last executing test programs: 3m2.795266233s ago: executing program 2 (id=2390): mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = fanotify_init$auto(0x280, 0x1) r1 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r1, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) read$auto_snd_pcm_f_ops_pcm1(r0, &(0x7f00000000c0)=""/109, 0x6d) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r2, 0xc0045401, 0x3) 3m2.262518401s ago: executing program 2 (id=2391): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf250a00000a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) getrandom$auto(0xfffffffffffffffd, 0x200, 0x8e) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000000040)={0x1c, r2, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x810) getsockopt$auto_SO_TIMESTAMP_OLD(r1, 0x2, 0x1d, &(0x7f0000000000)='\x00', &(0x7f0000000140)=0x5) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x2, 0x801, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) getsockopt$auto(r5, 0x0, 0x1, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)={0x14, r4, 0xf25, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x4044054) 2m46.661533747s ago: executing program 32 (id=2391): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf250a00000a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) getrandom$auto(0xfffffffffffffffd, 0x200, 0x8e) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002580), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002600)={&(0x7f0000000040)={0x1c, r2, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x810) getsockopt$auto_SO_TIMESTAMP_OLD(r1, 0x2, 0x1d, &(0x7f0000000000)='\x00', &(0x7f0000000140)=0x5) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x2, 0x801, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) getsockopt$auto(r5, 0x0, 0x1, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)={0x14, r4, 0xf25, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x4044054) 2m28.401189957s ago: executing program 1 (id=2488): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) madvise$auto(0x700, 0x200, 0x15) write$auto(0x3, 0x0, 0xfffffdef) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) r2 = syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) r3 = waitid$auto_P_PIDFD(0x3, r1, &(0x7f00000003c0)={@siginfo_0_0={0xf6, 0x0, 0x6, @_sigchld={r2, 0x0, 0x4, 0x2, 0xfffffffffffffeff}}}, 0x3, &(0x7f0000000440)={{0x2, 0x8000000000000000}, {0x8617}, 0x3f25, 0x7, 0x0, 0x2, 0x8, 0x8, 0x1, 0x2, 0x2, 0x8000000000000001, 0x8, 0xfffffffeffffffff, 0x40000000000, 0x5}) ptrace$auto_PTRACE_KILL(0x8, r3, 0x0, 0xc) setitimer$auto_ITIMER_REAL(0x0, &(0x7f0000000100)={{0x4, 0x1}, {0x7, 0x4}}, &(0x7f0000000140)={{0x9, 0x400}, {0x7, 0x6}}) mmap$auto(0x0, 0x4020009, 0x2000000000006, 0xeb1, 0x401, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r7 = syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000280), r4) sendmsg$auto_NLBL_MGMT_C_REMOVEDEF(r5, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x64, r7, 0x300, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_MGMT_A_VERSION={0x8, 0x3, 0x1c8}, @NLBL_MGMT_A_VERSION={0x8, 0x3, 0x100}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xb}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x3}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_VERSION={0x8, 0x3, 0x11}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0xc}, @NLBL_MGMT_A_VERSION={0x8, 0x3, 0x800}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x885}, 0x40) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r6, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) ioctl$auto_VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x6, r0}) 2m27.24866241s ago: executing program 1 (id=2491): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) process_vm_readv$auto(0x0, 0x0, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004c18}, 0x810) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='H'], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) fcntl$auto_F_OFD_SETLKW(r0, 0x26, 0x0) ioctl$auto(r1, 0x6f2d, r1) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0) ioctl$auto_BLKBSZSET(r2, 0x40081271, &(0x7f0000000040)=0x5) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0xffe, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0x3, 0x15) write$auto(0x3, 0x0, 0x100082) 2m26.524965496s ago: executing program 1 (id=2495): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) io_uring_setup$auto(0x85, 0x0) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) r1 = socket(0x1d, 0x2, 0x7) getsockopt$auto(r1, 0x6b, 0x3, 0xfffffffffffffffe, 0x0) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r3 = openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/gid_map\x00', 0x109000, 0x0) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x13a4, r2, 0x1, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_FEC_MODES={0x1388, 0x2, 0x0, 0x1, [@generic="798baf79c459781d775d5aaac005c026135d7a6e112ff44115615f1ba7185cf84d1fcac7b664e0f9de844c09ac0e26cb58c691edd083efed82b996830d2d034ec218345bd531228436057e9504afd22297bce2f27d5e45d02d5821ac85f9958f290a55d56936bb54212009d17ba3d384348910025573652cc91631034660124770c12594aadfba860165886f1323a50bbc952b9960e737c8301915c48163a76e24b1458eecc3cf5dcfa5ccd6694958d6ffd39a270bbbc91baf2973af9dd51504c10a59aaaa6db50a69fa5a17e0f51dc23ac5c954c72d858815d419c49812c58a6789410e27b10cbe7de0ab5ee47a77dbbd2e39367cf93228aee66caec4424583c4d160aedc84db25b9c649136bf0abacfb369a64e1c8d88e5746c7253ce116a1044d4273f1e77dc6d718761e3e50ba181ac1b182b3893fca39795e559260ef5fa56d37a389b49a2ada4f66eeca2548c195af07730dd3896cbacb8884c322a561ad129dd164732c4adcb8dbfcce1754a63f5676b976b8f9f532a9a1960cf89af3cb8976c8b098f1f90ba6013e946cefa7b18fc65f97afd61c5780c275423d318bee9122b3932482a291dc8920042e2287e2ad19e542c2072ed3075b2c6a7c0d4e23564346b7544a56b5d6c746aab077ddb402fa1d002b5ceec31dd226084293bdbaf4ad0b73231ad4b4f67a9b9c945a8c6cd6ff259d44eeaf0deca0702f11bb0a3d63f83f59b8c68adc539006c43a7843139bd51b0d3fedcbc6d53425bf1db1c381ff6c08c7bad1e2ae7d43d92c25640273e4db3d98d05901bd971c547cf4966b1acefa22bb9fca086d396c83d97262415744298db5a63a4160eb6742fa8239c14d4429cccc85f100c91476498a8349b8bf2880af0158b542ab3cd383152a10a1c6091d2d1e57b2d87a7fb24da533c3f2ba5c76474b9f8674b3a22a0f6c97bab1bfe5eb9c90ba340d22d515c7251460c948d184a012d9f5affbb3880e199abe4c923782821bfe16284eddd9d6cf3d0041d8335898b91c81146ce7da0da6bdf7e79fda96a4fcbbb25e534c8ce649ad4d5052e68d0ef2aaeb4beecabbfcfe43037f3db164ece86da2be54dac20ab987e8bbddd88b03fa23d375b450032edbd93f394e6d467f88c24956c521ec151adddfeb894b5334364c42e6b7c742dbebf2afcb8cb5f202eea58ed7e168f501cff4d053995405761bedc779efdae831c61ff52713b7f2061191cbf307aafed332a52e34f8e7a80a95a4134847913ab22aa1244d05019b72977e1f8d5b215a12d3cf432a63788cd1b65d21ec51d8d444ad9493695ff100fffbe6ca60c31990f434b4595061c758f86f1a27eed8ab5ad9eaca750ddce6a3e8143f23d267d7af57256d41fda209f1f93b15f349d1f073e6cf6931cccb4efb0930ab168cba6e266f799664a97766392e54d3d80ade16c1cf237b383be275992133754c7d2777eac02b21cbe52c5796a7aeef9b75c5af062c86c6d50b11211e43574579894c7b96adde53b7f33c488a46abe5b10d739847f557ae9a9ae03656c7575121f7dd3263de70467e1ca18bda9047dd549cc382d925138afe0db791935e2fe177a4cd7fe0ac6c3e6208c2e8d2ff45fe5c91c83ccfbef1e468b03465f070c46687c2c68a6a67d88fa39731e03e3442f180dc257776d607693a5df95d9a477081668f26be5cadb610d6eaad897fb6a635282b4b2b5c8b766d76a7958a94257d601af1024ff4e55c338235365d96a440ca81ce0e3b5ac481360f0707c0361050eded6dc8843e191a935bec29429647a9b61fc92fe47d92063448248e6202cae988e1fbdff4dde6e38345810d6616acfa28244830b085035ae96d5e1daed9b2a5c518e9529f86d56a8708ae3f6ab9d860d859e67126893d6ad63a56cdd3ed86025e44045a007e91a2a4feed806e444871429c0fc1982e612273c5bcce0678c3fde99ba976858c92acfb45dce642958e8103562cf4d0adbb85ab78b07509685bc28f5522b2b551ea9bd0d0f2fb889927bc074d3e8908655659875a304c24e22ddad1c862451a7846cad7bdd4b1fed4b53438fa55690eef22ccac37e9a29f90904771292fd54afe8e30a5a26f8f3d9429c991a962823d011f8680808736d2d02d236057dcf0684d2e94c560727f9391ed6e72da3f469dc9ebadadfcbbdd2942912e7317e2e3c0d9b2476084a9ebe65a71e41077baa63acdc7b159912267b04e2beb1dfa8c1fe008ab719be60f670fa715c7980feadac685553f9c53d4fd3a73ea8376651354989502d3ce7fb2bc0702415ada68221b1bcfa20ddbe0e1631a9077bebebfc487ac585982ed59f11365ad27b3985e61587db21359820757fd0485edd3fb8ca3a78b7d8b0f3c9eb4f9004f1441749dc8bafaaaa998356bb028514ff078defe2a70ece6d59dd8a4fcbc27b4290a2e6d8ce41e3f8bd0c9e57466455c0396acdcc7d44aba5b602fb5fad2759fd68fa303f16ba508ef739955d6d47fad598f51536feceda4d9ae2a18b2687506121ea33c7c54673f5598cf235ad019da016ed40100fda24b80fc8497aa455ddfe8c7569f630d3f4b5020bd0719347f0cd8d2ff0179099b1f29fa338ec87ffe558ff56dec09c879a58ae180a2eecf9d1ff803b506d76e18df9fe99b887c1693821ca1a24094f8d22a9c371cf20d14bed1ebca3bd64817f802b326525cee4779c68ba0e306f0750cb0b343f04b76a0ed1752eccb81b100df531d9a623046c1b6dde5c62ce1fec931c9e86249936c88e68752728578f7c9398b4d4d9722eb1f6d9ac03215eec0c29f4e08496294720234eab113a5d7e41171b1ec8716a5cbb6fbd3de07edd8d19781053f06d8e02b033ad16265e4c6b6a7bd8fa3c0438b515e6da66a60dc90dd785244fe61095a65d74ba2e0e3e7068297ccad0a2c55a3d558a4ce0e3a69296b0eedc5172d336d3a4ad6ed265af08675ad0cce7bf6c22c9657c9a9d5697b6184b70abba6aa7bbbc59a4f2b79ef4d49dd7216a8394f42f32281618a8e6addf44c7538038d4ce55766a55925b190b8852355d18472fdbcc5def46f30b5fb41f57c83e4bfb30cb774c49f96a4b1a89b6f25d07eb8214e2affb3854802deebfcb55c78863592b9ee362e8035a0615c2b4036965f339cb7e2fc4f748a28e12ddaa8931399db98282e788505afe5587ff2da756c1bf9d1f6a254a7d7af5b9d4a71073061c4840a6e8e6da2d03ce9a7da9390805d150d147ca58dd92b534e12d602ad81b0526628d92bf4b4a2ae5d1f495f0701ca5e27e1d60605168d8b75ad0f5173eaa1d7587ed411c90a1ab5a865bb1630fdb5c8482547e22e3fafeaac7dca5de2f11ab5fc41154c98011605233927bdeb4d715be46ad0c32e233ba0624a1c2cca9e45b16b4009729cc33b5b63f9626bddf2efc0b80011e4909cc38541ed082f1b9262a022a43005d5fa5e004702b5fdbbfe18a30ebae79b80f4c2f4269a1e95a4389f750899a2f118cf50a5400593f1d3247457261e2d416a4dc1035241049cc03908c1fc6bb8aaef110e4575f31c0323bf8c164c01eb841dc0ffcb3a853b85e24f811cce3cc14218f595ef024869cb230710b4e11f6d9fd42f59ad22afd4bb925ab126fd705e0f1215c0b2a5c0984ffa76ba3c9fb4bffc1713213c6f9034371fc9a0196771446b78084a773d8852e735855c52c3df9579dd8005ee94af5393e8c87fbb084ffe280e327a814d1161901489afa959bc84a09df76ebd708416b79a63a0b55946732b28056edd81463122af626af2bc9895ad47f5680a6a9d628bd7ecdfb4d8e5337f1fda72b1ab9cdd8ea4c89f311c18665d9c2dc408d6b17e16817209d349b935a2611a44ee6d16e76873164e47af57dc95139930db33aae3883d495c78e5730484a710a7e7b5e2fa89c0150b8d33f9277e88e4803ffb71341280a6a44cc959b96049bc57a47de320ababb2ce393e1c66c1f59e3d97ceed441f289b8e45479a0da4ce5565fa0e7edb14f228b9e5c3b4525b5f86a0e994d39b40e30e0f96d5c7e238821cc30694ee820eac8ce499ea5e13981350b8a61587f95a17974ae15d326d031cadbdee956e43e31445dd8dd084f58b023a85c89324140f11c5dc15d132e878543fa5cbdcb9e31db865c1c8972f4c7941b691e38b9198a50d5039c37190aa5fb762aa107025b493898cb528da1fc862bfcfc51e2e75f9c080bf7e9b723164ff5eb233e741fe6e6964f3cdee3e1a7c63c59cbaa7388a43b206b8c8b988b8ca78594ff593d49616c17a2d091478f75894216a96e9d4bd12151c22b62d3263fefd79e7e5c842b06fef119849b206b1f539550cb07e3e9c79c5e34b28d6d3e00e7e9046447d9d62df18439cf3b46475dc78f19058b73c121b9c4efae9b6517c5e416c6dcc15dcb1d6bfff70245c98c04cfff881e7fd8cd074645e2da9b2d6aca12b8da840bbee7f531d62284c2b00cad24132765adf9e692ad53dc66bdbfd2e9407a1c2ec2b892b730f85cc017bc9912eff8c767c155c10f003e6587e2939db9bc5828c2dce6bdd78cd2b6aa2fda2060a87dfbc503ebfc3b99c5b0948bd77d848d6943950123090060e4a2f69d757f6d201f7cc6fa36b57b509cc04a92734b245a569337a3ced6aadf21471ab85511d65126dc15a5f303622edad59e1e1faac76776f941b4185b24bb7debb53d24599c09a2a3defbc7ac0c7f0621b6c936c3b53565499fa1e942604ecdc3192d72eaf762217c021782880ea1d619f14d92768fa838999770d9a379cdbb159881cb078fbe726edadc78710c35765a4bceeb5522195bb502565e1ad7b1f172c67e7cf3c6d97cacb3f0ea8329e7bb9f06d93c60e6ea0969870695d797e1cfdf7ac2f904f89f38d41ac81fe256c571d9563d642abc9b01c4f7c1003de1f9c90cbf268884c73ae153a32435665389065754b002f100927349cabe5ad02a6cee2399618426c644a101a01e436449f18d326443b0a406f26409c984b5c4f756d6e8ecc4057802b865bfa1605cd8510bb424e351c16fb7d1c7418d1ca85e4c9ab7a6281bb01c20e364634b34ab77f72cc775d56c603a9981f4d5d2430bae92a2be43009aaade89f18f20e4033a8d8d80ba4a4ea1b90f828d0720d53f50e3e41644a6bb48cd07ffc1bee1f824bcbad4cb8fe6886ba80af7574ce0cb5ef78f600d5efaf56c29faa8c76a16cce64015a725e6a40023ac8debbfddd0f49dd70884be218aca4d208a3876030ef4fad7c7915cc17e6aefdabef91f66159578832d5e46cc741f1fb978eabc232044d09e177437dca397ec8152978015656f521c3a9829ab8b1a14cca01523c9d8f7c494ed7d7e4944e149347d774050dfd468b10aa5325e5d4a10dcc3940fc9dbdb2f45c4d525cc6ecb8051bf245ae1389c881e346533b25e54bd72320825dd9c556918e3f8024b5c220f9944a99a36f9746e3dabe8dbdfbe034aebcd5aa8febbd0190886ff2f7308d573d5cf28e084b6d4b2e9e56caed7d502a3c38f60a9592cc6c842b302cefbe2b4dae3847f66bb00a6107fd16652b74523acb53414aa0b1bdc830b03fe762f05c43c3fef200e00f9c8a638b06474e90fd1830ea3f00d3befe87715e5ba5ac812c86cc3a022610f9a7fdeae41854c7259f035e75a6d6b7e30e21de99f62c4a10832fa74eb824671258692fb65c975ba932214e0582c042cd96649e5362253b8a2645685a39a1e9d40ef8dac2ccf4d4dc407da4e2d1ca0146b97f44b07c0171ba48abe3b996ea5c4b1aceb5d27beae227b95540528fa05be846cd1fe71bd6b9b170e57ae82d47b7f985", @nested={0x1c, 0xca, 0x0, 0x1, [@typed={0x14, 0x62, 0x0, 0x0, @ipv6=@remote}, @nested={0x4, 0x14a}]}, @nested={0x96, 0x60, 0x0, 0x1, [@generic="19b4ae110d3bb26c4037b6137fae6497f268f5dca6513fe74e71477d3da06354198770e3dc88ca183e75ec6097fed6ee8219da6acb92f907f0ab9d0af3ef50cf333b6411ebf37b18a929121072e012f495afa0c0ef1736b9564b371e14307cf2c89831d1522fab5a840deb1aa4c399fe99d5", @typed={0x8, 0x106, 0x0, 0x0, @fd=r0}, @nested={0x4, 0x8f}, @typed={0x14, 0x143, 0x0, 0x0, @ipv6=@mcast2}]}, @typed={0x8, 0x105, 0x0, 0x0, @u32=0x5}, @nested={0x2c6, 0x4, 0x0, 0x1, [@generic="581c609923af2d16f9b41ca6826a6aca90f6b1de6790c969b58f6a53bcb07b3a6ae54676cff9dc6b19a2b172de2139dafda1a803fc8c267c9fbb35854ee9792f289aa8de7865ab3259a44d3e02e8a103378c72cbe4555f07ea37f2868a9061ba13ec4404f5", @generic="1a916871397b990beaedd4e6472ed7142ddebdbd79d514207b4c54ff6776f20cd19b59ea3664e339a656603a7f6e8a05518e3b1eb7519f34a8a23f4c9620c6db8f7e1b64e5f29e42a3cf1e9184f0dffd5c45a46a77adc6578bcc628cc9aed9bdfcbb793d2a44c152ba3f625f444770d0784bffb4dd57292c943e9dd987d231cb4bc66a6efa335132f29379d60fa08da79fbeacbfe9b3ce6a2baa3b7c7cdba747def94ce25392fc96cc6b74c9c8d90bc471a3e73df487ec2b0d5e8c167dbbf3eea53fb6b0bb17e91d233ff33e5091c6d03ff6e32e17c1f204dc435b2748ac0828ed5903e169077f638b", @nested={0x4, 0x103}, @generic="77415e20d240eacb7136c19ca7d80172bea9710d72ef09895a3e4c78dc43d4a0732db6a85e50636fa9ae75101fd9fc6801110ca8d05d5d4674d06d57972699f4ed5c23a9b8d354331c9c128d41a85eef07b2b35606", @generic="15a282e1be03b357391c7f433273ab0b60c2dae510bca8ec9a26ee89a3500fe38943898fb5802ed5e2cc46a98f32927fab82bc6bc6175d066a399f7451916f3772f1bb63fc23c5466a6f47220f6c9ea7d25eface6a0643f69ee90fef44391652757364d86092b1a56c2b5ca14c31335203c7c60d4f542720486dc95f7400eca35a372c8d6eaefec7f983effc64afb3a36a5fddfb812157ab34b93137e19dd96340f1f1a0064724db6dd880eb0ed726c161da4a3127e00de91f08380ffe39d1b33426c52bef64897dad298eb88341e9e5f474e1fdebbb640e7a71cf5eac5bdc8aec4869aa956dc276972aabb58749c30979cd75bb959a0e3af724e895749d29", @nested={0x4, 0x81}, @typed={0xc, 0xd6, 0x0, 0x0, @u64=0xc}, @nested={0x4, 0x3d}, @typed={0x8, 0x76, 0x0, 0x0, @fd=r3}]}]}, @ETHTOOL_A_FEC_AUTO={0x5, 0x3, 0x1}]}, 0x13a4}, 0x1, 0x0, 0x0, 0x80}, 0xac8fe2812c61ec00) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r5, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_NAME={0x8, 0x1, 'HfR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000000)={0x28, r7, 0x159198c6007aa95d, 0x70bd29, 0x25dfdbfc, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0x8, 0x4, 0x0, 0x1, [@generic='\x00\x00\x00\x00']}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0xc0}, 0x40) r8 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd4/sched/read2_next_rq\x00', 0x0, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r8, &(0x7f0000000040)=""/124, 0x7c) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x405, 0x8000) getrandom$auto(0x0, 0xe06, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3a) ioctl$auto(0x1, 0x8983, 0x8) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) open(&(0x7f0000000080)='./file0\x00', 0xeee00, 0x18) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) 2m25.315241246s ago: executing program 1 (id=2498): openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x1a9382, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0) ioctl$auto(r0, 0x6f2d, r0) socket(0x10, 0x2, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000306b87000fedbdf250300000004000800040003800c0016"], 0x28}}, 0x4c810) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="0700000000000000df250a"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r3 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) close_range$auto(r2, 0x8, 0xfffffffc) socket(0x15, 0x5, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x121340, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0x4040ae79, 0x0) 2m24.61281195s ago: executing program 1 (id=2500): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x4008014}, 0x10) r1 = open(&(0x7f00000001c0)='./cgroup\x00', 0x0, 0x6f) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'veth1_to_hsr\x00', 0x0}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3], 0x2c}, 0x1, 0x0, 0x0, 0x20004994}, 0x4000884) bpf$auto(0x10, &(0x7f00000000c0)=@link_detach={r1}, 0x40) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), r2) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x88, r6, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}]}, @ETHTOOL_A_CHANNELS_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) msgsnd$auto(0x4, 0x0, 0x101004, 0x7) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000000)) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000100)="17") ioctl$auto_TIOCSWINSZ2(r5, 0x5414, &(0x7f00000001c0)="74aea28b40a46fa1623c56985b5f30aa490f06b40b827d174176e88e00c05513df16e65085cbd6d7cb02beb25dd735dd9ef73de84953a226ad01") mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x401, 0x8000) r7 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0xe4202, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_SERVICE(r8, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f00000002c0)={0x14, r9, 0x301, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0xf0, 0x0, 0x2000001c}, 0x20000800) sendmsg$auto_IPVS_CMD_GET_CONFIG(r7, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r9, 0x24, 0x70bd29, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x8}]}, 0x1c}}, 0x84810) r10 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/dynamic_events\x00', 0x201, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r10, &(0x7f0000000140)="65507307ff6587a725ca87720ef9769f20592e77a8977acfd064c712782b89f145862d9956b07a7c40f8a41e4c4cd45ac0bdf9b7d5cf78f6b7b354a69aaecc3922f2e2df504d01273dd7e6e3c25f55a98d1f81", 0x53) 2m23.567673109s ago: executing program 1 (id=2502): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x6) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x22240, 0x55) (async) socket(0x2, 0x3, 0xa) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) (async) connect$auto(0x3, &(0x7f00000000c0), 0x55) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) write$auto(0x3, 0x0, 0x800) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0xde8065d277046c55, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x0) (async) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), r1) (async) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001d80), r1) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000001dc0)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x50000014}, 0x20000080) (async) sendmsg$auto_NL80211_CMD_SET_KEY(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x50, r2, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_TIMEOUT_REASON={0x8, 0xf8, 0x8}, @NL80211_ATTR_EMA_RNR_ELEMS={0x4}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0xa}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x7f}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "645af29f75e69f320a6b5769f3b7de826b7cbbd36dea4fc3d3a2"}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000041}, 0x40a4) (async) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC1\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r3, 0xc008551c, 0x0) 2m8.50798693s ago: executing program 33 (id=2502): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x6) (async) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) open(0x0, 0x22240, 0x55) (async) socket(0x2, 0x3, 0xa) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) (async) connect$auto(0x3, &(0x7f00000000c0), 0x55) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) write$auto(0x3, 0x0, 0x800) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x0, 0xde8065d277046c55, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x0) (async) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000180), r1) (async) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001d80), r1) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r1, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000001dc0)={0x14, r2, 0x1, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x50000014}, 0x20000080) (async) sendmsg$auto_NL80211_CMD_SET_KEY(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)={0x50, r2, 0x2, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_TIMEOUT_REASON={0x8, 0xf8, 0x8}, @NL80211_ATTR_EMA_RNR_ELEMS={0x4}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0xa}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x7f}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "645af29f75e69f320a6b5769f3b7de826b7cbbd36dea4fc3d3a2"}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000041}, 0x40a4) (async) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC1\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r3, 0xc008551c, 0x0) 1m46.229423398s ago: executing program 3 (id=2666): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(0x3, 0x4bfb, 0x3) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x40, 0x0) ioctl$auto_SNDCTL_SEQ_GETOUTCOUNT(0xffffffffffffffff, 0x80045104, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x10100, 0x0) 1m45.920285428s ago: executing program 3 (id=2668): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x34, r1, 0x1, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_FEC_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_FEC_AUTO={0x5, 0x3, 0x1}]}, 0x34}, 0x1, 0x700000000000000, 0x0, 0x80}, 0xac8fe2812c61ec00) 1m45.747564766s ago: executing program 5 (id=2671): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) r0 = socket(0xa, 0x5, 0x84) sendto$auto(r0, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000004000"}, 0x1c) 1m45.707340596s ago: executing program 3 (id=2672): write$auto(0xffffffffffffffff, 0x0, 0x800005c8) ioctl$auto_SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0xfffffffffffffffc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x210802, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x2cb42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x3, 0xfffb, 0x40eb1, 0xffffffffffffffff, 0x3000000ffffe) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/lock_policy\x00', 0x82, 0x0) sendfile$auto(r1, r1, 0x0, 0x5) r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) ioctl$auto(r0, 0xc0404d1a, 0x8) mmap$auto(0x4, 0x4020009, 0xdf, 0xeb0, 0x401, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x408440, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000180), 0x12b002, 0x0) write$auto(r2, 0x0, 0x4000000000016) ioctl$auto_SNDCTL_DSP_RESET(r0, 0x5000, 0x0) r5 = openat$dir(0xffffffffffffff9c, 0x0, 0x2545c3, 0x4) mmap$auto(0x0, 0xfff, 0x7, 0x9b72, 0x5, 0x91) r6 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000002c0), 0xffffffffffffffff) r7 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYRES32=r5, @ANYRES16=r4, @ANYBLOB="1b1af54f8ddc5ee701002cbd7000fbdbdf250afa008008000b000000000008000100", @ANYRESOCT=r6, @ANYBLOB="9b7ceb135caf784f602eb2fb50077fa28cbe37f3fa4476e21bb62c3a03441eb5702e2946ef2e66fd6d488b6cbc16d73c622738cf9c1e67a7ca0693d65e2234373f7df9664c9e33f489ae019ab309a8e74fb37843816b395715342a49fe2f10fa1339f98868591149f8535fecee697c217344dec4c92d98a438f4e99e56082a2371f1500b420157d052c8d8e70351ddf8004a3dafe3111c22", @ANYRESDEC=r1], 0x2c}, 0x1, 0x0, 0x0, 0x20040000}, 