last executing test programs:

6m36.792243588s ago: executing program 2 (id=1556):
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto(r2, 0x0, 0xfb15)
msync$auto(0x10000, 0x6, 0xb)
select$auto(0x1009, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6e, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x40000, 0x0)
mmap$auto(0x4, 0x1000003b, 0x7ec, 0x18, 0x200000401, 0x8002)
unshare$auto(0x40000080)
r3 = socket(0xa, 0x1, 0x100)
setsockopt$auto(r3, 0x29, 0x1b, 0x0, 0x56b)
r4 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x5, 0x1, 0x8}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"})

6m35.263714887s ago: executing program 2 (id=1560):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0)
pwrite64$auto(r0, 0x0, 0x400000, 0xc)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x501600, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000001080)=""/244, 0xf4)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000002c0), 0x44100, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x40146f2c, 0x0)

6m34.732444944s ago: executing program 2 (id=1563):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0)
openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0)
prctl$auto_PR_SCHED_CORE_CREATE(0x1, 0x1, 0x0, 0x0, 0x4)
openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000002c0), 0x44100, 0x0)
fcntl$auto(0x3, 0x8, 0x9ebfffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0xeee00, 0x31)
open_tree$auto(0xffffffffffffff9c, &(0x7f0000001100)='./cgroup\x00', 0x0)
r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x20b42, 0x0)
read$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffffff, 0x0, 0x0)
ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$auto(r1, 0x4b52, 0x1)

6m34.27872403s ago: executing program 2 (id=1564):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="82", @ANYRES16=0x0], 0x1c}}, 0x4044820)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x5, 0x3, 0x15f4da0a, 0x3, 0xffffffffffffffff, 0x7, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0xdef, 0x0)
setsockopt$auto(0x3, 0x5, 0x100000000, 0xfffffffffffffffc, 0xa)
getpid()
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_NAPI_GET2(0xffffffffffffffff, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="09032bbd7000fedbdf250b00000008000100e1"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mmap$auto(0x6, 0x48000a, 0x100002bb, 0x14, r0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000)
socket(0x11, 0xa, 0x300)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/nbd8/queue/iosched/async_depth\x00', 0x40800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000280)=""/4096, 0x1000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)

6m33.031564055s ago: executing program 2 (id=1569):
socket(0xf, 0x3, 0x2)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x2, 0x0)
socket(0x2, 0x2, 0x0)
openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0x2, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
ppoll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x8}, 0x6, 0x0, 0x0, 0x8)
open(&(0x7f0000000800)='./file0\x00', 0x383642, 0x154)
mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8002)
unshare$auto(0x40000080)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="00000046473a46004c318f3a89b6abb7ec3472e7a1e4820e2e83e36dcb26eb8d7b2a9d", @ANYRES16=r3, @ANYBLOB="010b27bd7000fcdbdf2505000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000084)
socket(0x22, 0x4, 0x2)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
socket(0xa, 0x1, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$auto_sync_info_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
read$auto(r4, &(0x7f0000000080)='\xbb\x00', 0x3)
r5 = socket(0x10, 0x2, 0x4)
write$auto(r5, &(0x7f0000000000)='-\x00', 0x2fb)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)

6m31.020620808s ago: executing program 2 (id=1573):
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r2=>0x0})
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x28, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a)
r5 = socket(0xa, 0x2, 0x88)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bond0\x00', <r7=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r7, r6, 0x4, 0x1ff, r5, @relative_id=0x13, 0xe600}, 0xf)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'pim6reg\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'vxcan1\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r11=>0x0})
bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x11, 0x4, 0x7, 0x67, 0x400, 0x0, 0x0, 0x80f0c8, 0x0, "2fc1d5cbcb9f6b5e511f0dd8d6068f65", r11, 0x113e33f2, 0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x3ad, 0x3, 0x0, 0x3, @attach_prog_fd, 0x4, 0xffff, 0x8, 0x81, 0xfffffffe}, 0x4a)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'dvmrp1\x00', <r12=>0x0})
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0xc0, r1, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}]}, @ETHTOOL_A_CHANNELS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_CHANNELS_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x257}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9801}]}, @ETHTOOL_A_CHANNELS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}]}]}, 0xc0}}, 0x4000000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0x7ffffffa)
mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000)
mount$auto(0x0, 0x0, &(0x7f0000000380)='*-\xba!@\x00', 0xfffffffffffffff9, &(0x7f00000003c0))
syz_clone(0x802000, &(0x7f0000000100)="3342744a811f67fffb81ab861d537958b358c3a941ffa081d22a83eba1e07005bd1ab52e557966e9cf61d08b8c722e024fc8c7d19de8092351119d0ee960088b2885c719f6d8ab15da88a24d573acc12238aa9306187c70e3bf04f6f3618d5f3272f26f340ad33eeab994338d89cda2ec2625b527d8f6c33addb8ea1a0cb57e6834b4db549d9c1357899107ec1a29d3e03c85c986f43fcc131d730b12242c36925261b0c8537ef89777841cdf3c74ae4437d15236780a0acfcfa69938caa0373357c2c441d6464beaf350a8b3be9eb4b1610d2e19eeb32f03509adc57536d9d9a5a9c3f025d7a9e2ecd3cf27bfa5ce7b8025dc34", 0xf4, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r13 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r13, 0x0, 0x2, 0x100)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8974a9e22d77cb94cae6c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d721dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f90019498601fcbcea6aa6a2d7983e6823f480185ef9c3b4ed19c4f94c108067c89d69bc4e0da0112280ecd0caff8a454fb3e6655dc6a35cdd053aef882e403458754f5e84bd2210f18a61106af8c5a2c18dc48ff87cfda6d545014009a167570f0550e5121d0bdf4b20a1177b708e5515ee33db3baf29633440999ddd36eb0299a1efcd8934ab60c1a88d9db6fa0d2b3f0bf12e87630e0dc5eddca8f291ad85141391e6f9fe56ee4ddb39a1ac7a573cb69ec14f012ea0b721df3ea40747d1130a61802e859519ae1bc5a3673105fa87485f88b8981a3a208a3576848c2df152a023f5e573c867b43b10247336b110956eb28e5288d7aa19219e8324857cdf6d17530385720afd5a1ffd23aa1bd061b73caafa05afdd1441040989d081814635347f1d55669b1c38be4698e3a085e2010e35d2747b4e39ef4920f58d6b4585d737c13221a44ad5543099bb0ab228722ef9cbc0d621178012495837d6a220eeaaf498ccc01", 0xfe04)

6m15.894920085s ago: executing program 32 (id=1573):
r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r2=>0x0})
sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={0x28, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
r3 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r4=>0x0})
bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a)
r5 = socket(0xa, 0x2, 0x88)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bond0\x00', <r7=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r7, r6, 0x4, 0x1ff, r5, @relative_id=0x13, 0xe600}, 0xf)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'pim6reg\x00', <r8=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000580)={'vxcan1\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r11=>0x0})
bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x11, 0x4, 0x7, 0x67, 0x400, 0x0, 0x0, 0x80f0c8, 0x0, "2fc1d5cbcb9f6b5e511f0dd8d6068f65", r11, 0x113e33f2, 0xffffffffffffffff, 0xe4, 0x6, 0x5, 0x3ad, 0x3, 0x0, 0x3, @attach_prog_fd, 0x4, 0xffff, 0x8, 0x81, 0xfffffffe}, 0x4a)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'dvmrp1\x00', <r12=>0x0})
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000006c0)={&(0x7f0000000600)={0xc0, r1, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}]}, @ETHTOOL_A_CHANNELS_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}]}, @ETHTOOL_A_CHANNELS_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x257}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9801}]}, @ETHTOOL_A_CHANNELS_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge0\x00'}]}]}, 0xc0}}, 0x4000000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto(0x3, 0x0, 0x7ffffffa)
mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000)
mount$auto(0x0, 0x0, &(0x7f0000000380)='*-\xba!@\x00', 0xfffffffffffffff9, &(0x7f00000003c0))
syz_clone(0x802000, &(0x7f0000000100)="3342744a811f67fffb81ab861d537958b358c3a941ffa081d22a83eba1e07005bd1ab52e557966e9cf61d08b8c722e024fc8c7d19de8092351119d0ee960088b2885c719f6d8ab15da88a24d573acc12238aa9306187c70e3bf04f6f3618d5f3272f26f340ad33eeab994338d89cda2ec2625b527d8f6c33addb8ea1a0cb57e6834b4db549d9c1357899107ec1a29d3e03c85c986f43fcc131d730b12242c36925261b0c8537ef89777841cdf3c74ae4437d15236780a0acfcfa69938caa0373357c2c441d6464beaf350a8b3be9eb4b1610d2e19eeb32f03509adc57536d9d9a5a9c3f025d7a9e2ecd3cf27bfa5ce7b8025dc34", 0xf4, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r13 = socket(0x11, 0x3, 0x9)
sendmmsg$auto(r13, 0x0, 0x2, 0x100)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2)
write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8974a9e22d77cb94cae6c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d721dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f90019498601fcbcea6aa6a2d7983e6823f480185ef9c3b4ed19c4f94c108067c89d69bc4e0da0112280ecd0caff8a454fb3e6655dc6a35cdd053aef882e403458754f5e84bd2210f18a61106af8c5a2c18dc48ff87cfda6d545014009a167570f0550e5121d0bdf4b20a1177b708e5515ee33db3baf29633440999ddd36eb0299a1efcd8934ab60c1a88d9db6fa0d2b3f0bf12e87630e0dc5eddca8f291ad85141391e6f9fe56ee4ddb39a1ac7a573cb69ec14f012ea0b721df3ea40747d1130a61802e859519ae1bc5a3673105fa87485f88b8981a3a208a3576848c2df152a023f5e573c867b43b10247336b110956eb28e5288d7aa19219e8324857cdf6d17530385720afd5a1ffd23aa1bd061b73caafa05afdd1441040989d081814635347f1d55669b1c38be4698e3a085e2010e35d2747b4e39ef4920f58d6b4585d737c13221a44ad5543099bb0ab228722ef9cbc0d621178012495837d6a220eeaaf498ccc01", 0xfe04)

10.65894836s ago: executing program 0 (id=2535):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6})
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x9, 0x5, 0x3)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000001180)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0)
pwritev$auto(0x3, 0x0, 0x5, 0x3, 0x9)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, 0x0, 0x40080, 0x0)
r1 = socket(0x15, 0x5, 0x0)
r2 = waitid$auto_P_PIDFD(0x3, r1, 0x0, 0x3, 0x0)
bind$auto(0x3, 0x0, 0x6a)
ioctl$auto(r0, 0x4b71, 0x0)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/mm/transparent_hugepage/hugepages-2048kB/enabled\x00', 0x0, 0x0)
openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x2f43, 0x0)
syz_open_procfs$namespace(r2, &(0x7f0000000080)='ns/net\x00')
socketpair$auto(0x1e, 0x5, 0x4, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm1c/sub3/sw_params\x00', 0x280, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_TIPC_NL_KEY_FLUSH(r3, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\t\x00\x00', @ANYRES16=r4, @ANYBLOB="010028bd7000ffdbdf2518000000"], 0x14}, 0x1, 0x0, 0x0, 0x840}, 0x10)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x280, 0x0)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

8.109809837s ago: executing program 4 (id=2541):
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0c\x00', 0x200, 0x0)
r0 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x40000, 0x0)
listen$auto(r0, 0x611e)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
fcntl$auto_F_SETSIG(r1, 0xa, 0xfffffffffffffeff)
poll$auto(0x0, 0x6, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r2, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
socket(0x2, 0x1, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x9, 0x3)
read$auto(0x3, 0x0, 0x80)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
r3 = socket(0x11, 0x80003, 0x300)
io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46)
sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x14, 0x0, 0x8, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040091}, 0x40850)

8.073076483s ago: executing program 3 (id=2542):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r1, 0x29, 0x32, 0x0, 0x113)
r2 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000100), r0)
sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, r2, 0xd3bed26fbb0d8463, 0x70bd29, 0x25dfdbfe, {0x2, 0x0, 0x300}, [@SMC_PNETID_ETHNAME={0xc, 0x2, '\x01L\xbc\x89>\x97\xa2\xca'}, @SMC_PNETID_NAME={0xc, 0x1, 'ethtool\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000001}, 0x1c054)

7.894802316s ago: executing program 3 (id=2544):
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x802, 0x0)
ppoll$auto(&(0x7f0000000040)={r0, 0x2, 0xf}, 0x24, 0x0, 0x0, 0x8)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x1011c0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da08, 0x3, 0x3, 0x62, 0x80000003, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r2, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
ioperm$auto(0x7, 0x5ad2, 0xc)
modify_ldt$auto(0x1, 0x0, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="eeca0000", @ANYRES16=0x0, @ANYBLOB="09032dbd7000fcdbdf25260000000800070065000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
sysfs$auto(0x2, 0x100000000000036, 0x0)
umask$auto(0x4)
fsopen$auto(0x0, 0x1)

