last executing test programs: 8.307593725s ago: executing program 0 (id=191): ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0xdef) ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000140)={0x0, &(0x7f0000000100)={0x5, 0x62, 0x7, @raw=0x1}}) semctl$auto_GETPID(0x18000000, 0xfff, 0xb, 0x1) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) fstat$auto(0xffffffffffffffff, &(0x7f0000000180)={0x6, 0x7be089c1, 0x100000000, 0x2, 0x0, 0x0, 0x0, 0x4, 0x7, 0x0, 0x9, 0xe, 0xfffffffffffffffb, 0xdd, 0xd, 0x3ff, 0x4}) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/all/drop_gratuitous_arp\x00', 0x400, 0x0) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x8080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x141, 0x0) r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000140)={{0x0, 0x2, 0x200800, 0xffffffff, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) 8.193562665s ago: executing program 2 (id=192): r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) dup$auto(r0) socket(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r2, 0x0, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) mq_open$auto(&(0x7f0000000c00)='*\x00', 0xfffffff8, 0x8001, &(0x7f0000000c40)={0xf, 0xffffffff, 0x1, 0x8}) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$auto(r4, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r5, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x4b564d01, 0x400, 0x1}]}) 6.757808869s ago: executing program 1 (id=196): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/softnet_stat\x00', 0x40102, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r0, &(0x7f0000000680)={0x0, 0x40200}, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) mmap$auto(0x0, 0x40009, 0x3, 0x38, 0xffffffffffffffff, 0x28000) unshare$auto(0x8) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm_amd/parameters/pause_filter_thresh\x00', 0x200, 0x0) read$auto(r1, 0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r2 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) read$auto_proc_pid_maps_operations_internal(r2, &(0x7f00000001c0)=""/204, 0xcc) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x20040, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/options/latency-format\x00', 0x121082, 0x0) writev$auto(0x4, &(0x7f0000000080)={0x0, 0x8}, 0x1) mmap$auto(0x0, 0x2020009, 0x126, 0xf8, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x100, 0x0) mmap$auto(0x3, 0x20009, 0x2b, 0xeb1, r0, 0xd1a) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_TIOCSTI2(r3, 0x5412, &(0x7f0000000000)) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) read$auto(0x3, 0x0, 0x80) r4 = socket(0x2, 0x1, 0x100) getsockopt$auto_SO_ERROR(r4, 0x11e, 0x4, 0x0, 0x0) 6.562181997s ago: executing program 2 (id=198): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim1/ports/2/pp_hold\x00', 0x260001, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) socket(0x11, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/irq/3/smp_affinity_list\x00', 0x8f3b7a51b8162d21, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/038/001\x00', 0x40001, 0x0) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, 0x0, 0x201, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x200, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x108002, 0x0) epoll_create$auto(0x3e) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0) socketpair$auto(0xffff7fff, 0x4, 0x80000001, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 5.895988797s ago: executing program 2 (id=199): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) ioctl$auto_KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f00000002c0)={0x8, r1, 0x1, 0x33}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r2, 0x540a, 0x0) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) madvise$auto(0x2, 0x5c61fa2c, 0xf) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2c, r3, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x14, 0x1, 0x0, 0x1, [@nested={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x1d}]}, @typed={0x8, 0x14, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x800) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r5, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0x0, 0x0, 0x0, 0x0, 0x0) 5.889332577s ago: executing program 0 (id=207): mmap$auto(0x0, 0x99, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r0, 0x0, 0x7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) r2 = prctl$auto(0x3a, 0x1, 0x0, 0x2, 0x203) bind$auto(r2, 0x0, 0x7fffffff) open_tree_attr$auto(r2, &(0x7f0000000040)='./file0\x00', 0x5, &(0x7f0000000080)={0x3, 0x9, 0x100, @inferred=r0}, 0x8) socket(0x11, 0x3, 0x9) capset$auto(0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.3/usb4/4-0:1.0/authorized\x00', 0x10b142, 0x0) sendfile$auto(r3, r3, 0x0, 0x1000200) write$auto_mousedev_fops_mousedev(r0, &(0x7f00000003c0)="ddbbd745c504d0d3ff0602515d484b15c771960748fadfaa6aab5836478f92e586079552c8347a52c88999baeea5149ec19c7ab288a03954650d2a3542296c5c51f7516bb6044a058516bbb1a5981feb1bf8162ece2f132868e858720cbb7612c418c1d53405da29ac2e5bca21938bc3cb2661accce167c771d3c2763220f99321ca877d19607ff17687817fc355b8076b36c518070e58c8a8e8f6ad282cefd090353e85f13f77d64734b015ee1c0e1be8d86fa7c5211eadf486c5598529e24f5ea80115135655be73683fe385a9a0f19f2048b887890ce2106953899c1e8b3b9440f2b579016efd869e9af3f37e2dc4240edd82e88ed2e020a8d44d76c9e0201dd1bfa1ec7444f3a6f9e217b3b9a8e3d39cceaea59a156afa6556d3a4f30f27a67102ab7081c1723fa9bbe2075dd3b874bb412b60b6f98a3faa2ad41524d0e24d86cb532581603067d9a4c4b5c7bfa33a6ea181f5638a9afa079dba1673e3572bb1ce865685d16484eb4a386c4302c2174f904eafc9a28e3cd26eb8e1e9b489281567f6d19b4aa7e44d6d942aba3d155c7b82a20b7e40862ae086bceef678c3ed595cc3b0b9c5f00555b6efcfa508f1dc7efe9990189afca925ae1a48b2e0c4284315eaf1e5fdb359b395b67b2d8513d2ff46cc75febf187811106fc853ed9ccb7dcd55e8f31608f526931615e1f3bebc0bf42fd68e460e924f910d5fe8ce88e88463cb216907fcc2a8a14ae27e475b5c976d91cf9706c3ece472bbe9a80e9d1bbd886c72aeb5af54b02874c8d941656d0596b764ff75af4264a504caf7a6a0a46d6e12d334b1c51515d82eda7b7223d21c44fd37e5fe6f3bc86ebe2651379d5f11b46785c6378aa0fc58fb026288abc9c2b8168135303c10dd2291c8fe2989caada25882291b6a17d68d5c5ef5887626a2c8ef970af0afb40e82b0be97168e0cade739a75583c69ce5922c540ee293bb03882af3c3e12dd85dc8c3aa45b7cd0a9d53339e6b41472b04efcfadd376acea89efe1cc59ac6e871c2ac8d674c1a7dd597c5f2df5ef36a0f991d3c4805a59d29196d56440bcbff0ebd4bc4305b284f3fb91e56f4e658d434364802a6d04b760582b28ec3f16fb8287022774c4cea5045dad81e82455792b2bc7f7658999adbd64760ff57e90c518a73ac5935414d5a65fbb10b8d3fdfc4ddd589883f7bccbaf82f056a0a514d26dea634ff8ba9c90f491bd30727cd9a5691de02178ce340b392dc059019b3031f0f7d0fdee128a2e1dcb6d299843a770e5ccc029ef9bb69e440bd8020f7bb45b1542aaa2812fd7d6fdf1f6ed71f83b578958d237777d3a51fdae2edc9c31f07ecd3aa0a99f38650e44898adeb0c428661922963407ac07cf1c9aec02fc40f97e1999bdd0b9625c9ec15280c17c160191bcf5b0558213891d2260fc88de6e7b191726b57fca3c4348b32f54468e2931c215a7daa3624cf78e02f29421fe094a0eb2f15dac330a322cfa76431d0deaf370af183e7d55f9d7a0a54b2a237fa73dce8b3c9a8f4b5325652a8bba5f030c8786ecacbe4fa78612d1e19a8e919ffee28f4bdfeab7815180a550134d11bfa8a1d77b0f3545ce3f16f82862238dc8783fc589dbd9c9c9866b50c9c1993208b64a85e2186b98d62f78f734b382d2290df2ead48ad18b21963b5a0cb21eab37c040ca70ee71841ef353a9f241ef2dd370687720f717f889ae1b9962b116b4a2d3bc917b2635a30b27e32ed0fda00c14e00038443bb45e323035d17cbff26e2c18ab1154a6f51bc641d982408a4218cc6cc6b59f3ea56eec99a296cb0999a3de623418ffa9530a8daccfff4c3b59470970570a1fdd6b85e91a19012c5525328c3f507512a1c10b80a9b61db6ea570f77ba597a8cd9e114f116a0b5fa22ab57186eddddc71c105e10a6acf8f6c1601fa0bfcb7872c0680155590a06cc7280fedf048c25d3b05f14258608e0fd7b3b3a51d6a3235f7d37a9099de51a55d5e30bb11ef26bf050d33e52633329b53fd18fb1987c632d1cdeffeceb041e56efc33aa6260940c82d235483dd62ebddfc08be514c93aeb4d33e693fba84473bb07161a9ac15d195001890c7bdba54c7220a174fd305ac884b2423b6955600fa3e27384fbc51e5050464a4f9e8ce79dd55c201eae073c053ff49774b9d17d6743678b31008c44f0e72751dec27ea9f45fae536d5cee00253a052f242f3ba1489d71a090b31d7702db6117231f0e9369c1857227386be6a0ecf727a6ddd47786f36acd426784c15703c2e64287b34c315f6aa89c59388f5047c9cda9b54ef60274a07ef49d181e01f4d64cb4d4ce70cf860947e0729123f17315c921e57b20357409949244446523c9dfa8da3e13e8b667ff963b3efec7da78ae01e9278c95eb46f9ed49b391f690feb6c8585febde6b9e580623988b6551fb3e4a5a50382b2fe2a0ec866f2230ebee9180ca955b2acaa5e3d3ad9e9729fac6ecae216320e8316615513ce9a58e8c5f4e3fb532e8d8ab37d11504541a6266fd690863a3543da2cfb00f9c22aabe4aec484676a9e470a1764644b24797fe546266bffcc07c04d505bae8809915f5b2889445e1a25228b1229e32eea0c6a1bace11444a267c265f58e86843b1e97121104eb38bc46608702b14f7841ec2eeb5315ab1afdcb12ffccaf9a88ebfaac889e578629876b543c9b8092115fa0dba1be8bd24de5674d13621e9320be589f25e1d93cdd3bd57468edae5011047dbfd22c1db2eca3449638ad11d711d291ccb399b8e9f1c53e70c01f158f3e9367b1912a78edc2df9005895839e36067c6ae89057ec7092baee4802e3a655f9e0a16838cf69322aa8e7008828e69ef59cb5462ef7fad1c464a5cc3c3e7f007ab4bfd8505a4f3d0e7584de47a77b7b8764f816e53932a13639c2021d634ba524556d95fb7ec2ec321efe683ba89c50df83a4a14e55fb632bc865b88705b73fe5c0f3ee7a74dadfaf471251cca396233ea3cf26f2011850e2d71e1a0bab7907065afdeeb125a7b36d6d41cd5be7a656080063c3d5ec9339741e86b58fab2e57057ccfc0029f14ac81d427fdd13b68a9d4336110857cffd043ece9dea2cba4106a67cc2adf55354aaba824de49f998377895092300e5a81db68d707ac2f589b9da55a86d03035928545b49e970a2604d8101548d1de8f433a0ec69dfdeaecb7eb8a7905c5ba6110e660ddb13bc1c78389a4e45d522186833704e819d6877bf11cde4549fcedd09e3f950fa8113361bb8c40cbb40d71722979cfa43e06c9fadaf1402ca4a0223738d016e64e1f4be4fc214469659849d0f9d719d49b90e1f7c39ff76ad9f683af42cd65ca0972e9c56e4198b4f804dc8a48002981fcd999db89a77591626146b097c044714b0d9cbbb0539b10938db096c2e6d41dde343922c689d900eb8364c9c8ff9e0235bcb4a93bef01b62825896d4f64ee3fcd9207f7e575aaad51bdea6c14a06c01349278b23e7c243e8ed4b2e08b10f01a0a4f95ef12c463b83ce646b9757fa67bd7d45ccae0869751e32428b65f19f09af03a189d386478ebb7065cb1dc28a25cdaff1c7d0d7543299fe69ff73e4bbcd5469fea11d8880764b68970d373277b9b20c7e75e8cc3adaaf9e3b4d7c1637e05d0c726c2a04ff3f15cdf855e34090ad42e9640ad5b41b7efb6a91fe941637efb677c59b0449a2c5bedf18eddf3a36689dc1e1e4be61c6b4ccdc87630cc8817c18ecc59dacd1a8d963afda8cf5b2f5877657651519400f7f700b5f570c3fb5c65922242570df6aa75704b7ade5ae4d5baa099bdfe30bec32314d1e21afb8585fa8ba51728a797ff409ecf72376843d5145c98cb692bd0b19c1d72cf707b41114da1ef4a0923a32b0329a12f2e1662e50defc8c9fb4f93cba0f59baf7951b76711d4d186413a375393520d15727f7d5c707804f1a23a7b9a8af40ed659b51bf73f4607b95d83b4f206d7943af3a1f9ce09b9e6396d8862d99a94c5e3f1aedcff8348501f82fb311e337b2919475c07181d9ddbee2a9ab0653cc33b6ec99942d0a7d21882f898e5bbbdb5710b2fd0a24130362844dd3ae87f89ae0e781214f78b7f5f639a1067c462b448ba9915706198bfd2c12e15670de541a3ac6fd2492ad4967e2f702b43d42d9b9722ed2d40dae1ab84de073f78525f0f0db91b73b673b8714b8291819d27299c1a988025e860508e6c756b8669404cf7447a5abb3792c5d1eef6745511a06114fe63226630bfb35d5b3eabfb5dbfb4be91d937f114eb7fc44228ea8f842893b62359647778efb99dcd887bc1313bee7bb9db7a64d76dbd2a027ffbd618e528ec48df7beaf9211c2bd2bfb9f8d9a8f281da8974c6049213d8584fd54b32ec1b1680da7f58715557d657a41aff0993830258a4e079614da10858b578268e139c1c421fec4bf23b9eaaa7ee96906edb0e5aa454684a7b8c7787d020391d66424d35121ee2eb399093ac4647c227d4156f5b98fd925a78ef676887f884cf655bff4221290aa3db53fe022dbedccc6dfbc3e345b60c2e90bfd64827dd8f4cdaa5ad4d009c970f171cfc94906acd779e0873f76591c94daeff21de5bc64f39a1f7d687f4ec49b5eb900a2a473f480856089762c9f3d4e6618d2445809e95b9f1073424090bb891d5eaa5205dff271a4e484ba887067460fdfdea4443e5b02258307c8c4a2b13e3a8ac821ac2cee926a7ca81465e174ff72c0b6fbe1b1cc8dd9c05ab1b2209b78b28e99f03a0224a25defd8c11b12f53d00fd9662ba8dee654375c27d50f6e165ff6bdbd190c4958b2a1299d912b1879a266ea7be5b2614b1a4460e1e5efdf470a434996316e098ec2803fdce1fbf61090c83814dbfc65c9be59f249eb85b144ee61900c044476231f7fca97c37e8ff2a4e6abfad01bb0b675b129b8785551e6ddd0d1f00c716cbaca35592e5b5b79aeac06a39c5cf82a7a353c00bdbcb2fea639af47bff4a089dbb7478738793364bf92dfbf27885ab86b8bdd83a42f85b62015c14338a92487dd0e0b511641de257f6e058d5bf0a2ef81c44278e56640082b5dc14d8c57baaf6b1a63a528c006a4e74a766d7e70103624fbc708de7fa9817e80b7df68cbfdc617269c50c33cf559facc76a8aee12b8bb2cf4d72b3af6b16a7cbc0c97634b4249f189025d8e0b189d3edcdb4e7c09908207098ca16e570a70372c483164da46b5925c236e1bc6f63a54b9c5722ee814455c0af9b565cbc7a4f81e61f0f6c7f1765d351dcf4a28f652aa53b039965b9bc9db2321ce7d9e26adae5df8456a2bfb1402451bf835dcdbe9b616a4859c02dab89200c828f417a3d65e83c994fe3a3bb514e4bac5c55b944591e2817b047ec2558401247c95aa33e089ae6dec254473684d886a167eae691e4b1d4978c6086b3d3b7b3b99e17de7534968b0122ec5b706720cdb5704af70955d95ce32ce71d09e80d113a2c1dad5059d2db8098c6af583f7a035e6ba8737d68df0ddb25e869927f092dd074cd48adebd0b61cc90ce153a60117991a3ab6e076a4c8aa0eba196547f8490cb2220cc56d7b9a4fcea98f832fc73b191174fdbf9e2f7e3441316a6d49f52a6e5203c526eece353c5ac311cb6934bd3cac078c0f4a5f5a4c4bb84a666b9d3078b20310a6c52163f91ca5ae116f3fdcd0ad12f25b0d40cf5a6a08030bcb848432a5733c14c8dfab0079c8c9bb6e0960e8638a378ace2d2050754c496d79aa419498e206fe33baaf351bf4bd1044d80ba90a48e995e2ee45e1afdd05feac36013f1abc3bcc6eb583c4a4fdcc41", 