last executing test programs: 22m11.14621264s ago: executing program 1 (id=379): unshare$auto(0x40000080) r0 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000840), 0x1, 0x0) writev$auto(r0, &(0x7f0000000940)={0x0, 0xb}, 0x3) futex$auto(0x0, 0x85, 0x104, 0x0, 0x0, 0x7fffffff) getrandom$auto(&(0x7f0000000140)='/dev/loop-control\x00', 0x3, 0x7f) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0xc0502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)) prctl$auto_PR_GET_SPECULATION_CTRL(0x34, 0x10, 0xffffffffffffffff, 0x8000, 0x8acb) write$auto(0xffffffffffffffff, 0x0, 0x7) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x20400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value_ptr=0x0, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925aa92857fd2f672f85343275f80841c6ca41e93023ab4510269ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c2"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0x980, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) 22m7.88693682s ago: executing program 1 (id=387): openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0c\x00', 0x200, 0x0) r0 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x40000, 0x0) listen$auto(r0, 0x611e) poll$auto(0x0, 0x6, 0x8) r1 = socketpair$auto(0x20, 0x5, 0x4000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioperm$auto(0x7, 0x6, 0x2) ioperm$auto(0x8000000000000001, 0x5, 0x6) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x4004000000000, 0xe983, 0x7, 0xeb1, r1, 0x8000) mmap$auto(0xffffffffffffffff, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x100000001) mmap$auto(0x0, 0x2020009, 0x3, 0x14, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20003, 0xffff, 0xeb4, 0x405, 0x7ffc) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x4, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) read$auto(0xffffffffffffffff, 0x0, 0x0) msgsnd$auto(0x1, 0x0, 0x2000, 0x800) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x22400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x6, 0x0, 0x3, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value_ptr=0x0, "528d458095d42b72adda0cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925aa92857fd2f672f85343275f8080000ca41e93023ab4510269ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c2"}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2a, 0x6, 0x84) socket(0xa, 0x2, 0x0) socket(0xa, 0x3, 0x6) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x2, 0xb375, 0x0) mq_timedreceive$auto(0x8, 0x0, 0xfffffffd, 0x0, 0x0) mq_timedsend$auto(0x8, 0x0, 0x2000, 0x4c, 0x0) 22m7.403055393s ago: executing program 1 (id=390): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket(0x2, 0x1, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x2, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/arch_status\x00', 0x40000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x280, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ram4\x00', 0x62000, 0x0) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_cpumask\x00', 0x8042, 0x0) mmap$auto(0x0, 0xe984, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/auth.unix.gid/content\x00', 0x20000, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty0\x00', 0xb5604749e0ec6176, 0x0) socket$nl_generic(0x10, 0x3, 0x10) inotify_init1$auto(0x3000000000000) socket(0xa, 0x2, 0x3a) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x9, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80106f53, r0) 22m7.043444435s ago: executing program 1 (id=392): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TIPC_NL_NODE_GET(r0, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000040)={0x164, 0x0, 0x20, 0x70bd2a, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x14f, 0x1, 0x0, 0x1, [@typed={0xc, 0x148, 0x0, 0x0, @u64=0xe}, @generic="e0290544a8f5dfa7373d4f4cbb0cb056ce50f46f7c486f5cf3f39d23bfea214bb4327b091e070f5e9b06ad0a89ba181e", @typed={0x8, 0x38, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x8, 0x8f, 0x0, 0x0, @fd}, @generic="87d175423e12e746c3e682732476551f4cc96aa61d0a78dab27d6feb8d2cc5d3bd674a97023e2ece5d5b0bcf650b7b8efcab6136e49d3063fd71913b44d892bf23f66cf0df0414b10d9937af8fd0b8402ad5b17422b1def4d51906722fbad4593088d5714e1cc5f7140cd8797775635e9b09e30c51e38f08dc5e210eaf8e61c7fe01ab3bdb8837a7c965a755e1bc912955673d3e0d4af99ae136bb792d7a508a2ed314bbf725c5df25f95adbbd4ca701e2a768d26163f8c9db6b67921e305356d363f51b6b541c2b4b2a993840d1ac6d8fc8c8050318d9e3a7ca109f1011d54081dd8ddc6a60a5d558c867a3c4899acc4654ea7d5dead3475e8f9edef8a71e"]}]}, 0x164}, 0x1, 0x0, 0x0, 0x8100}, 0x44) (async) select$auto(0x1ff, &(0x7f0000000240)={[0x0, 0x10001, 0xffffffff, 0x7, 0x5, 0x4, 0x3, 0x3, 0x2530930e, 0xff, 0x9, 0x0, 0xc1a, 0xffffffffffffffdd, 0x7fffffff, 0x8000000000000000]}, &(0x7f00000002c0)={[0x5, 0x8001, 0xffffffffffff6557, 0x46c, 0x1, 0x8, 0x200, 0x5, 0x4, 0x7, 0x40, 0x6, 0xfffffffffffffffb, 0x9, 0x100000001, 0x5]}, &(0x7f0000000340)={[0x10001, 0xf, 0x7, 0x1, 0x7, 0x100000001, 0x3, 0xfffffffffffffffd, 0x6, 0xffffffffffff192c, 0xffffffffffff1c0b, 0x7, 0x4, 0x2, 0x1, 0x800000000]}, &(0x7f00000003c0)={0x5, 0xf7d6}) (async) r1 = eventfd2$auto(0xe588, 0x7) write$auto_fops_u32_ro_(r1, &(0x7f0000000400)="1baeb0d7e58a2789b24b3135fc0fa62da5", 0x11) (async) r2 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000480), r1) r3 = syz_open_procfs$namespace(0x0, &(0x7f00000004c0)='ns/mnt\x00') shmctl$auto_IPC_STAT(0x10, 0x2, &(0x7f00000005c0)={{0x0, 0xee01, 0xee01, 0x853, 0x5, 0xa13a, 0x9}, 0x7, 0x5, 0x4, 0x8000, @inferred, @raw=0xe, 0x8, 0x0, &(0x7f0000000500)="ba44a1be51093602d27fee6f17a4f7d59e8eef0d476dcd7bb7d3e57ce3d79eebdcb1798a4ba384cf1fe574cb3a1a575b1dc92d530ae1", &(0x7f0000000540)="e15332f119242deed282f3d92913bf0062a0a3effb90fdd667cdf9c9144fb8a76ba9d0e74fb25cb8f271ee0154673b3c54f4ac967c0ce50e2212fba65288f1c1209ea7d1cd62f1ae6fd4ff4898a33b6c4cc3c82c9ef25ceb4271d5e39747de4f02d47f3185ec"}) (async) ioctl$auto_BLKTRACESETUP32(r1, 0xc0401273, &(0x7f0000000640)={"4ff1e303ed11d44fca600ac07c88e9a02d3cdae897ab4af0359f43259885b844", 0xd900, 0x5, 0x3f, 0xf, 0xffffffffffffff01, 0xffffffffffffffff}) sendmsg$auto_NL802154_CMD_SET_MAX_ASSOCIATIONS(r0, &(0x7f0000001a80)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001a40)={&(0x7f00000006c0)={0x1368, r2, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_LBT_MODE={0x5, 0x13, 0xa}, @NL802154_ATTR_SEC_OUT_LEVEL={0x8, 0x2a, 0x5}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x6}, @NL802154_ATTR_NETNS_FD={0x8, 0x1d, r3}, @NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x3}, @NL802154_ATTR_SEC_OUT_KEY_ID={0x1328, 0x2b, 0x0, 0x1, [@nested={0xcb, 0x60, 0x0, 0x1, [@generic="dd7bcbe7f85b00254497151991c91470aa55ebb9b1516733230d7c28bd2364c0e7af07dbe612ff0268633ae8401dfe4cd8858ec5745ccbed836fb47ea2", @generic="8bf2668b52b61c603efdf2c69076277663b3eb7f5cac2752fb192751b60c08309ff846fe5c438f9080040a6b9c29f40a5d5db2b51b367d3dff75ee51bca32f240dd7cf9b73f7e53789371d042c977b5293db57a15ef9ebda2e0b89a9d22ccc356c", @typed={0x8, 0x38, 0x0, 0x0, @uid=r4}, @typed={0x8, 0x2d, 0x0, 0x0, @u32=0x6}, @nested={0x4, 0x151}, @generic="d43fb43e2962a3261105076b8a36a5aa3158e2528f"]}, @typed={0x8, 0x14b, 0x0, 0x0, @u32=0x8}, @nested={0x44, 0xa0, 0x0, 0x1, [@typed={0x8, 0x115, 0x0, 0x0, @fd=r0}, @nested={0x4, 0x12f}, @nested={0x4, 0x5f}, @typed={0x6, 0x143, 0x0, 0x0, @str='%\x00'}, @typed={0x14, 0xeb, 0x0, 0x0, @ipv6=@empty}, @typed={0x8, 0xb6, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x4b, 0x0, 0x0, @u32=0x6}, @nested={0x4, 0x10f}]}, @nested={0x105, 0x125, 0x0, 0x1, [@generic="684325cd631b44ec0d198da38817ba13a5ca0873e3f9aaad2d6f04c023070a0bb5a20eacbcac84d75d1897373a4738e01c95c3dea3fcc849229a946b62137c234b7d9feb8840b2d43cc04bfbe685c90da52c7821fb2beb15fc5fe638dd29375f2bf6440adf9c11f0de7ddaa44e057c5adcf349da5566b9212b550f629c032206c88a3379df758a2dfd2118cd6a9d6d98d446485bfa62071dd23b3f6dd87c7fcd81d60a3cf775e1827274b23deea535e666aee1e5548abcd7c18d70124283d99fd084f7fee5be82c61d221a069b4c7cfce05fd8344843b19bb6fc4dc914e1a63943f26700dca86b0f0352e55fca0e78970ff576809c9569ac70d6a4f800", @nested={0x4, 0x16}]}, @nested={0x10d6, 0x9c, 0x0, 0x1, [@typed={0x57, 0xb9, 0x0, 0x0, @binary="52d46a00e8d1a036048c4a945157f314202f39a47491a095d698975e7b38db2942c8ddf3fc90d86d111701ca053e3c4a622e7f047010d98a951a0f78153fa87d02d6f2b34f8a1ca27d7407bd8084e0aef79a50"}, @nested={0x4, 0xe5}, @typed={0x8, 0x3f1, 0x0, 0x0, @pid=r5}, @generic="addbb093e3263015511687271815e430504e1e7cc1e7927669602c4089fed44bcee37a22410cdfb5ed3288", @nested={0x4, 