last executing test programs: 2m45.458470942s ago: executing program 0 (id=176): r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) statmount$auto(0x0, &(0x7f0000000380)={0x4, 0xbf78, 0x3, 0x100, 0x9df, 0x7fffffff, 0x3, 0x7, 0x3, 0xcb, 0x6b7, 0x0, 0xb4, 0x81, 0x8, 0x8, 0x101, 0x10001, 0x4, 0x100000001, 0x0, 0x0, 0x7, 0x7, 0x1, 0x10001, 0x40, 0x8, 0xf, 0x6, 0x10, [0x6, 0x5, 0xffff, 0x7fffffff, 0x7, 0x3, 0x10000, 0x5, 0xe3f8, 0x9, 0x180, 0x1, 0x1000, 0xffffffff, 0x4, 0x1, 0x100, 0x8, 0x9, 0x4, 0xd1c7, 0x3, 0x8, 0xf36, 0x0, 0x6ba3, 0x3, 0x6, 0x7, 0x55ac, 0xbbb, 0xa, 0x0, 0x7, 0x6, 0xfae9, 0x95, 0x0, 0x9, 0xfffffffffffffbff, 0x5, 0x7fff, 0x6]}, 0x4, 0xf) unshare$auto(0x40000080) ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x2) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x3, 0xa) socket(0x11, 0x80003, 0x300) clone3$auto(0x0, 0x9) socketpair$auto(0x1, 0x0, 0xfffffffc, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) open(0x0, 0x22240, 0x154) bpf$auto(0x7, 0x0, 0xa3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/ttyS2\x00', 0x201, 0x0) 2m44.191877654s ago: executing program 0 (id=180): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0006, 0x6) mremap$auto(0x0, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) open(0x0, 0x22240, 0x154) connect$auto(0x3, 0x0, 0x55) mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/tcp\x00', 0x181800, 0x0) pread64$auto(r0, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) fcntl$auto_F_GETOWN(r1, 0x9, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x20000000000000b, 0x7fffffffefff, 0x0, 0x0) 2m39.116979099s ago: executing program 0 (id=188): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/usbip-vudc.0/usbip_status\x00', 0x20040, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0) writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040)) unshare$auto(0x40000080) 2m37.44180025s ago: executing program 0 (id=193): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) getpgrp(0xffffffffffffffff) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) io_uring_setup$auto(0x6, 0x0) socket(0x15, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xc, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) read$auto(0x3, 0x0, 0x10001) getsid$auto(r0) prctl$auto(0x3e, 0x1, 0xffffffffffffffff, 0x5, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) open(0x0, 0x7ffd, 0x12) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0x14) 2m35.929043258s ago: executing program 0 (id=200): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x6, 0x62, 0x80000000, 0x9, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() mlockall$auto(0x5) rt_sigprocmask$auto(0x6, &(0x7f0000000080)={0x6}, 0xffffffffffffffff, 0x8) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000000c0)=r0) unshare$auto(0x4) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x4, 0x0, 0x400, 0x7) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x0, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) sendfile$auto(r3, r2, 0x0, 0x1000202) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) 2m34.307444029s ago: executing program 0 (id=203): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0) mlockall$auto(0x7) shmat$auto(0x0, 0x0, 0xfffffffa) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r1 = openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0x142, 0x0) write$auto(r1, &(0x7f00000002c0)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x96l\x9ao\xcf\xeeZBl\xadD\xd4\xc3|]\xcb\x96\x9c\xd06J~$\n\xef\xa7\"\x83\xab\'r\xf7m\x83\xcc\xe3\xeb\xc0\x9b\xc7z\x10\xe1\x19\x7ff\'\xbe7R\xd8\x1bl\x12\xc0]\x06\xd7.\xc2\xcf\xf6f\x12kh\xcfb\xf7\xe3\xee\x18\x1d^\x17i\x02\f\'\xa0&\x82\xcf\xc5\x80\xf4GA\x9e\x1fD\xd5\xfd\xf6\x9aB\x865\x9c3\xe4\x94\f\xdf\xe8\xe68\xbd\xad\x86\xa4\x931\x058C:\xd9\xdfaG\xa5Q\x19\xd4 \xff\xe6\xa1\x94{kR9\xd5\x8e\xa7-\\\x94M\xf4\xf2\xab\xed\xd7\x00\xd3h\anidA4\xf2[r\xb5\xd4z\x03E\x13\x8d7,f\xcbg\x86+LL0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd7000fbdbdf251a0000000c00018008000100", @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x80) r5 = socket(0x2, 0x1, 0x100) execve$auto(0x0, 0x0, &(0x7f0000000200)=0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8003) io_submit$auto(0x7, 0x7, 0x0) prctl$auto(0x4e, 0x1, 0x0, 0x1, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x8000000000000000}}) getsockopt$auto_SO_ERROR(r5, 0x6, 0x4, 0x0, 0x0) sendfile$auto(r0, r0, 0x0, 0xd) 2m20.336896604s ago: executing program 2 (id=234): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) pread64$auto(0xffffffffffffffff, 0x0, 0x8000, 0x800000000002) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) socket(0x1d, 0x2, 0x6) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) write$auto(0xffffffffffffffff, 0x0, 0x8000100000a3d9) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff) waitid$auto_P_ALL(0x0, 0x8, &(0x7f0000000200)={@_si_pad}, 0x2, 0x0) gettid() socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x20009, 0xe, 0xeb1, 0x403, 0x8000) clone$auto(0x21, 0x7, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) io_uring_setup$auto(0x7, 0x0) setsockopt$auto(0x3, 0x1, 0x2e, 0x0, 0x9) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x40000, 0x0) ioctl$auto_VHOST_NET_SET_BACKEND(r1, 0x4008af30, 0x0) 2m19.150171426s ago: executing program 32 (id=203): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/netfilter/nf_log/3\x00', 0xa2202, 0x0) mlockall$auto(0x7) shmat$auto(0x0, 0x0, 0xfffffffa) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r1 = openat$auto_proc_oom_score_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_score_adj\x00', 0x142, 0x0) write$auto(r1, &(0x7f00000002c0)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x96l\x9ao\xcf\xeeZBl\xadD\xd4\xc3|]\xcb\x96\x9c\xd06J~$\n\xef\xa7\"\x83\xab\'r\xf7m\x83\xcc\xe3\xeb\xc0\x9b\xc7z\x10\xe1\x19\x7ff\'\xbe7R\xd8\x1bl\x12\xc0]\x06\xd7.\xc2\xcf\xf6f\x12kh\xcfb\xf7\xe3\xee\x18\x1d^\x17i\x02\f\'\xa0&\x82\xcf\xc5\x80\xf4GA\x9e\x1fD\xd5\xfd\xf6\x9aB\x865\x9c3\xe4\x94\f\xdf\xe8\xe68\xbd\xad\x86\xa4\x931\x058C:\xd9\xdfaG\xa5Q\x19\xd4 \xff\xe6\xa1\x94{kR9\xd5\x8e\xa7-\\\x94M\xf4\xf2\xab\xed\xd7\x00\xd3h\anidA4\xf2[r\xb5\xd4z\x03E\x13\x8d7,f\xcbg\x86+LL0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010026bd7000fbdbdf251a0000000c00018008000100", @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x80) r5 = socket(0x2, 0x1, 0x100) execve$auto(0x0, 0x0, &(0x7f0000000200)=0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8003) io_submit$auto(0x7, 0x7, 0x0) prctl$auto(0x4e, 0x1, 0x0, 0x1, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x8000000000000000}}) getsockopt$auto_SO_ERROR(r5, 0x6, 0x4, 0x0, 0x0) sendfile$auto(r0, r0, 0x0, 0xd) 2m19.105353692s ago: executing program 2 (id=238): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x288003, 0x0) unshare$auto(0x40000080) socket(0xa, 0x3, 0x7) getitimer$auto_ITIMER_VIRTUAL(0x1, 0x0) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) socket(0x10, 0x2, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/stat/rt_cache\x00', 0x20000, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x8000, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) iopl$auto(0x3) clone$auto(0x0, 0x4, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) read$auto(r2, 0x0, 0xcefbce6) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) getsockname$auto(0xffffffffffffffff, 0x0, &(0x7f0000000140)=0x9a) 2m16.844441614s ago: executing program 2 (id=240): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event2\x00', 0x26c982, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000240)='/proc/thread-self/wchan\x00', 0x10b282, 0x0) read$auto_proc_single_file_operations_base(r1, &(0x7f0000000040)=""/228, 0xe4) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyu3\x00', 0x1, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, &(0x7f0000000080)) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) mmap$auto(0xfffffffffffffffe, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x0) getresgid$auto(0x0, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) msgget$auto(0x0, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) msgctl$auto(0x0, 0x0, 0x0) 2m13.584740542s ago: executing program 2 (id=245): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) setsockopt$auto_SO_BUSY_POLL(r0, 0x5, 0x2e, &(0x7f0000000000)='/dev/sequencer\x00', 0x6) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x7, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x20000a, 0x4) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x8000000000000, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000000000008000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) 2m11.924005395s ago: executing program 2 (id=247): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/rotate\x00', 0xb02, 0x0) socket(0xa, 0x5, 0x84) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x11, 0x3, 0x9) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x2c8501, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mseal$auto(0x0, 0x40000000007dda, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xc02, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/smaps_rollup\x00', 0x1a3000, 0x0) 2m10.83863275s ago: executing program 2 (id=250): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) socket(0x1a, 0x5, 0xfffffffd) r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) bind$auto(r1, 0x0, 0x67) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x90, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040)) unshare$auto(0x40000080) 1m55.626151058s ago: executing program 33 (id=250): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) socket(0x1a, 0x5, 0xfffffffd) r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) bind$auto(r1, 0x0, 0x67) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x90, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040)) unshare$auto(0x40000080) 1m44.261221273s ago: executing program 3 (id=288): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x0, 0x2948, 0x0, 0x0, 0x5) futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x0, 0x0, 0x0, 0x440a48d3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) r0 = socket(0x11, 0x80003, 0x300) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x8) setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x155) access$auto(0x0, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) timer_gettime$auto(0x1ff, &(0x7f00000000c0)={{0xda, 0x1de0}, {0xffffffffffffffff, 0xfd4}}) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r2, 0xc0686611, &(0x7f0000000340)={0x18, 0x800000000000, 0x8000000000000000, 0x2, 0x0, 0x5, 0xfffffffffffffffe, 0x80006, 0x25, 0x1fd, 0xffff7ffe, 0xc00, 0x7f7, 0x7, 0xff}) 1m42.247840168s ago: executing program 3 (id=294): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) unshare$auto(0x1) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) socket(0x1d, 0x2, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/fcloop/ctl/add_local_port\x00', 0xa001, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) sendmsg$auto_NBD_CMD_DISCONNECT(r2, 0x0, 0xc4056c4bb90e2826) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$auto_BLKTRACESETUP32(r2, 0xc0401273, 0x0) connect$auto(0x3, 0x0, 0x55) 1m40.506747756s ago: executing program 3 (id=298): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) madvise$auto(0x0, 0x2000040080000004, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x8001, 0x9, 0x138) connect$auto(0x3, 0x0, 0x10) pread64$auto(r1, 0x0, 0x8, 0x81) unshare$auto(0x40000080) getsockopt$auto(0xffffffffffffffff, 0xd9e, 0x4, &(0x7f0000000040)='/dev/cec27\x00', &(0x7f0000000080)=0x9) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x180b01, 0x0) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x20000, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r2, 0x41015500, &(0x7f0000000140)={"a7a018b09bb196a05739a38a73473b93f5452886bc599ef976c54a71a5ce72a9af15390e93a8760df83859e16320e8d0b1161f13d12afae66b1d900a49586aa98d3504ca431aabab1964249251e57fa70517cc19b0e3974dc2a89e90c932b8859c767780d65e849700", "e600d778e82f8b8db7e27a036e39a8ac08de7e036d650e2184857e6b64f6a2c7fb08c6f5ce3828fb4e9498c076bef49c99c9cd91332e12b53664dc20fa879020fbd184c0d300c13be6047a70685ce029fb2385ae6e132c1c6adbcfbd873a3b925d397a08e8733e19ef5ec4f40b0b473c72efd18b8a9e9f3d12c5e44468922beb", 0x3}) ioctl$auto_USB_RAW_IOCTL_RUN(r2, 0x5501, 0x0) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8af00, 0x0) pread64$auto(r3, 0x0, 0x8100000041, 0x413e) syz_clone3(&(0x7f00000006c0)={0x208200700, &(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0), {0x2c}, &(0x7f00000007c0)=""/84, 0x54, &(0x7f0000000580)=""/248, &(0x7f0000000680)=[0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0], 0x6, {r1}}, 0x58) 1m38.314182911s ago: executing program 3 (id=301): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) mmap$auto(0x2, 0xaa06, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)=';') openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x18000, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x28, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x4) 1m36.879778884s ago: executing program 3 (id=306): r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x28, r1, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @fd}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) sendfile$auto(r0, r0, &(0x7f0000000340)=0x7, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r7, 0x0, 0x594c, 0x9fffffffd) sendmsg$auto_OVS_FLOW_CMD_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010029bd700002dcdf25030000000400087918000180140010800c"], 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) sendmmsg$auto(r6, &(0x7f00000000c0)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000002c0), 0x3, 0xa505}, 0x7ff}, 0x7, 0x4008) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) ioctl$auto_SG_GET_TRANSFORM(r4, 0x2205, &(0x7f0000000240)="bd20ef940bae403060348abecb701bcc7c5c8d4a41f39e3d24b85ed4f75b9b9ad120963a581258cb5b8fb0b26939f3881260b2468f81b428f949") openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x40200, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r4, 0x80045010, &(0x7f0000000280)="7acca5c32b31b18d8888f8bb3c5ff5a718ebe172e690dbcbd1f9149c6bc53030efcf2a9c93c7a88c7dd1c5b612180b3dcada0bd2b16f9315ac254b541b2b6f893067de452f20e9d5437b5708022a4bd6b1ccf77916e13b338dd6ab6e46bb86d9307259341c28c37e0c18b7b72cd2de3ea88446f52cb59ba0d2e476614e0f762d84c6c09d64624d") 1m35.569142036s ago: executing program 3 (id=310): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x8de, 0xdf, 0x591b, 0x2, 0xb) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x47, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = socket(0x2b, 0x1, 0x1) ioctl$auto(r2, 0x8983, 0x4) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x3, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) statmount$auto(&(0x7f0000000140)={0x9, @inferred, 0x2, 0x3ff, 0x7f}, &(0x7f0000000440)={0x6, 0x6, 0x53, 0x4, 0x1, 0x4, 0x2, 0x3, 0x5, 0xffffffff80000001, 0x57d6, 0x8, 0x3, 0x2, 0x8, 0x3, 0x1, 0x8001, 0x400, 0x1ff, 0xfff, 0xd8, 0x8, 0x4, 0x9, 0xbef3, 0x411, 0x7, 0x0, 0x5, 0x7, [0x6, 0x7f, 0xbce7, 0x599, 0x56, 0xf93, 0x6, 0x8, 0xffffffffffffffff, 0x0, 0x200000000000, 0x2, 0x1, 0x8, 0x1000, 0x40004545, 0x4, 0x2000000000000a, 0xb, 0xf5fd, 0x7, 0x4, 0x7fffffff, 0x1fc, 0x2, 0x5, 0x8, 0x4, 0x4, 0x1, 0x4, 0x800000, 0x5, 0x80, 0x6, 0x4, 0x7, 0x4, 0xffc0000000000000, 0x2, 0x9, 0x8, 0x80000001], "73e9b0abe71d1e2aee680f7f0e812f294220578764aaba215588c48129939d0d8c6c8dcb488aeb5a653cee9f3407b9069269771811ce667d8e"}, 0x40, 0x36) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) 1m20.437047186s ago: executing program 34 (id=310): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) mmap$auto(0x0, 0x8de, 0xdf, 0x591b, 0x2, 0xb) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x47, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = socket(0x2b, 0x1, 0x1) ioctl$auto(r2, 0x8983, 0x4) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x3, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) statmount$auto(&(0x7f0000000140)={0x9, @inferred, 0x2, 0x3ff, 0x7f}, &(0x7f0000000440)={0x6, 0x6, 0x53, 0x4, 0x1, 0x4, 0x2, 0x3, 0x5, 0xffffffff80000001, 0x57d6, 0x8, 0x3, 0x2, 0x8, 0x3, 0x1, 0x8001, 0x400, 0x1ff, 0xfff, 0xd8, 0x8, 0x4, 0x9, 0xbef3, 0x411, 0x7, 0x0, 0x5, 0x7, [0x6, 0x7f, 0xbce7, 0x599, 0x56, 0xf93, 0x6, 0x8, 0xffffffffffffffff, 0x0, 0x200000000000, 0x2, 0x1, 0x8, 0x1000, 0x40004545, 0x4, 0x2000000000000a, 0xb, 0xf5fd, 0x7, 0x4, 0x7fffffff, 0x1fc, 0x2, 0x5, 0x8, 0x4, 0x4, 0x1, 0x4, 0x800000, 0x5, 0x80, 0x6, 0x4, 0x7, 0x4, 0xffc0000000000000, 0x2, 0x9, 0x8, 0x80000001], "73e9b0abe71d1e2aee680f7f0e812f294220578764aaba215588c48129939d0d8c6c8dcb488aeb5a653cee9f3407b9069269771811ce667d8e"}, 0x40, 0x36) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) 1m17.271816343s ago: executing program 1 (id=349): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x1, 0x100) r2 = eventfd2$auto(0x6af3, 0x800) r3 = socket(0x1e, 0x1, 0x0) bpf$auto_BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000280)=@link_update={r3, @new_map_fd=r0, 0x3, @old_prog_fd=r1}, 0x1) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) pipe2$auto(&(0x7f0000000040)=r2, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x100000001f9, 0x8, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x7, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x10008000009, 0x2, 0x6]}, 0x0) openat$auto_debug_help_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f00000032c0), 0x1000, 0x0) ioperm$auto(0x7, 0x6, 0x1) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x500, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/flags\x00', 0x101142, 0x0) execve$auto(0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0) write$auto(0x3, 0x0, 0x100082) openat$dir(0xffffffffffffff9c, &(0x7f0000000640)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)\x00', 0x14000, 0x4) 1m14.72030372s ago: executing program 1 (id=353): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/usbip-vudc.0/usbip_status\x00', 0x20040, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0) writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040)) unshare$auto(0x40000080) 1m12.963160158s ago: executing program 1 (id=355): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd=r1}, 0xa3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_virt_wifi\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_SEQ={0x6, 0x6, 0x4}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local}, @HSR_A_NODE_ADDR={0xa, 0x1, @remote}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x3}, @HSR_A_IFINDEX={0x8}, @HSR_A_IFINDEX={0x8, 0x2, r3}]}, 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = socket(0xa, 0x5, 0x84) sendto$auto(r4, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r5, 0x0, 0xfffffe36) 1m10.906144529s ago: executing program 1 (id=359): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020008, 0x7, 0xb9, 0xfffffffffffffffa, 0x9) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x400000ff, 0x400, 0x9}]}) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x200007, 0x19) 1m8.04183426s ago: executing program 6 (id=339): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0x10, 0x2, 0x14) socket(0x11, 0x80003, 0x300) socket(0x10, 0x2, 0x0) socket(0x2, 0x80002, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) r0 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) 1m7.399970141s ago: executing program 6 (id=364): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/usbip-vudc.0/usbip_status\x00', 0x20040, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0) writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040)) unshare$auto(0x40000080) 1m7.39373223s ago: executing program 1 (id=365): r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) shmctl$auto(0xa0000000, 0x6, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) execve$auto(0x0, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/mem_limit\x00', 0x183841, 0x0) pwrite64$auto(r1, &(0x7f0000000280)='Mdev/loop-control\x00', 0x80000000, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe0, 0x3, 0x6, 0x7, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x2, 0x5, 0x3, 0x40, 0x7, 0x21, 0x309, 0x6, 0x0, 0x0, 0x200000, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}, 0x1fe, 0x81) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r2 = socket(0x10, 0x2, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_BLKTRACESETUP32(r3, 0xc0401273, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) sendfile$auto(r4, r4, 0x0, 0x10000800000003) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 1m5.927222278s ago: executing program 1 (id=366): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) ioctl$auto(0xffffffffffffffff, 0x5408, 0xffffffffffffffff) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0) r2 = socket(0xa, 0x1, 0x84) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8081, 0x0) close_range$auto(r2, 0x8, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x40, 0xa2) fadvise64$auto_POSIX_FADV_SEQUENTIAL(r2, 0xca, 0x7, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40102, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x40000000f42c, 0x585) write$auto(0x3, 0x0, 0xfffffdef) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) tkill$auto(0x0, 0x9) unshare$auto(0x40000080) 51.554692403s ago: executing program 35 (id=364): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/usbip-vudc.0/usbip_status\x00', 0x20040, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0) writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040)) unshare$auto(0x40000080) 50.415513986s ago: executing program 36 (id=366): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24008000}, 0x4000) ioctl$auto(0xffffffffffffffff, 0x5408, 0xffffffffffffffff) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r1, 0x0, 0x0) r2 = socket(0xa, 0x1, 0x84) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8081, 0x0) close_range$auto(r2, 0x8, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x40, 0xa2) fadvise64$auto_POSIX_FADV_SEQUENTIAL(r2, 0xca, 0x7, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40102, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x40000000f42c, 0x585) write$auto(0x3, 0x0, 0xfffffdef) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) tkill$auto(0x0, 0x9) unshare$auto(0x40000080) 15.932759493s ago: executing program 7 (id=433): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) sendmmsg$auto(r3, &(0x7f0000000000)={{0x0, 0x6, 0x0, 0x106, 0x0, 0x1, 0x3}, 0x57177fc5}, 0x9, 0x0) r4 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=0x4, 0x4, @old_map_fd=r3}, 0xa3) mmap$auto(0x5, 0x4020008, 0x1001, 0xeb1, r4, 0x8003) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) 12.310178438s ago: executing program 7 (id=440): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_wireguard(0x0, r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'wg0\x00'}) sendmsg$auto_WG_CMD_SET_DEVICE(r0, 0x0, 0x810) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x9840100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r1, 0x0, 0x39b8) writev$auto(0x3, 0x0, 0x8) r2 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000140), 0x101, 0x0) dup2$auto(r0, r2) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/nfsd.fh/content\x00', 0x40c80, 0x0) socket(0x29, 0x2, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x20) pread64$auto(r3, &(0x7f0000000540)='veth1\x00\xe0,\x17\xa0\xf7\x89Pl\x84K?