last executing test programs: 4m1.13089173s ago: executing program 3 (id=1579): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x400, 0x0) mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000) r0 = syz_genetlink_get_family_id$auto_hsr(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="00082b000000fbdbdf250300000008000400010100000800030088000000"], 0x24}}, 0x20004011) read$auto(0xffffffffffffffff, &(0x7f0000000240)='/\x00', 0x100000001) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) socket(0x11, 0x3, 0x1) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r3, 0x2, 0x9) ioctl$auto(r3, 0x400c4d07, r3) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x3, 0x1a000}}, 0x22) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x9, 0x1, 0x6, 0x1, 0x2, 0x7181, 0x3ffde, 0x7, 0x5, 0x9, 0x6, 0x80003, 0x4, 0x11ffffffffffd, 0x5, 0xffffffffffffffff, 0x9, 0x10007, 0x7c, 0x80000002a0, 0x0, 0x0, 0x1, 0x202, 0x9, 0x1, 0x0, 0x9, 0x2, 0x0, 0x0, [0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x548, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x292c00000000000, 0xfffffffffffffffc]}, 0xffffffff, 0xd) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6c45d446", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000600060009000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a0005000180c200000e00000a000100000000000000000008000400140000000800030005000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'ip6tnl0\x00'}) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000400)={'veth1\x00'}) socket$nl_generic(0x10, 0x3, 0x10) 4m0.097793701s ago: executing program 3 (id=1583): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x147602, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x810004, 0xfff, 0x8000000008012, 0x3, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sysfs$auto(0xfffffffe, 0x5, 0x4) ioctl$auto_VHOST_SET_BACKEND_FEATURES(0xffffffffffffffff, 0x4008af25, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mtd\x00', 0x10b402, 0x0) pread64$auto(r3, 0x0, 0x8100000041, 0x3) read$auto(r2, 0x0, 0x1f40) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) msgctl$auto_IPC_INFO(0x401, 0x3, 0x0) shmctl$auto_IPC_STAT(0x1, 0x2, 0x0) setsockopt$auto_SO_ZEROCOPY(r4, 0x9, 0x3c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x8) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) setsockopt$auto_SO_WIFI_STATUS(r2, 0x0, 0x29, 0x0, 0x800005) setfsuid$auto(0xee01) landlock_add_rule$auto_LANDLOCK_RULE_NET_PORT(r0, 0x2, 0x0, 0x7fff) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) 3m58.562605788s ago: executing program 3 (id=1589): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0x501002, 0x0) ioctl$auto_USBDEVFS_DISCSIGNAL(r0, 0x8010550e, &(0x7f00000001c0)={0x9, &(0x7f0000000080)="983967e44a8d289fe9f22839be69c3c7ace987c88681bd44484bc1760c38ece45dc20ad5fb6326c4b70d4ff8bacdee94b9e54c5881cd0ebeb09a0e442686ee5ca1ed538176a16336a158bb7dd0558a317181c0d5f81ae36a56dd634cbdbcf5e5eea0c12ce65b0d76933853e4f17ef22344c1b4797cc9a32ff8b19ce12160786c59a17d4b046d9d72bcae1e3d7cf4f152704934b74fa9dea534828dbf64aad0f79abbce252a1aa7fe7a9010db70d80fa94dc2eb89679b19dd96ef69d78fc432"}) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000140)=':,\x00', 0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x163742, 0x0) 3m58.236626692s ago: executing program 3 (id=1590): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x3, 0x3, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x7, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) open_by_handle_at$auto(r1, &(0x7f0000000300)={0xbd, 0x2, "0200000000000000c32f1a88a7d2ac4f994d42b9ccb04eead5e03d771a33bb03d2d7de959b4fd3cea3ebd9c48b2687fb19852b1da5ab33a6ca4c2b285666489ad5391024feca142d2ce5d558ded9719dea51d787328f8ead177dce68174a0f5524b4ae35369f8a21404d65bd5f6de5969ae3ab017c1bfc19029e678420377d0f040a0177ed0345f589774ee5a94eaa7f61f9b3f5deed725ac61251cf2764951f92e1945bfc2f2a921c06506e166743fbd01a69d364e3a9b990ef201ef5"}, 0x9) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) rseq$auto(&(0x7f00000005c0)={0x7, 0x6, 0x9, 0xfff, 0xa896, 0xffffffff, "af18c8a1eea866e9840b50cd944973113586d3c13361bac7f306af96f7efff43128e2b8c922b8fb895af349b0e062b81eb9c283c708b70b3acce9ee9cb134a7d7b89f2ffb21780113116e8528cfb4e952a1b38f43f7f7b0488d02d3f54d5f95a2b518d94598435ff9e3cb359f175b4a79e5debbe3437a9ee705e85abac6b17f188af31073da2af00acf600fea4db39bb050ffdfdf770463b"}, 0x584, 0x1, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x62, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x401, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_fops_atomic_t_ro_(r1, &(0x7f0000000400)=""/131, 0x83) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r3 = socket(0x80000000000000a, 0x2, 0x0) memfd_secret$auto(0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x301001, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r4, 0x4048aecb, 0x0) socket(0x29, 0x2, 0x0) socket(0x10, 0x2, 0x0) 3m57.006427231s ago: executing program 3 (id=1593): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0x80000, 0x0) read$auto(r2, 0x0, 0x3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000140)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010029bd7000ffdbdf250500000005000700050000006d00018008000100", @ANYRES32=0x0, @ANYBLOB="531c685677000068375317b0e701000000000000ceff"], 0x28}, 0x1, 0x0, 0x0, 0x4008801}, 0x24000802) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) io_uring_setup$auto(0x40, &(0x7f0000000300)={0x3, 0x63, 0xffff7592, 0xc0, 0xffffffff, 0x8, r1, [0x54, 0x5, 0x2], {0x9, 0x5, 0x0, 0xa9, 0x3, 0x3ff, 0x401, 0x6, 0x200}, {0x0, 0x8, 0x1, 0xfffffff9, 0x8001, 0x1, 0x1, 0x7, 0x566}}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) getsid$auto(0xffffffffffffffff) socket(0x2, 0x2, 0x1) write$auto_proc_projid_map_operations_base(0xffffffffffffffff, 0x0, 0x0) rseq$auto(0x0, 0x8000, 0x0, 0x6) mincore$auto(0x1000, 0x4000000, 0x0) write$auto_safesetid_uid_file_fops_securityfs(r0, &(0x7f0000000000)="a947a2328297c2d407b70cf68a9ae2aeff34e0b331b9027c46168f5e3cf83d21c8f53e467028a424a4f27c703868ab5855dfc134d09471881bd7b9a643c000d55414a296c90beb849ec8e1388700433a514131ab88adfbdb5782ee74341b98b01a4e6e428217083619a8a6a8ad38162be87583e368c427a9cf5c4f3eed94edfac54198824d135963ae2ea6d57521ff5883ced5745626e2fc562d1b5750f7e5a622db16e2837929b6e2db46eafea8134f8922f05c8113dfdaaf2c3fffc3f254b988817bd5039dd75a647fcafb76bacd7e66c265901822fda6be9411cbceed531466d3c8b6722d27e824d1462dc947ea016569e0a890b5e1", 0xf7) 3m55.863843435s ago: executing program 3 (id=1597): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/veth1_vlan/disable_ipv6\x00', 0x82002, 0x0) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mtd0\x00', 0x402c40, 0x0) ioctl$auto_MEMGETINFO(r1, 0x80204d01, &(0x7f0000000240)={0x40, 0xfffffff0, 0x4, 0x5, 0x3, 0x9}) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/all/ioam6_id\x00', 0x0, 0x0) sendfile$auto(r0, r2, 0x0, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x401, 0x8000000000000000, 0xdf, 0xffffffff, 0x2, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) futex_waitv$auto(&(0x7f0000000300)={0x7f, 0x100000001, 0xffffffff}, 0x1, 0x100, &(0x7f0000000340)={0x92, 0x7}, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001a00)=ANY=[@ANYRESOCT, @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf25150000000500120010000000080027000c000000380b2b80330b248004008080ba89ebda4be9067b59c90d50dab4ba175b1b13d15e19ee0f5bf6c6d2095efcc719c8e137b7ec6062c6c768e512acd0f1208ee2be2b891868abd1934bd95a54945e649a2afd1272f72e8fffb57e3ba1c8fb306ce2ba95180cf54dcca46ab950e626ff31022afd57f1306ee00962cb60c30a9946d642a00256ed0006ec8364307874f7c763c6e9af0222943721fb4fa5b1cecfe3a908b1fd515dad1e0ca0998fa55ca4bbf9412855250567f1b98186d8597ab6fb715cef224b510a7ccc4cae047b6d4ab94775e1158d87be4806455bbd76baaa3a656ed5f316b17a5a27a6ec9904006d80460a8e80b634a4b1ce57b5a586e945eb157cc566d02bed93630b901c93d3fde23606aa3e80e4d0644fef266741cf5f2879924594cd388ed548e2dea74f9d72af19edad4a810af64d79eaa131b2afaca3f428fd83499d9c7a99dfd9a24cbd9bf5b0f0446521fcf1f416f83791795dc86d63c7a05e38c547e208be35b17fb8aa1fa57ea4ac59aac09a5bfb9f08a6d02e58d5040324f4241a9eb63d5a1e48cff0ed3e97c4af9506ca950ce9d115d242277c614a27a77df014ced1df35f069b42113bc6bf5427f9c1ba6924ec8bafc11ba6d9303461e92e3c3e1b4d5b2954d259654ee2bab0385e3b106c4a93525200ce6e3f1e9f6d4b87b61583abced950ff97dade7ebde309c78d4f1ddbff5cb5c3fd141cbb4e56a97183f705019716cf6d6f300c9677b6f14b2b8d708b675b5c4f2357d9c22dd6bba1195ba295a5f713ac28f043cc671fc7b43fb9b40bf17766c79d698dd68d0e385e926971a18a3c3687c3c8202b806432be62b3030a2c9e31da55a6cd98165f7439f9a09508b8c4b9c5ea32aaf1f7c4246ea8700aaccaf476d9cd5e3b2340d17f13ba40c8fdaf4aa4c4b8763fd86d35bda9aab03e3a252d7e4aea01cdad1fad040b29a9e92ee1fd8c010c30b4cc69917cee531e42efa59c735fe8159a292f57fa7a4600e6833032846d87a515d9803770eb4db6712bce7b51fc2f0eff8a292023a8c7c1544c6e53012f9fe13aa8caf795caccfa4ff2321116a86938e2b782e7a57fe5cbff8df11b0bc86d691a7a8df0cc9486c4898e8bafd0b374798ecdba9af994890465f435d5e6408dd9ddd96df1673098864522e964b565d69882198a999ee41c980dafdf3538400c81ad57dc970a72b75d75850913452021a4dfe885342c4e5c33dbcd801b10866908de67b13c5dc4fb51dce74dae4c4c27413c00b50c8e18d1dcfe28974fee5df4cefd05f7e8e21e8881ef7300ca75af8ef7c8cfa0a1cf8771444e3bd449f957fa4500c1f371ccc31a7b196ca809935887d26d3ed24d2dc16c83aa263abd880df1d27d8463e4f29673fbb0a073caaf975314f5660bdf89c285291a46ddb2f8410b02e86bc522808052288fe16dbb7733976605ed2342c69717ba18334138bc68c994ffa20bbad1672a4ee0dc19a0ec177f36995edc671ef8d29211e4b7d0723a18c36c398df2e924a4f55ef95687e6a4aebcf86d36a9791d561c2203fc4a545d30a5173ffc84612c333a73fd0c84f92554294cfbbe86088e79bc6f1c9bc880b4502e4b47af767f47dbccbf4318ec6a33ee42cafc3e6ced6720adf772de614a754c7b0d93208cb0bdd285e8ff9ffe078bb782a57a14204784880a3379af47423967bf134933d350324a845e7aca06245efec7dd272177bbb663bf83c23161cf7d8b32d45502f6bbc6416720652aa197556c3cf5be55e2f8ace74ce95feb288f681d92ed529bb9892472c3633f744bfde252c8b00808d92daa2a3b4771eee9cc83745c326f8ea02119b55a99bddfc498948e53ce2efa0635276810d2211e9e0e63bc850029865d525cbf43cde05009dca149084d9569a1abb0e5f941bd5c67a77685e965b354dc744617960e642512f2cd86236c9a1791f446e822b86518185d668e7e93daec7b1a9f53034aeabc7c7bf52deefbf5e2a90b085c41c0f528ff2cf81dbc1c28ed95ad75fd65c0e0d793d7111dce84883cbf60cd55e025b824d84e141d54da72111ea2fed1fd8f3c9cf47763ee47a7988d5021ac661641ee95ea9c9d57dd2f8e537f3cb71830a6c1608dadf6beb7339961811f8da34f8fb7b5190f9c146942fda73801812ed6bffa1a60c80e5fd6528e045b40fa78c10f37797d93f827539aa389d59c48254397ff7b72325465d18b04acac619d9d5f80d46b57d28a76fbe83203ecacb91328b145ebbe356178a1eb1c09101fe785c98aab93485ae7b4217412b7ea31fdd965eaaf78d3ab4eec8bc689062b738c002fd94f9cd18bbc5285c57854f9092e85d90ec205f43fcc9d27cd6041fb73ed3164e7f2cb3ea694b89a1879f8cbcdbffdab4b277d0fa3dba5061952d266b2f3821f79cd2b3bf107c6250e711c9ddba407c9ed323d2dfda23d5a4088f8199d1cbb311a1b051da8d792299f471f0ca7fd7925695acaf01e7ad022d96dfb30e66d551fb37522baf2ea71cc5a6416124ee2138c3f2fb5cca4b71eb9d3571deebc898b62406f416caa3fcd732f9661548d8b7ec74bc94d9dcc92b0048abc2b358c0007a905c9513affbd873a368e0b5872a2f4cdc4bb8602ad3ec77cba3e150c8993f5fc88ac7e6b2642f4660486d5823482aae8f90ee7913abdb064398cebe5946c2920d7d99935571f9b1eeb4529373538e699dda91425660a1010a4cf7e9a10713f57fa1d601467ec51ad5153bd94582320ff55380ca7efefacf62f822b948cb3b93f68978f248639c51ac97e3f56bcca9990839ee01df9773b22cf261310d4b3c6b03ef54a9a848c10d1252d0412a8f01ff61bd6978112d6b69e2f71e02a04f43f3a1a8259f7e83c26fc5bc703a8b6d3d325f08b08f9dc10b8f654871386ef94d2493463f7f3d0b20bf93be475b0ed9e870aaedd63b8d08877651bace68300e3a1b0a5d1a3da2b246fef82de3b57eca440ae7a7656ff31ae74cad3a80f1ae615f2747589d4859ec1981a6a5176168db86ab5f6930d4679762956e408d2268cad53aa10727c8b8952114b17c352782dc9afc120535bcb99bcf1161397f19ac4d288677e48f0e6bfdcf5f852a8bc1b432399f0ade5db9585e09e4cc96a63dd7bddecbbaae880678f94111108d76c5d825629a3eee16b2a6362c59ba3cf99a2e2bcfa62d010706bca5c0d009b141f1c3f6a9cc58234f97a5721a3ee31772877ffda5507f8e7053e15cb60df08184dbdd9f2af7a618781fdd39d32404f3e2dc6ac48f35ce31bc70a019235b7776114ef2ae75ebf7b7191e5a61e1c5c82340e12dd98cf9125a3fb1c8062a206ac2aa98e708a190b1b70d1c2450b47394d8e1f21c541b3f4139d2159e9a37acf2ee9ba5e0cf99221a43b46793cad7b7b71784032a0092abb25380fa77646f948ed456d6fa1fb749f736e10491e39569c073308ee782562a59a719e4b8910f737a41ee0644db9905d22f44bae257749b03667b535af492012ad1c50f1d88a46a2c3aeeca86026c6e5ca8289bb153ff85aade4bd00b9bb87017d7816c24a0e71b0d0dcf6dedbc956c81bf445d665da7cb1c009be2f8d7eb286e2e2595166b8df0541ff0b80ab20d9ba30058ef52dc2c1905133bcca7193320811e0bc083798b80bce7e84ea9135d976fbc339b0814cb4f4dd9a71f9a2f1a78da4c60c1671b6ef41798646a702fd9eeb67bd250df336f0c1889c54be82bfc4238d6568ca0e7bf7a3005126d605a867b47f2c96fd6a92a9cf463270a9e2df32c6959c2f272b48a6b76fe7393dc12713c99888e0d03ffdac04f5d3c87e5343bc1a6127484b6d7e18e97a329ae582b8c3dd1be170cff9fdebcadfb339c67a303e15d6f779da6fbd91b401ac8e32fe1a0f16b5aa52ca7801d12aaba5c57945b3d0e768370e031d268b101df06ceaca597ca754d933b08f3b248548d267cbb16430c5110cdaf5b36bc2cf6a7c24f143277f606cbe77ef320505986fa5dc876e87ec74a2c06d0e893ed3da67cd814f209b3720e98d1b2f6afd245bcb682167978b98b9976c2ef41c8e4d5018fca6b1643fc"], 0xb5c}, 0x1, 0x0, 0x0, 0x80}, 0x48880) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab082c8bc8a611f6f8d50e00fe00"}, 0x58) sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f00000003c0)={0x0, 0xffffffffffffff9d, &(0x7f00000019c0)={0x0}, 0x1, 0x0, 0x0, 0x4044}, 0x0) socket(0x11, 0x2, 0x9) bind$auto(0x3, &(0x7f0000000040)=@phonet={0x23, 0x5, 0x0, 0x6}, 0x7) mmap$auto(0x0, 0x20009, 0x8000000010000001, 0x1c, 0x401, 0x8000) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @rand_addr=0x64010102}, 0x54) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xca481, 0x0) 3m40.716521078s ago: executing program 32 (id=1597): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/veth1_vlan/disable_ipv6\x00', 0x82002, 0x0) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mtd0\x00', 0x402c40, 0x0) ioctl$auto_MEMGETINFO(r1, 0x80204d01, &(0x7f0000000240)={0x40, 0xfffffff0, 0x4, 0x5, 0x3, 0x9}) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/all/ioam6_id\x00', 0x0, 0x0) sendfile$auto(r0, r2, 0x0, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x401, 0x8000000000000000, 0xdf, 0xffffffff, 0x2, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) futex_waitv$auto(&(0x7f0000000300)={0x7f, 0x100000001, 0xffffffff}, 0x1, 0x100, &(0x7f0000000340)={0x92, 0x7}, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x6b) sendmsg$auto_NL802154_CMD_SET_SEC_PARAMS(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001a00)=ANY=[@ANYRESOCT, @ANYRES16=0x0, @ANYBLOB="010025bd7000ffdbdf25150000000500120010000000080027000c000000380b2b80330b248004008080ba89ebda4be9067b59c90d50dab4ba175b1b13d15e19ee0f5bf6c6d2095efcc719c8e137b7ec6062c6c768e512acd0f1208ee2be2b891868abd1934bd95a54945e649a2afd1272f72e8fffb57e3ba1c8fb306ce2ba95180cf54dcca46ab950e626ff31022afd57f1306ee00962cb60c30a9946d642a00256ed0006ec8364307874f7c763c6e9af0222943721fb4fa5b1cecfe3a908b1fd515dad1e0ca0998fa55ca4bbf9412855250567f1b98186d8597ab6fb715cef224b510a7ccc4cae047b6d4ab94775e1158d87be4806455bbd76baaa3a656ed5f316b17a5a27a6ec9904006d80460a8e80b634a4b1ce57b5a586e945eb157cc566d02bed93630b901c93d3fde23606aa3e80e4d0644fef266741cf5f2879924594cd388ed548e2dea74f9d72af19edad4a810af64d79eaa131b2afaca3f428fd83499d9c7a99dfd9a24cbd9bf5b0f0446521fcf1f416f83791795dc86d63c7a05e38c547e208be35b17fb8aa1fa57ea4ac59aac09a5bfb9f08a6d02e58d5040324f4241a9eb63d5a1e48cff0ed3e97c4af9506ca950ce9d115d242277c614a27a77df014ced1df35f069b42113bc6bf5427f9c1ba6924ec8bafc11ba6d9303461e92e3c3e1b4d5b2954d259654ee2bab0385e3b106c4a93525200ce6e3f1e9f6d4b87b61583abced950ff97dade7ebde309c78d4f1ddbff5cb5c3fd141cbb4e56a97183f705019716cf6d6f300c9677b6f14b2b8d708b675b5c4f2357d9c22dd6bba1195ba295a5f713ac28f043cc671fc7b43fb9b40bf17766c79d698dd68d0e385e926971a18a3c3687c3c8202b806432be62b3030a2c9e31da55a6cd98165f7439f9a09508b8c4b9c5ea32aaf1f7c4246ea8700aaccaf476d9cd5e3b2340d17f13ba40c8fdaf4aa4c4b8763fd86d35bda9aab03e3a252d7e4aea01cdad1fad040b29a9e92ee1fd8c010c30b4cc69917cee531e42efa59c735fe8159a292f57fa7a4600e6833032846d87a515d9803770eb4db6712bce7b51fc2f0eff8a292023a8c7c1544c6e53012f9fe13aa8caf795caccfa4ff2321116a86938e2b782e7a57fe5cbff8df11b0bc86d691a7a8df0cc9486c4898e8bafd0b374798ecdba9af994890465f435d5e6408dd9ddd96df1673098864522e964b565d69882198a999ee41c980dafdf3538400c81ad57dc970a72b75d75850913452021a4dfe885342c4e5c33dbcd801b10866908de67b13c5dc4fb51dce74dae4c4c27413c00b50c8e18d1dcfe28974fee5df4cefd05f7e8e21e8881ef7300ca75af8ef7c8cfa0a1cf8771444e3bd449f957fa4500c1f371ccc31a7b196ca809935887d26d3ed24d2dc16c83aa263abd880df1d27d8463e4f29673fbb0a073caaf975314f5660bdf89c285291a46ddb2f8410b02e86bc522808052288fe16dbb7733976605ed2342c69717ba18334138bc68c994ffa20bbad1672a4ee0dc19a0ec177f36995edc671ef8d29211e4b7d0723a18c36c398df2e924a4f55ef95687e6a4aebcf86d36a9791d561c2203fc4a545d30a5173ffc84612c333a73fd0c84f92554294cfbbe86088e79bc6f1c9bc880b4502e4b47af767