0x114}, @generic="a282b4fd2314fc8530b7cc9fca560836c616d068d473cb5238a20d09d2e0ea759e4ba844d0ab6b0f6f3d6b73dfac8d30faa13b", @typed={0xc, 0x23, 0x0, 0x0, @u64=0x1}, @generic="1c9d566390a7a0fb273283c650abe40c7ea38bebbaad3c5f8623c58dff92cdc48204e4a45bbf0479a6dab87781209b94e6baf75ef1d48cce7825512b9c6faf18cd9c28465d96107b0e0dff3be05c6aa7b46513d88d68d12da18ae701267dc1003cd3bdc1b40b60d6eb35a082c846f3fea08fef203210c16e48f04e38e81867fecc1b26d6414b3662cb20310e5c0666ed48881063f4b1eb5c537f9cf99757a4038b0c21f7cdf9254a4680cb45d595d93ef5bda61babb03ae4316df88f7627555ae483f895f3f2162b68ebc66698d911494f459872d80d487036a3be3b77d8c6b1b103b186a1e2d560f53be111f040811008706eb5b08eecf111f0532e3165835efdffa3fee2e21e927c17c09206e8806c1035f1a837faa889ccc86887539b40356471b8ac1af351b1f027b99b2696f149fc5e2d266c39b301097e47c98f83eaa0d32204598d71d8fcde51afe645ace7c45776192a1c4f4a60052ab07db0e71aea2b95130a72dd423745aab21cb652c88b9da94e60316ad296919b6e9e83c8c14be1825d782f619c5d7fc0b88127b5ea1da0496b17ba443848361bea92191d83efd7e9b64c3ddc4897a743b43b3dbdf029bbd06751635a0a05840f27e6e4c5d3cc2af3e8ed51e67e4cbede2913d45c2607e24d2d6f850d623cfa6f2afa9146b4c1dd326bc8872a24d0974eb8a36bc826e42d73ea43fd0a4302a17e39b55dbe24fc324a7c4e6b9dc0742b1e9f5d6171446b0a15f6b5b53516c1143114e3a6026eb023dcd4bbff40316f9f9d303dfb1eed78d8717b8b8c0568f0fd996b894691a6618667d20dd3fa6aada245cc4ad5ee985c36ffc64c24ff16a9cf0970258978490462aed9aad2bd4a719288f1002894f4988eb780cdb8af3cc85b0a38b2af84164b90824daa2036e378704913efbe1e5da806d9e14e4cbc2f1482d0eb55f0d6cdb7b9c88fc9aecbc047563656caef83c43854eac143b50e09e9228e45dab9febd2cfd78921b5cc330f53a2491ef2cd7c3745b19141afd1354c63c0d17122c3c5af32208236ebabc6f2e5c2c7e8600f833fd4aed955f7a7387774f334850fa10cbb2f14f6ab83d225589826cc30f4b37fd1ab9d86527fea582f1e224ad1684b6cb28ee02aaeaa8cc607eacda97adbdb74cbdf5bc4eadc847b068135dd8a815c1cf9f7b89f81c6d62655d2bdfab5bcac8a1aed1f41d829cbfeb7c9df673fdaf584c955cdafea92f429193c18f9c760e09e55939535710a47b461739fb10459b68ca580a47649ac109612def14a65e48a0cd13a9bea8bae4d337edf7b812a273a9bf31ca0a326fc025b80d6631b63001d89b252ed3f3ac18f82bc57106b306b2096ef0cd68f53420f7464f94d4abfc2d828a5ad64cd8c3852f5ac290a8c314b8ed23a5f7b992447b9a70d387f58e3fc71759fb3c8e20ddb3f205a64947be97a484e70be6003ad23cc20b2ebb036f850deb39868358a0ce124727d998aa52a7d51f03280ea2c5b70d7df141d00b388272abbdae751b7130f70b085aedd6d428f4727929ef6184d6d8ed1747b7cb0144703ca6fd1366cdf527b06406db6595081aeec4d3f94d4388205c33169a3d53d46ff3c357ab5390b4de4504a6c4d67342787cb909350e0e5651d6ebe5b46a380b6489e0a3ca85d2f09f2af95fc65a9decf0ee02547a7bcc7cb44f81d932c402e8910b06f6309157576fd7cf8817d6573fa94adcfdd4077dc669636abd4e6307db9aa6a2fca84d35ade45dc0a15acc875a8143cd1bdd24f7f9f969a8ca0ca39882331695297ed908df00abaef3a4724b7e1695cf12c3cc57cea873395bdc9f12ae1a69bc3bf5a844efe145ac2dbd00de2984ca1736ff1574fc91433d62fe2a9a7e7f98945e4222bcc3ca62442e4ee81d64becd9ee0b7998a2ced663965876b5dd520286fc31684c0fe4a6065677bff1bfc543bef984d7e1f0a177c3ae6739f75e03f18087eac5e75412ea24e153a4853d78a3b1cb259563d39803fc4b0815b8431fac539afc584bbd79e013efe438d124dcd33295c2cc2a240520587253e71b667b5929dd34898fe683b9fcb1fd0a5c2b140dea162d02f3b869a016a9018b34c66498ea316512c172241af7ba4b95fa8a24365feac430ce8f7b7468bafb5002bcffb4e5777d985dedbcc30569f821f460b2bf2476034b148c804b9b815255aa34c57b1bbfde5b77970c7d439ab618fa6c4b7895989a3ebdd64e62895400268fc0bab0f25ee82d8d9f92ceb05ce0ac13e526ca33d8c17d467385d3b36cb24dd27e57c17c8db6fd7773e1ff20d83ac4603015a083356c35057fcc1558e206beb8528e78dc272f1ed4c32523f56d391c5474a0042401620711682be1fe41f2172cbc68248e992cecb863544899ab187568378a373ee28104a5a94c4b649f6c945d2828973313dc2fab7c9f0b70c638ad37ad155796697218c201ec56fb6665c237931a504354cb561e319cb9ea72e668bf5c5e20298d824608368f82d95300ef16b0c2c2408c93216fd8721b1a5510a53ed1bbefda3d2f3a502932a4e0a88638507d71731e878f28b08b79fd341d0ec7d9a4d9634af9004627de2d43191880f686b406b5a8501d6d999c1c2a6caef0c89c37d4f792a021279d1d263d4b61272a343716902cdbb6520b367e30c2fda3e6f5b3d7b4b2a8ba8c6a620b2594de922bef41e6a164329fe073f39426d824c20491409f3ffc4c18865eade758fa154fd2b44c7e294a18239dc35e1e5024e32073fd78a932128a02b59f7749b7eee211de42ca4a0123605add148a4f42a1dc5f5e54126be780b7ebce205cf462b9e7f03ffb4bae95df812f696cd4ec11385f1afb0fb046cc1b78ea3f39a64588f4f2989eabcf08a1cb25d5ce037216a372bd9be203e38405681358bd456508da8d6e4c3c0baa2ae5cd0ec6af10e3d33f66dda2d263648b5b894b9a82d12a3b80964598338e3e3dc3a4a01bc1c84bf9250d54ae8b80bafa66906c90ebed050074d5680ef3858becca6f00488f0559e03b9733931b8af6f64b163016caee8b8209c225434e2bbb3ef3748104321376df4eb04af78c883aba7c49fe714db6c2662d7ae84b51d55bf1919ed4799615f16ca7b5dab153c7eb16a1f20b957a015931c1bce720f2f2453a25bfc9778a3971666a8019b6721e686acd368fa5505cd0afa834a89b07b0e29b480ebfc6c0914570e9cfe2f444a4ab4fd2a7418840c198c6ea532a6637a777e4c5654865a2a28deeef241d67f0d6260637945c2a7b775fcd7b32ef51e90a3c8ac7294442f439d4607990c60b73e92101c14f3f2788a10d3ace95cc9fea757dc4dea054a1a8c47de416038cbe479fec6e674136f613f857dec2780e43c53c538d3ae3339df0b46f101ad9f60d3dc5417bb6f79e4aa8a847fec0e42d7be3890c6a14c2a568d7565888c616c0ed2cf2f52e79fc74c73c0030b9f86741418e409ee062dc675c1ad9d2fcd2cc6bb0d789ba438441cffc06a34c2ea808dcf4f58ade7b337db86d90b08f89f4bf50ce26b6ca09fcce7a55e1fc3496fb49224595b3f519cf0fc6702953f10787ccf6bd2c48502287941736156e789e6aff0fb5a89122c499fadadf5b9edfe8fbdd83ae53b040a9f74f77fdf519ec45cdd145fbaacb203729a7ef293f05c6926f57823db60b76141b7f151263413e471a51810606bf87b6e1426ea8846d9d2e632da0b7af9abc49e0479a93eb4f1a06e9089c2b5a16989e298d16f509960efb518013f047b8b058f54e3be0d365bd39ad79163218d7e02738c5be3d5b8c8b77659e970fdf581457f3506d283a0181e92f0bbef47b6b20b8c31a08369f880965c74d15ccc2493af580df6d43492fda57d23acb6f36636684b2948a5f01609387c5eb9be87fec7129917394834c2c42894c2a029ef9e1e5cd7e7dc2ac6958cb83574640becdd07e6153bd811436fbca1e72601848828839e1b16c0dbd4c16db105435b0538d83a7d4c6958044d0a4c0a195e30e7690a8fa6669c0c6f237668046d5d787b80a0335fd7db95d4f861fb56ed717e299fe9896ce22db45d5a3a8b228070d45d5baa1ff6a6e22dabf6a1d3487819d83e86f177f71af28bd3d36692df93af6609cf1801cd02275b7927c59638a3e30d1fcfa844377824991302ab7d626ca73848a1b39e9b17677ed46ee68c75a1d223e71755d1ce308580205fcb7e5a7fcabba068457c987f9fa101c3ee756cbedc580db0915d665e8b46d6df7b83ff521d847f93477df2d8c40df32f7596f546be3678f717c5685fc36dc7bd9a4a508a00d073f91ef005fb9e344febcaa12b3ea9887deff6cb0d13dbb19abee09f8acdaee10efd24cdbce238168146088357319213ab5ee6c0eeb527f032105503ec560e6b1253d6ab2e734e416a8ee6c0d7b9ff81d2d7c0f2cf50d343986a377173d2bddc51ed24ecb1e523a016b341c372d1716c2ee66dd76995538f2364e49f63055054be798bfc176c11716a25712befbca70f21b6821c7467801aef6a832fbc2e1c07e97f870985ef6975bf47158fef0885b799b49a2f0caf3e51071a47b973a77bde9ee1c3196fd3aa2ebed4506becea088c7141d2cf5f31510ff19a24dd2b85bf1c5d893b97edbb424a530c3b4e1ed7e380a60d1249f17f33a8e3acf82c0c4f302e336d785d449e6596f167d6b8dc4146f01729ab297d379b229e476b60fea0100655a182a6231a0ab0e62cbc851dad7964d475338c19e52bdd07974f40ffb6eb519ba926f85905ee7025f5d47e98aef6385ab072328216507907001b9ef54c1d0b6eafdfa7070b29e4860726d85999d441657a71c207c7a6ff75d721f3c9b62d76a40721ea23d2ee58dd2eb1eeb9c13538bdc9093163b3788095e18d76994d342390c2e9e1f350fd55135065d91c2eac45a6d208f3ebb3a3c6cff9d3370f5fdce31243d490d5efdde948a8ed90318c7fba649059bb33625e7e0125672ffe9c51125c8a439fd1878ccb36b7305c810e92deec05cd73101154554cfe8a9ebbc60f2c2159abad6059fe0716c9386dcddf731846893f478eca1e85f5bce63037a6fde6595da644a91dd99de68cbdd81edbf91eb6e7ffe905af61e18f61b0bbd83a32f9f81bf32664def21e0d7c2e4587bdec6349b36f8e571d73b62dbf3f2509997f6a3178a1782d214b9f64d2a247dd9fd59afa657aecbbe3bdc3a367a7b0a5087ae33f89472ea540dd27457e5a78255cc9d9d58ac70f9f4bc3216932319d44c82c488c947437a5b1f5e30f7ba1652f98ce07fa50b4b932c69495bf4ac2d8acd90afe33cabebad90f53ba7a11bd450980cb0bc97f1b3d25297e004d2d48509582e13e33ef8d702744d4c8a3735157eca6ac73c9dea6b80752a27c36bae6ed8b9d167c5e730f53637987149d628d79a6407da9e1bb89b85c9eab05225e83ab1449bd11f909a2af1a38f8dd5a4528d21b40336f272b2c0676fb2cca370a69e85dddf757a7f27eeca447f9b4eecbafce92bcbad8070a65e5a59886d6ca05a83a95b8ec20d1c210b42dbcb3641e03781c664f899693dda21eafc944e9e7d032a0e8eda52a3c7c0c9e07c593a3ef5fedc45e1f6c4f5872166013d01de4bf95bf5a2f10ae6482fb8220148ebbe8163db1c94c3b0086f8fec6f74df52afde42b1a97b14da43db6d9f8bcc45bab1b9de5231c71801b6f78a58dc6827f0ec8919b0486fc37f76f12ea6a3f1013825c2efe1c0111cbbb9f073c21f024a0c569aa30e9eaa420c93c35b2c0990904a7b5cc9b94031b38e3bc4e6766fb060740570d709a9dd882238fecb54c5ea73a87f4ad"]}, @typed={0x14, 0x7, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @nested={0xc, 0x1e, 0x0, 0x1, [@typed={0x8, 0x123, 0x0, 0x0, @fd=r1}]}, @typed={0x9, 0xf9, 0x0, 0x0, @str='!