last executing test programs: 7m36.051029355s ago: executing program 2 (id=405): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) socket(0xa, 0x801, 0x84) socket(0x2, 0x1, 0x0) socket(0x1, 0x2, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) open(&(0x7f0000000800)='./file0\x00', 0x8001, 0x0) 7m34.813138621s ago: executing program 2 (id=413): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) pidfd_send_signal$auto(r0, 0x5, 0x0, 0x2) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) sendmsg$auto_SMC_NETLINK_REMOVE_UEID(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={0x120, r1, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@SMC_NLA_EID_TABLE_ENTRY={0x8, 0x1, '$!)#'}, @SMC_NLA_EID_TABLE_UNSPEC={0x101, 0x0, "d93fb6099821cbb7d45e2f88efb723afbb9516db432fb776990aa147701cbee206e03bdc444f4425860745db67020fdeb022870403a56d134054494f0ca526f4dc2d616c893e3c3eef451a840a5653cefa105e0742a5105aa624c4ce289e48dee3e406361c11dd9000204fc12cb6bfe8ea32ec9dd2ad74fcc071c76afcba5fff1b7f0ab5ee302cbb2ed69cbf2d17a4182b9ae3b912771258f1c56927d0060ef798fba0204beb44edafa690696147dab8a6bb48d9f402786fabbade9b9a47d6c41fa62293ff0c1304c99c0b3b1b23c44fbb47c13e6df71453da81ca0ef915df232a404584810b131a52f7038dff9126c4014709254367366471ea0e93bb"}]}, 0x120}, 0x1, 0x0, 0x0, 0x400c890}, 0x15) remap_file_pages$auto(0x4, 0x200000000000002, 0x0, 0x58, 0x5) unshare$auto(0x40000080) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) epoll_create$auto(0x4) epoll_ctl$auto(0x5, 0x1, 0x8000000000000000, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) bpf$auto(0x7, 0x0, 0xa3) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) openat$auto_clk_summary_fops_(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDCTL_DSP_RESET(r4, 0x5000, 0x0) 7m33.33135164s ago: executing program 2 (id=420): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:96/stable_pages_required\x00', 0x42080, 0x0) socket(0x18, 0x5, 0x2) ioctl$auto(0x3, 0x80045510, 0x38) r1 = eventfd$auto(0x0) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x8, 0xffffffffffffffff, 0x7, 0x2e) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x0, 0xb305613a7310e43e, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4006101}, 0x60000000) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000680)=""/167, 0xa7) 7m32.977555836s ago: executing program 2 (id=423): r0 = socket(0x10, 0x2, 0x4) mmap$auto(0x8, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r1 = io_uring_setup$auto(0x6, 0x0) r2 = socket(0x11, 0x80003, 0x300) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/vhci_hcd.2/usb13/13-0:1.0/usb13-port3/state\x00', 0x23a200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000001c0)=""/176, 0xb0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) connect$auto(0x3, 0x0, 0x54) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/block/nbd2/queue/iosched/read_expire\x00', 0x1c803, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'virt_wifi0\x00'}) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(r2, &(0x7f0000000180)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1841100}, 0xc, &(0x7f00000003c0)={&(0x7f00000008c0)=ANY=[@ANYRESDEC=r0, @ANYRES16=0x0, @ANYBLOB="00d73ffdefb61a68406701ecbb98384c712a2a45e55dfe2b13bb2c801deaaf1c10ebaa06e1c258d545c5691c1f252d6ca0087becb397faf79f3b789587585e08bc562e482cf8c4dbabb60b83a235cfb07a0c84ae02d0fd7d711d2aae2e41197e53cb9de17053981fba002cf1dbc06ac9a0ec21432d460d5093fc8ac56585a92966ede4e3a680b809007f09329280e617ac9fe7197ca9ba6df3c205a9539691c47a484a7c98b3e05c333d0e2ad834fb57702a7a1e0c2af861a98b5694fbe473d4ac3213b4b589e3cf46cdfc896e2aa4f940b7ebea8a6645d772a7e5314601af2c95def7bec9923bf54a4e8f62a7a6bf1c606f22f049122086fe86862031ee656f00662c30398931619510da063a9a0358250092b6ca9a89c3db45811f09f0fc347060f30fbe2369707c94b7ecccdb0edb213a495775b4301a5762185ff05395754a341f68ccf80ab1097a0041923984bdf5fd8faf94b86b15a21e5c7a7a707dfba2e531b5ae5608a0597fb7e44202e3fbbcc32061be2e1798bc8513337fcc22c54473ceef11cdbae2ffd8ddda601b04745fbd7519f38b8ae56d12cdff8a9f1d93d00259276d2ed4f42e685e0bff4c3c5cc13351b485498cb60b19deb9c364e10f615e324d671a78650b3bd62ae0b2a7b48923f0b095fbb4dec3253ddf53b390652723bf9e3c1c5c0bfd408fa680b5f20343de3eae6e11e8f0406cbee183efb4ae", @ANYRESOCT=r1, @ANYRESHEX=r3], 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20004050) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) ioctl$auto_evdev_fops_evdev(r4, 0x40104593, 0x0) 7m31.882403796s ago: executing program 2 (id=427): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video62\x00', 0x81, 0x0) ioctl$auto_v4l2_fops_v4l2_dev(r0, 0xffffffff, 0x0) write$auto(0x3, 0x0, 0x100082) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x7, 0x7fffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x5) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rfcomm_dlc_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x2682, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x5, 0x8, 0x0) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x75, 0x0, &(0x7f0000000000)=0x9000c) r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000040), 0xa0900, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x40, 0x0) ioctl$auto_DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0xc0086202, 0x0) r4 = openat$auto_dma_buf_debug_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x181000, 0x0) pread64$auto(r4, &(0x7f0000000040)='\x00', 0x7ff, 0x800) socket$nl_generic(0x10, 0x3, 0x10) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4) 7m30.952229536s ago: executing program 2 (id=430): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x20009, 0x1, 0xeb1, r0, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setreuid$auto(0xffffffffffffffff, 0x8) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = socket(0x10, 0x2, 0x0) r3 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000100), 0xffffffffffffffff) ioperm$auto(0xde, 0x7fff, 0x100402) brk$auto(0xfff) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="c75908000000dbdf250ac41b3c7c"], 0x14}}, 0x40810) r4 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_START_POLL(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x1f0, r4, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_VENDOR_DATA={0xeb, 0x1f, "5bd9f9fee6b3f6611f7d93a2566f658595a08e9e31a9533d4ea5afaa7c6dc039060f340747d5d5d3d251458ad4bf2382ad9e3696c31fd0178f97c8674519d81d539459df518ac153903d7340f730601fdf47e5fb886ae3b9f9d3564bfc6325b579bc3a6d29bd6ce469d4783b891397edd7c0c48230012907d9e601182da630c7b233462b075b6d9019a173826b3db487d586340aa0c68a4a12525f582db5bc0b04255e5bed39949fefac4546a105879850827930866802c57453d80c408a7accb3abc252a914c0d71b7fd1e95fa5c9f16023fd0775ddb6047f547804556be89f93a265860f8a07"}, @NFC_ATTR_SE_APDU={0xd8, 0x19, "ab466fde3903ebebba07b079a7eada9755a944977b797f0650e555764e328fc99d1fe3e878cfd48369f2b55c630b831d4c8cc9c48f56751bc67ae54889b3b4918c9575b9d2da1b769a2104ab5735bc254ec09b5c6fe0f8d3d7b62634da5cac13d0817f35aaeb30b513edf6869d886a3b6681dd1558a632437f106727dbd2f6035309d788e336e79f3d925826176e438368434fc09285216e202fcb4dd4c6f8d677b66e0ffbb482b25ccaa2d1482b60cebe91613d211a139ce4215804176d20e1c2f3433064c621078868ac513927dca3e85adf01"}, @NFC_ATTR_IM_PROTOCOLS={0x8}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x5}]}, 0x1f0}, 0x1, 0x0, 0x0, 0x1}, 0x20000081) mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xfffffffffffeffff, 0x8001) pkey_free$auto(0xfffffffd) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r1, 0xffffffffffffffff, 0x2) open(0x0, 0x32201, 0x6f) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x19, 0x0, 0x8) r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r1, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100261fad76decffa5303000000180002800c000100060000000000000008000200", @ANYRES32=r1, @ANYBLOB="080001"], 0x34}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) 7m15.858172207s ago: executing program 32 (id=430): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x20009, 0x1, 0xeb1, r0, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setreuid$auto(0xffffffffffffffff, 0x8) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = socket(0x10, 0x2, 0x0) r3 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000100), 0xffffffffffffffff) ioperm$auto(0xde, 0x7fff, 0x100402) brk$auto(0xfff) sendmsg$auto_HANDSHAKE_CMD_ACCEPT(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="c75908000000dbdf250ac41b3c7c"], 0x14}}, 0x40810) r4 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_START_POLL(r2, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x1f0, r4, 0x4, 0x70bd2c, 0x25dfdbfd, {}, [@NFC_ATTR_TARGET_INDEX={0x8}, @NFC_ATTR_VENDOR_DATA={0xeb, 0x1f, "5bd9f9fee6b3f6611f7d93a2566f658595a08e9e31a9533d4ea5afaa7c6dc039060f340747d5d5d3d251458ad4bf2382ad9e3696c31fd0178f97c8674519d81d539459df518ac153903d7340f730601fdf47e5fb886ae3b9f9d3564bfc6325b579bc3a6d29bd6ce469d4783b891397edd7c0c48230012907d9e601182da630c7b233462b075b6d9019a173826b3db487d586340aa0c68a4a12525f582db5bc0b04255e5bed39949fefac4546a105879850827930866802c57453d80c408a7accb3abc252a914c0d71b7fd1e95fa5c9f16023fd0775ddb6047f547804556be89f93a265860f8a07"}, @NFC_ATTR_SE_APDU={0xd8, 0x19, "ab466fde3903ebebba07b079a7eada9755a944977b797f0650e555764e328fc99d1fe3e878cfd48369f2b55c630b831d4c8cc9c48f56751bc67ae54889b3b4918c9575b9d2da1b769a2104ab5735bc254ec09b5c6fe0f8d3d7b62634da5cac13d0817f35aaeb30b513edf6869d886a3b6681dd1558a632437f106727dbd2f6035309d788e336e79f3d925826176e438368434fc09285216e202fcb4dd4c6f8d677b66e0ffbb482b25ccaa2d1482b60cebe91613d211a139ce4215804176d20e1c2f3433064c621078868ac513927dca3e85adf01"}, @NFC_ATTR_IM_PROTOCOLS={0x8}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x5}]}, 0x1f0}, 0x1, 0x0, 0x0, 0x1}, 0x20000081) mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) madvise$auto(0x0, 0xfffffffffffeffff, 0x8001) pkey_free$auto(0xfffffffd) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r1, 0xffffffffffffffff, 0x2) open(0x0, 0x32201, 0x6f) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x19, 0x0, 0x8) r5 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r1, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100261fad76decffa5303000000180002800c000100060000000000000008000200", @ANYRES32=r1, @ANYBLOB="080001"], 0x34}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x100082) 4m34.841085545s ago: executing program 1 (id=1210): mmap$auto(0x0, 0x402000c, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)={0x14, 0x0, 0xd0d58b333228212f, 0x78bd2a, 0x25dfdbfd}, 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x382, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2, 0x300]}, 0x0) sysfs$auto(0x2000002, 0x0, 0x100000000000004) setresuid$auto(0x8, 0x8, 0x0) setfsuid$auto(0x0) mkdir$auto(&(0x7f00000003c0)='}[,&*}\x00', 0x6) chroot$auto(&(0x7f0000000000)='}[,&*}\x00') sysfs$auto(0x97, 0xc5, 0x4) ioctl$auto(0x3, 0xc0104d03, 0x5) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtd0ro\x00', 0x8080, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_udc.4/gadget.4/function\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/156, 0x9c) close_range$auto(0x2, 0x8, 0x0) socket(0x24, 0x0, 0x0) 4m33.373879206s ago: executing program 1 (id=1215): mmap$auto(0x2, 0x5, 0xe1, 0xebf, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) utime$auto(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0xa36}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'vlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r1, 0xb01, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) setresuid$auto(0x2, 0xffffffffffffffff, 0x200) mmap$auto(0x0, 0x400008, 0x400000000000df, 0x19, 0x2, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xc, 0x940, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x2, 0x7, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe]}, 0x1fe, 0x81) userfaultfd$auto(0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0xffffffffffffffff, 0xffffffffffff0005, 0x1b) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 4m31.069956922s ago: executing program 1 (id=1223): mmap$auto(0x0, 0x402000c, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)={0x14, 0x0, 0xd0d58b333228212f, 0x78bd2a, 0x25dfdbfd}, 0x14}}, 0x4000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/pipe-max-size\x00', 0x382, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x300000000000000, 0x80000001, 0x7, 0x6d3c, 0x5, 0x2, 0x300]}, 0x0) sysfs$auto(0x2000002, 0x0, 0x100000000000004) setresuid$auto(0x8, 0x8, 0x0) setfsuid$auto(0x0) mkdir$auto(&(0x7f00000003c0)='}[,&*}\x00', 0x6) chroot$auto(&(0x7f0000000000)='}[,&*}\x00') sysfs$auto(0x97, 0xc5, 0x4) ioctl$auto(0x3, 0xc0104d03, 0x5) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mtd0ro\x00', 0x8080, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_udc.4/gadget.4/function\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/156, 0x9c) close_range$auto(0x2, 0x8, 0x0) socket(0x24, 0x0, 0x0) 4m30.240237667s ago: executing program 1 (id=1224): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3, 0x8012, 0x3, 0x8000) unshare$auto(0x40000080) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) mmap$auto(0xfffffffffffffffe, 0x8, 0x8003, 0xeb3, 0xfffffffffffffff9, 0x8000) timer_create$auto(0x3, 0x0, &(0x7f0000000140)=0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0xa, 0xa) socket(0xa, 0x3, 0x6) (async) socket(0xa, 0x3, 0x6) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x80) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(0x4, 0x0, 0x100082) (async) write$auto(0x4, 0x0, 0x100082) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x5, 0x21ea, 0x7ff, 0x3, 0x9, 0x7, 0x2e}, 0x6f4) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) (async) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) socket(0x10, 0x2, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) epoll_wait$auto(0xffffffffffffffff, &(0x7f0000000080)={0x1ff, 0x3}, 0x3, 0xae0f) (async) epoll_wait$auto(0xffffffffffffffff, &(0x7f0000000080)={0x1ff, 0x3}, 0x3, 0xae0f) 4m28.752430902s ago: executing program 1 (id=1231): mmap$auto(0x2, 0x5, 0xe1, 0xebf, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) utime$auto(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0xa36}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'vlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r1, 0xb01, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080) setresuid$auto(0x2, 0xffffffffffffffff, 0x200) mmap$auto(0x0, 0x400008, 0x400000000000df, 0x19, 0x2, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xc, 0x940, 0x1ffde, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x2, 0x7, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe]}, 0x1fe, 0x81) userfaultfd$auto(0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0xffffffffffffffff, 0xffffffffffff0005, 0x1b) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 4m27.359836267s ago: executing program 1 (id=1238): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x82800, 0x0) mmap$auto(0x0, 0x400, 0x4000000000df, 0x100000040eb1, 0x401, 0x300000000002) ioctl$auto(r0, 0x80044dfe, 0x9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x400000000004, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) open_tree$auto(0xffffffffffffffff, 0x0, 0x5) ioctl$auto(0x3, 0x40085511, 0x1) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x400000) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) 4m13.588293559s ago: executing program 0 (id=1284): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='/sys/devices/virtual/net/nr5/queues/rx-0/rps_flow_cnt\x00', 0x182b02, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) umount2$auto(&(0x7f00000000c0)=')\x00', 0xe) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x2, 0x300) read$auto(0x3, 0x0, 0x80) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000380)=""/4094, 0xffe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mlockall$auto(0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) socket(0x2b, 0x1, 0x1) setsockopt$auto(0x3, 0x11e, 0x1, 0x0, 0x9) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xf, 0x3, 0x1) socket(0x1d, 0x2, 0x2) sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(r1, &(0x7f00000004c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)={0x4c, 0x0, 0x400, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x19, 0xbe, "d23a7f0e00f8d103c36d2683e0b33dd3a33ac49707"}, @NL80211_ATTR_CONTROL_PORT={0x4}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x8}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x2}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x9}]}, 0x4c}, 0x1, 0x0, 0x0, 0x400c004}, 0x40000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xe, 0x940, 0x1ffde, 0x3, 0x4, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000]}, 0x3, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) memfd_secret$auto(0x0) mprotect$auto(0x95d3, 0x7, 0x4) sched_setattr$auto(0x0, &(0x7f00000002c0)={0x1000, 0x4e, 0x1d, 0xc, 0x6, 0x5f02, 0x82, 0x9, 0x877, 0x6}, 0x0) socket(0x2, 0x80002, 0x73) 4m11.536682689s ago: executing program 33 (id=1238): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x82800, 0x0) mmap$auto(0x0, 0x400, 0x4000000000df, 0x100000040eb1, 0x401, 0x300000000002) ioctl$auto(r0, 0x80044dfe, 0x9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x400000000004, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) open_tree$auto(0xffffffffffffffff, 0x0, 0x5) ioctl$auto(0x3, 0x40085511, 0x1) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x400000) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) 4m3.201945375s ago: executing program 0 (id=1301): mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) socket(0xa, 0x2, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000080)=':,\x00', 0x4000, 0x2) r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mice\x00', 0x42, 0x0) write$auto_mousedev_fops_mousedev(r0, &(0x7f0000000040)='\\', 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clocksource/clocksource0/current_clocksource\x00', 0x8502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x21, 0x5, 0x8000000000000000, 0x0) r1 = open(0x0, 0x22240, 0x55) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) close_range$auto(0x2, 0x8, 0x0) statx$auto(r1, 0x0, 0x2001003, 0x4005, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC0\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, 0x0) close_range$auto(r2, r2, 0x8) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/conf/ipvlan0/accept_redirects\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0x80) openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim3/ports/3/pp_hold\x00', 0xc0b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x22, 0x2, 0x2) r3 = getpgrp(0xffffffffffffffff) process_vm_writev$auto(r3, 0x0, 0xa, &(0x7f00000001c0)={&(0x7f0000000140)="8667f1a338d1b63368940eb2b2f3ffe870f618b488a9500b8d214217c85f968815706bd6ad606c4cbb48a550f3c8a782a849c6b8f910445cc2c09c1f3c51ab098ff1f2fb929386db3bc846f2d59d94bf8c0075e5", 0x5}, 0x3, 0x800) 3m55.280166495s ago: executing program 0 (id=1323): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), r0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000500)={'netdevsim0\x00', 0x0}) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000000)=ANY=[@ANYBLOB="410006", @ANYRES16, @ANYBLOB="5da9"], 0x28}, 0x1, 0x0, 0x0, 0xc0}, 0x40) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1c00"], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) sendmsg$auto_NETDEV_CMD_QSTATS_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r1, 0x301, 0x70bd29, 0x25dfdbfe, {}, [@NETDEV_A_QSTATS_IFINDEX={0x8, 0x1, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) 3m47.764417401s ago: executing program 0 (id=1345): r0 = socket(0x2, 0x80002, 0x73) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)={0x18, r2, 0xb81, 0x70bd25, 0x25dfdbfb, {}, [@NL80211_ATTR_SPLIT_WIPHY_DUMP={0x4, 0x117}]}, 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), r0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x5602, 0x1) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="96a305a3e654029703cb8f2a120d0aed5ef91e7345052689fd3ac519c4fb56e90d47fce07834d7e5da50cc6ad671302c9fc0427826a8365949381217d6963035899589c905b6b593a50d95ff0ad68c288d150b041b2d8984da619dbd4ebbe16ec5f5a41823d53d532b25861c643c8880cb33e2b29ced32f0a213994b82df43d36a621d28f6d824023751fc02461faa6e9d05f09f86de2e054d6c0e99f4da14458794bc6c9c26d6ffcc90c7d5b9c5661486d9784e825cb42d9b8084a99763fba190b34c00c679ef916b3a8edf1485f4fef574c8f6d8baea0751fc9c7562d7f1b6f15876efb3ddc1d344b09f591116be00"/249, @ANYRES16=r3, @ANYBLOB="000128bd7000fedbdf250d00000006000900ff0700000c00060003000000000000000500070007000000050012000500000005000f000100000005001a00100000000c0006000900000000000000"], 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x4) 3m46.933030276s ago: executing program 0 (id=1349): r0 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop14\x00', 0x400000, 