() returned -22 for lu_gp_id [ 177.936888][ T7344] kstrtoul() returned -22 for lu_gp_id [ 179.315571][ T7356] netlink: 28 bytes leftover after parsing attributes in process `syz.1.351'. [ 179.504427][ T7356] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 179.676668][ T29] audit: type=1804 audit(952.493:22): pid=7346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.347" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 179.777973][ T7340] kstrtoul() returned -22 for lu_gp_id [ 179.912066][ T7351] kstrtoul() returned -22 for lu_gp_id [ 179.989557][ T7244] kstrtoul() returned -22 for lu_gp_id [ 180.204456][ T7356] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 181.543610][ T7348] kstrtoul() returned -22 for lu_gp_id [ 183.263456][ T7203] kstrtoul() returned -22 for lu_gp_id [ 184.419891][ T7373] kstrtoul() returned -22 for lu_gp_id [ 185.465314][ T7367] kstrtoul() returned -22 for lu_gp_id [ 185.632471][ T7386] netlink: 11 bytes leftover after parsing attributes in process `syz.3.358'. [ 185.921110][ T7394] kstrtoul() returned -22 for lu_gp_id [ 186.544651][ T7380] kstrtoul() returned -22 for lu_gp_id [ 187.213667][ T7401] Process accounting paused [ 187.609573][ T7404] kstrtoul() returned -22 for lu_gp_id [ 188.082777][ T7416] kstrtoul() returned -22 for lu_gp_id [ 188.154750][ T7423] Process accounting resumed [ 188.159445][ T7423] kstrtoul() returned -22 for lu_gp_id [ 188.232329][ T29] audit: type=1804 audit(960.923:23): pid=7423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.369" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 188.270063][ T7429] kstrtoul() returned -22 for lu_gp_id [ 188.772937][ T7438] kstrtoul() returned -22 for lu_gp_id [ 188.902357][ T7432] kstrtoul() returned -22 for lu_gp_id [ 189.745034][ T7443] kstrtoul() returned -22 for lu_gp_id [ 190.453638][ T7425] kstrtoul() returned -22 for lu_gp_id [ 190.671391][ T7467] openvswitch: netlink: IP tunnel TTL not specified. [ 190.745694][ T7467] kstrtoul() returned -22 for lu_gp_id [ 190.757017][ T7453] kstrtoul() returned -22 for lu_gp_id [ 190.944089][ T7473] kstrtoul() returned -22 for lu_gp_id [ 191.257635][ T7480] netlink: 28 bytes leftover after parsing attributes in process `syz.1.385'. [ 191.309938][ T7424] kstrtoul() returned -22 for lu_gp_id [ 191.614894][ T7475] kstrtoul() returned -22 for lu_gp_id [ 191.841173][ T7480] kstrtoul() returned -22 for lu_gp_id [ 192.233372][ T7471] kexec: Could not allocate control_code_buffer [ 193.027513][ T7498] kstrtoul() returned -22 for lu_gp_id [ 193.062681][ T29] audit: type=1804 audit(965.863:24): pid=7501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.389" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 193.111638][ T7501] Process accounting resumed [ 193.116416][ T7501] kstrtoul() returned -22 for lu_gp_id [ 193.553268][ T7512] kstrtoul() returned -22 for lu_gp_id [ 193.737478][ T7515] kstrtoul() returned -22 for lu_gp_id [ 194.165351][ T7527] kstrtoul() returned -22 for lu_gp_id [ 194.177735][ T7529] netlink: 'syz.3.394': attribute type 10 has an invalid length. [ 194.316888][ T7529] netlink: 330 bytes leftover after parsing attributes in process `syz.3.394'. [ 194.406394][ T7492] kstrtoul() returned -22 for lu_gp_id [ 194.600965][ T7535] kstrtoul() returned -22 for lu_gp_id [ 194.781325][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.789621][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.908703][ T7539] kstrtoul() returned -22 for lu_gp_id [ 195.571003][ T7533] kstrtoul() returned -22 for lu_gp_id [ 195.589993][ T29] audit: type=1804 audit(968.403:25): pid=7543 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.401" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 