}!:\x00'}]}]}, 0x1368}, 0x1, 0x0, 0x0, 0x48000}, 0x40012) (async) r6 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000001ac0), 0x440, 0x0) ioctl$auto_FIONREAD(r6, 0x541b, 0xd962) r7 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) sendfile$auto(r6, r7, &(0x7f0000001b00)=0xf7, 0x7) (async) r8 = gettid() r9 = prctl$auto_PR_SCHED_CORE_GET(0x385e4e5, 0x0, r8, 0x9, 0x1) (async) r10 = pipe2$auto(&(0x7f0000001b40)=r3, 0x3) process_vm_readv$auto(r8, &(0x7f0000001c00)={&(0x7f0000001b80)="f2609e9a66008f7440dc263616870d21400a59c1bb68cab6a41ea48eed0f08f37188263ad521f65f843719d337122ec3ec1ae5415a6d541961cd1be01d6ea024d250307efd1e6856f2890e6c1b566cc7c908860d39a941f10fac124bca98bb6b1464eaa9c2fb23ae87bfd719", 0xaa}, 0x28, &(0x7f0000002c40)={&(0x7f0000001c40)="5d0e2041984768549d35df8e062e7338b34e90280a59471d95eeb46eae82b9691f6fd0313f13c5dcba30092970fe053b46ba29a6b796f1ec63ed2073c909ec623a10a1b926bd5d827c5f01285ae6dcb2241bafd0ce7933250eae7008f5e8903bbccd0f20e702244567e90547433a902a93c87cfb0f9846bc4b284029e99ccac50c45f973c1bccd176800ffe3486527b1de9e85a6304e0cb9374c23abe6c1f895afbc14d4a4bf192253576d51b2dc1614a1d87a4703850b8368d43df8714ff3b8db73341fe88ce04eeb8b563fbd82975816d02e392ed7f7e54b98b26c712a6ccabb82bd67cdd148dd1baa44deca92cfa23880e41a134eecdf57d2ead8e61cc2fabb1c0121d29c8e722d5e637047bc4586cdc9d91fcf9b0eccd6069cca86f6eb569627b41f2704f58ed00d582003506c969bd2279670e3b4627cbda3804378cf38e457c3c82403d89a0e6921d0362e3fcf567432eef5af2388f7220852a33cf238c46081c11e3720572aadc936078601f6a608668a5feef14fa655c44c5f5faf88428552563997dd3064a18bfa8cb442fdc4a6bced8d5a515ce7ef73f71acf4dc5540f643946b26c5b3c7be2ebcfd225538e6f8f46db04676e69406c973378ece30e7bd384d2d7b9f612c9719ec1af633aeb57e8fbc20210b53338216fc231aa5be5003c219acc715ee6da0df34997618352c8a4fd7227920446e661e8fd6e20bdb2407356a23a89c2014d316f0f00eff90deae0ee3bb7dde9df8278c43e629c62f46dedac6fff190beb3f5c8e53946206ac02ee7e27ad122f3712ff67cc159c362f563e3bfb5b8c765e9f6b2b3f1b9299753017e7a09c2d7588574070c12d029cde77b5ca355e03c1bdd6b00e811675a58654898c1a6655b646df1c78b9c0ef21657639a69d24caac7fb07e344b649af5426b2c0aed2a84411d8414550479167c0d665fe2abebddcdbce817cdddf68272e104df33b27ad87b09ac84d8d4600ee2209d8f76490049cf586f87b0d2c3a280ab8b76e21c1993051f52f35a3b8c746f80e5cbaab78f1979b6321c69d4eae288f96ba76c6fa686a8aa0986f3b4412d103f669d48bd8c4ae65bb43713c41382c1962c8877dbadbdf1973e45a3be03b8ca6d410ac87a1c06c97436c13646d5bbb23223a71c8467e565a49dabceb9c05f1d896a6abc4f708a2eda7bf0c9f99cb8d5b71371518ae83ae4484878524702154db57751e9832f0e5bd4ecc8882d06b4d065b8968465442bd9c759a136046c6d0bcc3b74b09010f425c49eff20c925568bf48c0daa89518647692330c2ad1a9d7f4d0634500ec6c592aa3f544b8343486cf140545592ce73d4f0c43bbb0acf2f46d262c5fe6ad3d10329d3e38b5ed556b4ea8728ef643b4fef251dbbe70f824be506fee2af79fa49f7a6ab4d7f0e7e8a39163cd3580408ec0168292a363922b036985ea4ee1fdc01c2248df555c5da94bb7fcead794d25fbb326c74b6a8bb1f6903c69b05a4f95a4cfba08dd0753213da422553dcccb8bd13a0195a58467f130a0b36e4442e8f6c6cb40b190f4651a43b1e62d68dce4e274d0143b64ed371a596a162b6a138c13aa3b327ab7885237fb233896658da16118eedd4cb106ebc968a93e536405847f50161924e8f5ca67731a0dbbba9b5da3402c37c305cc35655c85e232c8080516c8e4e7d54e6fdd3fb312af65eed4ed3c3b4ee9ebb0167986df27e3a70b8ab3959031aba0d3bdd27f74b69b5beedf64bf8917e2454b9c4b4ef6bb2b242dc6132fe7cf9fa451074baa788e513209cfdafd3c677cbb0051f925fb989f761f7e43e1d6a8ea80f7082dbb94913a78915768f8570b6fa865c9b5d3bcb5590f45f67996f45322ae781e2e2e32a21cb24bcd73e39ac321ad631994c791bd89edfff45be504876d1eff7a6e4a792a0c5bdbb3e86e9e71d4c6a44535932b8317847626692ec8d0844b4f2901badbef979ea345c14905427a781d768b0b026965425fe0a9a82b8c249f83f8dba67c9bcce56fe96d69e5f5b3c4f2a2b52985fc847878090ce7d11aa8288cff68ee3a1399538452f040fa112d5f289671f28d6989014e7204fb970f3ab174dd1c2d5645df7a2c71cfde6f588b4dd6d8293f8a41f10f0b7ff059e54db5e26514c1a2d9ea4838cfb7189a7751f3d066ff22e929c594858317959f90e7a6d00684954292ecd8f4cbb14db7b6c66d253c01d75c0166f30076fc2a3afb80df5233c49e0c88a73c81feaa31c9861970de9587a17a1438a1fe62c5c8bddb416f6e2d71971e01a7fa5d4604fd47e66db09754399d1e811288b049fa90ea31c3fec91c6a1fca4faa52c4fdc34b64e1ef98d0b5dbdbf74b185947f9f2da6618c04a58807098c8b024bfa20e2a6b7be22c22ca24eae90c473009112858df333526a744b958bdf9db6c2aed555cec81b8e5560c16c419c259513f036710669b7b2c8be5e87bcd6d15c500ef8ff0d31ce9755cebb85fa785d69498447fb0f01ff4897c7342a1409d5998fdabaa692330851d11bbae9b7a1e28bc1d1140d4cde07f5f26413f433ed5fbd92a825a7053d1ed79d357e6800b75697594e37e7e46dee8626641e30e804c129cc2e1e0dbbcb352dec62bef7f1295c8b3cb6a4812da199926bdc2e6e1311908656aaace3cc3052557fc70c0279793b7a11e19dc8ae6d3f0d0eea79f82f431afbb8a1a07b2f2e7f6a06b6493d23edb7fa8ba97bb765940b8049d10efe3090d9a67cba4156dd6752a396ead7114382a863a12be966a106f034f4b224592356236538be4c511c77ea409ec4c89efebe87cf2f0a013be8ab5513d30a535177ef4b1f0efe24929596bddf6a5a95c7386cfd77a085fcf3998fea90e14dfe393062420a37a082ded1ad614a84d6e16f8cbc599de1075b5b750f44b2d469eba178ab531c20fa1643114c8f2adbf4ed7b136cc3f85da79f45e6ceae1272b473403ad61ba48efc0554d5db63673af3d190d4e0b8e04acce61d034a10107c02b40b021ec8010ec9a2160ac526a8cf624c108ca5adf9deaeec163db53eccc2803f4556929808f95e9ca29419d995ef62aa977dff698a3bc011732eced67d5f29e2831dec782bc2ab842ec40e05a28e23297905d1e453b652d6add2ab1b699a89c1f09333ad2819759c393b2f6ddb3e69f5be2b1b675bf04d5df55fcf841a3d309b6a9b93a93cfb7ee635f236ba4ea0ee680100fc90d0b38e8d5248f722c274e251af43c37f4961d178a3ab47a2bccd938cacca04d552ab4a2600c204ffcbbec07c7d3f2a632c4cb65d1a23809daa1395c62d3d9e30670c677b2cacc90f57d92a7caa51f4c923f75696ac87a555f3e13e3a7dc8984f6538c6f70466d513fb2e7f2df59aaa8a48bb056378400b9bf12c36fc7bace4aa89d222c6fef402bb190cd366700dec633091f445e1535c8cdc0230f83ffcad29e1473146811072aff009fd93929c4f2935a849cdcd3e63ecb2e01e11d3bc7a67a4e2672ca1d06d90618ebc813c9aa6683b0e533692de24f09b30969c3b69ceadbf09a73e3a967a2c6cb5b86224f146172ffda0c87d13cf298ac0866dbf58439e34d677265bd9fdb7042fbfdc98a1ea930d8af4d55ab99b9ac9ad5c039531fc3710755b3819aaab7ca76ee1ecbff2fd7a1e00e79b3278bc559e90776f6b2bb6e992364de245b578a470b476f74e1c88bd3f6520fa00c36a9879a27ee1a5175f6c79a9e44a202c62464741df677ad00aa27705bb95d8a1c82fa8d21fdeaab1f4486b400660d88794be705b07d865170000cb83f865d84b832d970dfa5e79dcc1d4c0e8314a3ca0016f0f80858133161851b8ed4c861c5c83e9dae3eb8e6873553f73f28e56c1174e7468c5a41923f2747b767e948d2776f7065fd3cadd0de2489036e9ea7974580cf1b31b7febe2ddf1c7a70da659d25470100bdf504fe0246ac042e01f13e74bfa4c88b4b3198b9bc07f50e06a95fa59ef9045275938e27a863e59606192b805d50525436f5c96d8df144086018473390886bb11649017cb6a496a5b6edceaf1fcc682cf2be1fb0ed4e3e5111c83e47c7fc7455f1c78083aad5960bde28332f7e62d1d6bf42e356886a8de4b1297f577df2f03dade8c318fb55d4db12bcc67eda193ee694e8d1dc525108521ad208469153ed216213515f347671d32ff2502a15aeb06b17a94a07e95e5dc178eddc1e205f5403dcaf349cb557d8a7fe450ecf1707f084a11e129030d9dea796606a6dca34fa09fc21fc618acfe5d993593813a320013233a3adafa4589323b3fdbdcc0e4d8f3f413bfe89007e30ee844277a54f4602a0962e2ec2f4da0789caddc424b38bd2c96d696c5f6037561b81d0c7657ea511ef1b895c388e2c14caca70470ed066035bbefaab665868e2df7c44c2afd65753c737399915de28a471b13ebf0ba2b8797192ceb4a4ead19ca5c47686dd23383e6f53bb529e2ddbae465934d3cde82afda796f9950319f971e29833c32a0e4869df5b78e8f3ef9c36e354c6e352433302455d8b9a8c4bec746c313f2e5fd0d95e3491d7f419ea086dc4e2cffe87d39c49d85a32fabffeb0f9fc051af0a34284d472fa545d3547dcc734615bcf2b51119511828bc931d5b78edf0ea4e8e3b8b23aaa8782736c629788245ff1ddf1467c91e0d81b417accf066163756c7bde3fe469897546c5f0e1b0d05b6e6083fe3ecf540597cb66315eb19306f36ef390cfa182d0bffa993a7189e4064544836d6e4a24d9dec6780c2919ab37262b5c7ddec98bb5a7c278b82d2d8bc45196a09b0d71449cb353be0c2e256a562f0b37fb06b43c5a22b8771acdfdfa24f231c24d7278ab302e2e3fb021272b56084b5301d3b7f349c606723f45e02d2fbe06653b279f97f285df59e978541edd12376031eac5ff5047d3c88db893d85356f87f65b452e50fc115a9eef80134cec16ff7de9a572091a3e8882298b95aa2585716d9633c1815bbe6c588b1bb8daf028daaa448ff72afa53681c83dd09a9b217ea7a36a6d39cbdd8e2a8e3d36ab716b01bf29ff7e8a88a22232ad929b2de031474e81c38022247ccf121b7e7c30c4ac5b51f46d371965f6b0de73df493b090d9a3b96d0604144e076133638cf232999c68ec57d717d6f14b9b0cd955b54db02f2fc3156d2bd9f65806270ab2c05dffbcbeb950b277aa77faf830baca6b21832615660b8234b02e0e8ae8a802fb617316899bcae917a63c5f1a712717dd3c25a792859721973d2e47c6bf8bd63e7e17bd8f3dab054030b8c273d3c63cf6f32b912e18bc981df2c3b8212659782e02fcbb4daa2e9ab5820c4eb0887a9ec66c80bfe3e8a7e74c0902b041a27c9b6e2ddee8af80b5ff121dfa43b15bf5c2ff0da1d47a1ddd46d555b595e0b408f74a3be8e076bb5395da6473b2f1cdb050974d871537ef8fe8cf42db85e221dbd225b7f9f3b8b76cf1aafc77a50238fe7f1b24681af00630dce5f322289de29ecbd4a25478bc5c6ca7b18b97c273c3cbecb15123768dae68e8b8eff232c568fc3f6beda478ec12c25b05c32e62b7144317b8774307fba2a645f3d0272e5d0e1bd4fada577260216024b040b0d8a2320047435fb6bb4c5f7f6c37b492a4e0dd03c1ca509edb6f707230dcf1ba56d348926492839781c73f14bf4e0c66f4a235b61de259e4de11df83ff5dbf1d4b29ce06391a7e2619e024d1b94eb764ef49b29aec5327f136f00123271be8696ad335017e6e690d453c61faae7e3b7bf0e248e137afd03017d899c93c3bd9d2f21dbb3d467d7faa6fd6d20082e6d776ce50e14dc49c83", 