last executing test programs:

3m27.606264457s ago: executing program 3 (id=547):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000046c0)='/dev/adsp1\x00', 0x20000, 0x0) (async)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000046c0)='/dev/adsp1\x00', 0x20000, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
listmount$auto(0x0, 0x0, 0x0, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000)
socket(0x2, 0x3, 0x100) (async)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0) (async)
socket(0x10, 0x2, 0x0)
bpf$auto(0x5, 0x0, 0x1000)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x5}, 0x3) (async)
readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x5}, 0x3)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="00000000c920c5d32c2d9feb6ba240b1daabe0fba5d56114dac6a3a471c46cd57c94e8b7d7349b38261110de8bab0aad059dbef9d76d39810a967aa6e5dd554721d485cffb9a97e27d65200a9d67", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000100030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0400050000000000000000000a000100000000000000000000000500ffffffffffff0000000006000f00000000000700070000000800040073090000"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x4040090)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x8)
ioctl$auto_SNDCTL_DSP_GETOPTR(r0, 0x800c5012, &(0x7f0000004700))

3m27.306536855s ago: executing program 3 (id=550):
open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
userfaultfd$auto(0x1)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = socket(0xa, 0x801, 0x84)
socket(0xa, 0x3, 0x73)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x84)
io_uring_setup$auto(0x6, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
socket(0xa, 0x2, 0x3a)
io_uring_setup$auto(0x6, 0x0)
r1 = socket(0xa, 0x2, 0x88)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=r0, 0x4, @old_prog_fd=r1}, 0xa3)
bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x9, @prog_cnt=0x4, 0x0, 0x8, 0xc, 0xb, 0x5}, 0x7)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = socketcall$auto_SYS_ACCEPT4(0x12, &(0x7f0000000000)=0x4)
write$auto_mousedev_fops_mousedev(r2, &(0x7f0000000100)="d4a3ed267570d62ca6088bc9b261ef54ff0f6d90d315c1dc8a78ef37bc8999abcf7c26cd26fe7aa5df7cc45b86394e09041ac086c38ed57f25f073f610d213bb577c0d3d52d5bb30183e91f8426491eda47beb15be954d267d21c5fae48e3b9e61dbbe5999a86fef9d4c3e38a9e425e888697016ec9c5a7f0f93512c075e9f951abe0a335ee5d876b6f1df280b0182ec4008d8b0f624b2bc48862dac0f5b3fcf", 0xa0)
r3 = socket(0x2, 0x1, 0x0)
getrandom$auto(&(0x7f00000001c0)='\'}}+)/\\(\'\x00', 0x10, 0x4cdc)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$auto(r3, 0x0, 0x61, 0x0, &(0x7f00000000c0)=0x28)

3m26.426157268s ago: executing program 3 (id=551):
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4)
ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
shmctl$auto(0x0, 0xd, 0x0)
getrandom$auto(0x0, 0xe06, 0x3)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
mmap$auto(0x1, 0x202000b, 0x3, 0xeb1, r0, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
setreuid$auto(0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000480)=""/4096, 0x1000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = socket(0x15, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
sendmsg$auto(r1, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
writev$auto(0x1, 0x0, 0x1)
readahead$auto(0xffffffffffffffff, 0x6, 0x2)
r2 = socket(0x23, 0x5, 0x0)
listen$auto(r2, 0x5ed)
unshare$auto(0x40000080)
r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95)
read$auto(r3, 0x0, 0x1)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0)
write$auto(r4, 0x0, 0x6)
socket(0x2, 0x1, 0x0)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x9c, 0xf4, 0xb0, @raw=0x89de}})

3m25.377778122s ago: executing program 3 (id=555):
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x842, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)=""/64, 0x40)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x8, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x9, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x9})
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video0\x00', 0x0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffd]}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto_UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000100)={0xffffffffffffffff, 0x6, 0x7, 0x100000000})
ioctl$auto_I2C_FUNCS(0xffffffffffffffff, 0x705, 0x0)
ioctl$auto_UI_BEGIN_FF_ERASE(r2, 0xc00c55ca, &(0x7f0000000340)={0x2000c, 0x5, 0x5})
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
write$auto(0xffffffffffffffff, &(0x7f0000000140)='0[.[\x00', 0xcd04)
sysfs$auto(0x2, 0x101000000000007, 0x0)
keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803)
r3 = bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3)
mmap$auto(0x0, 0x20009, 0x20004000010000df, 0xeb2, r3, 0x8000)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d)
sendfile$auto(0x6, 0x3, 0x0, 0xfdef)
io_setup$auto(0x80002, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(0xffffffffffffffff, 0x40084149, &(0x7f0000001080)=0x7)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x500, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)

3m24.355181713s ago: executing program 3 (id=558):
mmap$auto(0x0, 0x20009, 0xdf, 0x18, 0x200000000000404, 0x0)
mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000)
r0 = open(0x0, 0x121342, 0x121)
newfstatat$auto(r0, 0x0, 0x0, 0x1000)
r1 = socket(0x2b, 0x1, 0x1)
ioctl$auto(r1, 0x8901, 0x4)
sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x24004054)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mlockall$auto(0x7)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2)
gettid()
r2 = socket(0x2, 0x1, 0x0)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x7fff, 0x4}, 0x80000b}, 0x5, 0x20000000)
r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sg0\x00', 0x141000, 0x0)
bpf$auto(0x40, &(0x7f00000000c0)=@bpf_attr_0={0x0, 0x6, 0x8, 0x4, 0x800, 0xffffffffffffffff, 0x13, "f0f59673e700", 0x0, r3, 0xfffff588, 0x9, 0x2, 0x100000000000200}, 0x7f)
ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r3, 0x1, &(0x7f00000000c0))
rt_sigqueueinfo$auto(0x1, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x0, 0x5, 0xfffffffb, @_sigpoll={0x52, 0x7}}})
r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0)
write$auto_sg_fops_sg(r4, &(0x7f00000001c0)="bf5b1a8c24000000dbcbc7a996eea7f3804ca6c7591afff6578d2f5f520f687f316ba7327b581cd8d58309037c0ae2c71a", 0x31)
r5 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x123000, 0x0)
ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(r5, 0x80085502, &(0x7f00000001c0)=ANY=[@ANYBLOB="1000000000040200"])
ioctl$auto(r2, 0xffff, 0xffffffffffffffff)
prctl$auto_PR_GET_SHADOW_STACK_STATUS(0x4a, 0xff, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$auto_nl80211(0x0, r2)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8)

3m22.990478775s ago: executing program 3 (id=563):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/format\x00', 0x42, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000140), r0)
sendmsg$auto_ILA_CMD_DEL(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x92dd7d509f0d04c4}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="10002cbd7000fbdbdf0003000000"], 0x14}, 0x1, 0x0, 0x0, 0x8005}, 0x4000040)
r3 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0)
ioctl$auto_OSS_ALSAEMULVER(r3, 0x80044df9, &(0x7f0000000100))
r4 = socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000040)=0x200)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="090329bde1c3e400049029"], 0x14}, 0x1, 0x0, 0x0, 0x24008800}, 0x20044840)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xae41, 0x38)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0x4138ae84, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_TIOCSETD2(r4, 0x5423, &(0x7f0000000080)="14d65edabbf7eb3aa416cb3c1e7ff47607ec2996a7abf8dba5509ee949643a759b11d4a108")
keyctl$auto_KEYCTL_LINK(0x8, 0x1ff, 0xffffffff, 0x2e, 0x4)
mbind$auto(0x5, 0xfffffffffffffffc, 0x9, &(0x7f00000000c0)=0x4d5c, 0x10, 0x9)

3m22.307935547s ago: executing program 32 (id=563):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/events/vmalloc/purge_vmap_area_lazy/format\x00', 0x42, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000140), r0)
sendmsg$auto_ILA_CMD_DEL(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x92dd7d509f0d04c4}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="10002cbd7000fbdbdf0003000000"], 0x14}, 0x1, 0x0, 0x0, 0x8005}, 0x4000040)
r3 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x180, 0x0)
ioctl$auto_OSS_ALSAEMULVER(r3, 0x80044df9, &(0x7f0000000100))
r4 = socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000040)=0x200)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="090329bde1c3e400049029"], 0x14}, 0x1, 0x0, 0x0, 0x24008800}, 0x20044840)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0)
ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$auto(0x3, 0xae60, 0x10000000000402)
ioctl$auto(0x3, 0xae41, 0x38)
ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0x4138ae84, 0x0)
close_range$auto(0x2, 0x8, 0x0)
ioctl$auto_TIOCSETD2(r4, 0x5423, &(0x7f0000000080)="14d65edabbf7eb3aa416cb3c1e7ff47607ec2996a7abf8dba5509ee949643a759b11d4a108")
keyctl$auto_KEYCTL_LINK(0x8, 0x1ff, 0xffffffff, 0x2e, 0x4)
mbind$auto(0x5, 0xfffffffffffffffc, 0x9, &(0x7f00000000c0)=0x4d5c, 0x10, 0x9)

8.088552802s ago: executing program 0 (id=1247):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x2a, 0x1, 0x100)
ioperm$auto(0x7, 0x5ad2, 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd1\x00', 0x40, 0x0)
mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000)
openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000c40)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0)
write$auto(0x3, 0x0, 0xffd8)
unshare$auto(0x40000080)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0xfffffc7d, 0xffffffff, 0x9}, 0x8000, 0x0, 0x6)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x3, 0x411, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mincore$auto(0x1000, 0x8001, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x200, 0x1)
open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0)
fcntl$auto(0x8000000000000001, 0x26, 0x8)

7.64307236s ago: executing program 4 (id=1250):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.13/usbmon/usbmon35/uevent\x00', 0x604040, 0x0)
getrlimit$auto(0xffff, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) (async)
r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x43eb00, 0x0)
select$auto(0x7, 0x0, 0x0, &(0x7f0000000080)={[0x1ff, 0x7, 0x0, 0xffffffffffffffc8, 0x2, 0x5d2, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x39f, 0x6d40, 0x3, 0x2, 0xfffffffffffffffe]}, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
socket(0x2b, 0x1, 0x1) (async)
setsockopt$auto(r1, 0x5, 0x1, 0x0, 0x21)
write$auto(r2, &(0x7f0000000240)='/dev/audio1\x00', 0x100000a3d6) (async)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x3, 0xc461, 0x80, 0x7, 0x622083ef, 0x2, 0x0, 0x3, 0x62, 0x80000022, 0x3, 0x6d3e, 0x10001, 0x2, 0x6]}, 0x0) (async)
mmap$auto(0x0, 0x2, 0xdf, 0x14, 0x0, 0x8000) (async)
ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) (async)
ioctl$auto(r2, 0x5522, r0)
ioctl$auto(r3, 0x5523, r3) (async)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/039/001\x00', 0x0, 0x0) (async)
writev$auto(0x3, &(0x7f0000000000)={0x0, 0x1}, 0xa) (async)
socket(0xa, 0x5, 0x94) (async)
mmap$auto(0xfffffffffffffffe, 0x40, 0xdf, 0x9b72, 0x2, 0x8009) (async)
io_uring_setup$auto(0x6, 0x0) (async)
ioctl$auto_USBDEVFS_DISCSIGNAL(r2, 0x8010550e, &(0x7f0000000040)={0x7, &(0x7f0000000440)="4da7cb3eea24f2f0249732a686a3fb7bcedb68bcbd4effc395251e9208da4511f08a562c55e57d550cd79cfefd8358c37e788769e2e3eb4af0a162e8bc6d660b1597c57cf01eea17b1f549c0e25deaa614a49429ecd111c4d1682686b6e9c81260d666a70ec07e9b98b7ee0f150e04cf88abc6341728890661644e6e0629a8ae977f92951896e8e3622b4dc177dd05a6df83e76f5aa0ed06f117ab8365cf9622b7e34aac61f1a73ca54a640fc71ee858a77d7e7ad629a585b4c1806bb0ccc2aa9b47a654c73cb39653aecec8081042710bd9ab61551c47b0e608bcae31948f43828b92e9"}) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
getpgrp(0x0) (async)
timerfd_create$auto(0x0, 0xe80a) (async)
sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4)

7.212055448s ago: executing program 4 (id=1251):
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="10002cbd7000fadbdf250a00000a00000200252f00e2a85c41e75a02715b2d0000005cdcdf28fffe65c31770799fdab838aaf6712a82e628c9e6429a4a38320b2d692863927bd744b4f7b409b29862d3257675d4fd09d74a831929"], 0x51}, 0x1, 0x0, 0x0, 0x24050803}, 0x10004010) (async)
ioperm$auto(0x3b, 0xf99b, 0x6) (async)
close_range$auto(0x0, 0xffffffffffffefff, 0x4000000000002) (async)
fanotify_init$auto(0x5, 0x2) (async)
open(&(0x7f0000000000)='./file0\x00', 0x7ffd, 0x10c) (async)
pwritev$auto(0x1, 0x0, 0x0, 0x9, 0x2)
sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="000326bd7000fcdbdf2503000000790008805b4f2525b2dc3a73ec37e7122e6f0d55382854d419b883b7ed64bd3c7b9fb15273e787030718751e0a22cc6cabcae114aa6448d0356183e1ca7c01536c5c6f37915b26a3e75515ab02807fe932b8a415a581dcdc7800f91e231c001d800400d3800c002000f3000000002b3c0c7e9b52baf56fe40000000008008c00ac1414aa000000700002806a00e400addd3588300c750bd8c6341eedf20d260a37a63d761fd730c00d02e9ba0a478e7a2f6629a6ad62011d9ab5dc40c92828"], 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x42) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x10, 0x2, 0x15)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) (async)
r0 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm1c/sub2/xrun_injection\x00', 0x2, 0x0) (async)
r1 = socket(0x29, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8955, &(0x7f0000000bc0)={'vxcan1\x00'}) (async)
sysfs$auto(0x2, 0x4, 0x4) (async)
read$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x0) (async)
mincore$auto(0x1000, 0x8001, 0x0) (async)
r2 = io_uring_setup$auto(0x2, 0x0)
io_uring_enter$auto(r2, 0x2, 0xfffffff2, 0x7, 0x0, 0x1000000000000002) (async)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) (async)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000180)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)

6.683764383s ago: executing program 0 (id=1253):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/module/psmouse/parameters/proto\x00', 0x20a42, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000003080)=""/4084, 0xff4)
mmap$auto(0x4f87, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
socket(0x18, 0x4, 0x2)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/nr11/tx_queue_len\x00', 0x2000, 0x0)
read$auto(r1, 0x0, 0x20)
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
mmap$auto(0x0, 0x2020009, 0x100, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x2004fdf)
r3 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x902, 0x0)
ioctl$auto_RTC_UIE_ON(r3, 0x7003, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x3, 0x6, 0x0, 0x200000000000001, 0x368e, 0x2, {0x100000000, 0x4}, 0xff, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x8000000c, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
r5 = socket(0x2c, 0x2, 0x6)
ustat$auto(0x801, 0x0)
r6 = socket(0x11, 0xa, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
bpf$auto(0x0, 0x0, 0x6f4)
sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
r7 = open(&(0x7f00000000c0)='./cgroup\x00', 0x1c1c00, 0xb5d1af1605322dd2)
open_by_handle_at$auto(r7, &(0x7f0000001280)={0x8, 0x0, "0200000000000000"}, 0x8)
listmount$auto(&(0x7f0000000040)={0x200, @inferred=r5, 0x27f, 0x81, 0xfffffffffffffff8}, &(0x7f0000000140)=0x200, 0x401, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
write$auto(r6, &(0x7f0000000180)='*o\xd3\xa49\xaf\xa9\xe4\xe17<\x7fbK\xf5\xe9\xbf\xf0\x0f\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xe0p \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf6\xc6\a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1f\xff\x99gP\x9e\x88\x97]\x93\xf4\xdd<\xe7p\x0e\xd4C\xdc\xc4\v\xafz\x04\x81\xa3\xb2\xbb\xa4\xf7\x8b\x1a\xe3\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\b\x00\x00\x00\xf7\xd8\x83\xc9\xd7\x8c', 0x4)

6.551971222s ago: executing program 4 (id=1254):
mknod$auto(0x0, 0xcb, 0xfffffffa)
execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000) (async)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4096, 0x1000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) (async)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = open(0x0, 0x22240, 0x154)
fcntl$auto(0x3, 0x400, 0x9ec0000000000000)
r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r4=>0x0})
connect$auto(0x3, &(0x7f00000000c0)=@can={0x1d, r4}, 0x18) (async)
connect$auto(0x3, &(0x7f00000000c0)=@can={0x1d, r4}, 0x18)
sendmsg$auto_NETDEV_CMD_DEV_GET(r2, &(0x7f0000001180)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000001140)={&(0x7f0000001100)={0x2c, 0x0, 0x10, 0x70bd27, 0x25dfdbfb, {}, [@NETDEV_A_DEV_IFINDEX={0x8}, @NETDEV_A_DEV_IFINDEX={0x8}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x81)
socket(0xa, 0x1, 0x84) (async)
r5 = socket(0xa, 0x1, 0x84)
close_range$auto(0x2, 0x8, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
r6 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4, @loopback}, 0x6a) (async)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4, @loopback}, 0x6a)
sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
getsockopt$auto(r5, 0x84, 0x76, 0x0, 0x0)
timer_settime$auto(0x0, 0x8, 0x0, &(0x7f0000000100)={{0xa01, 0x4}, {0x9000, 0x7ff}})
pread64$auto(0xffffffffffffffff, 0x0, 0x8, 0xffff) (async)
pread64$auto(0xffffffffffffffff, 0x0, 0x8, 0xffff)
sendfile$auto(r3, r3, 0x0, 0x10000800000003) (async)
sendfile$auto(r3, r3, 0x0, 0x10000800000003)

6.189092792s ago: executing program 4 (id=1256):
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
unshare$auto(0x40000080)
socket(0xa, 0x1, 0x84)
r0 = socket(0x2, 0x801, 0x106)
close_range$auto(0x2, 0x8, 0x0)
fanotify_init$auto(0x5, 0x2000000000002)
socket(0x2, 0x801, 0x100)
setsockopt$auto(r0, 0x6, 0x1f, 0x0, 0xa1)
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
shmdt$auto(0x0)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket(0x2, 0x1, 0x106)
r1 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x1a3041, 0x0)
r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0)
ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r2, 0x5509, 0x0)
unshare$auto(0x40000080)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_MACSEC_CMD_UPD_RXSA(r3, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c0003"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044)
openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket(0x28, 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4460, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x7fffffff, 0x7, 0x0, 0x9, 0x2]}, 0x0)
close_range$auto(0x2, 0x8, 0x0)
listen$auto(0x3, 0x81)
bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x9, 0x8, 0xc, r1, 0x4, 0x7ff}, 0xee)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)

5.932311537s ago: executing program 0 (id=1258):
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) (async)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10) (async)
socket(0x3, 0x3, 0xa02) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async)
ioctl$auto_MTDFILEMODE(0xffffffffffffffff, 0x4d13, 0x0) (async)
r0 = getsockopt$auto(0x6, 0x107, 0x11, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x4)
mmap$auto(0x10000000000000, 0x2020009, 0x3, 0xeb1, r0, 0x8000) (async)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x200400, 0x0) (async)
mq_open$auto(0x0, 0x7e, 0x9, 0x0) (async)
ppoll$auto(&(0x7f0000000000)={r0, 0x81, 0xa980}, 0x9, 0x0, 0x0, 0x8)
socketpair$auto(0xf, 0x7fff, 0x802, &(0x7f0000000180)=0x8)
readv$auto(0x0, &(0x7f0000000080)={&(0x7f0000000040), 0x6}, 0x7ff) (async)
mmap$auto(0x0, 0x20006, 0x4000000000de, 0x10010, 0xffffffffffffffff, 0x8001) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) (async)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/irq/11/hwirq\x00', 0x28000, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000b40)=""/4096, 0x1000)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/004/001\x00', 0x42, 0x0)
ioctl$auto_USBDEVFS_SETINTERFACE(r2, 0x80085504, &(0x7f0000000040)={0x1ff, 0x7fff})
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/exec\x00', 0x68000, 0x0) (async)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/power/autosuspend\x00', 0x420942, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xef1, 0xfffffffffffffffa, 0x3)
socket(0x11, 0x80003, 0x300) (async)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
setsockopt$auto(0x3, 0x1, 0x28, 0x0, 0x808) (async)
read$auto(0x3, 0x0, 0x80) (async)
syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioperm$auto(0x65, 0x0, 0x5)

4.727963094s ago: executing program 0 (id=1262):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x8)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) (async)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async)
socket(0x1e, 0x1, 0x0) (async)
setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) (async)
r1 = getpid() (async)
setsockopt$auto(0x3, 0x6a, 0x7, 0xffffffffffffffff, 0x3) (async)
mmap$auto(0xfffffffffffffffc, 0x400005, 0xe3, 0x18, 0x2, 0x1) (async)
close_range$auto(0x2, 0x8, 0x4)
io_uring_setup$auto(0x6, 0x0) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080) (async)
r2 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_PVERSION(r2, 0x80044100, &(0x7f0000000040)=0xfffffffe) (async)
socket(0x11, 0xa, 0x300)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) (async)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) (async)
mincore$auto(0x1000, 0x8001, 0x0) (async)
openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x101402, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) (async)
ioctl$auto(0x3, 0x400454ca, 0x38)
socket$nl_generic(0x10, 0x3, 0x10)

4.53109366s ago: executing program 2 (id=1263):
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}})
madvise$auto(0x6, 0xe, 0x5)
open(0x0, 0x22240, 0x154)
connect$auto(0x3, 0x0, 0x55)
mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0)
pread64$auto(r0, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$auto_UDMABUF_CREATE_LIST(0xffffffffffffffff, 0x40087543, &(0x7f0000000100)={0x5eea, 0x7, [{r1, 0x0, 0x4, 0x6}]})
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="13a18aba4f9d7ee310049c300bfea4e461ba8ac57ed112bdd1e6cb21fa49d85e45cbb554118f05417486183a6955f0173e963f9b6b", @ANYRES16=r3, @ANYBLOB="01002cbd7000fedbdf250400000004001d0004000e00"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
clock_nanosleep$auto(0x5, 0x1ff, &(0x7f0000000000)={0x7, 0x8}, &(0x7f0000000040)={0x7, 0x7})
getsockopt$auto(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
syz_genetlink_get_family_id$auto_ioam6(0x0, 0xffffffffffffffff)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$auto_SO_INCOMING_NAPI_ID(r1, 0x1, 0x38, &(0x7f0000000000)='/dev/kvm\x00', 0x0)

4.01408313s ago: executing program 1 (id=1264):
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
select$auto(0x5, &(0x7f0000000080)={[0x50, 0x0, 0x5, 0x4, 0x7, 0x5, 0x6, 0x7, 0x9, 0x4, 0x9, 0x8000, 0xff, 0x51f, 0x8, 0x800]}, 0x0, 0x0, 0x0)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
select$auto(0x5, &(0x7f0000000080)={[0x50, 0x0, 0x5, 0x4, 0x7, 0x5, 0x6, 0x7, 0x9, 0x4, 0x9, 0x8000, 0xff, 0x51f, 0x8, 0x800]}, 0x0, 0x0, 0x0) (async)

3.848122764s ago: executing program 1 (id=1265):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x1000001, 0x4020009, 0x100000000, 0xebf, r0, 0x2)
close_range$auto(0x2, 0x8, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x11, 0x67, 0x0, 0x8)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140), 0x55)
socket(0x10, 0x2, 0x0)
socket(0x10, 0x2, 0x4)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
sendmsg$auto_BATADV_CMD_GET_HARDIF(r0, 0x0, 0x4008000)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/bpq1/operstate\x00', 0x22040, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/156, 0x9c)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/fs/ocfs2/dlm_recover_callback_support\x00', 0x880080, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/numa_zonelist_order\x00', 0x2c2, 0x0)
sendfile$auto(r2, r2, &(0x7f0000000000)=0x4, 0x3)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0xa40, 0x0)
mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/smbd_keep_alive_interval\x00', 0xaa102, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
bpf$auto(0x5, &(0x7f0000001080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa)