\x01\x84\xa1i\xe00\x81p\xa0U \f\xdbP`:\xe2\'\xa7\xbf\xbd\x04\x18\xad\x90I^\x99M\xe0W\x14\x11\xf4\xeb\x90:\v\xc5\x13*\xfe\x90\xb1\xa9O\xa5\x05\xaa\x8fTi\xd6\x88Q\xda\xca', 0x20000000003f, 0x1) 11.80044668s ago: executing program 4 (id=441): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = socket(0xa, 0x1, 0x100) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r1, 0xffffffffffffffff, 0x200, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) sendmsg$auto_BATADV_CMD_TP_METER(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x4004881) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) read$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x4d) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r3 = gettid() process_vm_writev$auto(r3, &(0x7f0000002980)={0x0, 0x7ff}, 0x3, &(0x7f0000002a40)={0x0, 0x100000004007}, 0x4, 0x0) 10.311742398s ago: executing program 8 (id=445): ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f00000001c0)=0x6) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r0 = socket(0x1e, 0x1, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) readv$auto(r1, 0x0, 0x6) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sendmsg$auto_ILA_CMD_GET(r0, 0x0, 0xac6533691ab1be2f) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv6/conf/nlmon0/ndisc_evict_nocarrier\x00', 0x0, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'tunl0\x00'}) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x43403d05, 0x0) 10.084883154s ago: executing program 5 (id=446): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x40200, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) close_range$auto(0x2, 0xa, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) sendfile$auto(r2, r1, 0x0, 0x1000202) ioctl$auto(0x3, 0x541b, 0x38) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) 9.785052485s ago: executing program 4 (id=447): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) setsockopt$auto_SO_BUSY_POLL(r0, 0x5, 0x2e, &(0x7f0000000000)='/dev/sequencer\x00', 0x6) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x2, 0x0, 0x3}, 0x6f3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x20000a, 0x4) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) prctl$auto(0x1, 0x400000001, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) 8.908889631s ago: executing program 5 (id=448): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) bpf$auto_BPF_LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x40000000007, 0x20009, 0x4400000000df, 0xc157, 0x101000000000000, 0x7) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x11, 0x80003, 0xf) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) select$auto(0xe, 0x0, 0x0, &(0x7f00000000c0)={[0x1ff, 0x6, 0x9, 0x1, 0x3, 0x6, 0x15f4da0a, 0xa, 0x3, 0x0, 0x7ffffffd, 0x7, 0x6d3f, 0x9, 0x1, 0x8000]}, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) getsockopt$auto_SO_PEERCRED(r0, 0xc14, 0x11, 0x0, &(0x7f0000000180)=0xfff) unshare$auto(0x40000080) mmap$auto(0x80, 0x4020009, 0x5a, 0xeb1, 0xffffffffffffffff, 0x8000) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) select$auto(0x800, 0x0, 0x0, 0x0, 0x0) 6.999850819s ago: executing program 8 (id=449): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000000)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x801, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x8) syz_genetlink_get_family_id$auto_ovs_vport(0x0, r0) write$auto(0x3, 0x0, 0xfffffdf2) connect$auto(0x3, 0x0, 0x55) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) madvise$auto(0x0, 0xffffffffffff0004, 0x19) getpgid$auto(0x0) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) 6.849490449s ago: executing program 4 (id=450): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) madvise$auto(0x0, 0x2000040080000004, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x8001, 0x9, 0x138) connect$auto(0x3, 0x0, 0x10) pread64$auto(r1, 0x0, 0x8, 0x81) unshare$auto(0x40000080) getsockopt$auto(0xffffffffffffffff, 0xd9e, 0x4, &(0x7f0000000040)='/dev/cec27\x00', &(0x7f0000000080)=0x9) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x180b01, 0x0) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x20000, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r2, 0x41015500, &(0x7f0000000140)={"a7a018b09bb196a05739a38a73473b93f5452886bc599ef976c54a71a5ce72a9af15390e93a8760df83859e16320e8d0b1161f13d12afae66b1d900a49586aa98d3504ca431aabab1964249251e57fa70517cc19b0e3974dc2a89e90c932b8859c767780d65e849700", "e600d778e82f8b8db7e27a036e39a8ac08de7e036d650e2184857e6b64f6a2c7fb08c6f5ce3828fb4e9498c076bef49c99c9cd91332e12b53664dc20fa879020fbd184c0d300c13be6047a70685ce029fb2385ae6e132c1c6adbcfbd873a3b925d397a08e8733e19ef5ec4f40b0b473c72efd18b8a9e9f3d12c5e44468922beb", 0x3}) ioctl$auto_USB_RAW_IOCTL_RUN(r2, 0x5501, 0x0) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8af00, 0x0) pread64$auto(r3, 0x0, 0x8100000041, 0x413e) syz_clone3(&(0x7f00000006c0)={0x208200700, &(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0), {0x2c}, &(0x7f00000007c0)=""/84, 0x54, &(0x7f0000000580)=""/248, &(0x7f0000000680)=[0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0], 0x6, {r1}}, 0x58) 6.844734362s ago: executing program 5 (id=458): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) bpf$auto_BPF_LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x40000000007, 0x20009, 0x4400000000df, 0xc157, 0x101000000000000, 0x7) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x11, 0x80003, 0xf) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) select$auto(0xe, 0x0, 0x0, &(0x7f00000000c0)={[0x1ff, 0x6, 0x9, 0x1, 0x3, 0x6, 0x15f4da0a, 0xa, 0x3, 0x0, 0x7ffffffd, 0x7, 0x6d3f, 0x9, 0x1, 0x8000]}, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) getsockopt$auto_SO_PEERCRED(r0, 0xc14, 0x11, 0x0, &(0x7f0000000180)=0xfff) unshare$auto(0x40000080) mmap$auto(0x80, 0x4020009, 0x5a, 0xeb1, 0xffffffffffffffff, 0x8000) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) select$auto(0x800, 0x0, 0x0, 0x0, 0x0) 5.547904501s ago: executing program 7 (id=451): openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000140), 0x80, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x543c00, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000240), 0xa002, 0x0) writev$auto(r0, 0x0, 0x100) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r2, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) clone3$auto(&(0x7f00000002c0)={0x4, 0x9, 0x1, 0x2, 0x8000, 0xffffffffffffffff, 0x7, 0x3, 0xffffffffffffffea, 0x8, 0x200}, 0x7) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(0xffffffffffffffff, 0x7ab, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) io_setup$auto(0x7ffe, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) 4.097877812s ago: executing program 7 (id=452): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb4, r0, 0x6) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x5, 0x0, 0x102) getpid() r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs1\x00', 0x48080, 0x0) fcntl$auto(0x3, 0x4, 0xa553) sendmsg$auto_NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000165c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004000}, 0x0) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) ioprio_get$auto_IOPRIO_WHO_PGRP(0x2, 0x0) 4.096816118s ago: executing program 4 (id=461): ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000180)='/:$]\x00', 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x7ffd, 0x12) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5) r1 = socket(0x2b, 0x1, 0x1) madvise$auto(0x0, 0xffffffffffff0004, 0x19) io_uring_setup$auto(0x9, 0x0) readv$auto(0x3, 0x0, 0x7) close_range$auto(0x2, 0xa, 0x0) madvise$auto(0x0, 0x200007, 0x8) sendmsg$auto_NL80211_CMD_GET_MPP(r1, 0x0, 0x48d0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) 4.096187858s ago: executing program 8 (id=453): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/zram0/mm_stat\x00', 0x10b342, 0x0) pwrite64$auto(r0, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x06\x00\x06\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0x2, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x18, 0x7, 0x28000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ad00, 0x0) msgsnd$auto(0x7, &(0x7f00000001c0)={0x0, 0x4}, 0x594, 0x5) r1 = socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendfile$auto(r1, r1, &(0x7f0000000000)=0x100000001, 0x7) write$auto(0x3, 0x0, 0xffd8) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) write$auto(r2, 0x0, 0xfffffdef) ioctl$auto_IOC_PR_RESERVE(r2, 0x401070c9, &(0x7f0000000040)={0x80000001, 0x7, 0x9}) 4.09601629s ago: executing program 5 (id=454): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) write$auto(r3, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) r4 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r4, 0x0, 0x7ff, 0x400) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x2, 0x8, 0x0) 3.334483775s ago: executing program 8 (id=455): r0 = socket(0xa, 0x1, 0x100) modify_ldt$auto(0x1, 0x0, 0x10) mmap$auto(0x0, 0x2020009, 0x100000000, 0xeb1, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x84, 0x77, 0x0, 0x27) eventfd2$auto(0x6af3, 0x800) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x800000000001, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1f9, 0x100000007, 0x200000000d, 0x1, 0x2, 0x3, 0x15f4da0a, 0x3, 0x4, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x8, 0x4, 0x8, 0x9b70, 0x2, 0x8401) mremap$auto(0x0, 0x80000000000002, 0x8, 0x3, 0x7effffffb000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0xcd7) 1.783750526s ago: executing program 8 (id=456): r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) kexec_load$auto(0x6, 0x0, 0x0, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r1, 0x0, 0x0) shmctl$auto(0xa0000000, 0x6, &(0x7f00000002c0)={{0x3, 0x0, 0x0, 0x0, 0x7, 0xd, 0xff}, 0x2, 0xffffffff80000001, 0x3ff, 0x800, @raw=0x61a, @inferred=0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0}) sendmsg$auto_IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000000c0)={&(0x7f00000005c0)={0x14a8, 0x0, 0x100, 0x70bd27, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0x4}, @IPVS_CMD_ATTR_DAEMON={0x1305, 0x3, 0x0, 0x1, [@nested={0x11e, 0xf, 0x0, 0x1, [@generic="3798029b3619276dfe68c2fadaa010fe44e66ce6d355665d9cdd3f77e4582925df90c85c828060f87498e29e2b10c7d722f03562916191c1594176ee915136b44d30629d4e7b993083bf689758c4f445f3580142398f99d52c2c2a9563d29a6904189548ea71dfca7c0b3dad32f52470fd5360726d0c064555e0b7996a8ca055758589080cab4e36a4c8124fc0affa637cd629a27dbc7add2d2e065332e3223b858c46b6a71c797612b87cd03b71d9b715fdf5528db9b9e0c5adec6bc0d2ca4003b743cc1ffa200ab74236969af7f26d196a6d40", @generic="f74b4491d75fae2e6ffc727944cd63a6e3fd5eedfc2ef04be5583c801693d773bbbbaad98604a0f8cb1455f644e981a0626aabc0ee9823a3ef3abe923eb49eda4dd6db2247f7"]}, @nested={0x11a6, 0x7b, 0x0, 0x1, [@typed={0xfd, 0xe5, 0x0, 0x0, @binary="5d067a7a94a94de9d3063c81fbe95e380e041793109e6098af80ca45ca4e3200ceef3d05f6724c619b6c8770f83c671cdca1c2bb6cc331035b24098055ef83ef1c010a079732df4f58d738cf5662fe7ddefb0f14319aaffb0ee60d44e4d0b974884f8b72ae78c99761bf519b3c0229d09afc3af6e6674e41326325c76d7182058266b60062404ab52adad60245f878ed5f20b0bf69f8b825ad33af52ab8bf91c982e8630c91a72443562792d6d69764254409bf704b0d16386d2904c943c7239bde3db38253549cae215728e7a67ed3b31cadf90ef81138fe35d0b1849c53fd5503a3dbd368da1e786e521af6ac3eb7d835cd1aefd09e8a75a"}, @generic="bbe085554a2aafc08af82ac767f315b5dcdfc9ed4dcffa07eac7127e21d9240f3ec9d76199137096d530911ff556922554f00452ce678733a5a2115b19c22ef1b54d3f3f103606f4b4c3c4bc61444a3576481e44439730070b7c836d9ca1f1cc03957344fa8511642c074c943f3a0940b6c7e8c1f97fb5bd1e771958bc27dc579f56240547a2349df30945b3e67667d5ffdcac0833bcdc1d77e3302e08e66734fd79a6d758dce26ecadd2903eac384430f198d8013e983fa37f2", @nested={0x4, 0x92}, @nested={0x4, 0x11b}, @generic="cfab866f792d8ca46d22765d7c1322495a8a0170491e0e2ed8e6795e44d0ded9c05df7c8293554e00746945678aeb7d5a8f73cf6182dbde56a6a647e2e6860bf290ad224b36fed3265b3aab5aaa1c4c95ecdd0088c0073614672f878897752074955c63c2c8e1f30e166881992ede04676736f614fc764c1965b815017c018dc43927dc299d9ede41ada12b80468850029db07ac075498e6a913acd1925e8d6c0a0fa605eeb76bcc16598bff8a50f98ff9344119df720bd338f91812c608d6f957f200e6b3a0659b2c764f1bff846be4e512f889ba09f28cde7db1ea6ee8ba7df8cc5ea5002e8cb31a5cf643bd0a3c29084476348ef3224066eeeccb84d69dc78d2df15a2a86261a7b7d571859bf2fc6392ecc362ee22545c91a5625b0279f1b65f2b887a1123880730d49f28cb239541c149e92bf2ee625438e1925a30deb290f65da172f3e6207b04d80d60da8cf4efa5bd4b1b5a3f001c24810b6cdf467049eaf070dc5c28d1549cd571a28f33a3d84cdb198ea299807d73bb14685823c9b0156f9c4ab7976244b8f8549b80bd6cdb8235c6a0f69d4f5cee1ed90d9de8c943ef2b369461ac42fbcdaa5ccc7e8f0b3c1fa13f9d3563e9f71b96ae7184c7fea44467380291578ff88fbbed4740b530b709f11452a4ad06da7a8fabcb7a17538e77b863d83401a56b8e5ca4529a9f2fb33c0b51f9e7fe44ad292764e00e4e794c85f687c7b3128c0346f339fb1fb3e73c669d9fa8de76344925fae85213f2763c3b3d5a38e0bc59410a644590f74ace22a7f80399b8b9533b7652f172c8ce9e2ce15acac4eb153a1aee94b8351e79495b5b390fdfdff05b583f2a4fa0d5bf49ef981ca4edf42475e2438a68dc9f03ec18e9f20512bd3f165fbc22b9cea06ccfa9b7c95dacd3e0aa04e6c9129f53c58e5923e4d11f1695fe18faf0eb4b118caffd88b4710dafd9c39a8799698329ea7eb610efb3f69ba7c0ba1b4532e4319f03a0887364087f3861f06fad2fcd4f993f55eb4a7c3478dd70f5b0a4cd5958ce7969eed61ab1e182feb48ba61fe253da29f13ef288d911b27c46a64b75ca4b715fc0bdac5a4d60a4bfba35d92019ff974e0c80a7848ee860461ba4c82f9a887f59565c7508d9af3838fbbe27bad0a8c240c76bc3d90ac8197a311c291b342caf1a4af89248068273eb090aea9ec2269b6f22745493ba070f2b98f9bb4d059eeae22c2a70dbb84231a8033da0afdb93d222dcdc5b8f931048711797a5d57b5680ca3b44726c1636454647345b5b84e235be90f390f5509b3644e2e68913536e066674b6c557c4f5370102e10861b5c8166c55aad3dfdb3caff5e82b92f648c99a2459b691cc002f6cfc5d9f9cf7b217e577507b91f216a1ffb5d5bb741577f1194944c5778533cbeb2239ee15404e06b5aa0bafa587014f20dfecc354b3bdcb1d1e092c7586ea8564be39f10317e45946ad6f61fd399fa14aabdb40d45aa4e1ee4b9273c8aa25e66858d5c7821f704fb936634770c7bd86b612a38b59f324f80c50b87fdfac0d0c6d84f88dc07bb5c34c6256564a8c3004c71104207fca9d109fd7e5190c1c56cc8302629c33a66cc9861758b9ca29aa2e767ace0e1602b3de0a1e6e1a2694704f69998b8bdd46dcb614a37233480c14cf9980cc9a25de144380629febbe65d065c5513377aebe21ccb761c1adb6a527b5409f402d30a94775120604625fb1c3ffb2924962946f854ca5b31e5bbba4894f35ccb880595b982ee79f2f19d94ed5f74bf4ac9ece13694d7f627d299696abd9c9f41d3ac95061dab6b332b020a326eb02cb67763cd7dd9849d33ef8d06c2282561ec98f23f759835ce735e2d605a8c8034b0b7870a19a4e114436dceffd1303576e097a94db783ec92325495222b930756aae499b4c46ff21fd8fbaf8a8bdcf78b43b43f38ac727130d1002a087ece4b47146ed4089ba345eac588cad8af4b7129ea73acbde3eec12dc73cdc2a3d8e2577238f5b8f6ab861ed17a31e3215c89c99aa5a49711638bd05f9c048b5e8e98ba929ba728f7f4bfa2b2d6e48f786cef816e5aeec4b45d1cbed39c32797ef7696d53dcf0dd0c4d1997eed26ff1e2d21c60ca29ef480fb60606e0f780b7d1eace857cf103dbde4dcddd7882c00f29ea0c4c2eeb25b221817fa3e41942815b9be2dacce5259c8f1878371c6e169ffbefd6e0faf70a6c75a177bc9389c0b4d09b8f7eb3ae5676e61f3f0aad62d7d4eca7a87dd8f68f9df892b3975619ae6223c90e25814c1ecad2e22de8c4d2cac06361ea00623df30d4917641d2b29f541e33e127db2a53e6be7e40dd4827f1d3c402937808fc21b47f57ba87fe1101136c3616d1fe866294a3c2de8128613e495702a8f050afd82e8edfeb7e6d75149dde02dca0eb22866205cd4bfee36b5e680bb5355a9cec30b71c618948797dbd2f0d634fff1f3fa8e95217dd334079d665c239d6de43b61e30390ea5727f5f8f8f462323ba5fc45f73614b5dab979144f9cdca1745f521716d1f011de307d644135ef9faf6d7fa699e3e3ee38e16591dff7b910dc722afa15cee3f43a7e4b7ecdd853eb92692a6d9b69e1c2572acaef35753e1fc14c3733f7b21f04f6de39c74c16aae3f3ad1a77c49307361216048fa0450dfd82f242cc157f2cad98e11b84f37df74e74b577d86adaeae151374c23fa61646584314741d935b57b40f50a655512e5082c829c0842ccd2338cfca6ce000e59c6c8cb2962fb04b27ae71b37cf76075ea0aff9a35498cf3fed10a5768249f28bbfa67e4a062bf0e773f7bd0e39566e7da017d6e0ac13953bfa6730d024795df59d479e993ec66cc40d90bfa7d5600a3515f4e01d211ae9bf26f928a227ec1a40ebfbd65b90ed1899a0962a557d9f9e2b655c16eb09401ed6afc4811751f3b992cf210db85e6b4e40f0ad1c8da81b4eef127e305f1bc7221bfd8c1940ab70a0aa705c6c8309a59b2ff7c938125ba717500ca54e3d4b0fd60fece27f50f9d665f0b72022884029e61476ea063f57110bd0e0d85fd76868949794e4a55f2214ff6dde3f7fbc7244e08c52ade4b10cd8cafce3e437efadc8cf44f475fe67e24a41ba9d8605791b963b6f85cae306552033c757fc5a17482ddde6e053bbfe028fd97948b10227a651e1d693fa4bcf6bc43d20ae3d6923786203e4f5587a3c2b659687a53097a8fbf40900d46a5850f15b4ccf62ad3ff4c278f28abc2016d38c6ad034c41affed9019f8d8670dc079ebf5dc481afabdfec1c139ed598ecce03c0e5af1711f1ad9e67b06276b275c5cea52d9ee82b1150846e39ccc2424b4b9e4044eec5d06b992421f580c63258212499fd2e2d61658b28a4fca50faa1425c61f883b8d46c0755542d0fe7de1d5fe3a22fb605a024afc912340dd45d584f980f4eca2cbd630349fd374c98c21320241cfa68eaf03759dd47ec26a2d38d68d3f67216eace301b7bd76fd7c44bc2afb5a408f525be3aa07d4dbe9d7171abdf62b69a3e215a4a4f162cb74a7b7fc17f30e1808727fdfe28ea92813cc327cb366fc9dd3892b4df74bb0cae278f25fa62ef813e5aaeb427ccafebc8c64c8dd11116610fb513882dd692ffd73b6d61d767d64993c980d4bdce44766f49d5f91c7452c3ee818bfe9934b42ac2b8bde5069cf6369a7c0b0957ffc6ed7bb6f09eac0780d648586736115a53dea3a7aa5cd3cc8a19ee3954d13d13dabd2bce7f058bc7b9fe63e0cedeac71f99fa2d96ae724f6cffc0013f904eb47009572f3afbc6f24b1d76bc28526bddcfe346074fe7179e5f7b35e2decaaedb22f011f434a14eb63db94bda4e9476cca6372e30c2e7c1bafc47b0dd223900c7d668bbd6fc4b6bb23a98c19f9bc55d0c2f0a733d3145b77db2683b26b2f09ba21a77ec14eef602510a145e0ee55576dbaab2f830d9f611c8c434894ca2c86fcbf2273cbf31bf514524539d2f8e834b9a0e83627285c1760d7664694d70d0fd2451ec0ddbe1bc11dc57a66231d0241e6e564a65845edd034ebe026f11f2fb967bcbd263ea7ae166f42b86bdd22113ba0f0fbbaf68c9b6ae70d08dc2317bb1466162cccc13e63ca63a758f4fa22fd7fc11ab3f4b604357cc605b3bfcaabfbc99cab33bad98022f9a40522ce56f195082fc53d8babaa6ec708cc1f14a15a45464bc623e1c12ca9232623c9fbf23a7ae35480044e592ba66fa6fdad7b77a07b0f901f54a33d3406cfbe6801bd0eb6a68f9761d1838b954dd206aed5d9421fa9d0f5a9e524a508307cab1fea754ddf28821cf42eeebb5a00f290592dabbecbee9cb14af2874625d11cd9f072c56f7f885ca26896825b903eee94da064e2f08a712d536eea6d39899f7f6d38e0074c631574ef871c60b593ded305eb70afd4b0b007ac187f5e32b6db90694a5bd5f93c40f3e12c96b4dbddd98794ed3f6b68bd648f840dcb481430a6c7c0d6e0891369fe8eb0915f3f83ea03b3249f0fcbe8af7bb4e1591134e9bfd41e128c9923156aa850e50c6066397653986aa4bcd3a520aecf7e6b2a9329c390ade8992676d188066a09f94d7996b897cffb03db825470ba8072f3d201cd821322750fc015c368f277189bf078ca82b3bc68e6401c0f7cb91d6a7f754872b41ad06c876319bc74667bdf3de45a9a389aa5292c338932a7a06443c054e31f57eec566bedeb4098134b6714bdd59374a1fcbc9e7b8097831f94da08e443f21046fa123e662047db5e87d5d5de1279f7f411d32d57407b93dfeb88f6673314fab9530de19497e952a278bb15e10af3728c8a4549ed3a878c1ab0ce6096855e69a2f1face78a6ef9eb09ff9e086f3ecdd6a7b43e243f2ef9e46722df9c9e3b2140fcdf0bca01409c0ccdea0a2cbf9592c6c322dd14fcaa161100241bb7704ae11adc48c4f0628ef5b8dabdde3a1b925ddf72017d765b57f282ce67ccd6c6615fd35ed2458a527db22c6dcc2bb23e3244244f737db00c6bd57f01bc2b5448887bf91cf40f94cbb03660feb57042392fee5f25a7925dd278be11d822de1d59f7242c6afce2c9eb5630e1dce96487a5e69d86525ea03d7659bbb97a35acbc7fb19aa345064be5b7a473e12a6f6bb8c7fe93ff25d98e817a83ff1bc5421bafa732aaa649f21bd92a51f9425ecdfa7d5229d15fd49ac3b8d4363c7ff63b3bdad3730d48f667ac81f4cba1fe8bd2964e2e2259d5847cc010ca7af96b195d6e8875a9c76d5515ed1e2b8b910e5856a9fcfd53ce001401ca7b7ad6f14c147903898af14c6e572d6d38eaf5e75705e251b26b4b28bba27135045bca4c5a485ecbaa8230c303a732d75dff6fc1f0117ff82c154a4b6287837154563a2c2ee04f253de627f21843610017d422d57ed0e6c98bba81ffce928699cb6871d0e42f7d219bd663f27f0d0e40b8d4a300c47be11c2b96f0afbcfc66ffbd4c40c7eb614fdd37887368b1a8c76e605239c1ae3192d09c3449334d60aeec8c02c7202dff94efe0003ab3aed09261f19a37f76597a57f000a426a444c731f4f625df99aa7a18d4e607281c0253a59a26cdeb77135688719330abd2c14c04f648a6dfc9a4b2c61da8d5027c876a86222154830e1e876ba4faf1528098b88ea6126e5c88fc7e8bd1d2d4cfe6430f21b14f90f0118d8c6d71339c11a1512accb40e162b69263ebebba0852e657da4e59bf7255b65659e6663be850066ab8e557168cf9532812f11b9667378a4742924e7394f347fa19eb7be4d379eeb53b2176fcc2"]}, @generic="6bc0d0b3c76fdce4b0be5c7fa50483a21d08ac7fbbed18ea35379e490c0dc849853f5c741c7505d61fe745e3a85961f1a94239b9f49e0985fe"]}, @IPVS_CMD_ATTR_DAEMON={0x17e, 0x3, 0x0, 0x1, [@generic="b772096eb8396cf137ea9758e8850cd1b6374e2573cd2dd8584a910095478c682d4c83ddc9e8445de5dc19263e4c9da2a689a934e7a19b257ed5d7db3aaa290d1d579c040aae8c016ea7e7961bc4d66a1dc4b2a4a159c9a6eb6b3b40ec884b6d7f9f266143b1a79db0a09a8e26ca09bcd6c9c4777f5950fe1b0eb11feca8ce292b4ebcf997e5638ccf20df03f6c3149e7afa9ba20430a4ec9e08e51bf6c472adbacec8eb10c781", @generic="0d589617ce02a8c45fdb2dd4b544731dd0cc23b72c091dac6ec6d4c76b032a9e1236bd756b6a4ca9466e171ff20db949e46a072a686badcf943cd81b65e8996890642007d74b9d18224b30aec6f035faf1aee93bc4a83ba524a5aea75c6b55328ca70ccd277dfe105970a9a189735cefcfef6f747e5ffac92869bcdb05b7209adddf73293ad4624638ffc29c61321220fd90220038d1784975466ebd3d3702952c4ed7950853b8bf66534139e2cf66ef316d332b8bfc39490c69872e4f8db479ac2c922787b8a2372c287d", @typed={0x8, 0xba, 0x0, 0x0, @uid=r2}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}]}, 0x14a8}, 0x1, 0x0, 0x0, 0x24008000}, 0x20000000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) io_setup$auto(0x7ffe, &(0x7f0000000000)) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) execve$auto(0x0, 0x0, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffff7fffffffffd, 0xd1, 0x3, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x31, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) sendmsg$auto_ILA_CMD_ADD(r1, 0x0, 0x4000010) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) read$auto_proc_pid_maps_operations_internal(0xffffffffffffffff, 0x0, 0x0) sendfile$auto(r3, r3, 0x0, 0x10000800000003) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 1.783523449s ago: executing program 5 (id=457): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x18, 