0x0) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f00000001c0)="2a1d264add69b6440800ac8caf4bdecc30b530ac6ebbff950e1a647d6a08a1b55dde5a409b3c830b7803aef33addb33f3a800002000000f179fa3d472949a7264a1b2547c4", 0x45) ioctl$auto_LOOP_CTL_GET_FREE(r0, 0x4c82, 0x24) 3m38.372418605s ago: executing program 0 (id=1366): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) mmap$auto(0x0, 0x400, 0x4000000000df, 0x100000040eb1, 0x401, 0x300000000002) ioctl$auto(r0, 0x80044dfe, 0x9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) 3m22.457856608s ago: executing program 34 (id=1366): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) mmap$auto(0x0, 0x400, 0x4000000000df, 0x100000040eb1, 0x401, 0x300000000002) ioctl$auto(r0, 0x80044dfe, 0x9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x9) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x88600, 0x0) ioctl$auto_UBI_IOCATT(r1, 0x40186f40, 0x0) 7.728443156s ago: executing program 6 (id=2028): migrate_pages$auto(0xffffffffffffffff, 0x8, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_udc.1/udc/dummy_udc.1/uevent\x00', 0x40000, 0x0) mmap$auto(0x3, 0x400005, 0x80dc, 0x9b72, 0x2, 0x711ace40) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) r0 = socket(0x2b, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, r0, 0x300000000000) socket(0xa, 0x3, 0x100) pipe$auto(0x0) socket(0xa, 0x2, 0x88) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/lru_gen\x00', 0x12b902, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/can/reset_stats\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x1, 0x4, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x2, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(r2, 0x0, 0x278e) 6.998482844s ago: executing program 6 (id=2030): ioperm$auto(0x7, 0x6, 0x2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20082, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) r3 = socket(0x1, 0x2, 0x0) ioctl$auto(0x3, 0x8912, 0x46) mmap$auto(0x5, 0x0, 0x0, 0xeb1, r3, 0x8000) ioctl$auto(0x3, 0x80045530, 0x38) unshare$auto(0x9b30) poll$auto(0x0, 0x400, 0x2) mbind$auto(0xfffffffffffffffb, 0x8000000000000001, 0x100008000, 0x0, 0x6, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x2, 0x88) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyee\x00', 0x80, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/fs/netfs/requests\x00', 0x8000, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000200)=""/236, 0xec) ioctl$auto_PPPIOCSMRU(r2, 0x40047452, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), 0xffffffffffffffff) lstat$auto(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x8100000000000, 0x3, 0x8, 0x3, 0xee00, 0x0, 0x0, 0xdd, 0xf81b, 0x9, 0x200, 0x1, 0x5, 0x6, 0xfffffffffffffffb, 0x9c, 0xff}) getuid() 5.589129921s ago: executing program 6 (id=2037): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x40001, 0x0) write$auto_ftrace_event_filter_fops_trace_events(r1, &(0x7f0000000040)="73a673bf8106e507c9dafec4df7b42f8fe32cf961aa4ff4c9004dd4de6f07ea917b31e8477413ad1f9c9be7dd1a53b17e9ddc8103e06c46f8ad1bb9d4b0a18892be77981a70b536db97428", 0x4b) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000000008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x2, 0x1a525c0f) connect$auto(0x3, 0x0, 0x54) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x4, 0x4000000000e2, 0x40eb1, r3, 0x10000) ioperm$auto(0x0, 0x5, 0x0) mincore$auto(0x1000, 0x8, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), r0) sendmsg$auto_TIPC_NL_PEER_REMOVE(r2, &(0x7f00000110c0)={0x0, 0x0, &(0x7f0000011080)={&(0x7f0000001480)={0x20, r4, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @ipv4=@empty}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x20008105}, 0x40) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', 0x0}) r6 = socket(0x10, 0x2, 0x4) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/034/001\x00', 0x143000, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/kernel/soft_watchdog\x00', 0x101a01, 0x0) write$auto_rb_simple_fops_trace(r8, &(0x7f0000000000)="4cc253", 0x3) r9 = syz_genetlink_get_family_id$auto_batadv(&(0x7f00000008c0), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_HARDIF(r7, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000480)=ANY=[@ANYBLOB="342672db", @ANYRES16=r9, @ANYBLOB="f3832ab97000fedbdf2505000000"], 0x14}}, 0x4008000) r10 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/irq/24/affinity_hint\x00', 0x0, 0x0) lseek$auto(r10, 0x5, 0x0) r11 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) ioctl$auto_TUNSETVNETBE(r11, 0x400454de, &(0x7f0000000040)=0x4) bpf$auto(0x1, &(0x7f0000000180)=@bpf_attr_3={0x2, 0x81, 0x401, 0x8b7f, 0x800, 0x1000, 0xfffffffffffffffc, 0x25, 0x400, "e7d936b4cbae27096f4299045fa1519c", r5, 0x800, r10, 0x2, 0x8000000000000009, 0xfffffffb, 0x804, 0x7, 0x4, 0xbd20, @attach_btf_obj_fd=r10, 0x9, 0x2, 0x3, 0x501, 0xc, r0}, 0x80000001) 5.231662027s ago: executing program 5 (id=2038): migrate_pages$auto(0xffffffffffffffff, 0x8, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_udc.1/udc/dummy_udc.1/uevent\x00', 0x40000, 0x0) mmap$auto(0x3, 0x400005, 0x80dc, 0x9b72, 0x2, 0x711ace40) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) r0 = socket(0x2b, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, r0, 0x300000000000) socket(0xa, 0x3, 0x100) pipe$auto(0x0) socket(0xa, 0x2, 0x88) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/lru_gen\x00', 0x12b902, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/can/reset_stats\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x1, 0x4, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x2, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(r2, 0x0, 0x278e) 4.818379236s ago: executing program 5 (id=2041): mmap$auto(0x0, 0x2020006, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x380802, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mprotect$auto(0x1ffff000, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) sysfs$auto(0xfffffffd, 0x44, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x1, &(0x7f0000000200)='I\xee\"\xe3\xb7\xcfD\xe5\xb1\x05\x1e#\xff1<\xd9h[e\xdf\xc0M\xa2\x00\v\x97\xb5\xd4\x94\x99u\x9e\xf4O\x1a\xb1\x05\xb8\xcb\x96\fd\xa3\xf9&\xc9~\x10\x06X\a\xc8\xb7\x97\xc7M\x83\'^\xc9\x9e\xccAsv\xce8sw\v\xac\xcd\xa2B\xf8.\xce\xe6n\xfe\xd6\xc8^W>Rz`C+\x0e\x8c<\xc5\x8f\xe6\x0f\x14\xfa\x9ea4>\xd8O[{\xede\xfd\xbc\xc7\xbd4_\xbc\xc6\x06\xe5h\x9e\xf5/4\xe8\xcfc\x95\xbb~\xd9.\xb3\x84\xb8K\xa7\xca\xda\xc8\x11u\xa1\x1d\x9d\xe1%\xc0m\xf6%1\xba\xe7^\xed0\xdc\x86\xeaG)?p,Up \xe9\b\x14\xaf\xbf\xd9\xc3,\xb8\x17\x10\x9f\x92\x95@),A\xb4\x92Q\x86\xbe\xed=p\x1b\x9d\xd4\x99_]K\xce.\x00\x00\x00\x8eDv\x0fl\xed\x93ey\xf9\x19\xf0\x9d\xf5\xfe\xed\xc7Q\xc0ZJ\xc9*7\xf2\x1a\xa7\xb3\xc6v\v\xe1u\x16:\x15\xefel\xf0\x8c/\xa2\x95\xc1\xacd\xc9\a\xe5\x888F\xaa\xce\x94\xa2zsx\xea\x96\x7f~]\xdbj\xd1#\x94K\xcf\x11l\xe5Z\xec\xa6B\x90\xb6\xa3`\x88\xd4\x87\x17\x8a\xedFx\x95#\x83\x99\x00\xc6Z\x1au\x8e\xa7}\xa7\xe9\x83X\xa3\xad\xe2T\xea\xa0\xba\xd7R8T\x00\x8e0h\x8ck4\x15\xf3sh0\xd3\x1e\xedU@\xab\xc0g\xeeT\xc5\x8d\x9b\x188x)\xf0i]\xdcf\xdd\xf9\xffA\"ZQ\x8d\x15\xff\xf3WYX\x8a/\xb36\x1d\x8e7\xb2d3\xe8\xf4\x1e3\xec\xfe\xbf\xbbo\xbb\xd2Z\x89:\xa2\xc8n8k\xa8\xba\xa5E\x9f\xbe>3,\xcb\xa2\xa7q \xe2', &(0x7f0000000280), 0x0) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) ioctl$auto(r0, 0x40104d06, 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r1, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x800000002, 0x8000) mremap$auto(0x0, 0x1000, 0x3fd6, 0x7fff, 0x4) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000240), 0x40280, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyud\x00', 0x0, 0x0) mincore$auto(0x1000, 0x8001, 0x0) io_uring_setup$auto(0x6, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) close_range$auto(0x2, 0x8000, 0x0) open(0x0, 0xa22c0, 0x155) open(0x0, 0xa240, 0x1de) semctl$auto(0x8, 0x2, 0x13, 0x401) mlockall$auto(0x7) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) 3.005269441s ago: executing program 5 (id=2046): open(&(0x7f0000000100)='./file0\x00', 0x201c2, 0x10e) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, 0x0, 0xf) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/netdevsim2/power/autosuspend_delay_ms\x00', 0x400802, 0x0) ioctl$auto_UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={r1, 0x4, 0x7, 0x61}) mmap$auto(0x0, 0x20009, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) shmctl$auto(0x690, 0x3, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000100)={{@raw=0x9, 0x85, 0x20e, 0x9, "669cbbd9e97551b991bea188e0f1a57ce2a1facac1f00b2f4ab8635524133f9e22c7717f6050f2d2252ca5f2", @raw=0x8}, 0x0, @integer64=@value=[0x9, 0x7, 0xc2c3, 0x10000000005, 0x5, 0x8, 0x4, 0x7, 0x80, 0x6, 0xfffffffffffffffd, 0x8000000000000001, 0x0, 0x9, 0x7, 0x100000000, 0x8, 0x0, 0x7fffffffffffffff, 0x2, 0x5, 0xad, 0x7, 0x100100001, 0x2, 0x5d7a604f, 0xfffffffffffffffd, 0x7fffffff, 0x8, 0xff, 0x8, 0x9, 0x4, 0xfffffffffffffffd, 0x7, 0x0, 0x3, 0x9, 0x6, 0xd0, 0xfff, 0x40, 0x4, 0x4, 0x8001, 0x3, 0x2, 0x2, 0x7fffffff, 0xfff, 0x2, 0x4, 0x5, 0x7, 0xffffffffffffffff, 0x100000001, 0xd468, 0xfffffffffffffff9, 0x612, 0x8000, 0xf60d, 0x8000005, 0x6, 0xff], "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) setsockopt$auto(r3, 0x2, 0x32, 0x0, 0x4) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4) get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x1) ioctl$auto_RNDADDENTROPY(r2, 0x40085203, &(0x7f0000000040)=[0x1, 0xc14]) unshare$auto(0x40000080) mmap$auto(0x100000000000000, 0x20009, 0xe1, 0xeb1, 0x401, 0x3) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x75f, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/if_inet6\x00', 0x0, 0x0) pread64$auto(r4, 0x0, 0x40, 0x2) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001140)='/dev/bus/usb/030/001\x00', 0x2000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000100)=""/4111, 0x100f) epoll_ctl$auto(0x5, 0xfffffffd, r0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x2) 2.77276627s ago: executing program 4 (id=2047): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x8020009, 0xe2, 0xcb1, 0x401, 0x8040001008000) sysfs$auto(0x2, 0x4, 0x4) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/trigger\x00', 0x618001, 0x0) mincore$auto(0x1000, 0x8001, 0x0) r0 = io_uring_setup$auto(0x877, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/devices/virtual/block/ram11/queue/discard_zeroes_data\x00', 0x80800, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/block/nbd5/hctx0/cpu1/read_rq_list\x00', 0x2, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x20006, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x400c890}, 0x800) r1 = socket(0x2, 0x3, 0x100) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto(r2, 0x40045568, 0x5) socket(0x10, 0x2, 0x0) sendmsg$auto_TASKSTATS_CMD_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x400c0}, 0x4040000) r3 = socket$nl_generic(0x10, 0x3, 0x10) poll$auto(&(0x7f0000003640)={r3, 0x4, 0xffff}, 0x4, 0x100000) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r3) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000003980)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRESHEX=r5, @ANYRES16=r1, @ANYRESHEX=r3], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000880) mincore$auto(0x8, 0x8, &(0x7f0000000000)='\'(/[R\'\x00') poll$auto(&(0x7f0000000080)={r0, 0x8, 0x9}, 0xb, 0x101) 2.770254717s ago: executing program 3 (id=2048): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x1, 0x84) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x6, 0x7bd6, 0x0) sendmsg$auto_SEG6_CMD_DUMPHMAC(0xffffffffffffffff, 0x0, 0x448c5) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0xd, 0x0, 0x4) 2.304411081s ago: executing program 3 (id=2049): migrate_pages$auto(0xffffffffffffffff, 0x8, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_udc.1/udc/dummy_udc.1/uevent\x00', 0x40000, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) r0 = socket(0x2b, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, r0, 0x300000000000) socket(0xa, 0x3, 0x100) pipe$auto(0x0) socket(0xa, 0x2, 0x88) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/lru_gen\x00', 0x12b902, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/can/reset_stats\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x1, 0x4, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x2, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(r2, 0x0, 0x278e) 2.148533829s ago: executing program 4 (id=2050): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) sendmsg$auto_CTRL_CMD_GETFAMILY2(0xffffffffffffffff, 0x0, 0x4000010) read$auto(r0, 0x0, 0x20) rt_sigtimedwait$auto(&(0x7f00000001c0)={0xff}, &(0x7f0000000600)={@_si_pad}, &(0x7f0000000680)={0x0, 0xdb3}, 0x8) sendmsg$auto_IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14, 0x0, 0x8, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20008010}, 0x40001) r1 = socket(0x2c, 0x3, 0x2fd) sendmsg$auto_IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, 0x0, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/sctp/assocs\x00', 0x80, 0x0) pread64$auto(r3, 0x0, 0x7, 0xffff) unshare$auto(0x40000080) r4 = socket$nl_generic(0x10, 0x3, 0x10) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x40, 0x65f, 0x1ffde, 0x7, 0x3, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3000, 0x9, 0x6, 0x10002, 0x80, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, [0x0, 0x0, 0x0, 0x100, 0x0, 0x6, 0xfffffffffffffffd, 0xa, 0x70624ce7, 0x0, 0xfffffffffffffffd, 0x0, 0x3, 0x1, 0x4, 0x7, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x200000000000, 0x0, 0xffffffffefffffff, 0x3, 0x0, 0x0, 0x2, 0xfffffffffffffffd, 0x400000000005b8, 0xc, 0x4000000000, 0x8, 0x4, 0x6, 0x6, 0x890, 0x800000000000a, 0xfffffffffffffffc, 0x1000, 0xa38, 0x4, 0x4, 0xfffffffffffffffc, 0x2, 0x4000000000, 0x8, 0x0, 0x100000]}, 0x1fe, 0xd) rmdir$auto(&(0x7f0000000380)='./file0\x00') close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYRES64=r4, @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x8, 0x1000000004, 0x13, 0x3, 0x180000000) r5 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r6 = syz_genetlink_get_family_id$auto_seg6(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000c40)={0x2c, r6, 0x10, 0x70bd28, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x1}, 0x40000) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="f8040000", @ANYRES16=r6, @ANYBLOB="00082bbd7000fbdbdf25030000003a0004004c2cf36d437dbf3dde5a93bd38735c1dbfb62949b2b6f2ac27bc03ef9b6cf724c36444f290212c77258e29517ed2acd64c0cd56c929d0000080002004e42000005000500080000000e0407800800500002000000c5468e511b2f541d8b4a97fd9c7813fd30cdff9ba236dc107b8744152483b7b3596f466e60a549485d34ea2c4ed727b77369c6ba9507f0dff331a4d7cfae2eaa2747a3dba77a98ff704ee188433cdd05e9e0096373e6fd679d239919997c8eb57291c068621f3ed7d6c6074c648793e2ea6581f1b634e745c102087812ebdb9d778f519bd58871dc876f6aa9d172d1e828ae3db545ab39d4694a3b789160b78b192409cd8c1105afb36b21cc96ab2c65862f5b4c32087ef01504830844063af512a0effaa78537f408a741a94dc215ca9c1f498cf053d2c44ac8813f56c0fe78aea1432fe93d96a2d57a8e1a7cd056b707f0b499f24b387773215b6bc4892e05769b4c7af8eff9e3f607aa439f4822307634360463644cacdc952cc186c66578e393f11ff7bbf017ba92150e2dd42c821443b416253359e9c15b146fc72f9f407eb18351f6d27235506e486aac2e29e17bf08f2561cd7c0c4695315fb3d5c3d03ba9088e5c1023a2949a5e6bc95aa9387dd629b3919a3ec3f414001600000000000000000000000000000000005b00358014003400fc01000000000000000000000000000004006b800400568004000a8004007a000c003d0004000000000000009898c70c94568c81559503e6a7f745cb55478340a8df7e99fbb4af303415da760a6fb315001a7b000800d500", @ANYRES32=0x0, @ANYBLOB="77e95050068d2ecfa4f0308423059c539db62fdcc060602ea5a3002b1fc00fd40e423cadff2277b78ef6772e7b9b0bd4b1c2c4a47f7a87d9da3cc7db613e3b13788655f25083597f7f0fe5d98a833a3258cf82795829fb590a0f8dc1b76b87523412ecddf4fcca70c0ac5a1e731018301caf89b67021886f74e5e0ea069d05a63a4e13876e7962060e35dfd005b333454011f7b91cc7b1493851f2e7186720c7e1612ba8dd1f355f4f399c68a6baa51cfdd4596034ef3aabefdbae3b7cd7b448f747aede085ec148fcdd7c9169d1465b9e4c078012dd4059d82f0b1dbdf12cf6d2166e4d6c66789ba5a38569d04172d4134fa7134084d7faafb431454db8b843167c95916b44796331cfe14c42af91c1bfecc04e6d6739d92630b3f0bccb516a239fec040b76fd56034296bc1b6276e4bdef4eb0e63df731870090f52d7e8c5b28041c55bec727cd8fcee804cfe3619d15bf013bde81aea6daec72e91761a6307380045c75987756bb60912127e5916374f252ad87bc68d878626193e69a89cec967be2814df0618c96c12c1fe52c5de32c3d4bc6bf0c61338f490fe54f79116018961b2fc63c522186b5fd1c63d338d8f52f8dd4fbe3531c1af5fab0db7d4f9becfad14798d4d4ac49bbb47001bade1ba485af320016e9827ba83a479fc3e67296b596fbc72797cfe5c24947977f48aa6bfb1088da82558e90cbf19f9c4ab92ddef6ba5e9feb7f1250800dd00", @ANYRES32=0x0, @ANYBLOB="000054000400bad58589c21b18cbe55f67de722e4a19a1f9543fe9957139a636e1ae7b3b9c97a1a617ab1a45beeaf5f94d7134628d47c7b782c840eb12fcb70179fc2c3e7c783b69c608000300068ca3e1767d5e4be301000000000000000000000000000105000600080000000800070000000000000005000700000062bc4c57d5da9a44e0be5018792eb4e53ecdca1ae065d66c3a1c098e110c04a4edbe529f26e34fa9d68b6013fb092a326d99283936dba599fa978bbc1c22d4562f04fdb87fa14a749c0159f4e8c69da6"], 0x4f8}}, 0xc041) 2.078431099s ago: executing program 5 (id=2051): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r0, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f00000000c0)={0x14, r1, 0x301, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x2404c012}, 0x80) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/ip6_flowlabel\x00', 0xa100, 0x0) pread64$auto(r2, 0x0, 0xe, 0x8000) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyr4\x00', 0x1, 0x0) ioctl$auto_TIOCNXCL2(r3, 0x540d, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_fops_u64_ro_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/zswap/reject_compress_fail\x00', 0x2, 0x0) write$auto_fops_u64_ro_(r4, &(0x7f00000000c0)="32a6cedac818ab7d21a9d1b08ff16e6530d33e96b057497773cccf4d8ff6b82ae40a147b8b21dfd99ef963b3c93088ccf025420acfcfbd", 0x37) ioctl$auto(0x3, 0x402c542b, 0x38) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x1b) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) fstatfs$auto(0x3, 0x0) ioctl$auto(r5, 0x4b67, 0x1) 1.516440837s ago: executing program 3 (id=2052): ioctl$auto(0xffffffffffffffff, 0x5606, 0x7) 1.443733231s ago: executing program 3 (id=2053): r0 = socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) (async) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) listen$auto(r0, 0xffc) (async) listen$auto(r0, 0xffc) accept$auto(0x3, 0x0, 0x0) (async) accept$auto(0x3, 0x0, 0x0) r1 = openat$auto_wakeup_sources_stats_fops_wakeup(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) pread64$auto(r1, 0x0, 0x8001, 0x1964) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(r3, &(0x7f0000005380)={0x0, 0x0, &(0x7f0000005340)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01002bbd7000fcdbdf2506"], 0x14}, 0x1, 0x0, 0x0, 0xc000}, 0x20000000) sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000005380)={0x0, 0x59, &(0x7f0000005340)={&(0x7f0000000000)={0x14, r4, 0x1, 0x70bd2b, 0x25df9bfc}, 0x14}, 0x1, 0xfff5, 0x0, 0x2004c010}, 0x20000000) (async) sendmsg$auto_NFSD_CMD_LISTENER_SET(r2, &(0x7f0000005380)={0x0, 0x59, &(0x7f0000005340)={&(0x7f0000000000)={0x14, r4, 0x1, 0x70bd2b, 0x25df9bfc}, 0x14}, 0x1, 0xfff5, 0x0, 0x2004c010}, 0x20000000) 1.324964257s ago: executing program 6 (id=2054): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio1\x00', 0x101000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000040), 0xffffffffffffffff) ioperm$auto(0x800, 0x5, 0xd) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x40802, 0x0) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xfdef) io_cancel$auto(0x7, 0x0, 0x0) sendmsg$auto_HANDSHAKE_CMD_DONE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@HANDSHAKE_A_DONE_SOCKFD={0x8}]}, 0x1c}}, 0x0) futex$auto(&(0x7f0000000000)=0x1, 0x6, 0x9, &(0x7f0000000040)={0x2}, 0x0, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0x80044df9, 0x38) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x40000, 0x0) read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x40802, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) acct$auto(&(0x7f0000000000)='\x00') 1.176176865s ago: executing program 5 (id=2055): mmap$auto(0x2, 0x5, 0xe1, 0xebf, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) utime$auto(&(0x7f0000000100)='./file0\x00', 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'vlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x1c, r1, 0xb01, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4002084) setresuid$auto(0x2, 0xffffffffffffffff, 0x200) statmount$auto(0x0, 0x0, 0x1fe, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8004) userfaultfd$auto(0x0) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r4, 0x0, 0x40000) mmap$auto(0xfffffffffffffffa, 0x8001, 0xdf, 0xeb1, r0, 0x8000) setresuid$auto(0x8, 0x8, 0x0) setuid$auto(0x0) madvise$auto(0xffffffffffffffff, 0xffffffffffff0005, 0x1b) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 1.058491292s ago: executing program 4 (id=2056): mmap$auto(0x0, 0xa, 0x72, 0x8b72, 0x2, 0x8000) close_range$auto(0xffffffffffffffff, 0xa, 0x0) socket(0x18, 0x4, 0x4000109) r0 = socket(0xa, 0x3, 0x3) close_range$auto(0x2, 0x8, 0x0) syslog$auto(0x40001, &(0x7f0000000040)='..