last executing test programs:

6.412438652s ago: executing program 3 (id=1470):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bpf$auto(0x0, 0x0, 0x6f3)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0340, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r2, 0x560e, r3)
sendmsg$auto_ETHTOOL_MSG_MODULE_SET(r0, 0x0, 0x20040000)

5.965908508s ago: executing program 0 (id=1472):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket(0xa, 0x1, 0x84)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/net/rose13/statistics/rx_crc_errors\x00', 0x1f1842, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0)
read$auto(r2, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
sendmsg$auto_NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x4000)
unshare$auto(0x40000080)
write$auto(0x4, 0x0, 0x100082)
r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x123000, 0x0)
ioctl$auto(r3, 0x5406, r3)
syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000000), r1)
socket(0x2, 0x2, 0x0)
bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
socket(0x2c, 0x1, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)

5.21936097s ago: executing program 1 (id=1473):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0xffffffff, 0x6, 0x6, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
close_range$auto(0x2, 0xa, 0x0)
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x801, 0x106)
r1 = io_uring_setup$auto(0x6, 0x0)
io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000)
mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6', 0x4, 0x0)
getcwd$auto(0x0, 0xffffffffffffffff)
fspick$auto(0xffffffffffffffff, 0x0, 0x8)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000080)={0x5, "01a95ca04a27a7ad924227a1f8f9c302817df60439210ba37f9a403df5417b1f", @inferred=r0})
r2 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100)
r3 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
pread64$auto(r3, 0x0, 0x5, 0x5)
write$auto(r2, 0x0, 0x7)
keyctl$auto(0xa, 0xfffffffffffffffd, 0x0, 0x0, 0x0)

5.218134289s ago: executing program 3 (id=1474):
mmap$auto(0x0, 0x7fffffff, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
socket(0xa, 0x801, 0x186)
listen$auto(0x3, 0x83)
setsockopt$auto(0x3, 0x1, 0x1, 0x0, 0x9)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram9/queue/write_zeroes_max_bytes\x00', 0x20400, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/255, 0xff)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC1D1p\x00', 0xa00, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
ioctl$auto_BLKRRPART(r2, 0x125f, 0x700000000000000)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'macvtap0\x00', <r5=>0x0})
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="e5b726bd7000fcdbdd251900000020000180140002006d61637674617030000000000000000008000100b5e197cfa6534b99ccf4dd787eb07931ff9da1b1be7ad2a9ca81cc97f8ef2cf7e308e1579fda486b6fd860ce5867896d40c2977c39fb795852808b279c9f5f55e54f28627f6af3d4cf4926229d11fad9a3ad6e0b14f92cffccae0423051b59118b264f865095f6310e6d9e2d8fd2d6efe8f1e32ea120cf9faeb20ebcd6a5fa30900d714d5a4094a41f4cd4147de0666f5ba683073cb555c64ec66506e45f60d481e54b1c663dcf2c1632977333b275b2c8627af93590298cb82862d6bf0a4f782b19d858459c4c7db7734b73aa3a96567381f64255552a53199d582184fc06ba8e3ba3fa130d40f753035a84a5012d9294096aeb41ccf3825a9d297eb6077859aa5cce6d669b51d1735a8e368bcdfa64cb70fad61ef8e0ef0a793e1c9dccda7e86f4382e4e41aea7db057a9fd44f58257ce75fde2c4c57708ace964789fa518c868ac4259abf28757fada86176a404c4ef7c0dfeaac8df8883ecb6ea5853fadca4824d1ed4df6900b725ac82acd3d84b66ab377d2878bfcd1263e819e164da08058c2c860843666656637566d733534483f1a091a9be34c810d14d4f986ccd37ff27417b0535563241f17a3eafc205698ba37cbb72", @ANYRES32=r5, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x200, 0x1)
open(&(0x7f0000001bc0)='./file0\x00', 0x68340, 0x0)
open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x35be42, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
sysfs$auto(0x2, 0x100000000000034, 0x0)
fsopen$auto(0x0, 0x1)

4.523457255s ago: executing program 0 (id=1477):
r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="c0090000", @ANYRES16=r0, @ANYBLOB="13002cbd700023723ab36bf877ac08001701", @ANYRES32=r2], 0x9c0}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894)

4.156284315s ago: executing program 0 (id=1478):
r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff)
sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000280)={0x14, r1, 0xf3e97f51700e57cf, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8020)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000005c0)={0x14, r0, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000060}, 0x20040014)
read$auto(0xffffffffffffffff, &(0x7f0000000000)='*`@\\!#.\\\x00', 0x3)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/tty/tty29/power/runtime_active_time\x00', 0x0, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000003c0)=""/4096, 0x1000)
socket$nl_generic(0x10, 0x3, 0x10)
adjtimex$auto(&(0x7f00000001c0)={0x2, 0x0, 0xc0000000, 0x6, 0x8, 0xd42, 0x400, 0x0, 0x9, 0x7, 0x400, {0x10000, 0x1}, 0x7, 0x0, 0xfffffffffffffbff, 0xcf, 0x0, 0x3, 0xfff, 0x8, 0x7, 0x2, 0x7})
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804)
lstat$auto(0x0, &(0x7f0000000180)={0xe, 0x2, 0x100000001, 0x1000, 0x0, 0x0, 0x0, 0xfa98, 0x8, 0x7fffffffffffffff, 0x8000000004, 0x100000007fffffff, 0x5, 0x0, 0x7, 0x4, 0x3})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x89fc, &(0x7f0000000040)={'bridge0\x00'})

3.90583118s ago: executing program 2 (id=1479):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="010b27bd7000fcdbdf250500", @ANYRES32, @ANYBLOB='aol\r\\'], 0x1c}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000084)

3.822654183s ago: executing program 3 (id=1480):
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
mmap$auto(0x2, 0x20003, 0xdf, 0xeb1, 0xffffffffffffffff, 0x3)
r0 = socket(0xa, 0x3, 0x87)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0xa, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_TIPC_NL_PEER_REMOVE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="0400"], 0x14}, 0x1, 0x0, 0x0, 0x48891}, 0x20)
setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9)
syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r1)
syz_genetlink_get_family_id$auto_nl80211(0x0, r1)
mq_notify$auto(0xffffffffffffffff, &(0x7f00000000c0)={@sival_ptr=0x0, @inferred=r0, 0x2, @_sigev_thread={0x0, 0x0}})
syz_genetlink_get_family_id$auto_nl80211(0x0, r0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f0000000180)=ANY=[@ANYBLOB='*', @ANYRES16, @ANYBLOB="010029bd"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x6, &(0x7f00000002c0)={0x0, 0x6}, 0x11, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x2)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/erspan0/use_tempaddr\x00', 0x2183, 0x0)
write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0)

3.687917499s ago: executing program 0 (id=1481):
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000)
r0 = socket(0xa, 0x1, 0x84)
io_uring_setup$auto(0x401, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54)
getsockopt$auto(r0, 0x84, 0x14, 0x0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r1 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000)
sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000)
write$auto(r1, 0x0, 0x2)
recvfrom$auto(0x3, 0x0, 0x4, 0x1, 0x0, 0xfffffffffffffffd)
openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000080)='/dev/usbmon2\x00', 0x5c3900, 0x0)
ioctl$auto_MON_IOCQ_URB_LEN(r2, 0x9201, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x4004000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x6482, 0x0)
mmap$auto(0x0, 0x2020009, 0xdf, 0xeb1, 0xfffffffffffffffa, 0x0)