7.651940222s ago: executing program 1 (id=2545):
mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000)
madvise$auto(0x0, 0xffffffffffff0006, 0x17)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2, 0x1, 0x106)
bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0)
bind$auto(0x3, 0x0, 0x6a)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, 0x0, 0x0)
sendmsg$auto(r2, 0x0, 0xfb15)
msync$auto(0x10000, 0x6, 0xb)
select$auto(0x1009, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6e, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb})
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(0xffffffffffffffff, 0x900064b5, 0xc14)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x40000, 0x0)
mmap$auto(0x4, 0x1000003b, 0x7ec, 0x18, 0x200000401, 0x8002)
unshare$auto(0x40000080)
r3 = socket(0xa, 0x1, 0x100)
setsockopt$auto(r3, 0x29, 0x17, 0x0, 0x56b)
r4 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0)
ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x5, 0x1, 0x8}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"})

6.789908325s ago: executing program 0 (id=2546):
mmap$auto(0x0, 0x2020005, 0x8, 0x12, 0xfffffffffffffffb, 0x5)
close_range$auto(0x0, 0xffffffffffffffff, 0x2)
pidfd_open$auto(0x1, 0x0)
bpf$auto(0x2, &(0x7f00000001c0)=@batch={0x8000000000009, 0x80000001, 0x10008, 0x8250, 0xa6d5, <r0=>0xffffffffffffffff, 0x7, 0x6}, 0x103)
sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c0002"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000)
openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/rc_rateidx_mcs_mask_2ghz\x00', 0x88000, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001c00)=""/4111, 0x100f)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x8000)
r2 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x0)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/hid/drivers/zeroplus/uevent\x00', 0x121681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)='-', 0x1)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r4 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000300), r0)
sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_DELETE(r2, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0x94, r4, 0x5264168ecb5a8c61, 0x101, 0x25dfdbfd, {}, [@THERMAL_GENL_ATTR_TZ_TRIP_TYPE={0x8, 0x6, 0x948b}, @THERMAL_GENL_ATTR_TZ_NAME={0x4b, 0xa, '/sys/kernel/debug/ieee80211/phy1/netdev:wlan1/rc_rateidx_mcs_mask_2ghz\x00'}, @THERMAL_GENL_ATTR_CDEV_CUR_STATE={0x8}, @THERMAL_GENL_ATTR_TZ_ID={0x8, 0x2, 0x1}, @THERMAL_GENL_ATTR_CDEV_NAME={0x14, 0x12, 'pimreg0\x00'}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_EFFICIENCY={0x8, 0x17, 0xf}]}, 0x94}, 0x1, 0x0, 0x0, 0x24048001}, 0x0)

6.658368842s ago: executing program 3 (id=2547):
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0x3, 0xe3, 0x400000000a, 0x200000003}, 0x6f1)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
socket(0x10, 0x4, 0xffffffc0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
io_uring_setup$auto(0x2, 0x0)
close_range$auto(0x2, 0xa, 0x0)
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
ioprio_set$auto(0x2, 0x0, 0x208)
read$auto(0xffffffffffffffff, 0x0, 0x9)
openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f000000e680), 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/ns_last_pid\x00', 0x68001, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x3, 0x3, 0xc24)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0)
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000200)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xfffffffffffffffe, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
socket(0xa, 0x5, 0x94)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
write$auto(r1, 0x0, 0x81)

5.793477975s ago: executing program 0 (id=2548):
prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
socket(0x3, 0x3, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000005, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0x28800, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/037/001\x00', 0x630001, 0x0)
openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0)
mmap$auto(0xfffffffffffffff9, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC0\x00', 0x0, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0)
sendfile$auto(r2, r1, 0x0, 0x1000202)
unshare$auto(0x40000080)
semctl$auto_SETVAL(0x0, 0x7, 0x10, 0xfff)
close_range$auto(0x2, 0x8, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x88, 0x0, 0x0, 0x80000000)
socket(0x10, 0x2, 0x7fffffff)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
socket(0x24, 0x1, 0x0)

5.777021572s ago: executing program 4 (id=2549):
mmap$auto(0x0, 0x20009, 0x6, 0xeb1, 0x404, 0x8003)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc]}, 0x1fe, 0x81)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r1 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x51d, 0x0)
r2 = socket(0x11, 0x80003, 0x300)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x2, 0x1, 0x84)
mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xeb1, 0x401, 0x8000)
r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40026f34, 0x0)
connect$auto(r2, &(0x7f0000000140)=@in={0x2, 0x0, @rand_addr=0x64010100}, 0x52)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000580)={{&(0x7f0000000440)="4dba758fe6f327dd2d091710f552005421dfaad29e97c41f82224fdfe4b99d042c85c9279ee009f4a2577f94c51aa82b246cd006ef79b8fd0cbf67c0c79d47bf01c7009d8e259be6975c42b1b3217ed3b6a6dad99c601afcdd65df2f8f738b4b05c762551987561b55041f8a4b8ac5f4f533b4aa78e5cbb456cd16255562acea88049fe29367c2a0db9d781b40f69bc42faea4090736080a41eed961bb01e34b21", 0x6, &(0x7f0000000080)={&(0x7f0000000380)="f3e66d349112e6c5f154172dc4902ee527c78b2377428e5b95258a70bc5f695169ce17ced532db737ad18028ec2e336450ef8744657438f2a4f784e090afb0e0b7e43fad78f589e603f49451ca745f696e37b0ddce136012b0b8e5c99828e5ae2dd053", 0x4}, 0xfffffffffffffff7, &(0x7f0000000500)="e23c189ba286c563b7a852757c43d0a522c3b03521faba04de8fadc3116eeb730e970c725888fc533829caaeacd636042ef941600431934b2a36f155fd06f3d78dea65ad17e76d0d474b5ce1ffda0c51d90fca268ac54c985db25b0800940bfd8b2c0c07c962e17be33cbff4f3", 0x2278, 0xa76}, 0x10001}, 0x7, 0x7)
shutdown$auto(0x200000003, 0x2)
connect$auto(0x3, &(0x7f0000000040)=@isdn={0x22, 0x8, 0x58, 0x0, 0x2}, 0x12)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={0x0, 0x7}, 0x6, 0x0, 0x5, 0x1}, 0x5}, 0xb9, 0x100)
open(0x0, 0x101800, 0x100)
socket(0xa, 0x2, 0x8)
close_range$auto(0xffffffffffffffff, 0x8, 0x0)

5.692236749s ago: executing program 1 (id=2550):
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0)
write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0)
fstat$auto(0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000003fc0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETFAMILY2(r0, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000004080)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7045ab3c6925030000000f00020076657468305f766c616e000099171ebfb25b41a0a1d6cfee4d91b0aabdfa957495596088c15de19be2148449ea7402d61ba152055dab8abefcc9"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x4000050)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x14, r3, 0x1, 0x70bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800)
read$auto(r2, &(0x7f0000000140)='$.)*\x00', 0x7fffffffffffffff)
read$auto(0xffffffffffffffff, 0x0, 0xf6c1)

5.448673913s ago: executing program 3 (id=2551):
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
socket(0x11, 0x80003, 0x300)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x1a1000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = gettid()
rt_sigsuspend$auto(&(0x7f0000000000)={0x2}, 0x8)
tkill$auto(r0, 0x7)
ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000200)={"c42e9d0be3659c273c3c61b81e7f496ff1523fd31cf36690b5a2f0f1e012075b", 0x3, 0x6, 0x0, 0x0, 0x8})

4.981031855s ago: executing program 1 (id=2552):
mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000)
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x28, r2, 0x301, 0x70bd25, 0x25dfdbff, {}, [@CTRL_ATTR_OP={0x8, 0xa, 0x3}, @CTRL_ATTR_FAMILY_NAME={0x9, 0x2, 'vdpa\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810)
mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x29, 0xa, 0x0)
openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000b80)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x2, 0x0)
socket(0x2, 0x2, 0x1)
socket(0x10, 0x2, 0x4)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
io_uring_setup$auto(0x2, 0x0)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xa0202, 0x0)
ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0)
socketpair$auto(0x5b, 0x1, 0x420000, 0x0)
r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0)
ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0)
ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0)
read$auto(0x3, 0x0, 0x1f40)
r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0)
r6 = waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000080)={@siginfo_0_0={0x7, 0x615, 0x3, @_sigchld={0x0, 0xffffffffffffffff, 0x1, 0x401, 0xfffffffffffffff8}}}, 0x3, &(0x7f0000000100)={{0x5, 0xd}, {0xe4, 0xffff}, 0x17c9, 0x1, 0x7fffffff, 0x9, 0x20000000000006, 0x0, 0x7, 0x1, 0x5, 0x4, 0x9d, 0xee, 0x5, 0x6})
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000580)={{@inferred=r6, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6bfc1f64010043eeb0b0530300efffffff0d00", @raw=0xff}, 0x4, 0x966, 0x6, @raw=0x30, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"})
r7 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x80080, 0x0)
ioctl$auto_PPPIOCSMRU(r7, 0xc004743e, 0x0)
readv$auto(0x3, &(0x7f0000000000)={0x0, 0xffff}, 0x1)

4.621377555s ago: executing program 4 (id=2553):
r0 = openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/uprobe_events\x00', 0x40000, 0x0)
write$auto_uprobe_events_ops_trace_uprobe(r0, &(0x7f0000000040)="d5e7eb0d86a36cc37fd6d80ec089c1035d2c936c606a7313f32eda05d9a2b95e92a45abb27700d57945c91c2c63154601f08b101961a232acd44a494b871", 0x3e)
madvise$auto(0x6, 0x7, 0x1)
madvise$auto(0x8, 0x800, 0x0)
r1 = socket(0x1f, 0x800, 0x37b)
r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'nicvf0\x00', <r3=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'nr0\x00', <r4=>0x0})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'xfrm0\x00', <r5=>0x0})
sendmsg$auto_ETHTOOL_MSG_STATS_GET(r1, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x148, r2, 0x2, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_STATS_GROUPS={0xe4, 0x3, 0x0, 0x1, [@typed={0x14, 0xfd, 0x0, 0x0, @ipv6=@local}, @nested={0xcc, 0xde, 0x0, 0x1, [@nested={0x4, 0xd3}, @generic="c725f71f9878438338a84c244026bbab2f4167eb096e398ed2f2694306de67f0f099780851bef4d00166b5da2fe29fe7eb4c488ab213fa017e3a81bebc83e57fa3aa12d1b68e6d295ced915c622d88b7b9d784cfc78c471faa69d24a0acd0011f53991f26b35db82fdb9bdf5675551ce303f9d3fa47241baf54e42d1b096bdc5f488ccd740d649d7bf7cebc26401b75cbe9abb682101ab1c5544105867d2c8f38eb5f06b707ad32c04a128d4dcc6d409a730ce8240518c7dbafc122fcfa7639bc10e6af5"]}]}, @ETHTOOL_A_STATS_HEADER={0x48, 0x2, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x80000000}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_STATS_SRC={0x8, 0x5, 0x6}]}, 0x148}, 0x1, 0x0, 0x0, 0x4000001}, 0x20000005)
r6 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/pcmC0D0c\x00', 0x80, 0x0)
ioctl$auto_SNDRV_PCM_IOCTL_PAUSE2(r6, 0x40044145, &(0x7f0000000400)=0x1)
setsockopt$auto(r0, 0x3, 0x1, &(0x7f0000000440)='\x00', 0x101)
madvise$auto(0x390a, 0xe8a, 0x2)
mmap$auto(0x52e1, 0x5, 0x6, 0xffffffffffffffff, r0, 0x4)
r7 = openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f0000000480), 0x169080, 0x0)
r8 = openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/kernel/debug/tracing/printk_formats\x00', 0x100, 0x0)
r9 = ioctl$auto_UDMABUF_CREATE(r7, 0x40187542, &(0x7f0000000500)={<r10=>r8, 0x40100, 0x9, 0x4})
r11 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000580), r10)
sendmsg$auto_TIPC_NL_MEDIA_GET(r10, &(0x7f0000000940)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2000002}, 0xc, &(0x7f0000000900)={&(0x7f00000005c0)={0x334, r11, 0x8, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x80, 0x5, 0x0, 0x1, [@nested={0x6c, 0x12a, 0x0, 0x1, [@generic="af0df5dae908f54949f04a4415734fdcd0187d3a62f3309b3952fed2c32dd31f2942c70bb88a2e794d3cd77ea13584da2bb1bf07d7b69a7e9845c9ef559356f3230d9c1c574d11376f797d9d1ee089e814ffff71c448ffae", @nested={0x4, 0xee}, @generic="5107ec9eee887f0eb7666f08"]}, @nested={0x8, 0x67, 0x0, 0x1, [@nested={0x4, 0xab}]}, @typed={0x8, 0x7, 0x0, 0x0, @fd=r0}]}, @TIPC_NLA_MON={0x123, 0x9, 0x0, 0x1, [@typed={0x14, 0x2d, 0x0, 0x0, @ipv6=@remote}, @typed={0xc, 0xfc, 0x0, 0x0, @u64=0xd9e1}, @typed={0x8, 0x99, 0x0, 0x0, @ipv4=@loopback}, @generic="6915fb6fc75e1ba44f893c642ebb7195d849e73a98fd65e31334e5f765d1020b06839fe4b03756279b4e2e29d308f1d6da1272a84aca013a70935831d9f5215c58601e5b33c1a666b133750ec43c8ae0ac4d0aa6823b25c082ff0d615bb9369b1bb3c6a645e122a116dd7ec66b681f453d05054db972b0", @generic="dba1f9a789d7ca2b8edc5eb99a4e9b91991673615ead780bae53e9ac0a1b06a27f14e615152c7b45778817ed4e5618df74dea13e1e4f06ead511943d800729961774f21adb440d281d2f5b5668514ddf057d95fa7e17e8ece6c415ee79740aa562d6a70ed05121b862fa5bba812482666f39a7f9c6c82dfb350d050ccd164a29"]}, @TIPC_NLA_UNSPEC={0x98, 0x0, "fc94002b1b7296f63a5fe950ce982058e467be4662998ffb0bf2aca41ee46c7767fe3d79cfc4229cc2b627f75955d6b4fcc9d6e8e602f0a4b571609bbf6c9e7ae82ea0cb30a50586546928408696622528f9801ada1602c5ad9dee11c67b9106fd66ce52134ece5c0e0ffa708f64d4607b54a9185240eda9c1176dba55e55fd4bdc75e63379969b2435cd88aaeef8273e0bf74d7"}, @TIPC_NLA_LINK={0xe1, 0x4, 0x0, 0x1, [@typed={0x4, 0x151}, @generic="c2a957ae21ceb6aabec4c4ef6cef8b9dba9f8f6046f606a1696e575e2dd69a808a3b828e3633921e608da8d8f48632d7c7197d946b4260e89b8831fb4095422046a5db9480dda328a401e8e3398fdce9d57872aaa938e460b673d1f1e7c3c9a55009f11d3cc5235159a5c1d5c13efab2f7f1461d3f1b212116fd4d1a6049a949d6a655af5a9a68fc8932c3c0b0e090097b1bb4d99a217845f4fcf9dbe35fe3aeb8eddc810ad52bce5ff5f8c1a770daf1a20eb5580ecc3b24694779f6ba514eea011ccd38116950e5a066507832e191f40660419170dae31a39"]}]}, 0x334}, 0x1, 0x0, 0x0, 0x40}, 0x44884)
fcntl$auto_F_GETFD(r7, 0x1, 0x4)
r12 = ioctl$auto_TUNSETDEBUG(r10, 0x400454c9, &(0x7f0000000980)=0xfffffffc)
ioctl$auto_SNDCTL_SYNTH_ID(r12, 0xc08c5114, &(0x7f00000009c0)="632507afa683fb0bef")
r13 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000a40), r9)
sendmsg$auto_NL80211_CMD_SET_QOS_MAP(r12, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a80)={0x24, r13, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x8}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x86}, 0x200000c0)
r14 = clone$auto(0x5, 0x6, &(0x7f0000000b40)=0xffffffff, &(0x7f0000000b80)=0x8, 0xc4)
r15 = waitid$auto_P_ALL(0x0, 0x7, &(0x7f0000000bc0)={@_si_pad}, 0x8, &(0x7f0000000c40)={{0x1, 0xb}, {0x1ff, 0x7}, 0x3, 0x5, 0x9, 0x659, 0x400, 0x7, 0x100, 0x4, 0x6, 0x9, 0x553a, 0x49e6, 0x7, 0x8})
setpgid$auto(r14, r15)
madvise$auto(0x100, 0xb, 0x7)
bpf$auto_BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000d00)=@enable_stats={0x8}, 0x2)