3.846601946s ago: executing program 0 (id=1266):
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
capget$auto(&(0x7f0000000000)={0x19980330}, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff)
mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
epoll_ctl$auto(0x5, 0x1, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x80)
r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/0000:00:03.0/rescan\x00', 0xa901, 0x0)
write$auto(r2, &(0x7f0000000440)='7\x00\xf6\xf0\xef\xe4s\x95\xf2\x00\x97S\xb9O\xac\xbe\xd6\\J<\x02YK\xd6M\xe6\xe7\xa0\xb8\xc3[\x01\xc5\xe8|\xb0\xb0\x80\xbf\xa5?=i\x88UB\x1d\x8e\xd3\xc2\x949\xb6\xfb\x006\x02\x9c\x83\x14\x13\x99\xc7\xb4)M\xed\tN $\xd4\x90^?J\x92\x9a?\xf8b\x03\xd8\xdd\x84\xdf\x92\xf0\xcd\xd8\xbap\x15\x80\x9eo,\xc8\xf2\x82\xd2\x88\xbeL\xa0\x9b\x86_\xf0?\f<\xf3t7\xb6\x0f\x93\xc79@\xd8x\x9e\xef!\x006\b\xdbWB\x84\xdd\xac\xdau\x86g\x8f\x02@O7\x0f\xf8\x8d(\x9c\xf2NyD\x7f3\x14\x9eg\x86%)\xd6\b\xcd\x1f\x03\x00:\xa6\x83\'\xf4\xf2\x9dd\xf4z\x89\xc5D\xc4\x02\\\x81\xcf\x02Ep\xf6`\xde*\x1dV\x94R+\x94s\x84\xa4\xd4M\xa9\xea\\Vt\xde\xedS\xf8?\x91\xef\xb3 4^\xc9DO\x88Er\xb5\x82b\x8f\xfcd\xe3\x81\xf6\xe4\x16\xe1\x15\xaf\xf2q\xc41\xf5-\xcc\xcfj\x94\xce\xc2>\t=\xe5\"a\xde\x18\xd8\xe8', 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000500)={'gretap0\x00'})
socket(0xa, 0x23af690fef30229, 0x9)
sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x140080e4)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0xe056, 0x1, 0x44f, 0x807, 0x4, 0x7181, 0x1ffdc, 0x7, 0x3, 0x3, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x5, 0x8, 0x10006, 0x4000083, 0x7, 0x0, 0xe, 0x22000, 0x1fd, 0x1000002, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x47a, 0x5, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x1fa, 0xd)
r5 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0)
sendmsg$auto_NLBL_UNLABEL_C_ACCEPT(0xffffffffffffffff, &(0x7f0000000680)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000000bade8811d172e2aa458ee9852b27d7d044be31fdb5db804", @ANYRES16=0x0, @ANYBLOB="000429bd7000fedbdf2501000000"], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4)
ioctl$auto__ctl_fops_dm_ioctl(r5, 0xfffffff7effffd05, &(0x7f00000001c0))

3.248666083s ago: executing program 4 (id=1267):
r0 = openat$auto_ext4_dir_operations_ext4(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/bluetooth/hci7/power\x00', 0x2102, 0x0)
fallocate$auto(r0, 0x40, 0x5, 0xa)
setresuid$auto(0xffffffffffffffff, 0xeffffffeffffffff, 0xd2)
r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/schedstat\x00', 0x2, 0x0)
socket(0xa, 0x1, 0x84)
mmap$auto(0x100, 0x5, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000)
semctl$auto(0x2, 0x5, 0x13, 0x9)
setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20)
read$auto_proc_single_file_operations_base(r1, &(0x7f0000000040)=""/228, 0xe4)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001100)='/proc/bus/pci/00/03.0\x00', 0xa0581, 0x0)
write$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000001140)="8cbdca", 0x3)
writev$auto(r2, &(0x7f0000001d40)={0x0, 0x2}, 0x6)
r3 = pidfd_open$auto(0x1, 0x0)
fcntl$auto_F_SETFD(r3, 0x2, 0x0)
timerfd_settime$auto(r1, 0x100, &(0x7f0000000000)={{0x6, 0x3}, {0x5, 0x58}}, &(0x7f0000000040)={{0x53bc06cd, 0xe}, {0x8000000000000000, 0xffffffffffffffff}})

3.134153582s ago: executing program 4 (id=1268):
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x40040, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
recvfrom$auto(r0, &(0x7f0000000440)="fb14500936043b01fbab95d09b54f3681d630da50b51687ab87b8e9b5abc2f7caedf7a6cf2a0c4ef8edaa9595397fcb34ec1d46a93b778f96717c7f1325a0b2744e2059b32a4c9be6d0852d25a9aaad3ca8f244506fd4e575d31e9e263ad40293baedee529c8a54e8349b58dd5cfdebc113fb494778f0bb13bbf18d5a3c2a30098decae4c394ec08ca1a", 0x5, 0x3, &(0x7f0000000040)=@in={0x2, 0x4e20, @multicast2}, &(0x7f00000000c0)=0x10000)
read$auto(0x3, 0x0, 0x7)
fallocate$auto(0xffffffffffffffff, 0x40, 0x80000000000010, 0xdbd60)
write$auto(0xffffffffffffffff, 0x0, 0x2)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x200007, 0x19)
lsm_set_self_attr$auto(0x3, 0xfffffffffffffffc, 0x1f, 0x8000000000000000)
write$auto(0xffffffffffffffff, &(0x7f0000000900)='j\xa2\xb1\n\xb4\xd3\x00\x00\x00\x00\x8e\xc4\x97\x8a\x10\xd5<\xa7J\xb1\x00$\xd6\xfd\xca}\xa3\v\xfc7\x93S8\x02\x88pmh\x14\x86p\x04\\8\xe1|\xa8s\xa7\xdbLq\x0e\xdb\xa7\xb3\x94R\xb3D0\xf1Uf\a\x9f4\xb0\x957\xa6\xcd\xeb\x87^I\xf4\x0f\x18\x80h\xaau\x94\x1c\xd1\xb1c\xafZ\xb1\xf3\v\xd5\x1f\x14\x8c\x1bi\x90\xc8[\xecE\xfdwm\xb6\xf1Wj\xab\xfcIU\xce9\b\xcc\xfc&G*\xe5\x96\x91x\x93}$\x813*\xd4\x16\'w\xad<\xf6\xb1\xd2\xe5\xc3\x19\xfb\x15\xd5U\x80BL\xd8\x19\'\x19\b8\x96\xfb\x9f\xf9y\xf0:\xa18\xd8s\xf6~\x86\x84\xd6\xc1\xdaGo\xcc\xe1\xedq\x06\xb8\xb5\xaf4\xa3\xf5\xf0\xd1\xc13F\xfa.\xf0\"\x12\xe4\x1a\xed\xb7\xaeC\xceDwn\xc5C3v&%\xe0\xe7\xc6\x89\xbb\nH\x0fF\xdc\x03\xba\x18Y\x9d\x7f\xc8B\xfai\x8f]\xcf\x11F\xcb4\x90\x84\n\xea\xd0\x1d0\xb5\xcc\x1f\xf8\xf7\xbb\xf6\xb0\xc3D\xffb\xdchM\xeaq`\xc3\x9bfw\x9d|m0:\xd3\xb3$\xabJ\x84b\x1d\x12\xd0\xf7{\x19\x1cu\x94\x85\xd7\xf7\x88\x8a\xb1\x1c\xc3\x8d\x85.\xb3\xebE\xc2\xa5\r\xf7l\xdd~\xfe\a\xd5K\xb0\v}_\x92s\x9a\x06\x06\xa9I\x86\xc4\xdc\x83\x03\r\x93HXz4\xed\xa5\xd2f3E\xc6\xb7)\x1d\xb2^\x8a\x0e\x1bv\x10\xeffv\x95|\xfb+|\b\xf5\xf4\"t\xd5\xf3%\xb0\x12Y\xa4\xbf\xf8\xb8\xeaF\x91\x96\x9dO`\xf0Pv\xb9\xeb\xf7\xc6\xd7\n\x90B\xe9\f\x8c)\x83iYy\xf3\n\xd7\xbb\x19\xe9~\xbc\x8f\xf4\xda\xcc\xfe6nu\xb8\x82l\x1djc\xe9\xce\"\x1a\x19:G\xa3\xb5\xd34\xe3\xf9>\x91*\xb4\xd7M\xa7\xd3\x19\xed\xf3\xbb\xd8\xb6_\xdb\xec\xacM\xb1\xfc\xcd^\xd1\x18\xf6\t\x12\xdd\n\x16VT\xedT\xa2J\xa4\xe4{\x12\x8df\xed\xd9Q.\xd7\x03+?\r\x98J\x9a\x13\x17\x9c1\xe6\xf7\xaf\x99k&\x96w\xa5\x0e \x01\xe5\xeb\x92\xe2\xd5\xc0\x88D\x06tE\xeb~q>T\x0f\xfa\x1e\xea\xb9H\x1a\xf9VHW;D\xc0\x98\ncs\xbf\xe48*\x8b\ry\x9di\xb2=\xeaI\xd6\xec\xd9\xf6\x15\xf9\x02R\xd0\xaeb\xe0\xab\x01\xb6R\xbc\x88\x13r:\x9a\x99\xc0\x81\x01\xd7\xe2\xcd\xe5\x1f9+\xd2hOp\x95\xf0\x18x\xda{\xbe\x82\xa7\xc1\xbdZ\xc1\xa2o\xae\x13w\xd6\xe3\xfe\x91\x81\x9c\xbb\x9d\x9a\x10\xf9\xd7\xcc\'\xdc\xbf\x1b\xd0\x14F\x19\x86\x9b\xeb\xce\xba\xe4*\x8a\x11\x1b=\xa6\x89Y\x1b\xa2\xde\xac\x0e[N\xb4\xd7x!\x95\xbb%\xb3o\x00\xc3\x9f\xaa(\xac\xf7\xcc\xe6\xeb\x97\xab\xabz\xd5\xe8\x15:\xd8Ck\xed.\x81\xa0I:Vs0\xe6\xf5jE\xff\xd1\xd8\x1bHQXd-ifA\xdcO\xfb\xe4\xca\xcb\xc0\xd8~\xf1\xb2u\xb1B-\x90\xfe\xd5\xe7\x85\xea /\xa0\r|\x04\x8fG\x8e\x8e\x8d{\xbd\x9bb\x02\x96d\'\xc7\"_\b\xae\xef\xdb\xa8dqY\xaa\x13]H\xe0\xf9\x8a\xa2\xec\xb0eI\x9f\xc9\x8bhw\xcfTG\xdf\x19\x83\x04\xe7\xa4\xa21\xbd\"\x89\xb9\xc2\xe8\xad\x1aR-\x95\x10\xde(\x01\xbf\xe0\x04b\x84S\au\r\x1d\x8c\x19\x81\xb8\xf2\xcd\a\xe3-\xc6\x82O0\x14\v}^\x00\x00\xca\x1f\x83\x85z\x81\xd9\xa3\xbc\xac\x1e\xf4\xfb\xef9t\')\xe1Q\x03\x80\xcc\x13\xd5\x16\x03\xe7\xab\xf2a\x9a}4]\xbd\xb6\x98\x02\xa2\"$\xb9\x9cb\xfc<\x99\xd1S\x9e=\xd7w66\xf4\x86\v\x00`\x95\x1bT\x0f\"\xe9P\x85UR\xbc\xda\x1fH\x9c\x00\x00\x00\x00\x00\x00\x00\b-LW\xc4\x91\x17\xc5\x86,N6\x9e\xa6\xeb@VA\xf6\xd0\x14\xcc{:', 0x8)
sendmsg$auto_HANDSHAKE_CMD_ACCEPT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x4)
r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
ioctl$auto_TIOCSBRK(r1, 0x5427, &(0x7f0000000240))
openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000080)='/dev/media11\x00', 0x800, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x5, 0x3, 0x20, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x2, 0x5, 0x0, 0x4, 0x5, 0xffffffffffffff00, 0x2, 0x3, 0x4000205, 0x7, 0x0, 0x0, 0x0, 0x3, 0x100, 0x10009}, 0x7, 0x81)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x0)
modify_ldt$auto(0x1, &(0x7f00000001c0), 0x10)
r2 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)

2.79034861s ago: executing program 1 (id=1269):
r0 = openat$auto_fops_u64_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim2/psample/out_tc_occ_max\x00', 0x0, 0x0)
read$auto_fops_u64_(r0, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r1 = socket(0x2b, 0x1, 0x1) (async, rerun: 32)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32)
r2 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0)
ioctl$auto_IOCTL_VMCI_VERSION2(r2, 0x7a7, 0x0) (async)
setsockopt$auto(r1, 0x0, 0x26, 0x0, 0xc) (async)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)

2.732084764s ago: executing program 2 (id=1270):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000)
mmap$auto(0x7fff, 0x400008, 0xda, 0x9b72, 0x2, 0x480000000008001)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
write$auto(0x3, 0x0, 0xfffffdef)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x400020009, 0x10000000000df, 0x13, 0x8000000401, 0x7fffffffffffffff)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
fstat$auto(r0, &(0x7f0000000100)={0x4, 0x1a0000000000, 0x7f, 0x77d508f7, 0xee01, 0xee01, 0x0, 0x8, 0xa6ee, 0x8, 0x100000000, 0x7, 0x7fffffff, 0x10, 0x9, 0x4, 0xd})
semctl$auto_SETALL(0x2, 0x9, 0x11, 0xb424)
socket(0x15, 0x5, 0x0)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0x11, 0x2, 0x73)
pipe2$auto(0x0, 0x0)
io_uring_setup$auto(0x6, 0x0)
open(0x0, 0x22240, 0x155)
unshare$auto(0x40000080)
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, 0x0, 0x4)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/ipv6/conf/default/ignore_routes_with_linkdown\x00', 0x42a81, 0x0)
pwrite64$auto(r2, 0x0, 0x1, 0x2)
close_range$auto(0x2, 0x8000, 0x0)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xff}}, 0x54)
io_uring_setup$auto(0x6, 0x0)
openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x121080, 0x0)
openat$auto_stat_fops_(0xffffffffffffff9c, 0x0, 0x202802, 0x0)

2.576010702s ago: executing program 1 (id=1271):
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/mountinfo\x00', 0xe0000, 0x0)
syz_clone(0x80000000, &(0x7f0000000000)="085a1056b6aa2f10d8ddee0633aea682a5ff", 0x12, 0x0, 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x6, 0x0)
r0 = socket(0x10, 0x2, 0xa)
setsockopt$auto(r0, 0x104000000000010e, 0x1, 0x0, 0x16)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="b2271284a2d1a3f52f65f1e322f11b8743379732050b02bc6180a825a48a0b45eabb8255a3ea518132349046738fa6284628d09ecec8ab102a8a2c22525dd9401be35447455e18812ed495eab9e64a27978b4735fa74b780d98bb402a12eb2d5dbb34fc75fcd503f2a31afda6b"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c001)
write$auto(0xffffffffffffffff, &(0x7f0000000000)='-\x00', 0x2fb)
ioperm$auto(0x7, 0x71, 0x863)
mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x11, 0x80003, 0x300)
socket(0x11, 0x80003, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x40040, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
recvfrom$auto(r1, &(0x7f0000000440)="fb14500936043b01fbab95d09b54f3681d630da50b51687ab87b8e9b5abc2f7caedf7a6cf2a0c4ef8edaa9595397fcb34ec1d46a93b778f96717c7f1325a0b2744e2059b32a4c9be6d0852d25a9aaad3ca8f244506fd4e575d31e9e263ad40293baedee529c8a54e8349b58dd5cfdebc113fb494778f0bb13bbf18d5a3c2a30098decae4c394ec08ca1a", 0x5, 0x3, &(0x7f0000000040)=@in={0x2, 0x4e20, @multicast2}, &(0x7f00000000c0)=0x10000)
read$auto(0x3, 0x0, 0x7)
fallocate$auto(0xffffffffffffffff, 0x40, 0x80000000000010, 0x4)
write$auto(0xffffffffffffffff, 0x0, 0x2)
lsm_set_self_attr$auto(0x3, 0xfffffffffffffffc, 0x1f, 0x8000000000000000)
write$auto(0xffffffffffffffff, &(0x7f0000000900)='j\xa2\xb1\n\xb4\xd3\x00\x00\x00\x00\x8e\xc4\x97\x8a\x10\xd5<\xa7J\xb1\x00$\xd6\xfd\xca}\xa3\v\xfc7\x93S8\x02\x88pmh\x14\x86p\x04\\8\xe1|\xa8s\xa7\xdbLq\x0e\xdb\xa7\xb3\x94R\xb3D0\xf1Uf\a\x9f4\xb0\x957\xa6\xcd\xeb\x87^I\xf4\x0f\x18\x80h\xaau\x94\x1c\xd1\xb1c\xafZ\xb1\xf3\v\xd5\x1f\x14\x8c\x1bi\x90\xc8[\xecE\xfdwm\xb6\xf1Wj\xab\xfcIU\xce9\b\xcc\xfc&G*\xe5\x96\x91x\x93}$\x813*\xd4\x16\'w\xad<\xf6\xb1\xd2\xe5\xc3\x19\xfb\x15\xd5U\x80BL\xd8\x19\'\x19\b8\x96\xfb\x9f\xf9y\xf0:\xa18\xd8s\xf6~\x86\x84\xd6\xc1\xdaGo\xcc\xe1\xedq\x06\xb8\xb5\xaf4\xa3\xf5\xf0\xd1\xc13F\xfa.\xf0\"\x12\xe4\x1a\xed\xb7\xaeC\xceDwn\xc5C3v&%\xe0\xe7\xc6\x89\xbb\nH\x0fF\xdc\x03\xba\x18Y\x9d\x7f\xc8B\xfai\x8f]\xcf\x11F\xcb4\x90\x84\n\xea\xd0\x1d0\xb5\xcc\x1f\xf8\xf7\xbb\xf6\xb0\xc3D\xffb\xdchM\xeaq`\xc3\x9bfw\x9d|m0:\xd3\xb3$\xabJ\x84b\x1d\x12\xd0\xf7{\x19\x1cu\x94\x85\xd7\xf7\x88\x8a\xb1\x1c\xc3\x8d\x85.\xb3\xebE\xc2\xa5\r\xf7l\xdd~\xfe\a\xd5K\xb0\v}_\x92s\x9a\x06\x06\xa9I\x86\xc4\xdc\x83\x03\r\x93HXz4\xed\xa5\xd2f3E\xc6\xb7)\x1d\xb2^\x8a\x0e\x1bv\x10\xeffv\x95|\xfb+|\b\xf5\xf4\"t\xd5\xf3%\xb0\x12Y\xa4\xbf\xf8\xb8\xeaF\x91\x96\x9dO`\xf0Pv\xb9\xeb\xf7\xc6\xd7\n\x90B\xe9\f\x8c)\x83iYy\xf3\n\xd7\xbb\x19\xe9~\xbc\x8f\xf4\xda\xcc\xfe6nu\xb8\x82l\x1djc\xe9\xce\"\x1a\x19:G\xa3\xb5\xd34\xe3\xf9>\x91*\xb4\xd7M\xa7\xd3\x19\xed\xf3\xbb\xd8\xb6_\xdb\xec\xacM\xb1\xfc\xcd^\xd1\x18\xf6\t\x12\xdd\n\x16VT\xedT\xa2J\xa4\xe4{\x12\x8df\xed\xd9Q.\xd7\x03+?\r\x98J\x9a\x13\x17\x9c1\xe6\xf7\xaf\x99k&\x96w\xa5\x0e \x01\xe5\xeb\x92\xe2\xd5\xc0\x88D\x06tE\xeb~q>T\x0f\xfa\x1e\xea\xb9H\x1a\xf9VHW;D\xc0\x98\ncs\xbf\xe48*\x8b\ry\x9di\xb2=\xeaI\xd6\xec\xd9\xf6\x15\xf9\x02R\xd0\xaeb\xe0\xab\x01\xb6R\xbc\x88\x13r:\x9a\x99\xc0\x81\x01\xd7\xe2\xcd\xe5\x1f9+\xd2hOp\x95\xf0\x18x\xda{\xbe\x82\xa7\xc1\xbdZ\xc1\xa2o\xae\x13w\xd6\xe3\xfe\x91\x81\x9c\xbb\x9d\x9a\x10\xf9\xd7\xcc\'\xdc\xbf\x1b\xd0\x14F\x19\x86\x9b\xeb\xce\xba\xe4*\x8a\x11\x1b=\xa6\x89Y\x1b\xa2\xde\xac\x0e[N\xb4\xd7x!\x95\xbb%\xb3o\x00\xc3\x9f\xaa(\xac\xf7\xcc\xe6\xeb\x97\xab\xabz\xd5\xe8\x15:\xd8Ck\xed.\x81\xa0I:Vs0\xe6\xf5jE\xff\xd1\xd8\x1bHQXd-ifA\xdcO\xfb\xe4\xca\xcb\xc0\xd8~\xf1\xb2u\xb1B-\x90\xfe\xd5\xe7\x85\xea /\xa0\r|\x04\x8fG\x8e\x8e\x8d{\xbd\x9bb\x02\x96d\'\xc7\"_\b\xae\xef\xdb\xa8dqY\xaa\x13]H\xe0\xf9\x8a\xa2\xec\xb0eI\x9f\xc9\x8bhw\xcfTG\xdf\x19\x83\x04\xe7\xa4\xa21\xbd\"\x89\xb9\xc2\xe8\xad\x1aR-\x95\x10\xde(\x01\xbf\xe0\x04b\x84S\au\r\x1d\x8c\x19\x81\xb8\xf2\xcd\a\xe3-\xc6\x82O0\x14\v}^\x00\x00\xca\x1f\x83\x85z\x81\xd9\xa3\xbc\xac\x1e\xf4\xfb\xef9t\')\xe1Q\x03\x80\xcc\x13\xd5\x16\x03\xe7\xab\xf2a\x9a}4]\xbd\xb6\x98\x02\xa2\"$\xb9\x9cb\xfc<\x99\xd1S\x9e=\xd7w66\xf4\x86\v\x00`\x95\x1bT\x0f\"\xe9P\x85UR\xbc\xda\x1fH\x9c\x00\x00\x00\x00\x00\x00\x00\b-LW\xc4\x91\x17\xc5\x86,N6\x9e\xa6\xeb@VA\xf6\xd0\x14\xcc{:', 0x8)
sendmsg$auto_HANDSHAKE_CMD_ACCEPT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x4)
r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
ioctl$auto_TIOCSBRK(r2, 0x5427, &(0x7f0000000240))

1.469385421s ago: executing program 1 (id=1272):
set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7e, 0x4)
mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000)
ioctl$auto_IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
shmctl$auto(0x0, 0xd, 0x0)
getrandom$auto(0x0, 0xe06, 0x3)
r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
mmap$auto(0x1, 0x202000b, 0x3, 0xeb1, r0, 0x8000)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
sendfile$auto(0x1, 0x3, 0x0, 0xc01)
setreuid$auto(0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000480)=""/4096, 0x1000)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = socket(0x15, 0x5, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
sendmsg$auto(r1, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0)
writev$auto(0x1, 0x0, 0x1)
readahead$auto(0xffffffffffffffff, 0x6, 0x2)
r2 = socket(0x23, 0x5, 0x0)
listen$auto(r2, 0x5ed)
unshare$auto(0x40000080)
r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95)
read$auto(r3, 0x0, 0x1)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0)
write$auto(r4, 0x0, 0x6)
socket(0x2, 0x1, 0x0)
r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0)
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000040)={0x6, 0x0})
ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x9c, 0xf4, 0xb0, @raw=0x89de}})