3.570839728s ago: executing program 2 (id=1482):
mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff)
mmap$auto(0x2, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2) (async, rerun: 64)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) (rerun: 64)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8) (async)
madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0x10b000, 0x0)
r2 = ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';') (async)
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
mmap$auto(0x0, 0xfffffffffffff81f, 0x3, 0x7fff, r1, 0x8001) (async, rerun: 32)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0) (async)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4)
sendmsg$auto_NL80211_CMD_VENDOR(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="21aea9afaa0217010000008000"/22], 0x1c}, 0x1, 0x0, 0x0, 0x5}, 0x4000000) (async)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async)
mmap$auto(0xfffffffffffffffd, 0xffffffffffff6963, 0xde, 0x9b75, r1, 0x1)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
msgrcv$auto(0x71, &(0x7f0000000040)={0x4, 0x3}, 0x59, 0x7fffffffffffffff, 0x5) (async, rerun: 32)
msgrcv$auto(0x0, 0x0, 0x3, 0x1, 0xf1) (rerun: 32)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)
socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) (async)
writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8)

3.441213402s ago: executing program 1 (id=1483):
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
io_uring_setup$auto(0xa, 0x0)
mmap$auto(0x0, 0x10000, 0xde, 0x11, 0xffffffffffffffff, 0x28000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff)
close_range$auto(0x2, 0xffffffffffffffff, 0x0)
io_uring_setup$auto(0x6, 0x0)
socket(0x840000000002, 0x3, 0xff)
r0 = socket(0x11, 0x80003, 0x300)
futex$auto(0x0, 0x6, 0x6, 0x0, 0x0, 0x9)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4)
connect$auto(0x3, &(0x7f0000000040), 0x55)
sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB='J\x00\x00', @ANYRES32], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x54)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x1100000000000000, 0x9}, 0x7}, 0x3, 0x0)

3.15949062s ago: executing program 1 (id=1484):
unshare$auto(0x40000080)
r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
mbind$auto(0xf000, 0x1, 0x1, 0x0, 0x7fff, 0x2)
mmap$auto(0x2, 0x400408, 0xdf, 0x9b72, r0, 0x8000)
mbind$auto(0x20000000002000, 0x100000004, 0x100000000, 0x0, 0x1, 0x2)
msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5)
mprotect$auto(0x8000, 0x8, 0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
poll$auto(&(0x7f0000003640)={r1, 0x4, 0xffff}, 0x4, 0x100000)
syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff)
mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311)
r2 = socket(0x10, 0x80002, 0x0)
r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000007a80), 0xffffffffffffffff)
sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000700)={0x14, r3, 0x199, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x40)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/dfscache\x00', 0x40080, 0x0)
sendmsg$auto_IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, 0x0, 0x8800)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop4\x00', 0x169580, 0x0)
ioctl$auto_SG_GET_RESERVED_SIZE(r4, 0x40101286, 0x0)

2.488930626s ago: executing program 2 (id=1485):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r0, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@typed={0x8, 0xb, 0x0, 0x0, @fd=r1}]}]}]}, 0x28}, 0x1, 0x0, 0x300000000000000, 0x200400f0}, 0x800)

2.482673564s ago: executing program 3 (id=1486):
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptybf\x00', 0x62180, 0x0)
openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x200000000, 0xfffdfffffffffffa, 0x6, 0x5, 0x6, 0x0, 0x8, 0xfffffffffffffffd, 0x2, {0x100000001, 0x3}, 0x7, 0x1, 0x10000000000009, 0x1008000, 0x0, 0x2000005, 0x81, 0xdfffffffffff6295, 0x10000000000405, 0x4, 0x2})
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
r1 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_ILA_CMD_DEL(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010021bd7000fbdbd025020000000c0003000d0000ba0a9eecfd8c8a9aca0008b50100000000000c00030000000000000000", @ANYRES32=0x0, @ANYBLOB="0500"/15], 0x50}, 0x1, 0x0, 0x0, 0x4004804}, 0x10)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
madvise$auto(0x110c230000, 0x1, 0x9)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/i8042/serio0/force_release\x00', 0xc2082, 0x0)
write$auto(r3, &(0x7f00000004c0)='N\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x7ff)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
fchdir$auto(0xffffffffffffffff)
mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/cgroup.type\x00', 0x103042, 0x0)

2.278780803s ago: executing program 2 (id=1487):
openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/audit\x00', 0x200, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x20081, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
io_uring_setup$auto(0x6, 0x0)
socket(0x15, 0x5, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xf, 0x3, 0x2)
lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0x8, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0x2, 0xd, 0x6, 0x200000100103})
sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRES32=r1, @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4)
r2 = socket(0x10, 0x2, 0x6)
sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0xf000000, 0x0, 0x2000c000}, 0x4004)
openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2202, 0x0)
writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8)
recvmmsg$auto(0x3, 0x0, 0x4, 0x2, 0x0)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
ioctl$auto_BLKRRPART(r3, 0x125f, 0x0)
open(0x0, 0x161342, 0x100)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)
open(0x0, 0xeee00, 0x31)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)

1.495062537s ago: executing program 3 (id=1488):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_LISTENER_SET(r1, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000180)={0x14, r2, 0x1, 0x870bd2b, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x2000000, 0xc000}, 0x20000000)
mmap$auto(0x0, 0xfffffffffffff81f, 0x3, 0x7fff, 0xfffffffffffffffa, 0x8001)
openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
write$auto(r3, 0x0, 0x100000a3d9)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r0, 0x28000)
prctl$auto(0x1000000003b, 0x4, 0x0, 0x9, 0x7)
msync$auto(0x1ffff000, 0x180000000000000, 0x400000004)
msgrcv$auto(0x0, 0x0, 0x3, 0x1, 0xf1)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0)

1.464280984s ago: executing program 1 (id=1489):
r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0xa02, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f00000001c0)={{@inferred, 0x1, 0x6, 0x80000001, "a2b8e85fc56865ba529faa0000000000000002000000692a2400000080000000feffffffffffffff00"}, 0x6, 0x5, 0x7, @raw, @reserved="fb99d320be0de941ac3f58d7aae0c84cbe332d618e0342771e3ac6e9a9df07cf9b1c017c611ac455c01804d0d4c89bee7005c5affd5ab891b44e48364e8de3f344584996c31f9ae16c6c4f062d38f590125ed264000000000000000000000000000000000000000600", "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f4ab606c276852295e00af49090000008034"})

1.262306963s ago: executing program 0 (id=1490):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bpf$auto(0x0, 0x0, 0x6f3)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0340, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r2, 0x560e, r3)
sendmsg$auto_ETHTOOL_MSG_MODULE_SET(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fbdbdf252f000000180001801400020076657468305f6d616376746170"], 0x2c}, 0x1, 0x0, 0x0, 0x80c1}, 0x20040000)

