last executing test programs:

14m48.374651255s ago: executing program 1 (id=2288):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0)
ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r1, 0xc05c6104, &(0x7f0000000100)={"fda25684", 0xffff, 0x6, 0x3, 0x3, 0x9, "c625aa3f222ce10e00", "430600", "0400e6ad", "4e1d00", ["22df00000200", "f8ffffffff473a6f08e10005", "b06f8ca10c66eebcbd6f17c8", "5f0700000000000000392a98"]})
r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0)
ioctl$auto(r2, 0x40045436, 0xffffffffffffffff)
r3 = socket(0xa, 0x2, 0x0)
setsockopt$auto(r3, 0x29, 0x30, 0x0, 0xd393)
mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000)
read$auto(r0, 0x0, 0x20)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/tty17\x00', 0x800, 0x0)
r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0)
r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0)
ioctl$auto(r5, 0x80045503, r5)
writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
ioctl$auto_TIOCMSET2(0xffffffffffffffff, 0x5418, 0x0)
openat$auto_mon_fops_stat_usb_mon(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/29s\x00', 0x6a3c0, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
mlockall$auto(0x7)
io_uring_setup$auto(0x10006, 0x0)
socket(0x0, 0xf5a0a8c969c4a15a, 0xfc)
madvise$auto(0x0, 0x200007, 0x19)
ioctl$auto(r4, 0x1, r4)
remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4)
mincore$auto(0x0, 0x10000, 0x0)
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xc202, 0x0)
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000)

14m47.413391252s ago: executing program 1 (id=2293):
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x8020009, 0xe2, 0xcb1, 0x401, 0x8040001008000)
sysfs$auto(0x2, 0x4, 0x4)
openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/trigger\x00', 0x618001, 0x0)
mincore$auto(0x1000, 0x8001, 0x0)
r0 = io_uring_setup$auto(0x877, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/block/ram11/queue/discard_zeroes_data\x00', 0x80800, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
unshare$auto(0x40000080)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd5/hctx0/cpu1/read_rq_list\x00', 0x2, 0x0)
lseek$auto(0x3, 0x7fffffffffffffff, 0x1)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800)
socket(0x2, 0x3, 0x100)
r1 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$auto(r1, 0x40045568, 0x5)
socket(0x10, 0x2, 0x0)
sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x400c0}, 0x4040000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
poll$auto(&(0x7f0000003640)={<r3=>r2, 0x4, 0xffff}, 0x4, 0x100000)
r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r6=>0x0})
sendmsg$auto_NETDEV_CMD_QUEUE_GET(r3, &(0x7f00000039c0)={0x0, 0x0, &(0x7f0000003980)={&(0x7f0000000340)=ANY=[@ANYRES16=r4, @ANYRES32=r6, @ANYBLOB="3390e06a661ef468291ed1570254b892a22adfb91e848518855be91ab4b0c62a65b6f700b06f024621202c4152a08a0914ee9bc36ece65ff3bfe8985749e8836be4362734a0963f4ef90b4d5784c619205b5141e93c75130ed7116acd993281c3da0e9311a1c05d92416a2201126a8a6ab51f40c200db5dc44ef0feffae153bfc382a9403e4e0e3756e8880072f84d65811130b717efab17fab2"], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0xc4)
mincore$auto(0x8, 0x8, &(0x7f0000000000)='\'(/[R\'\x00')
poll$auto(&(0x7f0000000080)={r0, 0x8, 0x9}, 0xb, 0x101)
io_uring_enter$auto(0x3, 0x0, 0xfffffffe, 0x3, 0x0, 0x3)
r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/i8042/serio1/power/wakeup_active_count\x00', 0x80100, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000600)=""/4096, 0x1000)

14m46.726534573s ago: executing program 1 (id=2296):
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
close_range$auto(0x2, 0x8, 0x0)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
socket(0xa, 0x2, 0x0)
sysfs$auto(0x2, 0x4, 0x4)
mincore$auto(0x1000, 0x8001, 0x0)
r0 = io_uring_setup$auto(0x1, 0x0)
io_uring_enter$auto(r0, 0xcd00, 0xcd00, 0x7, 0x0, 0xffffffffffffffff)

14m46.270779591s ago: executing program 1 (id=2298):
io_uring_setup$auto(0x2, 0x0)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0)
r0 = socket(0x11, 0x80003, 0x300)
setsockopt$auto(r0, 0x107, 0x1, 0x0, 0x8004)
r1 = socket(0x10, 0x2, 0x4)
io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x40000009, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x1, 0x0, 0xf89, 0x9, 0x837, 0x8}})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'dummy0\x00'})
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00')
sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x2404c000)
write$auto(r1, &(0x7f0000000000)='-\x00', 0xfffffffffffffdef)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x2, 0xb}, 0x800009}, 0x5, 0x20000000)
geteuid()
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
sendmsg$auto_NLBL_CALIPSO_C_ADD(r1, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x4048000)
sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, 0x0, 0x4000050)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)

14m43.840173554s ago: executing program 1 (id=2305):
setresuid$auto(0xffffffffffffffff, 0x8, 0x8000)
tkill$auto(0x80000000000001, 0x7)
r0 = io_uring_setup$auto(0x0, &(0x7f0000000000)={0x2be, 0x4, 0x3, 0xfffffec9, 0x9, 0x7, 0xffffffffffffffff, [0x0, 0x8, 0x4], {0x10000, 0x9, 0x7, 0x101, 0xc, 0x5, 0x0, 0xff, 0x3}, {0x1, 0xff, 0x400, 0x6, 0x7, 0x1, 0x200, 0x1000, 0x7}})
mmap$auto(0x3, 0x400000000004, 0xdf, 0x9b70, r0, 0xff17)
openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/smaps\x00', 0x80000, 0x0)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
capget$auto(0x0, 0xfffffffffffffffe)
sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, 0x0, 0x2)
futex_waitv$auto(0x0, 0x77, 0xfffffffc, 0x0, 0x62bd)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
sysfs$auto(0x2, 0x1f, 0x0)
fsopen$auto(0x0, 0x1)
close_range$auto(0x2, 0x8000, 0x0)
r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0)
clock_nanosleep$auto(0xa, 0x9, 0x0, 0x0)
clone3$auto(&(0x7f0000000100)={0x2, 0x0, 0xffffffffffffffff, 0x2, 0x9, 0x9, 0xea, 0x3, 0xfc6b, 0x7, 0xc4}, 0x7)
ioctl$auto(r1, 0x560a, 0x7)

14m42.205793017s ago: executing program 1 (id=2317):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram6\x00', 0x1e1782, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/bConfigurationValue\x00', 0x101142, 0x0)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x603, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/kernel/mm/transparent_hugepage/hugepages-32kB/stats/nr_anon_partially_mapped\x00', 0x80040, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/binderfs/binder0\x00', 0xc0981, 0x0)
socket(0x28, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x3]}, 0x0)
mbind$auto(0x0, 0x2, 0x1, 0x0, 0x7, 0x400)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x3, 0x0, 0x81)

14m41.780712944s ago: executing program 32 (id=2317):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0)
openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram6\x00', 0x1e1782, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/bConfigurationValue\x00', 0x101142, 0x0)
openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x603, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/kernel/mm/transparent_hugepage/hugepages-32kB/stats/nr_anon_partially_mapped\x00', 0x80040, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/binderfs/binder0\x00', 0xc0981, 0x0)
socket(0x28, 0x1, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x3]}, 0x0)
mbind$auto(0x0, 0x2, 0x1, 0x0, 0x7, 0x400)
write$auto(0x3, 0x0, 0x7fffffff)
write$auto(0x3, 0x0, 0x81)

11m27.762862539s ago: executing program 0 (id=3019):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x108881, 0x0)
write$auto(r0, &(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x01\xff\x00', 0x20)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000000000)=0x22)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x1, 0x0)
socket(0x28, 0x3, 0x10001)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2438d4cb2de063a3e5dcd4c26ee78d80042d81c37dd38221d4b71dbf365dce3d05bb18cbce0434ca5e8e47625d78635aad429f562712ec3f3d7159eed41db4a183bcf6c4d2a7027f0516a3e65afde6bbe0d0a364f3de6308fdc4ee20eae92fbee719e8d22f2d406e2962d8f5c0d5101308c6e84c356c7a112d5d01b9d22b7b13880100000061cba05cda6a3138c62a", @ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf2521000000"], 0x14}}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r2 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)
read$auto(r3, 0x0, 0x1)
write$auto_proc_clear_refs_operations_internal(r2, 0x0, 0xffffff4b)
write$auto(0x3, 0x0, 0xfffffdef)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x2, 0x1, 0x3, 0x300000000000000, 0x7ffffffe, 0x5, 0x6d3c, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
open$auto(&(0x7f0000000200)='./file0\x00', 0x49193, 0xff90)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)

11m26.681882617s ago: executing program 0 (id=3025):
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
syslog$auto(0xe, &(0x7f0000000000)='..\x00', 0x5)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
close_range$auto(0x0, 0xfffffffffffff000, 0x2)
openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
r0 = clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2)
pidfd_send_signal$auto(0x1, 0xfffff495, 0x0, 0x4)
r1 = gettid()
r2 = syz_open_procfs$namespace(r1, &(0x7f0000000080)='ns/net\x00')
getdents$auto(r2, 0x0, 0x205)
mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x5452, 0x0)
sendmsg$auto_IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, &(0x7f0000003b40)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYRES64=r0, @ANYRESOCT=r3, @ANYBLOB="b25ad9c39fde943e6dd244e8bd799c430913dd20c5cbfe7835218633ff5b08f6afe8ce68c3e92a064c33896f5f1253da1151bb3b04f5a2fa", @ANYRESOCT=r3, @ANYBLOB="96d657c58084eb6efe56bcf4aa1fc1e629bfa9cb3c234a9f7626b16967f9a1699cc7e66b8bf5d0b2a111e177806b21e78a0b10e612dff6209de36ec1fd405f2bd9ffb61dd6f4aec374a9c01ec5a75274b20e3c903d5e6a24e67d15", @ANYRES64=r2, @ANYRES32=0x0, @ANYRES16, @ANYRES16=r0], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x8000)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x3, 0x0, 0x0, 0x7}, 0x9}, 0x3, 0x4)
getdents$auto(r2, 0x0, 0xff)

11m26.521512078s ago: executing program 0 (id=3026):
r0 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f00000015c0)={0x28, r0, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)

11m26.029633353s ago: executing program 0 (id=3027):
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/system/cpu/cpu0/cache/index3/shared_cpu_map\x00', 0x0, 0x0)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
ioperm$auto(0x7, 0x6, 0x2)
mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000)
preadv$auto(0x2000000000000c8, 0x0, 0x81, 0x7ebf, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000080)=""/86, 0x56)

11m24.849267098s ago: executing program 0 (id=3037):
r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x4100, 0x0)
openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000280)='/dev/usbmon29\x00', 0x5f9000, 0x0)
sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0xa}, 0x5, 0x20000000)
readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x7}, 0x10)
socket(0x11, 0x800, 0xfb11)
mount$auto(&(0x7f0000000180)='xfrm0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='\x00', 0x6, &(0x7f0000000240)="e496433eeb34df08522bc6754c216c084e58d9ad5ebea1b0ec74fee049eb2494f7c7cbc32ce409a26374e4549474ea2edb417c4c501cef41fb17b0c3")
memfd_create$auto(0x0, 0x4)
seccomp$auto(0x2, 0x0, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0)
mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000)
io_uring_setup$auto(0x1, 0x0)
futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6)
tkill$auto(0x1, 0x7)
write$auto(r0, &(0x7f0000000080)='/dev/sg0\x00', 0x8583)

11m23.136530785s ago: executing program 0 (id=3043):
r0 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0)
socket(0xa, 0x3, 0xff)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0xffffffffffffffff, 0x2, 0x0, 0x402000, 0x0, 0xe, 0x1, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0x8, 0x20000, 0x8, 0x10000000000, 0xffffffffffffffff, 0x4, 0x2f, 0x0, 0x0, 0x1006, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x6, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x4, 0x3, 0xfffffffffffffffc, 0x2, 0x8, 0x10000000007, 0xc567]}, 0x1fa, 0xd)
r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
gettid()
ioctl$auto__ctl_fops_dm_ioctl(r1, 0x2, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84")
ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffff7effffd05, &(0x7f00000001c0))
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
swapoff$auto(0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
landlock_create_ruleset$auto(0x0, 0x9, 0x0)
read$auto_kmsg_fops_printk(r0, &(0x7f0000000140)=""/237, 0xed)

11m22.653693183s ago: executing program 33 (id=3043):
r0 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0)
socket(0xa, 0x3, 0xff)
process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x44f, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x0, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, [0x3, 0x2, 0xffffffffffffffff, 0x2, 0x0, 0x402000, 0x0, 0xe, 0x1, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x8, 0x0, 0x6, 0x0, 0x8, 0x20000, 0x8, 0x10000000000, 0xffffffffffffffff, 0x4, 0x2f, 0x0, 0x0, 0x1006, 0x400000000005b8, 0xffff, 0x0, 0x100, 0x0, 0x6, 0x2, 0x88e, 0x40, 0xfffffffffffffffc, 0x8, 0xa38, 0x4, 0x3, 0xfffffffffffffffc, 0x2, 0x8, 0x10000000007, 0xc567]}, 0x1fa, 0xd)
r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0)
gettid()
ioctl$auto__ctl_fops_dm_ioctl(r1, 0x2, &(0x7f0000000380)="dcbb5fd7054bed139fb7f9fb1dca8fe1d88f65ee057c0e6faac40d106e4f0d52edf6e31c48e8d983ae3431fa707225c2c387e1a200b38759ba8e9187200e6d044ef46a534de751b1436f20ed7071b254509700aa726ea003a1b7b9ce2313756dc84bc4556ddac694c4553d72ed13a885176712c9cff968f74bd1d14ff734ad08e60cf7e7a7dd07d2b6ca9cb21ddaae68d2969afcf6c734f6ee1c63b1c93abf32264f9ec022b64c903276298739ee8ae7ac1fe14534ad54004f39ea1b99964702554c1494e1742baeae527cf3007d50fc92e924f73b6288e5d9fd071d2fba76b2fabd3faf5229f4c3168226346e3087026d3d2c8aed398d4988971e05ff0ab9f5f2328e7f51d5061584b44581a4c83e413718d3a82f87daf87d1d5a2c32fbaa58f095fbf34ccc603b632155c27289cb5598049a7c9160dfe8a01d5a1983408082941eb39db2a09c5a34dc876dfa58a589687aa0cf6be7b5b084a8f753758332896ec3adad7a79b751908ee2b3d25131f44185a0ed8d20e9b6b8a1ed11402b02e544b67caf3177eda039e64aaf295eca7953c165fa73afca96d7750663711101c6e14e44817c6ad4b1474132dd441ca5c9d7776c871ffacbd96910496cad7010b9b526135e84")
ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffff7effffd05, &(0x7f00000001c0))
mmap$auto(0x0, 0x9, 0x72, 0x8b72, 0x2, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000)
swapoff$auto(0x0)
read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0)
landlock_create_ruleset$auto(0x0, 0x9, 0x0)
read$auto_kmsg_fops_printk(r0, &(0x7f0000000140)=""/237, 0xed)

10m46.270073918s ago: executing program 2 (id=3173):
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$auto(0x3, 0x2270, 0x38)
mmap$auto(0x0, 0x2020001, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
open(0x0, 0x22240, 0x155)
socket(0xa, 0x3, 0x3b)
connect$auto(0x3, &(0x7f0000000380)=@generic={0xa, "ab06fdffff00fff5000000004000"}, 0x55)
mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x3, 0x6)
r1 = socket(0x2, 0x1, 0x0)
sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x4}, 0x800009}, 0x5, 0x20000000)
r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000300), r1)
sendmsg$auto_HWSIM_CMD_DEL_RADIO(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000004c0)={&(0x7f00000003c0)={0x14, r2, 0x4, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x8080)
r3 = inotify_init1$auto(0x200)
sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000000e00)={0x0, 0xffe9, &(0x7f0000000000)={&(0x7f0000000180)={0x28, r2, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@HWSIM_ATTR_CIPHER_SUPPORT={0x13, 0x18, "c286343b9e69a1509e3e2906366733"}]}, 0x28}, 0x1, 0x0, 0x0, 0x400488c8}, 0x4000800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x24004854}, 0x800)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000)
sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0)
sendmmsg$auto(0x3, 0x0, 0x200, 0x0)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001580)={'wlan1\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000002b00)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010028bd7000fcdbdf256a00000008000300", @ANYRES32=r4, @ANYBLOB="dbdd4573b1ac8d898d8a2428f46b75175c7ffd3909793a637f1e141ed966466fcc883024df60bab3cb25facbc2f988952d81e7b2d6c500a239fc1a1eaec5172baa8557c7bb4f17440884a82a5c7c4d3e0a0f454140a27606e3745bf2f888d677866db126aa17cea2bcf7a50495e8c05f904f9f35d3a8697b3d19e74e457de564a95802b4be2b85f87b74315cd0c3"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4004010)
sendmsg$auto_NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xc000}, 0xc, &(0x7f0000000100)={&(0x7f0000000540)={0x820, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@NL80211_ATTR_IE_PROBE_RESP={0x80a, 0x7f, "eb2698cb92b06a195e560db197363354bc5221969da79e18f2cb1a9956d222cee5487ad8958aa56baed6ddf7afbe25011960c018ac8c51f0ae0dadd5cbf196b2daeb80fb98d61c805109bd43756b3934ace4b8d69272e2ef6c389cf0d9158afb1f8b770a6078113c12db72b30b0ad6014f042589521d6f7dff0879d418cf995b7464038075fdc8457504914d1ef96b55cc43b3a5771686a6ed302a89dde731368a36c47ca23d49bcad2fa9d119b12c5082753d65f76e5d1e46547988a831f3768a14130c5322d015cdc19b4f15dd4de34da2f092bf97a3bf372b1f06edf809936e9de65943caa2e8366e13cc2e6cbce201ad5348a75dce8551622dd7e96e5f568b76919d13db6357897a76fcbf46c08fa81a533563d55f4f38da211056b5990b5d5cde603ab3dbff35ba80634164434753a5f29d9c580cada209d400a2c85266be66f00e71a644444c5f7539b646c25f86d1bcfffaa6cfd5a28472cacf3f130d8cb60df2cf79e4df223e715db0d97536df19a68e7199df5720e847b03172351cbd78920f3b9a7861414c4a43cf831ac334825dfd85aaa72cb1ad2f7299ec2cb613dcdfda1834fd510d1a0bd2f36c641781ed11cb3422c2c7b80fa3beb99c16eb351f223e8a80fe635d83e6360775784f36f733bc0352f06618ab4efd0f76254ae08f9c74c4bb38b16e804b70646e59a5b80dd013679a30aa2c5d1d2f9006edfaae210a0dd7a9609ec56105ce4492c3073fa8cde16a9b8be946d2c4d499fc7db3c3ffa89e5b284f3a078a06c77eac1db743775096b488b9ce8786c66fd33eebb218d903074e37fc195b26bde94594aa04d27617ef28743d81acd8e79fe46667ae851f9c4eb065c02e2cb03509010394d05fae4cab9a6d92d6aa3dd7c72fd3a75a7e59f13c1816058e2efee0f66e56734e7d7d913e9c8d8b276eef2116346636f4aeb47ef5d4a22bf9356ef0a4ddd221d89acbb2714cfa246a8aaa0ae4e87d6883a3f9f77143465ed4a22ac3afc88f9d65f05ba9755bf9fdfd6bd758ff06a1d1ecb33978a9b9cc98666baaf96cf77accf28e9335138b4a6225e1980a295896a5e4dc7d897250b057dddad62e37e0bc576f70eb87017c34c8a7f33eeaae0037084e1b52b421043ab158aae121d9b1e6e0ca56b4916736fee787652690f4bf883f8b5529d194605671ef3c9a52f5db9021ec5f6b21ab651dbd4d7b89fda658a4ea367b64142aca8ccbc7fb22d4a7e5a5f610c8d95400240fb4f8084ec08cbe9a0ef12d3e0e865e756dc8902ba0192b731afb0070f78e9525c4a79802fe83bfc1bc32b56e8c02e5e0d2d787e428d85df7c5bdc66bb4799ca478cd7da739c0e4f1dfae8ea8be82eb30d946a8fb07bbbe5db3479d4987690b229e7fbdeadbf421feac5bde836ae510d45b3f4ab61a27822064056e1037fe5361f849139a1d92592331e0ce6d6d4d48899c6f40ec6bfd95bcad27d1ed48be9513770fed7e95e8d3f7a88c8f922911817a98252bd975f22478863f454f0eb873f5a1c904f9df3150d731c059f32856236eaf5608b197f563192df898253d392f91019e4d5acae2fbc88bcf0e6979f955c5bc83af815841391cac29de48457ec656751299c0f76ea46258b90f7177b0297449bc830f153f38db5252697ed4c20f1744f44e579a7458162533d5037846c6913e20ce55ec441769c58fa9cc5db47623627eaf6e830d3fc4a54bdc62b965de5cd2a47db3b13ac379c23f5cdb5358f07e0684837fc3378e65b732a18e86a07f10b0cc7d9de04a4b954c2ad96fc207729bfcc92f6ccc4e8eb81513baed060ba07e5a2db7043ffb657afbccac81dfb9476cf327194ad1547bfe405020c95f8c04f3e71a3ab02d5e77705c98e73908850b7f7703fd83d87b93f5643a78bdf8c8840b5b0c73fd66d6ab1dcac0548f06b4a1859491ef12daf08b09fe0a7622988dea866edb757c92ab9f5337fbba956af52e1d6dafc2992f5878416ac87b92694ab977ae20f4bb9aa955842caf6ea1d8aeae10fbafe31404d5c77767a87c3b1335188007808fa04c76047903849ef7aedd6384dfbaa9cbfc44e8019f40f3bdf7284042ea5ea1841569b235d46e243062de749355dbf23e3f70d5d26bef7d6a61b1ce5d4696af2498efaaa961b7a3981d1bc544b849cf7c21a00b07c702986572a7e7457383ad574529465375db7e6f67a3b0184cd8d4f1c523ec45288a746a04cbea21b39b2321058fb12e45dd9aa8326aaea273a40415a54e5c24cc3a1c521e185a66bfc2ba17ab5a9cf8fbd34bafbc4c297d546fa79190bff9ddfd982ec2dc4f3d3df5d47e5a1070ac3930cff7bee12ea162965b5a0a6465a247dfc78ee4a6ec70c6439888378c53d0ff81b0178a4bdd3f5b40b31ad3edeb81864586a297f7fc1d5e6704607b0967eef57000ceb97442c6191f54db5a83483e8f4812ee17f004a320078f3b020d3560952b7e89393cbd7eb655841e99f2b9cb0beee3df9ce08c52be50d8eb087d774c2824d46e512c70c9125294ed4a98f106d0dc36bb1bdee3ad0464879ebbc13809d19770cef51ae9cb4ac423f2316584eeeb9f523e38d446ff83bdca8b862b889caf848465c8c2f44af0a5361be65893f56961e66c2149b27b5f6ff042e560f0e4a94ea5aade5a91b3572fee2e87663913b10bb5c051bb5ccb84aa0c74e68cf53af5a9a91a0d7c24bc30650f1e4faf8b6eed8a5199574ae521887cd10c8768dcd6ffe0c700966ab16ce8ca401b60b31f493539f96e0f52d0e99a67b4b180a998084b469916a84b9882b1ef56163a6b9471edffe62266475ec934f594d16d05229b768b03a7580d1e2111cfca286b5a8677cb5da710f383f5352dd74a40b842473df8ba5d85b74a8f9d4e6d33ecf0dd45efb3d0a00f818645f1d1"}]}, 0x820}, 0x1, 0x0, 0x0, 0x8004}, 0x80)
mmap$auto(0x0, 0x101, 0x7, 0xeb1, 0x3fd, 0x800007ffc)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
rmdir$auto(0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)