0x20008810) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003080)=ANY=[@ANYBLOB="010e2dcfce9afce5093783dc7f8b0209d93ef9b69265148bf3f1ea051c7782069b29a113b9d7da6917cb47197d464bcbcbaa37a95ab81331cbb763472d5c32a4a9e35a39e734c7757b8cbc9a621c21a83a4afca28dd4402a4983a0e3a7db7023a281743230d698f717ecfb5a6d5caf3ffcbc794903d647f12f10f94d03f68c94c3f0105b3eae2575955329451876257e7ae638c02e1baa9e972af71c5dd1ba0216c5ddc01aa2f77ed84fd66ddc4a3670d6f992144ef671b7228e6e88908db9c4b268133526c2f8809525e337f1a75b815ce9fa5e62682bc3c1e491682d9a872398a4ba75c6f242ea079ab29fa7f1814f1c4df75e2f36948084c7fc95720513125576a5ac9b40391b223793f32a30f9a338353877cefeaaf7f843310c44d99c4c022d9de5a4fce236ff38d0afcf490f273e90134069c102fdda081c525c7e9d1b1d93831facab960b3216f4122a3f7854a001346998ccbf018a33841c907127a7b4f594bb60b0cb1f22ac748a087f5747d991cd34693cc094f9e02c249aa0430d44c2729919d22860d0decbcb81bdfc4228c63b76ace19db0ab242876e215ed08400bfbdbc42d776a130fa4d0acef10039d66b8dd67bb77706dce5cac6bc0129753f8f86e32f3deb2ccfe4108ac959fe68003f650fad7832ce187d7d9e584ec133a81eee0dafa26726afeaaf064688a16d942452cb05dda1777a678576d69312a08cb64bdb74ebda603f9fbdad6e7574c738f4c60247949a0c7672df6d8c9712c715c935c83db50605f1a809c2e6b05f87a0b36785052a055b0cf42a3ca779c578ac760279fb2064b00092f8331794a66bf2f7bbaafe07f1926e1bfb9d376617962ced1030394b1c8380d0f04a7937b01e5adab2721753cbf110db290018b85f3717ba4860b43a5d75f41f9a96be56b0eb77c6bcc512c03f3173426f927b362a526830023ab7456183c67be8b9204bd27523cae89af0458c0eeb4f34cac1c12b2841198e9b400b28e5c6828ca091aff0f54cd41fb4579e40dc2c54c45ff392963d6915e35ff204c18800bcdf0500a0267f972421cfc8499be9d621a07c21f6aa1dbb7035fcea7dbb2664e1454a2a3d907249be0b2b42806e03471818c678fab09b486c572221df9dec6aa9f1e9e344bce166cbaf6c4ae9f1144f083ad36b58e9d9d3580fd6a923ca8f0626fe9944bc7b9a481258f5e34328b12fc9fa188458ca0dd64dc17fae9fba150bad5e9e9cd1999ae9b459f02ae8caa0c691a54de44e07d2e83924f2303ab3bf7e1bc81da11b3c48384bb0e480d4180e07b935528090188a23b9b1878e837350a0c4751389f0802a75aec98ef6a75e04cc1834ffcbaac711ce7f80e397b247a6d623efbcb0464ec44524502257494ac6f888cc26a4c2843d2c6665acd6ddab4ec8e91ce03fb7c522912070b169cd0f83da881b0053d134372f54e064a73efadcd4132c6f6d222070794956b1b46174881c3fb7f15b53b2dff1c0912a593dad3df767a2e2207762c0dabd7c04aa549db669d8384a38a478550044c95f0eb20090feee1e716c1cc68e0e261305a45aab44f68badc53c676d085093fdcde1cda36840ed67589df91ff3029c401904489c2097eb1aeb35bf98af542f8c97b520eebc48c0648bfe33d5b8865fbe2a1c4595c0b3a8486f976683d8be4ac5bc04f59418a0ffec5cf726fc0b81ef54af8f7015e17c9c61ac79a186bd0785ef02ca033aeee5cc62be377bb921ec80e1983753a35871ff33f8751f7d567e8d85146cb4cf4ed6832f8a8d55ae0bf3e93b887d161f2e91387b88265a1a2d52935b27f6cb50d5ffc3414b4c265667f217efe0aa234de61c08edfe30985a719a07d496bcdd473b1a98d049a14c48ffa40184f8c89a19d992bbb79674c6a4cbe6ce0d6e096bec9e6338dd48fa6f141f7922148198aa9be6b2af6a3078062a820e34230d736f7110363bc5d802ccd9a6b65bcf405e5fc0fa8059b3e0535e94685f59ce71e8a224f6ca89d4fe2fe2910f6b038bc771a6453dc473a3dfe4e80da9008626675de6d49be7a2419d2c0300cbfb0740a8ff3da6c3e29b1870b5b124d259435f034f3995218ecb3afe8e033c7071618619eb84a3f1708b1a470c3f5e915b017321d2fb1311744a1cd503a157b5a22f6215f874b2d7081be5a01aa5efd1b5b560ba0bf076bff3064c0588a6748fdc2c1241df44d01cfe34c30ce6134824d782fb8792f1da141a0bc59e348f5c9f95fa2a3be007a44fc3d6cf750c2589756619be6bc663e8d2b2afabe75e39e935ec577f673b18efc7267e39311a2e9633746996bbc093777009ef1ec7629886a3cb54e5d76ee7f79d4fee2d212bb5acdb775776187e0b8db852233bd457b61f6f15db6e78d686588edf02c41d92a847a14434529a898247442bd2f50fecbb761bdf239bdab1f93bcb1795777df4990b516ff8d532769295e7b159e3a669d5b4376ea95c634bdb5a2d1c99b660ae26a2909ffdf94b3ada40fcc1e517187ad1e7d4e1193b9f6768cbd6b9ccb9a44b878a060067db770b9c8d53c6f478ecd716b171b11a64f02a21d1f35c54b2b5a71f538c15bb3eec550a23b5e950e2fa889f3534a5c92b32eb365a5c034e044abda1e5cb2d2b1e86e0bf567ac2e3614cdaba318d5e91923b71e5828a0b3e27c24178574bc9478f76328beeef8a67b985576086985b644a40ef0e899388e7dd4f5fbd1a20abaffba2b4b62302261037de7d64b550ecfc403eb287d5207419c9b09afc81f62d233967d4b324bbb7ac4bbe7ca6c7c0c358b5fb351568f9e386136d16173d744002210f4a33196206ed6d7a4ade4fc1ad2f392382478d1641653a46f4fe3e03913d1b450560d224a6e187d6534f261da42bc57ae18008056065b50bf0788af86b178099864c04b378fb59d5b74c53851d4110daa4b2507feeef652eae0be90ac5101da429bf5360be874330b8e38fc4edabc51a7108fba440f397ff39d720904628fafe3e0e57ce96102307fc056787fa8f31070b93865e96b8838bf2ca9be732bf4bae2bf89585905743b068b6083377eb995ecb0298dd244d74af98af856e2b56ebed32c912939f5e8601cebc5ca01ad5dbebaa58f5e6e8f59533f3f6ea2b6a9b5816a2ab6a87c01ff117ea84226e5dac8a6470c47a4b39f0dd65ed12ea3c2a6a14869eac9562e9025d8605acbaf8d935d98ff731c05950340e893fe7a9b7192347b72f1fffef498d49820d146d53deffa5e1cb5dffa1276aff2a8e9ae06a4206b64f0d28c423e85575a1b776845a1bf6e23292b2172c48f0795e7ec29dc37df273976d3aaa01c9d285cef4523357a41183697f83dc600a64f7f1576b742fb2e6e70ff4b1f5bd99680c02c121bc11a971c86266f9d5118b5fc46e9f761b67ffd6064c9398f75d431fa56aa2a43c5cf197bf75c00debf1da430ceacfcc422deea6c7ee58fec8822e1747fd3ecdd43b274689d7238d1525e1939933b3a48779cb296cbcab00d3c8da4a326ffe258438bd0cc6d9fc352575c5f7e2429041dffbb5dd22cce06fb404b2e37634d663ab359064aaf38518301e5ac641ad331fcd6698d4d89e462a43f66988027bfdf54886b36951fa3f043073f9033de47e8f1a9a7718678aa4e019a75d73297bd1465bb3c307f1fb647622b7a9fbc29bb8f4fad45c3d062c75ac241e19a66ab43cbe943ae2a71605defa50fb76f4298acd3265c494bf6688ca41b87351924b5b408d79284b8861d88ffcc766234e740c8b4c1a27292a1b4eae7bad5e1ce5358baaf2fb38a910a0aafef408e63ca83e43669baef16d1f4bd925136eaa892d83c5ce4f813fc9b3c138e754930975b60681d46f5e1a541234c7d57b5bbb4604ab85491b3c72090c307840215f6a715dd6352a8a1cc6f808aaf2d291bab5cd09a84af8987557d74f3beddf893cd85227930ed46bd1c68c8c41edbca7bbdf7cd0c810699fbfe84c74b082e73c112cebfecc0672d810b3221b8004a5a98c0083fa2b2878a0fd6847018cd85f2f3b43a82ae9068ebb72762dd78e9097f9e91bb9f771c84873edc40a35cd0d6e45f57442283faaabd675bd6e2a6e4515ced99a78b07626af2a8644b44aa121e6c9e2dfee50bcc9e630e7cb2f01c76f015420afcba8e03b731fa6362e1b6cae00b597f64e8633a45e48b6792b2ca81de5a905c2b8c27732a599e35312f078bb6d0183791f711eeb31426f4416a0c3b5faed122c7181c8c7a39081079c1c74abb1ba9cd70b1a633b0b54833c581f48d401377e928a26c878d966d70e6ea78e7af0be938508c9e468174ab663feaf2d94dc980b6aef9a24c1ccb896f91d1653657ad1cd9d6306148bc4e1198b11b9215b83caf4eb772e6eca2c0710ddbff8f57c39db1f51f8763cbb7a489ca34569ce6d481323ee371e6fbf7a39f112ead8db13b8d81833d20ba4b4d805ea86a8e2c40327a24c6efc54943dafe46d2916b024ad495642d29db6a4f4b5c9b50d5d2bc54611f071305307cc8e1041f4bac320fd2bd5240bdaab8e44a9207de402633447e24a24c3a1acb93a6052e28399203122770836947cb6e25d34750b6e88127989430d1584d50b5adc6f68ba6abacc788953b2b243357ae58e4413cdb7aa31a76b23176f08a9cc30961e3e069d3c4cf8ba47c80a2dbb4ab87a2f048858441daa80a39e6f591ca29c9fb2b7a87a7027cfe814e97fa18120e61c09312ac2fb1b41de38e0c68d13a20e9b5d97015322874221718cd33576495d53894448ce08e66aebc81df490dc5b90b13543ffa073e281579df684eb7605ca1d442b4c008d9f3cb697bb64b785049a1c0e5487fe270b6975bb4f38df286dc85b1705c0978f44a6c4ca46d556d6ccb8df1d95a331fc0ed9f424754d34196b3c0e5b4992c8129251b19525be4fc5d22d468d1d1e41fe483031a6384f9915c9dc53e646d89fe1c38e864845e1c10d3d3d18fc6efb4022c2b3ab600cfff56335b824b290507599bc93e78aa7d3620eee6b210153c9f3e5c5ae456bd8bf55472fffd4e456e47fb858f506afe0cddcd67dc1fb1fb8f7db7b449665edb511d8689dc177c10526ec9120fb85d2f1fbac2302e9bdcf99b2225f179ffd9ff37dad882e054996b22a3dbb31d02622b90b75bfad01c63cf02b472ca064d5ec76a189a9a64008d8700a63af131016343601efdb103a8bea0cc2451d93f2a2316989021a9b2925e0ff6e131fd02cb4f97644245656dc82871e16ae57883a230ea566274f4d0974595632468765cd474c37992b7b27dafb88953aa5a2eb6d656a7d4df211c176e22e92f7a4eae10c33595874be957a6e0a03dab3f1b6a1e82bdf9e98c46eb3d231cec623f8ad4e9809bd607e30487b02464504951b48baa9cfbcaeb3be0d8d2304417f37dc671a0d808f90ac60f1f06a6037c6da8d9fe97b7c1ed6754a93c8caf6602b277ffde4cdd9630339f6d3c36a30e07b7fd1b919aa4f389535311708812dd19d516c53f672b3150efc2769b8b42377ad4f568aa3ec27ee3cd6b6c0681720cab5487f64d72118644bdfce2c363602b070fa8a9b6efb250fa3e78310b13c33cd14cfbd506f722b92f7e69ca4292676bce25280aa61f19e41dcabca6da3ba65c6cfec2f84b263f230f3363282e00e3ec84906a63908bd6b4dc1231f3135452f16c495b834efa1f510df24d2f6bbed8536b6812ea04456b7829237ad1c5dc5851fc47243365d66b262a4e56f912792efc761f820077732bc7efaa487ab84895d8fd7cca7ad9a6c3ef57afe79803ad3a0116fb13614974ba3c8df29c23ade5450b70066cc5", @ANYRES8=r4, @ANYRES64=r3, @ANYBLOB="0d1c7656b7b4a32b1803dd662f8ad2c9bf82cc140e1098e5cf124f71bf7441f723982819b913722024bee9bc4643357698da87a6c2cf7af8fba8c18bc09bd24826336e9c280b3b40b3d1ecd8614485bfdbe0707d76d8bab86e4de270b400a95fa7f0bcd7f372ec4f05d121f10a56ebab962cd38e7200db27a8824574d5", @ANYRES64=r1, @ANYRESOCT=r0], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x50) sendmsg$auto_NL80211_CMD_GET_REG(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a000d51b56744d5ba91ddf000ab440d22"], 0x1ac}}, 0x40084) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) 1m44.727822375s ago: executing program 3 (id=2673): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd12\x00', 0xa4e00, 0x0) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x5, 0xffffffffffffffff, 0x7, 0x30) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0) write$auto(r2, 0x0, 0x28) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setrlimit$auto(0x1000000007, 0x0) userfaultfd$auto(0x1) semctl$auto(0xa0000000, 0x0, 0x5, 0x2) seccomp$auto(0x2, 0x10, 0x0) unshare$auto(0x40000080) 1m44.208380779s ago: executing program 5 (id=2676): r0 = openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0) getsockopt$auto_SO_LINGER(r0, 0x2, 0xd, &(0x7f0000000100)='($p\x00', &(0x7f0000000140)=0x40) openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x40400, 0x48) (async) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x40400, 0x48) listxattrat$auto(r1, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x0, 0x6) writev$auto(r1, &(0x7f0000000080)={&(0x7f0000000000)="606c4ea3c4d4735d0985a0a8dad78454e6125ae60b2e77ed91fe07ba521a48708914", 0x8}, 0xffffffffffffffff) 1m44.064755612s ago: executing program 3 (id=2677): open(0x0, 0x200082, 0xed) r0 = socket(0x23, 0x5, 0x1000002) setsockopt$auto(r0, 0x0, 0xcf, 0xfffffffffffffffc, 0x1) io_uring_setup$auto(0xa, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop3/queue/max_segments\x00', 0x200, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0xa, 0x1, 0x84) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r3 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) getsockopt$auto(r2, 0x84, 0x76, 0x0, 0x0) read$auto(r1, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r5 = open(&(0x7f0000000040)='./file0\x00', 0x640, 0x141) fcntl$auto(r5, 0x400, 0x1) truncate$auto(&(0x7f0000000080)='./file0\x00', 0x7f) openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, 0x0, 0x103000, 0x0) r6 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) exit$auto(0x2) fchdir$auto(r6) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) 1m43.868815872s ago: executing program 5 (id=2678): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) process_vm_readv$auto(0x0, 0x0, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) fcntl$auto_F_OFD_SETLKW(r0, 0x26, 0x0) ioctl$auto(r1, 0x6f2d, r1) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0xffe, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0x3, 0x15) write$auto(0x3, 0x0, 0x20000) 1m43.574153936s ago: executing program 5 (id=2682): r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/nvmet/discovery_nqn\x00', 0x189002, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r1 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x80200, 0x0) ioctl$auto_NVRAM_SETCKS(r1, 0x7041, 0x0) readv$auto(0x0, &(0x7f0000000080)={0x0, 0x60}, 0x3) open(&(0x7f0000000800)='./file0\x00', 0x2240, 0x154) sysfs$auto(0x2, 0x0, 0x0) fsopen$auto(0x0, 0x1) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) write$auto_configfs_file_operations_configfs_internal(r0, 0x0, 0x0) read$auto(r0, &(0x7f0000000180)=':\x00\xe6\xc2\xb1\xbf\xbcuh\x90\x9c\xb9\xff\xd5\x82r&', 0x9) 1m43.275129569s ago: executing program 5 (id=2684): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x15, 0x5, 0x0) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000000)) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) ustat$auto(0x801, 0x0) r1 = gettid() r2 = prctl$auto(0x1, 0x7, r1, 0x100000001, 0x8) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x80000000, 0x22009, 0xdf, 0x7ff, r2, 0x0) futex$auto(&(0x7f0000000080)=0x1, 0xb, 0x1, 0x0, 0x0, 0xfffffffa) futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x8, 0x0, 0x0, 0x440a48d3) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) setsockopt$auto_SO_SNDTIMEO_OLD(r2, 0x2, 0x15, &(0x7f0000000380)='$@!\'-([\x00', 0x8) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/system/machinecheck/machinecheck0/print_all\x00', 0x80302, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x9, 0x3, 0x26, 0x940, 0x1ffde, 0x3, 0x6, 0x902c, 0xfffffff6, 0x400005, 0xfff, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, [0x3, 0x3, 0x10000, 0x400000000, 0x0, 0x3903, 0x0, 0x4, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x7, 0x0, 0xceb, 0x0, 0xfffffffffffffffc, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x4001, 0xfffffffffffffffd, 0x0, 0xb548, 0x8, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0xfffff7fffffffffa, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/vkms/name\x00', 0x900, 0x0) socket(0x15, 0x5, 0x0) 1m43.043378182s ago: executing program 3 (id=2685): sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x8880) unshare$auto(0x40000080) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) fanotify_init$auto(0x1, 0x8) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x3, 0x10e, 0x2, 0xffffffffffffffff, 0x3) getsockname$auto(0x3, &(0x7f0000000d00), &(0x7f0000000d40)=0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(0xffffffffffffffff, 0x560d, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/dev_mcast\x00', 0x101000, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') ioctl$auto_MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000140)={&(0x7f0000000080)={0xfff, 0x9d, 0x0, 0xd, 0xc6, 0x8, 0x2, 0x5, 0x100000001, 0x4, 0x0, 0x9, 0x2, @iso={0x3ff, 0x7f}, 0x9, 0xffffff81, 0x2, 0x6}, &(0x7f00000000c0), 0xfff}) openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, 0x0, 0x40001, 0x0) socket(0x15, 0x5, 0x0) sendmsg$auto_NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0xc}, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r3 = socket(0x10, 0x2, 0x6) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x14, r4, 0x1, 0x70bd28, 0x25dfdbfd, {0x11, 0x0, 0xfc}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0) pread64$auto(r0, 0x0, 0x8, 0xffff) r5 = socket(0x1d, 0x2, 0x2) bind$auto(r5, &(0x7f0000000240)=@l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1) 1m42.064953098s ago: executing program 5 (id=2689): madvise$auto(0x100000, 0xffffffffffff0005, 0x19) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/dummy0/carrier\x00', 0x8182, 0x0) write$auto_fops_init_pkru_pkeys(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x48080}, 0x448c0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="13"], 0x1ac}}, 0x4014) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bdi/1:13/strict_limit\x00', 0xa081, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) set_mempolicy_home_node$auto(0x600000, 0xffffffffffffffff, 0x0, 0x0) unshare$auto(0x8000000) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x80240, 0x0) madvise$auto(0x3c0000000000000, 0x1, 0x3) sendmsg$auto_NL80211_CMD_SET_MAC_ACL(0xffffffffffffffff, 0x0, 0x4004000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose0/statistics/tx_window_errors\x00', 0xa2900, 0x0) ioctl$auto_RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, &(0x7f00000000c0)=0x81) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000040)='.\x00', 0x4) umount2$auto(&(0x7f0000000000)='.\x00', 0x4) unshare$auto(0x7) r3 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r3, 0x110, 0x4, 0x0, 0x7) read$auto(r2, 0x0, 0x9) 1m27.970652017s ago: executing program 34 (id=2685): sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x8880) unshare$auto(0x40000080) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) fanotify_init$auto(0x1, 0x8) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x3, 0x10e, 0x2, 0xffffffffffffffff, 0x3) getsockname$auto(0x3, &(0x7f0000000d00), &(0x7f0000000d40)=0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(0xffffffffffffffff, 0x560d, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/dev_mcast\x00', 0x101000, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/ipv6_route\x00', 0x101000, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') ioctl$auto_MON_IOCX_GETX(r1, 0x4018920a, &(0x7f0000000140)={&(0x7f0000000080)={0xfff, 0x9d, 0x0, 0xd, 0xc6, 0x8, 0x2, 0x5, 0x100000001, 0x4, 0x0, 0x9, 0x2, @iso={0x3ff, 0x7f}, 0x9, 0xffffff81, 0x2, 0x6}, &(0x7f00000000c0), 0xfff}) openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, 0x0, 0x40001, 0x0) socket(0x15, 0x5, 0x0) sendmsg$auto_NL80211_CMD_STOP_AP(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0xc}, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) r3 = socket(0x10, 0x2, 0x6) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)={0x14, r4, 0x1, 0x70bd28, 0x25dfdbfd, {0x11, 0x0, 0xfc}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0) pread64$auto(r0, 0x0, 0x8, 0xffff) r5 = socket(0x1d, 0x2, 0x2) bind$auto(r5, &(0x7f0000000240)=@l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1) 1m26.981408805s ago: executing program 35 (id=2689): madvise$auto(0x100000, 0xffffffffffff0005, 0x19) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/dummy0/carrier\x00', 0x8182, 0x0) write$auto_fops_init_pkru_pkeys(r0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[], 0x68}, 0x1, 0x0, 0x0, 0x48080}, 0x448c0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="13"], 0x1ac}}, 0x4014) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bdi/1:13/strict_limit\x00', 0xa081, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) set_mempolicy_home_node$auto(0x600000, 0xffffffffffffffff, 0x0, 0x0) unshare$auto(0x8000000) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x80240, 0x0) madvise$auto(0x3c0000000000000, 0x1, 0x3) sendmsg$auto_NL80211_CMD_SET_MAC_ACL(0xffffffffffffffff, 0x0, 0x4004000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/rose0/statistics/tx_window_errors\x00', 0xa2900, 0x0) ioctl$auto_RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, &(0x7f00000000c0)=0x81) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000040)='.\x00', 0x4) umount2$auto(&(0x7f0000000000)='.\x00', 0x4) unshare$auto(0x7) r3 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r3, 0x110, 0x4, 0x0, 0x7) read$auto(r2, 0x0, 0x9) 1m20.735415196s ago: executing program 0 (id=2761): r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:00.0/enable\x00', 0x18b042, 0x0) mmap$auto(0xfffffffffffffffb, 0x2020006, 0x4, 0xeb1, 0xfffffffffffffffa, 0x80000000008000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x2020009, 0xffff, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = gettid() rt_tgsigqueueinfo$auto(r2, r2, 0x1ff, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/loop6\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x9, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)={0x14, r3, 0xf25, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x4044054) 1m20.443850304s ago: executing program 0 (id=2763): sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x24}}, 0x4000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) (async) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c0000001400c7d2a2e1917949643de42b"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC1\x00', 0x21202, 0x0) ioctl$auto(r1, 0xc0045540, r1) (async) recvfrom$auto(r0, &(0x7f00000003c0)="c1f54176f85a2e83373b3cb883f75884a67694706fd6488d844715653f237963ad97ee1354b7fd6a610c942f97451b6274544256ef8fa8304b59aa7b0aceed91be169803684e225ccaad79000000000000000000000000b81f004fe6", 0xff, 0x0, &(0x7f0000000240)=@ax25={0x3, @default, 0x4}, &(0x7f0000000100)=0x96d4) (async) mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) (async) modify_ldt$auto(0x1, 0x0, 0x10) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, 0x0, 0x24004054) (async) getrandom$auto(0x0, 0x6000000, 0x3) (async) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) (async, rerun: 64) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (rerun: 64) madvise$auto(0x110c230000, 0x1, 0x9) (async) socket(0xa, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/module/kvm/parameters/nx_huge_pages_recovery_period_ms\x00', 0x149b01, 0x0) write$auto_fops_init_pkru_pkeys(r2, &(0x7f0000000080)='4', 0x1) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) (async, rerun: 32) io_uring_setup$auto(0x2, 0x0) (async, rerun: 32) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) write$auto(0x3, 0x0, 0x19ffe) (async, rerun: 32) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc0}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (rerun: 32) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) 1m19.258791724s ago: executing program 0 (id=2767): lsm_list_modules$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) read$auto(0x3, 0x0, 0xf34) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x84) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/dynamic_debug/control\x00', 0x40000, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x54) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xd, 0x9, 0x7, 0x4, 0x15f4da0a, 0x300, 0x3, 0x1, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2, 0x2000000]}, 0x0) close_range$auto(0x2, 0x8, 0x0) 1m18.317805017s ago: executing program 0 (id=2771): ioperm$auto(0x5f0, 0x80, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = prctl$auto(0x3e, 0x0, 0x0, 0x5, 0x7) madvise$auto(0x400081, 0xffffffffffff0003, 0x84015) r1 = fcntl$auto_F_WRLCK(0xffffffffffffffff, 0x423, 0x1) getdents64$auto(r0, &(0x7f0000000240)={0x2, 0x5, 0x400, 0x9, "12dca64e4fea5daed174584fc26d508217f3404d02f6b0bc5f062d6970d98425f08f455a4303c8df19be00c0dade73ba832185b9a00fa4de4a699655e2791c04828c8ad48fd9b5ebc4ac70687601c72dc42feee77afea0aa2d74a68f052743c5be74d5c874c3710888b291e6245975e098ffd531a674e005856d4ada3561050bb832dbdbd48a11d465bc5999b22d5bf00db7"}, 0x6) tee$auto(0x32c8, 0x7, 0x0, 0x5) openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x40000, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, 0x0) ioctl$auto_SNDCTL_DSP_STEREO(r2, 0xc0045003, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0) ioctl$auto(r3, 0x3b8c, 0x38) capset$auto(0x0, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(r1, 0x0, 0x4000090) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) r4 = clone3$auto(&(0x7f0000000300)={0x6, 0x6, 0x9, 0x7ff, 0xd, 0x1, 0x7fff, 0xfffffffe00000, 0x1c0, 0xcaa, 0x402}, 0x1) sched_setaffinity$auto(r4, 0x1, &(0x7f0000000380)=0x7) prctl$auto(0x1b, 0x200000000000009, 0x7fffffffefff, 0x0, 0x0) r5 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/cmdline\x00', 0x2000, 0x0) read$auto_proc_pid_cmdline_ops_base(r5, &(0x7f0000000040)=""/154, 0x9a) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r4, 0x8, &(0x7f0000000440)={@siginfo_0_0={0x8, 0xe, 0x6, @_sigchld={0x0, 0x0, 0x402, 0x5, 0x1}}}) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', &(0x7f0000000000)=&(0x7f0000000200)=' ') openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x400805, 0x0) 1m17.882536396s ago: executing program 0 (id=2774): openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000040), 0x2dc08f24db163610, 0x0) preadv$auto(0x3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x8, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/pts/ptmx\x00', 0x0, 0x0) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb2, 0x401, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) setsockopt$auto(0x3, 0x1, 0x24, 0x0, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, 0x0, 0x6b) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents64$auto(0x0, 0x0, 0x41) r3 = socket(0x2c, 0x3, 0x0) mmap$auto(0x0, 0x4, 0x10000000000, 0x11, 0x3, 0x100000000) r4 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000580), 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r4, 0x4018bc13, &(0x7f00000005c0)={0x0, 0x9d, 0x700, [0x0]}) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r3, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f00000002c0)=ANY=[@ANYRES64=0x0, @ANYRESOCT=r1, @ANYRESHEX=r0, @ANYBLOB="3303be3ff25e83077743459da0c9523a24fc603998e633293d", @ANYRESOCT=r1, @ANYRES64=r2, @ANYRES8=r0], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0xc880) 1m17.007350503s ago: executing program 0 (id=2778): r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) pwrite64$auto(r0, &(0x7f0000001240)='\\\x00', 0x6, 0x100) close_range$auto(0x0, 0xfffffffffffff001, 0x2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) socket(0x18, 0x6, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) socket(0x2, 0x3, 0xfffffff1) mmap$auto(0x0, 0x4, 0x4020000000dd, 0xeb3, 0x401, 0x8000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x6, 0x0, 0x0, 0x368f, 0x2, {0x100000004, 0x3be4}, 0x5, 0x6, 0x3246, 0x27, 0x0, 0x80000004, 0x3, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) socket(0x2b, 0x1, 0x1) ioctl$auto(0xffffffffffffffff, 0x89a0, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) mmap$auto(0x0, 0xea9, 0x2000000000000df, 0xeb1, 0xffffffffffffffff, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) write$auto(r0, &(0x7f0000008d40)='&$}-)#`\x00', 0x44) 1m1.793777888s ago: executing program 36 (id=2778): r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) pwrite64$auto(r0, &(0x7f0000001240)='\\\x00', 0x6, 0x100) close_range$auto(0x0, 0xfffffffffffff001, 0x2) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) socket(0x18, 0x6, 0x0) quotactl_fd$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) socket(0x2, 0x3, 0xfffffff1) mmap$auto(0x0, 0x4, 0x4020000000dd, 0xeb3, 0x401, 0x8000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x1, 0x6, 0x0, 0x0, 0x368f, 0x2, {0x100000004, 0x3be4}, 0x5, 0x6, 0x3246, 0x27, 0x0, 0x80000004, 0x3, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) socket(0x2b, 0x1, 0x1) ioctl$auto(0xffffffffffffffff, 0x89a0, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) mmap$auto(0x0, 0xea9, 0x2000000000000df, 0xeb1, 0xffffffffffffffff, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) write$auto(r0, &(0x7f0000008d40)='&$}-)#`\x00', 0x44) 35.250724587s ago: executing program 7 (id=2974): r0 = io_uring_setup$auto(0x6, 0x0) write$auto_ecryptfs_miscdev_fops_miscdev(r0, &(0x7f0000000000)="d321ee4194d21ef4e093f8fd790487bcea48fbaf85a304e4760b9512af996f982dc92c3f3e02719801fb4f534f9b6cf4858027dea0368a51d902e2b21d03f934f2b6dd477ee80ea696578c1f47c7ed7309285807d9375c54ed6efedede795ff2516d26a26c951575a193cee5be733c6e80da7641986cc669868f23385b69f65e59125b1363f0b332c0e47014aac5f4dcc1ee42dc6c8afbf1f9604575d9377355493e36adc800b06a05b940e62c89a0aebb79a5827d43ae4d790cff9c07dbb36fc046118e56d8b410d58ff1173714d33d1ae61987422e08ea3591aa5ce19de9c71de0882187f4a7e5525b5600ded18ea7192af98366262930b088", 0xfa) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000400)='/dev/cuse\x00', 0x1c1041, 0x0) fcntl$auto(0x3, 0x4, 0xa553) write$auto(0xca, &(0x7f0000000140)='\x04>\x01\x01\b\x1a\x1e`\x01\xd4\x14', 0x5, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto_IOC_PR_CLEAR(r0, 0x401070cd, &(0x7f0000000080)={0x0, 0x6}) msgget$auto(0xc, 0x77d9) msgrcv$auto(0x0, 0x0, 0xff9, 0x0, 0xb1) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x9) madvise$auto(0x0, 0x200007, 0x4) 31.630275428s ago: executing program 8 (id=2999): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, &(0x7f0000000040)='nbd\x00', 0x4) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xb4, r1, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_PLCA_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xb}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_PLCA_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xffffff49}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}]}, @ETHTOOL_A_PLCA_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}]}, @ETHTOOL_A_PLCA_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4008084}, 0x20008010) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) madvise$auto(0x108000, 0x800034, 0xa) gettimeofday$auto(&(0x7f00000000c0)={0x100000001000000, 0xa2f0}, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) 31.625612082s ago: executing program 7 (id=3000): r0 = semctl$auto_SEM_STAT(0x9, 0x80, 0x12, 0x2) prctl$auto_PR_SCHED_CORE_CREATE(0x8, 0x1, r0, 0x8, 0x4) select$auto(0xc, &(0x7f00000000c0)={[0x3, 0xcc, 0xfffffffffffffff8, 0x7, 0x239d6b57, 0x0, 0x8000003, 0x5, 0x3, 0x0, 0x2, 0x5, 0x3, 0x1, 0xb, 0x8a]}, &(0x7f0000000240)={[0x3, 0xec6c, 0x9, 0x200000000000000, 0x5, 0xffffffffffffffff, 0x9a, 0x100, 0x6, 0xd, 0xebd, 0x9, 0x6, 0x1, 0x5, 0x8]}, &(0x7f00000002c0)={[0xfffffffffffffff7, 0x8000, 0x10, 0xa8c, 0x9, 0x0, 0xf, 0x7ff, 0x4, 0x7, 0x2, 0x7, 0x8, 0x6, 0x7, 0x97]}, 0x0) mmap$auto(0x0, 0x400005, 0xe1, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) sysfs$auto(0x2, 0x4, 0x0) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x6f, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) r4 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000001c0), r3) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000340)={0x5c, r4, 0x800, 0x70bd26, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRET={0x12, 0x4, "0ab9e4f8c963405e5cad1211968e"}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xd}, @SEG6_ATTR_DST={0x14, 0x1, @mcast1}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x7}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0xfffffffe}]}, 0x5c}}, 0x20000000) mmap$auto(0x400000, 0x1, 0x81, 0x16, r2, 0x14) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a02, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000140), r3) r5 = epoll_create$auto(0x3e) epoll_ctl$auto(r5, 0x1, 0x8000000000000000, 0x0) 30.889859747s ago: executing program 7 (id=3006): openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x2, 0x2) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/mountinfo\x00', 0x40840, 0x0) close_range$auto(0x2, 0x8, 0x0) pwrite64$auto(0xc8, 0x0, 0xfdef, 