last executing test programs:

13m30.172366344s ago: executing program 1 (id=355):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0xfffffffffffffffd, 0x83e0, 0xdb, 0x16, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0)
r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$auto(0x3, 0xae41, r2)
ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f00000000c0)={0xfffffffe, 0x0, [{0x400000ff, 0x8, 0xb789}]})
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
setgroups$auto(0xe32, 0x0)
madvise$auto(0x0, 0x200007, 0x19)
mmap$auto(0x8, 0x400008, 0xdf, 0x111, 0x2, 0x8004)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x84102, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ram4\x00', 0x0, 0x0)
mmap$auto(0x0, 0x7ff, 0x7fffffff, 0x44eb1, 0x3, 0x300000000000)
ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x4c04, 0x0)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x406, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r2, 0x8000)
mremap$auto(0x0, 0x7, 0x3ed9, 0x3, 0x1ffffffe)
prctl$auto(0x1000000003b, 0x6, 0x0, 0x5, 0x200000000007)
socket(0x10, 0x3, 0x3)
select$auto(0x3, 0x0, 0x0, 0x0, 0x0)
shutdown$auto(0x200000003, 0x2)
getpid()
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r0)
read$auto_percpu_stats_fops_(r0, &(0x7f0000000100)=""/172, 0xac)

13m26.321086675s ago: executing program 1 (id=360):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
open(&(0x7f0000000140)='./file0\x00', 0xc162, 0x0)
socket(0x10, 0x2, 0xf)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000001640), 0x2f43, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/net\x00')
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/sctp/eps\x00', 0x280, 0x0)
openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x280, 0x0)
socket(0x10, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/user\x00')
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$auto(0xc6, 0x3, 0x80000002, &(0x7f0000000000)=0x1)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket(0x11, 0x3, 0x9)
close_range$auto(0x2, r0, 0x0)
r1 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r1, 0x107, 0x14, 0x0, 0x4)
sendmmsg$auto(r0, &(0x7f0000000400)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1000}, 0x5}, 0x2, 0x100)

13m25.700928976s ago: executing program 1 (id=362):
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x28641, 0x0)
syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, 0x0, 0x0)
openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x28082, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
lsm_list_modules$auto(0x0, 0x0, 0x0)
dup2$auto(0x5, 0x4)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='\\\x00\x00', @ANYRES16=0x0, @ANYBLOB="100026bd7000fe1d9b10d5000000080004000800000006000700008011000a0001021b1d050c00c5"], 0x5c}, 0x1, 0x0, 0x0, 0x40080}, 0x40091)
r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb5, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", <r3=>0x0, r0, 0x5, 0x7, 0xe5, 0x3}, 0x10)
bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r3, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000080), r4)
gettid()

13m24.456813214s ago: executing program 1 (id=365):
unshare$auto(0x40000080)
openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0)
socket(0x1e, 0x1, 0x0)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
socket(0x11, 0x3, 0x9)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0)
r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x502, 0x0)
pread64$auto(r1, &(0x7f0000000340)='/proc/Nes\x00'/22, 0x100000001, 0x100)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0)
write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r3=>0x0})
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRESHEX=0x0, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r3, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
pread64$auto(0xffffffffffffffff, 0x0, 0x1ff, 0x8800000000)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x7, 0x1ff, 0x7, 0x5, 0x7181, 0x8002, 0x7, 0x3, 0x9, 0x5, 0x80003, 0x4, 0x200000000000, 0xb4, 0x9, 0x8, 0x10006, 0x4000080, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0xd363}, 0x1fe, 0xd)
shmget$auto(0xffffffffffffffff, 0xb0d, 0xa7db6ba)
unshare$auto(0x8000400)
r4 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
ioctl$auto__ctl_fops_dm_ioctl(r4, 0xfffffffffffffd09, &(0x7f00000001c0))

13m23.105524807s ago: executing program 1 (id=369):
ioperm$auto(0x3, 0x1, 0x8)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x2841, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$auto(0x10, r0, 0x4, 0x7ff)
syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff)
socket(0xa, 0x2, 0x73)
ioctl$auto_USBDEVFS_RELEASEINTERFACE(0xffffffffffffffff, 0x80045510, &(0x7f0000000000)=0x9)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
exit$auto(0x7)
r1 = memfd_create$auto(0x0, 0xe)
fallocate$auto(r1, 0x1, 0x2, 0x4)
setsockopt$auto(0x4, 0x29, 0x1, 0x0, 0x8)

13m22.125704613s ago: executing program 1 (id=372):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0xfffffffe, 0x2, 0xfffffffe, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x6a)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
shutdown$auto(0x200000003, 0x2)
unshare$auto(0x40000080)
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)
r0 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4, @multicast2}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
io_uring_setup$auto(0x9e6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/nd/drivers/nd_pmem/bind\x00', 0xc0100, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_ADD_UEID(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="036e72ecbbb58222001a9f9be1117568016bb8fe41f28658aee76a9a23f27227ba99df99b99db13ebb5732064ee25a2114ecb86265f8bce8330143f9852118e9ac90bc7af5e042e9157e79b8c4185eb1710131f71733c4d64dddee4654c2172f4de54b34eccc123d2870ed9dd909ee06cc5367e21941bae56fa12b4677238de740aff3be4d3cb69673f1b841ebd42d4054e0999632ccd7c48ff9b90c1fc14120864700"/177, @ANYRES16=r3, @ANYBLOB="01002bbd7000fbdbdf250a000000050001005b000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4880}, 0x8092)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x88\v\xae\xa9i8W\xe5\x00W\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xe80, 0x3)
pwritev$auto(r1, 0x0, 0xffffffffffffffae, 0x90, 0xfffffffffffffb84)
mq_timedsend$auto(r0, &(0x7f00000001c0)=':#', 0x2, 0x9, &(0x7f0000000200)={0x2, 0xad})

13m6.768192084s ago: executing program 32 (id=372):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
socketpair$auto(0xfffffffe, 0x2, 0xfffffffe, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x163340, 0x6a)
ioperm$auto(0x3, 0xe, 0x2000000000000149)
mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
shutdown$auto(0x200000003, 0x2)
unshare$auto(0x40000080)
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)
r0 = socket(0x2, 0x80802, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4, @multicast2}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe)
io_uring_setup$auto(0x9e6, 0x0)
setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9)
mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/nd/drivers/nd_pmem/bind\x00', 0xc0100, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$auto_SMC_NETLINK_ADD_UEID(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB="036e72ecbbb58222001a9f9be1117568016bb8fe41f28658aee76a9a23f27227ba99df99b99db13ebb5732064ee25a2114ecb86265f8bce8330143f9852118e9ac90bc7af5e042e9157e79b8c4185eb1710131f71733c4d64dddee4654c2172f4de54b34eccc123d2870ed9dd909ee06cc5367e21941bae56fa12b4677238de740aff3be4d3cb69673f1b841ebd42d4054e0999632ccd7c48ff9b90c1fc14120864700"/177, @ANYRES16=r3, @ANYBLOB="01002bbd7000fbdbdf250a000000050001005b000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4880}, 0x8092)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x88\v\xae\xa9i8W\xe5\x00W\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xe80, 0x3)
pwritev$auto(r1, 0x0, 0xffffffffffffffae, 0x90, 0xfffffffffffffb84)
mq_timedsend$auto(r0, &(0x7f00000001c0)=':#', 0x2, 0x9, &(0x7f0000000200)={0x2, 0xad})

2m54.616480951s ago: executing program 0 (id=4387):
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x5, 0xd, 0x2, 0x7, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0xfffffffe, 0x100, 0x0, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x691, 0x1, 0x40, 0x40, 0x8, 0x100000000}})
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x10, 0x0, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
sysfs$auto(0x4, 0x0, 0x6)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/sys/kernel/usermodehelper/bset\x00', 0x8a802, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x15b883, 0x0)
socket(0x1d, 0x3, 0x1)
getpeername$auto(0x3, 0x0, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
prctl$auto(0x441, 0x3, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket(0x28, 0x801, 0x0)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
socket(0x2, 0x1, 0x0)
socket(0x1e, 0x1, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x9)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x4, 0x5]}, 0x0)

2m53.637856986s ago: executing program 0 (id=4392):
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x1a6b75d63882a712, 0x0)
r0 = socket(0x2, 0x5, 0x0)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0xe6, 0x0, 0x2, 0xb}, 0xfff}, 0x6, 0x311)
openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x84000, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
r1 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154)
close_range$auto(0x2, 0x8, 0x0)
io_uring_setup$auto(0x20, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0)
ioctl$auto(0x3, 0x5402, r1)

2m53.370394725s ago: executing program 0 (id=4395):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
socket$nl_generic(0x10, 0x3, 0x10)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvmet_rdma/parameters/srq_size\x00', 0x183841, 0x0)
read$auto(0x3, 0x0, 0x80)
write$auto(0x3, 0x0, 0xfffffdef)

2m52.93941769s ago: executing program 0 (id=4397):
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket(0xa, 0x801, 0x84)
socket(0x23, 0x5, 0x2)
setsockopt$auto(0x1, 0x1, 0xa, &(0x7f0000000000)='\xe1', 0xbb)
ioctl$auto(0x1, 0x541b, 0x8) (fail_nth: 1)
set_mempolicy$auto(0x1, &(0x7f0000000180)=0x2, 0x6)
unshare$auto(0x40000080)

2m50.435411051s ago: executing program 0 (id=4401):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = semctl$auto(0x7ff, 0x2, 0x13, 0x3)
mbind$auto(0x1000, 0x7d, 0x4, 0x0, 0x80000003, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0x8, 0x3)
mmap$auto(0xf, 0x20009, 0x8000000400000003, 0xeb1, 0x401, 0x8001)
r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0)
mmap$auto(0x9, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
r2 = epoll_create$auto(0x7)
r3 = socketpair$auto(0x2001e, 0x14, 0x8000000000000000, 0x0)
ioctl$auto_UI_DEV_SETUP(r1, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/ppp/ppp/power/runtime_status\x00', 0x20040, 0x0)
r4 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000080), r2)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0)
write$auto(r5, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81)
write$auto(r5, 0x0, 0x98c7)
socket(0x18, 0x2, 0x0)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/memfd_noexec\x00', 0x2, 0x0)
sendmsg$auto_NL80211_CMD_NOTIFY_RADAR(r3, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYRES32=r4, @ANYRES16=0x0, @ANYRES16=r0], 0xc8}, 0x1, 0x0, 0x0, 0x808}, 0x20040940)
r6 = geteuid()
fstat$auto(r1, &(0x7f0000000040)={0x6, 0xc, 0x200, 0x3, 0xee01, <r7=>0x0, 0x0, 0x8000, 0x8, 0xfffffefffffffff6, 0x5, 0xb, 0xfffffffffffffffc, 0x40000080000001, 0x9, 0x8, 0xfffffffffffffffe})
keyctl$auto_KEY_REQKEY_DEFL_PROCESS_KEYRING(0xa, 0x2, r6, r7, 0x42)
msgctl$auto_IPC_RMID(0xffffff4b, 0x0, &(0x7f00000001c0)={{0x7f28, 0xee01, 0x0, 0xb024, 0x9, 0x6, 0x16d}, &(0x7f0000000440)=0x5f, &(0x7f0000000180)=0x80, 0xbffffffffffffffb, 0x30ba, 0x2, 0x4, 0x4, 0xc, 0x2, 0x6, @raw=0x4, @inferred=0xffffffffffffffff})
ioctl$auto_UI_DEV_CREATE(r1, 0x5501, 0x0)
set_mempolicy$auto(0x8003, 0x0, 0x4)
write$auto(0x3, 0x0, 0x7fffffff)
r8 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r8, 0xae01, 0x0)
mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000)

2m49.60529721s ago: executing program 0 (id=4405):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
io_uring_setup$auto(0x6, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0xf, 0x3, 0x2)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}]}, 0x1c}}, 0x4000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x18b042, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/dummy0/mtu\x00', 0xe3102, 0x0)
sendfile$auto(r1, r5, 0x0, 0x5)
setsockopt$auto_SO_TIMESTAMP_NEW(r4, 0x2, 0x3f, &(0x7f0000000080)='/sys/devices/virtual/net/dummy0/mtu\x00', 0x0)

2m41.940485262s ago: executing program 3 (id=4428):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000)
socket(0x11, 0x80003, 0x300)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff)
epoll_create$auto(0x4)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, <r0=>0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3)
openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0)
mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000)
setsockopt$auto_SO_OOBINLINE(r0, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2)
mmap$auto(0x3, 0x202000b, 0x7, 0xfffffffffffffffe, 0xffffffffffffffff, 0x708)
close_range$auto(0x2, 0xa, 0x0)
socket(0x18, 0xa, 0x1)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0)
r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x80, 0x0)
mmap$auto(0x804000, 0x15, 0x5c98, 0x80000011, r1, 0x81000000)

2m39.888209794s ago: executing program 3 (id=4430):
sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8080}, 0x24004805)
socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
socketpair$auto(0x1f, 0x5, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x2, 0x800, 0x0)
r0 = socket(0x2, 0x1, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x400, 0x0)
pread64$auto(r1, 0x0, 0x3, 0x5ef6)
open(0x0, 0x22240, 0x155)
socket(0x2b, 0x1, 0x1)
rt_sigqueueinfo$auto_SIGCONT(0x0, 0x12, &(0x7f00000002c0)={@siginfo_0_0={0x7, 0x300000, 0xa, @_sigsys={&(0x7f00000003c0)="7dadb154432bb47c36aff43dcae4d87ae410cb860ac4d105adae7129a617bb7bc70d6923a24fc975567448eb1f3235394f75128a611641918b6902583675795505476222b0e91867f116145a59dad3857f2c82c9f3b0f54020ccb399bf5ce7f960e5e1b56fe6a1fff665045e7198d3d69b55cdffe9", 0x9, 0x2}}})
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @dev={0xac, 0x14, 0x14, 0xa}}, 0x6a)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0xa, 0x2, 0x0)
connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@llc={0x1a, 0x100, 0x68, 0xb, 0x1, 0x7, @random="77e220ead3dc"}, 0x55)
getpeername$auto(r2, &(0x7f0000000180)=@phonet={0x23, 0x5, 0x10, 0x7}, &(0x7f00000001c0)=0x1000004)
bpf$auto(0x6, &(0x7f0000000200)=@bpf_attr_11={0x80000000000021, 0x200000003, 0x5, 0x7, 0x1, 0x6f, 0x9dd8, 0xe98e}, 0x7)
r3 = socket(0x28, 0x1, 0xa6)
listen$auto(0xffffffffffffffff, 0x0)
socketpair$auto(0x4000000, 0x2, 0x6, &(0x7f0000000080)=0xe91)
setsockopt$auto_SO_MAX_PACING_RATE(r3, 0x7f, 0x2f, &(0x7f0000000000)='/dev/ttyS0\x00', 0xdee)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
connect$auto(0x4, 0x0, 0x10)
close_range$auto(0x2, 0x8, 0x0)

2m39.170967782s ago: executing program 3 (id=4432):
writev$auto(0xffffffffffffffff, 0x0, 0x3)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff)
sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010023bd7000fadbdf2501000000040007800c0002000500"], 0x2c}, 0x1, 0x3f000000, 0x0, 0x4}, 0x8880)

2m38.951791371s ago: executing program 3 (id=4434):
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027619b4e0635ec3417757c36720add70ab0343"], 0x1ac}, 0x1, 0x0, 0x0, 0x40080}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x7000000, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

2m38.861067374s ago: executing program 3 (id=4435):
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0xc0502, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
ioctl$auto_USB_RAW_IOCTL_EP_DISABLE(r0, 0x40045506, &(0x7f00000000c0)=0x58)
r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0)
readv$auto(r1, &(0x7f0000000100)={0x0, 0x5}, 0x6)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[], 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x80)
r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r4, 0x0, 0x20)
writev$auto(r3, &(0x7f0000000200)={0x0, 0x10}, 0x3)
close_range$auto(0x2, 0x8, 0x0)

2m38.372217494s ago: executing program 3 (id=4438):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r0 = io_uring_setup$auto(0x6, 0x0)
write$auto(r0, &(0x7f0000000300)='nfsd\x00', 0xf)
r1 = socket(0x2, 0x5, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x80002, 0x73) (async)
socket(0xa, 0x801, 0x84) (async)
mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0)
ioctl$auto(0x3, 0x890b, 0x38) (async)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x6a) (async)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x1000, 0xb}, 0xfff}, 0x5, 0xde) (async)
futex$auto(&(0x7f0000000040)=0x9, 0x5, 0xf4, 0x0, &(0x7f00000002c0)=0x7, 0xc0040000) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_SET_SHORT_ADDR(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x60, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x4}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0x504}, @NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0x1}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x6}, @NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x7ffffffc}, @NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x8}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xffffffff}]}, 0x60}, 0x1, 0x0, 0x0, 0x400c800}, 0x4005001) (async)
sendmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x1c03, &(0x7f0000000180)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x7}, 0x1}, 0x2, 0x0) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xa}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000) (async)
socketpair$auto(0xfffffffd, 0x5, 0x9, 0x0) (async)
unshare$auto(0x40000080) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/wakeup/wakeup7/wakeup_count\x00', 0x0, 0x0)
read$auto(r6, 0x0, 0x20) (async)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
close_range$auto(0x0, 0x5, 0x0)
mmap$auto(0x5, 0x3, 0x5, 0x18, r2, 0x4)

2m33.951694327s ago: executing program 33 (id=4405):
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000)
r0 = getpid()
process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0)
ioctl$auto(0x3, 0x400454ca, 0x38)
io_uring_setup$auto(0x6, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
socket(0xf, 0x3, 0x2)
openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x1c, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}]}, 0x1c}}, 0x4000)
r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x18b042, 0x0)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/dummy0/mtu\x00', 0xe3102, 0x0)
sendfile$auto(r1, r5, 0x0, 0x5)
setsockopt$auto_SO_TIMESTAMP_NEW(r4, 0x2, 0x3f, &(0x7f0000000080)='/sys/devices/virtual/net/dummy0/mtu\x00', 0x0)

2m23.177674369s ago: executing program 34 (id=4438):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
r0 = io_uring_setup$auto(0x6, 0x0)
write$auto(r0, &(0x7f0000000300)='nfsd\x00', 0xf)
r1 = socket(0x2, 0x5, 0x0) (async)
close_range$auto(0x2, 0x8, 0x0) (async)
socket(0x2, 0x80002, 0x73) (async)
socket(0xa, 0x801, 0x84) (async)
mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000)
r2 = prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0)
ioctl$auto(0x3, 0x890b, 0x38) (async)
socket(0x2, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x6a) (async)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x1000, 0xb}, 0xfff}, 0x5, 0xde) (async)
futex$auto(&(0x7f0000000040)=0x9, 0x5, 0xf4, 0x0, &(0x7f00000002c0)=0x7, 0xc0040000) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL802154_CMD_SET_SHORT_ADDR(r3, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000080)={&(0x7f00000001c0)={0x60, 0x0, 0x4, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x4}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}, @NL802154_ATTR_SEC_FRAME_COUNTER={0x8, 0x2c, 0x504}, @NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0x1}, @NL802154_ATTR_TX_POWER={0x8, 0xb, 0x6}, @NL802154_ATTR_SUPPORTED_CHANNEL={0x8, 0x16, 0x7ffffffc}, @NL802154_ATTR_SCAN_DONE_REASON={0x5, 0x25, 0x1}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x8}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0xffffffff}]}, 0x60}, 0x1, 0x0, 0x0, 0x400c800}, 0x4005001) (async)
sendmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x1c03, &(0x7f0000000180)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x7}, 0x1}, 0x2, 0x0) (async)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)={0x24, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0xa}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x4004891}, 0x4000) (async)
socketpair$auto(0xfffffffd, 0x5, 0x9, 0x0) (async)
unshare$auto(0x40000080) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/wakeup/wakeup7/wakeup_count\x00', 0x0, 0x0)
read$auto(r6, 0x0, 0x20) (async)
setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd)
close_range$auto(0x0, 0x5, 0x0)
mmap$auto(0x5, 0x3, 0x5, 0x18, r2, 0x4)