0x1000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000100), r4) sendmsg$auto_GTP_CMD_ECHOREQ(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x2c, r5, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@GTPA_LINK={0x8, 0x1, 0xf0a7}, @GTPA_PEER_ADDRESS={0x8, 0x4, @multicast1}, @GTPA_MS_ADDRESS={0x8, 0x5, @loopback}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x8044) unshare$auto(0x40000080) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) prctl$auto(0x41555856, 0x4, 0x2008, 0x0, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x28, r6, 0x13, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r8}, @NL80211_ATTR_WIPHY_NAME={0xc, 0x2, '\x04\x00\x00\x00\x00\x00\x00\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) 5.261630197s ago: executing program 1 (id=200): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) 5.203657991s ago: executing program 3 (id=201): r0 = socket(0x2, 0x1, 0x106) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@rc={0x1f, @none}, 0x9ac) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001f80), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="7d2860831d99c93060250b000000b77b2afc73f3d1ad981e1b1f6454b501eb1b705de0eae1d732704f088c42d103b050bc3686f1cd8117780f50987e3d24010d46fd5f64fdc2afcbdeb49081d3e688bf807764e0b754f23f1e24033fefb66ecc5c9dfe4e6e662c6d8561c61fd49de98be1214a0335"], 0x14}, 0x1, 0x0, 0x0, 0x48018}, 0x400c880) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x10, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffb, 0x9, 0xffffffff7ffffffc, 0x9, 0x7, 0x200000100103}) socket(0x21, 0xa, 0x90c176) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) sysfs$auto(0x2, 0x23, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20201, 0x0) write$auto(r3, 0x0, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) shmat$auto(0x0, &(0x7f0000000000)='\x9a\x1e2\x8e\xe3o\rJ\x1e\xe3\xb9\x96\x0f\x80\x91\xb8\xb95\x98F\xf8Q\x01\x00\x93^', 0xfffffffa) mremap$auto(0x200000000000, 0x4, 0x4, 0x3, 0x100000000) sendmsg$auto_NETDEV_CMD_DEV_GET(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x841}, 0x200000c0) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00', @ANYRESOCT, @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) sendmsg$auto_NL80211_CMD_SET_PMK(r0, 0x0, 0x8000) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000380)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24000884}, 0x4004800) close_range$auto(0x2, 0xa, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x89fc, &(0x7f0000000040)={'veth0_macvtap\x00'}) 5.135258829s ago: executing program 1 (id=202): r0 = open(0x0, 0xd02, 0xc3) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) sendmsg$auto_NL80211_CMD_START_AP(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)={0x14, 0x0, 0x20, 0x70bd27, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x48010}, 0x20000800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) pwrite64$auto(r1, &(0x7f0000000040)='.\'*&\x04!\x00', 0x1, 0x8) 4.967707497s ago: executing program 3 (id=203): unshare$auto(0x40000080) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0xa, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8000]}, 0x0) sched_get_priority_min$auto(0x40) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) write$auto_sg_fops_sg(r2, &(0x7f00000001c0)="bf5b1a8c24000900dbcbc7a996eea7f3804ca6c7591afff6578d2f5f520f687f316ba7327b581cd8d58309037c0ae2c71a", 0x31) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) getsockopt$auto(r1, 0x200000000001, 0x19, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x6, 0x48000a, 0x100002bb, 0x14, 0xffffffffffffffff, 0x1) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000000)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x400}, 0x6b) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xffffffffffffffff, 0x1c0000000000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 4.961386865s ago: executing program 0 (id=204): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) openat$auto_nsim_pp_hold_fops_netdev(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/netdevsim/netdevsim1/ports/2/pp_hold\x00', 0x260001, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) socket(0x11, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/irq/3/smp_affinity_list\x00', 0x8f3b7a51b8162d21, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/038/001\x00', 0x40001, 0x0) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x201, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x200, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x108002, 0x0) epoll_create$auto(0x3e) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x6) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0) socketpair$auto(0xffff7fff, 0x4, 0x80000001, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 4.289586249s ago: executing program 0 (id=205): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_clone(0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) ptrace$auto(0x10, r1, 0x4, 0x8000040006) ptrace$auto(0xf, r1, 0xfffffffffffffffe, 0x8000000000000000) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r2, 0x80045010, &(0x7f0000004440)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x20000000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x101080, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYBLOB], 0x1ac}}, 0x40000) recvmmsg$auto(r3, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r3, 0x8946, 0x24) mmap$auto(0x10, 0xffffffffffffff81, 0x7fa4826e, 0x19, 0x2, 0x100000001) madvise$auto(0x4, 0x9, 0xffff) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/fs/ext4/sda1/reserved_clusters\x00', 0x2101, 0x0) 3.896963402s ago: executing program 1 (id=206): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) listmount$auto(&(0x7f0000000000)={0x1f, @raw, 0x80000024, 0x0, 0x2}, 0x0, 0xf4240, 0x0) membarrier$auto(0x2, 0x0, 0x9) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) socket(0x22, 0x3, 0x1) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_SOCK_GET(r1, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES16=r2, @ANYBLOB="8d4329bd7000ffdbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0x42010}, 0x8cc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ustat$auto(0x801, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x4000007, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0xa}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) io_uring_register$auto(0x2, 0xd, 0x0, 0x20) mmap$auto(0x200, 0x400008, 0x200, 0x9b72, 0xffffffffffffffff, 0x6) r3 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) read$auto_check_wx_fops_(r3, &(0x7f0000000080)=""/228, 0xe4) 3.651220842s ago: executing program 3 (id=208): io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/error_log\x00', 0xb01, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x2, 0x5, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000800004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r1, 0x0, 0x1, 0x0, 0x1e) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r2, 0x5522, 0xf15) ioctl$auto(r2, 0x5523, r2) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x0, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socket(0xa, 0x5, 0x94) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.968183429s ago: executing program 2 (id=209): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e21, @empty}, 0x70) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) r1 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, 0x0, 0x20000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x4000000000001, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x20000002, 0xfffffffffffffffe]}, 0x0) socket(0x1a, 0x4, 0x6) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000e00)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc94", 0xc2d) mmap$auto(0x0, 0x40009, 0xdf, 0x9b76, 0xffffffffffffffff, 0x28000) mmap$auto(0x0, 0x2060009, 0x3, 0xeb2, r1, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x81a, r3, 0x8000) 2.27282568s ago: executing program 0 (id=210): socket(0x15, 0x5, 0x0) 2.051640094s ago: executing program 0 (id=211): r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x2000, 0x0) ioctl$auto_MEMISLOCKED(r0, 0x80084d17, &(0x7f0000000080)={0xfffffffc, 0x4f90}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, 0x0, 0x400, 0x0) ioctl$auto_BCH_IOCTL_FSCK_OFFLINE(r2, 0x4018bc13, &(0x7f0000000100)={0x0, 0x9d}) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) socket(0x23, 0x80805, 0x0) r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) write$auto_proc_mem_operations_base(r3, 0x0, 0x0) madvise$auto(0x0, 0x4000000020200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x80, 0x0) 1.765880226s ago: executing program 2 (id=212): unshare$auto(0x40000080) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000840)='/proc/sys/vm/dirty_background_ratio\x00', 0x80000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0xa, 0x3, 0x3, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0x8000]}, 0x0) sched_get_priority_min$auto(0x40) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) write$auto_sg_fops_sg(r2, &(0x7f00000001c0)="bf5b1a8c24000900dbcbc7a996eea7f3804ca6c7591afff6578d2f5f520f687f316ba7327b581cd8d58309037c0ae2c71a", 0x31) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) getsockopt$auto(r1, 0x200000000001, 0x19, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x6, 0x48000a, 0x100002bb, 0x14, 0xffffffffffffffff, 0x1) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000000)=@nl=@proc={0x10, 0x0, 0x25dfdbff, 0x400}, 0x6b) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xffffffffffffffff, 0x1c0000000000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 1.604210021s ago: executing program 3 (id=213): r0 = socket(0x2, 0x1, 0x106) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@rc={0x1f, @none}, 0x9ac) socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000001f80), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="7d2860831d99c93060250b000000b77b2afc73f3d1ad981e1b1f6454b501eb1b705de0eae1d732704f088c42d103b050bc3686f1cd8117780f50987e3d24010d46fd5f64fdc2afcbdeb49081d3e688bf807764e0b754f23f1e24033fefb66ecc5c9dfe4e6e662c6d8561c61fd49de98be1214a0335"], 0x14}, 0x1, 0x0, 0x0, 0x48018}, 0x400c880) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x4000804) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x10, 0x9, 0x63, 0x0, 0x0, 0x0, 0x0, 0x40000000000f, 0x1000, 0xfffffffffffffffd, 0x7ffffffb, 0x9, 0xffffffff7ffffffc, 0x9, 0x7, 0x200000100103}) socket(0x21, 0xa, 0x90c176) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/vicodec.0/modalias\x00', 0x40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) sysfs$auto(0x2, 0x23, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20201, 0x0) write$auto(r3, 0x0, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x89fc, 0x0) shmat$auto(0x0, &(0x7f0000000000)='\x9a\x1e2\x8e\xe3o\rJ\x1e\xe3\xb9\x96\x0f\x80\x91\xb8\xb95\x98F\xf8Q\x01\x00\x93^', 0xfffffffa) mremap$auto(0x200000000000, 0x4, 0x4, 0x3, 0x100000000) sendmsg$auto_NETDEV_CMD_DEV_GET(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x841}, 0x200000c0) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB='$\x00\x00', @ANYRESOCT, @ANYRES32], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) sendmsg$auto_NL80211_CMD_SET_PMK(r0, 0x0, 0x8000) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000380)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x24000884}, 0x4004800) close_range$auto(0x2, 0xa, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x89fc, &(0x7f0000000040)={'veth0_macvtap\x00'}) 1.5278366s ago: executing program 1 (id=214): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e21, @empty}, 0x70) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) r1 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, 0x0, 0x20000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x4000000000001, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x20000002, 0xfffffffffffffffe]}, 0x0) socket(0x1a, 0x4, 0x6) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000e00)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc94", 0xc2d) mmap$auto(0x0, 0x40009, 0xdf, 0x9b76, 0xffffffffffffffff, 0x28000) mmap$auto(0x0, 0x2060009, 0x3, 0xeb2, r1, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x81a, r3, 0x8000) 1.413030968s ago: executing program 3 (id=215): openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) ioctl$auto_FIDEDUPERANGE(r0, 0xc0189436, 