195.661489][ T7547] Process accounting paused [ 196.290226][ T7561] netlink: 306 bytes leftover after parsing attributes in process `syz.3.405'. [ 196.431391][ T7563] kstrtoul() returned -22 for lu_gp_id [ 196.875841][ T7572] kstrtoul() returned -22 for lu_gp_id [ 197.035676][ T7577] netlink: 28 bytes leftover after parsing attributes in process `syz.3.408'. [ 197.284681][ T7577] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 198.015008][ T7591] kstrtoul() returned -22 for lu_gp_id [ 198.037267][ T7577] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 198.711789][ T7608] misc userio: The device must be registered before sending interrupts [ 198.814700][ T7599] kstrtoul() returned -22 for lu_gp_id [ 199.353008][ T7616] kstrtoul() returned -22 for lu_gp_id [ 199.634380][ T7620] netlink: 306 bytes leftover after parsing attributes in process `syz.2.417'. [ 199.789954][ T7623] Invalid ELF header magic: != ELF [ 199.902323][ T29] audit: type=1807 audit(972.713:26): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 199.920302][ T29] audit: type=1802 audit(972.713:27): pid=7627 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.419" res=0 errno=0 [ 199.943853][ T7628] ima: policy update failed [ 199.980136][ T29] audit: type=1802 audit(972.763:28): pid=7628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.419" res=0 errno=0 [ 200.075188][ T29] audit: type=1804 audit(972.893:29): pid=7615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.415" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 201.982835][ T7649] ovs_: entered promiscuous mode [ 202.912649][ T7684] netlink: 306 bytes leftover after parsing attributes in process `syz.3.428'. [ 203.374371][ T7678] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 203.383089][ T7678] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 203.401313][ T7678] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 203.412419][ T7693] netlink: 28 bytes leftover after parsing attributes in process `syz.3.430'. [ 203.432635][ T7678] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 205.046354][ T7717] kernel read not supported for file /ù¼š8—ÉSþp°Ex•YXƒ®g»hÏ|lH›üúÂìæ•¿9.Kg ©ïþPænÖ¤Lšï]XÛF¦Ð (pid: 7717 comm: syz.2.436) [ 205.207324][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 205.278707][ T29] audit: type=1800 audit(978.033:30): pid=7717 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.436" name=11F9BC9A3897C953FE7016B04578951E595883AE6714BB68CF7C6C489B01FCFA14C2EC06E695BF392E1B4B6702A0A9EFFE500EE66ED6A44C8F9A1EEF5D58DB46A6D0 dev="mqueue" ino=15080 res=0 errno=0 [ 205.402392][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 205.408594][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 205.542350][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 205.799846][ T7722] netlink: 306 bytes leftover after parsing attributes in process `syz.0.438'. [ 205.942273][ T29] audit: type=1804 audit(978.753:31): pid=7720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.437" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 206.127341][ T7719] Process accounting resumed [ 206.132062][ T7719] kstrtoul() returned -22 for lu_gp_id [ 206.381993][ T7731] kstrtoul() returned -22 for lu_gp_id [ 206.390500][ T7733] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 206.471613][ T7736] netlink: 338 bytes leftover after parsing attributes in process `syz.3.441'. [ 206.501919][ T7736] netlink: 338 bytes leftover after parsing attributes in process `syz.3.441'. [ 206.541620][ T7736] netlink: 70 bytes leftover after parsing attributes in process `syz.3.441'. [ 206.796574][ T7740] kstrtoul() returned -22 for lu_gp_id [ 209.455032][ T7762] kstrtoul() returned -22 for lu_gp_id [ 209.540275][ T7752] kstrtoul() returned -22 for lu_gp_id [ 212.041704][ T7788] [U] [ 212.044646][ T7788] [U] [ 212.047374][ T7788] [U] [ 212.050110][ T7788] [U] [ 212.062486][ T7788] [U] [ 212.065275][ T7788] [U] [ 212.068001][ T7788] [U] [ 212.070728][ T7788] [U] [ 212.088035][ T7788] [U] [ 212.090802][ T7788] [U] [ 212.093726][ T7788] [U] [ 212.096497][ T7788] [U] [ 212.133404][ T7790] [U] [ 212.274210][ T7775] kstrtoul() returned -22 for lu_gp_id [ 213.392435][ T29] audit: type=1804 audit(986.203:32): pid=7796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.459" name="/newroot/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id" dev="configfs" ino=10006 res=1 errno=0 [ 213.505231][ T7795] Process accounting resumed [ 213.510006][ T7795] kstrtoul() returned -22 for lu_gp_id [ 214.021727][ T7758] kstrtoul() returned -22 for lu_gp_id [ 214.179135][ T7724] kstrtoul() returned -22 for lu_gp_id [ 214.254862][ T7809] kstrtoul() returned -22 for lu_gp_id [ 214.291953][ T7818] openvswitch: netlink: Missing valid actions attribute. [ 214.700502][ T7821] kstrtoul() returned -22 for lu_gp_id [ 215.353204][ T7829] Invalid ELF header magic: != ELF [ 215.731043][ T7826] kstrtoul() returned -22 for lu_gp_id [ 216.068164][ T7839] kstrtoul() returned -22 for lu_gp_id [ 216.156486][ T7812] kstrtoul() returned -22 for lu_gp_id [ 216.582847][ T7853] kstrtoul() returned -22 for lu_gp_id [ 216.869671][ T7855] can: request_module (can-proto-5) failed. [ 218.179145][ T7862] Process accounting resumed [ 218.226831][ T7862] kstrtoul() returned -22 for lu_gp_id [ 218.391142][ T7878] kstrtoul() returned -22 for lu_gp_id [ 218.459997][ T7798] kstrtoul() returned -22 for lu_gp_id [ 218.832419][ T29] audit: type=1800 audit(991.643:33): pid=7887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.478" name="dbroot" dev="configfs" ino=15816 res=0 errno=0 [ 219.100582][ T7845] kstrtoul() returned -22 for lu_gp_id [ 219.653910][ T7892] kstrtoul() returned -22 for lu_gp_id [ 219.957992][ T7885] kstrtoul() returned -22 for lu_gp_id [ 220.062103][ T7898] kstrtoul() returned -22 for lu_gp_id [ 220.558029][ T7913] kstrtoul() returned -22 for lu_gp_id [ 220.586579][ T7911] can: request_module (can-proto-5) failed. [ 221.011144][ T7919] Process accounting resumed [ 221.081108][ T7907] kstrtoul() returned -22 for lu_gp_id [ 221.128703][ T7919] kstrtoul() returned -22 for lu_gp_id [ 221.332071][ T7928] kstrtoul() returned -22 for lu_gp_id [ 221.495579][ T7932] kstrtoul() returned -22 for lu_gp_id [ 221.516345][ T7863] kstrtoul() returned -22 for lu_gp_id [ 221.857314][ T7933] kstrtoul() returned -22 for lu_gp_id [ 222.664738][ T7944] kstrtoul() returned -22 for lu_gp_id [ 222.963407][ T7965] kstrtoul() returned -22 for lu_gp_id [ 223.598914][ T7973] Process accounting resumed [ 223.603788][ T7973] kstrtoul() returned -22 for lu_gp_id [ 223.835083][ T7975] kstrtoul() returned -22 for lu_gp_id [ 224.143436][ T7976] kstrtoul() returned -22 for lu_gp_id [ 224.327924][ T7955] kstrtoul() returned -22 for lu_gp_id [ 224.499126][ T7983] kstrtoul() returned -22 for lu_gp_id [ 224.501106][ T7992] kstrtoul() returned -22 for lu_gp_id [ 224.634404][ T8000] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 224.725650][ T8002] kstrtoul() returned -22 for lu_gp_id [ 224.758686][ T8000] CIFS mount error: No usable UNC path provided in device string! [ 224.758686][ T8000] [ 224.785445][ T8000] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        [ 392.507837][ T9903] kstrtoul() returned -22 for lu_gp_id [ 392.741593][ T9906] kstrtoul() returned -22 