4.582879332s ago: executing program 3 (id=2554):
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000)
r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0)
ppoll$auto(&(0x7f0000000040)={r0, 0x2, 0xf}, 0x24, 0x0, 0x0, 0x8)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x1011c0, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0x8, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da08, 0x3, 0x3, 0x62, 0x80000003, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0)
write$auto(r2, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0)
ioperm$auto(0x7, 0x5ad2, 0xc)
modify_ldt$auto(0x1, 0x0, 0x10)
pread64$auto(0xffffffffffffffff, 0x0, 0x0, 0x8000000000000001)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="eeca0000", @ANYRES16=0x0, @ANYBLOB="09032dbd7000fcdbdf25260000000800070065000000"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x10)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0)
write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
sysfs$auto(0x2, 0x100000000000036, 0x0)
umask$auto(0x4)
fsopen$auto(0x0, 0x1)

4.110136926s ago: executing program 4 (id=2555):
unshare$auto(0x40000080)
r0 = socket(0x0, 0x6, 0x7fffffff)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
r1 = socket(0x22, 0x2, 0x1c01)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6000c800}, 0x2c0408c0)
r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb1\x00', 0x0, 0x0)
ioctl$auto_FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f00000000c0)="58fcb282bcbc38bfaef257e019406e8ec445cd4f7f7662ac0f8834baa918d5b3cea133243c4f2b9a39e536b67f5a1a2bfdf589da2b1c980e9ce53883444996d1721d7f3ae627c6c68118e15b5a753fd37910fbc02d898cfc8254c80582fc6184")
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/mtd/mtd0/name\x00', 0x90001, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
read$auto(0x3, 0x0, 0x80)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f00000001c0), 0x1cb803, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
lsm_list_modules$auto(0x0, 0x0, 0x0)
r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x40146f2c, 0x0)
unshare$auto(0x40000080)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/tainted\x00', 0x28002, 0x0)
readv$auto(r4, &(0x7f00000000c0)={&(0x7f0000000080)="b901e52011a4f4555f7a30b19d33b73e86deff5f5dc9", 0xb}, 0x4)
close_range$auto(0x2, 0xa, 0x0)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
lseek$auto(0x3, 0x7ffffffffffffffb, 0x0)
socket(0x10, 0x2, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, 0x0, 0x40040)
mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, r0, 0x8000)
shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa)
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0xc76, 0x8000)
shmdt$auto(&(0x7f0000000000)=':-h!/-^@(\']@%]/\x00')

3.495923178s ago: executing program 1 (id=2556):
r0 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0)
readv$auto(r0, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3)

3.02979045s ago: executing program 0 (id=2557):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803) (async)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x10, 0x2, 0x4) (async, rerun: 32)
socket(0x10, 0x2, 0x0) (async, rerun: 32)
setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9) (async)
mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) (async)
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638a2a513, 0x0) (async)
socket(0x2b, 0x1, 0x1) (async)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/traceSMB\x00', 0x40c01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) (async)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f0000000240)=@link_update={0xffffffffffffffff, @new_prog_fd, 0x80000000, @old_map_fd}, 0x4000000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async, rerun: 32)
madvise$auto(0x0, 0x2003f0, 0x15) (async, rerun: 32)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x9, 0x9, 0xeb3, 0xfffefffffffffffa, 0x8000)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14)
fcntl$auto(r1, 0x409, 0x40003f) (async)
ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001100)=""/192, 0xc0) (async, rerun: 64)
write$auto(0x3, 0x0, 0x100082) (async, rerun: 64)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64)
setsockopt$auto(0xffffffffffffffff, 0x8, 0xc, 0x0, 0x567) (async, rerun: 64)
unshare$auto(0x40000080) (async)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080)

2.400968099s ago: executing program 1 (id=2558):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = socket(0x10, 0x2, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x10004010)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="7ea5a862", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20008841)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="19"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x1}, 0x2, 0x0)

2.249596644s ago: executing program 3 (id=2559):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/lru_gen\x00', 0x56640, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103)
r1 = open(&(0x7f00000004c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x8000, 0xd1)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_RPC_STATUS_GET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r3, 0x309, 0x70bd27, 0x25dedbfc}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x100000001ff, 0x7, 0x3, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x5, 0x62, 0x8000000000000000, 0x9, 0x8000000000000000, 0x7, 0x1, 0x1]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0)
readahead$auto(r4, 0x4, 0x4)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0)
pread64$auto(r5, &(0x7f00000000c0)='/proc/sys/kernel/sem\x00', 0xa1a1, 0x5)
ioctl$auto(0xffffffffffffffff, 0x4, 0xffffffffffffffff)
sysfs$auto(0x5, 0x100000074e, 0x0)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0x8000000000000000, 0x15)

2.140697403s ago: executing program 1 (id=2560):
openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0c\x00', 0x200, 0x0)
r0 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x40000, 0x0)
listen$auto(r0, 0x611e)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
fcntl$auto_F_SETSIG(r1, 0xa, 0xfffffffffffffeff)
poll$auto(0x0, 0x6, 0x8)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000)
recvmmsg$auto(r2, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0)
socket(0x2, 0x1, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x9, 0x3)
read$auto(0x3, 0x0, 0x80)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
getrandom$auto(0x0, 0x6000000, 0x3)
r3 = socket(0x11, 0x80003, 0x300)
io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46)
sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x14, 0x0, 0x8, 0x70bd2b, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040091}, 0x40850)

1.885763372s ago: executing program 0 (id=2561):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000100)={{@raw=0x2, 0x85, 0x20e, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200", @raw=0x6}, 0x0, @integer=@value_ptr=&(0x7f0000000680)=0x4, "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"})
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
socket(0xa, 0x1, 0x100)
r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
pread64$auto(r1, 0x0, 0x7ff, 0x400)
socket(0x1a, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0)
ioctl$auto(0xffffffffffffffff, 0x2, r1)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto_ocfs2_control_fops_stack_user(r3, &(0x7f00000006c0)="7dd682fe6bfb01f2835a9aa528bc95e102862d85d2e9d8c8da614620892e1bba4736c70e541e93b38045e2a38d551821461000b26660c4b510def730ffb70c5378092b28692febc5e012d42e0c", 0x4d)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000740)='/proc/asound/card0/pcm0p/sub4/info\x00', 0x101b80, 0x0)
pread64$auto(r4, 0x0, 0xf469, 0xbc3ab41)
write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fc, 0x7, 0xd, 0x1, 0xc5e1, 0x3, 0x87, 0x2000000000000002, 0x0, 0x62, 0x8, 0x10, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0)
madvise$auto(0x0, 0x2003f0, 0x17)
msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000600)='/dev/audio1\x00', 0x8000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x1e, 0x805, 0x0)

1.676202123s ago: executing program 4 (id=2562):
mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
socket(0x11, 0x80003, 0x300)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x1a1000, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e</\xfd\x9b\xe4\x99G\xeaS\x9a\xadu(:\x94:\xaf\x06c=3>1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5)
r0 = gettid()
rt_sigsuspend$auto(&(0x7f0000000000)={0x2}, 0x8)
tkill$auto(r0, 0x7)
ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000200)={"c42e9d0be3659c273c3c61b81e7f496ff1523fd31cf36690b5a2f0f1e012075b", 0x3, 0x6, 0x0, 0x0, 0x8})

297.621912ms ago: executing program 4 (id=2563):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="82", @ANYRES16=0x0], 0x1c}}, 0x4044820)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x5, 0x3, 0x15f4da0a, 0x3, 0xffffffffffffffff, 0x7, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0xdef, 0x0)
setsockopt$auto(0x3, 0x5, 0x100000000, 0xfffffffffffffffc, 0xa)
getpid()
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_NAPI_GET2(0xffffffffffffffff, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="09032bbd7000fedbdf250b00000008000100e1"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mmap$auto(0x6, 0x48000a, 0x100002bb, 0x14, r0, 0x1)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x40000080)
socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000)
socket(0x11, 0xa, 0x300)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/nbd8/queue/iosched/async_depth\x00', 0x40800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000280)=""/4096, 0x1000)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa)

0s ago: executing program 0 (id=2564):
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/nbd5/requeue_list\x00', 0x40002, 0x0)
r0 = openat$auto_msft_opcode_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci0/msft_opcode\x00', 0x0, 0x0)
read$auto(r0, &(0x7f0000006740)='^%-[)>\'\xdf\x00', 0xffff)
preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5)
syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000140), 0xffffffffffffffff)
r1 = ioctl$auto_NS_GET_PID_IN_PIDNS(0xffffffffffffffff, 0x8004b708, &(0x7f0000000000)=0x79ae)
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000200)={0x68, r2, 0x2, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_SUPPORTED_SELECTORS={0x41, 0x14e, "f919fe5238fb49d030ecb5c44b90d730d035342b13b4040178cf0222cf3207288b5d7270bd3eaa0dd65a2cac3aa63983017ca74365ab4f2e398dc3234e"}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_UNSOL_BCAST_PROBE_RESP={0xc, 0x127, 0x0, 0x1, [@NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT={0x8, 0x1, 0xd7cce25}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x4080}, 0x4000881)

kernel console output (not intermixed with test programs):












	

	
	


	
	
	
			
	
	
	
	
	
	

	
		

	


		

		
	
		
	
	



			








	
	
	
		



	

		



	




	







	


	
	




	

	




	






	




	




		







	
		

	


	

	

		
	
		
	
	



			








	

	









	
	



	



	







	




















	


	






	





	



	


	
	



	


	




	


	
	
	
	








	
	



	
	
	
	

	





	



		

		








	







	
	
	

	
		



		


		

	
	








	








	





	





		








	

	


	
	
						

	





	


	

	

	
		


	
	


	
	

	



		
	
	



			











	

	
	


	


		
	
		


		

		
			


		

		
	

		
	

	

	

	
	





	
	



	
	
	
	

	





	



		

		








	







	
	
	

	
		



		


		

	
	











	









	







	









		














	
	
	

	
		
	
	

	

						

	


	
	
	
	
	

		
	




	
	
		
		

		
		


	

	

	
	
		
		

		
		


	

	

	
	