10m45.41755322s ago: executing program 2 (id=3177):
writev$auto(0x3, &(0x7f0000000000)={0x0, 0xd}, 0x1)
mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000)
io_uring_setup$auto(0xa, 0x0)
close_range$auto(0x2, 0xa, 0x0)
open(0x0, 0xa240, 0x15e)
msync$auto(0x0, 0x2000000005, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
r1 = io_uring_setup$auto(0x6, 0x0)
mmap$auto(0xfffffffffffffffd, 0x2020009, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8000)
io_uring_register$auto(r1, 0xd, 0x0, 0x6)
r2 = socket(0x2b, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a)
ppoll$auto(&(0x7f00000000c0)={r0, 0x0, 0x3}, 0xe3a, &(0x7f00000001c0)={0xbda9, 0x6}, &(0x7f0000000200)={0x2}, 0x8)
sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000)
setsockopt$auto(0x3, 0x8000000000000006, 0x22, 0x0, 0x7ffffc)
write$auto(0x3, 0x0, 0xfffffdef)
sendmsg$auto_NL80211_CMD_GET_SCAN(0xffffffffffffffff, 0x0, 0x80)
openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mprotect$auto(0x5, 0x8000000000000004, 0x1)
bpf$auto(0x9, &(0x7f0000000100)=@token_create={0x2}, 0x9)

10m45.024909338s ago: executing program 2 (id=3179):
prlimit64$auto(0x0, 0x7, &(0x7f0000000cc0)={0xfff, 0xf1c6}, 0x0)
r0 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/cmdline\x00', 0x0, 0x0)
ioctl$auto_KVM_GET_API_VERSION(r0, 0xae00, 0x0)
poll$auto(&(0x7f0000000f80)={r0, 0xa06}, 0x3fa, 0x20)

10m44.883081255s ago: executing program 2 (id=3181):
r0 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000200), 0x180, 0x0)
syncfs$auto(r0)
io_submit$auto(0x4, 0x10, &(0x7f0000000040)=&(0x7f0000000000)={0x0, 0xffff0001, 0xe9a6, 0x3, 0x7ff, 0xffffffffffffffff, 0x9b35, 0x0, 0x7fff, 0x0, 0x5, <r1=>0xffffffffffffffff})
r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r3 = socket(0x2, 0x1, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket(0x2, 0x80002, 0x73)
socket(0xa, 0x1, 0x84)
recvfrom$auto(r4, 0x0, 0x0, 0xb, 0x0, 0x0)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback=0xac1414aa}, 0x54)
openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
read$auto(0x3, 0x0, 0x8080)
write$auto(0x3, 0x0, 0xfdef)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2600, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, 0x0, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x140, 0x0)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x848000000015, 0x805, 0x0)
mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000)
io_uring_setup$auto(0x1, 0x0)
bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6b)
sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x0)
shmctl$auto(0x0, 0xb, 0x0)
open_by_handle_at$auto(r3, &(0x7f0000000000)={0x0, 0xfffffffd}, 0x5)
sendmsg$auto_NL80211_CMD_DISCONNECT(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="02001000", @ANYRES16=r2, @ANYBLOB="080028bd7000fedbdf25300000000600960000e0000004004701"], 0x20}, 0x1, 0x0, 0x0, 0x14000000}, 0x84)

10m43.634094652s ago: executing program 2 (id=3183):
setresuid$auto(0xffffffffffffffff, 0x8, 0x8000)
tkill$auto(0x80000000000001, 0x7)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
swapoff$auto(&(0x7f00000000c0)='/sys/kernel/debug/tracing/printk_formats\x00')
statmount$auto(&(0x7f0000000000)={0x7e, @raw, 0x80000028, 0xd14, 0x2}, 0x0, 0x7ffffffff000, 0x0)
r0 = socket(0xa, 0x5, 0x0)
write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f00000002c0)="251ed3447ca0f71ebce2b29b762646ad6cdd080a326d5f7c13325a1d12f238dee74d7806e213e4ed381493ca48672b06240403bd6d4da78859fb774f23200af130fba555f8e3195115117f6cc4266a4b6aead8dbf14a850d0ab322ec9c45f00e7a6a5735a461eb5a6619d873676cc4818fb08a50f598310431311d23d9bfd0d1cf867a4cbd166ae05ea0839b5c353b99f97e04916ea0243e3ca29f7748356bf2b4465d9fd35812fc9121a98e03b3fe95bfb33fd8894d7cfa67fbd3f7bd1d5cd7d1", 0xc1)
getsockopt$auto(r0, 0x40000082, 0x2, 0x0, 0x0)
socket(0xa, 0x3, 0x87)
mmap$auto(0xffffffffffffffff, 0x400008, 0xdf, 0x9b72, 0x2, 0xbb66)
mlockall$auto(0x7)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
mremap$auto(0x0, 0x2, 0x3fd6, 0x0, 0x7fffffffb000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mlockall$auto(0x7)
inotify_rm_watch$auto(0xffffffffffffffff, 0x84e4)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0)
r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/mtd/mtd0/mtdblock0/capability\x00', 0x103400, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001c00)=""/4111, 0x100f)
modify_ldt$auto(0x1, 0x0, 0x10)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x17)
madvise$auto(0x0, 0x1010001, 0x100000003)
madvise$auto(0x0, 0x5, 0x7)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0xa00, 0x0)
setgroups$auto(0xe32, &(0x7f0000000040)=0x9)
mprotect$auto(0x2, 0x7fffffffffffffff, 0x2000000040)
uname$auto(&(0x7f0000000280)={"017a23d49d4e4f89b7bb66d0528142ad4998ea9c70c06d0408e91b30b0b0d300722823e67e78003cff84dfc2528569e4ca4367c6216df84c3958d96ed2c499caff", "1e2157148e99091f121521269985a6a599863e135818f2ccc77a864d50fd1b2447c13d33dfb37033d53d69c4ff062abf19efab53fd75a00d4af7dbdef66e913103", "1fa81ccc6ffd05b516bdc4046cdfee68955b5ae48f8a322b6a0e4d8233d9491029f04050fca8a76d8b02739e3347e73f0f398e219952ca06e6c78655a70e097917", "0749ebba3d6f1ed9c077eeeb6deae36535af268af804ea0614e6c5ef0445f6fb05bec835636e440d94396dbeef246ceff774a1af2e8884df1be20351da9874f6fa", "4fbb5ffd975d9cf0800c3bf9046b1351f7371fcaea1fac30b4de0ac23b4d950cba906c482378f4337fe941454b8dbd36e51d285c95a92a20bec5a9907616fad85e", "d802740973602ea52b49799bc04ddb3c4e8995a5f9bd70c8c718fc2ebd000048dd1195b4ac34305e0d8651eee2435736984e421114030659dddec147e0e6ee00"})
ppoll$auto(0x0, 0x9, 0x0, 0x0, 0x8)
madvise$auto(0x0, 0x200007, 0x19)

10m43.109272589s ago: executing program 2 (id=3188):
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x6, 0x0)
shutdown$auto(0x200000003, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, 0x0, 0x54)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
settimeofday$auto(0x0, 0x0)
socket(0x10, 0x2, 0x0)
setsockopt$auto(0x3, 0x6, 0x4, 0x0, 0xfb3)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4$auto(r0, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
migrate_pages$auto(0xffffffffffffffff, 0x8, 0x0, 0x0)

10m42.752172219s ago: executing program 34 (id=3188):
rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
socket(0x2, 0x6, 0x0)
shutdown$auto(0x200000003, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x1, 0x84)
bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a)
connect$auto(0x3, 0x0, 0x54)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7)
settimeofday$auto(0x0, 0x0)
socket(0x10, 0x2, 0x0)
setsockopt$auto(0x3, 0x6, 0x4, 0x0, 0xfb3)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4$auto(r0, 0x0, 0x2, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
migrate_pages$auto(0xffffffffffffffff, 0x8, 0x0, 0x0)

4m31.172892497s ago: executing program 4 (id=5038):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x108881, 0x0)
write$auto(r0, &(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x01\xff\x00', 0x20)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000000000)=0x22)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x1, 0x0)
socket(0x28, 0x3, 0x10001)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2438d4cb2de063a3e5dcd4c26ee78d80042d81c37dd38221d4b71dbf365dce3d05bb18cbce0434ca5e8e47625d78635aad429f562712ec3f3d7159eed41db4a183bcf6c4d2a7027f0516a3e65afde6bbe0d0a364f3de6308fdc4ee20eae92fbee719e8d22f2d406e2962d8f5c0d5101308c6e84c356c7a112d5d01b9d22b7b13880100000061cba05cda6a3138c62a", @ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf2521000000"], 0x14}}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r2 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r3 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)
read$auto(r3, 0x0, 0x1)
write$auto_proc_clear_refs_operations_internal(r2, 0x0, 0xffffff4b)
write$auto(0x3, 0x0, 0xfffffdef)
r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x2, 0x1, 0x3, 0x300000000000000, 0x7ffffffe, 0x5, 0x6d3c, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
open$auto(&(0x7f0000000200)='./file0\x00', 0x49193, 0xff90)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r5 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r5, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)

4m29.718354284s ago: executing program 4 (id=5045):
mmap$auto(0xfffffffffffffffc, 0x4, 0x10000000400e1, 0xeb2, 0x401, 0x8000000088000)
io_uring_setup$auto(0x3, 0x0)
r0 = socket(0x11, 0x80003, 0x300)
futex$auto(0x0, 0x5fc, 0x5, 0x0, 0x0, 0x80000001)
setsockopt$auto(r0, 0x107, 0x12, 0x0, 0x4)
r1 = socket(0x11, 0x3, 0x31e)
capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48})
sendmmsg$auto(r1, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)='L', 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100)

4m29.501741774s ago: executing program 4 (id=5047):
openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video61\x00', 0x8a240, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'tunl0\x00'})
socketpair$auto(0x8, 0xfffffffb, 0x8, &(0x7f0000000140)=0x4)
set_mempolicy$auto(0x805, &(0x7f0000000080)=0x81, 0x4)
set_mempolicy$auto(0x3, 0x0, 0x9)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003e00), 0xffffffffffffffff)
sendmsg$auto_NETDEV_CMD_NAPI_GET2(r0, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="09032bbd7000fedbdf250b00000008000100", @ANYBLOB="13b3de1aad7f255d824f4499648fb53941037734b65ba0adfad013b17672ab26d770", @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

4m29.290080575s ago: executing program 4 (id=5057):
statmount$auto(0x0, 0x0, 0x1fe, 0x81)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000)
write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, 0x0, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
mbind$auto(0x8000, 0xfa9d, 0x2, &(0x7f0000000280)=0x20000000000000fb, 0x3, 0x1)
set_mempolicy_home_node$auto(0x0, 0x2010001, 0x10010200000000, 0x0)

4m28.545176493s ago: executing program 4 (id=5053):
socket(0x1d, 0x2, 0x6)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
socket(0x2, 0x2, 0x1)
io_uring_setup$auto(0x6, 0x0) (async)
io_uring_setup$auto(0x6, 0x0)
io_uring_setup$auto(0x6, 0x0)
socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0)
io_uring_setup$auto(0x2, 0x0)
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/net/bond0/queues/tx-8/xps_rxqs\x00', 0xb600, 0x0) (async)
r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/devices/virtual/net/bond0/queues/tx-8/xps_rxqs\x00', 0xb600, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/228, 0xe4)
socket$nl_generic(0x10, 0x3, 0x10)
openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec20\x00', 0x1, 0x0) (async)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cec20\x00', 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r4=>0x0})
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) (async)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
ioctl$auto_CEC_ADAP_S_PHYS_ADDR(r1, 0x40026102, 0x0) (async)
ioctl$auto_CEC_ADAP_S_PHYS_ADDR(r1, 0x40026102, 0x0)
close_range$auto(0x2, 0xa, 0x0)
openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x121002, 0x0)
unshare$auto(0x40000080) (async)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) (async)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000)
io_uring_setup$auto(0x6, 0x0) (async)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
sysfs$auto(0x2, 0x0, 0x0)
epoll_create$auto(0x4)
epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) (async)
epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0)
fcntl$auto(0x0, 0x407, 0x100000) (async)
fcntl$auto(0x0, 0x407, 0x100000)
openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0)
openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, 0x0, 0x600000, 0x0)

4m26.98064441s ago: executing program 4 (id=5061):
getgid()
mmap$auto(0x0, 0x8, 0xdf, 0x78dffcb9, 0xffffffffffffffff, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x7, 0x80020005, 0x100, 0xfffffffffffffffd, 0x401, 0x5)
keyctl$auto(0x80400001, 0x0, 0x0, 0x0, 0x0)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
read$auto(0x4, 0x0, 0xfdef)
mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x105, 0x7ffffffc, 0x0, 0xeb1, r0, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(0xc0, &(0x7f0000000000)={{0x0, 0x22, 0x0, 0xa, 0x0, 0x989, 0x4}, 0x3}, 0x9ae, 0x1)
io_uring_setup$auto(0x3ff, 0x0)
socket(0x15, 0x3, 0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
vmsplice$auto(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000240)="0f6c0b62238863e8e5362c201e281498645ce3eae6a826b5bcc984917b0b29a9e3927ee691689203efa3eab1081e47847711cbc402c7ec8efe04a95be90d6942ce274e901c5804bd2fb420332f63c4b9e1eebe9fa9454dfd1c8f6ab7019585693888469fee1789b36f6a54b69b5015235e1e40c8b62e76a865be74594135c2e3243ea45393120045769e96b05078", 0x6}, 0x40, 0xffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0xb, 0x800, 0x6)
bpf$auto(0x0, &(0x7f0000000300)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_prog_fd=r1}, 0xa3)
socket(0x8, 0x1, 0x1)
mkdir$auto(&(0x7f0000000000)='}[,&*}\x00', 0xa001)

4m11.951114018s ago: executing program 35 (id=5061):
getgid()
mmap$auto(0x0, 0x8, 0xdf, 0x78dffcb9, 0xffffffffffffffff, 0x0)
socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0)
mmap$auto(0x7, 0x80020005, 0x100, 0xfffffffffffffffd, 0x401, 0x5)
keyctl$auto(0x80400001, 0x0, 0x0, 0x0, 0x0)
connect$auto(0x4, 0x0, 0x10)
sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0)
read$auto(0x4, 0x0, 0xfdef)
mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
mmap$auto(0x105, 0x7ffffffc, 0x0, 0xeb1, r0, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$auto(0xc0, &(0x7f0000000000)={{0x0, 0x22, 0x0, 0xa, 0x0, 0x989, 0x4}, 0x3}, 0x9ae, 0x1)
io_uring_setup$auto(0x3ff, 0x0)
socket(0x15, 0x3, 0x9)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
vmsplice$auto(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000240)="0f6c0b62238863e8e5362c201e281498645ce3eae6a826b5bcc984917b0b29a9e3927ee691689203efa3eab1081e47847711cbc402c7ec8efe04a95be90d6942ce274e901c5804bd2fb420332f63c4b9e1eebe9fa9454dfd1c8f6ab7019585693888469fee1789b36f6a54b69b5015235e1e40c8b62e76a865be74594135c2e3243ea45393120045769e96b05078", 0x6}, 0x40, 0xffff)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0xb, 0x800, 0x6)
bpf$auto(0x0, &(0x7f0000000300)=@link_update={r2, @new_prog_fd=0x4, 0x4, @old_prog_fd=r1}, 0xa3)
socket(0x8, 0x1, 0x1)
mkdir$auto(&(0x7f0000000000)='}[,&*}\x00', 0xa001)

8.664541554s ago: executing program 7 (id=6134):
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)

8.403369123s ago: executing program 7 (id=6135):
openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f0000000540)='/sys/kernel/debug/ieee80211/phy4/netdev:wlan1/stations/08:02:11:00:00:00/rc_stats_csv\x00', 0x0, 0x0) (fail_nth: 3)

7.632493995s ago: executing program 7 (id=6138):
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0xc2a003, 0x1ea)
mknodat$auto(r0, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
r2 = io_uring_setup$auto(0xc, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x403c6f2b, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8)
close_range$auto(r2, 0xffffffffffffffff, 0x0)
renameat2$auto(r0, &(0x7f0000000200)='./file0\x00', r0, &(0x7f0000000240)='./file1\x00', 0x1)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0xfd)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
r3 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fb0\x00', 0x20401, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kallsyms\x00', 0x541d02, 0x0)
write$auto_msr_fops_msr(r2, &(0x7f0000000080)="18bf343d68e455128e3dec09884ef59e31397e0a1d8d9381fc4d21d3c0bfa3828b00c5beec0015c797128b8063e61992fd89315726c56960c7c2d4bbce00c8d1b37aa2dc79956f3e56c37ef71761b1b22af3eedf22303f95b5bebc1c6068ce5d7a504cb961c1ac5442a1b3591e6b64366a85b0563d74160cbc2e47e46a0834f0643ba07e1ab5e8cdd757c01aa31c6c4870587ebbcadefe8e665ea45b143204", 0x9f)
pread64$auto(r3, 0x0, 0x100000000008, 0x8)
ioctl$auto(0x3, 0xc0105512, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x4601, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mmap$auto(0x40, 0x400009, 0xb, 0x9b70, 0x2, 0x8000)
madvise$auto(0x1, 0xce, 0x3)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001500)='/sys/kernel/irq/5/actions\x00', 0x22040, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000180)=""/109, 0x6d)
clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
mknodat$auto(r4, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
ioctl$auto_SW_SYNC_GET_DEADLINE(0xffffffffffffffff, 0xc0105702, &(0x7f0000000000)={0xb099, 0x0, r4})

7.12361824s ago: executing program 7 (id=6139):
mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000)
sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4008810}, 0x2000c041)
r0 = socket(0x2a, 0x1, 0x0)
bind$auto(0x3, &(0x7f0000000080), 0x6b)
recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd)
fcntl$auto(0xffffffffffffffff, 0x401, 0x5)
write$auto(0x3, 0x0, 0xfffffdef)
unshare$auto(0x40000080)
socket(0xa, 0x3, 0x3a)
epoll_wait$auto(r0, 0x0, 0x7ff, 0x6)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
socket(0xa, 0x801, 0x106)
setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567)

5.52693381s ago: executing program 6 (id=6141):
mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000)
r0 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
r1 = inotify_init1$auto(0x8)
mmap$auto(0x0, 0x2, 0x4200000000df, 0x4000000000040eb2, r1, 0x300040000000)
sendmsg$auto_NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, 0x0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NL80211_ATTR_MESH_ID={0x23, 0x18, "ff7f52bc0276b89d7323e29ece9c058cc7e6cf8530aab0b6cdeb39445badd5"}, @NL80211_ATTR_RECEIVE_MULTICAST={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40011}, 0x0)
ioctl$auto_UBI_IOCDET(r0, 0x40046f41, 0x0)

4.707730448s ago: executing program 6 (id=6142):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000000)={0x30, 0x0, 0x21, 0x70bd26, 0x25dfdbfa, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x7fffffff}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x841}, 0x80)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/tracing_on\x00', 0x40001, 0x0)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x936, 0x0, 0x50b301a, 0x2c, 0x2c, 0x0, 0xcde})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/pci_bus/0000:00/cpuaffinity\x00', 0x20800, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c00", @ANYBLOB='j\x00%i'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c004}, 0x40080c0)