for lu_gp_id [ 392.896197][ T9910] kstrtoul() returned -22 for lu_gp_id [ 393.144926][ T9911] kstrtoul() returned -22 for lu_gp_id [ 393.399924][ T9917] delete_channel: no stack [ 393.404626][ T9916] delete_channel: no stack [ 393.629531][ T9913] kstrtoul() returned -22 for lu_gp_id [ 394.763419][ T9922] kstrtoul() returned -22 for lu_gp_id [ 394.918543][ T9945] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 395.111952][ T9945] kstrtoul() returned -22 for lu_gp_id [ 395.662777][ T9957] nvme_fabrics: missing parameter 'transport=%s' [ 395.664418][ T9957] nvme_fabrics: missing parameter 'nqn=%s' [ 396.138794][ T9949] kstrtoul() returned -22 for lu_gp_id [ 396.425846][ T9969] kstrtoul() returned -22 for lu_gp_id [ 396.720581][ T9976] binder: 9975:9976 ioctl 900000 9 returned -22 [ 397.032724][ T9834] kstrtoul() returned -22 for lu_gp_id [ 397.201939][ T9990] kstrtoul() returned -22 for lu_gp_id [ 397.591586][ T9976] kstrtoul() returned -22 for lu_gp_id [ 398.293732][ T9997] kstrtoul() returned -22 for lu_gp_id [ 398.615791][T10011] kstrtoul() returned -22 for lu_gp_id [ 399.513424][T10023] sctp: [Deprecated]: syz.3.981 (pid 10023) Use of struct sctp_assoc_value in delayed_ack socket option. [ 399.513424][T10023] Use struct sctp_sack_info instead [ 399.852853][T10006] kstrtoul() returned -22 for lu_gp_id [ 400.052515][T10013] kstrtoul() returned -22 for lu_gp_id [ 400.390606][T10033] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 400.596230][T10048] kstrtoul() returned -22 for lu_gp_id [ 400.931891][T10044] kstrtoul() returned -22 for lu_gp_id [ 401.240305][T10068] kstrtoul() returned -22 for lu_gp_id [ 402.273812][T10078] kstrtoul() returned -22 for lu_gp_id [ 402.346107][T10107] do_dccp_setsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app [ 402.437604][T10108] kstrtoul() returned -22 for lu_gp_id [ 402.830624][T10050] kstrtoul() returned -22 for lu_gp_id [ 403.391202][T10110] kstrtoul() returned -22 for lu_gp_id [ 403.666689][T10143] kstrtoul() returned -22 for lu_gp_id [ 403.899250][T10123] kstrtoul() returned -22 for lu_gp_id [ 403.938631][T10145] kstrtoul() returned -22 for lu_gp_id [ 404.873436][T10151] kstrtoul() returned -22 for lu_gp_id [ 407.301109][T10169] kstrtoul() returned -22 for lu_gp_id [ 407.377993][T10163] kstrtoul() returned -22 for lu_gp_id [ 407.513349][T10193] kstrtoul() returned -22 for lu_gp_id [ 407.751729][T10201] kstrtoul() returned -22 for lu_gp_id [ 408.152514][T10206] kstrtoul() returned -22 for lu_gp_id [ 408.258054][T10212] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1031'. [ 408.296813][T10191] kstrtoul() returned -22 for lu_gp_id [ 408.511851][T10211] kstrtoul() returned -22 for lu_gp_id [ 408.671931][T10217] kstrtoul() returned -22 for lu_gp_id [ 408.960827][T10229] zswap: compressor not available [ 409.030329][T10235] kstrtoul() returned -22 for lu_gp_id [ 409.407702][T10241] kstrtoul() returned -22 for lu_gp_id [ 409.473696][T10226] kstrtoul() returned -22 for lu_gp_id [ 410.070163][T10259] Invalid ELF header magic: != ELF [ 411.005458][T10271] usb usb15: usbfs: interface 0 claimed by hub while 'syz.3.1042' sets config #0 [ 411.088877][T10272] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 411.135677][T10272] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 411.616777][T10249] kstrtoul() returned -22 for lu_gp_id [ 412.629097][T10255] kstrtoul() returned -22 for lu_gp_id [ 414.735827][T10280] kstrtoul() returned -22 for lu_gp_id [ 415.335634][T10330] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1053'. [ 415.373142][T10330] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1053'. [ 415.518420][T10333] Invalid ELF header