1.203878093s ago: executing program 1 (id=1491):
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x22d02, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400a, <r0=>0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x80, 0x104, 0x6, 0x20000000003}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}})
r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0xec902, 0x0)
read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000d40)=""/16, 0x10)
mmap$auto(0x0, 0x8000000000020006, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000)
unshare$auto(0x6)
open(&(0x7f0000000800)='./file0\x00', 0x62743, 0x154)
fsconfig$auto_SHMEM_HUGE_WITHIN_SIZE(r0, 0xffffffff, &(0x7f00000004c0)='\x86\x8fJ\a\xad\x19\"\x80,\"\v2\x19\xb7\xb1dwT!\xc7\t\xe9{l\x8dr(\'R{\x1f\xe3\xad\x91\x92\x8aT\xa8\x12=\xe3:\xcd\xfa\xb3|+w\xb4B\x97Z\xc2z\x93\x83s8\xb5^\x86\xd7d\x93\xe3\v\x83\xf6\xae]D\xec\xf4\xa6\xe2\x86\b2F\x8c,\v!\xfc\xd1\xed\"\x15\x94\x1cy\f\xb8\x13\xb2\xf0\xa1\xaex5\x9c\xa5\xcfK`\xbcR\xde\xaa\xcaQ\x1d\xe7HKM\xd8\xba\fM8cjq\b\xccxX\xf9\x1e\x0f\x95\xec\xe6\x9e\xd7\xaag\xd6\xdc*\x10\x02\xcc\xf7^\xe1/\xc4\xa7\xfb\xe8\xf0\xb2\x8e\x96\x81', &(0x7f0000000240)="3d70aa42ea72d62d7d2fe39f29603dff8f97c1b1b50ec5ce9eef959f9d7ee99631dcfa2436c0c16d6b7ce4ee4ec8cf2014a1b7042667e1556a1e592d73cb9181caa36be823fa68b77e63ca01d8a165e47bc429172f0e53852fb397d6dcaa0527abb4ca74db06a015e927aef31bc4804bb0595644acb2b83cbe1a201edd1befdc2cd21c360f43fbfbde7672c5485582b3b5e1f57505c660d153201f663f086f8d37a45d457285063c7ab32e0a0ccec8488beacb7556197bb94b0d63ae87ff5c7af050968766e3ba3ff8b53b44c0add5e509588a9269cf36fb81cdd73a47cd77c5545c61c6d255743e2f842e5a47c2053ec50659d4e4f9b006cc79a89ff835b7bf8cbb1d92652da13ed14268ccd09e310d90dccdc2836a57703a72090d7eb383f1a967676bc814970d6dfd296946b70910ea49fac0d82823057369acd88184ef76bc226e7722a998932c46819378329158c508bba6167533152de5cd893b16504ff873a1b09a60c4ba93a063663dec15548910578c6aed45179e8042ac1f3e6784f6f8eec5e5aad299fbf0b800dd87aac1e482678984d3c086d83f8a929e4f623bc65057a0f6e9592014a751951bec32466458bd292bb417ea8133027e9896574e975dc0a65f69f631d5fe3b09a8538bdb65f25f2cb5753918fd529c60b4ea00e2c43b17ed95c8a5a458663f10c83b8703bd53dbd55272da5d5015be6615f1a7a5c4c0a67fe83f919f417081f1337e186f544b66deba46e9994dc066d0e99513b2d83d", 0x2)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/swradio12\x00', 0x0, 0x0)
poll$auto(&(0x7f0000000480)={r2, 0xffff, 0x29}, 0x3, 0x8)
mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000)
r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume_offset\x00', 0x828100, 0x0)
read$auto(r3, 0x0, 0x20)
unshare$auto(0x40000080)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dri/card0\x00', 0x400, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttyc7/dev\x00', 0x4000, 0x0)
getpid()
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
sysfs$auto(0x2, 0x2, 0x0)
r4 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)

1.179791703s ago: executing program 2 (id=1492):
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/security/tomoyo/manager\x00', 0x200, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
socket(0xa, 0x801, 0x186)
listen$auto(0x3, 0x83)
setsockopt$auto(0x3, 0x1, 0x1, 0x0, 0x9)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram9/queue/write_zeroes_max_bytes\x00', 0x20400, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/255, 0xff)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC1D1p\x00', 0xa00, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
ioctl$auto_BLKRRPART(r2, 0x125f, 0x700000000000000)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'macvtap0\x00', <r5=>0x0})
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="e5b726bd7000fcdbdd251900000020000180140002006d61637674617030000000000000000008000100b5e197cfa6534b99ccf4dd787eb07931ff9da1b1be7ad2a9ca81cc97f8ef2cf7e308e1579fda486b6fd860ce5867896d40c2977c39fb795852808b279c9f5f55e54f28627f6af3d4cf4926229d11fad9a3ad6e0b14f92cffccae0423051b59118b264f865095f6310e6d9e2d8fd2d6efe8f1e32ea120cf9faeb20ebcd6a5fa30900d714d5a4094a41f4cd4147de0666f5ba683073cb555c64ec66506e45f60d481e54b1c663dcf2c1632977333b275b2c8627af93590298cb82862d6bf0a4f782b19d858459c4c7db7734b73aa3a96567381f64255552a53199d582184fc06ba8e3ba3fa130d40f753035a84a5012d9294096aeb41ccf3825a9d297eb6077859aa5cce6d669b51d1735a8e368bcdfa64cb70fad61ef8e0ef0a793e1c9dccda7e86f4382e4e41aea7db057a9fd44f58257ce75fde2c4c57708ace964789fa518c868ac4259abf28757fada86176a404c4ef7c0dfeaac8df8883ecb6ea5853fadca4824d1ed4df6900b725ac82acd3d84b66ab377d2878bfcd1263e819e164da08058c2c860843666656637566d733534483f1a091a9be34c810d14d4f986ccd37ff27417b0535563241f17a3eafc205698ba37cbb72", @ANYRES32=r5, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x200, 0x1)
open(&(0x7f0000001bc0)='./file0\x00', 0x68340, 0x0)
open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x35be42, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
sysfs$auto(0x2, 0x100000000000034, 0x0)
fsopen$auto(0x0, 0x1)

381.063374ms ago: executing program 3 (id=1493):
setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, &(0x7f0000000040)='(%}[\x00', 0x3)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x2, 0x1, 0x1, 0x9b71, r0, 0xb)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/block/loop5/queue/scheduler\x00', 0xa0b02, 0x0)
r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0)
read$auto(r1, 0x0, 0xb4d3)
write$auto(0x3, 0x0, 0x8)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000)
mmap$auto(0x0, 0x6, 0x0, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x4, 0x9)
get_mempolicy$auto(0x0, 0x0, 0x703, 0x71f6, 0x3)
mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000)
adjtimex$auto(0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x10002, 0x0)
r2 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0)
write$auto_snd_seq_f_ops_seq_clientmgr(r2, &(0x7f00000000c0)="632d1bfe595046ab5c40bd6163307acb6d16baef6176e669a216aae1834ccafdd80500ffffffffdfff1a0e00"/56, 0x38)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, 0x0, 0x400, 0x0)
clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
ioctl$auto(0x3, 0x80087601, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x206, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0xfffff000}})
clock_adjtime$auto(0x4, &(0x7f0000000100)={0x101, 0x0, 0x1, 0x2, 0x575c, 0x6, 0x2, 0x0, 0x0, 0x3, 0x1, {0xfffffffffffffff8, 0x5}, 0x5, 0x7, 0x2, 0xfffffffc, 0x0, 0x5, 0x9, 0x8, 0x2, 0x3, 0x6782})
close_range$auto(0x2, 0x8, 0x0)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0)
r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0)
ioctl$auto(r3, 0x80, 0xd3)
mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0)

44.356028ms ago: executing program 2 (id=1494):
fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0)
fgetxattr$auto(0xffffffffffffffff, &(0x7f0000000000)='ba\x02adv\x00', &(0x7f0000000100)="3dd8b17dff86632b4dc28151", 0x4)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
r0 = openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim0/psample/enable\x00', 0x2, 0x0)
write$auto_nsim_psample_enable_fops_psample(r0, &(0x7f0000000080)="794703", 0x3)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x0, @my=0x1}, 0x55)
listen$auto(0x3, 0x81)
accept$auto(0x3, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x0, 0xfffffffffffff001, 0x2)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
read$auto(r1, 0x0, 0x20)
r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
writev$auto(r2, &(0x7f00000001c0)={0x0, 0x7}, 0x3)
r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
ioctl$auto_PPPIOCNEWUNIT(r3, 0xc004743e, 0x0)
mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
pkey_mprotect$auto(0x9, 0x556e000000000000, 0xffffffffffffb1b9, 0xfffffffd)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x15)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1100af"], 0x1ac}, 0x1, 0x0, 0x0, 0x26004814}, 0x0)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)