4.41806501s ago: executing program 6 (id=6143):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22)
utimensat$auto(r0, &(0x7f0000001c80)='\x00', &(0x7f0000001cc0)={0x23, 0x3ffffffc}, 0x1000)
timer_create$auto(0x80000009, 0x0, 0x0)
mmap$auto(0xfffffffffffffffd, 0x401, 0x2, 0x19, 0xfffffffffffffffa, 0x8000)
r1 = io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x82, 0x0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.4/usb5/descriptors\x00', 0x18b940, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x262400, 0xb5d1af1605322c72)
syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/203, 0xcb)
io_getevents$auto(0x1, 0x401, 0x0, 0x0, &(0x7f00000000c0)={0x1, 0x6})
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x8002, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0)
read$auto_snd_rawmidi_f_ops_rawmidi(r1, &(0x7f0000000080)=""/45, 0x2d)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x80180, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x500, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r5 = fsopen$auto(&(0x7f0000000000)='\x00', 0x100400)
read$auto_snd_rawmidi_f_ops_rawmidi(r1, &(0x7f00000002c0)=""/231, 0xe7)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r5)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYRES16=r6, @ANYBLOB="010027bd7000f8dbdf257e000c000800000008000c00060000006da31a365ad564ce6c38a71a1dd0218f4fdf7c67c670aea502edd873fe85d94f1c1014e303a3c5c73ec01511c2ad191af5e127a8029367ab8551a066153c0589d8ff289403d87f54b4834eec"], 0x2c}}, 0x4008000)
unshare$auto(0x40000080)

4.358814164s ago: executing program 5 (id=6144):
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)

4.1645636s ago: executing program 5 (id=6146):
r0 = prctl$auto(0x7, 0x10001, 0xffffffffffffffff, 0x6, 0x9)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_COLOR_CHANGE_ELEMS={0x14, 0x131, 0x0, 0x1, [@NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x9bd}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0x3}]}, @NL80211_ATTR_CONTROL_PORT={0x4}]}, 0x2c}}, 0x0)
r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sysfs$auto(0x2, 0x43, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fsopen$auto(0x0, 0x1)
fsconfig$auto(r3, 0x2, &(0x7f0000000080)='+\x00\xc04\x95\x96XD\x11T\x11\xac@\xb9\'\xa8\x99\xf6\x99\xad\xa2w\xd55\xea|-&\v\xa9\xc5\xb1\xc6\n\xb0{\xe8', &(0x7f0000000100), 0xee01)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000)
capset$auto(&(0x7f0000000180)={0x497, <r4=>0x0}, &(0x7f00000001c0)={0x487d, 0x28, 0x2})
rt_sigqueueinfo$auto(r4, 0x800, &(0x7f0000000200)={@_si_pad})
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyprintk\x00', 0x82a80, 0x0)
ioctl$auto_TIOCSTI2(r5, 0x5412, 0x0)
getdents$auto(r0, &(0x7f0000000280)={0x4, 0x10000, 0x5, "aa544e6fa810233b0aa334846482f382d65d211edd0d0c8354898e3a61e8d6670fa9e2535aa49892600265ce440af06e45196dfe94cdf13e525a6334b21849357b5ebda6cb7bdc626a4b49eeedddd49b979d68dbf6fc290f59390253d5ee3d617195ae9f3240fcf2773a390811e12fc95c72e1888b3d7b13731289d1f30acaf0e7ee31cda3430f6dc343c23f3fc96f03e270de98f23c569555546d0787209728f78afbd615dd3cba"}, 0xa2f5)
ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop5/queue/discard_max_bytes\x00', 0x2, 0x0)
sendfile$auto(r6, r6, 0x0, 0x3)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0)

3.813721524s ago: executing program 7 (id=6147):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22)
utimensat$auto(r0, &(0x7f0000001c80)='\x00', &(0x7f0000001cc0)={0x23, 0x3ffffffc}, 0x1000)
timer_create$auto(0x80000009, 0x0, 0x0)
mmap$auto(0xfffffffffffffffd, 0x401, 0x2, 0x19, 0xfffffffffffffffa, 0x8000)
r1 = io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x82, 0x0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.4/usb5/descriptors\x00', 0x18b940, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x262400, 0xb5d1af1605322c72)
syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/203, 0xcb)
io_getevents$auto(0x1, 0x401, 0x0, 0x0, &(0x7f00000000c0)={0x1, 0x6})
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x8002, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0)
read$auto_snd_rawmidi_f_ops_rawmidi(r1, &(0x7f0000000080)=""/45, 0x2d)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x80180, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x500, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r5 = fsopen$auto(&(0x7f0000000000)='\x00', 0x100400)
read$auto_snd_rawmidi_f_ops_rawmidi(r1, &(0x7f00000002c0)=""/231, 0xe7)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r5)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010027bd7000f8dbdf257e000c000800000008000c00060000006da31a365ad564ce6c38a71a1dd0218f4fdf7c67c670aea502edd873fe85d94f1c1014e303a3c5c73ec01511c2ad191af5e127a8029367ab8551a066153c0589d8ff289403d8"], 0x2c}}, 0x4008000)
unshare$auto(0x40000080)

3.775020827s ago: executing program 6 (id=6148):
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$auto(0x0, 0x0, 0x6f4)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
init_module$auto(0x0, 0xffff9, 0x0)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x0, 0x8000000000000000, 0x15)
madvise$auto(0x0, 0x2000000080000001, 0x3)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0x2, 0x8, 0x0)
socket(0x11ebf3d8a6b518c5, 0x800, 0x1008001)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x2, 0x5, 0x0)
mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000)
setsockopt$auto(0x3, 0x10000000084, 0x4, 0x0, 0x8)
r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000140), 0x20080, 0x0)
readv$auto(r1, &(0x7f0000000080)={0x0, 0x14000000000}, 0x3)
openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/exec\x00', 0x478d03, 0x0)
mmap$auto(0x80, 0x4000b, 0x4, 0x9b72, r0, 0x28000)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
socket(0x10, 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000)
madvise$auto(0x0, 0xffffffffffff0005, 0x19)
madvise$auto(0x7fff, 0xffffff7fffff0007, 0x8)
mmap$auto(0x800000007, 0x4008, 0xd, 0x18, r1, 0x4)
openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x8cc002, 0x0)
readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1)
mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x3, 0x0, 0x14)
msync$auto(0x0, 0x2000000005, 0x6)

3.655230459s ago: executing program 3 (id=6149):
mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0xc2a003, 0x1ea)
mknodat$auto(r0, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0)
r2 = io_uring_setup$auto(0xc, 0x0)
ioctl$auto_dvb_demux_fops_dmxdev(r1, 0x403c6f2b, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8)
close_range$auto(r2, 0xffffffffffffffff, 0x0)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000)
close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0xfd)
sendmmsg$auto(0x3, 0x0, 0x3, 0x0)
r3 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fb0\x00', 0x20401, 0x0)
openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kallsyms\x00', 0x541d02, 0x0)
write$auto_msr_fops_msr(r2, &(0x7f0000000080)="18bf343d68e455128e3dec09884ef59e31397e0a1d8d9381fc4d21d3c0bfa3828b00c5beec0015c797128b8063e61992fd89315726c56960c7c2d4bbce00c8d1b37aa2dc79956f3e56c37ef71761b1b22af3eedf22303f95b5bebc1c6068ce5d7a504cb961c1ac5442a1b3591e6b64366a85b0563d74160cbc2e47e46a0834f0643ba07e1ab5e8cdd757c01aa31c6c4870587ebbcadefe8e665ea45b143204", 0x9f)
pread64$auto(r3, 0x0, 0x100000000008, 0x8)
ioctl$auto(0x3, 0xc0105512, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x4601, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70)
mmap$auto(0x40, 0x400009, 0xb, 0x9b70, 0x2, 0x8000)
madvise$auto(0x1, 0xce, 0x3)
mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000)
r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001500)='/sys/kernel/irq/5/actions\x00', 0x22040, 0x0)
read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000180)=""/109, 0x6d)
clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000)
mknodat$auto(r4, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8)
ioctl$auto_SW_SYNC_GET_DEADLINE(0xffffffffffffffff, 0xc0105702, &(0x7f0000000000)={0xb099, 0x0, r4})

3.61582265s ago: executing program 5 (id=6150):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x108881, 0x0)
write$auto(r0, &(0x7f0000000180)='\x00\x00\x00\x00\x00\x00\x01\xff\x00', 0x20)
r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000000000)=0x22)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x1, 0x0)
socket(0x28, 0x3, 0x10001)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2438d4cb2de063a3e5dcd4c26ee78d80042d81c37dd38221d4b71dbf365dce3d05bb18cbce0434ca5e8e47625d78635aad429f562712ec3f3d7159eed41db4a183bcf6c4d2a7027f0516a3e65afde6bbe0d0a364f3de6308fdc4ee20eae92fbee719e8d22f2d406e2962d8f5c0d5101308c6e84c356c7a112d5d01b9d22b7b13880100000061cba05cda6a3138c62a", @ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf2521000000"], 0x14}}, 0x4000000)
r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x2, 0x1, 0x3, 0x300000000000000, 0x7ffffffe, 0x5, 0x6d3c, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
open$auto(&(0x7f0000000200)='./file0\x00', 0x49193, 0xff90)
mmap$auto(0xf0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r4, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYRESOCT, @ANYRES16=0x0, @ANYRESHEX=r2, @ANYBLOB="f6b22bba88ca377c6f72f93b44bc18c57ca71a77277fec2b2cc3d831e67785a6e28aaf1a36b452418382378cd407449892265433e62d71197685bcf555781402be9f031ae7037278056593424def863e0b03a9c907c0cbd0c7931b8f20aa80f2591e3d4e1393e9cd24b072476a686005665056abb3383b8f62cd67aff1ec55c190e70258ba50971006131d6448f8a6d988538193cd53ba8afb19b6b900e4e6cbfec1029ab37b26167bc7ba2a09a3c1961a9ce50d46d83d24798772e05973a6c8b5224f14e65704bf1ac59e56ec4032fd927a6d30", @ANYRES64=r1], 0x14}, 0x1, 0x0, 0x0, 0x4885}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)

3.203705426s ago: executing program 3 (id=6151):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000000)={0x30, 0x0, 0x21, 0x70bd26, 0x25dfdbfa, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x7fffffff}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x841}, 0x80)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/tracing_on\x00', 0x40001, 0x0)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x936, 0x0, 0x50b301a, 0x2c, 0x2c, 0x0, 0xcde})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/pci_bus/0000:00/cpuaffinity\x00', 0x20800, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c00", @ANYBLOB='j\x00%i'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c004}, 0x40080c0)

2.811441985s ago: executing program 3 (id=6152):
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r0 = socket(0x10, 0x2, 0x0)
statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0xd, 0x4909b6f8, 0x1ffdf, 0x7, 0x200003, 0x9, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x4, 0x200, 0x0, 0x84, [0x0, 0x0, 0x3, 0x50100000000000, 0x0, 0x2000, 0x0, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x0, 0x0, 0x36, 0x0, 0xffffffffffffbfff, 0xfffffffffffffffd, 0x1, 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x2000000000000000, 0x0, 0x0, 0x400000000005b8, 0xc, 0x0, 0x0, 0x0, 0x6, 0xffffffffffffffff, 0x88e, 0x8000000000008, 0xfffffffffffffffc, 0x8000000000000000, 0xa38, 0x0, 0x3, 0xfffffffffffffffa, 0x8, 0x4000000000, 0x7]}, 0x1fe, 0xd)
sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000)
mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000)
prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004)
madvise$auto(0x0, 0xffffffffffff0001, 0x15)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000)
mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001)
sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008)
memfd_create$auto(&(0x7f0000000000)='^[#@-\x00', 0x3)
fcntl$auto(0xff80000000000000, 0x409, 0x13)
mmap$auto(0x7ffffdfde000, 0x2020006, 0x9, 0x11, 0x8000000000000000, 0x8000)
socket(0x10, 0x2, 0x0)
socket(0xa, 0x2, 0x0)
setsockopt$auto(0x4, 0x88, 0xb, &(0x7f0000000000)='!/*:(*\'\x00', 0xe)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$auto_hsr(&(0x7f0000001540), 0xffffffffffffffff)
sendmsg$auto_HSR_C_GET_NODE_STATUS(r2, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f00000015c0)={0x28, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@HSR_A_IFINDEX={0x8}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)

2.680229342s ago: executing program 5 (id=6153):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x108881, 0x0)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000007480)='/dev/cec12\x00', 0x400, 0x0)
ioctl$auto_CEC_S_MODE(r0, 0x40046109, &(0x7f0000000000)=0x22)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x1, 0x0)
socket(0x28, 0x3, 0x10001)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2438d4cb2de063a3e5dcd4c26ee78d80042d81c37dd38221d4b71dbf365dce3d05bb18cbce0434ca5e8e47625d78635aad429f562712ec3f3d7159eed41db4a183bcf6c4d2a7027f0516a3e65afde6bbe0d0a364f3de6308fdc4ee20eae92fbee719e8d22f2d406e2962d8f5c0d5101308c6e84c356c7a112d5d01b9d22b7b13880100000061cba05cda6a3138c62a", @ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf2521000000"], 0x14}}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)
read$auto(r2, 0x0, 0x1)
write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b)
write$auto(0x3, 0x0, 0xfffffdef)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x2, 0x1, 0x3, 0x300000000000000, 0x7ffffffe, 0x5, 0x6d3c, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r4, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)

2.459978889s ago: executing program 7 (id=6154):
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x108881, 0x0)
mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd)
close_range$auto(0x2, 0x8, 0x0)
mbind$auto(0x9, 0x84, 0x4, &(0x7f0000000000), 0x80000000, 0x7f)
mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x7fffffff)
socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0)
openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/ns/cgroup\x00', 0x4, 0x0)
mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000)
rseq$auto(0x0, 0x8000, 0x0, 0x6)
socket(0xa, 0x2, 0x0)
connect$auto(0x3, 0x0, 0x51)
recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0)
bpf$auto(0x0, 0x0, 0xfbf)
shutdown$auto(0x200000003, 0x2)
sendmsg$auto_NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, 0x0, 0x20048800)
select$auto(0x1000009, 0x0, 0x0, 0x0, 0x0)
unshare$auto(0x40000080)
r0 = socket(0xa, 0x2, 0x3a)
setsockopt$auto(r0, 0x29, 0x3b, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2a, 0x2, 0x0)
recvmmsg$auto(0x3, 0x0, 0x687bcbd, 0x8, 0x0)

1.356001989s ago: executing program 3 (id=6155):
r0 = socket(0x10, 0x2, 0xc)
sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000804}, 0x4000000)

893.232955ms ago: executing program 3 (id=6156):
r0 = prctl$auto(0x7, 0x10001, 0xffffffffffffffff, 0x6, 0x9)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_COLOR_CHANGE_ELEMS={0x14, 0x131, 0x0, 0x1, [@NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x9bd}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0x3}]}, @NL80211_ATTR_CONTROL_PORT={0x4}]}, 0x2c}}, 0x0)
r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sysfs$auto(0x2, 0x43, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fsopen$auto(0x0, 0x1)
fsconfig$auto(r3, 0x2, &(0x7f0000000080)='+\x00\xc04\x95\x96XD\x11T\x11\xac@\xb9\'\xa8\x99\xf6\x99\xad\xa2w\xd55\xea|-&\v\xa9\xc5\xb1\xc6\n\xb0{\xe8', &(0x7f0000000100), 0xee01)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000)
capset$auto(&(0x7f0000000180)={0x497, <r4=>0x0}, &(0x7f00000001c0)={0x487d, 0x28, 0x2})
rt_sigqueueinfo$auto(r4, 0x800, &(0x7f0000000200)={@_si_pad})
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyprintk\x00', 0x82a80, 0x0)
ioctl$auto_TIOCSTI2(r5, 0x5412, 0x0)
getdents$auto(r0, &(0x7f0000000280)={0x4, 0x10000, 0x5, "aa544e6fa810233b0aa334846482f382d65d211edd0d0c8354898e3a61e8d6670fa9e2535aa49892600265ce440af06e45196dfe94cdf13e525a6334b21849357b5ebda6cb7bdc626a4b49eeedddd49b979d68dbf6fc290f59390253d5ee3d617195ae9f3240fcf2773a390811e12fc9"}, 0xa2f5)
ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop5/queue/discard_max_bytes\x00', 0x2, 0x0)
sendfile$auto(r6, r6, 0x0, 0x3)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0)

884.938132ms ago: executing program 6 (id=6157):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22)
utimensat$auto(r0, &(0x7f0000001c80)='\x00', &(0x7f0000001cc0)={0x23, 0x3ffffffc}, 0x1000)
timer_create$auto(0x80000009, 0x0, 0x0)
mmap$auto(0xfffffffffffffffd, 0x401, 0x2, 0x19, 0xfffffffffffffffa, 0x8000)
r1 = io_uring_setup$auto(0x6, 0x0)
getsockopt$auto(0xffffffffffffffff, 0x84, 0x82, 0x0, 0x0)
r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.4/usb5/descriptors\x00', 0x18b940, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
madvise$auto(0x0, 0x7fffffffffffffff, 0xa)
r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x262400, 0xb5d1af1605322c72)
syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58)
read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/203, 0xcb)
io_getevents$auto(0x1, 0x401, 0x0, 0x0, &(0x7f00000000c0)={0x1, 0x6})
syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x8002, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0)
mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0)
read$auto_snd_rawmidi_f_ops_rawmidi(r1, &(0x7f0000000080)=""/45, 0x2d)
openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x80180, 0x0)
close_range$auto(0x2, 0x8, 0x0)
openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x500, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0xc800)
r5 = fsopen$auto(&(0x7f0000000000)='\x00', 0x100400)
read$auto_snd_rawmidi_f_ops_rawmidi(r1, &(0x7f00000002c0)=""/231, 0xe7)
r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), r5)
sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYRES16=r6, @ANYBLOB="010027bd7000f8dbdf257e000c000800000008000c00060000006da31a365ad564ce6c38a71a1dd0218f4fdf7c67c670aea502edd873fe85d94f1c1014e303a3c5c73ec01511c2ad191af5e127a8029367ab8551a066153c0589d8ff289403d87f54b4834eec"], 0x2c}}, 0x4008000)
unshare$auto(0x40000080)

872.95831ms ago: executing program 5 (id=6158):
r0 = prctl$auto(0x7, 0x10001, 0xffffffffffffffff, 0x6, 0x9)
r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x10, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_COLOR_CHANGE_ELEMS={0x14, 0x131, 0x0, 0x1, [@NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x9bd}, @NL80211_ATTR_MGMT_SUBTYPE={0x5, 0x29, 0x3}]}, @NL80211_ATTR_CONTROL_PORT={0x4}]}, 0x2c}}, 0x0)
r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0)
mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sysfs$auto(0x2, 0x43, 0x0)
close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002)
fsopen$auto(0x0, 0x1)
fsconfig$auto(r3, 0x2, &(0x7f0000000080)='+\x00\xc04\x95\x96XD\x11T\x11\xac@\xb9\'\xa8\x99\xf6\x99\xad\xa2w\xd55\xea|-&\v\xa9\xc5\xb1\xc6\n\xb0{\xe8', &(0x7f0000000100), 0xee01)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000)
capset$auto(&(0x7f0000000180)={0x497, <r4=>0x0}, &(0x7f00000001c0)={0x487d, 0x28, 0x2})
rt_sigqueueinfo$auto(r4, 0x800, &(0x7f0000000200)={@_si_pad})
r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyprintk\x00', 0x82a80, 0x0)
ioctl$auto_TIOCSTI2(r5, 0x5412, 0x0)
getdents$auto(r0, &(0x7f0000000280)={0x4, 0x10000, 0x5, "aa544e6fa810233b0aa334846482f382d65d211edd0d0c8354898e3a61e8d6670fa9e2535aa49892600265ce440af06e45196dfe94cdf13e525a6334b21849357b5ebda6cb7bdc626a4b49eeedddd49b979d68dbf6fc290f59390253d5ee3d617195ae9f3240fcf2773a390811e12fc95c72e1888b3d7b13731289d1f30acaf0e7ee31cda3430f6dc343c23f3fc96f03e270de98f23c569555546d0787209728f78afbd615dd3cba"}, 0xa2f5)
ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0)
r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop5/queue/discard_max_bytes\x00', 0x2, 0x0)
sendfile$auto(r6, r6, 0x0, 0x3)
close_range$auto(0x2, 0x8, 0x0)
syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0)

466.124771ms ago: executing program 5 (id=6159):
openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000000c0), 0x108881, 0x0)
r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$auto_CEC_S_MODE(r0, 0x40046109, 0x0)
close_range$auto(0x2, 0x8, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x28, 0x1, 0x0)
openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0)
openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0)
socket(0x28, 0x3, 0x10001)
sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="2f212abd7800fddbdf2521000000"], 0x14}}, 0x4000000)
openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0)
mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000)
madvise$auto(0x0, 0x2000040080000004, 0xe)
r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0)
r2 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91)
read$auto(r2, 0x0, 0x1)
write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b)
write$auto(0x3, 0x0, 0xfffffdef)
r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0)
write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9)
openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000001c0), 0x200000, 0x0)
select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x2, 0x2, 0x1, 0x3, 0x300000000000000, 0x7ffffffe, 0x5, 0x6d3c, 0x5, 0x2]}, 0x0)
unshare$auto(0x40000080)
open$auto(&(0x7f0000000200)='./file0\x00', 0x49193, 0xff90)
mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000)
r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0)
write$auto_seq_oss_f_ops_seq_oss(r4, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300)
close_range$auto(0x0, 0xfffffffffffff000, 0x0)