f47dbccbf4318ec6a33ee42cafc3e6ced6720adf772de614a754c7b0d93208cb0bdd285e8ff9ffe078bb782a57a14204784880a3379af47423967bf134933d350324a845e7aca06245efec7dd272177bbb663bf83c23161cf7d8b32d45502f6bbc6416720652aa197556c3cf5be55e2f8ace74ce95feb288f681d92ed529bb9892472c3633f744bfde252c8b00808d92daa2a3b4771eee9cc83745c326f8ea02119b55a99bddfc498948e53ce2efa0635276810d2211e9e0e63bc850029865d525cbf43cde05009dca149084d9569a1abb0e5f941bd5c67a77685e965b354dc744617960e642512f2cd86236c9a1791f446e822b86518185d668e7e93daec7b1a9f53034aeabc7c7bf52deefbf5e2a90b085c41c0f528ff2cf81dbc1c28ed95ad75fd65c0e0d793d7111dce84883cbf60cd55e025b824d84e141d54da72111ea2fed1fd8f3c9cf47763ee47a7988d5021ac661641ee95ea9c9d57dd2f8e537f3cb71830a6c1608dadf6beb7339961811f8da34f8fb7b5190f9c146942fda73801812ed6bffa1a60c80e5fd6528e045b40fa78c10f37797d93f827539aa389d59c48254397ff7b72325465d18b04acac619d9d5f80d46b57d28a76fbe83203ecacb91328b145ebbe356178a1eb1c09101fe785c98aab93485ae7b4217412b7ea31fdd965eaaf78d3ab4eec8bc689062b738c002fd94f9cd18bbc5285c57854f9092e85d90ec205f43fcc9d27cd6041fb73ed3164e7f2cb3ea694b89a1879f8cbcdbffdab4b277d0fa3dba5061952d266b2f3821f79cd2b3bf107c6250e711c9ddba407c9ed323d2dfda23d5a4088f8199d1cbb311a1b051da8d792299f471f0ca7fd7925695acaf01e7ad022d96dfb30e66d551fb37522baf2ea71cc5a6416124ee2138c3f2fb5cca4b71eb9d3571deebc898b62406f416caa3fcd732f9661548d8b7ec74bc94d9dcc92b0048abc2b358c0007a905c9513affbd873a368e0b5872a2f4cdc4bb8602ad3ec77cba3e150c8993f5fc88ac7e6b2642f4660486d5823482aae8f90ee7913abdb064398cebe5946c2920d7d99935571f9b1eeb4529373538e699dda91425660a1010a4cf7e9a10713f57fa1d601467ec51ad5153bd94582320ff55380ca7efefacf62f822b948cb3b93f68978f248639c51ac97e3f56bcca9990839ee01df9773b22cf261310d4b3c6b03ef54a9a848c10d1252d0412a8f01ff61bd6978112d6b69e2f71e02a04f43f3a1a8259f7e83c26fc5bc703a8b6d3d325f08b08f9dc10b8f654871386ef94d2493463f7f3d0b20bf93be475b0ed9e870aaedd63b8d08877651bace68300e3a1b0a5d1a3da2b246fef82de3b57eca440ae7a7656ff31ae74cad3a80f1ae615f2747589d4859ec1981a6a5176168db86ab5f6930d4679762956e408d2268cad53aa10727c8b8952114b17c352782dc9afc120535bcb99bcf1161397f19ac4d288677e48f0e6bfdcf5f852a8bc1b432399f0ade5db9585e09e4cc96a63dd7bddecbbaae880678f94111108d76c5d825629a3eee16b2a6362c59ba3cf99a2e2bcfa62d010706bca5c0d009b141f1c3f6a9cc58234f97a5721a3ee31772877ffda5507f8e7053e15cb60df08184dbdd9f2af7a618781fdd39d32404f3e2dc6ac48f35ce31bc70a019235b7776114ef2ae75ebf7b7191e5a61e1c5c82340e12dd98cf9125a3fb1c8062a206ac2aa98e708a190b1b70d1c2450b47394d8e1f21c541b3f4139d2159e9a37acf2ee9ba5e0cf99221a43b46793cad7b7b71784032a0092abb25380fa77646f948ed456d6fa1fb749f736e10491e39569c073308ee782562a59a719e4b8910f737a41ee0644db9905d22f44bae257749b03667b535af492012ad1c50f1d88a46a2c3aeeca86026c6e5ca8289bb153ff85aade4bd00b9bb87017d7816c24a0e71b0d0dcf6dedbc956c81bf445d665da7cb1c009be2f8d7eb286e2e2595166b8df0541ff0b80ab20d9ba30058ef52dc2c1905133bcca7193320811e0bc083798b80bce7e84ea9135d976fbc339b0814cb4f4dd9a71f9a2f1a78da4c60c1671b6ef41798646a702fd9eeb67bd250df336f0c1889c54be82bfc4238d6568ca0e7bf7a3005126d605a867b47f2c96fd6a92a9cf463270a9e2df32c6959c2f272b48a6b76fe7393dc12713c99888e0d03ffdac04f5d3c87e5343bc1a6127484b6d7e18e97a329ae582b8c3dd1be170cff9fdebcadfb339c67a303e15d6f779da6fbd91b401ac8e32fe1a0f16b5aa52ca7801d12aaba5c57945b3d0e768370e031d268b101df06ceaca597ca754d933b08f3b248548d267cbb16430c5110cdaf5b36bc2cf6a7c24f143277f606cbe77ef320505986fa5dc876e87ec74a2c06d0e893ed3da67cd814f209b3720e98d1b2f6afd245bcb682167978b98b9976c2ef41c8e4d5018fca6b1643fc"], 0xb5c}, 0x1, 0x0, 0x0, 0x80}, 0x48880) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab082c8bc8a611f6f8d50e00fe00"}, 0x58) sendmsg$auto_ETHTOOL_MSG_PAUSE_GET(r3, &(0x7f00000003c0)={0x0, 0xffffffffffffff9d, &(0x7f00000019c0)={0x0}, 0x1, 0x0, 0x0, 0x4044}, 0x0) socket(0x11, 0x2, 0x9) bind$auto(0x3, &(0x7f0000000040)=@phonet={0x23, 0x5, 0x0, 0x6}, 0x7) mmap$auto(0x0, 0x20009, 0x8000000010000001, 0x1c, 0x401, 0x8000) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @rand_addr=0x64010102}, 0x54) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xca481, 0x0) 6.562520995s ago: executing program 4 (id=2364): statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) socket(0xa, 0x1, 0x3) setitimer$auto(0x2, 0x0, 0x0) setitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f0000000000)={{0x3, 0x3}, {0x8, 0x5}}, 0x0) unshare$auto(0x40000080) r0 = socket(0x10, 0x2, 0xc) syz_genetlink_get_family_id$auto_nlctrl(0x0, r0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x30004011) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) fcntl$auto(0x3, 0x4, 0xa553) ioctl$auto_TIOCSTI2(0xffffffffffffffff, 0x5412, &(0x7f0000000040)) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) getpeername$auto(0x3, 0x0, 0x0) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x80002, 0x73) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/pwc/parameters/power_save\x00', 0x800, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xae00, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) prctl$auto(0x1b, 0x3, 0x2009, 0x0, 0x0) ioctl$auto(0x3, 0xc048aec8, r1) madvise$auto(0x0, 0x200007, 0x19) mremap$auto(0x0, 0x2, 0x9, 0x3, 0x7fffffffb000) prctl$auto(0x1000000001c, 0x5, 0x8, 0x8, 0x80001) setfsuid$auto(0xee00) 6.374759949s ago: executing program 0 (id=2366): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) (async) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x8c000, 0x0) sendmsg$auto_ETHTOOL_MSG_PLCA_SET_CFG(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002dbd7000fddbdf25280000000800090009000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000845}, 0xc041) r1 = getpid() r2 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) (async) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) (async) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) ioctl$auto_BLKDISCARD(0xffffffffffffffff, 0x1277, 0x0) (async) ioctl$auto_BLKDISCARD(0xffffffffffffffff, 0x1277, 0x0) mmap$auto(0xfffffffffffffff9, 0x20009, 0xdf, 0xeb1, r2, 0x8000) (async) mmap$auto(0xfffffffffffffff9, 0x20009, 0xdf, 0xeb1, r2, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x14) socket(0x25, 0x1, 0x84) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0x1000}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000040), 0x40000000001243}, 0xa, 0x0) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x14040, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r4, 0x5001, &(0x7f0000000480)="8d4913d7a4e3f91413d960518679fa45e89aacdcad87d74ad1b06440bd2d6cb519689357619ddd7ed5a5150b0c012d7c78c84b3219962145a376d588ecba0e63b7a6b349267b2bbe024a78294ca15886e8f17f496e7a59c014b3edbdce4277495f17d5a2906383c7e5de3beff441da6d35398c510bc3527e214f0dc91cd8300eb778f0d3257a930afcf82fd0cc33fa99f5463812fb765bb616d3cf300bc405b5bcd538c84694dc8409e54c3a9f95f9e427b1413890ed563b4520e60a7e355592ffa14fe99add4d23fb66f52177280ce7fb9be7c57ae02cb2410fae0c0263ed6125c78ce8e301e4c7823d640323cf144b26a76b274a07d170adc19bc9b6f5f841d6d47e13fa56a4742c507c159df666eddffbcf3371d753112afb614e386c1c1227bd0463bb1ab3e0e82eabec8462d08ee0cda29215ff9af9b300520cd56ec63ce494b9501db1ccf0770153decbefe9389a883aff531fa771cad5eb13d19029d5709cb5aa65fec3d3689efd2fb10c3e63") openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) (async) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000840)="13") (async) ioctl$auto_TIOCSTI2(r5, 0x5412, &(0x7f0000000840)="13") r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001140)={0x24, r3, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_ACTIONS={0x4}, @OVS_FLOW_ATTR_KEY={0x8, 0x1, 0x0, 0x1, [@typed={0x4, 0x35}]}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x3ce469a78f6c9bbb}, 0x800) (async) sendmsg$auto_OVS_FLOW_CMD_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001180)={&(0x7f0000001140)={0x24, r3, 0x1, 0x70bd25, 0x25dfdc02, {}, [@OVS_FLOW_ATTR_ACTIONS={0x4}, @OVS_FLOW_ATTR_KEY={0x8, 0x1, 0x0, 0x1, [@typed={0x4, 0x35}]}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x3ce469a78f6c9bbb}, 0x800) ioctl$auto(r0, 0x2000401, 0x38) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/scsi/drivers/st/debug_flag\x00', 0x501, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000140)="30624bf1", 0x4) (async) write$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000140)="30624bf1", 0x4) r8 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) read$auto_fops_u64_(r8, &(0x7f0000000240)=""/115, 0x73) ioctl$auto_TUNSETCARRIER(r0, 0x400454e2, 0x0) close_range$auto(0x2, 0x8, 0x0) 6.055179904s ago: executing program 0 (id=2368): r0 = socket(0x11, 0x3, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000180)="e9", 0x36}, 0x5, 0x0, 0x0, 0x1001}, 0x5}, 0x2, 0x11f) 5.831280083s ago: executing program 0 (id=2369): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x80, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1d, 0x2, 0x6) r2 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f00000000c0)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd238032b20ed763ac8caf4b9b4c30b530ac6ebbff950e1a647d6a08a1b55dde5a409b4a", 0x3a) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x6c}, 0x1, 0x0, 0x0, 0x40084}, 0x40) io_uring_setup$auto(0x6, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) sendmsg$auto_L2TP_CMD_SESSION_GET(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x24000004) close_range$auto(r1, 0x8, 0x0) socket(0x10, 0x2, 0x15) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) 5.515773693s ago: executing program 0 (id=2370): r0 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/bluetooth/hci1/hci1:201\x00', 0x82042, 0x0) ioctl$auto_BTRFS_IOC_DEFRAG(r0, 0x50009402, &(0x7f00000020c0)={@raw=0x800, "3904773273cee8c4d79d7f8d700901070f54c3499dd6685309ce286528d79709dd70922cbd1bbda06ea6d2bcfa55f99c8ecb7f1ebbe1f3261ec906cde50d819081d5990aa1d79f73afb363032f950c161ae37a61f2c55b3df54e471acd107572500b1aa0166c40081c48eb5aa46faa4079fc581cb63e8f329146dbfae3a5a5e327aacea379f217259b4539e233468b086113839493b998be1114af96586192ce679535ec9ecda8fc995ac9f8efb161b8c9b00f771f0d8537ed795c6a68af3ee0420b97040aa46bbf22049e50d7d4c92923bda7d7fa9f461f4fcddae4b1ae6f7a596cc32029a85bd45d6ecfcc66923158cb4583bb7b8605efb739122941d2edccac370fd2dd49d4de744978790a05ef57934916713ef6326fd7a12b7324b090636c6b5cb747767ae47e0c85c88464bab18c1bce9ddb8026db67020a23caab67a15e5a29486fc96f6ef4ff0c8877086810c9951877707604cbdef8a0a9202d5707f4c7c39bdfab5af7ce0d169eec259afc29203e113b1438e8b4b5ae777a01dd2cdfd72d2a083108f6866bd50e0dba586f9c48cd65f16c2908077e33a84f4a8a7d1fae278a5ace9a1303ff107b097e9533e86ff83fb489f66d12a00cec5f7e5cc5bcfe90156f983c1e6189335de6e897ea8da4a43616bf7fc0fb0048aa38ca677e6ce8e66d2c79f19abc7bd232297d63eb848a71ba445d4bb65a327d7b7552bf0cb1e251943b217c6e1e7d332323c9f258ca9fcb9bc6ba9ff96cc740b1da4ff797fead76b8b21008b46454a801e10a5754e4556a9b7c124f4f01920e85acb2d330a6dde62f5d995ffa1d94168faf2718d06cb1c92ca95f7e76f752726d4f7713a11441c78b46583bdb685d8511b32234675cb710617248fe63c6f7723e76832f786cbb4dfb2df9b4a78e8772a9cd749e6cf85ff6e90bfc5727c08d39ba1c8e4bd94536536e3c90dfd9bc6b82633e5b60a5609910194fb60b90624a19de8c7ff1e63e02100eabf59112b6fdfab15c0abfd6c2151b4654ffcbce653c8317038cccbe955b481e282de41b0635e37bf1c4d3c992ef7d7926c53802ae6b112a94bc4bca81b9761088ed5ae510232a6d2dd70b88bcc15971a2c15969e87ae89cd362aa356462a4d53f317ac1fd0b171885a4791b55a6847158f82f58823e3959b05185b0c1a7759344d8e6acbed15e7418de0b9f762a9961b6628916342fbe58619df4c4087c83a7757e3df3c070cb7c733fcfa7eb2ab3058278c8127d94d1aac14385a0d2b86f58d8ec2c7d704bbff7a33035bb933b59297c54d41caa98ab3c553515fcc622a766b37a6b4c26cc15b0c3849f156f5daec3e4415cbdd25c14a3919563556c2435f0c5aaaed99e78e90603267b1a077d144c23e4dd46c8657575b239369fadef3f23785df652393a4a91d15bfb690763c1398a5236ec993ade32c57b41f277b979d847c1d83b01bee71ba929ef343a79f82b997e5a6c861d108aeb899dc7864dd6c90adee0baf21bd7cf846b4c37da0999ba95bff176c246b650e2ed22e5033b13b1eb4a92ecd3547162d7133d0a3b3361baf1908e41de3c4cd4c7d7eabc81c8bed48332d1a7946753e22154f5be63d31849621477aaba0021a6cc6ad6cd5462e365168a2c2d672595b2b518986af63d53ec6b273c2e0f7ed16caa7661db997a6bb7c2db4ef1b1c0275a646d0582ad904e51c531f1639f993a6528d726b45636e9f41c1f1dc51b586dc7c5c5fcbf0d7d85a738c40d74d011b7608a329fe8d655794245d88c6bce3b0e42e951a52ffea4d94b20d084b6df72f5661f1d35419f5ad1fdca692cf2571c9d1c8e2621a28c87d3c98e53523b861b9c739a9a0f2d374a88a4202b91106a80ce6d94ab5f5fdca1942bc9d5ad45f77633db5c5129e2932327c1e879daf7aba6c2a715b5b6b5d481b53976234c4058e57f051f23debec3b143eaa74b759f6508a979abd25fa77edb396095dc9cb9217d042644cb895a2108a8587bdcd675b5d218a74b45862b73d9d33c5d46e3ae6ba07f45033ac959126cd198c452d3faff6ef3e94ab516d70532dc211a4bf182216f1888f858310dff3137c4cf0224b2d36a15ada4f77f11df093c6b6ce4329a59ec022f0b4b66cf777dd65d9365417dbf90085a90bfee3323307ef59619f4360479776377fe4d6c51a50a8cc58b1dab82f523b8ebbf32a49e4e1eb63f2627fe4f6bbf2eb1f27b8dc7c17898733c2cf0b37022a09a16b517aa4b96ab89fd725976dff681a6cb4a0d4f1bc50c88bf27e77f4107043658ba3145545cb2141f6574318ad9872356a82e6e4d59fcfb4f5f4eff4000282f0e571838bcdcdd6802b8fbbd759395034899e6f455a5433f76968fd5f94d899191036463bac33e176c5399bb6b23fb956e2a8a66868abe86f032b703dc0357584044048d7426c2285393b1364c43bac0357297a0c4065f54ebf386ea75513adcee1795e1177b99d947addfb2f411e1187bc5d374c36e52f6981199c0ee9eb748a3b55d0ccb694184cf9351fc91fcb2d1f29b87ad8ee741d0e50ba5f72bd4dcd07c80fbfca0f7cfbdb7eebc44bd5a4c90117489da87423ad65deb4356bd3284f4aeb1890b4c68b05c80b0fd016ad0acd33aff8b6c238edc83156941948421dfd24cfa48b12866e5dd0c76075a74a827226b995a8b1752261c4012bd90cfa667ae44f934b64217e84f4d8ae66a9cb49ac33f3c8e63c161fd09f913227c8be2274062a8768788806e19ecbb8d0608d4a9dabb7396878a7cabb7f164ff3f7d1338b14c23ff0b1bc001e2d3318b9c83e2237a36ff08b6d05ece0d9df3f8bae0c5ee8d20dcf072d9259c3cf0a51403ef9b95066648399d896ff676afbc62b2cb9c5d269ea639ad47ffcc98d9477d3a3f34a2f111fdc8c9de632d9358ca93c0ef7b4768e7caa1b98ab0018dc2682d1510b4cc34018a7f2c3364c6d2e26ac127596aff440f22539217f3ae1f09f8443059ec3ed05b7d2906e1aafc169efe708e0ac5616bc16d23bbea1925f6784c6dba0ce799de20b84beebbb42c71fab8f8fd7d2d93e7541038a8a9ce914d433f61284ffe585a2ad2c0f52eda8a247c3d3e568c3c4eb17856e7dafa6ceafb7c538901730d89f28a70f7914d95092e40d33acf0d0d0b0194ecb8eae43d90cb1d6696891805368f597a924d6418bb51412230cb9cac1131d24f38c493adc6d0c599b06e4d75c8372606d045171d6412d2807b0e50782d2709cbabf360c78763c94977ced5c731cb51280dc0380686bccb914b5a3e978ce236168a3cefa08c81260901df03aa3c7cda7f6a65c0e904ed804853a2674a91ba4c966b97a8cc3d0d7fc11cb6393b827a09e397160169e94731a3b833cf1034e286b88af56f222fccaaf0fa018abd965306491bb1a32be90b011e44998ee8b8165f1bb4ebe58a71e460b6fdb657c9bda45bddebbfeae3a4ef3887961e5bd4f3060bb3dd0d5edf370bd57a3fa826380f88b003c20b68d6f00064bde80d2352dfd5edd2211ff8337316a4482daf78352f779aee78d03c0b59d1dddbf6662f80b37b888e31d4644c6809db278ccc7f376f506e61b2f92590b6c0e3e8163c5074b52bdf9d8e59c6863651ce608683e3fa53e99a9f52366f0c7f79c8c888f4e10e787def5133298039e859ed562dce3d6111c3e23ecc5b9abeae29741fc3e1a5f2375c58caf2448a5d25f592954c433efd51f8028534f5079e43edc9e174e852966220204390de16cd01c38faeddf867710146df4e8169599db687963db0ea7dd2257e1ea702a562a5b9ac732f33544d5a1db9a0df48e850ab5c544e22de5620570dccc7ae7002b39803aee77cb7ef0b99a44e8435babfb75af6d60a45084a6e87a3d1f6d3bfad248ecc684dd277f4f5bc31ff8e38c0ddd325a56dce9d45abdc0c1c8487d296219ece589d103e03456487dbde4d498460afef71e5471a7e1809cee8e7a7553bad66108c32136cea8949d9673f9cd72edcefcfb4772509309491effbe8d6538a377300d79ddf5f52a1fa189dd2f8819e98423c8a2a7c1e21ca7b4e93e3121a036008618e74c3258d10566e295e6328100961ef70f8750da39dbc6c245ac3ae7995bd8e020c3641af49b08462b4492e03c8e59c89cc54da091c8ff454385c6a8a710ae51fdc91971db494b94efffd880dc38e669239f5c7d19b9fde1569500c76f0b58eb9db166bd81792a2d117af5ec5716b9ce034519fb086ff407b2a070f2a2ae1e726a0c60447930704dbaa1a118563d90e99ce87916b05ddadd2901b4324a66845090524cb539d759ab177627292810543bd9024a75d5f19578ee6912b56e23fe6fa475f86c2a450195699eb6a60a4835610f1effb7a0ddb29af5412bdf6270f62e659bf53b8a9cac16696d64e23c642ccd1b478d5c58122ad932661295603e5ab46665208eba001ea9f0145c51329f1bf21725cd961dd850c9a09fbf282d79098403e59fc9187970f55befa16e4e9a23d08cad5bf359157290151057d588402cef6772282a9467ea1b7367728c5242fb80f93fc5478c3a6cc15a6caefcd9720b45b25ce410a1098f0d718ef85017e8ff87c83bd8a542badf4c3f25a3f3ddc3e6d5f6fe32f9817f701865b78887884c7976fbcde76efc4652c83f9521db6e70892ba0dfebbe5b960fa66736f632b7551c4995727032273f482667926d374461908f1a40ddb9669f9bea6121c4cea0e3d35bc048d67d0312bf4ea4d6dab17843250bf5ec367f06fca0c293e8dd39bca4cb4d0b4f604fe95b5e646ee696d6fc1959a69e2f37c1b2a09fd8be16fe58a05f257908d80d020f46eead246568072793a7df235df4662abb7ed4c36e02ace71a7450f65478a90237692f72b11844d58e979dae829286130aaf5fbfad3a4169ac18df97296444c24951185ca507b88ce85be2dd2b88965cf31d02a79cfdbf92e8790add13372dfc67cbc4b9ac6681abf0d9105b3c46dd304af0fa80c215d082379c83ab44aed4b280c4c3ae2c603fa826ae6740054fc2b837db32c80825fe0454e9acbafd4d05684987564b77fe653e1040ba0b0c3001ab416c59a15d7ec44e0e2fa3d4244bd6196a974e8ad224776ccf563d68309d4fad836069f045ef30ef192cc1f46ef2f6ccd1c9d9d4482b279030f55baf58049a2732f675ea960fcee7504522a8d8950db348298e41d0cc6c8c9ecec9ef0144375710dc584beb0b725f6d04b6ee23159543ed567415ef4d751ded38d9ecfb900335ae5dd29ce79344b8f24bb2e53bdefa984dd3e1b5c2429a7fb4507f44b7b81e54e0f3413ca9064a4798ea7308aab1a67ebdbccda256b51b28ac6c7cf06cdc5f976d6d27a45b1ab52bcfc155cda73faff2b2db161ad8a79e10bf170405d36f333cac9c482b10b8c282a3b797a7155cdbfd150935af6704ff701faa9bf9af1dfe0ee756f8e543c8164e3d9808e5e3a172bc8a9dab8f45515c8834d42692071ddd559972fd061369bcb3d646520b4faf8996004b900f22115da16834dd91d02d4e9cdc883100da8ae28cbc8a9ade1f8a3bd96f695e0857cd542087df6f7386920bad5f328ab0069f6d405ffa8f12b58e574a066f812f169c83b57478fa9324921c91e4bfea6cf328fa19d93a44294d4b795e9412bcb923be9f6e0298e9d22d0d919b381691f8a42ae2f9a53d594741c9c755439e17b694a02dddff781dc0fd10ec61fd82702bb4f3ac35acfd62d17905de87009cdfe8ccafe033b36d7fd8602d42aa92029ab3552a013a298ebe3d6a18318c9dc4e8ed32d945aaee8684b33fabb9d"}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zram0\x00', 