1.297030824s ago: executing program 2 (id=1273):
prctl$auto_PR_SME_GET_VL(0x40, 0x9, 0x5, 0x6, 0xd717)
r0 = syz_clone(0x464c4919ebcfa0bb, &(0x7f0000000000)="df61ca442a32ae4076b964be0b9cc3f891de35a3b9158a2b6319ad2b7975d7dab2d9d8add739386874ccd255b0dac6be8c7e5bd6d652a3f5bf18480f685f024024916e32a34a70edcd9f18f39166acfa976e079fa438424c1ae21a1677251d28dbd3fe8d0c3b1310df2118a462a66d94ec482acbafe299ff1af3a1220d82164c35687f65f7b6cfc4796e4ff78d7248d5ab8669799210eabc8764d7229bec4c9392ed3bcbd0c7e35ca8f3b1dcc7b4d1dab206e0c3a0d38fed788ae350cf5ec7c3bb85e4ac3930b4ea284629a4342482a077e2ce559de3b8baaa5324cbfcd132dc497e99599cc6ad42ddcc27290f5519650bcd361576ab44f6a91bfb1cfe04c9cb82b7d15b6084fdf8906ebcd559ba755c2c4432c9b1008331c76d234f06521d7d1c8ce5267bb39adec5aa25b559ce00c9ba4cb971abed49bb06a6f554a9cf2fd66abe6f7774c94129938ef0f419849cf89cfcd8045764131fdb6c6ebf25659c279e184954538c902d90fd6883614fd03d0dbe0e6f13baf536ec4100681f98e1075d22ba2463185f36765efe09e53efdfac48ec593b9b9c353df5e90cdbca24ea7d6ee45005cb532b4c68da950099b3f3673902a3e779966c9d341187fdf4d0ef958de3242f1bae2e8c42c1caffba872107db5250e8c980a4d7610bc00aa5719d751bdaa4f55c175c3b00f533d91cf0dbe7723013a0f09c7aba6483a86706762973b411aa611c2ae479cd412dccf1483d02daad29ac5417bfc4947fd57dee9dff7d7b34556ff898c7f95d55fe19dde532f2a3c3197c20c788ba6dfc07ff6bbdfa01492348102aeb29f32e8bcdfbc911884448605186fa27976fc20220ac635b67c596640033705a489d9402b795ce85e2d06d4bc0269deb7f4463d28e2f938298217e56ce5a94c226903bf97b142e6566e85b9f89077060e1f4fbe6e6668e77e218b33c069dd2aa690f3f7512233689ce616dd8ee9399e024c97e0a4207526c41b0a721d367a8ba946ebebe67b264ce1fb4283aae2258ab9fcdb654f2a3211f4a778fc1a1cc55b5c83bbc6084a73f22cc55ebb363d5f3f7dfd288731ee2add62a0abb2efd201f366709f5824013a4142159d1b04ba7aa1af27d28025e13a97d73e5612570bcb792ba34273eb317b618a57d9a608e239b84337d2b9a05cb2cfbb9daec496cd5e704f5558ce08d0d51021eb6d4ba8ab2c46a45bba2e05bae4865d9a3c15e1669c6d9a0ae4b8f67cc43b92e3c08c30f203ba376cf7fd9032cc79657abaecfa37b504bc7d9e6cf382b1f902e4ced05717d3f2072810f813408172bdc12cf4306d5ab82fa2ad40b387eb05e01b1e643717cdf14982fd62b67687d0903bfe5f32e276c9cb9249ff6405704664d2d918e231f16fc19688ec54061407543e1efca70dfb85c0305ad96f3468300cb9353e8fd4d588af3be24c93c4ecc19a03b4a3bb92f391f4438ad1d83a8a6a13d530d6f1676b68bc39b1b7d8044e493a9af3cf5ef5745c897453ef2f2089ada755f47b21e4a4d6c6a2b4fe7496899538dc1484f55da3ae7cf44726f7322bc08d32c1b0fea6d7261bf59e9254783738a75c2c87f1b96dda8e4030cc0bd4cf68568b450eb0a7a81769e351e110d465a4336a9605e2307b903acd4156de2d111fa98fb7eb84bd432e90635c5eebea3e919a1777035159c585923a11ccd8d0d299f60148320c9f10d32f2cc2d04a79bca28139825f676e1d717b23c328db135ee6fe9610bb619cc02dbe12d072e15e3e99c87bb746fe8b7d13d9c5551f9d96ec6a75daf8178d1e1409a510efc840d81ce75197ecf5a76dfe7b19a332336ec62d89a8b0e0428df430f6de8b232ff24d604e851e474d0d6bf214afa7259833fe512f457c1d9eb1847f2e5965daa31962327d5420510e97e640005a8268bc49e789b55b97974ac2549d20aba47c7814220f8e6039e5b182ff993d96ba4dc3938fba794d447830416b5b1d0261c155ae466ba7a6ac9e9c1a7c20d4bbac573d138c35f0fc0c109fe81ce8bec80c86e2b391fdccbd58534db8e22d9284e832652ec1fa5f7c08621faf7ea06ae14c681687bd562f3432172a98a90daadd14e4b84c0fb54f8541c6b2516a2954de7220535ba78cc460b8830af217a07dab5d7ec3f49358407d974b0f5dd27e853ceabd69601e08aa2ca2ce2885e7d744ac5250a2502bddfc0270fb240d755f48fd1605e9aaf697bdc5a610132403befb88278b88346293c4205f36297ffedbb3aa3793799e4705a66e6379c5abac0a405eb43f49d782923e36895ee1e36c6eef3c3ccefb8135a923b80f3b53dcb5e69164367554b29f8c23639110d618ed685577487225c7e1d9f4144114d626b6c8e5925650f07537f313fc9b27bf80be52e7766fabcbd39d226ecc109105fc8ccb64b30f337e14df528bff7f0852f38f084988227a86dd66f9a2bca89054d91c592fab111974ea5625acba7941c8d141c1768d2ff6f48db2b4e8b91b47a9e2ccfb632220c9ff816cc7365317a307c8364631e007bc6aad3224f257f49a9d69235810c04db6963932b8ffac75d4dbc895bb06706f239b1c0dce5f3684cf63932be7da6bc13fe1fc09dc9554d56172b0e5317d0e59996de672fc5c40d8a535b5fd11b578005730108ab27b80667a06e4c0b6af514d7d7f21f469e4d6237f064ee1e888936f703dc2afbf51d49951c8480dabc41d876568a213ed1141abdf1d410a0217fd9de0a62419111e7132dfc65ba6e4224a6cf96a53a8b547334daabfa5c0bfac69de2cf4b35c527d05645b535a99ad77092f8747a1246db2c5e4308b518ccd9f04d6e50d1697e047e734d9d2c0343a5b906c67c7ba55fdcc5958165b44f1157c22e56d0a81c2a3b0f5caba30c5cb8bc370a9027c907f38858ea7655ce9f6c8ca19126ceb2ca892a0fbba14491c098d395d29633e548f61ed31c39f6d85d53f991a552870abd15c53a0fd3721cebc7fc54d8b149a8989cd3d4ed7e054895162ddda8c1c8e003eb37af38ce8030833834e9f3669b74f1835df1d4f8fffeebc046302a2f0cdabfff16b54d2478d7bad2ae69e98591a34596c84f8e4ad76cc060834eba8109aca36d80e7078d55e1b1dbead4e90177eee29bf7f81ebf88b7265e743d68ab6d1ece5e7ebd1912e8d2c14b0fce938d9ad295c800b8c40b73809402b11ad7f833ae62d47d144d5bb4878b9e244e777fbacefef8cf588fb0bff888919ccb1e15dddffad68fa678117961a97d98bebcdb140a7a3316fc186cfb7bd912f3fd2a327175ce20a370497f958ecf23f51ec93994a51254a4e488b0fed667539394b769d4e95793c1b67728b70ae464ccdc8114ab5225fb9166fe8a619eec920a2e5168b960650bf2154f1dea88ad08243e496f7cac124310b6e8e2951266044439c55cda2e90817e154f22a5894a9c375d2253d0cda795e28f02435dab8628895a7dd79562411efc15a5a565d5bfe84168d8516f60dc79218e716ae8b5b2dd237ada5c12709a1a540e6fbf1dd4b291538915409d7c555cabd0e51977d6f159c436b59769c5ce9ad54a4dd09ff45b404499913e7254ed43f887d23f2fd537bd0dfe1c81d1fc6000dfe2767c166a66dab6439aa4bb085b4f59c471140bd56d944426918c1649df92036d31dd92a516a08396e5aebc93cc995cf1c34224be5b9914427d1a1afe2316c3283225dd021a1d0c9a5b23e57a4934696747dced062c4c36eb2351bcb78c610afe029196ce47a8c914be8931b153fd64ec9ba4ec89f539a9b565181237254c52cc582d8455bb499a16dff9421324af549a4f35fb02ed342decbfa96e9dd37ccff25274503973827d521bc7802dff14e3d993baee0aebedb5ea3aa141635c04186a4d019b6bfde7b716e175c11403f80c28f76fbdf99508c17da8121b5d6b7c11e9056de132b99fb3adbc474aaf5c96ea6385154d6064ee9f0f2aaadb25b26e3b00153810d1a12281f70f9470b4986808fe91ff334cc8db182eeef7b38966c9fc72d769f6dd207d52d7b43c5ebc01d04ac768b56e36a7d7cb5b8f294d2f6839bd9a4d77d9b05c8fe79bb237e909f6f26f52d8e21e6593b6d81aa028f3d050d8dae178c13e8673b4faf3c6376c26ea935d235b0e1d6fd14b95f357300effe2076dae5c2123abadfa4862ef09cd249bda20db8d5703fbb94ede4180a4e299b6f665cbc30640ef67aa00bef15b0b949974d3be7cb4033cdb8da0debac537e539f13a32e77e338b03002c0f49a74d53b67cbb015ce224016032218c73cba46195720d5b4b9cf8f895cc65e3d188dfc2e35dfb142c6319675b32fa318551b98bce48bc8008faeb0d48a65767608a1ba79ee3fcbc6afdedd3bec4ad6c5312051adeec6678bdbfc3f5ee2c642d6f7c6418d602aae18c5f30e826e4a4186f2df22d46e71a98a808a9c976fc616c9a017e3a7350c18fd97d4d116d6a7e041d8434591ad6d4e5deff5c854049fa72cf6b315f1fba9d5bf58496ac1ab7eb9c7fdc713bb8fe009f00fda3241054e27b9203c3cb994ef920f070ef8f34c23cb58d0a07f04b6ef262f15a591e08b5e93975662f2bce205dad98a00c6d3bae953400ae1297f59472d65013825ad594925f57ec868bd29eddc5d7c40838b4bcb581276bee72900949132ed147ef4afa58f175b5eec900ea1c5c9146afd63cc3a9159d3016b33fb3405d887c9c8ce9d8850609057fb8a0a212403ae6f5d6fb0e808218a1fd67abb74e49be0659ebcb75eb8ed214260902db155de86bb9690eaf9a1c4f8ac9df94f7fba05f6d81fa87da92606fb9cd5ec4314aafbde5690ea8160b8c0765373098be60d6c7ea5efe33ff517d989e48ccb113c566e5024c25505868d96a82e4a8191c2d74b5fc51b7197d8f9fd8ce98831c03b569446f245afbebb07194df332c0546d946a8ca213c0f1c6deefd6603fee2bab1db451fcfecc4e0d0996269368ff49901d67ed726702226925b7b7cc4fd2b42c7cde47d7353a66b87e98f66ec7893403d29f70b7fb6230d2fa49ae4907a4cc0e4c66a32cd012e294bd9a6585fa5bf76b5df52d23607704d72aa70a8c4b0381371cd019bb9681a8ab73fdb30fab9a9dae509ce7e7208d7170dda3955f5a3e466b89b3bd207ba2decf25f5a8685cb8b003660fad1644f3564937b952f4dbd2d800c280368c4ed2d721c27b219359ba770c1439aa8f2a1b50f8d6c16131cc624956acbc4b5ce0db2e15bb49f9da917b9279c7326b8f83a41c475d855de9bcabab40da9c3f6d488abcd85febddafbef6a26ac6d71fe28ab576d484a731309b68cc6d6a2b3f5db9ea68d207b7321cf2ec5b7a080daa1a50036bf539ff4a3b8563a81f5075b057341380dc30237eca88dfb3be1d8cb979193b898e719fd432275b78c712daad69aa4785fc2acae92d4ebd94f23e620b340d5b71752b14fc5841dc61d245e7f5f4f61b6157183488330ba54aae9c1d093f68f0cacda1f2c61ccdd4887a0bcddc6a736b59ca8353617c895bd2d79e77c83b152a476ee7815394f86b5975cc7a79aa7a102ee8a30bbbbd27d607ddd84a4aff5aec5a288153d31c1e63db9b10c3a907feda04591960e038ac87d72ef28d21e918973ae603dd8c596abf2ce8574eed011f6d9ebd0b5532fae20b2b6645d0755e16c634e2df5b88b29b010a4d65a52db0cd0c152f95fbfaa53a264ed9d9e9d02e41f8e080ab919cbfe80328b2e858316d70568af98be12d94bd16257f6aaf3bccc9cbec7adabc0c07fb481b0a53637ffe29d7f690a8bf9307f27cc90c329f7dc12a9c0d64eb012b281c7a68b1a7905e", 0x1000, &(0x7f0000001000), &(0x7f0000001040), &(0x7f0000001080)='[')
ptrace$auto_ARCH_SHSTK_STATUS(0xfffffffffffffffd, r0, 0x7b, 0x5005)
prctl$auto_PR_SME_GET_VL(0x40, 0x4, 0x4, 0x2c, 0xffff)
r1 = timerfd_create$auto_CLOCK_MONOTONIC(0x1, 0xd)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001140)={'wlan0\x00', <r3=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001180)={'bridge0\x00', <r4=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000011c0)={'veth0\x00', <r5=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001200)={'syzkaller0\x00', <r6=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001240)={'virt_wifi0\x00', <r7=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001280)={'team0\x00', <r8=>0x0})
sendmsg$auto_ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f00000014c0)={&(0x7f00000010c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000001480)={&(0x7f00000012c0)={0x1b4, r2, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x9, 0x2, 0x0, 0x1, [@generic="e1800397ce"]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x394d}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xe}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0xce, 0x2, 0x0, 0x1, [@generic="ea343871fd37ab926e151c1d1d1d1577f470be51aaaf0c6d51a279568d2cc800aabdf3ea8a8d7177f6b4aa8d9a88b7b97fef53465d0e79035e1be83ac989e81ec9eb35c6e52f1f52a0681ffc5feb26b548a8804876b1f4c06dea1905a5482a51c21b9e61ef94f583d6ff8c18e1a3ac0c57aa40b7316ed24bd038c0eb5030523f361dfa13631e35ef39ce355e2b4a9749c991d8aaecc3c7d2664ee12f403d536b90900d71afde41235e5be1331b71e4d499e437317cb8b08b166849311d0d", @typed={0xc, 0xe7, 0x0, 0x0, @u64=0x4}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}]}]}, 0x1b4}, 0x1, 0x0, 0x0, 0x800}, 0x8000)
mmap$auto(0xfc2, 0x9, 0x200, 0x12, r1, 0x7fffffff)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000001500)='/dev/snd/pcmC1D0c\x00', 0x1000, 0x0)
r9 = open_tree$auto(r1, &(0x7f0000001540)='./file0\x00', 0x8)
r10 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000015c0), r1)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r9, &(0x7f0000002700)={&(0x7f0000001580)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000026c0)={&(0x7f0000001600)={0x10b0, r10, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@NL80211_ATTR_S1G_CAPABILITY_MASK={0x1004, 0x129, "86d86f9be87d302d2922fb8aac4cd15d297bee09793add1af2f748d73d12fcbb48593c9dacafd4ca5775e6168dfbaca27eb173cd0e0ca7ca423f941f37549956afa432bdbd3e11f0b1fb5bd9a3034a7dda86c10886beb06a0158b6182d5639203181c58497d1d81ada277327bb66ed311ab6bf39a2f986afd2ba2ee963b9aaae3d27ddbf11e618809e2e0f31b1a4d1a7a47ee5c550912ab39aed9cc089b30ddafdaa5788dd82923484b4a44499dcf92792ebcbe0ccabb07bf0e6636d87ea34a23b42d3a987673af359002541e48f5ee55e00b4d0c9ee32fc7f54c3e5d885305da42eb4736916a8a0e46d272bec446fae9b967d7099ab6114fc16d01680ae0a8262dc634960bdee01e8aae84f482e37fb2a71f1744130a782f045c05d7a41425533290806ea1ce6e9729c38ff08abe4488c811a28eedc021400756ffa79ab309cdc4ce7d2f858a3f094d3183e0cfb1c6cbcfe8562fdfb917c814108cc8882456ddc3668f423f8a28503e590e794e507c5379acbf7a2a41621c9f80aa53eee98bda838038f6a7b4965624243e6f7c201ee054f9f34bde7d480e3736de187b9c781f14ebb96a8ff86968336bd2ec9bcfd9942815146f3e54e9a219c3bb266aef2c3f5d561fd5ff7006f14b4046b0dc61ac0b655e98b868d89791d37c91500fe95f44c3b845cba1331207c95c0f39c2dde8e4e759f6b07ffe77b63b6c0fa70732adf42a272fab156b1133ff8a1839f907b373aed46ad6edb237e68d7e3c7a1c03c9436a4adb2df3e053e52eb93b71c60efbc5f19f895f6d18164bc572b6ef6b4e960ddc3503ca1e40e2dae5010eee5a96da4e0294db99a45f8a4589ba5958147b7a2442b996ddf2e29bb9f7dccb4195ae06ee9ca3fe12f0113947d4cbccdf991a14f1e733777a6776f6e96af0e98a0eb91176e1c05119c11468ba4f6627a3a9018b192370c5d72ced7867b3e4d11e4d237a208b2564154596988ee394feb8403dd2e1a0806e818cb0029c294c3f71854df0d79b40f04f7e6a7d229429d6725b77557e79414fb729e0e27a82d697bbad1a639723100d5ede5c7cb0d18554aa6aa07db38a6fe7ced9a346c2f07fa5ad76a9abdcb0d823ea562d1a1f9a266296dd333b77a0d97ce15a9cf7d7e8d19c756ffa59b94eb7476a0123b859315d16c3d4cbd94ea138c62ab9f7165d1e48317b3656385f65b34eae803f80b447e67909df02ccf804372ad778947e04e41ebeec4b842e11435a0db9e87b019015fda46f65caf1498f1d029fe15ea8631b64cc578deda2dd0389b2653a88b6fe406a98843d1876d6455eefe6a3f02da5ebc356e7556fcd5af189a0958044b59c7840bd5932a4013d870a77a3af6df6d6d7e20e4d08cc814c8e5ffa88d2fecc922cd3902e6b11188467d44797f404b0a146c28942a27a57aa787c8d2e3471ff19b150ef135815397872ec7a9d4747b4a02cb471e06a343495d8aedf1623c3555086bba6108ca2d90932c0be236a5d2e555fd0e73f08794e90d64991e5c9e22edb448a21ac6ecf4f2d619472e8ad232b71a54096d9a1bda0c09897e9461931ad51c92dff48bde45a5276955e64099173704e5020720192866bdc6f0e1899a07b0b832098cae004d7985c1e87f19a3c602059417f6a6e5180e2d9187c7fa807aa7dd5c254279613eb7f021753d0a62d639c0f4f58f31b1756897b10f884362e35b760451b6b52cf9400049867a3781c0ead693392530739829de1752d67b4d8b5cba2a4c1a7672dce688005da51ffc9d83793165daee78c87fa44b8fe08ac5cbef0076e6632543d838b2b3e53ba1bbcd9a30e827f2c36c245c4ade6f1c033efc6a8351b6cc21e4d15e51637205bd6265f8eacc63d2b5e8d8a745a23103c8de78fb28f365332a65df7b7e21600bbc6ac6ca1a1ec45deb6c256724d7ef3514529e40d06f9eaf17a1f613b308066b2e95ff4adc17ecb65e269c11b3aaa7fa48123b11da6a0e70da53d0a3735594068b5818853dd1f9608b549be264f937899154295918d601544364790322b9f333666ce54c8b6174d8a8dce73512240c5d40036e1ab82885937f5d81f5ab0a5e87118b42329c61f2156ff80d0d76a1242401e89bc14ab0da2f81df87311baf4050ec65d4bc1206f0c4f9509fac1f2326b04eaa6c828922b9a9ab75e62cd5934af9208ca02aac35e55cba211887514dbd3d40ed14951e3cbeba1c0480fcccf158aa12e2ac6ae9a4358758eaf89a44500b0034aa2c88c524ce4984c7701e258a1bb04314e88c685187905ad0e0870347f44353dc5c62e0280ff9df3f04ad95eb81c4aa8f9ca00b178ea5525bea549da1fa69a764ea08b69778f4818cb62f3ebf8cdd9f1bf7900fe8ddfef86e3ddd070c73f0a4ad45cccee0ebc04c7f4672fbac28c25bc40c43ad21439b6f1e70838da14d54c6814101de6a5500b7ee820e9e680a4cf6573b72ffba2fa5aca7c43fbc9cebe721193bfa64a6eda016bc7192cf5f203dc8c7eaa05661a7801499eeb5c2a2763bd0670cb21937486926370890ce9460311324e42c777eb2eb5a20dd7ddee41b8d5b04e8162ffeec9a88b46219d0d7c7f5bf01d8ea295761ee2eb52e5f141ec8d3f89d3e679535bfacf934d0809aa1f62bfdd22da5b92afebcc24d471569b46ba6750f03e8034fb4acd43209923be88396fe21768c4b071bd266039b4f8b05088403a7fa20f1c2e4b08924b93bb70fa7b7cb0d5cd5d4196a2edc5933fcd16fc255bb17162084741b0864d8eabcff6818305b6b7860ea923dd72d71e76a4aeae13c14f904ddb34bd05b3d6631248b930d7ceac6cb1e19ca21b42653ff35b94562535f326815dc0e2b09f97d4b379451a276403a9e79cc5e0679f4b29ed68c06e8b292f121027758b6eae58e9c106eb5d5dda8b6b398138e10f0460e6c1bb5daf1a135813f9d54fc123148db1689873c6c2d199e36847821145b9396c1d9baf5fcc8dd5bc2229a0387e2ceb6e7490e556fb539cc5a516d86fab8fd99e1efa4c15244d56955b7c873d4a932a87a1ca8b3ad8b33153ab01ee8ab6eceecba5adff826c48312b695c909c238d7e7006741e3af1a67b011e3c527493c9a81bffe8cc310dc61f79522f9a263eef64d775886ed1f0669a3a47e710b0576d8445fee03f4ab6b0cb7cd5888f98c1c16311f7c56cbaf8bccb19910f541f023b727bacec585fcb5e1d5ce81b591bfa340dd833df54623016e57c277feba0c2378365b52440741472486066d59b81e52f93a259a82b4c944769f35ce24baf42608561229b2bc0a9c5fe9b89203698ec7dec81c0b83c027e8f970f43e5883a1bed90c1ad22573248d4754999b2a65c22a1804299138db33c590c8fb198441849b7cbd6ca9eb85913f1c457e7389b5ef21ef052ab08405f36569ba96cc367a5e2eca10255801c441098f1b2c69ae0b83342330068b32a7eee6c55bfde0ed2af8f1ed0546148609b7a8b8a617a71884d343716a025a9f82ee0dae8f9d4f4df75f253c3d62e10df29395156d8ca8cd26b8d9a9e1d79ad6868aaa8c83441860a4ccf220b180aa815e50b232c6d28bd2d9f17a48706372de6c3dc8c23daaa39b1fc09bfc74d954acb79bdf19857746ec1ac270fb63f25abb5c379db29de6f1ff978f4cc4e0a56f8563f0de3e7a7ce81af416318c3a7a9ebdbf39f4632b08d15d251db41bddfed651e514871a6186d04d838d9b3c2444af24c7ea65c7e5cd65fa31dfb7dcb6dbb598208dc5b6b1cb72713a2c692a19cedb5fc16339f6cfde92019aa5362f5c21e08b76a728e7a857ebc848aca60ae099ad956df15ba7c6a0a48bc36616cbe50ac1802e6fcb41887d97e3740cc7a8d54e556af6bef07413f7842d133cd0dd535aa71cf1c6c377044665c221a092cdb65a0a95bb7dc6ab501eab91799586c6633cb793fd4b0dbc43180d2222dca3da2019c28e3179b76244a997b21b168bfb086ef035ef489fc0585fa346fe0eb6e874cc6041ccbd0582be04e852f2909bb55b51f64f66c8445480f56feb8bb4a67de35dfb3b34efbd8fd88a71290b18cd5847083f23ba741ac932adbd631cc85d929e1bf31c74e783deddd9848b59a606d1977788b6660e0febce53271d1984d9f201515d6961640365eb7fef2d656034bf3c428097695dc222ae61e1fb906184ff4c68a4a0b35ea099dbe7af6e6a0785b325b3bf20b9fb38af4062cb0a4ded7e1bf476429db3f3ff943ca102d968108984147e3adafb35da36f38781391d342cd60703dfad0f572f7d0dd07ce0204f6aa2f30f5cced7c40de1d7b9ccb614adb8b7cdef6e5e81e31069b92306371b13caa82034a0cb45d9315d79ecc21b865f87f6fe620e7223fcf72e5da7ac9aa5234af44b56da52d561d3720f66d10e0bcb3a7c8cf5287dd91055c799995613b87ed457fe8ede598be6228361635c4b1b85613ebcb9e7ac6183365874d548dd23b8c5d16cf3c7abb75301085524c59f4dcaa269c4f232e5ee03c1acd2c052bead6549b99771d6c15a3fa37ee1d49ae44497ed6f3ada003fd15ec0ee2a7fbe0718457d62fe22b98ab53a790120ac3432fc0543a9f8d4d7870b1ec31e7da65cfce904ca35f6aa0e622a79aab15faf133c05d23ba252efdefb3e342caa1485881bdf546489f7e78e5554383ed8d5f899c48cc75a4b3ca0a4cac0326cd4817c448f1d2b789dc18e6f9cce4d2498e751077a44e2bc9ff7759e968a354e4555fd1ad557563cda51a67e0039e773fb75c369ce3b37f1014f55eb95d09b0d2390bbf74ba391929db9438925c8e7cd98e0a6bb78f05c58f471c01c10d24348672df8167861a68169adacefd6f400438fb8171b47ecdaa13a9ecd349369bcd6bf0c3e77b830e880fdbaba4198ad325742a242acde7354e32d1792ac0bb117cf7b0853fda5fc12ef357879febbb3ec28f29be8e2dbcf75d71b7df23e2d72381857dba5378ed902d7da21818b3d951a0a9271a5c47580c3f6cc8754146fc72ede96304edd799d3a9277e5d28747590157da0cf680197d6453b0f19c8841b4f4d11abf846703cb127b7ffefbc05dc6f9e2ad364c86927d9b476d13042c2390cde1613ae92b708bce67d01e32509acc656c42ccd637370a842d43de30538e57696481ccf1a38a1ea6dae410ab23c25add7ce4dd5d720cf85c495f8d27a20b08d85087bce6ded68cba057929118c61ea04a1c254f0149cd8e99d80cbbc1f12d3ec2fa03665b2c16b36cfec90781f0af53c2fe626de4d82836a650cf3e2371aa902f9f0dbf856655d47abe2bbf6ec38f2d49b30df659e192b5e51acee5f26603eea449cc8e4c606939547430e449df68174416e7ca14484587c6b9bcd5367794057c6dc53c46472daca7d8d3d5e166eaf6bacc06acb3221108aa9cc52e51158a61aef8159cbfd995efac651d2aa273d7c2ef6f1c6f3b663090ebc7354d682cb7c8a175f539249709648d13e172167569c3a7f41114e253143c670b9c0fc2e8ecef81081c755f2178b6e0d242b6d85a8c69541397965b6305178f11784b476e3f4c6b1fe6122ed8f3871f90beefcc470592d7137d9c46123b9485afcefc8a817973949f6bf6ec66cf314c4ee264abc58f947e7a464a033eef95c381e417b0ef0a50260bfa11e29f11415081e507d070002779bda97967046c1b63b1da2d706bf7b3a3bc829f5de00bfadc7fe58de361a608179fcb4e32bb2e134cfe51143d806b357334dadf359746dd87925560eec14ac9899681fffa3d7c6bdf79420ea69c7867ee6b51368712f3400bf224651a1c544ce0d8b6a3ca6cd0f3515434311d8"}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0xb2f}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x8ea0}, @NL80211_ATTR_FILS_CACHE_ID={0x5c, 0xfd, "922c912f847bd1af8feec7c26bd53e558c4744878f25d21c77486e6f7bdf1ffec1b4ae399c98b000bee1698142ccf7f01345123cdcd673e84ae7b46a2b7fdf0c0f1a20543e3b8eac200434ecf12019782e3f62747c047b16"}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x2}, @NL80211_ATTR_RADAR_BACKGROUND={0x4}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_SUPPORTED_SELECTORS={0x1a, 0x14e, "22e73d1d132a224d5e749546f28810d952fe57c0766d"}]}, 0x10b0}, 0x1, 0x0, 0x0, 0x2004c000}, 0x20000000)
ioctl$auto_EVIOCSCLOCKID(r9, 0x400445a0, &(0x7f0000002740)=0x6)
r11 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000027c0), r1)
sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000002a80)={&(0x7f0000002780)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000002a40)={&(0x7f0000002800)={0x230, r11, 0x434, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_COORDINATOR={0x219, 0x1e, 0x0, 0x1, [@typed={0xc, 0xf9, 0x0, 0x0, @u64=0x100000001}, @generic="89e393b01a52b6a99b419a313b3b7bc210d74d15a2903b9ea0eaa27fa72ce775e2cc6a4230f2a8e8f12b67928a76f474457290fe404cc796118fc7f436c77b93584bb3fcbdf72e7770bc8fbd7ca0fa463577b361d9d9755dce306c8c85436bc00e313ffd45840fa3", @generic="039842194c387bc986ebc5fd4048322f7f2048600aa36394466962910a63e13d4b89d81c219927465bc31e2dd746d1290e13bcfd7fa986cbad4b54dd77d0ea51ee34865095549df221ce62db6d21f2d1a3a3e07756ec8af2e7f136ea0f8e2b0db280210bd1bb26b65a8f428a90cc9e96d7ead8bbf9b241495484048cb887126028861fb99ae2246e313c8b6761e8bcb14105b0f5cb50efb386f7d3c51d7105ee0a158270f1404fa08b", @nested={0xf7, 0xa7, 0x0, 0x1, [@nested={0x4, 0x106}, @typed={0x8, 0x13d, 0x0, 0x0, @u32=0x7ff}, @nested={0x4, 0x37}, @generic="aff715e47e3bde835d8bd8c7555023c0a6f538606d0c8fc108a14df1b76621b9e45d563fa9fc8cd9308a115efb0738beddbe375904562382cd7a48c176fe0a107c2509a3686b301575cee37353797db15ea11cccf7aadc510e8b4760d3f25e904bc3d5a524e1b3a44f9aa7244f6aceb68a924819a2ca8e7ae6e971336a98c719d5ef14b9e1c0f4a2793ae8677c38287320677d0c0a409779cfbcece6bfbe72c38191ba9366a3164db09b9e77e83f7c7dc18ea283d8e7865e31cbd48f919abbb52f2b9fef9b32ab6ca82fc398f30061efb388ac777f76f7d5f25ec1", @typed={0x6, 0xec, 0x0, 0x0, @str='%\x00'}]}]}]}, 0x230}, 0x1, 0x0, 0x0, 0x20000800}, 0x20080000)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ac0), r9)
r12 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000002b40), r1)
sendmsg$auto_NFC_CMD_LLC_SDREQ(r9, &(0x7f0000002c00)={&(0x7f0000002b00)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000002bc0)={&(0x7f0000002b80)={0x3c, r12, 0x8, 0x70bd2a, 0x25dfdbfb, {}, [@NFC_ATTR_COMM_MODE={0x5, 0xa, 0x8}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x80}, @NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x3}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x5}, @NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xd7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r13 = getsockopt$auto(r1, 0x3ff, 0xb, &(0x7f0000002c40)='lo\x00', &(0x7f0000002c80)=0xa81)
mmap$auto(0x912, 0x18860, 0x3, 0x15, r1, 0x7fffffff)
sendmsg$auto_NL80211_CMD_SET_REG(r1, &(0x7f0000002d80)={&(0x7f0000002cc0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000002d40)={&(0x7f0000002d00)={0x24, r10, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_BSS_SHORT_PREAMBLE={0x5, 0x1d, 0x9}, @NL80211_ATTR_TDLS_DIALOG_TOKEN={0x5, 0x89, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x20000000)
clock_gettime$auto(0xa4, &(0x7f0000002dc0)={0x9cbb, 0xce4})
shmctl$auto_IPC_STAT(0x9, 0x2, &(0x7f0000003040)={{0x9, <r14=>0x0, 0x0, 0xffffffff, 0x3, 0x7, 0x5}, 0x9, 0x9, 0x3ff, 0x5, @inferred=r0, @raw=0x6, 0x7ff, 0x0, &(0x7f0000002e40)="029ec663303477a7975bfccacb81b08bb5ba595278080a78ce3114fd7d6719099ca6b60ac8fb7577511c312b2dcbcf4b288cd5d7e007302c1ec37907bc018d51496b8e712b42240469d5cbd25b6357552c049918df2a8a3480beb35add9a65f3c405f24e2539a87e42b9866ae0925d559db163b72fa002d3fc7c1b1084b93e3533cec1e8125d21fcd0f159517c7b985419d6db59ae93519c8757e74d910b36251a5790c61baebd2212c6ef855c28164e3a5c020ec9071a9da0d9851a27533969ff298c1392ee4a0ec1a49228fe1561cfb117b8b65371e5411d8da2733af8e4852b89de0935f9b868799dc83146b0fd8430de7309c0", &(0x7f0000002f40)="bc6c07c23682705b046d2559eaac1035e28927ea254a63bbb54e9b6b0dd061388e177feb75dac10c91316d60a425d657b7c7d57cd18b822c4d74e346cbe79398bb68f5e29a4af18d6eb59008422eff597ca8c75f047cc1e86bdc800238a11fded547e31d8523d21affcc5034a028a391e8742fb3d1020a92f06eda88aeae77bb8fd9e9df46cbedf25d584f1e85450ed9c1b48d942573d378899aebfe3e4d320eef4a211e657d67c7dc2c24f2c50e222e9febf25d1ee31d28dde0816cf450e591cd8d2aef2dbd40331e7f3ca960a2ccef4ee05ba0043e187352024fbfa0cd31a90277"})
sendmsg$auto_NL80211_CMD_START_AP(r13, &(0x7f0000003440)={&(0x7f0000002e00)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000003400)={&(0x7f00000030c0)={0x320, r10, 0x400, 0x70bd28, 0x25dfdbfd, {}, [@NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x5}, @NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x8}, @NL80211_ATTR_REKEY_DATA={0x1f4, 0x7a, 0x0, 0x1, [@nested={0xb3, 0x11e, 0x0, 0x1, [@generic="e7ed93f4e01eebaf8c8d9a377f3ee4413e71e65c0379553556a9d7a032574065e982d4cc47c0a02d702aaab2c07871bce875eba2637de07c6951c4af0308725a7ba099549a7b41deb02c20a2", @generic="c56d57573bb986ddccbcb9b102c4b502d2df0293edf751305899cc466d30041770e890780ff58be1a6b8a64ad25e4eac4f064abc8d05c5336b479f14dccb9d46f1a4c5681fc3c19e69677c6d571f514b7ca89c8b7505e7dd8b3697a92ff49bb1437948"]}, @typed={0x8, 0xbf, 0x0, 0x0, @pid=r0}, @nested={0x122, 0x4d, 0x0, 0x1, [@typed={0x8, 0x1c, 0x0, 0x0, @u32}, @nested={0x4, 0x148}, @generic="2c0b2beb4c43d70a1be9b5739b4d4f6b0536968c1da6bb6715648ac9e2106b18293e37e30a0730014d5d9302e73342bbc67f24f11f19994f9613ba9fbbb869308aed56bd352f8e8c09979da2d34133a809", @nested={0x4, 0x1}, @nested={0x4, 0xd8}, @typed={0x8, 0x125, 0x0, 0x0, @uid=r14}, @generic="5d3e205053f5452674c69652a82b88231ef84e185d86bf966a6b06102aa83bcefaa470fbe57a9f7ccfa1d212f7963a2ee8a81715dd796cf1f2dc5ab7c779e76143593c1c7aa0c3ddbb9f1780dc7e702c1f77f456531af57adf60c69253ced45a935d02ef09403b3125473d996f7192f60eee3954c20eb7a2633b24cb6e02b7eb09a3e4336c19c7753044ade907d35ecfba", @nested={0x4, 0x9e}, @generic="132e9725e550a923ef0cac0a140c119a381be92d27fe8d753af8852e"]}, @typed={0x8, 0x85, 0x0, 0x0, @ipv4=@dev={0xac, 0x14, 0x14, 0x17}}, @typed={0x8, 0x79, 0x0, 0x0, @u32=0xa0000}]}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x7f}, @NL80211_ATTR_MAC={0xe6, 0x6, "f4d900a49febcafb6c24be7c4ea621c337d2fdef2d7af4d143abfa171063683997cfe3a491cc7e5c13285ede51a37aafbe69c61ba8d15d59f1633941f7762afdb33a0300173f5654bbf96630ff395775bcaa0428882e96850458cc29499978fb108f8d60e1e16b5e135279c0049cb6fd8129500b826f18a7910c43515305390666c32febfda738e77ebf0acb76ff1c68d9e664f8f040c94d616f2e29b7058675b0b495a5a7dff41cba87aa14658f3d1acac88301eae334975bb8b465698812ddf1cde441df58028ea45efe9e09edabf17056fee7f1e3bfe4321112106c0142f761ff"}, @NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x40}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_FILS_ERP_RRK={0x9, 0xfc, "454b3980c8"}]}, 0x320}, 0x1, 0x0, 0x0, 0x840}, 0x80)