246.348869ms ago: executing program 6 (id=6160):
socket(0x2c, 0x3, 0x0)
mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000)
r0 = eventfd$auto(0x8c)
r1 = socket(0xa, 0x1, 0x100)
setsockopt$auto(r1, 0x29, 0x18, 0x0, 0x1)
io_uring_setup$auto(0x6, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r2 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, 0x0)
ioctl$auto(0x3, 0x40103e05, 0x38)
r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram3\x00', 0x8001, 0x0)
close_range$auto(0x2, 0x8, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x2, 0x0)
openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0)
r5 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci2/force_devcoredump\x00', 0x109202, 0x0)
mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000)
close_range$auto(0x2, 0x8000, 0x0)
io_uring_setup$auto(0x6, 0x0)
openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8000, 0x0)
ioctl$auto(0x3, 0xc0481273, 0x38)
ioctl$auto(r0, 0x1, 0x7)
poll$auto(&(0x7f00000000c0)={r5, 0x2, 0x2000}, 0xfffffdb6, 0xffffffa1)
r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0)
sendfile$auto(r3, r6, 0x0, 0x1)
getsockopt$auto(r4, 0xcc, 0x6, &(0x7f0000000140)='/dev/ram7\x00', &(0x7f0000000180)=0x8)

0s ago: executing program 3 (id=6161):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000000000)={0x30, 0x0, 0x21, 0x70bd26, 0x25dfdbfa, {}, [@WGDEVICE_A_FWMARK={0x8, 0x7, 0x7fffffff}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x30}, 0x1, 0x0, 0x0, 0x841}, 0x80)
openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/tracing_on\x00', 0x40001, 0x0)
r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
ioctl$auto_PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x936, 0x0, 0x50b301a, 0x2c, 0x2c, 0x0, 0xcde})
openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/pci_bus/0000:00/cpuaffinity\x00', 0x20800, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c0000", @ANYBLOB='j\x00%i'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4)
mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4)
sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c004}, 0x40080c0)

kernel console output (not intermixed with test programs):