	



	
	


		
	
	


	
	


		
	
	

	




	



	
	






		









	



	
	






			
	

		

	





		



	
		

	






		









	



	
	






			
	

		

	





		



	
		

	



	


	

	
		






	
	

	
		
	
	
			

			

			

			


	
		

	
		

		
		

		
	
	

		
		

		
	
	



		
		
	
	
	

	
		


						

	



	

	


	


	





	

	









	

	




			
	
			
	
			
	
			
	
						

	




				


			


				


			
	

	
		
						

	





	

						

	




	

		
	
		
	
	
	
	
	
	
						

	




	
	
	

	
		
	

	
		





	

	









		









	

	









		







	

	
	

	




	

	
	

	

	

	
		



	




	

						

	


	

	
		
	
	

	

	

	
		
	
		
	
		
	

	
		
						

	


	

	
		



	

	

	
		
						

	


		
	
		

	
	
	
	
	
	

	

	

	
		
		
	
		

	
	
	

	

						
	
						
	
						
	
						
	
	

	

	
	
		
		


	

	

	
	
		
		


			

	
	
	

			

	
	
	

			




	

	


	

	

	
						

	



				



				


		
	
		
	
	

	

	
	
	
	
	
	
		
	
		
	

	
		
	
	

	

		
	
		
		
	
		
	
	

	

						

	




	
	

	



		
	
	



			











	

	
	


	


		
	
		


		

		
			


		

		
	

		
	

	

	

	
	





	
	



	
	
	
	

	





	



		

		








	







	
	
	

	
		



		


		

	
	











	









	





	





		







		
		




	

		
	
		
	
	

	

	
	

	
	

	
				
	
	



	
	
						

	


	




	
				
	
	
	
	

	

						

	


		
	
		
	
	

	

	
	
	
		
	

	
		

	


	
	

		
	
		
	
	



			








	

	
	



	



















	
	
		
	
			
	






	




	





		











		
	
		
	
	
	

	

						

	


						

	


	
	

	


				

	
	
	
	
	
	
	
	
	
	
	
					
						
	
						
	
		
	
		
						
	
						
	

		
	




		
		

		
		


	

	

	
	
		
		

		
		


	

	

	
	
	
	
	

	

	
	
		
		


	

	

	
	
		
		


		
	
		
	
	
			

	
	
	

			

	
	
	

			



	
	

	



	
	


		
	
	


	
	


		
	
	

	




	









		









	



	
	






			
	

		

	





		



	
		

	






		









	



	
	






			
	

		

	





		



	
		

	
	
	

	
	
	

	


	
		






	

[  761.435528][ T5835] Bluetooth: hci1: command tx timeout
[  761.693147][T16134] FAULT_INJECTION: forcing a failure.
[  761.693147][T16134] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  761.724637][T16134] CPU: 1 UID: 0 PID: 16134 Comm: syz.0.2002 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  761.724681][T16134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  761.724699][T16134] Call Trace:
[  761.724709][T16134]  <TASK>
[  761.724720][T16134]  dump_stack_lvl+0x16c/0x1f0
[  761.724773][T16134]  should_fail_ex+0x512/0x640
[  761.724823][T16134]  _copy_from_user+0x2e/0xd0
[  761.724855][T16134]  core_sys_select+0x35b/0xc10
[  761.724908][T16134]  ? __pfx_core_sys_select+0x10/0x10
[  761.724958][T16134]  ? proc_fail_nth_write+0x9f/0x250
[  761.725028][T16134]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  761.725069][T16134]  kern_select+0x15d/0x1e0
[  761.725109][T16134]  ? __pfx_kern_select+0x10/0x10
[  761.725152][T16134]  ? __pfx_ksys_write+0x10/0x10
[  761.725201][T16134]  __x64_sys_select+0xbd/0x160
[  761.725239][T16134]  ? do_syscall_64+0x91/0x490
[  761.725265][T16134]  ? lockdep_hardirqs_on+0x7c/0x110
[  761.725308][T16134]  do_syscall_64+0xcd/0x490
[  761.725340][T16134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.725370][T16134] RIP: 0033:0x7f4b4038e929
[  761.725392][T16134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  761.725418][T16134] RSP: 002b:00007f4b41266038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  761.725445][T16134] RAX: ffffffffffffffda RBX: 00007f4b405b6160 RCX: 00007f4b4038e929
[  761.725463][T16134] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  761.725479][T16134] RBP: 00007f4b41266090 R08: 0000000000000000 R09: 0000000000000000
[  761.725496][T16134] R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000001
[  761.725514][T16134] R13: 0000000000000000 R14: 00007f4b405b6160 R15: 00007ffec95f4618
[  761.725641][T16134]  </TASK>
[  762.306811][ T1156] hsr_slave_0: left promiscuous mode
[  762.341972][ T1156] hsr_slave_1: left promiscuous mode
[  762.437580][ T1156] veth1_macvtap: left promiscuous mode
[  762.444960][ T1156] veth1_vlan: left promiscuous mode
[  762.451284][ T1156] veth0_vlan: left promiscuous mode

syzkaller
syzkaller login: [  763.041809][T16149] vhci_hcd: invalid port number 21
[  763.054647][T16149] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub.
[  763.440600][ T1156] team_slave_1 (unregistering): left promiscuous mode
[  763.457030][ T1156] team0 (unregistering): Port device team_slave_1 removed
[  763.520693][ T1156] team_slave_0 (unregistering): left promiscuous mode
[  763.529681][ T1156] team0 (unregistering): Port device team_slave_0 removed
[  765.280160][T16156] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2006'.
[  765.299491][T16022] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  765.360497][T16022] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  765.593183][T16022] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  766.104044][T16022] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  766.672053][T16022] 8021q: adding VLAN 0 to HW filter on device bond0
[  766.720807][T16022] 8021q: adding VLAN 0 to HW filter on device team0
[  766.747427][ T3457] bridge0: port 1(bridge_slave_0) entered blocking state
[  766.754683][ T3457] bridge0: port 1(bridge_slave_0) entered forwarding state
[  766.791286][ T3457] bridge0: port 2(bridge_slave_1) entered blocking state
[  766.798560][ T3457] bridge0: port 2(bridge_slave_1) entered forwarding state
[  767.841213][T16213] Invalid ELF header magic: != ELF
[  768.736394][T16022] 8021q: adding VLAN 0 to HW filter on device batadv0
[  768.873374][T16022] veth0_vlan: entered promiscuous mode
[  768.986088][T16022] veth1_vlan: entered promiscuous mode
[  769.082535][T16022] veth0_macvtap: entered promiscuous mode
[  769.254804][T16022] veth1_macvtap: entered promiscuous mode
[  769.377226][T16022] batman_adv: batadv0: Interface activated: batadv_slave_0
[  769.459476][T16022] batman_adv: batadv0: Interface activated: batadv_slave_1
[  769.493734][T16022] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  769.564551][T16022] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  769.603773][T16022] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  769.762379][T16022] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  769.986237][T16242] Invalid ELF header magic: != ELF
[  770.968305][ T1156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  770.977185][ T1156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  771.200158][  T435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  771.225137][  T435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  771.962598][T16263] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
	
	

	

		
	
		
							
		


			
	
	
		
	
		


	
	

	
		

	


	
	

		
	
		
	
	



			








	





	




		

		



		





		

			

			

	

	


	



	
	
	
	
	
	






	








	









		










		
	
		
	
	

	

						

	


	
	

	



	
		

	


	
	

		
	
		
	
	



			








	




	







	


	
		
	


	

	
	
	
	
	
	
	




	

		











	

	
	
















	








	









		










	


	
	
	
	
	
	

	


	
		

	


		

		
	
		
	
	



			








	












	




	







	




	




		





	

	
		
	
	

	

	
	
	
		
	
	
	

	

		
	
		
	
	
		
	
	
	
		
	
	

	
		
		
	
		
	
	
		
	
	
	
		
	
						

	


	
	
	
	
	
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	

	

		
	
		
	
	

	

	
	

	

	

	
		
	

	



	

	

	
		
	

	
		



	
	
		
	
	


	
	



	
	

	

	

	
		
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	


	
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
						

	


	
	
		
	
	
	
	
		
	
	
	
		
	
						

	


	

	
		

	
	
		
	
	

	
		





	

	









		









	

	









		




	
	
		
	
	
	
		
	




















	
	
		
	

	
		

	


	
	

		
	
		
	
	



			








	





	





	

	












	

	
	






	




	







	





	





		











	
	
		
	
	
	
	
		
	












































































						

	






























	
				
	
	



	
			
	
	
		
	
	
	
		
	
	
	

	





	

	
	
		
	
						

	


						

	


	
	

	

	
	
		
	
	
	
		
	
	
	
		
	


	
	
	
			
	
	
		
	
						

	


						

	


	