1.181874887s ago: executing program 2 (id=1274):
r0 = socket(0x2, 0x1, 0x106)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x2c, 0x80003, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_SCAN(r1, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={&(0x7f00000006c0)={0x18, r2, 0xd3ac6c422733a379, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_S1G_CAPABILITY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x48800)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x80040, 0x0)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x55)
r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
ioctl$auto_XFS_IOC_COMMIT_RANGE(r3, 0x40585883, &(0x7f00000001c0)={r4, 0x0, 0x5, 0x8000, 0xfffffffffffff18f, 0x8, [0x63c, 0x10001, 0x4, 0x4, 0x7, 0x5]})
write$auto(r4, 0x0, 0x45c)
r5 = socket(0x2, 0x3, 0xa)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8)
connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
r6 = socket(0x15, 0x5, 0x0)
r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r5)
sendmsg$auto_NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, r7, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_FILS_ERP_RRK={0x19, 0xfc, "4d6e46b02a978203d97214731c004bb2c77ab4b731"}, @NL80211_ATTR_COLOR_CHANGE_COUNT={0x5, 0x12f, 0xf}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x7f}, @NL80211_ATTR_EPCS={0x4}]}, 0x48}, 0x1, 0x0, 0x0, 0x2c40}, 0x1)
getsockopt$auto(r6, 0x114, 0x2721, 0xfffffffffffffffc, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)

1.051939129s ago: executing program 2 (id=1275):
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x6c, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xa}, @NFSD_A_SERVER_SCOPE={0x45, 0x4, '/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_active_count\x00'}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xa3}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xb, 0xb5, 0x10, 0x4, 0x53000000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, r0, 0x5, 0x7, 0x4f4, 0x6}, 0x10)
r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xa901, 0x0)
get_robust_list$auto(0x1, 0x0, 0x0)
ioctl$auto_USBDEVFS_SUBMITURB32(r2, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000000000005"])

800.969484ms ago: executing program 2 (id=1276):
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) (async)
r0 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x36ca, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x8, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) (async)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0x20000000000000d4, 0x1, 0x6, 0x0, 0x7, 0x36ca, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1007fff, 0x0, 0x8, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) (async)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) (async)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) (async)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0)
ioctl$auto(r2, 0x5453, r0)
getrandom$auto(0x0, 0x6000000, 0x3)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
madvise$auto(0x110c230000, 0x1, 0x9) (async)
madvise$auto(0x110c230000, 0x1, 0x9)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0) (async)
r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/pagetypeinfo\x00', 0x43102, 0x0)
futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
write$auto(r4, &(0x7f00000004c0)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
read$auto_proc_iter_file_ops_compat_inode(r3, &(0x7f00000007c0)=""/153, 0x99)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x56b)
mmap$auto(0x0, 0x40009, 0x36, 0x9b72, 0x7, 0x28000)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0) (async)
ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0)
madvise$auto(0x0, 0x2003f0, 0x18)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket(0x10, 0x2, 0xc)
r6 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="4cb245184f86db27df250a000a"], 0xf8}}, 0x10004010) (async)
sendmsg$auto_CTRL_CMD_GETPOLICY(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='q\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="4cb245184f86db27df250a000a"], 0xf8}}, 0x10004010)

765.933921ms ago: executing program 0 (id=1277):
mmap$auto(0x0, 0x60009, 0x8, 0xeb1, 0x401, 0x8000)
r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x2280, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r2 = socket(0x2, 0x2, 0x1)
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_4={0x1f, r2, 0x10000}, 0x10)
bpf$auto(0x3, &(0x7f0000000240)=@bpf_attr_11={0x10001, 0x2545, 0x1, 0x8, 0x1, 0x4, 0xca}, 0x1)
fanotify_init$auto(0x8, 0x10001)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd0/range\x00', 0x62, 0x0)
write$auto(r3, &(0x7f0000000440)='O\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf0F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\xed\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0xb8c5)
r4 = socket(0x2, 0x1, 0x0)
sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000)
r5 = syz_genetlink_get_family_id$auto_nl80211(0x0, r4)
sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="02000006", @ANYRES16=r5, @ANYBLOB="000227bd7000fedbdf251f0000000800350000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8)
sendmsg$auto_NL80211_CMD_LEAVE_IBSS(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f00000005c0)={0x19c, r5, 0x8, 0x70bd25, 0x25dfdbfe, {}, [@NL80211_ATTR_VENDOR_DATA={0xab, 0xc5, "f1445efb809f43cefe8669587692369b4399c728e128596eea387031efdd23a12911f9c13d13bae6d0baa752ec559cff29d4b639cddf20724e7331c7cfb49b8c536f632b9d3c888729d3f5cef215c1c80f84c0f05dc4ded234f2f889bb75c20fb14428e16b1115703090e441ddfaa4d349634d9b3ae6823547440fd4ec18dc9d39d9823c3c594bdeee5588a2fd3b4d799d1b79cc2f1c6ed72f9e642f7411d922b106e392281610"}, @NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0x8}, @NL80211_ATTR_SAE_PASSWORD={0x5c, 0x115, "b8b04deb52a7af374fcd13872548b645d9c73f18bd3f4d9864b7d6ec49e6a64dc9505be48af0a2b236580c417259147b10cd1758d3a3be12a96621620e398b9f403a0dc870477e66179f7038fe94d2e99d37dd72a4c03d06"}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x3}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_WIPHY_TXQ_PARAMS={0x62, 0x25, 0x0, 0x1, [@typed={0x14, 0x25, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast1}}, @typed={0xc, 0xb5, 0x0, 0x0, @u64=0x6}, @generic="8f7d133faab69828f8fd1780fcf77cfe24254011ec750000dff0fe7042ecc497db73", @typed={0x14, 0x31, 0x0, 0x0, @ipv6=@mcast2}, @typed={0x8, 0x76, 0x0, 0x0, @u32=0x9}]}, @NL80211_ATTR_MLO_LINK_ID={0x5, 0x139, 0x1}]}, 0x19c}, 0x1, 0x0, 0x0, 0x8080}, 0x800)
read$auto(r1, 0x0, 0x67)
setresuid$auto(0xffffffffffffffff, 0x8, 0x8000)
ioctl$auto_RNDRESEEDCRNG2(r0, 0x5207, 0x0)

0s ago: executing program 1 (id=1278):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) (async)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x1, 0x0, 0x80000000) (async, rerun: 64)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0) (async, rerun: 64)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) (async)
r0 = socket(0x2b, 0x1, 0x1) (async, rerun: 32)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) (async, rerun: 32)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2)
sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) (async)
madvise$auto(0x0, 0xffffffffffff0004, 0x19) (async)
getcwd$auto(&(0x7f0000000040)='(\xed&\x00', 0xe) (async, rerun: 64)
kill$auto(0x0, 0x21) (async, rerun: 64)
madvise$auto(0x0, 0x200007, 0x8) (async)
madvise$auto(0x0, 0x2003f0, 0x15) (async)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880) (async)
munmap$auto(0x8000, 0xffffffff)
syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0)
sendmsg$auto_NFC_CMD_STOP_POLL(r0, 0x0, 0x44084) (async)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000) (async)
ppoll$auto(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x8)
mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0x2, 0x5)
r1 = socket(0x15, 0x5, 0x0)
getsockopt$auto(r1, 0x114, 0x2712, 0xfffffffffffffffc, 0x0)
sysfs$auto(0x2, 0x10000000000048, 0x0) (async, rerun: 64)
close_range$auto(0x2, 0x8, 0x0) (rerun: 64)

kernel console output (not intermixed with test programs):