1.661713ms ago: executing program 1 (id=1495):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bpf$auto(0x0, 0x0, 0x6f3)
sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0340, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0)
ioctl$auto(r2, 0x560e, r3) (fail_nth: 1)
sendmsg$auto_ETHTOOL_MSG_MODULE_SET(r0, 0x0, 0x20040000)

0s ago: executing program 0 (id=1503):
openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/security/tomoyo/manager\x00', 0x200, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0)
socket(0xa, 0x801, 0x186)
listen$auto(0x3, 0x83)
setsockopt$auto(0x3, 0x1, 0x1, 0x0, 0x9)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram9/queue/write_zeroes_max_bytes\x00', 0x20400, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/255, 0xff)
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC1D1p\x00', 0xa00, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
ioctl$auto_BLKRRPART(r2, 0x125f, 0x700000000000000)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'macvtap0\x00', <r5=>0x0})
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="e5b726bd7000fcdbdd251900000020000180140002006d61637674617030000000000000000008000100b5e197cfa6534b99ccf4dd787eb07931ff9da1b1be7ad2a9ca81cc97f8ef2cf7e308e1579fda486b6fd860ce5867896d40c2977c39fb795852808b279c9f5f55e54f28627f6af3d4cf4926229d11fad9a3ad6e0b14f92cffccae0423051b59118b264f865095f6310e6d9e2d8fd2d6efe8f1e32ea120cf9faeb20ebcd6a5fa30900d714d5a4094a41f4cd4147de0666f5ba683073cb555c64ec66506e45f60d481e54b1c663dcf2c1632977333b275b2c8627af93590298cb82862d6bf0a4f782b19d858459c4c7db7734b73aa3a96567381f64255552a53199d582184fc06ba8e3ba3fa130d40f753035a84a5012d9294096aeb41ccf3825a9d297eb6077859aa5cce6d669b51d1735a8e368bcdfa64cb70fad61ef8e0ef0a793e1c9dccda7e86f4382e4e41aea7db057a9fd44f58257ce75fde2c4c57708ace964789fa518c868ac4259abf28757fada86176a404c4ef7c0dfeaac8df8883ecb6ea5853fadca4824d1ed4df6900b725ac82acd3d84b66ab377d2878bfcd1263e819e164da08058c2c860843666656637566d733534483f1a091a9be34c810d14d4f986ccd37ff27417b0535563241f17a3eafc205698ba37cbb72", @ANYRES32=r5, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fanotify_init$auto(0x200, 0x1)
open(&(0x7f0000001bc0)='./file0\x00', 0x68340, 0x0)
open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/nullb0\x00', 0x35be42, 0x0)
mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000)
sysfs$auto(0x2, 0x100000000000034, 0x0)
fsopen$auto(0x0, 0x1)

kernel console output (not intermixed with test programs):








	








	




	




		







	
		

	


		

		
	
		
	

	

	



			








	
	


	

	

	
	









	





	

	


	






	





	





		









	
		
			
			


	
	




	
				
	

	
		


	

	
	


	
		
			
			


	
	

	
		

	
		

	


	

	

		
	
		
	

	

	



			








	

	















	



	








		
	
	

















	










	



	
	



	

		








	








	




	





		







	

	
	
	
	
	
	

	
	
	
	
	
	

	
	
	
	
	
	

	
	
	
	
	
	

	
	
	

	

	
	

	
	

	
	

	

	
		

	


	
	

		
	
		
	

	

	



			








	

	






		


		

		

	
	









	





	

	


	






	





	





		








	

	
	

	
	

	

	
		

	


	
	

		
	
		
	

	

	



			








	





	















	


	








	

	








	




	




		







	

	
	

	
		
	

	
	

	
	

	

	

	
		

	


	
	

		
	
		
	

	

	



			








	





	





















	

	





	














	
	



	












	






















	



















	




	





		







	

	
		

	
	
	

	

	
		


	
	
	

			

	


			

	
		

	


	
	

		
	
		
	

	

	



			








	

	
	



	









		

		
	
	
		









	

	
	
















	




	




		












	

	
		
	

	
		
	

	
		

	
		
			
			


	

	
		

	


		

		
	
		
	

	

	



			








	

	


	


	

	



	






	












	


	





	
	







	
	

	

	

	
		

	
		

	


	
	

		
	
		
	

	

	



			








	

	
	






	







	






	
	
		
	
			
	






	




	





		











	

	
		
	

	
	

	
	

	
	

	
	

	
		
	

	
	

	
		
	

	
	

	
	

	

	
		

	


	
	

		
	
		
	

	

	



			








	




	










	

	


	

	





		


	











	




		

	

		
			


	
	
	
	

	







		






	






	




	




		








				
		
	

	
		

	


	
	

		
	
		
	

	

	



			








	


		

	






		
		
			

			





	

	














	

	

		
	
	
	
	






	




	




		










		


	


	



		


	































	
	



	

				



	






















	












		





	

	





	















	









	
		
	

	
		


	
	
	
	

	
	
	

	
		
	

	
		
	
	

	

	

	
		
	

	
		
	

	
		
	

	
		



		


	


	


	

		
	

	
		


	

































	
	


	

				



	


	
		
















	

		

	
	


	
		

	

				
		


		




	




	

	

	

	


	
		
		
	

	



	


	

	
		

	
		

	


	
	

		
	
		
	

	

	



			








	




	






		

	




	

		








	








	





	





		









				


	
	

	
		

	
		

	


	
	

		
	
		
	

	

	



			








	




	





	

	

	

	







	


	


	






	




	





		








		




	
		
			
			


	
	
	
	
	
	
	

	
		

	


	
	

		
	
		
	

	

	



			








	




	




		












	

	
	
	










	





	




	
	








	
		

	


	
	

		
	
		
	

	

	



			








	





	







	




	

	





	

	



	



	

		

		
	


		

		
			
			
		

	
	
	
	
	

	




	

		











	

	
	
















	




	





		










		


	



	

	

	

	
	

	
		
	

	
		

	
		

	


	
	

		
	
		
	

	

	



			








	

	













	
	

	

	
	
	
	

	
	
	
	
	
	
	
	

	




	

	
	
	
	
	
	
	
	

	
		


	
		

		

	
	








	








	





	





		









	
		

	


	
	

		
	
		
	

	

	



			








	




	





	






	
	





	


		

		





	


	




	
	
	

	
		



		

		

	
	








	









	




	





		







	

	
	

	
		
	
	

	
	
	
	

	
	
	

	
		
	
	

	
	
	

	
		
	

	
		
	

	
		


				


			
	


	




		
		

			
		

	
		

	


		

		
	
		
	

	

	



			








	

	


	


	

	



	






	












	


	





	
	






	

	
		
	

	
		

		
	

	
	

	
	

	
	

	
	

	
		

	
		

	


	
	

		
	
		
	

	

	



			








	

	






		


	
	





	


		

		





	


	




	
	
	

	
		



		

		

	
	








	








	





	





		








	

	
	

	
	

	
	

	
	
	
	
		

	



	
	



	
	
		

	



	
	

	

	
		


				


			
	


	


	

	
		
	

	

		
		



		


	
	

	
		
			
			


	
	
	

	
	
	

	
		
	

	
		
	

	
		



	




	
	




			

			
	

	

	
		

	
		

	


	
	

		
	
		
	

	

	



			








	





	













	











	

	
		
		
		
		
		

		


		


















	










	





	





		








	

	
		
	

	

		
		
	

	
		
	

	
		
	

	
		
	
	
	
	
	
	
	

	
		

	
		
			
			


	
	

	
		


		
	


				



	



	

	
		
	

	
		
	

	
		
	

	
		


	
	
	

	

	
		



	

	
		

		

	

	

		

	

	
		
	

	
		
	

	
		



	
	

	
		
	

	
		
	

	
		


	
	
	




	

	
		

	
		
			
			


	
	






	