0x3) openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, 0x0, 0x40000, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto_IOC_PR_CLEAR(r0, 0x401070cd, &(0x7f0000000080)={0x0, 0x6}) msgget$auto(0xc, 0x77d9) msgrcv$auto(0x0, 0x0, 0xff9, 0x0, 0xb1) msgsnd$auto(0x0, &(0x7f0000000000)={0x1, 0x5}, 0x8, 0x9) madvise$auto(0x0, 0x200007, 0x4) 29.798621184s ago: executing program 7 (id=3011): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)={0x14, r1, 0xf25, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0xffffffa6, 0x8000}, 0x4044054) 28.902994905s ago: executing program 6 (id=3013): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/oom_adj\x00', 0x14a502, 0x0) read$auto(r0, 0x0, 0xffffffffffffffff) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x5c3043, 0x0) openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000000), 0x4904c0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0xfffffda0) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') ioctl$auto(0x3, 0x8b0a, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/mm/ksm/pages_to_scan\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000140)=""/151, 0x97) openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f00000000c0), 0xb02, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) madvise$auto(0x110c231000, 0x1, 0x9) 26.256971102s ago: executing program 6 (id=3015): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000000c0)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x1c, 0x9, 0x63, 0x0, 0x0, 0x0, 0x1000, 0x8, 0x80000000000000a, 0x40000402, 0x9, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x200000100103}) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x40000, 0x4}, 0x5, 0x0, 0x0, 0xffffd88b) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x20008000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1e, &(0x7f0000000000), 0x1) sendmsg$auto_IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000001}, 0x20040085) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x11, 0x80003, 0x300) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x28, 0x0, 0x808) syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), 0xffffffffffffffff) r1 = socket(0x10, 0x2, 0x6) socket(0x15, 0x1, 0x400) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) ioctl$auto_SNDRV_TIMER_IOCTL_STATUS32(r0, 0x80585414, 0x0) 25.561686824s ago: executing program 6 (id=3019): r0 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0xb5, 0x10, 0x4, 0x53000000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x4f4, 0x6}, 0x10) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xa901, 0x0) prctl$auto(0x10, 0x6, 0x7, 0xffffffffffffff78, 0x8) ioctl$auto_USBDEVFS_SUBMITURB32(r1, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000000000005"]) r2 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r0, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x38, r2, 0x23, 0x70bd27, 0x25dfdbfe, {}, [@MACSEC_ATTR_SA_CONFIG={0x18, 0x3, 0x0, 0x1, [@nested={0x5, 0x1, 0x0, 0x1, [@generic="03"]}, @typed={0xc, 0x3, 0x0, 0x0, @u64}]}, @MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x4008818}, 0x0) 17.658747467s ago: executing program 6 (id=3030): r0 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) r1 = socket(0x2, 0x5, 0x0) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/maps\x00', 0x0, 0x0) pread64$auto(r2, 0x0, 0xeda5, 0xc86) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) listen$auto(0x3, 0x81) read$auto(r1, 0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@ax25={0x3, @bcast, 0x2000004}, 0x1000006a) ioctl$auto(r0, 0x6f2d, r0) write$auto(r0, &(0x7f0000000040)='/dev/dvb/adapter0/dvr0\x00', 0x578) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), r3) r4 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r5, &(0x7f0000000500)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, r6, 0x1, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x10001}, 0x0) r7 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) r8 = socket(0x2, 0x1, 0x106) setsockopt$auto(r8, 0x6, 0x5, &(0x7f0000000080)='*\x00', 0xe6) bpf$auto(0x5, &(0x7f0000000540)=@bpf_attr_4={0x7fffffff, r5, 0x0, r2}, 0xf4e) bind$auto(0x3, &(0x7f0000000040)=@l2tp={0x2, 0x0, @broadcast, 0x200004}, 0x6a) write$auto_qrtr_tun_ops_tun(r7, &(0x7f0000000300)="01000000d80746ebe4fa29705e2e654014f2bc90628546cda7e9ce67b7d2ab52b096b449a312a437bac96a8cbd5f23dc7bf6f14d15f2f273c36ef21cef7aeb39937ef4ea2f4dd48bc81624c1ed60c83c39ba4d4ebee5b273c9888dbd978927b4b89795bcfc7ce379345bea07636878f456f4e82905ddfef781fbf9825f22c3d1af4a2295e2fad62ed1a9fa2db5eff40233560c88004511ae", 0x98) r9 = openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/mounts\x00', 0x280000, 0x0) read$auto_proc_mounts_operations_mnt_namespace(r9, &(0x7f0000000180)=""/253, 0xfd) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x0) ioctl$auto_UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000100)={r0, 0x1, 0x1, 0xf}) 16.502238092s ago: executing program 37 (id=2999): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, &(0x7f0000000040)='nbd\x00', 0x4) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'veth1_to_bridge\x00', 0x0}) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)={0xb4, r1, 0x300, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_PLCA_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xb}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_PLCA_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xffffff49}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}]}, @ETHTOOL_A_PLCA_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}]}, @ETHTOOL_A_PLCA_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x4008084}, 0x20008010) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) madvise$auto(0x108000, 0x800034, 0xa) gettimeofday$auto(&(0x7f00000000c0)={0x100000001000000, 0xa2f0}, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) 14.43484235s ago: executing program 38 (id=3011): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000300)={0x14, r1, 0xf25, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0xffffffa6, 0x8000}, 0x4044054) 9.676068914s ago: executing program 6 (id=3038): r0 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000340), r0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) 5.082812354s ago: executing program 6 (id=3046): ioperm$auto(0xfb, 0x5, 0xe) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/udp6\x00', 0x40, 0x0) pread64$auto(r0, &(0x7f00000000c0)='#\x00', 0x653, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x100000000009b72, 0x2, 0x8000) madvise$auto(0x5b6, 0x7fffffffffffffff, 0xa) sysfs$auto(0x2, 0x23, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) write$auto(0x3, 0x0, 0xfffffded) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000001}, 0x4010) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x401e, 0x4, 0xfffffffc, 0x0) socket(0x2, 0x3, 0xa) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x0, @loopback}, 0x6b) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr9\x00', 0x2000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x80, 0x0, 0x7ff) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) mmap$auto(0x0, 0x0, 0x3, 0x20eb1, 0xfffffffffffffffa, 0xe4) io_uring_setup$auto(0xd, 0x0) r3 = semctl$auto_GETALL(0x9, 0x3, 0xd, 0xc5a) migrate_pages$auto(r3, 0x4000000000005, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x101140, 0x0) 4.805445005s ago: executing program 9 (id=3047): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) madvise$auto(0x0, 0x200, 0x15) write$auto(0x3, 0x0, 0xfffffdef) r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) r1 = syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58) r2 = waitid$auto_P_PIDFD(0x3, r0, &(0x7f00000003c0)={@siginfo_0_0={0xf6, 0x0, 0x6, @_sigchld={r1, 0x0, 0x4, 0x2, 0xfffffffffffffeff}}}, 0x3, &(0x7f0000000440)={{0x2, 0x8000000000000000}, {0x8617}, 0x3f25, 0x7, 0x0, 0x2, 0x8, 0x8, 0x1, 0x2, 0x2, 0x8000000000000001, 0x8, 0xfffffffeffffffff, 0x40000000000, 0x5}) ptrace$auto_PTRACE_KILL(0x8, r2, 0x0, 0xc) setitimer$auto_ITIMER_REAL(0x0, &(0x7f0000000100)={{0x4, 0x1}, {0x7, 0x4}}, &(0x7f0000000140)={{0x9, 0x400}, {0x7, 0x6}}) mmap$auto(0x10000, 0x4020009, 0x2000000000006, 0xeb1, 0x401, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x1c, r5, 0x1, 0x70bd2b, 0x25dfdbfa, {}, [@HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000090}, 0x4044820) io_uring_setup$auto(0x6, 0x0) r6 = socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) timerfd_settime$auto(r6, 0x3, 0x0, 0x0) adjtimex$auto(&(0x7f0000000000)={0x1ff, 0x0, 0xff, 0x6, 0x8, 0x0, 0x10, 0x0, 0x2, 0xbf, 0x1f6a, {0x0, 0x3}, 0x9, 0x1, 0x2, 0x6, 0x0, 0x8, 0x545, 0x1, 0x0, 0x8}) ioctl$auto(0x3, 0x40085400, 0x38) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'lo\x00'}) syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000280), r3) 4.239762637s ago: executing program 2 (id=3034): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000340), 0x880, 0x0) ioctl$auto_UI_SET_LEDBIT(r1, 0x40045569, &(0x7f0000000380)=0x25740c4) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sockstat6\x00', 0x101000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xc18, 0x8000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0) readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/batman_adv/parameters/routing_algo\x00', 0x8182, 0x0) write$auto(r2, 0x0, 0xffc) madvise$auto(0x0, 0xffffffffffff0001, 0x15) acct$auto(&(0x7f0000000000)='/\x00') add_key$auto(0x0, 0x0, 0x0, 0x1, 0x8010) 3.754147726s ago: executing program 9 (id=3048): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) madvise$auto(0x10000000000000, 0x200, 0x15) write$auto(0x3, 0x0, 0xfffffdef) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) r2 = syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58) r3 = waitid$auto_P_PIDFD(0x3, r1, &(0x7f00000003c0)={@siginfo_0_0={0xf6, 0x0, 0x6, @_sigchld={r2, 0x0, 0x4, 0x2, 0xfffffffffffffeff}}}, 0x3, &(0x7f0000000440)={{0x2, 0x8000000000000000}, {0x8617}, 0x3f25, 0x7, 0x0, 0x2, 0x8, 0x8, 0x1, 0x2, 0x2, 0x8000000000000001, 0x8, 0xfffffffeffffffff, 0x40000000000, 0x5}) ptrace$auto_PTRACE_KILL(0x8, r3, 0x0, 0xc) setitimer$auto_ITIMER_REAL(0x0, &(0x7f0000000100)={{0x4, 0x1}, {0x7, 0x4}}, &(0x7f0000000140)={{0x9, 0x400}, {0x7, 0x6}}) mmap$auto(0x0, 0x4020009, 0x2000000000006, 0xeb1, 0x401, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) r7 = syz_genetlink_get_family_id$auto_nlbl_mgmt(&(0x7f0000000280), r4) sendmsg$auto_NLBL_MGMT_C_REMOVEDEF(r5, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x64, r7, 0x300, 0x70bd2b, 0x25dfdbfb, {}, [@NLBL_MGMT_A_VERSION={0x8, 0x3, 0x1c8}, @NLBL_MGMT_A_VERSION={0x8, 0x3, 0x100}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0xb}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x3}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_VERSION={0x8, 0x3, 0x11}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0xc}, @NLBL_MGMT_A_VERSION={0x8, 0x3, 0x800}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x3}]}, 0x64}, 0x1, 0x0, 0x0, 0x885}, 0x40) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r6, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) ioctl$auto_VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x6, r0}) 3.541381793s ago: executing program 4 (id=3049): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r0, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000002f40)=ANY=[@ANYBLOB="2a0004c2", @ANYRES16=r1, @ANYBLOB="010029bd7000fbdbdf251a000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000001900), 0xffffffffffffffff) sendmsg$auto_TASKSTATS_CMD_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010026bd7000fddbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="1a34a172913a117c1dfa3c10cefd219d91f535108b508af537c5102cb544e09b"], 0x1c}, 0x1, 0x0, 0x0, 0x41}, 0x4000000) 3.336691087s ago: executing program 4 (id=3050): r0 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000340), r0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) 3.312624266s ago: executing program 9 (id=3051): write$auto(0xffffffffffffffff, 0x0, 0x800005c8) ioctl$auto_SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0xfffffffffffffffc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x244480, 0x41) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) socket(0x18, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sda\x00', 0x100, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8804}, 0x4001) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f00000000c0), 0x55) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x8) 3.053168417s ago: executing program 9 (id=3052): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, &(0x7f0000000240), 0x40, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0xc800) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x0, 0x0) ioperm$auto(0x3, 0x8001, 0x2000000000000149) r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mbind$auto(0x9, 0x84, 0x4, &(0x7f0000000000), 0x80000000, 0x7f) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x20048800) ioprio_set$auto(0x7, 0x0, 0xfff) unshare$auto(0x40000080) recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0) ptrace$auto(0xf, r3, 0x2, 0xbf38) ioprio_set$auto(0x1, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0x4020aed2, r2) 3.050988636s ago: executing program 4 (id=3053): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x1a9382, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) fcntl$auto_F_OFD_SETLKW(r0, 0x26, r2) ioctl$auto(r1, 0x6f2d, r1) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf2503000000080003000402000006000700", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="08000a0003"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) madvise$auto(0x0, 0x3, 0x15) write$auto(0x3, 0x0, 0x100082) 2.848984522s ago: executing program 2 (id=3054): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x1a9382, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) fcntl$auto_F_OFD_SETLKW(r0, 0x26, r2) ioctl$auto(r1, 0x6f2d, r1) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf2503000000080003000402000006000700", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="08000a0003"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) madvise$auto(0x0, 0x3, 0x15) write$auto(0x3, 0x0, 0x100082) 2.773912367s ago: executing program 4 (id=3055): mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xffffffffffffffff, 0x8) r0 = socket(0x29, 0x2, 0x0) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0) r1 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) mmap$auto(0x0, 0x4, 0x0, 0x100000040eb1, 0x401, 0x2) r3 = socket(0x29, 0x5, 0x0) write$auto(0x3, 0x0, 0xfffffdf2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto_EPOLL_CTL_MOD(r1, 0x3, r4, &(0x7f00000001c0)={0x8, 0xffffffff}) recvmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x7, &(0x7f0000000040)={0x0, 0x1}, 0x6, 0x0, 0x4, 0x6}, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) shmctl$auto(0x9, 0xe, 0x0) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, 0xffffffffffffffff) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3ec0) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/udp\x00', 0x240, 0x0) socket(0xa, 0x2, 0x3a) pread64$auto(r5, 0x0, 0x200000000003, 0x2f4a3a23) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x101000, 0x0) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffbfffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0x2, 0x1, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttynull\x00', 0x201, 0x0) ioctl$auto_TIOCSTI2(r6, 0x5412, &(0x7f0000000240)="f39e42") ioctl$auto_TIOCSTI2(r6, 0x5412, &(0x7f0000000100)="17") fcntl$auto(r3, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x1, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x8923, 0x24) 2.436504976s ago: executing program 2 (id=3056): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = socket(0x23, 0x80805, 0x0) getsockopt$auto(r2, 0x40000000113, 0x3, 0xfffffffffffffffc, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/cpuset\x00', 0x181100, 0x0) lseek$auto(0x3, 0x20000, 0x1) clone$auto(0x3fff, 0xad3, 0x0, 0x0, 0x8000002) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) close_range$auto(0x2, 0x8, 0x0) mremap$auto(0x7fffffff, 0x9, 0x0, 0x1ff, 0xffffffffffff0000) r3 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r3, 0x0, 0x0, 0x0, 0x1000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_TXSA(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)={0x14, r5, 0x1, 0x70bd27, 0x25dfdbfd}, 0x14}}, 0x200080d4) listen$auto(0x3, 0x81) 1.721644431s ago: executing program 4 (id=3057): r0 = seccomp$auto_SECCOMP_SET_MODE_FILTER(0x1, 0x6, &(0x7f0000000000)="dc24aeb10200ac8f6baf80f5ea801b5d5895f30b8c0000020000000002a9db") mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48004}, 0x4050) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8000, 0x0) ioctl$auto(0x3, 0x2272, 0x7) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) r2 = semctl$auto_SEM_INFO(0xdb, 0x7, 0x13, 0x3) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x1, 0x0) mmap$auto(0x5, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) ioctl$auto_SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, 0x0) sendmsg$auto_NL80211_CMD_UPDATE_CONNECT_PARAMS(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="64190000", @ANYRES16=r1, @ANYBLOB="000328bd7000fedbdf257a0000000500a200070000000500530043000000060036000300000008004b00070000000600b5000010000008009f0023e400007204b200d6bd173107c959873060f841bdb6a63b57f96c8eaf31b73ca3e207e353fb94faeb8b32dabda84850df196cc403181114ff9ca04b69ff209f7407b646c379994f6e90bcc46ce023841075a7c16324b1ad7b8913ea02cd96ae396837494655217ffb668deb1395c08ed51562a396af9bf9d77798cc7081bab0719b16d384d95baebe35726bbecf38d3e07cc496d32c8fa6601bf41285c0fd97c0f50e43fd7ede2535e96b979bd5c0153e921752e8b18f258d293cf42917c2fb64372776a9004b958f67c43c579e9cc25a80cd3e5dbca26b54b642ebc3527d02d5471eed05d0d53982ebde38e3d6ddea0f6aa86cf44dc98718e8f63678d13cbfd68a9c1d446db61247c257d4d548d4e4c9a660ce8527b5368c151bb6540dfd2ebf76154e9f4c990eb2146aca1a145609ee600caac46affb9aa602a1fc8f7a67083f41e3353ae3023901d2462f48701709c02bfbee197d12bb8018d868a8cf0475799ae775a6f3d052d3c46f18c4e598a2967d29750adc59bc6499f2b0a8fee9f7bab821cdf7b420769f4768edd1ad0a6a7200508a39b0501493fd7814bba75bd976df8468ec6082ff7fd6918c7a52e07ea60bc72530517edf28d95bcc328927d79b9f48053f6a6e9e3ca6e3e1531a1ea599920036e410d8158b0f30f82fdfb7d6851e6115d3ae1501c57b7ee7a2e02fdf8c0c83a4b5e65c844e40286191932eee81214830e3043bd2b52277d6ef4f1b36b759f7f2a56238c07bac44b89de7e2cfceb163f66e055df4acf71e104d7654eaab3f22fa961ac9d4f1769de928d3a09893da2560136a554e06379e7145ad27d411de48a38040a5c3192e3656012d5603f7b7ad7a31577a7e8d032944fe41420a850db6c2d01ab94fe99caf522448bfd6c314b2593e4a7b127f9235dd453e0ceb9e76f8535f08f41a30940df8efdba44ae5d67c8823ceb7491050344626f3e85333f2e5b6b3f7383b80be76ce55e53687021aa02c8758512547f78a95283b66892dc5c8b30eff07d607c97debfcfe11385706ca4ddcaf0cbb7ca1cb2dfbbd1dcf92de7ba3eede1416c116a3cae78c6c2f30704c5b829849bb2b07b9e5cd92e7181ff65fc359d55d0e66746509431ef55eb92eb488076ebb3f3ccf61cea26a0d8adca2973fb084baa968cba353482da3a95c9a0f8ff7e9a2e882e4f4cb57077497431aa96a3cabdbd3cd699f2b95019a908de3a29f7ee16521e8867b8ad35f69f07a049fffe584c03bc048687a24d12d397bd9e7ab8c60f5da96964e50a794d795e79db0f8f929e51115119ec557bc364c2d81bc3346613205fc76b3467906e56476d1c48605368a3751f8c8dd053b7961fe2b689cba844a1bffffd74ba3fe87dcf42b9faaf8d104c5cf4ab83394023311314f83b0673f65972d70b74f98f7689338b781040e2cb390a8f4c686c55786949f1737580461cd93fd52931e1dd80b123af7a57cad0167628486d3fc7ee56a72a7680b8f3db87399b54a65c81361b49ef0b965a898df74364e7db791ae5a4082a93db87addc5968014d7a35643680d2fb5d04ec576447df138bb46865e85f605c88b5b8c6e787e80f635308e6aa04841ea75d657f1b000005002001030000009214b9803896d22ee68b5e079bbd868aec47db65645f741247f7724483d6b700cfdc4535e67eb58a392d4627f90481a76354c73fc245b3422ccc463cf1add1c145bf5ed7fb5174a8b3dc72e5745fe6fa4ee38a763d433b8a463d54ae1a674cdf573e384580517fd6190edd19839a2e2c96b59a63b2b69972b3d424e69a54fb4c2c575d3f0ed3afd7abdbaba8784ddfb5f4c9d5e427410f903545f0d3ceb242cd50e36bf5a0f1bfc37d56e8838701b0a7e359e8b63233662c6349a1b95cb073247958af0e819abb34ebc29d36124d19758e1ec6796b8a29ae2bf973d9ff23bd15db00f9908f2910419359e05fc184ea561cb86e5056b3e839d500ef170aefdddb6bcf6fea0300be1737040fbdb490dbb71400ea00fe8000000000000000000000000000bba6103380f708619673a703f223554f7cf27d60d001e2bcd15b43dd91e1ce1afbda013ddcf84e1ac14318aadab855fa2f552984b80b1c847507aa99d4e6aca070ff9906c09bce8a2af7de7ea8508a5e6ca6fa997ed1b63446ce9440b61462cfe71e29e00a1b9202e3b44fb5d0cc7ccb9ca4038e41fa8d5f021988fa9689d4e19cfc4e78b215328cc961d0dd9c405fa0242b00fd7cc308249e3dcbbfc1a72cf6a2ec7d2c326cf056f0b2633e5be90610ac550b8fa988ce5f91675d9ba39d6c062edc1d235357ee8d2c512841fecef0fe973a8356e07a78c6dd5653c2f6b3351e551ef0fbad64786bd3af3357c67c1aa4bb402ea3993c3eb71193001d9dc2c9518e0b3d8e8b13d9500d55a678422cc3e5c74aea7fbd1a5d5a2feb0287a857629d82e5efa840225077befb9ec5a20b9205633066162dcaa1975141ace63c868e5dc4423f9608cc506c0ef949f9f498e2431cdd779c9e66702cc5fd5edac38bb2cdf39e007919880d0d56856a578f9b2e5b1a8edbddd7c2418b4b06447430a70e8977ed28f5dc438c90c53dd114c90254438bcd60309ad8a9b80f16e1c0b01ffb440fc4c8ed97aaef9ed939a17e765a1ae0cbc7d217812eb91cad4df172120ac1b2ec58fe84dd893dc229664c85ddb22da14b1fafebd596243e719747c933bd916e5580be0b5791225c1fc50c86f65ddf9868f7d84cab2189f2c483bdb4f181b00566597641f0b2b1ccd6d70c6ca7c671f44a02e43cb14928b45007e636a1526d573fa7aaac04a8707a129d3c593b9191389d71fcf9971efdbb462ee6a1c56122ca0a72ee1ba70982cc962063394b5694c79ff5c96618f492c700fb860d57f100cdd113e5d933110e731fe952ad57b609129ef481bd4a75cceb9f37538453699c6b3713ddf69f1bdbec66035c3fa486d09242830aac6ae3ed2664ace97284c89b5b03279bea5a92b727615fa03f2d571995c3e17afd33663e2f55ed9c70659484fbeae759d5fa357d6eed7acabd0eb60d50f4e6e65d86f6113758b33b2e21da00a55460523cb5376702dab1f6e7ed5ebe781ebf7e3ace60b5c099ea85cd2e22538284e5240ab99b7879a528c1199ef7925d5b72e920c9be1243343473af0914cc9fd1672538939fd755067849e40492510492c2fd8a267c6e4dd06660330c70afe7578d6caa5d1089d06a7a85ac1ddf05de0b39158757e5c0935f963e00fc14a722d2dc84557af245a01ca773c8391bd7c817bc93a3f3906c3e5e2270fb05b9538bf78d9cc2df9bec8ae73dfcf68fe56f009c9d290ac140b22c2d13ea98c532e395d481191378bb50fc1faea5dd0a670bb8387bc33951cabe7d24bf3a64cadf250d33c35a9486417495b5bf452b0b94ef9f8ac6c430983cc1c87531effb641c40853e1cdbc2a01286d7752ac70430761e8c72b590ec145eef7618bb72a707e8a3cd3ce6ad16e5bdfe8efa3a69fb2848031e4957fca53972b826c7979ad4245faa7eb559f6c6aa06813caa80b9516137b518bf8153fbceb8de48ec4d427ca29501a78550ce551c48d88e13dcec5690ec0818de2fda17cbe7034e53282f762ecee56c37817a063a08b2976a6c02e5c76d09f225b719369ea3a795a803dd151ba672166fc268974c630b7fdc9a7bab8c97f2f1fcf48634e0dc5733b9cddec157b2b079728ab9d014430c494c904c35ef5afa828a9ee732070b8250f8a6bbfccf0a34ddcc1d54f64b603dde66776c911ad3f2c301b580a409522c13cc09449895a8ff26b367bc634b732827ccd270938135af820848c846a68e39eb835e9c4bcccbd121b30ea0eb7fcc8551d6b9fb9ffe217d66aeb6e4e07c23ed547c96abcf8fac43ed05a22cf7dab6e1a6a09254a88b32af9e659bb77cbdbb3ed9efe5aedb2b62dd0a7911bd083235bab8f9e2352fdb600e1f67038b9cb5d109727898a91a79e46e8dfd023a93b34360a8761541cd6ec02b40de20a243c54c4ce6ccde1b0cf9930dda5a4af0add675f8ad0ef1e7e1a86dab04d96d4d8f13bab1dbe53cce881c3c7e497f699ee4456aadc2ad3e79fca15d90bbb2881210b6d5d66bdf8a91494a977dcd5f0ff361244cac9ff76b6ff518a6d24c995fc14787b79e9c00d773724b6e5fea519e785f40f5dd1351c9ffd37e04a89cc4dd727ea3fe9f563ab66b36c665ca8403225b4101f68a5999283ca6b2d784099c7648f1b63d49aa10111dc67f232eb12a094b6a22f1b8a314c1c2b6637f4ccdb3cad3c4349b7f57d7908db9c5cbb7edba415e578f4393b404b6e9de5149ee50bf0afed26622acd3746b8a3c187f2e4a061419705ab45f03ade293d2627d02b7e4faa773066c6a273f10ea662d183fe09ad4e74c4a4688f666852f7d43afaccc5cad45bf65b4bee4fb506e8a77a9143155a7c369d8ec48c4b8d1935e7424545d795a816acb48b901eadcb4a7ca86c9c83d2c8e4c19686c41d7e27058b65389a28478459205cce254a2d4818a9b8abc420e02f60dab92367a377c8300093d5f5cdfd8d3593c972896e0308a56862e7e1b267dae86c1b048ece787ec5a90c0e75522eb54624d834783ff55250bb1e7b45027f16d9351f41cb0227da2379a72e73067abae54bc4e0485ac5859575f62a5ff34702e1f375cc34b2948240eee754ec036838704e6c82f1613a002b5aa226ba15e5ff57d9eec73838c700a885d96e6dc01eaf596944709dc9a58b1237ea66a085a11f1822ae7120bb994b97598ddb6a47c5150a408882077db15605adf21b925de19b578f41f6db7c730804aea85c97b34e043783ae15ec15c62ec0d42e2b15260b3ed35ae2cf12f172caa2368f5c6a7e8e06f5498654f3820f3ee6aecc42ee3ec75251b08fd7af0458ab629f8478e95b05b910ac85c6e1cb705059f3c8787dfc57dbc18c3ea59d6d45a2c2bb317ea30a4398e645b981b277778d036f20d8d4664164d79aff9223fef6e4a3db284334eafe938f54bf0911c8895efeea6f95c38cedf0bee4a9962564eab2cd75b08fe6adca6eed21ed7b3fd01957eea74b9f951e291c489fb7121c93f4f47b58d2f2c0818a650acbbe8968494a9368aac8b4810e64c5417874dea1d9d5c0f14a2cb741ed22ed5251eaa3fea9b474d7f414fca71e5daa9dfe89b3d242ec4f4b2a4ce717830dceb1c9aa1f3e123516c99c918d0cf8f4e519d2d9ae50ca4f0344f8a459a964c0827f3a2185431400192d83ca7d6617ccf2cb99a215bb5be4f71321a99908a9132348ad0c6e27541b4142ed30c78e33c73c469f6112126ed4a6479c391e5003947e788617ceb43b38901f7b27ddf275d3385a7ccc7daf30ae7d1878a7baf12bfaaa95245914dc41370f9e6c86ec74150a6f6e488816ac8990b95f82c06553b10a238478573304386d902b306d92325e88a2cb08266c39a85edf00eab5b0e1c3d36f4120c42f4211e655bf89c427f54f9853aa2a0d799b80137e1d0fc93bcafbb94a111668cd39776f7b36e7748cba98e014e0d82e1f56832bf563cf48f0f00f46ddf8fa817b250c5307a9fd40f6fd0d825598a080e247f522edaca30aff5d1b985e5e6e5367680645514b2f5f54df5a73e8a52dbb5230ec6f9772ab5f24c53b2cc733542bb9937cb1faa5153d4be6ea447ab29aa3d7ea9a6c2fefeb49c88adc480ecfe4b55d37e88d958a65c75e345b4277d96b553ac03705dad6aec7924c807cc871e0d1b00fae7f952be4bb85f9c87e4c6b24fbf82934eca9af12d5604779ce2b0bf40f69d21ce9eaad280b3e51bb9cdbbfc32de49049db205b6caf00ac85e76ef88489e8e3a125624e21c38a273338ab0a30b2f81e39068a30d7dcf902f3d317a859331f4214ef02688ca58cb8a8fc782ebabc8e22242a3ce0f7676b3a7507dd36ce535dff7feb0aacaf5ede1f292b9f6da00cae0f29f0ce507ce0117887729d215729f92b92988b8865678bfdc1e0e9c6c34d05413dc736ab67e6a1320237d64a9fc1a9fbe551378b87a8064322d5bac5bd180e0c7fbbfd14e1fc54def4b906345ca9d1fa2fb125bc717846b18fc151e19993161776ebc29e2ecf70b2f4ddb1a1fae0985ec050336e911c3daa0973486223f69d1be49582b6d57dc43f0cfbc6f96783135c44862f86dfea63a41ea614ba7d1621c8b6c32186e6365b41f63a1561c791e22fc8e9fa9b733a91767fbe41ebc4f23919822e4ddae5ecc4b621edcddf53559f39553894e6b7c4410e0d534150207fdfa8d2de3e9528e1f94dc2cc80f085edb0b69fb4456d4e99a9c9b327d2d55d3a8d065e5eebf5525040a1e2986cb031cf4ebff58fb0581494d55100db1cb72ec0b5793f10b59b41912287b70bf1f02f90767cb0b90e1e2ff4913a221728be68bf283d27eab506d478a81589f0ceb557384d0a5f7755fa65e8f952514a51a6c54ef1d71d1d5dd8c760d55259de1fb04500fb1c6cd836f1fd73aecb26dd82ef6d4d1174be67c2eebdc5d168c6d0b6ac9ddd8a09ddef3a97f41164ae8377ae519d4f7dbdb864661ac098654fec2d75f97fda4e0a565c4d975e447ab6846e0370b702621935a3b09963058711f3482022bd8501d789175a22867bd68d346e48e2db5b7ec4260ee7a7cc281bbadc386f456f9a51fc82cd7b56906743b4eaae7c541e6a8e0a81c01fb20c5f462fb12210576f362e3e3bb0ad0db8ec8783da9d92ad6329ed87b67fb098251da7c934288365fa3e12da5841793230de59db842f3aacacbdc29aa6ed99f5859b2f1631ff5de701c6bea81832875455a297c131196e6eb1f547670b1dd7c2da876170c4ee7ba8c0be6a947fa8a5c330436e974333a4e2fd4a5238d393839ed89eb5b1030d1822a1074906c5f5f34a86b409044e81a673b49bea09b5db042c8448e0596789bc0afb7f39ad7ede20e7931759f5014e0f0f9c85f1c4f618ea7c66def76f9446100e514f612269690251a590bf80954bba54194a90f67d0bde2fa04abae388fb57b075fea7c35a5595b7823fcc2a50e0e2ec5b816308cfb454619cfbb939eef00043f5f09a46e47c5b92ecadc5b5ddf31dd559985fa06c798b82ea8d92a961a87cf602f26332c05b66685c661bb52c7588b3d5d9d6e5a896d6a2243a2c1ca8051fb09a6d64525efc4ae89f2f64e23e14d4bb218ecd0d070427e9b4a6547a59adc9903e00b53ce6bb65fc67bfd8724bd1a59a798637a9a52533e75452cb25933533c47373c702e1d1b1b39379d8d7d82bbb80d1d94470e18afcc7c32ec982f50d36fdbc01a639811bc56a157dab31a3b9207149fd4656badca6e8586869a3c3110e441087925e9d2d1ae7f005aa2e4d27257d5b72c41f9a3c57c017870976615be85831a3447ed5b7a3c23114f93e6b274cf4fff3ac5027b070565ff77fb847d6ea52b6998bb9651d5ba2a607b24da7f270b7565809cffaa515cea863cfc90e0e15db5a5b7fe8c7b6ac120ec10ac717ba9b484181c69931a7f332907810f7ed9bbae84e27c669b323fd771967ff16bb24692e2b1867f6126eae5737d55f16145e6c43f14fcd08bda411e0c64c3a2f17fc5b3cba1b986baca7438b0a0f891caadf479fd88c609feb2e6774c5be2e5f54dde1e082360e6df08bd7474ec2801ad72612bd5780716ca378df527a5af00aac537be8e2f368a15758ee9fe176fe60101f61e12fb481b60f509fe73bb6ffbce778040b9e72c075f220cbf376a5b6ad2b6549d68494799a158d76de74108b47f817dfacf41bad0a49d9e4381b216e60b81732486439912b3e5898037da9ec710656e676e8a86e81d25f99b281ad774683c7f0d206b77a73390cf6bb6f57f46504b8523f15fb41ecf4a5e65c6cb9a483b27f6b1136e94510fec76f85626c9271e8c0781679a130962e17958a72c2a1ee06cb785f2eb56f5c727df18af50d9b3d192233b5ec40f029724936fc6e68f59bd784e25e3f1d5e58c7131faff115b4a58223831d69bf720926c1d08bbef1dac654648e7c4df6886d5a4b647676a3a4ce2fabd1444c249d8860db629408ced559a865f3b0400308008008c000800000008001b00d3ac0000000054a0d4da380553f058bae9a552e160f43f9a5b6531229d8987c35ba904bf7e540f07be75dbaf70e7b070baefd3789c82bdbb47db9354c44cad704af80cd1e4268de65b0fd1083d26a6a17a49878276165f80fbb0f646b04e3497cd16f2dbf8cd214ea48c3233eb0056aa5a389ca40c000b000e0000000000000008004400", @ANYRES32=r2, @ANYBLOB="44029e80448e9f3ae0895facd92b994b5fc9acc0892ac4bc5c9c91c8bffc294092d4b2c72cc38d032fded4603a2add58203dcf6a0584f55c8d6941989458267d7e7496542b81da268563170c40bcead8dc3763e2efb2311fd6a54b4fb944dbc2135b8e3f464cfa50d484fe3d117f87f173bac8704af3570a42673218bc9c820b7709fac87cc7cb77b94352796002979cee0f92c7ae0be3f8ed90719c79fc9e0ce54ec92266f312eddb0c67d909a049f8f74b3f188c08348dfc6a026ed47c894a60e87c579729b6969531b312f4a0bd71e873cf53d40400ad800400c6800c000c008100000000000000567604fb80cba83f662b953858285c6474cc2aecbbc958c1f51631cb17f04026f08cd8397b9d6f2d2fb4041dc138432af84637f3a91d5dec5722861d1cb23dacae0065049650a7e68b7aca6bf31d9e11e0b35ce670f7d3eaaa5ff4059b535eb2dc192a561d6c6bb9a008249b99694468a56f0b5d78b11809f6e5bd2e47c0673940e7650641d7f8eff7138ad00ca4e0dbd0da1ee0fe34f92f63979fee7607c8ec26e1605731c489ef4bd9ab3357276399be1e088cf697d8324f1f66d1669ee72b728f51fdc264886ee1a362a3cc70467c4bdf95d571dae545d365b5f24069614c048dad85211308df37aedc6d5fdec2de771b7f1e11c78e756a1f804851fcc8a11a4dcb995e8139aed2b69c1071e30e0bcef5c96d421b3fa046e03f74567725c80603e01f8de53284d5c22ddefa93ca3c1d325383f4c41d771b3db8535b6785b72acbfb5c37dfbe0400f18000000f002100726544ee127908fc815f0400"], 