0x7) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x300) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x80900, 0x0) remap_file_pages$auto(0x0, 0x4e49, 0x878, 0x3, 0x4) r4 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r4, 0x0, 0x40) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x6b27c3, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x5, 0x948b, 0x3, 0x95f4da08, 0xffffffffffffffff, 0x200000000000002, 0x62, 0x8000000000000000, 0x1, 0x6d3f, 0x40000000000009, 0x2, 0xfffffffffffffffe]}, 0x0) ioctl$auto_TUNGETFILTER(r3, 0x801054db, 0x0) ioctl$auto_RNDRESEEDCRNG2(0xffffffffffffffff, 0x5207, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x4, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0xfffffffffffffff6, 0x0, 0x3f80, 0x79d, 0x338, 0x9, 0x2, 0xb]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000100), r4) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCR(r5, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x50, r6, 0x8, 0x70bd2b, 0x25dfdbfe, {}, "83c9524fd8b1e3b0bf17fbbb15f205c384596ee05960b40696edb843c9d0c381e7b33b23467e350f0cfb66502879410ac530a8a2ca3ee3559d"}, 0x50}, 0x1, 0x0, 0x0, 0x44800}, 0x0) 662.714908ms ago: executing program 2 (id=216): r0 = socket(0x2b, 0x1, 0x1) r1 = socket(0x2, 0x2, 0x1) pwrite64$auto(0x2, 0x0, 0x0, 0x5) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/ifb0/flags\x00', 0xb02, 0x0) sendfile$auto(r0, 0xffffffffffffffff, 0x0, 0x13) sendto$auto(r1, 0x0, 0xb, 0xc, 0x0, 0x1c) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0069b0681a00"}, 0x8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xd, 0x1, 0x948b, 0x3, 0x1, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0x2, 0x9b72, 0x2, 0x8000) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer\x00', 0x1c8300, 0x0) ioctl$auto(r2, 0x8004510b, 0x3) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) ioctl$auto_VHOST_SET_FEATURES2(r3, 0x4008af00, 0x0) 149.395162ms ago: executing program 3 (id=217): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x60301, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop1/queue/scheduler\x00', 0xa001, 0x0) write$auto(r1, &(0x7f0000000140)='7\x00\xb1\x9a\xc0\xf9\xc0e\xd2T\xbe\xb6I\x9d\xd9\x18\xf5\x91\xbfq\xfe\xf2\x9a\x02\x9fC0xb\xccW(\xc1n+\n|5\xa5\x9c=^\xf1\x11H\x1c\xf73\x16\xd2\a\xfaw\xcc\xf1\xff7\xab\xa1\xeaF\x04\x17\x99\xd3\xd1\x83\xccG^\xbbdC\x8a\n\x88\xbcW@+\xafD\xd1\x8a\xc13W\xf66\x86\xe5\xee\xa7\x1d\x0f\x90\x00\xcf\xdb\xf5\xbf\xd4\xc8\x84\xb3\xeeb\xb0\xc7kN\x80\x93\xfd\x89\xe1\xc9tp\xd4jm\x7f\xf0a\xc3\x02\x14\xcf\xcf\\e!\a\x82\t,\xa7\x00\xbd&\xcax\xf8P\xc1\x8f\x87\x83\x0f\x93z', 0x81) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x10000, 0x8000, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x8, 0x2, 0x10011, 0x5, 0x0) futex_wait$auto(0x0, 0x0, 0x7f, 0x2, 0x0, 0x1) futex_wake$auto(0x0, 0x7, 0xfffffffb, 0x2) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) ioctl$auto(0x3, 0x894b, 0x38) semget$auto(0x0, 0x13c, 0x1ff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_PNETID_ADD(r2, &(0x7f0000000780)={0x0, 0xfffffffffffffe46, &(0x7f0000000740)={&(0x7f00000006c0)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdc01}, 0x14}, 0x1, 0x0, 0x0, 0xc0}, 0x40d0) futex_wake$auto(0x0, 0x7, 0x0, 0x82) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0x36ec}, 0x1, 0x0) semctl$auto(0x0, 0x9, 0x0, 0x2) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_BSS(r2, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xc0204}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), r3) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000140)='/dev/audio1\x00', 0x100100a3d4) syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/mnt\x00') r4 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000100)='/proc/stat\x00', 0x40002, 0x0) kill$auto(0x0, 0x15) sendfile$auto(r4, r4, &(0x7f0000000040)=0x8010, 0x1) 0s ago: executing program 1 (id=218): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e21, @empty}, 0x70) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) r1 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x100, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, 0x0, 0x20000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x4000000000001, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x20000002, 0xfffffffffffffffe]}, 0x0) socket(0x1a, 0x4, 0x6) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) mmap$auto(0x0, 0x40009, 0xdf, 0x9b76, 0xffffffffffffffff, 0x28000) mmap$auto(0x0, 0x2060009, 0x3, 0xeb2, r1, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x81a, r3, 0x8000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.216' (ED25519) to the list of known hosts. [ 80.457128][ T5835] cgroup: Unknown subsys name 'net' [ 80.566774][ T5835] cgroup: Unknown subsys name 'cpuset' [ 80.575425][ T5835] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.037632][ T5835] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.176719][ T5849] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.185014][ T5849] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.193525][ T5849] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.200925][ T5849] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.208696][ T5849] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.215258][ T5852] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.216914][ T5862] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.233848][ T5862] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.236257][ T5859] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.248033][ T5852] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.255918][ T5859] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.264646][ T5852] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.272033][ T5859] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.280780][ T5859] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.281914][ T5860] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.288633][ T5859] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.303407][ T5169] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.311248][ T5169] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.311876][ T5860] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.327766][ T5169] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.896226][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 84.916093][ T5851] chnl_net:caif_netlink_parms(): no params data found [ 84.964884][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 85.062439][ T5854] chnl_net:caif_netlink_parms(): no params data found [ 85.132234][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.139949][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.149082][ T5844] bridge_slave_0: entered allmulticast mode [ 85.156195][ T5844] bridge_slave_0: entered promiscuous mode [ 85.198930][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.206119][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.213840][ T5844] bridge_slave_1: entered allmulticast mode [ 85.220740][ T5844] bridge_slave_1: entered promiscuous mode [ 85.249912][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.257141][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.264331][ T5845] bridge_slave_0: entered allmulticast mode [ 85.271212][ T5845] bridge_slave_0: entered promiscuous mode [ 85.299710][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.307316][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.314658][ T5851] bridge_slave_0: entered allmulticast mode [ 85.321576][ T5851] bridge_slave_0: entered promiscuous mode [ 85.329230][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.336465][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.344020][ T5845] bridge_slave_1: entered allmulticast mode [ 85.350914][ T5845] bridge_slave_1: entered promiscuous mode [ 85.372827][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.379972][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.387379][ T5851] bridge_slave_1: entered allmulticast mode [ 85.394463][ T5851] bridge_slave_1: entered promiscuous mode [ 85.441247][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.477315][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.486634][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.494270][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.501376][ T5854] bridge_slave_0: entered allmulticast mode [ 85.508860][ T5854] bridge_slave_0: entered promiscuous mode [ 85.517829][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.553379][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.562866][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.569995][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.577523][ T5854] bridge_slave_1: entered allmulticast mode [ 85.584546][ T5854] bridge_slave_1: entered promiscuous mode [ 85.605151][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.643489][ T5844] team0: Port device team_slave_0 added [ 85.667212][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.690340][ T5844] team0: Port device team_slave_1 added [ 85.698286][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.710966][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.734305][ T5845] team0: Port device team_slave_0 added [ 85.778708][ T5845] team0: Port device team_slave_1 added [ 85.812493][ T5851] team0: Port device team_slave_0 added [ 85.821095][ T5851] team0: Port device team_slave_1 added [ 85.838894][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.846017][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.872249][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.895257][ T5854] team0: Port device team_slave_0 added [ 85.932311][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.939373][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.966213][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.978991][ T5854] team0: Port device team_slave_1 added [ 85.986785][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.993829][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.019962][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.033308][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.040261][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.066830][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.080018][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.087096][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.113601][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.153153][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.160142][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.186243][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.212535][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.219788][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.245751][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.284290][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.291242][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.317628][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.363461][ T5169] Bluetooth: hci2: command tx timeout [ 86.369191][ T5169] Bluetooth: hci3: command tx timeout [ 86.374936][ T5860] Bluetooth: hci0: command tx timeout [ 86.380807][ T5860] Bluetooth: hci1: command tx timeout [ 86.400866][ T5845] hsr_slave_0: entered promiscuous mode [ 86.407232][ T5845] hsr_slave_1: entered promiscuous mode [ 86.467744][ T5844] hsr_slave_0: entered promiscuous mode [ 86.475691][ T5844] hsr_slave_1: entered promiscuous mode [ 86.481711][ T5844] debugfs: 'hsr0' already exists in 'hsr' [ 86.487951][ T5844] Cannot create hsr debugfs directory [ 86.498910][ T5851] hsr_slave_0: entered promiscuous mode [ 86.505689][ T5851] hsr_slave_1: entered promiscuous mode [ 86.511646][ T5851] debugfs: 'hsr0' already exists in 'hsr' [ 86.517577][ T5851] Cannot create hsr debugfs directory [ 86.529711][ T5854] hsr_slave_0: entered promiscuous mode [ 86.536680][ T5854] hsr_slave_1: entered promiscuous mode [ 86.542708][ T5854] debugfs: 'hsr0' already exists in 'hsr' [ 86.548438][ T5854] Cannot create hsr debugfs directory [ 87.116112][ T5845] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.127723][ T5845] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.138916][ T5845] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.159436][ T5845] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.217035][ T5854] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.232306][ T5854] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.250657][ T5854] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.262432][ T5854] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.338962][ T5844] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.354715][ T5844] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.375465][ T5844] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.387975][ T5844] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.486910][ T5851] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.497338][ T5851] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.508968][ T5851] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.519134][ T5851] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.619317][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.677691][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.696840][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.732635][ T1151] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.739852][ T1151] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.762318][ T1338] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.769494][ T1338] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.797813][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.819069][ T1039] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.826193][ T1039] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.852910][ T1338] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.860074][ T1338] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.939052][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.964576][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.037999][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.052214][ T5851] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.090679][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.097914][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.111865][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.119089][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.160632][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.167845][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.184550][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.191738][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.426147][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.444286][ T5860] Bluetooth: hci1: command tx timeout [ 88.449722][ T5860] Bluetooth: hci3: command tx timeout [ 88.455743][ T5169] Bluetooth: hci0: command tx timeout [ 88.461161][ T5169] Bluetooth: hci2: command tx timeout [ 88.536075][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.587041][ T5845] veth0_vlan: entered promiscuous mode [ 88.657151][ T5845] veth1_vlan: entered promiscuous mode [ 88.678528][ T5854] veth0_vlan: entered promiscuous mode [ 88.716731][ T5854] veth1_vlan: entered promiscuous mode [ 88.776236][ T5845] veth0_macvtap: entered promiscuous mode [ 88.815152][ T5845] veth1_macvtap: entered promiscuous mode [ 88.847418][ T5854] veth0_macvtap: entered promiscuous mode [ 88.867407][ T5854] veth1_macvtap: entered promiscuous mode [ 88.915672][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.926942][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.945581][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.964437][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.978365][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.990282][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.011608][ T5845] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.020672][ T5845] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.029750][ T5845] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.040330][ T5845] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.052118][ T5854] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.062231][ T5854] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.071085][ T5854] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.080075][ T5854] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.257663][ T5844] veth0_vlan: entered promiscuous mode [ 89.279968][ T5851] veth0_vlan: entered promiscuous mode [ 89.289786][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.303020][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.319358][ T5844] veth1_vlan: entered promiscuous mode [ 89.323318][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.337167][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.364032][ T5851] veth1_vlan: entered promiscuous mode [ 89.417838][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.445851][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.446820][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.460063][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.478467][ T5844] veth0_macvtap: entered promiscuous mode [ 89.515887][ T5844] veth1_macvtap: entered promiscuous mode [ 89.541308][ T5851] veth0_macvtap: entered promiscuous mode [ 89.570596][ T5851] veth1_macvtap: entered promiscuous mode [ 89.598676][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.619199][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.631363][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.635130][ T5854] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.656713][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.686932][ T5844] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.697977][ T5844] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.710694][ T5844] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.719833][ T5844] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.734365][ T5851] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.743979][ T5851] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.757234][ T5851] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.769361][ T5851] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.010126][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.031716][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.202877][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.297411][ T1338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.320322][ T1338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.526713][ T5860] Bluetooth: hci3: command tx timeout [ 90.526758][ T5169] Bluetooth: hci2: command tx timeout [ 90.532131][ T5860] Bluetooth: hci0: command tx timeout [ 90.537904][ T5169] Bluetooth: hci1: command tx timeout [ 90.612098][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.664881][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.824049][ T1338] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.846797][ T1338] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.594958][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.813498][ T24] cfg80211: failed to load regulatory.db [ 91.950091][ T5973] FAULT_INJECTION: forcing a failure. [ 91.950091][ T5973] name failslab, interval 1, probability 0, space 0, times 1 [ 92.033072][ T5973] CPU: 1 UID: 0 PID: 5973 Comm: syz.1.2 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 92.033095][ T5973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 92.033106][ T5973] Call Trace: [ 92.033112][ T5973] [ 92.033120][ T5973] dump_stack_lvl+0x16c/0x1f0 [ 92.033145][ T5973] should_fail_ex+0x512/0x640 [ 92.033164][ T5973] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 92.033180][ T5973] should_failslab+0xc2/0x120 [ 92.033199][ T5973] __kmalloc_cache_noprof+0x6a/0x3e0 [ 92.033212][ T5973] ? snd_seq_oss_readq_new+0x4a/0x2c0 [ 92.033232][ T5973] snd_seq_oss_readq_new+0x4a/0x2c0 [ 92.033250][ T5973] snd_seq_oss_open+0x54b/0xa20 [ 92.033275][ T5973] odev_open+0x6f/0x90 [ 92.033293][ T5973] ? __pfx_odev_open+0x10/0x10 [ 92.033311][ T5973] soundcore_open+0x409/0x580 [ 92.033332][ T5973] ? __pfx_soundcore_open+0x10/0x10 [ 92.033351][ T5973] chrdev_open+0x234/0x6a0 [ 92.033368][ T5973] ? __pfx_chrdev_open+0x10/0x10 [ 92.033386][ T5973] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 92.033404][ T5973] do_dentry_open+0x744/0x1c10 [ 92.033420][ T5973] ? __pfx_chrdev_open+0x10/0x10 [ 92.033440][ T5973] vfs_open+0x82/0x3f0 [ 92.033461][ T5973] path_openat+0x1de4/0x2cb0 [ 92.033483][ T5973] ? __pfx_path_openat+0x10/0x10 [ 92.033498][ T5973] ? __lock_acquire+0xb8a/0x1c90 [ 92.033521][ T5973] do_filp_open+0x20b/0x470 [ 92.033536][ T5973] ? __pfx_do_filp_open+0x10/0x10 [ 92.033564][ T5973] ? alloc_fd+0x471/0x7d0 [ 92.033589][ T5973] do_sys_openat2+0x11b/0x1d0 [ 92.033610][ T5973] ? __pfx_do_sys_openat2+0x10/0x10 [ 92.033637][ T5973] __x64_sys_openat+0x174/0x210 [ 92.033658][ T5973] ? __pfx___x64_sys_openat+0x10/0x10 [ 92.033687][ T5973] do_syscall_64+0xcd/0x490 [ 92.033708][ T5973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.033722][ T5973] RIP: 0033:0x7f80c838e9a9 [ 92.033738][ T5973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.033751][ T5973] RSP: 002b:00007f80c9156038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 92.033765][ T5973] RAX: ffffffffffffffda RBX: 00007f80c85b6080 RCX: 00007f80c838e9a9 [ 92.033775][ T5973] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 92.033784][ T5973] RBP: 00007f80c8410d69 R08: 0000000000000000 R09: 0000000000000000 [ 92.033793][ T5973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 92.033801][ T5973] R13: 0000000000000000 R14: 00007f80c85b6080 R15: 00007ffd2ac13c48 [ 92.033820][ T5973] [ 92.603166][ T5169] Bluetooth: hci1: command tx timeout [ 92.612808][ T5169] Bluetooth: hci0: command tx timeout [ 92.615791][ T5860] Bluetooth: hci2: command tx timeout [ 92.618210][ T5169] Bluetooth: hci3: command tx timeout [ 92.778091][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.786679][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.798456][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.809465][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.818261][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.843077][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.034943][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.052952][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.055968][ T5999] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 94.134648][ T6019] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 94.134648][ T6019] program syz.3.12 not setting count and/or reply_len properly [ 96.125889][ T6032] random: crng reseeded on system resumption [ 96.893377][ T6049] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 99.353601][ T6079] can: request_module (can-proto-3) failed. [ 100.417727][ T6091] mmap: syz.3.22 (6091) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 103.347898][ T6127] process 'syz.0.31' launched '/dev/fd/10' with NULL argv: empty string added [ 109.773753][ T6147] FAULT_INJECTION: forcing a failure. [ 109.773753][ T6147] name failslab, interval 1, probability 0, space 0, times 0 [ 109.788341][ T6147] CPU: 0 UID: 0 PID: 6147 Comm: syz.3.33 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 109.788376][ T6147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 109.788390][ T6147] Call Trace: [ 109.788398][ T6147] [ 109.788408][ T6147] dump_stack_lvl+0x16c/0x1f0 [ 109.788447][ T6147] should_fail_ex+0x512/0x640 [ 109.788479][ T6147] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 109.788511][ T6147] should_failslab+0xc2/0x120 [ 109.788540][ T6147] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 109.788564][ T6147] ? __proc_create+0xc3/0x8e0 [ 109.788613][ T6147] ? __proc_create+0x2ce/0x8e0 [ 109.788649][ T6147] __proc_create+0x2ce/0x8e0 [ 109.788683][ T6147] ? __pfx___proc_create+0x10/0x10 [ 109.788719][ T6147] ? do_raw_spin_unlock+0x172/0x230 [ 109.788746][ T6147] ? _raw_spin_unlock+0x28/0x50 [ 109.788778][ T6147] proc_create_reg+0x7d/0x180 [ 109.788815][ T6147] proc_create_net_data+0x8e/0x1c0 [ 109.788849][ T6147] ? __pfx_proc_create_net_data+0x10/0x10 [ 109.788884][ T6147] ? __asan_memcpy+0x3c/0x60 [ 109.788910][ T6147] ? __pfx_unix_net_init+0x10/0x10 [ 109.788949][ T6147] ? __pfx_unix_net_init+0x10/0x10 [ 109.788986][ T6147] unix_net_init+0xb7/0x350 [ 109.789013][ T6147] ? __pfx_unix_net_init+0x10/0x10 [ 109.789053][ T6147] ops_init+0x1e2/0x5f0 [ 109.789094][ T6147] setup_net+0x1ff/0x510 [ 109.789128][ T6147] ? lockdep_init_map_type+0x5c/0x280 [ 109.789165][ T6147] ? __pfx_setup_net+0x10/0x10 [ 109.789204][ T6147] ? debug_mutex_init+0x37/0x70 [ 109.789235][ T6147] copy_net_ns+0x2a6/0x5f0 [ 109.789263][ T6147] create_new_namespaces+0x3ea/0xa90 [ 109.789302][ T6147] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 109.789333][ T6147] ksys_unshare+0x45b/0xa40 [ 109.789367][ T6147] ? __pfx_ksys_unshare+0x10/0x10 [ 109.789403][ T6147] ? xfd_validate_state+0x61/0x180 [ 109.789448][ T6147] __x64_sys_unshare+0x31/0x40 [ 109.789480][ T6147] do_syscall_64+0xcd/0x490 [ 109.789515][ T6147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.789541][ T6147] RIP: 0033:0x7fe3a338e9a9 [ 109.789563][ T6147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.789595][ T6147] RSP: 002b:00007fe3a42a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 109.789619][ T6147] RAX: ffffffffffffffda RBX: 00007fe3a35b5fa0 RCX: 00007fe3a338e9a9 [ 109.789636][ T6147] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 109.789652][ T6147] RBP: 00007fe3a3410d69 R08: 0000000000000000 R09: 0000000000000000 [ 109.789667][ T6147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 109.789682][ T6147] R13: 0000000000000000 R14: 00007fe3a35b5fa0 R15: 00007ffe9d35c758 [ 109.789717][ T6147] [ 112.236168][ T30] audit: type=1326 audit(6048727394.972:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6174 comm="syz.0.42" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f66ef78e9a9 code=0x0 [ 112.295380][ T6179] FAULT_INJECTION: forcing a failure. [ 112.295380][ T6179] name failslab, interval 1, probability 0, space 0, times 0 [ 112.383843][ T6179] CPU: 0 UID: 0 PID: 6179 Comm: syz.0.42 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 112.383866][ T6179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 112.383875][ T6179] Call Trace: [ 112.383880][ T6179] [ 112.383887][ T6179] dump_stack_lvl+0x16c/0x1f0 [ 112.383911][ T6179] should_fail_ex+0x512/0x640 [ 112.383929][ T6179] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 112.383946][ T6179] should_failslab+0xc2/0x120 [ 112.383964][ T6179] __kmalloc_cache_noprof+0x6a/0x3e0 [ 112.383978][ T6179] ? snd_seq_prioq_new+0x3f/0x110 [ 112.383997][ T6179] snd_seq_prioq_new+0x3f/0x110 [ 112.384013][ T6179] snd_seq_queue_alloc+0x12b/0x550 [ 112.384031][ T6179] snd_seq_ioctl_create_queue+0xa9/0x380 [ 112.384053][ T6179] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 112.384077][ T6179] alloc_seq_queue+0xda/0x180 [ 112.384098][ T6179] ? __pfx_alloc_seq_queue+0x10/0x10 [ 112.384130][ T6179] ? mark_held_locks+0x49/0x80 [ 112.384149][ T6179] ? _raw_spin_unlock_irq+0x23/0x50 [ 112.384167][ T6179] snd_seq_oss_open+0x38c/0xa20 [ 112.384192][ T6179] odev_open+0x6f/0x90 [ 112.384210][ T6179] ? __pfx_odev_open+0x10/0x10 [ 112.384228][ T6179] soundcore_open+0x409/0x580 [ 112.384249][ T6179] ? __pfx_soundcore_open+0x10/0x10 [ 112.384268][ T6179] chrdev_open+0x234/0x6a0 [ 112.384284][ T6179] ? __pfx_apparmor_file_open+0x10/0x10 [ 112.384306][ T6179] ? __pfx_chrdev_open+0x10/0x10 [ 112.384327][ T6179] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 112.384346][ T6179] do_dentry_open+0x744/0x1c10 [ 112.384363][ T6179] ? __pfx_chrdev_open+0x10/0x10 [ 112.384383][ T6179] vfs_open+0x82/0x3f0 [ 112.384405][ T6179] path_openat+0x1de4/0x2cb0 [ 112.384426][ T6179] ? __pfx_path_openat+0x10/0x10 [ 112.384443][ T6179] ? __lock_acquire+0xb8a/0x1c90 [ 112.384465][ T6179] do_filp_open+0x20b/0x470 [ 112.384480][ T6179] ? __pfx_do_filp_open+0x10/0x10 [ 112.384508][ T6179] ? alloc_fd+0x471/0x7d0 [ 112.384527][ T6179] do_sys_openat2+0x11b/0x1d0 [ 112.384546][ T6179] ? __pfx_do_sys_openat2+0x10/0x10 [ 112.384571][ T6179] ? find_held_lock+0x2b/0x80 [ 112.384588][ T6179] ? handle_mm_fault+0x2ab/0xd10 [ 112.384607][ T6179] __x64_sys_openat+0x174/0x210 [ 112.384627][ T6179] ? __pfx___x64_sys_openat+0x10/0x10 [ 112.384656][ T6179] do_syscall_64+0xcd/0x490 [ 112.384677][ T6179] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.384691][ T6179] RIP: 0033:0x7f66ef78e9a9 [ 112.384704][ T6179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.384718][ T6179] RSP: 002b:00007f66ed5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 112.384731][ T6179] RAX: ffffffffffffffda RBX: 00007f66ef9b6080 RCX: 00007f66ef78e9a9 [ 112.384740][ T6179] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 112.384748][ T6179] RBP: 00007f66ef810d69 R08: 0000000000000000 R09: 0000000000000000 [ 112.384756][ T6179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.384765][ T6179] R13: 0000000000000000 R14: 00007f66ef9b6080 R15: 00007ffc9b63d8f8 [ 112.384783][ T6179] [ 112.762448][ T6180] netlink: 12 bytes leftover after parsing attributes in process `syz.1.41'. [ 112.974457][ T6189] syz.2.43 uses obsolete (PF_INET,SOCK_PACKET) [ 114.078750][ C0] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163efa9 (__mcheck_cpu_init_clear_banks+0x109/0x1f0) [ 114.094107][ C0] Call Trace: [ 114.097390][ C0] [ 114.100239][ C0] ? __pfx_mce_cpu_restart+0x10/0x10 [ 114.105540][ C0] mce_cpu_restart+0x98/0xb0 [ 114.110139][ C0] __flush_smp_call_function_queue+0x27d/0x8c0 [ 114.116299][ C0] __sysvec_call_function_single+0x87/0x400 [ 114.122194][ C0] sysvec_call_function_single+0x9f/0xc0 [ 114.127828][ C0] [ 114.130753][ C0] [ 114.133676][ C0] asm_sysvec_call_function_single+0x1a/0x20 [ 114.139656][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 114.145291][ C0] Code: ab 6a 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 e8 20 00 fb f4 8c fb 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 114.164895][ C0] RSP: 0018:ffffffff8e207e08 EFLAGS: 000002c6 [ 114.170960][ C0] RAX: 00000000000e6f1f RBX: 0000000000000000 RCX: ffffffff8b892c69 [ 114.178931][ C0] RDX: 0000000000000000 RSI: ffffffff8de2fe9c RDI: ffffffff8c15a9e0 [ 114.186898][ C0] RBP: fffffbfff1c52ef0 R08: 0000000000000001 R09: ffffed1017086645 [ 114.194865][ C0] R10: ffff8880b843322b R11: 0000000000000001 R12: 0000000000000000 [ 114.202839][ C0] R13: ffffffff8e297780 R14: ffffffff90a97b50 R15: 0000000000000000 [ 114.210828][ C0] ? ct_kernel_exit+0x139/0x190 [ 114.215694][ C0] default_idle+0x13/0x20 [ 114.220029][ C0] default_idle_call+0x6d/0xb0 [ 114.224799][ C0] do_idle+0x391/0x510 [ 114.228875][ C0] ? __pfx_do_idle+0x10/0x10 [ 114.233464][ C0] ? find_held_lock+0x2b/0x80 [ 114.238150][ C0] cpu_startup_entry+0x4f/0x60 [ 114.242915][ C0] rest_init+0x16b/0x2b0 [ 114.247168][ C0] ? acpi_subsystem_init+0x133/0x180 [ 114.252450][ C0] ? __pfx_x86_late_time_init+0x10/0x10 [ 114.257999][ C0] start_kernel+0x3ee/0x4d0 [ 114.262508][ C0] x86_64_start_reservations+0x18/0x30 [ 114.267976][ C0] x86_64_start_kernel+0x130/0x190 [ 114.273093][ C0] common_startup_64+0x13e/0x148 [ 114.278045][ C0] [ 114.466845][ T6200] program syz.1.45 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 114.794185][ T6200] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 114.800487][ T6200] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 115.087418][ T6200] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 115.529790][ T6200] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 115.684681][ T6222] : Can't lookup blockdev [ 115.750421][ T6200] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 115.857374][ T6200] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 115.922267][ T6200] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 116.095567][ T6200] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 116.175288][ T6200] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 116.209080][ T6200] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 116.239975][ T6200] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 116.267752][ T6200] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 116.842912][ T5169] Bluetooth: hci0: command 0x0c1a tx timeout [ 116.971663][ T6238] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 117.562791][ T5169] Bluetooth: hci1: command 0x0c1a tx timeout [ 117.962675][ T5169] Bluetooth: hci2: command 0x0c1a tx timeout [ 118.282841][ T5169] Bluetooth: hci3: command 0x0c1a tx timeout [ 118.771831][ T6258] sp0: Synchronizing with TNC [ 118.922636][ T5169] Bluetooth: hci0: command 0x0c1a tx timeout [ 118.942588][ T6240] Zero length message leads to an empty skb [ 119.646257][ T6270] Bluetooth: hci1: command 0x0c1a tx timeout [ 120.052599][ T6270] Bluetooth: hci2: command 0x0c1a tx timeout [ 120.352249][ T6295] FAULT_INJECTION: forcing a failure. [ 120.352249][ T6295] name failslab, interval 1, probability 0, space 0, times 0 [ 120.374905][ T6270] Bluetooth: hci3: command 0x0c1a tx timeout [ 120.672005][ T6295] CPU: 0 UID: 0 PID: 6295 Comm: syz.1.61 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 120.672043][ T6295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 120.672057][ T6295] Call Trace: [ 120.672066][ T6295] [ 120.672076][ T6295] dump_stack_lvl+0x16c/0x1f0 [ 120.672121][ T6295] should_fail_ex+0x512/0x640 [ 120.672153][ T6295] ? __kmalloc_noprof+0xbf/0x510 [ 120.672184][ T6295] ? lsm_blob_alloc+0x68/0x90 [ 120.672212][ T6295] should_failslab+0xc2/0x120 [ 120.672244][ T6295] __kmalloc_noprof+0xd2/0x510 [ 120.672279][ T6295] lsm_blob_alloc+0x68/0x90 [ 120.672309][ T6295] security_sk_alloc+0x30/0x270 [ 120.672346][ T6295] sk_prot_alloc+0xfb/0x2a0 [ 120.672374][ T6295] sk_alloc+0x36/0xc20 [ 120.672407][ T6295] tipc_sk_create+0xcf/0x21a0 [ 120.672441][ T6295] ? find_held_lock+0x2b/0x80 [ 120.672470][ T6295] ? __sock_create+0x2f2/0x8d0 [ 120.672501][ T6295] __sock_create+0x335/0x8d0 [ 120.672543][ T6295] __sys_socket+0x14d/0x260 [ 120.672571][ T6295] ? __pfx___sys_socket+0x10/0x10 [ 120.672596][ T6295] ? xfd_validate_state+0x61/0x180 [ 120.672639][ T6295] __x64_sys_socket+0x72/0xb0 [ 120.672663][ T6295] ? lockdep_hardirqs_on+0x7c/0x110 [ 120.672694][ T6295] do_syscall_64+0xcd/0x490 [ 120.672728][ T6295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.672753][ T6295] RIP: 0033:0x7f80c838e9a9 [ 120.672778][ T6295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.672807][ T6295] RSP: 002b:00007f80c9135038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 120.672830][ T6295] RAX: ffffffffffffffda RBX: 00007f80c85b6160 RCX: 00007f80c838e9a9 [ 120.672848][ T6295] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 120.672863][ T6295] RBP: 00007f80c8410d69 R08: 0000000000000000 R09: 0000000000000000 [ 120.672878][ T6295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 120.672892][ T6295] R13: 0000000000000000 R14: 00007f80c85b6160 R15: 00007ffd2ac13c48 [ 120.672926][ T6295] [ 121.405804][ T6292] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 121.412182][ T6292] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 121.422285][ T6292] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.471770][ T6288] syz.0.62 (6288) used greatest stack depth: 19784 bytes left [ 121.490831][ T6292] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 122.282641][ T6270] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.482638][ T6270] Bluetooth: hci2: command 0x0c1a tx timeout [ 123.490790][ T6270] Bluetooth: hci1: command 0x0c1a tx timeout [ 123.562890][ T6346] Bluetooth: hci3: command 0x0c1a tx timeout [ 125.580292][ T6378] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 125.592831][ T6378] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 125.607667][ T6378] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 125.648426][ T6378] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 126.221784][ T6389] blktrace: Concurrent blktraces are not allowed on loop2 [ 126.508301][ T6393] netlink: 186 bytes leftover after parsing attributes in process `syz.0.76'. [ 126.924551][ T6346] Bluetooth: hci0: command 0x0c1a tx timeout [ 127.673065][ T6346] Bluetooth: hci2: command 0x0c1a tx timeout [ 127.682583][ T6264] Bluetooth: hci1: command 0x0c1a tx timeout [ 127.745476][ T6264] Bluetooth: hci3: command 0x0c1a tx timeout [ 132.807880][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.814469][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.830216][ T6479] kexec: Could not allocate control_code_buffer [ 133.413524][ T6264] Bluetooth: hci0: unexpected subevent 0x01 length: 4 < 18 [ 133.592604][ T30] audit: type=1800 audit(6048727424.248:3): pid=6499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.88" name="dbroot" dev="configfs" ino=8884 res=0 errno=0 [ 134.322837][ T6508] FAULT_INJECTION: forcing a failure. [ 134.322837][ T6508] name failslab, interval 1, probability 0, space 0, times 0 [ 134.379197][ T6508] CPU: 0 UID: 0 PID: 6508 Comm: syz.0.89 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 134.379232][ T6508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 134.379246][ T6508] Call Trace: [ 134.379255][ T6508] [ 134.379265][ T6508] dump_stack_lvl+0x16c/0x1f0 [ 134.379303][ T6508] should_fail_ex+0x512/0x640 [ 134.379335][ T6508] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 134.379367][ T6508] should_failslab+0xc2/0x120 [ 134.379399][ T6508] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 134.379428][ T6508] ? sk_prot_alloc+0x60/0x2a0 [ 134.379457][ T6508] sk_prot_alloc+0x60/0x2a0 [ 134.379483][ T6508] sk_alloc+0x36/0xc20 [ 134.379516][ T6508] tipc_sk_create+0xcf/0x21a0 [ 134.379550][ T6508] ? find_held_lock+0x2b/0x80 [ 134.379579][ T6508] ? __sock_create+0x2f2/0x8d0 [ 134.379610][ T6508] __sock_create+0x335/0x8d0 [ 134.379644][ T6508] __sys_socket+0x14d/0x260 [ 134.379672][ T6508] ? __pfx___sys_socket+0x10/0x10 [ 134.379700][ T6508] ? xfd_validate_state+0x61/0x180 [ 134.379745][ T6508] __x64_sys_socket+0x72/0xb0 [ 134.379770][ T6508] ? lockdep_hardirqs_on+0x7c/0x110 [ 134.379800][ T6508] do_syscall_64+0xcd/0x490 [ 134.379835][ T6508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.379860][ T6508] RIP: 0033:0x7f66ef78e9a9 [ 134.379881][ T6508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.379903][ T6508] RSP: 002b:00007f66ed5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 134.379927][ T6508] RAX: ffffffffffffffda RBX: 00007f66ef9b6160 RCX: 00007f66ef78e9a9 [ 134.379944][ T6508] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e [ 134.379958][ T6508] RBP: 00007f66ef810d69 R08: 0000000000000000 R09: 0000000000000000 [ 134.379973][ T6508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.379987][ T6508] R13: 0000000000000000 R14: 00007f66ef9b6160 R15: 00007ffc9b63d8f8 [ 134.380021][ T6508] [ 137.828934][ T30] audit: type=1326 audit(6048727428.558:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6552 comm="syz.1.100" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f80c838e9a9 code=0x0 [ 138.411186][ T6570] netlink: 'syz.0.102': attribute type 11 has an invalid length. [ 138.451075][ T6570] netlink: 'syz.0.102': attribute type 11 has an invalid length. [ 138.481464][ T6570] netlink: 'syz.0.102': attribute type 11 has an invalid length. [ 138.720575][ T6575] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 138.720575][ T6575] The task syz.1.103 (6575) triggered the difference, watch for misbehavior. [ 138.856259][ T6577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x79c00 [ 138.950687][ T6577] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 138.959665][ T6577] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 138.967546][ T6577] page_type: f5(slab) [ 139.028059][ T6577] raw: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 139.081110][ T6577] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 139.112781][ T6577] head: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 139.123325][ T6577] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 139.135889][ T6577] head: 00fff00000000003 ffffea0001e70001 00000000ffffffff 00000000ffffffff [ 139.160336][ T6577] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 139.313530][ T6577] page dumped because: unmovable page [ 139.402106][ T6577] page_owner tracks the page as allocated [ 139.452632][ T6577] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5219, tgid 5219 (udevd), ts 137935242479, free_ts 137316048507 [ 139.563651][ T6577] post_alloc_hook+0x1c0/0x230 [ 139.632785][ T6577] get_page_from_freelist+0x1321/0x3890 [ 139.641379][ T6577] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 139.656656][ T6577] alloc_pages_mpol+0x1fb/0x550 [ 139.674209][ T6577] new_slab+0x23b/0x330 [ 139.681434][ T6577] ___slab_alloc+0xd9c/0x1940 [ 139.896503][ T6577] __slab_alloc.constprop.0+0x56/0xb0 [ 139.901905][ T6577] __kmalloc_noprof+0x2f2/0x510 [ 140.073034][ T6577] tomoyo_realpath_from_path+0xc2/0x6e0 [ 140.099247][ T6577] tomoyo_check_open_permission+0x2ab/0x3c0 [ 140.462732][ T6577] tomoyo_file_open+0x6b/0x90 [ 140.467461][ T6577] security_file_open+0x84/0x1e0 [ 140.582786][ T6577] do_dentry_open+0x596/0x1c10 [ 140.605215][ T6577] vfs_open+0x82/0x3f0 [ 140.609329][ T6577] path_openat+0x1de4/0x2cb0 [ 140.682999][ T6577] do_filp_open+0x20b/0x470 [ 140.812612][ T6577] page last free pid 6552 tgid 6552 stack trace: [ 140.824987][ T6577] __free_frozen_pages+0x7fe/0x1180 [ 140.830206][ T6577] __put_partials+0x16d/0x1c0 [ 140.849129][ T6577] qlist_free_all+0x4d/0x120 [ 140.862702][ T6577] kasan_quarantine_reduce+0x195/0x1e0 [ 140.868173][ T6577] __kasan_slab_alloc+0x69/0x90 [ 140.881415][ T6577] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 140.902674][ T6577] jbd2__journal_start+0x193/0x6a0 [ 140.910050][ T6577] __ext4_journal_start_sb+0x195/0x690 [ 140.972920][ T6577] ext4_dirty_inode+0xa1/0x130 [ 141.016843][ T6577] __mark_inode_dirty+0x1ee/0xe50 [ 141.095784][ T6577] generic_update_time+0xcf/0xf0 [ 141.172899][ T6577] file_update_time+0x17d/0x1c0 [ 141.196994][ T6577] ext4_page_mkwrite+0x35e/0x1760 [ 141.243038][ T6577] do_page_mkwrite+0x171/0x380 [ 141.268749][ T6577] __handle_mm_fault+0x3829/0x5490 [ 141.320887][ T6577] handle_mm_fault+0x589/0xd10 [ 143.066472][ T6618] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 143.138742][ T6618] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 143.173600][ T6618] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 143.179622][ T6618] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 143.515852][ T6611] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 143.878657][ T6631] netlink: 330 bytes leftover after parsing attributes in process `syz.1.111'. [ 144.286810][ T6631] ›: renamed from hsr0 (while UP) [ 144.689197][ T6346] Bluetooth: hci0: command 0x0c1a tx timeout [ 145.242632][ T6346] Bluetooth: hci3: command 0x0c1a tx timeout [ 145.248678][ T6346] Bluetooth: hci2: command 0x0c1a tx timeout [ 145.255490][ T6264] Bluetooth: hci1: command 0x0c1a tx timeout [ 146.419514][ T6626] delete_channel: no stack [ 147.892743][ T6670] ICMPv6: process `syz.2.119' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 149.152342][ T6667] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 150.439395][ T6698] FAULT_INJECTION: forcing a failure. [ 150.439395][ T6698] name failslab, interval 1, probability 0, space 0, times 0 [ 150.461362][ T6698] CPU: 1 UID: 0 PID: 6698 Comm: syz.2.130 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 150.461383][ T6698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 150.461392][ T6698] Call Trace: [ 150.461397][ T6698] [ 150.461403][ T6698] dump_stack_lvl+0x16c/0x1f0 [ 150.461427][ T6698] should_fail_ex+0x512/0x640 [ 150.461447][ T6698] ? __kmalloc_noprof+0xbf/0x510 [ 150.461465][ T6698] ? devlink_fmsg_put_name+0xf0/0x3f0 [ 150.461486][ T6698] should_failslab+0xc2/0x120 [ 150.461504][ T6698] __kmalloc_noprof+0xd2/0x510 [ 150.461526][ T6698] devlink_fmsg_put_name+0xf0/0x3f0 [ 150.461550][ T6698] devlink_fmsg_u8_pair_put+0xff/0x2f0 [ 150.461566][ T6698] ? __pfx_devlink_fmsg_u8_pair_put+0x10/0x10 [ 150.461580][ T6698] ? __kasan_kmalloc+0x40/0xb0 [ 150.461595][ T6698] ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0 [ 150.461620][ T6698] nsim_dev_dummy_fmsg_put+0xf8/0x1e0 [ 150.461636][ T6698] devlink_health_do_dump+0x240/0x620 [ 150.461653][ T6698] devlink_health_report+0x3c9/0x9c0 [ 150.461670][ T6698] ? __pfx_devlink_health_report+0x10/0x10 [ 150.461685][ T6698] ? _copy_from_user+0x59/0xd0 [ 150.461707][ T6698] nsim_dev_health_break_write+0x166/0x210 [ 150.461722][ T6698] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 150.461742][ T6698] full_proxy_write+0x13c/0x200 [ 150.461760][ T6698] ? __pfx_full_proxy_write+0x10/0x10 [ 150.461776][ T6698] vfs_write+0x2a0/0x1150 [ 150.461793][ T6698] ? __pfx___mutex_lock+0x10/0x10 [ 150.461823][ T6698] ? __pfx_vfs_write+0x10/0x10 [ 150.461844][ T6698] ? __fget_files+0x20e/0x3c0 [ 150.461864][ T6698] ksys_write+0x12a/0x250 [ 150.461879][ T6698] ? __pfx_ksys_write+0x10/0x10 [ 150.461899][ T6698] do_syscall_64+0xcd/0x490 [ 150.461919][ T6698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.461933][ T6698] RIP: 0033:0x7fecfb58e9a9 [ 150.461945][ T6698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.461959][ T6698] RSP: 002b:00007fecf93f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 150.461973][ T6698] RAX: ffffffffffffffda RBX: 00007fecfb7b5fa0 RCX: 00007fecfb58e9a9 [ 150.461982][ T6698] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 150.461990][ T6698] RBP: 00007fecfb610d69 R08: 0000000000000000 R09: 0000000000000000 [ 150.461998][ T6698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.462005][ T6698] R13: 0000000000000000 R14: 00007fecfb7b5fa0 R15: 00007ffc97135c48 [ 150.462025][ T6698] [ 150.895013][ T6704] bridge0: port 3(team0) entered blocking state [ 150.908080][ T6704] bridge0: port 3(team0) entered disabled state [ 150.937513][ T6704] team0: entered allmulticast mode [ 150.942787][ T6704] team_slave_0: entered allmulticast mode [ 150.949172][ T6704] team_slave_1: entered allmulticast mode [ 150.956389][ T6704] team0: entered promiscuous mode [ 150.961417][ T6704] team_slave_0: entered promiscuous mode [ 150.967570][ T6704] team_slave_1: entered promiscuous mode [ 150.979044][ T6704] bridge0: port 3(team0) entered blocking state [ 150.985556][ T6704] bridge0: port 3(team0) entered forwarding state [ 151.114282][ T6701] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 151.120554][ T6701] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 151.126832][ T6701] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 151.184322][ T6701] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 151.569699][ T30] audit: type=1400 audit(6048727442.298:5): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=6715 comm="syz.3.127" [ 151.676299][ T6714] FAULT_INJECTION: forcing a failure. [ 151.676299][ T6714] name failslab, interval 1, probability 0, space 0, times 0 [ 151.689051][ T6714] CPU: 1 UID: 0 PID: 6714 Comm: syz.2.126 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 151.689072][ T6714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 151.689081][ T6714] Call Trace: [ 151.689086][ T6714] [ 151.689092][ T6714] dump_stack_lvl+0x16c/0x1f0 [ 151.689114][ T6714] should_fail_ex+0x512/0x640 [ 151.689133][ T6714] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 151.689150][ T6714] should_failslab+0xc2/0x120 [ 151.689168][ T6714] __kmalloc_cache_noprof+0x6a/0x3e0 [ 151.689183][ T6714] ? devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 151.689208][ T6714] devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 151.689232][ T6714] devlink_fmsg_arr_pair_nest_start+0x109/0x130 [ 151.689248][ T6714] nsim_dev_dummy_fmsg_put+0x11f/0x1e0 [ 151.689264][ T6714] devlink_health_do_dump+0x240/0x620 [ 151.689280][ T6714] devlink_health_report+0x3c9/0x9c0 [ 151.689298][ T6714] ? __pfx_devlink_health_report+0x10/0x10 [ 151.689313][ T6714] ? _copy_from_user+0x59/0xd0 [ 151.689335][ T6714] nsim_dev_health_break_write+0x166/0x210 [ 151.689350][ T6714] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 151.689371][ T6714] full_proxy_write+0x13c/0x200 [ 151.689389][ T6714] ? __pfx_full_proxy_write+0x10/0x10 [ 151.689404][ T6714] vfs_write+0x2a0/0x1150 [ 151.689422][ T6714] ? __pfx___mutex_lock+0x10/0x10 [ 151.689440][ T6714] ? __pfx_vfs_write+0x10/0x10 [ 151.689460][ T6714] ? __fget_files+0x20e/0x3c0 [ 151.689479][ T6714] ksys_write+0x12a/0x250 [ 151.689494][ T6714] ? __pfx_ksys_write+0x10/0x10 [ 151.689514][ T6714] do_syscall_64+0xcd/0x490 [ 151.689533][ T6714] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.689549][ T6714] RIP: 0033:0x7fecfb58e9a9 [ 151.689561][ T6714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.689574][ T6714] RSP: 002b:00007fecf93f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 151.689588][ T6714] RAX: ffffffffffffffda RBX: 00007fecfb7b5fa0 RCX: 00007fecfb58e9a9 [ 151.689598][ T6714] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 151.689607][ T6714] RBP: 00007fecfb610d69 R08: 0000000000000000 R09: 0000000000000000 [ 151.689616][ T6714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.689624][ T6714] R13: 0000000000000000 R14: 00007fecfb7b5fa0 R15: 00007ffc97135c48 [ 151.689642][ T6714] [ 153.082925][ T6346] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.162846][ T6270] Bluetooth: hci1: command 0x0c1a tx timeout [ 153.168882][ T6346] Bluetooth: hci2: command 0x0c1a tx timeout [ 153.245835][ T6346] Bluetooth: hci3: command 0x0c1a tx timeout [ 153.777294][ T6738] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 153.790433][ T6738] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 153.798643][ T6738] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 153.798782][ T6738] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 154.041287][ T6751] bridge0: port 3(team0) entered blocking state [ 154.047856][ T6751] bridge0: port 3(team0) entered disabled state [ 154.054325][ T6751] team0: entered allmulticast mode [ 154.059432][ T6751] team_slave_0: entered allmulticast mode [ 154.070375][ T6751] team_slave_1: entered allmulticast mode [ 154.133741][ T6751] team0: entered promiscuous mode [ 154.147868][ T6751] team_slave_0: entered promiscuous mode [ 154.170984][ T6751] team_slave_1: entered promiscuous mode [ 154.215211][ T6751] bridge0: port 3(team0) entered blocking state [ 154.221615][ T6751] bridge0: port 3(team0) entered forwarding state [ 154.230247][ T6752] FAULT_INJECTION: forcing a failure. [ 154.230247][ T6752] name failslab, interval 1, probability 0, space 0, times 0 [ 154.254866][ T6752] CPU: 0 UID: 0 PID: 6752 Comm: syz.2.134 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 154.254902][ T6752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 154.254917][ T6752] Call Trace: [ 154.254925][ T6752] [ 154.254934][ T6752] dump_stack_lvl+0x16c/0x1f0 [ 154.254972][ T6752] should_fail_ex+0x512/0x640 [ 154.255004][ T6752] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 154.255032][ T6752] should_failslab+0xc2/0x120 [ 154.255063][ T6752] __kmalloc_cache_noprof+0x6a/0x3e0 [ 154.255089][ T6752] ? devlink_fmsg_u8_pair_put+0x225/0x2f0 [ 154.255113][ T6752] ? devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 154.255159][ T6752] devlink_fmsg_nest_common.part.0+0x48/0x1e0 [ 154.255213][ T6752] devlink_fmsg_obj_nest_end+0xa2/0xc0 [ 154.255240][ T6752] nsim_dev_dummy_fmsg_put+0x100/0x1e0 [ 154.255268][ T6752] devlink_health_do_dump+0x240/0x620 [ 154.255300][ T6752] devlink_health_report+0x3c9/0x9c0 [ 154.255332][ T6752] ? __pfx_devlink_health_report+0x10/0x10 [ 154.255359][ T6752] ? _copy_from_user+0x59/0xd0 [ 154.255405][ T6752] nsim_dev_health_break_write+0x166/0x210 [ 154.255432][ T6752] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 154.255471][ T6752] full_proxy_write+0x13c/0x200 [ 154.255505][ T6752] ? __pfx_full_proxy_write+0x10/0x10 [ 154.255533][ T6752] vfs_write+0x2a0/0x1150 [ 154.255565][ T6752] ? __pfx___mutex_lock+0x10/0x10 [ 154.255598][ T6752] ? __pfx_vfs_write+0x10/0x10 [ 154.255635][ T6752] ? __fget_files+0x20e/0x3c0 [ 154.255671][ T6752] ksys_write+0x12a/0x250 [ 154.255697][ T6752] ? __pfx_ksys_write+0x10/0x10 [ 154.255736][ T6752] do_syscall_64+0xcd/0x490 [ 154.255773][ T6752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.255799][ T6752] RIP: 0033:0x7fecfb58e9a9 [ 154.255820][ T6752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.255842][ T6752] RSP: 002b:00007fecf93f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 154.255867][ T6752] RAX: ffffffffffffffda RBX: 00007fecfb7b5fa0 RCX: 00007fecfb58e9a9 [ 154.255884][ T6752] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 154.255900][ T6752] RBP: 00007fecfb610d69 R08: 0000000000000000 R09: 0000000000000000 [ 154.255915][ T6752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.255930][ T6752] R13: 0000000000000000 R14: 00007fecfb7b5fa0 R15: 00007ffc97135c48 [ 154.255967][ T6752] [ 154.500503][ C0] vkms_vblank_simulate: vblank timer overrun [ 155.420812][ T6762] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 155.428556][ T6762] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 155.435479][ T6762] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 155.442928][ T6762] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 155.863076][ T6775] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 155.863076][ T6775] program syz.3.141 not setting count and/or reply_len properly [ 156.685475][ T6270] Bluetooth: hci0: command 0x0c1a tx timeout [ 157.497168][ T6270] Bluetooth: hci3: command 0x0c1a tx timeout [ 157.503988][ T6346] Bluetooth: hci2: command 0x0c1a tx timeout [ 157.509986][ T6346] Bluetooth: hci1: command 0x0c1a tx timeout [ 158.834143][ T6826] FAULT_INJECTION: forcing a failure. [ 158.834143][ T6826] name failslab, interval 1, probability 0, space 0, times 0 [ 158.893139][ T6826] CPU: 1 UID: 0 PID: 6826 Comm: syz.3.151 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 158.893173][ T6826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 158.893187][ T6826] Call Trace: [ 158.893196][ T6826] [ 158.893205][ T6826] dump_stack_lvl+0x16c/0x1f0 [ 158.893241][ T6826] should_fail_ex+0x512/0x640 [ 158.893272][ T6826] ? __kmalloc_noprof+0xbf/0x510 [ 158.893301][ T6826] ? devlink_fmsg_put_name+0xf0/0x3f0 [ 158.893336][ T6826] should_failslab+0xc2/0x120 [ 158.893357][ T6826] __kmalloc_noprof+0xd2/0x510 [ 158.893377][ T6826] devlink_fmsg_put_name+0xf0/0x3f0 [ 158.893400][ T6826] devlink_fmsg_arr_pair_nest_start+0xad/0x130 [ 158.893416][ T6826] nsim_dev_dummy_fmsg_put+0x11f/0x1e0 [ 158.893432][ T6826] devlink_health_do_dump+0x240/0x620 [ 158.893449][ T6826] devlink_health_report+0x3c9/0x9c0 [ 158.893466][ T6826] ? __pfx_devlink_health_report+0x10/0x10 [ 158.893481][ T6826] ? _copy_from_user+0x59/0xd0 [ 158.893503][ T6826] nsim_dev_health_break_write+0x166/0x210 [ 158.893518][ T6826] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 158.893538][ T6826] full_proxy_write+0x13c/0x200 [ 158.893557][ T6826] ? __pfx_full_proxy_write+0x10/0x10 [ 158.893572][ T6826] vfs_write+0x2a0/0x1150 [ 158.893590][ T6826] ? __pfx___mutex_lock+0x10/0x10 [ 158.893608][ T6826] ? __pfx_vfs_write+0x10/0x10 [ 158.893628][ T6826] ? __fget_files+0x20e/0x3c0 [ 158.893648][ T6826] ksys_write+0x12a/0x250 [ 158.893662][ T6826] ? __pfx_ksys_write+0x10/0x10 [ 158.893682][ T6826] do_syscall_64+0xcd/0x490 [ 158.893706][ T6826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.893727][ T6826] RIP: 0033:0x7fe3a338e9a9 [ 158.893740][ T6826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.893754][ T6826] RSP: 002b:00007fe3a42a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 158.893768][ T6826] RAX: ffffffffffffffda RBX: 00007fe3a35b5fa0 RCX: 00007fe3a338e9a9 [ 158.893777][ T6826] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 158.893786][ T6826] RBP: 00007fe3a3410d69 R08: 0000000000000000 R09: 0000000000000000 [ 158.893794][ T6826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.893803][ T6826] R13: 0000000000000000 R14: 00007fe3a35b5fa0 R15: 00007ffe9d35c758 [ 158.893822][ T6826] [ 159.456721][ T6840] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 159.456721][ T6840] program syz.0.153 not setting count and/or reply_len properly [ 160.867863][ T6869] netlink: 'syz.2.160': attribute type 11 has an invalid length. [ 160.875686][ T6869] netlink: 'syz.2.160': attribute type 11 has an invalid length. [ 160.920235][ T6869] netlink: 'syz.2.160': attribute type 11 has an invalid length. [ 161.264602][ T6871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x79c08 [ 161.282657][ T6871] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 161.291238][ T6871] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 161.299412][ T6871] page_type: f5(slab) [ 161.303733][ T6871] raw: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 161.321242][ T6871] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 161.412709][ T6871] head: 00fff00000000040 ffff88801b842140 dead000000000122 0000000000000000 [ 161.462212][ T6871] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 161.482589][ T6871] head: 00fff00000000003 ffffea0001e70201 00000000ffffffff 00000000ffffffff [ 161.501567][ T6871] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 161.510684][ T6871] page dumped because: unmovable page [ 161.531229][ T6871] page_owner tracks the page as allocated [ 161.544664][ T6871] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6145, tgid 6145 (udevd), ts 155423363848, free_ts 155384124321 [ 161.570100][ T6871] post_alloc_hook+0x1c0/0x230 [ 161.575032][ T6871] get_page_from_freelist+0x1321/0x3890 [ 161.590190][ T6871] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 161.596600][ T6871] alloc_pages_mpol+0x1fb/0x550 [ 161.617256][ T6871] new_slab+0x23b/0x330 [ 161.642284][ T6871] ___slab_alloc+0xd9c/0x1940 [ 161.663508][ T6871] __slab_alloc.constprop.0+0x56/0xb0 [ 161.685673][ T6871] __kmalloc_noprof+0x2f2/0x510 [ 161.695809][ T6871] tomoyo_realpath_from_path+0xc2/0x6e0 [ 161.709470][ T6871] tomoyo_path_perm+0x274/0x460 [ 161.755724][ T6871] security_inode_getattr+0x116/0x290 [ 161.763717][ T6871] vfs_fstat+0x4b/0xe0 [ 161.771394][ T6871] __do_sys_newfstat+0x87/0x100 [ 161.818301][ T6871] do_syscall_64+0xcd/0x490 [ 161.823264][ T6871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.829262][ T6871] page last free pid 5219 tgid 5219 stack trace: [ 161.836471][ T6871] __free_frozen_pages+0x7fe/0x1180 [ 161.878968][ T6871] __put_partials+0x16d/0x1c0 [ 161.889451][ T6871] qlist_free_all+0x4d/0x120 [ 161.918728][ T6871] kasan_quarantine_reduce+0x195/0x1e0 [ 161.992085][ T6871] __kasan_slab_alloc+0x69/0x90 [ 161.992120][ T6871] __kmalloc_noprof+0x1d4/0x510 [ 161.992137][ T6871] tomoyo_realpath_from_path+0xc2/0x6e0 [ 161.992154][ T6871] tomoyo_path_perm+0x274/0x460 [ 161.992174][ T6871] security_inode_getattr+0x116/0x290 [ 161.992196][ T6871] vfs_fstat+0x4b/0xe0 [ 161.992214][ T6871] __do_sys_newfstat+0x87/0x100 [ 161.992233][ T6871] do_syscall_64+0xcd/0x490 [ 161.992252][ T6871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.005498][ T6897] netlink: 8 bytes leftover after parsing attributes in process `syz.0.164'. [ 163.956580][ T6894] netlink: 28 bytes leftover after parsing attributes in process `syz.2.165'. [ 164.016169][ T6894] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.059055][ T6894] bridge_slave_1 (unregistering): left allmulticast mode [ 164.066912][ T6894] bridge_slave_1 (unregistering): left promiscuous mode [ 164.075119][ T6894] bridge0: port 2(bridge_slave_1) entered disabled state [ 164.112844][ T6920] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 164.112844][ T6920] program syz.3.170 not setting count and/or reply_len properly [ 164.132453][ T6921] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 164.132453][ T6921] program syz.1.169 not setting count and/or reply_len properly [ 168.150576][ T6985] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 168.150576][ T6985] program syz.3.182 not setting count and/or reply_len properly [ 168.577591][ T6983] random: crng reseeded on system resumption [ 170.504297][ T7022] bridge0: port 3(team0) entered blocking state [ 170.510681][ T7022] bridge0: port 3(team0) entered disabled state [ 170.548437][ T7022] team0: entered allmulticast mode [ 170.603338][ T7022] team_slave_0: entered allmulticast mode [ 170.652944][ T7022] team_slave_1: entered allmulticast mode [ 170.691622][ T6996] delete_channel: no stack [ 170.700154][ T7022] team0: entered promiscuous mode [ 170.771922][ T7022] team_slave_0: entered promiscuous mode [ 170.788230][ T7022] team_slave_1: entered promiscuous mode [ 170.853741][ T7022] bridge0: port 3(team0) entered blocking state [ 170.860151][ T7022] bridge0: port 3(team0) entered forwarding state [ 171.242473][ T7029] FAULT_INJECTION: forcing a failure. [ 171.242473][ T7029] name failslab, interval 1, probability 0, space 0, times 0 [ 171.259882][ T7029] CPU: 0 UID: 0 PID: 7029 Comm: syz.1.188 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 171.259902][ T7029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 171.259910][ T7029] Call Trace: [ 171.259916][ T7029] [ 171.259922][ T7029] dump_stack_lvl+0x16c/0x1f0 [ 171.259945][ T7029] should_fail_ex+0x512/0x640 [ 171.259963][ T7029] ? __kmalloc_noprof+0xbf/0x510 [ 171.259980][ T7029] ? devlink_fmsg_put_name+0xf0/0x3f0 [ 171.260001][ T7029] should_failslab+0xc2/0x120 [ 171.260019][ T7029] __kmalloc_noprof+0xd2/0x510 [ 171.260039][ T7029] devlink_fmsg_put_name+0xf0/0x3f0 [ 171.260061][ T7029] devlink_fmsg_u8_pair_put+0xff/0x2f0 [ 171.260075][ T7029] ? __pfx_devlink_fmsg_u8_pair_put+0x10/0x10 [ 171.260089][ T7029] ? __kasan_kmalloc+0x40/0xb0 [ 171.260104][ T7029] ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0 [ 171.260129][ T7029] nsim_dev_dummy_fmsg_put+0xf8/0x1e0 [ 171.260145][ T7029] devlink_health_do_dump+0x240/0x620 [ 171.260162][ T7029] devlink_health_report+0x3c9/0x9c0 [ 171.260179][ T7029] ? __pfx_devlink_health_report+0x10/0x10 [ 171.260194][ T7029] ? _copy_from_user+0x59/0xd0 [ 171.260215][ T7029] nsim_dev_health_break_write+0x166/0x210 [ 171.260230][ T7029] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 171.260250][ T7029] full_proxy_write+0x13c/0x200 [ 171.260268][ T7029] ? __pfx_full_proxy_write+0x10/0x10 [ 171.260283][ T7029] vfs_write+0x2a0/0x1150 [ 171.260301][ T7029] ? __pfx___mutex_lock+0x10/0x10 [ 171.260319][ T7029] ? __pfx_vfs_write+0x10/0x10 [ 171.260339][ T7029] ? __fget_files+0x20e/0x3c0 [ 171.260358][ T7029] ksys_write+0x12a/0x250 [ 171.260372][ T7029] ? __pfx_ksys_write+0x10/0x10 [ 171.260393][ T7029] do_syscall_64+0xcd/0x490 [ 171.260412][ T7029] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.260426][ T7029] RIP: 0033:0x7f80c838e9a9 [ 171.260438][ T7029] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.260451][ T7029] RSP: 002b:00007f80c9177038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 171.260464][ T7029] RAX: ffffffffffffffda RBX: 00007f80c85b5fa0 RCX: 00007f80c838e9a9 [ 171.260474][ T7029] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000007 [ 171.260481][ T7029] RBP: 00007f80c8410d69 R08: 0000000000000000 R09: 0000000000000000 [ 171.260489][ T7029] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.260497][ T7029] R13: 0000000000000000 R14: 00007f80c85b5fa0 R15: 00007ffd2ac13c48 [ 171.260515][ T7029] [ 172.160939][ T7043] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 172.160939][ T7043] program syz.1.193 not setting count and/or reply_len properly [ 172.397497][ T7050] vivid-007: ================= START STATUS ================= [ 172.432801][ T7050] vivid-007: Generate PTS: true [ 172.440655][ T7050] vivid-007: Generate SCR: true [ 