1m41.052367458s ago: executing program 6 (id=4606):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
io_uring_setup$auto(0x877, 0x0)
r0 = epoll_create$auto(0x8)
epoll_ctl$auto(r0, 0x1, 0x8000000000000000, 0x0)
r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0)
read$auto(r2, 0x0, 0x5)
write$auto(r1, 0x0, 0x2)

1m40.788743034s ago: executing program 6 (id=4607):
r0 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x107040, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0x12, r0, 0x8000)
r1 = getpgid$auto(0x0)
getpriority$auto_PRIO_PGRP(0x1, r1)
r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/binderfs/binder1\x00', 0x2000, 0x0)
mmap$auto(0x0, 0x84dd, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
r3 = socket(0x15, 0x5, 0x0)
getsockname$auto(r3, 0x0, 0x0)
ioctl$auto_BINDER_SET_MAX_THREADS(r2, 0x40046205, &(0x7f0000000100)="ef9478fdecd2246503060aad4291753a6e158429eb03a098f0a0a181da35877403e0b7a8f859")
r4 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x400101, 0x0)
bind$auto(r4, &(0x7f0000000040)=@hci={0x1f, 0xffffffffffffffff, 0x1}, 0xfffff38c)
poll$auto(&(0x7f0000000240)={r4, 0x20, 0x2}, 0x5, 0x104)
write$auto(0x3, 0x0, 0xfffffdef)

1m39.945465511s ago: executing program 6 (id=4610):
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x5, 0xd, 0x2, 0x7, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0xfffffffe, 0x100, 0x0, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x691, 0x1, 0x40, 0x40, 0x8, 0x100000000}})
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x10, 0x0, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
sysfs$auto(0x4, 0x0, 0x6)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/sys/kernel/usermodehelper/bset\x00', 0x8a802, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x15b883, 0x0)
socket(0x1d, 0x3, 0x1)
getpeername$auto(0x3, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
prctl$auto(0x441, 0x3, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
socket(0x2, 0x1, 0x0)
socket(0x1e, 0x1, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x9)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x4, 0x5]}, 0x0)

1m38.852522616s ago: executing program 6 (id=4613):
mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
setsockopt$auto(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x8004)
mmap$auto(0x0, 0x2, 0xe2, 0xeb1, 0xffffffffffffffff, 0x8000)
r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0)
sendmsg$auto_BATADV_CMD_SET_MESH(0xffffffffffffffff, 0x0, 0x20000081)
ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0)
fcntl$auto_F_DUPFD_CLOEXEC(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x40242, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0)
read$auto(r2, 0x0, 0x20)
writev$auto(r1, &(0x7f0000000200)={0x0, 0x10}, 0x3)
r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC0\x00', 0x80, 0x0)
ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000700)={{@raw=0xb, 0x7f, 0x2, 0x406, "26cb83211ffd7f6567850e138dd717bfeb7ab5c55e35d9811b26db6e6f8c5d7d57cdda7ca056a2a31e5dfe27"}, 0x0, @integer64=@value=[0x0, 0x1, 0x2, 0x8000, 0x5, 0x4, 0x2, 0xffff, 0x7, 0xffffffff, 0x5, 0xff, 0xe94, 0xb, 0x8, 0xfff, 0x2, 0x7, 0x2, 0x3be, 0x4, 0xd8a, 0x1, 0xa3, 0x6af, 0xb, 0x7ffffffc, 0x7fffffffffffffff, 0x6, 0x6, 0x9, 0x8, 0x4, 0x9, 0xcf, 0x40000000403, 0x6, 0x1, 0x3, 0x1, 0x6, 0x0, 0x5, 0x3, 0xffff, 0x548, 0xc, 0xe4, 0x7, 0x4, 0x1, 0x951, 0xe0000000000000, 0x6, 0x9, 0x0, 0x6, 0x4000000000000003, 0xb, 0x82c1, 0x4436, 0x0, 0xc1, 0x5], "1cd4f43065c34bdcb5fa6160f24c5f3eb5328361438ff4cd82ad2e9771421debdad4d39a52fc70b9012aff448a8b4a75e7c5126dc116dd8f5751e93614151d5a4f55a63e9ba1ad1e6542796d2a1cd644b0d756001b66abab0c0fd3b4287befd247e5410bef4c186120b5bed4ab64ffeb4b7c5a69166021a8814332515a657e93"})
getsockopt$auto_SO_TXREHASH(r3, 0x1, 0x4a, &(0x7f0000000000)='/dev/snd/controlC0\x00', &(0x7f0000000040)=0x6)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
bpf$auto(0x5, &(0x7f0000000100)=@bpf_attr_3={0x6, 0x5, 0xffffffffffff8001, 0x9, 0x8, 0x7ff, 0x2, 0x9, 0x6, "4e963b0004000000000800", 0x0, 0x401, 0xffffffffffffffff, 0x4, 0x4, 0x1, 0x5, 0x865, 0x6, 0x19, @attach_prog_fd, 0x9, 0x7fffffffffffffff, 0x4, 0x2, 0x6}, 0x201)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x0, 0xffffffffffffffff, 0x801, 0x10008, 0x400, 0x1000049, 0xffffffffffffffff, 0x20000000000804, 0x3}, 0x6f3)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x3}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x125100, 0x0)
acct$auto(&(0x7f0000000000)='/dev/dri/card1\x00')
ioctl$auto(r4, 0x921064a1, 0x9)
r5 = fsopen$auto(0x0, 0x1)
fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0)

1m37.590528258s ago: executing program 6 (id=4617):
mmap$auto(0xffffffffffffffff, 0x200000020007, 0xe6, 0x95, 0x405, 0x7fff)
mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid})
sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000280)="27a0e3de7e77b56a49790ce6c404db5a0350c2a9405483fcca715d16fea909b29269044479920ddc5b269b26fc62b47596cb5c9f68c81c57e2f4dc5dfc133fadb19ad5bb3e8a6d547538bedbdbabaf8c12dc145ebe93be4296f914f36927ee71157fe2df7eb5161b94d116c7da5ecbdcffa1866fcd4460f26debe9c164769c55e7218fae", 0x8001, 0x9}, 0x8}, 0x1, 0x9)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xfb, 0x0, 0x1, 0x3}, 0xed7138c}, 0x0, 0x0)
openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0)
capset$auto(0x0, &(0x7f0000000080)={0x5, 0xffff3155, 0x3})
r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x280303, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r1, 0x0, 0x8010)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
open(&(0x7f0000000800)='}[,&*}\x00', 0x101000, 0x154)
mount$auto(0x0, 0x0, 0x0, 0x339, 0x0)
socket(0x3, 0x1, 0x189a)
socket(0x2, 0x1, 0x106)
pipe$auto(&(0x7f0000000500))
flock$auto(0xffffffffffffffff, 0x9)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000180)=""/250, 0xfa)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/228, 0xe4)

1m36.365142747s ago: executing program 6 (id=4620):
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
io_uring_setup$auto(0xc, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vicodec.0/video4linux/video1/dev_debug\x00', 0x8081, 0x0)
io_uring_setup$auto(0x9, &(0x7f0000000080)={0x7, 0x0, 0x9, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x0, 0x0, 0x2], {0xffffffff, 0x4000002, 0x8c48, 0x29f, 0x102, 0x7f, 0x0, 0x6, 0x40000000000002}, {0xffffd8d2, 0x1, 0x5a, 0x5, 0x3, 0x800000, 0x76c5, 0xffffff80, 0x1}})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/xfs/stats/stats\x00', 0x0, 0x0)
r0 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_percent\x00', 0x80000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
readv$auto(r0, &(0x7f0000000040)={0x0, 0x2}, 0x5)

1m30.311599862s ago: executing program 4 (id=4643):
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x00', 0x2001, 0x0)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000d40)='/dev/sequencer2\x00', 0x800, 0x0)
socket(0x10, 0x2, 0x4)
openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x630c80, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0)
pread64$auto(r0, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400)
mmap$auto(0x0, 0x2020007, 0x4, 0xeb5, r0, 0x8000)
move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000)
r1 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0)
write$auto(r1, 0x0, 0x800)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55)
lgetxattr$auto(&(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=']\x00', &(0x7f0000000340)="41b9688e39d68d7d0723d0b9f5b4cdf25a33563fec199816786b280ec69d6ec05e0dc0e1a4c8b81bc49b43051e047414ba86812c2e72319e067e2b6b6e83f71b0db8ce18dcd28d839adccb84aa42b17b24318b6950d40a414897dae3622e02d3add3bed520b2d5e622438a04ca062c9c178b755ae57cc6596830949ea2f8ed7258f82b7b06d06ddba77f11d877cd2c571a1c41ada52b33d4d8b4aa0d24c79a8eddf173ceb8331e2a9a4cf580abc6be26665803b3", 0x2)
listen$auto(0x3, 0x81)
ioctl$auto(0x3, 0x5411, 0x38)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000)
clock_nanosleep$auto(0x2, 0x1000, 0x0, 0x0)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0)
ioctl$auto_BLKRRPART(r2, 0x125f, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf250300000000000300834a0000080003000e000000060006000e0000000a00050000000000000000000a00010000000000000000000a000500aaaaaaaaaa000000080003003b00000005000200", @ANYRES32=0x0, @ANYBLOB="bbc2e61803f45be53086b8b2e823af608f67e165654457983682d30716714c174c6bc930eafa61ee2b8121ef66ccf3e8264b7e65652563bc3bc7cb2b3823fee8b39d835818876f9172"], 0x68}, 0x1, 0x0, 0x0, 0x20040084}, 0x40011)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0xfd)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="72010000", @ANYBLOB="ff9ee932ec7e4b6429997f04162f6413f31a81000000007563b66db86d8e"], 0x1ac}}, 0x4004)

1m29.650291947s ago: executing program 4 (id=4644):
mmap$auto(0x0, 0x20009, 0x12, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$auto(r0, 0x4bfa, r0)
close_range$auto(0x2, 0x8, 0x0)
wait4$auto(0x0, &(0x7f00000004c0)=0x6, 0xe855, &(0x7f0000000500)={{0x2, 0x7}, {0x2, 0x1}, 0x6, 0x23f2d655, 0x0, 0x6, 0xfffffffffffffb4a, 0x17ed60f2, 0x8, 0x1, 0x80000000, 0x8, 0xd4c, 0xffffffffffffff34, 0x5, 0xd8})
timer_create$auto_CLOCK_BOOTTIME(0x7, &(0x7f00000001c0)={@sival_int, @raw=0x9}, &(0x7f0000000180)=0xd6)
socket(0x2, 0x1, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
setsockopt$auto(0x3, 0x0, 0x81, 0x0, 0x78)
bpf$auto(0x3, &(0x7f0000000000)=@bpf_attr_1={0xffffffffffffffff, 0x2, @value=0x5711, 0x2}, 0x9f)
r1 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/bluetooth/hci1/force_devcoredump\x00', 0x8000, 0x0)
sendmsg$auto(r1, &(0x7f0000000440)={&(0x7f0000000340)="3439afd95f8e03b663d3508bccf4b3fef61cb5cd70dbdd2a8413a75c391929431e357870229dc2fc6834f2ec8829d739ffb98b6b834898955fbdc1", 0x8, &(0x7f00000003c0)={&(0x7f0000000380)="b5a7460953cbde2d46e5aa3d176a5071611b686e435ae7e50130bff2bdfa82706d5d5a", 0x2}, 0x200, &(0x7f0000000400)="5a334f74efa3a5e69f410a6aa80dbfe777a0fa59b97c42aecb0c49ebc19025e4bf338ed8d669f8934d787675c10a5d24", 0x10800000000000, 0xa9ef}, 0x0)
r2 = socket(0x10, 0x2, 0x4)
sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400c7"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000)
io_uring_register$auto_IORING_REGISTER_CLONE_BUFFERS(r1, 0x1e, &(0x7f0000000480)="4de24528d4126db18fc9f40483edb1d8f2878081468614b39e281bd2a0a8c4872285db", 0x3)
write$auto(r2, &(0x7f0000000000)='-\x00', 0x2fb)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.3/usb15/15-0:1.0/usb15-port3/over_current_count\x00', 0x6b40, 0x0)
socket(0xa, 0x3, 0x100)
r3 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/environ\x00', 0x2000, 0x0)
read$auto_proc_environ_operations_base(r3, &(0x7f0000000240)=""/80, 0x50)
socket(0x2a, 0x2, 0x0)
ioctl$auto(0x3, 0x541b, 0x38)

1m29.458629922s ago: executing program 4 (id=4645):
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x40040, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x14, 0xfffffffffffffffa, 0x6)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000100), 0xa80, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd2/queue/io_timeout\x00', 0x129882, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(0x3, 0x40246f4c, 0x38)
unshare$auto(0x40000080)
ioctl$auto_RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f0000000000)={0x0, 0x83, {0x8007, 0x4, 0x2, 0xb, 0x2, 0x400, 0xfffffffd, 0x10003, 0x6}})
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0xfff, 0x4800c000, 0x800c000}, 0x4)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
prctl$auto(0xcb, 0x1, 0x4, 0x8, 0x7)
socket(0x10, 0x2, 0x0)

1m27.953536034s ago: executing program 4 (id=4651):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
unshare$auto(0x40000080)
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$auto(0x400000000000003, 0x29, 0x4, 0x0, 0x4)
adjtimex$auto(&(0x7f00000005c0)={0xf332b6e, 0x0, 0x0, 0x8, 0xd4, 0x7, 0x9, 0x0, 0x10001, 0x1, 0x2, {0x8, 0x10000}, 0x1, 0x6, 0xfffffffffffffffd, 0x1007ffe, 0x0, 0x80000004, 0x83, 0xffffffffffff628e, 0xa747, 0x1, 0x1800})
r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$auto(0xca, &(0x7f0000000140)='\x04>\x01\x01\b\x1a\x1e`<I}\xe8N\x94\xf2\xa2\x00\x00\f\x15\xd8a\xed\x84\xb7\f\x00\x00\x80\x00\x00\x00\x001.\xb0`W\xd3M\x00\xbf\xe9\x83\xea8\xd1\xda\xcf9\x02u@\xeb\xcd\xb2\tBAh\xf8', 0x8)
openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
ioctl$auto(0x3, 0x80000541b, 0xffffffffffffffff)
openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/config/target/dbroot\x00', 0x20d00, 0x0)
r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb1\x00', 0xa8200, 0x0)
mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r3=>0x0})
connect$auto(0x3, &(0x7f00000000c0)=@can={0x1d, <r4=>r3}, 0x18)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x4)
r5 = socket(0x0, 0x2, 0x7)
r6 = socket(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r7=>0x0})
bind$auto(r1, &(0x7f0000000380)=@can={0x1d, <r8=>r7}, 0x2)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'pim6reg1\x00', <r9=>0x0})
connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r9}, 0x18)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
statmount$auto(0x0, &(0x7f00000006c0)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x3, 0x8, 0x5, 0x2, 0x7, 0x1, 0x9, 0x0, 0x3, 0x5, 0x7, 0xfffffffc, 0x0, 0x0, 0x0, 0x3bc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe], "f64e08765df4b8ab701d0ea203358c1e80efc32ebd56614af8d2000000007bb1c39ee3c7e65b71539ea8b8c8b46f2a6d0a2ce6f75ec7596359c74abb035abd25e012d5e9e23a5fbcaa7c13587c225fda2d275643af68ecf3d8fc6bada053b8fe2afa4674cb572ee25de05c3aaa7e648cdbf12bc6044999f9567e04b07af6754df8444ae404524979fbaeb6d829e30f0b2f542bd4f306bfa763cbf0d169b162368dbabcb19ae6cd88c89a0102657524b100fb0c3b60b8fcad724994da9a44ed8aedf70241b8f2fee6f7134d195fe1096e710b32f3681dded2e480a196ce5ee1c2596d6f1de752c67e8528ddc6b141858adfdb82a214a05401cd195e175b00"}, 0x1fe, 0x5)
close_range$auto(0x2, 0x8, 0x0)
r10 = socket(0x2, 0x3, 0x100)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)=ANY=[@ANYRES32=r2, @ANYRESOCT, @ANYRES8=r0, @ANYRESHEX=r10, @ANYRES64=r4, @ANYRES64=r8, @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x4048891}, 0x44017)

1m27.488429063s ago: executing program 4 (id=4654):
openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x1a6b75d63882a712, 0x0)
openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0)
mmap$auto(0x0, 0x10000002020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
capset$auto(0x0, &(0x7f0000000080)={0x5, 0xffff3155, 0x3})
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x280303, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000)
sendmsg$auto_ETHTOOL_MSG_RSS_GET(r0, 0x0, 0x8010)
writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8)
shmctl$auto(0x1ff, 0x10f, &(0x7f0000000480)={{0x1, <r1=>0xffffffffffffffff, 0xee01, 0x9, 0x5, 0x8, 0x3}, 0x8, 0x400, 0x20000000, 0xfffffffffffffff7, @raw=0xfffffff7, @raw=0x7, 0x8, 0x0, &(0x7f00000002c0)="3530da29", &(0x7f0000000300)="480130e62e2586e7a52ff3e73f32beaaadcd874b74a2a198e9ae42b15500d5c8334971b00c8bb6c5ce589c0aa3765adb9b7b92b23b2d9cb2f1a89fd441c66f1d8f3501de4001884befeb4d2f6cac65c07c984977d17203a3ecacc5f3659cb29350d0b5e2f3438cee7e750bc3f59dc7ef7bc2119496f14949d77b4ae72197752489f7f398fecb01e4931fb2ea85990fb3abafcb434e1b92a9c241aba17785f4467c112ef366bad8c7d982ada4be01d0034f647a2503d34ce8815a7352d19fd26244a646f5a8fc2ee9ddbdf1b8201e88d4df627d1c50d08936"})
shmctl$auto_SHM_STAT(0xd7, 0xd, &(0x7f0000000740)={{0x5, 0xee01, <r2=>0xee00, 0x9, 0x9, 0x6, 0x400}, 0x0, 0x2, 0x77b, 0x8000000000000001, @raw=0xffff0000, @inferred=0xffffffffffffffff, 0x8000, 0x0, &(0x7f0000000540)="ce44cb3504ce4ba424a336b344d013d23d0ff65f550f85f59b66fa83c302622a9759648a07c034b20faaf37db4182c90f1635a8282629fb93c2015eba9e8690351ab0a483c4ce831aa383b7204be3d44d07286acbed6d8830473bff8f3e58dc110eb54366a5a9f4de35bfca3b204529fa9c3713c412b851e32561b5e9b661eca09235e067638d469743567b9d5eb64379a0f165fd7e6c9891f9888654ef30e2d1b5d8bc28da7ca2e4f52ed715b2b6d2f234d222533867983cf08ba82ad22a7af52b2fe459177567f604efae7a30f3b53c5cee1d6cc75801ff27fde26769b02fb46b5a600309eb951", &(0x7f0000000640)="b575bb094adce7faa8830e0687ddcbeb44f91457da36c7fd9b4d875c8ac37e27b3b8ede13a85fd6fc8c7dcbe36cea308b8edb2e2f58a27a9132b902f38cdcde4682b6af228e9113c89577246f3f25cbc777bc829bbce28da129d33d86275816f69879bb6741fc82004a752e0c2420d45b4cd2440ebdaf7c11b2681ff9c47a194a9c1d634e6160d00d6a165d706050e5ff4451a83775543956f3630a6c838b18226d1408eaaaab887986ac96bd69c59eff7794d6cdcae80718a6147f97e3eaea88f7cfe4cbe0f12af7d3eac1341d9e1fb02b8b4aa46ffd9e58fcdc7ab0b6eca4b19e97614dc80772b35ace9"})
lstat$auto(&(0x7f0000000280)='}[,&*}\x00', &(0x7f0000000840)={0x100000000, 0x0, 0xea6, 0xdc, r1, r2, 0x0, 0x7, 0x36, 0x7, 0x44, 0x354d, 0x1, 0x9, 0xead, 0xc, 0x2})
sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x2c, r3, 0x13, 0x70bd2c, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x1}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0xf, 0x0)
open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
mount$auto(&(0x7f0000000000), &(0x7f0000000080)='}[,&*}\x00', 0x0, 0x339, 0x0)
socket(0x2, 0x1, 0x106)
pipe$auto(&(0x7f0000000500))
read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)=""/250, 0xfa)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000000c0)=""/228, 0xe4)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0)
socket(0x2, 0x5, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x40a02, 0x0)