0x80000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0x11, 0x80003, 0x200300) setsockopt$auto(r2, 0x107, 0x18, 0x0, 0x9) (async) mmap$auto(0x0, 0x4000d, 0xdf, 0x9b72, 0x7, 0x28000) (async) r3 = socket(0x2, 0x5, 0x0) setsockopt$auto(r3, 0x10000000084, 0x5, 0x0, 0x4) (async) capget$auto(0x0, 0xfffffffffffffffe) (async) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) (async) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000000140)="55bd57407275de3453cb", 0xa) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r4, 0x40084503, r4) (async) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) (async) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) (async) fsopen$auto(0x0, 0x3) (async) io_uring_setup$auto(0x6, 0x0) (async) mmap$auto(0x0, 0x4, 0xffffffffffffffff, 0x400eb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x3, 0xff) 4.822777877s ago: executing program 0 (id=2372): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x400, 0x0) mmap$auto(0x0, 0x400005, 0xffffffffffeffffe, 0x9b72, 0xc76, 0x8000) r0 = syz_genetlink_get_family_id$auto_hsr(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="00082b000000fbdbdf250300000008000400010100000800030088000000"], 0x24}}, 0x20004011) read$auto(0xffffffffffffffff, &(0x7f0000000240)='/\x00', 0x100000001) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) socket(0x11, 0x3, 0x1) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r3, 0x2, 0x9) ioctl$auto(r3, 0x400c4d07, r3) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x3, 0x1a000}}, 0x22) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x9, 0x1, 0x6, 0x1, 0xfffffffe, 0x7181, 0x3ffde, 0x7, 0x5, 0x9, 0x6, 0x80003, 0x4, 0x11ffffffffffd, 0x5, 0xffffffffffffffff, 0x9, 0x10007, 0x7c, 0x80000002a0, 0x0, 0x0, 0x1, 0x202, 0x9, 0x1, 0x0, 0x9, 0x2, 0x0, 0x0, [0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x400000000, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x4, 0x548, 0x0, 0x0, 0x0, 0x100001, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x292c00000000000, 0xfffffffffffffffc]}, 0xffffffff, 0xd) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="6c45d446", @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000600060009000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a0005000180c200000e00000a0001000000000000000000080004001400000008000300050000000a0001"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r2) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'ip6tnl0\x00'}) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000400)={'veth1\x00'}) socket$nl_generic(0x10, 0x3, 0x10) 4.748651623s ago: executing program 4 (id=2373): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000021800"}, 0x1b) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r0 = socket(0xa, 0x3, 0xff) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa}, 0x55) 4.594958218s ago: executing program 4 (id=2374): r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000240), 0x40, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r0, 0x4008af25, 0x0) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyua\x00', 0x20804, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x0, 0x0, 0x1f, 0xb}, 0x800009}, 0xffffff23, 0x20000000) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0x4, 0xffffffffffffffff, r2, 0x352) close_range$auto(0x2, 0x8, 0x0) writev$auto(r3, &(0x7f00000001c0)={&(0x7f0000000100)="1be8b86da0ec1e6be14a2754e5bcca40", 0x2}, 0x80000000) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x7a6963ff, &(0x7f00000000c0), 0x40001) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) io_uring_setup$auto(0x8000, 0x0) capset$auto(0x0, &(0x7f00000000c0)={0x1, 0x44, 0x4a}) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x5aa, 0x0, 0x1f, 0x0, 0x27, 0x1087}, 0x805}, 0x2, 0x100) unshare$auto(0x4) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x80000001, 0x3, 0x90, r1, 0x9) flock$auto(r4, 0x800) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) mmap$auto(0xffffffffffffffff, 0x1000000000000000, 0xdf, 0x9b72, 0x2, 0x401) mknod$auto(0x0, 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x200080, 0xa0) fcntl$auto(0x3, 0x4, 0xa553) read$auto(0x3, 0x0, 0x7fffffff) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000180)='/dev/usbmon14\x00', 0x2180, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000200)='/dev/fuse\x00', 0xd18acda85df1ae8c, 0x0) 4.468160233s ago: executing program 4 (id=2375): openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/environ\x00', 0x82a00, 0x0) (async) r0 = openat$auto_proc_environ_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/environ\x00', 0x82a00, 0x0) read$auto_proc_environ_operations_base(r0, 0x0, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xffff, 0xfffff0b6, 0x5, 0xff, 0xac1, 0x2, 0x36242398, 0xfffff5b2, 0x3bb, 0x7, 0xffff, 0x800, 0x81, 0x68198}, 0x6f3) r1 = mq_open$auto(0x0, 0x62, 0xfffc, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x44ac00, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x44ac00, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x10000800000003) clone$auto(0xd6, 0x9, 0x0, 0x0, 0x2) (async) clone$auto(0xd6, 0x9, 0x0, 0x0, 0x2) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0) (async) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0) read$auto(r2, 0x0, 0x39b8) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram0/queue/nomerges\x00', 0xe3102, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram0/queue/nomerges\x00', 0xe3102, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) r3 = socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r4, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRESOCT=r1], 0x2c}, 0x1, 0x0, 0x0, 0xc810}, 0x0) (async) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r4, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRESOCT=r1], 0x2c}, 0x1, 0x0, 0x0, 0xc810}, 0x0) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) (async) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptybd\x00', 0x41b80, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4.366651021s ago: executing program 0 (id=2377): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = bpf$auto(0xa, &(0x7f0000000000)=@task_fd_query={0x0, 0xffffffffffffffff, 0xa, 0x75, 0x80, 0x10001, 0xffffffffffffffff, 0x6, 0xcf}, 0x400) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0xfdf3) ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000100)="000004") write$auto(r1, 0x0, 0x41ec) mmap$auto(0x0, 0x2020009, 0x2, 0xf8, 0xfffffffffffffffa, 0x8000) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xb8, 0x100000000, 0x5, 0x1b, 0x93c, 0x1ffdc, 0x7, 0x2000000000000006, 0x2, 0x9, 0x5, 0x2, 0x8001, 0xae, 0x9, 0x922, 0x7, 0x5, 0x5, 0x3, 0xfffffffe, 0x0, 0x200, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8000000000000, 0x0, 0x8000000000000000, 0x0, 0x10]}, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008) accept$auto(0xffffffffffffffff, 0x0, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x3, 0x5) ioctl$auto_TIOCNXCL(r0, 0x540d, &(0x7f0000000140)="b80ae1746b86cc388454e114fd7df545685efa03dbae92bde9023515d8a440e7815da7dda46c125517a2a937263fa5c3168a7330e1fb49507287b829e0e77d") prctl$auto_PR_GET_NAME(0x10, 0x8, 0x2, 0x0, 0x5) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs4\x00', 0x200, &(0x7f00000001c0)) 4.203000996s ago: executing program 1 (id=2378): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram11\x00', 0x20000, 0x0) mseal$auto(0x1ffff000, 0xfffffffffffffff3, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) madvise$auto(0x108000, 0x2, 0xa) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400, 0x2) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r2) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x100842, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r3, 0x5404, 0x0) ioctl$auto_SNDCTL_TMR_TEMPO(r3, 0xc0045405, &(0x7f0000000140)) ioctl$auto_SNDCTL_TMR_START(r3, 0x5402, 0x0) rename$auto(&(0x7f0000000040)='./cgroup\x00', 0x0) fanotify_mark$auto(r0, 0x7c9, 0x9, r1, &(0x7f0000000080)='./file0\x00') r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/mptcp/pm_type\x00', 0xe0002, 0x0) sendfile$auto(0x1, r4, 0x0, 0xc01) 4.014943453s ago: executing program 4 (id=2379): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2}, 0x4014) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = prctl$auto(0x115, 0x1, 0x4, 0x5, 0x7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/cpu/cpu1/hotplug/fail\x00', 0x82942, 0x0) sendfile$auto(r2, r2, 0x0, 0x200) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) r3 = timerfd_create$auto(0x9, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/49, 0x31) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x28300, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r3, 0xc1004111, &(0x7f0000000000)={0x8000008, [0x2, 0xffffffff, 0x80000000], [{0x80, 0x2, 0x1, 0x1, 0x1, 0x1}, {0x8000, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x5, 0x6, 0x0, 0x1, 0x1}, {0x9, 0x400, 0x1, 0x1, 0x1, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x6, 0xffffbffe, 0x1, 0x1}, {0x1, 0xc1f, 0x1, 0x0, 0x1}, {0x2, 0xfe, 0x1, 0x0, 0x0, 0x1}, {0x3ff, 0x1, 0x0, 0x1, 0x1}, {0xc14, 0x5, 0x1, 0x0, 0x1}, {0x7ff, 0x4d3c, 0x0, 0x0, 0x1}, {0x2, 0x3, 0x1, 0x1, 0x1}], 0x7f, 0xfff, 0x3, 0x3, 0x2, 0x7f69, 0x100000001, "64b91cc75e50f9bfb73422d302bb9262ca4383f3137e87364ff62cfa69013312b39e05e3bb4c990e99e06e310552976c2f5b0732887c3a8873bae9024b524de3"}) mmap$auto(0xfffffffffffffffe, 0x800000000000200, 0xfffffffffffff19e, 0x11, r4, 0x8000) close_range$auto(0x0, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) ioctl$auto_EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, 0x0) close_range$auto(0x0, 0x5, 0x0) pipe$auto(0x0) pipe$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/misc/hw_random/rng_current\x00', 0x0, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r5, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) write$auto(0x1, 0x0, 0x80000000) 3.971797861s ago: executing program 1 (id=2380): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) io_uring_setup$auto(0x6, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0x5}, 0x5, 0x80000000) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x240, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto(r0, 0x8924, 0xffffffffffffffff) 3.562093976s ago: executing program 1 (id=2381): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000003f00"}, 0x1b) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r0 = socket(0xa, 0x3, 0xff) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa}, 0x55) 3.252017403s ago: executing program 1 (id=2382): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/fs/ocfs2/cluster_stack\x00', 0x88282, 0x0) sendfile$auto(r0, r0, 0x0, 0x1) socket(0xa, 0x5, 0x0) r1 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/gretap0/statistics/tx_window_errors\x00', 0x800, 0x0) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/uts\x00') ioctl$NS_GET_PARENT(r2, 0xb701, 0x0) open(0x0, 0x22240, 0x154) ioctl$sock_SIOCGIFINDEX(r1, 0x401c5820, 0x0) mmap$auto(0x0, 0xc, 0xbc5, 0x13, 0x3, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/neigh/xfrm0/interval_probe_time_ms\x00', 0x82801, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/fs/ocfs2/cluster_stack\x00', 0x88282, 0x0) (async) sendfile$auto(r0, r0, 0x0, 0x1) (async) socket(0xa, 0x5, 0x0) (async) socket(0x2, 0x3, 0x6) (async) lsm_list_modules$auto(0x0, 0x0, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0xa, 0x5, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/gretap0/statistics/tx_window_errors\x00', 0x800, 0x0) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/uts\x00') (async) ioctl$NS_GET_PARENT(r2, 0xb701, 0x0) (async) open(0x0, 0x22240, 0x154) (async) ioctl$sock_SIOCGIFINDEX(r1, 0x401c5820, 0x0) (async) mmap$auto(0x0, 0xc, 0xbc5, 0x13, 0x3, 0x8000) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/neigh/xfrm0/interval_probe_time_ms\x00', 0x82801, 0x0) (async) 2.698906339s ago: executing program 1 (id=2383): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/perf_history_size\x00', 0x1182, 0x0) mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) r1 = io_uring_setup$auto(0x86, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948e, 0x3, 0x15f4da0a, 0x3, 0x3, 0x8, 0x0, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x120e2, 0x0) write$auto(r3, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYRES64=r3], 0x28}, 0x1, 0x0, 0x0, 0x30004801}, 0xc040810) write$auto(r3, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) r6 = socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_EXTERNAL_AUTH(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYRES16=0x0, @ANYBLOB="00012cbd7000fedbdf257f0000000600f700050b00000600b10005000000"], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x10) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r7 = syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) r8 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) read$auto_proc_pid_maps_operations_internal(r8, &(0x7f00000010c0)=""/4082, 0xff2) io_setup$auto(0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000001c0)=""/176, 0xb0) r9 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x42, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="24000002", @ANYRESHEX=r9, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRESDEC=r7, @ANYRESOCT], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097f751b33e}, 0x80) sendmsg$auto_OVS_DP_CMD_GET(r1, &(0x7f00000005c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0xa0, 0x0, 0x101, 0x70bd2a, 0x24dfdbff, {}, [@OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x2}, @OVS_DP_ATTR_UPCALL_PID={0x8}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r10}, @OVS_DP_ATTR_IFINDEX={0x8}, @OVS_DP_ATTR_IFINDEX={0x8, 0x9, r10}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x7f7ffffc}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0xfffff001}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x401}, @OVS_DP_ATTR_USER_FEATURES={0x8, 0x5, 0x4}, @OVS_DP_ATTR_NAME={0x44, 0x1, '/\xd1\xd0\xd6r\xacC\xe4\xecmidiC2D0\x00s\xe1\xaenO\xd8\xed\xc2\x18\xeb,2\x12\x02\x00D\x9c\x9b\xcax:\xcct\x06\\=\x17\xdbZ4\x91\xb4\xcf\xd6\xba\x82\x18\xed\x0fm\x11\xd4\x9fe\xfe\x1a'}]}, 0xa0}, 0x1, 0x0, 0x0, 0x48050}, 0x8080) 2.695060746s ago: executing program 2 (id=2352): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) capset$auto(0x0, 0x0) open(0x0, 0x22240, 0x154) socket(0x23, 0x5, 0x0) connect$auto(0x3, 0x0, 0x55) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/serio/drivers/rainshadow-cec/bind_mode\x00', 0x183080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000001180)=""/187, 0xbb) mmap$auto(0x0, 0x20009, 0x7, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) r2 = socket(0x2, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x2, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x200, 0x1) r3 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x84) fanotify_mark$auto(0x0, 0x31, 0x9, r3, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x65, 0x0, 0x4) r4 = openat$auto(r1, &(0x7f0000000000)='./file0\x00', 0xa, 0x8) listen$auto(r4, 0x10006) 2.204274375s ago: executing program 2 (id=2385): r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/dynamic_events\x00', 0x201, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r0, &(0x7f00000002c0)="65507307ff6587a725ca87720ef9769f20592e77a8977acfd064c712782b89f145862d9956b07a7c40f8a41e4c4cd45ac0bdf9b7d5cf78f6b7b354a69aaecc3922f2e2df504d01273dd7e6e3c25f55a9", 0x50) 1.696832962s ago: executing program 2 (id=2386): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000000000003f"}, 0x1b) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000002c00), 0xffffffffffffffff) socket(0x2, 0x3, 0x2) setsockopt$auto(0x3, 0x0, 0xce, 0xfffffffffffffffc, 0x3) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r0, &(0x7f0000004480)={0x0, 