172.455743][ T7050] tpg source WxH: 320x240 (Y'CbCr) [ 172.469826][ T7050] tpg field: 1 [ 172.498993][ T7050] tpg crop: (0,0)/320x240 [ 172.509666][ T7050] tpg compose: (0,0)/320x240 [ 172.518982][ T7050] tpg colorspace: 8 [ 172.527458][ T7050] tpg transfer function: 0/0 [ 172.557151][ T7050] tpg Y'CbCr encoding: 0/0 [ 172.648400][ T7050] tpg quantization: 0/0 [ 172.702420][ T7050] tpg RGB range: 0/2 [ 172.707601][ T7050] vivid-007: ================== END STATUS ================== [ 174.449531][ T7072] FAULT_INJECTION: forcing a failure. [ 174.449531][ T7072] name failslab, interval 1, probability 0, space 0, times 0 [ 174.462408][ T7072] CPU: 1 UID: 0 PID: 7072 Comm: syz.0.207 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 174.462443][ T7072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 174.462457][ T7072] Call Trace: [ 174.462466][ T7072] [ 174.462475][ T7072] dump_stack_lvl+0x16c/0x1f0 [ 174.462517][ T7072] should_fail_ex+0x512/0x640 [ 174.462548][ T7072] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 174.462579][ T7072] should_failslab+0xc2/0x120 [ 174.462608][ T7072] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 174.462634][ T7072] ? __proc_create+0xc3/0x8e0 [ 174.462664][ T7072] ? __proc_create+0x2ce/0x8e0 [ 174.462702][ T7072] __proc_create+0x2ce/0x8e0 [ 174.462735][ T7072] ? __pfx___proc_create+0x10/0x10 [ 174.462773][ T7072] ? _raw_write_unlock+0x28/0x50 [ 174.462802][ T7072] ? proc_register+0x314/0x5f0 [ 174.462838][ T7072] proc_create_reg+0x7d/0x180 [ 174.462875][ T7072] proc_create_data+0x86/0x110 [ 174.462907][ T7072] ? __pfx_proc_create_data+0x10/0x10 [ 174.462945][ T7072] ? cache_register_net+0x137/0x5e0 [ 174.462988][ T7072] cache_register_net+0x2d6/0x5e0 [ 174.463029][ T7072] ip_map_cache_create+0x8b/0x130 [ 174.463065][ T7072] ? __pfx_sunrpc_init_net+0x10/0x10 [ 174.463093][ T7072] sunrpc_init_net+0x55/0x190 [ 174.463124][ T7072] ops_init+0x1e2/0x5f0 [ 174.463164][ T7072] setup_net+0x1ff/0x510 [ 174.463205][ T7072] ? lockdep_init_map_type+0x5c/0x280 [ 174.463244][ T7072] ? __pfx_setup_net+0x10/0x10 [ 174.463283][ T7072] ? debug_mutex_init+0x37/0x70 [ 174.463314][ T7072] copy_net_ns+0x2a6/0x5f0 [ 174.463342][ T7072] create_new_namespaces+0x3ea/0xa90 [ 174.463380][ T7072] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 174.463414][ T7072] ksys_unshare+0x45b/0xa40 [ 174.463449][ T7072] ? __pfx_ksys_unshare+0x10/0x10 [ 174.463485][ T7072] ? xfd_validate_state+0x61/0x180 [ 174.463530][ T7072] __x64_sys_unshare+0x31/0x40 [ 174.463564][ T7072] do_syscall_64+0xcd/0x490 [ 174.463599][ T7072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.463625][ T7072] RIP: 0033:0x7f66ef78e9a9 [ 174.463645][ T7072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.463668][ T7072] RSP: 002b:00007f66f0513038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 174.463692][ T7072] RAX: ffffffffffffffda RBX: 00007f66ef9b5fa0 RCX: 00007f66ef78e9a9 [ 174.463709][ T7072] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 174.463725][ T7072] RBP: 00007f66ef810d69 R08: 0000000000000000 R09: 0000000000000000 [ 174.463741][ T7072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.463756][ T7072] R13: 0000000000000000 R14: 00007f66ef9b5fa0 R15: 00007ffc9b63d8f8 [ 174.463791][ T7072] [ 175.910206][ T7102] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 175.910206][ T7102] program syz.3.203 not setting count and/or reply_len properly [ 176.058151][ T7075] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 178.554728][ T7115] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 178.934867][ T7155] sg_write: data in/out 589824/1 bytes for SCSI command 0x7b-- guessing data in; [ 178.934867][ T7155] program syz.2.212 not setting count and/or reply_len properly [ 179.546302][ T7154] netlink: 8 bytes leftover after parsing attributes in process `syz.3.215'. [ 180.323439][ T7172] [ 180.325816][ T7172] ====================================================== [ 180.332848][ T7172] WARNING: possible circular locking dependency detected [ 180.339872][ T7172] 6.16.0-syzkaller-00857-gced1b9e0392d #0 Not tainted [ 180.346626][ T7172] ------------------------------------------------------ [ 180.353632][ T7172] syz.3.217/7172 is trying to acquire lock: [ 180.359514][ T7172] ffff88802612ad28 (&q->elevator_lock){+.+.}-{4:4}, at: elevator_change+0x103/0x400 [ 180.368933][ T7172] [ 180.368933][ T7172] but task is already holding lock: [ 180.376289][ T7172] ffff88802612a7e8 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 180.387529][ T7172] [ 180.387529][ T7172] which lock already depends on the new lock. [ 180.387529][ T7172] [ 180.397922][ T7172] [ 180.397922][ T7172] the existing dependency chain (in reverse order) is: [ 180.406927][ T7172] [ 180.406927][ T7172] -> #3 (&q->q_usage_counter(io)#18){++++}-{0:0}: [ 180.415542][ T7172] blk_alloc_queue+0x619/0x760 [ 180.420848][ T7172] blk_mq_alloc_queue+0x172/0x280 [ 180.426401][ T7172] __blk_mq_alloc_disk+0x29/0x120 [ 180.431950][ T7172] loop_add+0x490/0xb70 [ 180.436631][ T7172] loop_init+0x164/0x270 [ 180.441394][ T7172] do_one_initcall+0x120/0x6e0 [ 180.446680][ T7172] kernel_init_freeable+0x5c2/0x900 [ 180.452400][ T7172] kernel_init+0x1c/0x2b0 [ 180.457257][ T7172] ret_from_fork+0x5d7/0x6f0 [ 180.462370][ T7172] ret_from_fork_asm+0x1a/0x30 [ 180.467658][ T7172] [ 180.467658][ T7172] -> #2 (fs_reclaim){+.+.}-{0:0}: [ 180.474871][ T7172] fs_reclaim_acquire+0x102/0x150 [ 180.480421][ T7172] prepare_alloc_pages+0x162/0x610 [ 180.486054][ T7172] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 180.492463][ T7172] __alloc_pages_noprof+0xb/0x1b0 [ 180.498010][ T7172] pcpu_populate_chunk+0x110/0xb00 [ 180.503639][ T7172] pcpu_alloc_noprof+0x86a/0x1470 [ 180.509177][ T7172] xt_percpu_counter_alloc+0x13e/0x1b0 [ 180.515152][ T7172] find_check_entry.constprop.0+0xbc/0x9b0 [ 180.521478][ T7172] translate_table+0xc98/0x1720 [ 180.526850][ T7172] ipt_register_table+0x102/0x430 [ 180.532395][ T7172] iptable_raw_table_init+0x63/0x90 [ 180.538116][ T7172] xt_find_table_lock+0x2e4/0x520 [ 180.543659][ T7172] xt_request_find_table_lock+0x28/0xf0 [ 180.549724][ T7172] get_info+0x190/0x610 [ 180.554393][ T7172] do_ipt_get_ctl+0x169/0xa10 [ 180.559588][ T7172] nf_getsockopt+0x79/0xe0 [ 180.564527][ T7172] ip_getsockopt+0x18c/0x1e0 [ 180.569636][ T7172] tcp_getsockopt+0x9e/0x100 [ 180.574745][ T7172] do_sock_getsockopt+0x34a/0x440 [ 180.580281][ T7172] __sys_getsockopt+0x123/0x1b0 [ 180.585654][ T7172] __x64_sys_getsockopt+0xbd/0x160 [ 180.591284][ T7172] do_syscall_64+0xcd/0x490 [ 180.596306][ T7172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.602715][ T7172] [ 180.602715][ T7172] -> #1 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 180.610445][ T7172] __mutex_lock+0x199/0xb90 [ 180.615469][ T7172] pcpu_alloc_noprof+0xb4c/0x1470 [ 180.621010][ T7172] sbitmap_init_node+0x2fd/0x770 [ 180.626459][ T7172] sbitmap_queue_init_node+0x41/0x560 [ 180.632344][ T7172] blk_mq_init_tags+0x12d/0x2b0 [ 180.637716][ T7172] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 180.643778][ T7172] blk_mq_init_sched+0x30c/0x610 [ 180.649247][ T7172] elevator_switch+0x1e1/0x7f0 [ 180.654533][ T7172] elevator_change+0x2ac/0x400 [ 180.659825][ T7172] elevator_set_default+0x2c4/0x360 [ 180.665545][ T7172] blk_register_queue+0x393/0x4f0 [ 180.671092][ T7172] __add_disk+0x74a/0xf00 [ 180.675935][ T7172] add_disk_fwnode+0x13f/0x5d0 [ 180.681213][ T7172] nbd_dev_add+0x783/0xbb0 [ 180.686148][ T7172] nbd_init+0x181/0x320 [ 180.690825][ T7172] do_one_initcall+0x120/0x6e0 [ 180.696104][ T7172] kernel_init_freeable+0x5c2/0x900 [ 180.701821][ T7172] kernel_init+0x1c/0x2b0 [ 180.706675][ T7172] ret_from_fork+0x5d7/0x6f0 [ 180.711787][ T7172] ret_from_fork_asm+0x1a/0x30 [ 180.717072][ T7172] [ 180.717072][ T7172] -> #0 (&q->elevator_lock){+.+.}-{4:4}: [ 180.724889][ T7172] __lock_acquire+0x126f/0x1c90 [ 180.730261][ T7172] lock_acquire+0x179/0x350 [ 180.735286][ T7172] __mutex_lock+0x199/0xb90 [ 180.740307][ T7172] elevator_change+0x103/0x400 [ 180.745592][ T7172] elv_iosched_store+0x2eb/0x3a0 [ 180.751054][ T7172] queue_attr_store+0x26b/0x310 [ 180.756425][ T7172] sysfs_kf_write+0xf2/0x150 [ 180.761527][ T7172] kernfs_fop_write_iter+0x354/0x510 [ 180.767336][ T7172] vfs_write+0x6c4/0x1150 [ 180.772181][ T7172] ksys_write+0x12a/0x250 [ 180.777021][ T7172] do_syscall_64+0xcd/0x490 [ 180.782044][ T7172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.788449][ T7172] [ 180.788449][ T7172] other info that might help us debug this: [ 180.788449][ T7172] [ 180.798662][ T7172] Chain exists of: [ 180.798662][ T7172] &q->elevator_lock --> fs_reclaim --> &q->q_usage_counter(io)#18 [ 180.798662][ T7172] [ 180.812400][ T7172] Possible unsafe locking scenario: [ 180.812400][ T7172] [ 180.819838][ T7172] CPU0 CPU1 [ 180.825188][ T7172] ---- ---- [ 180.830551][ T7172] lock(&q->q_usage_counter(io)#18); [ 180.835928][ T7172] lock(fs_reclaim); [ 180.842425][ T7172] lock(&q->q_usage_counter(io)#18); [ 180.850317][ T7172] lock(&q->elevator_lock); [ 180.854901][ T7172] [ 180.854901][ T7172] *** DEADLOCK *** [ 180.854901][ T7172] [ 180.863031][ T7172] 7 locks held by syz.3.217/7172: [ 180.868041][ T7172] #0: ffff8880300180f8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 180.877098][ T7172] #1: ffff8880341d2428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 180.886071][ T7172] #2: ffff88802c27f488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 180.895828][ T7172] #3: ffff888142f37878 (kn->active#105){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 180.905940][ T7172] #4: ffff888026135368 (&set->update_nr_hwq_lock){.+.+}-{4:4}, at: elv_iosched_store+0x337/0x3a0 [ 180.916566][ T7172] #5: ffff88802612a7e8 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 180.928235][ T7172] #6: ffff88802612a820 (&q->q_usage_counter(queue)#19){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 180.940160][ T7172] [ 180.940160][ T7172] stack backtrace: [ 180.946041][ T7172] CPU: 1 UID: 0 PID: 7172 Comm: syz.3.217 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 180.946065][ T7172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 180.946076][ T7172] Call Trace: [ 180.946083][ T7172] [ 180.946101][ T7172] dump_stack_lvl+0x116/0x1f0 [ 180.946128][ T7172] print_circular_bug+0x275/0x350 [ 180.946155][ T7172] check_noncircular+0x14c/0x170 [ 180.946183][ T7172] __lock_acquire+0x126f/0x1c90 [ 180.946214][ T7172] lock_acquire+0x179/0x350 [ 180.946238][ T7172] ? elevator_change+0x103/0x400 [ 180.946266][ T7172] ? __pfx___might_resched+0x10/0x10 [ 180.946290][ T7172] __mutex_lock+0x199/0xb90 [ 180.946314][ T7172] ? elevator_change+0x103/0x400 [ 180.946341][ T7172] ? elevator_change+0x103/0x400 [ 180.946367][ T7172] ? __pfx___mutex_lock+0x10/0x10 [ 180.946393][ T7172] ? blk_mq_cancel_work_sync+0xd8/0x110 [ 180.946415][ T7172] ? __pfx_blk_mq_cancel_work_sync+0x10/0x10 [ 180.946439][ T7172] ? elevator_change+0x103/0x400 [ 180.946465][ T7172] elevator_change+0x103/0x400 [ 180.946492][ T7172] elv_iosched_store+0x2eb/0x3a0 [ 180.946521][ T7172] ? __pfx_elv_iosched_store+0x10/0x10 [ 180.946553][ T7172] ? __mutex_trylock_common+0xe9/0x250 [ 180.946580][ T7172] ? __pfx_elv_iosched_store+0x10/0x10 [ 180.946608][ T7172] queue_attr_store+0x26b/0x310 [ 180.946632][ T7172] ? __pfx_queue_attr_store+0x10/0x10 [ 180.946653][ T7172] ? __lock_acquire+0x622/0x1c90 [ 180.946684][ T7172] ? find_held_lock+0x2b/0x80 [ 180.946704][ T7172] ? sysfs_file_kobj+0xe4/0x290 [ 180.946722][ T7172] ? __pfx_queue_attr_store+0x10/0x10 [ 180.946745][ T7172] sysfs_kf_write+0xf2/0x150 [ 180.946762][ T7172] kernfs_fop_write_iter+0x354/0x510 [ 180.946793][ T7172] ? __pfx_sysfs_kf_write+0x10/0x10 [ 180.946811][ T7172] vfs_write+0x6c4/0x1150 [ 180.946831][ T7172] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 180.946858][ T7172] ? __pfx___mutex_lock+0x10/0x10 [ 180.946881][ T7172] ? __pfx_vfs_write+0x10/0x10 [ 180.946907][ T7172] ksys_write+0x12a/0x250 [ 180.946925][ T7172] ? __pfx_ksys_write+0x10/0x10 [ 180.946947][ T7172] do_syscall_64+0xcd/0x490 [ 180.946972][ T7172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.946992][ T7172] RIP: 0033:0x7fe3a338e9a9 [ 180.947007][ T7172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.947024][ T7172] RSP: 002b:00007fe3a42a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 180.947041][ T7172] RAX: ffffffffffffffda RBX: 00007fe3a35b5fa0 RCX: 00007fe3a338e9a9 [ 180.947054][ T7172] RDX: 0000000000000081 RSI: 0000200000000140 RDI: 0000000000000003 [ 180.947065][ T7172] RBP: 00007fe3a3410d69 R08: 0000000000000000 R09: 0000000000000000 [ 180.947076][ T7172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.947087][ T7172] R13: 0000000000000000 R14: 00007fe3a35b5fa0 R15: 00007ffe9d35c758 [ 180.947104][ T7172]