\x00', 0xa) memfd_create$auto(&(0x7f0000000180)='..\x00)V\x8b\xb0\xa4d\x00`{\xba5\xca\a\x00\x00\x00\x00\x00\x00\x00]\xeb1\x8d+\x06\xc4\xa8I\xcdI\xcf\x99*\xce\xa0\xff\x18\xd1\xa5\xda\xb1\x85\t\x93\xd0|\xa9\x15\x92\xa0\xa0,\xf5\x1d\x9d7\x86\x89\x06\x0e\x1a!\x82^D+\xbf\x91X#\xdb\x8b\xcc\xe2\x1d&\xbf\xaav\x88o\x9f2\x1b\xbe\x8b\xe6\b\xd5\xb2*\x93z\xc6\x15\xf8Y \xc8L=\x15\x8cu\xe9\xdc\xc9@p\xec\x00\x00\x00\x00\x01\x00\x00\x00\x00\xfa\xc8\xeb\x02\x00\xfe\xc8\x98\x8ar\f\aXH\xcdv\xa8\xb8\t\xa8\x88\x84', 0x100) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mount$auto(&(0x7f0000000000)='pimreg\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x10dfd057, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x6) socket(0x11, 0x80003, 0x300) socket(0x11, 0x2, 0x0) socket(0x2, 0x3, 0x2) socket(0x2, 0x3, 0x104) r1 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0xa582655c1d9722a2, 0x0) socketpair$auto(0x5, 0x238, 0x7, 0x0) connect$auto(r0, 0x0, 0x55) mmap$auto(0x80000000, 0x2020009, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8001) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x101441, 0xf2) socket(0x15, 0x5, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0x21, "abe6de3d64688be86d547a05c861"}, 0x55) getpeername$auto(r1, 0x0, 0x0) setsockopt$auto(0x3, 0x3, 0x5fffffff, 0x0, 0x28) io_uring_setup$auto(0x7, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) close_range$auto(0x2, 0x8000, 0x0) 771.684128ms ago: executing program 3 (id=2057): unshare$auto(0x20000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x200019, 0xffffffffffffffff, 0x0, 0x5, 0x7) ioperm$auto(0x7, 0x6, 0x2) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') setns(r0, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00') unshare$auto(0x20000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) prctl$auto(0x200019, 0xffffffffffffffff, 0x0, 0x5, 0x7) (async) ioperm$auto(0x7, 0x6, 0x2) (async) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') (async) setns(r0, 0x0) (async) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) (async) pivot_root$auto(&(0x7f0000000040)='..\x00', &(0x7f0000000080)='.\x00') (async) 672.463012ms ago: executing program 4 (id=2058): madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000540)={0x1c, 0x0, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}}, 0x44) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socket(0x2, 0x3, 0x100) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x66) 671.396044ms ago: executing program 6 (id=2059): open(&(0x7f0000000140)='./file0\x00', 0x149443, 0x0) (async) mount$auto(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='afs\x00', 0x5, &(0x7f0000000400)="a8ce115034c5") socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ifb0/statistics/tx_fifo_errors\x00', 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/rose2/statistics/rx_packets\x00', 0x0, 0x0) (async) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async) io_uring_setup$auto(0x380, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) (async) open(0x0, 0x4242, 0xe1d2b27bdc14aabc) socket(0x21, 0x5, 0x8) (async) socket(0x2, 0x1, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) io_uring_setup$auto(0x1, 0x0) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) (async) socket(0xa, 0x2, 0x73) (async) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/clear_refs\x00', 0x880, 0x0) (async) r0 = socket(0xa, 0x801, 0x84) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/tty/drivers\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x8, 0x3) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r2, 0x5402, r0) (async) ioctl$auto_TIOCSTI2(r2, 0x5412, 0x0) 225.105199ms ago: executing program 6 (id=2060): migrate_pages$auto(0xffffffffffffffff, 0x8, 0x0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x3a) r0 = socket(0x2b, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x80, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, r0, 0x300000000000) socket(0xa, 0x3, 0x100) pipe$auto(0x0) socket(0xa, 0x2, 0x88) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/lru_gen\x00', 0x12b902, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/can/reset_stats\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x1, 0x4, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x2, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(r2, 0x0, 0x278e) 223.183716ms ago: executing program 4 (id=2061): ioctl$auto(0xffffffffffffffff, 0x5606, 0x7) 74.58992ms ago: executing program 3 (id=2062): r0 = openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/bluetooth/hci1/force_suspend\x00', 0x40800, 0x0) read$auto_force_suspend_fops_hci_vhci(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r1 = landlock_create_ruleset$auto(&(0x7f0000000080)={0xffff, 0xffffffffffffffff, 0xfffffffffffffffb}, 0x9, 0x2) read$auto_proc_mountstats_operations_mnt_namespace(r1, &(0x7f00000000c0)=""/55, 0x37) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x7, 0x1000000eb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) memfd_create$auto(&(0x7f0000000000)=',\x00', 0x6) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) statmount$auto(0x0, 0x0, 0x1fe, 0x81) 600.338µs ago: executing program 5 (id=2063): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) execve$auto(&(0x7f0000000040)=':,\x00', 0x0, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x40, 0x0) mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x401, 0x8000) r2 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r3 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000280)={'vcan0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x4, 0x1ff, r3, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0xc) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000300)={{@raw=0x4, 0x4, 0xf8, 0x5, "a401d243991a4de376cc2bd4dbe3e10d3cff152230323227f8d6c24be7ceeed84366bbadec1b7ea40209a468", @raw}, 0x1ea, 0x3, 0x1, @raw=0x8f10, @reserved="1f21b2aa03e626d5da400a9e13f017f54c625fbe785ff8a079f5f335840ca5ee5c72d7c5dd9684cc9ec3d4551843651db67be7a66dc7420e0baebb7eb8a880fe494bb541abf1fad77749d5d4e58490133df980172cacbfd9fe2e372ddc298dcd9e9b59e603a8f2cd3f3500e3850bf32ab968e7afd0388afaa3712b60835ab268", "2bb2d72b107f43a0d30100000000000000ae4a5be70b75810dfa4cc9182ed519d3613ea5b4243440fc9595b760cee784decb284ff015aa97d8f86dd61fd4f929"}) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 0s ago: executing program 4 (id=2064): close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x9) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/power/pm_qos_resume_latency_us\x00', 0x88282, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x26, 0x1, 0x1) r1 = socket(0x26, 0x2, 0x72) writev$auto(r0, &(0x7f0000000000)={&(0x7f0000000100)="82f5012c01f663b9ee852596d01d9330a1293b2063441379569b2c702abba21cba8b09124b2dec5866d749e45df9f68bc14ca8439a6856a0a05552d8348824fddc74b853ad43b02371eacd4a44fec3ab3a9b783be708e164f038a50368677b3731eea471dbc318ef920e7cef0c144a309981a3c719246def0fd6f171830fe048c3968f", 0x3}, 0x9) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket(0x6, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f00000001c0)="dd69b6440800ac8caf4bdecc30b530ac6ebbff950e1a647d6a08a1b55dde5a409b53830b7803aef33addb33f3a800002000000f179fa3d472949a7264a1b5f", 0x3f) r4 = socket(0xa, 0x3, 0x2c) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) read$auto(r2, 0x0, 0x3) sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000011c0)=ANY=[@ANYBLOB="18000000", @ANYBLOB="a5808011b41bb4e4032c9b5547d0cca189dc57234f81c0841f53cf7728bda276420e81ba023beeebfd0e63fb9bb86ab001d6972612ed2cd607c267dd35dcc012d8623c89d2f629fa1b9d7a8a6857bfa01876989ea4a824a13d61fb62a01add20729cb934b9b6889147ca616abe57f751a5d1c3929492abdf87cebfd97272af38b6e6f989b5fe60731fa5c28344671e75ddc5521797757a26a8ee640c3c2888020227f26d39290035682876c3a2bf0590e3f830b277c8fbc76f79d741bd6d12f42542b6a13a718bb2328f8d0f6d70b93905bb5b53696e008a63a7aa2b6f987568f666f989bce390293ae7f2f7418932f197a066ef947c43b16f6e2e632df0e6c083d7d8ea4c54335f9442a2b8b08f4c6afd3cfa749ed907c9779103e3aa3639ab14da47ed93c6b5b452a3dbea104919bb49edfc3e11e917cb313d2c1f481e3a60b12ed88d8accdcb1fb9e938570657dea4df8c6819c4b4cc5268cc7362c85124ba92bc2c68bfc0ffceb22bef4592cdb2ac8b637228a5957dde420feea8fbb336b09f87f0743b80496acd213bd9c1ead4ab0f2ce016a19ef9919230d29ff7b980d194ea11630870889a398fa79566dc209a6c94116db2938d627daac85a3ea839b1f8306ff9866cacf6289752572975346d8c1614c1c77813beb57ea4b5b1b47f0af77d15e0704850b86f4b889c9b2db60b207a9dd32b0a2467f1613603b00dacf793142699f03b29461e0c23d83ce2b06444daece5ef8e64900416424a01808fd2502f69b2383448526e5c7a937362c469d9af081f276881e6bdb39f535b8b8c8bf6fa1f2710e3349008c3c8f7172f5ba33a78020672a73a808a12e0811d22c236acd0a7a9d512f50f2c2e10e06f9269b28014e12484b812e50ba9ae6b1fba21e394a703a5d784455ec471c9aa2fa6b3542a11f91f46f8e0c5814af48995c3185aded7ba0f794130b3694ad7681bf1bb184b2ed45be552946ea9efa9b93348e35a660fefacd63bb80a188446add9b3c286de3169b914345529d2162e89721d0092dd14b174b7ceba0e1addb2eb37a9025b6028f69d4822b2dfaeb00f5b251b5de88a475e20732e60a6ff5d9b51f4091bdc7a9e4b9319bcb210d382180ab95c25048faeee83fe9ab19d98e50d1955a520eb881565f09230da72dd0113741ac9f22ad9623ac64829fc3065dd27b7e67aa4f68265e366fb4c0a3b82ff0697f583379910b92cd759b8a08ebab5ade975e3d295f6442a954a41aa6e1f6a58c4440a53b766feee2d8fd00d3d22ca4aa30cab7ec0c3689812475437692186764b9dc5a1d631a2fa95dd1218aaaec991fad16467e7e736f17ec445a3a97fdcadafc930ac5dc46797942cd521469a89253c86f5f56ecde82885325419fa0a073d32511064621ecea595396d9f224b0deff07446c80fbfcd2b6313b1504c3efd6daaa4b88aa745719c0f0dc0bcec5f5645763755b5ca8c9bb500c3f090de41b7b7ca0a3dcb140cda87c1ffc6a2dab835d9318fedc9a12aa470b60c1259670c3d9acecdd4a02858ae05e648e2f949ce65adaea1d0d512a5674565d07c91ed91abe0e7c58372381aa8ffe39214821837b6d7338ab5e77c640d9f0c55ce48b494fcffbf79f5c632c56ff662c982a418ca89fdcc3718742d567f1e158611c6baf0c21da63e893765cae28fa8f57bf4402cea8d9d7af978dc4e33b96d4d17a292cd8f4abf2d939b04c89ed0d681c944dfd790bd1d3222f32c72b58c1c5c3fca2cf038f444f6b8e99a15c18df00977a2de7bc3b16cd914649e7417ddfc8e2a23206d3f8775b38ca196e769cca4b45464c9871655799c6fd0c5c629cd7151a23f56dc090f78bf1aa01bca6c388b4c7bfab9629855918ddcb499556693ac0654e084e0e6bf5b5e807096c5dc292884b6106444bf28c277c02000415f3b4e090bc297f9cdb0c2b9ffb95f6a0397b8943113814b2cfde4e0d16fecd6564c09904425659a4fb1908fafba772b52919da7076be199a2065554aad15e482b5098a3a4057129ddfe189629334d9f9135663f72422c982879f410e37fb9dbbe497af4ffb7774f23828310b28299957b1b1315fd965d586b78c092f0399158f3241b183c37543a2065011785ea6a2b50d31bfc597cfce74aebf0f06579acf2ade3d54430e0d464e20f4f328aeaa6416eadbb0ea6d4d1fa0f2a68da2b7488cde8d890ea580de49634b61eba48cda53d6dbdea5682e8c9e00135967eb4896df3e2e17adf666604b0afdab6a1f24ed367fb0bcd09a5772b82c0d7339216802063e14f4ce9e5025f51a269dd8af2677581dd5e491eb5f811fe4f33f8187fca35fb1f145bb9351f653902f70812bbf57cc76e184bc0431edd9b7381317e5950e52b9c089daff06e681f2470c429f4c339fc5e01a97b9cfdc3d6c77c9fe96b4be8a4e50715d2d16fe3d879004f77931b9a62cb91eb8f8717ef2e16670d38f82ee697247760e16ea23b4a482af2c65922fef15f55fdadcc44f1de27fc9c198bb340d94966593db3147dbef4e12a7a27db448f8246e95138810dbef27f8a38ab5738ea0adbfac2b149925134be580c75303d27aebf6a6a2f27d5755341f841bd75306ac98a0a2a20afe8f2d4463c4f585e9f3f81e2eae28244d1c8620cb3cb1680b2eb45f799f73cd5e45b1a469ab043bd778a2085f3914eae8975b72bf63d5bc83d9f4f5ebfeb4e1cc41b0dc7f302c88b849223aa60c7b3ee71fd9e9474e4c7554ae35b0a2e90a0c80fb45acedfb1eee016c154c49d53c054a32747e6e8945a051499279c1aa53e34f791978a269fa2caa5ec4c9d9b46f652bb00c65df120e78ff1e0aed5323fb4ecb23edfa6f6bcf37f4a4928c21e684d403bed50ad7f9d97a77b2a51e7f991b33d6ecfdc4082b55cd952e21eafa5db7fefbc9638e9020df9d1a6f2d8fd4be908bfc0314175803ccb34fca3f52df1e8690e920dd9f54158460689204bc9d79691735205da54598e3c1790813de57663971d9723eed536a1b8f5413d1357372bd356b9c3d7b13f3eb5ccd22198f10630cc0ecfe3858320b634dc8b6062c1604b9f2334be3bd5e64efb00f59b4d39b532d4180cc5509436a79c368f77739e89c72db8af11c845466723aabd45ef2813c417dc5ad08b9e60f6421f44080091ae72562fa655811561eafbcf86f1e770bad0ad502336c59fa29669d8b5c5009856c0666b9bbe07de70bd1654475008eaa5755e828825b01125400dd8aae651c6721ed6b56f605e14c77450d193c92bfb53969f7714264c7c29fe01458e37e92482874b53b825a68860952984346294b48cc2f0e7dde6a84eae886ba1cc112b560f608aa458ea28ccbbaa7b34f7d886497793db935189f2767de5317cf0d9f79713397814dc8c05095f5e7cfd74c383fca87facd115ac4351f9da95eea6dd0d83c3b77a6e6ff4a1dd9f95f661f42a2fcd3b9f7374a88800241793b42b6bcf155763d5e2bd1ae11b9cd38ef62b66115a6e811c0c0f71012e7c105cf7e685f33d892f50a9fc277517165ea4a3c9a9749df432ed20df955d818742cda3295ed640a75c08ed617b30feb8a26b21fe6ae97f61501abed8693a428cb338025147a26a278b564d5e46e2f49fc314302499ffaaef1a326379dca74746b91179756acb6546a091cb8708abb0731bccc8b731cad5847b88e9f6648e83a7a958151b74e337c6e431afa326bd9d9f0ba207b5faf4e349ce4ca0c681a987985a5341f66f49c07feb2ad13a633dca853bdace946f0f89ad62832924ab15750717493023f04dc0cfd5b12f7d125711d38eb51f8292ac0aff6c3cc61c6c49f9f325d5ac7f923ff40753cd12d57a82ec59a253bb44bca9a49bbb0ae379e0f9b6423e9c7447688968919a5462c5d358c25dbac629da181ef443b9fb6f69efad0847dc83713f2a1c45fe4fc210559dc12367c64ddea8c4ac1005ea3010ea36dbc525603e91b165ee8809287dc35dfa317f88f3e6d2bfa736da8dfb9322982ec27165960523843caa914961606219df6dbcb921a4d10067524c20174df1febdde4b531975a58e7c32532c44d1e485a47c6cf454cfbc6c7b7ddded4c32c437d8d6ceb2df197aa29c4cbb555895021026efce4f0cbb34e5bf9b4514067aa1e550afa9f4833d104ccc58340c24ade6e15a519de5ac30dd649685025d82d6990d53baa5c06bea66dba3bdf20a5ff6d11ef68506a59da11aa45828896b9b2f60645f6cf96a4ee3d0bc2eb430b7d5331fcff5e60305a0bb89f91aec7611014735886216aabc3840b4c0b71592b80b3459cf6e918a97edc2f5656959d9719dc336c8ed9df54b0b8a693a77e9f373dbcced2bcb4268a8a46659f7c2c05d1915348d446f18bd8fe5fbcd68b2d4bff9eea59f4a1d45e8c00a49dedd08caaec436824ff77750e50f86d4de3fe6b7f9a828f4bf6d3fac86edbe3b641077fb93b336f3ba5dbff709203c5720f40ee5a5593389910b1acd7691c70f3e14a2372bc597bc1eeeb77e36776086309fb124d1e5b5d1f1ba911112b5c15be4421791dcaf951ea45b7fedf9373db15c4257de4bf69f3279cfbae159a162639051d086f7b05700cd62b88e2d6108ef9779ee189864867c69d39229f225350d783fcbb851a34afe57cad57afd1a5ed0df8a46dbbc5bc220b457df73fa396147d3476cb2050ef4c150b6095884b07d8a4297a55d513d4ea098b14bd9f7979ec6df25d41c75be7ecf36ce258194a73528adb2713b51e77d77fa509d217668561fc5d577a72869f54e0f8ef7159dc5438b78f8e94ec8ee9656e7edc8aac8bb4d558d92dbf6bdd3d849eee638f4c1f71c4ffcda0f0ff4cc310a41b48f2f8ffd071f16c82ae97390fc5621cfdd8c230ca6fa837abf33809d35f9d5ee4c7437582c319697f1fd44e933a7d0af88dc642c3b66da60846ace1171899448d7dce24e06ea1dd7b025bb8829536a529679a428caed163c9e8bec40555910f44286cd2a2c3dd55705333caedf2851ca734c2e8552555a3487ffb4865131dfb21c6350a94b3c45660f59294f226b2e181285445623c81377056ebc5505c5d0474b100e2251983e9ab03eb8ec6cbf04f81e4544468b6f82fdda14d44ae18e8f3cb428973552cf21b8aef74c532eb3006c7747ddaeb90ad07ceb1a6f23ae4f0d7e1081bd7b8848f0d242c2c056b1cd1fd58bbde5d435b69ff57cdf6a99a0b575ba38a1ad765d7647bf9a5c191a00be5eb0dd3cbf75e8d487c9acdae352369ba03f15c65c3d4675d79c355df7c71f75f14d4f3183ce3cfa717d5feb956dede315004c1fba22679f87525c281df5153bd7444fd0fd2e9527ee2cbd557eef11ca6e75101d0b7b380901c873ca51840c6437d86278fe3db05cdd968be718f280c0e2f2db9601efd1469761d654af5994f59d4f9005aa9e5aa77e9d345b4fb871ac2ad9096c36b6c9b419f40dfd2f0355c33898c568711701f9121cb358934f58c682a722107a7953f3af4ea63bb82f49494954a7b132f616224978945b531e83e30adfe061714ee68c524d2ef02953e4ff0516d695323b05dad0a62fa3f00ef75a8e6bbf835584ab04dc7401f28de958d7839b3bcd48d2af0b28c8eafc4396920b0efbd243a50585aeb9ff70c544d8a0461a9744a38bafb8bf7eb0dafe4c9e2e0753c9e817fcc113ba8d4d740dcf7db7ccd95e051e06d6725469865250e44f0f66e06673cfce043dbbe0090630f67b35338a3c014319a265cb73c0fc0457978dd252844ca9d11a6f56f4cf93c0c04c9a51606bdf3fc23d56bba72bcc947610d3294e752c8253a188787f3eb", @ANYBLOB="810b25bd7080fbdbdf2501"], 0x18}, 0x1, 0x0, 0x0, 0x20000080}, 0xc0c4) r5 = gettid() tkill$auto(r5, 0x7) gettid() r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCGDEV2(r6, 0x5452, &(0x7f0000000880)=0x5) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card1/pcm0p/sub3/info\x00', 0x20080, 0x0) pread64$auto(r7, 0x0, 0x7, 0xffff) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): obj (pid: 10049 comm: syz.1.1017) [ 343.077386][T10066] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1023'. [ 343.476400][T10090] netlink: 330 bytes leftover after parsing attributes in process `syz.3.1028'. [ 343.636585][T10081] kernel write not supported for file /options/sym-userobj (pid: 10081 comm: syz.1.1025) [ 344.437255][ T9998] kernel write not supported for file /options/sym-userobj (pid: 9998 comm: syz.1.1000) [ 344.736286][T10097] kernel write not supported for file /options/sym-userobj (pid: 10097 comm: syz.1.1030) [ 345.068487][T10108] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1033'. [ 345.685640][T10116] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1036'. [ 346.006247][T10108] kernel write not supported for file /options/sym-userobj (pid: 10108 comm: syz.1.1033) [ 346.346634][T10125] kernel write not supported for file /options/sym-userobj (pid: 10125 comm: syz.1.1039) [ 346.607178][T10122] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1037'. [ 347.792259][T10152] netlink: 266 bytes leftover after parsing attributes in process `syz.0.1044'. [ 347.806641][T10134] kernel write not supported for file /options/sym-userobj (pid: 10134 comm: syz.1.1041) [ 347.858556][T10152] IPv6: NLM_F_CREATE should be specified when creating new route [ 347.977929][T10160] FAULT_INJECTION: forcing a failure. [ 347.977929][T10160] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 348.017034][T10160] CPU: 0 UID: 0 PID: 10160 Comm: syz.3.1046 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 348.027548][T10160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 348.037663][T10160] Call Trace: [ 348.040982][T10160] [ 348.043953][T10160] dump_stack_lvl+0x16c/0x1f0 [ 348.048715][T10160] should_fail_ex+0x497/0x5b0 [ 348.053562][T10160] _copy_from_iter+0x29b/0x1400 [ 348.058497][T10160] ? trace_lock_acquire+0x14e/0x1f0 [ 348.063763][T10160] ? __alloc_skb+0x200/0x380 [ 348.068427][T10160] ? __pfx__copy_from_iter+0x10/0x10 [ 348.073789][T10160] ? __virt_addr_valid+0x1a4/0x590 [ 348.078990][T10160] ? __virt_addr_valid+0x5e/0x590 [ 348.084090][T10160] ? __phys_addr_symbol+0x30/0x80 [ 348.089185][T10160] ? __check_object_size+0x488/0x710 [ 348.094555][T10160] netlink_sendmsg+0x813/0xd70 [ 348.099395][T10160] ? __pfx_netlink_sendmsg+0x10/0x10 [ 348.104759][T10160] ____sys_sendmsg+0x9ae/0xb40 [ 348.109595][T10160] ? copy_msghdr_from_user+0x10b/0x160 [ 348.115136][T10160] ? __pfx_____sys_sendmsg+0x10/0x10 [ 348.120515][T10160] ___sys_sendmsg+0x135/0x1e0 [ 348.125273][T10160] ? __pfx____sys_sendmsg+0x10/0x10 [ 348.130632][T10160] ? __pfx_lock_release+0x10/0x10 [ 348.135772][T10160] ? trace_lock_acquire+0x14e/0x1f0 [ 348.141146][T10160] ? __fget_files+0x206/0x3a0 [ 348.145903][T10160] __sys_sendmsg+0x16e/0x220 [ 348.150560][T10160] ? __pfx___sys_sendmsg+0x10/0x10 [ 348.155850][T10160] do_syscall_64+0xcd/0x250 [ 348.160434][T10160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.166401][T10160] RIP: 0033:0x7fd1a6185d29 [ 348.170868][T10160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.190622][T10160] RSP: 002b:00007fd1a6f83038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 348.199098][T10160] RAX: ffffffffffffffda RBX: 00007fd1a6375fa0 RCX: 00007fd1a6185d29 [ 348.207128][T10160] RDX: 0000000000000050 RSI: 0000000020000840 RDI: 0000000000000003 [ 348.215145][T10160] RBP: 00007fd1a6f83090 R08: 0000000000000000 R09: 0000000000000000 [ 348.223169][T10160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 348.231192][T10160] R13: 0000000000000000 R14: 00007fd1a6375fa0 R15: 00007ffc138fb558 [ 348.239243][T10160] [ 349.581455][T10178] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1052'. [ 349.717455][T10183] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1053'. [ 350.450854][T10190] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1054'. [ 351.073196][T10165] kernel write not supported for file /options/sym-userobj (pid: 10165 comm: syz.1.1047) [ 351.615536][T10209] kernel write not supported for file /options/sym-userobj (pid: 10209 comm: syz.1.1057) [ 351.898650][T10216] FAULT_INJECTION: forcing a failure. [ 351.898650][T10216] name failslab, interval 1, probability 0, space 0, times 0 [ 351.962528][T10216] CPU: 1 UID: 0 PID: 10216 Comm: syz.1.1059 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 351.973129][T10216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 351.983239][T10216] Call Trace: [ 351.986572][T10216] [ 