syzkaller
syzkaller login: [  846.737489][T17277] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  846.750854][ T5835] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  846.750883][ T5835] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15
[  846.752986][ T5835] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  848.053910][T17286] Invalid ELF header magic: != ELF
[  848.325546][T17293] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  848.335609][T17294] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  848.346365][T17296] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  848.350842][T17297] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  848.544596][T17303] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  848.549830][T17299] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  848.995864][T17311] Invalid ELF header magic: != ELF
[  849.452750][T17312] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  849.665127][T17317] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  849.942879][   T30] audit: type=1800 audit(6044246720.176:13): pid=17278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2201" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0
[  851.360634][T17342] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  851.772081][T17349] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  851.777766][T17346] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  852.572151][T17364] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  852.620137][T17365] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  853.173577][T17372] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  854.150486][T17382] Invalid ELF header magic: != ELF
[  855.388004][T17399] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  855.399120][T17400] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  856.358782][T17413] Invalid ELF header magic: != ELF
[  856.446783][T17425] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  856.474927][ T5835] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260
[  856.474967][ T5835] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15
[  856.489732][ T5835] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  859.675504][T17467] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  859.687560][T17470] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  859.702908][T17474] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  859.979187][T17481] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  860.006621][T17482] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  861.217311][T17500] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  861.365749][T17503] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  862.015763][T17508] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  862.220424][T17512] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  862.322502][T17507] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  863.042967][T17521] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  863.668321][T17528] Invalid ELF header magic: != ELF
[  864.836136][T17550] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  864.856809][T17552] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  864.873018][T17553] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  864.927301][T17543] Invalid ELF header magic: != ELF
[  864.933054][T17556] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  866.110516][T17572] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  866.185448][T17574] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  866.205517][T17561] zswap: compressor  not available
[  866.211286][T17571] FAULT_INJECTION: forcing a failure.
[  866.211286][T17571] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  866.231319][T17571] CPU: 0 UID: 0 PID: 17571 Comm: syz.0.2265 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  866.231360][T17571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  866.231385][T17571] Call Trace:
[  866.231394][T17571]  <TASK>
[  866.231404][T17571]  dump_stack_lvl+0x16c/0x1f0
[  866.231455][T17571]  should_fail_ex+0x512/0x640
[  866.231502][T17571]  _copy_to_user+0x32/0xd0
[  866.231531][T17571]  simple_read_from_buffer+0xcb/0x170
[  866.231571][T17571]  proc_fail_nth_read+0x197/0x270
[  866.231608][T17571]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  866.231647][T17571]  ? rw_verify_area+0xcf/0x680
[  866.231684][T17571]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  866.231718][T17571]  vfs_read+0x1e1/0xc60
[  866.231757][T17571]  ? __pfx___mutex_lock+0x10/0x10
[  866.231779][T17571]  ? __pfx_vfs_read+0x10/0x10
[  866.231821][T17571]  ? __fget_files+0x20e/0x3c0
[  866.231864][T17571]  ksys_read+0x12a/0x250
[  866.231896][T17571]  ? __pfx_ksys_read+0x10/0x10
[  866.231927][T17571]  ? xfd_validate_state+0x61/0x180
[  866.231968][T17571]  do_syscall_64+0xcd/0x490
[  866.231992][T17571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.232016][T17571] RIP: 0033:0x7f4b4038d33c
[  866.232035][T17571] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  866.232057][T17571] RSP: 002b:00007f4b41287030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  866.232081][T17571] RAX: ffffffffffffffda RBX: 00007f4b405b6080 RCX: 00007f4b4038d33c
[  866.232096][T17571] RDX: 000000000000000f RSI: 00007f4b412870a0 RDI: 0000000000000005
[  866.232111][T17571] RBP: 00007f4b41287090 R08: 0000000000000000 R09: 0000000000000000
[  866.232125][T17571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  866.232139][T17571] R13: 0000000000000000 R14: 00007f4b405b6080 R15: 00007ffec95f4618
[  866.232170][T17571]  </TASK>
[  867.125110][T17578] Invalid ELF header magic: != ELF
[  867.189241][T17587] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  867.425878][T17591] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  868.084767][T17601] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  868.135736][T17603] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  868.478703][T17610] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  868.527483][ T5835] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260
[  868.527527][ T5835] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15
[  868.542300][ T5835] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f
[  868.708708][T17615] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  870.997805][T17647] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  871.024730][T17647] CPU: 1 UID: 0 PID: 17647 Comm: syz.1.2282 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  871.024776][T17647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  871.024794][T17647] Call Trace:
[  871.024804][T17647]  <TASK>
[  871.024816][T17647]  dump_stack_lvl+0x16c/0x1f0
[  871.024871][T17647]  sysfs_warn_dup+0x7f/0xa0
[  871.024913][T17647]  sysfs_do_create_link_sd+0x124/0x140
[  871.024957][T17647]  sysfs_create_link+0x61/0xc0
[  871.024999][T17647]  device_add+0x62c/0x1a70
[  871.025037][T17647]  ? __pfx_device_add+0x10/0x10
[  871.025067][T17647]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  871.025115][T17647]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  871.025157][T17647]  wiphy_register+0x1c9c/0x2850
[  871.025205][T17647]  ? netdev_run_todo+0x864/0x1320
[  871.025253][T17647]  ? __pfx_wiphy_register+0x10/0x10
[  871.025304][T17647]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  871.025346][T17647]  ieee80211_register_hw+0x24ac/0x4140
[  871.025400][T17647]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  871.025441][T17647]  ? find_held_lock+0x2b/0x80
[  871.025473][T17647]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  871.025516][T17647]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  871.025552][T17647]  ? __hrtimer_setup+0x176/0x280
[  871.025600][T17647]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  871.025668][T17647]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  871.025720][T17647]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  871.025771][T17647]  ? __asan_memcpy+0x3c/0x60
[  871.025820][T17647]  hwsim_new_radio_nl+0xb51/0x12c0
[  871.025873][T17647]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  871.025935][T17647]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  871.025979][T17647]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  871.026032][T17647]  genl_family_rcv_msg_doit+0x209/0x2f0
[  871.026077][T17647]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  871.026121][T17647]  ? trace_cap_capable+0x18d/0x200
[  871.026174][T17647]  ? bpf_lsm_capable+0x9/0x10
[  871.026212][T17647]  ? security_capable+0x7e/0x260
[  871.026247][T17647]  ? ns_capable+0xd7/0x110
[  871.026284][T17647]  genl_rcv_msg+0x55c/0x800
[  871.026333][T17647]  ? __pfx_genl_rcv_msg+0x10/0x10
[  871.026375][T17647]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  871.026435][T17647]  netlink_rcv_skb+0x158/0x420
[  871.026472][T17647]  ? __pfx_genl_rcv_msg+0x10/0x10
[  871.026514][T17647]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  871.026570][T17647]  ? netlink_deliver_tap+0x1ae/0xd30
[  871.026613][T17647]  genl_rcv+0x28/0x40
[  871.026649][T17647]  netlink_unicast+0x53a/0x7f0
[  871.026693][T17647]  ? __pfx_netlink_unicast+0x10/0x10
[  871.026743][T17647]  netlink_sendmsg+0x8d1/0xdd0
[  871.026788][T17647]  ? __pfx_netlink_sendmsg+0x10/0x10
[  871.026844][T17647]  ____sys_sendmsg+0xa98/0xc70
[  871.026885][T17647]  ? copy_msghdr_from_user+0x10a/0x160
[  871.026916][T17647]  ? __pfx_____sys_sendmsg+0x10/0x10
[  871.026967][T17647]  ? __pfx_futex_wake_mark+0x10/0x10
[  871.027017][T17647]  ___sys_sendmsg+0x134/0x1d0
[  871.027051][T17647]  ? __pfx____sys_sendmsg+0x10/0x10
[  871.027076][T17647]  ? __lock_acquire+0x622/0x1c90
[  871.027182][T17647]  __sys_sendmsg+0x16d/0x220
[  871.027212][T17647]  ? __pfx___sys_sendmsg+0x10/0x10
[  871.027242][T17647]  ? __x64_sys_futex+0x1e0/0x4c0
[  871.027309][T17647]  do_syscall_64+0xcd/0x490
[  871.027344][T17647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.027376][T17647] RIP: 0033:0x7f25fb38e929
[  871.027402][T17647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  871.027430][T17647] RSP: 002b:00007f25fc111038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  871.027460][T17647] RAX: ffffffffffffffda RBX: 00007f25fb5b5fa0 RCX: 00007f25fb38e929
[  871.027480][T17647] RDX: 0000000004000800 RSI: 00002000000000c0 RDI: 0000000000000003
[  871.027499][T17647] RBP: 00007f25fb410b39 R08: 0000000000000000 R09: 0000000000000000
[  871.027517][T17647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  871.027535][T17647] R13: 0000000000000000 R14: 00007f25fb5b5fa0 R15: 00007ffe336f4e68
[  871.027578][T17647]  </TASK>
[  871.902202][T17651] Invalid ELF header magic: != ELF
[  871.945383][T17657] EXT4-fs error: 1 callbacks suppressed
[  871.945549][T17657] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  872.115417][T17658] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  873.729067][T17671] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  873.832700][T17675] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  874.196144][T17684] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  874.753851][T17696] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  875.455257][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  875.461605][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  875.670349][T17701] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  876.011488][T17715] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  876.033474][T17716] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  876.827778][T17728] Invalid ELF header magic: != ELF
[  877.334026][T17735] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  877.517329][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  877.586592][T17736] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  878.015912][T17744] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  878.241444][T17747] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[  878.302041][T17752] sysfs: cannot create duplicate filename '/class/ieee80211/!PjEùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]'
[  878.326904][T17752] CPU: 1 UID: 0 PID: 17752 Comm: syz.4.2303 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  878.326948][T17752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  878.326965][T17752] Call Trace:
[  878.326976][T17752]  <TASK>
[  878.326987][T17752]  dump_stack_lvl+0x16c/0x1f0
[  878.327041][T17752]  sysfs_warn_dup+0x7f/0xa0
[  878.327082][T17752]  sysfs_do_create_link_sd+0x124/0x140
[  878.327127][T17752]  sysfs_create_link+0x61/0xc0
[  878.327167][T17752]  device_add+0x62c/0x1a70
[  878.327204][T17752]  ? __pfx_device_add+0x10/0x10
[  878.327236][T17752]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  878.327283][T17752]  ? ieee80211_set_bitrate_flags+0x243/0x6b0
[  878.327324][T17752]  wiphy_register+0x1c9c/0x2850
[  878.327362][T17752]  ? netdev_run_todo+0x864/0x1320
[  878.327421][T17752]  ? __pfx_wiphy_register+0x10/0x10
[  878.327477][T17752]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  878.327521][T17752]  ieee80211_register_hw+0x24ac/0x4140
[  878.327575][T17752]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  878.327621][T17752]  ? find_held_lock+0x2b/0x80
[  878.327655][T17752]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  878.327703][T17752]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  878.327740][T17752]  ? __hrtimer_setup+0x176/0x280
[  878.327791][T17752]  mac80211_hwsim_new_radio+0x3034/0x54d0
[  878.327864][T17752]  ? __kmalloc_node_track_caller_noprof+0x23e/0x510
[  878.327919][T17752]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  878.327971][T17752]  ? __asan_memcpy+0x3c/0x60
[  878.328021][T17752]  hwsim_new_radio_nl+0xb51/0x12c0
[  878.328074][T17752]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  878.328136][T17752]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  878.328183][T17752]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  878.328238][T17752]  genl_family_rcv_msg_doit+0x209/0x2f0
[  878.328285][T17752]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  878.328330][T17752]  ? trace_cap_capable+0x18d/0x200
[  878.328382][T17752]  ? bpf_lsm_capable+0x9/0x10
[  878.328421][T17752]  ? security_capable+0x7e/0x260
[  878.328454][T17752]  ? ns_capable+0xd7/0x110
[  878.328491][T17752]  genl_rcv_msg+0x55c/0x800
[  878.328540][T17752]  ? __pfx_genl_rcv_msg+0x10/0x10
[  878.328585][T17752]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  878.328652][T17752]  netlink_rcv_skb+0x158/0x420
[  878.328689][T17752]  ? __pfx_genl_rcv_msg+0x10/0x10
[  878.328734][T17752]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  878.328791][T17752]  ? netlink_deliver_tap+0x1ae/0xd30
[  878.328835][T17752]  genl_rcv+0x28/0x40
[  878.328873][T17752]  netlink_unicast+0x53a/0x7f0
[  878.328916][T17752]  ? __pfx_netlink_unicast+0x10/0x10
[  878.328967][T17752]  netlink_sendmsg+0x8d1/0xdd0
[  878.329013][T17752]  ? __pfx_netlink_sendmsg+0x10/0x10
[  878.329070][T17752]  ____sys_sendmsg+0xa98/0xc70
[  878.329113][T17752]  ? copy_msghdr_from_user+0x10a/0x160
[  878.329143][T17752]  ? __pfx_____sys_sendmsg+0x10/0x10
[  878.329195][T17752]  ? __pfx_futex_wake_mark+0x10/0x10
[  878.329247][T17752]  ___sys_sendmsg+0x134/0x1d0
[  878.329282][T17752]  ? __pfx____sys_sendmsg+0x10/0x10
[  878.329310][T17752]  ? __lock_acquire+0x622/0x1c90
[  878.329416][T17752]  __sys_sendmsg+0x16d/0x220
[  878.329448][T17752]  ? __pfx___sys_sendmsg+0x10/0x10
[  878.329479][T17752]  ? __x64_sys_futex+0x1e0/0x4c0
[  878.329546][T17752]  do_syscall_64+0xcd/0x490
[  878.329582][T17752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  878.329613][T17752] RIP: 0033:0x7f960fd8e929