[ T6441] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.974963][ T6441] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.564790][ T8772] netlink: 28 bytes leftover after parsing attributes in process `syz.1.589'.
[  231.667537][ T8772] veth0_macvtap: left promiscuous mode
[  232.083146][ T8788] FAULT_INJECTION: forcing a failure.
[  232.083146][ T8788] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  232.114845][ T8788] CPU: 1 UID: 0 PID: 8788 Comm: syz.1.591 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  232.114867][ T8788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  232.114875][ T8788] Call Trace:
[  232.114880][ T8788]  <TASK>
[  232.114886][ T8788]  dump_stack_lvl+0x16c/0x1f0
[  232.114908][ T8788]  should_fail_ex+0x512/0x640
[  232.114930][ T8788]  _copy_from_user+0x2e/0xd0
[  232.114950][ T8788]  memdup_user+0x6b/0xe0
[  232.114967][ T8788]  strndup_user+0x78/0xe0
[  232.114983][ T8788]  __x64_sys_fsopen+0x9c/0x240
[  232.115000][ T8788]  do_syscall_64+0xcd/0x230
[  232.115017][ T8788]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.115030][ T8788] RIP: 0033:0x7f1ba778e969
[  232.115041][ T8788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.115053][ T8788] RSP: 002b:00007f1ba85a2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  232.115067][ T8788] RAX: ffffffffffffffda RBX: 00007f1ba79b5fa0 RCX: 00007f1ba778e969
[  232.115076][ T8788] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  232.115083][ T8788] RBP: 00007f1ba7810ab1 R08: 0000000000000000 R09: 0000000000000000
[  232.115092][ T8788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  232.115099][ T8788] R13: 0000000000000000 R14: 00007f1ba79b5fa0 R15: 00007fff4b9603d8
[  232.115115][ T8788]  </TASK>
[  232.760573][ T8588] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.425171][ T8588] veth0_vlan: entered promiscuous mode
[  234.652927][ T8588] veth1_vlan: entered promiscuous mode
[  234.908195][ T8588] veth0_macvtap: entered promiscuous mode
[  234.948016][ T8588] veth1_macvtap: entered promiscuous mode
[  234.993945][ T8588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.036709][ T8588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.056248][ T8588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.085988][ T8588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.105851][ T8588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  235.129687][ T8588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.172568][ T8588] batman_adv: batadv0: Interface activated: batadv_slave_0
[  235.266932][ T8841] FAULT_INJECTION: forcing a failure.
[  235.266932][ T8841] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  235.319830][ T8841] CPU: 1 UID: 0 PID: 8841 Comm: syz.0.598 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  235.319868][ T8841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  235.319882][ T8841] Call Trace:
[  235.319891][ T8841]  <TASK>
[  235.319900][ T8841]  dump_stack_lvl+0x16c/0x1f0
[  235.319942][ T8841]  should_fail_ex+0x512/0x640
[  235.319980][ T8841]  _copy_from_user+0x2e/0xd0
[  235.320016][ T8841]  io_uring_setup+0xb4/0x1ff0
[  235.320048][ T8841]  ? __pfx_io_uring_setup+0x10/0x10
[  235.320074][ T8841]  ? do_futex+0x122/0x350
[  235.320099][ T8841]  ? __pfx_do_futex+0x10/0x10
[  235.320121][ T8841]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  235.320170][ T8841]  ? rcu_is_watching+0x12/0xc0
[  235.320198][ T8841]  __x64_sys_io_uring_setup+0xc2/0x170
[  235.320228][ T8841]  do_syscall_64+0xcd/0x230
[  235.320258][ T8841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.320282][ T8841] RIP: 0033:0x7ff8b058e969
[  235.320301][ T8841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.320323][ T8841] RSP: 002b:00007ff8b1414038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  235.320346][ T8841] RAX: ffffffffffffffda RBX: 00007ff8b07b6160 RCX: 00007ff8b058e969
[  235.320362][ T8841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[  235.320375][ T8841] RBP: 00007ff8b0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  235.320390][ T8841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  235.320404][ T8841] R13: 0000000000000000 R14: 00007ff8b07b6160 R15: 00007fff4a392a48
[  235.320439][ T8841]  </TASK>
[  235.615235][ T8588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.625891][ T8588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.638670][ T8588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.650044][ T8588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.660175][ T8588] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  235.676920][ T8588] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  235.689741][ T8588] batman_adv: batadv0: Interface activated: batadv_slave_1
[  235.708442][ T8588] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  235.717387][ T8588] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  235.776069][ T8588] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  235.834828][ T8588] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  236.295990][ T6519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.303842][ T6519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  236.420910][ T1108] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  236.457212][ T1108] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.733214][ T8936] netlink: 326 bytes leftover after parsing attributes in process `syz.1.610'.
[  239.341990][ T8951] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  239.924855][ T8970] netlink: 342 bytes leftover after parsing attributes in process `syz.4.616'.
[  240.071590][ T8971] netlink: 206 bytes leftover after parsing attributes in process `syz.4.616'.
[  241.330419][ T9013] netlink: 'syz.0.626': attribute type 16 has an invalid length.
[  241.406131][ T9013] netlink: 306 bytes leftover after parsing attributes in process `syz.0.626'.
[  241.680583][ T9024] cougar: G6 mapped to space
[  243.551778][ T9067] Invalid ELF header magic: != ELF
[  244.371010][ T9077] netlink: zone id is out of range
[  244.400461][ T9077] netlink: zone id is out of range
[  244.405636][ T9077] netlink: zone id is out of range
[  244.456449][ T9077] netlink: zone id is out of range
[  244.461597][ T9077] netlink: zone id is out of range
[  244.550704][ T9077] netlink: zone id is out of range
[  244.560757][ T9077] netlink: zone id is out of range
[  244.579453][ T9077] netlink: zone id is out of range
[  244.596029][ T9077] netlink: zone id is out of range
[  244.614673][ T9077] netlink: zone id is out of range
[  249.752229][ T9215] netlink: 28 bytes leftover after parsing attributes in process `syz.2.662'.
[  250.381290][ T9198] ptrace attach of "./syz-executor exec"[5829] was attempted by "./syz-executor exec"[9198]
[  251.202436][ T9252] HfR: entered promiscuous mode
[  251.333517][ T9252] netlink: 12 bytes leftover after parsing attributes in process `syz.1.668'.
[  251.359296][ T9252] HfR: left promiscuous mode
[  251.414691][ T9257] Invalid ELF header magic: != ELF
[  251.499420][ T9266] ubi0: attaching mtd0
[  251.522419][ T9266] ubi0 error: validate_ec_hdr: bad VID header offset 64, expected 3965
[  251.559916][ T9257] Invalid ELF header magic: != ELF
[  251.565233][ T9266] ubi0 error: validate_ec_hdr: bad EC header
[  251.661337][ T9266] Erase counter header dump:
[  251.676317][ T9266] 	magic          0x55424923
[  251.688687][ T9266] 	version        1
[  251.702690][ T9266] 	ec             1
[  251.715988][ T9266] 	vid_hdr_offset 64
[  251.741070][ T9266] 	data_offset    128
[  251.745111][ T9266] 	image_seq      -447576337
[  251.771213][ T9266] 	hdr_crc        0xdb207ec5
[  251.788772][ T9266] erase counter header hexdump:
[  251.804557][ T9266] CPU: 1 UID: 0 PID: 9266 Comm: syz.1.668 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  251.804590][ T9266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  251.804603][ T9266] Call Trace:
[  251.804611][ T9266]  <TASK>
[  251.804619][ T9266]  dump_stack_lvl+0x16c/0x1f0
[  251.804653][ T9266]  validate_ec_hdr+0x28c/0x330
[  251.804691][ T9266]  ubi_io_read_ec_hdr+0x63b/0x6c0
[  251.804735][ T9266]  ubi_attach+0x5e7/0x4bd0
[  251.804782][ T9266]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  251.804820][ T9266]  ? __pfx_ubi_attach+0x10/0x10
[  251.804846][ T9266]  ? lockdep_init_map_type+0x5c/0x280
[  251.804877][ T9266]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  251.804911][ T9266]  ubi_attach_mtd_dev+0x15a7/0x35d0
[  251.804961][ T9266]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  251.804994][ T9266]  ? __pfx_get_mtd_device+0x10/0x10
[  251.805039][ T9266]  ctrl_cdev_ioctl+0x337/0x3d0
[  251.805072][ T9266]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  251.805117][ T9266]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  251.805154][ T9266]  __x64_sys_ioctl+0x190/0x200
[  251.805194][ T9266]  do_syscall_64+0xcd/0x230
[  251.805227][ T9266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.805251][ T9266] RIP: 0033:0x7f1ba778e969
[  251.805271][ T9266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.805297][ T9266] RSP: 002b:00007f1ba8560038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  251.805320][ T9266] RAX: ffffffffffffffda RBX: 00007f1ba79b6160 RCX: 00007f1ba778e969
[  251.805336][ T9266] RDX: 0000200000000080 RSI: 0000000040186f40 RDI: 000000000000000b
[  251.805358][ T9266] RBP: 00007f1ba7810ab1 R08: 0000000000000000 R09: 0000000000000000
[  251.805372][ T9266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  251.805390][ T9266] R13: 0000000000000000 R14: 00007f1ba79b6160 R15: 00007fff4b9603d8
[  251.805428][ T9266]  </TASK>
[  251.805437][ T9266] ubi0 error: ubi_io_read_ec_hdr: validation failed for PEB 0
[  251.815513][ T9254] HfR: entered promiscuous mode
[  252.161646][ T9266] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  253.620142][ T9301] warn_alloc: 2 callbacks suppressed
[  253.620157][ T9301] syz.0.671: vmalloc error: size 35651584, failed to allocated page array size 69632, mode:0xc22(GFP_ATOMIC|__GFP_HIGHMEM|__GFP_DIRECT_RECLAIM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  253.646256][ T9301] CPU: 0 UID: 0 PID: 9301 Comm: syz.0.671 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  253.646286][ T9301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  253.646294][ T9301] Call Trace:
[  253.646300][ T9301]  <TASK>
[  253.646306][ T9301]  dump_stack_lvl+0x16c/0x1f0
[  253.646328][ T9301]  warn_alloc+0x248/0x3a0
[  253.646345][ T9301]  ? __pfx_warn_alloc+0x10/0x10
[  253.646364][ T9301]  ? __get_vm_area_node+0x1b9/0x300
[  253.646384][ T9301]  ? __get_vm_area_node+0x1e5/0x300
[  253.646406][ T9301]  __vmalloc_node_range_noprof+0x1110/0x1540
[  253.646432][ T9301]  ? ctl_ioctl+0x814/0xd70
[  253.646454][ T9301]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  253.646480][ T9301]  __kvmalloc_node_noprof+0x2ff/0x600
[  253.646494][ T9301]  ? ctl_ioctl+0x814/0xd70
[  253.646512][ T9301]  ? ctl_ioctl+0x814/0xd70
[  253.646531][ T9301]  ? ctl_ioctl+0x814/0xd70
[  253.646548][ T9301]  ctl_ioctl+0x814/0xd70
[  253.646565][ T9301]  ? __pfx_dev_rename+0x10/0x10
[  253.646583][ T9301]  ? __pfx_ctl_ioctl+0x10/0x10
[  253.646618][ T9301]  ? __fget_files+0x20e/0x3c0
[  253.646640][ T9301]  dm_ctl_ioctl+0x22/0x30
[  253.646657][ T9301]  ? __pfx_dm_ctl_ioctl+0x10/0x10
[  253.646674][ T9301]  __x64_sys_ioctl+0x190/0x200
[  253.646692][ T9301]  do_syscall_64+0xcd/0x230
[  253.646709][ T9301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.646722][ T9301] RIP: 0033:0x7ff8b058e969
[  253.646734][ T9301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.646747][ T9301] RSP: 002b:00007ff8b13f3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  253.646760][ T9301] RAX: ffffffffffffffda RBX: 00007ff8b07b6240 RCX: 00007ff8b058e969
[  253.646769][ T9301] RDX: 00002000000001c0 RSI: fffffff7effffd05 RDI: 0000000000000005
[  253.646777][ T9301] RBP: 00007ff8b0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  253.646784][ T9301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  253.646791][ T9301] R13: 0000000000000000 R14: 00007ff8b07b6240 R15: 00007fff4a392a48
[  253.646808][ T9301]  </TASK>
[  253.646813][ T9301] Mem-Info:
[  254.243819][ T9301] active_anon:55084 inactive_anon:1 isolated_anon:0
[  254.243819][ T9301]  active_file:17545 inactive_file:39235 isolated_file:0
[  254.243819][ T9301]  unevictable:768 dirty:753 writeback:0
[  254.243819][ T9301]  slab_reclaimable:10374 slab_unreclaimable:97619
[  254.243819][ T9301]  mapped:41926 shmem:41610 pagetables:1218
[  254.243819][ T9301]  sec_pagetables:0 bounce:0
[  254.243819][ T9301]  kernel_misc_reclaimable:0
[  254.243819][ T9301]  free:1287555 free_pcp:1698 free_cma:0
[  254.407360][ T9325] : renamed from gre0 (while UP)
[  254.455609][ T9301] Node 0 active_anon:226736kB inactive_anon:4kB active_file:70180kB inactive_file:156868kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:173704kB dirty:3012kB writeback:0kB shmem:171204kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11968kB pagetables:5272kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  254.523296][ T9301] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  254.563984][ T9301] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  254.642988][ T9301] lowmem_reserve[]: 0 2484 2486 2486 2486
[  254.712743][ T9301] Node 0 DMA32 free:1208604kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:231988kB inactive_anon:4kB active_file:70180kB inactive_file:155052kB unevictable:1536kB writepending:3112kB present:3129332kB managed:2544212kB mlocked:0kB bounce:0kB free_pcp:2952kB local_pcp:2320kB free_cma:0kB
[  254.844755][ T9301] lowmem_reserve[]: 0 0 1 1 1
[  254.862200][ T9301] Node 0 Normal free:28kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1816kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB
[  254.976666][ T9301] lowmem_reserve[]: 0 0 0 0 0
[  255.063190][ T9301] Node 1 Normal free:3908332kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:4192kB local_pcp:0kB free_cma:0kB
[  255.400174][ T9301] lowmem_reserve[]: 0 0 0 0 0
[  255.446827][ T9301] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  255.482677][ T9301] Node 0 DMA32: 16*4kB (E) 28*8kB (ME) 111*16kB (UE) 11*32kB (ME) 3*64kB (ME) 4*128kB (UME) 44*256kB (UME) 99*512kB (UE) 75*1024kB (UME) 8*2048kB (UE) 247*4096kB (UM) = 1169968kB
[  255.638020][ T9301] Node 0 Normal: 1*4kB (M) 1*8kB (M) 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28kB
[  255.809268][ T9301] Node 1 Normal: 203*4kB (UME) 54*8kB (UME) 37*16kB (UME) 196*32kB (UME) 101*64kB (UME) 30*128kB (UME) 17*256kB (UM) 9*512kB (UM) 4*1024kB (UME) 5*2048kB (UME) 944*4096kB (M) = 3908332kB
[  255.870837][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  255.881066][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  255.881073][ T9301] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  255.881097][ T9301] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  256.051699][ T9301] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  256.066058][ T9301] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  256.075475][ T9301] 111669 total pagecache pages
[  256.081742][ T9301] 7 pages in swap cache
[  256.124221][ T9301] Free swap  = 124964kB
[  256.172123][ T9301] Total swap = 124996kB
[  256.222635][ T9301] 2097051 pages RAM
[  256.265452][ T9301] 0 pages HighMem/MovableOnly
[  256.318097][ T9301] 428892 pages reserved
[  256.369449][ T9301] 0 pages cma reserved
[  259.225315][ T9427] netlink: 330 bytes leftover after parsing attributes in process `syz.2.690'.
[  261.432733][   T30] audit: type=1800 audit(4294969518.631:7): pid=9485 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.697" name="members" dev="configfs" ino=23935 res=0 errno=0
[  263.212844][ T9520] FAULT_INJECTION: forcing a failure.
[  263.212844][ T9520] name failslab, interval 1, probability 0, space 0, times 0
[  263.226230][ T9520] CPU: 0 UID: 0 PID: 9520 Comm: syz.2.705 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  263.226265][ T9520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  263.226279][ T9520] Call Trace:
[  263.226287][ T9520]  <TASK>
[  263.226296][ T9520]  dump_stack_lvl+0x16c/0x1f0
[  263.226330][ T9520]  should_fail_ex+0x512/0x640
[  263.226360][ T9520]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  263.226386][ T9520]  should_failslab+0xc2/0x120
[  263.226412][ T9520]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  263.226438][ T9520]  ? radix_tree_node_alloc.constprop.0+0x7c/0x350
[  263.226468][ T9520]  radix_tree_node_alloc.constprop.0+0x7c/0x350
[  263.226500][ T9520]  idr_get_free+0x528/0xa30
[  263.226540][ T9520]  idr_alloc_u32+0x190/0x2f0
[  263.226573][ T9520]  ? __pfx_idr_alloc_u32+0x10/0x10
[  263.226604][ T9520]  ? __pfx___mutex_lock+0x10/0x10
[  263.226641][ T9520]  idr_alloc+0xc0/0x130
[  263.226665][ T9520]  ? __pfx_idr_alloc+0x10/0x10
[  263.226692][ T9520]  ? __radix_tree_lookup+0x21f/0x2c0
[  263.226725][ T9520]  ppp_dev_configure+0x905/0xc80
[  263.226762][ T9520]  ppp_ioctl+0x17e0/0x2660
[  263.226792][ T9520]  ? find_held_lock+0x2b/0x80
[  263.226814][ T9520]  ? __pfx_ppp_ioctl+0x10/0x10
[  263.226860][ T9520]  ? __fget_files+0x20e/0x3c0
[  263.226898][ T9520]  ? __pfx_ppp_ioctl+0x10/0x10
[  263.226926][ T9520]  __x64_sys_ioctl+0x190/0x200
[  263.226958][ T9520]  do_syscall_64+0xcd/0x230
[  263.226988][ T9520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  263.227012][ T9520] RIP: 0033:0x7f66f2f8e969
[  263.227032][ T9520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  263.227055][ T9520] RSP: 002b:00007f66f3d96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  263.227078][ T9520] RAX: ffffffffffffffda RBX: 00007f66f31b5fa0 RCX: 00007f66f2f8e969
[  263.227095][ T9520] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000004
[  263.227110][ T9520] RBP: 00007f66f3010ab1 R08: 0000000000000000 R09: 0000000000000000
[  263.227125][ T9520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  263.227139][ T9520] R13: 0000000000000000 R14: 00007f66f31b5fa0 R15: 00007fffc04da3f8
[  263.227174][ T9520]  </TASK>
[  263.453265][    C0] vkms_vblank_simulate: vblank timer overrun
[  263.635055][ T5842] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260
[  263.635094][ T5842] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260
[  263.655445][ T5842] Bluetooth: hci0: Unknown advertising packet type: 0x7f
[  263.655503][ T5842] Bluetooth: hci0: Malformed LE Event: 0x0d
[  263.815701][   T10] smpboot: CPU 1 is now offline
[  264.426194][ T9552] netlink: 20 bytes leftover after parsing attributes in process `syz.1.711'.
[  264.620300][ T9552] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  264.694583][ T9552] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  265.171817][ T9566] aoe: could not set interface list: too many interfaces
[  265.248703][ T9566] FAULT_INJECTION: forcing a failure.
[  265.248703][ T9566] name failslab, interval 1, probability 0, space 0, times 0
[  265.362756][ T9566] CPU: 0 UID: 0 PID: 9566 Comm: syz.4.715 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  265.362779][ T9566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  265.362788][ T9566] Call Trace:
[  265.362793][ T9566]  <TASK>
[  265.362799][ T9566]  dump_stack_lvl+0x16c/0x1f0
[  265.362820][ T9566]  should_fail_ex+0x512/0x640
[  265.362838][ T9566]  ? __kmalloc_noprof+0xbf/0x510
[  265.362855][ T9566]  ? constrain_params_by_rules+0x175/0xca0
[  265.362871][ T9566]  should_failslab+0xc2/0x120
[  265.362887][ T9566]  __kmalloc_noprof+0xd2/0x510
[  265.362903][ T9566]  ? do_raw_spin_lock+0x12c/0x2b0
[  265.362923][ T9566]  constrain_params_by_rules+0x175/0xca0
[  265.362940][ T9566]  ? mark_held_locks+0x49/0x80
[  265.362956][ T9566]  ? lockdep_hardirqs_on+0x7c/0x110
[  265.362972][ T9566]  ? stack_depot_save_flags+0x3e6/0xa50
[  265.362991][ T9566]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  265.363011][ T9566]  ? __kasan_kmalloc+0xaa/0xb0
[  265.363023][ T9566]  ? snd_pcm_oss_change_params_locked+0x247/0x3b40
[  265.363039][ T9566]  ? snd_pcm_oss_get_active_substream+0x168/0x1d0
[  265.363055][ T9566]  ? snd_pcm_oss_get_formats+0x7e/0x340
[  265.363076][ T9566]  ? rcu_is_watching+0x12/0xc0
[  265.363087][ T9566]  ? snd_interval_refine+0x2fa/0x580
[  265.363109][ T9566]  snd_pcm_hw_refine+0x7de/0xad0
[  265.363129][ T9566]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  265.363151][ T9566]  ? __asan_memset+0x23/0x50
[  265.363169][ T9566]  ? _snd_pcm_hw_param_min+0x259/0x630
[  265.363188][ T9566]  snd_pcm_oss_change_params_locked+0x65e/0x3b40
[  265.363207][ T9566]  ? rcu_is_watching+0x12/0xc0
[  265.363221][ T9566]  ? lockdep_hardirqs_on+0x7c/0x110
[  265.363237][ T9566]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  265.363255][ T9566]  ? __pfx___mutex_lock+0x10/0x10
[  265.363269][ T9566]  ? tomoyo_path_number_perm+0x295/0x580
[  265.363296][ T9566]  snd_pcm_oss_get_active_substream+0x168/0x1d0
[  265.363316][ T9566]  snd_pcm_oss_get_formats+0x7e/0x340
[  265.363331][ T9566]  ? find_held_lock+0x2b/0x80
[  265.363343][ T9566]  ? __pfx_snd_pcm_oss_get_formats+0x10/0x10
[  265.363358][ T9566]  ? __might_fault+0x13b/0x190
[  265.363378][ T9566]  snd_pcm_oss_ioctl+0x2efb/0x37a0
[  265.363394][ T9566]  ? find_held_lock+0x2b/0x80
[  265.363406][ T9566]  ? hook_file_ioctl_common+0x145/0x410
[  265.363420][ T9566]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  265.363438][ T9566]  ? __fget_files+0x20e/0x3c0
[  265.363460][ T9566]  ? __pfx_snd_pcm_oss_ioctl+0x10/0x10
[  265.363477][ T9566]  __x64_sys_ioctl+0x190/0x200
[  265.363496][ T9566]  do_syscall_64+0xcd/0x230
[  265.363513][ T9566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.363526][ T9566] RIP: 0033:0x7f5bdc78e969
[  265.363538][ T9566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.363551][ T9566] RSP: 002b:00007f5bdd5ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  265.363566][ T9566] RAX: ffffffffffffffda RBX: 00007f5bdc9b5fa0 RCX: 00007f5bdc78e969
[  265.363575][ T9566] RDX: 0000000000000000 RSI: 00000000c0045005 RDI: 0000000000000006
[  265.363584][ T9566] RBP: 00007f5bdc810ab1 R08: 0000000000000000 R09: 0000000000000000
[  265.363593][ T9566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  265.363601][ T9566] R13: 0000000000000000 R14: 00007f5bdc9b5fa0 R15: 00007ffeab6aec78
[  265.363649][ T9566]  </TASK>
[  265.690477][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.101842][ T9626] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock
[  268.711660][ T9641] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888079c16ee0 pfn:0x79c16
[  268.767523][ T9641] memcg:ffff8880337f4682
[  268.776736][ T9641] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  268.794111][ T9641] page_type: f2(table)
[  268.804214][ T9641] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  268.833493][ T9641] raw: ffff888079c16ee0 ffff888033cde8a0 00000001f2000000 ffff8880337f4682
[  268.847889][ T9641] page dumped because: unmovable page
[  268.864733][ T9641] page_owner tracks the page as allocated
[  269.079974][ T9641] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 5829, tgid 5829 (syz-executor), ts 268645845002, free_ts 268614491164
[  269.586025][ T9641]  post_alloc_hook+0x181/0x1b0
[  269.590823][ T9641]  get_page_from_freelist+0x135c/0x3920
[  269.636134][ T9641]  __alloc_frozen_pages_noprof+0x263/0x23a0
[  269.669257][ T9641]  alloc_pages_mpol+0x1fb/0x550
[  269.674148][ T9641]  alloc_pages_noprof+0x131/0x390
[  269.706623][ T9641]  pte_alloc_one+0x19/0x380
[  269.711170][ T9641]  __pte_alloc+0x6d/0x3c0
[  269.715499][ T9641]  copy_page_range+0x3a29/0x5fe0
[  269.743233][ T9641]  copy_process+0x862b/0x91a0
[  269.756741][ T9641]  kernel_clone+0xfc/0x960
[  269.771374][ T9641]  __do_sys_clone+0xce/0x120
[  269.791794][ T9641]  do_syscall_64+0xcd/0x230
[  269.804537][ T9641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.818777][ T9641] page last free pid 976 tgid 976 stack trace:
[  269.832447][ T9641]  __free_frozen_pages+0x69d/0xff0
[  269.849157][ T9641]  kasan_depopulate_vmalloc_pte+0x63/0x80
[  269.862483][ T9641]  __apply_to_page_range+0x617/0xd60
[  269.875099][ T9641]  kasan_release_vmalloc+0xd1/0xe0
[  269.891402][ T9641]  purge_vmap_node+0x1cb/0xa70
[  269.902660][ T9641]  __purge_vmap_area_lazy+0x9d1/0xc90
[  269.914864][ T9641]  drain_vmap_area_work+0x27/0x40
[  269.924958][ T9641]  process_one_work+0x9cc/0x1b70
[  269.935209][ T9641]  worker_thread+0x6c8/0xf10
[  269.955434][ T9641]  kthread+0x3c2/0x780
[  269.970878][ T9641]  ret_from_fork+0x45/0x80
[  269.990021][ T9641]  ret_from_fork_asm+0x1a/0x30
[  270.179816][ T9657] nvme_fcloop: unknown parameter or missing value '7'
[  272.678924][ T9711] kAFS: Invalid Command on /proc/fs/afs/cells file
[  273.093656][ T9729] netlink: 'syz.4.755': attribute type 1 has an invalid length.
[  276.289447][ T9788] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  276.301365][ T9788] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  276.314106][ T9788] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  276.723049][ T9788] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  276.780303][ T9788] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  276.794216][ T9788] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  277.947750][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout
[  278.342227][ T9788] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  278.350135][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout
[  278.746189][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout
[  278.826592][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout
[  278.872475][ T9830] ubi0: attaching mtd0
[  278.889106][ T9830] ubi0 error: validate_ec_hdr: bad VID header offset 64, expected 3965
[  278.943830][ T9834] netlink: 326 bytes leftover after parsing attributes in process `syz.4.778'.
[  279.008706][ T9830] ubi0 error: validate_ec_hdr: bad EC header
[  279.054140][ T9830] Erase counter header dump:
[  279.106299][ T9834] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  279.186363][ T9830] 	magic          0x55424923
[  279.226224][ T9830] 	version        1
[  279.249642][ T9830] 	ec             1
[  279.288009][ T9834] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.296165][ T9834] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.387605][ T9830] 	vid_hdr_offset 64
[  279.410489][ T9830] 	data_offset    128
[  279.422806][ T9830] 	image_seq      -447576337
[  279.448601][ T9830] 	hdr_crc        0xdb207ec5
[  279.474361][ T9830] erase counter header hexdump:
[  279.524673][ T9830] CPU: 0 UID: 0 PID: 9830 Comm: syz.4.778 Not tainted 6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  279.524691][ T9830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  279.524699][ T9830] Call Trace:
[  279.524704][ T9830]  <TASK>
[  279.524710][ T9830]  dump_stack_lvl+0x16c/0x1f0
[  279.524730][ T9830]  validate_ec_hdr+0x28c/0x330
[  279.524751][ T9830]  ubi_io_read_ec_hdr+0x63b/0x6c0
[  279.524771][ T9830]  ubi_attach+0x5e7/0x4bd0
[  279.524793][ T9830]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  279.524816][ T9830]  ? __pfx_ubi_attach+0x10/0x10
[  279.524830][ T9830]  ? lockdep_init_map_type+0x5c/0x280
[  279.524848][ T9830]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  279.524866][ T9830]  ubi_attach_mtd_dev+0x15a7/0x35d0
[  279.524888][ T9830]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  279.524902][ T9830]  ? __pfx_get_mtd_device+0x10/0x10
[  279.524925][ T9830]  ctrl_cdev_ioctl+0x337/0x3d0
[  279.524940][ T9830]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  279.524959][ T9830]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  279.524975][ T9830]  __x64_sys_ioctl+0x190/0x200
[  279.524994][ T9830]  do_syscall_64+0xcd/0x230
[  279.525011][ T9830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.525024][ T9830] RIP: 0033:0x7f5bdc78e969
[  279.525035][ T9830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.525056][ T9830] RSP: 002b:00007f5bdd5ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  279.525070][ T9830] RAX: ffffffffffffffda RBX: 00007f5bdc9b5fa0 RCX: 00007f5bdc78e969
[  279.525080][ T9830] RDX: 0000200000000080 RSI: 0000000040186f40 RDI: 0000000000000004
[  279.525088][ T9830] RBP: 00007f5bdc810ab1 R08: 0000000000000000 R09: 0000000000000000
[  279.525096][ T9830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  279.525104][ T9830] R13: 0000000000000000 R14: 00007f5bdc9b5fa0 R15: 00007ffeab6aec78
[  279.525122][ T9830]  </TASK>
[  279.525128][ T9830] ubi0 error: ubi_io_read_ec_hdr: validation failed for PEB 0
[  280.137456][ T9859] kernel read not supported for file /set_event_notrace_pid (pid: 9859 comm: syz.1.783)
[  280.203267][   T30] audit: type=1800 audit(4294969537.361:8): pid=9859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.783" name="set_event_notrace_pid" dev="tracefs" ino=26 res=0 errno=0
[  280.433826][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout
[  280.906083][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout
[  281.043991][ T9830] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  282.099034][ T9901] net_ratelimit: 75 callbacks suppressed
[  282.099050][ T9901] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  282.430085][ T9908] kAFS: Invalid Command on /proc/fs/afs/cells file
[  282.986064][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout
[  287.560945][ T9972] netlink: zone id is out of range
[  287.597483][ T9972] netlink: zone id is out of range
[  287.635425][ T9972] netlink: zone id is out of range
[  287.666543][ T9976] netlink: 'syz.2.802': attribute type 1 has an invalid length.
[  287.720922][ T9972] netlink: zone id is out of range
[  287.776191][ T9972] netlink: zone id is out of range
[  287.813455][ T9972] netlink: zone id is out of range
[  287.873438][ T9972] netlink: zone id is out of range
[  287.940228][ T9972] netlink: zone id is out of range
[  287.986143][ T9972] netlink: zone id is out of range
[  287.991280][ T9972] netlink: zone id is out of range
[  288.078035][ T9976] can0: slcan on pty215.
[  288.261885][ T9971] can0 (unregistered): slcan off pty215.
[  288.605731][ T9994] ima: policy update failed
[  288.622486][   T30] audit: type=1802 audit(4294969545.821:9): pid=9994 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.804" res=0 errno=0
[  289.521798][T10013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.809'.
[  290.259999][T10035] sctp: [Deprecated]: syz.1.813 (pid 10035) Use of int in maxseg socket option.
[  290.259999][T10035] Use struct sctp_assoc_value instead
[  293.551865][T10064] warn_alloc: 1 callbacks suppressed
[  293.551879][T10064] syz.1.821: vmalloc error: size 1732608, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1
		