magic: != ELF [ 415.772982][T10303] ptrace attach of "./syz-executor exec"[5827] was attempted by "./syz-executor exec"[10303] [ 415.825298][T10332] kstrtoul() returned -22 for lu_gp_id [ 415.940807][T10342] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1055'. [ 416.112686][T10342] vcan0: entered promiscuous mode [ 416.417449][T10341] kstrtoul() returned -22 for lu_gp_id [ 416.868682][T10357] kstrtoul() returned -22 for lu_gp_id [ 417.144385][T10338] Process accounting paused [ 417.696729][T10378] openvswitch: netlink: Missing valid actions attribute. [ 418.043350][T10360] kstrtoul() returned -22 for lu_gp_id [ 419.234339][T10376] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1060'. [ 419.499325][T10385] syz.2.1062: vmalloc error: size 8003584, failed to allocated page array size 15632, mode:0x400cc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 419.521431][T10385] CPU: 1 UID: 0 PID: 10385 Comm: syz.2.1062 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 419.534387][T10385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 419.547250][T10385] Call Trace: [ 419.551509][T10385] [ 419.555069][T10385] dump_stack_lvl+0x16c/0x1f0 [ 419.560705][T10385] warn_alloc+0x24d/0x3a0 [ 419.566015][T10385] ? __pfx_warn_alloc+0x10/0x10 [ 419.571848][T10385] ? __get_vm_area_node+0x1b0/0x2f0 [ 419.578708][T10385] ? __get_vm_area_node+0x1dc/0x2f0 [ 419.585477][T10385] __vmalloc_node_range_noprof+0x1105/0x1530 [ 419.593082][T10385] ? __do_sys_listmount+0x1be/0xe90 [ 419.599531][T10385] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 419.607232][T10385] ? rcu_is_watching+0x12/0xc0 [ 419.612954][T10385] ? trace_kmalloc+0x2d/0xd0 [ 419.618457][T10385] ? __kmalloc_node_noprof.cold+0x5a/0x5f [ 419.625329][T10385] ? __do_sys_listmount+0x1be/0xe90 [ 419.631584][T10385] __kvmalloc_node_noprof+0x14f/0x1a0 [ 419.638027][T10385] ? __do_sys_listmount+0x1be/0xe90 [ 419.644260][T10385] __do_sys_listmount+0x1be/0xe90 [ 419.650290][T10385] ? __x64_sys_futex+0x1e1/0x4c0 [ 419.656250][T10385] ? __x64_sys_futex+0x1ea/0x4c0 [ 419.662184][T10385] ? __pfx___do_sys_listmount+0x10/0x10 [ 419.668837][T10385] ? xfd_validate_state+0x5d/0x180 [ 419.675003][T10385] do_syscall_64+0xcd/0x250 [ 419.680409][T10385] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.687483][T10385] RIP: 0033:0x7f49d9d85d29 [ 419.692778][T10385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 419.716412][T10385] RSP: 002b:00007f49dac6d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 419.726522][T10385] RAX: ffffffffffffffda RBX: 00007f49d9f75fa0 RCX: 00007f49d9d85d29 [ 419.736100][T10385] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000000020000100 [ 419.745792][T10385] RBP: 00007f49d9e01b08 R08: 0000000000000000 R09: 0000000000000000 [ 419.755367][T10385] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 419.764927][T10385] R13: 0000000000000000 R14: 00007f49d9f75fa0 R15: 00007ffd04c292d8 [ 419.774498][T10385] [ 419.892518][T10385] Mem-Info: [ 419.902530][T10385] active_anon:91052 inactive_anon:3094 isolated_anon:0 [ 419.902530][T10385] active_file:9825 inactive_file:46674 isolated_file:0 [ 419.902530][T10385] unevictable:768 dirty:302 writeback:0 [ 419.902530][T10385] slab_reclaimable:11148 slab_unreclaimable:99489 [ 419.902530][T10385] mapped:41868 shmem:79200 pagetables:1002 [ 419.902530][T10385] sec_pagetables:0 bounce:0 [ 419.902530][T10385] kernel_misc_reclaimable:0 [ 419.902530][T10385] free:1240713 free_pcp:5442 free_cma:0 [ 419.957497][ C0] vkms_vblank_simulate: vblank timer overrun [ 420.085492][T10387] kstrtoul() returned -22 for lu_gp_id [ 420.118028][T10385] Node 0 active_anon:349808kB inactive_anon:12376kB