last executing test programs: 9.283023271s ago: executing program 0 (id=234): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mprotect$auto(0x40001ffff000, 0x3, 0x10004) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x382, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0xa0000, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/power/pm_trace_dev_match\x00', 0x40040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000)=""/192, 0x101) write$auto(0xca, &(0x7f0000000040)='\x042\x00\x00\x00\x00\xa6\xb8\xd8\xc6\xb08>\xcb\xcf9\x8e\x84v6\x1b\x1a\xd9\b\x83h\xc9\x9c\xc4\x96/\xd6\xb3\xf6\x00'/46, 0xd) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) openat$auto_bsg_fops_bsg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bsg/1:0:0:0\x00', 0x280082, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/tracing/uprobe_events\x00', 0x302, 0x0) close_range$auto(0x2, 0x8, 0x0) 7.318038941s ago: executing program 0 (id=245): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_IOAM6_CMD_ADD_SCHEMA(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="010029bd7000fedbdf25040000fb9593851326ce88ebeba76e20d7e5c600"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) r2 = open(&(0x7f00000000c0)='./file0\x00', 0x161342, 0x100) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r3 = open(0x0, 0xeee00, 0x31) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x0, 0xeb1, 0xfffffffffffffffa, 0x7fff) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/unix\x00', 0x0, 0x0) pread64$auto(r4, 0x0, 0x8, 0x1) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setns(0xffffffffffffffff, 0x0) clone$auto(0x8001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) r5 = socket(0xa, 0x2, 0x73) write$auto_msr_fops_msr(r3, 0x0, 0x0) getsockname$auto(r5, &(0x7f0000000240)=@in={0x2, 0x2}, &(0x7f0000000280)=0xaea) fcntl$auto(0x0, 0x407, 0x100000) mlockall$auto(0x7) mmap$auto(0x0, 0xb, 0x7fffffffffffffff, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL802154_CMD_NEW_SEC_KEY(r2, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000140)={0x28, 0x0, 0x0, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x63881ed6}, @NL802154_ATTR_WPAN_PHY_NAME={0xa, 0x2, 'IOAM6\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x200000c8}, 0x200040c0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) 5.809515864s ago: executing program 1 (id=251): r0 = socket(0x21, 0x8, 0xdd13) connect$auto(0x3, &(0x7f0000000180), 0x54) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0xffffffff) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x3d0340, 0x0) ioctl$auto(r1, 0x80045113, 0x3) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="02002abd70c45a0565346b69e5168606a17704785300fbdbdf25280000"], 0x14}, 0x1, 0x0, 0x0, 0x24040000}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000003c0), 0xffffffffffffffff) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/timer\x00', 0x40080, 0x0) pread64$auto(r4, 0x0, 0x10001, 0x5) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000080), r0) r7 = getpid() process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r8 = openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/gid_map\x00', 0x123300, 0x0) mprotect$auto(0x1, 0x1000000000000003, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x1, 0x5, 0x3) r9 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r10 = openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000400)='/proc/self/loginuid\x00', 0x28601, 0x0) write$auto_proc_loginuid_operations_base(r10, 0x0, 0x0) r11 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r11, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r9, 0x0, 0xffffff4b) madvise$auto(0x1000, 0x5, 0x15) sendmsg$auto_THERMAL_GENL_CMD_CDEV_GET(r5, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000001200)=ANY=[@ANYBLOB="b0180000", @ANYRES16=r6, @ANYBLOB="00022dbd7000fedbdf25060000000800070004000000821805808e7ab27ad4771804509e0ba044a1be1cfee6100d80904be3bd851ee38468c6b18bbb70afc61b24bc23dba2eda5d622a74d1323e7bc3d1be882a2066f10caf90eccd60e58c82819eb929604001a804a042a802155a459b7cc0b4aee951980c26a3cb2e362a419d1b4eee64bae660b0ae94bccda6eb47f92c9afa6564f64b12419eef461737456654e83be813459762a7c76829a8d45ffbe792fad59031b8b7d9daae98c63341502bf3ff465315cdc63528bce59e2ef3ffb5e5cf249c218b3517813c52c9e495f0e2c459e9c2721acb561596a5963f90d7e8c99b0793f0afbcfb5282d837aec063bb1aa7f790a1cd3f05fddc20a129935028f53b04d9ca8fd06e97403a5801b0062002f70726f632f61736f756e642f7365712f74696d65720000e1b6b81315e5030d8cded81014fb3b8330348409042a645eac2249293403fa05939c8e561a07aecebb8c51d82594b6479320a66bb6dc6a360ec32eecdc8870ac3a9f2a19969b94ffff9fd41e56ab370ee806193b0315dd9e9883be752ea5a628a77b87e23e8a32a737353ac3d78375b5d7ff0a30afefaef15abdfb33ad0e840786915923e2049883fac36130dcfc7c5905ac51750f0e5b71210b76a0c88ddc607655758f263098dd9c616f43f139131c0f65f81ba0063f77288330a968df9eb8c84c4396040022800400bb00e7c29e46658b6fc18eede55eed8cc37cce9a3fd96ed19590d415a62c7b45370a09e48717b8dd69322db049a9301449c416b84c8661086cad643299104a9fe086831675f2ffd58dc386cb8c91c051d0883fa143de67b8a9e0204587ecf40ece186286e50c2bdbbf4ef01b56a98bd757b26e2f3def0bd2cb46d4e2d3a979790a0ae344ab600d2d75bc692a6cba3b43b99b51b044a04b82eacfa208b89448bf82d7c87fa78e9a93f58500a1684148f3035fb424d5c5efce0b8a86aa7761824015be08003a00", @ANYRES32=0x0, @ANYBLOB="ad5ab8a6bc0d0ace5a873c8f380e1a9e02f2273b4616654e5e7d39afd47754417e50be39ffa2b485f9c2ffa1cebc5a3479073aee241cf743ef6f18cce5043ba6daa5d88b2ce4360ccad7e2e409633376a3a394abf33c3131d2b0d85d04b2ca28e6c7ae422307ccf95f4655bae9060d77a29b36fcd230c747ec30a5c72d45dd6dc2da4d088fda148b192bddd588940c384ffb193f8c3366ed85e2b1e5db30e30b4fbcd41617cf48859e6bdb8577aefd1216ed43be2ef59f95286efc92e8dcdb2d621c60b88b1bc7b2daeb8dc05380dd6772e636142565c9c1b23b77592165f42a93a9357bb149a1ff5dc1807b452a0af6a9dcc85ffbeff429df6f025dee905ed00acae272e7ca39d87068aaca5db42101b74ad373a0e3d07098eb31d1fa3045731cbad4da928bbce9459c58bdfdb6d8a9efc9e16e611d4262d01c78da7e1035eb3763347066acea6ea2c3f3e8e61f9b7a8d07245738fa65d4e5ac301696f2d7f8cd611512c11d6c4ba3d239080467a652c46dc76a1860ac9d7d3047f24093301afc9531d9148074b973842b9c6ed9fbf1bf1496579ed9093515779a043d23886fd243a79a488e679b60256f653ef21c0433e24b92971ab37222c2e7c804001b000c00b600746865726d616c001400a500fc020000000000000000000000000001040059800000c3130e80a5164545c9d2bd43d4c681b4f6283f01f5d045aaea8e448370b0ce61d78bf93649f114dc6f010833a6bdc0095f9bc279ffe4681fa4671124b776cb6bbe7a8ace8c22f1211e4f5159016133a4bc3860de2c80b2405a23e132fff9e50e48eb8b3541b357eab6015c6ec760c65dbb5f548caf91b97f23906bca2e3f02c49841341272ed42767346c33188a80fc4d00a2d127ca1a5e02c27e06a16c95f5ad8f5c6c0c27d2dd4e0e87ad1e742071142031f41fbeb93f2336e2f8092cfd512ab39690e8ff5ca2dde9b7524c407642b58a10400ba80d24963e74cb069eeaef60c9ae9811498eb173d4aaa8eb88a09581bb7537e091b3688f5219cc40750e1a3434aeee657b18094fad332240a64c8044a0616baff42f88500b349755744925f0eee4d784b63ee2d4b4bb154d0d433640f090f4bd7b87eb2b9fa43c412ee2a29d709eedf5a908d50fb2a6b512f4b95f0f52983df591d91ca37baf8e0a354315fbe98a95f4e52e75aeb6ae0da64a208971f72e04067d83345ec8d54c491bcc66e5a82ef4f60413e3bfc7417d30eff3662e277d6e9d965ed7d0e1fd65fd9bc85774da6787b016bcad837dd9d4a2b541e9ab1642c17350b7b5f09a75a3b3eec13bd58126d9e2062f2bcde15f21c57ff49871c258a0d8192f111cb52b4690d2462cfe823000fd1bbc33943ff31330d9982ee54f187a86026abf54c86b919e18e012c09d2f4db2f95051a573207b6993aa88a4cffd33f032b995338b3897dc72ba2d98589dfe768a7a25f687a2745e38dbc53a86050d8d50366bd805dbe473197fac52afebffdf338ebf730bf9d225dc169a9883e185e326640703523ed8e69b677dd7a08991e869b7d65e36ee8d8a10f8cfa81ea4788304c00464fdc6cd6ae54df7c3fdc2951322a54acf92ca2e07ee426eeadc9eb10ca5ded9636225f5937c4151b9222394419fe0400e2807ff79c965d0500790131f57dc800599d47c8a526cdd769b5e4f4a9064caaf6f1a1d6b00ce0d1f0a3e3019f9631d80187db89d4de563c69b61b5f29467ebf8a47c646c163c0dae799b75eb861f0d074b5a6e154fb73b7ce89b82d33c4a95f04103917db52225282c36910e7b96d5a2245c03f2fe39753819086c1e68c5caeee3306f3ce132f26c75945cf6fcc7fa809188673e42e5492e9969b93c485b26b9ce8381863c9296b7878cbe48dd2af661eaf48124a0e52fd7003e3630e256a767166717c33f4e8ea6c0239df337fc419f8cab0e0afcd19cdc7569d8c77fee4cda152d3ccad8af7ca58c1596e02d0644860b9b3eb176e941a3c4d91ace46f59c893a5d510dfe2e884aeb70627e90ea0fa48c09f1c688883bdab65b702d6d9af1ed41e197bec6ec94ca15875a45449aca67961b03830bf941fbb139753eb925313611759ac8356c39ed67c4fb8123776a3f767d717096082efd9eb17397f899433b7f529acf9c21e9b6aad57f637a51fa961b35d2ae1dda91bd81e80aa1aeee1978d5c9d82e422075abc4d8dca26521177e1dc2cf3117f6f9eba144b97e424133bcf6b44b46cce3d0aa46f442a844e4214841101476db7266e43ecc96a8de14f90de26aef4a7f08a6f91bb7734fc27107b4b378f52a95f6aa063f638da66a951eeb60ea4291a52b9b6d42775df8f1d88d6b95e5db57e63d37d6025a1e9a05071b56471f855df4e3cdcc5a7ce0a01adf348ad1ff07c618135a4cf12a48338b462df106797a0ef7b49c70adb90c37c04191176504ec197f44d70690217484d343ff0c7de7feac0175a5946724f6c6b97d32ccd32ed44f990ed4e058633ba029c1d4d26765f73ad66658369db1c0cb6488aeed0ffbeced2c69987514fa200fd8450159a028a0e36c1ae99bebc1f20414cc6e31f69e671603b5e7110d7adb610a5119bbfa822ee57d25a5638727303f8d4f487f0764d99b0e0850b935c9c77ee2dae4725bd28dc9a900aa831acfcb123fb3b72d69f66ddd83e430b00177d5ec158d5ffaf522a5d66d88632faa9c6a7a6e6515a063d8289576ee4a34d6fbb3965418825bef177c17fa8ce4cf62c0a2fbb50b68f65ac844264314bacdfa90add306c2465af1e9c23714a6ba2a708f1d703fdce5aa9c047466d0848101ea86707c260d2ba644a1dfc4b8ebea632c3701919b27c9fa97ac99658543297a6d71f34dcc46067d1a343cd27e2149b060cad1dc9a296660dc693c7fb312310e821def3e565675f0cea7baa3d9c133be0c6f3f74aaa2aca764b3abacdcbe16aac55100ab2955f27fa781669c724da34ee5f90bfee8649090396c02b4edac233414fabf28d8d07ab7d1a22465bce7befb8eb53d41d0ed70ffb82e709b943abe3c7b257179f0492c9cf73224affe09900598de1a4b0d2d0b7dbdc453cddd57741464640aacbba2121c64bf1ef5794788812919a3f87a7560d36bf39e479a6161138bf9698100be095b614a12c33efa1dc6857de070540e86f9c3e714583dbebce98e0e3588155eb85694ee9619827bf1c379388f7244a378b19c1009c5f1f0c1fcbd4ad11698a67e111a2d0a8e49531f83e75e221e1d00d0d87c11fa54e5c87e3aeaa90e5d22b82a7cda566824344f92eec78e45af7fe77deaf5bac129f8a0d7c3df70e402b899af2a8f636fbd2272427dcfbc27ba285c12d5ae8bd0ffab472e0ba221a925c0bd36f8062096e92b45d2b0e5e5b613b177bd8ab3be8f50cf556cc3f5bec50596e23721185901ecb68dd6a9fe6d2996366e8b232b6e482865e52a9d70644f149c26e9060fdca9d0e372cb0b3b949397ec041129713e4a2cfdda00ce5af09896d35ee7bcb5f9cd375834f48bd3471ba934c7eb6351cf1796b77faa1f4e6b69f5fdb3f97c1c69cd71e090de5775f888a3ed3b0f2c2ebd741d07dca0c8cf2cded39ad6ff67d90837f442d6b024bd6036961201acd8d96e534da304210a14853128d0635bc2b23e591efb9fe2feca08293e2a0862b6815ecd48a8b5417d7537fa7bbcab9db28cd57f8a15d313f3fae1127f2a829446c728c8e4f04becafffb309e4002ed93d09eb5e4f20f5078ec683fe335f372e135132a059fb6c5464ced5141c7a37788c326e625911f303693325236fb84389abd4c3f5ee9add289c0aff0842ec38ee22a4820aba76092400867c6327893cc712720281878d06b6eff5eacd7c6866cbf2cba5940714bcd59f8398427974444e9fdb3695516216616fa154c11bf26164e2a5767f1590477542fd58b677230921a73070379ac964b532cb80954445ff5763db4da2fd64806dd9e273254958fbaa6b6b674fc255b3fa3c2e26e147542b6d0e12fc218247b0daa687f4f58537575d2fb9c69686cda88970fd0f804e8ce25ef7a517685fb4aa88cab5f4ba4f2f255d29d2869b617ae7dfc14edbf7ab25a893ae63d1b712480fcfd40e21c116e4d0f7455f043034179f3fe237c4d110fb79a3f869b966d4999e4b1bf314749403f8127e36f3985b09e9c6d2ea1737dc09576e090f44712860ed5af85822b920af0f0e9cae7581a601a414d6223fa223e4c024cd4308fbbcdd5fb7acc5bc0e8ef425e17fb15af6635c7180cb4e48add95bbb6566e8ed135bdf48b06fcccaeb077a7d849040edaed4fabad4f5a74c7d52ae0c0f3183da511b1d946fe0d76f1881486728d892256aa0c7655eb8ca8b09f8a840a8606528aea7f74a3fdd8339c0161f4f9ebecd3a82e901e1d01911f1eaf34930d3799977487727ac0fff6975a36d798c0e8da51934602c556357f784d845161e9d36220a8aee483b0c8d31756219bcd2717d1cc72f5a166919e4693f4aa17a40a3b973a8132bd40a8df9fa60f30b295e30254736f21f89eb1bc053fd90213f91aa9f43b67dae3e1dedb1c3fc96625e9dae3521d82961645d8d5abb5206b95f784c08780cc4b29b0932db5a2062f15b02e3860fe362e71921c48671e9d878b66ca223ee13b418565feab3f061b8562cd5574a3aeecbbe3907d4bb6ed51dd730689029124ba814ee2ecb6b721a64068f652e71341561de11c47465dba4db80e80469e47e362c7f6d9cf4d2511cf47e3cf6d083970a8a00be68b9e1225455c277742234254c5023207734cd61c8691dfc6ad813e9c11211ebeceecb700eb9f96cc0ffe9cb5816a8f09a3f45cb1cde3130b089f89d71ccd09242773ab412ccb63519d094693e59671ae11fa1d96ec48208d7605d800a3ee0c45d7b8af97aaf8ffd8845d54cbf86b6ba02b5c1c50e3cbf569ccb8d25df27f8960def2c8dbb97cc0ae24c1206e8ea617134219b7c8c78fb9a46cd9b0ca830dc41cafb6a903b415e7aff0b4d3f66b7fc85644db7aae67ddc70c8dae917866ebdf21d32c4db283db1bd8aee668eac072c9b83f03cee1805bcd63ef54eaea3f1a9b8f304fd9b143e58c6a432618a2fc24f3dd9614a11ea23cfa6d9841b4f749988f0ee68431afef64029a26dc960ba5669596ed876ac0d5bc03ffc047311d4115aee056cec19ef2b0719fbac6bfe4adc2fa65bcdc62a988ff2608599921f35f8de1e4f5309c0c5058671e910ff213c19c42ad2100a748438ebf5c3c8adcefc175b58eafa2193c4520db2dc4109d4c881669cd45ce4f0acd8191c0c05eafe812fb31c1d5aad569d5342cdf3c2fd97a0cd7033929b20a1ffc5549e8c5f58d9263300da8b188acac72df33c4e0031432fd414d6dfc4e5db93467abcab245274317641e79124a1a53b17ad7e1b681e9f9524acdbefdef6c1718a9c4f5bc0104eb81d7b8a28eebb9ef4d1553512477d4b73569cb2ebce5f2dfe15996baa3a3244ed16db70f26fd323ea52da2c58fd622ef38cffd8dba258a4c345132580ec98b83c689f612e2a375bb9e49c38d02526beb9e8ff79b960def67de5aa6c387cd0716018fde42ab1a96af6196806ca6a17c83ba5667b0321a416c543427d526cb7f9ab4cc83cd4b3425eca46b05027f7fdea2f2f47d28db86bf9fcd25e789af03adae6da6d437b9fdcf3baa644ea0be5d143052a104d4b6325ba34de840357fc506f54816fb2aadd4f337ea60a6e7f10c897228d5df1ea2cf1e99f4926caac9b804b7200a872526ace607b2333f2f27061120ae820549d52e9afd1ea7e4a49a88dfdb79dcaaacb0c6ca2693d958e9b7dc6f939298ebfabb45b3807e07babf2bd44258c4fa867be566e9a7f5c809876f769990ce99c3fbeba0ac991c6d3a3073214e89db18f0d0ba08d70d284f2ae13f77b34bf690423616b185f6176badb2e1ed3dab063a1e28ea6fbf334d6bc5eaea9f70033af56c75564c3838ec5b0418ad5b98c61c49644d3464c931d156ce4db2bcd6250049637055b6f4fba9a76bc649b19c20b7a0d4d4f69c24b1503ec5a14f6ee75a70670b91131ba6573bd06ca83adf5073bd3386f904533eacfbb406d24471d9c8928ac31c2a541d37c5aabce371cefb4ae8dd638fc0bc0b64b9cfc030bb67048ccd89d7ccf375b7b48943f3008ed6ef231bdf44dbf3ab986f324b8620d37303ecb27c15d35ebbe5c77bddc21dde456fd3c39f419d8368f22560b2cb9ac33f073f9a116882ca421f1d0ea093bbcc97bab1f4ec12d64506f45e14f44ff0b25d1aa1d3a8d7eebf261ff0b7ed45e6e243633523ae33d021d0a0d20b6bbdd12ab6a47214d269db0ddd4fa18ce325688d0fed4271f1059373888bde658f2093efd04ad19519d71f72bfb0fd8204afdd163d409daef75c4614cb7293456c356d18b49d3bb0af3c6be2e504030bf7024c6f5685e8ea4ea9b7abaacb08eebb3c1349b6630bc924e4b81446c092e1228a2d9dc40b8e9516580f505041c1a2caac3c625070ed3f65063f15805cd889a059703368157133a2c190c9c2b16118d7e4b25ea20741c420b4fb0d4f4ee558728105e6d9694b02aea7c3a851f2d02721c4b42967b897a8a2bde46ca201e7b8cc5c9552c7f6274921368e2fb04ad2504ed0bac2ddb76934f935e804e0041305f998e9799239947d7e5488b48a4cb3ca0fd6fcc352d6f5ce0ea8ef16d5511edac62ae9a66c0f696d9a4d4f41f7844569956a95df279fbbdc34edf0331f22a74ba0bf94b43e5a25ea86ea91274acdd84dade5ee55ca89362ef12e73f799c18afff21f165b5660a475cfd727dba119516ed1e1edebe059bfde57c30004e4e2b763f2d4ea6ee27c7f552e71191cdd7791e9af703cea73ea0cd8f986aec6454cea690d91f5eefe70278e1439fcdc3a31ac174e42a8de1ac385d93f33d5ac701aec3184801e92ae16c4744b1ab84f4bfc499a5f44c677c0a2fbd6c6cad218c689b77ae404368225b2a0750c327ea07806bbb679fd18fc5753c4b121ed2a04e665d315444f5e91b101d34979d429949d50365e8c196b5c7c7eec119352b2439a52c7918c2db4413225999510ac2c5808fab1d0a560ee28adaca97bd61c1791611492e6fd50372d99d893a8ef0b33f7287e379b9a9072f1cfe02ecdc174aab7473b84c69293c831b800ace461c15043986ccdf5bdc449cd00c97476deaae5042a42a53594396efcd923cab1e3ea36888fc348478486c4bbb8b412992c4ee4d8cddbfa95998d86792a109903343f9b7938d891569e7ba9aa8c3920d7ca7f1be2e13e3da31a9ab1ff6403add483f6df7f787809a76e97c9d5f5bae0e958042efe0fdedd6c248ce18a834e37122fd51b2359872b8227216687f312f2067b4b48fefc50905c10e9318011c8876773b1b7edb5477dabf9f6ad0099f2c5f3fd74e179e382a8a9e0920045c6c8809ab957fb04366a79e85540571cf9c9cd0800aa00", @ANYRES32=r8, @ANYBLOB="f89433a543aec513f64c5a57e677b62ef23517ad427d197d5e2d010b6b5ec6a1ba38f88dad15aded778bf0e84d96481946ee7b4601b34ea48b9ac1d7cd46ba05124f5b4cf36b9f61ef7b507ee2dbc1791a3d0d43fdbb696b759287f9340c32a2886bf6a89a421b51cc1a3e09f69b76172e9f7732a2576f61e91d9d71eced5fa5643e01a4e43155d3c47c3323c9a37fcaefbfbf60a0a65ace6abf975a0e873eea23f46fe9f2bce18815d1d0f982e5489a12999db20e2f2537dd8f50c39f1e2fff037e8120d13343e7817306176d2227b3dfcd3e0a725aff01af4cf0ca0257f8859cbd410a062829333957c2a5f224c269ccfd43646b841b33edf9ed1eb114007c00fe8000000000000000000000000000bb001000ed800c0015000000000080000000becd43280000000000000000000000000000080012000b00000108000c0057000000"], 