	

	



			




























































	




	



















	


























	
	

	








	







	






		









	

	
		
			
			


	

	
		

	


		

		
	
		
	

	



			








	










	




	
	



	


	







	




	





		









	
	
	
	



			
			
	
	
		



	


	








	
	




	
	
	

			
			
	

		
		
		


	







	



	
	
	

			
			
	

		
		
		


	







	


	

	
		

			
	
	
	
	

			
			
		






			
	
	
	
	

			
			
		






			
	
	
	
	

			
			
		






			
	
	
	
	

			
			
		















	
	
	


	
	
	
	
	
	
	
	
	
	
	


	
	
	










	
	
	
	
	
	
	
	
	
	
	





	





	





	





	






	











	








		


	



	
		

	


	
	

		
	
		
	

	



			








	

	
	


	




		

		

			



	






	
	


	






	




	




		








		




	
				
	
	



	

	
	

	
	
	

	

	
	






	

	
		
	
	
		
	
		
	
	


		

	



	
	

	

		
	

	



			








	

		

	





	


		

	


	



	


	
	
	
	
	






	




	





		









			

	
	
	
		


	


	

	
		
	
				
	
		

	
	




	
			
		
	

		
	

	

	



			























	





	
	
	
	


	
	
	
	
	






	




	




		







	
	

	
	
	

	

	
	






	
	
		
	
		
	


		

	



		
	

	

	



			








	

		

	





	


		

	


	



	


	
	
	
	
	






	







	







		









			

	
	
	

	
	
	
	



			
			
	
	
		



	


	








	
	




				

		
		

	
	
	

			
			
	

		
		
		


	







	



	
	
	

			
			
	

		
		
		


	







	



			
	
	
	
	

			
			
		




		


	




			
	
	
	
	

			
			
		






			
	
	
	
	

			
			
		






			
	
	
	
	

			
			
		















	
	
	


	
	
	
	
	
	
	
	
	
	
	


	
	











	
	
	
	
	
	
	
	
	
	
	





	





	





	





	






	











	






	

	
		
	
	
	
	
	
	

	


	
			

	
		

	


		

		
	
		
	

	

	



			








	



	








	






	




	





		









	

	
	

	
	

	
	

	

	
		

	


		

		
	
		
	

	

	



			








	











	




	





		








	

	
		
	

	
	

	
	

	
	

	

	
		

	


		

		
	
		
	

	

	



			








	




		
		
	


	
	


	




	
	

	

	




	








	






	




	




		







	
	

	


	
				
	
	



	
		
	

	
		
	

	
		
	

	
	
	

	

	
	






	
	
		
	
		
	


		

	



		
	

	

	



			








	

		

	





	


		

	


	



	


	
	
	
	
	






	







	







		









			

	
	
	
		


	


	
				
	
		
	
		
	
	
		
	



	
				
	
		









	

	

	
		