active_file:39300kB inactive_file:186692kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:168172kB dirty:1208kB writeback:0kB shmem:303264kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12004kB pagetables:3508kB sec_pagetables:0kB all_unreclaimable? no [ 420.311877][T10385] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 420.521248][T10385] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 420.692113][T10385] lowmem_reserve[]: 0 2465 2466 0 0 [ 420.729547][T10385] Node 0 DMA32 free:1076348kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:344996kB inactive_anon:12324kB active_file:20472kB inactive_file:185416kB unevictable:22792kB writepending:1388kB present:3129332kB managed:2551336kB mlocked:21356kB bounce:0kB free_pcp:3816kB local_pcp:3720kB free_cma:0kB [ 420.982311][T10385] lowmem_reserve[]: 0 0 0 0 0 [ 420.988036][T10385] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:828kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:12kB local_pcp:4kB free_cma:0kB [ 421.020357][ C1] vkms_vblank_simulate: vblank timer overrun [ 421.252468][T10385] lowmem_reserve[]: 0 0 0 0 0 [ 421.258199][T10385] Node 1 Normal free:3906272kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:4kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:3220kB local_pcp:2168kB free_cma:0kB [ 421.567745][T10385] lowmem_reserve[]: 0 0 0 0 0 [ 421.643184][T10385] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 421.658753][T10385] Node 0 DMA32: 906*4kB (UME) 493*8kB (UME) 701*16kB (UME) 846*32kB (UME) 2213*64kB (UME) 1599*128kB (UME) 647*256kB (UME) 253*512kB (UM) 97*1024kB (UM) 41*2048kB (UME) 50*4096kB (UM) = 1075424kB [ 421.698462][T10385] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 421.836203][T10385] Node 1 Normal: 10*4kB (UME) 27*8kB (UME) 40*16kB (UME) 193*32kB (UME) 79*64kB (UME) 31*128kB (UME) 20*256kB (UE) 8*512kB (UM) 2*1024kB (UE) 2*2048kB (UE) 946*4096kB (M) = 3906272kB [ 421.922806][T10385] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 422.043019][T10385] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 422.186427][T10385] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 422.292296][T10385] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 422.357658][T10385] 129798 total pagecache pages [ 422.402327][T10385] 67 pages in swap cache [ 422.452325][T10385] Free swap = 69176kB [ 422.457365][T10385] Total swap = 124996kB [ 422.582055][T10385] 2097051 pages RAM [ 422.663242][T10385] 0 pages HighMem/MovableOnly [ 422.668901][T10385] 427367 pages reserved [ 422.777532][T10385] 0 pages cma reserved [ 422.813467][T10415] Process accounting paused [ 424.251173][T10453] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1075'. [ 426.512500][T10192] syz.2.1026 (10192) used greatest stack depth: 17584 bytes left [ 426.604376][ T29] audit: type=1806 audit(8277292087.630:51): xattr=3E9283290AC5 res=-22 [ 429.478645][ T29] audit: type=1806 audit(8277292090.460:52): xattr=3E9283290AC5 res=-22 [ 430.326730][T10538] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1097'. [ 434.038605][T10574] openvswitch: netlink: Missing valid actions attribute. [ 434.985209][T10574] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1106'. [ 435.003435][T10583] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1110'. [ 435.200785][T10583] hsr_slave_1 (unregistering): left promiscuous mode [ 438.518387][ T9689] Bluetooth: hci2: Received unexpected HCI Event 0x00 [ 440.525513][ T1294] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.533693][ T1294] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.144018][ T9689] Bluetooth: hci1: Received unexpected HCI Event 0x00 [ 