351.989586][T10216] dump_stack_lvl+0x16c/0x1f0 [ 351.994412][T10216] should_fail_ex+0x497/0x5b0 [ 351.999168][T10216] should_failslab+0xc2/0x120 [ 352.004099][T10216] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 352.009548][T10216] ? skb_clone+0x190/0x3f0 [ 352.014027][T10216] skb_clone+0x190/0x3f0 [ 352.018332][T10216] netlink_deliver_tap+0xafd/0xca0 [ 352.023548][T10216] netlink_unicast+0x5e1/0x7f0 [ 352.028389][T10216] ? __pfx_netlink_unicast+0x10/0x10 [ 352.033742][T10216] ? __phys_addr_symbol+0x30/0x80 [ 352.038844][T10216] ? __check_object_size+0x488/0x710 [ 352.044212][T10216] netlink_sendmsg+0x8b8/0xd70 [ 352.049050][T10216] ? __pfx_netlink_sendmsg+0x10/0x10 [ 352.054418][T10216] ____sys_sendmsg+0x9ae/0xb40 [ 352.059249][T10216] ? copy_msghdr_from_user+0x10b/0x160 [ 352.064790][T10216] ? __pfx_____sys_sendmsg+0x10/0x10 [ 352.070274][T10216] ___sys_sendmsg+0x135/0x1e0 [ 352.075036][T10216] ? __pfx____sys_sendmsg+0x10/0x10 [ 352.080324][T10216] ? __pfx_lock_release+0x10/0x10 [ 352.085405][T10216] ? trace_lock_acquire+0x14e/0x1f0 [ 352.090684][T10216] ? __fget_files+0x206/0x3a0 [ 352.095444][T10216] __sys_sendmsg+0x16e/0x220 [ 352.100099][T10216] ? __pfx___sys_sendmsg+0x10/0x10 [ 352.105300][T10216] do_syscall_64+0xcd/0x250 [ 352.109894][T10216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.115856][T10216] RIP: 0033:0x7f08d2185d29 [ 352.120315][T10216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 352.139987][T10216] RSP: 002b:00007f08d3045038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 352.148481][T10216] RAX: ffffffffffffffda RBX: 00007f08d2375fa0 RCX: 00007f08d2185d29 [ 352.156519][T10216] RDX: 0000000000000050 RSI: 0000000020000840 RDI: 0000000000000003 [ 352.164584][T10216] RBP: 00007f08d3045090 R08: 0000000000000000 R09: 0000000000000000 [ 352.172608][T10216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 352.180641][T10216] R13: 0000000000000000 R14: 00007f08d2375fa0 R15: 00007ffc3e2eff38 [ 352.188685][T10216] [ 352.346634][T10216] kernel write not supported for file /options/sym-userobj (pid: 10216 comm: syz.1.1059) [ 352.623103][T10226] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1064'. [ 352.837906][T10227] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1063'. [ 352.930928][T10231] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1065'. [ 352.969564][T10146] kernel write not supported for file /options/sym-userobj (pid: 10146 comm: syz.1.1041) [ 353.307511][T10224] kernel write not supported for file /options/sym-userobj (pid: 10224 comm: syz.1.1063) [ 354.001437][T10237] kernel write not supported for file /options/sym-userobj (pid: 10237 comm: syz.1.1067) [ 354.367333][T10241] kernel write not supported for file /options/sym-userobj (pid: 10241 comm: syz.1.1069) [ 354.773517][T10250] kernel write not supported for file /options/sym-userobj (pid: 10250 comm: syz.1.1071) [ 354.965849][T10256] kernel write not supported for file /options/sym-userobj (pid: 10256 comm: syz.1.1073) [ 355.689577][T10261] kernel write not supported for file /options/sym-userobj (pid: 10261 comm: syz.1.1074) [ 355.800777][T10271] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1075'. [ 355.955083][T10275] kernel write not supported for file /options/sym-userobj (pid: 10275 comm: syz.1.1076) [ 356.693504][T10285] random: crng reseeded on system resumption [ 357.013904][T10286] kernel write not supported for file /options/sym-userobj (pid: 10286 comm: syz.1.1078) [ 357.501446][T10295] kernel write not supported for file /options/sym-userobj (pid: 10295 comm: syz.1.1082) [ 357.743580][T10304] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1085'. [ 358.102866][T10303] kernel write not supported for file /options/sym-userobj (pid: 10303 comm: syz.1.1085) [ 358.258227][T10319] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1089'. [ 358.382783][T10319] kernel write not supported for file /options/sym-userobj (pid: 10319 comm: syz.1.1089) [ 358.463351][T10322] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1087'. [ 359.064131][T10330] kernel write not supported for file /options/sym-userobj (pid: 10330 comm: syz.1.1091) [ 359.291427][T10349] ubi: mtd0 is already attached to ubi0 [ 359.468943][T10347] kernel write not supported for file /options/sym-userobj (pid: 10347 comm: syz.1.1094) [ 359.972161][T10354] kernel write not supported for file /options/sym-userobj (pid: 10354 comm: syz.1.1096) [ 360.718796][T10359] kernel write not supported for file /options/sym-userobj (pid: 10359 comm: syz.1.1098) [ 361.776736][T10389] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1103'. [ 362.150189][T10396] ubi: mtd0 is already attached to ubi0 [ 362.253614][T10380] kernel write not supported for file /options/sym-userobj (pid: 10380 comm: syz.1.1102) [ 362.413523][T10398] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1108'. [ 362.513065][T10398] kernel write not supported for file /options/sym-userobj (pid: 10398 comm: syz.1.1108) [ 362.889027][T10401] kernel write not supported for file /options/sym-userobj (pid: 10401 comm: syz.1.1109) [ 363.110443][T10405] kernel write not supported for file /options/sym-userobj (pid: 10405 comm: syz.1.1109) [ 363.135956][T10412] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 363.253425][T10412] kernel write not supported for file /options/sym-userobj (pid: 10412 comm: syz.1.1112) [ 363.381438][T10422] FAULT_INJECTION: forcing a failure. [ 363.381438][T10422] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 363.433063][T10422] CPU: 1 UID: 0 PID: 10422 Comm: syz.4.1113 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 363.443578][T10422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 363.453695][T10422] Call Trace: [ 363.457011][T10422] [ 363.459981][T10422] dump_stack_lvl+0x16c/0x1f0 [ 363.464816][T10422] should_fail_ex+0x497/0x5b0 [ 363.469562][T10422] _copy_from_user+0x2e/0xd0 [ 363.474224][T10422] ip6_mroute_setsockopt+0x1664/0x25b0 [ 363.479765][T10422] ? hlock_class+0x4e/0x130 [ 363.484345][T10422] ? __pfx_ip6_mroute_setsockopt+0x10/0x10 [ 363.490336][T10422] ? hlock_class+0x4e/0x130 [ 363.494908][T10422] ? mark_lock+0xb5/0xc60 [ 363.499301][T10422] ? __pfx_mark_lock+0x10/0x10 [ 363.504145][T10422] ? find_held_lock+0x2d/0x110 [ 363.509080][T10422] ? is_bpf_text_address+0x8a/0x1a0 [ 363.514353][T10422] ? __pfx_lock_release+0x10/0x10 [ 363.519434][T10422] ? trace_lock_acquire+0x14e/0x1f0 [ 363.524722][T10422] ? __pfx_mark_lock+0x10/0x10 [ 363.529551][T10422] ? __lock_acquire+0x15a9/0x3c40 [ 363.534760][T10422] ? do_ipv6_setsockopt+0x8f7/0x4660 [ 363.540138][T10422] do_ipv6_setsockopt+0x8f7/0x4660 [ 363.545338][T10422] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 363.550968][T10422] ? __lock_acquire+0xcc5/0x3c40 [ 363.556001][T10422] ? hlock_class+0x4e/0x130 [ 363.560578][T10422] ? mark_lock+0xb5/0xc60 [ 363.564979][T10422] ? aa_label_sk_perm+0x19d/0x5a0 [ 363.570073][T10422] ? __pfx_mark_lock+0x10/0x10 [ 363.574890][T10422] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 363.580332][T10422] ? find_held_lock+0x2d/0x110 [ 363.585239][T10422] ? ipv6_setsockopt+0xcb/0x170 [ 363.590202][T10422] ipv6_setsockopt+0xcb/0x170 [ 363.594968][T10422] rawv6_setsockopt+0xdc/0x700 [ 363.599800][T10422] ? __pfx_rawv6_setsockopt+0x10/0x10 [ 363.605255][T10422] ? sock_common_setsockopt+0x2e/0xf0 [ 363.610717][T10422] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 363.616685][T10422] do_sock_setsockopt+0x222/0x480 [ 363.621773][T10422] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 363.627522][T10422] ? lock_acquire+0x2f/0xb0 [ 363.632107][T10422] __sys_setsockopt+0x1a0/0x230 [ 363.637045][T10422] __x64_sys_setsockopt+0xbd/0x160 [ 363.642322][T10422] ? do_syscall_64+0x91/0x250 [ 363.647076][T10422] ? lockdep_hardirqs_on+0x7c/0x110 [ 363.652352][T10422] do_syscall_64+0xcd/0x250 [ 363.656939][T10422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.662911][T10422] RIP: 0033:0x7f222b385d29 [ 363.667382][T10422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.687206][T10422] RSP: 002b:00007f22291d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 363.695683][T10422] RAX: ffffffffffffffda RBX: 00007f222b576080 RCX: 00007f222b385d29 [ 363.703712][T10422] RDX: 00000000000000d0 RSI: 0000000000000029 RDI: 0400000000000003 [ 363.711739][T10422] RBP: 00007f22291d5090 R08: 0000000000000004 R09: 0000000000000000 [ 363.719769][T10422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 363.726214][T10429] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1114'. [ 363.727764][T10422] R13: 0000000000000000 R14: 00007f222b576080 R15: 00007ffee1508f78 [ 363.727805][T10422] [ 364.123298][T10421] kernel write not supported for file /options/sym-userobj (pid: 10421 comm: syz.1.1114) [ 365.120978][T10440] kernel write not supported for file /options/sym-userobj (pid: 10440 comm: syz.1.1118) [ 365.570337][T10458] netlink: 346 bytes leftover after parsing attributes in process `syz.1.1123'. [ 365.622506][T10468] ubi: mtd0 is already attached to ubi0 [ 365.680133][T10468] FAULT_INJECTION: forcing a failure. [ 365.680133][T10468] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 365.768148][T10468] CPU: 1 UID: 0 PID: 10468 Comm: syz.3.1125 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 365.778670][T10468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 365.788780][T10468] Call Trace: [ 365.792093][T10468] [ 365.795066][T10468] dump_stack_lvl+0x16c/0x1f0 [ 365.799838][T10468] should_fail_ex+0x497/0x5b0 [ 365.804760][T10468] _copy_to_user+0x32/0xd0 [ 365.809250][T10468] simple_read_from_buffer+0xd0/0x160 [ 365.814719][T10468] proc_fail_nth_read+0x198/0x270 [ 365.819827][T10468] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 365.825493][T10468] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 365.826722][T10457] kernel write not supported for file /options/sym-userobj (pid: 10457 comm: syz.1.1123) [ 365.831087][T10468] vfs_read+0x1df/0xbe0 [ 365.831141][T10468] ? __fget_files+0x1fc/0x3a0 [ 365.831191][T10468] ? __pfx___mutex_lock+0x10/0x10 [ 365.831237][T10468] ? __pfx_vfs_read+0x10/0x10 [ 365.831285][T10468] ? __fget_files+0x206/0x3a0 [ 365.864591][T10468] ksys_read+0x12b/0x250 [ 365.868895][T10468] ? __pfx_ksys_read+0x10/0x10 [ 365.873713][T10468] ? syscall_user_dispatch+0x77/0x140 [ 365.879175][T10468] do_syscall_64+0xcd/0x250 [ 365.883756][T10468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.889748][T10468] RIP: 0033:0x7fd1a618473c [ 365.894199][T10468] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 365.913930][T10468] RSP: 002b:00007fd1a6f62030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 365.922373][T10468] RAX: ffffffffffffffda RBX: 00007fd1a6376080 RCX: 00007fd1a618473c [ 365.930368][T10468] RDX: 000000000000000f RSI: 00007fd1a6f620a0 RDI: 0000000000000005 [ 365.938376][T10468] RBP: 00007fd1a6f62090 R08: 0000000000000000 R09: 0000000000000000 [ 365.946373][T10468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 365.954367][T10468] R13: 0000000000000000 R14: 00007fd1a6376080 R15: 00007ffc138fb558 [ 365.962384][T10468] [ 366.293093][T10472] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1126'. [ 366.535310][T10472] kernel write not supported for file /options/sym-userobj (pid: 10472 comm: syz.1.1126) [ 366.822169][T10481] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1127'. [ 366.875753][T10484] FAULT_INJECTION: forcing a failure. [ 366.875753][T10484] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 366.937041][T10484] CPU: 1 UID: 0 PID: 10484 Comm: syz.1.1129 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 366.947565][T10484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 366.957671][T10484] Call Trace: [ 366.961004][T10484] [ 366.963987][T10484] dump_stack_lvl+0x16c/0x1f0 [ 366.968741][T10484] should_fail_ex+0x497/0x5b0 [ 366.973489][T10484] _copy_to_user+0x32/0xd0 [ 366.977984][T10484] simple_read_from_buffer+0xd0/0x160 [ 366.983423][T10484] proc_fail_nth_read+0x198/0x270 [ 366.988531][T10484] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 366.994168][T10484] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 366.999798][T10484] vfs_read+0x1df/0xbe0 [ 367.004026][T10484] ? __fget_files+0x1fc/0x3a0 [ 367.008775][T10484] ? __pfx___mutex_lock+0x10/0x10 [ 367.013874][T10484] ? __pfx_vfs_read+0x10/0x10 [ 367.018632][T10484] ? __fget_files+0x206/0x3a0 [ 367.023387][T10484] ksys_read+0x12b/0x250 [ 367.027691][T10484] ? __pfx_ksys_read+0x10/0x10 [ 367.032540][T10484] do_syscall_64+0xcd/0x250 [ 367.037143][T10484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 367.043419][T10484] RIP: 0033:0x7f08d218473c [ 367.047899][T10484] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 367.067658][T10484] RSP: 002b:00007f08d3045030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 367.076166][T10484] RAX: ffffffffffffffda RBX: 00007f08d2375fa0 RCX: 00007f08d218473c [ 367.084195][T10484] RDX: 000000000000000f RSI: 00007f08d30450a0 RDI: 0000000000000004 [ 367.092221][T10484] RBP: 00007f08d3045090 R08: 0000000000000000 R09: 0000000000000000 [ 367.100247][T10484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 367.108445][T10484] R13: 0000000000000000 R14: 00007f08d2375fa0 R15: 00007ffc3e2eff38 [ 367.116667][T10484] [ 367.168382][T10484] kernel write not supported for file /options/sym-userobj (pid: 10484 comm: syz.1.1129) [ 367.425485][T10492] kernel write not supported for file /options/sym-userobj (pid: 10492 comm: syz.1.1133) [ 368.109469][T10502] kernel write not supported for file /options/sym-userobj (pid: 10502 comm: syz.1.1134) [ 368.368119][T10512] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1137'. [ 368.700175][T10515] kernel write not supported for file /options/sym-userobj (pid: 10515 comm: syz.1.1138) [ 369.204992][T10528] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1140'. [ 369.289011][T10528] ip_vti0: entered promiscuous mode [ 369.411869][T10538] kernel write not supported for file /options/sym-userobj (pid: 10538 comm: syz.1.1139) [ 369.433139][T10533] ubi: mtd0 is already attached to ubi0 [ 370.135666][T10546] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1144'. [ 370.272987][T10522] kernel write not supported for file /options/sym-userobj (pid: 10522 comm: syz.1.1139) [ 371.124735][T10555] kernel write not supported for file /options/sym-userobj (pid: 10555 comm: syz.1.1147) [ 371.724024][T10569] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1148'. [ 371.793005][T10561] Process accounting paused [ 372.578009][T10585] netlink: zone id is out of range [ 372.605683][T10585] netlink: zone id is out of range [ 372.638256][T10585] netlink: zone id is out of range [ 372.656653][T10585] netlink: zone id is out of range [ 372.693189][T10585] netlink: zone id is out of range [ 372.720226][T10585] netlink: zone id is out of range [ 372.749300][T10585] netlink: zone id is out of range [ 372.795472][T10585] netlink: zone id is out of range [ 372.828195][T10585] netlink: zone id is out of range [ 372.858438][T10585] netlink: zone id is out of range [ 373.247186][T10602] bridge0: port 3(bond0) entered blocking state [ 373.267293][T10602] bridge0: port 3(bond0) entered disabled state [ 373.273813][T10602] bond0: entered allmulticast mode [ 373.328624][T10602] bond_slave_0: entered allmulticast mode [ 373.334537][T10602] bond_slave_1: entered allmulticast mode [ 373.378004][T10602] bond0: entered promiscuous mode [ 373.415491][T10602] bond_slave_0: entered promiscuous mode [ 373.446387][T10602] bond_slave_1: entered promiscuous mode [ 373.487510][T10602] bridge0: port 3(bond0) entered blocking state [ 373.493961][T10602] bridge0: port 3(bond0) entered forwarding state [ 373.558042][ T29] audit: type=1800 audit(4294968542.033:8): pid=10605 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1157" name="lu_gp_id" dev="configfs" ino=36192 res=0 errno=0 [ 374.156902][T10612] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1160'. [ 374.659472][T10617] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 376.152843][T10636] binder: 10635:10636 ioctl c0105512 1 returned -22 [ 376.164931][T10636] binder: 10635:10636 ioctl c0306201 9 returned -14 [ 377.166682][T10664] ubi: mtd0 is already attached to ubi0 [ 378.816429][T10686] net_ratelimit: 10 callbacks suppressed [ 378.816453][T10686] openvswitch: netlink: IP tunnel attribute has 5 unknown bytes. [ 380.869429][T10724] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1188'. [ 381.678430][T10735] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1186'. [ 382.812391][T10753] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1193'. [ 383.387543][T10772] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1196'. [ 384.149400][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.155885][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.760032][T10807] netlink: 'syz.4.1206': attribute type 1 has an invalid length. [ 384.821337][T10804] ubi: mtd0 is already attached to ubi0 [ 387.412067][T10858] ubi: mtd0 is already attached to ubi0 [ 389.138976][T10881] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1222'. [ 392.451656][T10941] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1235'. [ 392.938189][T10954] ubi: mtd0 is already attached to ubi0 [ 393.554171][ T5840] Bluetooth: hci4: ISO packet for unknown connection handle 0 [ 395.685206][T10997] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1249'. [ 396.253030][T11008] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1252'. syzkaller syzkaller login: [ 397.945460][T11039] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1259'. [ 400.312935][T11050] program syz.4.1263 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 401.531576][T11082] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1270'. [ 404.276296][T11125] cgroup: fork rejected by pids controller in /syz0 [ 405.298750][T11191] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1282'. [ 408.648601][ T5834] Process accounting resumed [ 408.653300][ T5834] kernel write not supported for file /options/sym-userobj (pid: 5834 comm: syz-executor) [ 408.866678][T11200] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 409.016816][T10597] kernel write not supported for file /options/sym-userobj (pid: 10597 comm: syz.1.1156) [ 409.173188][T10709] kernel write not supported for file /options/sym-userobj (pid: 10709 comm: syz.1.1182) [ 409.344984][ T6249] kernel write not supported for file /options/sym-userobj (pid: 6249 comm: syz.1.74) [ 409.450811][ T5849] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 409.461542][ T5849] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 409.470753][ T5849] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 409.479236][ T5849] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 409.497346][ T5849] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 409.504864][ T5849] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 410.217064][T11238] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1291'. [ 411.006901][T11245] syz.4.1292 (11245) used obsolete PPPIOCDETACH ioctl [ 411.587231][ T5840] Bluetooth: hci2: command tx timeout [ 411.677119][T11231] chnl_net:caif_netlink_parms(): no params data found [ 413.398684][T11231] bridge0: port 1(bridge_slave_0) entered blocking state [ 413.405853][T11231] bridge0: port 1(bridge_slave_0) entered disabled state [ 413.477855][T11231] bridge_slave_0: entered allmulticast mode [ 413.485048][T11231] bridge_slave_0: entered promiscuous mode [ 413.525906][T11231] bridge0: port 2(bridge_slave_1) entered blocking state [ 413.557080][T11231] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.577144][T11231] bridge_slave_1: entered allmulticast mode [ 413.598449][T11231] bridge_slave_1: entered promiscuous mode [ 413.683618][ T5840] Bluetooth: hci2: command tx timeout [ 414.950868][T11231] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 415.222567][T11231] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 415.392774][T11231] team0: Port device team_slave_0 added [ 415.423771][T11231] team0: Port device team_slave_1 added [ 415.521263][T11231] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 415.536970][T11231] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 415.597254][T11231] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 415.658305][T11231] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 415.665401][T11231] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 415.747020][ T5840] Bluetooth: hci2: command tx timeout [ 415.757270][T11231] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 415.913049][T11231] hsr_slave_0: entered promiscuous mode [ 415.935225][T11231] hsr_slave_1: entered promiscuous mode [ 415.945151][T11231] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 415.953440][T11231] Cannot create hsr debugfs directory [ 