0x1964}, 0x1, 0x0, 0x0, 0x400}, 0x4004880) r4 = io_uring_setup$auto(0x6, 0x0) write$auto(0xca, &(0x7f0000000140)='\x04>\x01\x01\b\x1a\x1e`0x0}) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x4040884) r4 = bpf$auto(0x10, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x6, 0x8001, r1, @relative_id=0x81, 0x1000}, 0x40) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), r1) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYRES64=r4, @ANYRESHEX=0x0, @ANYBLOB="00100010", @ANYBLOB="7f822128fdc4cfe3f6027281b03a69f70667ead26cef2b193bd0204dffa1e3391d708db29450e22ebbd89288e635c7cbdcc2afd2a7716a005ac524332923ae7b62c1e20fe25c38c5401d82aadac846d777bc2ca3794a59a0fc013cb54ecb05d142f9776697b414fbe0e73a1740d974462dff536222f93cce9fc0da4c3aa872dbefb136cc45c6d0a139340fbca4a668549bb6535bdb65c9a8", @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4000010}, 0x20041050) msgsnd$auto(0x4, 0x0, 0x101004, 0x7) ioctl$auto_TIOCSTI2(r6, 0x5412, &(0x7f0000000000)) rseq$auto(&(0x7f0000000000)={0xe, 0x400, 0x0, 0x20006, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x6, 0x7) madvise$auto(0x8, 0x2, 0x3ff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) msgsnd$auto(0x1, 0x0, 0x2, 0x1) ioctl$auto_TIOCSWINSZ2(r6, 0x5414, &(0x7f00000001c0)="74aea28b40a46fa1623c56985b5f30aa490f06b40b827d174176e88e00c05513df16e65085cbd6d7cb02beb25dd735dd9ef73de84953a2") mmap$auto(0x0, 0x725219cf, 0x6, 0xeb1, 0x401, 0x8000) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0xe4202, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_SERVICE(r8, 0x0, 0x20000800) getpid() 982.594532ms ago: executing program 4 (id=3060): madvise$auto(0x7ff, 0xfffffffffffefffd, 0x15) sysfs$auto(0x2, 0x10000000000002a, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) madvise$auto(0x110c230000, 0x8031ca, 0x9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) madvise$auto(0x0, 0x20499d, 0x9) futex_waitv$auto(&(0x7f0000000000)={0x8, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) madvise$auto(0x108000, 0x800033, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) write$auto(0x3, 0x0, 0xfdef) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 2 (id=3061): r0 = open(&(0x7f0000000040)='./file0\x00', 0x20100, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/orangefs/slot_timeout_secs\x00', 0x102, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000003c0)=""/192, 0xc0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0) openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x40402, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000280)=""/65, 0x41) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) r3 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x80034}, 0x0, 0x0, 0x0, 0x0}, 0x58) r4 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x8a00, 0x0) ioctl$auto(0x3, 0x4020565b, 0x38) read$auto(r4, 0x0, 0x39b8) shmat$auto(0x0, &(0x7f0000000000)='(\x00', 0x3) writev$auto(0x3, 0x0, 0x8) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x0, 0x0) read$auto_tomoyo_operations_securityfs_if(r5, &(0x7f0000000040)=""/80, 0x50) setsockopt$auto(r1, 0x4, 0x6c, &(0x7f00000000c0)='\\}^&{\x00', 0x9) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000100)={"8116d584b1dd894bc855db20abe77b22998d714014da0d5f3605755cdcbaa771", 0x3, 0x0, 0x4, 0x40, 0x54, 0xffffffffffffffff}) prctl$auto_PR_SET_TIMING(0xe, 0x2, r6, 0x3, 0x897) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="020427bd7020fedbdf250100000006001c0007000009"], 0x1c}, 0x1, 0x0, 0x0, 0x8155}, 0x4000000) kernel console output (not intermixed with test programs): create+0x2d3/0x520 [ 712.462902][T16560] ovs_vport_add+0x144/0x4e0 [ 712.462944][T16560] new_vport+0x16/0x1d0 [ 712.462976][T16560] ovs_dp_cmd_new+0x6b0/0xe50 [ 712.463018][T16560] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 712.463058][T16560] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 712.463097][T16560] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 712.463145][T16560] genl_family_rcv_msg_doit+0x202/0x2f0 [ 712.463186][T16560] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 712.463225][T16560] ? trace_cap_capable+0x1a2/0x210 [ 712.463272][T16560] ? bpf_lsm_capable+0x9/0x10 [ 712.463303][T16560] ? security_capable+0x7e/0x260 [ 712.463341][T16560] ? ns_capable+0xd7/0x110 [ 712.463375][T16560] genl_rcv_msg+0x565/0x800 [ 712.463404][T16560] ? __pfx_genl_rcv_msg+0x10/0x10 [ 712.463430][T16560] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 712.463476][T16560] netlink_rcv_skb+0x165/0x410 [ 712.463510][T16560] ? __pfx_genl_rcv_msg+0x10/0x10 [ 712.463536][T16560] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 712.463585][T16560] ? down_read+0xc9/0x330 [ 712.463609][T16560] ? __pfx_down_read+0x10/0x10 [ 712.463635][T16560] ? netlink_deliver_tap+0x1ae/0xca0 [ 712.463672][T16560] genl_rcv+0x28/0x40 [ 712.463706][T16560] netlink_unicast+0x53c/0x7f0 [ 712.463744][T16560] ? __pfx_netlink_unicast+0x10/0x10 [ 712.463780][T16560] ? __phys_addr_symbol+0x30/0x80 [ 712.463815][T16560] ? __check_object_size+0x488/0x710 [ 712.463852][T16560] netlink_sendmsg+0x8b8/0xd70 [ 712.463892][T16560] ? __pfx_netlink_sendmsg+0x10/0x10 [ 712.463947][T16560] ____sys_sendmsg+0x9ae/0xb40 [ 712.463982][T16560] ? copy_msghdr_from_user+0x10b/0x160 [ 712.464009][T16560] ? __pfx_____sys_sendmsg+0x10/0x10 [ 712.464062][T16560] ___sys_sendmsg+0x135/0x1e0 [ 712.464091][T16560] ? __pfx____sys_sendmsg+0x10/0x10 [ 712.464133][T16560] ? __pfx_lock_release+0x10/0x10 [ 712.464161][T16560] ? trace_lock_acquire+0x14e/0x1f0 [ 712.464202][T16560] ? __fget_files+0x206/0x3a0 [ 712.464239][T16560] __sys_sendmsg+0x16e/0x220 [ 712.464267][T16560] ? __pfx___sys_sendmsg+0x10/0x10 [ 712.464294][T16560] ? __x64_sys_futex+0x1e1/0x4c0 [ 712.464341][T16560] do_syscall_64+0xcd/0x250 [ 712.464369][T16560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 712.464401][T16560] RIP: 0033:0x7f9ea7d8cde9 [ 712.464422][T16560] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 712.464446][T16560] RSP: 002b:00007f9ea8be8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 712.464470][T16560] RAX: ffffffffffffffda RBX: 00007f9ea7fa5fa0 RCX: 00007f9ea7d8cde9 [ 712.464488][T16560] RDX: 0000000002000000 RSI: 0000400000000080 RDI: 0000000000000008 [ 712.464501][T16560] RBP: 00007f9ea7e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 712.464512][T16560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 712.464524][T16560] R13: 0000000000000000 R14: 00007f9ea7fa5fa0 R15: 00007ffdd3340a38 [ 712.464559][T16560] [ 712.917712][ C0] vkms_vblank_simulate: vblank timer overrun [ 713.232995][T16570] netlink: 186 bytes leftover after parsing attributes in process `syz.0.2731'. [ 713.460165][T16582] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2732'. [ 713.947859][ T5845] Bluetooth: hci1: unexpected subevent 0x01 length: 4 < 18 [ 714.397359][ T5834] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 714.408316][ T5834] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 714.428674][ T5834] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 714.438156][ T5834] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 714.448605][ T5834] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3 [ 714.459559][ T5834] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 714.747577][T16605] chnl_net:caif_netlink_parms(): no params data found [ 715.035838][T16605] bridge0: port 1(bridge_slave_0) entered blocking state [ 715.082118][T16605] bridge0: port 1(bridge_slave_0) entered disabled state [ 715.122957][T16605] bridge_slave_0: entered allmulticast mode [ 715.138455][T16623] Invalid ELF header magic: != ELF [ 715.152610][T16605] bridge_slave_0: entered promiscuous mode [ 715.173293][T16605] bridge0: port 2(bridge_slave_1) entered blocking state [ 715.187870][T16605] bridge0: port 2(bridge_slave_1) entered disabled state [ 715.212738][T16625] FAULT_INJECTION: forcing a failure. [ 715.212738][T16625] name failslab, interval 1, probability 0, space 0, times 0 [ 715.272046][T16605] bridge_slave_1: entered allmulticast mode [ 715.279155][T16605] bridge_slave_1: entered promiscuous mode [ 715.291872][T16625] CPU: 0 UID: 0 PID: 16625 Comm: syz.4.2744 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 715.291913][T16625] Tainted: [U]=USER [ 715.291922][T16625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 715.291937][T16625] Call Trace: [ 715.291945][T16625] [ 715.291954][T16625] dump_stack_lvl+0x16c/0x1f0 [ 715.291997][T16625] should_fail_ex+0x50a/0x650 [ 715.292027][T16625] ? fs_reclaim_acquire+0xae/0x150 [ 715.292067][T16625] ? __alloc_workqueue+0xd92/0x1810 [ 715.292103][T16625] should_failslab+0xc2/0x120 [ 715.292134][T16625] __kmalloc_cache_noprof+0x68/0x420 [ 715.292159][T16625] ? vsnprintf+0x31e/0x1180 [ 715.292190][T16625] ? __pfx_lock_release+0x10/0x10 [ 715.292217][T16625] ? __alloc_workqueue+0xd4c/0x1810 [ 715.292254][T16625] __alloc_workqueue+0xd92/0x1810 [ 715.292287][T16625] ? __pfx_vsnprintf+0x10/0x10 [ 715.292321][T16625] ? lockdep_hardirqs_on+0x7c/0x110 [ 715.292356][T16625] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 715.292405][T16625] alloc_workqueue+0xd3/0x200 [ 715.292442][T16625] ? __pfx_alloc_workqueue+0x10/0x10 [ 715.292490][T16625] ? __pfx___debug_object_init+0x10/0x10 [ 715.292538][T16625] nci_register_device+0x397/0xb80 [ 715.292571][T16625] ? __pfx_nci_register_device+0x10/0x10 [ 715.292614][T16625] virtual_ncidev_open+0x141/0x220 [ 715.292648][T16625] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 715.292681][T16625] misc_open+0x35a/0x420 [ 715.292710][T16625] ? __pfx_misc_open+0x10/0x10 [ 715.292738][T16625] chrdev_open+0x237/0x6a0 [ 715.292764][T16625] ? __pfx_apparmor_file_open+0x10/0x10 [ 715.292792][T16625] ? __pfx_chrdev_open+0x10/0x10 [ 715.292822][T16625] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 715.292863][T16625] do_dentry_open+0x735/0x1c40 [ 715.292889][T16625] ? __pfx_chrdev_open+0x10/0x10 [ 715.292917][T16625] ? inode_permission+0xdd/0x5f0 [ 715.292952][T16625] vfs_open+0x82/0x3f0 [ 715.292980][T16625] ? may_open+0x1f2/0x400 [ 715.293015][T16625] path_openat+0x1e88/0x2d80 [ 715.293055][T16625] ? __pfx_path_openat+0x10/0x10 [ 715.293081][T16625] ? __pfx___lock_acquire+0x10/0x10 [ 715.293107][T16625] ? lock_acquire.part.0+0x11b/0x380 [ 715.293136][T16625] ? find_held_lock+0x2d/0x110 [ 715.293175][T16625] do_filp_open+0x20c/0x470 [ 715.293202][T16625] ? __pfx_do_filp_open+0x10/0x10 [ 715.293225][T16625] ? find_held_lock+0x2d/0x110 [ 715.293285][T16625] ? alloc_fd+0x41f/0x760 [ 715.293319][T16625] do_sys_openat2+0x17a/0x1e0 [ 715.293350][T16625] ? __pfx_do_sys_openat2+0x10/0x10 [ 715.293405][T16625] ? __pfx___might_resched+0x10/0x10 [ 715.293447][T16625] __x64_sys_openat+0x175/0x210 [ 715.293479][T16625] ? __pfx___x64_sys_openat+0x10/0x10 [ 715.293523][T16625] do_syscall_64+0xcd/0x250 [ 715.293550][T16625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.293582][T16625] RIP: 0033:0x7fb42cd8cde9 [ 715.293602][T16625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 715.293627][T16625] RSP: 002b:00007fb42abd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 715.293651][T16625] RAX: ffffffffffffffda RBX: 00007fb42cfa6080 RCX: 00007fb42cd8cde9 [ 715.293668][T16625] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 715.293685][T16625] RBP: 00007fb42ce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 715.293700][T16625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 715.293715][T16625] R13: 0000000000000000 R14: 00007fb42cfa6080 R15: 00007ffe6ef97808 [ 715.293747][T16625] [ 715.643345][ C0] vkms_vblank_simulate: vblank timer overrun [ 715.755832][T16605] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 715.824427][T16605] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 715.918051][ T5845] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 715.943171][ T5845] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 715.953167][ T5845] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 715.961107][ T5845] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 715.969264][ T5845] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3 [ 715.977149][ T5845] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 716.054478][T16605] team0: Port device team_slave_0 added [ 716.074735][T16605] team0: Port device team_slave_1 added [ 716.125970][T16605] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 716.125991][T16605] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 716.126022][T16605] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 716.127859][T16605] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 716.127876][T16605] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 716.127905][T16605] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 716.306754][T16605] hsr_slave_0: entered promiscuous mode [ 716.320494][T16605] hsr_slave_1: entered promiscuous mode [ 716.326894][T16605] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 716.334593][T16605] Cannot create hsr debugfs directory [ 716.414996][T16634] Invalid ELF header magic: != ELF [ 716.521810][ T5834] Bluetooth: hci7: command tx timeout [ 716.588141][T16641] FAULT_INJECTION: forcing a failure. [ 716.588141][T16641] name failslab, interval 1, probability 0, space 0, times 0 [ 716.620014][T16641] CPU: 0 UID: 0 PID: 16641 Comm: syz.4.2748 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 716.620054][T16641] Tainted: [U]=USER [ 716.620063][T16641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 716.620076][T16641] Call Trace: [ 716.620083][T16641] [ 716.620092][T16641] dump_stack_lvl+0x16c/0x1f0 [ 716.620130][T16641] should_fail_ex+0x50a/0x650 [ 716.620157][T16641] ? fs_reclaim_acquire+0xae/0x150 [ 716.620193][T16641] ? nfc_llcp_register_device+0x4b/0xa60 [ 716.620224][T16641] should_failslab+0xc2/0x120 [ 716.620251][T16641] __kmalloc_cache_noprof+0x68/0x420 [ 716.620282][T16641] nfc_llcp_register_device+0x4b/0xa60 [ 716.620324][T16641] nfc_register_device+0x6d/0x3c0 [ 716.620360][T16641] nci_register_device+0x7f4/0xb80 [ 716.620388][T16641] ? __pfx_nci_register_device+0x10/0x10 [ 716.620428][T16641] virtual_ncidev_open+0x141/0x220 [ 716.620459][T16641] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 716.620489][T16641] misc_open+0x35a/0x420 [ 716.620516][T16641] ? __pfx_misc_open+0x10/0x10 [ 716.620540][T16641] chrdev_open+0x237/0x6a0 [ 716.620565][T16641] ? __pfx_apparmor_file_open+0x10/0x10 [ 716.620590][T16641] ? __pfx_chrdev_open+0x10/0x10 [ 716.620620][T16641] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 716.620659][T16641] do_dentry_open+0x735/0x1c40 [ 716.620684][T16641] ? __pfx_chrdev_open+0x10/0x10 [ 716.620712][T16641] ? inode_permission+0xdd/0x5f0 [ 716.620746][T16641] vfs_open+0x82/0x3f0 [ 716.620774][T16641] ? may_open+0x1f2/0x400 [ 716.620809][T16641] path_openat+0x1e88/0x2d80 [ 716.620848][T16641] ? __pfx_path_openat+0x10/0x10 [ 716.620875][T16641] ? __pfx___lock_acquire+0x10/0x10 [ 716.620902][T16641] ? lock_acquire.part.0+0x11b/0x380 [ 716.620930][T16641] ? find_held_lock+0x2d/0x110 [ 716.620968][T16641] do_filp_open+0x20c/0x470 [ 716.620995][T16641] ? __pfx_do_filp_open+0x10/0x10 [ 716.621017][T16641] ? find_held_lock+0x2d/0x110 [ 716.621072][T16641] ? alloc_fd+0x41f/0x760 [ 716.621105][T16641] do_sys_openat2+0x17a/0x1e0 [ 716.621136][T16641] ? __pfx_do_sys_openat2+0x10/0x10 [ 716.621177][T16641] __x64_sys_openat+0x175/0x210 [ 716.621207][T16641] ? __pfx___x64_sys_openat+0x10/0x10 [ 716.621250][T16641] do_syscall_64+0xcd/0x250 [ 716.621276][T16641] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.621310][T16641] RIP: 0033:0x7fb42cd8cde9 [ 716.621339][T16641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 716.621364][T16641] RSP: 002b:00007fb42abf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 716.621387][T16641] RAX: ffffffffffffffda RBX: 00007fb42cfa5fa0 RCX: 00007fb42cd8cde9 [ 716.621405][T16641] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 716.621423][T16641] RBP: 00007fb42ce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 716.621438][T16641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.621454][T16641] R13: 0000000000000000 R14: 00007fb42cfa5fa0 R15: 00007ffe6ef97808 [ 716.621486][T16641] [ 716.621497][T16641] nfc: nfc_register_device: Could not register llcp device [ 716.946323][T16629] chnl_net:caif_netlink_parms(): no params data found [ 717.015049][T16640] llcp: nfc_llcp_remove_local: Shutting down device not found [ 717.265769][T16629] bridge0: port 1(bridge_slave_0) entered blocking state [ 717.273646][T16629] bridge0: port 1(bridge_slave_0) entered disabled state [ 717.280985][T16629] bridge_slave_0: entered allmulticast mode [ 717.289706][T16629] bridge_slave_0: entered promiscuous mode [ 717.303653][T16629] bridge0: port 2(bridge_slave_1) entered blocking state [ 717.310810][T16629] bridge0: port 2(bridge_slave_1) entered disabled state [ 717.323748][T16629] bridge_slave_1: entered allmulticast mode [ 717.339469][T16629] bridge_slave_1: entered promiscuous mode [ 717.356413][T16657] netlink: get zone limit has 4 unknown bytes [ 717.434139][T16605] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 717.460972][T16629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 717.502494][T16605] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 717.522264][T16629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 717.568460][T16605] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 717.621640][T16665] FAULT_INJECTION: forcing a failure. [ 717.621640][T16665] name failslab, interval 1, probability 0, space 0, times 0 [ 717.634714][T16665] CPU: 1 UID: 0 PID: 16665 Comm: syz.0.2755 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 717.634746][T16665] Tainted: [U]=USER [ 717.634755][T16665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 717.634768][T16665] Call Trace: [ 717.634774][T16665] [ 717.634783][T16665] dump_stack_lvl+0x16c/0x1f0 [ 717.634821][T16665] should_fail_ex+0x50a/0x650 [ 717.634848][T16665] ? fs_reclaim_acquire+0xae/0x150 [ 717.634884][T16665] should_failslab+0xc2/0x120 [ 717.634912][T16665] __kmalloc_noprof+0xce/0x4f0 [ 717.634935][T16665] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 717.634957][T16665] ? tomoyo_realpath_from_path+0xbf/0x710 [ 717.634981][T16665] ? rcu_is_watching+0x12/0xc0 [ 717.635008][T16665] tomoyo_realpath_from_path+0xbf/0x710 [ 717.635045][T16665] tomoyo_check_open_permission+0x2ad/0x3c0 [ 717.635066][T16665] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 717.635091][T16665] ? __pfx___lock_acquire+0x10/0x10 [ 717.635112][T16665] ? __pfx_lock_release+0x10/0x10 [ 717.635162][T16665] ? lock_acquire+0x2f/0xb0 [ 717.635185][T16665] ? __fget_files+0x40/0x3a0 [ 717.635218][T16665] tomoyo_file_fcntl+0x9e/0xc0 [ 717.635246][T16665] security_file_fcntl+0x211/0x240 [ 717.635272][T16665] __x64_sys_fcntl+0x108/0x200 [ 717.635302][T16665] do_syscall_64+0xcd/0x250 [ 717.635325][T16665] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.635353][T16665] RIP: 0033:0x7f9ea7d8cde9 [ 717.635370][T16665] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 717.635391][T16665] RSP: 002b:00007f9ea8be8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 717.635421][T16665] RAX: ffffffffffffffda RBX: 00007f9ea7fa5fa0 RCX: 00007f9ea7d8cde9 [ 717.635435][T16665] RDX: 000000000000a553 RSI: 0000000000000004 RDI: 0000000000000003 [ 717.635449][T16665] RBP: 00007f9ea8be8090 R08: 0000000000000000 R09: 0000000000000000 [ 717.635462][T16665] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 717.635474][T16665] R13: 0000000000000000 R14: 00007f9ea7fa5fa0 R15: 00007ffdd3340a38 [ 717.635503][T16665] [ 717.635512][T16665] ERROR: Out of memory at tomoyo_realpath_from_path. [ 717.650356][T16629] team0: Port device team_slave_0 added [ 717.984265][T16605] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 718.042428][ T5834] Bluetooth: hci8: command tx timeout [ 718.077623][T16629] team0: Port device team_slave_1 added [ 718.290578][T16629] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 718.303903][T16629] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 718.331250][T16629] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 718.345539][T16629] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 718.352699][T16629] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 718.390262][T16629] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 718.536882][T16629] hsr_slave_0: entered promiscuous mode [ 718.543635][T16629] hsr_slave_1: entered promiscuous mode [ 718.549722][T16629] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 718.569790][T16629] Cannot create hsr debugfs directory [ 718.616143][ T5834] Bluetooth: hci7: command tx timeout [ 719.250919][T16605] 8021q: adding VLAN 0 to HW filter on device bond0 [ 719.292260][T16605] 8021q: adding VLAN 0 to HW filter on device team0 [ 719.374657][ T6766] bridge0: port 1(bridge_slave_0) entered blocking state [ 719.381814][ T6766] bridge0: port 1(bridge_slave_0) entered forwarding state [ 719.398203][ T6766] bridge0: port 2(bridge_slave_1) entered blocking state [ 719.405307][ T6766] bridge0: port 2(bridge_slave_1) entered forwarding state [ 719.590920][T16629] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 719.613123][T16629] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 719.623497][T16629] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 719.641891][T16629] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 719.828576][T16629] 8021q: adding VLAN 0 to HW filter on device bond0 [ 719.887971][T16605] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 719.939038][T16629] 8021q: adding VLAN 0 to HW filter on device team0 [ 719.966723][ T6766] bridge0: port 1(bridge_slave_0) entered blocking state [ 719.973876][ T6766] bridge0: port 1(bridge_slave_0) entered forwarding state [ 720.020014][T16687] Invalid ELF header magic: != ELF [ 720.028791][T16688] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2764'. [ 720.044578][ T6769] bridge0: port 2(bridge_slave_1) entered blocking state [ 720.051737][ T6769] bridge0: port 2(bridge_slave_1) entered forwarding state [ 720.107594][T16688] FAULT_INJECTION: forcing a failure. [ 720.107594][T16688] name failslab, interval 1, probability 0, space 0, times 0 [ 720.127704][ T5834] Bluetooth: hci8: command tx timeout [ 720.161758][T16688] CPU: 0 UID: 0 PID: 16688 Comm: syz.0.2764 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 720.161799][T16688] Tainted: [U]=USER [ 720.161807][T16688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 720.161822][T16688] Call Trace: [ 720.161829][T16688] [ 720.161839][T16688] dump_stack_lvl+0x16c/0x1f0 [ 720.161879][T16688] should_fail_ex+0x50a/0x650 [ 720.161942][T16688] ? fs_reclaim_acquire+0xae/0x150 [ 720.161977][T16688] should_failslab+0xc2/0x120 [ 720.162005][T16688] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 720.162032][T16688] ? __kernfs_new_node+0xd3/0x890 [ 720.162068][T16688] __kernfs_new_node+0xd3/0x890 [ 720.162104][T16688] ? __pfx___kernfs_new_node+0x10/0x10 [ 720.162135][T16688] ? __pfx_lock_release+0x10/0x10 [ 720.162162][T16688] ? kernfs_add_one+0x39d/0x520 [ 720.162196][T16688] ? up_write+0x1b2/0x520 [ 720.162227][T16688] kernfs_new_node+0x186/0x240 [ 720.162257][T16688] __kernfs_create_file+0x53/0x350 [ 720.162288][T16688] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 720.162326][T16688] internal_create_group+0x56c/0xf10 [ 720.162366][T16688] ? __pfx_internal_create_group+0x10/0x10 [ 720.162403][T16688] ? kernfs_create_link+0x1bd/0x240 [ 720.162435][T16688] internal_create_groups+0x9d/0x150 [ 720.162471][T16688] device_add+0x6d3/0x1a70 [ 720.162502][T16688] ? __pfx_device_add+0x10/0x10 [ 720.162534][T16688] ? __init_waitqueue_head+0xca/0x150 [ 720.162572][T16688] rfkill_register+0x1ad/0xb40 [ 720.162601][T16688] nfc_register_device+0x11f/0x3c0 [ 720.162636][T16688] nci_register_device+0x7f4/0xb80 [ 720.162664][T16688] ? __pfx_nci_register_device+0x10/0x10 [ 720.162706][T16688] virtual_ncidev_open+0x141/0x220 [ 720.162735][T16688] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 720.162764][T16688] misc_open+0x35a/0x420 [ 720.162789][T16688] ? __pfx_misc_open+0x10/0x10 [ 720.162813][T16688] chrdev_open+0x237/0x6a0 [ 720.162836][T16688] ? __pfx_apparmor_file_open+0x10/0x10 [ 720.162861][T16688] ? __pfx_chrdev_open+0x10/0x10 [ 