0x10, 0x808, 0x7fb, &(0x7f0000000340)="2e87ae255faea9bca16821e73660a43c98f81f056a20818dde63d3c3436ada5521c127417b70c848d2f0b41c9954b52c56fd29b722f89cb8e96cfabaead96bc484c33f7fb2b8e8aeaeeb962fd2017e70de4a4892c560daf3d83461a5c527c6ca6471a2d3bb0714224c0002a6ed62432b4a635d9cb072fba6cc4049f67aced3906e0af971d833a8a1d53e32a133a5b4c89ec915deff549042f4d94e13d7855e68b736ec90d98b3cc7629a"}) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b8162d21, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) ftruncate$auto(0x3, 0x700) write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000040)="5cedd9d1027e0dc0023af10e9bfa1babfa3a3753ca9aee370a", 0x19) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x20540, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x407, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3b, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, 0x0, 0x100000a3d9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) unshare$auto(0xc) 1.734531564s ago: executing program 7 (id=459): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) setsockopt$auto_SO_BUSY_POLL(r0, 0x5, 0x2e, &(0x7f0000000000)='/dev/sequencer\x00', 0x6) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x2, 0x0, 0x3}, 0x6f3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x20000a, 0x4) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) prctl$auto(0x1, 0x400000001, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) 1.638666219s ago: executing program 4 (id=460): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b4b, r0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) setresuid$auto(0x0, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x11, 0x3, 0x2) getsockopt$auto(r1, 0x107, 0x1, 0x0, 0x0) setuid$auto(0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x84000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x240007, 0x19) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x18b202, 0x0) pread64$auto(r2, &(0x7f0000000340)='/proc/Nes\x00'/22, 0x100000001, 0x100) 293.784448ms ago: executing program 4 (id=462): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_msr_fops_msr(0xffffffffffffff9c, 0x0, 0xf82, 0x0) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3f) madvise$auto(0x3000, 0xffffffffffff0001, 0x15) 111.754449ms ago: executing program 8 (id=463): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) read$auto_vcs_fops_vc_screen(r1, &(0x7f0000000080)=""/238, 0xffffffe9) r2 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r2, &(0x7f0000000080)=""/209, 0xd1) ioctl$auto_NVRAM_INIT(r2, 0x7040, 0x0) membarrier$auto(0x2, 0x0, 0x9) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x80, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 50.120402ms ago: executing program 5 (id=464): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000000)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x801, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x75, 0x0, 0x8) syz_genetlink_get_family_id$auto_ovs_vport(0x0, r0) write$auto(0x3, 0x0, 0xfffffdf2) connect$auto(0x3, 0x0, 0x55) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) madvise$auto(0x0, 0xffffffffffff0004, 0x19) getpgid$auto(0x0) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) 0s ago: executing program 7 (id=465): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = memfd_create$auto(0x0, 0x9) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x51) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x9, 0x3, 0x16, 0x93f, 0x1ffe0, 0x3, 0x6, 0x2, 0x0, 0x5, 0xfff, 0xf, 0xb0, 0x1, 0x5, 0x7, 0x9, 0x7, 0x0, 0x0, 0x0, 0x200, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3043, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x11, 0x8000000000000001]}, 0x1fe, 0x10081) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa503}, 0x800}, 0x7, 0x4008) write$auto(0xffffffffffffffff, &(0x7f0000000040)='\xce*+#\x00', 0x80) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x10b042, 0x0) sendfile$auto(r2, r2, 0x0, 0x2) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) capset$auto(0x0, 0x0) socket(0xa, 0xa, 0x88) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'team0\x00'}) bpf$auto(0x0, 0x0, 0xf) sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="4000100000", @ANYRES16], 0x240}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) kernel console output (not intermixed with test programs): fter parsing attributes in process `syz.3.29'. [ 124.519300][ T6119] FAULT_INJECTION: forcing a failure. [ 124.519300][ T6119] name failslab, interval 1, probability 0, space 0, times 0 [ 124.545261][ T6119] CPU: 1 UID: 0 PID: 6119 Comm: syz.0.37 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 124.545300][ T6119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.545314][ T6119] Call Trace: [ 124.545322][ T6119] [ 124.545332][ T6119] dump_stack_lvl+0x16c/0x1f0 [ 124.545372][ T6119] should_fail_ex+0x512/0x640 [ 124.545407][ T6119] ? fs_reclaim_acquire+0xae/0x150 [ 124.545438][ T6119] should_failslab+0xc2/0x120 [ 124.545462][ T6119] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 124.545500][ T6119] ? security_inode_alloc+0x3b/0x2b0 [ 124.545536][ T6119] security_inode_alloc+0x3b/0x2b0 [ 124.545564][ T6119] inode_init_always_gfp+0xce4/0x1030 [ 124.545604][ T6119] alloc_inode+0x86/0x240 [ 124.545628][ T6119] iget_locked+0x2e4/0x830 [ 124.545656][ T6119] ? __pfx_iget_locked+0x10/0x10 [ 124.545683][ T6119] ? find_held_lock+0x2b/0x80 [ 124.545708][ T6119] ? kernfs_root+0xee/0x2a0 [ 124.545746][ T6119] kernfs_get_inode+0x48/0x460 [ 124.545779][ T6119] kernfs_iop_lookup+0x1a7/0x2d0 [ 124.545817][ T6119] __lookup_slow+0x251/0x460 [ 124.545844][ T6119] ? __pfx___lookup_slow+0x10/0x10 [ 124.545889][ T6119] ? lookup_fast+0x156/0x610 [ 124.545917][ T6119] ? __pfx_kernfs_iop_permission+0x10/0x10 [ 124.545953][ T6119] walk_component+0x353/0x5b0 [ 124.545986][ T6119] link_path_walk+0x627/0xe20 [ 124.546027][ T6119] path_openat+0x1b0/0x2cb0 [ 124.546058][ T6119] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.546093][ T6119] ? __pfx_path_openat+0x10/0x10 [ 124.546129][ T6119] ? __lock_acquire+0xb8a/0x1c90 [ 124.546164][ T6119] do_filp_open+0x20b/0x470 [ 124.546199][ T6119] ? __pfx_do_filp_open+0x10/0x10 [ 124.546255][ T6119] ? alloc_fd+0x471/0x7d0 [ 124.546302][ T6119] do_sys_openat2+0x11b/0x1d0 [ 124.546329][ T6119] ? __pfx_do_sys_openat2+0x10/0x10 [ 124.546367][ T6119] __x64_sys_openat+0x174/0x210 [ 124.546395][ T6119] ? __pfx___x64_sys_openat+0x10/0x10 [ 124.546434][ T6119] do_syscall_64+0xcd/0x490 [ 124.546473][ T6119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.546496][ T6119] RIP: 0033:0x7f3547b8e929 [ 124.546515][ T6119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.546542][ T6119] RSP: 002b:00007f35489e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 124.546563][ T6119] RAX: ffffffffffffffda RBX: 00007f3547db5fa0 RCX: 00007f3547b8e929 [ 124.546578][ T6119] RDX: 0000000000001182 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 124.546593][ T6119] RBP: 00007f3547c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 124.546607][ T6119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.546620][ T6119] R13: 0000000000000000 R14: 00007f3547db5fa0 R15: 00007fff6593e978 [ 124.546649][ T6119] [ 126.136066][ T51] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 129.838648][ T6163] FAULT_INJECTION: forcing a failure. [ 129.838648][ T6163] name failslab, interval 1, probability 0, space 0, times 0 [ 129.906941][ T6163] CPU: 0 UID: 0 PID: 6163 Comm: syz.3.44 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 129.906989][ T6163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 129.907010][ T6163] Call Trace: [ 129.907020][ T6163] [ 129.907033][ T6163] dump_stack_lvl+0x16c/0x1f0 [ 129.907098][ T6163] should_fail_ex+0x512/0x640 [ 129.907147][ T6163] ? __kmalloc_noprof+0xbf/0x510 [ 129.907200][ T6163] ? __register_sysctl_table+0xea2/0x1900 [ 129.907254][ T6163] should_failslab+0xc2/0x120 [ 129.907287][ T6163] __kmalloc_noprof+0xd2/0x510 [ 129.907334][ T6163] ? __register_sysctl_table+0xe8e/0x1900 [ 129.907399][ T6163] __register_sysctl_table+0xea2/0x1900 [ 129.907463][ T6163] ? __pfx___register_sysctl_table+0x10/0x10 [ 129.907516][ T6163] ? is_module_address+0x69/0xf0 [ 129.907564][ T6163] ? register_net_sysctl_sz+0x228/0x3e0 [ 129.907606][ T6163] __addrconf_sysctl_register+0x1a2/0x360 [ 129.907667][ T6163] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 129.907720][ T6163] ? trace_kmalloc+0x2b/0xd0 [ 129.907757][ T6163] ? addrconf_init_net+0x1e9/0x8f0 [ 129.907812][ T6163] ? __asan_memcpy+0x3c/0x60 [ 129.907861][ T6163] addrconf_init_net+0x513/0x8f0 [ 129.907918][ T6163] ? __pfx_addrconf_init_net+0x10/0x10 [ 129.907977][ T6163] ops_init+0x1df/0x5f0 [ 129.908035][ T6163] setup_net+0x1ff/0x510 [ 129.908092][ T6163] ? lockdep_init_map_type+0x5c/0x280 [ 129.908139][ T6163] ? __pfx_setup_net+0x10/0x10 [ 129.908192][ T6163] ? debug_mutex_init+0x37/0x70 [ 129.908232][ T6163] copy_net_ns+0x2a6/0x5f0 [ 129.908270][ T6163] create_new_namespaces+0x3ea/0xa90 [ 129.908319][ T6163] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 129.908362][ T6163] ksys_unshare+0x45b/0xa40 [ 129.908408][ T6163] ? __pfx_ksys_unshare+0x10/0x10 [ 129.908457][ T6163] ? xfd_validate_state+0x61/0x180 [ 129.908514][ T6163] __x64_sys_unshare+0x31/0x40 [ 129.908560][ T6163] do_syscall_64+0xcd/0x490 [ 129.908615][ T6163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.908649][ T6163] RIP: 0033:0x7fd5d2b8e929 [ 129.908676][ T6163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.908708][ T6163] RSP: 002b:00007fd5d3955038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 129.908740][ T6163] RAX: ffffffffffffffda RBX: 00007fd5d2db5fa0 RCX: 00007fd5d2b8e929 [ 129.908762][ T6163] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 129.908782][ T6163] RBP: 00007fd5d2c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 129.908802][ T6163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.908821][ T6163] R13: 0000000000000000 R14: 00007fd5d2db5fa0 R15: 00007fff27366df8 [ 129.908864][ T6163] [ 130.123434][ T6163] sysctl could not get directory: /net/ipv6/conf -12 [ 134.061690][ T6216] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 134.535431][ T6225] netlink: 25 bytes leftover after parsing attributes in process `syz.2.58'. [ 134.721921][ T6233] random: crng reseeded on system resumption [ 135.131127][ T6227] batman_adv: batadv0: adding TT local entry 00:00:03:00:00:00 to non-existent VLAN 3 [ 135.582427][ T6245] netlink: 4 bytes leftover after parsing attributes in process `syz.3.61'. [ 137.677564][ T51] Bluetooth: hci3: unexpected event 0x17 length: 11 > 6 [ 139.255608][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 139.262516][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.272520][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 139.279115][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.291072][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 139.303195][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.312639][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 139.319627][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 141.896114][ T6323] netlink: 28 bytes leftover after parsing attributes in process `syz.2.76'. [ 142.122685][ T6325] netlink: 28 bytes leftover after parsing attributes in process `syz.2.76'. [ 142.200317][ T6323] geneve1: entered promiscuous mode [ 142.230520][ T6323] geneve1: entered allmulticast mode [ 143.243177][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.253985][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 146.289659][ T6371] FAULT_INJECTION: forcing a failure. [ 146.289659][ T6371] name failslab, interval 1, probability 0, space 0, times 0 [ 146.302582][ T6371] CPU: 0 UID: 0 PID: 6371 Comm: syz.0.87 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 146.302613][ T6371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 146.302628][ T6371] Call Trace: [ 146.302635][ T6371] [ 146.302644][ T6371] dump_stack_lvl+0x16c/0x1f0 [ 146.302684][ T6371] should_fail_ex+0x512/0x640 [ 146.302719][ T6371] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 146.302754][ T6371] should_failslab+0xc2/0x120 [ 146.302778][ T6371] __kmalloc_cache_noprof+0x6a/0x3e0 [ 146.302816][ T6371] ? cec_open+0xdb/0x690 [ 146.302883][ T6371] cec_open+0xdb/0x690 [ 146.302931][ T6371] ? __pfx_cec_open+0x10/0x10 [ 146.302978][ T6371] ? do_raw_spin_lock+0x12c/0x2b0 [ 146.303015][ T6371] ? find_held_lock+0x2b/0x80 [ 146.303040][ T6371] ? chrdev_open+0x58c/0x6a0 [ 146.303081][ T6371] ? __pfx_cec_open+0x10/0x10 [ 146.303113][ T6371] chrdev_open+0x231/0x6a0 [ 146.303151][ T6371] ? __pfx_chrdev_open+0x10/0x10 [ 146.303190][ T6371] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 146.303227][ T6371] do_dentry_open+0x744/0x1c10 [ 146.303263][ T6371] ? __pfx_chrdev_open+0x10/0x10 [ 146.303306][ T6371] vfs_open+0x82/0x3f0 [ 146.303336][ T6371] path_openat+0x1de4/0x2cb0 [ 146.303380][ T6371] ? __pfx_path_openat+0x10/0x10 [ 146.303416][ T6371] ? __lock_acquire+0xb8a/0x1c90 [ 146.303451][ T6371] do_filp_open+0x20b/0x470 [ 146.303486][ T6371] ? __pfx_do_filp_open+0x10/0x10 [ 146.303541][ T6371] ? alloc_fd+0x471/0x7d0 [ 146.303587][ T6371] do_sys_openat2+0x11b/0x1d0 [ 146.303619][ T6371] ? __pfx_do_sys_openat2+0x10/0x10 [ 146.303657][ T6371] __x64_sys_openat+0x174/0x210 [ 146.303690][ T6371] ? __pfx___x64_sys_openat+0x10/0x10 [ 146.303729][ T6371] do_syscall_64+0xcd/0x490 [ 146.303773][ T6371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.303798][ T6371] RIP: 0033:0x7f3547b8e929 [ 146.303817][ T6371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.303840][ T6371] RSP: 002b:00007f35489e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 146.303862][ T6371] RAX: ffffffffffffffda RBX: 00007f3547db5fa0 RCX: 00007f3547b8e929 [ 146.303877][ T6371] RDX: 0000000000101901 RSI: 0000200000002c00 RDI: ffffffffffffff9c [ 146.303891][ T6371] RBP: 00007f3547c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 146.303905][ T6371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.303918][ T6371] R13: 0000000000000000 R14: 00007f3547db5fa0 R15: 00007fff6593e978 [ 146.303947][ T6371] [ 146.354087][ T6365] FAULT_INJECTION: forcing a failure. [ 146.354087][ T6365] name failslab, interval 1, probability 0, space 0, times 0 [ 146.690938][ T6365] CPU: 1 UID: 0 PID: 6365 Comm: syz.3.86 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 146.690980][ T6365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 146.690999][ T6365] Call Trace: [ 146.691009][ T6365] [ 146.691020][ T6365] dump_stack_lvl+0x16c/0x1f0 [ 146.691074][ T6365] should_fail_ex+0x512/0x640 [ 146.691120][ T6365] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 146.691172][ T6365] should_failslab+0xc2/0x120 [ 146.691204][ T6365] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 146.691251][ T6365] ? security_file_alloc+0x34/0x2b0 [ 146.691299][ T6365] security_file_alloc+0x34/0x2b0 [ 146.691339][ T6365] init_file+0x93/0x4c0 [ 146.691371][ T6365] alloc_empty_file+0x73/0x1e0 [ 146.691405][ T6365] alloc_file_pseudo+0x13a/0x230 [ 146.691441][ T6365] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 146.691476][ T6365] ? alloc_fd+0x471/0x7d0 [ 146.691525][ T6365] sock_alloc_file+0x50/0x210 [ 146.691587][ T6365] __sys_socket+0x1c0/0x260 [ 146.691625][ T6365] ? __pfx___sys_socket+0x10/0x10 [ 146.691679][ T6365] ? xfd_validate_state+0x61/0x180 [ 146.691721][ T6365] ? __pfx___do_sys_close_range+0x10/0x10 [ 146.691781][ T6365] __x64_sys_socket+0x72/0xb0 [ 146.691817][ T6365] ? lockdep_hardirqs_on+0x7c/0x110 [ 146.691865][ T6365] do_syscall_64+0xcd/0x490 [ 146.691917][ T6365] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.691949][ T6365] RIP: 0033:0x7fd5d2b8e929 [ 146.691975][ T6365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.692006][ T6365] RSP: 002b:00007fd5d3955038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 146.692037][ T6365] RAX: ffffffffffffffda RBX: 00007fd5d2db5fa0 RCX: 00007fd5d2b8e929 [ 146.692058][ T6365] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 146.692076][ T6365] RBP: 00007fd5d2c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 146.692095][ T6365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.692113][ T6365] R13: 0000000000000000 R14: 00007fd5d2db5fa0 R15: 00007fff27366df8 [ 146.692154][ T6365] [ 154.305003][ T6439] vhci_hcd: invalid port number 16 [ 154.310197][ T6439] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 155.444380][ T6450] process 'syz.1.101' launched './file0' with NULL argv: empty string added [ 156.482625][ T6461] netlink: 28 bytes leftover after parsing attributes in process `syz.3.104'. [ 158.134774][ T51] Bluetooth: hci1: unexpected event 0x3e length: 1020 > 260 [ 158.134821][ T51] Bluetooth: hci1: unexpected subevent 0x01 length: 1019 > 18 [ 159.813180][ T6496] FAULT_INJECTION: forcing a failure. [ 159.813180][ T6496] name failslab, interval 1, probability 0, space 0, times 0 [ 159.932999][ T6496] CPU: 0 UID: 0 PID: 6496 Comm: syz.0.110 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 159.933046][ T6496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 159.933066][ T6496] Call Trace: [ 159.933077][ T6496] [ 159.933090][ T6496] dump_stack_lvl+0x16c/0x1f0 [ 159.933156][ T6496] should_fail_ex+0x512/0x640 [ 159.933203][ T6496] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 159.933268][ T6496] should_failslab+0xc2/0x120 [ 159.933300][ T6496] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 159.933349][ T6496] ? __pfx___might_resched+0x10/0x10 [ 159.933383][ T6496] ? __anon_vma_prepare+0xae/0x5e0 [ 159.933434][ T6496] __anon_vma_prepare+0xae/0x5e0 [ 159.933476][ T6496] ? __pfx___pte_alloc+0x10/0x10 [ 159.933513][ T6496] __vmf_anon_prepare+0x11c/0x240 [ 159.933551][ T6496] __handle_mm_fault+0x27f6/0x5490 [ 159.933606][ T6496] ? __pfx___handle_mm_fault+0x10/0x10 [ 159.933647][ T6496] ? __pfx_mt_find+0x10/0x10 [ 159.933699][ T6496] ? find_vma+0xbf/0x140 [ 159.933731][ T6496] ? __pfx_find_vma+0x10/0x10 [ 159.933768][ T6496] handle_mm_fault+0x589/0xd10 [ 159.933810][ T6496] ? __pkru_allows_pkey+0x51/0xb0 [ 159.933858][ T6496] do_user_addr_fault+0x7a6/0x1370 [ 159.933909][ T6496] ? rcu_is_watching+0x12/0xc0 [ 159.933946][ T6496] exc_page_fault+0x5c/0xb0 [ 159.933992][ T6496] asm_exc_page_fault+0x26/0x30 [ 159.934042][ T6496] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 159.934080][ T6496] Code: e9 84 11 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 11 04 00 66 66 2e 0f [ 159.934119][ T6496] RSP: 0018:ffffc900043bfe98 EFLAGS: 00050206 [ 159.934144][ T6496] RAX: 000000000000006d RBX: 0000000000000006 RCX: 0000000000000006 [ 159.934164][ T6496] RDX: fffffbfff17921f4 RSI: ffffffff8bc90fa0 RDI: 0000000000000000 [ 159.934185][ T6496] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff17921f4 [ 159.934205][ T6496] R10: 0000000000000005 R11: 0000000000000001 R12: ffffffff8bc90fa0 [ 159.934222][ T6496] R13: 0000000000000006 R14: 00007ffffffff000 R15: 0000000000000000 [ 159.934257][ T6496] _copy_to_user+0xbb/0xd0 [ 159.934305][ T6496] fs_name+0x172/0x220 [ 159.934351][ T6496] __x64_sys_sysfs+0xbf/0x1a0 [ 159.934378][ T6496] do_syscall_64+0xcd/0x490 [ 159.934422][ T6496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.934449][ T6496] RIP: 0033:0x7f3547b8e929 [ 159.934471][ T6496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.934496][ T6496] RSP: 002b:00007f35489c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000008b [ 159.934520][ T6496] RAX: ffffffffffffffda RBX: 00007f3547db6080 RCX: 00007f3547b8e929 [ 159.934537][ T6496] RDX: 0000000000000000 RSI: 0000000000000018 RDI: 0000000000000002 [ 159.934553][ T6496] RBP: 00007f3547c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 159.934569][ T6496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.934585][ T6496] R13: 0000000000000000 R14: 00007f3547db6080 R15: 00007fff6593e978 [ 159.934618][ T6496] [ 161.123973][ T6507] FAULT_INJECTION: forcing a failure. [ 161.123973][ T6507] name failslab, interval 1, probability 0, space 0, times 0 [ 161.166901][ T6507] CPU: 0 UID: 0 PID: 6507 Comm: syz.1.113 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 161.166945][ T6507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 161.166965][ T6507] Call Trace: [ 161.166975][ T6507] [ 161.166987][ T6507] dump_stack_lvl+0x16c/0x1f0 [ 161.167042][ T6507] should_fail_ex+0x512/0x640 [ 161.167089][ T6507] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 161.167137][ T6507] should_failslab+0xc2/0x120 [ 161.167168][ T6507] __kmalloc_cache_noprof+0x6a/0x3e0 [ 161.167211][ T6507] ? blk_mq_init_allocated_queue+0xd1/0x1240 [ 161.167277][ T6507] blk_mq_init_allocated_queue+0xd1/0x1240 [ 161.167331][ T6507] ? blk_alloc_queue+0x630/0x760 [ 161.167366][ T6507] ? blk_mq_alloc_queue+0x175/0x290 [ 161.167410][ T6507] ? blk_alloc_queue+0x1a3/0x760 [ 161.167450][ T6507] blk_mq_alloc_queue+0x1be/0x290 [ 161.167494][ T6507] ? __pfx_blk_mq_alloc_queue+0x10/0x10 [ 161.167578][ T6507] ? debug_mutex_init+0x37/0x70 [ 161.167614][ T6507] ? blk_mq_alloc_tag_set+0xcfe/0x1260 [ 161.167671][ T6507] __blk_mq_alloc_disk+0x29/0x120 [ 161.167739][ T6507] loop_add+0x49e/0xb70 [ 161.167777][ T6507] ? do_vfs_ioctl+0x523/0x1a60 [ 161.167816][ T6507] ? __pfx_loop_add+0x10/0x10 [ 161.167850][ T6507] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 161.167916][ T6507] ? find_held_lock+0x2b/0x80 [ 161.167958][ T6507] loop_control_ioctl+0x13e/0x630 [ 161.168000][ T6507] ? __pfx_loop_control_ioctl+0x10/0x10 [ 161.168046][ T6507] ? __pfx_loop_control_ioctl+0x10/0x10 [ 161.168088][ T6507] __x64_sys_ioctl+0x18b/0x210 [ 161.168130][ T6507] do_syscall_64+0xcd/0x490 [ 161.168197][ T6507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.168242][ T6507] RIP: 0033:0x7fe3bb58e929 [ 161.168269][ T6507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.168302][ T6507] RSP: 002b:00007fe3bc3dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 161.168333][ T6507] RAX: ffffffffffffffda RBX: 00007fe3bb7b5fa0 RCX: 00007fe3bb58e929 [ 161.168355][ T6507] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000006 [ 161.168375][ T6507] RBP: 00007fe3bb610b39 R08: 0000000000000000 R09: 0000000000000000 [ 161.168395][ T6507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 161.168414][ T6507] R13: 0000000000000000 R14: 00007fe3bb7b5fa0 R15: 00007ffd18bdb288 [ 161.168456][ T6507] [ 162.922950][ T6518] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 164.705141][ T6524] netlink: 28 bytes leftover after parsing attributes in process `syz.0.117'. [ 164.872284][ T6524] veth1_macvtap: left promiscuous mode [ 