0x7}, 0x40, 0x3330) (async) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(r11, &(0x7f0000002fc0)={&(0x7f0000002c80)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000002f80)={&(0x7f0000002cc0)={0x290, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@NL80211_ATTR_VHT_CAPABILITY={0x6d, 0x9d, "2da550914211155d9e91ae1e6f021860094ac47e4d901f846ffc0624023cf827427518dc523c35159b03af848ab4fb2ccd286439fe47120b06bef279dcfc1ea7a337964328ff2eb0b932b80f7a7fce9f84de9e09d349c07eddfb53c2923f563b17f18c6ac6065f245c"}, @NL80211_ATTR_VHT_CAPABILITY={0xfd, 0x9d, "451d62b8b08ccea833d2d0019a8d94afb4aa0ee95f8b177f6171c9782978ce84bc8823bb654a302f2a5f0c3ffc85279c82e7673bdf37fdeec4a885d82bdb615f309432e72fff92f41976346c487a3bf81a046db504f2252657ca7f14311d43476f3a08e10bf49ac10784a71b9e5b33ecec174efd4c6d496c3ff35053c3fbe1c85fa17c6a7ebb75263e4d180ae25c6630fa4589dea4b82155471ba82e822bdd3a2ef91574936cc7f3363971b7661863bad0cdfbf5c1f6f2925782ee182a8c1c2dff571e5b0bfe7bd918b366d752d90370589875d9f0d0c1bbd6d7f26f449d528acc108cef85355bc496adf99da6b3f36ce061e0e461373501d5"}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "f8e25de45c92f5646e4031fafc96d8e01ba64112f8606471"}, @NL80211_ATTR_OPMODE_NOTIF={0x5, 0xc2, 0x2}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @NL80211_ATTR_BSS_SELECT={0xdc, 0xe3, 0x0, 0x1, [@typed={0x8, 0xb3, 0x0, 0x0, @pid=r5}, @typed={0x14, 0x5d, 0x0, 0x0, @ipv6=@private1}, @generic="c21fb04eea6e931c1decbdbb6d69e26fd9f1b7d23c23543449936224ca755e6df708021585aca06f4ee6c6cd38c75e2bb5212a0024f312ba6129deb84450ae92e27c94968a8dcc3d03fbc770b51a87713794e044b2e6b36f5bc3fb065e13d0cf00e3aaee02a384c409bbfc6efb7cdaf120ab38482578cee0629480243b5289c0fad85bda5d0b18f6645bd8ba48544a2c136d0c963747ddbcb772601e31974ab963285c180da8cc53762b265e32f157b970d1c719b507fec17e6efa39"]}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x4e24}]}, 0x290}, 0x1, 0x0, 0x0, 0x40004}, 0x4000) syz_clone3(&(0x7f0000003240)={0x0, &(0x7f0000003000)=0xffffffffffffffff, &(0x7f0000003040), &(0x7f0000003080), {0x1b}, &(0x7f00000030c0)=""/116, 0x74, &(0x7f0000003140)=""/134, &(0x7f0000003200)=[r5, r5], 0x2, {r10}}, 0x58) process_madvise$auto_MADV_POPULATE_READ(r12, &(0x7f00000033c0)={&(0x7f00000032c0)="7e1e47c72bd51d4684e943e0a269e04b0aa710bc6c4ec76efaa589cc0347ff9aad482256b521a60536b522d43af955db8553434f94110db7d744c70916e9dc10c585e64170b0cc62db40de3cb6a91162f62e22aa64a506fbf8d5d754a7ff4849359070db57b848dc44e819e470fffb4306402e82dffffee0b079c80e12e23e37c43b133bed397c726aaa9147bb9c8fc214810cb5cce7f48af98b81f2d4dfc23070639c217121e8542584ae3b5fe9f1a5d235fe199dca0638b273e0be6648428f8821ea9d231cfb4bd2fc49476a096c3243e73c0111365090ca61b68d", 0x3ff}, 0x8, 0x16, 0x8000) (async) sendmsg$auto_NL80211_CMD_GET_REG(r11, &(0x7f0000003500)={&(0x7f0000003400)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000034c0)={&(0x7f0000003440)={0x50, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_CONTROL_PORT_OVER_NL80211={0x4}, @NL80211_ATTR_COLOR_CHANGE_COLOR={0x5, 0x130, 0x5}, @NL80211_ATTR_AUTH_DATA={0x28, 0x9c, "b9fd6b69ed31d6da9c99a12a6595f991f7e323b95a019407e7b965d44ba3e2a2d2ff2c1e"}, @NL80211_ATTR_STA_TX_POWER_SETTING={0x5, 0x113, 0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x24000000}, 0x4008000) (async) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r7, &(0x7f00000035c0)={&(0x7f0000003540)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000003580)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) (async) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000003600)='/dev/cuse\x00', 0x0, 0x0) (async) r13 = fcntl$auto(r9, 0x2, r8) r14 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000003680), r7) sendmsg$auto_NL80211_CMD_GET_REG(r13, &(0x7f0000003740)={&(0x7f0000003640)={0x10, 0x0, 0x0, 0x8200}, 0xc, &(0x7f0000003700)={&(0x7f00000036c0)={0x20, r14, 0x0, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x4}, @NL80211_ATTR_TDLS_SUPPORT={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x8800) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000003780), r11) sendmsg$auto_NL802154_CMD_SET_BACKOFF_EXPONENT(r9, &(0x7f0000003880)={&(0x7f00000037c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000003840)={&(0x7f0000003800)={0x38, 0x0, 0x200, 0x70bd29, 0x25dfdbff, {}, [@NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x9}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x4}, @NL802154_ATTR_SEC_ENABLED={0x5, 0x29, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000814}, 0xe0641036017a8ba5) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000038c0)='/dev/snd/controlC2\x00', 0x81000, 0x0) 22m6.589827594s ago: executing program 1 (id=394): socket(0x22, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/ext4/sda1/err_ratelimit_burst\x00', 0x103841, 0x0) write$auto(r1, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x4) write$auto_proc_fail_nth_operations_base(r0, &(0x7f0000000000)="e7917dcfc0bd7d2585ba3457205d01cc8703a2dd7b23fba5dc3390deca2bfcd2c58a441d16a1cf6929271e21aed2f67ff79fec58c2915c8a70a16e714c", 0x3d) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETODELAY(r2, 0x80045017, &(0x7f0000000140)="8a5679d5e86b2e02fa87c4647afb362b74fec4a9bad002deb3500a67504803a676f704db80820db06eeff9aeb64af3d7e9ca17431a12b83f0387b6d5c2e0b7ffb3ab47daa32ed980b995f630b4ecb3fd9fea0bb6ca81bc29617f82176cc127d87987abde1ae958bf822826786ec9b7354e46389502ccb4ea1481fe4b034af87f5a001170589149a3c018542a91c02aae11b2c8b2fa92223436a8b70ae4ec6a7b0d66c196eb1c5e7ed1f6695fe1857d503dc0b2363e83406e08f99a0ee8407fe538761b3add5676f70bebafaea183ad0f136ef87078a18093bb392ffd1bcf1c7e22b7f007a4d286ade36e4db78f0e8f") io_uring_setup$auto(0x6, 0x0) openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) 22m5.711301979s ago: executing program 1 (id=397): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) r1 = open(0x0, 0x111280, 0x18) socket(0x2, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r3 = socket(0xa, 0x1, 0x84) getsockopt$auto(r3, 0x84, 0x4, 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000180)=""/286, 0x11e) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x20342, 0x0) r5 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/mtdblock0/sched/read0_fifo_list\x00', 0x0, 0x0) lseek$auto(r1, 0x7fffffffffffffff, 0x1) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(r4, 0x80044dfe, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) listen$auto(0x3, 0x3) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x4, 0x100000001, 0x4000000000df, 0x40eb1, r5, 0x300000000000) getrandom$auto(0x0, 0x6000000, 0x3) r6 = socket(0x15, 0x1, 0x0) setsockopt$auto(r6, 0x114, 0x1d, 0x0, 0x4) 21m50.293181968s ago: executing program 32 (id=397): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x106) r1 = open(0x0, 0x111280, 0x18) socket(0x2, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r3 = socket(0xa, 0x1, 0x84) getsockopt$auto(r3, 0x84, 0x4, 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r2, &(0x7f0000000180)=""/286, 0x11e) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x20342, 0x0) r5 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/mtdblock0/sched/read0_fifo_list\x00', 0x0, 0x0) lseek$auto(r1, 0x7fffffffffffffff, 0x1) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(r4, 0x80044dfe, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) listen$auto(0x3, 0x3) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x4, 0x100000001, 0x4000000000df, 0x40eb1, r5, 0x300000000000) getrandom$auto(0x0, 0x6000000, 0x3) r6 = socket(0x15, 0x1, 0x0) setsockopt$auto(r6, 0x114, 0x1d, 0x0, 0x4) 8.323081177s ago: executing program 4 (id=3875): openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000300), 0x109000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_ETHTOOL_MSG_PSE_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="3b031c640b4ee7b301002e"], 0x14}, 0x1, 0x0, 0x0, 0x4000881}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002040)={'veth0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0xcce03, 0x0) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) read$auto(0x3, 0x0, 0x80) 7.897792913s ago: executing program 4 (id=3879): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/config.gz\x00', 0x0, 0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f0000000140)="d1807307", 0x4) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)) unshare$auto(0x40000080) r1 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x402, 0x0) pread64$auto(r1, 0x0, 0x8, 0x2aa00b6e) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) mprotect$auto(0x2000000008, 0x10000004, 0x100000001) poll$auto(&(0x7f0000003640)={0xffffffffffffffff, 0x4, 0xffff}, 0x4, 0x100000) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r2 = socket(0x10, 0x80002, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000007a80), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="99012dd77000ffdbdf252c4e1fa505e8c05500eee4"], 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x40) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vidtv.0/i2c-0/delete_device\x00', 0x1, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0xb2a5, 0x9, 0x9, 0x4, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xaa2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10b09fd8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000]}, 0x1fe, 0xd) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='Ffs\x00', 0x1, &(0x7f00000001c0)) r4 = socket(0x10, 0x3, 0xa) r5 = syz_genetlink_get_family_id$auto_nlbl_calipso(&(0x7f0000000080), r4) sendmsg$auto_NLBL_CALIPSO_C_REMOVE(r4, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x5c, r5, 0x110, 0x70bd28, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x5}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x5}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x3ff}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0xd98c}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x7}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x4}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc010}, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent0/unbind_device\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000180)='{', 0x1) 6.463719876s ago: executing program 2 (id=3883): openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) sysfs$auto(0x2, 0x4, 0x0) waitid$auto_P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000080)={@siginfo_0_0={0x10001, 0x8, 0x7ff, @_rt={0x0, 0xee01, @sival_int=0x9}}}, 0xab7, &(0x7f0000000100)={{0x1000, 0x2}, {0x119, 0x5}, 0xff, 0x4, 0xb0e2, 0xffffffffffffff66, 0x0, 0x63, 0x9, 0x7, 0x9, 0xfffffffffffffffa, 0x9, 0x1, 0xaf, 0x37f}) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x2, 0x0) 6.457435046s ago: executing program 3 (id=3884): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x0, 0x0) ioctl$auto(r0, 0x5646, r0) remap_file_pages$auto(0x6a2b, 0x3000, 0x2, 0x3, 0x10000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x405, 0x8000) syz_open_procfs$namespace(0x0, 0xfffffffffffffffd) r1 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x155) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0x5, 0x2000000000002) inotify_init1$auto(0x3000000000000) socket(0x15, 0x5, 0x0) getsockopt$auto(0x2, 0x114, 0x2711, 0xfffffffffffffffc, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x8000, 0x1, 0x5) close_range$auto(0x2, 0x8, 0x0) getresuid$auto(&(0x7f0000000080)=0x7, &(0x7f00000000c0)=0x8000, 0xfffffffffffffffc) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xa4e00, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x80002, 0x73) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyye\x00', 0x101142, 0x0) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0x3, 0x541a, r1) 6.051946049s ago: executing program 2 (id=3885): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x29, 0x2, 0x400001) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x40000) r1 = socket(0xf, 0x5, 0x20) setsockopt$auto(r1, 0x6, 0xc, 0x0, 0x7fffffff) mmap$auto(0x0, 0x20009, 0x5, 0xebf, 0xffffffffffffffff, 0x5) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/mountinfo\x00', 0x42100, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r1) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r3, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=ANY=[], 0x1094}, 0x1, 0x0, 0x0, 0x4081}, 0xc000) write$auto(r2, &(0x7f0000000580)='%\"G{\xe2of\xd2io1\x00', 0x100000a3d9) ioctl$auto(r3, 0x57, r2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0x2008, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x403c6f2b, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0) execve$auto(0x0, 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') r5 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r6 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_clock\x00', 0x0, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(r3, 0x40087543, &(0x7f00000004c0)={0x1, 0x80, [{r5, 0x0, 0x7fffffffffffffff, 0x2575}, {r0, 0x0, 0x10000333d, 0x7}, {r6, 0x0, 0x7, 0x2}, {r0, 0x0, 0x8, 0xd589}, {r1, 0x0, 0xa7, 0x2}]}) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp1\x00', 0x20040, 0x0) fsopen$auto(0x0, 0x1) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/adsp1\x00', 0x4800, 0x0) 6.042384817s ago: executing program 4 (id=3893): unshare$auto(0x40000080) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x2ad00, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x7) socket$nl_generic(0x10, 0x3, 0x10) 5.816653837s ago: executing program 0 (id=3886): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/config.gz\x00', 0x0, 0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f0000000140)="d1807307", 0x4) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)) unshare$auto(0x40000080) pread64$auto(0xffffffffffffffff, 0x0, 0x8, 0x2aa00b6e) close_range$auto(0x2, 0x8, 0x0) 5.557415041s ago: executing program 4 (id=3887): openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xb, 0x4, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe3102, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x2000000007, 0x6, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, r2, 0xfffffffffffffffb) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) ftruncate$auto(0x3, 0x700) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r3 = socket(0xa, 0x3, 0xff) connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) shmget$auto(0x8, 0x10563, 0x568d1af2) madvise$auto(0x0, 0xffffffffffff0004, 0x19) getpgid$auto(0x0) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop1/queue/discard_granularity\x00', 0x25e3bab421785a14, 0x0) 5.302032059s ago: executing program 3 (id=3888): openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x102, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xb, 0x4, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe3102, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x2000000007, 0x6, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, r1, 0xfffffffffffffffb) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) ftruncate$auto(0x3, 0x700) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, 0x0, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) shmget$auto(0x8, 0x10563, 0x568d1af2) madvise$auto(0x0, 0xffffffffffff0004, 0x19) getpgid$auto(0x0) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop1/queue/discard_granularity\x00', 0x25e3bab421785a14, 0x0) 5.112598733s ago: executing program 0 (id=3889): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x0, 0x0) ioctl$auto(r0, 0x5646, r0) remap_file_pages$auto(0x6a2b, 0x3000, 0x2, 0x3, 0x10000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x405, 0x8000) syz_open_procfs$namespace(0x0, 0xfffffffffffffffd) r1 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x155) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0x5, 0x2000000000002) inotify_init1$auto(0x3000000000000) socket(0x15, 0x5, 0x0) getsockopt$auto(0x2, 0x114, 0x2711, 0xfffffffffffffffc, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x8000, 0x1, 0x5) close_range$auto(0x2, 0x8, 0x0) getresuid$auto(&(0x7f0000000080)=0x7, &(0x7f00000000c0)=0x8000, 0xfffffffffffffffc) socket(0x2, 0x1, 0x84) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x80002, 0x73) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyye\x00', 0x101142, 0x0) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0x3, 0x541a, r1) 4.462381706s ago: executing program 2 (id=3890): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/config.gz\x00', 0x0, 0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f0000000140)="d1807307", 0x4) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)) unshare$auto(0x40000080) r1 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x402, 