0x18b0}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r2, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="00012cbd7008ffdbdf250300000014000100ff01000000000000000000000000000114000100ff3bc2950322322d0100004837303802ad000000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x40803) 5.441042452s ago: executing program 0 (id=255): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) socket(0x1f, 0x800, 0xffffff01) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf2521000000"], 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x6d4382, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x0, 0x5, 0x2]}, 0x0) unshare$auto(0x40000080) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/ram6/queue/minimum_io_size\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001540)=""/104, 0x68) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x10000, 0x400, 0xffb, 0x8000000008011, r3, 0xfffffffffffffff9) move_pages$auto(0x0, 0x9, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x2, 0x80002, 0x73) r4 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x3f00) ioctl$auto(0x3, 0x8906, 0xd) read$auto(r4, 0x0, 0x993) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 4.456987355s ago: executing program 1 (id=258): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x5e7d42, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000)) sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="020a2bbd7000fbdb09000000000008000100", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) shmctl$auto_SHM_STAT_ANY(0x5, 0xf, &(0x7f0000000480)={{0x8b, 0x0, 0x0, 0xdbdb, 0x1ff, 0x0, 0x5}, 0x4, 0x0, 0x9, 0x2, @inferred, @inferred, 0xd, 0x0, &(0x7f0000000340)="6d832dc8b6df47f989f771c3df61bac82f41ff67c3ba38c105e8385d3610351fa7c3ac451068b1882b967b08ef02e2a694a995b81441dc8e1c12177c9ef8be7eaee5d721c5d8ee04edff1a9bebb58c594f9d3af81506144ff5c4eef8ff0711b1ef653ecfa1de3f636d34519561d0bd31cb0b94f47ee56327d70aca979697aae5bf3e0d683fac45ee5499b25f", &(0x7f0000000400)="d1f057931f5d575f036e069f63ae060049f678247efa3a1e1d438571e52964d35b2513b2f3353dee61410d90d7c93c89ce161f7d9371e5e81dc9850bbf7648f92cd27c71a65b3c00"/82}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) madvise$auto(0x100000001, 0x800035, 0xa) unshare$auto(0x40000080) openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/loop9/queue/rotational\x00', 0x103400, 0x0) socket(0x10, 0x2, 0x14) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x100) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ptmx\x00', 0x189000, 0x0) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x240c02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_options\x00', 0x2, 0x0) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, 0x0) close_range$auto(0x2, 0xa, 0x0) 4.058514403s ago: executing program 0 (id=260): set_mempolicy$auto(0x3, &(0x7f0000000000)=0xffffffffffffffff, 0x6) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/mm/hugepages/hugepages-2048kB/nr_hugepages_mempolicy\x00', 0x8001, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0xffff, 0x2, 0x8000) r1 = socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) socket(0x11, 0x3, 0x6000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) socket(0x2, 0x1, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) mbind$auto(0x0, 0x9, 0x9, &(0x7f0000000140)=0x80, 0x1, 0x1) r2 = socket(0x2, 0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) r3 = epoll_create$auto(0x100008) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/tty/driver/serial\x00', 0x2, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) epoll_ctl$auto(r3, 0x1, r2, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e24, @multicast1}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r1) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) sendto$auto(r1, 0x0, 0xfffffffffffffdef, 0x1ff, 0x0, 0x5) 3.807288887s ago: executing program 3 (id=262): openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000180), 0x28400, 0x0) readv$auto(0x3, &(0x7f0000000040)={&(0x7f0000000000), 0x36a}, 0x6) clock_nanosleep$auto(0x8, 0xfe000000, 0x0, 0x0) (async) clock_nanosleep$auto(0x8, 0xfe000000, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) (async) socket(0x10, 0x2, 0x0) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0x0, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000002081, 0x8, 0x2, 0xfffffffffffffff8}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(&(0x7f00000001c0)='\xc4--:\xdd:,.\xa1K\'\a6\xeb\x9a\xcb\xd5:J\xf2\x1e\x8fj\xa5\xd7l(\x10b\xc3\x95tl\xca\n\"{l\b\xaa+w \x7f\x042\xbe\x95`\xb0o\xe7\x84\xcd\xf7\xb4\xc1\x89\xabR\x16\xca\xa86\xbf\x9e\xff\xc0r\xa7\xa7[\xd2\xc0\xcf \xefZ\x9b\x01\x82$5_\x14z1\x1b:um\xcc*(cB\x05\xcd\x018\x80\x86\x87\xd2\x84`0\xda\xc8Y\x83>*\x9e\xf7!v\xf0\xeb\x1e\xd3\xd1&H<\x7f\xf7\x9f\xc28\xc9ViL7c?\xd75\x8f\xff\"\xf8\x93#\xa49\'\xd5\xbeH\x82\n\xe3\x19\xd4\t\xd5Eu\x05\xf4b\xc8\x99\x17\xee*D\x86\xa2\x9f\xa0\x9f\xca$\xcf\x19\xb34o\xbc\xd8h\x97\xcdB\x8b\x03\xaa#\xff\xd1l\xbc\v\f-k\x9d\xf5\xde\xb3\xb3pf\x02\x8b:\x13\x00\xdf\xb4\xd4f0\xffZ\x84\xd8\xce\xa8{@\x90\xd0\xb00\xb2\xd0(\x9fy\xb7\x02\xbcn\x03\xceF\xbc\xf1rK\x8e\x17+\xa2\x8aG\xed\x12\xfds\x1d\x13;\x16\xbcdZ\x90\x8e\xe8\x88\x17r\x1fJ\xb5\r\x93\xbb\xe8Z\xae%\x1a\x9b<\a\t\\,<\x04a\x84\xe7\xea\xefq8\xb3\x93GF&\xda\x9dn\xdf:\xe9nf;\x85\x1a\xe5\x03\xaf\xd5\xdb\xdeDSE\xae\xae\x1e\x0e\xab\xbc\x8az\x959J\a\x83\xf0\x1d\xc5\xca\xb38\xe2\x1d \xd4\x00'/356, 0x4) mmap$auto(0x8000000, 0xf0ffff, 0x1000000016, 0x13, 0x3, 0x180000000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.686488737s ago: executing program 3 (id=263): clock_adjtime$auto(0xb00, &(0x7f0000000040)={0xdbb, 0x0, 0x7, 0xfffffffffffffffe, 0x600, 0xf4, 0xb, 0x0, 0x7, 0x8, 0x3, {0x3ff, 0xd05}, 0xfffffffffffffff8, 0xa5, 0x9, 0xb87f, 0x0, 0xc7, 0x1000, 0xb, 0x5, 0x5, 0xfffffff5}) 3.583087741s ago: executing program 3 (id=264): openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, 0x0, 0x220100, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) read$auto(r0, 0x0, 0x9) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x48041, 0x0) write$auto(r1, 0x0, 0x6) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) move_pages$auto(0x0, 0x0, 0x0, 0x0, 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video68\x00', 0x80400, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x6, 0x0) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x124, r2, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x10c, 0x1, 0x0, 0x1, [@nested={0x108, 0x10, 0x0, 0x1, [@nested={0x104, 0xf, 0x0, 0x1, [@generic="99cb9d0ac5e7ca3db865f48743213f4895a92d889bcc52161a9db0c71042415f87e61e3975a378b736c3306b1a3ee4ce8b655fea2d69b00098f23b1cb37bf85739d04fb10a01766880ff82bbcaf8ffcc48221b11ee52385f95f3ca6366d40c8f351f1acb026136efeac333f139dc70761cb1b8ab2088cd036ec759ace6a86b542d5d8052a4be21311d98044cbdc3a15d34c29150d2cf295ab86ea42b51a5745e2911d0571fa6c66dad9cb30216732f9ba61fcdae60832bfa6da7e5c55339f2d80fbc2405cdbdf77856206c82c836024e4169fc9784aeafa9debd822a1bcf47979c0c1de2e67b3f8f747ebdf057a5be35", @generic="1a327b07757bb36f5c3608656cec1929"]}]}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) select$auto(0x5, 0x0, &(0x7f0000000140)={[0x9, 0x8, 0x3, 0x10, 0x3, 0x9, 0x9, 0xff, 0x3, 0x2, 0x2, 0x7, 0x100000001, 0x8000000000000001, 0x4, 0x9]}, 0x0, 0x0) ioctl$auto(0x3, 0x40085618, 0x38) r4 = socketpair$auto(0x1d, 0x2, 0x2, 0x0) open(0x0, 0x252802, 0x190) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) syz_genetlink_get_family_id$auto_nl80211(0x0, r4) madvise$auto(0x0, 0x80000001, 0x8) mmap$auto(0x0, 0x2020009, 0xffff, 0xeb1, 0xfffffffffffffffa, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4) getrandom$auto(&(0x7f0000000000)='/dev/video68\x00', 0x2, 0x2) 3.488945444s ago: executing program 2 (id=265): mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r0, 0x65, 0x3, 0x0, 0x4) socket(0x15, 0x5, 0x0) io_uring_setup$auto(0x7, 0x0) clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9) exit$auto(0x7) r1 = socket(0x2, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x6f, 0x0, &(0x7f0000000000)=0x9000c) 3.330993092s ago: executing program 1 (id=266): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) rseq$auto(0x0, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f00000000c0), 0x55) mmap$auto(0xc, 0x6, 0x6, 0x9b72, 0xffffffffffffffff, 0x7ffd) keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0x0, 0xe) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x40, 0x0) ioctl$auto(r1, 0x9000643f, 0xc35) clone$auto(0x3, 0x10001, 0x0, 0x0, 0x9) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x2000a, 0xe3, 0x100000ebe, r0, 0xa000) mmap$auto(0x214, 0x538, 0xfffffffffffffffd, 0x15, 0x40000000000a1, 0x8848) socket$nl_generic(0x10, 0x3, 0x10) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x4000000) sync_file_range$auto(0xffffffffffffffff, 0xfffd, 0xfffffffffffffff9, 0x2) close_range$auto(r2, 0xffffffffffffffff, 0x80) r3 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r3, &(0x7f0000008d40)='!$}-)#@\x00', 0x40) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x149f02, 0x0) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4, @multicast2}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) io_uring_setup$auto(0x9e2, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) 3.291947702s ago: executing program 2 (id=267): clock_adjtime$auto(0x0, &(0x7f0000000040)={0xdbb, 0x0, 0x7, 0xfffffffffffffffe, 0x600, 0xf4, 0xb, 0x0, 0x7, 0x8, 0x3, {0x3ff, 0xd05}, 0xfffffffffffffff8, 0xa5, 0x9, 0xb87f, 0x0, 0xc7, 0x1000, 0xb, 0x5, 0x5, 0xfffffff5}) clock_adjtime$auto(0x3, &(0x7f0000000240)={0xc, 0x0, 0x401, 0xc, 0x2, 0x9, 0x6, 0x0, 0x7, 0x4, 0x10, {0x80000000, 0x2}, 0xc, 0xdcdd, 0x3a6c8669, 0x10001, 0x0, 0x2, 0x0, 0x2, 0x3, 0x9d5, 0xa}) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000040)={0x1, 0x0, 0x1}, 0x18) adjtimex$auto(&(0x7f0000000140)={0x10000, 0x0, 0x7fffffff, 0x0, 0x2, 0x133, 0x2a4, 0x0, 0x10, 0x5, 0x100, {0x8, 0xfffffffffffffffe}, 0x4, 0x1, 0x3, 0x2, 0x0, 0x4, 0x2, 0x7fffffffffffffff, 0x700000, 0x7f, 0xb11}) 3.145815124s ago: executing program 2 (id=268): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) read$auto(r0, 0x0, 0x9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/rdma_readwrite_threshold\x00', 0x48041, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x0, 0x0, 0x0, 0x0, 0x0, 0x2) removexattr$auto(0x0, 0x0) r1 = setfsuid$auto(0xee01) shmctl$auto_SHM_LOCK(0x7, 0xb, &(0x7f0000000240)={{0x9, 0x0, 0x0, 0xe00000, 0x7, 0xe, 0x6}, 0xfffff000, 0x7fff, 0x3, 0x10001, @inferred=0xffffffffffffffff, @raw=0x6, 0x0, 0x0, &(0x7f0000000080)="aba818e27e3f5c0bb0e7a991f798ed8868ec7909f38cceb713d08c5a8478cb5f62476c4330134aefb18912e0b724244377fe63dd352d084eb3519cdb021ba3edd681a1124ebd689721dfbeed574333d543ae1c2b27b29574c1ad7ed6d3aeb31f960c28f8a66b995fc32ad6c4c1c24807d431b8feae8c075bde54b1954cd53b6189c2016343d6c51f236788404adb1118532d456bf6d12bac1f1b3c199864ae84bdd0293540a328e1f34612cf5ae2dad1a2e6c0097354fcd6de48b97cee4c9fad93093c7e0ce6812de0d9558131451f8d98e4c705c74ba00c3f3242beb8a134811d", &(0x7f0000000180)="a1504e05c68345019618e913520b8d8f368a09c8cf4a1f6eab92d1930cbb37f61e41f25f26b95784fcd2a439ead186e04912643137fc039ae9266a05ed52cdc7628357b49d29b3625322c648bb73aef34be7123c3fd903c45b6905c3f020603fc1d3f8b07d75ee9ab1640a9a027a4893b68d8c750e07b840a7b85797ca6d47bd1f433ee2a6cd621974366d52c2e26d615e"}) setreuid$auto(r1, r2) mmap$auto(0x4, 0x2020009, 0x8, 0xeb1, 0xffffffffffeffffa, 0x7ffd) socketpair$auto(0x1d, 0x2, 0x2, 0x0) 2.948191533s ago: executing program 0 (id=269): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mprotect$auto(0x40001ffff000, 0x3, 0x10004) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f00000000c0), r0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x382, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0xa0000, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0x8002, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/power/pm_trace_dev_match\x00', 0x40040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000)=""/192, 0x101) write$auto(0xca, &(0x7f0000000040)='\x042\x00\x00\x00\x00\xa6\xb8\xd8\xc6\xb08>\xcb\xcf9\x8e\x84v6\x1b\x1a\xd9\b\x83h\xc9\x9c\xc4\x96/\xd6\xb3\xf6\x00'/46, 