	

	
				
	
	



	
		



	

	
		
	

	
		

	
		

	


	
	

		
	
		
	

	

	



			








	





	









	

	








	








	
		
		




	




		





		
			
			
		

	
	
	
	
	

	




	

		











	

	
	
















	




	





		








	


	
	




	
				
	

	
		
	

	
		

	
		
			
			


	
	
	

	
		

	
				
	
	



	
		
	
	
	
	
	
	



	


	

	
		
	

	
		



		





	

	
		






	

	
		
	

	
		
	
	

	
	
	
	

	
	
	
	

	
	
	



	

	
		

	
		
			
			


	
	

	
		
	

	
		
		
		





	
			
	

	
				
		
		



	
	

	
		
	

	
		






	


		
		

	

	
		
	

	
		



	

	
		
	

	
		
		
		

	

	
		


	
	





	
	
			
	


	

	






	
	
			
	



	


	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	


		
	
	

	
		

	


	
	

		
	
		
	

	

	



			








	




	













	









		
	
	


	



















	




	






		







	

	
		
	

	
		

	
	
	

	


		
	
	
	


		
	
	
	
	

	
	




			


	
		
			
			


	
	
	

	
		



	

	
		
	

	
		
	

	
		

	
		
			
			


	

		

		
		
	
	
	
	
	
	



	
	
	
		
	

			

	

	
	
				
		
	
	

	

	



				
					
		
			
	
		

		


	

		


	


	

	

	



	
	

	
	
	

	
		
	

	
		
	

	
		

	
		

	


		

		
	
		
	

	

	



			








	
	
	


	
	


	

	

	
	
	
	
	
	

	



	
	
	
	
	






	




	





		







	

	
		
	

	
		

	
		

	


	
	

		
	
		
	

	

	



			








	




	





	

	

	

	



	
	






	

	
			
			
	

			
		

		
			
			
		

		


		


















	










	





	





		









	

	
	

	
		



	




	
				
	

	
		
	




	
				
	

	
		
	

	
		
	

	
		
	

	
		



	


	

	
		
	

	
		

	

	

	
		
			
			


	

	
		

	


		

		
	
		
	

	

	



			








	
	
	


	
	

	

	
	
	
		


	
	
	

	



	
	
	
	
	






	




	





		






	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		

	
		

	


	
	

		
	
		
	

	

	



			








	


	
	

	



	
	

	

	
	
	
		


	
	
	

	



	
	
	
	
	






	





	





		








	

	
		
	

	
		
		



	
	

	
		
	

	
		
	

	
		

		

		
		
	

	
		
	

	
		

	
		

	


		

		
	
		
	

	

	



			








	

	


	


	

	



	






	











	



	





	

	








	
	

	
	



	


	

	
		
	

	
		




	
		

	


		

		
	
		
	

	

	



			








	










	




	




		





	
	

	
	
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		
	

	
		

	
		

	


	

	

		
	
		
	

	

	



			








	

	






	






	






	




















		
	
	











	



	




	
















	




	




		









	

	
		



	


	

	
		
	

	
		
	

	
		
	

	
		
	
	
				

	

	
			
	
	

	
		
	

	
		
	

	
		
	

	
		




			
	






	

	
		
	

	
		