0x0) pread64$auto(r1, 0x0, 0x8, 0x2aa00b6e) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) mprotect$auto(0x2000000008, 0x10000004, 0x100000001) poll$auto(&(0x7f0000003640)={0xffffffffffffffff, 0x4, 0xffff}, 0x4, 0x100000) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r2 = socket(0x10, 0x80002, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000007a80), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="99012dd77000ffdbdf252c4e1fa505e8c05500eee4"], 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x40) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vidtv.0/i2c-0/delete_device\x00', 0x1, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0xb2a5, 0x9, 0x9, 0x4, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xaa2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10b09fd8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000]}, 0x1fe, 0xd) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r4 = socket(0x10, 0x3, 0xa) r5 = syz_genetlink_get_family_id$auto_nlbl_calipso(&(0x7f0000000080), r4) sendmsg$auto_NLBL_CALIPSO_C_REMOVE(r4, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x5c, r5, 0x110, 0x70bd28, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x5}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x5}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x3ff}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0xd98c}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x7}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x4}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc010}, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent0/unbind_device\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000180)='{', 0x1) 3.557643263s ago: executing program 3 (id=3891): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) r0 = socket(0x15, 0x5, 0x0) fsconfig$auto(0xffffffffffffffff, 0x1, &(0x7f0000000200)='I\xee\"\xe3\xb7\xcfD\xe5\xb1\x05\x1e#\xff1<\xd9h[e\xdf\xc0M\xa2\x00\v\x97\xb5\xd4\x94\x99u\x9e\xf4O\x1a\xb1\x05\xb8\xcb\x96\fd\xa3\xf9&\xc9~\x10\x06X\a\xc8\xb7\x97\xc7M\x83\'^\xc9\x9e\xccAsv\xce8sw\v\xac\xcd\xa2B\xf8.\xce\xe6n\xfe\xd6\xc8^W>Rz`C+\x0e\x8c<\xc5\x8f\xe6\x0f\x14\xfa\x9ea4>\xd8O[{\xede\xfd\xbc\xc7\xbd4_\xbc\xc6\x06\xe5h\x9e\xf5/4\xe8\xcfc\x95\xbb~\xd9.\xb3\x84\xb8K\xa7\xca\xda\xc8\x11u\xa1\x1d\x9d\xe1%\xc0m\xf6%1\xba\xe7^\xed0\xdc\x86\xeaG)?p,Up \xe9\b\x14\xaf\xbf\xd9\xc3,\xb8\x17\x10\x9f\x92\x95@),A\xb4\x92Q\x86\xbe\xed=p\x1b\x9d\xd4\x99_]K\xce.\x00\x00\x00\x8eDv\x0fl\xed\x93ey\xf9\x19\xf0\x9d\xf5\xfe\xed\xc7Q\xc0ZJ\xc9*7\xf2\x1a\xa7\xb3\xc6v\v\xe1u\x16:\x15\xefel\xf0\x8c/\xa2\x95\xc1\xacd\xc9\a\xe5\x888F\xaa\xce\x94\xa2zsx\xea\x96\x7f~]\xdbj\xd1#\x94K\xcf\x11l\xe5Z\xec\xa6B\x90\xb6\xa3`\x88\xd4\x87\x17\x8a\xedFx\x95#\x83\x99\x00\xc6Z\x1au\x8e\xa7}\xa7\xe9\x83X\xa3\xad\xe2T\xea\xa0\xba\xd7R8T\x00\x8e0h\x8ck4\x15\xf3sh0\xd3\x1e\xedU@\xab\xc0g\xeeT\xc5\x8d\x9b\x188x)\xf0i]\xdcf\xdd\xf9\xffA\"ZQ\x8d\x15\xff\xf3WYX\x8a/\xb36\x1d\x8e7\xb2d3\xe8\xf4\x1e3\xec\xfe\xbf\xbbo\xbb\xd2Z\x89:\xa2\xc8n8k\xa8\xba\xa5E\x9f\xbe>3,\xcb\xa2\xa7q \xe2', 0x0, 0x0) read$auto(0x3, 0x0, 0xfffffffffffffdef) read$auto(0xffffffffffffffff, 0x0, 0x10) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0x2, 0x1) r2 = io_uring_setup$auto(0x6, 0x0) sendto$auto(r1, 0x0, 0xb, 0xf1a, &(0x7f0000000000)=@in={0x2, 0x0, @empty}, 0x1c) mmap$auto(0xfd, 0xbd, 0x1000, 0x80000010, r2, 0x5) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x20042, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioperm$auto(0x7, 0x6, 0x2) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) ustat$auto(0x801, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0xe, 0x0, 0x9, 0x8}, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2, 0x4f5, 0x8000000008011, r4, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) io_uring_enter$auto(r4, 0x3, 0x0, 0x3, 0x0, 0x400000a) pread64$auto(r3, 0x0, 0x3, 0x5) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000) close_range$auto(0x2, 0xffffffffffffffff, 0x8) open(0x0, 0x163340, 0x6a) socket(0xc, 0x80802, 0xd) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) 3.556287495s ago: executing program 4 (id=3900): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/config.gz\x00', 0x0, 0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f0000000140)="d1807307", 0x4) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)) unshare$auto(0x40000080) r1 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x402, 0x0) pread64$auto(r1, 0x0, 0x8, 0x2aa00b6e) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) mprotect$auto(0x2000000008, 0x10000004, 0x100000001) poll$auto(&(0x7f0000003640)={0xffffffffffffffff, 0x4, 0xffff}, 0x4, 0x100000) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r2 = socket(0x10, 0x80002, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000007a80), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="99012dd77000ffdbdf252c4e1fa505e8c05500eee4"], 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x40) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vidtv.0/i2c-0/delete_device\x00', 0x1, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0xb2a5, 0x9, 0x9, 0x4, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xaa2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10b09fd8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000]}, 0x1fe, 0xd) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='Ffs\x00', 0x1, &(0x7f00000001c0)) r4 = socket(0x10, 0x3, 0xa) r5 = syz_genetlink_get_family_id$auto_nlbl_calipso(&(0x7f0000000080), r4) sendmsg$auto_NLBL_CALIPSO_C_REMOVE(r4, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x5c, r5, 0x110, 0x70bd28, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x5}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x5}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x3ff}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0xd98c}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x7}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x4}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc010}, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent0/unbind_device\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000180)='{', 0x1) 3.279174143s ago: executing program 0 (id=3892): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000) madvise$auto_MADV_HUGEPAGE(0x0, 0x2, 0xe) socket(0x2c, 0x3, 0x0) ioctl$auto_FIOQSIZE(r0, 0x5460, 0x27) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event1\x00', 0x101, 0x0) ioctl$auto_EVIOCGRAB(r1, 0x40044590, &(0x7f0000000f40)=0x9) close_range$auto(0x2, 0x8, 0x0) r2 = bpf$auto(0x4, 0x0, 0x6f6) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x1) socket(0x2, 0x1, 0x106) r3 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r4, 0x5509, 0x0) unshare$auto(0x40000080) r5 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000200), r2) sendmsg$auto_CGROUPSTATS_CMD_GET(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="000427bd7000fedbdf350400000008000100", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000800) openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000340), 0x400, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r6, &(0x7f0000006200)={0x0, 0xfffffffffffffe47, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c000380050001800300000004000280080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000002c, 0x0) fsopen$auto(0x0, 0x1) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) shmctl$auto_IPC_RMID(0x7, 0x0, &(0x7f0000000100)={{0x171a4c29, 0x0, 0xee01, 0x401, 0x9, 0xb, 0x2}, 0x8, 0x100, 0x1a56, 0x1, @inferred, @raw=0x8000, 0xe7d, 0x0, &(0x7f0000000000), &(0x7f0000000040)="1783a8"}) r8 = socket(0x23, 0x5, 0x0) listen$auto(r8, 0x5ed) openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) 3.090348838s ago: executing program 3 (id=3894): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/config.gz\x00', 0x0, 0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f0000000140)="d1807307", 0x4) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)) unshare$auto(0x40000080) r1 = openat$auto_aoe_fops_aoechr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/etherd/err\x00', 0x402, 0x0) pread64$auto(r1, 0x0, 0x8, 0x2aa00b6e) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) msgrcv$auto(0x0, 0x0, 0x1000, 0x8000000000000000, 0xb5) mprotect$auto(0x2000000008, 0x10000004, 0x100000001) poll$auto(&(0x7f0000003640)={0xffffffffffffffff, 0x4, 0xffff}, 0x4, 0x100000) syz_genetlink_get_family_id$auto_netdev(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r2 = socket(0x10, 0x80002, 0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000007a80), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="99012dd77000ffdbdf252c4e1fa505e8c05500eee4"], 0x14}, 0x1, 0x0, 0x0, 0x90}, 0x40) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vidtv.0/i2c-0/delete_device\x00', 0x1, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='Ffs\x00', 0x1, &(0x7f00000001c0)) r4 = socket(0x10, 0x3, 0xa) r5 = syz_genetlink_get_family_id$auto_nlbl_calipso(&(0x7f0000000080), r4) sendmsg$auto_NLBL_CALIPSO_C_REMOVE(r4, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x5c, r5, 0x110, 0x70bd28, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x5}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x5}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x3ff}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0xd98c}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x7}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x4}, @NLBL_CALIPSO_A_MTYPE={0x8, 0x2, 0x2}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}]}, 0x5c}, 0x1, 0x0, 0x0, 0xc010}, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/clockevents/clockevent0/unbind_device\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r6, &(0x7f0000000180)='{', 0x1) 2.473784649s ago: executing program 0 (id=3895): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x0, 0x0) ioctl$auto(r0, 0x5646, r0) remap_file_pages$auto(0x6a2b, 0x3000, 0x2, 0x3, 0x10000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x405, 0x8000) syz_open_procfs$namespace(0x0, 0xfffffffffffffffd) r1 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x155) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) fanotify_init$auto(0x5, 0x2000000000002) inotify_init1$auto(0x3000000000000) socket(0x15, 0x5, 0x0) getsockopt$auto(0x2, 0x114, 0x2711, 0xfffffffffffffffc, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x8000, 0x1, 0x5) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xa4e00, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x80002, 0x73) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyye\x00', 0x101142, 0x0) write$auto(0x3, 0x0, 0xfffffdef) ioctl$auto(0x3, 0x541a, r1) 2.368522415s ago: executing program 2 (id=3896): openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x102, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xb, 0x4, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe3102, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x2000000007, 0x6, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, r2, 0xfffffffffffffffb) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) ftruncate$auto(0x3, 0x700) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r3 = socket(0xa, 0x3, 0xff) connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) shmget$auto(0x8, 0x10563, 0x568d1af2) getpgid$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop1/queue/discard_granularity\x00', 0x25e3bab421785a14, 0x0) 1.470431704s ago: executing program 4 (id=3897): openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x102, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xb, 0x4, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe3102, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x2000000007, 0x6, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, r2, 0xfffffffffffffffb) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) ftruncate$auto(0x3, 0x700) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r3 = socket(0xa, 0x3, 0xff) connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) shmget$auto(0x8, 0x10563, 0x568d1af2) getpgid$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop1/queue/discard_granularity\x00', 0x25e3bab421785a14, 0x0) 1.352862051s ago: executing program 3 (id=3898): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000) madvise$auto_MADV_HUGEPAGE(0x0, 0x2, 0xe) socket(0x2c, 0x3, 0x0) ioctl$auto_FIOQSIZE(r0, 0x5460, 0x27) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event1\x00', 0x101, 0x0) ioctl$auto_EVIOCGRAB(r1, 0x40044590, &(0x7f0000000f40)=0x9) close_range$auto(0x2, 0x8, 0x0) r2 = bpf$auto(0x4, 0x0, 0x6f6) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x1) socket(0x2, 0x1, 0x106) r3 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000240), 0x183440, 0x0) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80040, 0x0) ioctl$auto_USB_RAW_IOCTL_CONFIGURE(r4, 0x5509, 0x0) unshare$auto(0x40000080) r5 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000200), r2) sendmsg$auto_CGROUPSTATS_CMD_GET(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="000427bd7000fedbdf350400000008000100", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000800) openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000340), 0x400, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r6, &(0x7f0000006200)={0x0, 0xfffffffffffffe47, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="230027bd7000fcdbdf2508ffe9000c000380050001800300000004000280080001"], 0x2c}, 0x1, 0x0, 0x0, 0x4008000}, 0x44044) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000002c, 0x0) fsopen$auto(0x0, 0x1) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) shmctl$auto_IPC_RMID(0x7, 0x0, &(0x7f0000000100)={{0x171a4c29, 0x0, 0xee01, 0x401, 0x9, 0xb, 0x2}, 0x8, 0x100, 0x1a56, 0x1, @inferred, @raw=0x8000, 0xe7d, 0x0, &(0x7f0000000000), &(0x7f0000000040)="1783a8"}) r8 = socket(0x23, 0x5, 0x0) listen$auto(r8, 0x5ed) openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) 484.034062ms ago: executing program 2 (id=3899): openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000300), 0x109000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_ETHTOOL_MSG_PSE_SET(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="3b031c640b4ee7b301002e"], 0x14}, 0x1, 0x0, 0x0, 0x4000881}, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002040)={'veth0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000021740)={0x0, 0x0, &(0x7f0000021700)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0xcce03, 0x0) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/tcp_allowed_congestion_control\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0x80) 427.316315ms ago: executing program 0 (id=3901): openat$auto_proc_pid_set_timerslack_ns_operations_base(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSC(0xffffffffffffffff, &(0x7f0000004100)={0x0, 0x0, &(0x7f00000040c0)={&(0x7f0000001280)=ANY=[@ANYBLOB="cd8e3641d90f1d637b97694a497cb8b0903fdf43dbb60fb2b87c9474538461bf49a05dca9afbdba4301173cd9d534696", @ANYRES16=0x0, @ANYBLOB="010026bd7000fcdbdf2501000000451003808979d537b15e7b269e9709c30666825ba8856ad6ab3ad99e85500cfcb077edaa5b915dd1f18d8e7a6b4d0b7cb61f05410078b526f7c55e160e456600b550bc4608675b2863e17ed770ed3c99520a794968efa84653a54d5768ad32e84b1000d3800c003b00ffff0000000000001c0078800c00740009000000000000000c00eb00070000000000000018005e8014000c00fe88000000000000000000000000fd01a00f318050120c124ea20387f709960370226a528831e2c7003a007dc8d19a93c6cc044c0066c80de0de14ee212d710d753e8554fafa5a24710687045676bedd95568efc15f9319fb8c6c94641d19c7c60d4c7fc82a879fd9f34ae08874f5b0c55456fb00830350fd797f3cb7c641e5e33b5b1e4a61db1c0e5d1a9d89fe8a700ecedf1dfcb2c8e0bf394350dd225bc56d563f625cca2ead7b69526a6755f11247962e0f5d93cc2fbadbb6331fb0ad5fa62307af0630e7277ed5a22256ebba223af5482d2b0ee57c8fe775b49f2d30334d4b3981a5da5a8731344295e5df700f02d72fc59d62a29c71a93936fe78cc8de3bea381cd6297070bffe162d4e3e6b3a7cd931a27f", @ANYBLOB="bb14bd00e3f48983e1f63f1cfc9b7e0112c2afa22ab11aa8574e8e31810a133eddd8eeb428cd75cb3c120f77718fa58dab40372cb3749988e6a59a6f8217ae37563468ac64ad4a7576691ce6d5138768ed3bb6042992b4156c2568ec5f2a9b2850f816e01b08de22cde3aa289c7eaa05f3fa6faba112119160f5a19548fe08681470e11d3cdf63793826544e6654a53cacaecfe59cfe81eaaae8f85b63dcad53fd94cfdca2eaadec8e5eda0020436de288f74d70b56027e79a9cc617b376ad85ad1470d6acdc80671a4924d5e2344f3387eac815e0edb13bc67241fbcdf4617092fac0c2eeb3a24dec8c7c5108e5efd75cf77c404e74c37ad174229f4e22587fb8512467c7c478572fe50cc134c94ad1c590befbdb9ae03d"], 0x105c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000000) mount$auto(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='cifs\x00', 0x8000, &(0x7f0000001580)) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) socket(0xf, 0x3, 0x2) read$auto(0x3, 0x0, 0xf34) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) write$auto(0x3, 0x0, 0xffd8) ioctl$auto(0x3, 0x80000541b, 0x38) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r0, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000440)={0x624, 