0xd) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x2272, &(0x7f0000001900)="33f6433766b85a2a9f96e6f6d19b67b5a432d1c5f93e0d8a577b5eabfa1a4b05ddc8ab77005e1ec6e27b8d04152f265b108a1d747517175bf49bff5169e7cb3f5e7853983221a451d76865620c1dd998e4d823bdf0c0928f4400a08539f546c8dc87a4976cec06d6de8903ab8d8be8ce532fe193c3890ad8b385ab6ed4e8f05e5cdab89fffa43764e5bd7a4c015838cd0e17dfd0bc0d2ed29550b958d4421d6057485ab6ec4a562acea8f3222cee1928610eb4ca2fb856453b1baec031bbb84ffb5385db28b18c295eae5bca157a7246f8a21a4e18fe2731bdabb26f2037d5d84f5c532d54cfec461fb1fa4f6493c537e9656ecab4c415b84cee76802cbe7eec54021ea9c9be10458169a63a73d588d06efe2729b8524165c881ecea2d3cdf981b15cf5ec4e610fea6be96eea278af43965402c0c6f3090d8720f12fb206ca22450283fa6c98e265e849c459ecb215a15accd8823dc781f4d1f722ad410eca408531d964c641e9ab627d40eca0b7b8df7d0101723154d2e8e03576bdfbcb01f6bbb6258dbdf3eb63428af3ee4ba0165587826d38c83ead9ba4a120e3eb52d98c3561cbcffe6f65a50ae8f392f20174f7aa19f73be48807146bbd4aede3163f496cff82fe594882947df999e995c7c09e3e262dcc6f1d1b1a0a2f87673030995b4fca56bcb2ab9501cd7be9f0bf40eec9de60ee2abd1c3a513fe181df3c64431d772b2693f5cd9428d8a834e78accf849997871a96b0bbf13b6a12b9fd1a22f65bbcf36ac7ad55142a717844ce73f6646deca482848897081eb709d4fd73b7c97d5555a48b5af178681e357d570a47805be139f14c85ac7d12bca834902ab2249989e033f3b97f1208ab8eef449a8c36f7356f7d2a3d3cb4026c0283b07ecbd95a8287902d0501ab4646d398cec22261180d92a9ba5d44fe0ff41dc5cd617e075ceda1b9f5a6c8f850309042c00c5ebbe64581fbb8f90feaaa5aa6d2d8739c9517e4eb06328eb5ee59e6f68d878cbe593794d9245886421351a28676ed286251d79f6c62c70a68100d7847b88c068fda7722f9b13c9e17e2b5286d3bd33dda045113917db75134608fa3203adce568da42c2bf6554b4c13d044876865a2421bf39c1f549a5bf8341dc2126b411944e92708d61d4eaba1070eed5987a483bd17b6a331f79cf835d09032e6c001e29c7366fc43200f0cca686375f7638394ef90cd07dcbc69d3d99f493ad105f61f8a7b9048bfc7bb927cfdb9a277a21c312941df8442b5bbb9b3d172ffbdafcbb3b72f54eaaae93ff6da5ea1d5559dec92b7456c1403d39733873a3829c49ac80eebb83a41a75d5867db61617d26b7453acb0670ef3dbde5fc783b6027e5960ee43f18465380c0e2b7fbd33f1a152d64a379c1a04a9edb503974c763bf0d16b30ee8dbac9fe62e8e6a1e4125a2f76767da9af433093efe99822f8688134618c6bea8d44b5e0875fb637c28b2c54520e6c30d9ffaa3ae2a4f9dcde090cade70fe2d63e1591ac9ebc3b776123e4c49799c71b29f39f25f93d0fa41a3d489d64a46e57186f617915cb4b832870f71b3c5fd6625baea9222d715dda1f3410ca9deee4f8c382a457985287492ed56eb6670d6994ef037607e6c4191e3bfa4d026c38a5b986f1fa9cd6bfe452934bde29c0c8707304e05a944f39eee0d60df852c2b0e900abc0380b3189cf2fb586602ac0d9c74313551d845e698f058fbec196c1a00eefe3a79c7e71061b9c8b9622150209efaa2d5c06fcc839133d2b037ad54a11986ca8b427a743980258954c7a49b69eccaef5eaa87bb8588fbfaa4442fa624682dc658598b28fa8e2a80d92b328173a0ff87f953990f6c9de6c261c6212e1d98b2a8a1194836f4b3b4be02fbb8314c428452805b4fe0f65c6a3977e9c3c8d139056f5a12688d725cb1786cf65b5d947d2386b6982f2e6cd2c8ff3b814275609353f4c9e61688782361f07138c8740f81316b7fd5499a13e021a9afaf6857a8891b8375f80d7ecd18e398f1adfd57cb4647734e1251a16a633415b967a3a39eef247a974a48ca54ff695771d5d7e9b0bffd21d8c4e03c1ceb759244933708a32c27efc17d10a0017815ed129e63bc894b2930debfbb7ca2c9148a3ab820d01bd3552af6bf6b580b796b9173858d4b4034d1cb369f464d0c6d0760c17e8b3e6478d88229a051e413ec645c5b216be6ec5f3333374897490ef70666e10011c98f58e018ce4cd45af12499ba027cdb4f92c0127449ebb723862e277c22c208cee45b2b60ff1f417e6f607aab5f19e12a30acd3faa264506727f48b3800803c74245325f7d115a1a429d04ef1b100c7625c24a1f3ee6d9540d816f142803c1639733ce413c4999f355ecb5734e7fcf8e1f3193cbbbc6758a04ec859876d7b84489eb0b7ce6965a4ae552296bb252b1b69a00414de64296d20e031a05c987d7fb6d7004b364b1d3d6665917e62e82ffaa8df3d7b172622fc7de2925cd491e2c52646e4e39950888d277ae8f349481d552c572204a32fa0045ef7fa87cc71f9b2b85ad13f8ecfb6535eeafe6860c6c42b99dbd8a90dd402e5377c03456048758e85e6da5e6eacfe2fa8aac7bfc0c9025131678afab5d93d1857eb25f649f2afd07d68188a9eb6c360f1a3acb77b43c65e71baaf4a8a0a86dbc7076a5a1ef08ec006925d732c532e8c4af5517565633301af1424da1f4b6b240e421092b0b7d32ee4fb0ecd420c36a389f48cd5f33d386d637cf78e646e147a9591c804ce1eaac5ca1bf88997cd25f4cafd0041c67dc9d818c5c1366e66989311801e22d13d67a17cfdf4f8dec57bb1e5434121129560f28e37096bcb0c94b85147873a2e125086a232fac0f01034a0c995c52b4d828f3a906c8e5732aba229f78baefdadb1ebc0f31b7b9c9bee786a585e6051f8a148e2627757f21752aff36f4a5f91acf4fdcccfc602c86b8ae4a3e6b091f057feac3117d1100b3c2e687ad272bf52fa78e9d36c05bdb4f175449624d057b76acf7ffb11b13ae4c13dfc116c5fab0c78face04c2ea9232742a5b6aeeb46cc7b6405b75ad65c690aa74ea779a41fcb8576675fd9107f43ca96b1fc61632dbca942c9322c1a50e83162ec45a2ab81b09f7b6460752bfa7578d84af93eaf60b7463e8ffd5f576eff22bfb1d8c1cbf89384146ba3dfd6bebb90883083dbde1cf0fd3d204cafda09ee8e74b5bbc89fb3484a14eab9965cb1b1c3065acc9171c9ebb222a0a327abc6eb67c5868d5ef92ef4d99c906d8d841245cc19850507f1a216a22d9cc5461f7305a01c45c984a89ffbde97521ffba63c28e3d3590165900c8c279dcefa5ab0c411aef8d866285790c66823ac3d278fcb5a95bc4bb90f5ba65099a17cd162a8f0961e3917aa38e1e57232863813755e2f0c8b478915bfb6bc70cd23c2567df9b93a006770f93e7f2f9cc102bcee15c88c3343da8a493226101bc815ab7a6641c02aa16e78476b13b2825bc44fd118bd92fac39da8eb6fed66f974cbd14b7c201093162135f769a54512a65f2a9066852ea1b465a8867826d35ee9c7548695121460a0473a7167fcd737fc7a701e8c60c6de1f51deee5b016d028c2dabc0f155c5a808a44df425be0216dd9ccf0d54d72460683a14d33d2efd3b5ca62a21e9d9a7792c3592b61d19e3cf2a78a7a485155f00e207c7642dc8cab11524967af36c3ce8e9bd2ede25de03bf6d5ca6292d8a6cc312a242e50f74ba55ae81275543f0754e755fdeeb21ba4b713ba86d8c132a62ca4505cfcd201ef6f50c57145e4afadd4071b646c00a65bfc7400cf09f42de264ff2aeb1af64479e251cbbc5ce5b26c930062a5237605e1b4fb356a2d24ac22d0f31f5a7ea84709f292f53c400ec2c5bef1ea36ebfa15aae2e7911bc2d7a255337e5cbd7e4d2a071c076ac167566c2ee3949031d123a97e258d541172da71455eef762339bd485b9808ab5bc9c28ed48f840fb978189dcb1fc8de08e20fcebdb4e80439d7c93867558556d9a2e54c3c657102a12e69f35b2815fc849f9f8a89547f16cb96e942a0ad0fc4ac5577e8f03dd7597b39003e10104c60fee3cd7b52dffef3479c04fffb9b5d21dffcdc4e465c498a93f91de2e7983e23efea4d956463157fa54e6dcc3c0edaec86da39b862012d69acf4465c01ac59c6e6700048723c123cab7ac5016f1e7650f075b5006ffc538cb14da07050df658b8e8fd5e16715efc51d3519316bea4e13038057b3b683b4859afe0cc79f2c1bf5777495f0b28e72697b92e765ddb6b524b683a27235f53af66c51653f24d32d3238a2c3de3062203c34c4f485aa3ba6e70cb8d7f674f074d6fa9aebf97180544ca86c559cbe80c85e9d7076ef0c626c85f3c0a410d8ef16fc64af721e8991ba77ffdf0a383657accb8a08b1d7284ac48a45eef1c1d09358f3bde215b7b61f75b7c5951b8356d132f54861e9160f38d3271d0ef82ad5d26943d389f8e52069742a11b44a4f954de0ebd7c7cb0db69d63a0c50d88e80cf6276eab061f0b082eb66466ce2c8ea87021aadfefd1d30712ffa32e96a7c31600d7e52a8dd7a63c66f340b3824d5bcda12677bb0245ec15abc87801e2cfdc354f6becb3d050bde87ea4d4ecc4b2fedf5ad310816c00fb37eff28c3b5b2343c5baa9d7d57c39436252b7842dabb184d6352025116295de22759ee98f1e552f7230c4c560aacad639a57011143064f9c76710cf55a3e1f4ec0475908cb62e1b5aaf6aff4a988620d2f4f48847ca62f944574bd47ab2da793b91fb7bde564b381bcae8dd9daeb22ffdb59fd6fd2060361fc00a7c2c7b2a714fbecbd0808723f013dae1ec6d61feb536d717db092cdcb6debdd7a21a9dc25f3aa5bf4dccf70087b5064f811a41ba2735cb99e8406598113c8c0df2059449c0b918f363badeb71dcc7fca9de3df2de1e35473fd86fb11faa315f41e822f8dd3419a88d33d90d194b8172bba71d8e52c8453cfb7634e7833404bce103b219d8dccc36b2baf257c14ff0dc48005c7c901a890b5d8fd3ca4957fd7f655519b7ea861d8a2a7fae2ac20802ac2d172b1d2e5be88012d796500bc4561f5e2fb79db35c187b973916ce41a7d7becaace616a802107faec0422a7e1a9cd19e59131fe64d78719ab0be93c98ef7e4db725dff1fe4d68c3341ea2357b9a3b061ca292335c6ba49dab8ed417d4279497041617759cf1a30b743cd624e170dc397e5de4510b18a25c0a9bad3db5a5f5b93b528dbc4bf0f41dbf2dd72f36df61d2da8acb18e372f955dfd6312668a5957fcad51b4bffe02ecfb9f9d5620defff7413ffccf63c1ab77b900b7f25e6cc0c58c7a87a14ad3cb6c49a8888df66e2980203813ce59bc9e8f495c5eb37842a67ba79175b2da5bc8328d2f9dcb4258521b7a36fd69ad114a734e46fa400ba9657bd20e32841ba0f5419562a483e79c1a7a27dd3b79de891870102104841360bb14ea9b34c37c4b4655ca537446ac375508c6d17ce5ca1701393364828656c9b52a4ef62cb7460b68e0c4756bc6e13cd0fa35e1ababe1473ec52535273d2a7ac5f0167c76c686c01dbb5b1dcf3cede3b3764eca7f80c61a06734982b6bf17e91dbdb8317e30523000c2aa4d5fda7820cf0ca33ed2c07f7dcec70fc15790f4b01c73e70883cfb169911cf53ff37684629b012ac46ff8c9abeacff50411cc575e8d0ece275fd812c13329285bde83504a4a4af73646ad94e53fb049091880f946d321a1c443b641b6663d034fa5dfd7411375abf0e601be6beafe6e2b0b0f981a550bf9b839d") madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f00000009c0)='/sys/kernel/tracing/uprobe_events\x00', 0x302, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.935211597s ago: executing program 2 (id=270): prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) socket(0x2b, 0x1, 0x1) socket(0xa, 0x3, 0x73) close_range$auto(0x2, 0x8, 0x0) syz_clone(0x8040600, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x80002, 0x73) timer_create$auto(0x9, &(0x7f00000001c0)={@sival_int=0x4, @inferred, 0x1, @_tid}, &(0x7f0000000040)=0x200) r0 = socket(0x2, 0x1, 0x84) setsockopt$auto(r0, 0x63bd99ef, 0x4, &(0x7f0000000300)='\x00', 0x7ff) listen$auto(0x3, 0x81) r1 = accept$auto(0x3, 0x0, 0x0) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_show_traces_fops_trace(r1, &(0x7f00000000c0)=""/110, 0x6e) sysfs$auto(0xffffffff, 0x0, 0x0) futex$auto(0x0, 0x10d, 0x2, 0x0, 0x0, 0x8) r2 = socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) setrlimit$auto(0xb, 0x0) r3 = gettid() r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x30, r4, 0x4, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0x1}, @NL80211_ATTR_ACL_POLICY={0x8, 0xa5, 0x3}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x80000000}]}, 0x30}}, 0x40000) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) tkill$auto(r3, 0x7) getsockopt$auto(r2, 0x3a, 0x1, 0x0, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_7={@btf_id, 0xd, 0x9}, 0x6) r5 = socket(0xa, 0x2, 0x88) lseek$auto(0x3, 0x7fffffffffffffff, 0x401) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r5, @new_prog_fd=0x4, 0x1801, @old_map_fd=0x3ff}, 0xa3) 2.637596532s ago: executing program 1 (id=271): statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x9, 0x3, 0x26, 0x940, 0x1ffde, 0x3, 0x6, 0x902c, 0x9, 0x400005, 0xfff, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, [0x3, 0x3, 0x200000000, 0x400000000, 0x0, 0x3903, 0x0, 0x4, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffe, 0x4, 0x0, 0xceb, 0x0, 0xfffffffffffffffc, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x2, 0x4001, 0xfffffffffffffffd, 0x0, 0xb548, 0x8, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0xfffff7fffffffffa, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x28, 0x1, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000100)=@vsock={0x28, 0x0, 0x2710}, 0x55) connect$auto(r0, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x56) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2400, 0x0) socket(0xa, 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x55) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000001dc0)={0x0, 0x100000, &(0x7f0000001d80)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x5, 0x9b74, r2, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x1) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram8\x00', 0x54f602, 0x0) mmap$auto(0x4, 0x200000810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, 0x0, 0x44) getrandom$auto(0x0, 0x6000000, 0x3) 2.141189889s ago: executing program 3 (id=272): statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x9, 0x3, 0x26, 0x940, 0x1ffde, 0x3, 0x6, 0x902c, 0x9, 0x400005, 0xfff, 0x4, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, [0x3, 0x3, 0x200000000, 0x400000000, 0x0, 0x3903, 0x0, 0x4, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x4, 0x0, 0xceb, 0x0, 0xfffffffffffffffc, 0x0, 0x4, 0x0, 0xffffffffffffffff, 0x2, 0x4001, 0xfffffffffffffffd, 0x0, 0xb548, 0x8, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0xfffff7fffffffffa, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x28, 0x1, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000100)=@vsock={0x28, 0x0, 0x2710}, 0x55) connect$auto(r1, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x56) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2400, 0x0) socket(0xa, 0x2, 0x0) socket(0x2, 0x3, 0xfffffff1) adjtimex$auto(&(0x7f00000004c0)={0xf332b6b, 0x0, 0x7d, 0xfffffffffffffffd, 0xd4, 0x4, 0x4, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0x0, 0x804}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x4, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) socket(0x2, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0) writev$auto(r0, &(0x7f0000000040)={0x0, 0x7}, 0x21) madvise$auto(0x110c230000, 0x31ca, 0x9) 1.734000583s ago: executing program 2 (id=273): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x20, 0x0, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x12}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) truncate$auto(&(0x7f0000000100)='./file0\x00', 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x401, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$auto(r0, 0x84, 0x1, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/options/hash-ptr\x00', 0x10b000, 0x0) r1 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r1, 0x0, 0xc3) 1.094466637s ago: executing program 3 (id=274): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x5e7d42, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000)) sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="020a2bbd7000fbdb09000000000008000100", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4001}, 0x20000000) shmctl$auto_SHM_STAT_ANY(0x5, 0xf, &(0x7f0000000480)={{0x8b, 0x0, 0x0, 0xdbdb, 0x1ff, 0x0, 0x5}, 0x4, 0x0, 0x9, 0x2, @inferred, @inferred, 0xd, 0x0, &(0x7f0000000340)="6d832dc8b6df47f989f771c3df61bac82f41ff67c3ba38c105e8385d3610351fa7c3ac451068b1882b967b08ef02e2a694a995b81441dc8e1c12177c9ef8be7eaee5d721c5d8ee04edff1a9bebb58c594f9d3af81506144ff5c4eef8ff0711b1ef653ecfa1de3f636d34519561d0bd31cb0b94f47ee56327d70aca979697aae5bf3e0d683fac45ee5499b25f", &(0x7f0000000400)="d1f057931f5d575f036e069f63ae060049f678247efa3a1e1d438571e52964d35b2513b2f3353dee61410d90d7c93c89ce161f7d9371e5e81dc9850bbf7648f92cd27c71a65b3c00"/82}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) madvise$auto(0x100000001, 0x800035, 0xa) unshare$auto(0x40000080) openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/loop9/queue/rotational\x00', 0x103400, 0x0) socket(0x10, 0x2, 0x14) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x100) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ptmx\x00', 0x189000, 0x0) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000002440), 0x240c02, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_options\x00', 0x2, 0x0) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, 0x0) close_range$auto(0x2, 0xa, 0x0) 979.800084ms ago: executing program 1 (id=275): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) clock_nanosleep$auto(0x2, 0x9, 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) bpf$auto(0x6, &(0x7f0000000000)=@bpf_attr_5={@target_ifindex, r0, 0xf48b, 0x1ff, 0xffffffffffffffff, @relative_fd=r0, 0x80000001}, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mremap$auto(0x10000000000000, 0x7, 0x3fd6, 0xb, 0x20000000) mprotect$auto(0x7, 0x810002, 0x8040) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0x18, 0x4, 0x1) socket(0x2, 0x1, 