1m26.404316108s ago: executing program 4 (id=4658):
mmap$auto(0x0, 0x20009, 0x6, 0xeb1, 0x404, 0x8003)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x4, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x20000000005, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000]}, 0x1fe, 0x81)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

1m21.103056607s ago: executing program 35 (id=4620):
mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000)
io_uring_setup$auto(0xc, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vicodec.0/video4linux/video1/dev_debug\x00', 0x8081, 0x0)
io_uring_setup$auto(0x9, &(0x7f0000000080)={0x7, 0x0, 0x9, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x0, 0x0, 0x2], {0xffffffff, 0x4000002, 0x8c48, 0x29f, 0x102, 0x7f, 0x0, 0x6, 0x40000000000002}, {0xffffd8d2, 0x1, 0x5a, 0x5, 0x3, 0x800000, 0x76c5, 0xffffff80, 0x1}})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/xfs/stats/stats\x00', 0x0, 0x0)
r0 = openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/buffer_percent\x00', 0x80000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x10, 0x2, 0x0)
openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x201, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0)
openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
readv$auto(r0, &(0x7f0000000040)={0x0, 0x2}, 0x5)

1m11.015003523s ago: executing program 36 (id=4658):
mmap$auto(0x0, 0x20009, 0x6, 0xeb1, 0x404, 0x8003)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x14, 0x944, 0x1ffe0, 0x4, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x20000000005, 0x3, 0x40, 0x7, 0x20, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000]}, 0x1fe, 0x81)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
r0 = socket(0x10, 0x2, 0x0)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008)

8.077168342s ago: executing program 7 (id=4967):
r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0)
write$auto(r0, 0x0, 0x1ff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001900), 0xffffffffffffffff)
mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000)
r1 = socket(0x2, 0x1, 0x0)
r2 = epoll_create$auto(0x4)
epoll_create$auto(0x3e)
epoll_ctl$auto(r1, 0x1028, r2, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
close_range$auto(0x0, 0xfffff004, 0x2)
prctl$auto_PR_SME_SET_VL(0x3f, 0x80000000, 0x0, 0x4b0d, 0x6)
ioctl$auto_VHOST_GET_FEATURES(0xffffffffffffffff, 0x8008af00, &(0x7f00000002c0))
socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto_F_DUPFD_QUERY(0xffffffffffffffff, 0x403, 0xffffffffffffffff)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000)
r3 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154)
fcntl$auto(r3, 0x400, 0x1)
syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0)
io_uring_setup$auto(0x6, 0x0)
execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="3000f999d81dd9fbc501db8399f7cec9a5af640ad86f35b1a58f80b0617df4bfb4ffffffff1b3af2b06acb545b5718c8f3086923577b39ce112736550dffff086abb12569f9c00178b85fbbb4f3161f2b58e0b8fccca0a51b1528f0717ea5920443feb80e70294e55c4c00e1692c9adc7ccc67189a6e5e4a3adae4f4b100000000000000", @ANYRES16=0x0, @ANYBLOB="100026bd7000fedbdf256a0000000400cf00040046000400b8000600ab00810000000500a200d8000000"], 0x30}, 0x1, 0x0, 0x0, 0x40000d0}, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x2, 0x4)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004881}, 0x800)
shmctl$auto(0x0, 0xc, &(0x7f0000000180)={{0x7, 0x0, 0xee01, 0x4, 0xa, 0x100, 0xfff9}, 0x0, 0x80d, 0x3fc, 0x6, @raw=0x9, @inferred, 0x4, 0x0, 0x0, 0x0})
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x7fff, &(0x7f0000000000)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x40007}, 0x3, 0x0)

7.342769659s ago: executing program 7 (id=4970):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
socket(0xa, 0x1, 0x84)
socket(0x2, 0x1, 0x0)
socket(0x11, 0x80003, 0x300)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$auto(0x4, 0x0, 0x80000001)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x8402, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8880, 0x0)
readv$auto(r0, &(0x7f0000000180)={0x0, 0x435d}, 0x9)

7.129354743s ago: executing program 8 (id=4972):
r0 = socket(0xd, 0x1, 0x0)
io_uring_setup$auto(0x1, 0x0)
setsockopt$auto(r0, 0x0, 0x3e, 0x0, 0x800d4)
write$auto(0x3, 0x0, 0xfffffdef)
unshare$auto(0x40000080)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x10, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x1e, 0x805, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x5, 0x0)
fsopen$auto(0x0, 0x1)
sysfs$auto(0x2, 0xf, 0x0)
fsopen$auto(0x0, 0x1)
fsconfig$auto(r1, 0x1, &(0x7f00000001c0)='+\x00', &(0x7f0000000280), 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x4, 0x0, 0x10009a6, 0x6)
semctl$auto(0x1ff, 0x2, 0x13, 0x1)
lsm_list_modules$auto(0x0, 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x6, 0x7bd6, 0x0)
mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

6.377503354s ago: executing program 8 (id=4974):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, 0x0, 0x0)
prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)='5', 0x1)
sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0x7, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r2, 0x1260, 0x5)

6.129862671s ago: executing program 7 (id=4975):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x5, 0x0, 0x1f, 0x9}, 0x800009}, 0x3, 0x20000000)
r1 = openat$auto_fake_panic_fops_(0xffffffffffffff9c, &(0x7f0000000180), 0x240, 0x0)
pwrite64$auto(r1, 0x0, 0x4e, 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
r2 = openat$auto_generic(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy5/netdev:wlan0/stations/08:02:11:00:00:01/driver_buffered_tids\x00', 0x101400, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000)
r3 = gettid()
process_vm_writev$auto(r3, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0)
clone$auto(0x6, 0x9, 0x0, 0x0, 0xe08)
ioctl$auto_VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000000))
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvmet_rdma/parameters/srq_size\x00', 0x183841, 0x0)
read$auto(0x3, 0x0, 0x80)
write$auto(0x3, 0x0, 0xfffffdef)

5.31009765s ago: executing program 5 (id=4978):
mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000)
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
r0 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000c40), 0xffffffffffffffff)
sendmsg$auto_ILA_CMD_DEL(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000400)=ANY=[@ANYBLOB="1400000006eebfcccc01c1f85fc755bcc2d37bef93435171268c74efa71f056fe8689b1ae33272158152a554e314609e64a077d024e5a07ace5224721be0711c", @ANYRES16=r0, @ANYBLOB="000329bd7000fbdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000084}, 0x0)
sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x40)
mmap$auto(0x0, 0x20009, 0xe2, 0x200000000000eb1, 0x405, 0x8000)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x1e, 0x2, 0x0)
move_pages$auto(0x1, 0x3, 0x0, 0x0, 0x0, 0x8000000000000000)
getsockopt$auto(r2, 0x10f, 0x7f, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
madvise$auto(0x0, 0xffffff7fffff0005, 0x8)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0002000000000000000000008869e71e0000", @ANYRES32=0x0, @ANYBLOB="060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f00000008000400010000880800030004"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x3, 0x100)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xfffffff6, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4008081}, 0x10004010)
socket(0x2, 0x80802, 0x0)
socket(0x2, 0x1, 0x0)
r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/block/nbd6/sched/write0_fifo_list\x00', 0x400, 0x0)
read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r3, &(0x7f0000000340)=""/179, 0xb3)

5.142882733s ago: executing program 8 (id=4979):
mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0x14, 0xfffffffffffffffa, 0x6)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd2/queue/io_timeout\x00', 0x129882, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$auto(0x3, 0x40246f4c, 0x38)
unshare$auto(0x40000080)
ioctl$auto_RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f0000000000)={0x0, 0x83, {0x8007, 0x4, 0x2, 0xb, 0x2, 0x400, 0xfffffffd, 0x10003, 0x6}})
sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800)
kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0xfff, 0x4800c000, 0x800c000}, 0x4)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84)
openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400)
write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
prctl$auto(0xcb, 0x1, 0x4, 0x8, 0x7)
socket(0x10, 0x2, 0x0)

4.46495626s ago: executing program 5 (id=4981):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getpid()
syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0)
ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f00000001c0)={0x7, @inferred=r0, @raw=0xffff, 0xf1, 0x5226, '\x00', {0x5, 0x8, 0x6, 0xee01, 0xee00, 0x97c2, 0x4, 0x97, {0x3, 0x8}, {0x10, 0xf}, {0x81, 0x6459}, 0x3ff, 0x1, 0xbcf, 0xda32786, 0x2, 0x2, 0x100, 0x1ff, 0x0, 0x1, '\x00', 0x2, 0x8, 0x6, 0x7}})
r2 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/prev\x00', 0x101002, 0x0)
fallocate$auto(r2, 0x9, 0xffffffffffff8000, 0x6)
r3 = socket(0x10, 0x4, 0x4000043)
setsockopt$auto(r3, 0x8, 0xfffffffc, &(0x7f0000000040)=',%\x00', 0xfffffffc)
getsockopt$auto(r3, 0x29, 0xcf, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'gretap0\x00', <r4=>0x0})
r5 = fcntl$auto_F_GETOWN(r0, 0x9, 0x3790)
sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000009c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000980)={&(0x7f0000001200)={0x740, r1, 0x900, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x6}, @NL80211_ATTR_MBSSID_ELEMS={0x183, 0x133, 0x0, 0x1, [@typed={0xa9, 0x7, 0x0, 0x0, @binary="ca1d7fe0f7f113524cb092ed0d9b3e578125f2c544a440f7906b4f8a54ca33e0e22b98f47fd979655d68a5c826e17693995cd28bcf826bc238dc45c3a59a80174a7e014560192ac66684e5b61529e4a86ab1a7b83b5ef8be529c8a6230227f763219e2b530da28adafd03f1616ded8cf79f2d30dc0bc01d01ac00442ea90d9a33b14aedd0f9a8ba93fd7cb84fe0fccb758b9138b06f40ae72d2f068b9f11e4a8e0eab73db5"}, @generic="be2e6403f35ab95cbb92aa180062a8d746d1a6bf280282ffb7cfc8063c8627a07329ed7df3e47bcc63176cead1d87022ff03e68bd174769b8c4f9f001d29074d2aa2c14f32884d347aec42d29389de4b42e55b9270767fda59a770fe7b57125648e2dde06c47946dd70f8d66f25032fd4434cb91c19921a7e22d91c78db5e13bce065019d1107fcf1a67ec9fe478560444f2eb0734bab604afe8239d3d0b8bfd8275e5f82594ec374cac4ba660ffa92468528d6605", @typed={0x8, 0x3f, 0x0, 0x0, @fd=r0}, @nested={0xc, 0xf, 0x0, 0x1, [@typed={0x8, 0x4a, 0x0, 0x0, @fd=r3}]}, @generic="10f0adb7e1ecbc325ed1"]}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}, @NL80211_ATTR_REG_RULES={0x1f9, 0x22, 0x0, 0x1, [@generic="da47ab88aa0fc61d0e29750225a55f3232d1051e4630b52558375630b01e8c29b416b535d527ebc8", @typed={0x8, 0xc2, 0x0, 0x0, @pid=r5}, @typed={0xa, 0x10f, 0x0, 0x0, @str='\x00/\xe9\x04#\x00'}, @generic="6138832cbe670d4cd63c59af5373c38a93a66e1f4a30552569cfbd524aad19873394df1b5b4735304f6c72fff2d10a30c59e37203a26fedbe221b41df3d12b", @generic="26dcc62552a06fff14a7879a10bf377cf65ecbaab2c828b547e018f1bed8eb4b5cb277cc1d7febae0aac8ac2ba3b35885f3299869ac6f20526d5e4cf0d26204f83a30b7a239e684494f95203191fd66fc49a4012c7eaee119ec82faeef8905406cdbf309477728942eb225dd3266173c87c791cbbe1afeba75236e1e1ae37d4783baf3193b094d7d2d4b33207c6b7bd8bab0bdbb650e9f4de2da7b2917c84c3b63c871ab3561283ac4410e108c0bf2becb5f2ecacd32b094ee994d99c88f7cbcb6481c2dfada03a2a4ca08d70c45ba7080110f874b0ef0f39c", @typed={0x8, 0x10f, 0x0, 0x0, @u32=0x1ff}, @generic="cd7cb90ce87cc9f449ef2f9ac0c95d2b61f5198c13525357ea054a0347c747672a89eeb5a5749ba1e31b82f7f7eebd271cc45ed35bc3878d9090d64b0e634a291f4cfb01b0ca76eb7d36832270e76484938c2cbc7ec2c0eb3eea83290845fd19f84c66d0ad1670ab00779ad7f6ffbe55fe85fa99d746f0c970725ed3ee9990f215baa094ab87f4a806192f9bb1f5076ab1c4087889", @typed={0x4, 0x88}]}, @NL80211_ATTR_BEACON_TAIL={0x32b, 0xf, "ec1a014ae2101df6a143ac285be396ec4e81d79a4931ee8f1a94e772c367b1cc65cfe572f785ea3343893a8876a77d848b849fa556590f898d270124968a912d2a7617693e83fc2ddbb594004aa27c32ae363fa77e8d14ab52ba4cdf5d1ec72a5802e8de6f46d9a057fbe4a7d400d3ab36aa3f0247483378ab6ea3d0406af398946f2de0a3b22155da981e8f98b92fad05f94d2350a33a0b125155b4e385004a510262b7fb4d1d66b5c5fdf2c3aeee471ca53ce01b53048f5eacb0060712556d4d13411dfd8a89283a0d2081d86008b966afc65d381740169ab048f95189a416a7df1ba753fc46c02d1c274887cf8d12a98f92341fd0c5abfcd9a3e6f2a35b67262fe7e975105dfcf27b96dbb932c065231fdb149f2aaf52c9a950d04e72f9babead0b25eb1d18461d5bda3d7ca011bdff4ddb5fa62d6efb43449c11f104eb78ef2a9427d23fbc3be76fbb1f27d2fd3aafb42a60ca66b34765aae640a2263012b6d8553459bfe4499427a032f323399ce8f4a92f4b61de7ad538c682299af0e46428dc72aa43814562bb55f568662421d2929d7c1f0afb0bb86969e520c72d42dca7cf49b1afefa26a84226d8b1f75f3319c2195cd667e866ca1ed5b8b6b37f443f0702f760199a91901fb2893dd90b2daffd5902a6c3519f92b70e98610365ddbee9bd0256a37399f17ea8da4e37d00ef617e6101b024f9d452aed45a25b8f040c51b18f9d5f79a9cc45a718f8a4d152510e26d8e5ad9c40c823f5389db3d33fe5e39807a4f506865b18df03a35452d23bae487e6fd3af1258eb48a2141c933f85f869e599e337c8182dd19f6e386ea9f4a1fcfbd5f54b99a73b23f3e8daeea55b0ff0d71e75c558b12d3412438137e938d739e65474effdd7b9a6399a5ef9f6bce67a1b4369521040fc13d2aa61e7c6904cd32ccbacd0e6c63dfeb7ffa934e98e9fbdbff1c38d7c14c69b3889dfadb791b4f4dd6c65a415db7637f8c5249cef51a7a90dba706d6815048c25b5e166d9f83f2b777aa7a4418bdd23c928675252207df79424cc20fb117bb09a3b5be3c572811ec735f754a8af5cccd13a52ece02511979ae1f16dabed2457283496cd4957ca6366cfe6556464ccb6183e4f89b28662ddff71882"}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x8b}, @NL80211_ATTR_TIMED_OUT={0x4}, @NL80211_ATTR_MAC_MASK={0x55, 0xd7, "d1578f4bac1842693ee18c8fc304087540853088357ac16b3316e7e3ace7ae6407580341a10f4dffc6a8eb0b1d79b0ce43aca7cce5eab926663a24b2dd00ab77551fd6d8502e6db44543786ceef2e2d21f"}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x1}]}, 0x740}, 0x1, 0x0, 0x0, 0x20040841}, 0x48000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000)
shutdown$auto(0x200000003, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x50, r6, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@CTRL_ATTR_OP={0x8, 0xa, 0x7}, @CTRL_ATTR_OP={0x8, 0xa, 0x80000001}, @CTRL_ATTR_OP={0x8, 0xa, 0x5}, @CTRL_ATTR_FAMILY_NAME={0xa, 0x2, '%]@+\\\x00'}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x6}, @CTRL_ATTR_OP={0x8, 0xa, 0x3a8}, @CTRL_ATTR_OP={0x8, 0xa, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x14)
bpf$auto(0x5, &(0x7f0000001080)=@bpf_attr_7={@map_id=0x3, 0x92f1, 0x4}, 0xa)

4.17487494s ago: executing program 5 (id=4982):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/ram14/queue/virt_boundary_mask\x00', 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0) (async)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/block/nbd12/sched/batching\x00', 0x143642, 0x0) (async, rerun: 64)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async)
sysfs$auto(0x2, 0xa, 0xb)
close_range$auto(0x2, 0x8000, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x8000006, 0x6, 0x3, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x8000100, 0x1, 0x8000052, 0x5, 0x1, 0x40, 0x76c5, 0x9a, 0x100000000}}) (async, rerun: 32)
io_uring_enter$auto(r2, 0x9, 0x820e, 0x9, 0x0, 0x18) (async, rerun: 32)
close_range$auto(0x0, 0xfffffffffffff001, 0x2) (async)
socket(0x11, 0x80003, 0x300)
socket(0x29, 0x5, 0x0) (async)
r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2)
open_by_handle_at$auto(r3, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) (async)
sendfile$auto(r1, r1, 0x0, 0x2) (async)
pread64$auto(r0, 0x0, 0x3fc, 0x4000000000000006)

4.104291457s ago: executing program 2 (id=4983):
r0 = socket(0xd, 0x1, 0x0)
io_uring_setup$auto(0x1, 0x0)
setsockopt$auto(r0, 0x0, 0x3e, 0x0, 0x800d4)
write$auto(0x3, 0x0, 0xfffffdef)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
open(0x0, 0x22240, 0x155)
socket(0x10, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8000, 0x0)
socket(0x1e, 0x805, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
sysfs$auto(0x2, 0x5, 0x0)
fsopen$auto(0x0, 0x1)
sysfs$auto(0x2, 0xf, 0x0)
fsopen$auto(0x0, 0x1)
fsconfig$auto(r1, 0x1, &(0x7f00000001c0)='+\x00', &(0x7f0000000280), 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
sendmmsg$auto(0x4, 0x0, 0x10009a6, 0x6)
semctl$auto(0x1ff, 0x2, 0x13, 0x1)
lsm_list_modules$auto(0x0, 0x0, 0x0)
recvmmsg$auto(0x3, 0x0, 0x6, 0x7bd6, 0x0)
mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)