lock_acquire+0x15a9/0x3c40
[ 1339.254404][T28497]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1339.261512][T28497]  ? policy_nodemask+0xea/0x4e0
[ 1339.267380][T28497]  alloc_pages_mpol_noprof+0x2c8/0x620
[ 1339.273964][T28497]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 1339.281182][T28497]  ? lock_acquire.part.0+0x11b/0x380
[ 1339.287552][T28497]  ? find_held_lock+0x2d/0x110
[ 1339.293316][T28497]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1339.299903][T28497]  pte_alloc_one+0x20/0x390
[ 1339.305330][T28497]  __do_fault+0x320/0x490
[ 1339.310552][T28497]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1339.317136][T28497]  do_pte_missing+0x1a8/0x3e00
[ 1339.322890][T28497]  ? do_raw_spin_unlock+0x172/0x230
[ 1339.329162][T28497]  ? __pmd_alloc+0x3c2/0x8b0
[ 1339.334704][T28497]  __handle_mm_fault+0x103c/0x2a40
[ 1339.340883][T28497]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1339.347465][T28497]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1339.352391][T28501] HfR: entered promiscuous mode
[ 1339.354241][T28497]  ? find_vma+0xc0/0x140
[ 1339.354278][T28497]  ? __pfx_find_vma+0x10/0x10
[ 1339.354307][T28497]  handle_mm_fault+0x3fa/0xaa0
[ 1339.354346][T28497]  do_user_addr_fault+0x7a3/0x13f0
[ 1339.354379][T28497]  exc_page_fault+0x5c/0xc0
[ 1339.354410][T28497]  asm_exc_page_fault+0x26/0x30
[ 1339.354443][T28497] RIP: 0010:__put_user_4+0x11/0x20
[ 1339.354475][T28497] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[ 1339.354503][T28497] RSP: 0018:ffffc90004f17c78 EFLAGS: 00050202
[ 1339.354526][T28497] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000008
[ 1339.354544][T28497] RDX: ffff88806b9d0000 RSI: ffffffff820f5176 RDI: ffffffff8bb19b80
[ 1339.354563][T28497] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff203a53a
[ 1339.354580][T28497] R10: ffffffff901d29d7 R11: 0000000000000000 R12: 0000000000000008
[ 1339.354598][T28497] R13: ffff88808d39d400 R14: 000000000000000f R15: 000000000000541b
[ 1339.354624][T28497]  ? pipe_ioctl+0x226/0x2a0
[ 1339.484158][T28497]  pipe_ioctl+0x231/0x2a0
[ 1339.489359][T28497]  ? __pfx_pipe_ioctl+0x10/0x10
[ 1339.495174][T28497]  do_vfs_ioctl+0x682/0x1950
[ 1339.500675][T28497]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1339.506709][T28497]  ? __pfx_lock_release+0x10/0x10
[ 1339.512722][T28497]  ? trace_lock_acquire+0x14e/0x1f0
[ 1339.518962][T28497]  ? __fget_files+0x206/0x3a0
[ 1339.524578][T28497]  __x64_sys_ioctl+0x11d/0x200
[ 1339.530285][T28497]  do_syscall_64+0xcd/0x250
[ 1339.535689][T28497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1339.542757][T28497] RIP: 0033:0x7f04c7785d29
[ 1339.548045][T28497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1339.571577][T28497] RSP: 002b:00007f04c852f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1339.581665][T28497] RAX: ffffffffffffffda RBX: 00007f04c7975fa0 RCX: 00007f04c7785d29
[ 1339.591229][T28497] RDX: 0000000000000008 RSI: 000000000000541b RDI: 0000000000000001
[ 1339.600791][T28497] RBP: 00007f04c852f090 R08: 0000000000000000 R09: 0000000000000000
[ 1339.610348][T28497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1339.619955][T28497] R13: 0000000000000000 R14: 00007f04c7975fa0 R15: 00007ffe4916ee38
[ 1339.629523][T28497]  </TASK>
[ 1339.687633][T28499] binder: 28498:28499 ioctl 2284 ffffffffffffffff returned -22
[ 1340.401688][T28514] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1340.455892][T28513] netlink: 11 bytes leftover after parsing attributes in process `syz.7.5380'.
[ 1340.546665][T28517] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1198: comm udevd: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1340.596611][T28520] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1340.614952][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1340.625494][T28517] udevd[28517]: failed to execute '/lib/udev/scsi_id' 'scsi_id --export --whitelisted -d /dev/sda': Structure needs cleaning
[ 1340.675614][T28518] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5381'.
[ 1340.689972][T28518] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1340.707627][T28518] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1340.854848][T28529] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5385'.
[ 1340.890362][T28529] vivid-013: =================  START STATUS  =================
[ 1340.904197][T28529] vivid-013: Generate PTS: true
[ 1340.911887][T28529] vivid-013: Generate SCR: true
[ 1340.936097][T28529] tpg source WxH: 640x360 (Y'CbCr)
[ 1340.972621][T28529] tpg field: 1
[ 1340.976880][T28529] tpg crop: 640x360@0x0
[ 1340.982094][T28529] tpg compose: 640x360@0x0
[ 1340.987837][T28529] tpg colorspace: 8
[ 1340.993901][T28529] tpg transfer function: 0/0
[ 1341.000611][T28529] tpg Y'CbCr encoding: 0/0
[ 1341.005990][T28529] tpg quantization: 0/0
[ 1341.012004][T28529] tpg RGB range: 0/2
[ 1341.020701][T28529] vivid-013: ==================  END STATUS  ==================
[ 1341.140887][T28534] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1341.177987][T28525] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006
[ 1341.235295][T28537] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1341.414802][T28539] sp0: Synchronizing with TNC
[ 1341.578662][T28547] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1341.704635][T28551] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1341.740376][T28554] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1341.762999][T28555] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1341.781375][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1341.815433][T28556] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1341.935917][T28559] FAULT_INJECTION: forcing a failure.
[ 1341.935917][T28559] name failslab, interval 1, probability 0, space 0, times 0
[ 1341.979527][T28559] CPU: 1 UID: 0 PID: 28559 Comm: syz.7.5391 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1341.992490][T28559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1342.004573][T28559] Call Trace:
[ 1342.008492][T28559]  <TASK>
[ 1342.011990][T28559]  dump_stack_lvl+0x16c/0x1f0
[ 1342.017606][T28559]  should_fail_ex+0x497/0x5b0
[ 1342.023208][T28559]  ? fs_reclaim_acquire+0xae/0x150
[ 1342.029326][T28559]  should_failslab+0xc2/0x120
[ 1342.034927][T28559]  kmem_cache_alloc_noprof+0x6e/0x3b0
[ 1342.041381][T28559]  ? lock_acquire.part.0+0x11b/0x380
[ 1342.047730][T28559]  ? ptlock_alloc+0x1f/0x70
[ 1342.053133][T28559]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1342.059701][T28559]  ptlock_alloc+0x1f/0x70
[ 1342.064955][T28559]  pte_alloc_one+0x74/0x390
[ 1342.070359][T28559]  __do_fault+0x320/0x490
[ 1342.075564][T28559]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1342.082104][T28559]  do_pte_missing+0x1a8/0x3e00
[ 1342.087828][T28559]  ? do_raw_spin_unlock+0x172/0x230
[ 1342.094057][T28559]  ? __pmd_alloc+0x3c2/0x8b0
[ 1342.099623][T28559]  __handle_mm_fault+0x103c/0x2a40
[ 1342.105765][T28559]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1342.112320][T28559]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1342.119098][T28559]  ? find_vma+0xc0/0x140
[ 1342.124198][T28559]  ? __pfx_find_vma+0x10/0x10
[ 1342.129813][T28559]  handle_mm_fault+0x3fa/0xaa0
[ 1342.135534][T28559]  do_user_addr_fault+0x7a3/0x13f0
[ 1342.141673][T28559]  exc_page_fault+0x5c/0xc0
[ 1342.147079][T28559]  asm_exc_page_fault+0x26/0x30
[ 1342.152897][T28559] RIP: 0010:__put_user_4+0x11/0x20
[ 1342.159025][T28559] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[ 1342.182653][T28559] RSP: 0018:ffffc9000431fc78 EFLAGS: 00050202
[ 1342.189922][T28559] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000008
[ 1342.199469][T28559] RDX: ffff88802a909e00 RSI: ffffffff820f5176 RDI: ffffffff8bb19b80
[ 1342.209029][T28559] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff203a53a
[ 1342.218577][T28559] R10: ffffffff901d29d7 R11: 0000000000000000 R12: 0000000000000001
[ 1342.228130][T28559] R13: ffff88802451d400 R14: 000000000000000f R15: 000000000000541b
[ 1342.237704][T28559]  ? pipe_ioctl+0x226/0x2a0
[ 1342.243106][T28559]  pipe_ioctl+0x231/0x2a0
[ 1342.248307][T28559]  ? __pfx_pipe_ioctl+0x10/0x10
[ 1342.254111][T28559]  do_vfs_ioctl+0x682/0x1950
[ 1342.259601][T28559]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1342.265622][T28559]  ? __pfx_lock_release+0x10/0x10
[ 1342.271630][T28559]  ? trace_lock_acquire+0x14e/0x1f0
[ 1342.277860][T28559]  ? __fget_files+0x206/0x3a0
[ 1342.283460][T28559]  __x64_sys_ioctl+0x11d/0x200
[ 1342.289159][T28559]  do_syscall_64+0xcd/0x250
[ 1342.294547][T28559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1342.301604][T28559] RIP: 0033:0x7fa6d0785d29
[ 1342.306889][T28559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1342.330425][T28559] RSP: 002b:00007fa6d14f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1342.340612][T28559] RAX: ffffffffffffffda RBX: 00007fa6d0975fa0 RCX: 00007fa6d0785d29
[ 1342.350169][T28559] RDX: 0000000000000008 RSI: 000000000000541b RDI: 0000000000000001
[ 1342.359720][T28559] RBP: 00007fa6d14f8090 R08: 0000000000000000 R09: 0000000000000000
[ 1342.369273][T28559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1342.378819][T28559] R13: 0000000000000000 R14: 00007fa6d0975fa0 R15: 00007ffc9da38308
[ 1342.388398][T28559]  </TASK>
[ 1342.392012][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1343.097107][T28582] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5398'.
[ 1343.114005][T28582] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1343.162870][T28582] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1343.463447][T28597] delete_channel: no stack
[ 1345.639783][T28640] FAULT_INJECTION: forcing a failure.
[ 1345.639783][T28640] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1345.717661][T28640] CPU: 1 UID: 0 PID: 28640 Comm: syz.7.5415 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1345.730633][T28640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1345.742711][T28640] Call Trace:
[ 1345.746666][T28640]  <TASK>
[ 1345.750200][T28640]  dump_stack_lvl+0x16c/0x1f0
[ 1345.755844][T28640]  should_fail_ex+0x497/0x5b0
[ 1345.761491][T28640]  ? fs_reclaim_acquire+0xae/0x150
[ 1345.767665][T28640]  should_fail_alloc_page+0xe7/0x130
[ 1345.774046][T28640]  prepare_alloc_pages.constprop.0+0x16f/0x560
[ 1345.781477][T28640]  __alloc_pages_noprof+0x190/0x25b0
[ 1345.787850][T28640]  ? __pfx_mark_lock+0x10/0x10
[ 1345.793587][T28640]  ? __pfx___lock_acquire+0x10/0x10
[ 1345.799854][T28640]  ? mark_lock+0xb5/0xc60
[ 1345.805083][T28640]  ? hlock_class+0x4e/0x130
[ 1345.810514][T28640]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 1345.817419][T28640]  ? find_held_lock+0x2d/0x110
[ 1345.823172][T28640]  ? hlock_class+0x4e/0x130
[ 1345.828611][T28640]  ? __lock_acquire+0xcc5/0x3c40
[ 1345.834570][T28640]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1345.841678][T28640]  ? policy_nodemask+0xea/0x4e0
[ 1345.847543][T28640]  alloc_pages_mpol_noprof+0x2c8/0x620
[ 1345.854120][T28640]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 1345.861341][T28640]  ? find_held_lock+0x2d/0x110
[ 1345.867105][T28640]  folio_alloc_mpol_noprof+0x36/0xd0
[ 1345.873485][T28640]  shmem_alloc_folio+0x135/0x160
[ 1345.879461][T28640]  shmem_alloc_and_add_folio+0x48b/0xc00
[ 1345.886269][T28640]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1345.893691][T28640]  ? shmem_allowable_huge_orders+0xd0/0x410
[ 1345.900802][T28640]  shmem_get_folio_gfp+0x689/0x1530
[ 1345.907077][T28640]  ? mark_lock+0xb5/0xc60
[ 1345.912312][T28640]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1345.919106][T28640]  ? __pfx_mark_lock+0x10/0x10
[ 1345.924874][T28640]  shmem_fault+0x200/0xae0
[ 1345.930325][T28640]  ? __pfx_shmem_fault+0x10/0x10
[ 1345.936307][T28640]  ? __pfx_lock_release+0x10/0x10
[ 1345.942598][T28640]  ? __mod_memcg_lruvec_state+0x53c/0x750
[ 1345.949607][T28640]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1345.956294][T28640]  ? mark_held_locks+0x9f/0xe0
[ 1345.962052][T28640]  ? pte_alloc_one+0x2a3/0x390
[ 1345.967806][T28640]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1345.974397][T28640]  __do_fault+0x10a/0x490
[ 1345.979628][T28640]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1345.986241][T28640]  do_pte_missing+0x1a8/0x3e00
[ 1345.991986][T28640]  ? do_raw_spin_unlock+0x172/0x230
[ 1345.998262][T28640]  ? __pmd_alloc+0x3c2/0x8b0
[ 1346.003809][T28640]  __handle_mm_fault+0x103c/0x2a40
[ 1346.010127][T28640]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1346.016731][T28640]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1346.023547][T28640]  ? find_vma+0xc0/0x140
[ 1346.028711][T28640]  ? __pfx_find_vma+0x10/0x10
[ 1346.034369][T28640]  handle_mm_fault+0x3fa/0xaa0
[ 1346.040238][T28640]  do_user_addr_fault+0x7a3/0x13f0
[ 1346.046419][T28640]  exc_page_fault+0x5c/0xc0
[ 1346.051919][T28640]  asm_exc_page_fault+0x26/0x30
[ 1346.061317][T28640] RIP: 0010:__put_user_4+0x11/0x20
[ 1346.061366][T28640] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[ 1346.061389][T28640] RSP: 0018:ffffc9000405fc78 EFLAGS: 00050202
[ 1346.061412][T28640] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000008
[ 1346.061429][T28640] RDX: ffff888062b30000 RSI: ffffffff820f5176 RDI: ffffffff8bb19b80
[ 1346.061446][T28640] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff203a53a
[ 1346.061463][T28640] R10: ffffffff901d29d7 R11: 0000000000000000 R12: 0000000000000001
[ 1346.061479][T28640] R13: ffff88802451d400 R14: 000000000000000f R15: 000000000000541b
[ 1346.061509][T28640]  ? pipe_ioctl+0x226/0x2a0
[ 1346.061544][T28640]  pipe_ioctl+0x231/0x2a0
[ 1346.061574][T28640]  ? __pfx_pipe_ioctl+0x10/0x10
[ 1346.061602][T28640]  do_vfs_ioctl+0x682/0x1950
[ 1346.061627][T28640]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1346.061670][T28640]  ? __pfx_lock_release+0x10/0x10
[ 1346.061693][T28640]  ? trace_lock_acquire+0x14e/0x1f0
[ 1346.061734][T28640]  ? __fget_files+0x206/0x3a0
[ 1346.061771][T28640]  __x64_sys_ioctl+0x11d/0x200
[ 1346.061799][T28640]  do_syscall_64+0xcd/0x250
[ 1346.061834][T28640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1346.061868][T28640] RIP: 0033:0x7fa6d0785d29
[ 1346.061891][T28640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1346.061914][T28640] RSP: 002b:00007fa6d14f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1346.061940][T28640] RAX: ffffffffffffffda RBX: 00007fa6d0975fa0 RCX: 00007fa6d0785d29
[ 1346.061959][T28640] RDX: 0000000000000008 RSI: 000000000000541b RDI: 0000000000000001
[ 1346.061975][T28640] RBP: 00007fa6d14f8090 R08: 0000000000000000 R09: 0000000000000000
[ 1346.061992][T28640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1346.062007][T28640] R13: 0000000000000000 R14: 00007fa6d0975fa0 R15: 00007ffc9da38308
[ 1346.062039][T28640]  </TASK>
[ 1346.267793][T28646] EXT4-fs error: 7 callbacks suppressed
[ 1346.267813][T28646] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1346.301687][T28647] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1346.528248][T28651] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1346.571839][T28652] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1346.632016][T28655] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5416'.
[ 1346.648396][T28655] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1346.680784][T28655] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1348.112433][T28676] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1348.316213][T28678] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1348.955174][T28684] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1349.447764][T28694] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1351.224344][T28723] openvswitch: HfR: Dropping previously announced user features
[ 1351.297098][T28720] binder: 28719:28720 ioctl 2284 ffffffffffffffff returned -22
[ 1351.793580][T28727] nbd: must specify at least one socket
[ 1352.329856][T28733] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1352.416674][T28731] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5435'.
[ 1352.442201][T28731] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1352.541392][T28731] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1352.563590][T28738] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1354.217626][T28760] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5445'.
[ 1354.251530][T28760] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1354.262234][T28760] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1354.287825][T28760] bridge0: entered allmulticast mode
[ 1354.314214][T28763] ubi0: attaching mtd0
[ 1354.326293][T28763] ubi0: scanning is finished
[ 1354.336361][T28763] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1354.484926][T28763] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1355.256406][T28781] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1355.320126][T28783] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1355.438561][T28786] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1355.590067][T28777] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5449'.
[ 1355.854587][T28777] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1355.969398][T28777] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1356.155093][T28791] binder: 28790:28791 ioctl 2284 ffffffffffffffff returned -22
[ 1356.655642][T28802] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5455'.
[ 1356.729673][T28802] bridge0: port 3(bond0) entered disabled state
[ 1356.737635][T28802] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1356.746564][T28802] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1356.806707][T28805] ubi0: attaching mtd0
[ 1356.815947][T28805] ubi0: scanning is finished
[ 1356.826437][T28802] bridge0: entered allmulticast mode
[ 1356.865737][T28805] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1357.018648][T28805] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1357.719322][T28822] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1357.809322][T28816] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006
[ 1357.833957][T28826] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1357.938324][T28827] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1358.020407][T28831] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1358.491577][T28834] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1358.570936][T28836] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1358.644787][T28841] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1359.540509][T28852] Process accounting resumed
[ 1359.568089][T28858] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1359.642829][T28860] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5470'.
[ 1359.659118][T28860] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1359.691663][T28860] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1360.496483][T28871] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1360.631601][T28864] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006
[ 1361.098351][T28882] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1362.375605][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.383917][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1364.243159][T28907] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5482'.
[ 1364.389961][T28911] ubi0: attaching mtd0
[ 1364.418922][T28911] ubi0: scanning is finished
[ 1364.422455][T28907] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1364.433473][T28907] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1364.450439][T28911] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1364.524777][T28914] Invalid ELF header magic: != ELF
[ 1364.532814][T28907] bridge0: entered allmulticast mode
[ 1364.722933][T28911] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1365.481617][T28921] openvswitch: HfR: Dropping previously announced user features
[ 1365.580655][T28921] binder: 28920:28921 ioctl 2284 ffffffffffffffff returned -22
[ 1366.888542][T28954] EXT4-fs error: 1 callbacks suppressed
[ 1366.888562][T28954] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1366.957003][T28942] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006
[ 1366.966346][T28953] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5496'.
[ 1366.996509][T28953] bridge0: port 3(veth1_to_hsr) entered disabled state
[ 1367.005083][T28953] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1367.013886][T28953] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1367.040717][T28958] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1367.063758][T28959] ubi0: attaching mtd0
[ 1367.073229][T28959] ubi0: scanning is finished
[ 1367.084620][T28956] FAULT_INJECTION: forcing a failure.
[ 1367.084620][T28956] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1367.112241][T28945] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006
[ 1367.144931][T28964] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1367.152272][T28956] CPU: 1 UID: 0 PID: 28956 Comm: syz.7.5497 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1367.176439][T28956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1367.188652][T28956] Call Trace:
[ 1367.192583][T28956]  <TASK>
[ 1367.196105][T28956]  dump_stack_lvl+0x16c/0x1f0
[ 1367.201718][T28956]  should_fail_ex+0x497/0x5b0
[ 1367.207332][T28956]  _copy_from_user+0x2e/0xd0
[ 1367.212856][T28956]  move_addr_to_kernel+0x68/0x160
[ 1367.218885][T28956]  __sys_sendto+0x1ba/0x4f0
[ 1367.224289][T28956]  ? __pfx___sys_sendto+0x10/0x10
[ 1367.230333][T28956]  ? ksys_write+0x1ba/0x250
[ 1367.235729][T28956]  ? __pfx_ksys_write+0x10/0x10
[ 1367.241560][T28956]  __x64_sys_sendto+0xe0/0x1c0
[ 1367.247278][T28956]  ? do_syscall_64+0x91/0x250
[ 1367.252910][T28956]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1367.259192][T28956]  do_syscall_64+0xcd/0x250
[ 1367.264609][T28956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1367.271801][T28956] RIP: 0033:0x7fa6d0785d29
[ 1367.277527][T28956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1367.301489][T28956] RSP: 002b:00007fa6d14f8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1367.311591][T28956] RAX: ffffffffffffffda RBX: 00007fa6d0975fa0 RCX: 00007fa6d0785d29
[ 1367.321265][T28956] RDX: 0000000000000402 RSI: 0000000000000000 RDI: 0000000000000003
[ 1367.330825][T28956] RBP: 00007fa6d14f8090 R08: 0000000020000000 R09: 000000000000001c
[ 1367.340400][T28956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1367.349972][T28956] R13: 0000000000000000 R14: 00007fa6d0975fa0 R15: 00007ffc9da38308
[ 1367.359656][T28956]  </TASK>
[ 1367.377612][T28953] bridge0: entered allmulticast mode
[ 1367.396796][T28962] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5498'.
[ 1367.407643][T28959] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1367.442384][T28967] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1367.455468][T28962] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1367.492148][T28962] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1367.550515][T28959] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1369.727950][T29002] FAULT_INJECTION: forcing a failure.
[ 1369.727950][T29002] name failslab, interval 1, probability 0, space 0, times 0
[ 1369.757057][T29002] CPU: 0 UID: 0 PID: 29002 Comm: syz.6.5507 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1369.770163][T29002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1369.782259][T29002] Call Trace:
[ 1369.786219][T29002]  <TASK>
[ 1369.789758][T29002]  dump_stack_lvl+0x16c/0x1f0
[ 1369.795415][T29002]  should_fail_ex+0x497/0x5b0
[ 1369.801062][T29002]  ? fs_reclaim_acquire+0xae/0x150
[ 1369.807235][T29002]  should_failslab+0xc2/0x120
[ 1369.812892][T29002]  __kmalloc_noprof+0xce/0x4f0
[ 1369.819012][T29002]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1369.826017][T29002]  ? tomoyo_realpath_from_path+0xbf/0x710
[ 1369.832940][T29002]  tomoyo_realpath_from_path+0xbf/0x710
[ 1369.839634][T29002]  ? tomoyo_path_number_perm+0x235/0x5b0
[ 1369.846452][T29002]  tomoyo_path_number_perm+0x248/0x5b0
[ 1369.853040][T29002]  ? tomoyo_path_number_perm+0x235/0x5b0
[ 1369.859853][T29002]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1369.867106][T29002]  ? __pfx_lock_release+0x10/0x10
[ 1369.873184][T29002]  ? trace_lock_acquire+0x14e/0x1f0
[ 1369.879467][T29002]  ? lock_acquire+0x2f/0xb0
[ 1369.884898][T29002]  ? __fget_files+0x40/0x3a0
[ 1369.890446][T29002]  ? __fget_files+0x206/0x3a0
[ 1369.896102][T29002]  security_file_ioctl+0x9b/0x240
[ 1369.902197][T29002]  __x64_sys_ioctl+0xb7/0x200
[ 1369.907849][T29002]  do_syscall_64+0xcd/0x250
[ 1369.913295][T29002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1369.920422][T29002] RIP: 0033:0x7f580c385d29
[ 1369.925750][T29002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1369.938831][T29004] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5508'.
[ 1369.949296][T29002] RSP: 002b:00007f580d1e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1369.949328][T29002] RAX: ffffffffffffffda RBX: 00007f580c575fa0 RCX: 00007f580c385d29
[ 1369.949345][T29002] RDX: 0000000000000000 RSI: 0000000040046f41 RDI: 0000000000000003
[ 1369.949360][T29002] RBP: 00007f580d1e6090 R08: 0000000000000000 R09: 0000000000000000
[ 1369.949377][T29002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1369.949392][T29002] R13: 0000000000000000 R14: 00007f580c575fa0 R15: 00007fff52409db8
[ 1369.949423][T29002]  </TASK>
[ 1369.969599][T29002] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1370.069898][T29006] ubi0: attaching mtd0
[ 1370.120917][T29006] ubi0: scanning is finished
[ 1370.127406][T29006] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1370.285708][T29006] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1370.611776][T29018] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1371.541126][T29039] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1371.726115][T29034] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5517'.
[ 1371.849779][T29034] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1371.930447][T29034] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1372.431541][T29060] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1372.475625][T29061] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1372.578649][T29063] binder: 29053:29063 ioctl 2284 ffffffffffffffff returned -22
[ 1372.724832][T29070] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1372.805833][T29067] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5526'.
[ 1372.876690][T29054] openvswitch: HfR: Dropping previously announced user features
[ 1372.914533][T29067] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1372.966983][T29067] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1374.109530][T29094] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1374.127604][   T29] audit: type=1800 audit(4294967430.900:49): pid=29091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.5532" name="dbroot" dev="configfs" ino=121162 res=0 errno=0
[ 1374.146962][T29098] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1374.186474][T29101] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1374.202844][   T29] audit: type=1804 audit(4294967430.900:50): pid=29091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.5532" name="/newroot/sys/kernel/config/target/dbroot" dev="configfs" ino=121162 res=1 errno=0
[ 1374.251490][T29102] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1374.275310][T29103] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1374.303837][T29104] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1374.330809][T29105] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1374.451700][   T29] audit: type=1800 audit(4294967431.230:51): pid=29109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.5534" name="SYSV0000000a" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1377.108688][T29186] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5545'.
[ 1377.123408][T29186] vivid-013: =================  START STATUS  =================
[ 1377.137357][T29186] vivid-013: Generate PTS: true
[ 1377.144309][T29186] vivid-013: Generate SCR: true
[ 1377.245988][T29186] tpg source WxH: 640x360 (Y'CbCr)
[ 1377.279448][T29186] tpg field: 1