0x0, &(0x7f0000004440)={&(0x7f0000003dc0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010027bd7000fddbdf2503000000040001800c00018008000a8004000680"], 0x24}, 0x1, 0x0, 0x0, 0x20000840}, 0x840) 1.280664702s ago: executing program 2 (id=2387): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram11\x00', 0x20000, 0x0) mseal$auto(0x1ffff000, 0xfffffffffffffff3, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) madvise$auto(0x108000, 0x2, 0xa) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x400, 0x2) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r2) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x100842, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r3, 0x5404, 0x0) ioctl$auto_SNDCTL_TMR_TEMPO(r3, 0xc0045405, &(0x7f0000000140)) ioctl$auto_SNDCTL_TMR_START(r3, 0x5402, 0x0) rename$auto(&(0x7f0000000040)='./cgroup\x00', 0x0) fanotify_mark$auto(r0, 0x7c9, 0x9, r1, &(0x7f0000000080)='./file0\x00') r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/mptcp/pm_type\x00', 0xe0002, 0x0) sendfile$auto(0x1, r4, 0x0, 0xc01) 768.353377ms ago: executing program 4 (id=2388): openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x5}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(0xffffffffffffffff, 0x0, 0xffffff4b) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x6, 0x0) move_pages$auto(0x0, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = waitid$auto_P_ALL(0x0, 0x6, &(0x7f0000000180)={@_si_pad}, 0x401, &(0x7f0000000200)={{0x4}, {0x7, 0x2}, 0x2, 0x7, 0x80000001, 0x100000001, 0x3, 0xb868, 0x8, 0xe1b, 0x6, 0x2, 0x5, 0x2, 0x8, 0xffff}) prctl$auto_SECCOMP_MODE_STRICT(0x16fe6d02, 0x1, r1, 0xd, 0x9) openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x88000, 0x0) 752.647326ms ago: executing program 2 (id=2389): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000004000"}, 0x1b) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r0 = socket(0xa, 0x3, 0xff) connect$auto(r0, &(0x7f00000018c0)=@generic={0xa}, 0x55) 338.772902ms ago: executing program 1 (id=2390): statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) socket(0xa, 0x1, 0x3) setitimer$auto(0x2, 0x0, 0x0) setitimer$auto_ITIMER_VIRTUAL(0x1, &(0x7f0000000000)={{0x3, 0x3}, {0x8, 0x5}}, 0x0) unshare$auto(0x40000080) r0 = socket(0x10, 0x2, 0xc) syz_genetlink_get_family_id$auto_nlctrl(0x0, r0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x30004011) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/pcmC1D0p\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0) stat$auto(0x0, &(0x7f0000000380)={0x506f, 0x4a, 0x80000000000000, 0xfffffff2, 0x0, 0xee01, 0x0, 0x2, 0x101, 0x4, 0x1, 0x20ed, 0x3ff, 0x800000401, 0x5f54, 0x0, 0xfffffffeffffffff}) r2 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) writev$auto(r2, &(0x7f00000003c0)={0x0, 0x8}, 0x3) (fail_nth: 6) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff) 0s ago: executing program 2 (id=2391): r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001a80)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto(0xfff, 0x8, 0xab8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) socket(0x2, 0x801, 0x100) getsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0x13, 0x6, &(0x7f0000000180)='%\\^\x00', &(0x7f00000001c0)=0x4) mmap$auto(0x1, 0x9, 0x3, 0x55, r1, 0x8001) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/node/has_memory\x00', 0x22100, 0x0) read$auto_check_wx_fops_(r2, &(0x7f0000000080)=""/228, 0xe4) mlockall$auto(0x5) mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x3) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0) syz_genetlink_get_family_id$auto_nlbl_mgmt(0x0, 0xffffffffffffffff) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/rpc/nfs4.nametoid/channel\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f00000002c0)="785c2043b540ccb4f5295382607e3719809f5b379eb8aaded38c23b432b03fddb02ec378a1b67231547d37f868fcceb9c69a14ea47e3ad93277ef293425e27c45151317d53885323e11276e745f853abd1bce0503f53c79915ba602c3ec29f28dfdf4018f27b406bdf0875b526a6666d4c2d379582b81f0cf242c1b62ef5db015aa67d73eebe", 0x86) socket(0xa, 0x801, 0x106) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto_ftrace_subsystem_filter_fops_trace_events(r0, &(0x7f0000000180)="b953e6ca6360e45b4fd8ecccc52782d28ddb740407f4571929f3c0f5962cf000e2d2cac4c602", 0x26) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            [ 707.902905][T14640] ptrace attach of "./syz-executor exec"[5851] was attempted by ""[14640] [ 707.943922][T14630] FAULT_INJECTION: forcing a failure. [ 707.943922][T14630] name failslab, interval 1, probability 0, space 0, times 0 [ 707.958308][T14630] CPU: 1 UID: 0 PID: 14630 Comm: syz.0.1625 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 707.958350][T14630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 707.958370][T14630] Call Trace: [ 707.958380][T14630] [ 707.958392][T14630] dump_stack_lvl+0x16c/0x1f0 [ 707.958446][T14630] should_fail_ex+0x512/0x640 [ 707.958492][T14630] ? __kmalloc_noprof+0xbf/0x510 [ 707.958542][T14630] ? __register_sysctl_table+0xea2/0x1900 [ 707.958593][T14630] should_failslab+0xc2/0x120 [ 707.958623][T14630] __kmalloc_noprof+0xd2/0x510 [ 707.958669][T14630] ? __register_sysctl_table+0xe8e/0x1900 [ 707.958743][T14630] __register_sysctl_table+0xea2/0x1900 [ 707.958801][T14630] ? __pfx___register_sysctl_table+0x10/0x10 [ 707.958850][T14630] ? is_module_address+0x69/0xf0 [ 707.958904][T14630] ? register_net_sysctl_sz+0x228/0x3e0 [ 707.958936][T14630] ? __asan_memcpy+0x3c/0x60 [ 707.958979][T14630] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 707.959012][T14630] nf_lwtunnel_net_init+0x60/0xf0 [ 707.959046][T14630] ops_init+0x1df/0x5f0 [ 707.959098][T14630] setup_net+0x1ff/0x510 [ 707.959144][T14630] ? lockdep_init_map_type+0x5c/0x280 [ 707.959189][T14630] ? __pfx_setup_net+0x10/0x10 [ 707.959240][T14630] ? debug_mutex_init+0x37/0x70 [ 707.959276][T14630] copy_net_ns+0x2a6/0x5f0 [ 707.959311][T14630] create_new_namespaces+0x3ea/0xa90 [ 707.959357][T14630] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 707.959414][T14630] ksys_unshare+0x45b/0xa40 [ 707.959459][T14630] ? __pfx_ksys_unshare+0x10/0x10 [ 707.959505][T14630] ? xfd_validate_state+0x61/0x180 [ 707.959562][T14630] __x64_sys_unshare+0x31/0x40 [ 707.959606][T14630] do_syscall_64+0xcd/0x490 [ 707.959658][T14630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 707.959690][T14630] RIP: 0033:0x7fa60678e929 [ 707.959717][T14630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 707.959749][T14630] RSP: 002b:00007fa6045d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 707.959779][T14630] RAX: ffffffffffffffda RBX: 00007fa6069b6080 RCX: 00007fa60678e929 [ 707.959801][T14630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 707.959821][T14630] RBP: 00007fa606810b39 R08: 0000000000000000 R09: 0000000000000000 [ 707.959842][T14630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 707.959861][T14630] R13: 0000000000000000 R14: 00007fa6069b6080 R15: 00007fffc7af5c28 [ 707.959909][T14630] [ 708.204607][ C1] vkms_vblank_simulate: vblank timer overrun [ 708.338473][T14630] sysctl could not get directory: /net -12 [ 709.487047][T14666] netlink: 93 bytes leftover after parsing attributes in process `syz.0.1630'. [ 709.738343][T14672] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1632'. [ 710.258667][T14682] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1633'. [ 711.907778][T14698] sp0: Synchronizing with TNC [ 714.435648][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 714.445505][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 714.463190][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 714.471670][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 714.480732][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 715.266069][T14752] chnl_net:caif_netlink_parms(): no params data found [ 716.023582][T14752] bridge0: port 1(bridge_slave_0) entered blocking state [ 716.052754][T14752] bridge0: port 1(bridge_slave_0) entered disabled state [ 716.060125][T14752] bridge_slave_0: entered allmulticast mode [ 716.144448][T14752] bridge_slave_0: entered promiscuous mode [ 716.182503][T14752] bridge0: port 2(bridge_slave_1) entered blocking state [ 716.200694][T14752] bridge0: port 2(bridge_slave_1) entered disabled state [ 716.218423][T14752] bridge_slave_1: entered allmulticast mode [ 716.230483][T14752] bridge_slave_1: entered promiscuous mode [ 716.418739][T14752] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 716.458395][T14752] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 716.580723][T13160] Bluetooth: hci4: command tx timeout [ 716.688070][T14752] team0: Port device team_slave_0 added [ 716.703586][T14752] team0: Port device team_slave_1 added [ 716.925509][T14752] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 716.942141][T14752] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 716.990382][T14752] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 717.005427][T14752] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 717.013050][T14752] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 717.039269][T14752] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 717.379000][T14752] hsr_slave_0: entered promiscuous mode [ 717.398914][T14752] hsr_slave_1: entered promiscuous mode [ 717.487459][T14752] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 717.520769][T14752] Cannot create hsr debugfs directory [ 718.032250][T14817] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1658'. [ 718.465660][T14752] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 718.563285][T14752] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 718.649908][T14752] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 718.667196][T13160] Bluetooth: hci4: command tx timeout [ 718.772924][T14752] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 719.636692][T14752] 8021q: adding VLAN 0 to HW filter on device bond0 [ 719.672792][T14752] 8021q: adding VLAN 0 to HW filter on device team0 [ 719.700138][T12476] bridge0: port 1(bridge_slave_0) entered blocking state [ 719.707530][T12476] bridge0: port 1(bridge_slave_0) entered forwarding state [ 720.046913][T12481] bridge0: port 2(bridge_slave_1) entered blocking state [ 720.055156][T12481] bridge0: port 2(bridge_slave_1) entered forwarding state [ 720.750814][T13160] Bluetooth: hci4: command tx timeout [ 721.695277][T14752] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 722.820667][T13160] Bluetooth: hci4: command tx timeout [ 722.863007][T14752] veth0_vlan: entered promiscuous mode [ 722.929462][T14752] veth1_vlan: entered promiscuous mode [ 723.073993][T14752] veth0_macvtap: entered promiscuous mode [ 723.085484][T14752] veth1_macvtap: entered promiscuous mode [ 723.144837][T14752] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 723.175002][T14752] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 723.214327][T14752] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 723.228775][T14752] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 723.249524][T14752] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 723.292211][T14752] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 724.097544][T12481] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 724.117234][T12481] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 724.375367][T14912] cifs: Unknown parameter 'cifs' [ 724.417431][T14910] cifs: Unknown parameter 'cifs' [ 724.420025][T14912] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 724.544910][T12705] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 724.558205][T12705] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 724.574926][T13160] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 725.043615][T14919] vivid-003: ================= START STATUS ================= [ 725.051850][T14919] vivid-003: Radio HW Seek Mode: Bounded [ 725.064148][T14919] vivid-003: Radio Programmable HW Seek: false [ 725.078054][T14919] vivid-003: RDS Rx I/O Mode: Block I/O [ 725.088178][T14919] vivid-003: Generate RBDS Instead of RDS: false [ 725.105708][T14919] vivid-003: RDS Reception: true [ 725.136120][T14919] vivid-003: RDS Program Type: 0 inactive [ 725.142256][T14919] vivid-003: RDS PS Name: inactive [ 725.147550][T14919] vivid-003: RDS Radio Text: inactive [ 725.196812][T14919] vivid-003: RDS Traffic Announcement: false inactive [ 725.210765][T14919] vivid-003: RDS Traffic Program: false inactive [ 725.224164][T14919] vivid-003: RDS Music: false inactive [ 725.233486][T14919] vivid-003: ================== END STATUS ================== [ 725.812788][T14937] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1682'. [ 726.099109][T14935] [U] [ 726.102019][T14935] [U] [ 726.104795][T14935] [U] [ 726.107560][T14935] [U] [ 726.138902][T14935] [U] [ 726.141728][T14935] [U] [ 726.144515][T14935] [U] [ 726.147285][T14935] [U] [ 726.231290][T14935] [U] [ 726.234115][T14935] [U] [ 726.236886][T14935] [U] [ 726.239651][T14935] [U] [ 726.289378][T14935] [U] [ 726.292228][T14935] [U] [ 726.295100][T14935] [U] [ 726.297890][T14935] [U] [ 726.371417][T14935] [U] [ 726.374262][T14935] [U] [ 726.377056][T14935] [U] [ 726.379846][T14935] [U] [ 726.464889][T14935] [U] [ 726.467723][T14935] [U] [ 726.470496][T14935] [U] [ 726.473268][T14935] [U] [ 726.691212][T14935] [U] [ 726.811198][T14948] ubi0: attaching mtd0 [ 726.862640][T14949] ptrace attach of "./syz-executor exec"[5843] was attempted by ""[14949] [ 726.934077][T14948] ubi0: scanning is finished [ 726.939128][T14948] ubi0 warning: ubi_read_volume_table: volume table copy #2 is corrupted [ 726.951727][T14948] ubi0: volume table was restored [ 727.243713][T14948] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 727.315549][T14948] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 727.437040][T14948] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 727.466635][T14948] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 727.531525][T14948] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 727.614526][T14948] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 727.649991][T14948] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 2545397176 [ 727.671516][T14948] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 727.681694][T14962] ubi0: background thread "ubi_bgt0d" started, PID 14962 [ 729.086541][T12481] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 729.333743][T12481] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 729.866630][T12481] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.257925][T12481] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 730.644184][T12481] bridge_slave_1: left allmulticast mode [ 730.660875][T12481] bridge_slave_1: left promiscuous mode [ 730.669382][T12481] bridge0: port 2(bridge_slave_1) entered disabled state [ 730.723508][T12481] bridge_slave_0: left allmulticast mode [ 730.729421][T12481] bridge_slave_0: left promiscuous mode [ 730.801075][T12481] bridge0: port 1(bridge_slave_0) entered disabled state [ 731.409072][T15007] sysfs_service_op_show: Client not running :-5: [ 733.217145][ T31] audit: type=1800 audit(6046884607.649:8): pid=15028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1701" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 733.572033][T12481] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 733.638653][T12481] bond0 (unregistering): Released all slaves [ 733.683243][T15049] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input140 [ 733.695307][T15051] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1705'. [ 733.923838][T15052] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1706'. [ 734.741401][T15063] device-mapper: ioctl: Invalid ioctl structure: name , dev b00010007 [ 735.402876][T15079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807fe0c380 pfn:0x7fe08 [ 735.504913][T15079] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 735.513780][T15079] memcg:ffff88804876f101 [ 735.518225][T15079] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 735.527282][T15079] page_type: f5(slab) [ 735.531822][T15079] raw: 00fff00000000240 ffff88801ce94780 ffffea00009b7410 ffffea0000cb2c10 [ 735.541027][T15079] raw: ffff88807fe0c380 0000000000120001 00000000f5000000 ffff88804876f101 [ 735.549961][T15079] head: 00fff00000000240 ffff88801ce94780 ffffea00009b7410 ffffea0000cb2c10 [ 735.559673][T15079] head: ffff88807fe0c380 0000000000120001 00000000f5000000 ffff88804876f101 [ 735.569019][T15079] head: 00fff00000000003 ffffea0001ff8201 00000000ffffffff 00000000ffffffff [ 735.692942][T15079] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 735.800380][T15079] page dumped because: unmovable page [ 735.836841][T15079] page_owner tracks the page as allocated [ 735.914605][T15079] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5196, tgid 5196 (start-stop-daem), ts 40112615202, free_ts 37459585346 [ 736.060615][T15079] post_alloc_hook+0x1c0/0x230 [ 736.065501][T15079] get_page_from_freelist+0x1321/0x3890 [ 736.189858][T15079] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 736.270444][T15079] alloc_pages_mpol+0x1fb/0x550 [ 736.275561][T15079] new_slab+0x23b/0x330 [ 736.279802][T15079] ___slab_alloc+0xd9c/0x1940 [ 736.406891][T15079] __slab_alloc.constprop.0+0x56/0xb0 [ 736.458491][T15079] kmem_cache_alloc_noprof+0xef/0x3b0 [ 736.530601][T15079] copy_process+0x3798/0x7650 [ 736.535494][T15079] kernel_clone+0xfc/0x960 [ 736.539993][T15079] __do_sys_vfork+0x9d/0xe0 [ 736.561298][T15079] do_syscall_64+0xcd/0x490 [ 736.589768][T15079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.708958][T15079] page last free pid 1 tgid 1 stack trace: [ 736.712415][T15114] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 736.740856][ C0] vkms_vblank_simulate: vblank timer overrun [ 736.755349][T15114] CIFS mount error: No usable UNC path provided in device string! [ 736.755349][T15114] [ 736.770626][T15079] __free_frozen_pages+0x7fe/0x1180 [ 736.775907][T15079] free_contig_range+0x183/0x4b0 [ 736.790567][T15114] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 736.805534][T15079] destroy_args+0x7f6/0xa60 [ 736.815787][T15079] debug_vm_pgtable+0x13b8/0x2d00 [ 736.881639][T15079] do_one_initcall+0x120/0x6e0 [ 736.896369][T15079] kernel_init_freeable+0x5c2/0x900 [ 736.934546][T15079] kernel_init+0x1c/0x2b0 [ 736.941338][T15079] ret_from_fork+0x5d4/0x6f0 [ 736.952580][T15079] ret_from_fork_asm+0x1a/0x30 [ 737.604510][T15128] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1717'. [ 737.696541][T15132] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input141 [ 737.925902][T15135] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1718'. [ 739.371221][T15162] sysfs_service_op_show: Client not running :-5: [ 741.444219][T15185] zswap: compressor not available [ 741.926033][T15202] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 742.087098][T15202] kvm: kvm [15200]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0xffffffffffffffff [ 742.818744][T15231] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 742.870251][T15231] random: crng reseeded on system resumption [ 744.192198][T12481] hsr_slave_1: left promiscuous mode [ 744.400970][T12481] veth1_macvtap: left allmulticast mode [ 744.406866][T12481] veth1_macvtap: left promiscuous mode [ 744.440857][T12481] veth0_macvtap: left promiscuous mode [ 744.446701][T12481] veth1_vlan: left promiscuous mode [ 744.477514][T12481] veth0_vlan: left promiscuous mode [ 746.566906][T12481] team0 (unregistering): Port device team_slave_1 removed [ 746.638439][T12481] team0 (unregistering): Port device team_slave_0 removed [ 747.380738][T15264] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1740'. [ 748.018967][T15296] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1745'. [ 748.224012][T15291] sysfs_service_op_show: Client not running :-5: [ 748.296865][T15297] sysfs_service_op_show: Client not running :-5: [ 749.166338][T15318] netlink: 'syz.1.1748': attribute type 16 has an invalid length. [ 749.199203][T15318] netlink: 306 bytes leftover after parsing attributes in process `syz.1.1748'. [ 750.104704][T15339] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input143 [ 750.254247][T15350] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1752'. [ 753.172192][T15386] FAULT_INJECTION: forcing a failure. [ 753.172192][T15386] name failslab, interval 1, probability 0, space 0, times 0 [ 753.214569][T15387] net_ratelimit: 162 callbacks suppressed [ 753.214591][T15387] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 753.263103][T15386] CPU: 0 UID: 0 PID: 15386 Comm: syz.1.1756 Not tainted 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 753.263144][T15386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 753.263159][T15386] Call Trace: [ 753.263167][T15386] [ 753.263176][T15386] dump_stack_lvl+0x16c/0x1f0 [ 753.263216][T15386] should_fail_ex+0x512/0x640 [ 753.263255][T15386] should_failslab+0xc2/0x120 [ 753.263279][T15386] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 753.263316][T15386] ? dst_alloc+0x99/0x1a0 [ 753.263351][T15386] dst_alloc+0x99/0x1a0 [ 753.263384][T15386] rt_dst_alloc+0x35/0x3a0 [ 753.263412][T15386] ip_route_output_key_hash_rcu+0x87a/0x28f0 [ 753.263456][T15386] ip_route_output_key_hash+0x137/0x2e0 [ 753.263491][T15386] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 753.263531][T15386] ? __call_rcu_common.constprop.0+0x3f0/0xa10 [ 753.263571][T15386] ? lockdep_hardirqs_on+0x7c/0x110 [ 753.263606][T15386] ? percpu_counter_add_batch+0xb8/0x1f0 [ 753.263641][T15386] ip_route_output_flow+0x27/0x150 [ 753.263678][T15386] __ip4_datagram_connect+0x8b5/0x1540 [ 753.263713][T15386] ? __local_bh_enable_ip+0x70/0x120 [ 753.263745][T15386] ip4_datagram_connect+0x2e/0x50 [ 753.263776][T15386] inet_dgram_connect+0x15e/0x2f0 [ 753.263814][T15386] ? __pfx_inet_dgram_connect+0x10/0x10 [ 753.263842][T15386] __sys_connect_file+0x141/0x1a0 [ 753.263876][T15386] __sys_connect+0x13b/0x160 [ 753.263906][T15386] ? __pfx___sys_connect+0x10/0x10 [ 753.263947][T15386] ? xfd_validate_state+0x61/0x180 [ 753.263980][T15386] ? __task_pid_nr_ns+0x17c/0x500 [ 753.264019][T15386] __x64_sys_connect+0x72/0xb0 [ 753.264048][T15386] ? lockdep_hardirqs_on+0x7c/0x110 [ 753.264082][T15386] do_syscall_64+0xcd/0x490 [ 753.264119][T15386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.264144][T15386] RIP: 0033:0x7fd209f8e929 [ 753.264162][T15386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 753.264186][T15386] RSP: 002b:00007fd20ae7d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 753.264209][T15386] RAX: ffffffffffffffda RBX: 00007fd20a1b5fa0 RCX: 00007fd209f8e929 [ 753.264225][T15386] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 753.264239][T15386] RBP: 00007fd20a010b39 R08: 0000000000000000 R09: 0000000000000000 [ 753.264254][T15386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 753.264268][T15386] R13: 0000000000000000 R14: 00007fd20a1b5fa0 R15: 00007ffdf3329178 [ 753.264298][T15386] [ 754.502170][T15404] sysfs_service_op_show: Client not running :-5: [ 756.126429][T15433] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input144 [ 756.416467][T15430] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1765'. [ 756.516390][T15429] nfs4: Unknown parameter '€' [ 757.623921][T15471] Invalid ELF header magic: != ELF [ 757.705729][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 757.713823][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 758.983329][T15490] sysfs_service_op_show: Client not running :-5: [ 760.092276][T15493] cgroup: fork rejected by pids controller in /syz0 [ 762.509109][T15578] random: crng reseeded on system resumption [ 763.099721][T15578] zram0: detected capacity change from 0 to 8 [ 763.832548][T15594] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input145 [ 765.065530][T15596] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input146 [ 765.820229][T15581] kexec: Could not allocate control_code_buffer [ 766.986490][T15641] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1789'. [ 767.043936][T15642] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1789'. [ 767.103832][T15642] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1789'. [ 767.633215][T15651] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input147 [ 767.690836][T15648] input: f¬ as /devices/virtual/input/input148 [ 768.003720][T15652] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input149 [ 768.163823][T15657] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1792'. [ 768.936388][T15668] vhci_hcd: invalid port number 16 [ 768.961948][T15668] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 769.216737][T15668] Invalid ELF header magic: != ELF [ 773.076700][T15748] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input150 [ 773.177351][T15752] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1805'. [ 773.733174][T15749] sysfs_service_op_show: Client not running :-5: [ 773.882189][T15753] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1806'. [ 774.812469][T15779] Setting dangerous option i915.mitigations - tainting kernel [ 774.820096][T15779] Bad "i915.mitigations=!hóì@ÛSÌe", 'hóì@ÛSÌe' is unknown [ 776.127608][T15787] sysfs_service_op_show: Client not running :-5: [ 776.555846][T15798] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1816'. [ 778.398636][T15840] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input151 [ 778.665807][T15843] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1820'. [ 780.422190][T15867] sysfs_service_op_show: Client not running :-5: [ 780.871682][T15877] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1826'. [ 781.015036][T15885] FAULT_INJECTION: forcing a failure. [ 781.015036][T15885] name failslab, interval 1, probability 0, space 0, times 0 [ 781.087889][T15885] CPU: 0 UID: 0 PID: 15885 Comm: syz.2.1827 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 781.087964][T15885] Tainted: [U]=USER [ 781.087976][T15885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 781.087997][T15885] Call Trace: [ 781.088008][T15885] [ 781.088021][T15885] dump_stack_lvl+0x16c/0x1f0 [ 781.088098][T15885] should_fail_ex+0x512/0x640 [ 781.088148][T15885] ? __kmalloc_noprof+0xbf/0x510 [ 781.088201][T15885] ? net_alloc_generic+0x1e/0x70 [ 781.088253][T15885] should_failslab+0xc2/0x120 [ 781.088285][T15885] __kmalloc_noprof+0xd2/0x510 [ 781.088353][T15885] ? inc_ucount+0x240/0x2f0 [ 781.088410][T15885] net_alloc_generic+0x1e/0x70 [ 781.088465][T15885] copy_net_ns+0xc6/0x5f0 [ 781.088496][T15885] ? copy_cgroup_ns+0x71/0x700 [ 781.088536][T15885] create_new_namespaces+0x3ea/0xa90 [ 781.088585][T15885] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 781.088629][T15885] ksys_unshare+0x45b/0xa40 [ 781.088677][T15885] ? __pfx_ksys_unshare+0x10/0x10 [ 781.088727][T15885] ? xfd_validate_state+0x61/0x180 [ 781.088785][T15885] __x64_sys_unshare+0x31/0x40 [ 781.088832][T15885] do_syscall_64+0xcd/0x490 [ 781.088888][T15885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 781.088922][T15885] RIP: 0033:0x7f3bebd8e929 [ 781.088959][T15885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 781.088994][T15885] RSP: 002b:00007f3becb28038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 781.089026][T15885] RAX: ffffffffffffffda RBX: 00007f3bebfb5fa0 RCX: 00007f3bebd8e929 [ 781.089048][T15885] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 781.089068][T15885] RBP: 00007f3bebe10b39 R08: 0000000000000000 R09: 0000000000000000 [ 781.089089][T15885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 781.089108][T15885] R13: 0000000000000000 R14: 00007f3bebfb5fa0 R15: 00007ffe9b77d8b8 [ 781.089151][T15885] [ 781.287987][ C0] vkms_vblank_simulate: vblank timer overrun [ 782.509467][T15907] FAULT_INJECTION: forcing a failure. [ 782.509467][T15907] name failslab, interval 1, probability 0, space 0, times 0 [ 782.532751][T15907] CPU: 0 UID: 0 PID: 15907 Comm: syz.0.1831 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 782.532808][T15907] Tainted: [U]=USER [ 782.532819][T15907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 782.532839][T15907] Call Trace: [ 782.532850][T15907] [ 782.532863][T15907] dump_stack_lvl+0x16c/0x1f0 [ 782.532920][T15907] should_fail_ex+0x512/0x640 [ 782.532971][T15907] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 782.533035][T15907] should_failslab+0xc2/0x120 [ 782.533068][T15907] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 782.533116][T15907] ? __asan_memcpy+0x3c/0x60 [ 782.533170][T15907] ? __kernfs_new_node+0xd2/0x8e0 [ 782.533222][T15907] __kernfs_new_node+0xd2/0x8e0 [ 782.533275][T15907] ? __pfx___kernfs_new_node+0x10/0x10 [ 782.533333][T15907] ? find_held_lock+0x2b/0x80 [ 782.533368][T15907] ? kernfs_root+0xee/0x2a0 [ 782.533424][T15907] kernfs_new_node+0x13c/0x1e0 [ 782.533484][T15907] kernfs_create_link+0xcc/0x240 [ 782.533527][T15907] sysfs_do_create_link_sd+0x90/0x140 [ 782.533576][T15907] sysfs_create_link+0x61/0xc0 [ 782.533620][T15907] device_add+0x62c/0x1a70 [ 782.533659][T15907] ? __pfx_device_add+0x10/0x10 [ 782.533692][T15907] ? kfree+0x24f/0x4d0 [ 782.533747][T15907] device_create_groups_vargs+0x1f8/0x270 [ 782.533792][T15907] device_create+0xed/0x130 [ 782.533830][T15907] ? __pfx_device_create+0x10/0x10 [ 782.533875][T15907] ? do_init_timer+0xc9/0x110 [ 782.533917][T15907] ? ieee80211_roc_setup+0x136/0x270 [ 782.533963][T15907] ? ieee80211_alloc_hw_nm+0x231/0x2260 [ 782.534006][T15907] mac80211_hwsim_new_radio+0x369/0x54d0 [ 782.534079][T15907] ? __asan_memset+0x23/0x50 [ 782.534126][T15907] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 782.534210][T15907] hwsim_new_radio_nl+0xb51/0x12c0 [ 782.534265][T15907] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 782.534330][T15907] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 782.534373][T15907] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 782.534425][T15907] genl_family_rcv_msg_doit+0x206/0x2f0 [ 782.534469][T15907] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 782.534511][T15907] ? trace_cap_capable+0x18d/0x200 [ 782.534555][T15907] ? bpf_lsm_capable+0x9/0x10 [ 782.534596][T15907] ? security_capable+0x7e/0x260 [ 782.534629][T15907] ? ns_capable+0xd7/0x110 [ 782.534666][T15907] genl_rcv_msg+0x55c/0x800 [ 782.534709][T15907] ? __pfx_genl_rcv_msg+0x10/0x10 [ 782.534751][T15907] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 782.534817][T15907] netlink_rcv_skb+0x155/0x420 [ 782.534853][T15907] ? __pfx_genl_rcv_msg+0x10/0x10 [ 782.534896][T15907] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 782.534949][T15907] ? netlink_deliver_tap+0x1ae/0xd30 [ 782.535011][T15907] genl_rcv+0x28/0x40 [ 782.535045][T15907] netlink_unicast+0x53a/0x7f0 [ 782.535084][T15907] ? __pfx_netlink_unicast+0x10/0x10 [ 782.535132][T15907] netlink_sendmsg+0x8d1/0xdd0 [ 782.535187][T15907] ? __pfx_netlink_sendmsg+0x10/0x10 [ 782.535239][T15907] ____sys_sendmsg+0xa98/0xc70 [ 782.535280][T15907] ? copy_msghdr_from_user+0x10a/0x160 [ 782.535329][T15907] ? __pfx_____sys_sendmsg+0x10/0x10 [ 782.535375][T15907] ? try_to_wake_up+0xa2f/0x1680 [ 782.535418][T15907] ___sys_sendmsg+0x134/0x1d0 [ 782.535471][T15907] ? __pfx____sys_sendmsg+0x10/0x10 [ 782.535519][T15907] ? __lock_acquire+0x622/0x1c90 [ 782.535619][T15907] __sys_sendmsg+0x16d/0x220 [ 782.535670][T15907] ? __pfx___sys_sendmsg+0x10/0x10 [ 782.535718][T15907] ? __x64_sys_futex+0x1e0/0x4c0 [ 782.535784][T15907] do_syscall_64+0xcd/0x490 [ 782.535835][T15907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.535867][T15907] RIP: 0033:0x7fa60678e929 [ 782.535892][T15907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 782.535924][T15907] RSP: 002b:00007fa6045f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 782.535958][T15907] RAX: ffffffffffffffda RBX: 00007fa6069b5fa0 RCX: 00007fa60678e929 [ 782.535981][T15907] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000007 [ 782.536003][T15907] RBP: 00007fa606810b39 R08: 0000000000000000 R09: 0000000000000000 [ 782.536024][T15907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 782.536044][T15907] R13: 0000000000000000 R14: 00007fa6069b5fa0 R15: 00007fffc7af5c28 [ 782.536091][T15907] [ 782.960678][ C0] vkms_vblank_simulate: vblank timer overrun [ 784.328296][T15930] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1837'. [ 784.387213][T15930] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 784.419601][T15930] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 784.818026][T15930] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 784.834227][T15930] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 786.739371][T15984] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1844'. [ 787.716886][T16006] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1848'. [ 788.890724][T16042] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input152 [ 789.191891][T16051] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1855'. [ 790.825495][T16062] sysfs_service_op_show: Client not running :-5: [ 792.371241][T16095] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1860'. [ 792.460817][T16101] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1861'. [ 793.453334][T16104] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1862'. [ 793.782473][T16107] zswap: compressor not available [ 794.956389][T16123] sysfs_service_op_show: Client not running :-5: [ 796.000063][T16144] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1872'. [ 796.468684][T16136] sysfs_service_op_show: Client not running :-5: [ 796.990950][T16156] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input153 [ 797.309670][T16160] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1877'. [ 797.846424][T16164] Invalid ELF header magic: != ELF [ 798.184365][T16172] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1879'. [ 799.769120][T16196] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1884'. [ 