[  878.329640][T17752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  878.329671][T17752] RSP: 002b:00007f9610c4b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  878.329701][T17752] RAX: ffffffffffffffda RBX: 00007f960ffb6080 RCX: 00007f960fd8e929
[  878.329722][T17752] RDX: 0000000000040800 RSI: 00002000000000c0 RDI: 0000000000000006
[  878.329740][T17752] RBP: 00007f960fe10b39 R08: 0000000000000000 R09: 0000000000000000
[  878.329759][T17752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  878.329777][T17752] R13: 0000000000000000 R14: 00007f960ffb6080 R15: 00007ffdb6ebbbc8
[  878.329818][T17752]  </TASK>
[  880.957711][T17795] zram: Added device: zram1
[  881.262869][T17800] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  882.415703][T17823] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  882.510809][T17827] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  884.733374][T17849] Invalid ELF header magic: != ELF
[  888.156737][T17895] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  888.940432][T17902] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2334'.
[  888.996819][T17902] veth0_macvtap: left promiscuous mode
[  889.627719][T17905] FAULT_INJECTION: forcing a failure.
[  889.627719][T17905] name failslab, interval 1, probability 0, space 0, times 0
[  889.661179][T17905] CPU: 1 UID: 0 PID: 17905 Comm: syz.0.2336 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  889.661213][T17905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  889.661224][T17905] Call Trace:
[  889.661231][T17905]  <TASK>
[  889.661238][T17905]  dump_stack_lvl+0x16c/0x1f0
[  889.661274][T17905]  should_fail_ex+0x512/0x640
[  889.661303][T17905]  ? fs_reclaim_acquire+0xae/0x150
[  889.661327][T17905]  should_failslab+0xc2/0x120
[  889.661346][T17905]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  889.661375][T17905]  ? security_inode_alloc+0x3b/0x2b0
[  889.661400][T17905]  security_inode_alloc+0x3b/0x2b0
[  889.661422][T17905]  inode_init_always_gfp+0xce4/0x1030
[  889.661454][T17905]  alloc_inode+0x86/0x240
[  889.661475][T17905]  new_inode+0x22/0x1c0
[  889.661496][T17905]  proc_pid_make_inode+0x22/0x160
[  889.661524][T17905]  proc_pident_instantiate+0x85/0x320
[  889.661553][T17905]  proc_pident_lookup+0x21d/0x290
[  889.661585][T17905]  __lookup_slow+0x251/0x460
[  889.661608][T17905]  ? __pfx___lookup_slow+0x10/0x10
[  889.661644][T17905]  ? lookup_fast+0x156/0x610
[  889.661671][T17905]  walk_component+0x353/0x5b0
[  889.661697][T17905]  link_path_walk+0x627/0xe20
[  889.661730][T17905]  path_openat+0x1b0/0x2cb0
[  889.661756][T17905]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  889.661783][T17905]  ? __pfx_path_openat+0x10/0x10
[  889.661811][T17905]  ? __lock_acquire+0xb8a/0x1c90
[  889.661838][T17905]  do_filp_open+0x20b/0x470
[  889.661866][T17905]  ? __pfx_do_filp_open+0x10/0x10
[  889.661900][T17905]  ? __pfx_kfree_link+0x10/0x10
[  889.661928][T17905]  ? alloc_fd+0x471/0x7d0
[  889.661960][T17905]  do_sys_openat2+0x11b/0x1d0
[  889.661982][T17905]  ? __pfx_do_sys_openat2+0x10/0x10
[  889.662012][T17905]  __x64_sys_openat+0x174/0x210
[  889.662034][T17905]  ? __pfx___x64_sys_openat+0x10/0x10
[  889.662075][T17905]  do_syscall_64+0xcd/0x490
[  889.662095][T17905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  889.662114][T17905] RIP: 0033:0x7f4b4038d290
[  889.662130][T17905] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  889.662149][T17905] RSP: 002b:00007f4b412a7f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  889.662167][T17905] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f4b4038d290
[  889.662179][T17905] RDX: 0000000000000002 RSI: 00007f4b412a7fa0 RDI: 00000000ffffff9c
[  889.662190][T17905] RBP: 00007f4b412a7fa0 R08: 0000000000000000 R09: 0000000000000000
[  889.662201][T17905] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  889.662212][T17905] R13: 0000000000000000 R14: 00007f4b405b5fa0 R15: 00007ffec95f4618
[  889.662235][T17905]  </TASK>
[  890.189659][T17916] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  890.548996][T17924] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  890.632867][T17919] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  894.580225][T17954] Invalid ELF header magic: != ELF
[  896.739480][T17985] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  897.000499][T17988] Invalid ELF header magic: != ELF
[  898.175351][T17994] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  898.529227][T17999] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.4.2353: bg 2: bad block bitmap checksum
[  898.629011][T17999] EXT4-fs (sda1): Delayed block allocation failed for inode 2031 at logical offset 933 with max blocks 2 with error 74
[  898.665630][T17999] EXT4-fs (sda1): This should not happen!! Data will be lost
[  898.665630][T17999] 
[  901.296214][T18020] Invalid ELF header magic: != ELF
[  902.061663][T18037] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  903.246105][T18049] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2365'.
[  903.559585][T18054] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  903.764622][T18058] ima: policy update failed
[  903.799414][   T30] audit: type=1802 audit(6044246774.036:14): pid=18058 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2368" res=0 errno=0
[  903.949451][T18062] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  904.033152][T18057] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  905.727924][T18088] Invalid ELF header magic: != ELF
[  906.013706][T18094] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  906.362070][T18098] Invalid ELF header magic: != ELF
[  906.626009][T18104] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  909.015602][T18136] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  909.126018][T18139] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  913.033805][T18194] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  916.154209][T18232] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  916.819040][T18241] Invalid ELF header magic: != ELF
[  918.068100][T18254] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  918.234267][T18259] netlink: 342 bytes leftover after parsing attributes in process `syz.4.2404'.
[  918.255789][T18259] netlink: 274 bytes leftover after parsing attributes in process `syz.4.2404'.
[  919.619394][T18277] netlink: 54 bytes leftover after parsing attributes in process `syz.1.2408'.
[  919.905781][T18287] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  921.536510][T18309] FAULT_INJECTION: forcing a failure.
[  921.536510][T18309] name failslab, interval 1, probability 0, space 0, times 0
[  921.581879][T18309] CPU: 0 UID: 0 PID: 18309 Comm: syz.0.2414 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  921.581923][T18309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  921.581940][T18309] Call Trace:
[  921.581949][T18309]  <TASK>
[  921.581961][T18309]  dump_stack_lvl+0x16c/0x1f0
[  921.582014][T18309]  should_fail_ex+0x512/0x640
[  921.582058][T18309]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  921.582108][T18309]  should_failslab+0xc2/0x120
[  921.582138][T18309]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  921.582193][T18309]  ? getname_flags.part.0+0x4c/0x550
[  921.582234][T18309]  getname_flags.part.0+0x4c/0x550
[  921.582273][T18309]  getname_flags+0x93/0xf0
[  921.582314][T18309]  do_sys_openat2+0xb8/0x1d0
[  921.582348][T18309]  ? __pfx_do_sys_openat2+0x10/0x10
[  921.582387][T18309]  ? __fget_files+0x20e/0x3c0
[  921.582436][T18309]  __x64_sys_openat+0x174/0x210
[  921.582471][T18309]  ? __pfx___x64_sys_openat+0x10/0x10
[  921.582505][T18309]  ? ksys_write+0x1ac/0x250
[  921.582560][T18309]  do_syscall_64+0xcd/0x490
[  921.582595][T18309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  921.582624][T18309] RIP: 0033:0x7f4b4038e929
[  921.582650][T18309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  921.582678][T18309] RSP: 002b:00007f4b41287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  921.582707][T18309] RAX: ffffffffffffffda RBX: 00007f4b405b6080 RCX: 00007f4b4038e929
[  921.582726][T18309] RDX: 0000000000008081 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  921.582745][T18309] RBP: 00007f4b41287090 R08: 0000000000000000 R09: 0000000000000000
[  921.582763][T18309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  921.582780][T18309] R13: 0000000000000000 R14: 00007f4b405b6080 R15: 00007ffec95f4618
[  921.582819][T18309]  </TASK>
[  921.869166][T18311] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  922.049943][T18318] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  922.443149][T18327] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  922.497846][T18330] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  922.518005][T18320] zswap: compressor  not available
[  922.788128][T18333] netlink: 54 bytes leftover after parsing attributes in process `syz.0.2421'.
[  923.229950][T18336] Invalid ELF header magic: != ELF
[  923.905742][T18348] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  924.066580][T18344] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  925.572430][T18375] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  925.694961][T18381] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  925.746120][T18382] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  926.417386][T18390] netlink: 306 bytes leftover after parsing attributes in process `syz.4.2431'.
[  926.631312][T18393] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  926.682369][T18396] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  927.135957][T18404] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  927.178556][T18399] Invalid ELF header magic: != ELF
[  927.200392][T18406] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  927.350978][T18403] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  929.594225][T18431] Invalid ELF header magic: != ELF
[  930.970452][T18450] nbd: socks must be embedded in a SOCK_ITEM attr
[  931.372016][T18455] Invalid ELF header magic: != ELF
[  931.477749][T18457] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2445'.
[  931.505634][T18460] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  931.521215][T18459] can: request_module (can-proto-0) failed.
[  932.043034][T18467] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  933.182174][T18494] netlink: 306 bytes leftover after parsing attributes in process `syz.0.2454'.
[  933.603607][T18499] netlink: 306 bytes leftover after parsing attributes in process `syz.0.2456'.
[  934.057136][T18514] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  934.184857][T18517] Invalid ELF header magic: != ELF
[  934.458280][T18518] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  935.020939][T18522] Invalid ELF header magic: != ELF
[  935.974150][T18530] Invalid ELF header magic: != ELF
[  936.880378][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  936.887049][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  936.914912][T12973] smc: removing net device syz_tun with user defined pnetid ETHTOOL
[  936.991928][   T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  937.003840][   T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  937.233651][   T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  937.250742][   T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  937.264994][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  937.520102][   T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  937.806296][   T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  937.999539][   T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  938.222250][   T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  938.451889][T18566] Invalid ELF header magic: != ELF
[  938.624205][T18567] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  938.691254][T18545] chnl_net:caif_netlink_parms(): no params data found
[  938.908511][   T36] netdevsim netdevsim15 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  939.356206][ T5835] Bluetooth: hci2: command tx timeout
[  939.461265][T18545] bridge0: port 1(bridge_slave_0) entered blocking state
[  939.478399][T18545] bridge0: port 1(bridge_slave_0) entered disabled state
[  939.491682][T18545] bridge_slave_0: entered allmulticast mode
[  939.536241][T18545] bridge_slave_0: entered promiscuous mode
[  939.991565][T18584] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24
[  939.993873][T18545] bridge0: port 2(bridge_slave_1) entered blocking state
[  940.063180][T18585] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  940.075792][T18545] bridge0: port 2(bridge_slave_1) entered disabled state
[  940.098203][T18588] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  940.116468][T18545] bridge_slave_1: entered allmulticast mode
[  940.129938][T18590] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  940.131283][T18545] bridge_slave_1: entered promiscuous mode
[  940.196319][T18589] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2477'.
[  940.347038][   T36] bridge_slave_1: left allmulticast mode
[  940.352784][   T36] bridge_slave_1: left promiscuous mode
[  940.369585][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  940.408507][   T36] bridge_slave_0: left allmulticast mode
[  940.414247][   T36] bridge_slave_0: left promiscuous mode
[  940.433383][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  941.136179][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  941.158426][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  941.216627][   T36] bond0 (unregistering): Released all slaves
[  941.353353][T18545] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  941.431981][T18545] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  941.441362][ T5835] Bluetooth: hci2: command tx timeout
[  941.711207][T18606] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  941.742775][T18608] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  941.928630][T18545] team0: Port device team_slave_0 added
[  941.938883][T18545] team0: Port device team_slave_1 added
[  942.228165][T18545] batman_adv: batadv0: Adding interface: batadv_slave_0
[  942.252809][T18545] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  942.298223][T18545] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  942.346141][T18545] batman_adv: batadv0: Adding interface: batadv_slave_1
[  942.358513][T18545] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  942.392154][T18545] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  942.566972][T18619] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  942.622446][T18621] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  943.514716][ T5835] Bluetooth: hci2: command tx timeout
[  943.521740][T18545] hsr_slave_0: entered promiscuous mode
[  943.556678][T18545] hsr_slave_1: entered promiscuous mode
[  943.575554][T18545] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  943.583232][T18545] Cannot create hsr debugfs directory
[  943.862977][T18628] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  943.956883][T18630] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  944.008818][T18631] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  944.227335][T18632] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  944.946033][T18637] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  945.044011][T18640] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  945.594539][ T5835] Bluetooth: hci2: command tx timeout
[  946.421790][T18651] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1257: comm udevd: corrupted xattr entries
[  946.443402][   T36] hsr_slave_0: left promiscuous mode
[  946.458676][   T36] hsr_slave_1: left promiscuous mode