[ 1377.283548][T29186] tpg crop: 640x360@0x0
[ 1377.294441][T29186] tpg compose: 640x360@0x0
[ 1377.353642][T29186] tpg colorspace: 8
[ 1377.366335][T29186] tpg transfer function: 0/0
[ 1377.540560][T29202] EXT4-fs error: 40 callbacks suppressed
[ 1377.540580][T29202] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1377.572357][T29186] tpg Y'CbCr encoding: 0/0
[ 1377.622663][T29186] tpg quantization: 0/0
[ 1377.624334][T29203] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5550'.
[ 1377.639393][T29203] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1377.654595][T29186] tpg RGB range: 0/2
[ 1377.667550][T29203] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1377.690979][T29186] vivid-013: ==================  END STATUS  ==================
[ 1377.901476][T29210] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1378.010002][T29207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5552'.
[ 1378.558492][T29223] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1379.706099][T29241] FAULT_INJECTION: forcing a failure.
[ 1379.706099][T29241] name failslab, interval 1, probability 0, space 0, times 0
[ 1379.722259][T29228] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5557'.
[ 1379.734276][T29241] CPU: 1 UID: 0 PID: 29241 Comm: syz.5.5559 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1379.747333][T29241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1379.759425][T29241] Call Trace:
[ 1379.763381][T29241]  <TASK>
[ 1379.766922][T29241]  dump_stack_lvl+0x16c/0x1f0
[ 1379.772569][T29241]  should_fail_ex+0x497/0x5b0
[ 1379.778269][T29241]  ? fs_reclaim_acquire+0xae/0x150
[ 1379.784440][T29241]  should_failslab+0xc2/0x120
[ 1379.790083][T29241]  kmem_cache_alloc_noprof+0x6e/0x3b0
[ 1379.796666][T29241]  ? __pfx___might_resched+0x10/0x10
[ 1379.803043][T29241]  ? __anon_vma_prepare+0xae/0x5e0
[ 1379.809437][T29241]  __anon_vma_prepare+0xae/0x5e0
[ 1379.815512][T29241]  ? __filemap_get_folio+0x2a5/0xaf0
[ 1379.821892][T29241]  __vmf_anon_prepare+0x11c/0x240
[ 1379.827957][T29241]  hugetlb_fault+0x1f3b/0x2fb0
[ 1379.833720][T29241]  ? __pfx_hugetlb_fault+0x10/0x10
[ 1379.839901][T29241]  ? find_vma+0xc0/0x140
[ 1379.845024][T29241]  ? __pfx_find_vma+0x10/0x10
[ 1379.850669][T29241]  handle_mm_fault+0x930/0xaa0
[ 1379.856434][T29241]  do_user_addr_fault+0x7a3/0x13f0
[ 1379.862612][T29241]  exc_page_fault+0x5c/0xc0
[ 1379.868087][T29241]  asm_exc_page_fault+0x26/0x30
[ 1379.873942][T29241] RIP: 0010:__get_user_4+0x1a/0x30
[ 1379.880106][T29241] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 ba 00 f0 ff ff ff 7f 00 00 48 39 c2 48 19 d2 48 09 d0 0f 01 cb <8b> 10 31 c0 0f 01 ca c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00
[ 1379.903663][T29241] RSP: 0018:ffffc90004c77e38 EFLAGS: 00050246
[ 1379.911083][T29241] RAX: 0000000000000000 RBX: 0000000040046f41 RCX: ffffc90004c77da0
[ 1379.920787][T29241] RDX: 0000000000000000 RSI: ffffffff861fc98a RDI: ffffffff8bb19b80
[ 1379.930383][T29241] RBP: 1ffff9200098efc8 R08: 0000000000000000 R09: fffffbfff203a53a
[ 1379.940021][T29241] R10: ffffffff901d29d7 R11: 0000000000000000 R12: 0000000000000000
[ 1379.949626][T29241] R13: 0000000000000001 R14: 0000000000000003 R15: 0000000000000000
[ 1379.959247][T29241]  ? ctrl_cdev_ioctl+0x1ba/0x3d0
[ 1379.965264][T29241]  ctrl_cdev_ioctl+0x1c2/0x3d0
[ 1379.971027][T29241]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[ 1379.977418][T29241]  ? __fget_files+0x206/0x3a0
[ 1379.983191][T29241]  ? __pfx_ctrl_cdev_ioctl+0x10/0x10
[ 1379.989608][T29241]  __x64_sys_ioctl+0x190/0x200
[ 1379.995373][T29241]  do_syscall_64+0xcd/0x250
[ 1380.000868][T29241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1380.007977][T29241] RIP: 0033:0x7f92feb85d29
[ 1380.013344][T29241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1380.037559][T29241] RSP: 002b:00007f92ff913038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1380.047700][T29241] RAX: ffffffffffffffda RBX: 00007f92fed75fa0 RCX: 00007f92feb85d29
[ 1380.057297][T29241] RDX: 0000000000000000 RSI: 0000000040046f41 RDI: 0000000000000003
[ 1380.066885][T29241] RBP: 00007f92ff913090 R08: 0000000000000000 R09: 0000000000000000
[ 1380.076504][T29241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1380.086095][T29241] R13: 0000000000000000 R14: 00007f92fed75fa0 R15: 00007ffd495a6098
[ 1380.095703][T29241]  </TASK>
[ 1380.135149][T29228] hsr_slave_0: entered allmulticast mode
[ 1381.039990][T29257] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1381.218034][T29253] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5563'.
[ 1381.310749][T29253] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1381.397964][T29253] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1382.092572][T29274] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5568'.
[ 1382.135782][T29274] ubi0: attaching mtd0
[ 1382.142100][T29274] ubi0: scanning is finished
[ 1382.162283][T29274] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1382.256067][T29274] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1382.558621][T29285] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1382.620260][T29272] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(6)
[ 1382.718068][T29278] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5569'.
[ 1382.751999][T29288] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1382.809770][T29290] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1382.860621][T29280] ubi0: attaching mtd0
[ 1382.919556][T29280] ubi0: scanning is finished
[ 1382.940951][T29280] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1383.123170][T29299] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1383.211334][T29297] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5574'.
[ 1383.225409][T29280] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1383.226585][T29297] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1383.277673][T29297] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1383.574732][T29308] openvswitch: HfR: Dropping previously announced user features
[ 1383.660509][T29304] binder: 29303:29304 ioctl 2284 ffffffffffffffff returned -22
[ 1385.124850][T29332] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1385.933197][T29353] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1386.012986][T29356] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1386.105796][T29362] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1386.654393][T29367] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1386.710140][T29369] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1387.310178][T29376] FAULT_INJECTION: forcing a failure.
[ 1387.310178][T29376] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1387.407402][T29376] CPU: 1 UID: 0 PID: 29376 Comm: syz.3.5594 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1387.420936][T29376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1387.433017][T29376] Call Trace:
[ 1387.437052][T29376]  <TASK>
[ 1387.440669][T29376]  dump_stack_lvl+0x16c/0x1f0
[ 1387.446286][T29376]  should_fail_ex+0x497/0x5b0
[ 1387.451900][T29376]  _copy_to_user+0x32/0xd0
[ 1387.457208][T29376]  simple_read_from_buffer+0xd0/0x160
[ 1387.463658][T29376]  proc_fail_nth_read+0x198/0x270
[ 1387.469904][T29376]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1387.476565][T29376]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1387.483232][T29376]  vfs_read+0x1df/0xbe0
[ 1387.488236][T29376]  ? __fget_files+0x1fc/0x3a0
[ 1387.494063][T29376]  ? __pfx___mutex_lock+0x10/0x10
[ 1387.500154][T29376]  ? __pfx_vfs_read+0x10/0x10
[ 1387.505776][T29376]  ? __fget_files+0x206/0x3a0
[ 1387.511405][T29376]  ksys_read+0x12b/0x250
[ 1387.516493][T29376]  ? __pfx_ksys_read+0x10/0x10
[ 1387.522226][T29376]  do_syscall_64+0xcd/0x250
[ 1387.527640][T29376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1387.534821][T29376] RIP: 0033:0x7f04c778473c
[ 1387.540114][T29376] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1387.564195][T29376] RSP: 002b:00007f04c852f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1387.574298][T29376] RAX: ffffffffffffffda RBX: 00007f04c7975fa0 RCX: 00007f04c778473c
[ 1387.584092][T29376] RDX: 000000000000000f RSI: 00007f04c852f0a0 RDI: 0000000000000004
[ 1387.593777][T29376] RBP: 00007f04c852f090 R08: 0000000000000000 R09: 0000000000000000
[ 1387.603801][T29376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1387.613482][T29376] R13: 0000000000000000 R14: 00007f04c7975fa0 R15: 00007ffe4916ee38
[ 1387.623068][T29376]  </TASK>
[ 1389.506343][T29400] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5601'.
[ 1389.566315][T29400] vivid-013: =================  START STATUS  =================
[ 1389.607808][T29400] vivid-013: Generate PTS: true
[ 1389.613717][T29400] vivid-013: Generate SCR: true
[ 1389.657593][T29400] tpg source WxH: 640x360 (Y'CbCr)
[ 1389.663798][T29400] tpg field: 1
[ 1389.702069][T29400] tpg crop: 640x360@0x0
[ 1389.707117][T29400] tpg compose: 640x360@0x0
[ 1389.773342][T29400] tpg colorspace: 8
[ 1389.793252][T29400] tpg transfer function: 0/0
[ 1389.835308][T29400] tpg Y'CbCr encoding: 0/0
[ 1389.867663][T29400] tpg quantization: 0/0
[ 1389.872712][T29400] tpg RGB range: 0/2
[ 1389.928017][T29400] vivid-013: ==================  END STATUS  ==================
[ 1390.053431][T29409] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5604'.
[ 1390.106390][T29409] vivid-013: =================  START STATUS  =================
[ 1390.214644][T29409] vivid-013: Generate PTS: true
[ 1390.269125][T29409] vivid-013: Generate SCR: true
[ 1390.381551][T29409] tpg source WxH: 640x360 (Y'CbCr)
[ 1390.440621][T29409] tpg field: 1
[ 1390.444738][T29409] tpg crop: 640x360@0x0
[ 1390.509933][T29409] tpg compose: 640x360@0x0
[ 1390.601413][T29409] tpg colorspace: 8
[ 1390.606044][T29409] tpg transfer function: 0/0
[ 1390.697572][T29409] tpg Y'CbCr encoding: 0/0
[ 1390.733164][T29409] tpg quantization: 0/0
[ 1390.758797][T29409] tpg RGB range: 0/2
[ 1390.768412][T29409] vivid-013: ==================  END STATUS  ==================
[ 1390.848961][T27333] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1390.867720][T27333] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1390.889940][T27333] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1390.918090][T27333] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1390.938066][T27333] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1390.957795][T27333] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1391.099892][T29420] EXT4-fs error: 1 callbacks suppressed
[ 1391.099914][T29420] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1391.448620][T29425] netlink: 338 bytes leftover after parsing attributes in process `syz.3.5607'.
[ 1391.729112][T29424] netlink: 338 bytes leftover after parsing attributes in process `syz.3.5607'.
[ 1391.810011][T29425] netlink: 110 bytes leftover after parsing attributes in process `syz.3.5607'.
[ 1391.894689][T29434] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1391.953248][T29417] chnl_net:caif_netlink_parms(): no params data found
[ 1392.368381][T29443] HfR: entered promiscuous mode
[ 1392.376169][T29417] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1392.423640][T29417] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1392.446433][T29417] bridge_slave_0: entered allmulticast mode
[ 1392.456450][T29417] bridge_slave_0: entered promiscuous mode
[ 1392.471817][T29437] binder: 29435:29437 ioctl 2284 ffffffffffffffff returned -22
[ 1392.645422][T29417] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1392.696512][T29417] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1392.732232][T29417] bridge_slave_1: entered allmulticast mode
[ 1392.756023][T29417] bridge_slave_1: entered promiscuous mode
[ 1392.923551][T29417] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1392.972018][T29417] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1393.007812][T19560] Bluetooth: hci0: command tx timeout
[ 1393.235075][T29417] team0: Port device team_slave_0 added
[ 1393.271190][T29417] team0: Port device team_slave_1 added
[ 1393.505017][T29417] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1393.523174][T29417] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1393.591117][T29417] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1393.646911][T29417] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1393.739477][T29417] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1393.932969][T29417] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1394.219308][T29417] hsr_slave_0: entered promiscuous mode
[ 1394.287335][T29417] hsr_slave_1: entered promiscuous mode
[ 1394.337633][T29417] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1394.371007][T29417] Cannot create hsr debugfs directory
[ 1394.504619][T29458] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1394.608045][T29456] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5615'.
[ 1394.713892][T29456] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1394.805377][T29456] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1395.091459][T19560] Bluetooth: hci0: command tx timeout
[ 1395.305360][T29417] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1395.614588][T29465] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1395.674770][T29466] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5616'.
[ 1395.845457][T29417] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1396.450508][T29466] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1396.464969][T29466] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1396.689579][T29417] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1396.749591][T29477] openvswitch: HfR: Dropping previously announced user features
[ 1396.766872][T29478] binder: 29476:29478 ioctl 2284 ffffffffffffffff returned -22
[ 1396.991966][T29417] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1397.172148][T19560] Bluetooth: hci0: command tx timeout
[ 1397.602604][T29417] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1397.635688][T29417] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1397.676060][T29417] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1397.953356][T29417] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1398.003852][T29491] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1398.078571][T29488] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5623'.
[ 1398.083366][T29496] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1398.112790][T29488] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1398.161879][T29488] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1398.533392][T29417] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1398.592194][T29494] openvswitch: HfR: Dropping previously announced user features
[ 1398.624919][T29417] 8021q: adding VLAN 0 to HW filter on device team0
[ 1398.661724][T29494] binder: 29493:29494 ioctl 2284 ffffffffffffffff returned -22
[ 1398.711262][T27018] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1398.719905][T27018] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1398.745792][T27018] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1398.754428][T27018] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1399.002696][T29417] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1399.076648][T29417] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1399.151788][T29506] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1399.205123][T29507] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1399.248024][T19560] Bluetooth: hci0: command tx timeout
[ 1399.304811][T29510] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1399.347194][T29511] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1399.439169][T29417] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1399.482220][T29513] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1399.544219][T29514] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1399.579100][T29516] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1399.619501][T29518] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:8: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1399.856473][T29417] veth0_vlan: entered promiscuous mode
[ 1400.042861][T29417] veth1_vlan: entered promiscuous mode
[ 1400.171749][T29417] veth0_macvtap: entered promiscuous mode
[ 1400.202931][T29417] veth1_macvtap: entered promiscuous mode
[ 1400.273007][T29417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1400.332836][T29417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1400.377616][T29417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1400.407522][T29417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1400.433959][T29417] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1400.461395][T29417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1400.513314][T29417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1400.557596][T29417] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1400.580044][T29526] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006
[ 1400.591986][T29417] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1400.629120][T29417] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1400.683469][T29417] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1400.717546][T29417] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1400.756053][T29417] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1400.824914][T29417] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1401.032637][T29535] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5633'.
[ 1401.084795][T29536] vivid-013: =================  START STATUS  =================
[ 1401.097658][T29536] vivid-013: Generate PTS: true
[ 1401.104572][T29536] vivid-013: Generate SCR: true
[ 1401.153432][T29536] tpg source WxH: 640x360 (Y'CbCr)
[ 1401.188138][T29536] tpg field: 1
[ 1401.192271][T29536] tpg crop: 640x360@0x0
[ 1401.197274][T29536] tpg compose: 640x360@0x0
[ 1401.213382][T29536] tpg colorspace: 8
[ 1401.238009][T29536] tpg transfer function: 0/0
[ 1401.262390][T29536] tpg Y'CbCr encoding: 0/0
[ 1401.290030][T29536] tpg quantization: 0/0
[ 1401.295088][T29536] tpg RGB range: 0/2
[ 1401.299946][T29536] vivid-013: ==================  END STATUS  ==================
[ 1403.019029][T27018] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1403.064843][T27018] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1403.422989][T27018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1403.423016][T27018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1403.719065][T29565] EXT4-fs error: 6 callbacks suppressed
[ 1403.719086][T29565] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1403.754883][T29566] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1404.366614][T29570] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5639'.
[ 1404.651359][T29577] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1404.722603][T29575] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5641'.
[ 1404.748543][T29582] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1404.770866][T29575] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1404.807605][T29575] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1405.730838][T29603] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1405.838609][T29607] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1406.561377][T29616] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1406.612424][T29618] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1407.513236][T29642] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5661'.
[ 1407.590274][T29643] vivid-013: =================  START STATUS  =================
[ 1407.611010][T29643] vivid-013: Generate PTS: true
[ 1407.629801][T29643] vivid-013: Generate SCR: true
[ 1407.646132][T29643] tpg source WxH: 640x360 (Y'CbCr)
[ 1407.670074][T29643] tpg field: 1
[ 1407.681027][T29643] tpg crop: 640x360@0x0
[ 1407.694141][T29643] tpg compose: 640x360@0x0
[ 1407.710718][T29643] tpg colorspace: 8
[ 1407.723681][T29643] tpg transfer function: 0/0
[ 1407.743890][T29643] tpg Y'CbCr encoding: 0/0
[ 1407.777201][T29643] tpg quantization: 0/0
[ 1407.803524][T29643] tpg RGB range: 0/2
[ 1407.837737][T29643] vivid-013: ==================  END STATUS  ==================
[ 1408.225946][T29656] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5664'.
[ 1408.276997][T29656] ipvlan0: entered promiscuous mode
[ 1408.303344][T29656] ipvlan0: entered allmulticast mode
[ 1408.324060][T29659] vivid-013: =================  START STATUS  =================
[ 1408.335091][T29656] veth0_vlan: entered allmulticast mode
[ 1408.373021][T29659] vivid-013: Generate PTS: true
[ 1408.380904][T29659] vivid-013: Generate SCR: true
[ 1408.443277][T29659] tpg source WxH: 640x360 (Y'CbCr)
[ 1408.475892][T29659] tpg field: 1
[ 1408.486051][T29659] tpg crop: 640x360@0x0
[ 1408.492256][T29659] tpg compose: 640x360@0x0
[ 1408.499473][T29659] tpg colorspace: 8
[ 1408.504088][T29659] tpg transfer function: 0/0
[ 1408.509811][T29659] tpg Y'CbCr encoding: 0/0
[ 1408.516232][T29659] tpg quantization: 0/0
[ 1408.522147][T29659] tpg RGB range: 0/2
[ 1408.526973][T29659] vivid-013: ==================  END STATUS  ==================
[ 1408.651502][T29666] netlink: 146 bytes leftover after parsing attributes in process `syz.7.5666'.
[ 1408.795969][T29671] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1409.006164][T29675] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1409.171483][T29682] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1409.499674][T29686] openvswitch: HfR: Dropping previously announced user features
[ 1409.512783][T29686] binder: 29683:29686 ioctl 2284 ffffffffffffffff returned -22
[ 1409.731785][T29698] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1409.948452][T29704] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1410.228098][T29679] ptrace attach of "./syz-executor exec"[28038] was attempted by "./syz-executor exec"[29679]
[ 1410.528786][T27333] Bluetooth: hci5: command 0x0406 tx timeout
[ 1411.515119][T29740] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1411.583398][T29742] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1411.618453][T29743] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1411.640700][T29744] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(6)
[ 1412.008135][T29761] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1412.046987][T29762] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1412.076614][T29760] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5696'.
[ 1412.368094][   T29] audit: type=1326 audit(4294967469.150:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29767 comm="syz.7.5698" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa6d0785d29 code=0x0
[ 1412.433833][   T29] audit: type=1326 audit(4294967469.160:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=29767 comm="syz.7.5698" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa6d0785d29 code=0x0
[ 1412.916685][T29780] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5700'.
[ 1412.972864][T29783] ubi0: attaching mtd0
[ 1412.992718][T29783] ubi0: scanning is finished
[ 1413.022335][T29783] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1413.792842][T29780] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1413.801838][T29780] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1413.855453][T29780] bridge0: entered allmulticast mode
[ 1414.043649][T29794] EXT4-fs error: 3 callbacks suppressed
[ 1414.043670][T29794] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1414.094169][T29783] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1414.502844][T29799] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5705'.
[ 1414.643365][T29800] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5705'.
[ 1414.825605][T29806] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5707'.
[ 1414.906193][T29806] vivid-013: =================  START STATUS  =================
[ 1414.937844][T29806] vivid-013: Generate PTS: true
[ 1414.943961][T29806] vivid-013: Generate SCR: true
[ 1414.993569][T29806] tpg source WxH: 640x360 (Y'CbCr)
[ 1415.137771][T29806] tpg field: 1
[ 1415.141986][T29806] tpg crop: 640x360@0x0
[ 1415.155070][T29806] tpg compose: 640x360@0x0
[ 1415.161660][T29806] tpg colorspace: 8
[ 1415.173368][T29806] tpg transfer function: 0/0
[ 1415.183520][T29806] tpg Y'CbCr encoding: 0/0
[ 1415.190977][T29806] tpg quantization: 0/0
[ 1415.203155][T29806] tpg RGB range: 0/2
[ 1415.213319][T29806] vivid-013: ==================  END STATUS  ==================
[ 1416.025739][T29825] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5713'.
[ 1416.046154][T29825] openvswitch: netlink: Flow get message rejected, Key attribute missing.
[ 1416.848705][T29842] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1417.131508][T29841] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5716'.
[ 1417.198848][T29841] ubi0: attaching mtd0
[ 1417.205394][T29841] ubi0: scanning is finished
[ 1417.229537][T29841] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1417.257406][T29848] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1417.336534][T29841] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1417.657397][T29858] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1418.444739][T29873] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5726'.
[ 1418.532344][T29866] queue_state_write: unsupported operation '"'
[ 1418.532358][T29876] vivid-013: =================  START STATUS  =================
[ 1418.543955][T29876] vivid-013: Generate PTS: true
[ 1418.575890][T29876] vivid-013: Generate SCR: true
[ 1418.597915][T29876] tpg source WxH: 640x360 (Y'CbCr)
[ 1418.606311][T29876] tpg field: 1
[ 1418.617939][T29876] tpg crop: 640x360@0x0
[ 1418.622984][T29876] tpg compose: 640x360@0x0
[ 1418.667085][T29876] tpg colorspace: 8
[ 1418.671863][T29876] tpg transfer function: 0/0
[ 1418.681759][T29876] tpg Y'CbCr encoding: 0/0
[ 1418.687231][T29876] tpg quantization: 0/0
[ 1418.697911][T29866] queue_state_write: use 'run', 'start' or 'kick'
[ 1418.707659][T29876] tpg RGB range: 0/2
[ 1418.713469][T29876] vivid-013: ==================  END STATUS  ==================
[ 1419.009396][T29871] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5725'.
[ 1419.181669][T29871] ubi0: attaching mtd0
[ 1419.235568][T29884] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5729'.
[ 1419.245968][T29871] ubi0: scanning is finished
[ 1419.291779][T29871] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1419.561836][T29888] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5730'.
[ 1419.578179][T29871] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1419.625313][T29884] ubi0: attaching mtd0
[ 1419.636069][T29884] ubi0: scanning is finished
[ 1419.643202][T29884] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1419.742713][T29884] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1419.756913][T29888] ubi0: attaching mtd0
[ 1419.777968][T29888] ubi0: scanning is finished
[ 1419.812135][T29888] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1420.009053][T29888] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1420.175708][T29899] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1420.425241][T29905] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1420.490040][T29911] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1421.141852][T29921] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1421.236097][T29924] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1422.065272][T29940] FAULT_INJECTION: forcing a failure.
[ 1422.065272][T29940] name failslab, interval 1, probability 0, space 0, times 0
[ 1422.123284][T29940] CPU: 1 UID: 0 PID: 29940 Comm: syz.3.5744 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1422.136688][T29940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1422.148883][T29940] Call Trace:
[ 1422.153183][T29940]  <TASK>
[ 1422.156835][T29940]  dump_stack_lvl+0x16c/0x1f0
[ 1422.163231][T29940]  should_fail_ex+0x497/0x5b0
[ 1422.168900][T29940]  ? fs_reclaim_acquire+0xae/0x150
[ 1422.175291][T29940]  should_failslab+0xc2/0x120
[ 1422.180980][T29940]  __kmalloc_node_noprof+0xd1/0x520
[ 1422.187405][T29940]  ? __kvmalloc_node_noprof+0xad/0x1a0
[ 1422.194000][T29940]  ? __pfx_lock_release+0x10/0x10