3.851510117s ago: executing program 5 (id=4984):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
socket(0xa, 0x1, 0x84)
socket(0x2, 0x1, 0x0)
socket(0x11, 0x80003, 0x300)
setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$auto(0x4, 0x0, 0x80000001)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x8402, 0x0)
openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8880, 0x0)
readv$auto(r0, &(0x7f0000000180)={0x0, 0x435d}, 0x9) (fail_nth: 1)

3.75368627s ago: executing program 8 (id=4985):
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0)
adjtimex$auto(&(0x7f0000000000)={0x4, 0x0, 0xcbe9, 0xffff, 0xa, 0x80000000, 0xd37f, 0x0, 0xffff, 0xc, 0x3, {0x10, 0x6}, 0xfffffffffffffffc, 0x10002, 0x2, 0x4, 0x0, 0xfffffffdfffffffa, 0x1, 0x0, 0x9, 0x7, 0xffffffff})
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = io_uring_setup$auto(0x6, 0x0)
r1 = socket(0x2, 0x5, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80002, 0x73)
socket(0x15, 0x1, 0x84)
shutdown$auto(0x200000003, 0x2)
recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x8, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0xe6, 0x0, 0x2, 0xb}, 0xfff}, 0x6, 0x311)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xffcc}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
socket(0x2, 0x801, 0x100)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r0, 0x28000)
getsockopt$auto(0x4, 0x6, 0x6, 0xfffffffffffffffc, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000)
r2 = getpid()
ptrace$auto_PTRACE_SETREGS(0xd, r2, 0x2, 0x8)
r3 = gettid()
process_vm_readv$auto(r3, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x20000, 0x0)
close_range$auto(0x2, 0xa, 0x0)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="24051c27c100dedbdf250307cc0008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000006000700050000000a00050000000000000000000a00010000000000000000000a0001000000000000000000060006000d00000006000600070000000a0001"], 0x6c}}, 0x0)
bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=@bpf_attr_0={0x3, 0xf048, 0x1, 0x2, 0x1, 0xffffffffffffffff, 0x2, "3560833673e34ae96f8653c5ac0bdc9e", 0x0, 0xffffffffffffffff, 0xd, 0x3, 0x2, 0x3}, 0x6)

3.594761439s ago: executing program 7 (id=4986):
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000040), 0x80901, 0x0)
r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0)
ioctl$auto_TCFLSH2(r0, 0x540b, 0xfffffffffffffffd)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptysa\x00', 0x101e40, 0x0)
ioctl$auto_TCFLSH2(r1, 0x5453, 0x0)
write$auto(0x3, 0x0, 0xfdef)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r3)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$auto_posix_clock_file_operations_posix_clock(r4, 0xc0603d06, 0x0)
select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffdfffffff, 0x3, 0x62, 0x84000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x1, 0xd, 0x1, 0x1f, 0x80000001, 0x15f4da0a, 0x3, 0x800, 0xb, 0x80000023, 0x7, 0x6d41, 0x9, 0x2, 0xddc]}, 0x0)
mmap$auto(0xfffffffffffffffa, 0x20009, 0x4000000000df, 0x16, 0x401, 0x8000)
r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0)
read$auto(r5, 0x0, 0x1f40)
write$auto(0x3, 0x0, 0xfffffdef)
ioctl$auto(r3, 0x57, r2)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
r6 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x70d680, 0x0)
fgetxattr$auto(r6, &(0x7f00000001c0)='NLBL_UNLBL\x00', &(0x7f0000000200)="e6f7", 0x10001)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$auto_ila(0x0, 0xffffffffffffffff)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0)

3.127783668s ago: executing program 2 (id=4987):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
getrandom$auto(0x0, 0x6000000, 0x3)
madvise$auto(0x0, 0xf663, 0x15)
r1 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55)
connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711, @local}, 0x55)
sendmsg$auto_GTP_CMD_NEWPDP(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027aa95cfc1dbdf8b000000000c0003000b0000000000000008000100ffffffff080002000000000006000600d2"], 0x38}, 0x1, 0x0, 0x0, 0x20040850}, 0x4048040)

2.655618089s ago: executing program 5 (id=4988):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, 0x0, 0x0)
prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)='5', 0x1)
sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff)
capset$auto(&(0x7f0000000340)={0x19980330}, 0x0)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
socket$nl_generic(0x10, 0x3, 0x10)
select$auto(0x7, 0x0, 0x0, 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x40841, 0x8)
socket(0xa, 0x5, 0x94)
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
close_range$auto(0x2, 0x8, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r2, 0x1260, 0x5)

2.216683659s ago: executing program 2 (id=4989):
io_uring_setup$auto(0x59, &(0x7f0000000080)={0x5, 0xd, 0x2, 0x7, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0xfffffffe, 0x100, 0x0, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x691, 0x1, 0x40, 0x40, 0x8, 0x100000000}})
prctl$auto(0x1000000003b, 0x10, 0x0, 0x5, 0x7)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x2003f0, 0x15)
madvise$auto(0x0, 0x200007, 0x19)
sysfs$auto(0x4, 0x0, 0x6)
openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/sys/kernel/usermodehelper/bset\x00', 0x8a802, 0x0)
openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x15b883, 0x0)
socket(0x1d, 0x3, 0x1)
getpeername$auto(0x3, 0x0, 0x0)
openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0)
ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0)
write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
prctl$auto(0x441, 0x3, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x801, 0x0)
socket(0xf, 0x3, 0x2)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72)
socket(0x2, 0x1, 0x0)
socket(0x1e, 0x1, 0x0)
fallocate$auto(0x8000000000000003, 0x0, 0xd, 0x9)
select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x4, 0x5]}, 0x0)

2.007900557s ago: executing program 8 (id=4990):
r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x2000c, 0xdd, 0xacd4, 0xffffffffffffffff, 0x8000)
close_range$auto(0x2, r0, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/audit\x00', 0x200, 0x0)
openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0)
prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0)
write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9)
select$auto(0x1, &(0x7f0000000380)={[0x1, 0x1825e3fe, 0x433, 0x2, 0x3, 0x7, 0x4, 0x7fffffffffffffff, 0x1, 0xe0, 0x4, 0x6, 0x10, 0x6, 0x3, 0x5]}, &(0x7f0000000440)={[0x7ff, 0x9, 0x1, 0x9, 0x7, 0xfffffffffffff800, 0x7, 0x40, 0xd, 0x3ff, 0x5, 0x6, 0x6, 0xccf0, 0x6, 0x2]}, &(0x7f00000004c0)={[0x7f, 0x8, 0x4, 0x8, 0x9, 0x2, 0x1000, 0x0, 0x6, 0x6, 0x2, 0x10000, 0x10000, 0x1ff, 0xdfb2, 0x1]}, &(0x7f00000000c0)={0x2, 0x3})
openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC0D0p\x00', 0xa00, 0x0)
mmap$auto(0x5, 0x2, 0xdf, 0x9b75, r1, 0x28000)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0)
ioctl$auto_BLKRRPART(r3, 0x125f, 0x0)
open(0x0, 0x40402, 0x187)
msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x4001, 0x0)
r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/pcm0p/sub0/hw_params\x00', 0x1c1282, 0x0)
read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000280)=""/65, 0x41)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0)
io_uring_setup$auto(0x6, 0x0)

1.549725068s ago: executing program 7 (id=4991):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
mmap$auto(0x0, 0x20009, 0xdb, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$auto(0x8000000000000001, 0x26, 0x8)
fcntl$auto(r0, 0x7, 0x4)
r1 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x5, 0x0, 0x1f, 0x9}, 0x800009}, 0x3, 0x20000000)
openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x600000, 0x0)
pwrite64$auto(r1, 0x0, 0x6, 0x3)
mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2)
mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvmet_rdma/parameters/srq_size\x00', 0x183841, 0x0)
read$auto(0x3, 0x0, 0x80)
write$auto(0x3, 0x0, 0xfffffdef)

1.187379792s ago: executing program 2 (id=4992):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
getpid()
syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0)
ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f00000001c0)={0x7, @inferred=r0, @raw=0xffff, 0xf1, 0x5226, '\x00', {0x5, 0x8, 0x6, 0xee01, 0xee00, 0x97c2, 0x4, 0x97, {0x3, 0x8}, {0x10, 0xf}, {0x81, 0x6459}, 0x3ff, 0x1, 0xbcf, 0xda32786, 0x2, 0x2, 0x100, 0x1ff, 0x0, 0x1, '\x00', 0x2, 0x8, 0x6, 0x7}})
r2 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/prev\x00', 0x101002, 0x0)
fallocate$auto(r2, 0x9, 0xffffffffffff8000, 0x6)
r3 = socket(0x10, 0x4, 0x4000043)
setsockopt$auto(r3, 0x8, 0xfffffffc, &(0x7f0000000040)=',%\x00', 0xfffffffc)
getsockopt$auto(r3, 0x29, 0xcf, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'gretap0\x00', <r4=>0x0})
r5 = fcntl$auto_F_GETOWN(r0, 0x9, 0x3790)
sendmsg$auto_NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000009c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000980)={&(0x7f0000001200)={0x740, r1, 0x900, 0x70bd25, 0x25dfdbfd, {}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x6}, @NL80211_ATTR_MBSSID_ELEMS={0x183, 0x133, 0x0, 0x1, [@typed={0xa9, 0x7, 0x0, 0x0, @binary="ca1d7fe0f7f113524cb092ed0d9b3e578125f2c544a440f7906b4f8a54ca33e0e22b98f47fd979655d68a5c826e17693995cd28bcf826bc238dc45c3a59a80174a7e014560192ac66684e5b61529e4a86ab1a7b83b5ef8be529c8a6230227f763219e2b530da28adafd03f1616ded8cf79f2d30dc0bc01d01ac00442ea90d9a33b14aedd0f9a8ba93fd7cb84fe0fccb758b9138b06f40ae72d2f068b9f11e4a8e0eab73db5"}, @generic="be2e6403f35ab95cbb92aa180062a8d746d1a6bf280282ffb7cfc8063c8627a07329ed7df3e47bcc63176cead1d87022ff03e68bd174769b8c4f9f001d29074d2aa2c14f32884d347aec42d29389de4b42e55b9270767fda59a770fe7b57125648e2dde06c47946dd70f8d66f25032fd4434cb91c19921a7e22d91c78db5e13bce065019d1107fcf1a67ec9fe478560444f2eb0734bab604afe8239d3d0b8bfd8275e5f82594ec374cac4ba660ffa92468528d6605", @typed={0x8, 0x3f, 0x0, 0x0, @fd=r0}, @nested={0xc, 0xf, 0x0, 0x1, [@typed={0x8, 0x4a, 0x0, 0x0, @fd=r3}]}, @generic="10f0adb7e1ecbc325ed1"]}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r4}, @NL80211_ATTR_REG_RULES={0x1f9, 0x22, 0x0, 0x1, [@generic="da47ab88aa0fc61d0e29750225a55f3232d1051e4630b52558375630b01e8c29b416b535d527ebc8", @typed={0x8, 0xc2, 0x0, 0x0, @pid=r5}, @typed={0xa, 0x10f, 0x0, 0x0, @str='\x00/\xe9\x04#\x00'}, @generic="6138832cbe670d4cd63c59af5373c38a93a66e1f4a30552569cfbd524aad19873394df1b5b4735304f6c72fff2d10a30c59e37203a26fedbe221b41df3d12b", @generic="26dcc62552a06fff14a7879a10bf377cf65ecbaab2c828b547e018f1bed8eb4b5cb277cc1d7febae0aac8ac2ba3b35885f3299869ac6f20526d5e4cf0d26204f83a30b7a239e684494f95203191fd66fc49a4012c7eaee119ec82faeef8905406cdbf309477728942eb225dd3266173c87c791cbbe1afeba75236e1e1ae37d4783baf3193b094d7d2d4b33207c6b7bd8bab0bdbb650e9f4de2da7b2917c84c3b63c871ab3561283ac4410e108c0bf2becb5f2ecacd32b094ee994d99c88f7cbcb6481c2dfada03a2a4ca08d70c45ba7080110f874b0ef0f39c", @typed={0x8, 0x10f, 0x0, 0x0, @u32=0x1ff}, @generic="cd7cb90ce87cc9f449ef2f9ac0c95d2b61f5198c13525357ea054a0347c747672a89eeb5a5749ba1e31b82f7f7eebd271cc45ed35bc3878d9090d64b0e634a291f4cfb01b0ca76eb7d36832270e76484938c2cbc7ec2c0eb3eea83290845fd19f84c66d0ad1670ab00779ad7f6ffbe55fe85fa99d746f0c970725ed3ee9990f215baa094ab87f4a806192f9bb1f5076ab1c4087889", @typed={0x4, 0x88}]}, @NL80211_ATTR_BEACON_TAIL={0x32b, 0xf, "ec1a014ae2101df6a143ac285be396ec4e81d79a4931ee8f1a94e772c367b1cc65cfe572f785ea3343893a8876a77d848b849fa556590f898d270124968a912d2a7617693e83fc2ddbb594004aa27c32ae363fa77e8d14ab52ba4cdf5d1ec72a5802e8de6f46d9a057fbe4a7d400d3ab36aa3f0247483378ab6ea3d0406af398946f2de0a3b22155da981e8f98b92fad05f94d2350a33a0b125155b4e385004a510262b7fb4d1d66b5c5fdf2c3aeee471ca53ce01b53048f5eacb0060712556d4d13411dfd8a89283a0d2081d86008b966afc65d381740169ab048f95189a416a7df1ba753fc46c02d1c274887cf8d12a98f92341fd0c5abfcd9a3e6f2a35b67262fe7e975105dfcf27b96dbb932c065231fdb149f2aaf52c9a950d04e72f9babead0b25eb1d18461d5bda3d7ca011bdff4ddb5fa62d6efb43449c11f104eb78ef2a9427d23fbc3be76fbb1f27d2fd3aafb42a60ca66b34765aae640a2263012b6d8553459bfe4499427a032f323399ce8f4a92f4b61de7ad538c682299af0e46428dc72aa43814562bb55f568662421d2929d7c1f0afb0bb86969e520c72d42dca7cf49b1afefa26a84226d8b1f75f3319c2195cd667e866ca1ed5b8b6b37f443f0702f760199a91901fb2893dd90b2daffd5902a6c3519f92b70e98610365ddbee9bd0256a37399f17ea8da4e37d00ef617e6101b024f9d452aed45a25b8f040c51b18f9d5f79a9cc45a718f8a4d152510e26d8e5ad9c40c823f5389db3d33fe5e39807a4f506865b18df03a35452d23bae487e6fd3af1258eb48a2141c933f85f869e599e337c8182dd19f6e386ea9f4a1fcfbd5f54b99a73b23f3e8daeea55b0ff0d71e75c558b12d3412438137e938d739e65474effdd7b9a6399a5ef9f6bce67a1b4369521040fc13d2aa61e7c6904cd32ccbacd0e6c63dfeb7ffa934e98e9fbdbff1c38d7c14c69b3889dfadb791b4f4dd6c65a415db7637f8c5249cef51a7a90dba706d6815048c25b5e166d9f83f2b777aa7a4418bdd23c928675252207df79424cc20fb117bb09a3b5be3c572811ec735f754a8af5cccd13a52ece02511979ae1f16dabed2457283496cd4957ca6366cfe6556464ccb6183e4f89b28662ddff71882"}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x8b}, @NL80211_ATTR_TIMED_OUT={0x4}, @NL80211_ATTR_MAC_MASK={0x55, 0xd7, "d1578f4bac1842693ee18c8fc304087540853088357ac16b3316e7e3ace7ae6407580341a10f4dffc6a8eb0b1d79b0ce43aca7cce5eab926663a24b2dd00ab77551fd6d8502e6db44543786ceef2e2d21f"}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0x1}]}, 0x740}, 0x1, 0x0, 0x0, 0x20040841}, 0x48000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000)
shutdown$auto(0x200000003, 0x2)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_CTRL_CMD_GETPOLICY(r6, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001100)={0x28, 0x0, 0x301, 0x70bd25, 0x25dfdbff, {}, [@CTRL_ATTR_OP={0x8, 0xa, 0x3}, @CTRL_ATTR_FAMILY_NAME={0x9, 0x2, 'vdpa\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000800}, 0xc040810)
sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000a40)={0x50, 0x0, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@CTRL_ATTR_OP={0x8, 0xa, 0x7}, @CTRL_ATTR_OP={0x8, 0xa, 0x80000001}, @CTRL_ATTR_OP={0x8, 0xa, 0x5}, @CTRL_ATTR_FAMILY_NAME={0xa, 0x2, '%]@+\\\x00'}, @CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x6}, @CTRL_ATTR_OP={0x8, 0xa, 0x3a8}, @CTRL_ATTR_OP={0x8, 0xa, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x14)
bpf$auto(0x5, &(0x7f0000001080)=@bpf_attr_7={@map_id=0x3, 0x92f1, 0x4}, 0xa)

964.574742ms ago: executing program 5 (id=4993):
mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x81, 0x0)
prctl$auto(0x3e, 0x492, 0x0, 0x1000000000000001, 0x0)
write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9)
mmap$auto(0x0, 0xf, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(r0, 0x8, 0x0)
r2 = io_uring_setup$auto(0x6, 0x0)
r3 = socket(0x2, 0x1, 0x0)
sysfs$auto(0x2, 0x400, 0x0)
epoll_create$auto(0x5)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
epoll_ctl$auto(0x5, 0x1, r4, 0x0)
r5 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
close_range$auto(r3, 0xffffffffffffffff, 0x97)
mmap$auto(0x1ff, 0xfffffffffffffffe, 0x9, 0x12, r1, 0x1)
epoll_ctl$auto(r5, 0x2, r4, 0x0)
mmap$auto(0x3, 0x7, 0x3, 0x11, 0xffffffffffffffff, 0x7ffd)
close_range$auto(r0, r2, 0x0)
socket(0x2, 0x1, 0x106)
r6 = socket(0x2, 0x1, 0x0)
shutdown$auto(r6, 0x8)
r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/irq/11/affinity_hint\x00', 0x40, 0x0)
read$auto_proc_iter_file_ops_compat_inode(r7, &(0x7f00000002c0)=""/300, 0x12c)
r8 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x139142, 0x0)
ioctl$auto_SOUND_MIXER_READ_DEVMASK2(r8, 0x80044dfe, 0x0)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0)
mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000)

867.496214ms ago: executing program 2 (id=4994):
r0 = socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
r1 = socket(0x2, 0x3, 0x6)
lsm_list_modules$auto(0x0, 0x0, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket(0xa, 0x5, 0x0)
open(0x0, 0x22240, 0x154)
ioctl$sock_SIOCGIFINDEX(r1, 0x401c5820, 0x0)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0)
r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x28, r2, 0x400, 0x1, 0x25dfdbff, {}, [@NL802154_ATTR_IFNAME={0xffffffffffffffa7, 0x4, 'veth1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4810}, 0x4008)
mincore$auto(0x6, 0x4, &(0x7f0000000000)='+)\x00')