[  946.459576][T18651] udevd[18651]: failed to execute '/lib/udev/scsi_id' 'scsi_id --export --whitelisted -d /dev/sda': Structure needs cleaning
[  946.514620][   T36] veth1_macvtap: left promiscuous mode
[  947.744084][T18663] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2491'.
[  948.252480][T18667] FAULT_INJECTION: forcing a failure.
[  948.252480][T18667] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  948.275810][T18667] CPU: 0 UID: 0 PID: 18667 Comm: syz.1.2492 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  948.275851][T18667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  948.275867][T18667] Call Trace:
[  948.275876][T18667]  <TASK>
[  948.275887][T18667]  dump_stack_lvl+0x16c/0x1f0
[  948.275938][T18667]  should_fail_ex+0x512/0x640
[  948.275985][T18667]  _copy_from_user+0x2e/0xd0
[  948.276013][T18667]  core_sys_select+0x35b/0xc10
[  948.276046][T18667]  ? __pfx_core_sys_select+0x10/0x10
[  948.276076][T18667]  ? proc_fail_nth_write+0x9f/0x250
[  948.276124][T18667]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  948.276149][T18667]  kern_select+0x15d/0x1e0
[  948.276174][T18667]  ? __pfx_kern_select+0x10/0x10
[  948.276202][T18667]  ? __pfx_ksys_write+0x10/0x10
[  948.276232][T18667]  __x64_sys_select+0xbd/0x160
[  948.276256][T18667]  ? do_syscall_64+0x91/0x490
[  948.276273][T18667]  ? lockdep_hardirqs_on+0x7c/0x110
[  948.276301][T18667]  do_syscall_64+0xcd/0x490
[  948.276320][T18667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  948.276338][T18667] RIP: 0033:0x7f25fb38e929
[  948.276353][T18667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  948.276370][T18667] RSP: 002b:00007f25f91d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[  948.276388][T18667] RAX: ffffffffffffffda RBX: 00007f25fb5b6160 RCX: 00007f25fb38e929
[  948.276399][T18667] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[  948.276410][T18667] RBP: 00007f25f91d5090 R08: 0000000000000000 R09: 0000000000000000
[  948.276420][T18667] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  948.276431][T18667] R13: 0000000000000001 R14: 00007f25fb5b6160 R15: 00007ffe336f4e68
[  948.276453][T18667]  </TASK>
[  948.717325][T18669] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  948.972365][T18671] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  949.356820][   T36] team0 (unregistering): Port device team_slave_1 removed
[  950.272476][T18663] veth0_macvtap: left promiscuous mode
[  950.320873][T18672] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  950.528509][T18545] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  950.666817][T18675] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  950.677823][T18545] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  950.720748][T18545] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  950.747344][T18677] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  950.753333][T18545] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  951.513802][T18545] 8021q: adding VLAN 0 to HW filter on device bond0
[  951.535451][T18694] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  951.667652][T18697] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  951.700040][T18545] 8021q: adding VLAN 0 to HW filter on device team0
[  951.747011][T18698] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  951.856119][T18700] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  951.885741][  T435] bridge0: port 1(bridge_slave_0) entered blocking state
[  951.892872][  T435] bridge0: port 1(bridge_slave_0) entered forwarding state
[  951.926773][  T435] bridge0: port 2(bridge_slave_1) entered blocking state
[  951.934008][  T435] bridge0: port 2(bridge_slave_1) entered forwarding state
[  951.941103][T18701] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  951.998387][T18702] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  952.361422][T18545] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  953.065739][T18545] 8021q: adding VLAN 0 to HW filter on device batadv0
[  953.593023][T18545] veth0_vlan: entered promiscuous mode
[  953.690888][T18545] veth1_vlan: entered promiscuous mode
[  953.782124][T18545] veth0_macvtap: entered promiscuous mode
[  953.809393][T18545] veth1_macvtap: entered promiscuous mode
[  953.848123][T18545] batman_adv: batadv0: Interface activated: batadv_slave_0
[  953.869856][T18545] batman_adv: batadv0: Interface activated: batadv_slave_1
[  953.889361][T18545] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  953.902190][T18545] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  953.913837][T18545] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  953.936569][T18545] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  954.877177][ T3457] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  954.904821][ T3457] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  955.064282][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  955.073289][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  955.235842][   T30] audit: type=1800 audit(6044246825.476:15): pid=18762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2506" name="discovery_nqn" dev="configfs" ino=62306 res=0 errno=0
[  955.364918][T18763] ima: policy update failed
[  955.369729][   T30] audit: type=1802 audit(6044246825.606:16): pid=18763 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2466" res=0 errno=0
[  955.389204][T18763] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2466'.
[  956.218094][T18773] Invalid ELF header magic: != ELF
[  957.126011][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  957.135016][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  957.144081][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  957.155259][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  957.165031][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  957.624274][T18793] EXT4-fs error: 15 callbacks suppressed
[  957.624290][T18793] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:3: corrupted xattr entries
[  957.679445][T18786] chnl_net:caif_netlink_parms(): no params data found
[  958.088626][T18596] smc: removing net device syz_tun with user defined pnetid ETHTOOL
[  958.358610][T18786] bridge0: port 1(bridge_slave_0) entered blocking state
[  958.372082][T18786] bridge0: port 1(bridge_slave_0) entered disabled state
[  958.373046][T18804] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  958.401953][T18802] FAULT_INJECTION: forcing a failure.
[  958.401953][T18802] name failslab, interval 1, probability 0, space 0, times 0
[  958.421635][T18802] CPU: 0 UID: 0 PID: 18802 Comm: syz.0.2514 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  958.421678][T18802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  958.421695][T18802] Call Trace:
[  958.421704][T18802]  <TASK>
[  958.421715][T18802]  dump_stack_lvl+0x16c/0x1f0
[  958.421768][T18802]  should_fail_ex+0x512/0x640
[  958.421810][T18802]  ? fs_reclaim_acquire+0xae/0x150
[  958.421859][T18802]  ? tomoyo_encode2+0x100/0x3e0
[  958.421896][T18802]  should_failslab+0xc2/0x120
[  958.421926][T18802]  __kmalloc_noprof+0xd2/0x510
[  958.421968][T18802]  ? d_absolute_path+0x136/0x1a0
[  958.422007][T18802]  tomoyo_encode2+0x100/0x3e0
[  958.422053][T18802]  tomoyo_encode+0x29/0x50
[  958.422091][T18802]  tomoyo_realpath_from_path+0x18f/0x6e0
[  958.422145][T18802]  tomoyo_check_open_permission+0x2ab/0x3c0
[  958.422183][T18802]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  958.422262][T18802]  ? do_raw_spin_lock+0x12c/0x2b0
[  958.422318][T18802]  tomoyo_file_open+0x6b/0x90
[  958.422349][T18802]  security_file_open+0x84/0x1e0
[  958.422388][T18802]  do_dentry_open+0x596/0x1c10
[  958.422444][T18802]  vfs_open+0x82/0x3f0
[  958.422483][T18802]  path_openat+0x1de4/0x2cb0
[  958.422540][T18802]  ? __pfx_path_openat+0x10/0x10
[  958.422584][T18802]  ? __lock_acquire+0xb8a/0x1c90
[  958.422627][T18802]  do_filp_open+0x20b/0x470
[  958.422669][T18802]  ? __pfx_do_filp_open+0x10/0x10
[  958.422742][T18802]  ? alloc_fd+0x471/0x7d0
[  958.422796][T18802]  do_sys_openat2+0x11b/0x1d0
[  958.422838][T18802]  ? __pfx_do_sys_openat2+0x10/0x10
[  958.422876][T18802]  ? __fget_files+0x20e/0x3c0
[  958.422923][T18802]  __x64_sys_openat+0x174/0x210
[  958.422958][T18802]  ? __pfx___x64_sys_openat+0x10/0x10
[  958.422989][T18802]  ? ksys_write+0x1ac/0x250
[  958.423044][T18802]  do_syscall_64+0xcd/0x490
[  958.423075][T18802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  958.423104][T18802] RIP: 0033:0x7f48ee38e929
[  958.423126][T18802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  958.423153][T18802] RSP: 002b:00007f48ef121038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  958.423181][T18802] RAX: ffffffffffffffda RBX: 00007f48ee5b5fa0 RCX: 00007f48ee38e929
[  958.423199][T18802] RDX: 0000000000044100 RSI: 00002000000002c0 RDI: ffffffffffffff9c
[  958.423218][T18802] RBP: 00007f48ef121090 R08: 0000000000000000 R09: 0000000000000000
[  958.423234][T18802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  958.423252][T18802] R13: 0000000000000000 R14: 00007f48ee5b5fa0 R15: 00007fff1ca144d8
[  958.423292][T18802]  </TASK>
[  958.423322][T18802] ERROR: Out of memory at tomoyo_realpath_from_path.
[  958.425717][T18786] bridge_slave_0: entered allmulticast mode
[  958.721981][T18786] bridge_slave_0: entered promiscuous mode
[  958.813041][   T36] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  958.861765][T18786] bridge0: port 2(bridge_slave_1) entered blocking state
[  958.877111][T18786] bridge0: port 2(bridge_slave_1) entered disabled state
[  958.888173][T18786] bridge_slave_1: entered allmulticast mode
[  958.897159][T18786] bridge_slave_1: entered promiscuous mode
[  958.940122][   T36] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.103336][T18786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  959.119340][T18786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  959.281294][ T5835] Bluetooth: hci5: command tx timeout
[  959.324771][   T36] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.488264][T18786] team0: Port device team_slave_0 added
[  959.571524][   T36] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.589969][T18786] team0: Port device team_slave_1 added
[  959.702047][T18786] batman_adv: batadv0: Adding interface: batadv_slave_0
[  959.710681][T18786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  959.764432][T18786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  959.787187][T18786] batman_adv: batadv0: Adding interface: batadv_slave_1
[  959.799879][T18786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  959.877078][T18786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  960.170265][T18786] hsr_slave_0: entered promiscuous mode
[  960.337730][T18786] hsr_slave_1: entered promiscuous mode
[  960.550188][T18830] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:1: corrupted xattr entries
[  960.675934][T18834] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  960.714257][   T36] bridge_slave_1: left allmulticast mode
[  960.722986][   T36] bridge_slave_1: left promiscuous mode
[  960.731116][T18835] FAULT_INJECTION: forcing a failure.
[  960.731116][T18835] name failslab, interval 1, probability 0, space 0, times 0
[  960.751990][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  960.779649][   T36] bridge_slave_0: left allmulticast mode
[  960.787357][T18835] CPU: 0 UID: 0 PID: 18835 Comm: syz.0.2519 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  960.787399][T18835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  960.787416][T18835] Call Trace:
[  960.787425][T18835]  <TASK>
[  960.787436][T18835]  dump_stack_lvl+0x16c/0x1f0
[  960.787481][T18836] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  960.787486][T18835]  should_fail_ex+0x512/0x640
[  960.787530][T18835]  ? fs_reclaim_acquire+0xae/0x150
[  960.787563][T18835]  ? tomoyo_encode2+0x100/0x3e0
[  960.787597][T18835]  should_failslab+0xc2/0x120
[  960.787624][T18835]  __kmalloc_noprof+0xd2/0x510
[  960.787662][T18835]  ? d_absolute_path+0x136/0x1a0
[  960.787696][T18835]  tomoyo_encode2+0x100/0x3e0
[  960.787737][T18835]  tomoyo_encode+0x29/0x50
[  960.787770][T18835]  tomoyo_realpath_from_path+0x18f/0x6e0
[  960.787819][T18835]  tomoyo_path_number_perm+0x245/0x580
[  960.787849][T18835]  ? tomoyo_path_number_perm+0x237/0x580
[  960.787883][T18835]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  960.787917][T18835]  ? find_held_lock+0x2b/0x80
[  960.787978][T18835]  ? find_held_lock+0x2b/0x80
[  960.788002][T18835]  ? hook_file_ioctl_common+0x145/0x410
[  960.788048][T18835]  ? __fget_files+0x20e/0x3c0
[  960.788090][T18835]  security_file_ioctl+0x9b/0x240
[  960.788126][T18835]  __x64_sys_ioctl+0xb7/0x210
[  960.788160][T18835]  do_syscall_64+0xcd/0x490
[  960.788188][T18835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  960.788214][T18835] RIP: 0033:0x7f48ee38e929
[  960.788235][T18835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  960.788259][T18835] RSP: 002b:00007f48ec1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  960.788284][T18835] RAX: ffffffffffffffda RBX: 00007f48ee5b6080 RCX: 00007f48ee38e929
[  960.788301][T18835] RDX: 0000000000000000 RSI: 0000000080044940 RDI: 0000000000000007
[  960.788316][T18835] RBP: 00007f48ec1f6090 R08: 0000000000000000 R09: 0000000000000000
[  960.788332][T18835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  960.788347][T18835] R13: 0000000000000001 R14: 00007f48ee5b6080 R15: 00007fff1ca144d8
[  960.788383][T18835]  </TASK>
[  960.788407][T18835] ERROR: Out of memory at tomoyo_realpath_from_path.
[  960.864714][   T36] bridge_slave_0: left promiscuous mode
[  960.874318][T18837] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  960.912373][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.375486][ T5835] Bluetooth: hci5: command tx timeout
[  961.697453][   T36] erspan0 (unregistering): left allmulticast mode
[  962.192848][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  962.211839][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  962.229240][   T36] bond0 (unregistering): Released all slaves
[  962.402978][   T36] HfR: left promiscuous mode
[  962.507453][   T36] ovs_ÿþ: left promiscuous mode
[  962.531424][T18850] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  962.577536][T18852] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  962.984027][T18860] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  963.002260][T18861] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  963.444904][ T5835] Bluetooth: hci5: command tx timeout
[  964.783852][T18865] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:3: corrupted xattr entries
[  965.482839][T18869] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  965.530157][ T5835] Bluetooth: hci5: command tx timeout
[  965.998043][T18871] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  966.260017][T18786] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  966.413520][T18786] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  966.489722][T18786] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  966.506462][T18877] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  966.507760][T18786] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  966.820120][T18887] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  966.890599][T18891] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  966.993409][T18894] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  967.226458][   T36] hsr_slave_0: left promiscuous mode
[  967.241545][   T36] hsr_slave_1: left promiscuous mode
[  967.318389][   T36] veth1_vlan: left promiscuous mode
[  967.323729][   T36] veth0_vlan: left promiscuous mode