442.998346][T10727] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1144'. [ 443.188978][T10731] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1145'. [ 443.239999][T10731] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 443.268519][T10731] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 443.273930][T10734] Invalid ELF header magic: != ELF [ 444.030222][T10736] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1146'. [ 444.270305][T10736] geneve1: entered allmulticast mode [ 451.563015][T10798] netlink: 'syz.4.1160': attribute type 1 has an invalid length. [ 451.574553][T10800] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 451.608054][T10798] netlink: 322 bytes leftover after parsing attributes in process `syz.4.1160'. [ 451.900289][T10786] Process accounting resumed [ 451.906426][T10786] kstrtoul() returned -22 for lu_gp_id [ 451.929522][T10685] kstrtoul() returned -22 for lu_gp_id [ 452.160403][T10806] HfR: entered promiscuous mode [ 452.393102][T10813] kstrtoul() returned -22 for lu_gp_id [ 452.675773][T10830] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1165'. [ 453.073888][T10817] kstrtoul() returned -22 for lu_gp_id [ 453.159270][T10820] kstrtoul() returned -22 for lu_gp_id [ 453.337659][T10830] Process accounting resumed [ 453.387506][T10830] kstrtoul() returned -22 for lu_gp_id [ 453.479332][ T973] [ 453.482156][ T973] ====================================================== [ 453.490580][ T973] WARNING: possible circular locking dependency detected [ 453.498989][ T973] 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 Not tainted [ 453.507588][ T973] ------------------------------------------------------ [ 453.516100][ T973] kworker/1:2/973 is trying to acquire lock: [ 453.523267][ T973] ffffffff8fabfdc8 (rtnl_mutex){+.+.}-{4:4}, at: smc_vlan_by_tcpsk+0x251/0x620 [ 453.534016][ T973] [ 453.534016][ T973] but task is already holding lock: [ 453.542940][ T973] ffff888066a4a4d8 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_connect_work+0x53c/0xae0 [ 453.554132][ T973] [ 453.554132][ T973] which lock already depends on the new lock. [ 453.554132][ T973] [ 453.566590][ T973] [ 453.566590][ T973] the existing dependency chain (in reverse order) is: [ 453.577391][ T973] [ 453.577391][ T973] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}: [ 453.586551][ T973] lock_sock_nested+0x3a/0xf0 [ 453.592787][ T973] sockopt_lock_sock+0x54/0x70 [ 453.599540][ T973] do_ip_setsockopt+0x101/0x38c0 [ 453.606111][ T973] ip_setsockopt+0x59/0xf0 [ 453.612022][ T973] raw_setsockopt+0xb8/0x290 [ 453.618145][ T973] do_sock_setsockopt+0x222/0x480 [ 453.624780][ T973] __sys_setsockopt+0x1a0/0x230 [ 453.631225][ T973] __x64_sys_setsockopt+0xbd/0x160 [ 453.637980][ T973] do_syscall_64+0xcd/0x250 [ 453.644002][ T973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.651697][ T973] [ 453.651697][ T973] -> #0 (rtnl_mutex){+.+.}-{4:4}: [ 453.660594][ T973] __lock_acquire+0x249e/0x3c40 [ 453.667058][ T973] lock_acquire.part.0+0x11b/0x380 [ 453.673802][ T973] __mutex_lock+0x19b/0xa60 [ 453.679816][ T973] smc_vlan_by_tcpsk+0x251/0x620 [ 453.686351][ T973] __smc_connect+0x466/0x4890 [ 453.692571][ T973] smc_connect_work+0x54f/0xae0 [ 453.699002][ T973] process_one_work+0x958/0x1b30 [ 453.705534][ T973] worker_thread+0x6c8/0xf00 [ 453.711668][ T973] kthread+0x2c1/0x3a0 [ 453.717181][ T973] ret_from_fork+0x45/0x80 [ 453.723208][ T973] ret_from_fork_asm+0x1a/0x30 [ 453.729545][ T973] [ 453.729545][ T973] other info that might help us debug this: [ 453.729545][ T973] [ 453.741823][ T973] Possible unsafe locking scenario: [ 453.741823][ T973] [ 453.750757][ T973] CPU0 CPU1 [ 453.757193][ T973] ---- ---- [ 453.764041][ T973] lock(sk_lock-AF_INET); [ 453.769326][ T973] lock(rtnl_mutex); [ 453.777125][ T973] lock(sk_lock-AF_INET); [ 453.785456][ T973] lock(rtnl_mutex); [ 453.790237][ T973] [ 453.790237][ T973] *** DEADLOCK *** [ 453.790237][ T973] [ 453.799985][ T973] 3 locks held by kworker/1:2/973: [ 453.806106][ T973] #0: ffff88814d227d48 ((wq_completion)smc_hs_wq){+.