[ 1422.200080][T29940]  __kvmalloc_node_noprof+0xad/0x1a0
[ 1422.206471][T29940]  seq_read_iter+0x82a/0x12b0
[ 1422.212137][T29940]  seq_read+0x39f/0x4e0
[ 1422.217378][T29940]  ? __pfx_seq_read+0x10/0x10
[ 1422.223050][T29940]  ? __debugfs_file_get+0x43d/0x5d0
[ 1422.229370][T29940]  full_proxy_read+0xfd/0x1b0
[ 1422.235281][T29940]  ? __pfx_full_proxy_read+0x10/0x10
[ 1422.241672][T29940]  vfs_read+0x1df/0xbe0
[ 1422.246857][T29940]  ? __fget_files+0x1fc/0x3a0
[ 1422.252821][T29940]  ? __pfx___mutex_lock+0x10/0x10
[ 1422.258930][T29940]  ? __pfx_vfs_read+0x10/0x10
[ 1422.264606][T29940]  ? __fget_files+0x206/0x3a0
[ 1422.270278][T29940]  ksys_read+0x12b/0x250
[ 1422.275764][T29940]  ? __pfx_ksys_read+0x10/0x10
[ 1422.282046][T29940]  do_syscall_64+0xcd/0x250
[ 1422.287494][T29940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1422.294734][T29940] RIP: 0033:0x7f04c7785d29
[ 1422.300163][T29940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1422.323987][T29940] RSP: 002b:00007f04c852f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1422.334124][T29940] RAX: ffffffffffffffda RBX: 00007f04c7975fa0 RCX: 00007f04c7785d29
[ 1422.343734][T29940] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003
[ 1422.353432][T29940] RBP: 00007f04c852f090 R08: 0000000000000000 R09: 0000000000000000
[ 1422.363024][T29940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1422.372628][T29940] R13: 0000000000000000 R14: 00007f04c7975fa0 R15: 00007ffe4916ee38
[ 1422.382350][T29940]  </TASK>
[ 1422.575693][T29948] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5747'.
[ 1422.814702][T29955] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1423.703242][T29967] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5753'.
[ 1423.819567][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.827284][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1425.007010][T29997] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1425.066485][T29993] binder: 29990:29993 ioctl 2284 ffffffffffffffff returned -22
[ 1425.079640][T29992] openvswitch: HfR: Dropping previously announced user features
[ 1425.397332][T30007] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1425.819381][T30012] FAULT_INJECTION: forcing a failure.
[ 1425.819381][T30012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1425.887636][T30012] CPU: 0 UID: 0 PID: 30012 Comm: syz.7.5765 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1425.900821][T30012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1425.913020][T30012] Call Trace:
[ 1425.916986][T30012]  <TASK>
[ 1425.920537][T30012]  dump_stack_lvl+0x16c/0x1f0
[ 1425.926198][T30012]  should_fail_ex+0x497/0x5b0
[ 1425.931867][T30012]  _copy_to_user+0x32/0xd0
[ 1425.937210][T30012]  simple_read_from_buffer+0xd0/0x160
[ 1425.943693][T30012]  proc_fail_nth_read+0x198/0x270
[ 1425.949766][T30012]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1425.956523][T30012]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1425.963221][T30012]  vfs_read+0x1df/0xbe0
[ 1425.968247][T30012]  ? __fget_files+0x1fc/0x3a0
[ 1425.973908][T30012]  ? __pfx___mutex_lock+0x10/0x10
[ 1425.980093][T30012]  ? __pfx_vfs_read+0x10/0x10
[ 1425.985745][T30012]  ? __fget_files+0x206/0x3a0
[ 1425.991402][T30012]  ksys_read+0x12b/0x250
[ 1425.996522][T30012]  ? __pfx_ksys_read+0x10/0x10
[ 1426.002386][T30012]  do_syscall_64+0xcd/0x250
[ 1426.007825][T30012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1426.014947][T30012] RIP: 0033:0x7fa6d078473c
[ 1426.020559][T30012] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1426.044990][T30012] RSP: 002b:00007fa6d14f8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1426.055336][T30012] RAX: ffffffffffffffda RBX: 00007fa6d0975fa0 RCX: 00007fa6d078473c
[ 1426.064936][T30012] RDX: 000000000000000f RSI: 00007fa6d14f80a0 RDI: 0000000000000004
[ 1426.074639][T30012] RBP: 00007fa6d14f8090 R08: 0000000000000000 R09: 0000000000000000
[ 1426.084231][T30012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1426.094033][T30012] R13: 0000000000000000 R14: 00007fa6d0975fa0 R15: 00007ffc9da38308
[ 1426.103645][T30012]  </TASK>
[ 1427.269920][T30040] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1427.300388][T30036] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(9.0.1), cmd(6)
[ 1427.470408][T30044] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1427.754463][T30035] HfR: entered promiscuous mode
[ 1427.802459][T30035] binder: 30033:30035 ioctl 2284 ffffffffffffffff returned -22
[ 1427.990446][T30052] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5776'.
[ 1428.098606][T30054] vivid-013: =================  START STATUS  =================
[ 1428.179475][T30054] vivid-013: Generate PTS: true
[ 1428.185503][T30054] vivid-013: Generate SCR: true
[ 1428.260872][T30054] tpg source WxH: 640x360 (Y'CbCr)
[ 1428.321349][T30054] tpg field: 1
[ 1428.325480][T30054] tpg crop: 640x360@0x0
[ 1428.347768][T30054] tpg compose: 640x360@0x0
[ 1428.367898][T30054] tpg colorspace: 8
[ 1428.373054][T30054] tpg transfer function: 0/0
[ 1428.437944][T30054] tpg Y'CbCr encoding: 0/0
[ 1428.487694][T30054] tpg quantization: 0/0
[ 1428.507646][T30054] tpg RGB range: 0/2
[ 1428.512417][T30054] vivid-013: ==================  END STATUS  ==================
[ 1430.136228][T30081] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1430.232040][T30082] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1430.279449][T30079] capability: warning: `syz.7.5783' uses deprecated v2 capabilities in a way that may be insecure
[ 1430.306375][T30084] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1430.332118][T30086] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1430.566770][T30085] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5785'.
[ 1431.691910][T30090] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5786'.
[ 1432.670158][T30125] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1435.638611][T30142] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1437.059395][T30152] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5802'.
[ 1437.184809][T30155] ubi0: attaching mtd0
[ 1437.203717][T30155] ubi0: scanning is finished
[ 1437.222994][T30155] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1437.515543][T30155] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1437.546547][T30163] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1438.789799][T30185] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5811'.
[ 1438.850461][T30186] vivid-013: =================  START STATUS  =================
[ 1438.940510][T30186] vivid-013: Generate PTS: true
[ 1438.980226][T30186] vivid-013: Generate SCR: true
[ 1439.035600][T30186] tpg source WxH: 640x360 (Y'CbCr)
[ 1439.086803][T30186] tpg field: 1
[ 1439.134496][T30186] tpg crop: 640x360@0x0
[ 1439.180882][T30186] tpg compose: 640x360@0x0
[ 1439.277708][T30186] tpg colorspace: 8
[ 1439.299045][T30186] tpg transfer function: 0/0
[ 1439.308362][T30186] tpg Y'CbCr encoding: 0/0
[ 1439.323116][T30186] tpg quantization: 0/0
[ 1439.329472][T30186] tpg RGB range: 0/2
[ 1439.334645][T30186] vivid-013: ==================  END STATUS  ==================
[ 1440.337716][T30217] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1441.260614][T19560] Bluetooth: hci2: command 0x0406 tx timeout
[ 1441.329466][T30225] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5821'.
[ 1441.455251][T30226] vivid-013: =================  START STATUS  =================
[ 1441.549151][T30226] vivid-013: Generate PTS: true
[ 1441.673651][T30226] vivid-013: Generate SCR: true
[ 1441.716748][T30226] tpg source WxH: 640x360 (Y'CbCr)
[ 1441.777008][T30230] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5822'.
[ 1441.785397][T30232] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5823'.
[ 1441.807378][T30226] tpg field: 1
[ 1441.822018][T30226] tpg crop: 640x360@0x0
[ 1441.847980][T30226] tpg compose: 640x360@0x0
[ 1441.864960][T30226] tpg colorspace: 8
[ 1441.901614][T30226] tpg transfer function: 0/0
[ 1441.928074][T30226] tpg Y'CbCr encoding: 0/0
[ 1441.968952][T30226] tpg quantization: 0/0
[ 1441.977624][T30226] tpg RGB range: 0/2
[ 1441.985042][T30226] vivid-013: ==================  END STATUS  ==================
[ 1442.004423][T30230] vivid-013: =================  START STATUS  =================
[ 1442.014786][T30230] vivid-013: Generate PTS: true
[ 1442.032621][T30230] vivid-013: Generate SCR: true
[ 1442.048732][T30230] tpg source WxH: 640x360 (Y'CbCr)
[ 1442.065658][T30230] tpg field: 1
[ 1442.075776][T30230] tpg crop: 640x360@0x0
[ 1442.086655][T30230] tpg compose: 640x360@0x0
[ 1442.100592][T30230] tpg colorspace: 8
[ 1442.117072][T30230] tpg transfer function: 0/0
[ 1442.125601][T30230] tpg Y'CbCr encoding: 0/0
[ 1442.154546][T30230] tpg quantization: 0/0
[ 1442.187199][T30230] tpg RGB range: 0/2
[ 1442.221657][T30230] vivid-013: ==================  END STATUS  ==================
[ 1442.268937][T30234] vivid-013: =================  START STATUS  =================
[ 1442.304707][T30234] vivid-013: Generate PTS: true
[ 1442.312361][T30234] vivid-013: Generate SCR: true
[ 1442.337651][T30234] tpg source WxH: 640x360 (Y'CbCr)
[ 1442.351224][T30234] tpg field: 1
[ 1442.365634][T30234] tpg crop: 640x360@0x0
[ 1442.376541][T30234] tpg compose: 640x360@0x0
[ 1442.394139][T30234] tpg colorspace: 8
[ 1442.405678][T30234] tpg transfer function: 0/0
[ 1442.417800][T30234] tpg Y'CbCr encoding: 0/0
[ 1442.423157][T30234] tpg quantization: 0/0
[ 1442.438358][T30234] tpg RGB range: 0/2
[ 1442.443214][T30234] vivid-013: ==================  END STATUS  ==================
[ 1442.793326][T30243] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1443.148306][T30248] openvswitch: HfR: Dropping previously announced user features
[ 1443.199092][T30251] binder: 30245:30251 ioctl 2284 ffffffffffffffff returned -22
[ 1443.356531][T30255] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5829'.
[ 1444.090701][T30269] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5834'.
[ 1444.121611][T30269] vivid-013: =================  START STATUS  =================
[ 1444.148965][T30269] vivid-013: Generate PTS: true
[ 1444.155311][T30269] vivid-013: Generate SCR: true
[ 1444.217961][T30269] tpg source WxH: 640x360 (Y'CbCr)
[ 1444.224435][T30269] tpg field: 1
[ 1444.237550][T30269] tpg crop: 640x360@0x0
[ 1444.242620][T30269] tpg compose: 640x360@0x0
[ 1444.257581][T30269] tpg colorspace: 8
[ 1444.262443][T30269] tpg transfer function: 0/0
[ 1444.282936][T30269] tpg Y'CbCr encoding: 0/0
[ 1444.309166][T30269] tpg quantization: 0/0
[ 1444.321158][T30269] tpg RGB range: 0/2
[ 1444.325904][T30269] vivid-013: ==================  END STATUS  ==================
[ 1445.367128][T30281] binder: 30278:30281 ioctl 2284 ffffffffffffffff returned -22
[ 1445.461501][T30279] openvswitch: HfR: Dropping previously announced user features
[ 1445.890514][T30292] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1446.615166][T30301] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5839'.
[ 1446.705332][T30301] vivid-013: =================  START STATUS  =================
[ 1446.731550][T30301] vivid-013: Generate PTS: true
[ 1446.758525][T30301] vivid-013: Generate SCR: true
[ 1446.808020][T30301] tpg source WxH: 640x360 (Y'CbCr)
[ 1446.847810][T30301] tpg field: 1
[ 1446.867792][T30301] tpg crop: 640x360@0x0
[ 1446.887637][T30301] tpg compose: 640x360@0x0
[ 1446.906509][T30301] tpg colorspace: 8
[ 1446.920300][T30301] tpg transfer function: 0/0
[ 1446.926400][T30301] tpg Y'CbCr encoding: 0/0
[ 1446.975051][T30309] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1446.992897][T30301] tpg quantization: 0/0
[ 1447.021869][T30301] tpg RGB range: 0/2
[ 1447.039782][T30301] vivid-013: ==================  END STATUS  ==================
[ 1448.299087][T30327] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1449.877580][T30335] queue_state_write: unsupported operation '"'
[ 1449.893220][T30335] queue_state_write: use 'run', 'start' or 'kick'
[ 1450.002063][T30342] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1451.029910][T30355] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5853'.
[ 1451.083184][T30355] ubi0: attaching mtd0
[ 1451.108679][T30355] ubi0: scanning is finished
[ 1451.117117][T30355] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1451.260031][T30355] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1451.308774][T30368] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1451.790177][T30374] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1198: comm udevd: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1451.872742][T30374] udevd[30374]: failed to execute '/lib/udev/scsi_id' 'scsi_id --export --whitelisted -d /dev/sda': Structure needs cleaning
[ 1452.306971][T30385] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1452.331497][T30363] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1452.379086][T30387] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1452.498755][T30390] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1452.552252][T30391] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1453.242873][T30398] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5862'.
[ 1453.295401][T30398] ubi0: attaching mtd0
[ 1453.332175][T30398] ubi0: scanning is finished
[ 1453.352782][T30398] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1453.395888][T30405] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1453.489106][T30407] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1453.524690][T27333] Bluetooth: hci0: Received unexpected HCI Event 0x00
[ 1453.598079][T30398] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1453.766313][T30413] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1453.795009][T30408] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5865'.
[ 1453.823185][T30411] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5866'.
[ 1453.838480][T30411] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1453.852318][T30408] ubi0: attaching mtd0
[ 1453.857643][T30411] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1453.882319][T30408] ubi0: scanning is finished
[ 1453.897614][T30408] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1454.040607][T30408] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1454.441222][T30427] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1455.475745][T30444] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5876'.
[ 1455.555625][T30444] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1455.668984][T30444] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1456.281730][T30454] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5878'.
[ 1456.335970][T30437] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1456.433138][T30454] ubi0: attaching mtd0
[ 1456.451220][T30454] ubi0: scanning is finished
[ 1456.491834][T30454] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1456.820087][T30454] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1457.631823][T30478] ubi0: attaching mtd0
[ 1457.663423][T30478] ubi0: scanning is finished
[ 1457.687594][T30478] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1457.779906][T30478] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1458.115236][T30491] EXT4-fs error: 1 callbacks suppressed
[ 1458.115257][T30491] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1458.179189][T30493] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5889'.
[ 1458.252460][T30493] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1458.295993][T30493] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1458.363898][T30494] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1458.930280][T30498] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1461.159069][T30520] ubi0: attaching mtd0
[ 1461.165371][T30520] ubi0: scanning is finished
[ 1461.240555][T30520] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1461.528813][T30520] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1464.779116][T30553] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5903'.
[ 1465.314143][T30553] hsr_slave_0 (unregistering): left promiscuous mode
[ 1466.201944][T30576] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1466.230970][T30577] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1466.281024][T30579] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1466.351620][T30580] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:5: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1466.507075][T30585] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1466.563128][T30589] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5910'.
[ 1466.575518][T30582] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5912'.
[ 1466.618563][T30582] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1466.629950][T30589] vivid-013: =================  START STATUS  =================
[ 1466.629974][T30589] vivid-013: Generate PTS: true
[ 1466.674513][T30582] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1466.697649][T30589] 
[ 1466.703346][T30589] vivid-013: Generate SCR: true
[ 1466.732302][T30589] tpg source WxH: 640x360 (Y'CbCr)
[ 1466.746548][T30589] tpg field: 1
[ 1466.751768][T30587] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5911'.
[ 1466.752114][T30589] tpg crop: 640x360@0x0
[ 1466.780502][T30589] tpg compose: 640x360@0x0
[ 1466.815343][T30595] ubi0: attaching mtd0
[ 1466.821850][T30595] ubi0: scanning is finished
[ 1466.855296][T30595] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1466.966909][T30589] tpg colorspace: 8
[ 1467.030680][T30589] tpg transfer function: 0/0
[ 1467.057287][T30589] tpg Y'CbCr encoding: 0/0
[ 1467.087743][T30589] tpg quantization: 0/0
[ 1467.113839][T30589] tpg RGB range: 0/2
[ 1467.150150][T30589] vivid-013: ==================  END STATUS  ==================
[ 1467.229524][T30595] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1467.552379][T30606] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1467.575246][T30608] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5917'.
[ 1467.622966][T30608] vivid-013: =================  START STATUS  =================
[ 1467.642593][T30604] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5916'.
[ 1467.659316][T30608] vivid-013: Generate PTS: true
[ 1467.689639][T30604] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1467.705999][T30608] vivid-013: Generate SCR: true
[ 1467.722909][T30608] tpg source WxH: 640x360 (Y'CbCr)
[ 1467.730875][T30608] tpg field: 1
[ 1467.757340][T30608] tpg crop: 640x360@0x0
[ 1467.763321][T30608] tpg compose: 640x360@0x0
[ 1467.770262][T30608] tpg colorspace: 8
[ 1467.777774][T30604] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1467.793653][T30608] tpg transfer function: 0/0
[ 1467.802791][T30608] tpg Y'CbCr encoding: 0/0
[ 1467.808285][T30608] tpg quantization: 0/0
[ 1467.813601][T30608] tpg RGB range: 0/2
[ 1467.818877][T30608] vivid-013: ==================  END STATUS  ==================
[ 1468.862941][T30630] synth uevent: /bus/memstick: unknown uevent action string
[ 1469.002434][T30633] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1469.159743][T30635] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1469.283692][T30636] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1469.407236][T30638] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1469.924255][T30641] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5926'.
[ 1469.962595][T30641] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1470.004103][T30641] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1470.753865][T30658] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 400008000000006
[ 1471.703862][T30675] EXT4-fs error: 2 callbacks suppressed
[ 1471.703884][T30675] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1471.888914][T30671] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5934'.
[ 1471.948700][T30671] ubi0: attaching mtd0
[ 1471.954792][T30671] ubi0: scanning is finished
[ 1471.967904][T30671] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1472.103658][T30682] openvswitch: HfR: Dropping previously announced user features
[ 1472.140747][T30682] binder: 30680:30682 ioctl 2284 ffffffffffffffff returned -22
[ 1472.205168][T30671] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1472.462921][T30691] netlink: 326 bytes leftover after parsing attributes in process `syz.6.5940'.
[ 1472.636305][T30697] FAULT_INJECTION: forcing a failure.
[ 1472.636305][T30697] name failslab, interval 1, probability 0, space 0, times 0
[ 1472.687988][T30697] CPU: 1 UID: 0 PID: 30697 Comm: syz.5.5944 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1472.700971][T30697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1472.713222][T30697] Call Trace:
[ 1472.717287][T30697]  <TASK>
[ 1472.720841][T30697]  dump_stack_lvl+0x16c/0x1f0
[ 1472.726506][T30697]  should_fail_ex+0x497/0x5b0
[ 1472.732271][T30697]  ? fs_reclaim_acquire+0xae/0x150
[ 1472.738446][T30697]  should_failslab+0xc2/0x120
[ 1472.744102][T30697]  kmem_cache_alloc_noprof+0x6e/0x3b0
[ 1472.750587][T30697]  ? getname_flags.part.0+0x4c/0x550
[ 1472.756984][T30697]  getname_flags.part.0+0x4c/0x550
[ 1472.763486][T30697]  getname_flags+0x93/0xf0
[ 1472.768833][T30697]  user_path_at+0x24/0x60
[ 1472.774071][T30697]  __do_sys_pivot_root+0x175/0x1660
[ 1472.780596][T30697]  ? __fget_files+0x206/0x3a0
[ 1472.786267][T30697]  ? __pfx___do_sys_pivot_root+0x10/0x10
[ 1472.793086][T30697]  ? fput+0x67/0x440
[ 1472.797983][T30697]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x230
[ 1472.805434][T30697]  do_syscall_64+0xcd/0x250
[ 1472.810891][T30697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1472.818536][T30697] RIP: 0033:0x7f92feb85d29
[ 1472.823881][T30697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1472.847750][T30697] RSP: 002b:00007f92ff913038 EFLAGS: 00000246 ORIG_RAX: 000000000000009b
[ 1472.858223][T30697] RAX: ffffffffffffffda RBX: 00007f92fed75fa0 RCX: 00007f92feb85d29
[ 1472.868247][T30697] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1472.877953][T30697] RBP: 00007f92ff913090 R08: 0000000000000000 R09: 0000000000000000
[ 1472.887559][T30697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1472.897671][T30697] R13: 0000000000000000 R14: 00007f92fed75fa0 R15: 00007ffd495a6098
[ 1472.907799][T30697]  </TASK>
[ 1474.899891][T30724] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5952'.
[ 1474.957895][T30729] ubi0: attaching mtd0
[ 1474.964024][T30729] ubi0: scanning is finished
[ 1474.985259][T30729] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1475.029785][T30733] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1475.144489][T30729] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1475.403784][T30743] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1475.407761][T30742] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1475.612423][T30738] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5955'.
[ 1475.641059][T30738] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1475.659916][T30738] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1475.918487][T30755] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1475.969991][T30757] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1476.005044][T30758] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1476.061703][T30750] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5957'.
[ 1477.235818][T30768] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5960'.
[ 1477.348793][T30771] ubi0: attaching mtd0
[ 1477.355194][T30771] ubi0: scanning is finished
[ 1477.371734][T30771] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1477.926607][T30771] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1477.947269][T30778] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5964'.
[ 1480.217610][T30808] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5972'.
[ 1480.341712][T30808] vivid-013: =================  START STATUS  =================
[ 1480.511084][T30808] vivid-013: Generate PTS: true
[ 1480.516995][T30808] vivid-013: Generate SCR: true
[ 1480.661452][T30808] tpg source WxH: 640x360 (Y'CbCr)
[ 1480.788581][T30808] tpg field: 1
[ 1480.828055][T30808] tpg crop: 640x360@0x0
[ 1480.833110][T30808] tpg compose: 640x360@0x0
[ 1480.957632][T30808] tpg colorspace: 8
[ 1480.977858][T30808] tpg transfer function: 0/0
[ 1481.005225][T30808] tpg Y'CbCr encoding: 0/0
[ 1481.052691][T30808] tpg quantization: 0/0
[ 1481.112706][T30808] tpg RGB range: 0/2
[ 1481.147567][T30808] vivid-013: ==================  END STATUS  ==================
[ 1481.705226][T30818] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5976'.
[ 1481.808044][T30822] ubi0: attaching mtd0
[ 1481.814201][T30822] ubi0: scanning is finished
[ 1481.834781][T30822] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1482.036565][T30822] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1482.898491][T30836] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1483.347821][T30831] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5979'.
[ 1483.521929][T30831] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1483.685675][T30831] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1484.158660][T30847] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1484.284127][T30843] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5983'.
[ 1484.329945][T30843] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1484.390277][T30843] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1485.250883][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1485.258619][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.348729][T30862] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1485.566634][T30864] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5985'.
[ 1485.697366][T30864] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1485.737714][T30864] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1486.021596][T30871] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1486.068645][T30867] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5986'.
[ 1486.602401][T30877] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5988'.
[ 1486.690499][T30877] ubi0: attaching mtd0
[ 1486.729325][T30877] ubi0: scanning is finished
[ 1486.767733][T30877] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1486.935326][T30877] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1487.686167][T30891] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1487.775715][T30892] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1487.847049][T30884] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5989'.
[ 1487.863750][T30894] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1487.969719][T30884] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1488.186769][T30884] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1490.021848][T30913] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1490.082946][T30911] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5997'.
[ 1490.105591][T30911] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1490.123990][T30911] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1491.513229][T30935] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1491.563769][T30936] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:17: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1491.702895][T30930] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6001'.
[ 1491.768330][T30930] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1491.783872][T30930] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1491.805684][T30934] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6003'.
[ 1491.905229][T30925] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6000'.
[ 1491.917290][T30920] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5998'.
[ 1491.936288][T30934] ubi0: attaching mtd0
[ 1491.960297][T30934] ubi0: scanning is finished
[ 1491.965900][T30934] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1492.168734][T30934] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1492.552303][T30949] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:17: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1492.606186][T30950] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6005'.