syzkaller
syzkaller login: [  968.316992][   T36] team0 (unregistering): Port device team_slave_1 removed
[  968.402047][   T36] team0 (unregistering): Port device team_slave_0 removed
[  968.833926][T18910] EXT4-fs error (device sda1): xattr_find_entry:333: inode #90: comm dhcpcd: corrupted xattr entries
[  968.896393][T18914] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  968.898929][T18915] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  969.016749][T18786] 8021q: adding VLAN 0 to HW filter on device bond0
[  969.084140][T18786] 8021q: adding VLAN 0 to HW filter on device team0
[  969.170055][ T1170] bridge0: port 1(bridge_slave_0) entered blocking state
[  969.177359][ T1170] bridge0: port 1(bridge_slave_0) entered forwarding state
[  969.237193][ T1170] bridge0: port 2(bridge_slave_1) entered blocking state
[  969.244498][ T1170] bridge0: port 2(bridge_slave_1) entered forwarding state
[  970.106950][T18935] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:3: corrupted xattr entries
[  970.218759][T18936] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:3: corrupted xattr entries
[  970.362353][T18941] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  970.445726][T18943] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  970.862769][T18951] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:7: corrupted xattr entries
[  970.865780][T18786] 8021q: adding VLAN 0 to HW filter on device batadv0
[  971.021722][T18786] veth0_vlan: entered promiscuous mode
[  971.073787][T18786] veth1_vlan: entered promiscuous mode
[  971.301038][T18786] veth0_macvtap: entered promiscuous mode
[  971.312548][T18786] veth1_macvtap: entered promiscuous mode
[  971.470054][T18786] batman_adv: batadv0: Interface activated: batadv_slave_0
[  971.516077][T18786] batman_adv: batadv0: Interface activated: batadv_slave_1
[  971.613940][T18786] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  971.646297][T18786] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  971.756265][T18786] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  971.765730][T18786] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  971.799363][T18956] Invalid ELF header magic: != ELF
[  972.202436][ T1156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  972.239341][ T1156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  972.423342][  T435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  972.461627][  T435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  972.775822][T18967] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:8: corrupted xattr entries
[  973.396770][T18980] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  974.853816][T18999] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  974.929997][T19000] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  975.357130][T19004] synth uevent: /bus/hid/drivers/zeroplus: unknown uevent action string
[  975.690162][T19011] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2549'.
[  975.732493][T19014] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:2: corrupted xattr entries
[  975.873519][T19020] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  976.023244][T19024] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  976.774976][T19030] snd_virmidi snd_virmidi.0: control 61678:131081:3:yªƒ>oÆ[küd
:255 is already present
[  977.568046][T19045] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:3: corrupted xattr entries
[  977.739029][   T30] audit: type=1800 audit(6044246847.976:17): pid=19046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2555" name="dummy_udc" dev="gadgetfs" ino=6088 res=0 errno=0
[  978.286597][T19052] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries
[  978.397592][T19056] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:6: corrupted xattr entries
[  978.483405][T19051] could not allocate digest TFM handle 
[  978.894874][T19063] netlink: 54 bytes leftover after parsing attributes in process `syz.1.2558'.
[  980.225757][T19074] Invalid ELF header magic: != ELF
[  981.546251][T19086] ==================================================================
[  981.554395][T19086] BUG: KASAN: slab-use-after-free in msft_opcode_get+0x6d/0x80
[  981.562016][T19086] Read of size 2 at addr ffff88807489ea32 by task syz.0.2564/19086
[  981.569972][T19086] 
[  981.572339][T19086] CPU: 1 UID: 0 PID: 19086 Comm: syz.0.2564 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  981.572379][T19086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  981.572398][T19086] Call Trace:
[  981.572408][T19086]  <TASK>
[  981.572420][T19086]  dump_stack_lvl+0x116/0x1f0
[  981.572475][T19086]  print_report+0xcd/0x680
[  981.572505][T19086]  ? __virt_addr_valid+0x81/0x610
[  981.572537][T19086]  ? __phys_addr+0xe8/0x180
[  981.572569][T19086]  ? msft_opcode_get+0x6d/0x80
[  981.572617][T19086]  kasan_report+0xe0/0x110
[  981.572647][T19086]  ? msft_opcode_get+0x6d/0x80
[  981.572697][T19086]  msft_opcode_get+0x6d/0x80
[  981.572742][T19086]  ? __pfx_msft_opcode_get+0x10/0x10
[  981.572788][T19086]  simple_attr_read+0x16b/0x370
[  981.572826][T19086]  ? __debugfs_file_get+0x1fe/0x840
[  981.572856][T19086]  ? __pfx_simple_attr_read+0x10/0x10
[  981.572893][T19086]  ? __debugfs_file_get+0x1fe/0x840
[  981.572931][T19086]  ? __pfx___debugfs_file_get+0x10/0x10
[  981.572965][T19086]  debugfs_attr_read+0x76/0xa0
[  981.572997][T19086]  full_proxy_read+0x13c/0x200
[  981.573026][T19086]  ? __pfx_full_proxy_read+0x10/0x10
[  981.573058][T19086]  vfs_read+0x1e1/0xc60
[  981.573103][T19086]  ? __pfx___mutex_lock+0x10/0x10
[  981.573135][T19086]  ? __pfx_vfs_read+0x10/0x10
[  981.573182][T19086]  ? __fget_files+0x20e/0x3c0
[  981.573229][T19086]  ksys_read+0x12a/0x250
[  981.573272][T19086]  ? __pfx_ksys_read+0x10/0x10
[  981.573321][T19086]  do_syscall_64+0xcd/0x490
[  981.573353][T19086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.573385][T19086] RIP: 0033:0x7f48ee38e929
[  981.573410][T19086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  981.573441][T19086] RSP: 002b:00007f48ef121038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  981.573470][T19086] RAX: ffffffffffffffda RBX: 00007f48ee5b5fa0 RCX: 00007f48ee38e929
[  981.573491][T19086] RDX: 000000000000ffff RSI: 0000200000006740 RDI: 0000000000000004
[  981.573510][T19086] RBP: 00007f48ee410b39 R08: 0000000000000000 R09: 0000000000000000
[  981.573529][T19086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  981.573548][T19086] R13: 0000000000000000 R14: 00007f48ee5b5fa0 R15: 00007fff1ca144d8
[  981.573578][T19086]  </TASK>
[  981.573589][T19086] 
[  981.800642][T19086] Allocated by task 18925:
[  981.805087][T19086]  kasan_save_stack+0x33/0x60
[  981.809797][T19086]  kasan_save_track+0x14/0x30
[  981.814502][T19086]  __kasan_kmalloc+0xaa/0xb0
[  981.819120][T19086]  snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0
[  981.825383][T19086]  snd_pcm_oss_change_params_locked+0x13f9/0x3a30
[  981.831818][T19086]  snd_pcm_oss_make_ready+0xe6/0x1b0
[  981.837126][T19086]  snd_pcm_oss_sync+0x1de/0x840
[  981.842002][T19086]  snd_pcm_oss_release+0x28b/0x310
[  981.847142][T19086]  __fput+0x402/0xb70
[  981.851152][T19086]  task_work_run+0x150/0x240
[  981.855779][T19086]  exit_to_user_mode_loop+0xeb/0x110
[  981.861097][T19086]  do_syscall_64+0x3f6/0x490
[  981.865702][T19086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.871614][T19086] 
[  981.873949][T19086] Freed by task 18925:
[  981.878025][T19086]  kasan_save_stack+0x33/0x60
[  981.882730][T19086]  kasan_save_track+0x14/0x30
[  981.887433][T19086]  kasan_save_free_info+0x3b/0x60
[  981.892482][T19086]  __kasan_slab_free+0x51/0x70
[  981.897273][T19086]  kfree+0x2b4/0x4d0
[  981.901206][T19086]  snd_pcm_hw_param_near.constprop.0+0x72f/0x8e0
[  981.907560][T19086]  snd_pcm_oss_change_params_locked+0x13f9/0x3a30
[  981.913998][T19086]  snd_pcm_oss_make_ready+0xe6/0x1b0
[  981.919305][T19086]  snd_pcm_oss_sync+0x1de/0x840
[  981.924178][T19086]  snd_pcm_oss_release+0x28b/0x310
[  981.929310][T19086]  __fput+0x402/0xb70
[  981.933306][T19086]  task_work_run+0x150/0x240
[  981.937931][T19086]  exit_to_user_mode_loop+0xeb/0x110
[  981.943249][T19086]  do_syscall_64+0x3f6/0x490
[  981.947856][T19086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  981.953853][T19086] 
[  981.956191][T19086] The buggy address belongs to the object at ffff88807489e800
[  981.956191][T19086]  which belongs to the cache kmalloc-1k of size 1024
[  981.970262][T19086] The buggy address is located 562 bytes inside of
[  981.970262][T19086]  freed 1024-byte region [ffff88807489e800, ffff88807489ec00)
[  981.984162][T19086] 
[  981.986496][T19086] The buggy address belongs to the physical page:
[  981.992912][T19086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x74898
[  982.001691][T19086] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  982.010201][T19086] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  982.017765][T19086] page_type: f5(slab)
[  982.021781][T19086] raw: 00fff00000000040 ffff88801b441dc0 dead000000000100 dead000000000122
[  982.030379][T19086] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  982.038987][T19086] head: 00fff00000000040 ffff88801b441dc0 dead000000000100 dead000000000122
[  982.047672][T19086] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  982.056365][T19086] head: 00fff00000000003 ffffea0001d22601 00000000ffffffff 00000000ffffffff
[  982.065052][T19086] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  982.073732][T19086] page dumped because: kasan: bad access detected
[  982.080156][T19086] page_owner tracks the page as allocated
[  982.085888][T19086] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5824, tgid 5824 (sh), ts 83241120334, free_ts 81733604983
[  982.105635][T19086]  post_alloc_hook+0x1c0/0x230
[  982.110430][T19086]  get_page_from_freelist+0x1321/0x3890
[  982.116008][T19086]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  982.121937][T19086]  alloc_pages_mpol+0x1fb/0x550
[  982.126805][T19086]  new_slab+0x23b/0x330
[  982.130986][T19086]  ___slab_alloc+0xd9c/0x1940
[  982.135693][T19086]  __slab_alloc.constprop.0+0x56/0xb0
[  982.141090][T19086]  __kmalloc_noprof+0x2f2/0x510
[  982.145979][T19086]  tomoyo_init_log+0x1385/0x2140
[  982.150954][T19086]  tomoyo_supervisor+0x302/0x13b0
[  982.155994][T19086]  tomoyo_env_perm+0x191/0x200
[  982.160777][T19086]  tomoyo_find_next_domain+0xec2/0x20b0
[  982.166355][T19086]  tomoyo_bprm_check_security+0x12e/0x1d0
[  982.172096][T19086]  security_bprm_check+0x1b9/0x1e0
[  982.177227][T19086]  bprm_execve+0x810/0x1650
[  982.181755][T19086]  do_execveat_common.isra.0+0x4a5/0x610
[  982.187417][T19086] page last free pid 5500 tgid 5500 stack trace:
[  982.193753][T19086]  __free_frozen_pages+0x7fe/0x1180
[  982.198980][T19086]  __put_partials+0x16d/0x1c0
[  982.203685][T19086]  qlist_free_all+0x4d/0x120
[  982.208372][T19086]  kasan_quarantine_reduce+0x195/0x1e0
[  982.213864][T19086]  __kasan_slab_alloc+0x69/0x90
[  982.218732][T19086]  kmem_cache_alloc_node_noprof+0x1d5/0x3b0
[  982.224669][T19086]  __alloc_skb+0x2b2/0x380
[  982.229119][T19086]  alloc_skb_with_frags+0xe0/0x860
[  982.234248][T19086]  sock_alloc_send_pskb+0x7fb/0x990
[  982.239475][T19086]  unix_dgram_sendmsg+0x41a/0x1840
[  982.244618][T19086]  unix_seqpacket_sendmsg+0x12a/0x1c0
[  982.250025][T19086]  sock_write_iter+0x4fc/0x5b0
[  982.254815][T19086]  vfs_write+0x6c4/0x1150
[  982.259173][T19086]  ksys_write+0x1f8/0x250
[  982.263615][T19086]  do_syscall_64+0xcd/0x490
[  982.268134][T19086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  982.274043][T19086] 
[  982.276374][T19086] Memory state around the buggy address:
[  982.282015][T19086]  ffff88807489e900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  982.290096][T19086]  ffff88807489e980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  982.298193][T19086] >ffff88807489ea00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  982.306263][T19086]                                      ^
[  982.311906][T19086]  ffff88807489ea80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  982.319989][T19086]  ffff88807489eb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  982.328152][T19086] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  982.404580][T19086] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  982.411856][T19086] CPU: 1 UID: 0 PID: 19086 Comm: syz.0.2564 Not tainted 6.15.0-syzkaller-13473-gc0c9379f235d #0 PREEMPT(full) 
[  982.423625][T19086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  982.433711][T19086] Call Trace:
[  982.437014][T19086]  <TASK>
[  982.439965][T19086]  dump_stack_lvl+0x3d/0x1f0
[  982.444604][T19086]  panic+0x71c/0x800
[  982.448558][T19086]  ? __pfx_panic+0x10/0x10
[  982.453004][T19086]  ? mark_held_locks+0x49/0x80
[  982.457797][T19086]  ? preempt_schedule_thunk+0x16/0x30
[  982.463206][T19086]  ? msft_opcode_get+0x6d/0x80
[  982.468043][T19086]  ? preempt_schedule_common+0x44/0xc0
[  982.473745][T19086]  ? msft_opcode_get+0x6d/0x80
[  982.478553][T19086]  check_panic_on_warn+0xab/0xb0
[  982.483532][T19086]  end_report+0x107/0x170
[  982.487896][T19086]  kasan_report+0xee/0x110
[  982.492426][T19086]  ? msft_opcode_get+0x6d/0x80
[  982.497231][T19086]  msft_opcode_get+0x6d/0x80
[  982.501855][T19086]  ? __pfx_msft_opcode_get+0x10/0x10
[  982.507173][T19086]  simple_attr_read+0x16b/0x370
[  982.512048][T19086]  ? __debugfs_file_get+0x1fe/0x840
[  982.517267][T19086]  ? __pfx_simple_attr_read+0x10/0x10
[  982.522668][T19086]  ? __debugfs_file_get+0x1fe/0x840
[  982.527897][T19086]  ? __pfx___debugfs_file_get+0x10/0x10
[  982.533902][T19086]  debugfs_attr_read+0x76/0xa0
[  982.538714][T19086]  full_proxy_read+0x13c/0x200
[  982.543501][T19086]  ? __pfx_full_proxy_read+0x10/0x10
[  982.548807][T19086]  vfs_read+0x1e1/0xc60
[  982.552993][T19086]  ? __pfx___mutex_lock+0x10/0x10
[  982.558125][T19086]  ? __pfx_vfs_read+0x10/0x10
[  982.562840][T19086]  ? __fget_files+0x20e/0x3c0
[  982.567551][T19086]  ksys_read+0x12a/0x250
[  982.571828][T19086]  ? __pfx_ksys_read+0x10/0x10
[  982.576631][T19086]  do_syscall_64+0xcd/0x490
[  982.581155][T19086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  982.587081][T19086] RIP: 0033:0x7f48ee38e929
[  982.591514][T19086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  982.611158][T19086] RSP: 002b:00007f48ef121038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  982.619597][T19086] RAX: ffffffffffffffda RBX: 00007f48ee5b5fa0 RCX: 00007f48ee38e929
[  982.627587][T19086] RDX: 000000000000ffff RSI: 0000200000006740 RDI: 0000000000000004
[  982.635578][T19086] RBP: 00007f48ee410b39 R08: 0000000000000000 R09: 0000000000000000
[  982.643567][T19086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  982.651559][T19086] R13: 0000000000000000 R14: 00007f48ee5b5fa0 R15: 00007fff1ca144d8
[  982.659584][T19086]  </TASK>
[  982.662787][T19086] Kernel Offset: disabled
[  982.667115][T19086] Rebooting in 86400 seconds..