+.}-{0:0}, at: process_one_work+0x12cd/0x1b30 [ 453.819254][ T973] #1: ffffc90003b77d80 ((work_completion)(&smc->connect_work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 453.833545][ T973] #2: ffff888066a4a4d8 (sk_lock-AF_INET){+.+.}-{0:0}, at: smc_connect_work+0x53c/0xae0 [ 453.845337][ T973] [ 453.845337][ T973] stack backtrace: [ 453.852406][ T973] CPU: 1 UID: 0 PID: 973 Comm: kworker/1:2 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 [ 453.865411][ T973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 453.877499][ T973] Workqueue: smc_hs_wq smc_connect_work [ 453.884172][ T973] Call Trace: [ 453.888109][ T973] [ 453.891750][ T973] dump_stack_lvl+0x116/0x1f0 [ 453.897511][ T973] print_circular_bug+0x41c/0x610 [ 453.903768][ T973] check_noncircular+0x31a/0x400 [ 453.909807][ T973] ? __pfx_check_noncircular+0x10/0x10 [ 453.916776][ T973] ? __schedule+0xe60/0x5ad0 [ 453.922277][ T973] ? lockdep_lock+0xc6/0x200 [ 453.927878][ T973] ? __pfx_lockdep_lock+0x10/0x10 [ 453.933939][ T973] __lock_acquire+0x249e/0x3c40 [ 453.939824][ T973] ? __pfx___lock_acquire+0x10/0x10 [ 453.946059][ T973] ? preempt_schedule_common+0x44/0xc0 [ 453.952613][ T973] lock_acquire.part.0+0x11b/0x380 [ 453.958736][ T973] ? smc_vlan_by_tcpsk+0x251/0x620 [ 453.964864][ T973] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 453.971856][ T973] ? rcu_is_watching+0x12/0xc0 [ 453.977682][ T973] ? trace_lock_acquire+0x14e/0x1f0 [ 453.984245][ T973] ? smc_vlan_by_tcpsk+0x251/0x620 [ 453.990371][ T973] ? lock_acquire+0x2f/0xb0 [ 453.995774][ T973] ? smc_vlan_by_tcpsk+0x251/0x620 [ 454.001901][ T973] __mutex_lock+0x19b/0xa60 [ 454.007300][ T973] ? smc_vlan_by_tcpsk+0x251/0x620 [ 454.013541][ T973] ? smc_vlan_by_tcpsk+0x251/0x620 [ 454.019673][ T973] ? __pfx___mutex_lock+0x10/0x10 [ 454.025697][ T973] ? smc_vlan_by_tcpsk+0x32e/0x620 [ 454.031842][ T973] ? smc_vlan_by_tcpsk+0x251/0x620 [ 454.038093][ T973] smc_vlan_by_tcpsk+0x251/0x620 [ 454.044101][ T973] ? __pfx_smc_vlan_by_tcpsk+0x10/0x10 [ 454.050660][ T973] __smc_connect+0x466/0x4890 [ 454.056283][ T973] ? __pfx___smc_connect+0x10/0x10 [ 454.062427][ T973] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 454.068992][ T973] ? mark_held_locks+0x9f/0xe0 [ 454.074732][ T973] ? __local_bh_enable_ip+0xa4/0x120 [ 454.081074][ T973] smc_connect_work+0x54f/0xae0 [ 454.086884][ T973] ? __pfx_smc_connect_work+0x10/0x10 [ 454.093421][ T973] ? lock_acquire+0x2f/0xb0 [ 454.098813][ T973] ? process_one_work+0x8bb/0x1b30 [ 454.105154][ T973] process_one_work+0x958/0x1b30 [ 454.111501][ T973] ? __pfx_nsim_dev_hwstats_traffic_work+0x10/0x10 [ 454.119324][ T973] ? __pfx_process_one_work+0x10/0x10 [ 454.126076][ T973] ? rcu_is_watching+0x12/0xc0 [ 454.131925][ T973] ? assign_work+0x1a0/0x250 [ 454.137545][ T973] worker_thread+0x6c8/0xf00 [ 454.143279][ T973] ? __kthread_parkme+0x148/0x220 [ 454.149305][ T973] ? __pfx_worker_thread+0x10/0x10 [ 454.155447][ T973] kthread+0x2c1/0x3a0 [ 454.160439][ T973] ? _raw_spin_unlock_irq+0x23/0x50 [ 454.166667][ T973] ? __pfx_kthread+0x10/0x10 [ 454.172273][ T973] ret_from_fork+0x45/0x80 [ 454.177668][ T973] ? __pfx_kthread+0x10/0x10 [ 454.183182][ T973] ret_from_fork_asm+0x1a/0x30 [ 454.189425][ T973] [ 454.571796][T10848] kstrtoul() returned -22 for lu_gp_id