0x0) socket(0x2, 0x6, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1800040074337944e66d11d00727455a2e9d62a0c4d21521adbe174c97d214b5e6f8a236612ad6957e0561a0facb41b6fcc8ef833045e12abfa529b310c4d3feca1ceab50216ca6c8f5fd47c0195c02dc116e117d6cb5d4e7ebd681d96404b4635aab461cd23cfa003b22177bbdbd0bff1de31ead59de6e3065ba8c44f57e73e71c844c6be1d86f56807aa1c2d21e396e525ee0f22ba7294739f6c1c29b3156a1f3129e4ec50e608fb663e4451671450b0d7bb5839980d30a41ae316e34750c8c792bbcc30f587bf873cbfb7e717407970552ce1bf2b6b887b5cab0b11352d37daf8f2f9728106b3a073b7d41645f45dbc3924af2dcbe19244f7e3717fb7232cd7615873621bed13108cc59cd018915b9a054573d9d27cd71e2fd0147f07f6cba314da1558684e31ca4e6355543550257bd5b32482cd3773a88282b784a20ae1d49bd499aec77e0554591efdf1bb53f2f301f5449d5d1cffa36c9e621b311bd092a1e606c5be4246aa494665bf60fe", @ANYRES16=r2, @ANYBLOB="01002ebd7000fcdbdf250400000004001000"], 0x18}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) msgctl$auto(0xa, 0x0, 0x0) close_range$auto(0x2, 0x8000, 0x0) getpid() mmap$auto(0x0, 0xffffffffffff8005, 0xdc, 0x2000000009b72, 0x2, 0x8000) timerfd_settime$auto(0xffffffffffffffff, 0x1b, &(0x7f00000000c0)={{0x9, 0x7fffffffffffffff}, {0x8, 0x4ccb7e23}}, &(0x7f0000000100)={{0x3, 0x400}, {0x7ae, 0x1}}) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) 860.963728ms ago: executing program 2 (id=276): close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x3) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) sendto$auto(0xffffffffffffffff, 0x0, 0x70, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x6) mprotect$auto(0x8, 0x8000000000000003, 0xd) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x7) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4e23, @empty}, 0x55) listen$auto(0x3, 0x83) accept$auto(r0, 0xffffffffffffffff, 0xfffffffffffffffd) mmap$auto(0xfffffffffffffffe, 0x800, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x3f, 0x7fff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x500, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r1 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000080), 0x141002, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0) write$auto(r1, 0x0, 0xc3) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x4) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@id={0x1e, 0x3, 0x3, {0x4e22, 0x3}}, 0x22) sendmmsg$auto(0x3, 0x0, 0x200, 0x0) read$auto(0xc8, 0x0, 0x200) setreuid$auto(0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) 726.303048ms ago: executing program 0 (id=277): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/mm/transparent_hugepage/khugepaged/alloc_sleep_millisecs\x00', 0x182b02, 0x0) r0 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) prctl$auto(0x2f, 0x4, 0xd85, 0x1, 0x5) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x10, 0x2, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_CREATE_VM(r3, 0xc048aeca, 0x0) r5 = socket(0x2c, 0x3, 0x0) poll$auto(&(0x7f0000000d40)={r5, 0x1, 0xa}, 0x5, 0x3) ioctl$auto(r2, 0x80045515, 0x1) openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x20002, 0x0) r6 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r6, 0x29, 0x1f, &(0x7f0000000040)='!\x00', 0x1ff) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r1, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003980)={&(0x7f0000003940)=ANY=[@ANYBLOB="14800000", @ANYRES16=r0, @ANYBLOB="01032cbd7000fddbdf250a000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0xc4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r5) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r7, 0xc004500a, &(0x7f0000000140)="c75601") 149.848261ms ago: executing program 3 (id=278): close_range$auto(0x2, 0xa, 0x0) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x101, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) mprotect$auto(0x8, 0x8000000000000003, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0xa, 0x801, 0x7) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x4e23, @empty}, 0x55) listen$auto(0x3, 0x83) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) mmap$auto(0xfffffffffffffffe, 0x800, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x3f, 0x7fff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x4) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x3}}}, 0x22) sendmmsg$auto(0x3, 0x0, 0x200, 0x0) read$auto(0xc8, 0x0, 0x200) setreuid$auto(0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x108202, 0x0, 0x1, 0x0, 0x2, 0x9}, 0x9}, 0x6, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event\x00', 0x200, 0x0) preadv$auto(r1, &(0x7f0000000080)={0x0, 0x8}, 0x4, 0x8, 0x5) (fail_nth: 2) 0s ago: executing program 1 (id=279): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, r0, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup.cpu/hugetlb.1GB.failcnt\x00', 0x1a3b02, 0x0) close_range$auto(0x2, 0xa, 0x0) shmctl$auto_IPC_RMID(0x1, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/tty/ttyq5/power/control\x00', 0x10400, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), 0xffffffffffffffff) r5 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000200), 0x10000, 0x0) write$auto(r5, &(0x7f0000000240)='+$}\x00', 0x9) sendmsg$auto_WG_CMD_SET_DEVICE(r3, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280002d3bc5caee284445c5db6bf5ee9fedaa2a7a6a729d99526d74b2c7fae767c2cb7f5c88b37106510422d099f8a1ba5ed16608532c9c514405fe374371bf672d013e03b8fb44665e3db0ec45e0f9828f90031ebb00968ccf78d27b6327d2bc75f5b89b91713186ba5429e56025eb79d1f86", @ANYRES16=r4, @ANYBLOB="210026bd70007edbdf25010000001400020067656e65766530000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x40884) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000280)={'veth0_to_hsr\x00', 0x0}) bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x3, 0x4, 0xf, 0x61, 0x400, 0x0, 0x1, 0x80f0c8, 0x20, "38c1d5cbcb9f6b5e511f0cd8ed068f65", r7, 0x113e33f2, 0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x3ad, 0x3, 0x0, 0x3, @attach_prog_fd, 0x6, 0xffff, 0x8, 0x81, 0xd}, 0x4a) sendmsg$auto_WG_CMD_GET_DEVICE(r2, &(0x7f00000001c0)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xac, r4, 0x10, 0x70bd2d, 0x25dfdbff, {}, [@WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e20}, @WGDEVICE_A_PUBLIC_KEY={0x4f, 0x4, "e9897dbe62c79f1c782b0756643bebabb58fada8ed7b9bc0fab7c686b9941c257a7d657393a3a1afbcfcb8f9ec2364338bce048c01494b86f695c715fe5128eb2a374ff2107c57a64f2647"}, @WGDEVICE_A_FWMARK={0x8, 0x7, 0x7}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e20}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x5}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r7}, @WGDEVICE_A_PUBLIC_KEY={0x1f, 0x4, "1245e35f380d5d7272b1da449465870e7faeab06823666b31dc364"}]}, 0xac}, 0x1, 0x0, 0x0, 0x20000000}, 0x240000c1) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r8, 0x4b31, 0xffffffffffffffff) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/ubifs/parameters/default_version\x00', 0xa041, 0x0) write$auto(r9, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f00000000c0)=',.\\\x00', 0xd) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.143' (ED25519) to the list of known hosts. [ 65.314725][ T5816] cgroup: Unknown subsys name 'net' [ 65.461300][ T5816] cgroup: Unknown subsys name 'cpuset' [ 65.469201][ T5816] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 66.839987][ T5816] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 68.607268][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 68.616294][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 68.625381][ T5836] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 68.633052][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 68.641866][ T5836] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 68.649306][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 68.653638][ T5838] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 68.657687][ T5836] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 68.665721][ T5837] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 68.671274][ T5836] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 68.684893][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 68.685209][ T5836] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 68.692748][ T5840] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 68.700479][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 68.707005][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 68.714019][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 68.728510][ T5836] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 68.735729][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 68.738744][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 68.750711][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 68.751319][ T5840] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 68.765801][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 68.778532][ T5836] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 68.785842][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 69.038687][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 69.152487][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 69.182067][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 69.246802][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.254455][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.261982][ T5826] bridge_slave_0: entered allmulticast mode [ 69.269069][ T5826] bridge_slave_0: entered promiscuous mode [ 69.300649][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.308651][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.315825][ T5826] bridge_slave_1: entered allmulticast mode [ 69.322589][ T5826] bridge_slave_1: entered promiscuous mode [ 69.375073][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.382418][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.394274][ T5825] bridge_slave_0: entered allmulticast mode [ 69.401693][ T5825] bridge_slave_0: entered promiscuous mode [ 69.424116][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.436831][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 69.445791][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.453089][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.460296][ T5825] bridge_slave_1: entered allmulticast mode [ 69.466822][ T5825] bridge_slave_1: entered promiscuous mode [ 69.477353][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.543095][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.553058][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.561164][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.568470][ T5827] bridge_slave_0: entered allmulticast mode [ 69.575044][ T5827] bridge_slave_0: entered promiscuous mode [ 69.596036][ T5826] team0: Port device team_slave_0 added [ 69.604698][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.614340][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.621678][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.629048][ T5827] bridge_slave_1: entered allmulticast mode [ 69.635609][ T5827] bridge_slave_1: entered promiscuous mode [ 69.655923][ T5826] team0: Port device team_slave_1 added [ 69.705493][ T5825] team0: Port device team_slave_0 added [ 69.713634][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 69.725899][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 69.750907][ T5825] team0: Port device team_slave_1 added [ 69.757491][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.764549][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.790778][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 69.819348][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.826537][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 69.833857][ T5829] bridge_slave_0: entered allmulticast mode [ 69.840945][ T5829] bridge_slave_0: entered promiscuous mode [ 69.858604][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 69.865580][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 69.891576][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 69.905820][ T5827] team0: Port device team_slave_0 added [ 69.912386][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.919735][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 69.926892][ T5829] bridge_slave_1: entered allmulticast mode [ 69.933860][ T5829] bridge_slave_1: entered promiscuous mode [ 69.963237][ T5827] team0: Port device team_slave_1 added [ 69.985565][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 69.992807][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.019887][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.052933][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 70.062544][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.069712][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.095963][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.116492][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.123568][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.149917][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.162959][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 70.197000][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.204022][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.230528][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.258631][ T5826] hsr_slave_0: entered promiscuous mode [ 70.264752][ T5826] hsr_slave_1: entered promiscuous mode [ 70.294036][ T5829] team0: Port device team_slave_0 added [ 70.318272][ T5827] hsr_slave_0: entered promiscuous mode [ 70.324538][ T5827] hsr_slave_1: entered promiscuous mode [ 70.331772][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.339684][ T5827] Cannot create hsr debugfs directory [ 70.349406][ T5829] team0: Port device team_slave_1 added [ 70.370827][ T5825] hsr_slave_0: entered promiscuous mode [ 70.377116][ T5825] hsr_slave_1: entered promiscuous mode [ 70.383550][ T5825] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.391245][ T5825] Cannot create hsr debugfs directory [ 70.440492][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 70.447458][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.474242][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 70.505322][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 70.512801][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 70.538926][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 70.654956][ T5829] hsr_slave_0: entered promiscuous mode [ 70.662500][ T5829] hsr_slave_1: entered promiscuous mode [ 70.668497][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 70.676082][ T5829] Cannot create hsr debugfs directory [ 70.728844][ T5836] Bluetooth: hci1: command tx