165.734222][ T6537] netlink: 4 bytes leftover after parsing attributes in process `syz.2.120'. [ 166.655509][ T6547] FAULT_INJECTION: forcing a failure. [ 166.655509][ T6547] name failslab, interval 1, probability 0, space 0, times 0 [ 166.723140][ T6547] CPU: 1 UID: 0 PID: 6547 Comm: syz.2.123 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 166.723182][ T6547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 166.723202][ T6547] Call Trace: [ 166.723212][ T6547] [ 166.723225][ T6547] dump_stack_lvl+0x16c/0x1f0 [ 166.723277][ T6547] should_fail_ex+0x512/0x640 [ 166.723325][ T6547] ? fs_reclaim_acquire+0xae/0x150 [ 166.723367][ T6547] should_failslab+0xc2/0x120 [ 166.723398][ T6547] __kmalloc_cache_noprof+0x6a/0x3e0 [ 166.723443][ T6547] ? tomoyo_find_next_domain+0xfd/0x20b0 [ 166.723484][ T6547] tomoyo_find_next_domain+0xfd/0x20b0 [ 166.723536][ T6547] ? __pfx_tomoyo_find_next_domain+0x10/0x10 [ 166.723588][ T6547] tomoyo_bprm_check_security+0x12e/0x1d0 [ 166.723640][ T6547] ? tomoyo_bprm_check_security+0x120/0x1d0 [ 166.723692][ T6547] security_bprm_check+0x1b9/0x1e0 [ 166.723720][ T6547] bprm_execve+0x810/0x1650 [ 166.723779][ T6547] ? __pfx_bprm_execve+0x10/0x10 [ 166.723815][ T6547] ? copy_string_kernel+0x444/0x510 [ 166.723862][ T6547] do_execveat_common.isra.0+0x4a5/0x610 [ 166.723909][ T6547] __x64_sys_execve+0x8e/0xb0 [ 166.723949][ T6547] do_syscall_64+0xcd/0x490 [ 166.723994][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.724023][ T6547] RIP: 0033:0x7ff5d0d8e929 [ 166.724045][ T6547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.724072][ T6547] RSP: 002b:00007ff5d1b6a038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 166.724098][ T6547] RAX: ffffffffffffffda RBX: 00007ff5d0fb6080 RCX: 00007ff5d0d8e929 [ 166.724116][ T6547] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 166.724133][ T6547] RBP: 00007ff5d0e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 166.724149][ T6547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.724165][ T6547] R13: 0000000000000000 R14: 00007ff5d0fb6080 R15: 00007ffebd00dad8 [ 166.724200][ T6547] [ 166.929101][ C1] vkms_vblank_simulate: vblank timer overrun [ 171.780916][ T6596] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.291702][ T6612] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 173.291796][ T6612] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 173.291829][ T6612] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 173.302885][ T30] audit: type=1800 audit(1752533067.444:3): pid=6612 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.131" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0 [ 173.726271][ T6612] syz.3.131 (6612) used greatest stack depth: 19992 bytes left [ 178.979588][ T6670] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 178.984141][ T6674] random: crng reseeded on system resumption [ 181.237022][ T6695] Invalid ELF header magic: != ELF [ 181.616429][ T6695] netlink: 330 bytes leftover after parsing attributes in process `syz.3.148'. [ 184.742973][ T6728] FAULT_INJECTION: forcing a failure. [ 184.742973][ T6728] name failslab, interval 1, probability 0, space 0, times 0 [ 185.051160][ T6728] CPU: 0 UID: 0 PID: 6728 Comm: syz.2.154 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 185.051193][ T6728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 185.051208][ T6728] Call Trace: [ 185.051216][ T6728] [ 185.051235][ T6728] dump_stack_lvl+0x16c/0x1f0 [ 185.051276][ T6728] should_fail_ex+0x512/0x640 [ 185.051311][ T6728] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 185.051351][ T6728] should_failslab+0xc2/0x120 [ 185.051374][ T6728] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 185.051411][ T6728] ? getname_flags.part.0+0x4c/0x550 [ 185.051442][ T6728] getname_flags.part.0+0x4c/0x550 [ 185.051471][ T6728] getname_flags+0x93/0xf0 [ 185.051504][ T6728] do_sys_openat2+0xb8/0x1d0 [ 185.051530][ T6728] ? __pfx_do_sys_openat2+0x10/0x10 [ 185.051559][ T6728] ? do_fcntl+0x1eb/0x15a0 [ 185.051594][ T6728] __x64_sys_openat+0x174/0x210 [ 185.051622][ T6728] ? __pfx___x64_sys_openat+0x10/0x10 [ 185.051651][ T6728] ? syscall_user_dispatch+0x78/0x140 [ 185.051681][ T6728] do_syscall_64+0xcd/0x490 [ 185.051720][ T6728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.051744][ T6728] RIP: 0033:0x7ff5d0d8e929 [ 185.051762][ T6728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.051784][ T6728] RSP: 002b:00007ff5d1b6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 185.051805][ T6728] RAX: ffffffffffffffda RBX: 00007ff5d0fb6080 RCX: 00007ff5d0d8e929 [ 185.051827][ T6728] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 185.051842][ T6728] RBP: 00007ff5d0e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 185.051855][ T6728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.051869][ T6728] R13: 0000000000000000 R14: 00007ff5d0fb6080 R15: 00007ffebd00dad8 [ 185.051898][ T6728] [ 185.626465][ T6739] netlink: 28 bytes leftover after parsing attributes in process `syz.2.156'. [ 185.667575][ T6739] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 185.675213][ T6739] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 185.824420][ T6739] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 185.831913][ T6739] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 187.296869][ T6748] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 189.526569][ T6767] FAULT_INJECTION: forcing a failure. [ 189.526569][ T6767] name failslab, interval 1, probability 0, space 0, times 0 [ 189.634036][ T6767] CPU: 1 UID: 0 PID: 6767 Comm: syz.3.161 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 189.634083][ T6767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 189.634101][ T6767] Call Trace: [ 189.634112][ T6767] [ 189.634125][ T6767] dump_stack_lvl+0x16c/0x1f0 [ 189.634180][ T6767] should_fail_ex+0x512/0x640 [ 189.634229][ T6767] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 189.634285][ T6767] should_failslab+0xc2/0x120 [ 189.634317][ T6767] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 189.634369][ T6767] ? seq_open+0x55/0x170 [ 189.634407][ T6767] ? __pfx_show_smaps_rollup+0x10/0x10 [ 189.634450][ T6767] seq_open+0x55/0x170 [ 189.634482][ T6767] ? __pfx_show_smaps_rollup+0x10/0x10 [ 189.634526][ T6767] single_open+0xfc/0x1f0 [ 189.634563][ T6767] smaps_rollup_open+0x6f/0x170 [ 189.634606][ T6767] do_dentry_open+0x744/0x1c10 [ 189.634656][ T6767] ? __pfx_smaps_rollup_open+0x10/0x10 [ 189.634705][ T6767] vfs_open+0x82/0x3f0 [ 189.634757][ T6767] path_openat+0x1de4/0x2cb0 [ 189.634818][ T6767] ? __pfx_path_openat+0x10/0x10 [ 189.634870][ T6767] ? __lock_acquire+0xb8a/0x1c90 [ 189.634921][ T6767] do_filp_open+0x20b/0x470 [ 189.634971][ T6767] ? __pfx_do_filp_open+0x10/0x10 [ 189.635034][ T6767] ? __pfx_kfree_link+0x10/0x10 [ 189.635084][ T6767] ? alloc_fd+0x471/0x7d0 [ 189.635140][ T6767] do_sys_openat2+0x11b/0x1d0 [ 189.635177][ T6767] ? __pfx_do_sys_openat2+0x10/0x10 [ 189.635232][ T6767] __x64_sys_openat+0x174/0x210 [ 189.635270][ T6767] ? __pfx___x64_sys_openat+0x10/0x10 [ 189.635326][ T6767] do_syscall_64+0xcd/0x490 [ 189.635379][ T6767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.635411][ T6767] RIP: 0033:0x7fd5d2b8e929 [ 189.635438][ T6767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.635470][ T6767] RSP: 002b:00007fd5d3934038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 189.635502][ T6767] RAX: ffffffffffffffda RBX: 00007fd5d2db6080 RCX: 00007fd5d2b8e929 [ 189.635523][ T6767] RDX: 00000000001a3000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 189.635555][ T6767] RBP: 00007fd5d2c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 189.635575][ T6767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.635595][ T6767] R13: 0000000000000000 R14: 00007fd5d2db6080 R15: 00007fff27366df8 [ 189.635637][ T6767] [ 190.323490][ T6773] FAULT_INJECTION: forcing a failure. [ 190.323490][ T6773] name failslab, interval 1, probability 0, space 0, times 0 [ 190.371809][ T6773] CPU: 1 UID: 0 PID: 6773 Comm: syz.0.162 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 190.371857][ T6773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 190.371876][ T6773] Call Trace: [ 190.371887][ T6773] [ 190.371899][ T6773] dump_stack_lvl+0x16c/0x1f0 [ 190.371956][ T6773] should_fail_ex+0x512/0x640 [ 190.372005][ T6773] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 190.372055][ T6773] should_failslab+0xc2/0x120 [ 190.372089][ T6773] __kmalloc_cache_noprof+0x6a/0x3e0 [ 190.372133][ T6773] ? snd_pcm_hw_param_first+0x30d/0x6f0 [ 190.372164][ T6773] ? snd_pcm_hw_param_near.constprop.0+0x72f/0x8e0 [ 190.372199][ T6773] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0 [ 190.372244][ T6773] snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0 [ 190.372289][ T6773] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 190.372327][ T6773] ? __asan_memset+0x23/0x50 [ 190.372368][ T6773] ? calc_src_frames.isra.0+0x187/0x1d0 [ 190.372416][ T6773] snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 190.372473][ T6773] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 190.372545][ T6773] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 190.372590][ T6773] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 190.372630][ T6773] ? hook_file_ioctl_common+0x145/0x410 [ 190.372669][ T6773] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 190.372719][ T6773] ? __fget_files+0x20e/0x3c0 [ 190.372771][ T6773] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 190.372815][ T6773] __x64_sys_ioctl+0x18b/0x210 [ 190.372856][ T6773] do_syscall_64+0xcd/0x490 [ 190.372908][ T6773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.372942][ T6773] RIP: 0033:0x7f3547b8e929 [ 190.372967][ T6773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.372999][ T6773] RSP: 002b:00007f35489a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 190.373030][ T6773] RAX: ffffffffffffffda RBX: 00007f3547db6160 RCX: 00007f3547b8e929 [ 190.373051][ T6773] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000009 [ 190.373070][ T6773] RBP: 00007f3547c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 190.373090][ T6773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.373109][ T6773] R13: 0000000000000000 R14: 00007f3547db6160 R15: 00007fff6593e978 [ 190.373152][ T6773] [ 194.633794][ T30] audit: type=1804 audit(1752533088.794:4): pid=6808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.170" name="/newroot/44/file0" dev="tmpfs" ino=250 res=1 errno=0 [ 194.724605][ T30] audit: type=1800 audit(1752533088.814:5): pid=6808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.170" name="file0" dev="tmpfs" ino=250 res=0 errno=0 [ 197.326819][ T6827] FAULT_INJECTION: forcing a failure. [ 197.326819][ T6827] name failslab, interval 1, probability 0, space 0, times 0 [ 197.397775][ T6827] CPU: 0 UID: 0 PID: 6827 Comm: syz.1.174 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 197.397853][ T6827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 197.397872][ T6827] Call Trace: [ 197.397883][ T6827] [ 197.397896][ T6827] dump_stack_lvl+0x16c/0x1f0 [ 197.397951][ T6827] should_fail_ex+0x512/0x640 [ 197.397999][ T6827] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 197.398060][ T6827] should_failslab+0xc2/0x120 [ 197.398092][ T6827] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 197.398142][ T6827] ? eth_type_trans+0x335/0x7a0 [ 197.398175][ T6827] ? __alloc_skb+0x2b2/0x380 [ 197.398226][ T6827] __alloc_skb+0x2b2/0x380 [ 197.398273][ T6827] ? __pfx___alloc_skb+0x10/0x10 [ 197.398318][ T6827] ? netif_rx+0x30/0xb0 [ 197.398347][ T6827] ? tipc_clone_to_loopback+0x354/0x4b0 [ 197.398393][ T6827] ? lockdep_init_map_type+0x5c/0x280 [ 197.398448][ T6827] tipc_buf_acquire+0x26/0xe0 [ 197.398486][ T6827] tipc_msg_build+0x112/0x1150 [ 197.398536][ T6827] ? __pfx_tipc_msg_build+0x10/0x10 [ 197.398586][ T6827] ? __up_read+0x1f8/0x750 [ 197.398643][ T6827] __tipc_sendstream+0x6f9/0x1170 [ 197.398697][ T6827] ? __pfx___tipc_sendstream+0x10/0x10 [ 197.398733][ T6827] ? do_raw_spin_lock+0x12c/0x2b0 [ 197.398785][ T6827] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 197.398848][ T6827] ? __pfx_woken_wake_function+0x10/0x10 [ 197.398888][ T6827] ? __local_bh_enable_ip+0xa4/0x120 [ 197.398933][ T6827] tipc_sendstream+0x4f/0x70 [ 197.398971][ T6827] ____sys_sendmsg+0xa98/0xc70 [ 197.399008][ T6827] ? copy_msghdr_from_user+0x10a/0x160 [ 197.399056][ T6827] ? __pfx_____sys_sendmsg+0x10/0x10 [ 197.399098][ T6827] ? kfree+0x24f/0x4d0 [ 197.399139][ T6827] ? futex_unqueue+0x133/0x2c0 [ 197.399184][ T6827] ___sys_sendmsg+0x134/0x1d0 [ 197.399235][ T6827] ? __pfx____sys_sendmsg+0x10/0x10 [ 197.399323][ T6827] ? __pfx___might_resched+0x10/0x10 [ 197.399366][ T6827] __sys_sendmmsg+0x200/0x420 [ 197.399420][ T6827] ? __pfx___sys_sendmmsg+0x10/0x10 [ 197.399482][ T6827] ? __pfx_do_futex+0x10/0x10 [ 197.399539][ T6827] ? fdget_pos+0x2b8/0x370 [ 197.399588][ T6827] ? xfd_validate_state+0x61/0x180 [ 197.399631][ T6827] ? __pfx_ksys_read+0x10/0x10 [ 197.399685][ T6827] __x64_sys_sendmmsg+0x9c/0x100 [ 197.399734][ T6827] ? lockdep_hardirqs_on+0x7c/0x110 [ 197.399781][ T6827] do_syscall_64+0xcd/0x490 [ 197.399854][ T6827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.399887][ T6827] RIP: 0033:0x7fe3bb58e929 [ 197.399914][ T6827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.399946][ T6827] RSP: 002b:00007fe3bc3dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 197.399977][ T6827] RAX: ffffffffffffffda RBX: 00007fe3bb7b5fa0 RCX: 00007fe3bb58e929 [ 197.399998][ T6827] RDX: 0000000000000400 RSI: 0000000000000000 RDI: 0000000000000004 [ 197.400018][ T6827] RBP: 00007fe3bb610b39 R08: 0000000000000000 R09: 0000000000000000 [ 197.400038][ T6827] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 197.400057][ T6827] R13: 0000000000000000 R14: 00007fe3bb7b5fa0 R15: 00007ffd18bdb288 [ 197.400098][ T6827] [ 198.792058][ T6838] sp0: Synchronizing with TNC [ 198.864698][ T6838] capability: warning: `syz.0.176' uses 32-bit capabilities (legacy support in use) [ 200.418510][ T6863] QAT: Invalid ioctl 21531 [ 201.392640][ T6874] can: request_module (can-proto-3) failed. [ 202.811027][ T6879] netlink: 342 bytes leftover after parsing attributes in process `syz.1.183'. [ 202.892358][ T6866] syz.0.180 (6866): attempted to duplicate a private mapping with mremap. This is not supported. [ 204.713584][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.719982][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 206.769408][ T6934] FAULT_INJECTION: forcing a failure. [ 206.769408][ T6934] name failslab, interval 1, probability 0, space 0, times 0 [ 206.843024][ T6934] CPU: 0 UID: 0 PID: 6934 Comm: syz.2.195 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 206.843069][ T6934] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 206.843088][ T6934] Call Trace: [ 206.843098][ T6934] [ 206.843110][ T6934] dump_stack_lvl+0x16c/0x1f0 [ 206.843164][ T6934] should_fail_ex+0x512/0x640 [ 206.843222][ T6934] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 206.843276][ T6934] should_failslab+0xc2/0x120 [ 206.843305][ T6934] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 206.843351][ T6934] ? __lock_acquire+0x622/0x1c90 [ 206.843396][ T6934] ? sk_prot_alloc+0x60/0x2a0 [ 206.843435][ T6934] sk_prot_alloc+0x60/0x2a0 [ 206.843472][ T6934] sk_alloc+0x36/0xc20 [ 206.843519][ T6934] __vsock_create.constprop.0+0x3c/0xbb0 [ 206.843564][ T6934] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 206.843628][ T6934] vsock_create+0x139/0x500 [ 206.843682][ T6934] __sock_create+0x335/0x8d0 [ 206.843736][ T6934] __sys_socket+0x14d/0x260 [ 206.843775][ T6934] ? __pfx___sys_socket+0x10/0x10 [ 206.843812][ T6934] ? xfd_validate_state+0x61/0x180 [ 206.843853][ T6934] ? __task_pid_nr_ns+0x17c/0x500 [ 206.843904][ T6934] __x64_sys_socket+0x72/0xb0 [ 206.843942][ T6934] ? lockdep_hardirqs_on+0x7c/0x110 [ 206.843989][ T6934] do_syscall_64+0xcd/0x490 [ 206.844041][ T6934] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.844072][ T6934] RIP: 0033:0x7ff5d0d8e929 [ 206.844099][ T6934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.844130][ T6934] RSP: 002b:00007ff5d1b8b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 206.844159][ T6934] RAX: ffffffffffffffda RBX: 00007ff5d0fb5fa0 RCX: 00007ff5d0d8e929 [ 206.844189][ T6934] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000028 [ 206.844209][ T6934] RBP: 00007ff5d0e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 206.844229][ T6934] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 206.844249][ T6934] R13: 0000000000000000 R14: 00007ff5d0fb5fa0 R15: 00007ffebd00dad8 [ 206.844291][ T6934] [ 207.572222][ T6948] netlink: 4 bytes leftover after parsing attributes in process `syz.2.196'. [ 207.603610][ T6948] netlink: 354 bytes leftover after parsing attributes in process `syz.2.196'. [ 208.106548][ T6965] netlink: 8 bytes leftover after parsing attributes in process `syz.2.199'. [ 208.220758][ T6955] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 208.236640][ T6955] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 209.109832][ T5839] udevd[5839]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 209.229127][ T5839] udevd[5839]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 209.711264][ T6985] mmap: syz.1.204 (6985) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 213.226916][ T7013] kexec: Could not allocate control_code_buffer [ 213.415879][ T7032] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 213.510114][ T7032] netlink: 28 bytes leftover after parsing attributes in process `syz.1.210'. [ 213.559363][ T7032] bond0: (slave bond_slave_1): Releasing backup interface [ 216.761531][ T7061] random: crng reseeded on system resumption [ 217.281909][ T30] audit: type=1800 audit(1752533111.434:6): pid=7071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.219" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 219.700682][ T7095] syz.2.224 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 222.052254][ T7119] syz.1.229 (7119) used greatest stack depth: 19784 bytes left [ 224.658372][ T30] audit: type=1804 audit(6047500413.816:7): pid=7144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.235" name="/newroot/62/file0" dev="tmpfs" ino=345 res=1 errno=0 [ 224.732949][ T30] audit: type=1800 audit(6047500413.816:8): pid=7144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.235" name="file0" dev="tmpfs" ino=345 res=0 errno=0 [ 225.137144][ T7152] FAULT_INJECTION: forcing a failure. [ 225.137144][ T7152] name failslab, interval 1, probability 0, space 0, times 0 [ 225.175907][ T7152] CPU: 0 UID: 0 PID: 7152 Comm: syz.2.238 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 225.175949][ T7152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 225.175967][ T7152] Call Trace: [ 225.175976][ T7152] [ 225.175987][ T7152] dump_stack_lvl+0x16c/0x1f0 [ 225.176038][ T7152] should_fail_ex+0x512/0x640 [ 225.176079][ T7152] ? __kmalloc_noprof+0xbf/0x510 [ 225.176124][ T7152] ? constrain_params_by_rules+0x175/0xca0 [ 225.176154][ T7152] should_failslab+0xc2/0x120 [ 225.176181][ T7152] __kmalloc_noprof+0xd2/0x510 [ 225.176219][ T7152] ? kasan_quarantine_put+0x10a/0x240 [ 225.176258][ T7152] ? lockdep_hardirqs_on+0x7c/0x110 [ 225.176303][ T7152] constrain_params_by_rules+0x175/0xca0 [ 225.176343][ T7152] ? constrain_params_by_rules+0xa09/0xca0 [ 225.176381][ T7152] ? constrain_params_by_rules+0xa0e/0xca0 [ 225.176416][ T7152] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 225.176456][ T7152] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 225.176486][ T7152] ? snd_pcm_hw_param_near.constprop.0+0x72f/0x8e0 [ 225.176515][ T7152] ? snd_pcm_oss_change_params_locked+0x9cd/0x3a30 [ 225.176554][ T7152] ? snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 225.176584][ T7152] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 225.176616][ T7152] ? snd_interval_refine+0x2fa/0x580 [ 225.176658][ T7152] snd_pcm_hw_refine+0x7de/0xad0 [ 225.176694][ T7152] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 225.176731][ T7152] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 225.176774][ T7152] snd_pcm_hw_param_first+0x334/0x6f0 [ 225.176811][ T7152] snd_pcm_hw_param_near.constprop.0+0x702/0x8e0 [ 225.176848][ T7152] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 225.176879][ T7152] ? __asan_memset+0x23/0x50 [ 225.176913][ T7152] ? calc_src_frames.isra.0+0x187/0x1d0 [ 225.176951][ T7152] snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 225.176998][ T7152] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 225.177058][ T7152] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 225.177096][ T7152] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 225.177129][ T7152] ? hook_file_ioctl_common+0x145/0x410 [ 225.177161][ T7152] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 225.177195][ T7152] ? __fget_files+0x20e/0x3c0 [ 225.177239][ T7152] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 225.177271][ T7152] __x64_sys_ioctl+0x18b/0x210 [ 225.177314][ T7152] do_syscall_64+0xcd/0x490 [ 225.177361][ T7152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.177389][ T7152] RIP: 0033:0x7ff5d0d8e929 [ 225.177412][ T7152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.177439][ T7152] RSP: 002b:00007ff5d1b6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 225.177466][ T7152] RAX: ffffffffffffffda RBX: 00007ff5d0fb6080 RCX: 00007ff5d0d8e929 [ 225.177484][ T7152] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000008 [ 225.177501][ T7152] RBP: 00007ff5d0e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 225.177518][ T7152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.177534][ T7152] R13: 0000000000000000 R14: 00007ff5d0fb6080 R15: 00007ffebd00dad8 [ 225.177570][ T7152] [ 225.491541][ C0] vkms_vblank_simulate: vblank timer overrun [ 226.029014][ T7164] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 226.038269][ T7164] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 226.049038][ T7164] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 226.057337][ T7164] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 226.065324][ T7164] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 227.028166][ T7162] chnl_net:caif_netlink_parms(): no params data found [ 227.190108][ T7162] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.203335][ T7162] bridge0: port 1(bridge_slave_0) entered disabled state [ 227.220874][ T7162] bridge_slave_0: entered allmulticast mode [ 227.229074][ T7162] bridge_slave_0: entered promiscuous mode [ 227.238785][ T7162] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.332972][ T7162] bridge0: port 2(bridge_slave_1) entered disabled state [ 227.353640][ T7162] bridge_slave_1: entered allmulticast mode [ 227.365020][ T7162] bridge_slave_1: entered promiscuous mode [ 227.556322][ T6927] Bluetooth: hci0: command 0x0406 tx timeout [ 227.562409][ T6946] Bluetooth: hci1: command 0x0406 tx timeout [ 227.568532][ T7164] Bluetooth: hci2: command 0x0406 tx timeout [ 227.576006][ T7159] Bluetooth: hci3: command 0x0406 tx timeout [ 227.683104][ T7162] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 227.702327][ T7162] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.747945][ T7162] team0: Port device team_slave_0 added [ 227.757051][ T7162] team0: Port device team_slave_1 added [ 227.791241][ T7162] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 227.798604][ T7162] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.830774][ T7162] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 227.888408][ T7162] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 227.896664][ T7162] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.924458][ T7162] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 228.098889][ T7184] random: crng reseeded on system resumption [ 228.193576][ T7157] Bluetooth: hci4: command tx timeout [ 228.474312][ T7162] hsr_slave_0: entered promiscuous mode [ 228.507486][ T7162] hsr_slave_1: entered promiscuous mode [ 228.530685][ T7162] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 228.539615][ T7162] Cannot create hsr debugfs directory [ 229.944401][ T7162] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 229.999326][ T7162] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 230.081538][ T7162] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 230.120279][ T7162] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 230.280209][ T7157] Bluetooth: hci4: command tx timeout [ 230.427478][ T7162] 8021q: adding VLAN 0 to HW filter on device bond0 [ 230.971412][ T7162] 8021q: adding VLAN 0 to HW filter on device team0 [ 231.062222][ T6926] bridge0: port 1(bridge_slave_0) entered blocking state [ 231.070261][ T6926] bridge0: port 1(bridge_slave_0) entered forwarding state [ 231.129454][ T6926] bridge0: port 2(bridge_slave_1) entered blocking state [ 231.136649][ T6926] bridge0: port 2(bridge_slave_1) entered forwarding state [ 232.014980][ T7220] FAULT_INJECTION: forcing a failure. [ 232.014980][ T7220] name failslab, interval 1, probability 0, space 0, times 0 [ 232.099987][ T7220] CPU: 1 UID: 0 PID: 7220 Comm: syz.2.247 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 232.100035][ T7220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 232.100055][ T7220] Call Trace: [ 232.100067][ T7220] [ 232.100079][ T7220] dump_stack_lvl+0x16c/0x1f0 [ 232.100133][ T7220] should_fail_ex+0x512/0x640 [ 232.100181][ T7220] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 232.100231][ T7220] should_failslab+0xc2/0x120 [ 232.100264][ T7220] __kmalloc_cache_noprof+0x6a/0x3e0 [ 232.100311][ T7220] ? single_open+0x4d/0x1f0 [ 232.100351][ T7220] ? __pfx_show_smaps_rollup+0x10/0x10 [ 232.100391][ T7220] single_open+0x4d/0x1f0 [ 232.100429][ T7220] smaps_rollup_open+0x6f/0x170 [ 232.100492][ T7220] do_dentry_open+0x744/0x1c10 [ 232.100545][ T7220] ? __pfx_smaps_rollup_open+0x10/0x10 [ 232.100594][ T7220] vfs_open+0x82/0x3f0 [ 232.100636][ T7220] path_openat+0x1de4/0x2cb0 [ 232.100700][ T7220] ? __pfx_path_openat+0x10/0x10 [ 232.100752][ T7220] ? __lock_acquire+0xb8a/0x1c90 [ 232.100804][ T7220] do_filp_open+0x20b/0x470 [ 232.100867][ T7220] ? __pfx_do_filp_open+0x10/0x10 [ 232.100931][ T7220] ? __pfx_kfree_link+0x10/0x10 [ 232.100983][ T7220] ? alloc_fd+0x471/0x7d0 [ 232.101041][ T7220] do_sys_openat2+0x11b/0x1d0 [ 232.101079][ T7220] ? __pfx_do_sys_openat2+0x10/0x10 [ 232.101133][ T7220] __x64_sys_openat+0x174/0x210 [ 232.101172][ T7220] ? __pfx___x64_sys_openat+0x10/0x10 [ 232.101229][ T7220] do_syscall_64+0xcd/0x490 [ 232.101283][ T7220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.101317][ T7220] RIP: 0033:0x7ff5d0d8e929 [ 232.101344][ T7220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.101376][ T7220] RSP: 002b:00007ff5d1b6a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 232.101408][ T7220] RAX: ffffffffffffffda RBX: 00007ff5d0fb6080 RCX: 00007ff5d0d8e929 [ 232.101430][ T7220] RDX: 00000000001a3000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 232.101452][ T7220] RBP: 00007ff5d0e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 232.101473][ T7220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.101493][ T7220] R13: 0000000000000000 R14: 00007ff5d0fb6080 R15: 00007ffebd00dad8 [ 232.101534][ T7220] [ 232.331467][ T7162] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 232.420573][ T7157] Bluetooth: hci4: command tx timeout [ 232.739629][ T7210] kexec: Could not allocate control_code_buffer [ 233.271761][ T7237] netlink: 8 bytes leftover after parsing attributes in process `syz.1.249'. [ 233.294001][ T7162] veth0_vlan: entered promiscuous mode [ 233.339026][ T7162] veth1_vlan: entered promiscuous mode [ 233.616873][ T7162] veth0_macvtap: entered promiscuous mode [ 233.642298][ T7162] veth1_macvtap: entered promiscuous mode [ 233.712611][ T5839] udevd[5839]: inotify_add_watch(7, /dev/nbd4128, 10) failed: No such file or directory [ 233.974145][ T7162] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 234.085354][ T7162] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 234.315424][ T7162] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.325123][ T7162] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.344508][ T7162] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.354186][ T7162] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 234.434067][ T7157] Bluetooth: hci4: command tx timeout [ 234.897217][ T6926] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 234.923616][ T6926] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 235.025819][ T6926] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 235.035723][ T6926] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 236.164355][ T7272] FAULT_INJECTION: forcing a failure. [ 236.164355][ T7272] name failslab, interval 1, probability 0, space 0, times 0 [ 236.233785][ T7272] CPU: 1 UID: 0 PID: 7272 Comm: syz.3.254 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 236.233832][ T7272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 236.233851][ T7272] Call Trace: [ 236.233861][ T7272] [ 236.233874][ T7272] dump_stack_lvl+0x16c/0x1f0 [ 236.233930][ T7272] should_fail_ex+0x512/0x640 [ 236.233976][ T7272] ? __kmalloc_noprof+0xbf/0x510 [ 236.234030][ T7272] ? constrain_params_by_rules+0x175/0xca0 [ 236.234065][ T7272] should_failslab+0xc2/0x120 [ 236.234098][ T7272] __kmalloc_noprof+0xd2/0x510 [ 236.234146][ T7272] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 236.234198][ T7272] constrain_params_by_rules+0x175/0xca0 [ 236.234235][ T7272] ? arch_stack_walk+0xa6/0x100 [ 236.234280][ T7272] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 236.234319][ T7272] ? stack_trace_save+0x8e/0xc0 [ 236.234357][ T7272] ? __pfx_stack_trace_save+0x10/0x10 [ 236.234415][ T7272] ? snd_pcm_oss_change_params_locked+0x92b/0x3a30 [ 236.234452][ T7272] ? snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 236.234489][ T7272] ? snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 236.234523][ T7272] ? __x64_sys_ioctl+0x18b/0x210 [ 236.234567][ T7272] ? do_syscall_64+0xcd/0x490 [ 236.234617][ T7272] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.234650][ T7272] ? snd_interval_refine+0x2fa/0x580 [ 236.234701][ T7272] snd_pcm_hw_refine+0x7de/0xad0 [ 236.234746][ T7272] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 236.234810][ T7272] snd_pcm_hw_param_last+0x32d/0x710 [ 236.234853][ T7272] snd_pcm_hw_param_near.constprop.0+0x570/0x8e0 [ 236.234898][ T7272] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 236.234951][ T7272] snd_pcm_oss_change_params_locked+0x92b/0x3a30 [ 236.235009][ T7272] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 236.235051][ T7272] ? __pfx___mutex_lock+0x10/0x10 [ 236.235130][ T7272] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 236.235170][ T7272] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 236.235210][ T7272] ? hook_file_ioctl_common+0x145/0x410 [ 236.235249][ T7272] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 236.235290][ T7272] ? __fget_files+0x20e/0x3c0 [ 236.235344][ T7272] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 236.235382][ T7272] __x64_sys_ioctl+0x18b/0x210 [ 236.235426][ T7272] do_syscall_64+0xcd/0x490 [ 236.235479][ T7272] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.235512][ T7272] RIP: 0033:0x7fd5d2b8e929 [ 236.235546][ T7272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.235577][ T7272] RSP: 002b:00007fd5d3913038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 236.235609][ T7272] RAX: ffffffffffffffda RBX: 00007fd5d2db6160 RCX: 00007fd5d2b8e929 [ 236.235632][ T7272] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000009 [ 236.235652][ T7272] RBP: 00007fd5d2c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 236.235673][ T7272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.235692][ T7272] R13: 0000000000000000 R14: 00007fd5d2db6160 R15: 00007fff27366df8 [ 236.235736][ T7272] [ 239.908090][ T7312] netlink: 28 bytes leftover after parsing attributes in process `syz.4.262'. [ 239.922574][ T7312] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 240.021703][ T7312] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 240.055579][ T7312] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 240.210104][ T7312] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 249.274230][ T7156] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 249.336425][ T7156] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 249.346764][ T7156] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 249.357184][ T7156] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 249.380202][ T7156] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 251.408231][ T7350] chnl_net:caif_netlink_parms(): no params data found [ 251.473000][ T7157] Bluetooth: hci5: command tx timeout [ 251.574962][ T7350] bridge0: port 1(bridge_slave_0) entered blocking state [ 251.589198][ T7350] bridge0: port 1(bridge_slave_0) entered disabled state [ 251.601541][ T7350] bridge_slave_0: entered allmulticast mode [ 251.619019][ T7350] bridge_slave_0: entered promiscuous mode [ 251.659592][ T7350] bridge0: port 2(bridge_slave_1) entered blocking state [ 251.667888][ T7350] bridge0: port 2(bridge_slave_1) entered disabled state [ 251.676230][ T7350] bridge_slave_1: entered allmulticast mode [ 251.684264][ T7350] bridge_slave_1: entered promiscuous mode [ 251.825183][ T7350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 251.840363][ T7350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 252.279297][ T7350] team0: Port device team_slave_0 added [ 252.317429][ T7350] team0: Port device team_slave_1 added [ 252.541203][ T7350] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 252.564958][ T7350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.643256][ T7350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 252.663135][ T7350] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 252.674353][ T7350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 252.700664][ T7350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 252.864306][ T7350] hsr_slave_0: entered promiscuous mode [ 252.872015][ T7350] hsr_slave_1: entered promiscuous mode [ 252.909603][ T7350] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 252.962502][ T7350] Cannot create hsr debugfs directory [ 253.444396][ T7350] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 253.513001][ T7350] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 253.535709][ T7350] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 253.557557][ T7350] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 253.568064][ T7157] Bluetooth: hci5: command tx timeout [ 253.848951][ T7350] 8021q: adding VLAN 0 to HW filter on device bond0 [ 254.193473][ T7350] 8021q: adding VLAN 0 to HW filter on device team0 [ 254.491570][ T6935] bridge0: port 1(bridge_slave_0) entered blocking state [ 254.498814][ T6935] bridge0: port 1(bridge_slave_0) entered forwarding state [ 254.529588][ T6935] bridge0: port 2(bridge_slave_1) entered blocking state [ 254.536837][ T6935] bridge0: port 2(bridge_slave_1) entered forwarding state [ 254.620870][ T7350] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 255.633039][ T7157] Bluetooth: hci5: command tx timeout [ 256.360136][ T7350] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 257.339217][ T7350] veth0_vlan: entered promiscuous mode [ 257.378279][ T7350] veth1_vlan: entered promiscuous mode [ 257.432826][ T7350] veth0_macvtap: entered promiscuous mode [ 257.467430][ T7350] veth1_macvtap: entered promiscuous mode [ 257.557571][ T7350] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 257.602321][ T7350] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 257.645544][ T7350] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.658469][ T7350] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.672063][ T7350] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.690660][ T7350] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.713547][ T7157] Bluetooth: hci5: command tx timeout [ 258.278068][ T6929] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 258.334157][ T6929] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 258.537435][ T6957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 258.558545][ T6957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 259.343070][ T7472] random: crng reseeded on system resumption [ 259.821639][ T7482] can: request_module (can-proto-3) failed. [ 261.863971][ T7507] Invalid ELF header magic: != ELF [ 262.112478][ T7507] netlink: 330 bytes leftover after parsing attributes in process `syz.4.293'. [ 264.138676][ T7524] FAULT_INJECTION: forcing a failure. [ 264.138676][ T7524] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 264.323042][ T7524] CPU: 0 UID: 0 PID: 7524 Comm: syz.5.297 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 264.323088][ T7524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 264.323119][ T7524] Call Trace: [ 264.323132][ T7524] [ 264.323144][ T7524] dump_stack_lvl+0x16c/0x1f0 [ 264.323201][ T7524] should_fail_ex+0x512/0x640 [ 264.323258][ T7524] should_fail_alloc_page+0xe7/0x130 [ 264.323296][ T7524] prepare_alloc_pages+0x3c2/0x610 [ 264.323344][ T7524] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 264.323400][ T7524] ? find_held_lock+0x2b/0x80 [ 264.323437][ T7524] ? page_table_check_set+0x627/0x750 [ 264.323498][ T7524] ? page_table_check_set+0x631/0x750 [ 264.323553][ T7524] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 264.323611][ T7524] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 264.323663][ T7524] ? const_folio_flags+0x5b/0x100 [ 264.323701][ T7524] ? const_folio_flags+0x5b/0x100 [ 264.323745][ T7524] ? folio_remove_rmap_pmd+0x2eb/0x7d0 [ 264.323798][ T7524] ? split_huge_pmd_locked+0x731/0x3b20 [ 264.323841][ T7524] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 264.323896][ T7524] ? policy_nodemask+0xea/0x4e0 [ 264.323942][ T7524] alloc_pages_mpol+0x1fb/0x550 [ 264.323978][ T7524] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 264.324012][ T7524] ? __split_huge_pmd+0x203/0x350 [ 264.324062][ T7524] folio_alloc_mpol_noprof+0x36/0x2f0 [ 264.324105][ T7524] vma_alloc_folio_noprof+0xed/0x1e0 [ 264.324145][ T7524] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 264.324186][ T7524] ? rcu_read_unlock+0x2d/0xb0 [ 264.324244][ T7524] do_wp_page+0x1e5b/0x4f20 [ 264.324294][ T7524] ? __pfx_do_wp_page+0x10/0x10 [ 264.324337][ T7524] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 264.324404][ T7524] __handle_mm_fault+0x2223/0x5490 [ 264.324460][ T7524] ? __pfx___handle_mm_fault+0x10/0x10 [ 264.324491][ T7524] ? kernel_text_address+0x8d/0x100 [ 264.324517][ T7524] ? __lock_acquire+0xb8a/0x1c90 [ 264.324567][ T7524] handle_mm_fault+0x589/0xd10 [ 264.324604][ T7524] __get_user_pages+0x589/0x3b80 [ 264.324643][ T7524] ? __pfx___get_user_pages+0x10/0x10 [ 264.324670][ T7524] ? __pfx_down_read_killable+0x10/0x10 [ 264.324703][ T7524] __gup_longterm_locked+0x20d/0x1840 [ 264.324739][ T7524] ? __pfx___gup_longterm_locked+0x10/0x10 [ 264.324771][ T7524] ? find_held_lock+0x2b/0x80 [ 264.324803][ T7524] gup_fast_fallback+0x1ab3/0x29e0 [ 264.324852][ T7524] ? __pfx_gup_fast_fallback+0x10/0x10 [ 264.324878][ T7524] ? __kasan_kmalloc+0xaa/0xb0 [ 264.324911][ T7524] ? refill_pi_state_cache+0x89/0x250 [ 264.324950][ T7524] ? futex_lock_pi+0x173/0x740 [ 264.324981][ T7524] ? __x64_sys_futex+0x1e0/0x4c0 [ 264.325010][ T7524] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.325047][ T7524] get_user_pages_fast+0xa7/0xf0 [ 264.325075][ T7524] ? __pfx_get_user_pages_fast+0x10/0x10 [ 264.325111][ T7524] get_futex_key+0x2c6/0x1540 [ 264.325142][ T7524] ? __pfx_get_futex_key+0x10/0x10 [ 264.325172][ T7524] ? kasan_save_track+0x14/0x30 [ 264.325207][ T7524] ? __kasan_kmalloc+0xaa/0xb0 [ 264.325244][ T7524] futex_lock_pi+0x1ca/0x740 [ 264.325282][ T7524] ? __pfx_futex_lock_pi+0x10/0x10 [ 264.325313][ T7524] ? __futex_wait+0x24c/0x2f0 [ 264.325350][ T7524] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 264.325409][ T7524] ? __pfx_futex_wake_mark+0x10/0x10 [ 264.325453][ T7524] ? do_writev+0x218/0x340 [ 264.325490][ T7524] do_futex+0x11a/0x350 [ 264.325519][ T7524] ? __pfx_do_futex+0x10/0x10 [ 264.325551][ T7524] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 264.325597][ T7524] __x64_sys_futex+0x1e0/0x4c0 [ 264.325628][ T7524] ? fput+0x70/0xf0 [ 264.325650][ T7524] ? __pfx___x64_sys_futex+0x10/0x10 [ 264.325680][ T7524] ? xfd_validate_state+0x61/0x180 [ 264.325711][ T7524] ? __pfx_do_writev+0x10/0x10 [ 264.325751][ T7524] do_syscall_64+0xcd/0x490 [ 264.325789][ T7524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.325812][ T7524] RIP: 0033:0x7fa473f8e929 [ 264.325831][ T7524] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 264.325853][ T7524] RSP: 002b:00007fa474d53038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 264.325875][ T7524] RAX: ffffffffffffffda RBX: 00007fa4741b5fa0 RCX: 00007fa473f8e929 [ 264.325890][ T7524] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000 [ 264.325904][ T7524] RBP: 00007fa474010b39 R08: 0000000000000000 R09: 0000000000000006 [ 264.325917][ T7524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 264.325936][ T7524] R13: 0000000000000000 R14: 00007fa4741b5fa0 R15: 00007ffec55c1a58 [ 264.325965][ T7524] [ 264.922877][ T7532] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 264.932882][ T7532] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 265.269724][ T7524] netlink: 346 bytes leftover after parsing attributes in process `syz.5.297'. [ 265.430995][ T7542] netlink: 342 bytes leftover after parsing attributes in process `syz.4.299'. [ 266.116081][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.124013][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.944017][ T7569] openvswitch: netlink: IPv4 tunnel dst address is zero [ 266.959942][ T7570] netlink: 28 bytes leftover after parsing attributes in process `syz.1.305'. [ 267.053078][ T7571] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 267.519163][ T7576] netlink: 12 bytes leftover after parsing attributes in process `syz.4.308'. [ 267.548512][ T7576] HfR: entered promiscuous mode [ 269.882185][ T7607] netlink: 16 bytes leftover after parsing attributes in process `syz.4.314'. [ 269.925802][ T7607] netlink: 93 bytes leftover after parsing attributes in process `syz.4.314'. [ 273.352660][ T7638] FAULT_INJECTION: forcing a failure. [ 273.352660][ T7638] name failslab, interval 1, probability 0, space 0, times 0 [ 273.367181][ T7638] CPU: 1 UID: 0 PID: 7638 Comm: syz.1.320 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 273.367214][ T7638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 273.367228][ T7638] Call Trace: [ 273.367236][ T7638] [ 273.367245][ T7638] dump_stack_lvl+0x16c/0x1f0 [ 273.367286][ T7638] should_fail_ex+0x512/0x640 [ 273.367320][ T7638] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 273.367355][ T7638] should_failslab+0xc2/0x120 [ 273.367378][ T7638] __kmalloc_cache_noprof+0x6a/0x3e0 [ 273.367411][ T7638] ? ima_add_digest_entry+0x52/0x540 [ 273.367452][ T7638] ima_add_digest_entry+0x52/0x540 [ 273.367490][ T7638] ima_add_template_entry+0x478/0x870 [ 273.367534][ T7638] ? __pfx_ima_add_template_entry+0x10/0x10 [ 273.367572][ T7638] ? ima_alloc_init_template+0x536/0x720 [ 273.367602][ T7638] ima_add_violation+0x17f/0x3d0 [ 273.367627][ T7638] ? __pfx_ima_add_violation+0x10/0x10 [ 273.367649][ T7638] ? ima_d_path+0x12b/0x2a0 [ 273.367671][ T7638] ? __pfx_ima_d_path+0x10/0x10 [ 273.367702][ T7638] ? lockdep_init_map_type+0x5c/0x280 [ 273.367738][ T7638] ? ima_inode_get+0x39e/0x580 [ 273.367777][ T7638] process_measurement+0x1783/0x23e0 [ 273.367824][ T7638] ? __pfx_process_measurement+0x10/0x10 [ 273.367873][ T7638] ? futex_unqueue+0x133/0x2c0 [ 273.367936][ T7638] ? __futex_hash.constprop.0+0x1e9/0x440 [ 273.367970][ T7638] ima_file_mmap+0x1b1/0x1d0 [ 273.368006][ T7638] ? __pfx_ima_file_mmap+0x10/0x10 [ 273.368040][ T7638] ? __lock_acquire+0x622/0x1c90 [ 273.368079][ T7638] security_mmap_file+0x88c/0x990 [ 273.368112][ T7638] vm_mmap_pgoff+0xec/0x450 [ 273.368137][ T7638] ? find_held_lock+0x2b/0x80 [ 273.368160][ T7638] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 273.368190][ T7638] ? __fget_files+0x20e/0x3c0 [ 273.368228][ T7638] ksys_mmap_pgoff+0x32c/0x5c0 [ 273.368260][ T7638] __x64_sys_mmap+0x125/0x190 [ 273.368298][ T7638] do_syscall_64+0xcd/0x490 [ 273.368336][ T7638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.368361][ T7638] RIP: 0033:0x7fe3bb58e929 [ 273.368379][ T7638] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.368401][ T7638] RSP: 002b:00007fe3bc3dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 273.368423][ T7638] RAX: ffffffffffffffda RBX: 00007fe3bb7b5fa0 RCX: 00007fe3bb58e929 [ 273.368446][ T7638] RDX: 00000000000003ff RSI: 0000000000000001 RDI: 000000000000f000 [ 273.368460][ T7638] RBP: 00007fe3bb610b39 R08: 0000000000000003 R09: 0000000000000000 [ 273.368474][ T7638] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 273.368487][ T7638] R13: 0000000000000000 R14: 00007fe3bb7b5fa0 R15: 00007ffd18bdb288 [ 