803.036391][T16226] FAULT_INJECTION: forcing a failure. [ 803.036391][T16226] name failslab, interval 1, probability 0, space 0, times 0 [ 803.075853][T16226] CPU: 0 UID: 0 PID: 16226 Comm: syz.0.1890 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 803.075906][T16226] Tainted: [U]=USER [ 803.075919][T16226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 803.075939][T16226] Call Trace: [ 803.075950][T16226] [ 803.075962][T16226] dump_stack_lvl+0x16c/0x1f0 [ 803.076019][T16226] should_fail_ex+0x512/0x640 [ 803.076068][T16226] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 803.076119][T16226] should_failslab+0xc2/0x120 [ 803.076151][T16226] __kmalloc_cache_noprof+0x6a/0x3e0 [ 803.076195][T16226] ? lockdep_init_map_type+0x5c/0x280 [ 803.076245][T16226] ? smc_stats_init+0x4e/0x160 [ 803.076296][T16226] ? __pfx_smc_net_stat_init+0x10/0x10 [ 803.076342][T16226] smc_stats_init+0x4e/0x160 [ 803.076389][T16226] ? smc_net_init+0x39/0x50 [ 803.076422][T16226] ops_init+0x1df/0x5f0 [ 803.076481][T16226] setup_net+0x1ff/0x510 [ 803.076531][T16226] ? lockdep_init_map_type+0x5c/0x280 [ 803.076580][T16226] ? __pfx_setup_net+0x10/0x10 [ 803.076635][T16226] ? debug_mutex_init+0x37/0x70 [ 803.076674][T16226] copy_net_ns+0x2a6/0x5f0 [ 803.076713][T16226] create_new_namespaces+0x3ea/0xa90 [ 803.076762][T16226] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 803.076806][T16226] ksys_unshare+0x45b/0xa40 [ 803.076853][T16226] ? __pfx_ksys_unshare+0x10/0x10 [ 803.076902][T16226] ? xfd_validate_state+0x61/0x180 [ 803.076961][T16226] __x64_sys_unshare+0x31/0x40 [ 803.077007][T16226] do_syscall_64+0xcd/0x490 [ 803.077060][T16226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.077095][T16226] RIP: 0033:0x7fa60678e929 [ 803.077121][T16226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 803.077154][T16226] RSP: 002b:00007fa6045f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 803.077187][T16226] RAX: ffffffffffffffda RBX: 00007fa6069b5fa0 RCX: 00007fa60678e929 [ 803.077210][T16226] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 803.077230][T16226] RBP: 00007fa606810b39 R08: 0000000000000000 R09: 0000000000000000 [ 803.077251][T16226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 803.077271][T16226] R13: 0000000000000000 R14: 00007fa6069b5fa0 R15: 00007fffc7af5c28 [ 803.077320][T16226] [ 805.054804][T16246] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1895'. [ 807.504143][T16258] sysfs_service_op_show: Client not running :-5: [ 807.648800][T16274] sysfs_service_op_show: Client not running :-5: [ 808.229033][T16295] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1908'. [ 811.148027][T16333] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1920'. [ 811.800427][T16328] sysfs_service_op_show: Client not running :-5: [ 813.651992][T16341] sysfs_service_op_show: Client not running :-5: [ 814.668084][T16373] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1928'. [ 814.852684][T16374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1928'. [ 814.905943][T16373] hub 8-0:1.0: USB hub found [ 814.911953][T16373] hub 8-0:1.0: 1 port detected [ 815.434556][T16382] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input154 [ 815.748051][T16384] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1930'. [ 815.931149][T16394] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1931'. [ 816.083086][T16397] Invalid ELF header magic: != ELF [ 816.132106][T16397] Invalid ELF header magic: != ELF [ 817.305516][T16420] sysfs_service_op_show: Client not running :-5: [ 819.144524][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 819.150986][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 821.611123][T16486] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(752.67108900.7388460), cmd(1) [ 822.620870][T16498] sysfs_service_op_show: Client not running :-5: [ 823.404938][T16512] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1963'. [ 823.525982][T16516] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1966'. [ 823.743449][T16523] hub 8-0:1.0: USB hub found [ 823.754411][T16523] hub 8-0:1.0: 1 port detected [ 823.860266][T16523] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1966'. [ 826.001688][T16581] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input157 [ 826.188714][T16581] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1983'. [ 827.067556][T16604] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1988'. [ 827.935176][T16625] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1995'. [ 827.958182][T16623] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input158 [ 828.024896][T16626] random: crng reseeded on system resumption [ 828.130658][T16628] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input159 [ 830.670279][T16668] sp0: Synchronizing with TNC [ 831.784845][T16692] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input160 [ 832.177683][T16696] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2008'. [ 833.574077][T16725] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2017'. [ 834.976724][T16752] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input161 [ 835.138498][T16752] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2022'. [ 835.563585][T16767] FAULT_INJECTION: forcing a failure. [ 835.563585][T16767] name failslab, interval 1, probability 0, space 0, times 0 [ 835.612985][T16767] CPU: 1 UID: 0 PID: 16767 Comm: syz.0.2024 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 835.613051][T16767] Tainted: [U]=USER [ 835.613065][T16767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 835.613088][T16767] Call Trace: [ 835.613100][T16767] [ 835.613121][T16767] dump_stack_lvl+0x16c/0x1f0 [ 835.613186][T16767] should_fail_ex+0x512/0x640 [ 835.613239][T16767] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 835.613295][T16767] should_failslab+0xc2/0x120 [ 835.613332][T16767] __kmalloc_cache_noprof+0x6a/0x3e0 [ 835.613381][T16767] ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0 [ 835.613426][T16767] ? devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 835.613468][T16767] ? devlink_fmsg_u64_pair_put+0x225/0x2f0 [ 835.613518][T16767] devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 835.613566][T16767] devlink_fmsg_string_pair_put+0x17a/0x1b0 [ 835.613615][T16767] nsim_dev_dummy_fmsg_put+0x77/0x1e0 [ 835.613660][T16767] devlink_health_do_dump+0x240/0x620 [ 835.613714][T16767] devlink_health_report+0x3c9/0x9c0 [ 835.613767][T16767] ? __pfx_devlink_health_report+0x10/0x10 [ 835.613815][T16767] ? _copy_from_user+0x59/0xd0 [ 835.613880][T16767] nsim_dev_health_break_write+0x166/0x210 [ 835.613925][T16767] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 835.613984][T16767] full_proxy_write+0x13c/0x200 [ 835.614024][T16767] ? __pfx_full_proxy_write+0x10/0x10 [ 835.614060][T16767] vfs_write+0x2a0/0x1150 [ 835.614134][T16767] ? __pfx___mutex_lock+0x10/0x10 [ 835.614194][T16767] ? __pfx_vfs_write+0x10/0x10 [ 835.614262][T16767] ? __fget_files+0x20e/0x3c0 [ 835.614330][T16767] ksys_write+0x12a/0x250 [ 835.614384][T16767] ? __pfx_ksys_write+0x10/0x10 [ 835.614454][T16767] do_syscall_64+0xcd/0x490 [ 835.614515][T16767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 835.614553][T16767] RIP: 0033:0x7fa60678e929 [ 835.614583][T16767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 835.614620][T16767] RSP: 002b:00007fa6045d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 835.614655][T16767] RAX: ffffffffffffffda RBX: 00007fa6069b6080 RCX: 00007fa60678e929 [ 835.614680][T16767] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000009 [ 835.614702][T16767] RBP: 00007fa606810b39 R08: 0000000000000000 R09: 0000000000000000 [ 835.614724][T16767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 835.614745][T16767] R13: 0000000000000000 R14: 00007fa6069b6080 R15: 00007fffc7af5c28 [ 835.614796][T16767] [ 835.972100][T16764] ubi: mtd0 is already attached to ubi0 [ 838.156121][T16804] IPVS: length: 131 != 8 [ 838.676404][T16821] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2035'. [ 838.983946][T16815] ubi: mtd0 is already attached to ubi0 [ 839.145864][T16815] ptrace attach of "./syz-executor exec"[14752] was attempted by ""[16815] [ 841.703717][ T51] Bluetooth: hci4: command 0x0406 tx timeout [ 843.636309][T16888] sysfs_service_op_show: Client not running :-5: [ 844.321830][T16905] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input162 [ 844.560392][T16900] ubi: mtd0 is already attached to ubi0 [ 844.588752][T16900] ptrace attach of "./syz-executor exec"[5854] was attempted by ""[16900] [ 846.961322][T16932] sysfs_service_op_show: Client not running :-5: [ 848.310772][T16951] sysfs_service_op_show: Client not running :-5: [ 852.286363][T16999] sysfs_service_op_show: Client not running :-5: [ 853.174037][T17021] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input165 [ 854.483359][T17024] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2083'. [ 854.585665][T17015] sysfs_service_op_show: Client not running :-5: [ 854.631049][T17018] sysfs_service_op_show: Client not running :-5: [ 857.875773][T17076] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 857.887308][T17076] random: crng reseeded on system resumption [ 858.223889][T17085] debugfs: File 'trace0' in directory 'ram7' already present! [ 860.495131][T17126] sysfs_service_op_show: Client not running :-5: [ 861.384197][T17140] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2110'. [ 862.296150][T17145] sysfs_service_op_show: Client not running :-5: [ 863.880716][T17176] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input168 [ 864.504975][T17180] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2120'. [ 864.640043][T17178] sysfs_service_op_show: Client not running :-5: [ 864.713110][T17191] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2121'. [ 865.867062][T17225] FAULT_INJECTION: forcing a failure. [ 865.867062][T17225] name failslab, interval 1, probability 0, space 0, times 0 [ 865.911514][T17225] CPU: 1 UID: 0 PID: 17225 Comm: syz.2.2130 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 865.911568][T17225] Tainted: [U]=USER [ 865.911580][T17225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 865.911600][T17225] Call Trace: [ 865.911610][T17225] [ 865.911622][T17225] dump_stack_lvl+0x16c/0x1f0 [ 865.911694][T17225] should_fail_ex+0x512/0x640 [ 865.911750][T17225] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 865.911799][T17225] should_failslab+0xc2/0x120 [ 865.911830][T17225] __kmalloc_cache_noprof+0x6a/0x3e0 [ 865.911873][T17225] ? lockdep_init_map_type+0x5c/0x280 [ 865.911918][T17225] ? qrtr_endpoint_register+0x85/0x500 [ 865.911977][T17225] qrtr_endpoint_register+0x85/0x500 [ 865.912031][T17225] qrtr_tun_open+0x151/0x220 [ 865.912068][T17225] ? __pfx_qrtr_tun_open+0x10/0x10 [ 865.912109][T17225] misc_open+0x35d/0x420 [ 865.912152][T17225] ? __pfx_misc_open+0x10/0x10 [ 865.912192][T17225] chrdev_open+0x234/0x6a0 [ 865.912242][T17225] ? __pfx_apparmor_file_open+0x10/0x10 [ 865.912284][T17225] ? __pfx_chrdev_open+0x10/0x10 [ 865.912336][T17225] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 865.912390][T17225] do_dentry_open+0x741/0x1c10 [ 865.912441][T17225] ? __pfx_chrdev_open+0x10/0x10 [ 865.912501][T17225] vfs_open+0x82/0x3f0 [ 865.912542][T17225] path_openat+0x1de4/0x2cb0 [ 865.912600][T17225] ? __pfx_path_openat+0x10/0x10 [ 865.912651][T17225] ? __lock_acquire+0xb8a/0x1c90 [ 865.912701][T17225] do_filp_open+0x20b/0x470 [ 865.912759][T17225] ? __pfx_do_filp_open+0x10/0x10 [ 865.912841][T17225] ? alloc_fd+0x471/0x7d0 [ 865.912897][T17225] do_sys_openat2+0x11b/0x1d0 [ 865.912933][T17225] ? __pfx_do_sys_openat2+0x10/0x10 [ 865.912969][T17225] ? find_held_lock+0x2b/0x80 [ 865.913010][T17225] __x64_sys_openat+0x174/0x210 [ 865.913053][T17225] ? __pfx___x64_sys_openat+0x10/0x10 [ 865.913103][T17225] do_syscall_64+0xcd/0x490 [ 865.913151][T17225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 865.913183][T17225] RIP: 0033:0x7f3bebd8e929 [ 865.913219][T17225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 865.913250][T17225] RSP: 002b:00007f3be9bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 865.913278][T17225] RAX: ffffffffffffffda RBX: 00007f3bebfb6080 RCX: 00007f3bebd8e929 [ 865.913298][T17225] RDX: 0000000000004000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 865.913316][T17225] RBP: 00007f3bebe10b39 R08: 0000000000000000 R09: 0000000000000000 [ 865.913333][T17225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 865.913351][T17225] R13: 0000000000000000 R14: 00007f3bebfb6080 R15: 00007ffe9b77d8b8 [ 865.913386][T17225] [ 866.699587][T17246] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2135'. [ 867.010836][T17243] sysfs_service_op_show: Client not running :-5: [ 869.247019][T17265] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2141'. [ 869.341850][T17270] nfs4: Unknown parameter '€' [ 869.354917][T17291] debugfs: File 'trace0' in directory 'ram7' already present! [ 869.502468][T17295] FAULT_INJECTION: forcing a failure. [ 869.502468][T17295] name failslab, interval 1, probability 0, space 0, times 0 [ 869.563853][T17295] CPU: 1 UID: 0 PID: 17295 Comm: syz.0.2145 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 869.563913][T17295] Tainted: [U]=USER [ 869.563924][T17295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 869.563945][T17295] Call Trace: [ 869.563956][T17295] [ 869.563969][T17295] dump_stack_lvl+0x16c/0x1f0 [ 869.564027][T17295] should_fail_ex+0x512/0x640 [ 869.564086][T17295] ? fs_reclaim_acquire+0xae/0x150 [ 869.564129][T17295] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 869.564179][T17295] should_failslab+0xc2/0x120 [ 869.564212][T17295] __kmalloc_noprof+0xd2/0x510 [ 869.564274][T17295] tomoyo_realpath_from_path+0xc2/0x6e0 [ 869.564337][T17295] tomoyo_check_open_permission+0x2ab/0x3c0 [ 869.564382][T17295] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 869.564468][T17295] ? do_raw_spin_lock+0x12c/0x2b0 [ 869.564535][T17295] tomoyo_file_open+0x6b/0x90 [ 869.564591][T17295] security_file_open+0x84/0x1e0 [ 869.564637][T17295] do_dentry_open+0x596/0x1c10 [ 869.564702][T17295] vfs_open+0x82/0x3f0 [ 869.564744][T17295] path_openat+0x1de4/0x2cb0 [ 869.564809][T17295] ? __pfx_path_openat+0x10/0x10 [ 869.564862][T17295] ? __lock_acquire+0xb8a/0x1c90 [ 869.564912][T17295] do_filp_open+0x20b/0x470 [ 869.564963][T17295] ? __pfx_do_filp_open+0x10/0x10 [ 869.565045][T17295] ? alloc_fd+0x471/0x7d0 [ 869.565113][T17295] do_sys_openat2+0x11b/0x1d0 [ 869.565151][T17295] ? __pfx_do_sys_openat2+0x10/0x10 [ 869.565191][T17295] ? find_held_lock+0x2b/0x80 [ 869.565239][T17295] __x64_sys_openat+0x174/0x210 [ 869.565279][T17295] ? __pfx___x64_sys_openat+0x10/0x10 [ 869.565338][T17295] do_syscall_64+0xcd/0x490 [ 869.565393][T17295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.565427][T17295] RIP: 0033:0x7fa60678e929 [ 869.565454][T17295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 869.565488][T17295] RSP: 002b:00007fa6045d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 869.565521][T17295] RAX: ffffffffffffffda RBX: 00007fa6069b6080 RCX: 00007fa60678e929 [ 869.565544][T17295] RDX: 0000000000004000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 869.565571][T17295] RBP: 00007fa606810b39 R08: 0000000000000000 R09: 0000000000000000 [ 869.565592][T17295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 869.565613][T17295] R13: 0000000000000000 R14: 00007fa6069b6080 R15: 00007fffc7af5c28 [ 869.565658][T17295] [ 869.813850][T17295] ERROR: Out of memory at tomoyo_realpath_from_path. [ 870.631877][T17304] zswap: compressor not available [ 871.748974][T17317] sysfs_service_op_show: Client not running :-5: [ 872.600651][T17333] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input170 [ 872.780960][T17338] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2154'. [ 873.500409][T17334] sysfs_service_op_show: Client not running :-5: [ 873.898285][T17352] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input171 [ 874.136305][T17352] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2157'. [ 876.802813][T17369] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2161'. [ 876.965730][T17377] nfs4: Unknown parameter '€' [ 877.320749][T17408] sysfs_service_op_show: Client not running :-5: [ 880.585819][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 880.601303][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 880.945188][T17450] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input172 [ 881.139829][T17458] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2178'. [ 881.763159][T17474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2182'. [ 882.349496][T17490] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2186'. [ 882.545372][T17491] sysfs_service_op_show: Client not running :-5: [ 884.200071][T17505] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 