[ 1492.731920][T30950] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1492.756460][T30952] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1492.788019][T30950] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1492.809812][T30953] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1493.539946][T30966] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6008'.
[ 1493.551905][T30967] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1493.579644][T30966] ubi0: attaching mtd0
[ 1493.597669][T30966] ubi0: scanning is finished
[ 1493.603298][T30966] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1493.643750][T30963] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6007'.
[ 1493.771437][T30963] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1493.804628][T30963] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1493.839096][T30966] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1494.234298][T30976] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6009'.
[ 1494.463152][T30976] ubi0: attaching mtd0
[ 1494.504913][T30976] ubi0: scanning is finished
[ 1494.525895][T30981] erspan0: entered allmulticast mode
[ 1494.617706][T30976] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1495.178381][T30976] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1495.292171][T30994] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1496.547012][T31009] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1496.603595][T31010] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6018'.
[ 1496.615554][T31010] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1496.689653][T31010] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1497.514170][T31019] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1497.627340][T31015] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6019'.
[ 1497.666289][T31015] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1497.715850][T31015] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1498.707096][T31035] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1498.745104][T31033] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6024'.
[ 1498.769578][T31033] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1498.795295][T31033] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1499.470439][T31044] nvme_fabrics: unknown parameter or missing value '7' in ctrl creation request
[ 1500.928504][T31065] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6021'.
[ 1501.040820][T31072] FAULT_INJECTION: forcing a failure.
[ 1501.040820][T31072] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1501.087755][T31072] CPU: 0 UID: 0 PID: 31072 Comm: syz.3.6037 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1501.100740][T31072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1501.112803][T31072] Call Trace:
[ 1501.116817][T31072]  <TASK>
[ 1501.120333][T31072]  dump_stack_lvl+0x16c/0x1f0
[ 1501.125949][T31072]  should_fail_ex+0x497/0x5b0
[ 1501.131572][T31072]  _copy_to_user+0x32/0xd0
[ 1501.136876][T31072]  simple_read_from_buffer+0xd0/0x160
[ 1501.143316][T31072]  proc_fail_nth_read+0x198/0x270
[ 1501.149363][T31072]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1501.156025][T31072]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1501.162686][T31072]  vfs_read+0x1df/0xbe0
[ 1501.167670][T31072]  ? __fget_files+0x1fc/0x3a0
[ 1501.173287][T31072]  ? __pfx___mutex_lock+0x10/0x10
[ 1501.179474][T31072]  ? __pfx_vfs_read+0x10/0x10
[ 1501.185103][T31072]  ? __fget_files+0x206/0x3a0
[ 1501.190830][T31072]  ksys_read+0x12b/0x250
[ 1501.195916][T31072]  ? __pfx_ksys_read+0x10/0x10
[ 1501.201632][T31072]  do_syscall_64+0xcd/0x250
[ 1501.207035][T31072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1501.214137][T31072] RIP: 0033:0x7f04c778473c
[ 1501.219552][T31072] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1501.243612][T31072] RSP: 002b:00007f04c850e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1501.253721][T31072] RAX: ffffffffffffffda RBX: 00007f04c7976080 RCX: 00007f04c778473c
[ 1501.263297][T31072] RDX: 000000000000000f RSI: 00007f04c850e0a0 RDI: 0000000000000004
[ 1501.272871][T31072] RBP: 00007f04c850e090 R08: 0000000000000000 R09: 0000000000000000
[ 1501.282466][T31072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1501.292038][T31072] R13: 0000000000000001 R14: 00007f04c7976080 R15: 00007ffe4916ee38
[ 1501.301612][T31072]  </TASK>
[ 1501.506065][T31077] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:17: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1501.557537][T31078] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6038'.
[ 1501.570138][T31078] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1501.630548][T31078] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1502.353629][T31089] block nbd12: NBD_DISCONNECT
[ 1504.108415][T31096] netlink: 338 bytes leftover after parsing attributes in process `syz.7.6041'.
[ 1504.229604][T31106] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:17: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1504.298403][T31097] netlink: 338 bytes leftover after parsing attributes in process `syz.7.6041'.
[ 1504.333546][T31108] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:17: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1504.553955][T31110] FAULT_INJECTION: forcing a failure.
[ 1504.553955][T31110] name failslab, interval 1, probability 0, space 0, times 0
[ 1504.597264][T31110] CPU: 1 UID: 0 PID: 31110 Comm: syz.3.6048 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1504.610343][T31110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1504.622431][T31110] Call Trace:
[ 1504.626376][T31110]  <TASK>
[ 1504.629915][T31110]  dump_stack_lvl+0x16c/0x1f0
[ 1504.635669][T31110]  should_fail_ex+0x497/0x5b0
[ 1504.641416][T31110]  ? fs_reclaim_acquire+0xae/0x150
[ 1504.647581][T31110]  should_failslab+0xc2/0x120
[ 1504.653246][T31110]  __kmalloc_node_noprof+0xd1/0x520
[ 1504.659532][T31110]  ? __kvmalloc_node_noprof+0xad/0x1a0
[ 1504.666238][T31110]  __kvmalloc_node_noprof+0xad/0x1a0
[ 1504.672823][T31110]  seq_read_iter+0x82a/0x12b0
[ 1504.678579][T31110]  ? __pfx_aa_file_perm+0x10/0x10
[ 1504.684766][T31110]  seq_read+0x39f/0x4e0
[ 1504.689791][T31110]  ? __pfx_seq_read+0x10/0x10
[ 1504.695460][T31110]  ? __pfx_seq_read+0x10/0x10
[ 1504.701099][T31110]  vfs_read+0x1df/0xbe0
[ 1504.706133][T31110]  ? __fget_files+0x1fc/0x3a0
[ 1504.711773][T31110]  ? __pfx___mutex_lock+0x10/0x10
[ 1504.717869][T31110]  ? __pfx_vfs_read+0x10/0x10
[ 1504.723640][T31110]  ? __fget_files+0x206/0x3a0
[ 1504.729299][T31110]  ksys_read+0x12b/0x250
[ 1504.734455][T31110]  ? __pfx_ksys_read+0x10/0x10
[ 1504.740216][T31110]  do_syscall_64+0xcd/0x250
[ 1504.745659][T31110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1504.752777][T31110] RIP: 0033:0x7f04c7785d29
[ 1504.758095][T31110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1504.781747][T31110] RSP: 002b:00007f04c852f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1504.791851][T31110] RAX: ffffffffffffffda RBX: 00007f04c7975fa0 RCX: 00007f04c7785d29
[ 1504.801422][T31110] RDX: 0000000000000058 RSI: 0000000020008340 RDI: 0000000000000004
[ 1504.810979][T31110] RBP: 00007f04c852f090 R08: 0000000000000000 R09: 0000000000000000
[ 1504.820537][T31110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1504.830096][T31110] R13: 0000000000000000 R14: 00007f04c7975fa0 R15: 00007ffe4916ee38
[ 1504.839674][T31110]  </TASK>
[ 1505.603882][T31124] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6050'.
[ 1505.675802][T31126] ubi0: attaching mtd0
[ 1505.689260][T31126] ubi0: scanning is finished
[ 1505.694865][T31126] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1506.358803][T31126] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1507.251484][T31138] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1507.356491][T31141] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1507.375946][T31142] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1507.412456][T31140] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(6)
[ 1508.028850][T31149] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1508.179077][T31147] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6055'.
[ 1508.508327][T31147] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1508.571286][T31147] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1509.876366][T31165] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:17: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1509.917186][T31167] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1510.512787][T31173] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1510.583877][T31176] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1512.618159][T31193] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1512.878265][T31191] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6067'.
[ 1513.091354][T31191] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1513.278101][T31191] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1513.729084][T31203] [U] ^@
[ 1513.758909][T31205] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6071'.
[ 1513.826741][T31207] ubi0: attaching mtd0
[ 1513.852272][T31207] ubi0: scanning is finished
[ 1513.872535][T31207] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1514.127357][T31207] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1514.457859][T31224] binder: 31222:31224 ioctl 4018620d 9 returned -22
[ 1514.577265][T31224] openvswitch: HfR: Dropping previously announced user features
[ 1514.815025][T31223] binder: 31222:31223 ioctl 2284 ffffffffffffffff returned -22
[ 1516.651563][T31252] erspan0: entered allmulticast mode
[ 1517.323861][T31258] Invalid ELF header magic: != ELF
[ 1517.602485][T31267] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6085'.
[ 1517.678965][T31269] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1517.732945][T31270] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1518.053917][T19560] Bluetooth: hci0: command 0x0406 tx timeout
[ 1518.178479][T31273] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:6: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1518.329195][T31275] Invalid ELF header magic: != ELF
[ 1518.349628][T31258] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1519.245264][T31296] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1519.369990][T31293] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6090'.
[ 1519.421939][T31293] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1519.464186][T31293] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1519.798622][T31275] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1520.678535][T31313] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1521.106703][T31323] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1521.475905][T31327] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1521.514278][T31328] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1521.567158][T31330] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1525.242306][T31383] erspan0: entered allmulticast mode
[ 1525.736665][T31398] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1526.588357][T31411] FAULT_INJECTION: forcing a failure.
[ 1526.588357][T31411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1526.681918][T31411] CPU: 1 UID: 0 PID: 31411 Comm: syz.5.6121 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1526.694991][T31411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1526.707058][T31411] Call Trace:
[ 1526.711020][T31411]  <TASK>
[ 1526.714531][T31411]  dump_stack_lvl+0x16c/0x1f0
[ 1526.720151][T31411]  should_fail_ex+0x497/0x5b0
[ 1526.725762][T31411]  _copy_from_user+0x2e/0xd0
[ 1526.731267][T31411]  copy_msghdr_from_user+0x99/0x160
[ 1526.737505][T31411]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1526.744482][T31411]  ___sys_sendmsg+0xff/0x1e0
[ 1526.750003][T31411]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1526.756251][T31411]  ? __pfx_lock_release+0x10/0x10
[ 1526.762271][T31411]  ? trace_lock_acquire+0x14e/0x1f0
[ 1526.768523][T31411]  ? __fget_files+0x206/0x3a0
[ 1526.774155][T31411]  __sys_sendmsg+0x16e/0x220
[ 1526.779682][T31411]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1526.785833][T31411]  do_syscall_64+0xcd/0x250
[ 1526.791244][T31411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1526.798312][T31411] RIP: 0033:0x7f92feb85d29
[ 1526.803626][T31411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1526.827151][T31411] RSP: 002b:00007f92ff913038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1526.837245][T31411] RAX: ffffffffffffffda RBX: 00007f92fed75fa0 RCX: 00007f92feb85d29
[ 1526.846803][T31411] RDX: 0000000000000084 RSI: 0000000020000180 RDI: 0000000000000003
[ 1526.856674][T31411] RBP: 00007f92ff913090 R08: 0000000000000000 R09: 0000000000000000
[ 1526.866247][T31411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1526.875808][T31411] R13: 0000000000000000 R14: 00007f92fed75fa0 R15: 00007ffd495a6098
[ 1526.885393][T31411]  </TASK>
[ 1527.390924][T31418] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:12: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1527.567562][T31421] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:1: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1527.754283][T31425] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1527.821976][T31428] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1527.892945][T31430] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #89: comm dhcpcd: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1528.451794][T31434] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1529.618497][T31463] FAULT_INJECTION: forcing a failure.
[ 1529.618497][T31463] name failslab, interval 1, probability 0, space 0, times 0
[ 1529.677687][T31463] CPU: 0 UID: 0 PID: 31463 Comm: syz.7.6135 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1529.690655][T31463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1529.702851][T31463] Call Trace:
[ 1529.707022][T31463]  <TASK>
[ 1529.710590][T31463]  dump_stack_lvl+0x16c/0x1f0
[ 1529.716256][T31463]  should_fail_ex+0x497/0x5b0
[ 1529.721895][T31463]  ? fs_reclaim_acquire+0xae/0x150
[ 1529.728064][T31463]  should_failslab+0xc2/0x120
[ 1529.733712][T31463]  kmem_cache_alloc_noprof+0x6e/0x3b0
[ 1529.740417][T31463]  ? alloc_empty_file+0x73/0x1e0
[ 1529.746374][T31463]  alloc_empty_file+0x73/0x1e0
[ 1529.752100][T31463]  path_openat+0xe1/0x2d60
[ 1529.757406][T31463]  ? hlock_class+0x4e/0x130
[ 1529.762818][T31463]  ? __lock_acquire+0x15a9/0x3c40
[ 1529.768864][T31463]  ? __pfx_path_openat+0x10/0x10
[ 1529.774796][T31463]  ? __pfx___lock_acquire+0x10/0x10
[ 1529.781049][T31463]  ? lock_acquire.part.0+0x11b/0x380
[ 1529.787382][T31463]  ? find_held_lock+0x2d/0x110
[ 1529.793205][T31463]  do_filp_open+0x20c/0x470
[ 1529.798614][T31463]  ? __pfx_do_filp_open+0x10/0x10
[ 1529.804634][T31463]  ? find_held_lock+0x2d/0x110
[ 1529.810367][T31463]  ? alloc_fd+0x41f/0x760
[ 1529.815568][T31463]  do_sys_openat2+0x17a/0x1e0
[ 1529.821193][T31463]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1529.827437][T31463]  ? __fget_files+0x206/0x3a0
[ 1529.833090][T31463]  __x64_sys_openat+0x175/0x210
[ 1529.838913][T31463]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1529.845363][T31463]  ? ksys_write+0x1ba/0x250
[ 1529.850907][T31463]  do_syscall_64+0xcd/0x250
[ 1529.856318][T31463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1529.863540][T31463] RIP: 0033:0x7fa6d0785d29
[ 1529.868890][T31463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1529.892432][T31463] RSP: 002b:00007fa6d14f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1529.902627][T31463] RAX: ffffffffffffffda RBX: 00007fa6d0975fa0 RCX: 00007fa6d0785d29
[ 1529.912323][T31463] RDX: 0000000000000000 RSI: 0000000020000540 RDI: ffffffffffffff9c
[ 1529.921907][T31463] RBP: 00007fa6d14f8090 R08: 0000000000000000 R09: 0000000000000000
[ 1529.931696][T31463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1529.941281][T31463] R13: 0000000000000001 R14: 00007fa6d0975fa0 R15: 00007ffc9da38308
[ 1529.950971][T31463]  </TASK>
[ 1529.988202][T31468] Invalid ELF header magic: != ELF
[ 1531.816663][T31470] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1531.959973][T31481] erspan0: entered allmulticast mode
[ 1533.458386][T31498] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:30: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1533.725168][T31506] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:23: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1534.119651][T31505] [U] ^@
[ 1534.231912][T31516] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1534.377658][T31514] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6147'.
[ 1534.391141][T31513] Invalid ELF header magic: != ELF
[ 1534.618190][T31514] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[ 1534.689418][T31514] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1535.448697][T31532] ubi0: attaching mtd0
[ 1535.455210][T31532] ubi0: scanning is finished
[ 1535.496914][T31532] ubi0 error: ubi_read_volume_table: the layout volume was not found
[ 1536.038586][T31532] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22
[ 1536.305810][T31513] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1537.182561][T31556] EXT4-fs error (device sda1): ext4_xattr_ibody_get:653: inode #1251: comm kworker/u8:7: corrupted in-inode xattr: bad magic number in in-inode xattr
[ 1537.277259][T31553] [U] ^@
[ 1537.531803][T31548] [U] ^@
[ 1538.431058][T31566] 
[ 1538.433883][T31566] ======================================================
[ 1538.442301][T31566] WARNING: possible circular locking dependency detected
[ 1538.450961][T31566] 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0 Not tainted
[ 1538.459503][T31566] ------------------------------------------------------
[ 1538.467908][T31566] syz.6.6160/31566 is trying to acquire lock:
[ 1538.475378][T31566] ffff88806dfa1560 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0xe3/0x190
[ 1538.486060][T31566] 
[ 1538.486060][T31566] but task is already holding lock:
[ 1538.494979][T31566] ffff88814378ba00 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_setup+0x33/0x70
[ 1538.506065][T31566] 
[ 1538.506065][T31566] which lock already depends on the new lock.
[ 1538.506065][T31566] 
[ 1538.518967][T31566] 
[ 1538.518967][T31566] the existing dependency chain (in reverse order) is:
[ 1538.529786][T31566] 
[ 1538.529786][T31566] -> #5 (&q->debugfs_mutex){+.+.}-{4:4}:
[ 1538.539241][T31566]        __mutex_lock+0x19b/0xa60
[ 1538.545316][T31566]        blk_mq_init_sched+0x42b/0x640
[ 1538.551889][T31566]        elevator_init_mq+0x2cd/0x420
[ 1538.558766][T31566]        add_disk_fwnode+0x113/0x1300
[ 1538.565321][T31566]        sd_probe+0xa66/0xfa0
[ 1538.571036][T31566]        really_probe+0x23e/0xa90
[ 1538.577409][T31566]        __driver_probe_device+0x1de/0x440
[ 1538.584389][T31566]        driver_probe_device+0x4c/0x1b0
[ 1538.591073][T31566]        __device_attach_driver+0x1df/0x310
[ 1538.598152][T31566]        bus_for_each_drv+0x157/0x1e0
[ 1538.604608][T31566]        __device_attach_async_helper+0x1d3/0x290
[ 1538.612319][T31566]        async_run_entry_fn+0x9c/0x530
[ 1538.618866][T31566]        process_one_work+0x958/0x1b30
[ 1538.625413][T31566]        worker_thread+0x6c8/0xf00
[ 1538.631646][T31566]        kthread+0x2c1/0x3a0
[ 1538.637173][T31566]        ret_from_fork+0x45/0x80
[ 1538.643105][T31566]        ret_from_fork_asm+0x1a/0x30
[ 1538.649469][T31566] 
[ 1538.649469][T31566] -> #4 (&q->q_usage_counter(queue)#50){++++}-{0:0}:
[ 1538.660151][T31566]        blk_queue_enter+0x50f/0x640
[ 1538.666626][T31566]        blk_mq_alloc_request+0x59b/0x950
[ 1538.673906][T31566]        scsi_execute_cmd+0x20a/0xf30
[ 1538.680461][T31566]        read_capacity_16+0x21a/0xe20
[ 1538.687112][T31566]        sd_revalidate_disk.isra.0+0x1a06/0xa8d0
[ 1538.694702][T31566]        sd_probe+0x8ee/0xfa0
[ 1538.700314][T31566]        really_probe+0x23e/0xa90
[ 1538.706343][T31566]        __driver_probe_device+0x1de/0x440
[ 1538.713318][T31566]        driver_probe_device+0x4c/0x1b0
[ 1538.719972][T31566]        __device_attach_driver+0x1df/0x310
[ 1538.727049][T31566]        bus_for_each_drv+0x157/0x1e0
[ 1538.733490][T31566]        __device_attach_async_helper+0x1d3/0x290
[ 1538.741187][T31566]        async_run_entry_fn+0x9c/0x530
[ 1538.747831][T31566]        process_one_work+0x958/0x1b30
[ 1538.754374][T31566]        worker_thread+0x6c8/0xf00
[ 1538.760607][T31566]        kthread+0x2c1/0x3a0
[ 1538.766114][T31566]        ret_from_fork+0x45/0x80
[ 1538.772112][T31566]        ret_from_fork_asm+0x1a/0x30
[ 1538.778569][T31566] 
[ 1538.778569][T31566] -> #3 (&q->limits_lock){+.+.}-{4:4}:
[ 1538.787735][T31566]        __mutex_lock+0x19b/0xa60
[ 1538.793765][T31566]        __nbd_set_size+0x2c0/0x730
[ 1538.800004][T31566]        nbd_start_device+0x8fd/0xd70
[ 1538.806459][T31566]        nbd_genl_connect+0x1204/0x1c00
[ 1538.813120][T31566]        genl_family_rcv_msg_doit+0x202/0x2f0
[ 1538.820401][T31566]        genl_rcv_msg+0x565/0x800
[ 1538.826536][T31566]        netlink_rcv_skb+0x165/0x410
[ 1538.832890][T31566]        genl_rcv+0x28/0x40
[ 1538.838419][T31566]        netlink_unicast+0x53c/0x7f0
[ 1538.844756][T31566]        netlink_sendmsg+0x8b8/0xd70
[ 1538.851098][T31566]        ____sys_sendmsg+0x9ae/0xb40
[ 1538.857439][T31566]        ___sys_sendmsg+0x135/0x1e0
[ 1538.863684][T31566]        __sys_sendmsg+0x16e/0x220
[ 1538.869830][T31566]        do_syscall_64+0xcd/0x250
[ 1538.876071][T31566]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1538.883767][T31566] 
[ 1538.883767][T31566] -> #2 (&q->q_usage_counter(io)#49){++++}-{0:0}:
[ 1538.894119][T31566]        blk_mq_submit_bio+0x1fb6/0x24c0
[ 1538.900884][T31566]        __submit_bio+0x384/0x540
[ 1538.906912][T31566]        submit_bio_noacct_nocheck+0x698/0xd70
[ 1538.914290][T31566]        submit_bio_noacct+0x93a/0x1e20
[ 1538.920954][T31566]        mpage_readahead+0x41d/0x590
[ 1538.927301][T31566]        read_pages+0x1a8/0xdc0
[ 1538.933124][T31566]        page_cache_ra_unbounded+0x3dc/0x750
[ 1538.940303][T31566]        force_page_cache_ra+0x24b/0x340
[ 1538.947382][T31566]        page_cache_sync_ra+0x110/0x9c0
[ 1538.954031][T31566]        filemap_get_pages+0xd7b/0x1be0
[ 1538.960790][T31566]        filemap_read+0x3ca/0xd70
[ 1538.966948][T31566]        blkdev_read_iter+0x187/0x480
[ 1538.973406][T31566]        vfs_read+0x87f/0xbe0
[ 1538.979026][T31566]        ksys_read+0x12b/0x250
[ 1538.984739][T31566]        do_syscall_64+0xcd/0x250
[ 1538.990763][T31566]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1538.998451][T31566] 
[ 1538.998451][T31566] -> #1 (mapping.invalidate_lock#2){++++}-{4:4}:
[ 1539.008871][T31566]        down_read+0x9a/0x330
[ 1539.014489][T31566]        filemap_fault+0x2e0/0x2820
[ 1539.020731][T31566]        __do_fault+0x10a/0x490
[ 1539.026547][T31566]        do_pte_missing+0xebd/0x3e00
[ 1539.032890][T31566]        __handle_mm_fault+0x103c/0x2a40
[ 1539.039665][T31566]        handle_mm_fault+0x3fa/0xaa0
[ 1539.046007][T31566]        __get_user_pages+0x8d9/0x3b50
[ 1539.052760][T31566]        populate_vma_page_range+0x27f/0x3a0
[ 1539.059939][T31566]        __mm_populate+0x1d6/0x380
[ 1539.066074][T31566]        vm_mmap_pgoff+0x293/0x360
[ 1539.072220][T31566]        ksys_mmap_pgoff+0x32c/0x5c0
[ 1539.078574][T31566]        __x64_sys_mmap+0x125/0x190
[ 1539.084799][T31566]        do_syscall_64+0xcd/0x250
[ 1539.090827][T31566]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1539.098519][T31566] 
[ 1539.098519][T31566] -> #0 (&mm->mmap_lock){++++}-{4:4}:
[ 1539.107591][T31566]        __lock_acquire+0x249e/0x3c40
[ 1539.114071][T31566]        lock_acquire.part.0+0x11b/0x380
[ 1539.120836][T31566]        __might_fault+0x11b/0x190
[ 1539.126962][T31566]        _copy_from_user+0x29/0xd0
[ 1539.133095][T31566]        __blk_trace_setup+0xa8/0x180
[ 1539.139538][T31566]        blk_trace_setup+0x47/0x70
[ 1539.145665][T31566]        sg_ioctl+0x7a3/0x26b0
[ 1539.151379][T31566]        __x64_sys_ioctl+0x190/0x200
[ 1539.157705][T31566]        do_syscall_64+0xcd/0x250
[ 1539.163729][T31566]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1539.171426][T31566] 
[ 1539.171426][T31566] other info that might help us debug this:
[ 1539.171426][T31566] 
[ 1539.183685][T31566] Chain exists of:
[ 1539.183685][T31566]   &mm->mmap_lock --> &q->q_usage_counter(queue)#50 --> &q->debugfs_mutex
[ 1539.183685][T31566] 
[ 1539.200900][T31566]  Possible unsafe locking scenario:
[ 1539.200900][T31566] 
[ 1539.209831][T31566]        CPU0                    CPU1
[ 1539.216256][T31566]        ----                    ----
[ 1539.222671][T31566]   lock(&q->debugfs_mutex);
[ 1539.228174][T31566]                                lock(&q->q_usage_counter(queue)#50);
[ 1539.237963][T31566]                                lock(&q->debugfs_mutex);
[ 1539.246505][T31566]   rlock(&mm->mmap_lock);
[ 1539.251804][T31566] 
[ 1539.251804][T31566]  *** DEADLOCK ***
[ 1539.251804][T31566] 
[ 1539.261562][T31566] 1 lock held by syz.6.6160/31566:
[ 1539.267681][T31566]  #0: ffff88814378ba00 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_setup+0x33/0x70
[ 1539.279271][T31566] 
[ 1539.279271][T31566] stack backtrace:
[ 1539.286318][T31566] CPU: 0 UID: 0 PID: 31566 Comm: syz.6.6160 Not tainted 6.13.0-rc7-syzkaller-00209-g9528d418de4d #0
[ 1539.299228][T31566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1539.311299][T31566] Call Trace:
[ 1539.315231][T31566]  <TASK>
[ 1539.318734][T31566]  dump_stack_lvl+0x116/0x1f0
[ 1539.324346][T31566]  print_circular_bug+0x41c/0x610
[ 1539.330375][T31566]  check_noncircular+0x31a/0x400
[ 1539.336308][T31566]  ? __pfx_check_noncircular+0x10/0x10
[ 1539.342866][T31566]  ? lockdep_lock+0xc6/0x200
[ 1539.348372][T31566]  ? __pfx_lockdep_lock+0x10/0x10
[ 1539.354427][T31566]  __lock_acquire+0x249e/0x3c40
[ 1539.360361][T31566]  ? __pfx___lock_acquire+0x10/0x10
[ 1539.366717][T31566]  ? __pfx_mark_lock+0x10/0x10
[ 1539.372448][T31566]  lock_acquire.part.0+0x11b/0x380
[ 1539.378591][T31566]  ? __might_fault+0xe3/0x190
[ 1539.384242][T31566]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1539.391017][T31566]  ? rcu_is_watching+0x12/0xc0
[ 1539.396741][T31566]  ? trace_lock_acquire+0x14e/0x1f0
[ 1539.403079][T31566]  ? __might_fault+0xe3/0x190
[ 1539.408688][T31566]  ? lock_acquire+0x2f/0xb0
[ 1539.414195][T31566]  ? __might_fault+0xe3/0x190
[ 1539.419810][T31566]  ? __might_fault+0xe3/0x190
[ 1539.425427][T31566]  __might_fault+0x11b/0x190
[ 1539.430953][T31566]  ? __might_fault+0xe3/0x190
[ 1539.436600][T31566]  _copy_from_user+0x29/0xd0
[ 1539.442109][T31566]  __blk_trace_setup+0xa8/0x180
[ 1539.447930][T31566]  ? __pfx___blk_trace_setup+0x10/0x10
[ 1539.454496][T31566]  ? do_vfs_ioctl+0x513/0x1950
[ 1539.460341][T31566]  blk_trace_setup+0x47/0x70
[ 1539.465857][T31566]  sg_ioctl+0x7a3/0x26b0
[ 1539.470961][T31566]  ? __pfx_sg_ioctl+0x10/0x10
[ 1539.476705][T31566]  ? __pfx_lock_release+0x10/0x10
[ 1539.482744][T31566]  ? trace_lock_acquire+0x14e/0x1f0
[ 1539.489025][T31566]  ? __fget_files+0x206/0x3a0
[ 1539.494804][T31566]  ? __pfx_sg_ioctl+0x10/0x10
[ 1539.500427][T31566]  __x64_sys_ioctl+0x190/0x200
[ 1539.506377][T31566]  do_syscall_64+0xcd/0x250
[ 1539.511806][T31566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1539.518886][T31566] RIP: 0033:0x7f20c8d85d29
[ 1539.524293][T31566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1539.548568][T31566] RSP: 002b:00007f20c9b81038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1539.558779][T31566] RAX: ffffffffffffffda RBX: 00007f20c8f75fa0 RCX: 00007f20c8d85d29
[ 1539.568352][T31566] RDX: 0000000000000038 RSI: 00000000c0481273 RDI: 0000000000000003
[ 1539.577954][T31566] RBP: 00007f20c8e01b08 R08: 0000000000000000 R09: 0000000000000000
[ 1539.587838][T31566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1539.597411][T31566] R13: 0000000000000000 R14: 00007f20c8f75fa0 R15: 00007ffd970d3f88
[ 1539.607007][T31566]  </TASK>
[ 1546.689709][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.697352][ T1297] ieee802154 phy1 wpan1: encryption failed: -22