[  335.090001][T10779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.971'.
[  335.922379][T10794] netlink: 4 bytes leftover after parsing attributes in process `syz.2.976'.
[  336.194145][T10805] [U] 
[  336.197510][T10805] [U] 
[  336.200470][T10805] [U] 
[  336.203406][T10805] [U] 
[  336.260366][T10805] [U] 
[  336.263353][T10805] [U] 
[  336.266292][T10805] [U] 
[  336.269234][T10805] [U] 
[  336.330749][T10811] [U] 
[  338.505813][T10852] WARNING! power/level is deprecated; use power/control instead
[  338.822907][T10855] Invalid ELF header magic: != ELF
[  340.414934][T10891] FAULT_INJECTION: forcing a failure.
[  340.414934][T10891] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  340.514312][T10891] CPU: 0 UID: 0 PID: 10891 Comm: syz.1.993 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  340.514337][T10891] Tainted: [U]=USER
[  340.514342][T10891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  340.514349][T10891] Call Trace:
[  340.514354][T10891]  <TASK>
[  340.514359][T10891]  dump_stack_lvl+0x16c/0x1f0
[  340.514380][T10891]  should_fail_ex+0x512/0x640
[  340.514401][T10891]  _copy_from_user+0x2e/0xd0
[  340.514421][T10891]  copy_msghdr_from_user+0x98/0x160
[  340.514434][T10891]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  340.514457][T10891]  ? kfree+0x252/0x4d0
[  340.514475][T10891]  ? __lock_acquire+0x5ca/0x1ba0
[  340.514495][T10891]  ___sys_recvmsg+0xdb/0x1a0
[  340.514513][T10891]  ? __pfx____sys_recvmsg+0x10/0x10
[  340.514535][T10891]  ? __pfx___might_resched+0x10/0x10
[  340.514553][T10891]  do_recvmmsg+0x2fe/0x740
[  340.514568][T10891]  ? __pfx_do_recvmmsg+0x10/0x10
[  340.514583][T10891]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  340.514605][T10891]  ? __fget_files+0x20e/0x3c0
[  340.514628][T10891]  __x64_sys_recvmmsg+0x22a/0x280
[  340.514642][T10891]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  340.514653][T10891]  ? rcu_is_watching+0x12/0xc0
[  340.514673][T10891]  do_syscall_64+0xcd/0x230
[  340.514690][T10891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.514703][T10891] RIP: 0033:0x7f1ba778e969
[  340.514715][T10891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.514727][T10891] RSP: 002b:00007f1ba85a2038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  340.514741][T10891] RAX: ffffffffffffffda RBX: 00007f1ba79b5fa0 RCX: 00007f1ba778e969
[  340.514750][T10891] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  340.514757][T10891] RBP: 00007f1ba85a2090 R08: 0000000000000000 R09: 0000000000000000
[  340.514765][T10891] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[  340.514772][T10891] R13: 0000000000000000 R14: 00007f1ba79b5fa0 R15: 00007fff4b9603d8
[  340.514788][T10891]  </TASK>
[  340.776979][T10872] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  340.783647][T10872] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  340.790282][T10872] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  340.796900][T10872] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  341.054639][    C0] vcan0: j1939_tp_txtimer: 0xffff888035465c00: tx aborted with unknown reason: -2
[  341.425146][T10906] syz.1.995 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  341.565785][    C0] vcan0: j1939_tp_rxtimer: 0xffff888035465c00: abort rx timeout. Force session deactivation
[  341.653385][T10908] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  341.693966][T10906] snd_dummy snd_dummy.0: control 16781581:65533:2:�'x?F���/��zF˷fC���:0 is already present
[  341.826031][T10908] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  342.304457][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807af4f800: rx timeout, send abort
[  342.511577][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout
[  342.569207][T10931] ubi0: attaching mtd0
[  342.602899][T10931] ubi0 error: validate_ec_hdr: bad VID header offset 64, expected 3965
[  342.658410][T10931] ubi0 error: validate_ec_hdr: bad EC header
[  342.697832][T10931] Erase counter header dump:
[  342.720569][T10931] 	magic          0x55424923
[  342.753368][T10931] 	version        1
[  342.775205][T10931] 	ec             1
[  342.785152][T10931] 	vid_hdr_offset 64
[  342.796621][T10931] 	data_offset    128
[  342.808062][T10931] 	image_seq      -447576337
[  342.813870][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807af4f800: abort rx timeout. Force session deactivation
[  342.832385][T10931] 	hdr_crc        0xdb207ec5
[  342.843594][T10931] erase counter header hexdump:
[  342.872589][T10931] CPU: 0 UID: 0 PID: 10931 Comm: syz.0.1002 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  342.872610][T10931] Tainted: [U]=USER
[  342.872615][T10931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  342.872623][T10931] Call Trace:
[  342.872629][T10931]  <TASK>
[  342.872635][T10931]  dump_stack_lvl+0x16c/0x1f0
[  342.872656][T10931]  validate_ec_hdr+0x28c/0x330
[  342.872679][T10931]  ubi_io_read_ec_hdr+0x63b/0x6c0
[  342.872702][T10931]  ubi_attach+0x5e7/0x4bd0
[  342.872725][T10931]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  342.872750][T10931]  ? __pfx_ubi_attach+0x10/0x10
[  342.872766][T10931]  ? lockdep_init_map_type+0x5c/0x280
[  342.872785][T10931]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  342.872805][T10931]  ubi_attach_mtd_dev+0x15a7/0x35d0
[  342.872828][T10931]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  342.872843][T10931]  ? __pfx_get_mtd_device+0x10/0x10
[  342.872868][T10931]  ctrl_cdev_ioctl+0x337/0x3d0
[  342.872884][T10931]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  342.872904][T10931]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  342.872920][T10931]  __x64_sys_ioctl+0x190/0x200
[  342.872941][T10931]  do_syscall_64+0xcd/0x230
[  342.872959][T10931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.872976][T10931] RIP: 0033:0x7ff8b058e969
[  342.872988][T10931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  342.873002][T10931] RSP: 002b:00007ff8b1456038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  342.873016][T10931] RAX: ffffffffffffffda RBX: 00007ff8b07b5fa0 RCX: 00007ff8b058e969
[  342.873026][T10931] RDX: 0000200000000080 RSI: 0000000040186f40 RDI: 0000000000000003
[  342.873036][T10931] RBP: 00007ff8b0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  342.873044][T10931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  342.873052][T10931] R13: 0000000000000000 R14: 00007ff8b07b5fa0 R15: 00007fff4a392a48
[  342.873070][T10931]  </TASK>
[  342.873075][T10931] ubi0 error: ubi_io_read_ec_hdr: validation failed for PEB 1
[  343.041301][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.197201][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout
[  343.204212][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout
[  343.211214][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout
[  343.354448][T10942] FAULT_INJECTION: forcing a failure.
[  343.354448][T10942] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  343.416964][T10942] CPU: 0 UID: 0 PID: 10942 Comm: syz.2.1005 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  343.416989][T10942] Tainted: [U]=USER
[  343.416994][T10942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  343.417002][T10942] Call Trace:
[  343.417006][T10942]  <TASK>
[  343.417011][T10942]  dump_stack_lvl+0x16c/0x1f0
[  343.417032][T10942]  should_fail_ex+0x512/0x640
[  343.417053][T10942]  _copy_from_user+0x2e/0xd0
[  343.417073][T10942]  copy_msghdr_from_user+0x98/0x160
[  343.417086][T10942]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  343.417109][T10942]  ? kfree+0x252/0x4d0
[  343.417128][T10942]  ? __lock_acquire+0x5ca/0x1ba0
[  343.417147][T10942]  ___sys_recvmsg+0xdb/0x1a0
[  343.417159][T10942]  ? __pfx____sys_recvmsg+0x10/0x10
[  343.417187][T10942]  ? __pfx___might_resched+0x10/0x10
[  343.417204][T10942]  do_recvmmsg+0x2fe/0x740
[  343.417219][T10942]  ? __pfx_do_recvmmsg+0x10/0x10
[  343.417234][T10942]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  343.417256][T10942]  ? __fget_files+0x20e/0x3c0
[  343.417280][T10942]  __x64_sys_recvmmsg+0x22a/0x280
[  343.417294][T10942]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  343.417306][T10942]  ? rcu_is_watching+0x12/0xc0
[  343.417322][T10942]  do_syscall_64+0xcd/0x230
[  343.417339][T10942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.417353][T10942] RIP: 0033:0x7f66f2f8e969
[  343.417364][T10942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.417377][T10942] RSP: 002b:00007f66f3d96038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  343.417390][T10942] RAX: ffffffffffffffda RBX: 00007f66f31b5fa0 RCX: 00007f66f2f8e969
[  343.417399][T10942] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  343.417406][T10942] RBP: 00007f66f3d96090 R08: 0000000000000000 R09: 0000000000000000
[  343.417414][T10942] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[  343.417421][T10942] R13: 0000000000000000 R14: 00007f66f31b5fa0 R15: 00007fffc04da3f8
[  343.417438][T10942]  </TASK>
[  343.648593][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.069529][T10931] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  345.849022][T10990] FAULT_INJECTION: forcing a failure.
[  345.849022][T10990] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  345.922295][T10990] CPU: 0 UID: 0 PID: 10990 Comm: syz.4.1015 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  345.922324][T10990] Tainted: [U]=USER
[  345.922329][T10990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  345.922336][T10990] Call Trace:
[  345.922341][T10990]  <TASK>
[  345.922346][T10990]  dump_stack_lvl+0x16c/0x1f0
[  345.922366][T10990]  should_fail_ex+0x512/0x640
[  345.922387][T10990]  _copy_from_user+0x2e/0xd0
[  345.922406][T10990]  copy_msghdr_from_user+0x98/0x160
[  345.922420][T10990]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  345.922442][T10990]  ? kfree+0x252/0x4d0
[  345.922461][T10990]  ? __lock_acquire+0x5ca/0x1ba0
[  345.922481][T10990]  ___sys_recvmsg+0xdb/0x1a0
[  345.922493][T10990]  ? __pfx____sys_recvmsg+0x10/0x10
[  345.922514][T10990]  ? __pfx___might_resched+0x10/0x10
[  345.922532][T10990]  do_recvmmsg+0x2fe/0x740
[  345.922546][T10990]  ? __pfx_do_recvmmsg+0x10/0x10
[  345.922562][T10990]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  345.922584][T10990]  ? __fget_files+0x20e/0x3c0
[  345.922607][T10990]  __x64_sys_recvmmsg+0x22a/0x280
[  345.922621][T10990]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  345.922633][T10990]  ? rcu_is_watching+0x12/0xc0
[  345.922650][T10990]  do_syscall_64+0xcd/0x230
[  345.922666][T10990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.922679][T10990] RIP: 0033:0x7f5bdc78e969
[  345.922690][T10990] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.922703][T10990] RSP: 002b:00007f5bdd5ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  345.922715][T10990] RAX: ffffffffffffffda RBX: 00007f5bdc9b5fa0 RCX: 00007f5bdc78e969
[  345.922724][T10990] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003
[  345.922732][T10990] RBP: 00007f5bdd5ee090 R08: 0000000000000000 R09: 0000000000000000
[  345.922740][T10990] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001
[  345.922747][T10990] R13: 0000000000000000 R14: 00007f5bdc9b5fa0 R15: 00007ffeab6aec78
[  345.922763][T10990]  </TASK>
[  346.152913][    C0] vkms_vblank_simulate: vblank timer overrun
[  346.211316][T10996] snd_aloop snd_aloop.0: control 1:6:-2147483647:���_�he�R��:0 is already present
[  346.269690][T10989] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1014'.
[  347.648354][T11028] bridge0: port 3(hsr0) entered blocking state
[  347.682732][T11028] bridge0: port 3(hsr0) entered disabled state
[  347.730442][T11028] hsr0: entered allmulticast mode
[  347.730486][T11028] hsr_slave_0: entered allmulticast mode
[  347.730498][T11028] hsr_slave_1: entered allmulticast mode
[  347.740029][T11028] hsr0: entered promiscuous mode
[  347.740448][T11028] bridge0: port 3(hsr0) entered blocking state
[  347.740521][T11028] bridge0: port 3(hsr0) entered forwarding state
[  348.133816][T11020] tty tty48: ldisc open failed (-12), clearing slot 47
[  348.349161][T11056] ubi0: attaching mtd0
[  348.354415][T11056] ubi0 error: validate_ec_hdr: bad VID header offset 64, expected 3965
[  348.414614][T11056] ubi0 error: validate_ec_hdr: bad EC header
[  348.438768][T11056] Erase counter header dump:
[  348.457519][T11056] 	magic          0x55424923
[  348.462596][T11056] 	version        1
[  348.506034][T11056] 	ec             1
[  348.526563][T11056] 	vid_hdr_offset 64
[  348.549856][T11056] 	data_offset    128
[  348.574894][T11056] 	image_seq      -447576337
[  348.597664][T11056] 	hdr_crc        0xdb207ec5
[  348.618912][T11056] erase counter header hexdump:
[  348.635264][T11056] CPU: 0 UID: 0 PID: 11056 Comm: syz.2.1027 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  348.635286][T11056] Tainted: [U]=USER
[  348.635291][T11056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  348.635300][T11056] Call Trace:
[  348.635305][T11056]  <TASK>
[  348.635311][T11056]  dump_stack_lvl+0x16c/0x1f0
[  348.635331][T11056]  validate_ec_hdr+0x28c/0x330
[  348.635353][T11056]  ubi_io_read_ec_hdr+0x63b/0x6c0
[  348.635377][T11056]  ubi_attach+0x5e7/0x4bd0
[  348.635400][T11056]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  348.635425][T11056]  ? __pfx_ubi_attach+0x10/0x10
[  348.635439][T11056]  ? lockdep_init_map_type+0x5c/0x280
[  348.635457][T11056]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  348.635476][T11056]  ubi_attach_mtd_dev+0x15a7/0x35d0
[  348.635500][T11056]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  348.635515][T11056]  ? __pfx_get_mtd_device+0x10/0x10
[  348.635539][T11056]  ctrl_cdev_ioctl+0x337/0x3d0
[  348.635555][T11056]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  348.635576][T11056]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  348.635592][T11056]  __x64_sys_ioctl+0x190/0x200
[  348.635613][T11056]  do_syscall_64+0xcd/0x230
[  348.635631][T11056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.635646][T11056] RIP: 0033:0x7f66f2f8e969
[  348.635659][T11056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.635672][T11056] RSP: 002b:00007f66f3d96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  348.635686][T11056] RAX: ffffffffffffffda RBX: 00007f66f31b5fa0 RCX: 00007f66f2f8e969
[  348.635695][T11056] RDX: 0000200000000080 RSI: 0000000040186f40 RDI: 0000000000000003
[  348.635704][T11056] RBP: 00007f66f3010ab1 R08: 0000000000000000 R09: 0000000000000000
[  348.635712][T11056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  348.635720][T11056] R13: 0000000000000000 R14: 00007f66f31b5fa0 R15: 00007fffc04da3f8
[  348.635737][T11056]  </TASK>
[  348.635743][T11056] ubi0 error: ubi_io_read_ec_hdr: validation failed for PEB 1
[  349.113380][T11072] busy
[  349.407445][T11056] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  349.908043][T11092] Setting dangerous option i915.mitigations - tainting kernel
[  350.430898][T11103] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(1768304430.3171692.0), cmd(5)
[  352.615702][T11150] CIFS mount error: No usable UNC path provided in device string!
[  352.615702][T11150] 
[  352.686031][T11150] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  355.315250][T11181] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(1768304430.3171692.0), cmd(5)
[  356.372094][T11211] warn_alloc: 1 callbacks suppressed
[  356.372108][T11211] syz.0.1056: vmalloc error: size 33562624, failed to allocated page array size 65552, mode:0xc22(GFP_ATOMIC|__GFP_HIGHMEM|__GFP_DIRECT_RECLAIM), nodemask=(null),cpuset=/,mems_allowed=0-1
[  356.771427][T11230] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1062'.
[  356.843284][T11211] CPU: 0 UID: 0 PID: 11211 Comm: syz.0.1056 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  356.843309][T11211] Tainted: [U]=USER
[  356.843314][T11211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  356.843322][T11211] Call Trace:
[  356.843327][T11211]  <TASK>
[  356.843332][T11211]  dump_stack_lvl+0x16c/0x1f0
[  356.843352][T11211]  warn_alloc+0x248/0x3a0
[  356.843368][T11211]  ? __pfx_warn_alloc+0x10/0x10
[  356.843388][T11211]  ? __get_vm_area_node+0x1b9/0x300
[  356.843407][T11211]  ? __get_vm_area_node+0x1e5/0x300
[  356.843428][T11211]  __vmalloc_node_range_noprof+0x1110/0x1540
[  356.843453][T11211]  ? ctl_ioctl+0x814/0xd70
[  356.843475][T11211]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  356.843501][T11211]  __kvmalloc_node_noprof+0x2ff/0x600
[  356.843515][T11211]  ? ctl_ioctl+0x814/0xd70
[  356.843532][T11211]  ? ctl_ioctl+0x814/0xd70
[  356.843551][T11211]  ? ctl_ioctl+0x814/0xd70
[  356.843567][T11211]  ctl_ioctl+0x814/0xd70
[  356.843584][T11211]  ? __pfx_dev_rename+0x10/0x10
[  356.843603][T11211]  ? __pfx_ctl_ioctl+0x10/0x10
[  356.843637][T11211]  ? __fget_files+0x20e/0x3c0
[  356.843659][T11211]  dm_ctl_ioctl+0x22/0x30
[  356.843675][T11211]  ? __pfx_dm_ctl_ioctl+0x10/0x10
[  356.843692][T11211]  __x64_sys_ioctl+0x190/0x200
[  356.843711][T11211]  do_syscall_64+0xcd/0x230
[  356.843728][T11211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.843741][T11211] RIP: 0033:0x7ff8b058e969
[  356.843753][T11211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.843765][T11211] RSP: 002b:00007ff8b13f3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  356.843778][T11211] RAX: ffffffffffffffda RBX: 00007ff8b07b6240 RCX: 00007ff8b058e969
[  356.843787][T11211] RDX: 00002000000001c0 RSI: fffffff7effffd05 RDI: 0000000000000005
[  356.843795][T11211] RBP: 00007ff8b0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  356.843803][T11211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  356.843810][T11211] R13: 0000000000000000 R14: 00007ff8b07b6240 R15: 00007fff4a392a48
[  356.843827][T11211]  </TASK>
[  356.843831][T11211] Mem-Info:
[  357.375407][T11242] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1065'.
[  357.409383][T11242] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1065'.
[  357.537690][T11254] ubi0: attaching mtd0
[  357.542184][T11254] FAULT_INJECTION: forcing a failure.
[  357.542184][T11254] name failslab, interval 1, probability 0, space 0, times 0
[  357.576849][T11249] Setting dangerous option i915.mitigations - tainting kernel
[  357.950305][T11254] CPU: 0 UID: 0 PID: 11254 Comm: syz.1.1068 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  357.950330][T11254] Tainted: [U]=USER
[  357.950334][T11254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  357.950342][T11254] Call Trace:
[  357.950347][T11254]  <TASK>
[  357.950353][T11254]  dump_stack_lvl+0x16c/0x1f0
[  357.950373][T11254]  should_fail_ex+0x512/0x640
[  357.950390][T11254]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[  357.950407][T11254]  should_failslab+0xc2/0x120
[  357.950423][T11254]  __kmalloc_cache_node_noprof+0x6d/0x420
[  357.950435][T11254]  ? __wake_up_klogd.part.0+0x99/0xf0
[  357.950454][T11254]  ? __get_vm_area_node+0x101/0x300
[  357.950475][T11254]  __get_vm_area_node+0x101/0x300
[  357.950496][T11254]  __vmalloc_node_range_noprof+0x277/0x1540
[  357.950516][T11254]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  357.950530][T11254]  ? __pfx__printk+0x10/0x10
[  357.950548][T11254]  ? __debug_object_init+0x2de/0x3d0
[  357.950563][T11254]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  357.950581][T11254]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  357.950605][T11254]  ? lockdep_init_map_type+0x5c/0x280
[  357.950629][T11254]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  357.950644][T11254]  vmalloc_noprof+0x6b/0x90
[  357.950662][T11254]  ? ubi_attach_mtd_dev+0x155b/0x35d0
[  357.950676][T11254]  ubi_attach_mtd_dev+0x155b/0x35d0
[  357.950700][T11254]  ? __pfx_ubi_attach_mtd_dev+0x10/0x10
[  357.950713][T11254]  ? __pfx_get_mtd_device+0x10/0x10
[  357.950736][T11254]  ctrl_cdev_ioctl+0x337/0x3d0
[  357.950751][T11254]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  357.950770][T11254]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[  357.950785][T11254]  __x64_sys_ioctl+0x190/0x200
[  357.950804][T11254]  do_syscall_64+0xcd/0x230
[  357.950821][T11254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.950834][T11254] RIP: 0033:0x7f1ba778e969
[  357.950845][T11254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.950858][T11254] RSP: 002b:00007f1ba85a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  357.950871][T11254] RAX: ffffffffffffffda RBX: 00007f1ba79b5fa0 RCX: 00007f1ba778e969
[  357.950879][T11254] RDX: 0000200000000080 RSI: 0000000040186f40 RDI: 0000000000000003
[  357.950887][T11254] RBP: 00007f1ba85a2090 R08: 0000000000000000 R09: 0000000000000000
[  357.950898][T11254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  357.950905][T11254] R13: 0000000000000000 R14: 00007f1ba79b5fa0 R15: 00007fff4b9603d8
[  357.950922][T11254]  </TASK>
[  359.047347][T11211] active_anon:19908 inactive_anon:209 isolated_anon:0
[  359.047347][T11211]  active_file:19059 inactive_file:39097 isolated_file:0
[  359.047347][T11211]  unevictable:768 dirty:990 writeback:0
[  359.047347][T11211]  slab_reclaimable:10483 slab_unreclaimable:96534
[  359.047347][T11211]  mapped:29419 shmem:4465 pagetables:1209
[  359.047347][T11211]  sec_pagetables:0 bounce:0
[  359.047347][T11211]  kernel_misc_reclaimable:0
[  359.047347][T11211]  free:1324462 free_pcp:783 free_cma:0
[  359.307644][T11211] Node 0 active_anon:90148kB inactive_anon:4kB active_file:76236kB inactive_file:156316kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:127020kB dirty:3960kB writeback:0kB shmem:20208kB shmem_thp:2048kB shmem_pmdmapped:2048kB anon_thp:4096kB writeback_tmp:0kB kernel_stack:11664kB pagetables:4940kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  359.477622][T11211] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3332kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  359.629850][T11211] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  359.767891][T11211] lowmem_reserve[]: 0 2484 2486 2486 2486
[  359.806051][T11211] Node 0 DMA32 free:1336772kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:108092kB inactive_anon:4kB active_file:76236kB inactive_file:154500kB unevictable:1536kB writepending:3492kB present:3129332kB managed:2544212kB mlocked:0kB bounce:0kB free_pcp:7612kB local_pcp:7612kB free_cma:0kB
[  359.975973][T11211] lowmem_reserve[]: 0 0 1 1 1
[  359.998004][T11211] Node 0 Normal free:12kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1816kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:24kB free_cma:0kB
[  360.154775][T11211] lowmem_reserve[]: 0 0 0 0 0
[  360.206186][T11211] Node 1 Normal free:3911700kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:48kB local_pcp:48kB free_cma:0kB
[  360.356835][T11211] lowmem_reserve[]: 0 0 0 0 0
[  360.372198][T11211] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  360.545785][T11211] Node 0 DMA32: 33*4kB (E) 41*8kB (UME) 167*16kB (UME) 144*32kB (UME) 597*64kB (UME) 372*128kB (UME) 298*256kB (UME) 213*512kB (UM) 138*1024kB (UME) 12*2048kB (UME) 217*4096kB (UM) = 1333628kB
[  360.589177][T11280] Setting dangerous option i915.mitigations - tainting kernel
[  360.934098][T11211] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  361.073338][T11211] Node 1 Normal: 121*4kB (UME) 52*8kB (UME) 35*16kB (UME) 179*32kB (UME) 100*64kB (UME) 30*128kB (UME) 18*256kB (UM) 9*512kB (UM) 4*1024kB (UME) 3*2048kB (UE) 946*4096kB (M) = 3911700kB
[  361.207464][T11211] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  361.271862][T11211] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  361.340948][T11211] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  361.411712][T11211] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  361.727740][T11211] 74592 total pagecache pages
[  361.913422][T11211] 7 pages in swap cache
[  361.965991][T11211] Free swap  = 124964kB
[  361.996141][T11211] Total swap = 124996kB
[  362.030960][T11211] 2097051 pages RAM
[  362.064721][T11211] 0 pages HighMem/MovableOnly
[  362.244051][T11211] 428892 pages reserved
[  362.295979][T11211] 0 pages cma reserved
[  363.604343][T11325] kernel read not supported for file /set_event_notrace_pid (pid: 11325 comm: syz.4.1083)
[  363.668768][   T30] audit: type=1800 audit(4294967346.720:13): pid=11325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1083" name="set_event_notrace_pid" dev="tracefs" ino=26 res=0 errno=0
[  364.898705][T11354] netlink: 'syz.4.1089': attribute type 8 has an invalid length.
[  365.560573][T11366] Setting dangerous option i915.mitigations - tainting kernel
[  365.987628][T11367] Setting dangerous option i915.mitigations - tainting kernel
[  367.274548][T11384] Setting dangerous option i915.mitigations - tainting kernel
[  368.163451][T11397] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1098'.
[  368.271782][T11400] svc: failed to register nfsdv3 RPC service (errno 111).
[  368.280476][T11404] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  368.309976][T11400] svc: failed to register nfsaclv3 RPC service (errno 111).
[  368.817165][T11412] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1100'.
[  368.866140][T11410] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1100'.
[  368.920123][T11415] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1101'.
[  368.964594][T11410] netlink: 242 bytes leftover after parsing attributes in process `syz.0.1100'.
[  369.013953][T11414] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1101'.
[  369.587141][T11421] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28
[  370.554994][T11399] kexec: Could not allocate control_code_buffer
[  370.900811][T11441] mkiss: ax0: crc mode is auto.
[  371.865174][T11451] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1110'.
[  374.170783][T11465] kexec: Could not allocate control_code_buffer
[  377.098399][T11580] netlink: 'syz.0.1136': attribute type 28 has an invalid length.
[  377.147808][T11580] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1136'.
[  378.751311][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.768798][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  378.984093][T11603] capability: warning: `syz.0.1138' uses deprecated v2 capabilities in a way that may be insecure
[  379.753711][T11619] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1142'.
[  380.613262][T11642] random: crng reseeded on system resumption
[  382.400115][ T5842] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18
[  385.834473][T11748] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1162'.
[  385.902913][T11751] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1163'.
[  385.924748][T11752] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  385.991687][T11751] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  386.234331][T11755] netlink: 'syz.4.1164': attribute type 28 has an invalid length.
[  386.259691][T11755] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1164'.
[  387.486571][T11769] zswap: compressor  not available
[  387.524778][T11774] zswap: compressor  not available
[  388.091357][T11787] block2mtd: illegal erase size
[  390.100779][T11812] nvme_fcloop: unknown parameter or missing value '7'
[  390.430253][T11819] delete_channel: no stack
[  390.544094][T11819] FAULT_INJECTION: forcing a failure.
[  390.544094][T11819] name failslab, interval 1, probability 0, space 0, times 0
[  390.694403][T11819] CPU: 0 UID: 0 PID: 11819 Comm: syz.0.1176 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  390.694429][T11819] Tainted: [U]=USER
[  390.694434][T11819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  390.694443][T11819] Call Trace:
[  390.694448][T11819]  <TASK>
[  390.694454][T11819]  dump_stack_lvl+0x16c/0x1f0
[  390.694473][T11819]  should_fail_ex+0x512/0x640
[  390.694492][T11819]  ? __kmalloc_noprof+0xbf/0x510
[  390.694509][T11819]  ? kernfs_fop_write_iter+0x237/0x510
[  390.694525][T11819]  should_failslab+0xc2/0x120
[  390.694541][T11819]  __kmalloc_noprof+0xd2/0x510
[  390.694560][T11819]  kernfs_fop_write_iter+0x237/0x510
[  390.694578][T11819]  iter_file_splice_write+0x91c/0x1150
[  390.694609][T11819]  ? __pfx_iter_file_splice_write+0x10/0x10
[  390.694631][T11819]  ? __pfx_copy_splice_read+0x10/0x10
[  390.694659][T11819]  ? __pfx_iter_file_splice_write+0x10/0x10
[  390.694680][T11819]  direct_splice_actor+0x18f/0x6c0
[  390.694700][T11819]  splice_direct_to_actor+0x342/0xa30
[  390.694720][T11819]  ? __pfx_direct_splice_actor+0x10/0x10
[  390.694742][T11819]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  390.694765][T11819]  do_splice_direct+0x174/0x240
[  390.694784][T11819]  ? __pfx_do_splice_direct+0x10/0x10
[  390.694802][T11819]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  390.694823][T11819]  ? rw_verify_area+0xcf/0x680
[  390.694843][T11819]  do_sendfile+0xafd/0xe50
[  390.694865][T11819]  ? __pfx_do_sendfile+0x10/0x10
[  390.694884][T11819]  ? do_handle_open+0x25b/0xb70
[  390.694903][T11819]  ? __x64_sys_futex+0x1e0/0x4c0
[  390.694916][T11819]  ? __x64_sys_futex+0x1e9/0x4c0
[  390.694932][T11819]  __x64_sys_sendfile64+0x1d8/0x220
[  390.694947][T11819]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  390.694961][T11819]  ? rcu_is_watching+0x12/0xc0
[  390.694979][T11819]  do_syscall_64+0xcd/0x230
[  390.695005][T11819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  390.695019][T11819] RIP: 0033:0x7ff8b058e969
[  390.695031][T11819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  390.695045][T11819] RSP: 002b:00007ff8b1456038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  390.695058][T11819] RAX: ffffffffffffffda RBX: 00007ff8b07b5fa0 RCX: 00007ff8b058e969
[  390.695068][T11819] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  390.695076][T11819] RBP: 00007ff8b0610ab1 R08: 0000000000000000 R09: 0000000000000000