getty: ttyS0: read error: Resource temporarily unavailable
[  511.385435][T11855] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  511.416934][T11855] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  511.443760][T11855] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  511.484846][T11855] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  511.538576][T11855] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  511.552259][T11855] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  511.732186][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  511.738756][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  512.687896][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  513.488040][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  513.568538][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout
[  513.574707][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout
[  514.451874][T11923] snd_aloop snd_aloop.0: control 1:6:-2147483647:¢¸è_ÅheºRŸª:0 is already present
[  514.770333][ T5837] Bluetooth: hci0: command 0x0c1a tx timeout
[  515.070575][T11929] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1425'.
[  515.566463][ T5837] Bluetooth: hci1: command 0x0c1a tx timeout
[  515.996346][T11942] netlink: 2404 bytes leftover after parsing attributes in process `syz.3.1428'.
[  516.017148][T11920] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  516.412405][T11955] FAULT_INJECTION: forcing a failure.
[  516.412405][T11955] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  516.425843][T11955] CPU: 1 UID: 0 PID: 11955 Comm: syz.0.1430 Tainted: G     U              6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  516.425893][T11955] Tainted: [U]=USER
[  516.425904][T11955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  516.425923][T11955] Call Trace:
[  516.425933][T11955]  <TASK>
[  516.425945][T11955]  dump_stack_lvl+0x16c/0x1f0
[  516.425987][T11955]  should_fail_ex+0x512/0x640
[  516.426041][T11955]  should_fail_alloc_page+0xe7/0x130
[  516.426087][T11955]  prepare_alloc_pages+0x3c2/0x610
[  516.426138][T11955]  ? rcu_is_watching+0x12/0xc0
[  516.426193][T11955]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  516.426235][T11955]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  516.426284][T11955]  ? is_bpf_text_address+0x94/0x1a0
[  516.426329][T11955]  ? kernel_text_address+0x8d/0x100
[  516.426371][T11955]  ? __kernel_text_address+0xd/0x40
[  516.426411][T11955]  ? unwind_get_return_address+0x59/0xa0
[  516.426453][T11955]  ? arch_stack_walk+0xa6/0x100
[  516.426499][T11955]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  516.426566][T11955]  ? stack_depot_save_flags+0x28/0xa40
[  516.426617][T11955]  ? stack_trace_save+0x8e/0xc0
[  516.426664][T11955]  ? __pfx_stack_trace_save+0x10/0x10
[  516.426715][T11955]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  516.426756][T11955]  ? policy_nodemask+0xea/0x4e0
[  516.426803][T11955]  alloc_pages_mpol+0x1fb/0x550
[  516.426848][T11955]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  516.426902][T11955]  alloc_pages_noprof+0x131/0x390
[  516.426947][T11955]  kimage_alloc_pages+0x75/0x350
[  516.426992][T11955]  kimage_alloc_control_pages+0x153/0xa00
[  516.427045][T11955]  ? __pfx_kimage_alloc_control_pages+0x10/0x10
[  516.427100][T11955]  do_kexec_load+0x480/0x8d0
[  516.427147][T11955]  ? __pfx_do_kexec_load+0x10/0x10
[  516.427195][T11955]  ? _copy_from_user+0x59/0xd0
[  516.427250][T11955]  __x64_sys_kexec_load+0x1bf/0x230
[  516.427298][T11955]  do_syscall_64+0xcd/0x490
[  516.427342][T11955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.427375][T11955] RIP: 0033:0x7f652ed8e969
[  516.427402][T11955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  516.427434][T11955] RSP: 002b:00007f652cbb4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  516.427464][T11955] RAX: ffffffffffffffda RBX: 00007f652efb6160 RCX: 00007f652ed8e969
[  516.427487][T11955] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005
[  516.427507][T11955] RBP: 00007f652cbb4090 R08: 0000000000000000 R09: 0000000000000000
[  516.427527][T11955] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  516.427554][T11955] R13: 0000000000000000 R14: 00007f652efb6160 R15: 00007ffd5a691fe8
[  516.427596][T11955]  </TASK>
[  516.696870][T11955] kexec: Could not allocate control_code_buffer
[  517.073671][T11962] FAULT_INJECTION: forcing a failure.
[  517.073671][T11962] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  517.116366][T11962] CPU: 1 UID: 0 PID: 11962 Comm: syz.0.1433 Tainted: G     U              6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  517.116437][T11962] Tainted: [U]=USER
[  517.116448][T11962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  517.116467][T11962] Call Trace:
[  517.116478][T11962]  <TASK>
[  517.116490][T11962]  dump_stack_lvl+0x16c/0x1f0
[  517.116533][T11962]  should_fail_ex+0x512/0x640
[  517.116586][T11962]  _copy_from_user+0x2e/0xd0
[  517.116636][T11962]  copy_msghdr_from_user+0x98/0x160
[  517.116678][T11962]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  517.116755][T11962]  ___sys_sendmsg+0xfe/0x1d0
[  517.116796][T11962]  ? __pfx____sys_sendmsg+0x10/0x10
[  517.116831][T11962]  ? __lock_acquire+0x622/0x1c90
[  517.116916][T11962]  __sys_sendmsg+0x16d/0x220
[  517.116957][T11962]  ? __pfx___sys_sendmsg+0x10/0x10
[  517.117022][T11962]  do_syscall_64+0xcd/0x490
[  517.117064][T11962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.117097][T11962] RIP: 0033:0x7f652ed8e969
[  517.117123][T11962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  517.117154][T11962] RSP: 002b:00007f652cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  517.117184][T11962] RAX: ffffffffffffffda RBX: 00007f652efb5fa0 RCX: 00007f652ed8e969
[  517.117206][T11962] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[  517.117226][T11962] RBP: 00007f652cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  517.117245][T11962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  517.117265][T11962] R13: 0000000000000000 R14: 00007f652efb5fa0 R15: 00007ffd5a691fe8
[  517.117306][T11962]  </TASK>
[  517.966052][T11960] kexec: Could not allocate control_code_buffer
[  518.511377][T11976] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1437'.
[  520.637730][T12005] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1444'.
[  524.502376][T12071] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1459'.
[  526.233704][T12115] FAULT_INJECTION: forcing a failure.
[  526.233704][T12115] name failslab, interval 1, probability 0, space 0, times 0
[  526.288741][T12115] CPU: 0 UID: 0 PID: 12115 Comm: syz.0.1469 Tainted: G     U              6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  526.288795][T12115] Tainted: [U]=USER
[  526.288806][T12115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  526.288825][T12115] Call Trace:
[  526.288837][T12115]  <TASK>
[  526.288856][T12115]  dump_stack_lvl+0x16c/0x1f0
[  526.288901][T12115]  should_fail_ex+0x512/0x640
[  526.288945][T12115]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  526.288989][T12115]  should_failslab+0xc2/0x120
[  526.289032][T12115]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  526.289071][T12115]  ? __alloc_skb+0x2b2/0x380
[  526.289116][T12115]  __alloc_skb+0x2b2/0x380
[  526.289151][T12115]  ? __pfx___alloc_skb+0x10/0x10
[  526.289195][T12115]  ? __lock_acquire+0xb8a/0x1c90
[  526.289233][T12115]  netlink_alloc_large_skb+0x69/0x130
[  526.289284][T12115]  netlink_sendmsg+0x6a1/0xdd0
[  526.289340][T12115]  ? __pfx_netlink_sendmsg+0x10/0x10
[  526.289403][T12115]  ____sys_sendmsg+0xa95/0xc70
[  526.289454][T12115]  ? copy_msghdr_from_user+0x10a/0x160
[  526.289493][T12115]  ? __pfx_____sys_sendmsg+0x10/0x10
[  526.289570][T12115]  ___sys_sendmsg+0x134/0x1d0
[  526.289614][T12115]  ? __pfx____sys_sendmsg+0x10/0x10
[  526.289650][T12115]  ? __lock_acquire+0x622/0x1c90
[  526.289733][T12115]  __sys_sendmsg+0x16d/0x220
[  526.289779][T12115]  ? __pfx___sys_sendmsg+0x10/0x10
[  526.289854][T12115]  do_syscall_64+0xcd/0x490
[  526.289897][T12115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.289930][T12115] RIP: 0033:0x7f652ed8e969