416.572852][T11231] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 416.598620][T11231] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 416.709925][T11231] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 416.751747][T11231] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 417.093192][T11231] 8021q: adding VLAN 0 to HW filter on device bond0 [ 417.170047][T11231] 8021q: adding VLAN 0 to HW filter on device team0 [ 417.209004][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 417.216270][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 417.217694][T11288] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1300'. [ 417.289770][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 417.297094][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 417.397196][T11288] netdevsim netdevsim4 netdevsim2: entered allmulticast mode [ 417.506431][T11231] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 417.827214][ T5840] Bluetooth: hci2: command tx timeout [ 418.023346][T11231] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 418.831381][T11231] veth0_vlan: entered promiscuous mode [ 418.865033][T11231] veth1_vlan: entered promiscuous mode [ 418.965972][T11231] veth0_macvtap: entered promiscuous mode [ 419.016274][T11231] veth1_macvtap: entered promiscuous mode [ 419.088437][T11231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.127138][T11231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.153532][T11231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.188681][T11231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.209859][T11231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 419.238639][T11231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.295894][T11231] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 419.340892][T11231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.387091][T11231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.412658][T11231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.445973][T11231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.464371][T11231] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 419.495637][T11231] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 419.538642][T11231] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 419.571591][T11231] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.619209][T11231] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.645143][T11231] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.669188][T11231] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 419.909763][ T3418] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 419.944863][ T3418] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.010006][T11324] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1306'. [ 420.043301][ T3541] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 420.058518][ T3541] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 420.069015][T11324] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1306'. [ 422.321992][T11343] bond0: option all_slaves_active: invalid value () [ 425.117784][T11393] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1325'. [ 425.136991][T11393] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1325'. [ 426.185365][T11406] bond0: option all_slaves_active: invalid value () [ 429.049680][ T29] audit: type=1400 audit(4294968597.523:9): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=11436 comm="syz.3.1335" [ 429.916532][T11451] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1339'. [ 434.589073][T11508] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1352'. [ 438.755460][T11543] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1358'. [ 442.884249][T11582] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1368'. [ 443.971694][T11598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1372'. [ 444.041832][T11598] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1372'. [ 445.258903][T11611] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1384'. [ 445.589964][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.597015][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 451.080848][T11681] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1393'. [ 453.184912][T11707] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1401'. [ 453.467542][T11717] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1403'. [ 453.516977][T11717] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1403'. [ 454.836422][T11733] [U] [ 454.839407][T11733] [U] [ 454.842166][T11733] [U] [ 454.844921][T11733] [U] [ 454.916122][T11733] [U] [ 454.918948][T11733] [U] [ 454.921708][T11733] [U] [ 454.924464][T11733] [U] [ 455.006696][T11733] [U] [ 455.009508][T11733] [U] [ 455.012347][T11733] [U] [ 455.015098][T11733] [U] [ 455.115325][T11733] [U] [ 455.118135][T11733] [U] [ 455.120887][T11733] [U] [ 455.123638][T11733] [U] [ 455.737305][T11733] [U] [ 455.740117][T11733] [U] [ 455.742878][T11733] [U] [ 455.745668][T11733] [U] [ 455.759819][T11733] [U] [ 455.762625][T11733] [U] [ 455.765373][T11733] [U] [ 455.768227][T11733] [U] [ 455.797228][T11733] [U] [ 455.800041][T11733] [U] [ 455.802807][T11733] [U] [ 455.805565][T11733] [U] [ 455.809277][T11733] [U] [ 455.812050][T11733] [U] [ 455.814954][T11733] [U] [ 455.817815][T11733] [U] [ 455.858814][T11733] [U] [ 455.861614][T11733] [U] [ 455.864376][T11733] [U] [ 455.867123][T11733] [U] [ 455.916179][T11733] [U] [ 455.918975][T11733] [U] [ 455.921721][T11733] [U] [ 455.924472][T11733] [U] [ 455.944093][T11733] [U] [ 455.946893][T11733] [U] [ 455.949644][T11733] [U] [ 455.952394][T11733] [U] [ 455.995031][T11733] [U] [ 455.997844][T11733] [U] [ 456.000698][T11733] [U] [ 456.003454][T11733] [U] [ 456.084603][T11733] [U] [ 456.087410][T11733] [U] [ 456.090172][T11733] [U] [ 456.092929][T11733] [U] [ 456.142228][T11733] [U] [ 456.142292][T11733] [U] [ 456.142348][T11733] [U] [ 456.142410][T11733] [U] [ 456.142532][T11733] [U] [ 456.142588][T11733] [U] [ 456.142643][T11733] [U] [ 456.142698][T11733] [U] [ 456.142763][T11733] [U] [ 456.142819][T11733] [U] [ 456.142874][T11733] [U] [ 456.142929][T11733] [U] [ 456.143214][T11733] [U] [ 456.143271][T11733] [U] [ 456.143325][T11733] [U] [ 456.143387][T11733] [U] [ 456.143453][T11733] [U] [ 456.143508][T11733] [U] [ 456.143563][T11733] [U] [ 456.143617][T11733] [U] [ 456.143715][T11733] [U] [ 456.143771][T11733] [U] [ 456.143826][T11733] [U] [ 456.143881][T11733] [U] [ 456.143946][T11733] [U] [ 456.144001][T11733] [U] [ 456.144056][T11733] [U] [ 456.144111][T11733] [U] [ 456.144476][T11733] [U] [ 456.222770][T11733] [U] [ 456.225531][T11733] [U] [ 456.228300][T11733] [U] [ 456.288443][T11733] [U] [ 456.291208][T11733] [U] vhl@ qZ"CWu6*Ԧ#e&paYmf%w(t ;j~qDLn4y |Hl[ 婓 [ 456.302385][T11733] [U] _y߻Ӓb>O*rRTPADl@VܶQڜ2o:s|Meil{#aaR4+sIߕ [ 456.311806][T11733] [U] RJL"kXAvZ@fOdgk(S %, ?Dɭoc(-,+2cD7`1Ske"ڭXKAhJx [ 456.324507][T11733] [U] ط{ݤ_mGTH;Masey%Y aaФ2> -pT١"G!66.#]ȹ02)H<87_)L* [ 456.336801][T11733] [U] /)*[Y.v9_##yR2ڝ/MZptƸ\c9vlG炭3^+l')J2dE]F9/rm]% [ 456.350831][T11733] [U] WHPvԖ~wUr?oY~8i鐱r*5BA_WQs$@d|ڐaka7% \N0$/._0R$fwMT]Rad(5AX [ 456.368421][T11733] [U] S:\\Y\-Lwz?~\{ENdg@-XLQ/e \-mewl1o+=f4MvWVFZc@+,KU;: 'N [ 456.413802][T11733] [U] 8 ! X>+,Ӌ˯h%g,%i@@f 9ü ؅dk5n0o&5Qg3;D|C)1?p@gb)J]ٮW4waVa.%v ΄.+23.v~V zv'1bbkPi쁼Tܤ3. 6`&Fc>ҧqp>X&3\UϼhJÑajpYy[d(7id)! q\Woc%qrl* Okh[:d&,05}ER=_#tO˟՗ϵYWD]+0yMKH\f0*w t\jǁbe=Hov ~}<둸Y$(lnY*Oˤ )!D;D<!@(m5'4 [ 456.462022][T11733] [U] +lYRdr|7:J?XTRk.08Y>)#fԶG\0D39lQC^Z5r3T*g{.p/DYJr,V)K%r쀩Yta Iuf)!z[M+CH\K@[1C,y R꿚Ax>yTV_FP^ϜO:ݹ'h8NM XK [ 456.462066][T11733] [U] ;ђ{N_Omt_>L6w3әM# -Y5xy,$G^F{\G)'xt.ҿS$`}S [ 456.462085][T11733] [U] Fwn<3t^TIEylSn_{ [ 456.462107][T11733] [U] ~{=rμY:F@]ސ Νz"YWiYDof+3f;(֝$7v1+YJZ:I3E(t?,Axh}0~P{ڇ؀:q4Ŀ [ 456.462154][T11733] [U] `6P-!9FZIiIS/Q=з8Za;KGoU1HﶋȒ~|߷:MV%y{i̒U zHޡ䱐sR [ 456.462185][T11733] [U] 4Vx(\Iؐbpjaw[`8 S3ʐňɧ [ 456.462269][T11733] [U] \9@+LپiJ,:[Nj [ 456.462300][T11733] [U] ^xS؊ [ 456.462315][T11733] [U] +b@c]eTFPu,^K&ؑ7ԋE͟<ȺpšЯ<2ZZL [ 456.462350][T11733] [U] Zphf.(`܏ [ 456.472663][T11733] [U] Ǐ8/D<~h=HhvSfHg{NN2tQG('D6'ꬔ@&(89IDg<z7cŠCN7ÕyF=]dcWtFLFJǠ ڄcu1ۊ= ،ԍ 3)MR [ 456.472870][T11733] [U] b կoYAx/*r{?a\ܴk-^lt [ 456.473051][T11733] [U] C;(dI]3NB,3##&}SβWhN=lB &qx@%&DuE] [ 456.473076][T11733] [U] D_ͨ$A@>΀.뙿`S.YlMLŖ4M=aVh= [ 456.473097][T11733] [U] B.+|gugzQ~C^0c,} [ 456.473140][T11733] [U] (_k [ 456.473169][T11733] [U] D_R~`U\(=Pd`[<)?q jKJ!)M&>UV&+2Fk2WPZޙs]KO޲7 ,c"SF"9biQ#D3M̿ݫ C{fz:D-R1T_iy"T [ 456.473202][T11733] [U] [ 456.473342][T11733] [U] _c kצxv}xhif  [ 456.473361][T11733] [U] @|}ZƤ\e=އ>Z7R?uL\ [ 456.473386][T11733] [U] ࠁp7C-Zﺼ3|%OLvF(u٫Uk!T(.KC7m8jdaxxEN8F [ 456.473438][T11733] [U] &n|؂f+j{ЌlNpc;<.KNj6S$߈ 6VEcwSzTLZER 1O Ȋ?_C;߰55t_Tyc ,ˋ;ZX&I!þ|VpK6r'~ S 6"'y4J" F<!SlS $)֠FKAuIX`z_ӡ f@PU\qMg.<2M'Lv|RJ>yu*ˣS^85wذ^ [ 456.473483][T11733] [U] XD- [ 456.473521][T11733] [U] )ObIk{1昘m#l!𜄭%b>}|t ߬-.KՂs삶*T\6?nlEb2jZ~b@q\5-XlDl1ē`q椀~ޡhFj<fgM )e'OX]/$y6Š.E눱'v֧HjRP*xf60匽ݹďDۯкdwnPtE4}_{:X;kIɰGX=.#" [ 456.473567][T11733] [U] ef4)_ Vk7Ha: jAo+T{5[c䑉2|fR=n [ 456.473595][T11733] [U] .L/qRv$y11UMUۑ|\,Mk[atF j5 [ 456.473623][T11733] [U]  `uvOrekl5I4zM!Ng #*xA"E3~wg˵ fC'YtyE:'Ջxwd8H]ƀ\R4{|Zq*c\踖 [ 456.473668][T11733] [U] .w,{%_4 Y1I=GZTWikm N2^7(",(E+(̦/U].(RtmK!a3aS<u$#Sk4CkQaz1(0c2/P3xՓI$[;Q}ľ.'@ [ 456.473700][T11733] [U] 8_O,({M [ 456.473725][T11733] [U] Ͽv1\IUc]24@_ۮS8hA(bWk76yrf0GMڣyς0rqw)**ַyPvP~ޓe` ~6/("J(z W [ 456.473750][T11733] [U] * [ 456.473765][T11733] [U] *Ծ9k]ןix<ߡMRUҩu6B weȒ*E~ [ 456.473811][T11733] [U] \L,ȟh 8"c;wftff`O g5:CZJ4eԳS)*(;.@ݏ`{;y>תf'M%+{qN!R@>slRŋH-@Mn#bfM.(c⾓ձ54L~A߾!+<.2Cdv&g5Foax%M-GٝqCcO$f@Emj67=Sb [ 456.473884][T11733] [U] i$d{ |8E?Iq*O}kO9OǓ'Uk^HR+Pěܮ*vX!.f1ZD"7 ۰b-/`KvkJJJZZ6ZJPs8bcZ(GxNHhgzph9Ikk -mYӻ;xbmY\EXa%vG@aJjnn֚\uKAs 3 [ 456.473932][T11733] [U] IH{l DFC! t\Hi`1^엾@_DV( Q2..Y9~*b'n|ڐ}G|Rz2a]k [ 456.473957][T11733] [U] YTVgDP6n6Fӂ] 2 5d [ 456.473999][T11733] [U] cku{}$ފ,.*1Lc/,L4C&JZGaeL",MSO-((9{ވľ#(B]N +7RBa+ Tk݈ |;?dpӽ@,1!u)fl^{uI]^,хg I1_%-Te Kgo.:P-B6nr˕*'0Ɖf~2kr h` [ 456.474046][T11733] [U] ] (SHF1ˣ">6PB `!I|g [ 456.474062][T11733] [U] \`q])2>k [ 456.474077][T11733] [U] C5c>"?@ E*pS?}P:?M [ 456.474132][T11733] [U] #i>VJ&к+D@ބӽ2GW !h~CN}-YU[HZ/1=< [ 456.474167][T11733] [U] ß5Thޠ5$T8(Dݍ [ 456.474343][T11733] [U] aC:Wz SDC# .]8q1I-ϥw+ww3#Zm&d-$Tl== [ 456.474389][T11733] [U] (L"{*6¥?&xdƽcS^ ;mxU$&/b?.YP(ҭ I\[>ǹ`L֝?9+R/Y*ٖMU\q̫X -K?!n2tmө9:gw8V}ux [ 456.474418][T11733] [U] M} [ 456.474457][T11733] [U] `-B4.䟯ї!i._hPPю]7GˌRsڗigÙ2?4AQ4$d VsQw>>ЛD+*qqa@@Z`,M@6+0'Ѹ׋MDElf9kQurߨYԮ'<URpbhdӣ'XNf7Zzɥ/;5\Et|RLI'4>jh4%ř:Z_Ү4 [ 456.474740][T11733] [U] 괺/O%忼==KB@ [ 456.474770][T11733] [U] fVv=2jТd"0S{e ;%?$l#ذ ;mZa"aȞ@ |/ݞu^O4:I"IIY [ 456.474799][T11733] [U] #ࠈC_| 7c&:S'>o1[K8i+T-z#]E [ 456.474817][T11733] [U] S [ 456.474835][T11733] [U] {1E3(Vh2髽Јr =@Қy36Ξ=(ON+,5 [ 456.474859][T11733] [U] s1hT0a|ng1OrF4$e [ 456.474877][T11733] [U] Ua>ut$'*kf44y5 * [ 456.474892][T11733] [U] mx [ 456.474927][T11733] [U] ṜsY2d^K"2amF&qkia,| RAvmɼGE4X~gK\307FB( [ 456.474959][T11733] [U] ;ٚEVU4XrR{tpCNsCy6zWƙy+Ѡ6IX-z[퍼=KҲU~b#oJP [ 456.475010][T11733] [U] #Uk:3]ǎOL "{B>#0E~6..pRsM=ks|<{ck?~_{0g,>|sR6@iYC'4&V]*ugr`^&ScRC[[m#-ʴu鴘yxqO]kd}'41l-(PDnwc]~Ә0e 9^w#QO3UMCsʈ6ezyo*$KR{jQ*ZmVHCg`HgU^~GuL:6960NcEM [ 456.475059][T11733] [U] <ש!p#kU2Cb8YNk2=*34 [ 456.475123][T11733] [U] I%0 [ 456.475137][T11733] [U] W7!4`q]h(oF#Y.xi<@[_ [ 456.475154][T11733] [U] ю] T |ylEl [ 456.475168][T11733] [U] l F޽K<0/_C [ 456.475186][T11733] [U] qZG^#q_P!=c;Ą|R85. ψ@iZp [ 456.475211][T11733] [U] sp1Lne.^\?kʵ:NO:5XlYWJo [ 456.475229][T11733] [U] [sYlgMV [ 456.475256][T11733] [U] (woA!Q.qde:Gz-w<򞴰#zΒ7Qz}2\\X8~!rǑ8}'ZAy 癣7' ]^f~.tbX)* [ 456.475289][T11733] [U] jCXݛA a肾z ow[d?h=r[U.ݫ3 [ [ 456.475310][T11733] [U] 5 D1|q [ 456.475368][T11733] [U] +2ht(Y f|Rٗ:5*yHNr7<}^1h%gA&Om1py_\^Zi*r̼ [ 456.475390][T11733] [U] ł$ۂ [ 456.475415][T11733] [U] j= ,C 9rYiX M4 .,DKyyE!dGhydynS> [ 456.475466][T11733] [U] TXB'zK%Fڮkx_1RzQ@GGvD+na0DQA5 ֖H2 5z*jk'tkLo8||Jy];,.Aow~I4[@YŌXf&`.lFɼ٫sim % }CJwa; }*: %ݞiur?$^,_T`&m [ 456.475507][T11733] [U] xcmOkm R7"q71Mx [ 456.475566][T11733] [U]  kb>Q[&qd. l2 y0m *XA?:uⵍy.xя=q=+1P]ZV߫asn'JH^Hb9={ká+{}jA8Owc$j^Q57r [ 456.475597][T11733] [U] 0EXMAm3 [ 456.475638][T11733] [U] JЈkm9HF扖pZ@oC&;JcTy}d956E{2".#=dc`Uyi$'S O2qTg]y R|Q}zx$ +%QW9~[N((P=F߹NK7fG>jHˆ8 ں yZڰ*'o:"PN+?3W9/k [ 456.475680][T11733] [U] xBMDM1.) Ȍz#fe Bl6 :A'qHUZI)= [ 456.475718][T11733] [U] [ 456.475755][T11733] [U] ɉPE@nؙj4g [ 456.475771][T11733] [U] d+` >K=Vl+7#4hu)CjomV [ 456.475794][T11733] [U] I\}pS -L=53JRzLHqE܇xw9§j)@e+ f?<]l9hh [ 456.476168][T11733] [U] 2[[|-!!wD5hhQ`ƺ9ïɶ@q6G@-P _GKҧl 2yV [ 456.476199][T11733] [U] 2C xW [ 456.476224][T11733] [U] %P?<,{x) [ 456.476239][T11733] [U] ك+quB [ 456.476250][T11733] [U] ` C [ 456.476285][T11733] [U] d^٫{p}y0XF5ONʂ@}z* Rݤ8kMĽj┴ u#Y[a Q[y޶#G?Љi?EPy9A<_Ok [ 456.476311][T11733] [U] *e]C,@=W]\ [ 456.476349][T11733] [U] |Ot#^HxэBjwZA[&xDpk0u@8Վф*:CT% 1h aP럕ziyvY+belЪ܅HPcu&:gx 9gb%nu3@6$wG F!qށ [ 456.493541][T11751] [U] / 9Ǟ`Ƶ"}Ոeχz_ [ 456.493592][T11751] [U] 8g4TFj8ѧ#r%f+0j[\'sGsKm" 9R`lZP93DLh(d|Y&̫U&P\5Lh&1H(a,#A}/>1?FH?.!S t&j,N/$lyXZ [ 456.493627][T11751] [U] sqtɰB[XnVdCG&xD4H շp' [ 456.493645][T11751] [U] @𜗑cn5TPO0p6 [ 456.493661][T11751] [U] 0nE@7 [ 456.493674][T11751] [U] b{P.vs"%m! [ 456.493702][T11751] [U] 'ئg+H!1q [ 456.493759][T11751] [U] $V( a [ 456.493781][T11751] [U] XQbdO\҅9aWBE IZ!bdQCǚGğm5EjbUF  .?<ҴD5Aʴ$x7|yS{G3|JO] ?P0õ;d<&]:&u+dɕU-*<#K.W˰DAcXu5\O/BS}mJvHFQ [ 456.496377][T11751] [U] sXp RJ;a7p+^igҐVւo>Sk9I 9d:*LNj"+JQidWXF8L$c ?[>mٸ}FH'6M3hb /ResZ̄,tN>ޱ [ 456.496841][T11751] [U] [ 456.496854][T11751] [U] }*4y@d_]'$fpnݏƀmځ޸PAM* [ 456.496872][T11751] [U] [ 456.503816][T11751] [U] Zzhi_c\1D|d5XVJ+oS"ͼࡣF[Lc;dz?{_C`#d{iM5]C?zD_@O,O Dj㤧z' [ 456.503863][T11751] [U] oϥv2-Tœ rOŔ{\DdRUEZ5Nb'F KzT3v\\}3Kr֒g&yJE,Zݘ [ 456.503894][T11751] [U] @E;Toal\9+Q_@TV~_>D,ŧƎyJ㗝!:R1cUsv$]HIݠgSUl%dߧةa [ 456.503921][T11751] [U] 8jS"L}M@cLhKkr[S]mgl:d+J [ 456.503938][T11751] [U] Ui2J$$mDzB [ 456.503969][T11751] [U] x`^~EO :_@?c5^$Y:(݌?,e]nK'Y%0Ӵ-%}oSc{ɘl$X3jѻUp,NsԬjr$z3oDbې b23n-& ~ $yzS,#%j2&ϣmf 1q _S@߃B>QU-:?4 [ 456.504001][T11751] [U] B [ 456.504036][T11751] [U] L+(ukؔ=&bn|b3s mfvo&}Yr!@{.n7hXD0 ao{Emm?[@v[/%3Ok~BCrRۯx-ig@o$X9}E)%zt94A_'#rccT>#Yũ{1Cfp~G:`ۂ0,qtz)Q3Qb{Sb}bιxӚA8r_!W [ 456.504078][T11751] [U] YedH_/?EP*0pCH[~N [ 456.504097][T11751] [U] eLȳ{q#aMwuT\h<=^ϩHE. [ 456.504120][T11751] [U] IAISK^$8rkهFٳh)XPɗ [ 456.504142][T11751] [U] L- jCՏdxRӑc|s+O{;?U^(h[YI]z6:f4@\ΝCk%h$Mv [ 456.504165][T11751] [U] < pH1*xpcV-kQ3،x`,W|p8@+;g4[ [ 456.504183][T11751] [U] e'nw3zq [ 456.504224][T11751] [U] FLJ#%b{ˁ%S;+4¡Ki[HyzZ\͘O,bB#[]+8<}cTʗBn;ʙ1a7D3^w [ 456.504260][T11751] [U] &LJNm41G`gkumLQ/IA~K7؆$}k8h6Ev"o? [ 456.504288][T11751] [U] e [ 456.504312][T11751] [U] Oǽh ){ģ6a;/ްytA94AA7]̺Y{J6Gk_8HĦhޙ U]>ۿc3ȕM;V)j#{rF8Nşh,PgV؛cL [ 456.504354][T11751] [U] Ⱦ'Xédy|KڵƷ^DO.qf\N ׯ [ 456.504856][T11751] [U] Ym;@P\&i9O [ 456.504878][T11751] [U] J`2Vla色0iDp8e9bϙae,UPs4vsnBpԐTCɫta{gqs5]0}|Ҧ [ 456.504898][T11751] [U] z3rp [ 456.504912][T11751] [U] ^U*a޸ [ 456.504927][T11751] [U] QOb([!HJzwsXiWN&~ [ 456.504962][T11751] [U] f/t#u4꛰n{X.QυͧU@Li+;t;^SInrv륗Y.]e_OSDGhfMl}3ۢ3'ԓ[tC{t3&i [ 456.504998][T11751] [U] oA3H 6"^4 [ 456.505034][T11751] [U] `HK3, [ 456.505052][T11751] [U] BBNfØF2B[АdpS6Oì0`yux#%^L0,%`o@ [ 456.505078][T11751] [U] ?41gVCRxao]{\T55tI-_4is&MT_򎗅 uz GsC\>L:d34McK]Q:fbQQ4\ [ 456.505133][T11751] [U] ev@,'V",&*OWqz^ܰ@\phE5m|oB}]'WYi0; G^&:c?hsI7?mRyả7R [ 456.505184][T11751] [U] y$ n7~k92_ J.b@&Ò{/9.[c~=L[v9)h_8_-򅽱TD],dq t$N' [ 456.505206][T11751] [U] {}< [ 456.505225][T11751] [U] {[xLq#zL/Yv,Tr3UB|U TH)e)- B_.vKOB+HrVr@8Ӏ}`\KɁ^ [ 456.505268][T11751] [U] EOڵobV:۠flCbհJ+~넴l۵,>5͹0=fgkFxbM5׭`*BCeXAx"T*k [ 456.505289][T11751] [U] O [ 456.505316][T11751] [U] Жmkg35i$W 6ͨ [a7/xox$6qlS1H³vvP:+-iwʪ^9[Ġ㡳(p&:!moxlmٱ\a?5&bo  t2-{b<G [ 456.505361][T11751] [U] ?B{=t8\*4DYqPnWj実269 1zA@ 5Nzb{M5bfkTb [ 456.505448][T11751] [U] heTdS+j(}UùTHˉ1kQxQ늿k2&G{dD~I+d:{ "6$X`:эUTf/YE>/ڎ [ 456.505473][T11751] [U] [#܏H"!OG0L7008 [ 456.505488][T11751] [U] t?$bi:K= ݵ [ 456.505505][T11751] [U] 4 j@sh줗Oݠ\>=3b' [ 456.505530][T11751] [U] nk?vF9Z/ͽ |tW.9Wk~CHɤL+R_khlXA3VbCTq4 TJ;C;3FRz=*#\7 [ 456.505558][T11751] [U] fINM*REq ? `󹨷9!`Win#uiX)~ڐ֐c [ 456.505594][T11751] [U] i[d4_X^!isߝV_v, ;8EUƤ8]8ImCVSNg_H=EsnHVm[ˡK=ҝ\[`!u"";G@VAvFCT2 [ 456.505630][T11751] [U] d#UDBZmSýb_$.{JC"^6ŠH2zvΖB4h:pj5{L,s .[4 ʙ3&o,S5SY(Y:| [ 456.505698][T11751] [U] |CiQR"i0'(<*NMb*-Wg<-7/Y(%L0HljTsya>^ي{σB]OPWZq!\Tx>v(H2Dc TX)s,~j.pU?+$8|Alz# lZ!Y yt.^'\D`Q*xɸ"fvY>iSo{OEyC8b;bkOOuHa/7׎En.8\+t'1*LUo+p^hs?[?5a{M5<~V [ 456.505831][T11751] [U] owqҕ 2nhk\M|w.,cYvG2A [ 456.505873][T11751] [U] *5XQ3?ɊK Ob! Ŧ;V9gY丈8 )aVppmVbMY@kRbRk}PjO (Hޒ=b+Pv@@ =;Aӓ[Ἱdw"[LT}L$]T%n 36P%߅7RO?ٷ[@yGT}L"2 % C$b,Ij \EIPFoLZ*d(PĒ1l/1F" 6 rѡ,|Tx3B^#x [ 456.505950][T11751] [U] C*pewu_>I{6ejCVG)=tmgAu`9 X: [ 456.505992][T11751] [U] n_i(@5SU*fL@dEҩ|z1  +?uҠ -vجqUwgɺY4蚷L\R=ijQ\{|#f~dީ'P[-& [ 456.506019][T11751] [U] l+ EȂK8@؂UrU [ 456.506056][T11751] [U] Tʅ>r [ 456.506070][T11751] [U] =paVL)BL))b]`X4 [ 456.506088][T11751] [U] -|5 Q6o.ׇ,00;)*'5;Nye^dx] .cZ_$<8dފARň2bL%iqJ*hw}<>rwU [ 456.506689][T11751] [U] bTgެ+|N-BL=ڕzE*SBMDA3_2 [+hM5&d_8A$8`é`@'4tRo &L7f<ø'IDh]˧*L^9Y|vTP*\^U{ lf&SQ"1pr.ny~->}ff!N0d##Hu(T;1o+7ds~fҵרD= [ 456.506733][T11751] [U] ixp NAd.3\@ ʒGww0Ӑkmb 1 [ 459.733123][T11768] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 459.742996][T11768] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 459.756007][T11768] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 459.766274][T11768] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 459.775340][T11768] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 460.744158][T11767] chnl_net:caif_netlink_parms(): no params data found [ 461.826966][T11768] Bluetooth: hci0: command tx timeout [ 463.493626][T11814] binder: 11812:11814 ioctl 4018620d 9 returned -22 [ 463.527123][T11813] binder: 11812:11813 ioctl 4018620d 9 returned -22 [ 463.888442][T11130] syz.0.1272 (11130) used greatest stack depth: 19312 bytes left [ 463.906996][T11768] Bluetooth: hci0: command tx timeout [ 464.289580][T11128] syz.0.1272 (11128) used greatest stack depth: 18816 bytes left [ 464.378949][T11767] bridge0: port 1(bridge_slave_0) entered blocking state [ 464.386325][T11767] bridge0: port 1(bridge_slave_0) entered disabled state [ 464.397775][T11767] bridge_slave_0: entered allmulticast mode [ 464.419377][T11767] bridge_slave_0: entered promiscuous mode [ 464.470228][T11767] bridge0: port 2(bridge_slave_1) entered blocking state [ 464.491083][T11767] bridge0: port 2(bridge_slave_1) entered disabled state [ 464.513575][T11767] bridge_slave_1: entered allmulticast mode [ 464.529145][T11767] bridge_slave_1: entered promiscuous mode [ 465.034191][T11767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 465.083025][T11767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 465.533917][T11767] team0: Port device team_slave_0 added [ 465.576467][T11134] syz.0.1272 (11134) used greatest stack depth: 17760 bytes left [ 465.797310][T11767] team0: Port device team_slave_1 added [ 465.987003][T11768] Bluetooth: hci0: command tx timeout [ 466.159008][T11767] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 466.166022][T11767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 466.233082][T11767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 466.281243][T11767] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 466.296597][T11767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 466.357012][T11767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 466.523168][T11108] smc: removing net device syz_tun with user defined pnetid ETHTOOL [ 466.544280][T11131] syz.0.1272 (11131) used greatest stack depth: 17536 bytes left [ 466.733849][T11767] hsr_slave_0: entered promiscuous mode [ 466.748268][T11767] hsr_slave_1: entered promiscuous mode [ 466.766955][T11767] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 466.786059][T11767] Cannot create hsr debugfs directory [ 467.011067][ T3475] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.215194][ T3475] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.455560][ T3475] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.662580][ T3475] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 467.849593][T11767] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 467.886754][T11767] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 467.959677][T11767] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 467.984130][T11767] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 468.067974][T11768] Bluetooth: hci0: command tx timeout [ 468.358291][ T3475] bond0: left allmulticast mode [ 468.364740][ T3475] bond_slave_0: left allmulticast mode [ 468.421215][ T3475] bond_slave_1: left allmulticast mode [ 468.437088][ T3475] bond0: left promiscuous mode [ 468.464138][ T3475] bond_slave_0: left