timeout [ 70.807876][ T5836] Bluetooth: hci3: command tx timeout [ 70.813733][ T5836] Bluetooth: hci0: command tx timeout [ 70.843436][ T5826] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 70.859351][ T5826] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 70.873534][ T5826] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 70.886290][ T5826] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 70.893141][ T5836] Bluetooth: hci2: command tx timeout [ 70.951655][ T5827] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 70.961186][ T5827] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 70.974476][ T5827] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 70.999573][ T5827] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 71.056379][ T5825] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 71.079297][ T5825] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 71.091030][ T5825] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 71.104415][ T5825] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 71.165566][ T5829] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 71.175681][ T5829] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 71.191867][ T5829] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 71.203217][ T5829] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 71.233061][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.296326][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.318019][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.325323][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.355425][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.362601][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.427250][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.445983][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.512803][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.529924][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.548607][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.555746][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.569523][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.576779][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.589939][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.621079][ T1163] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.628677][ T1163] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.639926][ T1163] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.647066][ T1163] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.712258][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 71.727090][ T5827] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.755227][ T5825] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 71.775636][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.784783][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.799273][ T5825] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 71.824724][ T1106] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.831880][ T1106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 71.843729][ T1106] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.850846][ T1106] bridge0: port 2(bridge_slave_1) entered forwarding state [ 71.908543][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.036440][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.057591][ T5826] veth0_vlan: entered promiscuous mode [ 72.107577][ T5826] veth1_vlan: entered promiscuous mode [ 72.163461][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.180760][ T5827] veth0_vlan: entered promiscuous mode [ 72.207607][ T5826] veth0_macvtap: entered promiscuous mode [ 72.223603][ T5827] veth1_vlan: entered promiscuous mode [ 72.234396][ T5826] veth1_macvtap: entered promiscuous mode [ 72.266053][ T5827] veth0_macvtap: entered promiscuous mode [ 72.291810][ T5827] veth1_macvtap: entered promiscuous mode [ 72.318923][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.326785][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.341392][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.352203][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.372643][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.388226][ T5825] veth0_vlan: entered promiscuous mode [ 72.395817][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 72.411075][ T5826] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.421882][ T5826] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.433026][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.445065][ T5825] veth1_vlan: entered promiscuous mode [ 72.456729][ T5827] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.466676][ T5827] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.476216][ T5827] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.486217][ T5827] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.503532][ T5826] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.512473][ T5826] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.521875][ T5826] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.531137][ T5826] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 72.647623][ T5829] veth0_vlan: entered promiscuous mode [ 72.670491][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.688317][ T5825] veth0_macvtap: entered promiscuous mode [ 72.699352][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.703092][ T5825] veth1_macvtap: entered promiscuous mode [ 72.737440][ T5829] veth1_vlan: entered promiscuous mode [ 72.771200][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.784026][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 72.793083][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.806472][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.818079][ T5836] Bluetooth: hci1: command tx timeout [ 72.823614][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 72.834166][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.845352][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 72.861033][ T5829] veth0_macvtap: entered promiscuous mode [ 72.879779][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.891425][ T5836] Bluetooth: hci0: command tx timeout [ 72.893998][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.896824][ T5832] Bluetooth: hci3: command tx timeout [ 72.909041][ T5825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 72.925009][ T5825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 72.936195][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 72.956139][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 72.959016][ T5829] veth1_macvtap: entered promiscuous mode [ 72.970197][ T5832] Bluetooth: hci2: command tx timeout [ 72.983619][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.000538][ T5825] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.009466][ T5825] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.019516][ T5825] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.028567][ T5825] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.066900][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.078869][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.089250][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.101354][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.111506][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 73.122675][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.135388][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 73.145455][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.153748][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.165898][ T5827] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 73.178777][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.193193][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.203330][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.216952][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.230809][ T5829] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 73.241500][ T5829] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 73.252788][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 73.277317][ T5829] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.286249][ T5829] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.304779][ T5829] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.313696][ T5829] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 73.465453][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.502415][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.532873][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.558349][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.614657][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 73.750348][ T5895] FAULT_INJECTION: forcing a failure. [ 73.750348][ T5895] name failslab, interval 1, probability 0, space 0, times 1 [ 73.794124][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 73.803247][ T5895] CPU: 1 UID: 0 PID: 5895 Comm: syz.0.1 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 73.803275][ T5895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 73.803294][ T5895] Call Trace: [ 73.803300][ T5895] [ 73.803312][ T5895] dump_stack_lvl+0x16c/0x1f0 [ 73.803350][ T5895] should_fail_ex+0x50a/0x650 [ 73.803375][ T5895] ? fs_reclaim_acquire+0xae/0x150 [ 73.803410][ T5895] should_failslab+0xc2/0x120 [ 73.803437][ T5895] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 73.803464][ T5895] ? ext4_init_io_end+0x24/0x170 [ 73.803493][ T5895] ext4_init_io_end+0x24/0x170 [ 73.803517][ T5895] ext4_do_writepages+0xa61/0x32d0 [ 73.803555][ T5895] ? __pfx___lock_acquire+0x10/0x10 [ 73.803597][ T5895] ? __pfx_ext4_do_writepages+0x10/0x10 [ 73.803633][ T5895] ? __pfx___lock_acquire+0x10/0x10 [ 73.803658][ T5895] ? do_writepages+0x1b3/0x820 [ 73.803692][ T5895] ? ext4_writepages+0x303/0x730 [ 73.803721][ T5895] ext4_writepages+0x303/0x730 [ 73.803751][ T5895] ? __pfx_ext4_writepages+0x10/0x10 [ 73.803795][ T5895] ? lock_acquire+0x2f/0xb0 [ 73.803816][ T5895] ? do_writepages+0x5b7/0x820 [ 73.803846][ T5895] ? __pfx_ext4_writepages+0x10/0x10 [ 73.803877][ T5895] do_writepages+0x1b3/0x820 [ 73.803911][ T5895] ? __pfx_do_writepages+0x10/0x10 [ 73.803937][ T5895] ? wbc_attach_fdatawrite_inode+0x13a/0x190 [ 73.803966][ T5895] ? __pfx_lock_release+0x10/0x10 [ 73.803990][ T5895] ? do_raw_spin_lock+0x12d/0x2c0 [ 73.804050][ T5895] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 73.804079][ T5895] ? lock_acquire+0x2f/0xb0 [ 73.804101][ T5895] ? wbc_attach_fdatawrite_inode+0x24/0x190 [ 73.804131][ T5895] ? do_raw_spin_unlock+0x172/0x230 [ 73.804166][ T5895] filemap_fdatawrite_wbc+0x104/0x160 [ 73.804196][ T5895] __filemap_fdatawrite_range+0xb3/0xf0 [ 73.804229][ T5895] ? __pfx___filemap_fdatawrite_range+0x10/0x10 [ 73.804301][ T5895] ? find_held_lock+0x2d/0x110 [ 73.804336][ T5895] ? ext4_fallocate+0x139/0x3950 [ 73.804362][ T5895] filemap_write_and_wait_range+0xa3/0x130 [ 73.804386][ T5895] ext4_punch_hole+0x194/0x10d0 [ 73.804431][ T5895] ext4_fallocate+0x9b7/0x3950 [ 73.804454][ T5895] ? rcu_is_watching+0x12/0xc0 [ 73.804485][ T5895] ? trace_lock_acquire+0x14e/0x1f0 [ 73.804506][ T5895] ? madvise_vma_behavior+0x1c8b/0x1dd0 [ 73.804540][ T5895] ? __pfx_ext4_fallocate+0x10/0x10 [ 73.804564][ T5895] vfs_fallocate+0x60d/0x10d0 [ 73.804590][ T5895] ? __pfx_vfs_fallocate+0x10/0x10 [ 73.804615][ T5895] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 73.804648][ T5895] madvise_vma_behavior+0x1c8b/0x1dd0 [ 73.804682][ T5895] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 73.804713][ T5895] ? find_vma_prev+0xdb/0x160 [ 73.804735][ T5895] ? __pfx_find_vma_prev+0x10/0x10 [ 73.804765][ T5895] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 73.804794][ T5895] ? do_madvise+0x2b3/0x7c0 [ 73.804826][ T5895] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 73.804853][ T5895] madvise_walk_vmas+0x1cf/0x2c0 [ 73.804884][ T5895] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 73.804921][ T5895] do_madvise+0x366/0x7c0 [ 73.804953][ T5895] ? __pfx_do_madvise+0x10/0x10 [ 73.804991][ T5895] ? ksys_write+0x1ba/0x250 [ 73.805012][ T5895] ? __pfx_ksys_write+0x10/0x10 [ 73.805046][ T5895] __x64_sys_madvise+0xa9/0x110 [ 73.805074][ T5895] ? lockdep_hardirqs_on+0x7c/0x110 [ 73.805102][ T5895] do_syscall_64+0xcd/0x250 [ 73.805135][ T5895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.805164][ T5895] RIP: 0033:0x7f236538cda9 [ 73.805186][ T5895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.805205][ T5895] RSP: 002b:00007f236615f038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 73.805226][ T5895] RAX: ffffffffffffffda RBX: 00007f23655a6160 RCX: 00007f236538cda9 [ 73.805240][ T5895] RDX: 0000000000000009 RSI: 00000000000031ca RDI: 000000110c230000 [ 73.805254][ T5895] RBP: 00007f236615f090 R08: 0000000000000000 R09: 0000000000000000 [ 73.805267][ T5895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 73.805279][ T5895] R13: 0000000000000000 R14: 00007f23655a6160 R15: 00007ffef9c54ba8 [ 73.805310][ T5895] [ 74.391748][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 74.421228][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 74.897721][ T5832] Bluetooth: hci1: command tx timeout [ 74.969040][ T5832] Bluetooth: hci3: command tx timeout [ 74.974514][ T5832] Bluetooth: hci0: command tx timeout [ 75.047750][ T5832] Bluetooth: hci2: command tx timeout [ 75.223022][ T5915] Process accounting resumed [ 75.391544][ T5920] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 75.861172][ T5925] netlink: 28 bytes leftover after parsing attributes in process `syz.3.10'. [ 75.899680][ T5925] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 76.036502][ T5928] netlink: 4 bytes leftover after parsing attributes in process `syz.2.12'. [ 76.480890][ T5940] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 76.659997][ T5941] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 76.978086][ T5832] Bluetooth: hci1: command tx timeout [ 77.048318][ T5832] Bluetooth: hci0: command tx timeout [ 77.050381][ T5836] Bluetooth: hci3: command tx timeout [ 77.128505][ T5836] Bluetooth: hci2: command tx timeout [ 77.336197][ T5967] netlink: 4 bytes leftover after parsing attributes in process `syz.2.22'. [ 78.144808][ T5961] can: request_module (can-proto-4) failed. [ 78.423692][ T5978] bond0: option updelay: invalid value () [ 78.437761][ T5978] bond0: option updelay: allowed values 0 - 2147483647 [ 78.964126][ T5988] FAULT_INJECTION: forcing a failure. [ 78.964126][ T5988] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 79.006153][ T5988] CPU: 0 UID: 0 PID: 5988 Comm: syz.2.26 