511.606826ms ago: executing program 2 (id=4995):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x2, 0x80802, 0x0)
r0 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a)
sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x5, 0x0, 0x1f, 0x9}, 0x800009}, 0x3, 0x20000000)
futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/general_profit\x00', 0xa800, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/34, 0x22)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0xa, 0x2, 0x88)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r5=>0x0})
bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0xf, r3, @relative_fd, 0xe600}, 0xf)
sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="13002cbd7000dddbdf250200000008000300", @ANYRES32, @ANYBLOB="480040000300000005000300020b0000"], 0x2c}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894)
sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x140, 0x0, 0x400, 0x70bd29, 0x25dfdbfe, {}, [@ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x34, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x4}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x4}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x7}]}, @ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x4c, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x4}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x7}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x7fff}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0xffffffff}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x7ff}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x80000000}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x2}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x2}]}, @ETHTOOL_A_TSINFO_HEADER={0x4}, @ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x24, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x9}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0xff}]}, @ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x14, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0xd}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x200}]}, @ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x4}, @ETHTOOL_A_TSINFO_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8001}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}]}, @ETHTOOL_A_TSINFO_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8001}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7fffffff}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7d51}]}]}, 0x140}, 0x1, 0x0, 0x0, 0x4000}, 0x40051)
read$auto(0x3, 0x0, 0x80)

274.224949ms ago: executing program 8 (id=4996):
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
timer_settime$auto(0xc7, 0x1, &(0x7f0000000140)={{0xfffffffffffffffb, 0x20000000}, {0x8, 0x9}}, 0x0)
r0 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000)
recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0xfffffea7, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0)

0s ago: executing program 7 (id=4997):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0)
openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0)
r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r0, 0x0, 0x100000a3d9)
select$auto(0x11, 0x0, 0x0, 0x0, 0x0)
prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0)
write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)='5', 0x1)
sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff)
select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x1, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8})
openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0)
openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0)
ioctl$auto(r2, 0x1260, 0x5)

kernel console output (not intermixed with test programs):

	
	

	
		
	

	
		
		
	
	




syzkaller
syzkaller login: [  733.971910][T15909] kexec: Could not allocate control_code_buffer
[  734.383427][T15937] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3874'.
[  740.305220][T16014] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3889'.
[  741.562119][T16029] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3892'.
[  742.986930][T16054] Invalid ELF header magic: != ELF
[  748.416614][T16144] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3918'.
[  749.753047][T16167] bond0: no command found in slaves file - use +ifname or -ifname
[  752.255507][T16198] bond0: no command found in slaves file - use +ifname or -ifname
[  752.277665][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  752.284026][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  754.478162][T16234] futex_wake_op: syz.0.3937 tries to shift op by 64; fix this program
[  759.011736][T16315] Format for deleting device is "id" (uint).
[  759.144381][T16325] Invalid ELF header magic: != ELF
[  759.502599][T16327] could not allocate digest TFM handle 
[  759.655354][T16328] could not allocate digest TFM handle 
[  760.074947][T16342] can: request_module (can-proto-0) failed.
[  761.255078][T16370] ptrace attach of "./syz-executor exec"[12172] was attempted by "./syz-executor exec"[16370]
[  763.269611][T16407] Invalid ELF header magic: != ELF
[  764.287591][T16439] bond0: no command found in slaves file - use +ifname or -ifname
[  765.909621][T16463] blk_print_req_error: 24 callbacks suppressed
[  765.909645][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  766.031437][T16463] buffer_io_error: 23 callbacks suppressed
[  766.031461][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  766.128681][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  766.182458][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  766.221849][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  766.387243][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  766.517722][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  766.527911][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  766.586968][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  766.596060][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  766.775228][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  766.817037][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  766.826850][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  766.836030][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  766.974852][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  767.000530][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  767.078134][T16463] ldm_validate_partition_table(): Disk read failed.
[  767.084834][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  767.139333][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  767.204036][T16463] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  767.213626][T16463] Buffer I/O error on dev nbd0, logical block 0, async page read
[  767.222192][T16463] Dev nbd0: unable to read RDB block 0
[  767.228778][T16463]  nbd0: unable to read partition table
[  770.687522][T16559] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  770.792204][T16560] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  771.343123][T16570] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4013'.
[  771.607591][T16577] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  771.755405][T16579] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  771.898159][T16584] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  772.000180][T16585] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  772.837919][T16602] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  776.900379][T16658] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  777.009659][T16660] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  778.416896][T16681] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4037'.
[  778.671180][T16685] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4038'.
[  781.447212][T16733] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  781.463839][T16730] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4050'.
[  781.971488][T16743] random: crng reseeded on system resumption
[  782.396534][T16753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4059'.
[  782.890195][T16763] FAULT_INJECTION: forcing a failure.
[  782.890195][T16763] name failslab, interval 1, probability 0, space 0, times 0
[  782.911009][T16764] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  782.914153][T16763] CPU: 1 UID: 0 PID: 16763 Comm: syz.3.4061 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  782.914204][T16763] Tainted: [U]=USER
[  782.914215][T16763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  782.914235][T16763] Call Trace:
[  782.914245][T16763]  <TASK>
[  782.914257][T16763]  dump_stack_lvl+0x16c/0x1f0
[  782.914312][T16763]  should_fail_ex+0x512/0x640
[  782.914360][T16763]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  782.914406][T16763]  should_failslab+0xc2/0x120
[  782.914457][T16763]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  782.914496][T16763]  ? bdev_alloc_inode+0x26/0x90
[  782.914559][T16763]  ? __pfx_bdev_alloc_inode+0x10/0x10
[  782.914597][T16763]  bdev_alloc_inode+0x26/0x90
[  782.914636][T16763]  ? __pfx_bdev_alloc_inode+0x10/0x10
[  782.914674][T16763]  alloc_inode+0x61/0x240
[  782.914717][T16763]  new_inode+0x22/0x1c0
[  782.914763][T16763]  bdev_alloc+0x2b/0x420
[  782.914812][T16763]  __alloc_disk_node+0x116/0x610
[  782.914867][T16763]  __blk_mq_alloc_disk+0x89/0x120
[  782.914920][T16763]  nbd_dev_add+0x49d/0xbb0
[  782.914965][T16763]  ? __pfx_nbd_dev_add+0x10/0x10
[  782.915000][T16763]  ? nbd_genl_connect+0x98e/0x1c20
[  782.915065][T16763]  ? bpf_lsm_capable+0x9/0x10
[  782.915103][T16763]  ? __radix_tree_lookup+0x21f/0x2c0
[  782.915157][T16763]  nbd_genl_connect+0x8b0/0x1c20
[  782.915208][T16763]  ? __pfx_nbd_genl_connect+0x10/0x10
[  782.915249][T16763]  ? __nla_parse+0x40/0x60
[  782.915288][T16763]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  782.915346][T16763]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  782.915410][T16763]  genl_family_rcv_msg_doit+0x206/0x2f0
[  782.915463][T16763]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  782.915515][T16763]  ? genl_get_cmd+0x194/0x580
[  782.915572][T16763]  ? __local_bh_enable_ip+0xa4/0x120
[  782.915610][T16763]  ? __dev_queue_xmit+0x896/0x43e0
[  782.915641][T16763]  ? __radix_tree_lookup+0x21f/0x2c0
[  782.915692][T16763]  genl_rcv_msg+0x55c/0x800
[  782.915747][T16763]  ? __pfx_genl_rcv_msg+0x10/0x10
[  782.915795][T16763]  ? __pfx___dev_queue_xmit+0x10/0x10
[  782.915828][T16763]  ? __pfx_nbd_genl_connect+0x10/0x10
[  782.915871][T16763]  ? __lock_acquire+0xaa4/0x1ba0
[  782.915948][T16763]  netlink_rcv_skb+0x16a/0x440
[  782.915997][T16763]  ? __pfx_genl_rcv_msg+0x10/0x10
[  782.916063][T16763]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  782.916129][T16763]  ? __pfx_down_read+0x10/0x10
[  782.916163][T16763]  ? netlink_deliver_tap+0x1ae/0xd30
[  782.916211][T16763]  genl_rcv+0x28/0x40
[  782.916255][T16763]  netlink_unicast+0x53d/0x7f0
[  782.916304][T16763]  ? __pfx_netlink_unicast+0x10/0x10
[  782.916346][T16763]  ? __lock_acquire+0xaa4/0x1ba0
[  782.916398][T16763]  netlink_sendmsg+0x8d1/0xdd0
[  782.916451][T16763]  ? __pfx_netlink_sendmsg+0x10/0x10
[  782.916512][T16763]  ____sys_sendmsg+0xa95/0xc70
[  782.916575][T16763]  ? copy_msghdr_from_user+0x10a/0x160
[  782.916617][T16763]  ? __pfx_____sys_sendmsg+0x10/0x10
[  782.916677][T16763]  ? try_to_wake_up+0xa2f/0x1680
[  782.916718][T16763]  ___sys_sendmsg+0x134/0x1d0
[  782.916762][T16763]  ? __pfx____sys_sendmsg+0x10/0x10
[  782.916856][T16763]  __sys_sendmsg+0x16d/0x220
[  782.916897][T16763]  ? __pfx___sys_sendmsg+0x10/0x10
[  782.916936][T16763]  ? __x64_sys_futex+0x1e0/0x4c0
[  782.916991][T16763]  ? rcu_is_watching+0x12/0xc0
[  782.917035][T16763]  do_syscall_64+0xcd/0x230
[  782.917088][T16763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  782.917120][T16763] RIP: 0033:0x7ffabab8e969
[  782.917147][T16763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  782.917178][T16763] RSP: 002b:00007ffabba34038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  782.917208][T16763] RAX: ffffffffffffffda RBX: 00007ffabadb6080 RCX: 00007ffabab8e969
[  782.917230][T16763] RDX: 0000000000008880 RSI: 0000200000001e00 RDI: 0000000000000006
[  782.917251][T16763] RBP: 00007ffabac10ab1 R08: 0000000000000000 R09: 0000000000000000
[  782.917270][T16763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  782.917290][T16763] R13: 0000000000000000 R14: 00007ffabadb6080 R15: 00007ffcbafb0918
[  782.917332][T16763]  </TASK>
[  783.403837][T16767] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  783.428498][T16763] nbd: failed to add new device
[  783.945994][T16771] netlink: 338 bytes leftover after parsing attributes in process `syz.0.4058'.
[  784.307373][T16785] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4068'.
[  784.434773][T16782] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4064'.
[  786.471449][T16822] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  786.578045][T16826] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  787.194538][T16828] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4077'.
[  787.585997][T16845] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  787.614168][T16843] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  787.690818][T16848] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  788.422184][T16861] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  788.441545][T16863] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  788.643325][T16869] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19
[  788.828957][T16871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4085'.
[  790.392809][T16898] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  790.454884][T16899] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  791.171295][T16909] bond0: no command found in slaves file - use +ifname or -ifname
[  791.310654][T16914] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  791.423233][T16918] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  791.439120][T16920] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  791.465235][T16913] zswap: compressor  not available
[  791.571952][T16923] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  791.941154][T16930] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4097'.
[  792.607821][T16939] nbd: must specify an index to disconnect
[  793.149970][T16949] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  793.210416][T16952] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  795.721218][T16967] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4106'.
[  796.339711][T16985] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  796.524569][T16991] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  797.406254][T17000] device-mapper: ioctl: ioctl interface mismatch: kernel(4.49.0), user(134217728.0.67108865), cmd(8)
[  797.594129][T17007] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  797.717986][T17009] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  799.421520][T16994] openvswitch: netlink: Duplicate key (type 15).
[  801.424593][T17046] bond0: option all_slaves_active: invalid value ()
[  801.921112][T17080] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[  802.016178][T17084] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[  803.444988][T17096] mkiss: ax0: crc mode is auto.
[  803.531671][T17097] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  806.223232][T17139] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  806.308007][T17141] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  806.539743][T17144] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  807.962313][T17130] random: crng reseeded on system resumption
[  810.973805][T17180] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  811.020525][T17182] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  813.560525][T17202] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:14: corrupted xattr entries
[  813.561464][T17201] can: request_module (can-proto-0) failed.
[  813.715702][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  813.715786][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  814.387973][T17209] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:14: corrupted xattr entries
[  815.531615][T17224] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  815.622452][T17226] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  818.310927][T17256] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  818.953101][T17265] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4165'.
[  819.602958][T15776] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18
[  819.682089][   T30] audit: type=1800 audit(4295019165.595:40): pid=17277 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4168" name="dbroot" dev="configfs" ino=61162 res=0 errno=0
[  819.827029][T17282] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  822.924299][T17296] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  822.979978][T17297] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  823.002882][T17293] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4170'.
[  823.515688][T17307] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  823.713614][T17311] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  825.652879][T17328] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4178'.
[  826.114328][T17328] mac80211_hwsim hwsim19 wlan1: entered allmulticast mode
[  829.209253][T17362] netlink: 'syz.0.4185': attribute type 35 has an invalid length.
[  830.036847][T17376] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  831.111264][T17393] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4193'.
[  831.338796][T17400] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:14: corrupted xattr entries
[  831.381003][T17401] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:14: corrupted xattr entries
[  831.788332][T17418] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[  831.798779][T17417] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:14: corrupted xattr entries
[  831.852177][T17421] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[  832.094743][T17425] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  833.202443][T17439] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  833.430922][T17443] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  833.912935][T17445] syz.2.4200 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  835.313665][T17456] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  835.425408][T17458] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  836.034653][T17468] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4204'.
[  837.250374][T17491] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  837.271781][T17492] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  837.828882][T17501] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  837.849222][T17502] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  839.611506][T17537] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  839.880433][T17543] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[  840.068692][T17547] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  840.068709][T17548] CIFS mount error: No usable UNC path provided in device string!
[  840.068709][T17548] 
[  840.069005][T17548] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  840.100367][T17547] CIFS mount error: No usable UNC path provided in device string!
[  840.100367][T17547] 
[  840.163211][T17547] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  840.517248][T17555] FAULT_INJECTION: forcing a failure.
[  840.517248][T17555] name failslab, interval 1, probability 0, space 0, times 0
[  840.564707][T17555] CPU: 0 UID: 0 PID: 17555 Comm: syz.0.4223 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  840.564745][T17555] Tainted: [U]=USER
[  840.564753][T17555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  840.564765][T17555] Call Trace:
[  840.564772][T17555]  <TASK>
[  840.564781][T17555]  dump_stack_lvl+0x16c/0x1f0
[  840.564819][T17555]  should_fail_ex+0x512/0x640
[  840.564853][T17555]  ? __kmalloc_noprof+0xbf/0x510
[  840.564880][T17555]  ? __netlink_kernel_create+0x17f/0x750
[  840.564909][T17555]  should_failslab+0xc2/0x120
[  840.564944][T17555]  __kmalloc_noprof+0xd2/0x510
[  840.564976][T17555]  __netlink_kernel_create+0x17f/0x750
[  840.565008][T17555]  ? __pfx___netlink_kernel_create+0x10/0x10
[  840.565048][T17555]  fib_net_init+0x26d/0x3f0
[  840.565076][T17555]  ? __pfx___register_sysctl_table+0x10/0x10
[  840.565104][T17555]  ? __pfx_fib_net_init+0x10/0x10
[  840.565132][T17555]  ? lockdep_init_map_type+0x5c/0x280
[  840.565163][T17555]  ? __pfx_nl_fib_input+0x10/0x10
[  840.565196][T17555]  ? devinet_init_net+0x5c2/0x910
[  840.565230][T17555]  ? __pfx_fib_net_init+0x10/0x10
[  840.565257][T17555]  ops_init+0x1e2/0x5f0
[  840.565289][T17555]  setup_net+0x21e/0x850
[  840.565322][T17555]  ? __pfx_setup_net+0x10/0x10
[  840.565350][T17555]  ? lockdep_init_map_type+0x5c/0x280
[  840.565380][T17555]  ? __pfx_down_read_killable+0x10/0x10
[  840.565406][T17555]  ? debug_mutex_init+0x37/0x70
[  840.565433][T17555]  copy_net_ns+0x2a6/0x5f0
[  840.565469][T17555]  create_new_namespaces+0x3ea/0xad0
[  840.565501][T17555]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  840.565530][T17555]  ksys_unshare+0x45b/0xa40
[  840.565562][T17555]  ? __pfx_ksys_unshare+0x10/0x10
[  840.565591][T17555]  ? xfd_validate_state+0x5d/0x180
[  840.565625][T17555]  ? rcu_is_watching+0x12/0xc0
[  840.565651][T17555]  __x64_sys_unshare+0x31/0x40
[  840.565698][T17555]  do_syscall_64+0xcd/0x230
[  840.565735][T17555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.565757][T17555] RIP: 0033:0x7f22a418e969
[  840.565786][T17555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  840.565806][T17555] RSP: 002b:00007f22a4f64038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  840.565825][T17555] RAX: ffffffffffffffda RBX: 00007f22a43b5fa0 RCX: 00007f22a418e969
[  840.565840][T17555] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080
[  840.565852][T17555] RBP: 00007f22a4210ab1 R08: 0000000000000000 R09: 0000000000000000
[  840.565865][T17555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  840.565877][T17555] R13: 0000000000000000 R14: 00007f22a43b5fa0 R15: 00007ffc940bc3e8
[  840.565903][T17555]  </TASK>
[  841.553313][T17574] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  842.860219][T17598] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  842.881218][T17600] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  843.727015][T17611] ubi0: attaching mtd0
[  843.755850][T17611] ubi0: scanning is finished
[  843.917628][T17611] ubi0 error: ubi_read_volume_table: the layout volume was not found
[  844.117979][T17611] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[  844.725432][T17627] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[  845.604402][T17646] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4241'.
[  846.533430][T17682] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  846.655254][T17685] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:14: corrupted xattr entries
[  846.697125][T17686] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  846.736243][T17688] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  846.788600][T17690] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  846.854199][T17693] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:14: corrupted xattr entries
[  846.892876][T17692] netlink: 252 bytes leftover after parsing attributes in process `syz.2.4251'.
[  846.958977][T17695] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  847.033178][T17696] FAULT_INJECTION: forcing a failure.
[  847.033178][T17696] name failslab, interval 1, probability 0, space 0, times 0
[  847.054060][T17698] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:14: corrupted xattr entries
[  847.069825][T17700] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  847.076762][T17696] CPU: 0 UID: 0 PID: 17696 Comm: syz.3.4252 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  847.076813][T17696] Tainted: [U]=USER
[  847.076823][T17696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  847.076858][T17696] Call Trace:
[  847.076868][T17696]  <TASK>
[  847.076880][T17696]  dump_stack_lvl+0x16c/0x1f0
[  847.076938][T17696]  should_fail_ex+0x512/0x640
[  847.076987][T17696]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  847.077033][T17696]  should_failslab+0xc2/0x120
[  847.077074][T17696]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  847.077115][T17696]  ? __d_alloc+0x31/0xaa0
[  847.077150][T17696]  ? finish_task_switch.isra.0+0x221/0xc10
[  847.077191][T17696]  __d_alloc+0x31/0xaa0
[  847.077231][T17696]  d_alloc+0x4a/0x1e0
[  847.077269][T17696]  d_alloc_parallel+0xe3/0x12e0
[  847.077326][T17696]  ? find_held_lock+0x2b/0x80
[  847.077361][T17696]  ? __pfx_d_alloc_parallel+0x10/0x10
[  847.077412][T17696]  ? __d_lookup+0x266/0x4a0
[  847.077467][T17696]  lookup_open.isra.0+0x665/0x1580
[  847.077526][T17696]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  847.077608][T17696]  ? mnt_get_write_access+0x20c/0x300
[  847.077655][T17696]  path_openat+0x905/0x2d40
[  847.077725][T17696]  ? __pfx_path_openat+0x10/0x10
[  847.077770][T17696]  do_filp_open+0x20b/0x470
[  847.077803][T17696]  ? __pfx_do_filp_open+0x10/0x10
[  847.077867][T17696]  ? alloc_fd+0x471/0x7d0
[  847.077931][T17696]  do_sys_openat2+0x11b/0x1d0
[  847.078019][T17696]  ? __pfx_do_sys_openat2+0x10/0x10
[  847.078116][T17696]  __x64_sys_openat+0x174/0x210
[  847.078174][T17696]  ? __pfx___x64_sys_openat+0x10/0x10
[  847.078244][T17696]  ? rcu_is_watching+0x12/0xc0
[  847.078305][T17696]  do_syscall_64+0xcd/0x230
[  847.078385][T17696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  847.078464][T17696] RIP: 0033:0x7ffabab8e969
[  847.078498][T17696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  847.078549][T17696] RSP: 002b:00007ffabba55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  847.078604][T17696] RAX: ffffffffffffffda RBX: 00007ffabadb5fa0 RCX: 00007ffabab8e969
[  847.078645][T17696] RDX: 0000000000020200 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  847.078680][T17696] RBP: 00007ffabac10ab1 R08: 0000000000000000 R09: 0000000000000000
[  847.078715][T17696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  847.078751][T17696] R13: 0000000000000000 R14: 00007ffabadb5fa0 R15: 00007ffcbafb0918
[  847.078841][T17696]  </TASK>
[  847.338012][T17701] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  847.610831][T17704] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4253'.
[  848.921679][T17726] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4258'.
[  849.397196][T17741] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  851.644820][T17779] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4269'.
[  851.921359][T17783] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4271'.
[  852.650464][T17797] EXT4-fs error: 5 callbacks suppressed
[  852.650488][T17797] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  852.689526][T17800] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  853.113390][T17809] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  853.188717][T17810] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  855.434785][T17846] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:14: corrupted xattr entries
[  855.472666][T17849] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  857.152475][T17876] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  857.167585][T17875] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  857.276253][T17881] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  860.582563][T17926] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4304'.
[  860.825876][T17930] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  860.848497][T17931] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:4: corrupted xattr entries
[  861.809837][T17944] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  862.071740][T17952] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  862.116802][T17953] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  862.820862][T17961] random: crng reseeded on system resumption
	