promiscuous mode [ 468.493204][ T3475] bond_slave_1: left promiscuous mode [ 468.515697][ T3475] bridge0: port 3(bond0) entered disabled state [ 468.572741][ T3475] bridge_slave_1: left allmulticast mode [ 468.599022][ T3475] bridge_slave_1: left promiscuous mode [ 468.604984][ T3475] bridge0: port 2(bridge_slave_1) entered disabled state [ 468.666122][ T3475] bridge_slave_0: left allmulticast mode [ 468.695925][ T3475] bridge_slave_0: left promiscuous mode [ 468.702407][ T3475] bridge0: port 1(bridge_slave_0) entered disabled state [ 469.774950][ T3475] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 469.804958][ T3475] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 469.845422][ T3475] bond0 (unregistering): Released all slaves [ 469.964238][T11767] 8021q: adding VLAN 0 to HW filter on device bond0 [ 470.006075][T11767] 8021q: adding VLAN 0 to HW filter on device team0 [ 470.053781][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 470.060994][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 470.156150][ T3418] bridge0: port 2(bridge_slave_1) entered blocking state [ 470.163366][ T3418] bridge0: port 2(bridge_slave_1) entered forwarding state [ 470.772880][ T3475] hsr_slave_0: left promiscuous mode [ 470.804969][ T3475] hsr_slave_1: left promiscuous mode [ 470.837420][ T3475] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 470.845012][ T3475] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 470.888328][ T3475] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 470.909317][ T3475] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 470.986951][ T3475] veth0_macvtap: left promiscuous mode [ 470.993118][ T3475] veth1_vlan: left promiscuous mode [ 471.027935][ T3475] veth0_vlan: left promiscuous mode [ 471.218875][T11893] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1435'. [ 471.322386][T11897] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1435'. [ 472.576060][ T3475] team0 (unregistering): Port device team_slave_1 removed [ 472.651963][ T3475] team0 (unregistering): Port device team_slave_0 removed [ 473.585772][T11767] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.818630][T11767] veth0_vlan: entered promiscuous mode [ 474.932762][T11767] veth1_vlan: entered promiscuous mode [ 475.142678][T11767] veth0_macvtap: entered promiscuous mode [ 475.595246][T11767] veth1_macvtap: entered promiscuous mode [ 475.715660][T11767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.775798][T11767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.786252][T11767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.797359][T11767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.807454][T11767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 475.818040][T11767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.829530][T11767] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 475.871362][T11767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.917020][T11767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.946907][T11767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 475.977022][T11767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 475.996917][T11767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 476.007499][T11953] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1445'. [ 476.008741][T11953] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1445'. [ 476.029251][T11767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 476.055911][T11767] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 476.093342][T11767] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.286927][T11767] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.326726][T11767] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 476.377108][T11767] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 477.130188][ T7036] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 477.209837][ T7036] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 477.354451][T11968] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1449'. [ 477.382378][ T7036] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 477.433500][ T7036] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 478.389627][T11987] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1450'. [ 478.516193][T11995] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1412'. [ 478.646329][T11987] ip_vti0: entered promiscuous mode [ 480.434245][T12017] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1463'. [ 481.167956][T12038] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1455'. [ 481.959113][T12038] netdevsim netdevsim3 netdevsim2: entered allmulticast mode [ 483.778125][T12059] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1462'. [ 486.682642][T12117] [U]  [ 486.685656][T12117] [U] [ 486.688408][T12117] [U] [ 486.691153][T12117] [U] [ 486.726774][T12117] [U] [ 486.729596][T12117] [U] [ 486.732347][T12117] [U] [ 486.735101][T12117] [U] [ 486.777019][T12117] [U] [ 486.779849][T12117] [U] [ 486.782612][T12117] [U] [ 486.785370][T12117] [U] [ 486.830618][T12117] [U] [ 486.836432][T12117] [U] [ 486.841620][T12117] [U] [ 486.847157][T12117] [U] [ 486.907491][T12117] [U] [ 486.910323][T12117] [U] [ 486.913234][T12117] [U] [ 487.003314][T12116] [U] [ 487.145012][T12126] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1475'. [ 489.017786][T12166] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1481'. [ 492.292213][T12207] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1488'. [ 493.918038][T12233] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1502'. [ 495.235876][T12269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1496'. [ 496.567198][T12281] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1500'. [ 497.600497][T12292] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1505'. [ 498.637340][T12308] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1508'. [ 501.371084][T12359] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1516'. [ 505.772815][T12420] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1529'. [ 507.032183][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 507.046921][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.081435][T12459] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1535'. [ 508.063692][T12486] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1538'. [ 509.362011][T12512] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1542'. [ 510.328635][T12535] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1545'. [ 511.582291][T12569] [U]  [ 511.585212][T12569] [U] [ 511.587986][T12569] [U] [ 511.590756][T12569] [U] [ 511.632978][T12569] [U] [ 511.635820][T12569] [U] [ 511.638616][T12569] [U] [ 511.641388][T12569] [U] [ 511.683737][T12569] [U] [ 511.686781][T12569] [U] [ 511.689667][T12569] [U] [ 511.692449][T12569] [U] [ 511.724292][T12569] [U] [ 511.727136][T12569] [U] [ 511.729915][T12569] [U] [ 511.732733][T12569] [U] [ 511.787363][T12569] [U] [ 511.790241][T12569] [U] [ 511.793020][T12569] [U] [ 511.800534][T12568] [U] [ 512.484753][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 512.496451][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 512.505448][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 512.827727][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 512.837503][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 512.847132][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 513.445741][T12589] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1555'. [ 513.669344][T12608] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1559'. [ 513.714268][T12612] [U]  [ 513.717257][T12612] [U] [ 513.720018][T12612] [U] [ 513.722857][T12612] [U] [ 513.748253][T12612] [U] [ 513.751069][T12612] [U] [ 513.753820][T12612] [U] [ 513.756568][T12612] [U] [ 513.781454][T12612] [U] [ 513.784270][T12612] [U] [ 513.787827][T12612] [U] [ 513.790586][T12612] [U] [ 513.794521][T12612] [U] [ 513.797355][T12612] [U] [ 513.800214][T12612] [U] [ 513.803072][T12612] [U] [ 513.806734][T12612] [U] [ 513.809515][T12612] [U] [ 513.812395][T12612] [U] [ 513.820366][T12611] [U] [ 514.335802][T12619] netlink: 346 bytes leftover after parsing attributes in process `syz.5.1562'. [ 516.148892][T12656] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1570'. [ 516.318294][T12652] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1571'. [ 519.009925][T12695] netlink: 346 bytes leftover after parsing attributes in process `syz.4.1581'. [ 521.503505][T12726] [U]  [ 521.506447][T12726] [U] [ 521.509219][T12726] [U] [ 521.511990][T12726] [U] [ 521.545335][T12724] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1588'. [ 521.590942][T12726] [U] [ 521.593767][T12726] [U] [ 521.596566][T12726] [U] [ 521.599335][T12726] [U] [ 521.687577][T12726] [U] [ 521.690407][T12726] [U] [ 521.693176][T12726] [U] [ 521.695988][T12726] [U] [ 521.737448][T12726] [U] [ 521.740269][T12726] [U] [ 521.743043][T12726] [U] [ 521.745976][T12726] [U] [ 521.790144][T12726] [U] [ 521.793074][T12726] [U] [ 521.795864][T12726] [U] [ 521.865960][T12725] [U] [ 523.102619][T12754] nfs: Unknown parameter 'nfs' [ 523.208578][T12753] Invalid ELF header magic: != ELF [ 524.376348][T12767] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1601'. [ 531.734467][T12861] vivid-013: ================= START STATUS ================= [ 531.775239][T12861] vivid-013: Generate PTS: true [ 531.796097][T12861] vivid-013: Generate SCR: true [ 531.812862][T12861] tpg source WxH: 640x360 (Y'CbCr) [ 531.832420][T12861] tpg field: 1 [ 531.835919][T12861] tpg crop: 640x360@0x0 [ 531.860277][T12861] tpg compose: 640x360@0x0 [ 531.866265][T12861] tpg colorspace: 8 [ 531.910778][T12861] tpg transfer function: 0/0 [ 531.915478][T12861] tpg Y'CbCr encoding: 0/0 [ 531.937249][T12861] tpg quantization: 0/0 [ 531.941684][T12861] tpg RGB range: 0/2 [ 531.945661][T12861] vivid-013: ================== END STATUS ================== [ 532.217628][T12866] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1625'. [ 532.640900][T12885] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1628'. [ 533.161937][T12895] Format for deleting device is "id" (uint). [ 533.979121][T12902] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1634'. [ 534.707056][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 538.010590][T12941] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1643'. [ 538.019897][T12943] random: crng reseeded on system resumption [ 539.048260][T12961] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1647'. [ 539.872792][T12968] Invalid ELF header magic: != ELF [ 541.607057][ T29] audit: type=1326 audit(4294968710.053:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12978 comm="syz.3.1651" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd1a6185d29 code=0x0 [ 541.761734][T12983] Process accounting resumed [ 543.153065][T12999] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1656'. [ 543.641211][T13011] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1658'. [ 545.587215][T13028] Invalid ELF header magic: != ELF [ 548.698462][T13074] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1671'. [ 553.503083][T13130] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1685'. [ 556.484677][T13155] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1689'. [ 556.517257][ T29] audit: type=1326 audit(4294968724.983:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13163 comm="syz.3.1694" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd1a6185d29 code=0x0 [ 556.634377][T13164] Process accounting resumed [ 559.214876][T13198] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1700'. [ 559.809204][T13204] netlink: 346 bytes leftover after parsing attributes in process `syz.5.1701'. [ 560.300000][T13215] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1704'. [ 562.973094][T13252] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1712'. [ 563.095452][T13259] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1714'. [ 564.024979][T13269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1716'. [ 564.546471][T13262] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 564.560123][T13262] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 564.566303][T13262] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 564.580589][T13262] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 564.842694][T13262] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 564.848761][T13262] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 564.945741][T13262] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 565.873264][ T29] audit: type=1326 audit(4294969757.340:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13279 comm="syz.6.1719" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f740f585d29 code=0x0 [ 565.912632][ T5840] Bluetooth: hci3: command 0x0c1a tx timeout [ 565.930989][T13284] Process accounting resumed [ 566.640577][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 566.640777][T11768] Bluetooth: hci4: command 0x0c1a tx timeout [ 566.685647][T13313] FAULT_INJECTION: forcing a failure. [ 566.685647][T13313] name failslab, interval 1, probability 0, space 0, times 0 [ 566.710707][T13313] CPU: 1 UID: 0 PID: 13313 Comm: syz.3.1724 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 566.722102][T13313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 566.734568][T13313] Call Trace: [ 566.738269][T13313] [ 566.741377][T13313] dump_stack_lvl+0x16c/0x1f0 [ 566.746572][T13313] should_fail_ex+0x497/0x5b0 [ 566.751330][T13313] ? fs_reclaim_acquire+0xae/0x150 [ 566.756549][T13313] should_failslab+0xc2/0x120 [ 566.761414][T13313] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 566.766979][T13313] ? ptlock_alloc+0x1f/0x70 [ 566.771694][T13313] ptlock_alloc+0x1f/0x70 [ 566.776667][T13313] pte_alloc_one+0x74/0x390 [ 566.781283][T13313] do_pte_missing+0x1ae7/0x3e00 [ 566.786271][T13313] __handle_mm_fault+0x103c/0x2a40 [ 566.791867][T13313] ? __pfx___handle_mm_fault+0x10/0x10 [ 566.797497][T13313] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 566.803237][T13313] ? find_vma+0xc0/0x140 [ 566.807742][T13313] ? __pfx_find_vma+0x10/0x10 [ 566.812764][T13313] handle_mm_fault+0x3fa/0xaa0 [ 566.817716][T13313] do_user_addr_fault+0x7a3/0x13f0 [ 566.822999][T13313] exc_page_fault+0x5c/0xc0 [ 566.827577][T13313] asm_exc_page_fault+0x26/0x30 [ 566.832514][T13313] RIP: 0010:rep_movs_alternative+0x13/0x70 [ 566.838582][T13313] Code: cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f [ 566.858280][T13313] RSP: 0018:ffffc900031f79e0 EFLAGS: 00050202 [ 566.864512][T13313] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000007 [ 566.872624][T13313] RDX: fffff5200063ef4c RSI: 0000000000000000 RDI: ffffc900031f7a58 [ 566.880828][T13313] RBP: 0000000000000007 R08: 0000000000000001 R09: fffff5200063ef4b [ 566.889002][T13313] R10: ffffc900031f7a5e R11: 0000000000000000 R12: 0000000000000000 [ 566.897124][T13313] R13: ffffc900031f7a58 R14: 1ffff9200063ef45 R15: ffffc900031f7d80 [ 566.905270][T13313] _copy_from_user+0x98/0xd0 [ 566.909947][T13313] ____sys_sendmsg+0x56e/0xb40 [ 566.914804][T13313] ? __pfx_____sys_sendmsg+0x10/0x10 [ 566.920155][T13313] ? __lock_acquire+0xcc5/0x3c40 [ 566.925374][T13313] ___sys_sendmsg+0x135/0x1e0 [ 566.930178][T13313] ? __pfx____sys_sendmsg+0x10/0x10 [ 566.935484][T13313] ? trace_lock_acquire+0x14e/0x1f0 [ 566.940787][T13313] __sys_sendmmsg+0x201/0x420 [ 566.945630][T13313] ? __pfx___sys_sendmmsg+0x10/0x10 [ 566.950971][T13313] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 566.957058][T13313] ? xfd_validate_state+0x5d/0x180 [ 566.962260][T13313] ? rcu_is_watching+0x12/0xc0 [ 566.967121][T13313] __x64_sys_sendmmsg+0x9c/0x100 [ 566.972143][T13313] ? lockdep_hardirqs_on+0x7c/0x110 [ 566.977601][T13313] do_syscall_64+0xcd/0x250 [ 566.982251][T13313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 566.988232][T13313] RIP: 0033:0x7fd1a6185d29 [ 566.992707][T13313] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 567.012401][T13313] RSP: 002b:00007fd1a6f83038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 567.020879][T13313] RAX: ffffffffffffffda RBX: 00007fd1a6375fa0 RCX: 00007fd1a6185d29 [ 567.028997][T13313] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000005 [ 567.037112][T13313] RBP: 00007fd1a6f83090 R08: 0000000000000000 R09: 0000000000000000 [ 567.045142][T13313] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 567.053260][T13313] R13: 0000000000000000 R14: 00007fd1a6375fa0 R15: 00007ffc138fb558 [ 567.061316][T13313] [ 567.064880][T11768] Bluetooth: hci0: command 0x0c1a tx timeout [ 567.328500][T13320] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1725'. [ 567.905517][T13331] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1727'. [ 568.459800][T13343] netlink: 346 bytes leftover after parsing attributes in process `syz.6.1729'. [ 568.474193][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.481175][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.713379][T11768] Bluetooth: hci2: command 0x0406 tx timeout [ 569.111458][T11768] Bluetooth: hci0: command 0x0c1a tx timeout [ 571.192588][T11768] Bluetooth: hci0: command 0x0c1a tx timeout [ 571.389703][T13389] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1738'. [ 571.537445][T13393] netlink: 346 bytes leftover after parsing attributes in process `syz.6.1740'. [ 572.014879][T13399] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1741'. [ 574.194223][T13439] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1750'. [ 575.266398][T13448] ptrace attach of "./syz-executor exec"[8003] was attempted by "ڢ=otdTTWV'U@%]ˈhp2\x0a\x0cf#cӪK} z}G 9 `[:M\x09Z?@5F)̕6@9Sz>HƅTWPz\x22#'(Y龈Sxv1bGHM0HP*Kv\x0a4̎+M:#c<4kLECϟRofyĵE^\x07\x0c6F|G\x5cFW:ns=*_uDu\x22\x0b.#4=a\x0bl.`G(s\x5cփNvGg&ڞ\x1b>C\x0c0|3 gc01'rx\x0a1rI¤f*@D&h?H\x22aͺxr\x0bigW6g?e?G\x09-|~\x09ǭ-nɪ.