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 79.006185][ T5988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 79.006196][ T5988] Call Trace: [ 79.006202][ T5988] [ 79.006211][ T5988] dump_stack_lvl+0x16c/0x1f0 [ 79.006244][ T5988] should_fail_ex+0x50a/0x650 [ 79.006266][ T5988] ? __pfx___might_resched+0x10/0x10 [ 79.006296][ T5988] should_fail_alloc_page+0xe7/0x130 [ 79.006322][ T5988] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 79.006359][ T5988] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 79.006400][ T5988] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 79.006426][ T5988] ? mark_lock+0xb5/0xc60 [ 79.006455][ T5988] ? mark_lock+0xb5/0xc60 [ 79.006474][ T5988] ? find_held_lock+0x2d/0x110 [ 79.006506][ T5988] ? __pfx_mark_lock+0x10/0x10 [ 79.006525][ T5988] ? page_ext_put+0x3e/0xd0 [ 79.006546][ T5988] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 79.006575][ T5988] ? policy_nodemask+0xea/0x4e0 [ 79.006602][ T5988] alloc_pages_mpol+0x1fc/0x540 [ 79.006628][ T5988] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 79.006655][ T5988] ? find_held_lock+0x2d/0x110 [ 79.006687][ T5988] folio_alloc_mpol_noprof+0x36/0x2f0 [ 79.006716][ T5988] vma_alloc_folio_noprof+0xee/0x1b0 [ 79.006743][ T5988] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 79.006771][ T5988] ? __pfx___lock_acquire+0x10/0x10 [ 79.006807][ T5988] do_wp_page+0x1f2c/0x4560 [ 79.006835][ T5988] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 79.006859][ T5988] ? __pfx_do_wp_page+0x10/0x10 [ 79.006875][ T5988] ? rcu_is_watching+0x12/0xc0 [ 79.006907][ T5988] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 79.006938][ T5988] ? lock_acquire+0x2f/0xb0 [ 79.006958][ T5988] ? __handle_mm_fault+0xf22/0x2c60 [ 79.006987][ T5988] __handle_mm_fault+0x1c7c/0x2c60 [ 79.007014][ T5988] ? lock_vma_under_rcu+0x6b9/0x980 [ 79.007035][ T5988] ? __pfx___handle_mm_fault+0x10/0x10 [ 79.007085][ T5988] handle_mm_fault+0x3fa/0xaa0 [ 79.007114][ T5988] do_user_addr_fault+0x60d/0x13f0 [ 79.007146][ T5988] exc_page_fault+0x5c/0xc0 [ 79.007174][ T5988] asm_exc_page_fault+0x26/0x30 [ 79.007200][ T5988] RIP: 0033:0x7f88ef24c9bc [ 79.007217][ T5988] Code: 23 83 c0 01 44 39 d0 75 dc 48 89 f0 25 ff 1f 00 00 49 89 34 c1 41 88 3c 00 31 c0 c3 66 90 41 38 3c 10 74 0b 41 88 3c 10 31 c0 <49> 89 34 d1 c3 b8 01 00 00 00 c3 66 0f 1f 84 00 00 00 00 00 55 48 [ 79.007235][ T5988] RSP: 002b:00007ffcc15fab48 EFLAGS: 00010246 [ 79.007251][ T5988] RAX: 0000000000000000 RBX: 00007f88f00d5720 RCX: ffffffff8234dfcf [ 79.007264][ T5988] RDX: 0000000000001fcf RSI: ffffffff81849fcf RDI: 0000000000000011 [ 79.007276][ T5988] RBP: ffffffff81849fcf R08: 00007f88ef590000 R09: 00007f88ef592000 [ 79.007289][ T5988] R10: 0000000081849fd3 R11: 0000000000000011 R12: 0000000000000011 [ 79.007301][ T5988] R13: 000000000000001d R14: ffffffff818494f4 R15: 000000000000001d [ 79.007314][ T5988] ? tsk_fork_get_node+0x54/0x70 [ 79.007335][ T5988] ? kthread+0x70f/0x750 [ 79.007357][ T5988] ? inode_init_always_gfp+0x5ff/0x1030 [ 79.007379][ T5988] ? kthread+0x70f/0x750 [ 79.007402][ T5988] [ 79.342611][ T5988] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 84.484011][ T6067] netlink: 28 bytes leftover after parsing attributes in process `syz.3.44'. [ 85.256292][ T6067] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 85.318120][ T6067] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 85.338822][ T6067] bond0 (unregistering): Released all slaves [ 85.663536][ T6079] FAULT_INJECTION: forcing a failure. [ 85.663536][ T6079] name failslab, interval 1, probability 0, space 0, times 0 [ 85.676377][ T6079] CPU: 0 UID: 0 PID: 6079 Comm: syz.2.47 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 85.676407][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 85.676420][ T6079] Call Trace: [ 85.676427][ T6079] [ 85.676435][ T6079] dump_stack_lvl+0x16c/0x1f0 [ 85.676474][ T6079] should_fail_ex+0x50a/0x650 [ 85.676499][ T6079] ? fs_reclaim_acquire+0xae/0x150 [ 85.676535][ T6079] ? do_eventfd+0x67/0x2f0 [ 85.676560][ T6079] should_failslab+0xc2/0x120 [ 85.676588][ T6079] __kmalloc_cache_noprof+0x68/0x420 [ 85.676618][ T6079] do_eventfd+0x67/0x2f0 [ 85.676645][ T6079] __x64_sys_eventfd+0x32/0x50 [ 85.676671][ T6079] do_syscall_64+0xcd/0x250 [ 85.676704][ T6079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.676734][ T6079] RIP: 0033:0x7f88ef38cda9 [ 85.676752][ T6079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.676773][ T6079] RSP: 002b:00007f88f021b038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 85.676794][ T6079] RAX: ffffffffffffffda RBX: 00007f88ef5a5fa0 RCX: 00007f88ef38cda9 [ 85.676808][ T6079] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000008c [ 85.676830][ T6079] RBP: 00007f88ef40e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 85.676845][ T6079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 85.676859][ T6079] R13: 0000000000000000 R14: 00007f88ef5a5fa0 R15: 00007ffcc15faaf8 [ 85.676889][ T6079] [ 85.889314][ T6083] netlink: 28 bytes leftover after parsing attributes in process `syz.3.48'. [ 85.889388][ T6083] bridge_slave_1: left allmulticast mode [ 85.889445][ T6083] bridge_slave_1: left promiscuous mode [ 85.890964][ T6083] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.895373][ T6083] bridge_slave_0: left allmulticast mode [ 85.895401][ T6083] bridge_slave_0: left promiscuous mode [ 85.895553][ T6083] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.931420][ T6084] GUP no longer grows the stack in syz.1.49 (6084): 14000-401000 (4000) [ 85.931529][ T6084] CPU: 0 UID: 0 PID: 6084 Comm: syz.1.49 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 85.931556][ T6084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 85.931569][ T6084] Call Trace: [ 85.931576][ T6084] [ 85.931585][ T6084] dump_stack_lvl+0x16c/0x1f0 [ 85.931622][ T6084] gup_vma_lookup+0x1d2/0x220 [ 85.931661][ T6084] __get_user_pages+0x236/0x36f0 [ 85.931695][ T6084] ? hlock_class+0x4e/0x130 [ 85.931727][ T6084] ? __lock_acquire+0x15a9/0x3c40 [ 85.931755][ T6084] ? __pfx___get_user_pages+0x10/0x10 [ 85.931792][ T6084] __gup_longterm_locked+0x211/0x1870 [ 85.931819][ T6084] ? __pfx___lock_acquire+0x10/0x10 [ 85.931853][ T6084] ? __pfx___gup_longterm_locked+0x10/0x10 [ 85.931881][ T6084] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 85.931910][ T6084] ? rwsem_read_trylock+0x12d/0x250 [ 85.931941][ T6084] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 85.931972][ T6084] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 85.932015][ T6084] pin_user_pages_remote+0xee/0x150 [ 85.932044][ T6084] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 85.932068][ T6084] ? down_read+0xc9/0x330 [ 85.932115][ T6084] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 85.932153][ T6084] ? futex_wait_queue+0x101/0x1f0 [ 85.932188][ T6084] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 85.932246][ T6084] process_vm_rw+0x301/0x360 [ 85.932278][ T6084] ? __pfx_process_vm_rw+0x10/0x10 [ 85.932349][ T6084] ? xfd_validate_state+0x5d/0x180 [ 85.932380][ T6084] ? rcu_is_watching+0x12/0xc0 [ 85.932416][ T6084] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 85.932447][ T6084] ? do_syscall_64+0x91/0x250 [ 85.932477][ T6084] ? lockdep_hardirqs_on+0x7c/0x110 [ 85.932506][ T6084] do_syscall_64+0xcd/0x250 [ 85.932540][ T6084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.932570][ T6084] RIP: 0033:0x7f4ef058cda9 [ 85.932589][ T6084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.932610][ T6084] RSP: 002b:00007f4ef13ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 85.932632][ T6084] RAX: ffffffffffffffda RBX: 00007f4ef07a5fa0 RCX: 00007f4ef058cda9 [ 85.932647][ T6084] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 000000000000002b [ 85.932661][ T6084] RBP: 00007f4ef060e2a0 R08: 0000000000000003 R09: 0000000000000000 [ 85.932674][ T6084] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 85.932688][ T6084] R13: 0000000000000000 R14: 00007f4ef07a5fa0 R15: 00007fffb47151c8 [ 85.932720][ T6084] [ 86.179680][ T6083] Zero length message leads to an empty skb [ 86.922260][ T6081] tty tty46: ldisc open failed (-12), clearing slot 45 [ 86.932413][ T6084] ttyS ttyS2: ldisc open failed (-12), clearing slot 2 [ 87.132846][ T977] cfg80211: failed to load regulatory.db [ 87.163361][ T6094] netlink: zone id is out of range [ 87.177924][ T6094] netlink: zone id is out of range [ 87.193314][ T6094] netlink: zone id is out of range [ 87.211002][ T6094] netlink: zone id is out of range [ 87.237934][ T6094] netlink: zone id is out of range [ 87.242034][ T6099] netlink: 172 bytes leftover after parsing attributes in process `syz.2.51'. [ 87.243079][ T6094] netlink: zone id is out of range [ 87.322561][ T6094] netlink: zone id is out of range [ 87.337824][ T6094] netlink: zone id is out of range [ 87.353757][ T6094] netlink: zone id is out of range [ 87.363565][ T6094] netlink: zone id is out of range [ 89.344011][ T6132] mmap: syz.3.60 (6132) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 89.732986][ T6140] syz.2.63(6140): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 93.217735][ T29] audit: type=1800 audit(6033127484.432:2): pid=6194 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.77" name="discovery_nqn" dev="configfs" ino=7928 res=0 errno=0 [ 93.320902][ T6183] netlink: 330 bytes leftover after parsing attributes in process `syz.2.73'. [ 93.601082][ T6202] process 'syz.3.78' launched '/dev/fd/4' with NULL argv: empty string added [ 95.446036][ T6225] netlink: 4 bytes leftover after parsing attributes in process `syz.3.82'. [ 97.166664][ T5836] Bluetooth: hci0: unexpected event 0x32 length: 10 > 9 [ 97.308227][ T5836] Bluetooth: hci1: unexpected event 0x32 length: 10 > 9 [ 98.292249][ T6282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.95'. [ 98.350316][ T6282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.95'. [ 99.268242][ T6287] mkiss: ax0: crc mode is auto. [ 99.323852][ T6298] program syz.0.99 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 100.001191][ T6316] random: crng reseeded on system resumption [ 100.874171][ T6334] netlink: 4 bytes leftover after parsing attributes in process `syz.2.108'. [ 101.455007][ T6339] FAULT_INJECTION: forcing a failure. [ 101.455007][ T6339] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 101.480294][ T6339] CPU: 0 UID: 0 PID: 6339 Comm: syz.0.109 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 101.480325][ T6339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 101.480337][ T6339] Call Trace: [ 101.480344][ T6339] [ 101.480352][ T6339] dump_stack_lvl+0x16c/0x1f0 [ 101.480386][ T6339] should_fail_ex+0x50a/0x650 [ 101.480409][ T6339] ? __pfx___might_resched+0x10/0x10 [ 101.480440][ T6339] should_fail_alloc_page+0xe7/0x130 [ 101.480474][ T6339] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 101.480511][ T6339] __alloc_frozen_pages_noprof+0x18e/0x2470 [ 101.480540][ T6339] ? free_frozen_page_commit+0x3eb/0xfa0 [ 101.480566][ T6339] ? hlock_class+0x4e/0x130 [ 101.480595][ T6339] ? mark_lock+0xb5/0xc60 [ 101.480617][ T6339] ? _raw_spin_unlock+0x28/0x50 [ 101.480642][ T6339] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 101.480673][ T6339] ? stack_depot_save_flags+0x30e/0x9e0 [ 101.480703][ T6339] ? kasan_save_stack+0x42/0x60 [ 101.480724][ T6339] ? kasan_save_stack+0x33/0x60 [ 101.480745][ T6339] ? kasan_save_track+0x14/0x30 [ 101.480766][ T6339] ? __kasan_slab_alloc+0x89/0x90 [ 101.480788][ T6339] ? kmem_cache_alloc_node_noprof+0x1ca/0x3b0 [ 101.480811][ T6339] ? alloc_vmap_area+0x636/0x2a60 [ 101.480839][ T6339] ? __get_vm_area_node+0x19e/0x2f0 [ 101.480868][ T6339] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 101.480898][ T6339] ? policy_nodemask+0xea/0x4e0 [ 101.480925][ T6339] alloc_pages_mpol+0x1fc/0x540 [ 101.480952][ T6339] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 101.480980][ T6339] ? __pfx___lock_acquire+0x10/0x10 [ 101.481007][ T6339] alloc_pages_noprof+0x131/0x390 [ 101.481033][ T6339] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 101.481055][ T6339] get_free_pages_noprof+0xc/0x40 [ 101.481082][ T6339] kasan_populate_vmalloc_pte+0x2d/0x160 [ 101.481104][ T6339] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 101.481126][ T6339] __apply_to_page_range+0x5fd/0xd30 [ 101.481151][ T6339] ? __pfx_kasan_populate_vmalloc_pte+0x10/0x10 [ 101.481195][ T6339] ? __pfx___apply_to_page_range+0x10/0x10 [ 101.481218][ T6339] ? insert_vmap_area+0x2ef/0x4d0 [ 101.481250][ T6339] alloc_vmap_area+0x93e/0x2a60 [ 101.481291][ T6339] ? __pfx_alloc_vmap_area+0x10/0x10 [ 101.481329][ T6339] __get_vm_area_node+0x19e/0x2f0 [ 101.481365][ T6339] __vmalloc_node_range_noprof+0x26a/0x1530 [ 101.481388][ T6339] ? sock_map_alloc+0x1f9/0x280 [ 101.481423][ T6339] ? sock_map_alloc+0x1f9/0x280 [ 101.481459][ T6339] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 101.481483][ T6339] ? rcu_is_watching+0x12/0xc0 [ 101.481513][ T6339] ? trace_kmalloc+0x2d/0xd0 [ 101.481539][ T6339] ? __kmalloc_node_noprof+0x23d/0x520 [ 101.481567][ T6339] ? sock_map_alloc+0x1f9/0x280 [ 101.481591][ T6339] __bpf_map_area_alloc+0xea/0x190 [ 101.481618][ T6339] ? sock_map_alloc+0x1f9/0x280 [ 101.481646][ T6339] sock_map_alloc+0x1f9/0x280 [ 101.481673][ T6339] map_create+0x5c5/0x1d30 [ 101.481700][ T6339] ? __pfx_lock_release+0x10/0x10 [ 101.481723][ T6339] ? trace_lock_acquire+0x14e/0x1f0 [ 101.481744][ T6339] ? __pfx_map_create+0x10/0x10 [ 101.481768][ T6339] ? lock_acquire+0x2f/0xb0 [ 101.481790][ T6339] ? __might_fault+0xe3/0x190 [ 101.481817][ T6339] ? __might_fault+0xe3/0x190 [ 101.481851][ T6339] __sys_bpf+0x4f58/0x57a0 [ 101.481876][ T6339] ? __pfx_lock_release+0x10/0x10 [ 101.481901][ T6339] ? __pfx___sys_bpf+0x10/0x10 [ 101.481926][ T6339] ? vfs_write+0x306/0x1150 [ 101.481952][ T6339] ? __mutex_unlock_slowpath+0x164/0x6a0 [ 101.481997][ T6339] ? fput+0x67/0x440 [ 101.482023][ T6339] ? ksys_write+0x1ba/0x250 [ 101.482043][ T6339] ? __pfx_ksys_write+0x10/0x10 [ 101.482069][ T6339] __x64_sys_bpf+0x78/0xc0 [ 101.482095][ T6339] ? lockdep_hardirqs_on+0x7c/0x110 [ 101.482121][ T6339] do_syscall_64+0xcd/0x250 [ 101.482152][ T6339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 101.482179][ T6339] RIP: 0033:0x7f236538cda9 [ 101.482197][ T6339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 101.482216][ T6339] RSP: 002b:00007f23661a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 101.482236][ T6339] RAX: ffffffffffffffda RBX: 00007f23655a5fa0 RCX: 00007f236538cda9 [ 101.482250][ T6339] RDX: 00000000000000a3 RSI: 0000000020000000 RDI: 0000000000000000 [ 101.482263][ T6339] RBP: 00007f23661a1090 