	
		
	
	
		
	
	
	
		
	


	
	

	
	
		
	
	
	
		
	
	
	
		
	
	

	
		



	

	

	
		

	
		

	


		

		
	
		
	
	

	



			








	






	





	
	
	
	


	






	








	









		












	
	

	
		
	

	
		
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	

	
		
	

	
	
	
	
	
	
	
	

	

	
	

	
		

	
		

	


	
	

		
	
		
	
	

	



			








	







	



	
	
		







	

	

	

		
		
		
		


	
	


		
		


		


	

		


















	


	
	








	






	







		









	

	
		



	
	
		
	
	
	
		
	

	

	
		
	

	

	
		
	

	
		

	



	
		
	


	
		

	


	
	

		
	
		
	
	

	



			








	

	
	






	







	






	
		
			
	






	






	







		













	
	
		
	
	

	

		
		
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	




	
				
	
	
		
	
	
	
		
	
	
	
		
	
	

	
		
	
	
		
	
	
	
	
		

	
		

	



	
	
		

	



	
	



	
	

	
	
		
	
	
	
		
	
	

	
		

	
		

	


	
	

		
	
		
	
	

	



			








	




	




















		
	
	

	





	


















	
	

	








	








	







		












				

	
	
		
	
	
	
		
	
	

	
		

	
		

	


	
	

		
	
		
	
	

	



			








	





	











	



	

	

	


	


	



	

	



	



	

		

		
	


	


		
	

		
	
	
	
	
	
	
	






	






	






		









	
	
		
	
	
	
		
	
	
	
	
	
	
	
	
		
	

		
	




		
		

		
		


	

	

	
	
		
		

		
		


	

	

	
	


	
	


		
	
	


	
	


		
	
	

	




	









		









	



	
	






			
	

		

	





		



	
		

	






		









	



	
	






			
	

		

	





		



	
		

	

	

	
		






	
	
	
			

			

			

			


	
		

	
		

		
		

		
	
	

		
		

		
	
	

	
	
		
	
	
	
		
	
	

	
		
	
	
		
	
	
	
		
	

	
		


	
	
		
	
	
	
		
	
	
	
	
	
		
	

	

	


	


	





	

	









	

	




			
	
			
	
			
	
			
	


				


			


				


			
	
	
	

	
		
	

	
		
	
	



	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	

	
		
	

	
		
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
	
	
	
	

	
		
	

	
		
	
	
		
	

		
	




		
		

		
		


	

	

	
	
		
		

		
		


	

	

	
	


	
	


		
	
	


	
	


		
	
	

	




	









		









	



	
	






			
	

		

	
	
	





		



	
		

	






		









	



	
	






			
	

		

	





		



	
		

	

	

	
		






	
			

			

			

			

	
	



	
	
		
	

	
		

	
		

		
		

		
	
	

		
		

		
	
	




		
		
	


		
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	

	
		


	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	

	
	
				
		





	

	


	


	
		


	







	

	









	

	




			
	
			
	
			
	
			
	
	
	


				


			


				


			



		


	
	
	

	
		



	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	
	

	
		
	
	
		
	
	
	
		
	
	
	
		
	
	

	
		
	

	
		
	

	
		
	

	
		
	
	
		
	
	
	
		
	
	
	
		
	
	
	
		
	

	
				
	
		
	
	

	
	
	

	
		
	
	
	
	
	
	
		
		

	
	
		
	
	
	
		
	
	
	

	