273.368516][ T7638] [ 273.368530][ T7638] ima: OUT OF MEMORY ERROR creating queue entry [ 273.787917][ T30] audit: type=1804 audit(6047500462.846:9): pid=7638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.1.320" name="/newroot/87/file0" dev="tmpfs" ino=479 res=0 errno=0 [ 273.874310][ T30] audit: type=1804 audit(6047500462.846:10): pid=7638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.320" name="/newroot/87/file0" dev="tmpfs" ino=479 res=0 errno=0 [ 273.898472][ T30] audit: type=1800 audit(6047500462.846:11): pid=7638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.320" name="file0" dev="tmpfs" ino=479 res=0 errno=0 [ 274.044799][ T7642] random: crng reseeded on system resumption [ 275.708898][ T7659] FAULT_INJECTION: forcing a failure. [ 275.708898][ T7659] name failslab, interval 1, probability 0, space 0, times 0 [ 275.739283][ T7659] CPU: 1 UID: 0 PID: 7659 Comm: syz.4.326 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 275.739330][ T7659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 275.739351][ T7659] Call Trace: [ 275.739361][ T7659] [ 275.739374][ T7659] dump_stack_lvl+0x16c/0x1f0 [ 275.739431][ T7659] should_fail_ex+0x512/0x640 [ 275.739479][ T7659] ? __kvmalloc_node_noprof+0x124/0x620 [ 275.739533][ T7659] should_failslab+0xc2/0x120 [ 275.739566][ T7659] __kvmalloc_node_noprof+0x137/0x620 [ 275.739615][ T7659] ? alloc_fdtable+0x158/0x2b0 [ 275.739673][ T7659] ? alloc_fdtable+0x158/0x2b0 [ 275.739714][ T7659] alloc_fdtable+0x158/0x2b0 [ 275.739761][ T7659] dup_fd+0x83b/0xb90 [ 275.739812][ T7659] ? apparmor_task_alloc+0x2c2/0x3b0 [ 275.739852][ T7659] copy_process+0x230c/0x7650 [ 275.739896][ T7659] ? __pfx___futex_wait+0x10/0x10 [ 275.739945][ T7659] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 275.740003][ T7659] ? __pfx_copy_process+0x10/0x10 [ 275.740048][ T7659] ? find_held_lock+0x2b/0x80 [ 275.740100][ T7659] kernel_clone+0xfc/0x960 [ 275.740147][ T7659] ? __pfx_kernel_clone+0x10/0x10 [ 275.740214][ T7659] __do_sys_clone+0xce/0x120 [ 275.740256][ T7659] ? __pfx___do_sys_clone+0x10/0x10 [ 275.740318][ T7659] ? __sys_getsockopt+0x144/0x1b0 [ 275.740380][ T7659] do_syscall_64+0xcd/0x490 [ 275.740433][ T7659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.740467][ T7659] RIP: 0033:0x7f3ea018e929 [ 275.740494][ T7659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.740526][ T7659] RSP: 002b:00007f3ea1090038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 275.740557][ T7659] RAX: ffffffffffffffda RBX: 00007f3ea03b6080 RCX: 00007f3ea018e929 [ 275.740579][ T7659] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 275.740599][ T7659] RBP: 00007f3ea0210b39 R08: 0000000000000000 R09: 0000000000000000 [ 275.740619][ T7659] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000000 [ 275.740639][ T7659] R13: 0000000000000000 R14: 00007f3ea03b6080 R15: 00007ffe4e1c8208 [ 275.740689][ T7659] [ 276.331540][ T7669] ALSA: mixer_oss: invalid OSS volume '' [ 280.851666][ T7710] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 281.889786][ T7723] can: request_module (can-proto-3) failed. [ 282.708158][ T7739] random: crng reseeded on system resumption [ 282.735816][ T7713] netlink: 342 bytes leftover after parsing attributes in process `syz.5.333'. [ 282.771596][ T7157] Bluetooth: hci4: SCO packet for unknown connection handle 0 [ 283.504376][ T7745] FAULT_INJECTION: forcing a failure. [ 283.504376][ T7745] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 283.524013][ T7745] CPU: 1 UID: 0 PID: 7745 Comm: syz.1.341 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 283.524059][ T7745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 283.524079][ T7745] Call Trace: [ 283.524089][ T7745] [ 283.524102][ T7745] dump_stack_lvl+0x16c/0x1f0 [ 283.524159][ T7745] should_fail_ex+0x512/0x640 [ 283.524214][ T7745] strncpy_from_user+0x3b/0x2e0 [ 283.524266][ T7745] getname_flags.part.0+0x8f/0x550 [ 283.524311][ T7745] getname_flags+0x93/0xf0 [ 283.524357][ T7745] do_sys_openat2+0xb8/0x1d0 [ 283.524394][ T7745] ? __pfx_do_sys_openat2+0x10/0x10 [ 283.524449][ T7745] __x64_sys_openat+0x174/0x210 [ 283.524488][ T7745] ? __pfx___x64_sys_openat+0x10/0x10 [ 283.524545][ T7745] do_syscall_64+0xcd/0x490 [ 283.524600][ T7745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.524633][ T7745] RIP: 0033:0x7fe3bb58e929 [ 283.524660][ T7745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 283.524692][ T7745] RSP: 002b:00007fe3bc3dc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 283.524723][ T7745] RAX: ffffffffffffffda RBX: 00007fe3bb7b5fa0 RCX: 00007fe3bb58e929 [ 283.524746][ T7745] RDX: 0000000000048400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 283.524768][ T7745] RBP: 00007fe3bb610b39 R08: 0000000000000000 R09: 0000000000000000 [ 283.524788][ T7745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.524808][ T7745] R13: 0000000000000000 R14: 00007fe3bb7b5fa0 R15: 00007ffd18bdb288 [ 283.524851][ T7745] [ 284.008963][ T7752] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 284.624771][ T7156] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 284.635965][ T7156] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 284.646281][ T7156] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 284.657770][ T7156] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 284.683214][ T7156] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 285.893547][ T7760] chnl_net:caif_netlink_parms(): no params data found syzkaller syzkaller login: [ 286.396883][ T7760] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.421765][ T7760] bridge0: port 1(bridge_slave_0) entered disabled state [ 286.454219][ T7760] bridge_slave_0: entered allmulticast mode [ 286.474288][ T7760] bridge_slave_0: entered promiscuous mode [ 286.499794][ T7760] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.513661][ T7760] bridge0: port 2(bridge_slave_1) entered disabled state [ 286.530120][ T7760] bridge_slave_1: entered allmulticast mode [ 286.548878][ T7760] bridge_slave_1: entered promiscuous mode [ 286.753915][ T7157] Bluetooth: hci6: command tx timeout [ 286.775489][ T7760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 286.844266][ T7760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 287.166886][ T7760] team0: Port device team_slave_0 added [ 287.245613][ T7760] team0: Port device team_slave_1 added [ 287.407291][ T7760] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 287.416213][ T7760] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.478466][ T7760] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 287.545127][ T7760] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 287.552236][ T7760] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 287.624110][ T7760] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 287.727896][ T7800] netlink: 354 bytes leftover after parsing attributes in process `syz.5.350'. [ 287.902149][ T7760] hsr_slave_0: entered promiscuous mode [ 287.916186][ T7760] hsr_slave_1: entered promiscuous mode [ 287.923312][ T7760] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 287.930982][ T7760] Cannot create hsr debugfs directory [ 288.923342][ T7157] Bluetooth: hci6: command tx timeout [ 290.012999][ T7760] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 290.036143][ T7826] random: crng reseeded on system resumption [ 290.079566][ T7760] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 290.182712][ T7760] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 290.232530][ T7760] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 290.600213][ T7760] 8021q: adding VLAN 0 to HW filter on device bond0 [ 290.711636][ T7760] 8021q: adding VLAN 0 to HW filter on device team0 [ 290.762563][ T7690] bridge0: port 1(bridge_slave_0) entered blocking state [ 290.769897][ T7690] bridge0: port 1(bridge_slave_0) entered forwarding state [ 290.805750][ T7690] bridge0: port 2(bridge_slave_1) entered blocking state [ 290.813198][ T7690] bridge0: port 2(bridge_slave_1) entered forwarding state [ 290.910913][ T7841] Invalid ELF header magic: != ELF [ 290.994169][ T7157] Bluetooth: hci6: command tx timeout [ 291.131278][ T7843] FAULT_INJECTION: forcing a failure. [ 291.131278][ T7843] name failslab, interval 1, probability 0, space 0, times 0 [ 291.183123][ T7843] CPU: 1 UID: 0 PID: 7843 Comm: syz.4.363 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 291.183169][ T7843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 291.183185][ T7843] Call Trace: [ 291.183194][ T7843] [ 291.183205][ T7843] dump_stack_lvl+0x16c/0x1f0 [ 291.183265][ T7843] should_fail_ex+0x512/0x640 [ 291.183306][ T7843] ? __kmalloc_noprof+0xbf/0x510 [ 291.183351][ T7843] ? mpi_resize+0x188/0x230 [ 291.183382][ T7843] should_failslab+0xc2/0x120 [ 291.183408][ T7843] __kmalloc_noprof+0xd2/0x510 [ 291.183456][ T7843] mpi_resize+0x188/0x230 [ 291.183490][ T7843] mpi_sub_ui+0x173/0x8d0 [ 291.183519][ T7843] ? __kasan_kmalloc+0xaa/0xb0 [ 291.183563][ T7843] rsa_check_payload+0x58/0xc0 [ 291.183607][ T7843] rsa_enc+0x198/0x3b0 [ 291.183651][ T7843] ? __pfx_rsa_enc+0x10/0x10 [ 291.183692][ T7843] ? __virt_addr_valid+0x81/0x610 [ 291.183721][ T7843] ? __phys_addr+0xe8/0x180 [ 291.183750][ T7843] ? sg_init_one+0xf5/0x1b0 [ 291.183788][ T7843] rsassa_pkcs1_verify+0x502/0xb60 [ 291.183827][ T7843] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 291.183874][ T7843] ? rsa_max_size+0xd/0x70 [ 291.183914][ T7843] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 291.183947][ T7843] public_key_verify_signature+0x66f/0x970 [ 291.183986][ T7843] ? __pfx_public_key_verify_signature+0x10/0x10 [ 291.184023][ T7843] ? crypto_destroy_tfm+0x14d/0x2b0 [ 291.184075][ T7843] pkcs7_verify+0x32f/0x1b20 [ 291.184128][ T7843] verify_pkcs7_message_sig+0xdd/0x250 [ 291.184165][ T7843] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 291.184195][ T7843] ? kfree+0x2b4/0x4d0 [ 291.184226][ T7843] ? public_key_signature_free+0xda/0x110 [ 291.184273][ T7843] ? pkcs7_parse_message+0x536/0x720 [ 291.184316][ T7843] verify_pkcs7_signature+0x6d/0xa0 [ 291.184349][ T7843] valid_regdb+0x215/0x590 [ 291.184377][ T7843] ? __pfx___mutex_lock+0x10/0x10 [ 291.184421][ T7843] ? __pfx_valid_regdb+0x10/0x10 [ 291.184456][ T7843] reg_reload_regdb+0x11e/0x460 [ 291.184489][ T7843] ? __pfx_reg_reload_regdb+0x10/0x10 [ 291.184524][ T7843] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 291.184562][ T7843] ? nl80211_pre_doit+0x1b0/0xb10 [ 291.184606][ T7843] genl_family_rcv_msg_doit+0x209/0x2f0 [ 291.184643][ T7843] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 291.184675][ T7843] ? rcu_is_watching+0x12/0xc0 [ 291.184714][ T7843] ? bpf_lsm_capable+0x9/0x10 [ 291.184747][ T7843] ? security_capable+0x7e/0x260 [ 291.184780][ T7843] genl_rcv_msg+0x55c/0x800 [ 291.184816][ T7843] ? __pfx_genl_rcv_msg+0x10/0x10 [ 291.184848][ T7843] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 291.184886][ T7843] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 291.184915][ T7843] ? __pfx_nl80211_post_doit+0x10/0x10 [ 291.184966][ T7843] netlink_rcv_skb+0x158/0x420 [ 291.184994][ T7843] ? __pfx_genl_rcv_msg+0x10/0x10 [ 291.185028][ T7843] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 291.185077][ T7843] ? netlink_deliver_tap+0x1ae/0xd30 [ 291.185128][ T7843] genl_rcv+0x28/0x40 [ 291.185156][ T7843] netlink_unicast+0x58a/0x850 [ 291.185190][ T7843] ? __pfx_netlink_unicast+0x10/0x10 [ 291.185228][ T7843] netlink_sendmsg+0x8d1/0xdd0 [ 291.185268][ T7843] ? __pfx_netlink_sendmsg+0x10/0x10 [ 291.185309][ T7843] ____sys_sendmsg+0xa98/0xc70 [ 291.185340][ T7843] ? copy_msghdr_from_user+0x10a/0x160 [ 291.185383][ T7843] ? __pfx_____sys_sendmsg+0x10/0x10 [ 291.185421][ T7843] ? __pfx_futex_wake_mark+0x10/0x10 [ 291.185466][ T7843] ___sys_sendmsg+0x134/0x1d0 [ 291.185510][ T7843] ? __pfx____sys_sendmsg+0x10/0x10 [ 291.185548][ T7843] ? __lock_acquire+0x622/0x1c90 [ 291.185626][ T7843] __sys_sendmsg+0x16d/0x220 [ 291.185668][ T7843] ? __pfx___sys_sendmsg+0x10/0x10 [ 291.185720][ T7843] ? __x64_sys_futex+0x1e0/0x4c0 [ 291.185772][ T7843] do_syscall_64+0xcd/0x490 [ 291.185815][ T7843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 291.185841][ T7843] RIP: 0033:0x7f3ea018e929 [ 291.185863][ T7843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 291.185888][ T7843] RSP: 002b:00007f3ea10b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 291.185912][ T7843] RAX: ffffffffffffffda RBX: 00007f3ea03b5fa0 RCX: 00007f3ea018e929 [ 291.185931][ T7843] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 291.185947][ T7843] RBP: 00007f3ea0210b39 R08: 0000000000000000 R09: 0000000000000000 [ 291.185963][ T7843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 291.185978][ T7843] R13: 0000000000000000 R14: 00007f3ea03b5fa0 R15: 00007ffe4e1c8208 [ 291.186013][ T7843] [ 291.782422][ T7841] netlink: 330 bytes leftover after parsing attributes in process `syz.1.355'. [ 291.823851][ T7760] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 293.077158][ T7157] Bluetooth: hci6: command tx timeout [ 294.087112][ T7760] veth0_vlan: entered promiscuous mode [ 294.121236][ T7760] veth1_vlan: entered promiscuous mode [ 294.205334][ T7760] veth0_macvtap: entered promiscuous mode [ 294.218735][ T7760] veth1_macvtap: entered promiscuous mode [ 294.378182][ T7760] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 294.526836][ T7760] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 294.833376][ T7760] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.872865][ T7760] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.899814][ T7760] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.950774][ T7760] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.422865][ T7345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.446016][ T7345] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.545263][ T6932] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.555221][ T6932] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.810710][ T7896] netlink: 4 bytes leftover after parsing attributes in process `syz.6.339'. [ 296.179981][ T7896] netlink: 354 bytes leftover after parsing attributes in process `syz.6.339'. [ 296.543241][ T7902] netlink: 28 bytes leftover after parsing attributes in process `syz.1.365'. [ 296.552221][ T7902] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 296.559910][ T7902] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 296.595419][ T7902] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 296.612956][ T7902] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 297.897528][ T7918] random: crng reseeded on system resumption [ 298.795986][ T7898] kexec: Could not allocate control_code_buffer [ 301.582426][ T7936] FAULT_INJECTION: forcing a failure. [ 301.582426][ T7936] name failslab, interval 1, probability 0, space 0, times 0 [ 301.634329][ T7936] CPU: 0 UID: 0 PID: 7936 Comm: syz.5.369 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 301.634375][ T7936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 301.634395][ T7936] Call Trace: [ 301.634406][ T7936] [ 301.634419][ T7936] dump_stack_lvl+0x16c/0x1f0 [ 301.634474][ T7936] should_fail_ex+0x512/0x640 [ 301.634521][ T7936] ? __kmalloc_noprof+0xbf/0x510 [ 301.634574][ T7936] ? find_asymmetric_key+0x82/0x5a0 [ 301.634620][ T7936] should_failslab+0xc2/0x120 [ 301.634654][ T7936] __kmalloc_noprof+0xd2/0x510 [ 301.634715][ T7936] find_asymmetric_key+0x82/0x5a0 [ 301.634757][ T7936] pkcs7_validate_trust+0x1f1/0x7e0 [ 301.634816][ T7936] verify_pkcs7_message_sig+0x12c/0x250 [ 301.634855][ T7936] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 301.634892][ T7936] ? kfree+0x2b4/0x4d0 [ 301.634930][ T7936] ? public_key_signature_free+0xda/0x110 [ 301.634980][ T7936] ? pkcs7_parse_message+0x536/0x720 [ 301.635032][ T7936] verify_pkcs7_signature+0x6d/0xa0 [ 301.635073][ T7936] valid_regdb+0x215/0x590 [ 301.635107][ T7936] ? __pfx___mutex_lock+0x10/0x10 [ 301.635160][ T7936] ? __pfx_valid_regdb+0x10/0x10 [ 301.635204][ T7936] reg_reload_regdb+0x11e/0x460 [ 301.635244][ T7936] ? __pfx_reg_reload_regdb+0x10/0x10 [ 301.635285][ T7936] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 301.635331][ T7936] ? nl80211_pre_doit+0x1b0/0xb10 [ 301.635391][ T7936] genl_family_rcv_msg_doit+0x209/0x2f0 [ 301.635436][ T7936] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 301.635476][ T7936] ? rcu_is_watching+0x12/0xc0 [ 301.635526][ T7936] ? bpf_lsm_capable+0x9/0x10 [ 301.635567][ T7936] ? security_capable+0x7e/0x260 [ 301.635617][ T7936] genl_rcv_msg+0x55c/0x800 [ 301.635663][ T7936] ? __pfx_genl_rcv_msg+0x10/0x10 [ 301.635705][ T7936] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 301.635753][ T7936] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 301.635789][ T7936] ? __pfx_nl80211_post_doit+0x10/0x10 [ 301.635855][ T7936] netlink_rcv_skb+0x158/0x420 [ 301.635889][ T7936] ? __pfx_genl_rcv_msg+0x10/0x10 [ 301.635930][ T7936] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 301.635984][ T7936] ? netlink_deliver_tap+0x1ae/0xd30 [ 301.636045][ T7936] genl_rcv+0x28/0x40 [ 301.636080][ T7936] netlink_unicast+0x58a/0x850 [ 301.636121][ T7936] ? __pfx_netlink_unicast+0x10/0x10 [ 301.636168][ T7936] netlink_sendmsg+0x8d1/0xdd0 [ 301.636219][ T7936] ? __pfx_netlink_sendmsg+0x10/0x10 [ 301.636272][ T7936] ____sys_sendmsg+0xa98/0xc70 [ 301.636311][ T7936] ? copy_msghdr_from_user+0x10a/0x160 [ 301.636361][ T7936] ? __pfx_____sys_sendmsg+0x10/0x10 [ 301.636410][ T7936] ? __pfx_futex_wake_mark+0x10/0x10 [ 301.636466][ T7936] ___sys_sendmsg+0x134/0x1d0 [ 301.636519][ T7936] ? __pfx____sys_sendmsg+0x10/0x10 [ 301.636565][ T7936] ? __lock_acquire+0x622/0x1c90 [ 301.636673][ T7936] __sys_sendmsg+0x16d/0x220 [ 301.636723][ T7936] ? __pfx___sys_sendmsg+0x10/0x10 [ 301.636774][ T7936] ? __x64_sys_futex+0x1e0/0x4c0 [ 301.636843][ T7936] do_syscall_64+0xcd/0x490 [ 301.636898][ T7936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.636932][ T7936] RIP: 0033:0x7fa473f8e929 [ 301.636959][ T7936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.636990][ T7936] RSP: 002b:00007fa474d53038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 301.637022][ T7936] RAX: ffffffffffffffda RBX: 00007fa4741b5fa0 RCX: 00007fa473f8e929 [ 301.637044][ T7936] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 301.637064][ T7936] RBP: 00007fa474010b39 R08: 0000000000000000 R09: 0000000000000000 [ 301.637084][ T7936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.637104][ T7936] R13: 0000000000000000 R14: 00007fa4741b5fa0 R15: 00007ffec55c1a58 [ 301.637148][ T7936] [ 302.083013][ T7938] random: crng reseeded on system resumption [ 303.577287][ T7949] can: request_module (can-proto-3) failed. [ 312.377997][ T7156] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 312.387091][ T7156] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 312.396002][ T7156] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 312.404321][ T7156] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 312.412104][ T7156] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 312.654515][ T7967] chnl_net:caif_netlink_parms(): no params data found [ 312.746471][ T7977] Invalid ELF header magic: != ELF [ 312.865567][ T7977] netlink: 330 bytes leftover after parsing attributes in process `syz.5.378'. [ 312.927668][ T7967] bridge0: port 1(bridge_slave_0) entered blocking state [ 312.937881][ T7967] bridge0: port 1(bridge_slave_0) entered disabled state [ 312.969295][ T7967] bridge_slave_0: entered allmulticast mode [ 312.987710][ T7967] bridge_slave_0: entered promiscuous mode [ 313.027815][ T7967] bridge0: port 2(bridge_slave_1) entered blocking state [ 313.053481][ T7967] bridge0: port 2(bridge_slave_1) entered disabled state [ 313.088541][ T7967] bridge_slave_1: entered allmulticast mode [ 313.114077][ T7967] bridge_slave_1: entered promiscuous mode [ 313.246354][ T7967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 313.312564][ T7967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 313.392536][ T7986] random: crng reseeded on system resumption [ 313.517046][ T7967] team0: Port device team_slave_0 added [ 313.534874][ T7967] team0: Port device team_slave_1 added [ 313.890146][ T7967] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 313.890172][ T7967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.890245][ T7967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 313.892709][ T7967] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 313.892730][ T7967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 313.895791][ T7967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 314.048330][ T7156] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 314.071281][ T7156] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 314.074002][ T7156] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 314.083189][ T7156] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 314.084329][ T7156] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 314.180891][ T7967] hsr_slave_0: entered promiscuous mode [ 314.208281][ T7967] hsr_slave_1: entered promiscuous mode [ 314.211857][ T7967] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 314.212046][ T7967] Cannot create hsr debugfs directory [ 314.435772][ T7157] Bluetooth: hci7: command tx timeout [ 314.973993][ T7967] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 315.002122][ T7967] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 315.033086][ T7967] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 315.068481][ T7967] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 315.093783][ T7991] chnl_net:caif_netlink_parms(): no params data found [ 315.468281][ T7991] bridge0: port 1(bridge_slave_0) entered blocking state [ 315.479632][ T7991] bridge0: port 1(bridge_slave_0) entered disabled state [ 315.481415][ T8009] random: crng reseeded on system resumption [ 315.493475][ T7991] bridge_slave_0: entered allmulticast mode [ 315.496015][ T7991] bridge_slave_0: entered promiscuous mode [ 315.569810][ T7991] bridge0: port 2(bridge_slave_1) entered blocking state [ 315.587393][ T7991] bridge0: port 2(bridge_slave_1) entered disabled state [ 315.600707][ T7991] bridge_slave_1: entered allmulticast mode [ 315.622983][ T7991] bridge_slave_1: entered promiscuous mode [ 315.711827][ T7991] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 315.768085][ T7991] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 315.841888][ T7991] team0: Port device team_slave_0 added [ 315.878059][ T7991] team0: Port device team_slave_1 added [ 316.003757][ T7991] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 316.010758][ T7991] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 316.038790][ T7991] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 316.055186][ T7991] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 316.062310][ T7991] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 316.099395][ T7991] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 316.118634][ T7157] Bluetooth: hci8: command tx timeout [ 316.149955][ T7967] 8021q: adding VLAN 0 to HW filter on device bond0 [ 316.229344][ T7991] hsr_slave_0: entered promiscuous mode [ 316.236368][ T7991] hsr_slave_1: entered promiscuous mode [ 316.243109][ T7991] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 316.251131][ T7991] Cannot create hsr debugfs directory [ 316.264126][ T8012] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 316.352134][ T7967] 8021q: adding VLAN 0 to HW filter on device team0 [ 316.392377][ T6926] bridge0: port 1(bridge_slave_0) entered blocking state [ 316.399614][ T6926] bridge0: port 1(bridge_slave_0) entered forwarding state [ 316.471369][ T6932] bridge0: port 2(bridge_slave_1) entered blocking state [ 316.478853][ T6932] bridge0: port 2(bridge_slave_1) entered forwarding state [ 316.514225][ T7157] Bluetooth: hci7: command tx timeout [ 316.738492][ T7991] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 316.751131][ T7991] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 316.764721][ T7991] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 316.778732][ T7991] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 316.982703][ T7991] 8021q: adding VLAN 0 to HW filter on device bond0 [ 317.022567][ T7991] 8021q: adding VLAN 0 to HW filter on device team0 [ 317.038139][ T6926] bridge0: port 1(bridge_slave_0) entered blocking state [ 317.045336][ T6926] bridge0: port 1(bridge_slave_0) entered forwarding state [ 317.087891][ T6935] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.095142][ T6935] bridge0: port 2(bridge_slave_1) entered forwarding state [ 317.161757][ T7967] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 317.181128][ T7991] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network syzkaller syzkaller login: [ 317.580883][ T7991] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 317.838964][ T7967] veth0_vlan: entered promiscuous mode [ 317.855538][ T7967] veth1_vlan: entered promiscuous mode [ 317.907001][ T7967] veth0_macvtap: entered promiscuous mode [ 317.920368][ T7967] veth1_macvtap: entered promiscuous mode [ 317.951454][ T7967] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 317.967818][ T7967] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 317.993814][ T7967] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.003532][ T7967] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.012313][ T7967] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.021601][ T7967] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.140604][ T6932] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.166063][ T6932] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 318.194042][ T7157] Bluetooth: hci8: command tx timeout [ 318.215949][ T7345] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.238325][ T7345] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 318.269330][ T7991] veth0_vlan: entered promiscuous mode [ 318.291973][ T7991] veth1_vlan: entered promiscuous mode [ 318.352528][ T7991] veth0_macvtap: entered promiscuous mode [ 318.378289][ T7991] veth1_macvtap: entered promiscuous mode [ 318.418880][ T7991] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 318.444336][ T7991] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 318.456416][ T7991] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.466858][ T7991] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.476217][ T7991] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.485578][ T7991] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 318.595345][ T7157] Bluetooth: hci7: command tx timeout [ 318.660490][ T7345] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.672327][ T7345] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 318.785685][ T7690] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 318.806282][ T7690] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 319.054263][ T8047] FAULT_INJECTION: forcing a failure. [ 319.054263][ T8047] name failslab, interval 1, probability 0, space 0, times 0 [ 319.069114][ T8047] CPU: 1 UID: 0 PID: 8047 Comm: syz.4.392 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 319.069159][ T8047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 319.069177][ T8047] Call Trace: [ 319.069187][ T8047] [ 319.069198][ T8047] dump_stack_lvl+0x16c/0x1f0 [ 319.069246][ T8047] should_fail_ex+0x512/0x640 [ 319.069287][ T8047] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 319.069334][ T8047] should_failslab+0xc2/0x120 [ 319.069361][ T8047] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 319.069404][ T8047] ? ima_d_path+0xbd/0x2a0 [ 319.069435][ T8047] ima_d_path+0xbd/0x2a0 [ 319.069462][ T8047] ? __pfx_ima_d_path+0x10/0x10 [ 319.069494][ T8047] ? lockdep_init_map_type+0x5c/0x280 [ 319.069537][ T8047] ? ima_inode_get+0x39e/0x580 [ 319.069582][ T8047] process_measurement+0x175f/0x23e0 [ 319.069636][ T8047] ? __pfx_process_measurement+0x10/0x10 [ 319.069737][ T8047] ? futex_unqueue+0x133/0x2c0 [ 319.069812][ T8047] ? __futex_hash.constprop.0+0x1e9/0x440 [ 319.069854][ T8047] ima_file_mmap+0x1b1/0x1d0 [ 319.069896][ T8047] ? __pfx_ima_file_mmap+0x10/0x10 [ 319.069936][ T8047] ? __lock_acquire+0x622/0x1c90 [ 319.069984][ T8047] security_mmap_file+0x88c/0x990 [ 319.070022][ T8047] vm_mmap_pgoff+0xec/0x450 [ 319.070052][ T8047] ? find_held_lock+0x2b/0x80 [ 319.070080][ T8047] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 319.070114][ T8047] ? __fget_files+0x20e/0x3c0 [ 319.070160][ T8047] ksys_mmap_pgoff+0x32c/0x5c0 [ 319.070198][ T8047] __x64_sys_mmap+0x125/0x190 [ 319.070242][ T8047] do_syscall_64+0xcd/0x490 [ 319.070287][ T8047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.070317][ T8047] RIP: 0033:0x7f3ea018e929 [ 319.070339][ T8047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.070368][ T8047] RSP: 002b:00007f3ea10b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 319.070395][ T8047] RAX: ffffffffffffffda RBX: 00007f3ea03b5fa0 RCX: 00007f3ea018e929 [ 319.070413][ T8047] RDX: 00000000000003ff RSI: 0000000000000001 RDI: 000000000000f000 [ 319.070431][ T8047] RBP: 00007f3ea0210b39 R08: 0000000000000003 R09: 0000000000000000 [ 319.070448][ T8047] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 319.070465][ T8047] R13: 0000000000000000 R14: 00007f3ea03b5fa0 R15: 00007ffe4e1c8208 [ 319.070500][ T8047] [ 319.326167][ T30] audit: type=1804 audit(6047500508.226:12): pid=8047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.392" name="file0" dev="tmpfs" ino=254 res=1 errno=0 [ 319.587175][ T30] audit: type=1800 audit(6047500508.476:13): pid=8047 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.392" name="file0" dev="tmpfs" ino=254 res=0 errno=0 [ 320.281248][ T7156] Bluetooth: hci8: command tx timeout [ 320.674438][ T7156] Bluetooth: hci7: command tx timeout [ 321.832973][ T8068] can: request_module (can-proto-3) failed. [ 322.355601][ T7156] Bluetooth: hci8: command tx timeout [ 323.875841][ T8085] FAULT_INJECTION: forcing a failure. [ 323.875841][ T8085] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 323.984129][ T8085] CPU: 1 UID: 0 PID: 8085 Comm: syz.7.386 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 323.984174][ T8085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 323.984195][ T8085] Call Trace: [ 323.984206][ T8085] [ 323.984220][ T8085] dump_stack_lvl+0x16c/0x1f0 [ 323.984268][ T8085] should_fail_ex+0x512/0x640 [ 323.984325][ T8085] should_fail_alloc_page+0xe7/0x130 [ 323.984355][ T8085] prepare_alloc_pages+0x3c2/0x610 [ 323.984393][ T8085] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 323.984440][ T8085] ? find_held_lock+0x2b/0x80 [ 323.984470][ T8085] ? page_table_check_set+0x627/0x750 [ 323.984520][ T8085] ? page_table_check_set+0x631/0x750 [ 323.984565][ T8085] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 323.984610][ T8085] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 323.984652][ T8085] ? const_folio_flags+0x5b/0x100 [ 323.984682][ T8085] ? const_folio_flags+0x5b/0x100 [ 323.984718][ T8085] ? folio_remove_rmap_pmd+0x2eb/0x7d0 [ 323.984760][ T8085] ? split_huge_pmd_locked+0x731/0x3b20 [ 323.984794][ T8085] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 323.984838][ T8085] ? policy_nodemask+0xea/0x4e0 [ 323.984866][ T8085] alloc_pages_mpol+0x1fb/0x550 [ 323.984894][ T8085] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 323.984920][ T8085] ? __split_huge_pmd+0x203/0x350 [ 323.984960][ T8085] folio_alloc_mpol_noprof+0x36/0x2f0 [ 323.984994][ T8085] vma_alloc_folio_noprof+0xed/0x1e0 [ 323.985025][ T8085] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 323.985058][ T8085] ? rcu_read_unlock+0x2d/0xb0 [ 323.985104][ T8085] do_wp_page+0x1e5b/0x4f20 [ 323.985143][ T8085] ? __pfx_do_wp_page+0x10/0x10 [ 323.985176][ T8085] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 323.985230][ T8085] __handle_mm_fault+0x2223/0x5490 [ 323.985283][ T8085] ? __pfx___handle_mm_fault+0x10/0x10 [ 323.985320][ T8085] ? kernel_text_address+0x8d/0x100 [ 323.985351][ T8085] ? __lock_acquire+0xb8a/0x1c90 [ 323.985409][ T8085] handle_mm_fault+0x589/0xd10 [ 323.985453][ T8085] __get_user_pages+0x589/0x3b80 [ 323.985499][ T8085] ? __pfx___get_user_pages+0x10/0x10 [ 323.985531][ T8085] ? __pfx_down_read_killable+0x10/0x10 [ 323.985571][ T8085] __gup_longterm_locked+0x20d/0x1840 [ 323.985614][ T8085] ? __pfx___gup_longterm_locked+0x10/0x10 [ 323.985652][ T8085] ? find_held_lock+0x2b/0x80 [ 323.985689][ T8085] gup_fast_fallback+0x1ab3/0x29e0 [ 323.985745][ T8085] ? __pfx_gup_fast_fallback+0x10/0x10 [ 323.985776][ T8085] ? __kasan_kmalloc+0xaa/0xb0 [ 323.985814][ T8085] ? refill_pi_state_cache+0x89/0x250 [ 323.985851][ T8085] ? futex_lock_pi+0x173/0x740 [ 323.985887][ T8085] ? __x64_sys_futex+0x1e0/0x4c0 [ 323.985921][ T8085] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.985963][ T8085] get_user_pages_fast+0xa7/0xf0 [ 323.985995][ T8085] ? __pfx_get_user_pages_fast+0x10/0x10 [ 323.986038][ T8085] get_futex_key+0x2c6/0x1540 [ 323.986074][ T8085] ? __pfx_get_futex_key+0x10/0x10 [ 323.986110][ T8085] ? kasan_save_track+0x14/0x30 [ 323.986150][ T8085] ? __kasan_kmalloc+0xaa/0xb0 [ 323.986193][ T8085] futex_lock_pi+0x1ca/0x740 [ 323.986237][ T8085] ? __pfx_futex_lock_pi+0x10/0x10 [ 323.986278][ T8085] ? __futex_wait+0x24c/0x2f0 [ 323.986321][ T8085] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 323.986391][ T8085] ? __pfx_futex_wake_mark+0x10/0x10 [ 323.986442][ T8085] ? do_writev+0x218/0x340 [ 323.986485][ T8085] do_futex+0x11a/0x350 [ 323.986519][ T8085] ? __pfx_do_futex+0x10/0x10 [ 323.986552][ T8085] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 323.986605][ T8085] __x64_sys_futex+0x1e0/0x4c0 [ 323.986641][ T8085] ? fput+0x70/0xf0 [ 323.986667][ T8085] ? __pfx___x64_sys_futex+0x10/0x10 [ 323.986701][ T8085] ? xfd_validate_state+0x61/0x180 [ 323.986738][ T8085] ? __pfx_do_writev+0x10/0x10 [ 323.986784][ T8085] do_syscall_64+0xcd/0x490 [ 323.986828][ T8085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.986856][ T8085] RIP: 0033:0x7f3ec978e929 [ 323.986878][ T8085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.986906][ T8085] RSP: 002b:00007f3ec75f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 323.986932][ T8085] RAX: ffffffffffffffda RBX: 00007f3ec99b5fa0 RCX: 00007f3ec978e929 [ 323.986950][ T8085] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000 [ 323.986966][ T8085] RBP: 00007f3ec9810b39 R08: 0000000000000000 R09: 0000000000000006 [ 323.986983][ T8085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.986999][ T8085] R13: 0000000000000000 R14: 00007f3ec99b5fa0 R15: 00007ffef8715d38 [ 323.987034][ T8085] [ 324.469790][ T8098] netlink: 346 bytes leftover after parsing attributes in process `syz.7.386'. [ 325.448484][ T8106] random: crng reseeded on system resumption [ 326.381330][ T8121] netlink: 16 bytes leftover after parsing attributes in process `syz.5.393'. [ 326.397316][ T8119] FAULT_INJECTION: forcing a failure. [ 326.397316][ T8119] name failslab, interval 1, probability 0, space 0, times 0 [ 326.740508][ T8119] CPU: 1 UID: 0 PID: 8119 Comm: syz.8.390 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 326.740551][ T8119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 326.740570][ T8119] Call Trace: [ 326.740580][ T8119] [ 326.740593][ T8119] dump_stack_lvl+0x16c/0x1f0 [ 326.740646][ T8119] should_fail_ex+0x512/0x640 [ 326.740695][ T8119] ? __kmalloc_noprof+0xbf/0x510 [ 326.740746][ T8119] ? mpi_alloc_limb_space+0x31/0x60 [ 326.740781][ T8119] should_failslab+0xc2/0x120 [ 326.740811][ T8126] netlink: 93 bytes leftover after parsing attributes in process `syz.5.393'. [ 326.740812][ T8119] __kmalloc_noprof+0xd2/0x510 [ 326.740867][ T8119] mpi_alloc_limb_space+0x31/0x60 [ 326.740909][ T8119] mpi_powm+0xff7/0x1bf0 [ 326.740976][ T8119] ? __pfx_mpi_powm+0x10/0x10 [ 326.741021][ T8119] ? kfree+0x2b4/0x4d0 [ 326.741064][ T8119] ? mpi_free+0xe1/0x160 [ 326.741107][ T8119] ? mpi_free+0xe1/0x160 [ 326.741154][ T8119] rsa_enc+0x1fe/0x3b0 [ 326.741214][ T8119] ? __pfx_rsa_enc+0x10/0x10 [ 326.741268][ T8119] ? __virt_addr_valid+0x81/0x610 [ 326.741309][ T8119] ? __phys_addr+0xe8/0x180 [ 326.741349][ T8119] ? sg_init_one+0xf5/0x1b0 [ 326.741413][ T8119] rsassa_pkcs1_verify+0x502/0xb60 [ 326.741469][ T8119] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 326.741535][ T8119] ? rsa_max_size+0xd/0x70 [ 326.741591][ T8119] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 326.741638][ T8119] public_key_verify_signature+0x66f/0x970 [ 326.741694][ T8119] ? __pfx_public_key_verify_signature+0x10/0x10 [ 326.741747][ T8119] ? crypto_destroy_tfm+0x14d/0x2b0 [ 326.741820][ T8119] pkcs7_verify+0x32f/0x1b20 [ 326.741891][ T8119] verify_pkcs7_message_sig+0xdd/0x250 [ 326.741934][ T8119] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 326.741976][ T8119] ? kfree+0x2b4/0x4d0 [ 326.742018][ T8119] ? public_key_signature_free+0xda/0x110 [ 326.742074][ T8119] ? pkcs7_parse_message+0x536/0x720 [ 326.742130][ T8119] verify_pkcs7_signature+0x6d/0xa0 [ 326.742176][ T8119] valid_regdb+0x215/0x590 [ 326.742216][ T8119] ? __pfx___mutex_lock+0x10/0x10 [ 326.742274][ T8119] ? __pfx_valid_regdb+0x10/0x10 [ 326.742321][ T8119] reg_reload_regdb+0x11e/0x460 [ 326.742366][ T8119] ? __pfx_reg_reload_regdb+0x10/0x10 [ 326.742420][ T8119] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 326.742475][ T8119] ? nl80211_pre_doit+0x1b0/0xb10 [ 326.742538][ T8119] genl_family_rcv_msg_doit+0x209/0x2f0 [ 326.742588][ T8119] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 326.742633][ T8119] ? rcu_is_watching+0x12/0xc0 [ 326.742688][ T8119] ? bpf_lsm_capable+0x9/0x10 [ 326.742737][ T8119] ? security_capable+0x7e/0x260 [ 326.742783][ T8119] genl_rcv_msg+0x55c/0x800 [ 326.742833][ T8119] ? __pfx_genl_rcv_msg+0x10/0x10 [ 326.742879][ T8119] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 326.742932][ T8119] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 326.742972][ T8119] ? __pfx_nl80211_post_doit+0x10/0x10 [ 326.743045][ T8119] netlink_rcv_skb+0x158/0x420 [ 326.743084][ T8119] ? __pfx_genl_rcv_msg+0x10/0x10 [ 326.743131][ T8119] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 326.743188][ T8119] ? netlink_deliver_tap+0x1ae/0xd30 [ 326.743256][ T8119] genl_rcv+0x28/0x40 [ 326.743294][ T8119] netlink_unicast+0x58a/0x850 [ 326.743339][ T8119] ? __pfx_netlink_unicast+0x10/0x10 [ 326.743398][ T8119] netlink_sendmsg+0x8d1/0xdd0 [ 326.743444][ T8119] ? __pfx_netlink_sendmsg+0x10/0x10 [ 326.743502][ T8119] ____sys_sendmsg+0xa98/0xc70 [ 326.743545][ T8119] ? copy_msghdr_from_user+0x10a/0x160 [ 326.743601][ T8119] ? __pfx_____sys_sendmsg+0x10/0x10 [ 326.743652][ T8119] ? __pfx_futex_wake_mark+0x10/0x10 [ 326.743726][ T8119] ___sys_sendmsg+0x134/0x1d0 [ 326.743788][ T8119] ? __pfx____sys_sendmsg+0x10/0x10 [ 326.743843][ T8119] ? __lock_acquire+0x622/0x1c90 [ 326.743953][ T8119] __sys_sendmsg+0x16d/0x220 [ 326.744010][ T8119] ? __pfx___sys_sendmsg+0x10/0x10 [ 326.744066][ T8119] ? __x64_sys_futex+0x1e0/0x4c0 [ 326.744139][ T8119] do_syscall_64+0xcd/0x490 [ 326.744200][ T8119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 326.744238][ T8119] RIP: 0033:0x7f94a018e929 [ 326.744269][ T8119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 326.744306][ T8119] RSP: 002b:00007f94a102c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 326.744342][ T8119] RAX: ffffffffffffffda RBX: 00007f94a03b6080 RCX: 00007f94a018e929 [ 326.744367][ T8119] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 326.744396][ T8119] RBP: 00007f94a0210b39 R08: 0000000000000000 R09: 0000000000000000 [ 326.744419][ T8119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 326.744440][ T8119] R13: 0000000000000000 R14: 00007f94a03b6080 R15: 00007ffdbc755f28 [ 326.744488][ T8119] [ 327.573421][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.579832][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 328.955508][ T8158] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 329.781921][ T8160] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 331.538963][ T8182] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 332.196481][ T8185] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 332.197160][ T8185] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 332.549199][ T8184] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 332.631158][ T8195] random: crng reseeded on system resumption [ 334.058913][ T8207] netlink: 16 bytes leftover after parsing attributes in process `syz.7.408'. [ 334.090658][ T8207] netlink: 93 bytes leftover after parsing attributes in process `syz.7.408'. [ 334.713871][ T8213] netlink: 12 bytes leftover after parsing attributes in process `syz.5.418'. [ 334.825574][ T8213] HfR: entered promiscuous mode [ 338.872288][ T8262] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 339.027176][ T8264] random: crng reseeded on system resumption [ 339.440119][ T8268] FAULT_INJECTION: forcing a failure. [ 339.440119][ T8268] name failslab, interval 1, probability 0, space 0, times 0 [ 339.460855][ T8265] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 339.502534][ T8268] CPU: 1 UID: 0 PID: 8268 Comm: syz.7.417 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 339.502581][ T8268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 339.502602][ T8268] Call Trace: [ 339.502613][ T8268] [ 339.502626][ T8268] dump_stack_lvl+0x16c/0x1f0 [ 339.502684][ T8268] should_fail_ex+0x512/0x640 [ 339.502737][ T8268] ? __kmalloc_noprof+0xbf/0x510 [ 339.502790][ T8268] ? mpi_alloc_limb_space+0x31/0x60 [ 339.502829][ T8268] should_failslab+0xc2/0x120 [ 339.502862][ T8268] __kmalloc_noprof+0xd2/0x510 [ 339.502919][ T8268] mpi_alloc_limb_space+0x31/0x60 [ 339.502968][ T8268] mpihelp_mul_karatsuba_case+0x116/0xc20 [ 339.503016][ T8268] ? mpihelp_divrem+0x66e/0x1420 [ 339.503060][ T8268] ? __pfx_mpihelp_mul_karatsuba_case+0x10/0x10 [ 339.503118][ T8268] mpi_powm+0xf63/0x1bf0 [ 339.503178][ T8268] ? __pfx_mpi_powm+0x10/0x10 [ 339.503216][ T8268] ? kfree+0x2b4/0x4d0 [ 339.503257][ T8268] ? mpi_free+0xe1/0x160 [ 339.503303][ T8268] ? mpi_free+0xe1/0x160 [ 339.503348][ T8268] rsa_enc+0x1fe/0x3b0 [ 339.503420][ T8268] ? __pfx_rsa_enc+0x10/0x10 [ 339.503470][ T8268] ? __virt_addr_valid+0x81/0x610 [ 339.503506][ T8268] ? __phys_addr+0xe8/0x180 [ 339.503538][ T8268] ? sg_init_one+0xf5/0x1b0 [ 339.503582][ T8268] rsassa_pkcs1_verify+0x502/0xb60 [ 339.503628][ T8268] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 339.503680][ T8268] ? rsa_max_size+0xd/0x70 [ 339.503740][ T8268] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 339.503780][ T8268] public_key_verify_signature+0x66f/0x970 [ 339.503830][ T8268] ? __pfx_public_key_verify_signature+0x10/0x10 [ 339.503875][ T8268] ? crypto_destroy_tfm+0x14d/0x2b0 [ 339.503991][ T8268] pkcs7_verify+0x32f/0x1b20 [ 339.504047][ T8268] verify_pkcs7_message_sig+0xdd/0x250 [ 339.504080][ T8268] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 339.504111][ T8268] ? kfree+0x2b4/0x4d0 [ 339.504143][ T8268] ? public_key_signature_free+0xda/0x110 [ 339.504186][ T8268] ? pkcs7_parse_message+0x536/0x720 [ 339.504238][ T8268] verify_pkcs7_signature+0x6d/0xa0 [ 339.504279][ T8268] valid_regdb+0x215/0x590 [ 339.504313][ T8268] ? __pfx___mutex_lock+0x10/0x10 [ 339.504365][ T8268] ? __pfx_valid_regdb+0x10/0x10 [ 339.504408][ T8268] reg_reload_regdb+0x11e/0x460 [ 339.504447][ T8268] ? __pfx_reg_reload_regdb+0x10/0x10 [ 339.504487][ T8268] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 339.504535][ T8268] ? nl80211_pre_doit+0x1b0/0xb10 [ 339.504590][ T8268] genl_family_rcv_msg_doit+0x209/0x2f0 [ 339.504636][ T8268] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 339.504675][ T8268] ? rcu_is_watching+0x12/0xc0 [ 339.504725][ T8268] ? bpf_lsm_capable+0x9/0x10 [ 339.504764][ T8268] ? security_capable+0x7e/0x260 [ 339.504803][ T8268] genl_rcv_msg+0x55c/0x800 [ 339.504849][ T8268] ? __pfx_genl_rcv_msg+0x10/0x10 [ 339.504890][ T8268] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 339.504971][ T8268] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 339.505002][ T8268] ? __pfx_nl80211_post_doit+0x10/0x10 [ 339.505057][ T8268] netlink_rcv_skb+0x158/0x420 [ 339.505085][ T8268] ? __pfx_genl_rcv_msg+0x10/0x10 [ 339.505120][ T8268] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 339.505163][ T8268] ? netlink_deliver_tap+0x1ae/0xd30 [ 339.505223][ T8268] genl_rcv+0x28/0x40 [ 339.505256][ T8268] netlink_unicast+0x58a/0x850 [ 339.505296][ T8268] ? __pfx_netlink_unicast+0x10/0x10 [ 339.505342][ T8268] netlink_sendmsg+0x8d1/0xdd0 [ 339.505383][ T8268] ? __pfx_netlink_sendmsg+0x10/0x10 [ 339.505434][ T8268] ____sys_sendmsg+0xa98/0xc70 [ 339.505474][ T8268] ? copy_msghdr_from_user+0x10a/0x160 [ 339.505522][ T8268] ? __pfx_____sys_sendmsg+0x10/0x10 [ 339.505580][ T8268] ? __pfx_futex_wake_mark+0x10/0x10 [ 339.505633][ T8268] ___sys_sendmsg+0x134/0x1d0 [ 339.505681][ T8268] ? __pfx____sys_sendmsg+0x10/0x10 [ 339.505744][ T8268] ? __lock_acquire+0x622/0x1c90 [ 339.505844][ T8268] __sys_sendmsg+0x16d/0x220 [ 339.505895][ T8268] ? __pfx___sys_sendmsg+0x10/0x10 [ 339.505954][ T8268] ? __x64_sys_futex+0x1e0/0x4c0 [ 339.506031][ T8268] do_syscall_64+0xcd/0x490 [ 339.506100][ T8268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.506134][ T8268] RIP: 0033:0x7f3ec978e929 [ 339.506161][ T8268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.506206][ T8268] RSP: 002b:00007f3ec75f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 339.506236][ T8268] RAX: ffffffffffffffda RBX: 00007f3ec99b5fa0 RCX: 00007f3ec978e929 [ 339.506258][ T8268] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 339.506279][ T8268] RBP: 00007f3ec9810b39 R08: 0000000000000000 R09: 0000000000000000 [ 339.506299][ T8268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 339.506319][ T8268] R13: 0000000000000000 R14: 00007f3ec99b5fa0 R15: 00007ffef8715d38 [ 339.506361][ T8268] [ 340.977597][ T8281] FAULT_INJECTION: forcing a failure. [ 340.977597][ T8281] name failslab, interval 1, probability 0, space 0, times 0 [ 340.994188][ T8281] CPU: 0 UID: 0 PID: 8281 Comm: syz.5.430 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 340.994234][ T8281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 340.994254][ T8281] Call Trace: [ 340.994265][ T8281] [ 340.994278][ T8281] dump_stack_lvl+0x16c/0x1f0 [ 340.994335][ T8281] should_fail_ex+0x512/0x640 [ 340.994392][ T8281] ? __kmalloc_noprof+0xbf/0x510 [ 340.994445][ T8281] ? asymmetric_key_hex_to_key_id+0x8c/0x130 [ 340.994484][ T8281] should_failslab+0xc2/0x120 [ 340.994515][ T8281] __kmalloc_noprof+0xd2/0x510 [ 340.994574][ T8281] asymmetric_key_hex_to_key_id+0x8c/0x130 [ 340.994614][ T8281] ? __pfx_asymmetric_key_cmp+0x10/0x10 [ 340.994651][ T8281] asymmetric_key_match_preparse+0x181/0x400 [ 340.994690][ T8281] ? __pfx_asymmetric_key_match_preparse+0x10/0x10 [ 340.994731][ T8281] keyring_search+0x152/0x3d0 [ 340.994783][ T8281] ? __pfx_keyring_search+0x10/0x10 [ 340.994838][ T8281] ? __pfx_key_default_cmp+0x10/0x10 [ 340.994890][ T8281] ? trace_kmalloc+0x2b/0xd0 [ 340.994921][ T8281] ? __kmalloc_noprof+0x242/0x510 [ 340.994971][ T8281] ? bin2hex+0x148/0x1b0 [ 340.995011][ T8281] find_asymmetric_key+0x198/0x5a0 [ 340.995050][ T8281] pkcs7_validate_trust+0x1f1/0x7e0 [ 340.995116][ T8281] verify_pkcs7_message_sig+0x12c/0x250 [ 340.995156][ T8281] ? __pfx_verify_pkcs7_message_sig+0x10/0x10 [ 340.995192][ T8281] ? kfree+0x2b4/0x4d0 [ 340.995236][ T8281] ? public_key_signature_free+0xda/0x110 [ 340.995284][ T8281] ? pkcs7_parse_message+0x536/0x720 [ 340.995334][ T8281] verify_pkcs7_signature+0x6d/0xa0 [ 340.995373][ T8281] valid_regdb+0x215/0x590 [ 340.995406][ T8281] ? __pfx___mutex_lock+0x10/0x10 [ 340.995457][ T8281] ? __pfx_valid_regdb+0x10/0x10 [ 340.995499][ T8281] reg_reload_regdb+0x11e/0x460 [ 340.995540][ T8281] ? __pfx_reg_reload_regdb+0x10/0x10 [ 340.995583][ T8281] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 340.995628][ T8281] ? nl80211_pre_doit+0x1b0/0xb10 [ 340.995684][ T8281] genl_family_rcv_msg_doit+0x209/0x2f0 [ 340.995729][ T8281] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 340.995768][ T8281] ? rcu_is_watching+0x12/0xc0 [ 340.995817][ T8281] ? bpf_lsm_capable+0x9/0x10 [ 340.995857][ T8281] ? security_capable+0x7e/0x260 [ 340.995900][ T8281] genl_rcv_msg+0x55c/0x800 [ 340.995956][ T8281] ? __pfx_genl_rcv_msg+0x10/0x10 [ 340.995996][ T8281] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 340.996043][ T8281] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 340.996079][ T8281] ? __pfx_nl80211_post_doit+0x10/0x10 [ 340.996151][ T8281] netlink_rcv_skb+0x158/0x420 [ 340.996183][ T8281] ? __pfx_genl_rcv_msg+0x10/0x10 [ 340.996226][ T8281] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 340.996279][ T8281] ? netlink_deliver_tap+0x1ae/0xd30 [ 340.996346][ T8281] genl_rcv+0x28/0x40 [ 340.996381][ T8281] netlink_unicast+0x58a/0x850 [ 340.996422][ T8281] ? __pfx_netlink_unicast+0x10/0x10 [ 340.996469][ T8281] netlink_sendmsg+0x8d1/0xdd0 [ 340.996510][ T8281] ? __pfx_netlink_sendmsg+0x10/0x10 [ 340.996562][ T8281] ____sys_sendmsg+0xa98/0xc70 [ 340.996603][ T8281] ? copy_msghdr_from_user+0x10a/0x160 [ 340.996653][ T8281] ? __pfx_____sys_sendmsg+0x10/0x10 [ 340.996702][ T8281] ? __pfx_futex_wake_mark+0x10/0x10 [ 340.996758][ T8281] ___sys_sendmsg+0x134/0x1d0 [ 340.996811][ T8281] ? __pfx____sys_sendmsg+0x10/0x10 [ 340.996858][ T8281] ? __lock_acquire+0x622/0x1c90 [ 340.996959][ T8281] __sys_sendmsg+0x16d/0x220 [ 340.997009][ T8281] ? __pfx___sys_sendmsg+0x10/0x10 [ 340.997059][ T8281] ? __x64_sys_futex+0x1e0/0x4c0 [ 340.997130][ T8281] do_syscall_64+0xcd/0x490 [ 340.997182][ T8281] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 340.997213][ T8281] RIP: 0033:0x7fa473f8e929 [ 340.997237][ T8281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 340.997269][ T8281] RSP: 002b:00007fa474d53038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 340.997297][ T8281] RAX: ffffffffffffffda RBX: 00007fa4741b5fa0 RCX: 00007fa473f8e929 [ 340.997316][ T8281] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 340.997333][ T8281] RBP: 00007fa474010b39 R08: 0000000000000000 R09: 0000000000000000 [ 340.997351][ T8281] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 340.997367][ T8281] R13: 0000000000000000 R14: 00007fa4741b5fa0 R15: 00007ffec55c1a58 [ 340.997401][ T8281] [ 342.847590][ T8291] netlink: 342 bytes leftover after parsing attributes in process `syz.8.421'. [ 343.299519][ T8305] vhci_hcd: invalid port number 16 [ 343.346018][ T8305] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 348.003881][ T8364] FAULT_INJECTION: forcing a failure. [ 348.003881][ T8364] name failslab, interval 1, probability 0, space 0, times 0 [ 348.049270][ T8368] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 348.059586][ T8364] CPU: 1 UID: 0 PID: 8364 Comm: syz.5.436 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 348.059630][ T8364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 348.059651][ T8364] Call Trace: [ 348.059663][ T8364] [ 348.059680][ T8364] dump_stack_lvl+0x16c/0x1f0 [ 348.059738][ T8364] should_fail_ex+0x512/0x640 [ 348.059787][ T8364] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 348.059843][ T8364] should_failslab+0xc2/0x120 [ 348.059876][ T8364] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 348.059928][ T8364] ? vma_merge_new_range+0x37f/0xa00 [ 348.059975][ T8364] ? vm_area_alloc+0x1f/0x160 [ 348.060026][ T8364] vm_area_alloc+0x1f/0x160 [ 348.060070][ T8364] __mmap_region+0xf0a/0x25e0 [ 348.060134][ T8364] ? __pfx___mmap_region+0x10/0x10 [ 348.060186][ T8364] ? rcu_is_watching+0x12/0xc0 [ 348.060231][ T8364] ? rcu_is_watching+0x12/0xc0 [ 348.060267][ T8364] ? trace_sched_exit_tp+0xde/0x130 [ 348.060310][ T8364] ? __schedule+0x1181/0x5de0 [ 348.060351][ T8364] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 348.060400][ T8364] ? __lock_acquire+0xb01/0x1c90 [ 348.060462][ T8364] ? __pfx___schedule+0x10/0x10 [ 348.060557][ T8364] ? trace_cap_capable+0x18d/0x200 [ 348.060606][ T8364] mmap_region+0x1ab/0x3f0 [ 348.060656][ T8364] ? __get_unmapped_area+0x267/0x440 [ 348.060700][ T8364] do_mmap+0xa3e/0x1210 [ 348.060746][ T8364] ? __pfx_do_mmap+0x10/0x10 [ 348.060784][ T8364] ? __pfx_down_write_killable+0x10/0x10 [ 348.060815][ T8364] ? kmem_cache_free+0x2d1/0x4d0 [ 348.060870][ T8364] vm_mmap_pgoff+0x281/0x450 [ 348.060913][ T8364] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 348.060958][ T8364] ? __x64_sys_futex+0x1e0/0x4c0 [ 348.060997][ T8364] ? __x64_sys_futex+0x1e9/0x4c0 [ 348.061052][ T8364] ksys_mmap_pgoff+0x7d/0x5c0 [ 348.061088][ T8364] ? xfd_validate_state+0x61/0x180 [ 348.061146][ T8364] __x64_sys_mmap+0x125/0x190 [ 348.061198][ T8364] do_syscall_64+0xcd/0x490 [ 348.061252][ T8364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.061286][ T8364] RIP: 0033:0x7fa473f8e929 [ 348.061312][ T8364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.061346][ T8364] RSP: 002b:00007fa474d53038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 348.061377][ T8364] RAX: ffffffffffffffda RBX: 00007fa4741b5fa0 RCX: 00007fa473f8e929 [ 348.061400][ T8364] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 348.061420][ T8364] RBP: 00007fa474010b39 R08: fffffffffffffffa R09: 0000000000008000 [ 348.061443][ T8364] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 348.061463][ T8364] R13: 0000000000000000 R14: 00007fa4741b5fa0 R15: 00007ffec55c1a58 [ 348.061507][ T8364] [ 349.840784][ T8372] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 350.114236][ T7157] Bluetooth: hci4: command 0x0406 tx timeout [ 350.353254][ T8393] netlink: 342 bytes leftover after parsing attributes in process `syz.4.437'. [ 358.454730][ T8453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 358.468616][ T8453] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 359.273975][ T8466] netlink: 342 bytes leftover after parsing attributes in process `syz.7.451'. [ 361.993709][ T8498] vhci_hcd: invalid port number 16 [ 361.999084][ T8498] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 364.351026][ T8530] hub 8-0:1.0: USB hub found [ 364.413432][ T8530] hub 8-0:1.0: 1 port detected [ 364.674724][ T31] INFO: task kworker/u8:7:1165 blocked for more than 143 seconds. [ 364.682590][ T31] Not tainted 6.16.0-rc6-syzkaller #0 [ 364.702883][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 364.735610][ T31] task:kworker/u8:7 state:D stack:24648 pid:1165 tgid:1165 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 364.796347][ T31] Workqueue: netns cleanup_net [ 364.822802][ T31] Call Trace: [ 364.826169][ T31] [ 364.853615][ T31] __schedule+0x116a/0x5de0 [ 364.858440][ T31] ? __pfx___schedule+0x10/0x10 [ 364.909079][ T31] ? find_held_lock+0x2b/0x80 [ 364.923289][ T31] ? schedule+0x2d7/0x3a0 [ 364.942882][ T31] schedule+0xe7/0x3a0 [ 364.949249][ T31] schedule_timeout+0x257/0x290 [ 364.970705][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 365.014154][ T31] ? mark_held_locks+0x49/0x80 [ 365.019037][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 365.045800][ T31] __wait_for_common+0x2fc/0x4e0 [ 365.050883][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 365.059761][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 365.065698][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 365.071004][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 365.092887][ T31] __flush_workqueue+0x3e2/0x1230 [ 365.098040][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 365.106949][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 365.112452][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 365.124611][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 365.130845][ T31] rds_tcp_listen_stop+0x104/0x150 [ 365.142848][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 365.148340][ T31] rds_tcp_exit_net+0xcb/0x810 [ 365.158404][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 365.172817][ T31] ? __pfx___might_resched+0x10/0x10 [ 365.188824][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 365.198995][ T31] ops_undo_list+0x2eb/0xab0 [ 365.227247][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 365.232488][ T31] ? __local_bh_enable_ip+0xa4/0x120 [ 365.261194][ T31] cleanup_net+0x408/0x890 [ 365.286237][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 365.291375][ T31] ? rcu_is_watching+0x12/0xc0 [ 365.362184][ T31] process_one_work+0x9cf/0x1b70 [ 365.374299][ T31] ? __pfx_process_one_work+0x10/0x10 [ 365.409221][ T31] ? assign_work+0x1a0/0x250 [ 365.420844][ T31] worker_thread+0x6c8/0xf10 [ 365.433536][ T31] ? __kthread_parkme+0x19e/0x250 [ 365.438769][ T31] ? __pfx_worker_thread+0x10/0x10 [ 365.452523][ T31] kthread+0x3c2/0x780 [ 365.458153][ T31] ? __pfx_kthread+0x10/0x10 [ 365.463672][ T31] ? rcu_is_watching+0x12/0xc0 [ 365.468564][ T31] ? __pfx_kthread+0x10/0x10 [ 365.474238][ T31] ret_from_fork+0x5d7/0x6f0 [ 365.478931][ T31] ? __pfx_kthread+0x10/0x10 [ 365.484142][ T31] ret_from_fork_asm+0x1a/0x30 [ 365.489014][ T31] [ 365.573050][ T31] INFO: task syz.0.203:6980 blocked for more than 144 seconds. [ 365.580694][ T31] Not tainted 6.16.0-rc6-syzkaller #0 [ 365.615538][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 365.642864][ T31] task:syz.0.203 state:D stack:26504 pid:6980 tgid:6979 ppid:5856 task_flags:0x400140 flags:0x00004006 [ 365.694001][ T31] Call Trace: [ 365.697396][ T31] [ 365.700390][ T31] __schedule+0x116a/0x5de0 [ 365.744006][ T31] ? __lock_acquire+0x622/0x1c90 [ 365.749442][ T31] ? __pfx___schedule+0x10/0x10 [ 365.783298][ T31] ? find_held_lock+0x2b/0x80 [ 365.797249][ T31] ? schedule+0x2d7/0x3a0 [ 365.801707][ T31] schedule+0xe7/0x3a0 [ 365.812828][ T31] schedule_timeout+0x257/0x290 [ 365.826228][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 365.831729][ T31] ? mark_held_locks+0x49/0x80 [ 365.853835][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 365.859246][ T31] __wait_for_common+0x2fc/0x4e0 [ 365.873415][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 365.878918][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 365.903043][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 365.908385][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 365.936506][ T31] __flush_workqueue+0x3e2/0x1230 [ 365.941959][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 365.964419][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 365.969824][ T31] ? release_sock+0x21/0x220 [ 365.983236][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 365.988896][ T31] ? __local_bh_enable_ip+0xa4/0x120 [ 365.995087][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 366.009564][ T31] rds_tcp_listen_stop+0x104/0x150 [ 366.017553][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 366.026935][ T31] rds_tcp_exit_net+0xcb/0x810 [ 366.031820][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 366.040355][ T31] ? __pfx___might_resched+0x10/0x10 [ 366.049710][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 366.055682][ T31] ops_undo_list+0x2eb/0xab0 [ 366.061002][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 366.067932][ T31] ? ops_init+0x2fa/0x5f0 [ 366.072373][ T31] setup_net+0x2e1/0x510 [ 366.080184][ T31] ? __pfx_setup_net+0x10/0x10 [ 366.092887][ T31] ? debug_mutex_init+0x37/0x70 [ 366.097856][ T31] copy_net_ns+0x2a6/0x5f0 [ 366.123023][ T31] create_new_namespaces+0x3ea/0xa90 [ 366.142933][ T31] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 366.148905][ T31] ksys_unshare+0x45b/0xa40 [ 366.154005][ T31] ? __pfx_ksys_unshare+0x10/0x10 [ 366.159198][ T31] ? xfd_validate_state+0x61/0x180 [ 366.164443][ T31] __x64_sys_unshare+0x31/0x40 [ 366.169359][ T31] do_syscall_64+0xcd/0x490 [ 366.174022][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.180068][ T31] RIP: 0033:0x7f3547b8e929 [ 366.184612][ T31] RSP: 002b:00007f35489e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 366.193243][ T31] RAX: ffffffffffffffda RBX: 00007f3547db5fa0 RCX: 00007f3547b8e929 [ 366.201263][ T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 366.209366][ T31] RBP: 00007f3547c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 366.217465][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.225589][ T31] R13: 0000000000000000 R14: 00007f3547db5fa0 R15: 00007fff6593e978 [ 366.234353][ T31] [ 366.237632][ T31] [ 366.237632][ T31] Showing all locks held in the system: [ 366.245517][ T31] 1 lock held by khungtaskd/31: [ 366.250570][ T31] #0: ffffffff8e5c4c80 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 366.273605][ T31] 3 locks held by kworker/u8:7/1165: [ 366.278997][ T31] #0: ffff88801c6fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 366.292568][ T31] #1: ffffc90003c5fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 366.303889][ T31] #2: ffffffff9034e550 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 366.318110][ T31] 3 locks held by kworker/1:4/5906: [ 366.323567][ T31] #0: ffff88801b880d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 366.340507][ T31] #1: ffffc9000435fd10 (free_ipc_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 366.350886][ T31] #2: ffffffff8e5d0278 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 366.362190][ T31] 1 lock held by syz.0.203/6980: [ 366.367395][ T31] #0: ffffffff9034e550 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 366.382932][ T31] 3 locks held by syz-executor/7162: [ 366.388306][ T31] #0: ffff8880128d0dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90 [ 366.399442][ T31] #1: ffff8880128d00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ae/0x11d0 [ 366.415223][ T31] #2: ffffffff8e5d0278 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0 [ 366.425498][ T31] 1 lock held by syz.2.250/7241: [ 366.430496][ T31] #0: ffffffff9034e550 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 366.446821][ T31] 3 locks held by syz-executor/7350: [ 366.452180][ T31] #0: ffff88807ae2cdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90 [ 366.462933][ T31] #1: ffff88807ae2c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ae/0x11d0 [ 366.473458][ T31] #2: ffffffff905d6068 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x260 [ 366.489470][ T31] 1 lock held by syz.3.310/7589: [ 366.494597][ T31] #0: ffffffff9034e550 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 366.505331][ T31] 1 lock held by syz.6.364/7905: [ 366.515345][ T31] #0: ffffffff9034e550 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 366.526067][ T31] 1 lock held by syz.1.366/7922: [ 366.531093][ T31] #0: ffffffff9034e550 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 366.543915][ T31] 4 locks held by syz-executor/7991: [ 366.549274][ T31] #0: ffff88804ec28dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90 [ 366.562099][ T31] #1: ffff88804ec280b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ae/0x11d0 [ 366.572214][ T31] #2: ffffffff905d6068 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x260 [ 366.582906][ T31] #3: ffff8880268d2338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x730 [ 366.592417][ T31] 2 locks held by getty/8030: [ 366.597805][ T31] #0: ffff8880367c20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 366.608323][ T31] #1: ffffc9000f2eb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 366.619654][ T31] 3 locks held by syz.7.465/8527: [ 366.625255][ T31] #0: ffff888055e4cdc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90 [ 366.635169][ T31] #1: ffff888055e4c0b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ae/0x11d0 [ 366.648089][ T31] #2: ffffffff905d6068 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x260 [ 366.658289][ T31] [ 366.660682][ T31] ============================================= [ 366.660682][ T31] [ 366.691496][ T31] NMI backtrace for cpu 0 [ 366.691531][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 366.691569][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 366.691587][ T31] Call Trace: [ 366.691598][ T31] [ 366.691610][ T31] dump_stack_lvl+0x116/0x1f0 [ 366.691661][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 366.691695][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 366.691738][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 366.691789][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 366.691833][ T31] watchdog+0xf70/0x12c0 [ 366.691888][ T31] ? __pfx_watchdog+0x10/0x10 [ 366.691932][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 366.691980][ T31] ? __kthread_parkme+0x19e/0x250 [ 366.692023][ T31] ? __pfx_watchdog+0x10/0x10 [ 366.692069][ T31] kthread+0x3c2/0x780 [ 366.692115][ T31] ? __pfx_kthread+0x10/0x10 [ 366.692163][ T31] ? rcu_is_watching+0x12/0xc0 [ 366.692194][ T31] ? __pfx_kthread+0x10/0x10 [ 366.692239][ T31] ret_from_fork+0x5d7/0x6f0 [ 366.692281][ T31] ? __pfx_kthread+0x10/0x10 [ 366.692326][ T31] ret_from_fork_asm+0x1a/0x30 [ 366.692378][ T31] [ 366.692393][ T31] Sending NMI from CPU 0 to CPUs 1: [ 366.820765][ C1] NMI backtrace for cpu 1 [ 366.820786][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 366.820818][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 366.820834][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 366.820878][ C1] Code: 1b 6f 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 97 25 00 fb f4 8c fb 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 366.820904][ C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c6 [ 366.820925][ C1] RAX: 000000000025382f RBX: 0000000000000001 RCX: ffffffff8b847c69 [ 366.820942][ C1] RDX: 0000000000000000 RSI: ffffffff8de2c764 RDI: ffffffff8c1578e0 [ 366.820959][ C1] RBP: ffffed1003cd7b40 R08: 0000000000000001 R09: ffffed10170a6645 [ 366.820976][ C1] R10: ffff8880b853322b R11: 0000000000000001 R12: 0000000000000001 [ 366.820992][ C1] R13: ffff88801e6bda00 R14: ffffffff90a9a150 R15: 0000000000000000 [ 366.821009][ C1] FS: 0000000000000000(0000) GS:ffff888124820000(0000) knlGS:0000000000000000 [ 366.821033][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 366.821049][ C1] CR2: 00007fa474ce7d60 CR3: 000000003483a000 CR4: 00000000003526f0 [ 366.821066][ C1] Call Trace: [ 366.821074][ C1] [ 366.821082][ C1] default_idle+0x13/0x20 [ 366.821106][ C1] default_idle_call+0x6d/0xb0 [ 366.821130][ C1] do_idle+0x391/0x510 [ 366.821161][ C1] ? __pfx_do_idle+0x10/0x10 [ 366.821188][ C1] ? trace_sched_exit_tp+0x31/0x130 [ 366.821224][ C1] cpu_startup_entry+0x4f/0x60 [ 366.821252][ C1] start_secondary+0x21d/0x2b0 [ 366.821287][ C1] ? __pfx_start_secondary+0x10/0x10 [ 366.821324][ C1] common_startup_64+0x13e/0x148 [ 366.821359][ C1] [ 366.862829][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 366.862863][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc6-syzkaller #0 PREEMPT(full) [ 366.862910][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 366.862934][ T31] Call Trace: [ 366.862948][ T31] [ 366.862964][ T31] dump_stack_lvl+0x3d/0x1f0 [ 366.863025][ T31] panic+0x71c/0x800 [ 366.863080][ T31] ? __pfx_panic+0x10/0x10 [ 366.863132][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 366.863188][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 366.863238][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 366.863289][ T31] ? watchdog+0xdda/0x12c0 [ 366.863343][ T31] ? watchdog+0xdcd/0x12c0 [ 366.863402][ T31] watchdog+0xdeb/0x12c0 [ 366.863465][ T31] ? __pfx_watchdog+0x10/0x10 [ 366.863516][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 366.863571][ T31] ? __kthread_parkme+0x19e/0x250 [ 366.863621][ T31] ? __pfx_watchdog+0x10/0x10 [ 366.863676][ T31] kthread+0x3c2/0x780 [ 366.863737][ T31] ? __pfx_kthread+0x10/0x10 [ 366.863795][ T31] ? rcu_is_watching+0x12/0xc0 [ 366.863836][ T31] ? __pfx_kthread+0x10/0x10 [ 366.863919][ T31] ret_from_fork+0x5d7/0x6f0 [ 366.863970][ T31] ? __pfx_kthread+0x10/0x10 [ 366.864025][ T31] ret_from_fork_asm+0x1a/0x30 [ 366.864086][ T31] [ 367.126711][ T31] Kernel Offset: disabled [ 367.131076][ T31] Rebooting in 86400 seconds..