[  526.289956][T12115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  526.289989][T12115] RSP: 002b:00007f652cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  526.290019][T12115] RAX: ffffffffffffffda RBX: 00007f652efb5fa0 RCX: 00007f652ed8e969
[  526.290041][T12115] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[  526.290062][T12115] RBP: 00007f652cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  526.290082][T12115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  526.290102][T12115] R13: 0000000000000000 R14: 00007f652efb5fa0 R15: 00007ffd5a691fe8
[  526.290144][T12115]  </TASK>
[  527.499717][T12135] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1475'.
[  528.806393][T12151] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1479'.
[  528.935509][T12138] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[  530.360770][T12180] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1486'.
[  530.718303][T12185] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1487'.
[  531.166429][T12190] snd_aloop snd_aloop.0: control 1:6:-2147483647:¢¸è_ÅheºRŸª:0 is already present
[  532.606903][T12207] 
[  532.609292][T12207] ======================================================
[  532.616335][T12207] WARNING: possible circular locking dependency detected
[  532.623374][T12207] 6.15.0-syzkaller-10402-g4cb6c8af8591 #0 Tainted: G     U             
[  532.631716][T12207] ------------------------------------------------------
[  532.638740][T12207] syz.3.1493/12207 is trying to acquire lock:
[  532.644814][T12207] ffff888142b45420 (&q->elevator_lock){+.+.}-{4:4}, at: elevator_change+0x103/0x400
[  532.654261][T12207] 
[  532.654261][T12207] but task is already holding lock:
[  532.661637][T12207] ffff888142b44ee8 (&q->q_usage_counter(io)#22){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  532.672925][T12207] 
[  532.672925][T12207] which lock already depends on the new lock.
[  532.672925][T12207] 
[  532.683336][T12207] 
[  532.683336][T12207] the existing dependency chain (in reverse order) is:
[  532.692366][T12207] 
[  532.692366][T12207] -> #3 (&q->q_usage_counter(io)#22){++++}-{0:0}:
[  532.701047][T12207]        blk_alloc_queue+0x619/0x760
[  532.706373][T12207]        blk_mq_alloc_queue+0x175/0x290
[  532.711959][T12207]        __blk_mq_alloc_disk+0x29/0x120
[  532.717545][T12207]        loop_add+0x49c/0xb70
[  532.722260][T12207]        loop_init+0x164/0x270
[  532.727052][T12207]        do_one_initcall+0x120/0x6e0
[  532.732445][T12207]        kernel_init_freeable+0x5c2/0x900
[  532.738193][T12207]        kernel_init+0x1c/0x2b0
[  532.743089][T12207]        ret_from_fork+0x5d4/0x6f0
[  532.748220][T12207]        ret_from_fork_asm+0x1a/0x30
[  532.753526][T12207] 
[  532.753526][T12207] -> #2 (fs_reclaim){+.+.}-{0:0}:
[  532.760770][T12207]        fs_reclaim_acquire+0x102/0x150
[  532.766354][T12207]        prepare_alloc_pages+0x162/0x610
[  532.772018][T12207]        __alloc_frozen_pages_noprof+0x18b/0x23f0
[  532.778464][T12207]        __alloc_pages_noprof+0xb/0x1b0
[  532.784025][T12207]        pcpu_populate_chunk+0x110/0xb00
[  532.789688][T12207]        pcpu_alloc_noprof+0x86a/0x1470
[  532.795265][T12207]        xt_percpu_counter_alloc+0x13e/0x1b0
[  532.801290][T12207]        find_check_entry.constprop.0+0xbf/0xa20
[  532.807661][T12207]        translate_table+0xd0b/0x17b0
[  532.813052][T12207]        ip6t_register_table+0x102/0x430
[  532.818708][T12207]        ip6table_nat_table_init+0x4b/0x250
[  532.824628][T12207]        xt_find_table_lock+0x2e1/0x520
[  532.830196][T12207]        xt_request_find_table_lock+0x28/0xf0
[  532.836297][T12207]        get_info+0x190/0x620
[  532.841028][T12207]        do_ip6t_get_ctl+0x169/0xa50
[  532.846351][T12207]        nf_getsockopt+0x7c/0xe0
[  532.851317][T12207]        ipv6_getsockopt+0x1f7/0x280
[  532.856636][T12207]        tcp_getsockopt+0xa1/0x100
[  532.861781][T12207]        do_sock_getsockopt+0x3fc/0x800
[  532.867359][T12207]        __sys_getsockopt+0x123/0x1b0
[  532.872755][T12207]        __x64_sys_getsockopt+0xbd/0x160
[  532.878410][T12207]        do_syscall_64+0xcd/0x490
[  532.883637][T12207]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.890088][T12207] 
[  532.890088][T12207] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}:
[  532.897859][T12207]        __mutex_lock+0x199/0xb90
[  532.902918][T12207]        pcpu_alloc_noprof+0xb4a/0x1470
[  532.908499][T12207]        sbitmap_init_node+0x2fd/0x770
[  532.913983][T12207]        sbitmap_queue_init_node+0x41/0x560
[  532.919904][T12207]        blk_mq_init_tags+0x12d/0x2b0
[  532.925315][T12207]        blk_mq_alloc_map_and_rqs+0x237/0xf60
[  532.931413][T12207]        blk_mq_init_sched+0x30c/0x610
[  532.936922][T12207]        elevator_switch+0x1e1/0x7f0
[  532.942232][T12207]        elevator_change+0x2ac/0x400
[  532.947541][T12207]        elevator_set_default+0x292/0x320
[  532.953288][T12207]        blk_register_queue+0x393/0x4f0
[  532.958869][T12207]        __add_disk+0x74a/0xf00
[  532.963746][T12207]        add_disk_fwnode+0x13f/0x5d0
[  532.969071][T12207]        nbd_dev_add+0x791/0xbc0
[  532.974072][T12207]        nbd_init+0x181/0x320
[  532.978790][T12207]        do_one_initcall+0x120/0x6e0
[  532.984214][T12207]        kernel_init_freeable+0x5c2/0x900
[  532.989981][T12207]        kernel_init+0x1c/0x2b0
[  532.994871][T12207]        ret_from_fork+0x5d4/0x6f0
[  533.000007][T12207]        ret_from_fork_asm+0x1a/0x30
[  533.005319][T12207] 
[  533.005319][T12207] -> #0 (&q->elevator_lock){+.+.}-{4:4}:
[  533.013181][T12207]        __lock_acquire+0x126f/0x1c90
[  533.018578][T12207]        lock_acquire+0x179/0x350
[  533.023629][T12207]        __mutex_lock+0x199/0xb90
[  533.028691][T12207]        elevator_change+0x103/0x400
[  533.034098][T12207]        elv_iosched_store+0x2eb/0x3a0
[  533.039590][T12207]        queue_attr_store+0x279/0x320
[  533.045002][T12207]        sysfs_kf_write+0xef/0x150
[  533.050246][T12207]        kernfs_fop_write_iter+0x354/0x510
[  533.056095][T12207]        vfs_write+0x6c7/0x1150
[  533.060969][T12207]        ksys_write+0x12a/0x250
[  533.065843][T12207]        do_syscall_64+0xcd/0x490
[  533.070932][T12207]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.077369][T12207] 
[  533.077369][T12207] other info that might help us debug this:
[  533.077369][T12207] 
[  533.087629][T12207] Chain exists of:
[  533.087629][T12207]   &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#22
[  533.087629][T12207] 
[  533.101423][T12207]  Possible unsafe locking scenario:
[  533.101423][T12207] 
[  533.108882][T12207]        CPU0                    CPU1
[  533.114256][T12207]        ----                    ----
[  533.119631][T12207]   lock(&q->q_usage_counter(io)#22);
[  533.125211][T12207]                                lock(fs_reclaim);
[  533.131745][T12207]                                lock(&q->q_usage_counter(io)#22);
[  533.139670][T12207]   lock(&q->elevator_lock);
[  533.144279][T12207] 
[  533.144279][T12207]  *** DEADLOCK ***
[  533.144279][T12207] 
[  533.152438][T12207] 7 locks held by syz.3.1493/12207:
[  533.157767][T12207]  #0: ffff888034b4c7f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[  533.166896][T12207]  #1: ffff888035ecc428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250
[  533.175923][T12207]  #2: ffff888022795088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510
[  533.185741][T12207]  #3: ffff888142bd9698 (kn->active#169){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510
[  533.195917][T12207]  #4: ffff888142bb4368 (&set->update_nr_hwq_lock){++++}-{4:4}, at: elv_iosched_store+0x337/0x3a0
[  533.206662][T12207]  #5: ffff888142b44ee8 (&q->q_usage_counter(io)#22){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  533.218392][T12207]  #6: ffff888142b44f20 (&q->q_usage_counter(queue)#25){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  533.230396][T12207] 
[  533.230396][T12207] stack backtrace:
[  533.236312][T12207] CPU: 0 UID: 0 PID: 12207 Comm: syz.3.1493 Tainted: G     U              6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  533.236359][T12207] Tainted: [U]=USER
[  533.236369][T12207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  533.236386][T12207] Call Trace:
[  533.236395][T12207]  <TASK>
[  533.236405][T12207]  dump_stack_lvl+0x116/0x1f0
[  533.236460][T12207]  print_circular_bug+0x275/0x350
[  533.236507][T12207]  check_noncircular+0x14c/0x170