syzkaller
syzkaller login: [  941.490793][T19137] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  941.556133][T19139] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  942.177954][T19146] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  942.211610][T19148] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  942.451336][T19152] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4567'.
[  944.139578][T19169] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[  945.199532][T19183] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4575'.
[  945.577703][T19187] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  947.010873][T19208] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  947.103401][T19210] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  950.103720][T19236] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  950.349397][T19239] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  951.399360][T19247] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4588'.
[  951.609378][T19249] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4589'.
[  951.874669][T19257] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  951.915572][T19261] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  953.201998][T19279] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  954.698229][T19302] vmstat_refresh: nr_hugetlb -7680
[  956.292451][T19319] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  956.322814][T19320] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  956.674408][T19326] CIFS: VFS: Unsupported security flags: 0x10
[  956.782667][T19329] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  956.967295][T19332] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  957.138260][T19337] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4609'.
[  959.278189][T19359] FAULT_INJECTION: forcing a failure.
[  959.278189][T19359] name fail_futex, interval 1, probability 0, space 0, times 0
[  959.318658][T19359] CPU: 1 UID: 0 PID: 19359 Comm: syz.6.4613 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  959.318718][T19359] Tainted: [U]=USER
[  959.318728][T19359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  959.318746][T19359] Call Trace:
[  959.318756][T19359]  <TASK>
[  959.318768][T19359]  dump_stack_lvl+0x16c/0x1f0
[  959.318820][T19359]  should_fail_ex+0x512/0x640
[  959.318876][T19359]  get_futex_key+0x49e/0x1000
[  959.318919][T19359]  ? __pfx_get_futex_key+0x10/0x10
[  959.318967][T19359]  futex_wake+0xe7/0x4e0
[  959.319013][T19359]  ? __pfx_futex_wake+0x10/0x10
[  959.319070][T19359]  ? kmem_cache_free+0x2d4/0x4d0
[  959.319102][T19359]  ? fd_install+0x225/0x750
[  959.319127][T19359]  ? putname+0x154/0x1a0
[  959.319164][T19359]  do_futex+0x1e3/0x350
[  959.319195][T19359]  ? __pfx_do_futex+0x10/0x10
[  959.319230][T19359]  __x64_sys_futex+0x1e0/0x4c0
[  959.319265][T19359]  ? __x64_sys_openat+0x174/0x210
[  959.319305][T19359]  ? __pfx___x64_sys_futex+0x10/0x10
[  959.319341][T19359]  ? rcu_is_watching+0x12/0xc0
[  959.319380][T19359]  do_syscall_64+0xcd/0x230
[  959.319428][T19359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  959.319460][T19359] RIP: 0033:0x7f0ed6f8e969
[  959.319483][T19359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  959.319514][T19359] RSP: 002b:00007f0ed7ed00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  959.319542][T19359] RAX: ffffffffffffffda RBX: 00007f0ed71b5fa8 RCX: 00007f0ed6f8e969
[  959.319562][T19359] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f0ed71b5fac
[  959.319581][T19359] RBP: 00007f0ed71b5fa0 R08: 00007f0ed7ed1000 R09: 0000000000000000
[  959.319600][T19359] R10: 0000000000000005 R11: 0000000000000246 R12: 00007f0ed71b5fac
[  959.319619][T19359] R13: 0000000000000000 R14: 00007fffd136d4b0 R15: 00007fffd136d598
[  959.319657][T19359]  </TASK>
[  959.821737][T19374] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4616'.
[  959.847136][T19375] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  962.552167][ T5141] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  964.582920][T19434] CIFS: VFS: Unsupported security flags: 0x10
[  964.867674][T19442] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  964.903354][T19443] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  965.397546][T19454] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  965.411035][T19455] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  965.525327][T19458] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  965.547334][T19459] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  965.726692][T19461] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4634'.
[  965.726738][T19461] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  965.726782][T19461] batman_adv: batadv0: Removing interface: batadv_slave_0
[  965.731775][T19461] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  965.731803][T19461] batman_adv: batadv0: Removing interface: batadv_slave_1
[  967.127754][T19481] netlink: zone id is out of range
[  967.132938][T19481] netlink: zone id is out of range
[  967.302151][T19489] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  967.305236][T19487] ima: policy update failed
[  967.321373][   T30] audit: type=1807 audit(4295019313.235:42): UNKNOWN=ђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџџџђџ
[  967.321564][   T30] audit: type=1802 audit(4295019313.235:43): pid=19487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.4.4643" res=0 errno=0
[  967.412634][    C1] vkms_vblank_simulate: vblank timer overrun
[  967.442860][   T30] audit: type=1802 audit(4295019313.345:44): pid=19487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.4643" res=0 errno=0
[  967.908379][T19497] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  968.964181][T19510] CIFS: VFS: Unsupported security flags: 0x10
[  969.763859][ T5141] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18
[  969.814311][   T30] audit: type=1800 audit(4295019323.745:45): pid=19529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4651" name="dbroot" dev="configfs" ino=72462 res=0 errno=0
[  969.846993][T19530] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  970.246059][T19541] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  970.297606][T19542] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  972.013511][T19560] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  972.029350][T19561] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  972.167746][T19562] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  973.551065][T19580] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  973.835321][T19589] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4665'.
[  974.055072][T19593] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  974.069780][T19594] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  974.083863][T19591] could not allocate digest TFM handle 
[  976.762014][T19625] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  976.994264][T19627] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4674'.
[  977.232910][T15776] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  977.242235][T15776] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  977.250635][T15776] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  977.262927][T15776] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  977.272160][T15776] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  978.029887][T19645] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  978.119171][T19634] chnl_net:caif_netlink_parms(): no params data found
[  978.212431][T19647] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4679'.
[  978.539800][T19634] bridge0: port 1(bridge_slave_0) entered blocking state
[  978.576888][T19634] bridge0: port 1(bridge_slave_0) entered disabled state
[  978.584168][T19634] bridge_slave_0: entered allmulticast mode
[  978.602223][T19634] bridge_slave_0: entered promiscuous mode
[  978.611532][T19634] bridge0: port 2(bridge_slave_1) entered blocking state
[  978.624961][T19634] bridge0: port 2(bridge_slave_1) entered disabled state
[  978.644840][T19634] bridge_slave_1: entered allmulticast mode
[  978.671484][T19634] bridge_slave_1: entered promiscuous mode
[  978.744289][T19634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  978.806350][T19634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  978.965447][T19634] team0: Port device team_slave_0 added
[  979.037305][T19634] team0: Port device team_slave_1 added
[  979.253205][T19634] batman_adv: batadv0: Adding interface: batadv_slave_0
[  979.264447][T19634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  979.326465][T19634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  979.362546][T19634] batman_adv: batadv0: Adding interface: batadv_slave_1
[  979.379024][T19634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  979.405181][T15776] Bluetooth: hci6: command tx timeout
[  979.454607][T19634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  979.823909][T19634] hsr_slave_0: entered promiscuous mode
[  979.833395][T19634] hsr_slave_1: entered promiscuous mode
[  979.841073][T19634] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  979.849672][T19634] Cannot create hsr debugfs directory
[  980.488502][T19634] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  980.535819][T19634] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  980.554951][T19634] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  980.611340][T19634] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  980.789694][T19634] 8021q: adding VLAN 0 to HW filter on device bond0
[  980.824897][T19634] 8021q: adding VLAN 0 to HW filter on device team0
[  980.841883][T18641] bridge0: port 1(bridge_slave_0) entered blocking state
[  980.849112][T18641] bridge0: port 1(bridge_slave_0) entered forwarding state
[  980.895493][ T3026] bridge0: port 2(bridge_slave_1) entered blocking state
[  980.902712][ T3026] bridge0: port 2(bridge_slave_1) entered forwarding state
[  981.000318][T19679] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  981.021946][T19680] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  981.036444][T19682] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  981.053384][T19683] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  981.100186][T19685] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  981.122901][T19686] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  981.466431][T15776] Bluetooth: hci6: command tx timeout
[  981.472225][T19634] 8021q: adding VLAN 0 to HW filter on device batadv0
[  981.520917][T19688] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  981.607868][T19690] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  981.767768][T19693] EXT4-fs error: 1 callbacks suppressed
[  981.767793][T19693] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  981.869914][T19695] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  981.926870][T19696] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[  982.064310][T19634] veth0_vlan: entered promiscuous mode
[  982.138845][T19634] veth1_vlan: entered promiscuous mode
[  982.568349][T19634] veth0_macvtap: entered promiscuous mode
[  982.602438][T19634] veth1_macvtap: entered promiscuous mode
[  982.692599][T19634] batman_adv: batadv0: Interface activated: batadv_slave_0
[  982.732563][T19634] batman_adv: batadv0: Interface activated: batadv_slave_1
[  982.771582][T19634] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  982.781759][T19634] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  982.792597][T19634] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  982.812345][T19634] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  983.133420][ T8549] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  983.134060][ T8544] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  983.163607][ T8544] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  983.235687][ T8549] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  983.547029][T15776] Bluetooth: hci6: command tx timeout
[  985.005416][T19730] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  985.064474][T19731] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  985.626586][T15776] Bluetooth: hci6: command tx timeout
[  985.757775][T19741] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  987.425735][ T5141] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  987.435835][ T5141] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  987.449153][ T5141] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  987.466792][ T5141] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  987.474886][ T5141] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  987.758408][T19765] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4705'.
[  987.759726][T19763] bond0: no command found in slaves file - use +ifname or -ifname
[  988.176963][T19769] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  988.265836][T19756] chnl_net:caif_netlink_parms(): no params data found
[  988.915176][T19756] bridge0: port 1(bridge_slave_0) entered blocking state
[  988.966943][T19756] bridge0: port 1(bridge_slave_0) entered disabled state
[  988.987332][T19756] bridge_slave_0: entered allmulticast mode
[  988.997343][T19756] bridge_slave_0: entered promiscuous mode
[  989.036078][T19756] bridge0: port 2(bridge_slave_1) entered blocking state
[  989.099970][T19756] bridge0: port 2(bridge_slave_1) entered disabled state
[  989.107592][T19756] bridge_slave_1: entered allmulticast mode
[  989.115517][T19756] bridge_slave_1: entered promiscuous mode
[  989.123089][T19786] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4709'.
[  989.158480][T19790] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4709'.
[  989.324188][T19756] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  989.383993][T19756] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  989.546445][T15776] Bluetooth: hci7: command tx timeout
[  989.608101][T19756] team0: Port device team_slave_0 added
[  989.650289][T19756] team0: Port device team_slave_1 added
[  989.812641][T19798] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[  989.969691][T19756] batman_adv: batadv0: Adding interface: batadv_slave_0
[  989.996606][T19756] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  990.044605][T19756] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  990.065860][T19756] batman_adv: batadv0: Adding interface: batadv_slave_1
[  990.072964][T19756] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  990.125098][T19756] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  990.177248][T19801] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4714'.
[  990.485682][T19756] hsr_slave_0: entered promiscuous mode
[  990.497913][T19756] hsr_slave_1: entered promiscuous mode
[  990.505642][T19756] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  990.516192][T19756] Cannot create hsr debugfs directory
[  991.626487][T15776] Bluetooth: hci7: command tx timeout
[  991.718841][T19756] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  991.809352][T19756] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  991.867825][T19756] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  991.951134][T19756] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  992.089058][T19822] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[  992.148002][T19823] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  992.366006][T19826] FAULT_INJECTION: forcing a failure.
[  992.366006][T19826] name failslab, interval 1, probability 0, space 0, times 0
[  992.411311][T19826] CPU: 0 UID: 0 PID: 19826 Comm: syz.5.4719 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[  992.411362][T19826] Tainted: [U]=USER
[  992.411373][T19826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  992.411390][T19826] Call Trace:
[  992.411400][T19826]  <TASK>
[  992.411411][T19826]  dump_stack_lvl+0x16c/0x1f0
[  992.411475][T19826]  should_fail_ex+0x512/0x640
[  992.411521][T19826]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  992.411564][T19826]  should_failslab+0xc2/0x120
[  992.411611][T19826]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  992.411647][T19826]  ? __d_alloc+0x31/0xaa0
[  992.411690][T19826]  __d_alloc+0x31/0xaa0
[  992.411743][T19826]  d_alloc+0x4a/0x1e0
[  992.411778][T19826]  d_alloc_parallel+0xe3/0x12e0
[  992.411828][T19826]  ? is_bpf_text_address+0x94/0x1a0
[  992.411868][T19826]  ? kernel_text_address+0x8d/0x100
[  992.411893][T19826]  ? __x64_sys_ioctl+0x190/0x200
[  992.411935][T19826]  ? __kernel_text_address+0xd/0x40
[  992.411962][T19826]  ? unwind_get_return_address+0x59/0xa0
[  992.411999][T19826]  ? __pfx_d_alloc_parallel+0x10/0x10
[  992.412047][T19826]  ? lockdep_init_map_type+0x5c/0x280
[  992.412092][T19826]  ? lockdep_init_map_type+0x5c/0x280
[  992.412142][T19826]  __lookup_slow+0x193/0x460
[  992.412185][T19826]  ? __pfx___lookup_slow+0x10/0x10
[  992.412232][T19826]  ? __bpf_trace_mm_compaction_end+0xc0/0x1e0
[  992.412289][T19826]  ? __bpf_trace_mm_compaction_end+0xc0/0x1e0
[  992.412339][T19826]  ? d_lookup+0xe7/0x190
[  992.412387][T19826]  lookup_one_len+0x17f/0x1b0
[  992.412428][T19826]  ? __pfx_lookup_one_len+0x10/0x10
[  992.412472][T19826]  ? mntput+0x10/0x90
[  992.412520][T19826]  start_creating.part.0+0x12f/0x3a0
[  992.412567][T19826]  __debugfs_create_file+0xa7/0x6b0
[  992.412619][T19826]  debugfs_create_file_full+0x41/0x60
[  992.412677][T19826]  kvm_dev_ioctl+0x14ff/0x1ad0
[  992.412728][T19826]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  992.412782][T19826]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  992.412819][T19826]  __x64_sys_ioctl+0x190/0x200
[  992.412865][T19826]  do_syscall_64+0xcd/0x230
[  992.412915][T19826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  992.412945][T19826] RIP: 0033:0x7f887d38e969
[  992.412976][T19826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  992.413006][T19826] RSP: 002b:00007f887e234038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  992.413033][T19826] RAX: ffffffffffffffda RBX: 00007f887d5b5fa0 RCX: 00007f887d38e969
[  992.413052][T19826] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002
[  992.413081][T19826] RBP: 00007f887d410ab1 R08: 0000000000000000 R09: 0000000000000000
[  992.413098][T19826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  992.413115][T19826] R13: 0000000000000000 R14: 00007f887d5b5fa0 R15: 00007ffe04dc3df8
[  992.413151][T19826]  </TASK>
[  992.825728][T19756] 8021q: adding VLAN 0 to HW filter on device bond0
[  992.980934][T19756] 8021q: adding VLAN 0 to HW filter on device team0
[  993.075611][ T8548] bridge0: port 1(bridge_slave_0) entered blocking state
[  993.082934][ T8548] bridge0: port 1(bridge_slave_0) entered forwarding state
[  993.284100][ T8552] bridge0: port 2(bridge_slave_1) entered blocking state
[  993.291414][ T8552] bridge0: port 2(bridge_slave_1) entered forwarding state
[  993.611984][T19837] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  993.670772][T19838] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  993.706363][T15776] Bluetooth: hci7: command tx timeout
[  993.960145][T19842] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  994.002401][T19843] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  994.128674][T19845] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  994.203869][T19846] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[  994.466113][T19756] 8021q: adding VLAN 0 to HW filter on device batadv0
[  994.507977][T19852] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  994.580662][T19853] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[  994.727313][T19856] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  994.794420][T19857] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  995.264062][T19756] veth0_vlan: entered promiscuous mode
[  995.303879][T19756] veth1_vlan: entered promiscuous mode
[  995.391850][T19756] veth0_macvtap: entered promiscuous mode
[  995.414867][T19756] veth1_macvtap: entered promiscuous mode
[  995.468437][T19756] batman_adv: batadv0: Interface activated: batadv_slave_0
[  995.637947][T19756] batman_adv: batadv0: Interface activated: batadv_slave_1
[  995.676061][T19756] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  995.687995][T19756] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  995.697448][T19756] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  995.717165][T19756] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  995.787339][T15776] Bluetooth: hci7: command tx timeout
[  996.025230][ T8552] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  996.103319][ T8552] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  996.191404][ T8551] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  996.251335][ T8551] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  997.359846][T19898] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4732'.
[  997.763148][T19898] bond0: (slave bond_slave_0): Releasing backup interface
[  998.038529][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  998.044899][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  998.686620][T19912] EXT4-fs error: 2 callbacks suppressed
[  998.686637][T19912] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  998.777589][T19915] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[  998.812607][T19916] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  998.863318][T19918] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[  999.957835][T19927] netlink: 334 bytes leftover after parsing attributes in process `syz.2.4739'.
[ 1000.190703][T19927] netlink: 'syz.2.4739': attribute type 1 has an invalid length.
[ 1000.678308][T19935] netlink: 186 bytes leftover after parsing attributes in process `syz.5.4742'.
[ 1000.725154][T19937] netlink: 326 bytes leftover after parsing attributes in process `syz.8.4743'.
[ 1001.018809][T19939] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4744'.
[ 1001.454729][T19955] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1002.698040][T19972] CIFS: VFS: Unsupported security flags: 0x10
[ 1002.944380][T19976] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4753'.
[ 1004.606590][T19996] FAULT_INJECTION: forcing a failure.
[ 1004.606590][T19996] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1004.635096][T19996] CPU: 1 UID: 0 PID: 19996 Comm: syz.8.4759 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[ 1004.635145][T19996] Tainted: [U]=USER
[ 1004.635155][T19996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1004.635173][T19996] Call Trace:
[ 1004.635183][T19996]  <TASK>
[ 1004.635194][T19996]  dump_stack_lvl+0x16c/0x1f0
[ 1004.635255][T19996]  should_fail_ex+0x512/0x640
[ 1004.635304][T19996]  _copy_from_user+0x2e/0xd0
[ 1004.635333][T19996]  memdup_user_nul+0x6c/0x120
[ 1004.635376][T19996]  proc_simple_write+0xc7/0x1b0
[ 1004.635414][T19996]  ? __pfx_proc_simple_write+0x10/0x10
[ 1004.635453][T19996]  proc_reg_write+0x23d/0x330
[ 1004.635489][T19996]  vfs_write+0x25c/0x1180
[ 1004.635515][T19996]  ? __pfx_proc_reg_write+0x10/0x10
[ 1004.635552][T19996]  ? __pfx___mutex_lock+0x10/0x10
[ 1004.635598][T19996]  ? __pfx_vfs_write+0x10/0x10
[ 1004.635656][T19996]  ? __fget_files+0x20e/0x3c0
[ 1004.635697][T19996]  ksys_write+0x12a/0x240
[ 1004.635729][T19996]  ? __pfx_ksys_write+0x10/0x10
[ 1004.635757][T19996]  ? rcu_is_watching+0x12/0xc0
[ 1004.635808][T19996]  do_syscall_64+0xcd/0x230
[ 1004.635860][T19996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1004.635892][T19996] RIP: 0033:0x7f5e5ff8e969
[ 1004.635927][T19996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1004.635955][T19996] RSP: 002b:00007f5e60dd9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1004.635982][T19996] RAX: ffffffffffffffda RBX: 00007f5e601b5fa0 RCX: 00007f5e5ff8e969
[ 1004.636018][T19996] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000000000000a
[ 1004.636037][T19996] RBP: 00007f5e60dd9090 R08: 0000000000000000 R09: 0000000000000000
[ 1004.636068][T19996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1004.636085][T19996] R13: 0000000000000000 R14: 00007f5e601b5fa0 R15: 00007ffe431a4208
[ 1004.636124][T19996]  </TASK>
[ 1005.374198][T20006] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4763'.
[ 1005.626062][T20012] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4764'.
[ 1005.998915][T20019] CIFS: VFS: Unsupported security flags: 0x10
[ 1006.304646][T20025] FAULT_INJECTION: forcing a failure.
[ 1006.304646][T20025] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1006.321164][T20025] CPU: 1 UID: 0 PID: 20025 Comm: syz.8.4770 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[ 1006.321213][T20025] Tainted: [U]=USER
[ 1006.321223][T20025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1006.321240][T20025] Call Trace:
[ 1006.321250][T20025]  <TASK>
[ 1006.321262][T20025]  dump_stack_lvl+0x16c/0x1f0
[ 1006.321315][T20025]  should_fail_ex+0x512/0x640
[ 1006.321380][T20025]  _copy_to_user+0x32/0xd0
[ 1006.321414][T20025]  simple_read_from_buffer+0xcb/0x170
[ 1006.321473][T20025]  proc_fail_nth_read+0x197/0x270
[ 1006.321520][T20025]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1006.321571][T20025]  ? rw_verify_area+0xcf/0x680
[ 1006.321617][T20025]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1006.321665][T20025]  vfs_read+0x1de/0xc70
[ 1006.321701][T20025]  ? __pfx___mutex_lock+0x10/0x10
[ 1006.321749][T20025]  ? __pfx_vfs_read+0x10/0x10
[ 1006.321793][T20025]  ? __fget_files+0x20e/0x3c0
[ 1006.321834][T20025]  ksys_read+0x12a/0x240
[ 1006.321865][T20025]  ? __pfx_ksys_read+0x10/0x10
[ 1006.321894][T20025]  ? rcu_is_watching+0x12/0xc0
[ 1006.321936][T20025]  do_syscall_64+0xcd/0x230
[ 1006.321988][T20025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1006.322020][T20025] RIP: 0033:0x7f5e5ff8d37c
[ 1006.322044][T20025] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1006.322074][T20025] RSP: 002b:00007f5e60dd9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1006.322104][T20025] RAX: ffffffffffffffda RBX: 00007f5e601b5fa0 RCX: 00007f5e5ff8d37c
[ 1006.322124][T20025] RDX: 000000000000000f RSI: 00007f5e60dd90a0 RDI: 000000000000000b
[ 1006.322143][T20025] RBP: 00007f5e60dd9090 R08: 0000000000000000 R09: 0000000000000000
[ 1006.322163][T20025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1006.322182][T20025] R13: 0000000000000000 R14: 00007f5e601b5fa0 R15: 00007ffe431a4208
[ 1006.322223][T20025]  </TASK>
[ 1006.615807][T20021] .SR: entered promiscuous mode
[ 1007.211446][T20040] Invalid ELF header magic: != ELF
[ 1007.918056][T20054] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[ 1008.014559][T20056] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1008.274297][T20060] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4778'.
[ 1008.347112][T20064] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:9: corrupted xattr entries
[ 1009.252148][T20073] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1009.437720][T20074] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[ 1009.463309][T20072] could not allocate digest TFM handle 
[ 1009.844776][T20077] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[ 1009.925823][T20078] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[ 1009.959365][T20021] could not allocate digest TFM handle 
[ 1010.017489][T20080] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4784'.
[ 1010.585536][T20095] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4788'.
[ 1010.587042][T20087] netlink: 326 bytes leftover after parsing attributes in process `syz.5.4781'.
[ 1010.756002][T20100] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[ 1010.807385][T20097] bond0: no command found in slaves file - use +ifname or -ifname
[ 1011.266946][T20110] netlink: 346 bytes leftover after parsing attributes in process `syz.5.4793'.
[ 1012.898105][T20135] FAULT_INJECTION: forcing a failure.
[ 1012.898105][T20135] name failslab, interval 1, probability 0, space 0, times 0
[ 1012.984717][T20135] CPU: 0 UID: 0 PID: 20135 Comm: syz.5.4799 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[ 1012.984773][T20135] Tainted: [U]=USER
[ 1012.984784][T20135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1012.984803][T20135] Call Trace:
[ 1012.984813][T20135]  <TASK>
[ 1012.984825][T20135]  dump_stack_lvl+0x16c/0x1f0
[ 1012.984880][T20135]  should_fail_ex+0x512/0x640
[ 1012.984929][T20135]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1012.984966][T20135]  should_failslab+0xc2/0x120
[ 1012.985006][T20135]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1012.985041][T20135]  ? nfs_init_fs_context+0x4f/0x11e0
[ 1012.985090][T20135]  nfs_init_fs_context+0x4f/0x11e0
[ 1012.985135][T20135]  ? __pfx_nfs_init_fs_context+0x10/0x10
[ 1012.985180][T20135]  alloc_fs_context+0x54d/0x9c0
[ 1012.985222][T20135]  __x64_sys_fsopen+0xeb/0x240
[ 1012.985270][T20135]  do_syscall_64+0xcd/0x230
[ 1012.985322][T20135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1012.985354][T20135] RIP: 0033:0x7f887d38e969
[ 1012.985378][T20135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1012.985411][T20135] RSP: 002b:00007f887e213038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[ 1012.985442][T20135] RAX: ffffffffffffffda RBX: 00007f887d5b6080 RCX: 00007f887d38e969
[ 1012.985462][T20135] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1012.985481][T20135] RBP: 00007f887d410ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1012.985501][T20135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1012.985520][T20135] R13: 0000000000000000 R14: 00007f887d5b6080 R15: 00007ffe04dc3df8
[ 1012.985561][T20135]  </TASK>
[ 1014.996449][T20151] netlink: 346 bytes leftover after parsing attributes in process `syz.7.4802'.