R08: 0000000000000000 R09: 0000000000000000 [ 101.482275][ T6339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 101.482287][ T6339] R13: 0000000000000000 R14: 00007f23655a5fa0 R15: 00007ffef9c54ba8 [ 101.482314][ T6339] [ 102.594745][ T6347] netlink: 4 bytes leftover after parsing attributes in process `syz.2.112'. [ 103.500825][ T6366] netlink: 4 bytes leftover after parsing attributes in process `syz.2.118'. [ 103.768981][ T6369] FAULT_INJECTION: forcing a failure. [ 103.768981][ T6369] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 103.794809][ T6369] CPU: 1 UID: 0 PID: 6369 Comm: syz.0.120 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 103.794839][ T6369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 103.794851][ T6369] Call Trace: [ 103.794858][ T6369] [ 103.794866][ T6369] dump_stack_lvl+0x16c/0x1f0 [ 103.794900][ T6369] should_fail_ex+0x50a/0x650 [ 103.794929][ T6369] strncpy_from_user+0x3b/0x2d0 [ 103.794952][ T6369] getname_flags.part.0+0x8f/0x550 [ 103.794982][ T6369] getname+0x8d/0xe0 [ 103.795003][ T6369] do_sys_openat2+0x104/0x1e0 [ 103.795031][ T6369] ? __pfx_do_sys_openat2+0x10/0x10 [ 103.795059][ T6369] ? __fget_files+0x206/0x3a0 [ 103.795090][ T6369] __x64_sys_creat+0xcd/0x120 [ 103.795119][ T6369] ? __pfx___x64_sys_creat+0x10/0x10 [ 103.795145][ T6369] ? __pfx_ksys_write+0x10/0x10 [ 103.795173][ T6369] ? do_syscall_64+0x91/0x250 [ 103.795215][ T6369] do_syscall_64+0xcd/0x250 [ 103.795245][ T6369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.795274][ T6369] RIP: 0033:0x7f236538cda9 [ 103.795292][ T6369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.795311][ T6369] RSP: 002b:00007f23661a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055 [ 103.795332][ T6369] RAX: ffffffffffffffda RBX: 00007f23655a5fa0 RCX: 00007f236538cda9 [ 103.795346][ T6369] RDX: 0000000000000000 RSI: 0000000000000a00 RDI: 0000000020000180 [ 103.795359][ T6369] RBP: 00007f23661a1090 R08: 0000000000000000 R09: 0000000000000000 [ 103.795373][ T6369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 103.795385][ T6369] R13: 0000000000000000 R14: 00007f23655a5fa0 R15: 00007ffef9c54ba8 [ 103.795418][ T6369] [ 103.967296][ C1] vkms_vblank_simulate: vblank timer overrun [ 103.978795][ T6377] netlink: 8 bytes leftover after parsing attributes in process `syz.3.122'. [ 104.032577][ T6374] netlink: 314 bytes leftover after parsing attributes in process `syz.3.122'. [ 104.099679][ T6367] netlink: 12 bytes leftover after parsing attributes in process `syz.2.118'. [ 104.480905][ T6386] netlink: 4 bytes leftover after parsing attributes in process `syz.3.124'. [ 104.792140][ T6390] netlink: 4 bytes leftover after parsing attributes in process `syz.1.125'. [ 105.299726][ T5836] Bluetooth: hci1: unexpected event 0x32 length: 10 > 9 [ 105.508292][ T6398] netlink: 'syz.2.127': attribute type 19 has an invalid length. [ 105.628521][ T6398] netlink: 334 bytes leftover after parsing attributes in process `syz.2.127'. [ 107.893741][ T6441] netlink: 4 bytes leftover after parsing attributes in process `syz.0.136'. [ 108.698896][ T6457] netlink: 4 bytes leftover after parsing attributes in process `syz.1.138'. [ 109.070728][ T6464] netlink: 338 bytes leftover after parsing attributes in process `syz.0.140'. [ 109.685562][ T5836] Bluetooth: hci0: unexpected event 0x32 length: 10 > 9 [ 110.798914][ T6484] FAULT_INJECTION: forcing a failure. [ 110.798914][ T6484] name fail_futex, interval 1, probability 0, space 0, times 1 [ 110.854695][ T6484] CPU: 0 UID: 0 PID: 6484 Comm: syz.1.145 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 110.854734][ T6484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 110.854748][ T6484] Call Trace: [ 110.854757][ T6484] [ 110.854768][ T6484] dump_stack_lvl+0x16c/0x1f0 [ 110.854808][ T6484] should_fail_ex+0x50a/0x650 [ 110.854835][ T6484] ? __pfx_mark_lock+0x10/0x10 [ 110.854866][ T6484] get_futex_key+0x4a3/0x1000 [ 110.854907][ T6484] ? __pfx_get_futex_key+0x10/0x10 [ 110.854954][ T6484] futex_wake+0xe8/0x4e0 [ 110.854984][ T6484] ? __pfx_futex_wake+0x10/0x10 [ 110.855012][ T6484] ? debug_mutex_init+0x37/0x70 [ 110.855046][ T6484] ? __pfx___lock_acquire+0x10/0x10 [ 110.855082][ T6484] do_futex+0x1e5/0x350 [ 110.855107][ T6484] ? __pfx_do_futex+0x10/0x10 [ 110.855133][ T6484] ? fd_install+0x223/0x750 [ 110.855161][ T6484] __x64_sys_futex+0x1e1/0x4c0 [ 110.855189][ T6484] ? __pfx___x64_sys_futex+0x10/0x10 [ 110.855226][ T6484] do_syscall_64+0xcd/0x250 [ 110.855260][ T6484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.855291][ T6484] RIP: 0033:0x7f4ef058cda9 [ 110.855311][ T6484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.855333][ T6484] RSP: 002b:00007f4ef13ac0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 110.855356][ T6484] RAX: ffffffffffffffda RBX: 00007f4ef07a5fa8 RCX: 00007f4ef058cda9 [ 110.855372][ T6484] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4ef07a5fac [ 110.855386][ T6484] RBP: 00007f4ef07a5fa0 R08: 00007f4ef13ad000 R09: 0000000000000000 [ 110.855401][ T6484] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f4ef07a5fac [ 110.855415][ T6484] R13: 0000000000000000 R14: 00007fffb47150e0 R15: 00007fffb47151c8 [ 110.855445][ T6484] [ 111.844851][ T5836] Bluetooth: hci1: unexpected event 0x32 length: 10 > 9 [ 113.007950][ T6513] FAULT_INJECTION: forcing a failure. [ 113.007950][ T6513] name fail_futex, interval 1, probability 0, space 0, times 0 [ 113.139437][ T6513] CPU: 0 UID: 0 PID: 6513 Comm: syz.1.155 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 113.139470][ T6513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 113.139482][ T6513] Call Trace: [ 113.139488][ T6513] [ 113.139497][ T6513] dump_stack_lvl+0x16c/0x1f0 [ 113.139531][ T6513] should_fail_ex+0x50a/0x650 [ 113.139555][ T6513] ? __lock_acquire+0x15a9/0x3c40 [ 113.139585][ T6513] get_futex_key+0x4a3/0x1000 [ 113.139621][ T6513] ? __pfx_get_futex_key+0x10/0x10 [ 113.139664][ T6513] futex_wake+0xe8/0x4e0 [ 113.139696][ T6513] ? __pfx_futex_wake+0x10/0x10 [ 113.139725][ T6513] ? find_held_lock+0x2d/0x110 [ 113.139763][ T6513] do_futex+0x1e5/0x350 [ 113.139786][ T6513] ? __pfx_do_futex+0x10/0x10 [ 113.139807][ T6513] ? __might_fault+0xe3/0x190 [ 113.139834][ T6513] ? __might_fault+0xe3/0x190 [ 113.139865][ T6513] mm_release+0x24e/0x300 [ 113.139893][ T6513] do_exit+0x886/0x2d70 [ 113.139917][ T6513] ? get_signal+0x8f7/0x2610 [ 113.139944][ T6513] ? __pfx_do_exit+0x10/0x10 [ 113.139964][ T6513] ? do_raw_spin_lock+0x12d/0x2c0 [ 113.140010][ T6513] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 113.140048][ T6513] do_group_exit+0xd3/0x2a0 [ 113.140071][ T6513] get_signal+0x2576/0x2610 [ 113.140110][ T6513] ? __pfx_get_signal+0x10/0x10 [ 113.140140][ T6513] ? __pfx_do_futex+0x10/0x10 [ 113.140166][ T6513] arch_do_signal_or_restart+0x90/0x7e0 [ 113.140191][ T6513] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 113.140233][ T6513] syscall_exit_to_user_mode+0x150/0x2a0 [ 113.140264][ T6513] do_syscall_64+0xda/0x250 [ 113.140295][ T6513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.140323][ T6513] RIP: 0033:0x7f4ef058cda9 [ 113.140341][ T6513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.140360][ T6513] RSP: 002b:00007f4ef13ac0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 113.140381][ T6513] RAX: 0000000000000001 RBX: 00007f4ef07a5fa8 RCX: 00007f4ef058cda9 [ 113.140395][ T6513] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4ef07a5fac [ 113.140408][ T6513] RBP: 00007f4ef07a5fa0 R08: 00007f4ef13ad000 R09: 0000000000000000 [ 113.140422][ T6513] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f4ef07a5fac [ 113.140435][ T6513] R13: 0000000000000000 R14: 00007fffb47150e0 R15: 00007fffb47151c8 [ 113.140464][ T6513] [ 113.504461][ T6522] binder: 6521:6522 ioctl c040563d 38 returned -22 [ 113.646597][ T6520] FAULT_INJECTION: forcing a failure. [ 113.646597][ T6520] name failslab, interval 1, probability 0, space 0, times 0 [ 113.685882][ T6520] CPU: 1 UID: 0 PID: 6520 Comm: syz.0.157 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 113.685916][ T6520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 113.685930][ T6520] Call Trace: [ 113.685937][ T6520] [ 113.685946][ T6520] dump_stack_lvl+0x16c/0x1f0 [ 113.685985][ T6520] should_fail_ex+0x50a/0x650 [ 113.686011][ T6520] ? fs_reclaim_acquire+0xae/0x150 [ 113.686050][ T6520] should_failslab+0xc2/0x120 [ 113.686081][ T6520] __kmalloc_noprof+0xce/0x4f0 [ 113.686108][ T6520] ? __netlink_kernel_create+0x180/0x750 [ 113.686137][ T6520] ? __netlink_create+0x208/0x2c0 [ 113.686163][ T6520] __netlink_kernel_create+0x180/0x750 [ 113.686202][ T6520] ? __pfx___netlink_kernel_create+0x10/0x10 [ 113.686244][ T6520] uevent_net_init+0xf9/0x360 [ 113.686269][ T6520] ? __pfx_uevent_net_init+0x10/0x10 [ 113.686294][ T6520] ? __pfx_uevent_net_rcv+0x10/0x10 [ 113.686327][ T6520] ? __pfx_uevent_net_init+0x10/0x10 [ 113.686348][ T6520] ops_init+0x1df/0x5f0 [ 113.686386][ T6520] setup_net+0x21f/0x860 [ 113.686411][ T6520] ? __pfx_setup_net+0x10/0x10 [ 113.686430][ T6520] ? down_read_killable+0xcc/0x380 [ 113.686465][ T6520] ? __pfx_down_read_killable+0x10/0x10 [ 113.686502][ T6520] ? debug_mutex_init+0x37/0x70 [ 113.686540][ T6520] copy_net_ns+0x2b4/0x6c0 [ 113.686568][ T6520] create_new_namespaces+0x3ea/0xad0 [ 113.686608][ T6520] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 113.686643][ T6520] ksys_unshare+0x45d/0xa40 [ 113.686677][ T6520] ? __pfx_ksys_unshare+0x10/0x10 [ 113.686710][ T6520] ? ksys_mmap_pgoff+0x85/0x5c0 [ 113.686755][ T6520] __x64_sys_unshare+0x31/0x40 [ 113.686787][ T6520] do_syscall_64+0xcd/0x250 [ 113.686819][ T6520] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.686848][ T6520] RIP: 0033:0x7f236538cda9 [ 113.686867][ T6520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.686889][ T6520] RSP: 002b:00007f23661a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 113.686910][ T6520] RAX: ffffffffffffffda RBX: 00007f23655a5fa0 RCX: 00007f236538cda9 [ 113.686923][ T6520] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 113.686937][ T6520] RBP: 00007f236540e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 113.686950][ T6520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.686963][ T6520] R13: 0000000000000000 R14: 00007f23655a5fa0 R15: 00007ffef9c54ba8 [ 113.686995][ T6520] [ 113.687251][ T6520] kobject_uevent: unable to create netlink socket! [ 114.275377][ T5836] Bluetooth: hci0: unexpected event 0x32 length: 10 > 9 [ 114.639263][ T6548] netlink: 4 bytes leftover after parsing attributes in process `syz.3.162'. [ 116.546939][ T6604] netlink: 4 bytes leftover after parsing attributes in process `syz.3.175'. [ 117.348612][ T6620] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 117.397757][ T6620] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 119.113538][ T6656] netlink: 4 bytes leftover after parsing attributes in process `syz.2.188'. [ 119.642967][ T6672] netlink: 4 bytes leftover after parsing attributes in process `syz.3.192'. [ 119.895874][ T6668] netlink: 4 bytes leftover after parsing attributes in process `syz.2.193'. [ 120.141247][ T5836] Bluetooth: hci1: unexpected event 0x32 length: 10 > 9 [ 120.225634][ T6684] FAULT_INJECTION: forcing a failure. [ 120.225634][ T6684] name failslab, interval 1, probability 0, space 0, times 0 [ 120.280402][ T6684] CPU: 1 UID: 0 PID: 6684 Comm: syz.3.195 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 120.280436][ T6684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 120.280456][ T6684] Call Trace: [ 120.280462][ T6684] [ 120.280471][ T6684] dump_stack_lvl+0x16c/0x1f0 [ 120.280527][ T6684] should_fail_ex+0x50a/0x650 [ 120.280552][ T6684] ? fs_reclaim_acquire+0xae/0x150 [ 120.280587][ T6684] should_failslab+0xc2/0x120 [ 120.280614][ T6684] __kmalloc_noprof+0xce/0x4f0 [ 120.280636][ T6684] ? d_absolute_path+0x137/0x1b0 [ 120.280664][ T6684] ? tomoyo_encode2+0x100/0x3e0 [ 120.280690][ T6684] tomoyo_encode2+0x100/0x3e0 [ 120.280715][ T6684] tomoyo_realpath_from_path+0x1a7/0x710 [ 120.280744][ T6684] tomoyo_path_number_perm+0x248/0x5b0 [ 120.280773][ T6684] ? tomoyo_path_number_perm+0x235/0x5b0 [ 120.280807][ T6684] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 120.280870][ T6684] ? __pfx_lock_release+0x10/0x10 [ 120.280895][ T6684] ? trace_lock_acquire+0x14e/0x1f0 [ 120.280919][ T6684] ? lock_acquire+0x2f/0xb0 [ 120.280941][ T6684] ? __fget_files+0x40/0x3a0 [ 120.280968][ T6684] ? __fget_files+0x206/0x3a0 [ 120.280995][ T6684] security_file_ioctl+0x9b/0x240 [ 120.281019][ T6684] __x64_sys_ioctl+0xb7/0x200 [ 120.281052][ T6684] do_syscall_64+0xcd/0x250 [ 120.281083][ T6684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.281112][ T6684] RIP: 0033:0x7f0b6118cda9 [ 120.281137][ T6684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.281157][ T6684] RSP: 002b:00007f0b62008038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 120.281178][ T6684] RAX: ffffffffffffffda RBX: 00007f0b613a6080 RCX: 00007f0b6118cda9 [ 120.281191][ T6684] RDX: 0000000000000007 RSI: 0000000000005407 RDI: 0000000000000007 [ 120.281204][ T6684] RBP: 00007f0b62008090 R08: 0000000000000000 R09: 0000000000000000 [ 120.281216][ T6684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.281228][ T6684] R13: 0000000000000001 R14: 00007f0b613a6080 R15: 00007ffe5795fc18 [ 120.281259][ T6684] [ 120.281277][ T6684] ERROR: Out of memory at tomoyo_realpath_from_path. [ 120.366374][ T6686] netlink: 28 bytes leftover after parsing attributes in process `syz.3.195'. [ 121.242010][ T6674] FAULT_INJECTION: forcing a failure. [ 121.242010][ T6674] name failslab, interval 1, probability 0, space 0, times 0 [ 121.242070][ T6674] CPU: 0 UID: 0 PID: 6674 Comm: syz.1.194 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 121.242097][ T6674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 121.242110][ T6674] Call Trace: [ 121.242117][ T6674] [ 121.242126][ T6674] dump_stack_lvl+0x16c/0x1f0 [ 121.242164][ T6674] should_fail_ex+0x50a/0x650 [ 121.242190][ T6674] ? fs_reclaim_acquire+0xae/0x150 [ 121.242228][ T6674] should_failslab+0xc2/0x120 [ 121.242257][ T6674] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 121.242287][ T6674] ? __kernfs_new_node+0xd3/0x890 [ 121.242327][ T6674] __kernfs_new_node+0xd3/0x890 [ 121.242359][ T6674] ? __pfx___lock_acquire+0x10/0x10 [ 121.242390][ T6674] ? __pfx___kernfs_new_node+0x10/0x10 [ 121.242447][ T6674] ? find_held_lock+0x2d/0x110 [ 121.242492][ T6674] kernfs_new_node+0x186/0x240 [ 121.242524][ T6674] kernfs_create_dir_ns+0x4c/0x150 [ 121.242554][ T6674] internal_create_group+0x34e/0xf10 [ 121.242602][ T6674] ? __pfx_internal_create_group+0x10/0x10 [ 121.242642][ T6674] ? __pfx_dev_add_physical_location+0x10/0x10 [ 121.242668][ T6674] ? bus_to_subsys+0x12d/0x160 [ 121.242704][ T6674] dpm_sysfs_add+0x80/0x280 [ 121.242730][ T6674] device_add+0x9a8/0x1a70 [ 121.242762][ T6674] ? __pfx_device_add+0x10/0x10 [ 121.242804][ T6674] device_create_groups_vargs+0x1f8/0x270 [ 121.242839][ T6674] device_create+0xe9/0x130 [ 121.242867][ T6674] ? __pfx_device_create+0x10/0x10 [ 121.242894][ T6674] ? __pfx_lock_release+0x10/0x10 [ 121.242923][ T6674] ? is_console_locked+0x9/0x20 [ 121.242946][ T6674] ? con_is_visible+0x65/0x150 [ 121.242971][ T6674] ? csi_J+0x547/0xad0 [ 121.242999][ T6674] ? gotoxy+0x188/0x380 [ 121.243027][ T6674] vcs_make_sysfs+0x55/0x80 [ 121.243054][ T6674] vc_allocate+0x502/0x880 [ 121.243084][ T6674] ? __pfx_vc_allocate+0x10/0x10 [ 121.243114][ T6674] ? lock_acquire+0x2f/0xb0 [ 121.243138][ T6674] ? con_install+0x9a/0x600 [ 121.243174][ T6674] con_install+0xa2/0x600 [ 121.243207][ T6674] ? __pfx_con_install+0x10/0x10 [ 121.243244][ T6674] ? __pfx_con_install+0x10/0x10 [ 121.243275][ T6674] tty_init_dev.part.0+0x99/0x660 [ 121.243311][ T6674] tty_open+0xac1/0xf80 [ 121.243342][ T6674] ? chrdev_open+0x596/0x6a0 [ 121.243373][ T6674] ? __pfx_tty_open+0x10/0x10 [ 121.243402][ T6674] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 121.243434][ T6674] ? lock_acquire+0x2f/0xb0 [ 121.243464][ T6674] ? chrdev_open+0x36b/0x6a0 [ 121.243495][ T6674] ? __pfx_tty_open+0x10/0x10 [ 121.243528][ T6674] chrdev_open+0x237/0x6a0 [ 121.243557][ T6674] ? __pfx_chrdev_open+0x10/0x10 [ 121.243588][ T6674] ? file_set_fsnotify_mode+0x163/0x5d0 [ 121.243627][ T6674] do_dentry_open+0x735/0x1c40 [ 121.243652][ T6674] ? __pfx_chrdev_open+0x10/0x10 [ 121.243680][ T6674] ? inode_permission+0xdd/0x5f0 [ 121.243714][ T6674] vfs_open+0x82/0x3f0 [ 121.243740][ T6674] ? may_open+0x1f2/0x400 [ 121.243774][ T6674] path_openat+0x1e88/0x2d80 [ 121.243814][ T6674] ? __pfx_path_openat+0x10/0x10 [ 121.243839][ T6674] ? __pfx___lock_acquire+0x10/0x10 [ 121.243864][ T6674] ? lock_acquire.part.0+0x11b/0x380 [ 121.243891][ T6674] ? find_held_lock+0x2d/0x110 [ 121.243928][ T6674] do_filp_open+0x20c/0x470 [ 121.243950][ T6674] ? __pfx_do_filp_open+0x10/0x10 [ 121.243971][ T6674] ? find_held_lock+0x2d/0x110 [ 121.244021][ T6674] ? alloc_fd+0x41f/0x760 [ 121.244048][ T6674] do_sys_openat2+0x17a/0x1e0 [ 121.244074][ T6674] ? __pfx_do_sys_openat2+0x10/0x10 [ 121.244099][ T6674] ? __pfx_do_sys_openat2+0x10/0x10 [ 121.244127][ T6674] ? __pfx___might_resched+0x10/0x10 [ 121.244163][ T6674] __x64_sys_openat+0x175/0x210 [ 121.244188][ T6674] ? __pfx___x64_sys_openat+0x10/0x10 [ 121.244230][ T6674] do_syscall_64+0xcd/0x250 [ 121.244262][ T6674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.244292][ T6674] RIP: 0033:0x7f4ef058cda9 [ 121.244311][ T6674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.244333][ T6674] RSP: 002b:00007f4ef13ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 121.244353][ T6674] RAX: ffffffffffffffda RBX: 00007f4ef07a5fa0 RCX: 00007f4ef058cda9 [ 121.244367][ T6674] RDX: 0000000000000000 RSI: 0000000020000300 RDI: ffffffffffffff9c [ 121.244381][ T6674] RBP: 00007f4ef060e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 121.244393][ T6674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 121.244405][ T6674] R13: 0000000000000000 R14: 00007f4ef07a5fa0 R15: 00007fffb47151c8 [ 121.244436][ T6674] [ 121.604379][ T6703] netlink: 28 bytes leftover after parsing attributes in process `syz.0.199'. [ 122.375350][ T6674] tty tty11: ldisc open failed (-12), clearing slot 10 [ 122.387973][ T6699] ttyS ttyS3: ldisc open failed (-12), clearing slot 3 [ 122.397070][ T6701] ttyS ttyS3: ldisc open failed (-12), clearing slot 3 [ 123.890385][ T5836] Bluetooth: hci2: unexpected event 0x32 length: 10 > 9 [ 123.973495][ T6749] netlink: 338 bytes leftover after parsing attributes in process `syz.0.213'. [ 126.356220][ T6806] netlink: 338 bytes leftover after parsing attributes in process `syz.2.224'. [ 127.318923][ T5836] Bluetooth: hci3: unexpected event 0x32 length: 10 > 9 [ 128.318850][ T5836] Bluetooth: hci1: unexpected event 0x32 length: 10 > 9 [ 128.933601][ T6875] Process accounting resumed [ 129.698207][ T6882] FAULT_INJECTION: forcing a failure. [ 129.698207][ T6882] name failslab, interval 1, probability 0, space 0, times 0 [ 129.800793][ T6882] CPU: 0 UID: 0 PID: 6882 Comm: syz.1.242 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 129.800830][ T6882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 129.800843][ T6882] Call Trace: [ 129.800851][ T6882] [ 129.800861][ T6882] dump_stack_lvl+0x16c/0x1f0 [ 129.800900][ T6882] should_fail_ex+0x50a/0x650 [ 129.800927][ T6882] ? fs_reclaim_acquire+0xae/0x150 [ 129.800966][ T6882] should_failslab+0xc2/0x120 [ 129.800994][ T6882] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 129.801023][ T6882] ? security_file_alloc+0x34/0x2b0 [ 129.801054][ T6882] security_file_alloc+0x34/0x2b0 [ 129.801079][ T6882] init_file+0x93/0x480 [ 129.801109][ T6882] alloc_empty_file+0x91/0x1e0 [ 129.801140][ T6882] alloc_file_pseudo+0x13d/0x200 [ 129.801170][ T6882] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 129.801199][ T6882] ? alloc_fd+0x41f/0x760 [ 129.801221][ T6882] ? __pfx_lock_release+0x10/0x10 [ 129.801252][ T6882] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 129.801288][ T6882] __anon_inode_getfile+0x136/0x3c0 [ 129.801332][ T6882] ? _raw_spin_unlock+0x28/0x50 [ 129.801361][ T6882] ? __pfx___anon_inode_getfile+0x10/0x10 [ 129.801407][ T6882] do_eventfd+0x199/0x2f0 [ 129.801438][ T6882] __x64_sys_eventfd+0x32/0x50 [ 129.801466][ T6882] do_syscall_64+0xcd/0x250 [ 129.801503][ T6882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.801534][ T6882] RIP: 0033:0x7f4ef058cda9 [ 129.801553][ T6882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.801573][ T6882] RSP: 002b:00007f4ef13ac038 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 129.801595][ T6882] RAX: ffffffffffffffda RBX: 00007f4ef07a5fa0 RCX: 00007f4ef058cda9 [ 129.801611][ T6882] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000008c [ 129.801625][ T6882] RBP: 00007f4ef060e2a0 R08: 0000000000000000 R09: 0000000000000000 [ 129.801640][ T6882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.801654][ T6882] R13: 0000000000000000 R14: 00007f4ef07a5fa0 R15: 00007fffb47151c8 [ 129.801685][ T6882] [ 132.367907][ T6961] netlink: 4 bytes leftover after parsing attributes in process `syz.2.256'. [ 133.218340][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.224736][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.816409][ T6992] net_ratelimit: 62 callbacks suppressed [ 133.816431][ T6992] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 134.877797][ T5836] Bluetooth: hci1: unexpected event 0x32 length: 10 > 9 [ 135.682090][ T7022] netlink: 338 bytes leftover after parsing attributes in process `syz.2.273'. [ 137.012812][ T7048] FAULT_INJECTION: forcing a failure. [ 137.012812][ T7048] name failslab, interval 1, probability 0, space 0, times 0 [ 137.027332][ T7035] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 137.027738][ T7048] CPU: 1 UID: 0 PID: 7048 Comm: syz.3.278 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 137.027765][ T7048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 137.027777][ T7048] Call Trace: [ 137.027783][ T7048] [ 137.027790][ T7048] dump_stack_lvl+0x16c/0x1f0 [ 137.027825][ T7048] should_fail_ex+0x50a/0x650 [ 137.027857][ T7048] ? fs_reclaim_acquire+0xae/0x150 [ 137.027890][ T7048] ? s_start+0x7b/0x310 [ 137.027912][ T7048] should_failslab+0xc2/0x120 [ 137.027938][ T7048] __kmalloc_cache_noprof+0x68/0x420 [ 137.027960][ T7048] ? trace_kmalloc+0x2d/0xd0 [ 137.027987][ T7048] ? __kmalloc_node_noprof+0x23d/0x520 [ 137.028016][ T7048] s_start+0x7b/0x310 [ 137.028044][ T7048] traverse.part.0.constprop.0+0xac/0x640 [ 137.028086][ T7048] seq_read_iter+0x934/0x12b0 [ 137.028129][ T7048] seq_read+0x39f/0x4e0 [ 137.028159][ T7048] ? __pfx_seq_read+0x10/0x10 [ 137.028188][ T7048] ? iovec_from_user.part.0+0x7e/0x130 [ 137.028230][ T7048] ? rw_verify_area+0xcf/0x680 [ 137.028260][ T7048] ? __pfx_seq_read+0x10/0x10 [ 137.028289][ T7048] vfs_readv+0x6c2/0x8a0 [ 137.028317][ T7048] ? __pfx___lock_acquire+0x10/0x10 [ 137.028341][ T7048] ? find_held_lock+0x2d/0x110 [ 137.028377][ T7048] ? __pfx_vfs_readv+0x10/0x10 [ 137.028413][ T7048] ? __fget_files+0x1fc/0x3a0 [ 137.028434][ T7048] ? __pfx_lock_release+0x10/0x10 [ 137.028470][ T7048] ? __fget_files+0x206/0x3a0 [ 137.028498][ T7048] ? do_preadv+0x1b1/0x270 [ 137.028526][ T7048] do_preadv+0x1b1/0x270 [ 137.028557][ T7048] ? __pfx_do_preadv+0x10/0x10 [ 137.028593][ T7048] do_syscall_64+0xcd/0x250 [ 137.028623][ T7048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.028652][ T7048] RIP: 0033:0x7f0b6118cda9 [ 137.028668][ T7048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.028688][ T7048] RSP: 002b:00007f0b62008038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 137.028708][ T7048] RAX: ffffffffffffffda RBX: 00007f0b613a6080 RCX: 00007f0b6118cda9 [ 137.028722][ T7048] RDX: 0000000000000004 RSI: 0000000020000080 RDI: 0000000000000003 [ 137.028734][ T7048] RBP: 00007f0b62008090 R08: 0000000000000005 R09: 0000000000000000 [ 137.028746][ T7048] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 137.028758][ T7048] R13: 0000000000000000 R14: 00007f0b613a6080 R15: 00007ffe5795fc18 [ 137.028787][ T7048] [ 137.028797][ T7048] [ 137.036671][ T7035] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 137.043647][ T7048] ===================================== [ 137.043657][ T7048] WARNING: bad unlock balance detected! [ 137.043663][ T7048] 6.13.0-syzkaller-08291-g805ba04cb7cc #0 Not tainted [ 137.043673][ T7048] ------------------------------------- [ 137.043679][ T7048] syz.3.278/7048 is trying to release lock (event_mutex) at: [ 137.043699][ T7048] [] traverse.part.0.constprop.0+0x2bd/0x640 [ 137.314782][ T7048] but there are no more locks to release! [ 137.320488][ T7048] [ 137.320488][ T7048] other info that might help us debug this: [ 137.328534][ T7048] 1 lock held by syz.3.278/7048: [ 137.333458][ T7048] #0: ffff888033c89e80 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xd8/0x12b0 [ 137.342346][ T7048] [ 137.342346][ T7048] stack backtrace: [ 137.348220][ T7048] CPU: 1 UID: 0 PID: 7048 Comm: syz.3.278 Not tainted 6.13.0-syzkaller-08291-g805ba04cb7cc #0 [ 137.348240][ T7048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 137.348249][ T7048] Call Trace: [ 137.348255][ T7048] [ 137.348262][ T7048] dump_stack_lvl+0x116/0x1f0 [ 137.348290][ T7048] ? traverse.part.0.constprop.0+0x2bd/0x640 [ 137.348315][ T7048] print_unlock_imbalance_bug+0x1aa/0x1f0 [ 137.348336][ T7048] lock_release+0x525/0x6f0 [ 137.348355][ T7048] ? traverse.part.0.constprop.0+0x2bd/0x640 [ 137.348380][ T7048] ? __pfx_lock_release+0x10/0x10 [ 137.348399][ T7048] ? s_start+0x7b/0x310 [ 137.348417][ T7048] ? mark_held_locks+0x9f/0xe0 [ 137.348436][ T7048] ? dump_stack_lvl+0x185/0x1f0 [ 137.348457][ T7048] ? lockdep_hardirqs_on+0x7c/0x110 [ 137.348481][ T7048] __mutex_unlock_slowpath+0xa3/0x6a0 [ 137.348505][ T7048] ? rcu_is_watching+0x12/0xc0 [ 137.348529][ T7048] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 137.348553][ T7048] ? __kmalloc_cache_noprof+0x261/0x420 [ 137.348571][ T7048] ? rcu_is_watching+0x12/0xc0 [ 137.348594][ T7048] ? kfree+0x260/0x4d0 [ 137.348609][ T7048] ? s_start+0x27d/0x310 [ 137.348628][ T7048] traverse.part.0.constprop.0+0x2bd/0x640 [ 137.348657][ T7048] seq_read_iter+0x934/0x12b0 [ 137.348685][ T7048] seq_read+0x39f/0x4e0 [ 137.348708][ T7048] ? __pfx_seq_read+0x10/0x10 [ 137.348731][ T7048] ? iovec_from_user.part.0+0x7e/0x130 [ 137.348758][ T7048] ? rw_verify_area+0xcf/0x680 [ 137.348783][ T7048] ? __pfx_seq_read+0x10/0x10 [ 137.348812][ T7048] vfs_readv+0x6c2/0x8a0 [ 137.348835][ T7048] ? __pfx___lock_acquire+0x10/0x10 [ 137.348854][ T7048] ? find_held_lock+0x2d/0x110 [ 137.348880][ T7048] ? __pfx_vfs_readv+0x10/0x10 [ 137.348906][ T7048] ? __fget_files+0x1fc/0x3a0 [ 137.348923][ T7048] ? __pfx_lock_release+0x10/0x10 [ 137.348946][ T7048] ? __fget_files+0x206/0x3a0 [ 137.348964][ T7048] ? do_preadv+0x1b1/0x270 [ 137.348987][ T7048] do_preadv+0x1b1/0x270 [ 137.349012][ T7048] ? __pfx_do_preadv+0x10/0x10 [ 137.349039][ T7048] do_syscall_64+0xcd/0x250 [ 137.349063][ T7048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.349087][ T7048] RIP: 0033:0x7f0b6118cda9 [ 137.349102][ T7048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.349118][ T7048] RSP: 002b:00007f0b62008038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 137.349134][ T7048] RAX: ffffffffffffffda RBX: 00007f0b613a6080 RCX: 00007f0b6118cda9 [ 137.349145][ T7048] RDX: 0000000000000004 RSI: 0000000020000080 RDI: 0000000000000003 [ 137.349155][ T7048] RBP: 00007f0b62008090 R08: 0000000000000005 R09: 0000000000000000 [ 137.349166][ T7048] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001 [ 137.349176][ T7048] R13: 0000000000000000 R14: 00007f0b613a6080 R15: 00007ffe5795fc18 [ 137.349191][ T7048] [ 137.646228][ T7035] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 137.654233][ T7035] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 137.661172][ T7035] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 137.669936][ T7035] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 137.678910][ T7035] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 137.684863][ T7035] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 137.714712][ T7035] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 137.741043][ T7035] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 137.747056][ T7035] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 137.761946][ T7035] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 138.647776][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 139.687720][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 139.687747][ T5836] Bluetooth: hci0: command 0x0c1a tx timeout [ 139.767812][ T5836] Bluetooth: hci3: command 0x0c1a tx timeout [ 140.727787][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 141.767763][ T5836] Bluetooth: hci2: command 0x0c1a tx timeout [ 141.773834][ T5836] Bluetooth: hci0: command 0x0c1a tx timeout [ 141.847835][ T5836] Bluetooth: hci3: command 0x0c1a tx timeout [ 142.808485][ T5836] Bluetooth: hci1: command 0x0c1a tx timeout [ 143.857784][ T5836] Bluetooth: hci0: command 0x0c1a tx timeout [ 143.857797][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 143.937811][ T5836] Bluetooth: hci3: command 0x0c1a tx timeout