`.7\x1bHg0Ye~l[ןY=E--fU`7 [ 579.622460][T13526] dump_stack_lvl+0x16c/0x1f0 [ 579.627226][T13526] gup_vma_lookup+0x1d2/0x220 [ 579.631980][T13526] __get_user_pages+0x236/0x3b50 [ 579.637013][T13526] ? hlock_class+0x4e/0x130 [ 579.641588][T13526] ? __lock_acquire+0x15a9/0x3c40 [ 579.646686][T13526] ? __pfx___get_user_pages+0x10/0x10 [ 579.652156][T13526] __gup_longterm_locked+0x211/0x1870 [ 579.657622][T13526] ? __pfx___lock_acquire+0x10/0x10 [ 579.662910][T13526] ? __pfx___gup_longterm_locked+0x10/0x10 [ 579.668826][T13526] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 579.674543][T13526] ? rwsem_read_trylock+0x12d/0x250 [ 579.679818][T13526] ? __pfx_rwsem_read_trylock+0x10/0x10 [ 579.685440][T13526] ? process_vm_rw_core.constprop.0+0x3ff/0x9c0 [ 579.691765][T13526] pin_user_pages_remote+0xee/0x150 [ 579.697066][T13526] ? __pfx_pin_user_pages_remote+0x10/0x10 [ 579.702981][T13526] ? down_read+0xc9/0x330 [ 579.707424][T13526] process_vm_rw_core.constprop.0+0x42b/0x9c0 [ 579.713774][T13526] ? futex_wait_queue+0x101/0x1f0 [ 579.718982][T13526] ? __pfx_process_vm_rw_core.constprop.0+0x10/0x10 [ 579.725746][T13526] process_vm_rw+0x301/0x360 [ 579.730520][T13526] ? __pfx_process_vm_rw+0x10/0x10 [ 579.735759][T13526] ? xfd_validate_state+0x5d/0x180 [ 579.740953][T13526] ? rcu_is_watching+0x12/0xc0 [ 579.745815][T13526] __x64_sys_process_vm_readv+0xe2/0x1c0 [ 579.751522][T13526] ? do_syscall_64+0x91/0x250 [ 579.756282][T13526] ? lockdep_hardirqs_on+0x7c/0x110 [ 579.761720][T13526] do_syscall_64+0xcd/0x250 [ 579.766408][T13526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.772421][T13526] RIP: 0033:0x7f740f585d29 [ 579.776922][T13526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 579.796830][T13526] RSP: 002b:00007f74103f8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000136 [ 579.805319][T13526] RAX: ffffffffffffffda RBX: 00007f740f775fa0 RCX: 00007f740f585d29 [ 579.813442][T13526] RDX: 0000000000000004 RSI: 0000000020000040 RDI: 0000000000000144 [ 579.821489][T13526] RBP: 00007f740f601b08 R08: 0000000000000004 R09: 0000000000000000 [ 579.829620][T13526] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000000 [ 579.837656][T13526] R13: 0000000000000000 R14: 00007f740f775fa0 R15: 00007fff49d07978 [ 579.845705][T13526] [ 580.120223][T13528] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1770'. [ 580.772759][T13538] Invalid ELF header magic: != ELF [ 581.368215][T13547] netlink: 346 bytes leftover after parsing attributes in process `syz.6.1774'. [ 581.399708][T13549] : entered promiscuous mode [ 581.869453][T13554] gspca_gl860.sensor: string doesn't fit in 6 chars. [ 582.513955][T13573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1780'. [ 584.341618][T13605] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1787'. [ 586.343789][T13626] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1791'. [ 587.783533][T13656] ptrace attach of "./syz-executor exec"[11231] was attempted by "./syz-executor exec"[13656] [ 588.264603][T13673] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1798'. [ 589.046733][T13692] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1804'. [ 590.619806][T13715] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1809'. [ 591.336811][T13726] netlink: 346 bytes leftover after parsing attributes in process `syz.5.1812'. [ 591.546925][T13731] can: request_module (can-proto-5) failed. [ 591.564610][T13728] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1813'. [ 592.486593][T13738] could not allocate digest TFM handle [ 592.630722][T13756] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1821'. [ 592.639877][T13756] FAULT_INJECTION: forcing a failure. [ 592.639877][T13756] name failslab, interval 1, probability 0, space 0, times 0 [ 592.663728][T13756] CPU: 1 UID: 0 PID: 13756 Comm: syz.3.1821 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 592.674242][T13756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 592.684349][T13756] Call Trace: [ 592.687670][T13756] [ 592.690633][T13756] dump_stack_lvl+0x16c/0x1f0 [ 592.695382][T13756] should_fail_ex+0x497/0x5b0 [ 592.700140][T13756] ? fs_reclaim_acquire+0xae/0x150 [ 592.705423][T13756] should_failslab+0xc2/0x120 [ 592.710184][T13756] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 592.716253][T13756] ? __alloc_skb+0x2b3/0x380 [ 592.720960][T13756] __alloc_skb+0x2b3/0x380 [ 592.725459][T13756] ? __pfx___alloc_skb+0x10/0x10 [ 592.730496][T13756] ? rtnetlink_rcv_msg+0x3e6/0xea0 [ 592.735740][T13756] netlink_ack+0x164/0xb20 [ 592.740243][T13756] netlink_rcv_skb+0x327/0x410 [ 592.745125][T13756] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 592.750678][T13756] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 592.756146][T13756] ? netlink_deliver_tap+0x1ae/0xca0 [ 592.761493][T13756] netlink_unicast+0x53c/0x7f0 [ 592.766416][T13756] ? __pfx_netlink_unicast+0x10/0x10 [ 592.771772][T13756] ? __phys_addr_symbol+0x30/0x80 [ 592.776873][T13756] ? __check_object_size+0x488/0x710 [ 592.782231][T13756] netlink_sendmsg+0x8b8/0xd70 [ 592.787075][T13756] ? __pfx_netlink_sendmsg+0x10/0x10 [ 592.792434][T13756] ____sys_sendmsg+0x9ae/0xb40 [ 592.797268][T13756] ? copy_msghdr_from_user+0x10b/0x160 [ 592.802817][T13756] ? __pfx_____sys_sendmsg+0x10/0x10 [ 592.808280][T13756] ? __lock_acquire+0xcc5/0x3c40 [ 592.813287][T13756] ? hlock_class+0x4e/0x130 [ 592.817944][T13756] ? __lock_acquire+0x15a9/0x3c40 [ 592.823050][T13756] ___sys_sendmsg+0x135/0x1e0 [ 592.827932][T13756] ? __pfx____sys_sendmsg+0x10/0x10 [ 592.833216][T13756] ? __pfx___lock_acquire+0x10/0x10 [ 592.838508][T13756] ? __pfx___might_resched+0x10/0x10 [ 592.842313][T13753] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1820'. [ 592.844349][T13756] ? __might_fault+0xe3/0x190 [ 592.844393][T13756] __sys_sendmmsg+0x201/0x420 [ 592.844428][T13756] ? __pfx___sys_sendmmsg+0x10/0x10 [ 592.844471][T13756] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 592.844532][T13756] ? fput+0x67/0x440 [ 592.844580][T13756] ? ksys_write+0x1ba/0x250 [ 592.844617][T13756] ? __pfx_ksys_write+0x10/0x10 [ 592.887573][T13756] __x64_sys_sendmmsg+0x9c/0x100 [ 592.892580][T13756] ? lockdep_hardirqs_on+0x7c/0x110 [ 592.897846][T13756] do_syscall_64+0xcd/0x250 [ 592.902430][T13756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.908397][T13756] RIP: 0033:0x7fd1a6185d29 [ 592.912866][T13756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 592.932614][T13756] RSP: 002b:00007fd1a6f83038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 592.941092][T13756] RAX: ffffffffffffffda RBX: 00007fd1a6375fa0 RCX: 00007fd1a6185d29 [ 592.949122][T13756] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000005 [ 592.957141][T13756] RBP: 00007fd1a6f83090 R08: 0000000000000000 R09: 0000000000000000 [ 592.965158][T13756] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 592.973239][T13756] R13: 0000000000000000 R14: 00007fd1a6375fa0 R15: 00007ffc138fb558 [ 592.981892][T13756] [ 593.627746][T13771] netlink: 346 bytes leftover after parsing attributes in process `syz.4.1825'. [ 594.935288][T13791] FAULT_INJECTION: forcing a failure. [ 594.935288][T13791] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 595.044431][T13791] CPU: 1 UID: 0 PID: 13791 Comm: syz.6.1830 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 595.055130][T13791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 595.065543][T13791] Call Trace: [ 595.068962][T13791] [ 595.071970][T13791] dump_stack_lvl+0x16c/0x1f0 [ 595.077535][T13791] should_fail_ex+0x497/0x5b0 [ 595.082596][T13791] _copy_to_user+0x32/0xd0 [ 595.087586][T13791] simple_read_from_buffer+0xd0/0x160 [ 595.093307][T13791] proc_fail_nth_read+0x198/0x270 [ 595.100133][T13791] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 595.105951][T13791] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 595.112916][T13791] vfs_read+0x1df/0xbe0 [ 595.117599][T13791] ? __fget_files+0x1fc/0x3a0 [ 595.122735][T13791] ? __pfx___mutex_lock+0x10/0x10 [ 595.128785][T13791] ? __pfx_vfs_read+0x10/0x10 [ 595.135718][T13791] ? __fget_files+0x206/0x3a0 [ 595.140840][T13791] ksys_read+0x12b/0x250 [ 595.145971][T13791] ? __pfx_ksys_read+0x10/0x10 [ 595.150913][T13791] do_syscall_64+0xcd/0x250 [ 595.155831][T13791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.162991][T13791] RIP: 0033:0x7f740f58473c [ 595.167536][T13791] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 595.187565][T13791] RSP: 002b:00007f74103f8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 595.196152][T13791] RAX: ffffffffffffffda RBX: 00007f740f775fa0 RCX: 00007f740f58473c [ 595.204209][T13791] RDX: 000000000000000f RSI: 00007f74103f80a0 RDI: 0000000000000004 [ 595.212326][T13791] RBP: 00007f74103f8090 R08: 0000000000000000 R09: 0000000000000000 [ 595.220702][T13791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 595.228728][T13791] R13: 0000000000000000 R14: 00007f740f775fa0 R15: 00007fff49d07978 [ 595.237022][T13791] [ 595.570058][T13782] syz.4.1828: vmalloc error: size 537399296, failed to allocated page array size 1049608, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 595.606479][T13782] CPU: 1 UID: 0 PID: 13782 Comm: syz.4.1828 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 595.617087][T13782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 595.627208][T13782] Call Trace: [ 595.630536][T13782] [ 595.633550][T13782] dump_stack_lvl+0x16c/0x1f0 [ 595.638938][T13782] warn_alloc+0x24d/0x3a0 [ 595.643363][T13782] ? __pfx_warn_alloc+0x10/0x10 [ 595.648321][T13782] ? __get_vm_area_node+0x1b0/0x2f0 [ 595.653606][T13782] ? __get_vm_area_node+0x1dc/0x2f0 [ 595.658937][T13782] __vmalloc_node_range_noprof+0x1105/0x1530 [ 595.665210][T13782] ? __pfx___lock_acquire+0x10/0x10 [ 595.670593][T13782] ? ip_set_sockfn_get+0x185/0xc50 [ 595.675806][T13782] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 595.682250][T13782] ? apparmor_capable+0x114/0x1d0 [ 595.687375][T13782] ? ip_set_sockfn_get+0x185/0xc50 [ 595.692695][T13782] vmalloc_noprof+0x6b/0x90 [ 595.697300][T13782] ? ip_set_sockfn_get+0x185/0xc50 [ 595.702494][T13782] ip_set_sockfn_get+0x185/0xc50 [ 595.707667][T13782] ? __pfx_lock_release+0x10/0x10 [ 595.712863][T13782] ? __pfx_ip_set_sockfn_get+0x10/0x10 [ 595.718414][T13782] ? nf_sockopt_find.constprop.0+0x221/0x290 [ 595.724727][T13782] nf_getsockopt+0x79/0xe0 [ 595.729212][T13782] ip_getsockopt+0x18e/0x1e0 [ 595.733926][T13782] ? __pfx_ip_getsockopt+0x10/0x10 [ 595.739130][T13782] ? __schedule+0xe60/0x5ad0 [ 595.743801][T13782] ? __pfx___lock_acquire+0x10/0x10 [ 595.749078][T13782] ipv6_getsockopt+0x230/0x280 [ 595.754010][T13782] ? __pfx_ipv6_getsockopt+0x10/0x10 [ 595.759378][T13782] ? __pfx_mark_lock+0x10/0x10 [ 595.764214][T13782] sctp_getsockopt+0x1d2/0x7ae0 [ 595.769145][T13782] ? lock_acquire+0x2f/0xb0 [ 595.773725][T13782] ? schedule+0x1fd/0x350 [ 595.778134][T13782] ? aa_label_sk_perm+0x19d/0x5a0 [ 595.783234][T13782] ? __pfx_sctp_getsockopt+0x10/0x10 [ 595.788594][T13782] ? __lock_acquire+0x15a9/0x3c40 [ 595.793749][T13782] ? __pfx___lock_acquire+0x10/0x10 [ 595.799205][T13782] ? find_held_lock+0x2d/0x110 [ 595.804037][T13782] ? __might_fault+0x13b/0x190 [ 595.808870][T13782] ? __pfx_lock_release+0x10/0x10 [ 595.814043][T13782] ? trace_lock_acquire+0x14e/0x1f0 [ 595.819348][T13782] ? lock_acquire+0x2f/0xb0 [ 595.823922][T13782] ? __might_fault+0xe3/0x190 [ 595.828696][T13782] ? __might_fault+0xe3/0x190 [ 595.833458][T13782] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 595.839449][T13782] ? do_sock_getsockopt+0x3fe/0x870 [ 595.844746][T13782] do_sock_getsockopt+0x3fe/0x870 [ 595.849847][T13782] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 595.855504][T13782] ? __x64_sys_futex+0x1e1/0x4c0 [ 595.860515][T13782] ? __x64_sys_futex+0x1ea/0x4c0 [ 595.865510][T13782] __sys_getsockopt+0x12f/0x260 [ 595.870449][T13782] __x64_sys_getsockopt+0xbd/0x160 [ 595.875636][T13782] ? do_syscall_64+0x91/0x250 [ 595.880361][T13782] ? lockdep_hardirqs_on+0x7c/0x110 [ 595.885694][T13782] do_syscall_64+0xcd/0x250 [ 595.890246][T13782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 595.896192][T13782] RIP: 0033:0x7f222b385d29 [ 595.901074][T13782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 595.920824][T13782] RSP: 002b:00007f22291f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 595.929388][T13782] RAX: ffffffffffffffda RBX: 00007f222b575fa0 RCX: 00007f222b385d29 [ 595.937588][T13782] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000001 [ 595.945697][T13782] RBP: 00007f222b401b08 R08: 0000000000000000 R09: 0000000000000000 [ 595.953719][T13782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 595.961725][T13782] R13: 0000000000000000 R14: 00007f222b575fa0 R15: 00007ffee1508f78 [ 595.969933][T13782] [ 596.062413][T13810] [U]  [ 596.065312][T13810] [U] [ 596.068067][T13810] [U] [ 596.070815][T13810] [U] [ 596.100875][T13810] [U] [ 596.103693][T13810] [U] [ 596.106566][T13810] [U] [ 596.109338][T13810] [U] [ 596.132954][T13782] Mem-Info: [ 596.137240][T13782] active_anon:12446 inactive_anon:0 isolated_anon:0 [ 596.137240][T13782] active_file:5430 inactive_file:53112 isolated_file:0 [ 596.137240][T13782] unevictable:1593 dirty:0 writeback:9 [ 596.137240][T13782] slab_reclaimable:10714 slab_unreclaimable:101770 [ 596.137240][T13782] mapped:30882 shmem:1447 pagetables:970 [ 596.137240][T13782] sec_pagetables:0 bounce:0 [ 596.137240][T13782] kernel_misc_reclaimable:0 [ 596.137240][T13782] free:1284386 free_pcp:14882 free_cma:0 [ 596.193679][T13810] [U] [ 596.196487][T13810] [U] [ 596.199251][T13810] [U] [ 596.202004][T13810] [U] [ 596.225919][T13801] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1836'. [ 596.233703][T13810] [U] [ 596.237642][T13810] [U] [ 596.240399][T13810] [U] [ 596.243173][T13810] [U] [ 596.263237][T13810] [U] [ 596.266046][T13810] [U] [ 596.268927][T13810] [U] [ 596.273045][T13782] Node 0 active_anon:49684kB inactive_anon:0kB active_file:21720kB inactive_file:212364kB unevictable:4936kB isolated(anon):0kB isolated(file):0kB mapped:119520kB dirty:0kB writeback:36kB shmem:4252kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11020kB pagetables:3880kB sec_pagetables:0kB all_unreclaimable? no [ 596.278050][T13798] [U] [ 596.318224][T13782] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:84kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no [ 596.421479][T13782] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 596.518347][T13782] lowmem_reserve[]: 0 2489 2489 0 0 [ 596.523732][T13782] Node 0 DMA32 free:1271424kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:49324kB inactive_anon:0kB active_file:21720kB inactive_file:213204kB unevictable:3660kB writepending:72kB present:3129332kB managed:2549224kB mlocked:2124kB bounce:0kB free_pcp:1452kB local_pcp:96kB free_cma:0kB [ 596.605314][T13782] lowmem_reserve[]: 0 0 0 0 0 [ 596.610306][T13782] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:40kB inactive_anon:0kB active_file:0kB inactive_file:324kB unevictable:0kB writepending:0kB present:1048580kB managed:364kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 596.675398][T13782] lowmem_reserve[]: 0 0 0 0 0 [ 596.680291][T13782] Node 1 Normal free:3854932kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:1544kB writepending:0kB present:4194300kB managed:4111164kB mlocked:8kB bounce:0kB free_pcp:54384kB local_pcp:28392kB free_cma:0kB [ 596.762688][T13782] lowmem_reserve[]: 0 0 0 0 0 [ 596.775040][T13818] netlink: 346 bytes leftover after parsing attributes in process `syz.6.1837'. [ 596.824827][T13782] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 596.888611][T13782] Node 0 DMA32: 20*4kB (UE) 1149*8kB (ME) 1225*16kB (ME) 939*32kB (UME) 533*64kB (ME) 250*128kB (UME) 143*256kB (UM) 98*512kB (UME) 50*1024kB (UME) 18*2048kB (UME) 235*4096kB (UM) = 1262440kB [ 596.909030][T13782] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 596.922162][T13782] Node 1 Normal: 84*4kB (UME) 83*8kB (UME) 84*16kB (UME) 133*32kB (UME) 107*64kB (UME) 78*128kB (UME) 63*256kB (UME) 30*512kB (UME) 11*1024kB (UME) 6*2048kB (UME) 922*4096kB (M) = 3854984kB [ 596.942167][T13782] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 596.952357][T13782] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 596.962494][T13782] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 596.995863][T13782] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 597.027859][T13782] 60590 total pagecache pages [ 597.032715][T13782] 0 pages in swap cache [ 597.084020][T13782] Free swap = 124276kB [ 597.101927][T13782] Total swap = 124996kB [ 597.115814][T13782] 2097051 pages RAM [ 597.132813][T13782] 0 pages HighMem/MovableOnly [ 597.153825][T13782] 428023 pages reserved [ 597.184472][T13782] 0 pages cma reserved [ 598.549854][T13846] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1847'. [ 598.913637][T13852] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1849'. [ 600.462048][T13874] [U]  [ 600.464954][T13874] [U] [ 600.467712][T13874] [U] [ 600.470462][T13874] [U] [ 600.492632][T13874] [U] [ 600.495426][T13874] [U] [ 600.498225][T13874] [U] [ 600.500983][T13874] [U] [ 600.518542][T13874] [U] [ 600.521361][T13874] [U] [ 600.524133][T13874] [U] [ 600.526907][T13874] [U] [ 600.545733][T13874] [U] [ 600.548814][T13874] [U] [ 600.551585][T13874] [U] [ 600.554369][T13874] [U] [ 600.588588][T13874] [U] [ 600.591410][T13874] [U] [ 600.594182][T13874] [U] [ 600.620523][T13873] [U] [ 603.024705][T13912] random: crng reseeded on system resumption [ 603.138402][T13918] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1867'. [ 603.184822][T13920] [U]  [ 603.187819][T13920] [U] [ 603.190598][T13920] [U] [ 603.193471][T13920] [U] [ 603.234404][T13920] [U] [ 603.237239][T13920] [U] [ 603.240048][T13920] [U] [ 603.242872][T13920] [U] [ 603.298982][T13920] [U] [ 603.301968][T13920] [U] [ 603.305280][T13920] [U] [ 603.308105][T13920] [U] [ 603.311108][T13920] [U] [ 603.313989][T13920] [U] [ 603.316758][T13920] [U] [ 603.319717][T13920] [U] [ 603.322763][T13920] [U] [ 603.325640][T13920] [U] [ 603.328435][T13920] [U] [ 603.335046][T13919] [U] [ 603.963520][T13923] Invalid ELF header magic: != ELF [ 604.304958][T13933] netlink: 294 bytes leftover after parsing attributes in process `syz.3.1873'. [ 604.335372][T13936] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 604.407662][T13925] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1868'. [ 604.570094][T13925] geneve1: entered allmulticast mode [ 606.071009][T13959] [U]  [ 606.073912][T13959] [U] [ 606.076765][T13959] [U] [ 606.079547][T13959] [U] [ 606.082550][T13959] [U] [ 606.085325][T13959] [U] [ 606.088173][T13959] [U] [ 606.090941][T13959] [U] [ 606.109926][T13959] [U] [ 606.112750][T13959] [U] [ 606.115560][T13959] [U] [ 606.118335][T13959] [U] [ 606.164002][T13959] [U] [ 606.166867][T13959] [U] [ 606.169822][T13959] [U] [ 606.172634][T13959] [U] [ 606.230046][T13959] [U] [ 606.232856][T13959] [U] [ 606.235605][T13959] [U] [ 606.242357][T13958] [U] [ 606.892095][T13969] netlink: 346 bytes leftover after parsing attributes in process `syz.5.1881'. [ 608.541292][T14001] netlink: 346 bytes leftover after parsing attributes in process `syz.4.1892'. [ 608.653876][T13999] FAULT_INJECTION: forcing a failure. [ 608.653876][T13999] name failslab, interval 1, probability 0, space 0, times 0 [ 608.669134][T14007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1894'. [ 608.679785][T14010] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1894'. [ 608.721786][T13999] CPU: 0 UID: 0 PID: 13999 Comm: syz.5.1893 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 608.732297][T13999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 608.742412][T13999] Call Trace: [ 608.745735][T13999] [ 608.748708][T13999] dump_stack_lvl+0x16c/0x1f0 [ 608.753461][T13999] should_fail_ex+0x497/0x5b0 [ 608.758227][T13999] ? fs_reclaim_acquire+0xae/0x150 [ 608.763420][T13999] should_failslab+0xc2/0x120 [ 608.768193][T13999] __kmalloc_noprof+0xce/0x4f0 [ 608.773025][T13999] ? copy_splice_read+0x1a8/0xb90 [ 608.778214][T13999] copy_splice_read+0x1a8/0xb90 [ 608.783180][T13999] ? __pfx_copy_splice_read+0x10/0x10 [ 608.788629][T13999] ? pipe_lock+0x64/0x80 [ 608.793130][T13999] ? __fget_files+0x1fc/0x3a0 [ 608.797948][T13999] ? trace_lock_acquire+0x14e/0x1f0 [ 608.803240][T13999] sock_splice_read+0xe9/0x110 [ 608.808077][T13999] ? __pfx_sock_splice_read+0x10/0x10 [ 608.813555][T13999] do_splice_read+0x282/0x370 [ 608.818309][T13999] splice_file_to_pipe+0x109/0x120 [ 608.823636][T13999] do_sendfile+0x3fd/0xe30 [ 608.828325][T13999] ? __pfx_do_sendfile+0x10/0x10 [ 608.833340][T13999] ? __fget_files+0x206/0x3a0 [ 608.838109][T13999] __x64_sys_sendfile64+0x1da/0x220 [ 608.843500][T13999] ? ksys_write+0x1ba/0x250 [ 608.848130][T13999] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 608.853966][T13999] do_syscall_64+0xcd/0x250 [ 608.858572][T13999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.864564][T13999] RIP: 0033:0x7f10f7185d29 [ 608.869039][T13999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.888818][T13999] RSP: 002b:00007f10f8091038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 608.897350][T13999] RAX: ffffffffffffffda RBX: 00007f10f7375fa0 RCX: 00007f10f7185d29 [ 608.905473][T13999] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 608.913676][T13999] RBP: 00007f10f8091090 R08: 0000000000000000 R09: 0000000000000000 [ 608.921708][T13999] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 608.929737][T13999] R13: 0000000000000000 R14: 00007f10f7375fa0 R15: 00007ffd2ed73e18 [ 608.937776][T13999] [ 610.672379][T14040] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1900'. [ 610.928448][T14052] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1904'. [ 611.764434][T14072] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1908'. [ 611.849799][T14067] svc: failed to register nfsdv3 RPC service (errno 111). [ 611.938049][T14067] svc: failed to register nfsaclv3 RPC service (errno 111). [ 612.011112][T14065] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1908'. [ 612.263290][ T29] audit: type=1800 audit(4294969803.707:13): pid=14081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1913" name="members" dev="configfs" ino=51744 res=0 errno=0 [ 612.300780][T14081] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1913'. [ 612.718988][T14085] netlink: 346 bytes leftover after parsing attributes in process `syz.4.1915'. [ 616.100902][ T29] audit: type=1807 audit(4294969807.545:14): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 616.119245][T14146] ima: policy update failed [ 616.169173][ T29] audit: type=1802 audit(4294969807.565:15): pid=14146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.1926" res=0 errno=0 [ 616.234042][ T29] audit: type=1802 audit(4294969807.595:16): pid=14146 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1926" res=0 errno=0 [ 616.260339][T14149] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1927'. [ 617.249821][T14162] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1931'. [ 620.035489][T14200] [U] [ 620.038315][T14200] [U] [ 620.041218][T14200] [U] [ 620.043973][T14200] [U] [ 620.048159][T14200] [U] [ 620.050945][T14200] [U] [ 620.053684][T14200] [U] [ 620.056446][T14200] [U] [ 620.125945][T14200] [U] [ 620.128761][T14200] [U] [ 620.131532][T14200] [U] [ 620.134283][T14200] [U] [ 620.138730][T14200] [U] [ 620.141522][T14200] [U] [ 620.144284][T14200] [U] [ 620.147044][T14200] [U] [ 620.151506][T14200] [U] [ 620.154284][T14200] [U] [ 620.157034][T14200] [U] [ 620.159789][T14200] [U] [ 620.163687][T14200] [U] [ 620.166465][T14200] [U] [ 620.169225][T14200] [U] [ 620.171982][T14200] [U] [ 620.176235][T14200] [U] [ 620.179015][T14200] [U] [ 620.181776][T14200] [U] [ 620.184539][T14200] [U] [ 620.189551][T14200] [U] [ 620.192334][T14200] [U] [ 620.195094][T14200] [U] [ 620.197846][T14200] [U] [ 