[ 1015.145348][T20165] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[ 1015.422570][T20169] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1015.435104][T20168] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[ 1015.464990][T20164] netlink: 330 bytes leftover after parsing attributes in process `syz.8.4808'.
[ 1015.495566][T20171] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[ 1015.569398][T20172] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[ 1015.612026][T20164] : renamed from bond0 (while UP)
[ 1015.778018][T20175] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4809'.
[ 1015.956437][T20177] bond0: no command found in slaves file - use +ifname or -ifname
[ 1018.588030][T20202] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4817'.
[ 1018.796622][T20208] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4819'.
[ 1020.906746][T20236] snd_aloop snd_aloop.0: control 16781581:65533:6:щ'x?FЂщ/шьzFЫЗfCЊсЊ:0 is already present
[ 1021.062988][T20228] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4824'.
[ 1021.513468][T20256] FAULT_INJECTION: forcing a failure.
[ 1021.513468][T20256] name failslab, interval 1, probability 0, space 0, times 0
[ 1021.526890][T20262] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1021.537659][T20256] CPU: 0 UID: 0 PID: 20256 Comm: syz.7.4832 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[ 1021.537713][T20256] Tainted: [U]=USER
[ 1021.537725][T20256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1021.537744][T20256] Call Trace:
[ 1021.537756][T20256]  <TASK>
[ 1021.537769][T20256]  dump_stack_lvl+0x16c/0x1f0
[ 1021.537844][T20256]  should_fail_ex+0x512/0x640
[ 1021.537896][T20256]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1021.537942][T20256]  should_failslab+0xc2/0x120
[ 1021.537987][T20256]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1021.538028][T20256]  ? __kernfs_new_node+0xd2/0x8a0
[ 1021.538070][T20256]  __kernfs_new_node+0xd2/0x8a0
[ 1021.538108][T20256]  ? __pfx___kernfs_new_node+0x10/0x10
[ 1021.538155][T20256]  ? find_held_lock+0x2b/0x80
[ 1021.538191][T20256]  ? kernfs_root+0xee/0x2a0
[ 1021.538234][T20256]  kernfs_new_node+0x13c/0x1e0
[ 1021.538282][T20256]  __kernfs_create_file+0x53/0x350
[ 1021.538335][T20256]  sysfs_add_file_mode_ns+0x207/0x3c0
[ 1021.538402][T20256]  internal_create_group+0x578/0xf30
[ 1021.538457][T20256]  ? __pfx_internal_create_group+0x10/0x10
[ 1021.538500][T20256]  ? kernfs_create_link+0x1bd/0x240
[ 1021.538565][T20256]  internal_create_groups+0x9d/0x150
[ 1021.538602][T20256]  device_add+0x6d1/0x1a70
[ 1021.538652][T20256]  ? __pfx_device_add+0x10/0x10
[ 1021.538696][T20256]  ? lockdep_init_map_type+0x5c/0x280
[ 1021.538739][T20256]  ? __init_waitqueue_head+0xca/0x150
[ 1021.538778][T20256]  netdev_register_kobject+0x182/0x3a0
[ 1021.538829][T20256]  register_netdevice+0x13dc/0x2270
[ 1021.538881][T20256]  ? __pfx_register_netdevice+0x10/0x10
[ 1021.538940][T20256]  internal_dev_create+0x2d3/0x520
[ 1021.538980][T20256]  ovs_vport_add+0x144/0x4d0
[ 1021.539017][T20256]  new_vport+0x16/0x1d0
[ 1021.539062][T20256]  ovs_dp_cmd_new+0x6ba/0xe60
[ 1021.539130][T20256]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 1021.539184][T20256]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1021.539236][T20256]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1021.539315][T20256]  genl_family_rcv_msg_doit+0x206/0x2f0
[ 1021.539372][T20256]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1021.539441][T20256]  ? trace_cap_capable+0x18d/0x200
[ 1021.539485][T20256]  ? bpf_lsm_capable+0x9/0x10
[ 1021.539519][T20256]  ? security_capable+0x7e/0x260
[ 1021.539554][T20256]  ? ns_capable+0xd7/0x110
[ 1021.539591][T20256]  genl_rcv_msg+0x55c/0x800
[ 1021.539644][T20256]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1021.539691][T20256]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1021.539722][T20256]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 1021.539769][T20256]  ? __lock_acquire+0xaa4/0x1ba0
[ 1021.539818][T20256]  netlink_rcv_skb+0x16a/0x440
[ 1021.539861][T20256]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1021.539910][T20256]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1021.539992][T20256]  ? __pfx_down_read+0x10/0x10
[ 1021.540026][T20256]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1021.540076][T20256]  genl_rcv+0x28/0x40
[ 1021.540139][T20256]  netlink_unicast+0x53d/0x7f0
[ 1021.540192][T20256]  ? __pfx_netlink_unicast+0x10/0x10
[ 1021.540236][T20256]  ? __lock_acquire+0xaa4/0x1ba0
[ 1021.540293][T20256]  netlink_sendmsg+0x8d1/0xdd0
[ 1021.540350][T20256]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1021.540424][T20256]  ____sys_sendmsg+0xa95/0xc70
[ 1021.540481][T20256]  ? copy_msghdr_from_user+0x10a/0x160
[ 1021.540523][T20256]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1021.540587][T20256]  ? try_to_wake_up+0xa2f/0x1680
[ 1021.540629][T20256]  ___sys_sendmsg+0x134/0x1d0
[ 1021.540675][T20256]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1021.540777][T20256]  __sys_sendmsg+0x16d/0x220
[ 1021.540821][T20256]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1021.540863][T20256]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1021.540914][T20256]  ? rcu_is_watching+0x12/0xc0
[ 1021.540962][T20256]  do_syscall_64+0xcd/0x230
[ 1021.541018][T20256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1021.541054][T20256] RIP: 0033:0x7f287718e969
[ 1021.541081][T20256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1021.541114][T20256] RSP: 002b:00007f2878055038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1021.541145][T20256] RAX: ffffffffffffffda RBX: 00007f28773b5fa0 RCX: 00007f287718e969
[ 1021.541168][T20256] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 000000000000000d
[ 1021.541194][T20256] RBP: 00007f2877210ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1021.541214][T20256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1021.541234][T20256] R13: 0000000000000000 R14: 00007f28773b5fa0 R15: 00007fff168d64e8
[ 1021.541291][T20256]  </TASK>
[ 1022.072009][T20259] netlink: set zone limit has 8 unknown bytes
[ 1022.807607][T20279] RDS: rds_bind could not find a transport for ::ffff:10.1.1.2, load rds_tcp or rds_rdma?
[ 1023.036579][T20285] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4837'.
[ 1024.397733][T20308] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[ 1024.442535][T20309] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[ 1024.655442][T20313] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[ 1026.219027][T20333] CIFS: VFS: Invalid SecurityFlags: 
[ 1026.730850][T20343] netlink: 342 bytes leftover after parsing attributes in process `syz.7.4854'.
[ 1026.741009][T20343] netlink: 342 bytes leftover after parsing attributes in process `syz.7.4854'.
[ 1026.764905][T20343] netlink: 342 bytes leftover after parsing attributes in process `syz.7.4854'.
[ 1027.522350][T20364] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[ 1028.390460][T20374] nbd: illegal input index -5
[ 1028.962316][T20377] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4863'.
[ 1029.227860][T20381] CIFS: VFS: Unsupported security flags: 0x10
[ 1030.829632][ T5141] Bluetooth: hci4: command 0x0406 tx timeout
[ 1031.034430][T20420] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1031.087972][T20422] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1032.346976][T20444] bond0: no command found in slaves file - use +ifname or -ifname
[ 1032.371832][T20447] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1032.657702][T20454] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[ 1033.033078][T20465] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[ 1033.628650][T20475] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4892'.
[ 1033.885310][T20480] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23
[ 1034.083054][T20486] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[ 1034.183224][T20490] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[ 1034.353930][T20493] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1034.422354][T20494] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1036.037244][T20508] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4899'.
[ 1036.169123][T20508] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1036.203456][T20508] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1036.237177][T20508] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1036.244626][T20508] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1036.281328][T20514] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:13: corrupted xattr entries
[ 1036.421166][T20519] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1036.633398][T20527] bond0: no command found in slaves file - use +ifname or -ifname
[ 1037.485125][T20542] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[ 1037.508610][T20545] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[ 1037.733231][T20551] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4910'.
[ 1037.765018][T20553] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1037.844471][T20556] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[ 1037.871470][T20557] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[ 1037.899609][T20552] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4909'.
[ 1037.957452][T20552] : renamed from bond0 (while UP)
[ 1038.463053][T20566] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4913'.
[ 1038.884985][T20575] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1039.752529][T20591] netlink: 28 bytes leftover after parsing attributes in process `syz.7.4920'.
[ 1040.221702][T20601] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[ 1040.232639][T20600] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4924'.
[ 1040.288056][T20602] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[ 1040.291130][T20603] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1040.318344][T20605] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1040.334375][T20595] netlink: 330 bytes leftover after parsing attributes in process `syz.7.4922'.
[ 1040.344028][T20595] : renamed from bond0 (while UP)
[ 1040.688672][T20614] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[ 1040.871491][T20618] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[ 1041.046963][T20621] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25
[ 1041.070805][ T5141] Bluetooth: hci5: command 0x0406 tx timeout
[ 1041.280348][T20622] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4927'.
[ 1042.563673][T20642] netlink: 346 bytes leftover after parsing attributes in process `syz.5.4931'.
[ 1043.018151][T20651] netlink: 28 bytes leftover after parsing attributes in process `syz.8.4933'.
[ 1043.035480][T20651] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1043.046078][T20651] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1043.061994][T20651] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1043.076571][T20651] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1045.089091][T20686] netlink: 342 bytes leftover after parsing attributes in process `syz.8.4943'.
[ 1045.106384][T20686] netlink: 342 bytes leftover after parsing attributes in process `syz.8.4943'.
[ 1045.118597][T20686] netlink: 342 bytes leftover after parsing attributes in process `syz.8.4943'.
[ 1045.131651][T20686] netlink: 342 bytes leftover after parsing attributes in process `syz.8.4943'.
[ 1045.359285][T20696] EXT4-fs error: 3 callbacks suppressed
[ 1045.359307][T20696] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1046.103479][T20708] bond0: no command found in slaves file - use +ifname or -ifname
[ 1046.552276][T20720] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[ 1046.578699][T20721] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[ 1047.702797][T20748] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[ 1048.771067][T20756] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4961'.
[ 1049.296337][T20764] netlink: 346 bytes leftover after parsing attributes in process `syz.7.4964'.
[ 1050.060981][T20785] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[ 1050.083374][T20786] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[ 1050.111413][T20789] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1050.175533][T20790] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[ 1050.520900][T20797] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:18: corrupted xattr entries
[ 1050.857284][T20806] Invalid ELF header magic: != ELF
[ 1051.694360][T20820] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1051.781470][T20823] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1052.441008][T20834] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:20: corrupted xattr entries
[ 1052.701660][T20831] netlink: 330 bytes leftover after parsing attributes in process `syz.5.4978'.
[ 1053.536104][T20854] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:0: corrupted xattr entries
[ 1054.052867][T20861] FAULT_INJECTION: forcing a failure.
[ 1054.052867][T20861] name failslab, interval 1, probability 0, space 0, times 0
[ 1054.066529][T20861] CPU: 1 UID: 0 PID: 20861 Comm: syz.5.4984 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[ 1054.066574][T20861] Tainted: [U]=USER
[ 1054.066585][T20861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1054.066601][T20861] Call Trace:
[ 1054.066611][T20861]  <TASK>
[ 1054.066623][T20861]  dump_stack_lvl+0x16c/0x1f0
[ 1054.066673][T20861]  should_fail_ex+0x512/0x640
[ 1054.066719][T20861]  ? __kmalloc_noprof+0xbf/0x510
[ 1054.066757][T20861]  ? iovec_from_user+0x108/0x140
[ 1054.066784][T20861]  should_failslab+0xc2/0x120
[ 1054.066823][T20861]  __kmalloc_noprof+0xd2/0x510
[ 1054.066857][T20861]  ? __lock_acquire+0x5ca/0x1ba0
[ 1054.066906][T20861]  iovec_from_user+0x108/0x140
[ 1054.066942][T20861]  __import_iovec+0x88/0x660
[ 1054.066975][T20861]  ? find_held_lock+0x2b/0x80
[ 1054.067009][T20861]  import_iovec+0x86/0xb0
[ 1054.067045][T20861]  vfs_readv+0x193/0x8a0
[ 1054.067104][T20861]  ? __pfx_vfs_readv+0x10/0x10
[ 1054.067182][T20861]  ? __fget_files+0x20e/0x3c0
[ 1054.067208][T20861]  ? __fget_files+0x1f0/0x3c0
[ 1054.067247][T20861]  ? do_readv+0x295/0x330
[ 1054.067272][T20861]  do_readv+0x295/0x330
[ 1054.067315][T20861]  ? __pfx_do_readv+0x10/0x10
[ 1054.067371][T20861]  ? rcu_is_watching+0x12/0xc0
[ 1054.067414][T20861]  do_syscall_64+0xcd/0x230
[ 1054.067468][T20861]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1054.067501][T20861] RIP: 0033:0x7f887d38e969
[ 1054.067538][T20861] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1054.067567][T20861] RSP: 002b:00007f887e1f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[ 1054.067596][T20861] RAX: ffffffffffffffda RBX: 00007f887d5b6160 RCX: 00007f887d38e969
[ 1054.067616][T20861] RDX: 0000000000000009 RSI: 0000200000000180 RDI: 0000000000000003
[ 1054.067634][T20861] RBP: 00007f887e1f2090 R08: 0000000000000000 R09: 0000000000000000
[ 1054.067653][T20861] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1054.067671][T20861] R13: 0000000000000000 R14: 00007f887d5b6160 R15: 00007ffe04dc3df8
[ 1054.067712][T20861]  </TASK>
[ 1054.490552][T20860] GUP no longer grows the stack in syz.8.4985 (20860): 14000-401000 (4000)
[ 1054.499530][T20860] CPU: 1 UID: 0 PID: 20860 Comm: syz.8.4985 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[ 1054.499581][T20860] Tainted: [U]=USER
[ 1054.499591][T20860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1054.499609][T20860] Call Trace:
[ 1054.499619][T20860]  <TASK>
[ 1054.499631][T20860]  dump_stack_lvl+0x16c/0x1f0
[ 1054.499682][T20860]  gup_vma_lookup+0x1d2/0x220
[ 1054.499733][T20860]  __get_user_pages+0x234/0x36f0
[ 1054.499798][T20860]  ? process_vm_rw_core.constprop.0+0x1d8/0x9a0
[ 1054.499841][T20860]  ? look_up_lock_class+0x59/0x150
[ 1054.499887][T20860]  ? __pfx___get_user_pages+0x10/0x10
[ 1054.499937][T20860]  ? process_vm_rw+0x216/0x2c0
[ 1054.499973][T20860]  ? __x64_sys_process_vm_readv+0xe2/0x1c0
[ 1054.500015][T20860]  ? do_syscall_64+0xcd/0x230
[ 1054.500081][T20860]  __gup_longterm_locked+0x20d/0x1850
[ 1054.500174][T20860]  ? __pfx___gup_longterm_locked+0x10/0x10
[ 1054.500253][T20860]  pin_user_pages_remote+0xed/0x140
[ 1054.500288][T20860]  ? __pfx_pin_user_pages_remote+0x10/0x10
[ 1054.500321][T20860]  ? mm_access+0x22d/0x2e0
[ 1054.500380][T20860]  process_vm_rw_core.constprop.0+0x41b/0x9a0
[ 1054.500433][T20860]  ? futex_wait_queue+0x14c/0x220
[ 1054.500475][T20860]  ? futex_unqueue+0xba/0x140
[ 1054.500519][T20860]  ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10
[ 1054.500569][T20860]  ? iovec_from_user+0xbb/0x140
[ 1054.500622][T20860]  ? iovec_from_user+0xbb/0x140
[ 1054.500659][T20860]  process_vm_rw+0x216/0x2c0
[ 1054.500704][T20860]  ? __pfx_process_vm_rw+0x10/0x10
[ 1054.500795][T20860]  ? xfd_validate_state+0x5d/0x180
[ 1054.500834][T20860]  __x64_sys_process_vm_readv+0xe2/0x1c0
[ 1054.500877][T20860]  ? do_syscall_64+0x91/0x230
[ 1054.500925][T20860]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1054.500969][T20860]  do_syscall_64+0xcd/0x230
[ 1054.501022][T20860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1054.501053][T20860] RIP: 0033:0x7f5e5ff8e969
[ 1054.501081][T20860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1054.501119][T20860] RSP: 002b:00007f5e60db8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136
[ 1054.501146][T20860] RAX: ffffffffffffffda RBX: 00007f5e601b6080 RCX: 00007f5e5ff8e969
[ 1054.501165][T20860] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 00000000000000f8
[ 1054.501183][T20860] RBP: 00007f5e60010ab1 R08: 0000000000000003 R09: 0000000000000000
[ 1054.501200][T20860] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000
[ 1054.501218][T20860] R13: 0000000000000000 R14: 00007f5e601b6080 R15: 00007ffe431a4208
[ 1054.501254][T20860]  </TASK>
[ 1054.758707][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1055.217183][T20876] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1055.356042][T20879] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:11: corrupted xattr entries
[ 1055.399466][T20880] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:21: corrupted xattr entries
[ 1057.542769][T20907] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:5: corrupted xattr entries
[ 1057.558381][   T31] INFO: task syz.3.4438:18516 blocked for more than 143 seconds.
[ 1057.582669][   T31]       Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0
[ 1057.584925][T20908] EXT4-fs error (device sda1): xattr_find_entry:333: inode #1312: comm kworker/u8:17: corrupted xattr entries
[ 1057.615113][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1057.623945][   T31] task:syz.3.4438      state:D stack:27544 pid:18516 tgid:18515 ppid:11306  task_flags:0x400140 flags:0x00020004
[ 1057.636971][   T31] Call Trace:
[ 1057.640612][   T31]  <TASK>
[ 1057.643603][   T31]  __schedule+0x116f/0x5de0
[ 1057.651661][   T31]  ? __lock_acquire+0x5ca/0x1ba0
[ 1057.657753][   T31]  ? __pfx___schedule+0x10/0x10
[ 1057.662691][   T31]  ? find_held_lock+0x2b/0x80
[ 1057.667873][   T31]  ? schedule+0x2d7/0x3a0
[ 1057.672268][   T31]  schedule+0xe7/0x3a0
[ 1057.698967][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1057.704513][   T31]  __mutex_lock+0x6c7/0xb90
[ 1057.726339][   T31]  ? nfsd_nl_threads_set_doit+0x698/0xbf0
[ 1057.733114][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1057.746114][   T31]  ? net_generic+0xea/0x2a0
[ 1057.750768][   T31]  ? nfsd_nl_threads_set_doit+0x698/0xbf0
[ 1057.761229][   T31]  nfsd_nl_threads_set_doit+0x698/0xbf0
[ 1057.776131][   T31]  genl_family_rcv_msg_doit+0x206/0x2f0
[ 1057.786354][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1057.795322][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1057.802687][   T31]  ? bpf_lsm_capable+0x9/0x10
[ 1057.807673][   T31]  ? security_capable+0x7e/0x260
[ 1057.812687][   T31]  genl_rcv_msg+0x55c/0x800
[ 1057.819022][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1057.824219][   T31]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1057.832871][   T31]  ? __pfx_nfsd_nl_threads_set_doit+0x10/0x10
[ 1057.839314][   T31]  ? __lock_acquire+0xaa4/0x1ba0
[ 1057.844698][   T31]  netlink_rcv_skb+0x16a/0x440
[ 1057.850010][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1057.855192][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1057.862762][   T31]  ? __pfx_down_read+0x10/0x10
[ 1057.869593][   T31]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1057.875093][   T31]  genl_rcv+0x28/0x40
[ 1057.891551][   T31]  netlink_unicast+0x53d/0x7f0
[ 1057.900732][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[ 1057.908671][   T31]  ? __lock_acquire+0xaa4/0x1ba0
[ 1057.913714][   T31]  netlink_sendmsg+0x8d1/0xdd0
[ 1057.919071][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1057.924453][   T31]  ____sys_sendmsg+0xa95/0xc70
[ 1057.931865][   T31]  ? copy_msghdr_from_user+0x10a/0x160
[ 1057.940252][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1057.945722][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1057.958842][   T31]  ___sys_sendmsg+0x134/0x1d0
[ 1057.963605][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1057.969950][   T31]  __sys_sendmsg+0x16d/0x220
[ 1057.974611][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1057.983399][   T31]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1057.989344][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1057.995552][   T31]  do_syscall_64+0xcd/0x230
[ 1058.004506][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1058.012905][   T31] RIP: 0033:0x7ffabab8e969
[ 1058.022588][   T31] RSP: 002b:00007ffabba55038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1058.034201][   T31] RAX: ffffffffffffffda RBX: 00007ffabadb5fa0 RCX: 00007ffabab8e969
[ 1058.044507][   T31] RDX: 0000000000004000 RSI: 0000200000000480 RDI: 0000000000000004
[ 1058.053621][   T31] RBP: 00007ffabac10ab1 R08: 0000000000000000 R09: 0000000000000000
[ 1058.061850][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1058.069950][   T31] R13: 0000000000000000 R14: 00007ffabadb5fa0 R15: 00007ffcbafb0918
[ 1058.086306][   T31]  </TASK>
[ 1058.089489][   T31] 
[ 1058.089489][   T31] Showing all locks held in the system:
[ 1058.116550][   T31] 1 lock held by khungtaskd/31:
[ 1058.126286][   T31]  #0: ffffffff8e3bfa80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 1058.145880][   T31] 2 locks held by kworker/u8:4/63:
[ 1058.168621][   T31]  #0: ffff888147694148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 1058.182387][   T31]  #1: ffffc90001557d18 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 1058.196078][   T31] 2 locks held by syz-executor/12587:
[ 1058.245662][   T31]  #0: ffff88807b8080e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[ 1058.261603][   T31]  #1: ffffffff8e7ceea8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1058.275043][   T31] 2 locks held by syz.0.4405/18379:
[ 1058.290865][   T31]  #0: ffffffff901cc810 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1058.310889][   T31]  #1: ffffffff8e7ceea8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x698/0xbf0
[ 1058.321661][   T31] 2 locks held by syz.3.4438/18516:
[ 1058.327209][   T31]  #0: ffffffff901cc810 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1058.335502][   T31]  #1: ffffffff8e7ceea8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x698/0xbf0
[ 1058.346666][   T31] 2 locks held by syz-executor/18737:
[ 1058.352079][   T31]  #0: ffff888024f580e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xd6/0x100
[ 1058.363142][   T31]  #1: ffffffff8e7ceea8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0
[ 1058.373180][   T31] 2 locks held by getty/19111:
[ 1058.378173][   T31]  #0: ffff88814d93d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1058.388149][   T31]  #1: ffffc900034eb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 1058.398415][   T31] 3 locks held by syz.7.4975/20840:
[ 1058.405038][   T31] 
[ 1058.407509][   T31] =============================================
[ 1058.407509][   T31] 
[ 1058.416277][   T31] NMI backtrace for cpu 0
[ 1058.416300][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[ 1058.416343][   T31] Tainted: [U]=USER
[ 1058.416357][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1058.416373][   T31] Call Trace:
[ 1058.416383][   T31]  <TASK>
[ 1058.416395][   T31]  dump_stack_lvl+0x116/0x1f0
[ 1058.416445][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 1058.416483][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1058.416537][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 1058.416581][   T31]  watchdog+0xf70/0x12c0
[ 1058.416633][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1058.416672][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1058.416717][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1058.416758][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1058.416797][   T31]  kthread+0x3c2/0x780
[ 1058.416849][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.416890][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.416931][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.416973][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.417014][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1058.417045][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.417091][   T31]  ret_from_fork+0x48/0x80
[ 1058.417117][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.417160][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1058.417222][   T31]  </TASK>
[ 1058.550565][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1058.556913][    C1] NMI backtrace for cpu 1
[ 1058.556935][    C1] CPU: 1 UID: 0 PID: 6770 Comm: kworker/u8:11 Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[ 1058.556974][    C1] Tainted: [U]=USER
[ 1058.556982][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1058.556999][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[ 1058.557039][    C1] RIP: 0010:skb_put+0x6/0x1b0
[ 1058.557085][    C1] Code: c0 8c e8 8d 47 5c f8 e8 38 da 7c f8 31 c0 5b e9 40 b3 2e 02 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 41 56 <41> 55 41 54 41 89 f4 55 53 48 89 fb e8 09 da 7c f8 48 8d bb d0 00
[ 1058.557109][    C1] RSP: 0018:ffffc9000b9c7b98 EFLAGS: 00000246
[ 1058.557128][    C1] RAX: 0000000000000000 RBX: ffff88805b7d8a00 RCX: ffffffff870eaf1c
[ 1058.557145][    C1] RDX: ffff888079788000 RSI: 0000000000000014 RDI: ffff88805b7d8a00
[ 1058.557160][    C1] RBP: 000000000000000e R08: 0000000000000007 R09: 000000000000ffff
[ 1058.557175][    C1] R10: 0000000000000000 R11: 28995fd62a3522fc R12: 0000000000000008
[ 1058.557191][    C1] R13: ffffffff8c4e393c R14: dffffc0000000000 R15: 000000000000000e
[ 1058.557207][    C1] FS:  0000000000000000(0000) GS:ffff888124ae7000(0000) knlGS:0000000000000000
[ 1058.557231][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1058.557247][    C1] CR2: 0000001b2e9c8ff8 CR3: 000000000e180000 CR4: 00000000003526f0
[ 1058.557271][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1058.557286][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1058.557301][    C1] Call Trace:
[ 1058.557308][    C1]  <TASK>
[ 1058.557317][    C1]  nsim_dev_trap_report_work+0x514/0xcf0
[ 1058.557363][    C1]  process_one_work+0x9cf/0x1b70
[ 1058.557408][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1058.557439][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 1058.557484][    C1]  ? assign_work+0x1a0/0x250
[ 1058.557522][    C1]  worker_thread+0x6c8/0xf10
[ 1058.557566][    C1]  ? __kthread_parkme+0x19e/0x250
[ 1058.557598][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1058.557637][    C1]  kthread+0x3c2/0x780
[ 1058.557672][    C1]  ? __pfx_kthread+0x10/0x10
[ 1058.557706][    C1]  ? __pfx_kthread+0x10/0x10
[ 1058.557741][    C1]  ? __pfx_kthread+0x10/0x10
[ 1058.557781][    C1]  ? __pfx_kthread+0x10/0x10
[ 1058.557817][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1058.557841][    C1]  ? __pfx_kthread+0x10/0x10
[ 1058.557876][    C1]  ret_from_fork+0x48/0x80
[ 1058.557898][    C1]  ? __pfx_kthread+0x10/0x10
[ 1058.557934][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1058.557978][    C1]  </TASK>
[ 1058.571191][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1058.571224][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G     U              6.15.0-rc7-syzkaller-00142-g4856ebd99715 #0 PREEMPT(full) 
[ 1058.571277][   T31] Tainted: [U]=USER
[ 1058.571289][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1058.571322][   T31] Call Trace:
[ 1058.571334][   T31]  <TASK>
[ 1058.571348][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 1058.571406][   T31]  panic+0x71c/0x800
[ 1058.571456][   T31]  ? __pfx_panic+0x10/0x10
[ 1058.571506][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1058.571567][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1058.571623][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1058.571680][   T31]  ? watchdog+0xdda/0x12c0
[ 1058.571724][   T31]  ? watchdog+0xdcd/0x12c0
[ 1058.571775][   T31]  watchdog+0xdeb/0x12c0
[ 1058.571828][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1058.571884][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1058.571933][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1058.571975][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1058.572018][   T31]  kthread+0x3c2/0x780
[ 1058.572071][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.572134][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.572180][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.572229][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.572277][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1058.572314][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.572365][   T31]  ret_from_fork+0x48/0x80
[ 1058.572396][   T31]  ? __pfx_kthread+0x10/0x10
[ 1058.572444][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1058.572512][   T31]  </TASK>
[ 1058.961053][   T31] Kernel Offset: disabled
[ 1058.965403][   T31] Rebooting in 86400 seconds..