[  390.695084][T11819] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  390.695092][T11819] R13: 0000000000000000 R14: 00007ff8b07b5fa0 R15: 00007fff4a392a48
[  390.695109][T11819]  </TASK>
[  390.979510][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.787907][T11856] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1183'.
[  391.867507][T11856] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  392.086407][T11860] input input29: cannot allocate more than FF_MAX_EFFECTS effects
[  392.879224][T11880] FAULT_INJECTION: forcing a failure.
[  392.879224][T11880] name failslab, interval 1, probability 0, space 0, times 0
[  392.964364][T11880] CPU: 0 UID: 0 PID: 11880 Comm: syz.2.1186 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  392.964390][T11880] Tainted: [U]=USER
[  392.964394][T11880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  392.964403][T11880] Call Trace:
[  392.964408][T11880]  <TASK>
[  392.964413][T11880]  dump_stack_lvl+0x16c/0x1f0
[  392.964435][T11880]  should_fail_ex+0x512/0x640
[  392.964454][T11880]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  392.964471][T11880]  should_failslab+0xc2/0x120
[  392.964488][T11880]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  392.964501][T11880]  ? __proc_create+0xc3/0x8c0
[  392.964516][T11880]  ? __proc_create+0x2ce/0x8c0
[  392.964533][T11880]  __proc_create+0x2ce/0x8c0
[  392.964547][T11880]  ? __pfx___proc_create+0x10/0x10
[  392.964568][T11880]  proc_create_reg+0x7d/0x180
[  392.964585][T11880]  proc_create_net_data+0x8e/0x1b0
[  392.964600][T11880]  ? __pfx_proc_create_net_data+0x10/0x10
[  392.964620][T11880]  udp6_proc_init+0x57/0x80
[  392.964638][T11880]  inet6_net_init+0x67a/0xb20
[  392.964659][T11880]  ? __pfx_inet6_net_init+0x10/0x10
[  392.964677][T11880]  ops_init+0x1df/0x5f0
[  392.964693][T11880]  setup_net+0x21e/0x850
[  392.964708][T11880]  ? __pfx_setup_net+0x10/0x10
[  392.964720][T11880]  ? lockdep_init_map_type+0x5c/0x280
[  392.964739][T11880]  ? __pfx_down_read_killable+0x10/0x10
[  392.964759][T11880]  ? debug_mutex_init+0x37/0x70
[  392.964780][T11880]  copy_net_ns+0x2a6/0x5f0
[  392.964796][T11880]  create_new_namespaces+0x3ea/0xad0
[  392.964823][T11880]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  392.964840][T11880]  ksys_unshare+0x45b/0xa40
[  392.964859][T11880]  ? __pfx_ksys_unshare+0x10/0x10
[  392.964875][T11880]  ? xfd_validate_state+0x5d/0x180
[  392.964897][T11880]  ? rcu_is_watching+0x12/0xc0
[  392.964913][T11880]  __x64_sys_unshare+0x31/0x40
[  392.964930][T11880]  do_syscall_64+0xcd/0x230
[  392.964947][T11880]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.964960][T11880] RIP: 0033:0x7f66f2f8e969
[  392.964971][T11880] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.964984][T11880] RSP: 002b:00007f66f3d96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  392.964997][T11880] RAX: ffffffffffffffda RBX: 00007f66f31b5fa0 RCX: 00007f66f2f8e969
[  392.965006][T11880] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  392.965014][T11880] RBP: 00007f66f3010ab1 R08: 0000000000000000 R09: 0000000000000000
[  392.965021][T11880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  392.965029][T11880] R13: 0000000000000000 R14: 00007f66f31b5fa0 R15: 00007fffc04da3f8
[  392.965047][T11880]  </TASK>
[  393.252300][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.036165][T11898] vivid-007: =================  START STATUS  =================
[  394.125732][T11898] vivid-007: Generate PTS: true
[  394.214261][T11898] vivid-007: Generate SCR: true
[  394.246117][T11906] kernel read not supported for file /set_event_notrace_pid (pid: 11906 comm: syz.4.1189)
[  394.268215][T11898] tpg source WxH: 640x360 (Y'CbCr)
[  394.349806][   T30] audit: type=1800 audit(4294967377.400:14): pid=11906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1189" name="set_event_notrace_pid" dev="tracefs" ino=26 res=0 errno=0
[  394.387796][T11898] tpg field: 1
[  394.391514][T11898] tpg crop: (0,0)/640x360
[  394.487093][T11898] tpg compose: (0,0)/640x360
[  394.492162][T11898] tpg colorspace: 8
[  394.633015][T11898] tpg transfer function: 0/0
[  394.699221][T11898] tpg Y'CbCr encoding: 0/0
[  394.704096][T11898] tpg quantization: 0/0
[  394.839284][T11923] FAULT_INJECTION: forcing a failure.
[  394.839284][T11923] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  394.877502][T11898] tpg RGB range: 0/2
[  394.984769][T11898] vivid-007: ==================  END STATUS  ==================
[  395.044761][T11923] CPU: 0 UID: 0 PID: 11923 Comm: syz.4.1190 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  395.044786][T11923] Tainted: [U]=USER
[  395.044790][T11923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  395.044798][T11923] Call Trace:
[  395.044802][T11923]  <TASK>
[  395.044808][T11923]  dump_stack_lvl+0x16c/0x1f0
[  395.044829][T11923]  should_fail_ex+0x512/0x640
[  395.044850][T11923]  _copy_from_user+0x2e/0xd0
[  395.044869][T11923]  snd_pcm_oss_write2+0x1c2/0x410
[  395.044888][T11923]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  395.044904][T11923]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  395.044927][T11923]  snd_pcm_oss_write+0x711/0xa10
[  395.044945][T11923]  ? security_file_permission+0x71/0x210
[  395.044966][T11923]  vfs_write+0x25c/0x1180
[  395.044977][T11923]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  395.044997][T11923]  ? __pfx_vfs_write+0x10/0x10
[  395.045007][T11923]  ? find_held_lock+0x2b/0x80
[  395.045020][T11923]  ? __fget_files+0x204/0x3c0
[  395.045042][T11923]  ? __fget_files+0x20e/0x3c0
[  395.045066][T11923]  ksys_write+0x12a/0x240
[  395.045077][T11923]  ? __pfx_ksys_write+0x10/0x10
[  395.045088][T11923]  ? rcu_is_watching+0x12/0xc0
[  395.045104][T11923]  do_syscall_64+0xcd/0x230
[  395.045121][T11923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.045134][T11923] RIP: 0033:0x7f5bdc78e969
[  395.045145][T11923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  395.045158][T11923] RSP: 002b:00007f5bdd58b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  395.045171][T11923] RAX: ffffffffffffffda RBX: 00007f5bdc9b6240 RCX: 00007f5bdc78e969
[  395.045179][T11923] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003
[  395.045187][T11923] RBP: 00007f5bdd58b090 R08: 0000000000000000 R09: 0000000000000000
[  395.045194][T11923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.045201][T11923] R13: 0000000000000000 R14: 00007f5bdc9b6240 R15: 00007ffeab6aec78
[  395.045218][T11923]  </TASK>
[  395.267711][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.313380][T11959] can: request_module (can-proto-3) failed.
[  399.089535][T12000] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1204'.
[  399.193351][T12010] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  399.216102][T12011] FAULT_INJECTION: forcing a failure.
[  399.216102][T12011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  399.393621][T12015] warn_alloc: 1 callbacks suppressed
[  399.393635][T12015] syz.2.1207: vmalloc error: size 141863388262170624, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  399.400827][T12011] CPU: 0 UID: 0 PID: 12011 Comm: syz.1.1205 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  399.400850][T12011] Tainted: [U]=USER
[  399.400854][T12011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  399.400862][T12011] Call Trace:
[  399.400867][T12011]  <TASK>
[  399.400872][T12011]  dump_stack_lvl+0x16c/0x1f0
[  399.400892][T12011]  should_fail_ex+0x512/0x640
[  399.400914][T12011]  _copy_from_user+0x2e/0xd0
[  399.400933][T12011]  snd_pcm_oss_write2+0x1c2/0x410
[  399.400952][T12011]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  399.400967][T12011]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  399.400991][T12011]  snd_pcm_oss_write+0x711/0xa10
[  399.401008][T12011]  ? security_file_permission+0x71/0x210
[  399.401029][T12011]  vfs_write+0x25c/0x1180
[  399.401048][T12011]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  399.401068][T12011]  ? __pfx_vfs_write+0x10/0x10
[  399.401078][T12011]  ? find_held_lock+0x2b/0x80
[  399.401092][T12011]  ? __fget_files+0x204/0x3c0
[  399.401114][T12011]  ? __fget_files+0x20e/0x3c0
[  399.401137][T12011]  ksys_write+0x12a/0x240
[  399.401149][T12011]  ? __pfx_ksys_write+0x10/0x10
[  399.401159][T12011]  ? rcu_is_watching+0x12/0xc0
[  399.401176][T12011]  do_syscall_64+0xcd/0x230
[  399.401193][T12011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.401206][T12011] RIP: 0033:0x7f1ba778e969
[  399.401217][T12011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.401230][T12011] RSP: 002b:00007f1ba853f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  399.401242][T12011] RAX: ffffffffffffffda RBX: 00007f1ba79b6240 RCX: 00007f1ba778e969
[  399.401251][T12011] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003
[  399.401259][T12011] RBP: 00007f1ba853f090 R08: 0000000000000000 R09: 0000000000000000
[  399.401266][T12011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  399.401273][T12011] R13: 0000000000000000 R14: 00007f1ba79b6240 R15: 00007fff4b9603d8
[  399.401290][T12011]  </TASK>
[  399.763057][T12015] ,cpuset=/,mems_allowed=0-1
[  399.768262][T12015] CPU: 0 UID: 0 PID: 12015 Comm: syz.2.1207 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  399.768286][T12015] Tainted: [U]=USER
[  399.768291][T12015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  399.768300][T12015] Call Trace:
[  399.768305][T12015]  <TASK>
[  399.768310][T12015]  dump_stack_lvl+0x16c/0x1f0
[  399.768330][T12015]  warn_alloc+0x248/0x3a0
[  399.768356][T12015]  ? __pfx_warn_alloc+0x10/0x10
[  399.768375][T12015]  ? check_path.constprop.0+0x24/0x50
[  399.768394][T12015]  ? add_lock_to_list+0x9d/0x130
[  399.768411][T12015]  __vmalloc_node_range_noprof+0x10ea/0x1540
[  399.768440][T12015]  ? disksize_store+0x117/0x670
[  399.768462][T12015]  ? __pfx___might_resched+0x10/0x10
[  399.768476][T12015]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  399.768498][T12015]  ? down_write+0x14d/0x200
[  399.768515][T12015]  ? __pfx_down_write+0x10/0x10
[  399.768531][T12015]  ? disksize_store+0x117/0x670
[  399.768549][T12015]  vzalloc_noprof+0x6b/0x90
[  399.768568][T12015]  ? disksize_store+0x117/0x670
[  399.768585][T12015]  disksize_store+0x117/0x670
[  399.768605][T12015]  ? __pfx_disksize_store+0x10/0x10
[  399.768622][T12015]  dev_attr_store+0x55/0x80
[  399.768638][T12015]  ? __pfx_dev_attr_store+0x10/0x10
[  399.768653][T12015]  sysfs_kf_write+0xef/0x150
[  399.768672][T12015]  kernfs_fop_write_iter+0x351/0x510
[  399.768687][T12015]  ? __pfx_sysfs_kf_write+0x10/0x10
[  399.768707][T12015]  vfs_write+0x5ba/0x1180
[  399.768721][T12015]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  399.768739][T12015]  ? __pfx_vfs_write+0x10/0x10
[  399.768749][T12015]  ? do_futex+0x122/0x350
[  399.768772][T12015]  ? __x64_sys_futex+0x1e0/0x4c0
[  399.768784][T12015]  ? __x64_sys_futex+0x1e9/0x4c0
[  399.768800][T12015]  ksys_write+0x12a/0x240
[  399.768813][T12015]  ? __pfx_ksys_write+0x10/0x10
[  399.768823][T12015]  ? rcu_is_watching+0x12/0xc0
[  399.768841][T12015]  do_syscall_64+0xcd/0x230
[  399.768859][T12015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.768873][T12015] RIP: 0033:0x7f66f2f8e969
[  399.768884][T12015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  399.768897][T12015] RSP: 002b:00007f66f3d96038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  399.768910][T12015] RAX: ffffffffffffffda RBX: 00007f66f31b5fa0 RCX: 00007f66f2f8e969
[  399.768919][T12015] RDX: 0000000000000002 RSI: 0000200000000ec0 RDI: 000000000000000a
[  399.768928][T12015] RBP: 00007f66f3010ab1 R08: 0000000000000000 R09: 0000000000000000
[  399.768935][T12015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  399.768943][T12015] R13: 0000000000000000 R14: 00007f66f31b5fa0 R15: 00007fffc04da3f8
[  399.768960][T12015]  </TASK>
[  399.768966][T12015] Mem-Info:
[  400.114395][T12018] device-mapper: ioctl: Unable to rename non-existent device,  to uuid �
[  400.289551][T12015] active_anon:59712 inactive_anon:1 isolated_anon:0
[  400.289551][T12015]  active_file:20350 inactive_file:39410 isolated_file:0
[  400.289551][T12015]  unevictable:768 dirty:376 writeback:0
[  400.289551][T12015]  slab_reclaimable:10543 slab_unreclaimable:97416
[  400.289551][T12015]  mapped:52082 shmem:44586 pagetables:1371
[  400.289551][T12015]  sec_pagetables:0 bounce:0
[  400.289551][T12015]  kernel_misc_reclaimable:0
[  400.289551][T12015]  free:1283072 free_pcp:320 free_cma:0
[  400.399139][T12015] Node 0 active_anon:238952kB inactive_anon:4kB active_file:81400kB inactive_file:157568kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:208328kB dirty:1504kB writeback:0kB shmem:175012kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11376kB pagetables:5536kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  400.557406][T12015] Node 1 active_anon:260kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3332kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:80kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  400.657488][T12015] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  400.730309][T12015] lowmem_reserve[]: 0 2484 2486 2486 2486
[  400.744821][T12015] Node 0 DMA32 free:1183380kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB active_anon:255804kB inactive_anon:4kB active_file:81272kB inactive_file:155752kB unevictable:1536kB writepending:1660kB present:3129332kB managed:2544212kB mlocked:0kB bounce:0kB free_pcp:4264kB local_pcp:4264kB free_cma:0kB
[  400.820691][T12015] lowmem_reserve[]: 0 0 1 1 1
[  400.834134][T12015] Node 0 Normal free:12kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1816kB unevictable:0kB writepending:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:24kB free_cma:0kB
[  400.899929][T12015] lowmem_reserve[]: 0 0 0 0 0
[  400.911414][T12015] Node 1 Normal free:3911152kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB active_anon:260kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:900kB local_pcp:900kB free_cma:0kB
[  400.985289][T12015] lowmem_reserve[]: 0 0 0 0 0
[  400.997777][T12015] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  401.028593][T12015] Node 0 DMA32: 243*4kB (UE) 362*8kB (UE) 96*16kB (UE) 250*32kB (UE) 231*64kB (UME) 165*128kB (UME) 111*256kB (UME) 163*512kB (U) 139*1024kB (UME) 10*2048kB (UME) 207*4096kB (UM) = 1171868kB
[  401.081968][T12015] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  401.109821][T12015] Node 1 Normal: 132*4kB (UE) 52*8kB (UE) 15*16kB (U) 182*32kB (UE) 96*64kB (UM) 29*128kB (UE) 18*256kB (UM) 9*512kB (UM) 4*1024kB (UME) 3*2048kB (UE) 946*4096kB (M) = 3911136kB
[  401.160127][T12015] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  401.195401][T12015] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  401.240904][T12015] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  401.309508][T12015] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  401.399932][T12015] 112506 total pagecache pages
[  401.405183][T12015] 7 pages in swap cache
[  401.454980][T12015] Free swap  = 124964kB
[  401.470953][T12015] Total swap = 124996kB
[  401.498134][T12015] 2097051 pages RAM
[  401.502321][T12015] 0 pages HighMem/MovableOnly
[  401.572055][T12015] 428892 pages reserved
[  401.588330][T12015] 0 pages cma reserved
[  401.743144][T12053] FAULT_INJECTION: forcing a failure.
[  401.743144][T12053] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.813905][T12054] Invalid ELF header magic: != ELF
[  402.003812][T12053] CPU: 0 UID: 0 PID: 12053 Comm: syz.4.1217 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  402.003850][T12053] Tainted: [U]=USER
[  402.003855][T12053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  402.003862][T12053] Call Trace:
[  402.003867][T12053]  <TASK>
[  402.003873][T12053]  dump_stack_lvl+0x16c/0x1f0
[  402.003892][T12053]  should_fail_ex+0x512/0x640
[  402.003913][T12053]  _copy_from_user+0x2e/0xd0
[  402.003932][T12053]  snd_pcm_oss_write2+0x1c2/0x410
[  402.003951][T12053]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  402.003966][T12053]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  402.003990][T12053]  snd_pcm_oss_write+0x711/0xa10
[  402.004007][T12053]  ? security_file_permission+0x71/0x210
[  402.004028][T12053]  vfs_write+0x25c/0x1180
[  402.004039][T12053]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  402.004059][T12053]  ? __pfx_vfs_write+0x10/0x10
[  402.004070][T12053]  ? find_held_lock+0x2b/0x80
[  402.004083][T12053]  ? __fget_files+0x204/0x3c0
[  402.004105][T12053]  ? __fget_files+0x20e/0x3c0
[  402.004128][T12053]  ksys_write+0x12a/0x240
[  402.004139][T12053]  ? __pfx_ksys_write+0x10/0x10
[  402.004150][T12053]  ? rcu_is_watching+0x12/0xc0
[  402.004167][T12053]  do_syscall_64+0xcd/0x230
[  402.004184][T12053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.004197][T12053] RIP: 0033:0x7f5bdc78e969
[  402.004208][T12053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.004221][T12053] RSP: 002b:00007f5bdd58b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  402.004234][T12053] RAX: ffffffffffffffda RBX: 00007f5bdc9b6240 RCX: 00007f5bdc78e969
[  402.004242][T12053] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003
[  402.004250][T12053] RBP: 00007f5bdd58b090 R08: 0000000000000000 R09: 0000000000000000
[  402.004258][T12053] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.004266][T12053] R13: 0000000000000000 R14: 00007f5bdc9b6240 R15: 00007ffeab6aec78
[  402.004283][T12053]  </TASK>
[  404.602917][T12091] Setting dangerous option i915.mitigations - tainting kernel
[  405.127232][T12097] svc: failed to register nfsdv3 RPC service (errno 111).
[  405.188629][T12097] svc: failed to register nfsaclv3 RPC service (errno 111).
[  406.050630][T12114] sd 0:0:1:0: PR command failed: 1026
[  406.158524][T12114] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  406.451489][T12114] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  408.783256][T12145] Invalid ELF header magic: != ELF
[  409.076458][T12158] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1238'.
[  409.156104][T12160] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  413.683490][T12216] tty tty53: ldisc open failed (-12), clearing slot 52
[  413.704576][T12211] Setting dangerous option i915.mitigations - tainting kernel
[  413.938128][T11985] syz.0.1194 (11985) used greatest stack depth: 20312 bytes left
[  414.040041][T12225] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1251'.
[  414.554940][T12230] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1252'.
[  414.666368][T12235] device-mapper: ioctl: Unable to rename non-existent device,  to �
[  415.119708][T12240] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1255'.
[  415.402127][T12253] FAULT_INJECTION: forcing a failure.
[  415.402127][T12253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  415.473525][T12253] CPU: 0 UID: 0 PID: 12253 Comm: syz.1.1259 Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  415.473557][T12253] Tainted: [U]=USER
[  415.473562][T12253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  415.473571][T12253] Call Trace:
[  415.473576][T12253]  <TASK>
[  415.473582][T12253]  dump_stack_lvl+0x16c/0x1f0
[  415.473604][T12253]  should_fail_ex+0x512/0x640
[  415.473625][T12253]  _copy_from_user+0x2e/0xd0
[  415.473645][T12253]  get_user_ifreq+0x77/0x1c0
[  415.473661][T12253]  sock_do_ioctl+0x16b/0x280
[  415.473676][T12253]  ? __pfx_sock_do_ioctl+0x10/0x10
[  415.473701][T12253]  sock_ioctl+0x227/0x6b0
[  415.473718][T12253]  ? __pfx_sock_ioctl+0x10/0x10
[  415.473733][T12253]  ? hook_file_ioctl_common+0x145/0x410
[  415.473751][T12253]  ? __fget_files+0x20e/0x3c0
[  415.473773][T12253]  ? __pfx_sock_ioctl+0x10/0x10
[  415.473790][T12253]  __x64_sys_ioctl+0x190/0x200
[  415.473808][T12253]  do_syscall_64+0xcd/0x230
[  415.473826][T12253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.473839][T12253] RIP: 0033:0x7f1ba778e969
[  415.473851][T12253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  415.473863][T12253] RSP: 002b:00007f1ba85a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  415.473877][T12253] RAX: ffffffffffffffda RBX: 00007f1ba79b5fa0 RCX: 00007f1ba778e969
[  415.473885][T12253] RDX: 00002000000000c0 RSI: 0000000000008933 RDI: 0000000000000007
[  415.473893][T12253] RBP: 00007f1ba7810ab1 R08: 0000000000000000 R09: 0000000000000000
[  415.473901][T12253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  415.473908][T12253] R13: 0000000000000000 R14: 00007f1ba79b5fa0 R15: 00007fff4b9603d8
[  415.473925][T12253]  </TASK>
[  416.143726][T11672] syz.0.1151 (11672) used greatest stack depth: 19976 bytes left
[  416.439934][T12259] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1256'.
[  417.419930][T12294] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1266'.
[  418.099189][T12292] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  418.108216][T12292] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  418.124926][T12292] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  418.153981][T12292] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  418.173194][T12292] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  418.549932][T12302] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1268'.
[  418.921641][T12302] bond0: (slave bond_slave_0): Releasing backup interface
[  419.706143][ T5840] Bluetooth: hci0: command 0x0c1a tx timeout
[  420.135487][T12329] svc: failed to register nfsdv3 RPC service (errno 111).
[  420.152308][T12329] svc: failed to register nfsaclv3 RPC service (errno 111).
[  420.179661][T12330] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  420.188139][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout
[  420.194713][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout
[  420.201911][ T5840] Bluetooth: hci2: command 0x0c1a tx timeout
[  421.208484][T12342] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1276'.
[  421.317414][T12348] netlink: 93 bytes leftover after parsing attributes in process `syz.2.1276'.
[  422.266891][T12331] Bluetooth: hci1: command 0x0c1a tx timeout
[  440.189061][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  440.196049][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  501.631577][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.642928][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  563.073196][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  563.081874][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  563.706193][   T31] INFO: task syz.4.1268:12313 blocked for more than 143 seconds.
[  563.714702][   T31]       Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0
[  563.730021][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  563.740971][   T31] task:syz.4.1268      state:D stack:26120 pid:12313 tgid:12301 ppid:8588   task_flags:0x400040 flags:0x00004004
[  563.755746][   T31] Call Trace:
[  563.759673][   T31]  <TASK>
[  563.762892][   T31]  __schedule+0x116f/0x5de0
[  563.769499][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[  563.775699][   T31]  ? __pfx___schedule+0x10/0x10
[  563.781219][   T31]  ? find_held_lock+0x2b/0x80
[  563.790747][   T31]  ? schedule+0x2d7/0x3a0
[  563.795510][   T31]  schedule+0xe7/0x3a0
[  563.800252][   T31]  io_schedule+0xbf/0x130
[  563.805000][   T31]  folio_wait_bit_common+0x3d6/0x9e0
[  563.814221][   T31]  ? folio_wait_bit_common+0x13a/0x9e0
[  563.820529][   T31]  ? __pfx_folio_wait_bit_common+0x10/0x10
[  563.828545][   T31]  ? filemap_get_folios_tag+0x46a/0xae0
[  563.834662][   T31]  ? __pfx_wake_page_function+0x10/0x10
[  563.842670][   T31]  folio_wait_writeback+0x3c/0x90
[  563.851065][   T31]  __filemap_fdatawait_range+0x11f/0x200
[  563.857599][   T31]  ? __pfx___filemap_fdatawait_range+0x10/0x10
[  563.864405][   T31]  file_write_and_wait_range+0x101/0x140
[  563.874950][   T31]  ext4_sync_file+0x310/0xf10
[  563.880411][   T31]  ? __pfx___up_read+0x10/0x10
[  563.885655][   T31]  ? __pfx_ext4_sync_file+0x10/0x10
[  563.893133][   T31]  vfs_fsync_range+0x136/0x220
[  563.898576][   T31]  __do_sys_msync+0x3cb/0x5c0
[  563.903716][   T31]  do_syscall_64+0xcd/0x230
[  563.910735][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.918838][   T31] RIP: 0033:0x7f5bdc78e969
[  563.923693][   T31] RSP: 002b:00007f5bdd58b038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a
[  563.934726][   T31] RAX: ffffffffffffffda RBX: 00007f5bdc9b6240 RCX: 00007f5bdc78e969
[  563.944560][   T31] RDX: 0000000400000004 RSI: 01800000ff010000 RDI: 000000001ffff000
[  563.957348][   T31] RBP: 00007f5bdc810ab1 R08: 0000000000000000 R09: 0000000000000000
[  563.966688][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  563.977287][   T31] R13: 0000000000000000 R14: 00007f5bdc9b6240 R15: 00007ffeab6aec78
[  563.986652][   T31]  </TASK>
[  563.989989][   T31] 
[  563.989989][   T31] Showing all locks held in the system:
[  563.999912][   T31] 1 lock held by khungtaskd/31:
[  564.005233][   T31]  #0: ffffffff8e3bf440 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  564.017876][   T31] 6 locks held by kworker/u8:15/6441:
[  564.023770][   T31]  #0: ffff888021a81148 ((wq_completion)writeback){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  564.038963][   T31]  #1: ffffc9000b79fd18 ((work_completion)(&(&wb->dwork)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  564.053355][   T31]  #2: ffff88814e03e0e0 (&type->s_umount_key#31){++++}-{4:4}, at: super_trylock_shared+0x1e/0xf0
[  564.067891][   T31]  #3: ffff88814e040b98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: do_writepages+0x1b2/0x820
[  564.080335][   T31]  #4: ffff888034542950 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x5e4/0x1410
[  564.092202][   T31]  #5: ffff88807d700cb0 (&ei->i_data_sem){++++}-{4:4}, at: ext4_map_blocks+0x355/0x1390
[  564.103503][   T31] 2 locks held by getty/10775:
[  564.110096][   T31]  #0: ffff88814d4010a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  564.121397][   T31]  #1: ffffc900041432f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  564.133772][   T31] 3 locks held by syz.2.1276/12339:
[  564.140027][   T31]  #0: ffff88814e03e420 (sb_writers#4){.+.+}-{0:0}, at: madvise_vma_behavior+0x1a75/0x1d50
[  564.154540][   T31]  #1: ffff88807d700e20 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: ext4_fallocate+0x111/0x3810
[  564.167935][   T31]  #2: ffff88807d700fc0 (mapping.invalidate_lock#2){++++}-{4:4}, at: ext4_fallocate+0x1bc/0x3810
[  564.182158][   T31] 2 locks held by syz.2.1276/12340:
[  564.189513][   T31]  #0: ffff88814e03e420 (sb_writers#4){.+.+}-{0:0}, at: madvise_vma_behavior+0x1a75/0x1d50
[  564.200701][   T31]  #1: ffff88807d700e20 (&sb->s_type->i_mutex_key#9){++++}-{4:4}, at: ext4_fallocate+0x111/0x3810
[  564.214022][   T31] 
[  564.216729][   T31] =============================================
[  564.216729][   T31] 
[  564.227672][   T31] NMI backtrace for cpu 0
[  564.227687][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  564.227706][   T31] Tainted: [U]=USER
[  564.227711][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  564.227718][   T31] Call Trace:
[  564.227723][   T31]  <TASK>
[  564.227728][   T31]  dump_stack_lvl+0x116/0x1f0
[  564.227748][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  564.227768][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  564.227788][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  564.227809][   T31]  watchdog+0xf70/0x12c0
[  564.227828][   T31]  ? __pfx_watchdog+0x10/0x10
[  564.227843][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  564.227859][   T31]  ? __kthread_parkme+0x19e/0x250
[  564.227875][   T31]  ? __pfx_watchdog+0x10/0x10
[  564.227890][   T31]  kthread+0x3c2/0x780
[  564.227907][   T31]  ? __pfx_kthread+0x10/0x10
[  564.227923][   T31]  ? __pfx_kthread+0x10/0x10
[  564.227939][   T31]  ? __pfx_kthread+0x10/0x10
[  564.227954][   T31]  ? __pfx_kthread+0x10/0x10
[  564.227970][   T31]  ? rcu_is_watching+0x12/0xc0
[  564.227982][   T31]  ? __pfx_kthread+0x10/0x10
[  564.227999][   T31]  ret_from_fork+0x45/0x80
[  564.228018][   T31]  ? __pfx_kthread+0x10/0x10
[  564.228034][   T31]  ret_from_fork_asm+0x1a/0x30
[  564.228060][   T31]  </TASK>
[  564.228071][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  564.379497][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.15.0-rc4-syzkaller-00021-gca91b9500108 #0 PREEMPT(full) 
[  564.394190][   T31] Tainted: [U]=USER
[  564.398349][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  564.409391][   T31] Call Trace:
[  564.412985][   T31]  <TASK>
[  564.416191][   T31]  dump_stack_lvl+0x3d/0x1f0
[  564.421222][   T31]  panic+0x71c/0x800
[  564.425490][   T31]  ? __pfx_panic+0x10/0x10
[  564.430327][   T31]  ? ret_from_fork_asm+0x1a/0x30
[  564.435745][   T31]  ? nmi_backtrace_stall_check+0x6e/0x540
[  564.442013][   T31]  ? irq_work_queue+0xce/0x100
[  564.447233][   T31]  ? watchdog+0xdda/0x12c0
[  564.452066][   T31]  ? watchdog+0xdcd/0x12c0
[  564.456924][   T31]  watchdog+0xdeb/0x12c0
[  564.461576][   T31]  ? __pfx_watchdog+0x10/0x10
[  564.466710][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  564.472425][   T31]  ? __kthread_parkme+0x19e/0x250
[  564.477950][   T31]  ? __pfx_watchdog+0x10/0x10
[  564.483081][   T31]  kthread+0x3c2/0x780
[  564.487548][   T31]  ? __pfx_kthread+0x10/0x10
[  564.492608][   T31]  ? __pfx_kthread+0x10/0x10
[  564.497633][   T31]  ? __pfx_kthread+0x10/0x10
[  564.502661][   T31]  ? __pfx_kthread+0x10/0x10
[  564.507708][   T31]  ? rcu_is_watching+0x12/0xc0
[  564.512940][   T31]  ? __pfx_kthread+0x10/0x10
[  564.517973][   T31]  ret_from_fork+0x45/0x80
[  564.522816][   T31]  ? __pfx_kthread+0x10/0x10
[  564.527881][   T31]  ret_from_fork_asm+0x1a/0x30
[  564.533215][   T31]  </TASK>
[  564.536570][   T31] Kernel Offset: disabled
[  564.541310][   T31] Rebooting in 86400 seconds..