620.201579][T14200] [U] [ 620.204349][T14200] [U] [ 620.207103][T14200] [U] [ 620.209852][T14200] [U] [ 620.214985][T14200] [U] [ 620.217760][T14200] [U] [ 620.220510][T14200] [U] [ 620.223256][T14200] [U] [ 620.236074][T14200] [U] [ 620.238888][T14200] [U] [ 620.241643][T14200] [U] [ 620.244391][T14200] [U] [ 620.720358][T14200] [U] [ 620.723171][T14200] [U] [ 620.725927][T14200] [U] [ 620.728776][T14200] [U] [ 620.788597][T14200] [U] [ 620.791415][T14200] [U] [ 620.794191][T14200] [U] [ 620.797043][T14200] [U] [ 620.872773][T14200] [U] [ 620.875620][T14200] [U] [ 620.878392][T14200] [U] [ 620.881189][T14200] [U] [ 620.921079][T14200] [U] [ 624.110572][T14251] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1951'. [ 627.619653][T14313] erspan0: entered allmulticast mode [ 629.086727][T14336] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1965'. [ 629.946142][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.956772][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 634.065448][T14436] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1982'. [ 634.547643][T14443] netlink: zone id is out of range [ 634.552988][T14443] netlink: zone id is out of range [ 640.067750][T14496] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1989'. [ 641.186354][T14527] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1998'. [ 642.785602][T14548] FAULT_INJECTION: forcing a failure. [ 642.785602][T14548] name failslab, interval 1, probability 0, space 0, times 0 [ 642.848331][T14548] CPU: 0 UID: 0 PID: 14548 Comm: syz.4.2001 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 642.859029][T14548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 642.869233][T14548] Call Trace: [ 642.872562][T14548] [ 642.875547][T14548] dump_stack_lvl+0x16c/0x1f0 [ 642.880319][T14548] should_fail_ex+0x497/0x5b0 [ 642.885252][T14548] should_failslab+0xc2/0x120 [ 642.890018][T14548] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 642.895483][T14548] ? skb_clone+0x190/0x3f0 [ 642.899981][T14548] skb_clone+0x190/0x3f0 [ 642.904313][T14548] netlink_deliver_tap+0xafd/0xca0 [ 642.909520][T14548] netlink_dump+0xb60/0xd00 [ 642.914096][T14548] ? __pfx_netlink_dump+0x10/0x10 [ 642.919279][T14548] ? lock_acquire+0x2f/0xb0 [ 642.923844][T14548] ? netlink_lookup+0x3d/0x270 [ 642.928807][T14548] __netlink_dump_start+0x6d9/0x980 [ 642.934623][T14548] smc_diag_handler_dump+0x1fb/0x240 [ 642.940280][T14548] ? __pfx_smc_diag_handler_dump+0x10/0x10 [ 642.946164][T14548] ? __pfx_smc_diag_dump+0x10/0x10 [ 642.951381][T14548] sock_diag_rcv_msg+0x437/0x790 [ 642.956398][T14548] netlink_rcv_skb+0x165/0x410 [ 642.961335][T14548] ? __pfx_sock_diag_rcv_msg+0x10/0x10 [ 642.966880][T14548] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 642.972366][T14548] ? netlink_deliver_tap+0x1ae/0xca0 [ 642.977741][T14548] netlink_unicast+0x53c/0x7f0 [ 642.982693][T14548] ? __pfx_netlink_unicast+0x10/0x10 [ 642.988067][T14548] ? __phys_addr_symbol+0x30/0x80 [ 642.993234][T14548] ? __check_object_size+0x488/0x710 [ 642.998620][T14548] netlink_sendmsg+0x8b8/0xd70 [ 643.003486][T14548] ? __pfx_netlink_sendmsg+0x10/0x10 [ 643.008877][T14548] sock_write_iter+0x4fe/0x5b0 [ 643.013722][T14548] ? __pfx_sock_write_iter+0x10/0x10 [ 643.019100][T14548] ? bpf_lsm_file_permission+0x9/0x10 [ 643.024589][T14548] ? security_file_permission+0x71/0x210 [ 643.030320][T14548] vfs_write+0x5ae/0x1150 [ 643.034750][T14548] ? __pfx_sock_write_iter+0x10/0x10 [ 643.040127][T14548] ? __pfx_vfs_write+0x10/0x10 [ 643.044969][T14548] ? __fget_files+0x40/0x3a0 [ 643.049661][T14548] ksys_write+0x207/0x250 [ 643.054065][T14548] ? __pfx_ksys_write+0x10/0x10 [ 643.059087][T14548] do_syscall_64+0xcd/0x250 [ 643.063689][T14548] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.069667][T14548] RIP: 0033:0x7f222b385d29 [ 643.074146][T14548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 643.093840][T14548] RSP: 002b:00007f22291f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 643.102714][T14548] RAX: ffffffffffffffda RBX: 00007f222b575fa0 RCX: 00007f222b385d29 [ 643.110915][T14548] RDX: 00000000000002fb RSI: 0000000020000000 RDI: 0000000000000004 [ 643.118945][T14548] RBP: 00007f22291f6090 R08: 0000000000000000 R09: 0000000000000000 [ 643.126982][T14548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 643.135101][T14548] R13: 0000000000000000 R14: 00007f222b575fa0 R15: 00007ffee1508f78 [ 643.143326][T14548] [ 643.864499][T14564] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(14) [ 643.914447][T14563] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(14) [ 644.265611][T14559] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2004'. [ 645.042325][T14573] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2007'. [ 646.873101][T14592] netlink: 'syz.3.2012': attribute type 1 has an invalid length. [ 647.036014][T14589] svc: failed to register nfsdv3 RPC service (errno 111). [ 647.076235][T14589] svc: failed to register nfsaclv3 RPC service (errno 111). [ 647.792186][T14598] FAULT_INJECTION: forcing a failure. [ 647.792186][T14598] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 647.840754][T14598] CPU: 0 UID: 0 PID: 14598 Comm: syz.6.2013 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 647.851283][T14598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 647.861404][T14598] Call Trace: [ 647.864753][T14598] [ 647.867744][T14598] dump_stack_lvl+0x16c/0x1f0 [ 647.872501][T14598] should_fail_ex+0x497/0x5b0 [ 647.877241][T14598] _copy_to_user+0x32/0xd0 [ 647.881723][T14598] simple_read_from_buffer+0xd0/0x160 [ 647.887173][T14598] proc_fail_nth_read+0x198/0x270 [ 647.892307][T14598] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 647.897938][T14598] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 647.903573][T14598] vfs_read+0x1df/0xbe0 [ 647.907816][T14598] ? __fget_files+0x1fc/0x3a0 [ 647.912563][T14598] ? __pfx___mutex_lock+0x10/0x10 [ 647.917664][T14598] ? __pfx_vfs_read+0x10/0x10 [ 647.922425][T14598] ? __fget_files+0x206/0x3a0 [ 647.927188][T14598] ksys_read+0x12b/0x250 [ 647.931497][T14598] ? __pfx_ksys_read+0x10/0x10 [ 647.936341][T14598] do_syscall_64+0xcd/0x250 [ 647.940927][T14598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 647.946897][T14598] RIP: 0033:0x7f740f58473c [ 647.951365][T14598] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 647.971039][T14598] RSP: 002b:00007f74103f8030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 647.979528][T14598] RAX: ffffffffffffffda RBX: 00007f740f775fa0 RCX: 00007f740f58473c [ 647.987560][T14598] RDX: 000000000000000f RSI: 00007f74103f80a0 RDI: 0000000000000005 [ 647.995589][T14598] RBP: 00007f74103f8090 R08: 0000000000000000 R09: 0000000000000000 [ 648.003617][T14598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 648.011680][T14598] R13: 0000000000000000 R14: 00007f740f775fa0 R15: 00007fff49d07978 [ 648.019730][T14598] [ 648.369336][T14607] Invalid ELF header magic: != ELF [ 648.862625][T14616] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2018'. [ 649.262952][T14608] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2016'. [ 649.567211][T14608] geneve1: entered allmulticast mode [ 653.059604][T14679] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2029'. [ 656.005289][T14756] sd 0:0:1:0: PR command failed: 1026 [ 656.038293][T14756] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 656.051168][T14756] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 656.960452][T14767] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 657.554103][T14778] sctp: [Deprecated]: syz.3.2048 (pid 14778) Use of int in maxseg socket option. [ 657.554103][T14778] Use struct sctp_assoc_value instead [ 657.919483][T14783] [U]  [ 657.922384][T14783] [U] [ 657.925248][T14783] [U] [ 657.928018][T14783] [U] [ 657.931810][T14783] [U] [ 657.934602][T14783] [U] [ 657.937395][T14783] [U] [ 657.940159][T14783] [U] [ 657.955143][T14783] [U] [ 657.957962][T14783] [U] [ 657.960726][T14783] [U] [ 657.963498][T14783] [U] [ 658.003973][T14783] [U] [ 658.006787][T14783] [U] [ 658.009547][T14783] [U] [ 658.012312][T14783] [U] [ 658.036646][T14783] [U] [ 658.039461][T14783] [U] [ 658.042245][T14783] [U] [ 658.064190][T14786] FAULT_INJECTION: forcing a failure. [ 658.064190][T14786] name failslab, interval 1, probability 0, space 0, times 0 [ 658.078380][T14782] [U] [ 658.097530][T14786] CPU: 1 UID: 0 PID: 14786 Comm: syz.4.2050 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 658.108050][T14786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 658.118173][T14786] Call Trace: [ 658.121510][T14786] [ 658.124487][T14786] dump_stack_lvl+0x16c/0x1f0 [ 658.129252][T14786] should_fail_ex+0x497/0x5b0 [ 658.134005][T14786] ? fs_reclaim_acquire+0xae/0x150 [ 658.139202][T14786] should_failslab+0xc2/0x120 [ 658.143963][T14786] __kmalloc_noprof+0xce/0x4f0 [ 658.148808][T14786] ? __register_sysctl_table+0xeac/0x18c0 [ 658.154619][T14786] __register_sysctl_table+0xeac/0x18c0 [ 658.160260][T14786] ? __pfx___register_sysctl_table+0x10/0x10 [ 658.166322][T14786] ? is_module_address+0x2a/0x50 [ 658.171339][T14786] ? register_net_sysctl_sz+0x228/0x3e0 [ 658.176985][T14786] __devinet_sysctl_register+0x1b5/0x360 [ 658.182695][T14786] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 658.188922][T14786] ? trace_kmalloc+0x2d/0xd0 [ 658.193602][T14786] ? devinet_init_net+0xeb/0x8f0 [ 658.198870][T14786] ? __pfx_devinet_init_net+0x10/0x10 [ 658.204400][T14786] ? __pfx_devinet_init_net+0x10/0x10 [ 658.209863][T14786] devinet_init_net+0x33d/0x8f0 [ 658.214797][T14786] ? __pfx_devinet_init_net+0x10/0x10 [ 658.220245][T14786] ops_init+0x1df/0x5f0 [ 658.224476][T14786] setup_net+0x21f/0x860 [ 658.228802][T14786] ? __pfx_setup_net+0x10/0x10 [ 658.233635][T14786] ? down_read_killable+0xcc/0x380 [ 658.238837][T14786] ? __pfx_down_read_killable+0x10/0x10 [ 658.244479][T14786] ? debug_mutex_init+0x37/0x70 [ 658.249458][T14786] copy_net_ns+0x2b4/0x6c0 [ 658.253960][T14786] create_new_namespaces+0x3ea/0xad0 [ 658.259352][T14786] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 658.265059][T14786] ksys_unshare+0x45d/0xa40 [ 658.269627][T14786] ? __pfx_ksys_unshare+0x10/0x10 [ 658.274705][T14786] ? xfd_validate_state+0x5d/0x180 [ 658.279864][T14786] __x64_sys_unshare+0x31/0x40 [ 658.284670][T14786] do_syscall_64+0xcd/0x250 [ 658.289223][T14786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 658.295171][T14786] RIP: 0033:0x7f222b385d29 [ 658.299654][T14786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 658.319332][T14786] RSP: 002b:00007f22291f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 658.327801][T14786] RAX: ffffffffffffffda RBX: 00007f222b575fa0 RCX: 00007f222b385d29 [ 658.335827][T14786] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 658.343860][T14786] RBP: 00007f222b401b08 R08: 0000000000000000 R09: 0000000000000000 [ 658.351886][T14786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 658.360010][T14786] R13: 0000000000000000 R14: 00007f222b575fa0 R15: 00007ffee1508f78 [ 658.368051][T14786] [ 658.427824][T14786] sysctl could not get directory: /net/ipv4/conf/default -12 [ 660.143936][T14830] ================================================================== [ 660.152078][T14830] BUG: KASAN: slab-use-after-free in force_suspend_read+0x12e/0x150 [ 660.160196][T14830] Read of size 1 at addr ffff888027d12230 by task syz.3.2062/14830 [ 660.168118][T14830] [ 660.170458][T14830] CPU: 0 UID: 0 PID: 14830 Comm: syz.3.2062 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 660.180930][T14830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 660.191012][T14830] Call Trace: [ 660.194313][T14830] [ 660.197274][T14830] dump_stack_lvl+0x116/0x1f0 [ 660.202002][T14830] print_report+0xc3/0x620 [ 660.206464][T14830] ? __virt_addr_valid+0x5e/0x590 [ 660.211619][T14830] ? __phys_addr+0xc6/0x150 [ 660.216278][T14830] kasan_report+0xd9/0x110 [ 660.220741][T14830] ? force_suspend_read+0x12e/0x150 [ 660.225973][T14830] ? force_suspend_read+0x12e/0x150 [ 660.231208][T14830] force_suspend_read+0x12e/0x150 [ 660.236263][T14830] ? __pfx_force_suspend_read+0x10/0x10 [ 660.241850][T14830] full_proxy_read+0xfd/0x1b0 [ 660.246554][T14830] ? __pfx_full_proxy_read+0x10/0x10 [ 660.251868][T14830] vfs_read+0x1df/0xbe0 [ 660.256058][T14830] ? __fget_files+0x1fc/0x3a0 [ 660.260944][T14830] ? __pfx___mutex_lock+0x10/0x10 [ 660.266015][T14830] ? __pfx_vfs_read+0x10/0x10 [ 660.270824][T14830] ? __fget_files+0x206/0x3a0 [ 660.275552][T14830] ksys_read+0x12b/0x250 [ 660.279826][T14830] ? __pfx_ksys_read+0x10/0x10 [ 660.284629][T14830] do_syscall_64+0xcd/0x250 [ 660.289201][T14830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.295144][T14830] RIP: 0033:0x7fd1a6185d29 [ 660.299591][T14830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.319241][T14830] RSP: 002b:00007fd1a6f83038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 660.327687][T14830] RAX: ffffffffffffffda RBX: 00007fd1a6375fa0 RCX: 00007fd1a6185d29 [ 660.335684][T14830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 660.343681][T14830] RBP: 00007fd1a6201b08 R08: 0000000000000000 R09: 0000000000000000 [ 660.351701][T14830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 660.359708][T14830] R13: 0000000000000000 R14: 00007fd1a6375fa0 R15: 00007ffc138fb558 [ 660.367750][T14830] [ 660.370789][T14830] [ 660.373148][T14830] Allocated by task 7035: [ 660.377489][T14830] kasan_save_stack+0x33/0x60 [ 660.382203][T14830] kasan_save_track+0x14/0x30 [ 660.386914][T14830] __kasan_kmalloc+0xaa/0xb0 [ 660.391532][T14830] __kmalloc_noprof+0x21a/0x4f0 [ 660.396418][T14830] ieee802_11_parse_elems_full+0xe6/0x1630 [ 660.402271][T14830] ieee80211_inform_bss+0xf1/0x10f0 [ 660.407552][T14830] cfg80211_inform_single_bss_data+0x8b1/0x1e40 [ 660.413839][T14830] cfg80211_inform_bss_data+0x254/0x3e40 [ 660.419510][T14830] cfg80211_inform_bss_frame_data+0x252/0x8a0 [ 660.425700][T14830] ieee80211_bss_info_update+0x311/0xab0 [ 660.431372][T14830] ieee80211_ibss_rx_queued_mgmt+0x1956/0x3040 [ 660.437562][T14830] ieee80211_iface_work+0xc0b/0xf00 [ 660.442795][T14830] cfg80211_wiphy_work+0x3de/0x560 [ 660.447940][T14830] process_one_work+0x958/0x1b30 [ 660.452901][T14830] worker_thread+0x6c8/0xf00 [ 660.457512][T14830] kthread+0x2c1/0x3a0 [ 660.461631][T14830] ret_from_fork+0x45/0x80 [ 660.466070][T14830] ret_from_fork_asm+0x1a/0x30 [ 660.470885][T14830] [ 660.473224][T14830] Freed by task 7035: [ 660.477219][T14830] kasan_save_stack+0x33/0x60 [ 660.481931][T14830] kasan_save_track+0x14/0x30 [ 660.486639][T14830] kasan_save_free_info+0x3b/0x60 [ 660.491689][T14830] __kasan_slab_free+0x51/0x70 [ 660.496496][T14830] kfree+0x14f/0x4b0 [ 660.500429][T14830] ieee80211_inform_bss+0xa36/0x10f0 [ 660.505752][T14830] cfg80211_inform_single_bss_data+0x8b1/0x1e40 [ 660.512088][T14830] cfg80211_inform_bss_data+0x254/0x3e40 [ 660.517787][T14830] cfg80211_inform_bss_frame_data+0x252/0x8a0 [ 660.523888][T14830] ieee80211_bss_info_update+0x311/0xab0 [ 660.529556][T14830] ieee80211_ibss_rx_queued_mgmt+0x1956/0x3040 [ 660.535755][T14830] ieee80211_iface_work+0xc0b/0xf00 [ 660.540994][T14830] cfg80211_wiphy_work+0x3de/0x560 [ 660.546139][T14830] process_one_work+0x958/0x1b30 [ 660.551099][T14830] worker_thread+0x6c8/0xf00 [ 660.555737][T14830] kthread+0x2c1/0x3a0 [ 660.559921][T14830] ret_from_fork+0x45/0x80 [ 660.564356][T14830] ret_from_fork_asm+0x1a/0x30 [ 660.569174][T14830] [ 660.571528][T14830] The buggy address belongs to the object at ffff888027d12000 [ 660.571528][T14830] which belongs to the cache kmalloc-1k of size 1024 [ 660.585609][T14830] The buggy address is located 560 bytes inside of [ 660.585609][T14830] freed 1024-byte region [ffff888027d12000, ffff888027d12400) [ 660.599524][T14830] [ 660.601863][T14830] The buggy address belongs to the physical page: [ 660.608310][T14830] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888027d10000 pfn:0x27d10 [ 660.618404][T14830] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 660.626924][T14830] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 660.635542][T14830] page_type: f5(slab) [ 660.639555][T14830] raw: 00fff00000000240 ffff88801b041dc0 ffffea00017c2810 ffffea0001f7e010 [ 660.648247][T14830] raw: ffff888027d10000 000000000010000a 00000001f5000000 0000000000000000 [ 660.656942][T14830] head: 00fff00000000240 ffff88801b041dc0 ffffea00017c2810 ffffea0001f7e010 [ 660.665752][T14830] head: ffff888027d10000 000000000010000a 00000001f5000000 0000000000000000 [ 660.674455][T14830] head: 00fff00000000003 ffffea00009f4401 ffffffffffffffff 0000000000000000 [ 660.683164][T14830] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 660.691852][T14830] page dumped because: kasan: bad access detected [ 660.698296][T14830] page_owner tracks the page as allocated [ 660.704036][T14830] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x252800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP|__GFP_THISNODE), pid 218, tgid 218 (kworker/u8:5), ts 14936020834, free_ts 0 [ 660.722579][T14830] post_alloc_hook+0x2d1/0x350 [ 660.727395][T14830] get_page_from_freelist+0xfce/0x2f80 [ 660.732893][T14830] __alloc_pages_noprof+0x221/0x2470 [ 660.738239][T14830] new_slab+0xca/0x410 [ 660.742331][T14830] ___slab_alloc+0xcda/0x1660 [ 660.747382][T14830] __slab_alloc.constprop.0+0x56/0xb0 [ 660.752784][T14830] __kmalloc_node_noprof+0x2f0/0x520 [ 660.758106][T14830] blk_alloc_flush_queue+0x111/0x2c0 [ 660.763420][T14830] blk_mq_alloc_and_init_hctx+0xc6c/0x11b0 [ 660.769257][T14830] blk_mq_realloc_hw_ctxs+0x8e0/0xbe0 [ 660.774658][T14830] blk_mq_init_allocated_queue+0x39e/0x11f0 [ 660.780672][T14830] blk_mq_alloc_queue+0x1c3/0x290 [ 660.785998][T14830] scsi_alloc_sdev+0x890/0xd80 [ 660.790930][T14830] scsi_probe_and_add_lun+0x789/0xda0 [ 660.796435][T14830] __scsi_scan_target+0x1ea/0x580 [ 660.801490][T14830] scsi_scan_channel+0x149/0x1e0 [ 660.806488][T14830] page_owner free stack trace missing [ 660.811961][T14830] [ 660.814300][T14830] Memory state around the buggy address: [ 660.820030][T14830] ffff888027d12100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 660.828122][T14830] ffff888027d12180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 660.836214][T14830] >ffff888027d12200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 660.844310][T14830] ^ [ 660.849957][T14830] ffff888027d12280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 660.858071][T14830] ffff888027d12300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 660.866153][T14830] ================================================================== [ 660.874342][ C0] vkms_vblank_simulate: vblank timer overrun [ 660.987542][T14830] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 660.995326][T14830] CPU: 1 UID: 0 PID: 14830 Comm: syz.3.2062 Not tainted 6.13.0-syzkaller-00918-g95ec54a420b8 #0 [ 661.005793][T14830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 661.015902][T14830] Call Trace: [ 661.019225][T14830] [ 661.022201][T14830] dump_stack_lvl+0x3d/0x1f0 [ 661.026872][T14830] panic+0x71d/0x800 [ 661.030930][T14830] ? __pfx_panic+0x10/0x10 [ 661.035407][T14830] ? preempt_schedule_thunk+0x1a/0x30 [ 661.040839][T14830] ? preempt_schedule_common+0x44/0xc0 [ 661.046362][T14830] check_panic_on_warn+0xab/0xb0 [ 661.051360][T14830] end_report+0x117/0x180 [ 661.055744][T14830] kasan_report+0xe9/0x110 [ 661.060218][T14830] ? force_suspend_read+0x12e/0x150 [ 661.065465][T14830] ? force_suspend_read+0x12e/0x150 [ 661.070716][T14830] force_suspend_read+0x12e/0x150 [ 661.075786][T14830] ? __pfx_force_suspend_read+0x10/0x10 [ 661.081390][T14830] full_proxy_read+0xfd/0x1b0 [ 661.086122][T14830] ? __pfx_full_proxy_read+0x10/0x10 [ 661.091451][T14830] vfs_read+0x1df/0xbe0 [ 661.095647][T14830] ? __fget_files+0x1fc/0x3a0 [ 661.100367][T14830] ? __pfx___mutex_lock+0x10/0x10 [ 661.105441][T14830] ? __pfx_vfs_read+0x10/0x10 [ 661.110166][T14830] ? __fget_files+0x206/0x3a0 [ 661.114894][T14830] ksys_read+0x12b/0x250 [ 661.119187][T14830] ? __pfx_ksys_read+0x10/0x10 [ 661.123996][T14830] do_syscall_64+0xcd/0x250 [ 661.128555][T14830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 661.134506][T14830] RIP: 0033:0x7fd1a6185d29 [ 661.138974][T14830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 661.158641][T14830] RSP: 002b:00007fd1a6f83038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 661.167119][T14830] RAX: ffffffffffffffda RBX: 00007fd1a6375fa0 RCX: 00007fd1a6185d29 [ 661.175131][T14830] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 661.183145][T14830] RBP: 00007fd1a6201b08 R08: 0000000000000000 R09: 0000000000000000 [ 661.191170][T14830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 661.199183][T14830] R13: 0000000000000000 R14: 00007fd1a6375fa0 R15: 00007ffc138fb558 [ 661.207208][T14830] [ 661.210596][T14830] Kernel Offset: disabled [ 661.214941][T14830] Rebooting in 86400 seconds..