884.210846][T17505] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 884.240568][T17505] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 884.279539][T17505] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 884.319696][T17505] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 885.631043][T13160] Bluetooth: hci0: command 0x0406 tx timeout [ 886.261749][T13160] Bluetooth: hci3: command 0x0406 tx timeout [ 886.267929][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 886.341955][T13160] Bluetooth: hci4: command 0x0406 tx timeout [ 886.559898][T17564] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input173 [ 887.113440][T17575] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2205'. [ 887.188826][T17564] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2204'. [ 888.420513][T13160] Bluetooth: hci4: command 0x0406 tx timeout [ 889.964520][T17638] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input174 [ 890.156817][T17639] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2218'. [ 890.506940][T17655] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 890.854084][T17667] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input175 [ 891.032493][T17678] FAULT_INJECTION: forcing a failure. [ 891.032493][T17678] name failslab, interval 1, probability 0, space 0, times 0 [ 891.061309][T17678] CPU: 1 UID: 0 PID: 17678 Comm: syz.2.2223 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 891.061360][T17678] Tainted: [U]=USER [ 891.061370][T17678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 891.061389][T17678] Call Trace: [ 891.061412][T17678] [ 891.061425][T17678] dump_stack_lvl+0x16c/0x1f0 [ 891.061478][T17678] should_fail_ex+0x512/0x640 [ 891.061525][T17678] ? __kmalloc_noprof+0xbf/0x510 [ 891.061575][T17678] ? kernfs_fop_write_iter+0x237/0x510 [ 891.061608][T17678] should_failslab+0xc2/0x120 [ 891.061652][T17678] __kmalloc_noprof+0xd2/0x510 [ 891.061709][T17678] kernfs_fop_write_iter+0x237/0x510 [ 891.061767][T17678] vfs_write+0x6c4/0x1150 [ 891.061816][T17678] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 891.061853][T17678] ? __pfx___mutex_lock+0x10/0x10 [ 891.061909][T17678] ? __pfx_vfs_write+0x10/0x10 [ 891.061984][T17678] ksys_write+0x12a/0x250 [ 891.062031][T17678] ? __pfx_ksys_write+0x10/0x10 [ 891.062091][T17678] do_syscall_64+0xcd/0x490 [ 891.062143][T17678] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 891.062177][T17678] RIP: 0033:0x7f3bebd8e929 [ 891.062202][T17678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 891.062234][T17678] RSP: 002b:00007f3be9bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 891.062264][T17678] RAX: ffffffffffffffda RBX: 00007f3bebfb6240 RCX: 00007f3bebd8e929 [ 891.062286][T17678] RDX: 00000000000098c7 RSI: 0000200000000440 RDI: 0000000000000004 [ 891.062306][T17678] RBP: 00007f3be9bb4090 R08: 0000000000000000 R09: 0000000000000000 [ 891.062326][T17678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 891.062346][T17678] R13: 0000000000000000 R14: 00007f3bebfb6240 R15: 00007ffe9b77d8b8 [ 891.062390][T17678] [ 891.341794][T17672] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2223'. [ 891.992550][T17693] MTRR 1 not used [ 892.822929][T17696] FAULT_INJECTION: forcing a failure. [ 892.822929][T17696] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 892.869512][T17696] CPU: 1 UID: 0 PID: 17696 Comm: syz.1.2227 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 892.869562][T17696] Tainted: [U]=USER [ 892.869570][T17696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 892.869584][T17696] Call Trace: [ 892.869592][T17696] [ 892.869601][T17696] dump_stack_lvl+0x16c/0x1f0 [ 892.869650][T17696] should_fail_ex+0x512/0x640 [ 892.869708][T17696] strncpy_from_user+0x3b/0x2e0 [ 892.869761][T17696] getname_flags.part.0+0x8f/0x550 [ 892.869806][T17696] getname_flags+0x93/0xf0 [ 892.869854][T17696] do_sys_openat2+0xb8/0x1d0 [ 892.869892][T17696] ? __pfx_do_sys_openat2+0x10/0x10 [ 892.869928][T17696] ? find_held_lock+0x2b/0x80 [ 892.869965][T17696] ? handle_mm_fault+0x2ab/0xd10 [ 892.870020][T17696] __x64_sys_openat+0x174/0x210 [ 892.870061][T17696] ? __pfx___x64_sys_openat+0x10/0x10 [ 892.870104][T17696] ? do_user_addr_fault+0x843/0x1370 [ 892.870164][T17696] do_syscall_64+0xcd/0x490 [ 892.870229][T17696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 892.870264][T17696] RIP: 0033:0x7fd209f8d290 [ 892.870291][T17696] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 892.870325][T17696] RSP: 002b:00007fd20ae7cf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 892.870357][T17696] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd209f8d290 [ 892.870380][T17696] RDX: 0000000000000002 RSI: 00007fd20ae7cfa0 RDI: 00000000ffffff9c [ 892.870401][T17696] RBP: 00007fd20ae7cfa0 R08: 0000000000000000 R09: 00007fd20ae7ccd4 [ 892.870426][T17696] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 892.870446][T17696] R13: 0000000000000000 R14: 00007fd20a1b5fa0 R15: 00007ffdf3329178 [ 892.870489][T17696] [ 893.803448][T17708] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2230'. [ 894.795055][T17741] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2238'. [ 895.154407][T17754] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2240'. [ 896.216984][T17783] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input176 [ 896.433392][T17786] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2247'. [ 897.297406][T17800] sysfs_service_op_show: Client not running :-5: [ 897.547453][T17789] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2248'. [ 897.753517][T17812] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2252'. [ 899.041636][T17821] sysfs_service_op_show: Client not running :-5: [ 899.321300][T17843] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input177 [ 899.532651][T17846] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input179 [ 899.611456][T17857] FAULT_INJECTION: forcing a failure. [ 899.611456][T17857] name failslab, interval 1, probability 0, space 0, times 0 [ 899.632548][T17857] CPU: 0 UID: 0 PID: 17857 Comm: syz.1.2264 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 899.632599][T17857] Tainted: [U]=USER [ 899.632611][T17857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 899.632630][T17857] Call Trace: [ 899.632640][T17857] [ 899.632652][T17857] dump_stack_lvl+0x16c/0x1f0 [ 899.632707][T17857] should_fail_ex+0x512/0x640 [ 899.632754][T17857] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 899.632803][T17857] should_failslab+0xc2/0x120 [ 899.632834][T17857] __kmalloc_cache_noprof+0x6a/0x3e0 [ 899.632879][T17857] ? input_allocate_device+0xc5/0x350 [ 899.632926][T17857] ? kasan_save_track+0x14/0x30 [ 899.632976][T17857] input_allocate_device+0xc5/0x350 [ 899.633021][T17857] uinput_write+0x9cc/0xff0 [ 899.633069][T17857] ? __pfx_uinput_write+0x10/0x10 [ 899.633099][T17857] ? apparmor_file_permission+0x251/0x400 [ 899.633137][T17857] ? bpf_lsm_file_permission+0x9/0x10 [ 899.633172][T17857] ? security_file_permission+0x71/0x210 [ 899.633216][T17857] ? rw_verify_area+0xcf/0x680 [ 899.633260][T17857] ? __pfx_uinput_write+0x10/0x10 [ 899.633289][T17857] vfs_write+0x2a0/0x1150 [ 899.633345][T17857] ? __pfx_vfs_write+0x10/0x10 [ 899.633400][T17857] ? find_held_lock+0x2b/0x80 [ 899.633436][T17857] ? __fget_files+0x204/0x3c0 [ 899.633487][T17857] ? __fget_files+0x20e/0x3c0 [ 899.633543][T17857] ksys_write+0x1f8/0x250 [ 899.633588][T17857] ? __pfx_ksys_write+0x10/0x10 [ 899.633647][T17857] do_syscall_64+0xcd/0x490 [ 899.633698][T17857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 899.633731][T17857] RIP: 0033:0x7fd209f8e929 [ 899.633757][T17857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 899.633787][T17857] RSP: 002b:00007fd20ae7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 899.633816][T17857] RAX: ffffffffffffffda RBX: 00007fd20a1b5fa0 RCX: 00007fd209f8e929 [ 899.633837][T17857] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000003 [ 899.633856][T17857] RBP: 00007fd20ae7d090 R08: 0000000000000000 R09: 0000000000000000 [ 899.633875][T17857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 899.633894][T17857] R13: 0000000000000000 R14: 00007fd20a1b5fa0 R15: 00007ffdf3329178 [ 899.633937][T17857] [ 899.770377][T17849] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2263'. [ 899.772859][ C0] vkms_vblank_simulate: vblank timer overrun [ 899.781574][T17849] nfs4: Unknown parameter '€' [ 899.795827][T17843] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2259'. [ 900.445818][T17878] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2267'. [ 900.615866][T17883] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input180 [ 900.800736][T17884] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input181 [ 900.868873][T17883] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2270'. [ 901.446780][T17902] FAULT_INJECTION: forcing a failure. [ 901.446780][T17902] name failslab, interval 1, probability 0, space 0, times 0 [ 901.459748][T17902] CPU: 0 UID: 0 PID: 17902 Comm: syz.1.2275 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 901.459795][T17902] Tainted: [U]=USER [ 901.459806][T17902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 901.459824][T17902] Call Trace: [ 901.459835][T17902] [ 901.459847][T17902] dump_stack_lvl+0x16c/0x1f0 [ 901.459897][T17902] should_fail_ex+0x512/0x640 [ 901.459944][T17902] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 901.460003][T17902] should_failslab+0xc2/0x120 [ 901.460033][T17902] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 901.460087][T17902] ? do_raw_spin_lock+0x12c/0x2b0 [ 901.460137][T17902] ? kvasprintf_const+0x66/0x1a0 [ 901.460173][T17902] kvasprintf+0xbc/0x160 [ 901.460203][T17902] ? __pfx_kvasprintf+0x10/0x10 [ 901.460250][T17902] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 901.460295][T17902] ? __debug_object_init+0x2de/0x3d0 [ 901.460338][T17902] kvasprintf_const+0x66/0x1a0 [ 901.460371][T17902] kobject_set_name_vargs+0x5a/0x140 [ 901.460410][T17902] dev_set_name+0xc7/0x100 [ 901.460447][T17902] ? __pfx_dev_set_name+0x10/0x10 [ 901.460487][T17902] ? lockdep_init_map_type+0x5c/0x280 [ 901.460532][T17902] ? __init_waitqueue_head+0xca/0x150 [ 901.460564][T17902] ? input_allocate_device+0x271/0x350 [ 901.460614][T17902] input_allocate_device+0x293/0x350 [ 901.460660][T17902] uinput_write+0x9cc/0xff0 [ 901.460700][T17902] ? __pfx_uinput_write+0x10/0x10 [ 901.460730][T17902] ? apparmor_file_permission+0x251/0x400 [ 901.460768][T17902] ? bpf_lsm_file_permission+0x9/0x10 [ 901.460802][T17902] ? security_file_permission+0x71/0x210 [ 901.460846][T17902] ? rw_verify_area+0xcf/0x680 [ 901.460889][T17902] ? __pfx_uinput_write+0x10/0x10 [ 901.460918][T17902] vfs_write+0x2a0/0x1150 [ 901.460974][T17902] ? __pfx_vfs_write+0x10/0x10 [ 901.461017][T17902] ? find_held_lock+0x2b/0x80 [ 901.461051][T17902] ? __fget_files+0x204/0x3c0 [ 901.461102][T17902] ? __fget_files+0x20e/0x3c0 [ 901.461158][T17902] ksys_write+0x1f8/0x250 [ 901.461203][T17902] ? __pfx_ksys_write+0x10/0x10 [ 901.461271][T17902] do_syscall_64+0xcd/0x490 [ 901.461322][T17902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 901.461355][T17902] RIP: 0033:0x7fd209f8e929 [ 901.461380][T17902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 901.461412][T17902] RSP: 002b:00007fd20ae7d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 901.461441][T17902] RAX: ffffffffffffffda RBX: 00007fd20a1b5fa0 RCX: 00007fd209f8e929 [ 901.461463][T17902] RDX: 000000000000045c RSI: 0000000000000000 RDI: 0000000000000003 [ 901.461482][T17902] RBP: 00007fd20ae7d090 R08: 0000000000000000 R09: 0000000000000000 [ 901.461502][T17902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 901.461521][T17902] R13: 0000000000000000 R14: 00007fd20a1b5fa0 R15: 00007ffdf3329178 [ 901.461562][T17902] [ 901.747777][ C0] vkms_vblank_simulate: vblank timer overrun [ 902.130881][T17912] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input184 [ 902.526403][T17921] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2277'. [ 904.654952][T17950] netlink: 354 bytes leftover after parsing attributes in process `syz.2.2283'. [ 905.360054][T17942] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2280'. [ 905.511558][T17942] nfs4: Unknown parameter '€' [ 906.009537][T17975] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input185 [ 906.180192][T17983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2291'. [ 906.305744][T17982] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 906.380612][T17982] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 906.392873][T17982] memcg:ffff8880290bd4c1 [ 906.397282][T17982] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 906.409114][T17982] page_type: f5(slab) [ 906.414198][T17982] raw: 00fff00000000040 ffff88801ce94500 0000000000000000 dead000000000001 [ 906.423951][T17982] raw: 0000000000000000 0000000000040004 00000000f5000000 ffff8880290bd4c1 [ 906.455003][T17982] head: 00fff00000000040 ffff88801ce94500 0000000000000000 dead000000000001 [ 906.495086][T17982] head: 0000000000000000 0000000000040004 00000000f5000000 ffff8880290bd4c1 [ 906.557517][T17982] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 906.601847][T17982] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 906.653180][T17982] page dumped because: unmovable page [ 906.711641][T17982] page_owner tracks the page as allocated [ 906.738942][T17982] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5196, tgid 5196 (start-stop-daem), ts 40112287833, free_ts 37459513785 [ 906.862509][T17982] post_alloc_hook+0x1c0/0x230 [ 906.868960][T17982] get_page_from_freelist+0x1321/0x3890 [ 906.875757][T17982] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 906.888723][T17982] alloc_pages_mpol+0x1fb/0x550 [ 906.894500][T17982] new_slab+0x23b/0x330 [ 906.898807][T17982] ___slab_alloc+0xd9c/0x1940 [ 906.904060][T17982] __slab_alloc.constprop.0+0x56/0xb0 [ 906.909939][T17982] kmem_cache_alloc_node_noprof+0xf5/0x3b0 [ 906.916043][T17982] copy_process+0x4b6/0x7650 [ 906.923072][T17982] kernel_clone+0xfc/0x960 [ 906.927603][T17982] __do_sys_vfork+0x9d/0xe0 [ 906.932275][T17982] do_syscall_64+0xcd/0x490 [ 906.936894][T17982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 906.943053][T17982] page last free pid 1 tgid 1 stack trace: [ 906.948926][T17982] __free_frozen_pages+0x7fe/0x1180 [ 906.954320][T17982] free_contig_range+0x183/0x4b0 [ 906.963240][T17982] destroy_args+0x7f6/0xa60 [ 906.967845][T17982] debug_vm_pgtable+0x13b8/0x2d00 [ 906.982803][T17982] do_one_initcall+0x120/0x6e0 [ 906.988082][T17982] kernel_init_freeable+0x5c2/0x900 [ 907.000559][T17982] kernel_init+0x1c/0x2b0 [ 907.005080][T17982] ret_from_fork+0x5d4/0x6f0 [ 907.009815][T17982] ret_from_fork_asm+0x1a/0x30 [ 908.040223][T18025] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 908.897230][T18014] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2296'. [ 908.962203][T18018] nfs4: Unknown parameter '€' [ 912.107187][T18085] program syz.1.2310 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 912.151314][T18086] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2308'. [ 913.461069][T18103] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2315'. [ 913.490746][T18098] sysfs_service_op_show: Client not running :-5: [ 913.757020][T18103] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2315'. [ 915.106859][T18128] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2319'. [ 917.301837][T18144] sysfs_service_op_show: Client not running :-5: [ 921.335460][T18207] FAULT_INJECTION: forcing a failure. [ 921.335460][T18207] name failslab, interval 1, probability 0, space 0, times 0 [ 921.516906][T18207] CPU: 1 UID: 0 PID: 18207 Comm: syz.1.2337 Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 921.516963][T18207] Tainted: [U]=USER [ 921.516974][T18207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 921.516994][T18207] Call Trace: [ 921.517005][T18207] [ 921.517028][T18207] dump_stack_lvl+0x16c/0x1f0 [ 921.517085][T18207] should_fail_ex+0x512/0x640 [ 921.517133][T18207] ? fs_reclaim_acquire+0xae/0x150 [ 921.517178][T18207] should_failslab+0xc2/0x120 [ 921.517210][T18207] __kmalloc_cache_noprof+0x6a/0x3e0 [ 921.517255][T18207] ? hub_ext_port_status+0x5e/0x670 [ 921.517307][T18207] ? usb_control_msg+0xbc/0x4a0 [ 921.517348][T18207] usb_control_msg+0xbc/0x4a0 [ 921.517394][T18207] ? __pfx_usb_control_msg+0x10/0x10 [ 921.517462][T18207] hub_ext_port_status+0x14e/0x670 [ 921.517535][T18207] hub_activate+0x6e5/0x1d60 [ 921.517587][T18207] ? __pfx_hub_activate+0x10/0x10 [ 921.517622][T18207] ? find_held_lock+0x2b/0x80 [ 921.517659][T18207] ? do_proc_bulk+0xae0/0xe20 [ 921.517691][T18207] ? usbfs_notify_resume+0x25/0xf0 [ 921.517735][T18207] hub_resume+0xa8/0x3f0 [ 921.517772][T18207] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 921.517827][T18207] ? __pfx_hub_resume+0x10/0x10 [ 921.517864][T18207] ? __pfx_hcd_bus_resume+0x10/0x10 [ 921.517927][T18207] usb_resume_interface.constprop.0.isra.0+0x2c2/0x3e0 [ 921.517986][T18207] usb_resume_both+0x273/0x800 [ 921.518039][T18207] ? __pfx_usb_resume_both+0x10/0x10 [ 921.518089][T18207] ? __pfx_usb_runtime_resume+0x10/0x10 [ 921.518146][T18207] ? __pfx_usb_runtime_resume+0x10/0x10 [ 921.518200][T18207] __rpm_callback+0xc8/0x610 [ 921.518256][T18207] ? __pfx_usb_runtime_resume+0x10/0x10 [ 921.518311][T18207] rpm_callback+0x1b7/0x200 [ 921.518365][T18207] ? __pfx_usb_runtime_resume+0x10/0x10 [ 921.518420][T18207] rpm_resume+0xd0a/0x1310 [ 921.518482][T18207] ? __pfx_rpm_resume+0x10/0x10 [ 921.518532][T18207] ? do_raw_spin_lock+0x12c/0x2b0 [ 921.518587][T18207] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 921.518669][T18207] __pm_runtime_resume+0xb6/0x170 [ 921.518724][T18207] usb_autoresume_device+0x23/0xe0 [ 921.518778][T18207] usbdev_open+0x228/0x8b0 [ 921.518831][T18207] ? kobject_get_unless_zero+0x156/0x1e0 [ 921.518884][T18207] ? __pfx_usbdev_open+0x10/0x10 [ 921.518935][T18207] ? chrdev_open+0x10b/0x6a0 [ 921.518992][T18207] ? __pfx_usbdev_open+0x10/0x10 [ 921.519044][T18207] chrdev_open+0x234/0x6a0 [ 921.519094][T18207] ? __pfx_apparmor_file_open+0x10/0x10 [ 921.519136][T18207] ? __pfx_chrdev_open+0x10/0x10 [ 921.519192][T18207] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 921.519245][T18207] do_dentry_open+0x741/0x1c10 [ 921.519295][T18207] ? __pfx_chrdev_open+0x10/0x10 [ 921.519368][T18207] vfs_open+0x82/0x3f0 [ 921.519410][T18207] path_openat+0x1de4/0x2cb0 [ 921.519491][T18207] ? __pfx_path_openat+0x10/0x10 [ 921.519544][T18207] ? __lock_acquire+0xb8a/0x1c90 [ 921.519595][T18207] do_filp_open+0x20b/0x470 [ 921.519646][T18207] ? __pfx_do_filp_open+0x10/0x10 [ 921.519741][T18207] ? alloc_fd+0x471/0x7d0 [ 921.519797][T18207] do_sys_openat2+0x11b/0x1d0 [ 921.519834][T18207] ? __pfx_do_sys_openat2+0x10/0x10 [ 921.519895][T18207] __x64_sys_openat+0x174/0x210 [ 921.519934][T18207] ? __pfx___x64_sys_openat+0x10/0x10 [ 921.519990][T18207] do_syscall_64+0xcd/0x490 [ 921.520045][T18207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 921.520078][T18207] RIP: 0033:0x7fd209f8e929 [ 921.520105][T18207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 921.520138][T18207] RSP: 002b:00007fd20ae5c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 921.520170][T18207] RAX: ffffffffffffffda RBX: 00007fd20a1b6080 RCX: 00007fd209f8e929 [ 921.520193][T18207] RDX: 0000000000080000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 921.520214][T18207] RBP: 00007fd20a010b39 R08: 0000000000000000 R09: 0000000000000000 [ 921.520234][T18207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 921.520254][T18207] R13: 0000000000000000 R14: 00007fd20a1b6080 R15: 00007ffdf3329178 [ 921.520297][T18207] [ 921.520317][T18207] hub 7-0:1.0: hub_ext_port_status failed (err = -12) [ 922.213234][T18204] sysfs_service_op_show: Client not running :-5: [ 922.838931][T18206] kexec: Could not allocate control_code_buffer [ 923.268022][T18233] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2341'. [ 925.569525][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 925.579602][ T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 925.589485][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 925.603141][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 925.615936][ T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 926.453344][T18289] sysfs_service_op_show: Client not running :-5: [ 926.691138][T18280] chnl_net:caif_netlink_parms(): no params data found [ 926.831883][T18296] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2359'. [ 926.874352][T18296] nfs4: Unknown parameter '€' [ 926.892183][T18280] bridge0: port 1(bridge_slave_0) entered blocking state [ 926.899500][T18280] bridge0: port 1(bridge_slave_0) entered disabled state [ 926.906995][T18280] bridge_slave_0: entered allmulticast mode [ 926.915285][T18280] bridge_slave_0: entered promiscuous mode [ 926.938488][T18280] bridge0: port 2(bridge_slave_1) entered blocking state [ 926.957241][T18280] bridge0: port 2(bridge_slave_1) entered disabled state [ 926.964646][T18280] bridge_slave_1: entered allmulticast mode [ 926.981575][T18280] bridge_slave_1: entered promiscuous mode [ 927.045932][T18280] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 927.064944][T18280] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 927.133178][T18280] team0: Port device team_slave_0 added [ 927.145705][T18280] team0: Port device team_slave_1 added [ 927.204672][T18280] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 927.212353][T18280] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 927.239129][T18280] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 927.255331][T18280] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 927.262434][T18280] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 927.289331][T18280] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 927.384172][T18280] hsr_slave_0: entered promiscuous mode [ 927.392676][T18280] hsr_slave_1: entered promiscuous mode [ 927.700686][ T51] Bluetooth: hci1: command tx timeout [ 927.930219][T18280] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 928.292454][T18280] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 928.702400][T18280] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 928.857072][T18280] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 929.403150][T18280] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 929.426812][T18280] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 929.455071][T18280] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 929.485010][T18280] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 929.745542][T18280] 8021q: adding VLAN 0 to HW filter on device bond0 [ 929.780566][ T51] Bluetooth: hci1: command tx timeout [ 929.818985][T18280] 8021q: adding VLAN 0 to HW filter on device team0 [ 929.863278][ T3500] bridge0: port 1(bridge_slave_0) entered blocking state [ 929.870545][ T3500] bridge0: port 1(bridge_slave_0) entered forwarding state [ 929.912318][T12479] bridge0: port 2(bridge_slave_1) entered blocking state [ 929.919548][T12479] bridge0: port 2(bridge_slave_1) entered forwarding state [ 930.437831][T18280] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 930.557555][T18280] veth0_vlan: entered promiscuous mode [ 930.578309][T18280] veth1_vlan: entered promiscuous mode [ 930.582305][T18373] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2377'. [ 930.622988][T18373] nfs4: Unknown parameter '€' [ 930.660315][T18280] veth0_macvtap: entered promiscuous mode [ 930.679148][T18280] veth1_macvtap: entered promiscuous mode [ 930.713015][T18280] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 930.735812][T18280] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 930.763191][T18280] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.779383][T18280] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.790745][T18280] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 930.799558][T18280] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 931.095032][T12479] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 931.111218][T12479] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 931.217581][T12472] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 931.278251][T12472] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 931.864406][ T51] Bluetooth: hci1: command tx timeout [ 933.240832][T18412] sysfs_service_op_show: Client not running :-5: [ 933.702018][T18420] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 933.721973][T18420] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 933.730354][T18420] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 933.748352][T18420] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 933.761906][T18420] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 933.961147][T18420] Bluetooth: hci1: command tx timeout [ 934.099163][ T5843] ------------[ cut here ]------------ [ 934.105220][ T5843] ODEBUG: free active (active state 0) object: ffff888034909318 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 934.221496][ T5843] WARNING: CPU: 1 PID: 5843 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 934.231166][ T5843] Modules linked in: [ 934.235123][ T5843] CPU: 1 UID: 0 PID: 5843 Comm: syz-executor Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 934.247330][ T5843] Tainted: [U]=USER [ 934.251223][ T5843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 934.263104][ T5843] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 934.269087][ T5843] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 40 81 15 8c 4c 89 e6 48 c7 c7 c0 75 15 8c e8 bf 68 9c fc 90 <0f> 0b 90 90 58 83 05 56 89 cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 934.290303][ T5843] RSP: 0018:ffffc90003f0f768 EFLAGS: 00010286 [ 934.296752][ T5843] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa128 [ 934.304897][ T5843] RDX: ffff888028a29e00 RSI: ffffffff817aa135 RDI: 0000000000000001 [ 934.312960][ T5843] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 934.321028][ T5843] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157c60 [ 934.329051][ T5843] R13: ffffffff8bafe840 R14: ffffffff8a8f9f70 R15: ffffc90003f0f868 [ 934.337889][ T5843] FS: 0000000000000000(0000) GS:ffff888124823000(0000) knlGS:0000000000000000 [ 934.347055][ T5843] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 934.353725][ T5843] CR2: 00007f0ad82e56c0 CR3: 0000000032be0000 CR4: 00000000003526f0 [ 934.363477][ T5843] Call Trace: [ 934.366820][ T5843] [ 934.369793][ T5843] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 934.376780][ T5843] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 934.382725][ T5843] debug_check_no_obj_freed+0x4b7/0x600 [ 934.388359][ T5843] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 934.394714][ T5843] ? rcu_is_watching+0x12/0xc0 [ 934.399555][ T5843] ? kmem_cache_free+0x2d1/0x4d0 [ 934.404652][ T5843] kfree+0x28f/0x4d0 [ 934.408616][ T5843] ? hci_release_dev+0x4d8/0x600 [ 934.413676][ T5843] hci_release_dev+0x4d8/0x600 [ 934.418527][ T5843] ? __pfx_hci_release_dev+0x10/0x10 [ 934.424390][ T5843] ? rcu_is_watching+0x12/0xc0 [ 934.429226][ T5843] ? kfree+0x24f/0x4d0 [ 934.433537][ T5843] bt_host_release+0x6a/0xb0 [ 934.438215][ T5843] ? __pfx_bt_host_release+0x10/0x10 [ 934.443635][ T5843] device_release+0xa4/0x240 [ 934.448380][ T5843] kobject_put+0x1e7/0x5a0 [ 934.452904][ T5843] ? __pfx_vhci_release+0x10/0x10 [ 934.458006][ T5843] put_device+0x1f/0x30 [ 934.462284][ T5843] vhci_release+0x81/0xf0 [ 934.468429][ T5843] __fput+0x402/0xb70 [ 934.473890][ T5843] task_work_run+0x14d/0x240 [ 934.478575][ T5843] ? __pfx_task_work_run+0x10/0x10 [ 934.483848][ T5843] do_exit+0x86c/0x2bd0 [ 934.488108][ T5843] ? __pfx_do_exit+0x10/0x10 [ 934.492845][ T5843] ? do_raw_spin_lock+0x12c/0x2b0 [ 934.497951][ T5843] ? find_held_lock+0x2b/0x80 [ 934.503317][ T5843] do_group_exit+0xd3/0x2a0 [ 934.507900][ T5843] get_signal+0x2673/0x26d0 [ 934.512523][ T5843] ? __pfx_get_signal+0x10/0x10 [ 934.517455][ T5843] arch_do_signal_or_restart+0x8f/0x790 [ 934.523159][ T5843] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 934.529400][ T5843] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 934.535540][ T5843] exit_to_user_mode_loop+0x84/0x110 [ 934.540960][ T5843] do_syscall_64+0x3f6/0x490 [ 934.545633][ T5843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 934.551655][ T5843] RIP: 0033:0x7fa60678d33c [ 934.556128][ T5843] Code: Unable to access opcode bytes at 0x7fa60678d312. [ 934.563265][ T5843] RSP: 002b:00007fffc7af5f80 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 934.573519][ T5843] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007fa60678d33c [ 934.583206][ T5843] RDX: 0000000000000030 RSI: 00007fffc7af6040 RDI: 00000000000000f9 [ 934.591278][ T5843] RBP: 00007fffc7af5fec R08: 0000000000000000 R09: 0079746972756365 [ 934.599310][ T5843] R10: 00007fa6069827e0 R11: 0000000000000246 R12: 000000000000025e [ 934.607376][ T5843] R13: 00000000000927c0 R14: 00000000000e3327 R15: 00007fffc7af6040 [ 934.615606][ T5843] [ 934.618677][ T5843] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 934.626016][ T5843] CPU: 1 UID: 0 PID: 5843 Comm: syz-executor Tainted: G U 6.16.0-rc5-syzkaller #0 PREEMPT(full) [ 934.638061][ T5843] Tainted: [U]=USER [ 934.641919][ T5843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 934.652026][ T5843] Call Trace: [ 934.655349][ T5843] [ 934.658324][ T5843] dump_stack_lvl+0x3d/0x1f0 [ 934.662990][ T5843] panic+0x71c/0x800 [ 934.666966][ T5843] ? __pfx_panic+0x10/0x10 [ 934.671456][ T5843] ? show_trace_log_lvl+0x29b/0x3e0 [ 934.676749][ T5843] ? check_panic_on_warn+0x1f/0xb0 [ 934.681942][ T5843] ? debug_print_object+0x1a2/0x2b0 [ 934.687184][ T5843] check_panic_on_warn+0xab/0xb0 [ 934.692177][ T5843] __warn+0xf6/0x3c0 [ 934.696123][ T5843] ? debug_print_object+0x1a2/0x2b0 [ 934.701366][ T5843] report_bug+0x3c3/0x580 [ 934.705738][ T5843] ? debug_print_object+0x1a2/0x2b0 [ 934.710975][ T5843] handle_bug+0x184/0x210 [ 934.715336][ T5843] exc_invalid_op+0x17/0x50 [ 934.720049][ T5843] asm_exc_invalid_op+0x1a/0x20 [ 934.724934][ T5843] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 934.730779][ T5843] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd 40 81 15 8c 4c 89 e6 48 c7 c7 c0 75 15 8c e8 bf 68 9c fc 90 <0f> 0b 90 90 58 83 05 56 89 cb 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 934.750428][ T5843] RSP: 0018:ffffc90003f0f768 EFLAGS: 00010286 [ 934.756539][ T5843] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817aa128 [ 934.764540][ T5843] RDX: ffff888028a29e00 RSI: ffffffff817aa135 RDI: 0000000000000001 [ 934.772544][ T5843] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 934.780556][ T5843] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff8c157c60 [ 934.788568][ T5843] R13: ffffffff8bafe840 R14: ffffffff8a8f9f70 R15: ffffc90003f0f868 [ 934.796575][ T5843] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 934.802088][ T5843] ? __warn_printk+0x198/0x350 [ 934.806926][ T5843] ? __warn_printk+0x1a5/0x350 [ 934.811745][ T5843] ? debug_print_object+0x1a1/0x2b0 [ 934.816972][ T5843] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 934.822655][ T5843] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 934.828511][ T5843] debug_check_no_obj_freed+0x4b7/0x600 [ 934.834101][ T5843] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 934.840294][ T5843] ? rcu_is_watching+0x12/0xc0 [ 934.845101][ T5843] ? kmem_cache_free+0x2d1/0x4d0 [ 934.850090][ T5843] kfree+0x28f/0x4d0 [ 934.854038][ T5843] ? hci_release_dev+0x4d8/0x600 [ 934.859064][ T5843] hci_release_dev+0x4d8/0x600 [ 934.863873][ T5843] ? __pfx_hci_release_dev+0x10/0x10 [ 934.869214][ T5843] ? rcu_is_watching+0x12/0xc0 [ 934.874033][ T5843] ? kfree+0x24f/0x4d0 [ 934.878325][ T5843] bt_host_release+0x6a/0xb0 [ 934.882972][ T5843] ? __pfx_bt_host_release+0x10/0x10 [ 934.888328][ T5843] device_release+0xa4/0x240 [ 934.892959][ T5843] kobject_put+0x1e7/0x5a0 [ 934.897428][ T5843] ? __pfx_vhci_release+0x10/0x10 [ 934.902524][ T5843] put_device+0x1f/0x30 [ 934.906722][ T5843] vhci_release+0x81/0xf0 [ 934.911101][ T5843] __fput+0x402/0xb70 [ 934.915125][ T5843] task_work_run+0x14d/0x240 [ 934.919770][ T5843] ? __pfx_task_work_run+0x10/0x10 [ 934.924944][ T5843] do_exit+0x86c/0x2bd0 [ 934.929152][ T5843] ? __pfx_do_exit+0x10/0x10 [ 934.933874][ T5843] ? do_raw_spin_lock+0x12c/0x2b0 [ 934.938949][ T5843] ? find_held_lock+0x2b/0x80 [ 934.943671][ T5843] do_group_exit+0xd3/0x2a0 [ 934.948225][ T5843] get_signal+0x2673/0x26d0 [ 934.952782][ T5843] ? __pfx_get_signal+0x10/0x10 [ 934.957679][ T5843] arch_do_signal_or_restart+0x8f/0x790 [ 934.963271][ T5843] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 934.969484][ T5843] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 934.975523][ T5843] exit_to_user_mode_loop+0x84/0x110 [ 934.980961][ T5843] do_syscall_64+0x3f6/0x490 [ 934.985633][ T5843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 934.991567][ T5843] RIP: 0033:0x7fa60678d33c [ 934.996067][ T5843] Code: Unable to access opcode bytes at 0x7fa60678d312. [ 935.003109][ T5843] RSP: 002b:00007fffc7af5f80 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 935.011568][ T5843] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007fa60678d33c [ 935.019587][ T5843] RDX: 0000000000000030 RSI: 00007fffc7af6040 RDI: 00000000000000f9 [ 935.027605][ T5843] RBP: 00007fffc7af5fec R08: 0000000000000000 R09: 0079746972756365 [ 935.035706][ T5843] R10: 00007fa6069827e0 R11: 0000000000000246 R12: 000000000000025e [ 935.043800][ T5843] R13: 00000000000927c0 R14: 00000000000e3327 R15: 00007fffc7af6040 [ 935.051947][ T5843] [ 935.055291][ T5843] Kernel Offset: disabled [ 935.059650][ T5843] Rebooting in 86400 seconds..