720.162887][T16688] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 720.162935][T16688] do_dentry_open+0x735/0x1c40 [ 720.162960][T16688] ? __pfx_chrdev_open+0x10/0x10 [ 720.162988][T16688] ? inode_permission+0xdd/0x5f0 [ 720.163019][T16688] vfs_open+0x82/0x3f0 [ 720.163044][T16688] ? may_open+0x1f2/0x400 [ 720.163075][T16688] path_openat+0x1e88/0x2d80 [ 720.163111][T16688] ? __pfx_path_openat+0x10/0x10 [ 720.163134][T16688] ? __pfx___lock_acquire+0x10/0x10 [ 720.163156][T16688] ? lock_acquire.part.0+0x11b/0x380 [ 720.163181][T16688] ? find_held_lock+0x2d/0x110 [ 720.163216][T16688] do_filp_open+0x20c/0x470 [ 720.163240][T16688] ? __pfx_do_filp_open+0x10/0x10 [ 720.163261][T16688] ? find_held_lock+0x2d/0x110 [ 720.163315][T16688] ? alloc_fd+0x41f/0x760 [ 720.163347][T16688] do_sys_openat2+0x17a/0x1e0 [ 720.163375][T16688] ? __pfx_do_sys_openat2+0x10/0x10 [ 720.163416][T16688] __x64_sys_openat+0x175/0x210 [ 720.163444][T16688] ? __pfx___x64_sys_openat+0x10/0x10 [ 720.163486][T16688] do_syscall_64+0xcd/0x250 [ 720.163510][T16688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.163538][T16688] RIP: 0033:0x7f9ea7d8cde9 [ 720.163556][T16688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 720.163579][T16688] RSP: 002b:00007f9ea8be8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 720.163599][T16688] RAX: ffffffffffffffda RBX: 00007f9ea7fa5fa0 RCX: 00007f9ea7d8cde9 [ 720.163614][T16688] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 720.163629][T16688] RBP: 00007f9ea7e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 720.163643][T16688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.163656][T16688] R13: 0000000000000000 R14: 00007f9ea7fa5fa0 R15: 00007ffdd3340a38 [ 720.163687][T16688] [ 720.683786][ T5834] Bluetooth: hci7: command tx timeout [ 720.838015][T16605] veth0_vlan: entered promiscuous mode [ 720.897491][T16605] veth1_vlan: entered promiscuous mode [ 720.973578][T16605] veth0_macvtap: entered promiscuous mode [ 720.982530][T16605] veth1_macvtap: entered promiscuous mode [ 721.006082][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 721.016760][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.032182][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 721.052151][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.067742][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 721.091923][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.112120][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 721.141577][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.157602][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 721.200747][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.211233][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 721.251530][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.264432][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 721.275352][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.285621][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 721.296711][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.308728][T16605] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 721.319172][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 721.337482][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.349101][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 721.360026][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.386088][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 721.396974][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.407185][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 721.418543][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.431568][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 721.447878][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.458001][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 721.468915][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.483098][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 721.494639][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.512820][T16724] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 721.523059][T16605] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 721.537186][T16605] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 721.548439][T16605] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 721.576276][T16629] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 721.619297][T16719] mkiss: ax0: crc mode is auto. [ 721.625973][T16605] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.657922][T16605] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.691832][T16605] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 721.700576][T16605] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 722.092029][ T6772] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 722.100669][ T6772] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 722.203426][ T5834] Bluetooth: hci8: command tx timeout [ 722.207211][ T6772] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 722.226119][T16629] veth0_vlan: entered promiscuous mode [ 722.256803][T16629] veth1_vlan: entered promiscuous mode [ 722.264533][ T6772] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 722.349486][T16629] veth0_macvtap: entered promiscuous mode [ 722.388319][T16629] veth1_macvtap: entered promiscuous mode [ 722.436454][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 722.471639][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.485135][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 722.496035][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.514501][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 722.526073][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.536399][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 722.547467][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.560720][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 722.581801][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.591643][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 722.627115][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.649135][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 722.666694][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.680243][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 722.692524][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.702703][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 722.715029][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.738677][T16754] nfs: Unknown parameter 'w¾Ã`_…à‚ûÏI+;ýá ÑöHYø º†»·«ÏLuõ>>ËÕuh*àéC<+ °ðÀÛ' [ 722.741101][T16629] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 722.763086][ T5834] Bluetooth: hci7: command tx timeout [ 722.843784][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 722.894503][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.904951][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 722.915456][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 722.965600][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 722.995676][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 723.018405][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 723.030866][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 723.041140][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 723.057379][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 723.075332][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 723.089892][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 723.100597][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 723.111452][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 723.123428][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 723.144352][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 723.164749][T16629] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 723.189725][T16629] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 723.201200][T16629] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 723.255748][T16629] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 723.266952][T16629] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 723.284887][T16629] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 723.295242][T16629] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 723.402486][T16746] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 723.414799][T16746] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 723.456524][T16740] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 723.465008][T16740] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 724.125441][T16787] FAULT_INJECTION: forcing a failure. [ 724.125441][T16787] name failslab, interval 1, probability 0, space 0, times 0 [ 724.161046][T16787] CPU: 0 UID: 0 PID: 16787 Comm: syz.0.2774 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 724.161086][T16787] Tainted: [U]=USER [ 724.161094][T16787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 724.161108][T16787] Call Trace: [ 724.161115][T16787] [ 724.161123][T16787] dump_stack_lvl+0x16c/0x1f0 [ 724.161165][T16787] should_fail_ex+0x50a/0x650 [ 724.161191][T16787] ? fs_reclaim_acquire+0xae/0x150 [ 724.161236][T16787] ? alloc_tty_struct+0x98/0x8d0 [ 724.161255][T16787] should_failslab+0xc2/0x120 [ 724.161284][T16787] __kmalloc_cache_noprof+0x68/0x420 [ 724.161307][T16787] ? __mutex_lock+0x1cc/0xb10 [ 724.161335][T16787] alloc_tty_struct+0x98/0x8d0 [ 724.161357][T16787] ? __pfx___mutex_lock+0x10/0x10 [ 724.161394][T16787] ? __pfx_alloc_tty_struct+0x10/0x10 [ 724.161418][T16787] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 724.161468][T16787] tty_init_dev.part.0+0x1e/0x660 [ 724.161493][T16787] tty_init_dev+0x60/0x80 [ 724.161517][T16787] ? __pfx_ptmx_open+0x10/0x10 [ 724.161571][T16787] ptmx_open+0x10d/0x360 [ 724.161597][T16787] ? __pfx_ptmx_open+0x10/0x10 [ 724.161625][T16787] chrdev_open+0x237/0x6a0 [ 724.161652][T16787] ? __pfx_apparmor_file_open+0x10/0x10 [ 724.161678][T16787] ? __pfx_chrdev_open+0x10/0x10 [ 724.161706][T16787] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 724.161751][T16787] do_dentry_open+0x735/0x1c40 [ 724.161780][T16787] ? __pfx_chrdev_open+0x10/0x10 [ 724.161817][T16787] ? inode_permission+0xdd/0x5f0 [ 724.161853][T16787] vfs_open+0x82/0x3f0 [ 724.161880][T16787] ? may_open+0x1f2/0x400 [ 724.161912][T16787] path_openat+0x1e88/0x2d80 [ 724.161949][T16787] ? __pfx_path_openat+0x10/0x10 [ 724.161973][T16787] ? __pfx___lock_acquire+0x10/0x10 [ 724.161999][T16787] ? lock_acquire.part.0+0x11b/0x380 [ 724.162026][T16787] ? find_held_lock+0x2d/0x110 [ 724.162063][T16787] do_filp_open+0x20c/0x470 [ 724.162090][T16787] ? __pfx_do_filp_open+0x10/0x10 [ 724.162114][T16787] ? find_held_lock+0x2d/0x110 [ 724.162171][T16787] ? alloc_fd+0x41f/0x760 [ 724.162204][T16787] do_sys_openat2+0x17a/0x1e0 [ 724.162234][T16787] ? __pfx_do_sys_openat2+0x10/0x10 [ 724.162273][T16787] __x64_sys_openat+0x175/0x210 [ 724.162296][T16787] ? __pfx___x64_sys_openat+0x10/0x10 [ 724.162340][T16787] do_syscall_64+0xcd/0x250 [ 724.162366][T16787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.162396][T16787] RIP: 0033:0x7f9ea7d8cde9 [ 724.162413][T16787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.162435][T16787] RSP: 002b:00007f9ea8be8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 724.162458][T16787] RAX: ffffffffffffffda RBX: 00007f9ea7fa5fa0 RCX: 00007f9ea7d8cde9 [ 724.162474][T16787] RDX: 0000000000000000 RSI: 00004000000001c0 RDI: ffffffffffffff9c [ 724.162488][T16787] RBP: 00007f9ea7e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 724.162501][T16787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 724.162515][T16787] R13: 0000000000000000 R14: 00007f9ea7fa5fa0 R15: 00007ffdd3340a38 [ 724.162543][T16787] [ 724.524536][ T5834] Bluetooth: hci8: command tx timeout [ 725.839716][T16822] netlink: get zone limit has 4 unknown bytes [ 726.630566][T16829] FAULT_INJECTION: forcing a failure. [ 726.630566][T16829] name failslab, interval 1, probability 0, space 0, times 0 [ 726.649531][T16829] CPU: 1 UID: 0 PID: 16829 Comm: syz.4.2788 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 726.649571][T16829] Tainted: [U]=USER [ 726.649580][T16829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 726.649596][T16829] Call Trace: [ 726.649604][T16829] [ 726.649614][T16829] dump_stack_lvl+0x16c/0x1f0 [ 726.649657][T16829] should_fail_ex+0x50a/0x650 [ 726.649686][T16829] ? fs_reclaim_acquire+0xae/0x150 [ 726.649726][T16829] should_failslab+0xc2/0x120 [ 726.649757][T16829] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 726.649787][T16829] ? __kernfs_new_node+0xd3/0x890 [ 726.649829][T16829] __kernfs_new_node+0xd3/0x890 [ 726.649870][T16829] ? __pfx___kernfs_new_node+0x10/0x10 [ 726.649906][T16829] ? __pfx_lock_release+0x10/0x10 [ 726.649935][T16829] ? kernfs_add_one+0x39d/0x520 [ 726.649973][T16829] ? up_write+0x1b2/0x520 [ 726.650009][T16829] kernfs_new_node+0x186/0x240 [ 726.650041][T16829] __kernfs_create_file+0x53/0x350 [ 726.650074][T16829] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 726.650118][T16829] internal_create_group+0x56c/0xf10 [ 726.650164][T16829] ? __pfx_internal_create_group+0x10/0x10 [ 726.650206][T16829] ? kernfs_create_link+0x1bd/0x240 [ 726.650243][T16829] internal_create_groups+0x9d/0x150 [ 726.650283][T16829] device_add+0xf33/0x1a70 [ 726.650329][T16829] ? __pfx_device_add+0x10/0x10 [ 726.650366][T16829] ? __init_waitqueue_head+0xca/0x150 [ 726.650413][T16829] netdev_register_kobject+0x183/0x3a0 [ 726.650444][T16829] register_netdevice+0x147b/0x1e50 [ 726.650479][T16829] ? __pfx_register_netdevice+0x10/0x10 [ 726.650508][T16829] ? alloc_netdev_mqs+0x1038/0x13e0 [ 726.650542][T16829] internal_dev_create+0x2d3/0x520 [ 726.650568][T16829] ovs_vport_add+0x144/0x4e0 [ 726.650606][T16829] new_vport+0x16/0x1d0 [ 726.650636][T16829] ovs_dp_cmd_new+0x6b0/0xe50 [ 726.650676][T16829] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 726.650717][T16829] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 726.650756][T16829] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 726.650803][T16829] genl_family_rcv_msg_doit+0x202/0x2f0 [ 726.650844][T16829] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 726.650881][T16829] ? trace_cap_capable+0x1a2/0x210 [ 726.650928][T16829] ? bpf_lsm_capable+0x9/0x10 [ 726.650965][T16829] ? security_capable+0x7e/0x260 [ 726.651003][T16829] ? ns_capable+0xd7/0x110 [ 726.651038][T16829] genl_rcv_msg+0x565/0x800 [ 726.651066][T16829] ? __pfx_genl_rcv_msg+0x10/0x10 [ 726.651091][T16829] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 726.651133][T16829] netlink_rcv_skb+0x165/0x410 [ 726.651165][T16829] ? __pfx_genl_rcv_msg+0x10/0x10 [ 726.651190][T16829] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 726.651237][T16829] ? down_read+0xc9/0x330 [ 726.651260][T16829] ? __pfx_down_read+0x10/0x10 [ 726.651285][T16829] ? netlink_deliver_tap+0x1ae/0xca0 [ 726.651332][T16829] genl_rcv+0x28/0x40 [ 726.651365][T16829] netlink_unicast+0x53c/0x7f0 [ 726.651402][T16829] ? __pfx_netlink_unicast+0x10/0x10 [ 726.651436][T16829] ? __phys_addr_symbol+0x30/0x80 [ 726.651470][T16829] ? __check_object_size+0x488/0x710 [ 726.651505][T16829] netlink_sendmsg+0x8b8/0xd70 [ 726.651545][T16829] ? __pfx_netlink_sendmsg+0x10/0x10 [ 726.651592][T16829] ____sys_sendmsg+0x9ae/0xb40 [ 726.651624][T16829] ? copy_msghdr_from_user+0x10b/0x160 [ 726.651649][T16829] ? __pfx_____sys_sendmsg+0x10/0x10 [ 726.651696][T16829] ___sys_sendmsg+0x135/0x1e0 [ 726.651724][T16829] ? __pfx____sys_sendmsg+0x10/0x10 [ 726.651763][T16829] ? __pfx_lock_release+0x10/0x10 [ 726.651788][T16829] ? trace_lock_acquire+0x14e/0x1f0 [ 726.651821][T16829] ? __fget_files+0x206/0x3a0 [ 726.651855][T16829] __sys_sendmsg+0x16e/0x220 [ 726.651881][T16829] ? __pfx___sys_sendmsg+0x10/0x10 [ 726.651905][T16829] ? __x64_sys_futex+0x1e1/0x4c0 [ 726.651949][T16829] do_syscall_64+0xcd/0x250 [ 726.651974][T16829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 726.652006][T16829] RIP: 0033:0x7fb42cd8cde9 [ 726.652027][T16829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 726.652051][T16829] RSP: 002b:00007fb42abf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 726.652075][T16829] RAX: ffffffffffffffda RBX: 00007fb42cfa5fa0 RCX: 00007fb42cd8cde9 [ 726.652091][T16829] RDX: 0000000002000000 RSI: 0000400000000080 RDI: 0000000000000005 [ 726.652104][T16829] RBP: 00007fb42ce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 726.652116][T16829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 726.652129][T16829] R13: 0000000000000000 R14: 00007fb42cfa5fa0 R15: 00007ffe6ef97808 [ 726.652157][T16829] [ 729.667541][T16884] Invalid ELF header magic: != ELF [ 731.175927][T16915] FAULT_INJECTION: forcing a failure. [ 731.175927][T16915] name failslab, interval 1, probability 0, space 0, times 0 [ 731.192426][T16915] CPU: 0 UID: 0 PID: 16915 Comm: syz.6.2812 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 731.192466][T16915] Tainted: [U]=USER [ 731.192474][T16915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 731.192490][T16915] Call Trace: [ 731.192498][T16915] [ 731.192507][T16915] dump_stack_lvl+0x16c/0x1f0 [ 731.192550][T16915] should_fail_ex+0x50a/0x650 [ 731.192579][T16915] ? fs_reclaim_acquire+0xae/0x150 [ 731.192620][T16915] should_failslab+0xc2/0x120 [ 731.192651][T16915] __kmalloc_node_track_caller_noprof+0xcf/0x520 [ 731.192682][T16915] ? __pfx_try_to_wake_up+0x10/0x10 [ 731.192709][T16915] ? kasprintf+0xc8/0x100 [ 731.192749][T16915] kvasprintf+0xbd/0x160 [ 731.192782][T16915] ? __pfx_kvasprintf+0x10/0x10 [ 731.192818][T16915] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 731.192865][T16915] kasprintf+0xc8/0x100 [ 731.192920][T16915] ? __pfx_kasprintf+0x10/0x10 [ 731.192958][T16915] ? __pfx_lockdep_lock+0x10/0x10 [ 731.193000][T16915] ? lockdep_unlock+0x11a/0x290 [ 731.193040][T16915] alloc_workqueue+0x115/0x200 [ 731.193076][T16915] ? __pfx_alloc_workqueue+0x10/0x10 [ 731.193120][T16915] ? __pfx___debug_object_init+0x10/0x10 [ 731.193163][T16915] nci_register_device+0x221/0xb80 [ 731.193195][T16915] ? __pfx_nci_register_device+0x10/0x10 [ 731.193238][T16915] virtual_ncidev_open+0x141/0x220 [ 731.193273][T16915] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 731.193305][T16915] misc_open+0x35a/0x420 [ 731.193334][T16915] ? __pfx_misc_open+0x10/0x10 [ 731.193362][T16915] chrdev_open+0x237/0x6a0 [ 731.193389][T16915] ? __pfx_apparmor_file_open+0x10/0x10 [ 731.193415][T16915] ? __pfx_chrdev_open+0x10/0x10 [ 731.193446][T16915] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 731.193490][T16915] do_dentry_open+0x735/0x1c40 [ 731.193517][T16915] ? __pfx_chrdev_open+0x10/0x10 [ 731.193545][T16915] ? inode_permission+0xdd/0x5f0 [ 731.193580][T16915] vfs_open+0x82/0x3f0 [ 731.193608][T16915] ? may_open+0x1f2/0x400 [ 731.193644][T16915] path_openat+0x1e88/0x2d80 [ 731.193683][T16915] ? __pfx_path_openat+0x10/0x10 [ 731.193709][T16915] ? __pfx___lock_acquire+0x10/0x10 [ 731.193735][T16915] ? lock_acquire.part.0+0x11b/0x380 [ 731.193763][T16915] ? find_held_lock+0x2d/0x110 [ 731.193802][T16915] do_filp_open+0x20c/0x470 [ 731.193829][T16915] ? __pfx_do_filp_open+0x10/0x10 [ 731.193853][T16915] ? find_held_lock+0x2d/0x110 [ 731.193920][T16915] ? alloc_fd+0x41f/0x760 [ 731.193956][T16915] do_sys_openat2+0x17a/0x1e0 [ 731.193989][T16915] ? __pfx_do_sys_openat2+0x10/0x10 [ 731.194024][T16915] ? __pfx___might_resched+0x10/0x10 [ 731.194064][T16915] __x64_sys_openat+0x175/0x210 [ 731.194096][T16915] ? __pfx___x64_sys_openat+0x10/0x10 [ 731.194142][T16915] do_syscall_64+0xcd/0x250 [ 731.194168][T16915] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.194201][T16915] RIP: 0033:0x7fea2f18cde9 [ 731.194221][T16915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.194245][T16915] RSP: 002b:00007fea30056038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 731.194269][T16915] RAX: ffffffffffffffda RBX: 00007fea2f3a5fa0 RCX: 00007fea2f18cde9 [ 731.194286][T16915] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 731.194302][T16915] RBP: 00007fea2f20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 731.194317][T16915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 731.194331][T16915] R13: 0000000000000000 R14: 00007fea2f3a5fa0 R15: 00007ffd01414b18 [ 731.194364][T16915] [ 731.968935][T16925] ovs_: entered promiscuous mode [ 733.035138][T16949] netlink: 342 bytes leftover after parsing attributes in process `syz.7.2821'. [ 733.073024][T16949] netlink: 342 bytes leftover after parsing attributes in process `syz.7.2821'. [ 733.100932][T16949] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2821'. [ 733.991509][T16967] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2828'. [ 734.000686][T16967] veth1_macvtap: entered allmulticast mode [ 734.055920][T16975] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2828'. [ 734.855244][T16992] FAULT_INJECTION: forcing a failure. [ 734.855244][T16992] name failslab, interval 1, probability 0, space 0, times 0 [ 734.881828][T16992] CPU: 1 UID: 0 PID: 16992 Comm: syz.4.2834 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 734.881869][T16992] Tainted: [U]=USER [ 734.881878][T16992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 734.881893][T16992] Call Trace: [ 734.881900][T16992] [ 734.881909][T16992] dump_stack_lvl+0x16c/0x1f0 [ 734.881950][T16992] should_fail_ex+0x50a/0x650 [ 734.881978][T16992] ? fs_reclaim_acquire+0xae/0x150 [ 734.882012][T16992] should_failslab+0xc2/0x120 [ 734.882039][T16992] __kmalloc_cache_node_noprof+0x6f/0x3f0 [ 734.882063][T16992] ? init_rescuer+0x1a6/0x640 [ 734.882091][T16992] init_rescuer+0x1a6/0x640 [ 734.882116][T16992] ? __pfx_init_rescuer+0x10/0x10 [ 734.882145][T16992] ? wq_adjust_max_active+0x39d/0x4a0 [ 734.882174][T16992] __alloc_workqueue+0xc27/0x1810 [ 734.882215][T16992] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 734.882248][T16992] alloc_workqueue+0xd3/0x200 [ 734.882282][T16992] ? __pfx_alloc_workqueue+0x10/0x10 [ 734.882330][T16992] nci_register_device+0x221/0xb80 [ 734.882359][T16992] ? __pfx_nci_register_device+0x10/0x10 [ 734.882401][T16992] virtual_ncidev_open+0x141/0x220 [ 734.882434][T16992] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 734.882463][T16992] misc_open+0x35a/0x420 [ 734.882491][T16992] ? __pfx_misc_open+0x10/0x10 [ 734.882519][T16992] chrdev_open+0x237/0x6a0 [ 734.882545][T16992] ? __pfx_apparmor_file_open+0x10/0x10 [ 734.882572][T16992] ? __pfx_chrdev_open+0x10/0x10 [ 734.882603][T16992] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 734.882648][T16992] do_dentry_open+0x735/0x1c40 [ 734.882676][T16992] ? __pfx_chrdev_open+0x10/0x10 [ 734.882705][T16992] ? inode_permission+0xdd/0x5f0 [ 734.882740][T16992] vfs_open+0x82/0x3f0 [ 734.882768][T16992] ? may_open+0x1f2/0x400 [ 734.882814][T16992] path_openat+0x1e88/0x2d80 [ 734.882855][T16992] ? __pfx_path_openat+0x10/0x10 [ 734.882883][T16992] ? __pfx___lock_acquire+0x10/0x10 [ 734.882910][T16992] ? lock_acquire.part.0+0x11b/0x380 [ 734.882938][T16992] ? find_held_lock+0x2d/0x110 [ 734.882979][T16992] do_filp_open+0x20c/0x470 [ 734.883007][T16992] ? __pfx_do_filp_open+0x10/0x10 [ 734.883031][T16992] ? find_held_lock+0x2d/0x110 [ 734.883092][T16992] ? alloc_fd+0x41f/0x760 [ 734.883128][T16992] do_sys_openat2+0x17a/0x1e0 [ 734.883160][T16992] ? __pfx_do_sys_openat2+0x10/0x10 [ 734.883196][T16992] ? __pfx___might_resched+0x10/0x10 [ 734.883237][T16992] __x64_sys_openat+0x175/0x210 [ 734.883270][T16992] ? __pfx___x64_sys_openat+0x10/0x10 [ 734.883318][T16992] do_syscall_64+0xcd/0x250 [ 734.883345][T16992] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.883378][T16992] RIP: 0033:0x7fb42cd8cde9 [ 734.883399][T16992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 734.883423][T16992] RSP: 002b:00007fb42abf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 734.883446][T16992] RAX: ffffffffffffffda RBX: 00007fb42cfa5fa0 RCX: 00007fb42cd8cde9 [ 734.883464][T16992] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 734.883481][T16992] RBP: 00007fb42ce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 734.883496][T16992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 734.883510][T16992] R13: 0000000000000000 R14: 00007fb42cfa5fa0 R15: 00007ffe6ef97808 [ 734.883543][T16992] [ 734.883554][T16992] workqueue: Failed to allocate a rescuer for wq "nfc2_nci_cmd_wq" [ 735.381528][T17003] netlink: get zone limit has 4 unknown bytes [ 735.917240][T17010] FAULT_INJECTION: forcing a failure. [ 735.917240][T17010] name failslab, interval 1, probability 0, space 0, times 0 [ 735.974811][T17010] CPU: 1 UID: 0 PID: 17010 Comm: syz.6.2839 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 735.974854][T17010] Tainted: [U]=USER [ 735.974864][T17010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 735.974879][T17010] Call Trace: [ 735.974888][T17010] [ 735.974897][T17010] dump_stack_lvl+0x16c/0x1f0 [ 735.974940][T17010] should_fail_ex+0x50a/0x650 [ 735.974968][T17010] ? fs_reclaim_acquire+0xae/0x150 [ 735.975010][T17010] should_failslab+0xc2/0x120 [ 735.975040][T17010] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 735.975068][T17010] ? __kernfs_new_node+0xd3/0x890 [ 735.975108][T17010] __kernfs_new_node+0xd3/0x890 [ 735.975148][T17010] ? __pfx___kernfs_new_node+0x10/0x10 [ 735.975184][T17010] ? __pfx_lock_release+0x10/0x10 [ 735.975213][T17010] ? kernfs_add_one+0x39d/0x520 [ 735.975251][T17010] ? up_write+0x1b2/0x520 [ 735.975284][T17010] kernfs_new_node+0x186/0x240 [ 735.975306][T17010] __kernfs_create_file+0x53/0x350 [ 735.975339][T17010] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 735.975382][T17010] internal_create_group+0x56c/0xf10 [ 735.975423][T17010] ? __pfx_internal_create_group+0x10/0x10 [ 735.975466][T17010] ? kernfs_create_link+0x1bd/0x240 [ 735.975502][T17010] internal_create_groups+0x9d/0x150 [ 735.975543][T17010] device_add+0xf33/0x1a70 [ 735.975580][T17010] ? __pfx_device_add+0x10/0x10 [ 735.975616][T17010] ? __init_waitqueue_head+0xca/0x150 [ 735.975661][T17010] netdev_register_kobject+0x183/0x3a0 [ 735.975692][T17010] register_netdevice+0x147b/0x1e50 [ 735.975728][T17010] ? __pfx_register_netdevice+0x10/0x10 [ 735.975768][T17010] ? alloc_netdev_mqs+0x1038/0x13e0 [ 735.975803][T17010] internal_dev_create+0x2d3/0x520 [ 735.975832][T17010] ovs_vport_add+0x144/0x4e0 [ 735.975869][T17010] new_vport+0x16/0x1d0 [ 735.975900][T17010] ovs_dp_cmd_new+0x6b0/0xe50 [ 735.975942][T17010] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 735.975982][T17010] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 735.976023][T17010] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 735.976071][T17010] genl_family_rcv_msg_doit+0x202/0x2f0 [ 735.976111][T17010] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 735.976149][T17010] ? trace_cap_capable+0x1a2/0x210 [ 735.976194][T17010] ? bpf_lsm_capable+0x9/0x10 [ 735.976224][T17010] ? security_capable+0x7e/0x260 [ 735.976257][T17010] ? ns_capable+0xd7/0x110 [ 735.976287][T17010] genl_rcv_msg+0x565/0x800 [ 735.976314][T17010] ? __pfx_genl_rcv_msg+0x10/0x10 [ 735.976337][T17010] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 735.976378][T17010] netlink_rcv_skb+0x165/0x410 [ 735.976413][T17010] ? __pfx_genl_rcv_msg+0x10/0x10 [ 735.976438][T17010] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 735.976483][T17010] ? down_read+0xc9/0x330 [ 735.976503][T17010] ? __pfx_down_read+0x10/0x10 [ 735.976527][T17010] ? netlink_deliver_tap+0x1ae/0xca0 [ 735.976562][T17010] genl_rcv+0x28/0x40 [ 735.976593][T17010] netlink_unicast+0x53c/0x7f0 [ 735.976629][T17010] ? __pfx_netlink_unicast+0x10/0x10 [ 735.976664][T17010] ? __phys_addr_symbol+0x30/0x80 [ 735.976698][T17010] ? __check_object_size+0x488/0x710 [ 735.976734][T17010] netlink_sendmsg+0x8b8/0xd70 [ 735.976786][T17010] ? __pfx_netlink_sendmsg+0x10/0x10 [ 735.976836][T17010] ____sys_sendmsg+0x9ae/0xb40 [ 735.976868][T17010] ? copy_msghdr_from_user+0x10b/0x160 [ 735.976894][T17010] ? __pfx_____sys_sendmsg+0x10/0x10 [ 735.976941][T17010] ___sys_sendmsg+0x135/0x1e0 [ 735.976970][T17010] ? __pfx____sys_sendmsg+0x10/0x10 [ 735.977011][T17010] ? __pfx_lock_release+0x10/0x10 [ 735.977038][T17010] ? trace_lock_acquire+0x14e/0x1f0 [ 735.977073][T17010] ? __fget_files+0x206/0x3a0 [ 735.977109][T17010] __sys_sendmsg+0x16e/0x220 [ 735.977134][T17010] ? __pfx___sys_sendmsg+0x10/0x10 [ 735.977160][T17010] ? __x64_sys_futex+0x1e1/0x4c0 [ 735.977208][T17010] do_syscall_64+0xcd/0x250 [ 735.977234][T17010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 735.977266][T17010] RIP: 0033:0x7fea2f18cde9 [ 735.977284][T17010] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 735.977308][T17010] RSP: 002b:00007fea30056038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 735.977331][T17010] RAX: ffffffffffffffda RBX: 00007fea2f3a5fa0 RCX: 00007fea2f18cde9 [ 735.977347][T17010] RDX: 0000000002000000 RSI: 0000400000000080 RDI: 0000000000000005 [ 735.977361][T17010] RBP: 00007fea2f20e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 735.977375][T17010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 735.977388][T17010] R13: 0000000000000000 R14: 00007fea2f3a5fa0 R15: 00007ffd01414b18 [ 735.977418][T17010] [ 736.450908][T17013] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2841'. [ 738.466902][T17056] Invalid ELF header magic: != ELF [ 739.865732][T17086] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2862'. [ 740.792845][ T5845] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 740.808610][ T5845] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 740.817225][ T5845] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 740.827100][ T5845] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 740.835743][ T5845] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3 [ 740.843494][ T5845] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 741.081245][T17112] chnl_net:caif_netlink_parms(): no params data found [ 741.253044][T17112] bridge0: port 1(bridge_slave_0) entered blocking state [ 741.264723][T17112] bridge0: port 1(bridge_slave_0) entered disabled state [ 741.272299][T17112] bridge_slave_0: entered allmulticast mode [ 741.279508][T17112] bridge_slave_0: entered promiscuous mode [ 741.288231][T17112] bridge0: port 2(bridge_slave_1) entered blocking state [ 741.297210][T17112] bridge0: port 2(bridge_slave_1) entered disabled state [ 741.304574][T17112] bridge_slave_1: entered allmulticast mode [ 741.312433][T17112] bridge_slave_1: entered promiscuous mode [ 741.355609][T17112] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 741.374223][T17112] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 741.466766][T17112] team0: Port device team_slave_0 added [ 741.493224][T17112] team0: Port device team_slave_1 added [ 741.554995][T17112] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 741.562300][T17112] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 741.611069][T17112] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 741.626189][T17112] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 741.633556][T17112] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 741.660952][T17112] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 742.510447][T17112] hsr_slave_0: entered promiscuous mode [ 742.516989][T17112] hsr_slave_1: entered promiscuous mode [ 742.525659][T17112] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 742.533732][T17112] Cannot create hsr debugfs directory [ 742.554483][T17130] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 742.579883][T17130] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 742.585934][T17130] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 742.610230][T17130] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 742.619489][T17130] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 742.637949][T17130] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 742.673075][T17130] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 742.682643][T17130] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 742.697223][T17130] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 742.721599][T17130] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 742.735300][T17130] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 742.774355][T17130] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 742.792814][T17130] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 742.799080][T17130] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 742.813108][T17130] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 742.836354][T17130] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 742.856224][T17130] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 742.883684][T17130] Bluetooth: hci7: Opcode 0x0406 failed: -4 [ 742.913533][T17112] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 742.921435][T17130] Bluetooth: hci8: Opcode 0x0c1a failed: -4 [ 742.927499][ T5845] Bluetooth: hci9: command tx timeout [ 742.933683][T17112] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 742.953969][T17112] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 742.964544][T17112] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 742.969962][T17130] Bluetooth: hci8: Opcode 0x0406 failed: -4 [ 743.009450][T17130] Bluetooth: hci8: Opcode 0x0406 failed: -4 [ 743.023327][T17130] Bluetooth: hci9: Opcode 0x0c1a failed: -4 [ 743.037439][T17130] Bluetooth: hci9: Opcode 0x0406 failed: -4 [ 743.054465][T17130] Bluetooth: hci9: Opcode 0x0406 failed: -4 [ 743.124681][T17112] 8021q: adding VLAN 0 to HW filter on device bond0 [ 743.157094][T17112] 8021q: adding VLAN 0 to HW filter on device team0 [ 743.195318][T16746] bridge0: port 1(bridge_slave_0) entered blocking state [ 743.202472][T16746] bridge0: port 1(bridge_slave_0) entered forwarding state [ 743.256720][T16746] bridge0: port 2(bridge_slave_1) entered blocking state [ 743.263901][T16746] bridge0: port 2(bridge_slave_1) entered forwarding state [ 743.316369][T17112] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 743.330314][T17112] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 743.591171][T17155] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2875'. [ 743.801973][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 743.850589][T17112] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 744.198105][T17112] veth0_vlan: entered promiscuous mode [ 744.227421][T17112] veth1_vlan: entered promiscuous mode [ 744.297188][T17112] veth0_macvtap: entered promiscuous mode [ 744.375592][T17112] veth1_macvtap: entered promiscuous mode [ 744.427964][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.527263][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.617555][ T5845] Bluetooth: hci3: command 0x0406 tx timeout [ 744.631829][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.652207][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.664604][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.676351][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.686723][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 744.687295][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout [ 744.694715][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.714831][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.726153][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.741796][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.751760][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.762927][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.772967][ T5834] Bluetooth: hci5: command 0x0c1a tx timeout [ 744.788056][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.798618][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.810878][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.828418][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.841842][ T5834] Bluetooth: hci7: command 0x0c1a tx timeout [ 744.841860][ T5845] Bluetooth: hci6: command 0x0c1a tx timeout [ 744.877578][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.911695][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.933285][ T5845] Bluetooth: hci8: command 0x0c1a tx timeout [ 744.949828][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 744.960720][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 744.972603][T17112] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 744.983875][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 744.995306][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.006307][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 745.017511][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.031237][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 745.042190][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.052285][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 745.075037][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.086863][ T5845] Bluetooth: hci9: command 0x040f tx timeout [ 745.102286][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 745.121779][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.131623][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 745.146211][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.156520][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 745.168388][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.178592][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 745.190209][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.200724][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 745.212081][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.226618][T17112] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 745.242004][T17112] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 745.253418][T17112] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 745.424277][T17112] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.451964][T17112] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.460709][T17112] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.501043][T17112] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.778593][ T6772] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 745.812802][ T6772] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 745.858740][ T6772] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 745.860213][T17191] FAULT_INJECTION: forcing a failure. [ 745.860213][T17191] name failslab, interval 1, probability 0, space 0, times 0 [ 745.870124][ T6772] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 745.931741][T17191] CPU: 0 UID: 0 PID: 17191 Comm: syz.7.2883 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 745.931779][T17191] Tainted: [U]=USER [ 745.931788][T17191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 745.931809][T17191] Call Trace: [ 745.931816][T17191] [ 745.931826][T17191] dump_stack_lvl+0x16c/0x1f0 [ 745.931868][T17191] should_fail_ex+0x50a/0x650 [ 745.931896][T17191] ? fs_reclaim_acquire+0xae/0x150 [ 745.931934][T17191] should_failslab+0xc2/0x120 [ 745.931962][T17191] kmem_cache_alloc_lru_noprof+0x73/0x3b0 [ 745.931993][T17191] ? bdev_alloc_inode+0x26/0x90 [ 745.932025][T17191] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 745.932059][T17191] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 745.932088][T17191] bdev_alloc_inode+0x26/0x90 [ 745.932115][T17191] ? __pfx_bdev_alloc_inode+0x10/0x10 [ 745.932144][T17191] alloc_inode+0x5d/0x230 [ 745.932170][T17191] new_inode+0x22/0x210 [ 745.932194][T17191] ? rcu_is_watching+0x12/0xc0 [ 745.932231][T17191] bdev_alloc+0x2b/0x420 [ 745.932269][T17191] __alloc_disk_node+0x10c/0x610 [ 745.932291][T17191] ? blk_alloc_queue+0x1a3/0x700 [ 745.932326][T17191] __blk_alloc_disk+0xd8/0x170 [ 745.932349][T17191] ? __pfx___blk_alloc_disk+0x10/0x10 [ 745.932395][T17191] ? __pfx_idr_alloc+0x10/0x10 [ 745.932432][T17191] ? __raw_spin_lock_init+0x3a/0x110 [ 745.932469][T17191] ? __pfx_hot_add_show+0x10/0x10 [ 745.932501][T17191] zram_add+0x160/0x6b0 [ 745.932533][T17191] ? __pfx_zram_add+0x10/0x10 [ 745.932583][T17191] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 745.932613][T17191] ? rcu_is_watching+0x12/0xc0 [ 745.932654][T17191] ? __pfx_hot_add_show+0x10/0x10 [ 745.932685][T17191] hot_add_show+0x21/0x80 [ 745.932716][T17191] class_attr_show+0x6f/0xa0 [ 745.932748][T17191] ? __pfx_class_attr_show+0x10/0x10 [ 745.932777][T17191] sysfs_kf_seq_show+0x223/0x3e0 [ 745.932832][T17191] seq_read_iter+0x4f4/0x12b0 [ 745.932886][T17191] kernfs_fop_read_iter+0x414/0x580 [ 745.932916][T17191] ? rw_verify_area+0xcf/0x680 [ 745.932956][T17191] vfs_read+0x886/0xbf0 [ 745.932986][T17191] ? __pfx_vfs_read+0x10/0x10 [ 745.933033][T17191] ksys_read+0x12b/0x250 [ 745.933056][T17191] ? __pfx_ksys_read+0x10/0x10 [ 745.933091][T17191] do_syscall_64+0xcd/0x250 [ 745.933118][T17191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.933150][T17191] RIP: 0033:0x7f4c5738cde9 [ 745.933171][T17191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.933194][T17191] RSP: 002b:00007f4c582aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 745.933218][T17191] RAX: ffffffffffffffda RBX: 00007f4c575a5fa0 RCX: 00007f4c5738cde9 [ 745.933234][T17191] RDX: 0000000000001000 RSI: 0000400000000ec0 RDI: 0000000000000008 [ 745.933249][T17191] RBP: 00007f4c5740e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 745.933263][T17191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.933277][T17191] R13: 0000000000000000 R14: 00007f4c575a5fa0 R15: 00007ffddb110118 [ 745.933312][T17191] [ 746.382755][T17191] zram: Error allocating disk structure for device 2 [ 746.691947][ T5845] Bluetooth: hci3: command 0x0406 tx timeout [ 746.762058][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 746.762129][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout [ 746.842657][ T5834] Bluetooth: hci5: command 0x0c1a tx timeout [ 746.921831][ T5834] Bluetooth: hci7: command 0x0c1a tx timeout [ 746.929310][ T5834] Bluetooth: hci6: command 0x0c1a tx timeout [ 747.011765][ T5834] Bluetooth: hci8: command 0x0c1a tx timeout [ 747.168075][ T5834] Bluetooth: hci9: command 0x040f tx timeout [ 747.240410][T17206] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2885'. [ 747.255750][T17206] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 747.489890][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.498530][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.334818][T17211] FAULT_INJECTION: forcing a failure. [ 748.334818][T17211] name failslab, interval 1, probability 0, space 0, times 0 [ 748.347609][T17211] CPU: 0 UID: 0 PID: 17211 Comm: syz.8.2887 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 748.347647][T17211] Tainted: [U]=USER [ 748.347656][T17211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 748.347672][T17211] Call Trace: [ 748.347681][T17211] [ 748.347691][T17211] dump_stack_lvl+0x16c/0x1f0 [ 748.347733][T17211] should_fail_ex+0x50a/0x650 [ 748.347763][T17211] ? fs_reclaim_acquire+0xae/0x150 [ 748.347805][T17211] should_failslab+0xc2/0x120 [ 748.347834][T17211] __kmalloc_noprof+0xce/0x4f0 [ 748.347862][T17211] ? ops_init+0x77/0x5f0 [ 748.347892][T17211] ops_init+0x77/0x5f0 [ 748.347921][T17211] setup_net+0x21f/0x860 [ 748.347950][T17211] ? __pfx_setup_net+0x10/0x10 [ 748.347975][T17211] ? down_read_killable+0xcc/0x380 [ 748.348002][T17211] ? __pfx_down_read_killable+0x10/0x10 [ 748.348030][T17211] ? debug_mutex_init+0x37/0x70 [ 748.348069][T17211] copy_net_ns+0x2b4/0x6c0 [ 748.348101][T17211] create_new_namespaces+0x3ea/0xad0 [ 748.348143][T17211] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 748.348179][T17211] ksys_unshare+0x45d/0xa40 [ 748.348214][T17211] ? __pfx_ksys_unshare+0x10/0x10 [ 748.348248][T17211] ? xfd_validate_state+0x5d/0x180 [ 748.348279][T17211] ? syscall_user_dispatch+0x77/0x140 [ 748.348327][T17211] __x64_sys_unshare+0x31/0x40 [ 748.348364][T17211] do_syscall_64+0xcd/0x250 [ 748.348390][T17211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.348423][T17211] RIP: 0033:0x7fbc3338cde9 [ 748.348442][T17211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 748.348465][T17211] RSP: 002b:00007fbc34234038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 748.348488][T17211] RAX: ffffffffffffffda RBX: 00007fbc335a5fa0 RCX: 00007fbc3338cde9 [ 748.348505][T17211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 748.348520][T17211] RBP: 00007fbc3340e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 748.348534][T17211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 748.348548][T17211] R13: 0000000000000000 R14: 00007fbc335a5fa0 R15: 00007fffee588858 [ 748.348580][T17211] [ 748.851733][ T5834] Bluetooth: hci1: command 0x0c1a tx timeout [ 748.857814][ T5845] Bluetooth: hci4: command 0x0c1a tx timeout [ 748.922580][ T5834] Bluetooth: hci5: command 0x0c1a tx timeout [ 749.002066][ T5845] Bluetooth: hci7: command 0x0c1a tx timeout [ 749.009362][ T5834] Bluetooth: hci6: command 0x0c1a tx timeout [ 749.081788][ T5834] Bluetooth: hci8: command 0x0c1a tx timeout [ 749.241819][ T5834] Bluetooth: hci9: command 0x040f tx timeout [ 750.350146][T17241] Invalid ELF header magic: != ELF [ 751.322077][ T5834] Bluetooth: hci9: command 0x040f tx timeout [ 753.411979][ T5834] Bluetooth: hci9: command 0x040f tx timeout syzkaller syzkaller login: [ 754.069592][T17323] netlink: get zone limit has 4 unknown bytes [ 755.254142][T17347] FAULT_INJECTION: forcing a failure. [ 755.254142][T17347] name failslab, interval 1, probability 0, space 0, times 0 [ 755.291792][T17347] CPU: 0 UID: 0 PID: 17347 Comm: syz.7.2925 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 755.291834][T17347] Tainted: [U]=USER [ 755.291842][T17347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 755.291858][T17347] Call Trace: [ 755.291865][T17347] [ 755.291874][T17347] dump_stack_lvl+0x16c/0x1f0 [ 755.291915][T17347] should_fail_ex+0x50a/0x650 [ 755.291945][T17347] ? fs_reclaim_acquire+0xae/0x150 [ 755.291988][T17347] should_failslab+0xc2/0x120 [ 755.292020][T17347] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 755.292050][T17347] ? __kernfs_new_node+0xd3/0x890 [ 755.292093][T17347] __kernfs_new_node+0xd3/0x890 [ 755.292133][T17347] ? __pfx___kernfs_new_node+0x10/0x10 [ 755.292168][T17347] ? __pfx_lock_release+0x10/0x10 [ 755.292197][T17347] ? kernfs_add_one+0x39d/0x520 [ 755.292235][T17347] ? up_write+0x1b2/0x520 [ 755.292271][T17347] kernfs_new_node+0x186/0x240 [ 755.292304][T17347] __kernfs_create_file+0x53/0x350 [ 755.292339][T17347] sysfs_add_file_mode_ns+0x1ff/0x3b0 [ 755.292384][T17347] internal_create_group+0x56c/0xf10 [ 755.292429][T17347] ? __pfx_internal_create_group+0x10/0x10 [ 755.292472][T17347] ? kernfs_create_link+0x1bd/0x240 [ 755.292509][T17347] internal_create_groups+0x9d/0x150 [ 755.292550][T17347] device_add+0xf33/0x1a70 [ 755.292587][T17347] ? __pfx_device_add+0x10/0x10 [ 755.292623][T17347] ? __init_waitqueue_head+0xca/0x150 [ 755.292668][T17347] netdev_register_kobject+0x183/0x3a0 [ 755.292699][T17347] register_netdevice+0x147b/0x1e50 [ 755.292742][T17347] ? __pfx_register_netdevice+0x10/0x10 [ 755.292772][T17347] ? alloc_netdev_mqs+0x1038/0x13e0 [ 755.292807][T17347] internal_dev_create+0x2d3/0x520 [ 755.292833][T17347] ovs_vport_add+0x144/0x4e0 [ 755.292874][T17347] new_vport+0x16/0x1d0 [ 755.292906][T17347] ovs_dp_cmd_new+0x6b0/0xe50 [ 755.292949][T17347] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 755.292987][T17347] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 755.293024][T17347] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 755.293071][T17347] genl_family_rcv_msg_doit+0x202/0x2f0 [ 755.293112][T17347] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 755.293149][T17347] ? trace_cap_capable+0x1a2/0x210 [ 755.293195][T17347] ? bpf_lsm_capable+0x9/0x10 [ 755.293226][T17347] ? security_capable+0x7e/0x260 [ 755.293262][T17347] ? ns_capable+0xd7/0x110 [ 755.293296][T17347] genl_rcv_msg+0x565/0x800 [ 755.293324][T17347] ? __pfx_genl_rcv_msg+0x10/0x10 [ 755.293350][T17347] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 755.293395][T17347] netlink_rcv_skb+0x165/0x410 [ 755.293430][T17347] ? __pfx_genl_rcv_msg+0x10/0x10 [ 755.293456][T17347] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 755.293506][T17347] ? down_read+0xc9/0x330 [ 755.293530][T17347] ? __pfx_down_read+0x10/0x10 [ 755.293557][T17347] ? netlink_deliver_tap+0x1ae/0xca0 [ 755.293595][T17347] genl_rcv+0x28/0x40 [ 755.293627][T17347] netlink_unicast+0x53c/0x7f0 [ 755.293663][T17347] ? __pfx_netlink_unicast+0x10/0x10 [ 755.293697][T17347] ? __phys_addr_symbol+0x30/0x80 [ 755.293770][T17347] ? __check_object_size+0x488/0x710 [ 755.293806][T17347] netlink_sendmsg+0x8b8/0xd70 [ 755.293846][T17347] ? __pfx_netlink_sendmsg+0x10/0x10 [ 755.293895][T17347] ____sys_sendmsg+0x9ae/0xb40 [ 755.293927][T17347] ? copy_msghdr_from_user+0x10b/0x160 [ 755.293953][T17347] ? __pfx_____sys_sendmsg+0x10/0x10 [ 755.294004][T17347] ___sys_sendmsg+0x135/0x1e0 [ 755.294033][T17347] ? __pfx____sys_sendmsg+0x10/0x10 [ 755.294072][T17347] ? __pfx_lock_release+0x10/0x10 [ 755.294098][T17347] ? trace_lock_acquire+0x14e/0x1f0 [ 755.294133][T17347] ? __fget_files+0x206/0x3a0 [ 755.294170][T17347] __sys_sendmsg+0x16e/0x220 [ 755.294197][T17347] ? __pfx___sys_sendmsg+0x10/0x10 [ 755.294222][T17347] ? __x64_sys_futex+0x1e1/0x4c0 [ 755.294271][T17347] do_syscall_64+0xcd/0x250 [ 755.294298][T17347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.294330][T17347] RIP: 0033:0x7f4c5738cde9 [ 755.294351][T17347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 755.294375][T17347] RSP: 002b:00007f4c582aa038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 755.294399][T17347] RAX: ffffffffffffffda RBX: 00007f4c575a5fa0 RCX: 00007f4c5738cde9 [ 755.294415][T17347] RDX: 0000000002000000 RSI: 0000400000000080 RDI: 0000000000000005 [ 755.294430][T17347] RBP: 00007f4c5740e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 755.294446][T17347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.294461][T17347] R13: 0000000000000000 R14: 00007f4c575a5fa0 R15: 00007ffddb110118 [ 755.294496][T17347] [ 756.255910][T17355] FAULT_INJECTION: forcing a failure. [ 756.255910][T17355] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 756.281967][T17355] CPU: 0 UID: 0 PID: 17355 Comm: syz.4.2928 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 756.282008][T17355] Tainted: [U]=USER [ 756.282016][T17355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 756.282029][T17355] Call Trace: [ 756.282036][T17355] [ 756.282045][T17355] dump_stack_lvl+0x16c/0x1f0 [ 756.282084][T17355] should_fail_ex+0x50a/0x650 [ 756.282117][T17355] _copy_to_user+0x32/0xd0 [ 756.282149][T17355] simple_read_from_buffer+0xd0/0x160 [ 756.282185][T17355] proc_fail_nth_read+0x198/0x270 [ 756.282217][T17355] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 756.282252][T17355] ? rw_verify_area+0xcf/0x680 [ 756.282283][T17355] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 756.282314][T17355] vfs_read+0x1df/0xbf0 [ 756.282337][T17355] ? __fget_files+0x1fc/0x3a0 [ 756.282361][T17355] ? __pfx___mutex_lock+0x10/0x10 [ 756.282396][T17355] ? __pfx_vfs_read+0x10/0x10 [ 756.282427][T17355] ? __fget_files+0x206/0x3a0 [ 756.282460][T17355] ksys_read+0x12b/0x250 [ 756.282482][T17355] ? __pfx_ksys_read+0x10/0x10 [ 756.282515][T17355] do_syscall_64+0xcd/0x250 [ 756.282539][T17355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.282569][T17355] RIP: 0033:0x7fb42cd8b7fc [ 756.282586][T17355] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 756.282608][T17355] RSP: 002b:00007fb42abf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 756.282630][T17355] RAX: ffffffffffffffda RBX: 00007fb42cfa5fa0 RCX: 00007fb42cd8b7fc [ 756.282646][T17355] RDX: 000000000000000f RSI: 00007fb42abf60a0 RDI: 0000000000000003 [ 756.282661][T17355] RBP: 00007fb42abf6090 R08: 0000000000000000 R09: 0000000000000000 [ 756.282675][T17355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 756.282689][T17355] R13: 0000000000000001 R14: 00007fb42cfa5fa0 R15: 00007ffe6ef97808 [ 756.282719][T17355] [ 756.798183][T17362] Invalid ELF header magic: != ELF [ 756.882317][T17356] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 756.898645][T17356] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 756.918411][T17356] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 756.932184][T17356] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 756.941246][T17356] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 756.962651][T17356] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 756.982001][T17356] Bluetooth: hci7: Opcode 0x0c1a failed: -4 [ 757.007118][T17356] Bluetooth: hci8: Opcode 0x0c1a failed: -4 [ 757.037830][T17356] Bluetooth: hci9: Opcode 0x0c1a failed: -4 [ 757.479704][T17373] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2933'. [ 758.761752][ T5834] Bluetooth: hci2: command 0x0c1a tx timeout [ 758.921911][ T5834] Bluetooth: hci4: command 0x0c1a tx timeout [ 758.927980][ T5834] Bluetooth: hci3: command 0x0406 tx timeout [ 759.001996][ T5845] Bluetooth: hci7: command 0x0c1a tx timeout [ 759.008371][ T5845] Bluetooth: hci6: command 0x0c1a tx timeout [ 759.015202][ T5845] Bluetooth: hci5: command 0x0c1a tx timeout [ 759.015394][T15540] Bluetooth: hci1: command 0x0c1a tx timeout [ 759.021488][ T5834] Bluetooth: hci8: command 0x0c1a tx timeout [ 759.085649][T15540] Bluetooth: hci9: command 0x040f tx timeout [ 760.892118][T17444] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2949'. [ 760.924806][T17444] veth1_macvtap: left promiscuous mode [ 760.966928][T17444] macsec0: entered allmulticast mode [ 761.888891][T17476] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2955'. [ 766.145498][T17533] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2969'. [ 766.787075][T15540] Bluetooth: hci8: unexpected subevent 0x01 length: 4 < 18 [ 766.987056][T17547] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2975'. [ 767.258641][T17551] mkiss: ax0: crc mode is auto. [ 767.448489][T17566] netlink: get zone limit has 4 unknown bytes [ 768.096173][T17579] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2985'. [ 768.331362][T17585] FAULT_INJECTION: forcing a failure. [ 768.331362][T17585] name failslab, interval 1, probability 0, space 0, times 0 [ 768.396949][T17585] CPU: 0 UID: 0 PID: 17585 Comm: syz.4.2988 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 768.396990][T17585] Tainted: [U]=USER [ 768.396999][T17585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 768.397015][T17585] Call Trace: [ 768.397023][T17585] [ 768.397034][T17585] dump_stack_lvl+0x16c/0x1f0 [ 768.397077][T17585] should_fail_ex+0x50a/0x650 [ 768.397106][T17585] ? fs_reclaim_acquire+0xae/0x150 [ 768.397147][T17585] should_failslab+0xc2/0x120 [ 768.397177][T17585] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 768.397208][T17585] ? ptlock_alloc+0x1f/0x70 [ 768.397240][T17585] ptlock_alloc+0x1f/0x70 [ 768.397266][T17585] pte_alloc_one+0x74/0x390 [ 768.397300][T17585] __pte_alloc+0x6e/0x3d0 [ 768.397334][T17585] ? __pfx___pte_alloc+0x10/0x10 [ 768.397371][T17585] ? find_held_lock+0x2d/0x110 [ 768.397409][T17585] do_pte_missing+0x2828/0x3e10 [ 768.397468][T17585] __handle_mm_fault+0x1166/0x2c60 [ 768.397508][T17585] ? __pfx___handle_mm_fault+0x10/0x10 [ 768.397573][T17585] handle_mm_fault+0x3fa/0xaa0 [ 768.397608][T17585] __get_user_pages+0x773/0x36f0 [ 768.397645][T17585] ? __pfx_mt_find+0x10/0x10 [ 768.397682][T17585] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 768.397713][T17585] ? __pfx___get_user_pages+0x10/0x10 [ 768.397743][T17585] ? __mm_populate+0x21d/0x380 [ 768.397775][T17585] populate_vma_page_range+0x27f/0x3a0 [ 768.397805][T17585] ? __pfx_populate_vma_page_range+0x10/0x10 [ 768.397832][T17585] ? __pfx_find_vma_intersection+0x10/0x10 [ 768.397871][T17585] ? vm_mmap_pgoff+0x29b/0x3a0 [ 768.397902][T17585] __mm_populate+0x1d6/0x380 [ 768.397932][T17585] ? __pfx___mm_populate+0x10/0x10 [ 768.397962][T17585] ? up_write+0x1b2/0x520 [ 768.397997][T17585] vm_mmap_pgoff+0x2d3/0x3a0 [ 768.398028][T17585] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 768.398059][T17585] ? __x64_sys_futex+0x1e1/0x4c0 [ 768.398083][T17585] ? __x64_sys_futex+0x1ea/0x4c0 [ 768.398113][T17585] ksys_mmap_pgoff+0x7d/0x5c0 [ 768.398149][T17585] ? rcu_is_watching+0x12/0xc0 [ 768.398188][T17585] __x64_sys_mmap+0x125/0x190 [ 768.398224][T17585] do_syscall_64+0xcd/0x250 [ 768.398250][T17585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.398283][T17585] RIP: 0033:0x7fb42cd8cde9 [ 768.398302][T17585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 768.398326][T17585] RSP: 002b:00007fb42abf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 768.398349][T17585] RAX: ffffffffffffffda RBX: 00007fb42cfa5fa0 RCX: 00007fb42cd8cde9 [ 768.398366][T17585] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 768.398381][T17585] RBP: 00007fb42ce0e2a0 R08: 0000000000000007 R09: 0000000800008000 [ 768.398397][T17585] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 768.398412][T17585] R13: 0000000000000000 R14: 00007fb42cfa5fa0 R15: 00007ffe6ef97808 [ 768.398445][T17585] [ 770.617771][T17624] delete_channel: no stack [ 771.858520][T17650] cgroup: fork rejected by pids controller in /syz6 [ 772.145387][T17697] FAULT_INJECTION: forcing a failure. [ 772.145387][T17697] name failslab, interval 1, probability 0, space 0, times 0 [ 772.206230][T17697] CPU: 1 UID: 0 PID: 17697 Comm: syz.4.3010 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 772.206271][T17697] Tainted: [U]=USER [ 772.206280][T17697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 772.206295][T17697] Call Trace: [ 772.206302][T17697] [ 772.206312][T17697] dump_stack_lvl+0x16c/0x1f0 [ 772.206354][T17697] should_fail_ex+0x50a/0x650 [ 772.206383][T17697] ? fs_reclaim_acquire+0xae/0x150 [ 772.206424][T17697] ? __alloc_workqueue+0xd92/0x1810 [ 772.206458][T17697] should_failslab+0xc2/0x120 [ 772.206489][T17697] __kmalloc_cache_noprof+0x68/0x420 [ 772.206514][T17697] ? vsnprintf+0x31e/0x1180 [ 772.206545][T17697] ? __pfx_lock_release+0x10/0x10 [ 772.206571][T17697] ? __alloc_workqueue+0xd4c/0x1810 [ 772.206612][T17697] __alloc_workqueue+0xd92/0x1810 [ 772.206648][T17697] ? __pfx_vsnprintf+0x10/0x10 [ 772.206682][T17697] ? lockdep_hardirqs_on+0x7c/0x110 [ 772.206717][T17697] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 772.206755][T17697] alloc_workqueue+0xd3/0x200 [ 772.206789][T17697] ? __pfx_alloc_workqueue+0x10/0x10 [ 772.206834][T17697] ? __pfx___debug_object_init+0x10/0x10 [ 772.206879][T17697] nci_register_device+0x221/0xb80 [ 772.206910][T17697] ? __pfx_nci_register_device+0x10/0x10 [ 772.206954][T17697] virtual_ncidev_open+0x141/0x220 [ 772.206988][T17697] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 772.207019][T17697] misc_open+0x35a/0x420 [ 772.207048][T17697] ? __pfx_misc_open+0x10/0x10 [ 772.207076][T17697] chrdev_open+0x237/0x6a0 [ 772.207120][T17697] ? __pfx_apparmor_file_open+0x10/0x10 [ 772.207149][T17697] ? __pfx_chrdev_open+0x10/0x10 [ 772.207181][T17697] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 772.207226][T17697] do_dentry_open+0x735/0x1c40 [ 772.207253][T17697] ? __pfx_chrdev_open+0x10/0x10 [ 772.207281][T17697] ? inode_permission+0xdd/0x5f0 [ 772.207316][T17697] vfs_open+0x82/0x3f0 [ 772.207344][T17697] ? may_open+0x1f2/0x400 [ 772.207380][T17697] path_openat+0x1e88/0x2d80 [ 772.207420][T17697] ? __pfx_path_openat+0x10/0x10 [ 772.207446][T17697] ? __pfx___lock_acquire+0x10/0x10 [ 772.207472][T17697] ? lock_acquire.part.0+0x11b/0x380 [ 772.207500][T17697] ? find_held_lock+0x2d/0x110 [ 772.207538][T17697] do_filp_open+0x20c/0x470 [ 772.207565][T17697] ? __pfx_do_filp_open+0x10/0x10 [ 772.207588][T17697] ? find_held_lock+0x2d/0x110 [ 772.207648][T17697] ? alloc_fd+0x41f/0x760 [ 772.207684][T17697] do_sys_openat2+0x17a/0x1e0 [ 772.207715][T17697] ? __pfx_do_sys_openat2+0x10/0x10 [ 772.207749][T17697] ? __pfx___might_resched+0x10/0x10 [ 772.207789][T17697] __x64_sys_openat+0x175/0x210 [ 772.207821][T17697] ? __pfx___x64_sys_openat+0x10/0x10 [ 772.207868][T17697] do_syscall_64+0xcd/0x250 [ 772.207894][T17697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 772.207927][T17697] RIP: 0033:0x7fb42cd8cde9 [ 772.207946][T17697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 772.207969][T17697] RSP: 002b:00007fb42abf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 772.207992][T17697] RAX: ffffffffffffffda RBX: 00007fb42cfa5fa0 RCX: 00007fb42cd8cde9 [ 772.208009][T17697] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 772.208023][T17697] RBP: 00007fb42ce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 772.208038][T17697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 772.208053][T17697] R13: 0000000000000000 R14: 00007fb42cfa5fa0 R15: 00007ffe6ef97808 [ 772.208092][T17697] [ 776.063480][T17725] netlink: 186 bytes leftover after parsing attributes in process `syz.6.3015'. [ 778.487990][T17741] netlink: get zone limit has 4 unknown bytes [ 783.605956][T17761] FAULT_INJECTION: forcing a failure. [ 783.605956][T17761] name failslab, interval 1, probability 0, space 0, times 0 [ 783.618779][T17761] CPU: 0 UID: 0 PID: 17761 Comm: syz.4.3028 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 783.618818][T17761] Tainted: [U]=USER [ 783.618826][T17761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 783.618842][T17761] Call Trace: [ 783.618849][T17761] [ 783.618860][T17761] dump_stack_lvl+0x16c/0x1f0 [ 783.618903][T17761] should_fail_ex+0x50a/0x650 [ 783.618932][T17761] ? fs_reclaim_acquire+0xae/0x150 [ 783.618973][T17761] ? __alloc_workqueue+0xd92/0x1810 [ 783.619008][T17761] should_failslab+0xc2/0x120 [ 783.619038][T17761] __kmalloc_cache_noprof+0x68/0x420 [ 783.619062][T17761] ? vsnprintf+0x31e/0x1180 [ 783.619093][T17761] ? __pfx_lock_release+0x10/0x10 [ 783.619120][T17761] ? __alloc_workqueue+0xd4c/0x1810 [ 783.619161][T17761] __alloc_workqueue+0xd92/0x1810 [ 783.619197][T17761] ? __pfx_vsnprintf+0x10/0x10 [ 783.619231][T17761] ? lockdep_hardirqs_on+0x7c/0x110 [ 783.619266][T17761] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 783.619303][T17761] alloc_workqueue+0xd3/0x200 [ 783.619346][T17761] ? __pfx_alloc_workqueue+0x10/0x10 [ 783.619393][T17761] ? __pfx___debug_object_init+0x10/0x10 [ 783.619440][T17761] nci_register_device+0x221/0xb80 [ 783.619472][T17761] ? __pfx_nci_register_device+0x10/0x10 [ 783.619516][T17761] virtual_ncidev_open+0x141/0x220 [ 783.619548][T17761] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 783.619577][T17761] misc_open+0x35a/0x420 [ 783.619603][T17761] ? __pfx_misc_open+0x10/0x10 [ 783.619630][T17761] chrdev_open+0x237/0x6a0 [ 783.619654][T17761] ? __pfx_apparmor_file_open+0x10/0x10 [ 783.619680][T17761] ? __pfx_chrdev_open+0x10/0x10 [ 783.619709][T17761] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 783.619750][T17761] do_dentry_open+0x735/0x1c40 [ 783.619776][T17761] ? __pfx_chrdev_open+0x10/0x10 [ 783.619805][T17761] ? inode_permission+0xdd/0x5f0 [ 783.619841][T17761] vfs_open+0x82/0x3f0 [ 783.619869][T17761] ? may_open+0x1f2/0x400 [ 783.619904][T17761] path_openat+0x1e88/0x2d80 [ 783.619944][T17761] ? __pfx_path_openat+0x10/0x10 [ 783.619969][T17761] ? __pfx___lock_acquire+0x10/0x10 [ 783.619996][T17761] ? lock_acquire.part.0+0x11b/0x380 [ 783.620025][T17761] ? find_held_lock+0x2d/0x110 [ 783.620063][T17761] do_filp_open+0x20c/0x470 [ 783.620090][T17761] ? __pfx_do_filp_open+0x10/0x10 [ 783.620114][T17761] ? find_held_lock+0x2d/0x110 [ 783.620173][T17761] ? alloc_fd+0x41f/0x760 [ 783.620208][T17761] do_sys_openat2+0x17a/0x1e0 [ 783.620239][T17761] ? __pfx_do_sys_openat2+0x10/0x10 [ 783.620274][T17761] ? __pfx___might_resched+0x10/0x10 [ 783.620320][T17761] __x64_sys_openat+0x175/0x210 [ 783.620354][T17761] ? __pfx___x64_sys_openat+0x10/0x10 [ 783.620402][T17761] do_syscall_64+0xcd/0x250 [ 783.620429][T17761] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 783.620462][T17761] RIP: 0033:0x7fb42cd8cde9 [ 783.620482][T17761] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 783.620507][T17761] RSP: 002b:00007fb42abf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 783.620531][T17761] RAX: ffffffffffffffda RBX: 00007fb42cfa5fa0 RCX: 00007fb42cd8cde9 [ 783.620548][T17761] RDX: 0000000000000002 RSI: 0000400000000400 RDI: ffffffffffffff9c [ 783.620564][T17761] RBP: 00007fb42ce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 783.620580][T17761] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 783.620595][T17761] R13: 0000000000000000 R14: 00007fb42cfa5fa0 R15: 00007ffe6ef97808 [ 783.620629][T17761] [ 786.068452][ T54] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 786.079077][ T54] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 786.092237][ T54] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 786.102498][ T54] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 786.120151][ T54] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3 [ 786.127756][ T54] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 786.484063][T17776] chnl_net:caif_netlink_parms(): no params data found [ 786.710192][T17776] bridge0: port 1(bridge_slave_0) entered blocking state [ 786.753065][T17776] bridge0: port 1(bridge_slave_0) entered disabled state [ 786.761156][T17776] bridge_slave_0: entered allmulticast mode [ 786.803799][T17776] bridge_slave_0: entered promiscuous mode [ 786.828969][T17776] bridge0: port 2(bridge_slave_1) entered blocking state [ 786.851812][T17776] bridge0: port 2(bridge_slave_1) entered disabled state [ 786.859093][T17776] bridge_slave_1: entered allmulticast mode [ 786.882858][T17776] bridge_slave_1: entered promiscuous mode [ 786.971214][T17776] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 787.004434][T17776] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 787.197576][T17776] team0: Port device team_slave_0 added [ 787.225804][T17776] team0: Port device team_slave_1 added [ 787.303191][T17776] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 787.310173][T17776] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 787.391875][T17776] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 787.539625][T17776] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 787.551790][T17776] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 787.611816][T17776] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 787.768158][T17776] hsr_slave_0: entered promiscuous mode [ 787.802996][T17776] hsr_slave_1: entered promiscuous mode [ 787.809191][T17776] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 787.836572][T17776] Cannot create hsr debugfs directory [ 788.024668][T15540] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 788.034888][T15540] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 788.043829][T15540] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 788.056201][T15540] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 788.067692][T15540] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3 [ 788.075254][T15540] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 788.202200][ T54] Bluetooth: hci10: command tx timeout [ 788.970182][T17790] chnl_net:caif_netlink_parms(): no params data found [ 789.131743][T17776] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 789.165416][T17776] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 789.225630][T17776] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 789.246426][T17776] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 789.307228][T17790] bridge0: port 1(bridge_slave_0) entered blocking state [ 789.318465][T17790] bridge0: port 1(bridge_slave_0) entered disabled state [ 789.376105][T17790] bridge_slave_0: entered allmulticast mode [ 789.398815][T17790] bridge_slave_0: entered promiscuous mode [ 789.425302][T17790] bridge0: port 2(bridge_slave_1) entered blocking state [ 789.433049][T17790] bridge0: port 2(bridge_slave_1) entered disabled state [ 789.441384][T17790] bridge_slave_1: entered allmulticast mode [ 789.452479][T17790] bridge_slave_1: entered promiscuous mode [ 789.550501][T17790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 789.592688][T17790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 789.765545][T17790] team0: Port device team_slave_0 added [ 789.783885][T17790] team0: Port device team_slave_1 added [ 789.852815][T17790] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 789.870264][T17790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 789.917088][T17790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 789.947473][T17790] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 789.955652][T17790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 790.021794][T17790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 790.099917][T17776] 8021q: adding VLAN 0 to HW filter on device bond0 [ 790.159136][T17790] hsr_slave_0: entered promiscuous mode [ 790.172717][T17790] hsr_slave_1: entered promiscuous mode [ 790.189778][T17790] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 790.211256][ T54] Bluetooth: hci11: command tx timeout [ 790.213250][T17790] Cannot create hsr debugfs directory [ 790.281904][ T54] Bluetooth: hci10: command tx timeout [ 790.639831][T17776] 8021q: adding VLAN 0 to HW filter on device team0 [ 790.808905][T16746] bridge0: port 1(bridge_slave_0) entered blocking state [ 790.816075][T16746] bridge0: port 1(bridge_slave_0) entered forwarding state [ 790.853328][T16746] bridge0: port 2(bridge_slave_1) entered blocking state [ 790.860482][T16746] bridge0: port 2(bridge_slave_1) entered forwarding state [ 791.169541][T17790] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.507816][T17790] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.683491][T17790] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 791.763662][T17776] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 791.987307][T17790] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 792.303977][T17790] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 792.309226][ T54] Bluetooth: hci11: command tx timeout [ 792.371705][T15540] Bluetooth: hci10: command tx timeout [ 792.399732][T17790] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 792.469616][T17790] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 792.505378][T17790] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 792.525906][T17827] FAULT_INJECTION: forcing a failure. [ 792.525906][T17827] name failslab, interval 1, probability 0, space 0, times 0 [ 792.616580][T17776] veth0_vlan: entered promiscuous mode [ 792.626875][T17827] CPU: 1 UID: 0 PID: 17827 Comm: syz.4.3039 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 792.626915][T17827] Tainted: [U]=USER [ 792.626923][T17827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 792.626938][T17827] Call Trace: [ 792.626945][T17827] [ 792.626955][T17827] dump_stack_lvl+0x16c/0x1f0 [ 792.626999][T17827] should_fail_ex+0x50a/0x650 [ 792.627028][T17827] ? fs_reclaim_acquire+0xae/0x150 [ 792.627067][T17827] should_failslab+0xc2/0x120 [ 792.627096][T17827] __kmalloc_noprof+0xce/0x4f0 [ 792.627123][T17827] ? __register_sysctl_table+0xb4/0x18c0 [ 792.627156][T17827] __register_sysctl_table+0xb4/0x18c0 [ 792.627186][T17827] ? rcu_is_watching+0x12/0xc0 [ 792.627226][T17827] ? __pfx___register_sysctl_table+0x10/0x10 [ 792.627251][T17827] ? is_module_address+0x2a/0x50 [ 792.627278][T17827] ? register_net_sysctl_sz+0x228/0x3e0 [ 792.627321][T17827] xfrm4_net_init+0xf0/0x1c0 [ 792.627350][T17827] ? __pfx_xfrm4_net_init+0x10/0x10 [ 792.627380][T17827] ops_init+0x1df/0x5f0 [ 792.627412][T17827] setup_net+0x21f/0x860 [ 792.627440][T17827] ? __pfx_setup_net+0x10/0x10 [ 792.627473][T17827] ? down_read_killable+0xcc/0x380 [ 792.627500][T17827] ? __pfx_down_read_killable+0x10/0x10 [ 792.627529][T17827] ? debug_mutex_init+0x37/0x70 [ 792.627570][T17827] copy_net_ns+0x2b4/0x6c0 [ 792.627604][T17827] create_new_namespaces+0x3ea/0xad0 [ 792.627642][T17827] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 792.627678][T17827] ksys_unshare+0x45d/0xa40 [ 792.627712][T17827] ? __pfx_ksys_unshare+0x10/0x10 [ 792.627744][T17827] ? xfd_validate_state+0x5d/0x180 [ 792.627785][T17827] __x64_sys_unshare+0x31/0x40 [ 792.627820][T17827] do_syscall_64+0xcd/0x250 [ 792.627846][T17827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 792.627878][T17827] RIP: 0033:0x7fb42cd8cde9 [ 792.627897][T17827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 792.627921][T17827] RSP: 002b:00007fb42abf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 792.627944][T17827] RAX: ffffffffffffffda RBX: 00007fb42cfa5fa0 RCX: 00007fb42cd8cde9 [ 792.627960][T17827] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 792.627974][T17827] RBP: 00007fb42ce0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 792.627988][T17827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 792.628003][T17827] R13: 0000000000000000 R14: 00007fb42cfa5fa0 R15: 00007ffe6ef97808 [ 792.628035][T17827] [ 792.653694][T17776] veth1_vlan: entered promiscuous mode [ 793.279732][T17790] 8021q: adding VLAN 0 to HW filter on device bond0 [ 793.348770][T17790] 8021q: adding VLAN 0 to HW filter on device team0 [ 793.394824][T16740] bridge0: port 1(bridge_slave_0) entered blocking state [ 793.401986][T16740] bridge0: port 1(bridge_slave_0) entered forwarding state [ 793.454694][T17776] veth0_macvtap: entered promiscuous mode [ 793.476933][T16740] bridge0: port 2(bridge_slave_1) entered blocking state [ 793.484079][T16740] bridge0: port 2(bridge_slave_1) entered forwarding state [ 793.531303][T17776] veth1_macvtap: entered promiscuous mode [ 793.636370][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.687606][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.731649][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.751638][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.761494][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.790075][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.821939][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.851475][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.871656][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.891667][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.901514][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.929737][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 793.948810][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 793.981912][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.001682][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 794.024088][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.051760][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 794.071713][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.081563][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 794.093386][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.122508][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 794.144460][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.163481][T17776] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 794.223861][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.252165][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.272427][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.291673][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.314193][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.349477][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.381749][T15540] Bluetooth: hci11: command tx timeout [ 794.382333][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.411716][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.442199][T15540] Bluetooth: hci10: command tx timeout [ 794.462104][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.472992][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.485710][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.499631][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.511915][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.525155][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.542104][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.555173][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.571682][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.594792][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.611806][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.632303][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.661912][T17776] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 794.690090][T17776] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 794.722752][T17776] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 794.795622][T17776] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.829128][T17776] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.881261][T17776] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.902634][T17776] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.166769][T17790] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 795.215670][T16753] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 795.251904][T16753] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 795.294618][T17842] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3042'. [ 795.318239][T16740] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 795.357272][T17790] veth0_vlan: entered promiscuous mode [ 795.362893][T16740] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 795.380870][T17790] veth1_vlan: entered promiscuous mode [ 795.472551][T17790] veth0_macvtap: entered promiscuous mode [ 795.504129][T17790] veth1_macvtap: entered promiscuous mode [ 795.554110][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.581794][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.598927][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.626722][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.647632][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.677459][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.711778][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.741759][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.753534][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.784314][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.812545][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.849482][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.861700][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.894953][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.912150][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.942811][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 795.963930][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 795.986370][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.011689][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 796.042860][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.064211][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 796.093196][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.123664][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 796.142161][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.173084][T17790] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 796.208956][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.241169][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.261696][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.282083][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.303882][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.349895][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.391863][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.423064][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.433034][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.444525][T15540] Bluetooth: hci11: command tx timeout [ 796.453981][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.473039][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.483661][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.495168][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.506829][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.516763][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.527398][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.537655][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.549312][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.559559][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.570355][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.580678][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.604506][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.614856][T17790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 796.638711][T17790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 796.666323][T17790] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 796.750895][T17790] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.787110][T17790] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.821897][T17790] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.830646][T17790] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 797.238532][ T6772] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 797.281759][ T6772] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 797.352933][T16753] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 797.373781][T16753] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 798.245277][T17864] batman_adv: Routing algorithm '' is not supported [ 799.556749][T17891] FAULT_INJECTION: forcing a failure. [ 799.556749][T17891] name failslab, interval 1, probability 0, space 0, times 0 [ 799.572665][T17891] CPU: 1 UID: 0 PID: 17891 Comm: syz.2.3056 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 799.572701][T17891] Tainted: [U]=USER [ 799.572710][T17891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 799.572723][T17891] Call Trace: [ 799.572729][T17891] [ 799.572738][T17891] dump_stack_lvl+0x16c/0x1f0 [ 799.572778][T17891] should_fail_ex+0x50a/0x650 [ 799.572808][T17891] ? fs_reclaim_acquire+0xae/0x150 [ 799.572845][T17891] should_failslab+0xc2/0x120 [ 799.572872][T17891] __kmalloc_noprof+0xce/0x4f0 [ 799.572896][T17891] ? xfrm_hash_alloc+0xd1/0x100 [ 799.572928][T17891] xfrm_hash_alloc+0xd1/0x100 [ 799.572957][T17891] xfrm_state_init+0x160/0x630 [ 799.572992][T17891] ? __pfx_xfrm_net_init+0x10/0x10 [ 799.573021][T17891] xfrm_net_init+0x211/0xcb0 [ 799.573061][T17891] ? __pfx_xfrm_net_init+0x10/0x10 [ 799.573094][T17891] ops_init+0x1df/0x5f0 [ 799.573123][T17891] setup_net+0x21f/0x860 [ 799.573151][T17891] ? __pfx_setup_net+0x10/0x10 [ 799.573174][T17891] ? down_read_killable+0xcc/0x380 [ 799.573200][T17891] ? __pfx_down_read_killable+0x10/0x10 [ 799.573228][T17891] ? debug_mutex_init+0x37/0x70 [ 799.573267][T17891] copy_net_ns+0x2b4/0x6c0 [ 799.573299][T17891] create_new_namespaces+0x3ea/0xad0 [ 799.573339][T17891] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 799.573375][T17891] ksys_unshare+0x45d/0xa40 [ 799.573410][T17891] ? __pfx_ksys_unshare+0x10/0x10 [ 799.573443][T17891] ? xfd_validate_state+0x5d/0x180 [ 799.573484][T17891] __x64_sys_unshare+0x31/0x40 [ 799.573519][T17891] do_syscall_64+0xcd/0x250 [ 799.573543][T17891] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 799.573575][T17891] RIP: 0033:0x7f5bd5b8cde9 [ 799.573604][T17891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 799.573628][T17891] RSP: 002b:00007f5bd6a6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 799.573651][T17891] RAX: ffffffffffffffda RBX: 00007f5bd5da5fa0 RCX: 00007f5bd5b8cde9 [ 799.573666][T17891] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 799.573681][T17891] RBP: 00007f5bd5c0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 799.573696][T17891] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 799.573709][T17891] R13: 0000000000000000 R14: 00007f5bd5da5fa0 R15: 00007ffe0a01b108 [ 799.573742][T17891] [ 800.463239][T17899] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3058'. [ 801.000243][T17906] FAULT_INJECTION: forcing a failure. [ 801.000243][T17906] name failslab, interval 1, probability 0, space 0, times 0 [ 801.042053][T17906] CPU: 1 UID: 0 PID: 17906 Comm: syz.9.3059 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 801.042094][T17906] Tainted: [U]=USER [ 801.042103][T17906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 801.042116][T17906] Call Trace: [ 801.042122][T17906] [ 801.042131][T17906] dump_stack_lvl+0x16c/0x1f0 [ 801.042171][T17906] should_fail_ex+0x50a/0x650 [ 801.042199][T17906] ? __pfx_lock_release+0x10/0x10 [ 801.042231][T17906] should_failslab+0xc2/0x120 [ 801.042261][T17906] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 801.042291][T17906] ? zswap_store+0x862/0x2600 [ 801.042334][T17906] zswap_store+0x862/0x2600 [ 801.042383][T17906] ? __pfx_zswap_store+0x10/0x10 [ 801.042420][T17906] ? do_raw_spin_lock+0x12d/0x2c0 [ 801.042452][T17906] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 801.042481][T17906] ? lock_acquire+0x2f/0xb0 [ 801.042506][T17906] ? folio_free_swap+0x112/0x570 [ 801.042534][T17906] ? do_raw_spin_unlock+0x172/0x230 [ 801.042561][T17906] ? swp_swap_info+0xcf/0x130 [ 801.042588][T17906] ? __pfx_swp_swap_info+0x10/0x10 [ 801.042623][T17906] swap_writepage+0x3b6/0x1120 [ 801.042657][T17906] ? folio_clear_dirty_for_io+0x112/0x800 [ 801.042692][T17906] pageout+0x3b2/0xaa0 [ 801.042729][T17906] ? __pfx_pageout+0x10/0x10 [ 801.042796][T17906] ? __pfx_try_to_unmap_one+0x10/0x10 [ 801.042822][T17906] ? __pfx_folio_not_mapped+0x10/0x10 [ 801.042842][T17906] ? __pfx_folio_lock_anon_vma_read+0x10/0x10 [ 801.042869][T17906] ? folio_mark_dirty+0xd8/0x150 [ 801.042895][T17906] shrink_folio_list+0x2f7f/0x40c0 [ 801.042933][T17906] ? __pfx_shrink_folio_list+0x10/0x10 [ 801.042968][T17906] ? hlock_class+0x4e/0x130 [ 801.042999][T17906] ? __lock_acquire+0x15a9/0x3c40 [ 801.043027][T17906] ? hlock_class+0x4e/0x130 [ 801.043060][T17906] ? hlock_class+0x4e/0x130 [ 801.043090][T17906] ? mark_lock+0xb5/0xc60 [ 801.043117][T17906] ? hlock_class+0x4e/0x130 [ 801.043146][T17906] ? mark_lock+0xb5/0xc60 [ 801.043197][T17906] ? hlock_class+0x4e/0x130 [ 801.043228][T17906] ? __lock_acquire+0x15a9/0x3c40 [ 801.043260][T17906] reclaim_folio_list+0xd8/0x5e0 [ 801.043297][T17906] ? __pfx_reclaim_folio_list+0x10/0x10 [ 801.043323][T17906] ? hlock_class+0x4e/0x130 [ 801.043352][T17906] ? mark_lock+0xb5/0xc60 [ 801.043384][T17906] ? find_held_lock+0x2d/0x110 [ 801.043416][T17906] ? folio_isolate_lru+0x577/0x8e0 [ 801.043443][T17906] ? find_held_lock+0x2d/0x110 [ 801.043471][T17906] ? find_held_lock+0x2d/0x110 [ 801.043503][T17906] reclaim_pages+0x481/0x650 [ 801.043534][T17906] ? __pfx_reclaim_pages+0x10/0x10 [ 801.043562][T17906] ? folio_isolate_lru+0xa2/0x8e0 [ 801.043594][T17906] madvise_cold_or_pageout_pte_range+0x13ae/0x20d0 [ 801.043632][T17906] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 801.043664][T17906] ? find_held_lock+0x2d/0x110 [ 801.043699][T17906] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 801.043735][T17906] walk_pgd_range+0xc7b/0x1a70 [ 801.043769][T17906] ? mt_find+0x4c8/0xa20 [ 801.043804][T17906] ? __pfx_walk_pgd_range+0x10/0x10 [ 801.043838][T17906] __walk_page_range+0x161/0x820 [ 801.043866][T17906] ? find_vma+0xc0/0x140 [ 801.043895][T17906] ? __pfx_find_vma+0x10/0x10 [ 801.043926][T17906] ? walk_page_test+0x9b/0x180 [ 801.043954][T17906] walk_page_range_mm+0x55a/0x940 [ 801.043984][T17906] ? __pfx_walk_page_range_mm+0x10/0x10 [ 801.044011][T17906] ? mlock_drain_local+0x22d/0x4f0 [ 801.044042][T17906] ? lock_acquire+0x2f/0xb0 [ 801.044063][T17906] ? mlock_drain_local+0x6f/0x4f0 [ 801.044090][T17906] walk_page_range+0x63/0x90 [ 801.044118][T17906] madvise_pageout+0x326/0x820 [ 801.044145][T17906] ? find_held_lock+0x2d/0x110 [ 801.044174][T17906] ? __pfx_madvise_pageout+0x10/0x10 [ 801.044200][T17906] ? mt_find+0x82d/0xa20 [ 801.044240][T17906] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 801.044276][T17906] madvise_vma_behavior+0x452/0x1dd0 [ 801.044308][T17906] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 801.044336][T17906] ? find_vma_prev+0xdb/0x160 [ 801.044361][T17906] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 801.044387][T17906] ? find_vma+0xc0/0x140 [ 801.044415][T17906] ? __pfx_find_vma+0x10/0x10 [ 801.044443][T17906] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 801.044470][T17906] ? do_madvise+0x2b3/0x7c0 [ 801.044500][T17906] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 801.044526][T17906] madvise_walk_vmas+0x1cf/0x2c0 [ 801.044553][T17906] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 801.044586][T17906] do_madvise+0x366/0x7c0 [ 801.044615][T17906] ? __pfx_do_madvise+0x10/0x10 [ 801.044648][T17906] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 801.044676][T17906] ? syscall_user_dispatch+0x77/0x140 [ 801.044708][T17906] __x64_sys_madvise+0xa9/0x110 [ 801.044740][T17906] do_syscall_64+0xcd/0x250 [ 801.044761][T17906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 801.044788][T17906] RIP: 0033:0x7f4579d8cde9 [ 801.044804][T17906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 801.044823][T17906] RSP: 002b:00007f457ab64038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 801.044842][T17906] RAX: ffffffffffffffda RBX: 00007f4579fa5fa0 RCX: 00007f4579d8cde9 [ 801.044856][T17906] RDX: 0000000000000015 RSI: ffffffffffff0001 RDI: 0000000000000000 [ 801.044868][T17906] RBP: 00007f4579e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 801.044880][T17906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 801.044892][T17906] R13: 0000000000000000 R14: 00007f4579fa5fa0 R15: 00007ffd881e25c8 [ 801.044917][T17906] [ 802.522106][ T30] INFO: task syz.1.2502:15637 blocked for more than 143 seconds. [ 802.541471][ T30] Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 802.581697][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 802.621627][ T30] task:syz.1.2502 state:D stack:26200 pid:15637 tgid:15636 ppid:15255 task_flags:0x400140 flags:0x00004004 [ 802.666159][ T30] Call Trace: [ 802.669483][ T30] [ 802.701365][ T30] __schedule+0xf43/0x5890 [ 802.711678][ T30] ? __pfx___lock_acquire+0x10/0x10 [ 802.729393][ T30] ? __pfx___schedule+0x10/0x10 [ 802.751727][ T30] ? schedule+0x298/0x350 [ 802.756113][ T30] ? __pfx_lock_release+0x10/0x10 [ 802.792582][ T30] ? lock_acquire+0x2f/0xb0 [ 802.797151][ T30] ? schedule+0x1fd/0x350 [ 802.801520][ T30] schedule+0xe7/0x350 [ 802.821690][ T30] schedule_preempt_disabled+0x13/0x30 [ 802.837762][ T30] __mutex_lock+0x6bd/0xb10 [ 802.864980][ T30] ? rcu_watching_snap_stopped_since+0x41/0x110 [ 802.901736][ T30] ? nfsd_nl_version_get_doit+0x183/0x780 [ 802.907530][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 802.937844][ T30] ? skb_put+0x138/0x1b0 [ 802.947734][ T30] ? genlmsg_put+0x258/0x2d0 [ 802.971785][ T30] ? nfsd_nl_version_get_doit+0x183/0x780 [ 802.977571][ T30] nfsd_nl_version_get_doit+0x183/0x780 [ 803.031687][ T30] ? kasan_quarantine_put+0x10a/0x240 [ 803.037124][ T30] ? __pfx_nfsd_nl_version_get_doit+0x10/0x10 [ 803.078749][ T30] ? hlock_class+0x4e/0x130 [ 803.098439][ T30] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 803.105990][ T30] genl_family_rcv_msg_doit+0x202/0x2f0 [ 803.112181][ T30] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 803.118312][ T30] ? __dev_queue_xmit+0x89b/0x43e0 [ 803.123568][ T30] ? genl_get_cmd+0x195/0x580 [ 803.128492][ T30] ? __radix_tree_lookup+0x21f/0x2c0 [ 803.133917][ T30] genl_rcv_msg+0x565/0x800 [ 803.138599][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 803.143759][ T30] ? __pfx_nfsd_nl_version_get_doit+0x10/0x10 [ 803.152444][ T30] netlink_rcv_skb+0x165/0x410 [ 803.159547][ T30] ? __pfx_genl_rcv_msg+0x10/0x10 [ 803.170248][ T30] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 803.191692][ T30] ? down_read+0xc9/0x330 [ 803.203864][ T30] ? __pfx_down_read+0x10/0x10 [ 803.208678][ T30] ? netlink_deliver_tap+0x1ae/0xca0 [ 803.223847][ T30] genl_rcv+0x28/0x40 [ 803.227886][ T30] netlink_unicast+0x53c/0x7f0 [ 803.291814][ T30] ? __pfx_netlink_unicast+0x10/0x10 [ 803.297217][ T30] ? __phys_addr_symbol+0x30/0x80 [ 803.341118][ T30] ? __check_object_size+0x488/0x710 [ 803.371709][ T30] netlink_sendmsg+0x8b8/0xd70 [ 803.376549][ T30] ? __pfx_netlink_sendmsg+0x10/0x10 [ 803.391675][ T30] ____sys_sendmsg+0x9ae/0xb40 [ 803.396514][ T30] ? copy_msghdr_from_user+0x10b/0x160 [ 803.461669][ T30] ? __pfx_____sys_sendmsg+0x10/0x10 [ 803.468380][ T30] ___sys_sendmsg+0x135/0x1e0 [ 803.491660][ T30] ? __pfx____sys_sendmsg+0x10/0x10 [ 803.496937][ T30] ? __pfx_lock_release+0x10/0x10 [ 803.521825][ T30] ? trace_lock_acquire+0x14e/0x1f0 [ 803.527089][ T30] ? __fget_files+0x206/0x3a0 [ 803.556096][ T30] __sys_sendmsg+0x16e/0x220 [ 803.560750][ T30] ? __pfx___sys_sendmsg+0x10/0x10 [ 803.581650][ T30] ? __x64_sys_futex+0x1e1/0x4c0 [ 803.586662][ T30] do_syscall_64+0xcd/0x250 [ 803.591186][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.631827][ T30] RIP: 0033:0x7f039658cde9 [ 803.636299][ T30] RSP: 002b:00007f0397425038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 803.675336][ T30] RAX: ffffffffffffffda RBX: 00007f03967a5fa0 RCX: 00007f039658cde9 [ 803.701657][ T30] RDX: 0000000020000080 RSI: 0000400000002780 RDI: 0000000000000003 [ 803.710514][ T30] RBP: 00007f039660e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 803.748428][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 803.766561][ T30] R13: 0000000000000000 R14: 00007f03967a5fa0 R15: 00007fffd6478308 [ 803.781772][ T30] [ 803.784899][ T30] [ 803.784899][ T30] Showing all locks held in the system: [ 803.793274][ T30] 1 lock held by khungtaskd/30: [ 803.798159][ T30] #0: ffffffff8e1bc140 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 [ 803.851849][ T30] 1 lock held by kworker/0:3/5872: [ 803.857007][ T30] #0: ffff8880b863ed58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 803.870239][T15015] svc: failed to register nfsdv3 RPC service (errno 512). [ 803.891783][ T30] 2 locks held by kworker/u8:19/6772: [ 803.893593][T15015] svc: failed to register nfsaclv3 RPC service (errno 512). [ 803.897179][ T30] #0: ffff888144ada148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x12cd/0x1b30 [ 803.932809][ T30] #1: ffffc900037f7d18 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x8bb/0x1b30 [ 803.944471][ T30] 2 locks held by syz-executor/15003: [ 803.949855][ T30] #0: ffff88804ff600e0 (&type->s_umount_key#49){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100 [ 803.992486][ T30] #1: ffffffff8e5bda88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 804.014369][ T30] 2 locks held by syz.2.2391/15015: [ 804.031937][ T30] #0: ffffffff8ff79070 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 804.040217][ T30] #1: ffffffff8e5bda88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x694/0xbe0 [ 804.081859][ T30] 2 locks held by syz-executor/15535: [ 804.087279][ T30] #0: ffff888058e5a0e0 (&type->s_umount_key#49){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100 [ 804.112302][ T30] #1: ffffffff8e5bda88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 804.151729][ T30] 2 locks held by syz.1.2502/15637: [ 804.156969][ T30] #0: ffffffff8ff79070 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 804.171317][ T30] #1: ffffffff8e5bda88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_version_get_doit+0x183/0x780 [ 804.183428][ T30] 2 locks held by syz.5.2689/16394: [ 804.188739][ T30] #0: ffff88804a8c00e0 (&type->s_umount_key#49){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100 [ 804.199734][ T30] #1: ffffffff8e5bda88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 804.209698][ T30] 4 locks held by syz-executor/16605: [ 804.232190][ T30] #0: ffffffff8e2d6a10 (dup_mmap_sem){.+.+}-{0:0}, at: copy_mm+0x331/0x2730 [ 804.241070][ T30] #1: ffff888031ebe5e0 (&mm->mmap_lock){++++}-{4:4}, at: copy_mm+0x396/0x2730 [ 804.270397][ T30] #2: ffff888030b915e0 (&mm->mmap_lock/1){+.+.}-{4:4}, at: copy_mm+0x437/0x2730 [ 804.281431][ T30] #3: ffffe8ffffc21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 804.316910][ T30] 2 locks held by syz-executor/16629: [ 804.332150][ T30] #0: ffff88808c5940e0 (&type->s_umount_key#49){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100 [ 804.377082][ T30] #1: ffffffff8e5bda88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 804.387448][ T30] 2 locks held by kworker/u8:3/16742: [ 804.392950][ T30] 2 locks held by syz-executor/17112: [ 804.398337][ T30] #0: ffff888078e040e0 (&type->s_umount_key#49){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100 [ 804.408738][ T30] #1: ffffffff8e5bda88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 804.418635][ T30] 2 locks held by getty/17300: [ 804.423540][ T30] #0: ffff8880315360a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 804.437804][ T30] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 [ 804.458818][ T30] 2 locks held by syz.6.3009/17653: [ 804.472406][ T30] 2 locks held by syz.6.3009/17654: [ 804.481513][ T30] 3 locks held by syz.6.3009/17655: [ 804.502554][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 804.511936][ T30] #1: ffff88801252e4c0 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 804.528294][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 804.551988][ T30] 3 locks held by syz.6.3009/17656: [ 804.557227][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 804.581836][ T30] #1: ffff88805e88d7b0 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 804.596021][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 804.608926][ T30] 3 locks held by syz.6.3009/17657: [ 804.614296][ T30] 3 locks held by syz.6.3009/17660: [ 804.621516][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 804.630812][ T30] #1: ffff8880237a1ce8 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 804.652365][ T30] #2: ffffe8ffffc21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 804.671957][ T30] 3 locks held by syz.6.3009/17662: [ 804.677187][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 804.694441][ T30] #1: ffff88803386de38 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 804.721684][ T30] #2: ffff8880b863ed58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130 [ 804.734693][ T30] 3 locks held by syz.6.3009/17663: [ 804.739920][ T30] 3 locks held by syz.6.3009/17664: [ 804.751847][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 804.761069][ T30] #1: ffff8880608902c8 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 804.811979][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 804.842442][ T30] 3 locks held by syz.6.3009/17665: [ 804.847680][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 804.857035][ T30] #1: ffff888060893080 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 804.881713][ T30] #2: ffffe8ffffc21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 804.901963][ T30] 3 locks held by syz.6.3009/17666: [ 804.907203][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 804.933323][ T30] #1: ffff8880608964c0 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 804.947077][ T30] #2: ffffe8ffffc21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 804.965461][ T30] 3 locks held by syz.6.3009/17667: [ 804.970683][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 805.043005][ T30] #1: ffff88805e0acaa0 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 805.064410][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 805.087362][ T30] 2 locks held by syz.6.3009/17668: [ 805.101673][ T30] 3 locks held by syz.6.3009/17669: [ 805.106915][ T30] 3 locks held by syz.6.3009/17671: [ 805.112404][ T30] 3 locks held by syz.6.3009/17673: [ 805.117620][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 805.133520][ T30] #1: ffff888086f19ce8 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 805.145046][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 805.161286][ T30] 3 locks held by syz.6.3009/17674: [ 805.167095][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 805.181850][ T30] #1: ffff88808abdf1d0 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 805.203944][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 805.234134][ T30] 3 locks held by syz.6.3009/17675: [ 805.239364][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 805.271699][ T30] #1: ffff88808abdf858 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 805.282992][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 805.303009][ T30] 2 locks held by syz.6.3009/17677: [ 805.308950][ T30] 3 locks held by syz.6.3009/17678: [ 805.322739][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 805.343534][ T30] #1: ffff88805e889660 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 805.354827][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 805.371647][ T30] 3 locks held by syz.6.3009/17679: [ 805.376870][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 805.392013][ T30] #1: ffff8880606882c8 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 805.412042][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 805.431656][ T30] 3 locks held by syz.6.3009/17680: [ 805.436880][ T30] #0: ffff88807c00c420 (sb_writers#5){.+.+}-{0:0}, at: get_signal+0x23f3/0x2610 [ 805.462952][ T30] #1: ffff88807d6f3d90 (&sb->s_type->i_mutex_key#12){+.+.}-{4:4}, at: shmem_file_write_iter+0x86/0x140 [ 805.481891][ T30] #2: ffffe8ffffd21250 (&per_cpu_ptr(pool->acomp_ctx, cpu)->mutex){+.+.}-{4:4}, at: zswap_store+0x910/0x2600 [ 805.511691][ T30] 2 locks held by syz-executor/17790: [ 805.517097][ T30] #0: ffff888058e94d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90 [ 805.531642][ T30] #1: ffff888058e94078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x34c/0x1250 [ 805.541377][ T30] 1 lock held by syz.9.3059/17906: [ 805.561634][ T30] #0: ffffffff8e1c75b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a4/0x3b0 [ 805.594039][ T30] [ 805.596410][ T30] ============================================= [ 805.596410][ T30] [ 805.631810][ T30] NMI backtrace for cpu 0 [ 805.631831][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 805.631862][ T30] Tainted: [U]=USER [ 805.631869][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 805.631883][ T30] Call Trace: [ 805.631890][ T30] [ 805.631900][ T30] dump_stack_lvl+0x116/0x1f0 [ 805.631936][ T30] nmi_cpu_backtrace+0x27b/0x390 [ 805.631963][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 805.631991][ T30] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 805.632023][ T30] watchdog+0xf62/0x12b0 [ 805.632056][ T30] ? __pfx_watchdog+0x10/0x10 [ 805.632082][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 805.632116][ T30] ? __kthread_parkme+0x148/0x220 [ 805.632148][ T30] ? __pfx_watchdog+0x10/0x10 [ 805.632177][ T30] kthread+0x3af/0x750 [ 805.632200][ T30] ? __pfx_kthread+0x10/0x10 [ 805.632229][ T30] ? __pfx_kthread+0x10/0x10 [ 805.632253][ T30] ret_from_fork+0x45/0x80 [ 805.632280][ T30] ? __pfx_kthread+0x10/0x10 [ 805.632310][ T30] ret_from_fork_asm+0x1a/0x30 [ 805.632348][ T30] [ 805.632357][ T30] Sending NMI from CPU 0 to CPUs 1: [ 805.752600][ C1] NMI backtrace for cpu 1 [ 805.752616][ C1] CPU: 1 UID: 0 PID: 17906 Comm: syz.9.3059 Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 805.752645][ C1] Tainted: [U]=USER [ 805.752651][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 805.752664][ C1] RIP: 0010:unwind_next_frame+0xd95/0x20c0 [ 805.752697][ C1] Code: 8d 78 20 e8 6d e8 ff ff 49 8d 7d 40 48 89 fa 48 89 c5 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 ff 0e 00 00 <49> 89 6d 40 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 0f [ 805.752716][ C1] RSP: 0018:ffffc9000498f6e0 EFLAGS: 00000246 [ 805.752732][ C1] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffc90004990000 [ 805.752746][ C1] RDX: 1ffff92000931ef2 RSI: ffffc9000498ff40 RDI: ffffc9000498f790 [ 805.752760][ C1] RBP: 0000000000000000 R08: ffffc9000498f784 R09: ffffffff91a2692a [ 805.752773][ C1] R10: ffffc9000498f750 R11: 00000000000a46b8 R12: ffffc9000498f7a0 [ 805.752787][ C1] R13: ffffc9000498f750 R14: ffffc9000498ff58 R15: ffffc9000498ff50 [ 805.752800][ C1] FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 805.752820][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 805.752833][ C1] CR2: 00005559de2e3088 CR3: 000000008d364000 CR4: 00000000003526f0 [ 805.752846][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 805.752858][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 805.752870][ C1] Call Trace: [ 805.752876][ C1] [ 805.752884][ C1] ? nmi_cpu_backtrace+0x1d8/0x390 [ 805.752912][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 805.752939][ C1] ? nmi_handle+0x1ac/0x5d0 [ 805.752967][ C1] ? unwind_next_frame+0xd95/0x20c0 [ 805.752993][ C1] ? default_do_nmi+0x6a/0x160 [ 805.753017][ C1] ? exc_nmi+0x170/0x1e0 [ 805.753047][ C1] ? end_repeat_nmi+0xf/0x53 [ 805.753079][ C1] ? unwind_next_frame+0xd95/0x20c0 [ 805.753105][ C1] ? unwind_next_frame+0xd95/0x20c0 [ 805.753131][ C1] ? unwind_next_frame+0xd95/0x20c0 [ 805.753158][ C1] [ 805.753164][ C1] [ 805.753170][ C1] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 805.753202][ C1] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 805.753233][ C1] arch_stack_walk+0x95/0x100 [ 805.753262][ C1] ? asm_exc_page_fault+0x26/0x30 [ 805.753290][ C1] stack_trace_save+0x95/0xd0 [ 805.753318][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 805.753350][ C1] save_stack+0x162/0x1f0 [ 805.753370][ C1] ? __pfx_save_stack+0x10/0x10 [ 805.753388][ C1] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 805.753411][ C1] ? free_frozen_pages+0x6db/0xfb0 [ 805.753433][ C1] ? vfree+0x174/0x950 [ 805.753449][ C1] ? kcov_put+0x2a/0x40 [ 805.753470][ C1] ? kcov_close+0xd/0x20 [ 805.753491][ C1] ? __fput+0x3ff/0xb70 [ 805.753514][ C1] ? task_work_run+0x14e/0x250 [ 805.753535][ C1] ? do_exit+0xad8/0x2d70 [ 805.753552][ C1] ? do_group_exit+0xd3/0x2a0 [ 805.753569][ C1] ? get_signal+0x2576/0x2610 [ 805.753594][ C1] ? arch_do_signal_or_restart+0x90/0x7e0 [ 805.753615][ C1] ? irqentry_exit_to_user_mode+0x13f/0x280 [ 805.753650][ C1] __reset_page_owner+0x8d/0x400 [ 805.753673][ C1] free_frozen_pages+0x6db/0xfb0 [ 805.753697][ C1] vfree+0x174/0x950 [ 805.753716][ C1] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 805.753744][ C1] ? __pfx_kcov_close+0x10/0x10 [ 805.753766][ C1] kcov_put+0x2a/0x40 [ 805.753788][ C1] kcov_close+0xd/0x20 [ 805.753809][ C1] __fput+0x3ff/0xb70 [ 805.753833][ C1] ? cleanup_mnt+0x266/0x450 [ 805.753862][ C1] task_work_run+0x14e/0x250 [ 805.753884][ C1] ? __pfx_task_work_run+0x10/0x10 [ 805.753909][ C1] do_exit+0xad8/0x2d70 [ 805.753927][ C1] ? get_signal+0x8f7/0x2610 [ 805.753952][ C1] ? __pfx_do_exit+0x10/0x10 [ 805.753987][ C1] ? do_raw_spin_lock+0x12d/0x2c0 [ 805.754013][ C1] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 805.754045][ C1] do_group_exit+0xd3/0x2a0 [ 805.754065][ C1] get_signal+0x2576/0x2610 [ 805.754090][ C1] ? reacquire_held_locks+0x20b/0x4c0 [ 805.754112][ C1] ? do_user_addr_fault+0xdc7/0x13f0 [ 805.754139][ C1] ? __pfx_get_signal+0x10/0x10 [ 805.754167][ C1] arch_do_signal_or_restart+0x90/0x7e0 [ 805.754189][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 805.754213][ C1] ? do_user_addr_fault+0x83d/0x13f0 [ 805.754241][ C1] irqentry_exit_to_user_mode+0x13f/0x280 [ 805.754270][ C1] asm_exc_page_fault+0x26/0x30 [ 805.754295][ C1] RIP: 0033:0x7f4579c58b7b [ 805.754310][ C1] Code: Unable to access opcode bytes at 0x7f4579c58b51. [ 805.754319][ C1] RSP: 002b:00007f457ab62fb0 EFLAGS: 00010202 [ 805.754334][ C1] RAX: 0000000000000000 RBX: 00007f4579fa5fa0 RCX: 0000000000000000 [ 805.754346][ C1] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000400000000040 [ 805.754359][ C1] RBP: 00007f4579e0e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 805.754371][ C1] R10: 0000400000000040 R11: 0000000000000000 R12: 0000000000000000 [ 805.754383][ C1] R13: 0000000000000000 R14: 00007f4579fa5fa0 R15: 00007ffd881e25c8 [ 805.754403][ C1] [ 806.351154][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 806.358037][ T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Tainted: G U 6.14.0-rc2-syzkaller-00034-gfebbc555cf0f #0 [ 806.370019][ T30] Tainted: [U]=USER [ 806.373814][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 806.383859][ T30] Call Trace: [ 806.387134][ T30] [ 806.390061][ T30] dump_stack_lvl+0x3d/0x1f0 [ 806.394671][ T30] panic+0x71d/0x800 [ 806.398564][ T30] ? __pfx_panic+0x10/0x10 [ 806.402982][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 806.408363][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 806.414344][ T30] ? preempt_schedule_thunk+0x1a/0x30 [ 806.419721][ T30] ? watchdog+0xdcc/0x12b0 [ 806.424143][ T30] ? watchdog+0xdbf/0x12b0 [ 806.428565][ T30] watchdog+0xddd/0x12b0 [ 806.432814][ T30] ? __pfx_watchdog+0x10/0x10 [ 806.437491][ T30] ? lockdep_hardirqs_on+0x7c/0x110 [ 806.442700][ T30] ? __kthread_parkme+0x148/0x220 [ 806.447733][ T30] ? __pfx_watchdog+0x10/0x10 [ 806.452412][ T30] kthread+0x3af/0x750 [ 806.456486][ T30] ? __pfx_kthread+0x10/0x10 [ 806.461078][ T30] ? __pfx_kthread+0x10/0x10 [ 806.465670][ T30] ret_from_fork+0x45/0x80 [ 806.470089][ T30] ? __pfx_kthread+0x10/0x10 [ 806.474677][ T30] ret_from_fork_asm+0x1a/0x30 [ 806.479451][ T30] [ 806.482687][ T30] Kernel Offset: disabled [ 806.487000][ T30] Rebooting in 86400 seconds..