[  533.236555][T12207]  __lock_acquire+0x126f/0x1c90
[  533.236587][T12207]  lock_acquire+0x179/0x350
[  533.236612][T12207]  ? elevator_change+0x103/0x400
[  533.236644][T12207]  ? __pfx___might_resched+0x10/0x10
[  533.236686][T12207]  __mutex_lock+0x199/0xb90
[  533.236718][T12207]  ? elevator_change+0x103/0x400
[  533.236749][T12207]  ? elevator_change+0x103/0x400
[  533.236779][T12207]  ? __pfx___mutex_lock+0x10/0x10
[  533.236815][T12207]  ? blk_mq_cancel_work_sync+0xd8/0x110
[  533.236854][T12207]  ? __pfx_blk_mq_cancel_work_sync+0x10/0x10
[  533.236897][T12207]  ? elevator_change+0x103/0x400
[  533.236925][T12207]  elevator_change+0x103/0x400
[  533.236957][T12207]  elv_iosched_store+0x2eb/0x3a0
[  533.236989][T12207]  ? __pfx_elv_iosched_store+0x10/0x10
[  533.237026][T12207]  ? __mutex_trylock_common+0xe9/0x250
[  533.237054][T12207]  ? __pfx_elv_iosched_store+0x10/0x10
[  533.237087][T12207]  queue_attr_store+0x279/0x320
[  533.237128][T12207]  ? __pfx_queue_attr_store+0x10/0x10
[  533.237168][T12207]  ? __lock_acquire+0x622/0x1c90
[  533.237200][T12207]  ? find_held_lock+0x2b/0x80
[  533.237235][T12207]  ? sysfs_file_kobj+0xe4/0x290
[  533.237279][T12207]  ? __pfx_queue_attr_store+0x10/0x10
[  533.237320][T12207]  sysfs_kf_write+0xef/0x150
[  533.237363][T12207]  kernfs_fop_write_iter+0x354/0x510
[  533.237401][T12207]  ? __pfx_sysfs_kf_write+0x10/0x10
[  533.237451][T12207]  vfs_write+0x6c7/0x1150
[  533.237479][T12207]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  533.237520][T12207]  ? __pfx___mutex_lock+0x10/0x10
[  533.237551][T12207]  ? __pfx_vfs_write+0x10/0x10
[  533.237588][T12207]  ksys_write+0x12a/0x250
[  533.237615][T12207]  ? __pfx_ksys_write+0x10/0x10
[  533.237647][T12207]  do_syscall_64+0xcd/0x490
[  533.237681][T12207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  533.237708][T12207] RIP: 0033:0x7f355f18e969
[  533.237730][T12207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  533.237759][T12207] RSP: 002b:00007f35600bd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  533.237784][T12207] RAX: ffffffffffffffda RBX: 00007f355f3b5fa0 RCX: 00007f355f18e969
[  533.237803][T12207] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000003
[  533.237819][T12207] RBP: 00007f355f210ab1 R08: 0000000000000000 R09: 0000000000000000
[  533.237836][T12207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  533.237852][T12207] R13: 0000000000000000 R14: 00007f355f3b5fa0 R15: 00007fff18bcb518
[  533.237877][T12207]  </TASK>
[  533.237942][    C0] vkms_vblank_simulate: vblank timer overrun
[  533.533245][    C0] vkms_vblank_simulate: vblank timer overrun
[  534.039340][T12217] FAULT_INJECTION: forcing a failure.
[  534.039340][T12217] name failslab, interval 1, probability 0, space 0, times 0
[  534.102966][T12217] CPU: 0 UID: 0 PID: 12217 Comm: syz.1.1495 Tainted: G     U              6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  534.103017][T12217] Tainted: [U]=USER
[  534.103030][T12217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  534.103045][T12217] Call Trace:
[  534.103052][T12217]  <TASK>
[  534.103060][T12217]  dump_stack_lvl+0x16c/0x1f0
[  534.103089][T12217]  should_fail_ex+0x512/0x640
[  534.103124][T12217]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  534.103155][T12217]  should_failslab+0xc2/0x120
[  534.103185][T12217]  __kmalloc_noprof+0xd2/0x510
[  534.103214][T12217]  tomoyo_realpath_from_path+0xc2/0x6e0
[  534.103246][T12217]  ? tomoyo_profile+0x47/0x60
[  534.103280][T12217]  tomoyo_path_number_perm+0x245/0x580
[  534.103305][T12217]  ? tomoyo_path_number_perm+0x237/0x580
[  534.103331][T12217]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  534.103368][T12217]  ? preempt_count_add+0x76/0x150
[  534.103402][T12217]  ? rcu_is_watching+0x12/0xc0
[  534.103434][T12217]  ? __fget_files+0x204/0x3c0
[  534.103455][T12217]  ? hook_file_ioctl_common+0x145/0x410
[  534.103478][T12217]  ? lock_release+0x201/0x2f0
[  534.103501][T12217]  ? __fget_files+0x20e/0x3c0
[  534.103524][T12217]  security_file_ioctl+0x9b/0x240
[  534.103552][T12217]  __x64_sys_ioctl+0xb7/0x210
[  534.103587][T12217]  do_syscall_64+0xcd/0x490
[  534.103617][T12217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.103641][T12217] RIP: 0033:0x7f7e3cb8e969
[  534.103658][T12217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.103680][T12217] RSP: 002b:00007f7e3dabc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  534.103702][T12217] RAX: ffffffffffffffda RBX: 00007f7e3cdb5fa0 RCX: 00007f7e3cb8e969
[  534.103718][T12217] RDX: 0000000000000000 RSI: 000000000000560e RDI: 0000000000000004
[  534.103732][T12217] RBP: 00007f7e3dabc090 R08: 0000000000000000 R09: 0000000000000000
[  534.103746][T12217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  534.103760][T12217] R13: 0000000000000000 R14: 00007f7e3cdb5fa0 R15: 00007ffccd2124a8
[  534.103781][T12217]  </TASK>
[  534.316116][    C0] vkms_vblank_simulate: vblank timer overrun
[  534.425041][T12217] ERROR: Out of memory at tomoyo_realpath_from_path.
[  534.512173][T12218] FAULT_INJECTION: forcing a failure.
[  534.512173][T12218] name failslab, interval 1, probability 0, space 0, times 0
[  534.542112][T12218] CPU: 1 UID: 0 PID: 12218 Comm: syz.2.1494 Tainted: G     U              6.15.0-syzkaller-10402-g4cb6c8af8591 #0 PREEMPT(full) 
[  534.542171][T12218] Tainted: [U]=USER
[  534.542183][T12218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  534.542204][T12218] Call Trace:
[  534.542214][T12218]  <TASK>
[  534.542225][T12218]  dump_stack_lvl+0x16c/0x1f0
[  534.542268][T12218]  should_fail_ex+0x512/0x640
[  534.542332][T12218]  should_failslab+0xc2/0x120
[  534.542376][T12218]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  534.542416][T12218]  ? __kernfs_new_node+0xd2/0x8e0
[  534.542454][T12218]  __kernfs_new_node+0xd2/0x8e0
[  534.542489][T12218]  ? rcu_is_watching+0x12/0xc0
[  534.542535][T12218]  ? __pfx___kernfs_new_node+0x10/0x10
[  534.542569][T12218]  ? __pfx___might_resched+0x10/0x10
[  534.542620][T12218]  ? rcu_is_watching+0x12/0xc0
[  534.542666][T12218]  ? kernfs_root+0xee/0x2a0
[  534.542698][T12218]  ? rcu_is_watching+0x12/0xc0
[  534.542743][T12218]  ? lock_release+0x201/0x2f0
[  534.542778][T12218]  kernfs_new_node+0x13c/0x1e0
[  534.542823][T12218]  __kernfs_create_file+0x53/0x350
[  534.542875][T12218]  sysfs_add_file_mode_ns+0x207/0x3c0
[  534.542912][T12218]  sysfs_merge_group+0x1aa/0x340
[  534.542950][T12218]  ? __pfx_sysfs_merge_group+0x10/0x10
[  534.542990][T12218]  ? __pfx_dev_add_physical_location+0x10/0x10
[  534.543044][T12218]  ? bus_to_subsys+0x131/0x160
[  534.543083][T12218]  dpm_sysfs_add+0x237/0x280
[  534.543120][T12218]  device_add+0x9a6/0x1a70
[  534.543153][T12218]  ? __pfx_device_add+0x10/0x10
[  534.543184][T12218]  ? lockdep_init_map_type+0x5c/0x280
[  534.543219][T12218]  ? __init_waitqueue_head+0xca/0x150
[  534.543265][T12218]  netdev_register_kobject+0x182/0x3a0
[  534.543316][T12218]  register_netdevice+0x13dc/0x2270
[  534.543372][T12218]  ? idr_alloc+0xdd/0x130
[  534.543405][T12218]  ? __pfx_register_netdevice+0x10/0x10
[  534.543456][T12218]  ppp_dev_configure+0x99b/0xc80
[  534.543495][T12218]  ppp_ioctl+0x17e0/0x2660
[  534.543533][T12218]  ? __pfx_ppp_ioctl+0x10/0x10
[  534.543571][T12218]  ? __x64_sys_openat+0x174/0x210
[  534.543625][T12218]  ? __pfx_ppp_ioctl+0x10/0x10
[  534.543661][T12218]  __x64_sys_ioctl+0x18e/0x210
[  534.543711][T12218]  do_syscall_64+0xcd/0x490
[  534.543753][T12218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.543787][T12218] RIP: 0033:0x7f5f00b8e969
[  534.543812][T12218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.543846][T12218] RSP: 002b:00007f5f01920038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  534.543881][T12218] RAX: ffffffffffffffda RBX: 00007f5f00db5fa0 RCX: 00007f5f00b8e969
[  534.543903][T12218] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000002
[  534.543924][T12218] RBP: 00007f5f00c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  534.543945][T12218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  534.543965][T12218] R13: 0000000000000000 R14: 00007f5f00db5fa0 R15: 00007ffddb584028
[  534.543996][T12218]  </TASK>
[  534.888770][T12218] netlink: 146 bytes leftover after parsing attributes in process `syz.2.1494'.