0x0, 0x800, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_ATTR_FRAME_TYPE={0x6}, @NL80211_ATTR_IE={0x5fe, 0x2a, "45460ba5368f80ae2c8b85fe5bb341b05d065158bf54b975dc52763b874974268f35ca9edbb0f8df91959b6a46f9273a3465b010e609aaa1fa6a9774bc22b4190c9372f55e95d7c983e06469eab657b56ac39afb8cee0b0fd4fd6bc0e69f80fbaeb97fc08cf921099256a106f85f87f3b34a2a0480deb7d18016a8e51acffd4afd0b44ad43d15012de87e1ea7c79655ea1f99af46259df46c9774c6dc3dcec334eefe7586aab4f656537933b2079095290fa7aaa3e0ca16edf2b4edabc5eebe391c38b8f449a10f6d85eafd77240051f540e9409f07f14eeddf31eb407682545eee8bf17aa026e0d8eff0a2e3a990523670fd9bf523e3e467776c6c8dd2acf5d15a7cd347fb1d6cb5af7335038ea6a548eed57b45a575284e247703ab0c12d672ed8c2bbcc6f3205b6833304050ec47106f06395b44f6cd5adef6558e78cba510422d77eff4f0102685d9525f46c2b0425875db85d8a380fea25d2bc989aa3ab4760bc79ecf1c9de2bea0c256e2642458e71e60e09e0639aa7f6ded00c29c37c40cc7e95e5d29a0136b128b72829ae9ee54bb48d1471530dca733b94db3bbd8313c69fde3c27d37deb2c60dd84c6ba0113623801d839ab2e2b6ad09a7da08d65a08cc112649be0105041fb2af0fc8a0c569b6e43d15569e84a40cde8b918d0980def8a2a8c08e00b0932f9dbeabc7484d3a12ff13b3d894524cbc9326f39500c24df0a9bc4a2325a31e97b0104c4c08ba559a0e9d650efdc78646845193d18204e82925f7ce89f6046fe96be077970f9f848d62c51d402cfba26c350e3881dcec384561a52eb5d605997c96c13bf6d0e437300788aca714424b7e7ccc9b084704b302c9348dd39659a70242e70da4a01b298b87ccea666a530a125936ee34dd17a5810c2bf02bff42f436025c93464f8e2f1dd649f9073946ccd25e5dadc42bb3157401222eb3bd6ed2fdd264a33f12747adc12ccd4737a77b56ec467c05c268bb9322c4fbf9433d84cd70c9f9049340afcb9041f11b6d6027f82616f9ed4787189a48b1152268486f2c2b49611e767292a7e3ed836b4eaa83569fbcb7d6f0c373baf99a9c8ba2ef7cb706eaab798be0069f8949a7661112857fc3375ff0a7514e31e8e583e646c73a273cda851f5d6d2ee38c82df91d77d5365b39d262dbf5ee1b75f812fc0e190cfc454fee9e8ac85de9d43a9589131d4d61f60a696e31d83b510a77f296195cc3b580720b73304125ea2e587eb9a621cad0aaad5f09d4278da745385eb01ab1c2863a52ba2335553c1deeec5122bd86ce4959c47b28386681ab970dcb4a092dcf101f21a5106e168428e0f9e9d5bfb26fcc0ec75c1eedf38880327ae1d96256291887b5b6dbf4b50daa2a22ca45e93eb34639d7df2bd81d40d2d6075138b1da31250b04e40a88b2cd3cc275d23682f33bcabc006851fa289393286201457e839d6e333238272d70426abbcd2d348bace594d51838a39de2b6cc7b2eee58776615381aab434eafdfdedbd75ba3bedcf9107080ff5f256b76a5db90e188bbf9de0b04d419d5a9bb1930011a89bbfb905055b99f7c4373af4d165e838074b8beb63bd5221646a576ec3dc56f97ecf183d0d30a49d215dd0545395f00261708bfaa91a43c8b24e60963ac1b1a1a559eed16642ecb388b4bf0119d718f841b06f8b3104ad01af072091c9db1a31fba725e5b693d9cebbcad6762c986f22577cd6c0959621ee5c500bf091d0417ff654833b5503b71be93fba90c6a9eb64612f6453c32e958967b156b564c6ea9200058720897038358a2b8263bd8414df4a495e3f1c6399d20b397647e936fa5e54674bff6490c22aaf2945da9397486fb7cb17863e9bc9164b871e798df6fd09a30a52e89e5a7a97a3a27c721598366e8bdca3363ebd3252711468c84a1241a69283d96920364f09f9744b5f254efaab452762a882bc6183a33dc21afb70ef32df6d5d9d70e2818a815412a9bdf5c53b7d6516e078346c7f2240bb3d83372173e2f247094e0fcee1efe00ebf78f12133d0653a7ea02a97ea9d716145dfb61ac150d2e24462516454989224a347d983995b5c3cf2210e9bf985efcfe8d5cf7df70df2dff26da040f6dffa9284ca0524c66bf700a064b9a9e3bd1c940e52a498b0778c07d03758cb"}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x6}]}, 0x624}, 0x1, 0x0, 0x0, 0x80004}, 0x8081) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) getpid() r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x4b72, r2) 423.392359ms ago: executing program 3 (id=3902): openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x102, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xb, 0x4, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe3102, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x2000000007, 0x6, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, r1, 0xfffffffffffffffb) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) ftruncate$auto(0x3, 0x700) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) shmget$auto(0x8, 0x10563, 0x568d1af2) madvise$auto(0x0, 0xffffffffffff0004, 0x19) getpgid$auto(0x0) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x25e3bab421785a14, 0x0) 243.265086ms ago: executing program 2 (id=3903): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000000), r0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) listen$auto(0x3, 0x83) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xc, 0x9c0f, 0x44eb2, 0x10006, 0x300000000000) socket(0x2, 0x3, 0x6) r2 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) write$auto_console_fops_tty_io(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/kernel/debug/bdi/1:15/wb_stats\x00', 0x40, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socketpair$auto(0x1e, 0x3, 0xfffffffe, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0x100085) socket(0x2, 0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x6, 0x0, 0x84) 0s ago: executing program 0 (id=3904): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x9, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) process_mrelease$auto(0xffffffffffffffff, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) inotify_init1$auto(0x403) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x201, 0x7, 0x1f, 0x7181, 0x1ffde, 0x7, 0x40000000001, 0x9, 0xa, 0x0, 0x4, 0x1, 0xb8, 0x9, 0x8, 0x10003, 0x9, 0x4, 0x0, 0xa, 0x1, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x3, 0x0, 0x3, 0x3, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001]}, 0x1fe, 0xd) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df4d"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) bpf$auto_BPF_BTF_LOAD(0x12, &(0x7f0000000040)=@bpf_attr_7={@btf_id=0x400, 0x10000}, 0xc) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) getsockopt$auto_SO_REUSEPORT(r0, 0x1, 0xf, &(0x7f0000000000)='nl802154\x00', 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES16=r1], 0x1ac}}, 0x40000) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="100000001a14af"], 0x14}}, 0x4000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 syzkaller syzkaller login: [ 1342.449344][T23552] netlink: 25 bytes leftover after parsing attributes in process `syz.2.3276'. [ 1343.584794][ T31] audit: type=1800 audit(4294968726.632:32): pid=23587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3282" name="dummy_udc" dev="gadgetfs" ino=6354 res=0 errno=0 [ 1345.026284][T23608] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3286'. [ 1345.340627][T23608] sp0: Synchronizing with TNC [ 1347.973645][T23635] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3293'. [ 1348.091147][T23635] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3293'. [ 1348.148267][T23640] netlink: 174 bytes leftover after parsing attributes in process `syz.4.3293'. [ 1350.212241][ T31] audit: type=1800 audit(4294968733.252:33): pid=23682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3303" name="discovery_nqn" dev="configfs" ino=73599 res=0 errno=0 [ 1350.659797][T23687] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3305'. [ 1350.796171][T23687] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3305'. [ 1350.866819][T23687] netlink: 250 bytes leftover after parsing attributes in process `syz.4.3305'. [ 1351.308056][T23697] FAULT_INJECTION: forcing a failure. [ 1351.308056][T23697] name failslab, interval 1, probability 0, space 0, times 0 [ 1351.349116][T23697] CPU: 1 UID: 0 PID: 23697 Comm: syz.2.3308 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1351.349172][T23697] Tainted: [U]=USER [ 1351.349183][T23697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1351.349203][T23697] Call Trace: [ 1351.349214][T23697] [ 1351.349228][T23697] dump_stack_lvl+0x16c/0x1f0 [ 1351.349298][T23697] should_fail_ex+0x512/0x640 [ 1351.349344][T23697] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1351.349393][T23697] should_failslab+0xc2/0x120 [ 1351.349425][T23697] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1351.349470][T23697] ? alloc_pipe_info+0x10e/0x590 [ 1351.349536][T23697] alloc_pipe_info+0x10e/0x590 [ 1351.349594][T23697] splice_direct_to_actor+0x77d/0xa30 [ 1351.349644][T23697] ? __pfx_direct_splice_actor+0x10/0x10 [ 1351.349691][T23697] ? __pfx_aa_file_perm+0x10/0x10 [ 1351.349738][T23697] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1351.349778][T23697] ? get_pid_task+0xfc/0x250 [ 1351.349835][T23697] do_splice_direct+0x174/0x240 [ 1351.349879][T23697] ? __pfx_do_splice_direct+0x10/0x10 [ 1351.349925][T23697] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1351.349974][T23697] ? rw_verify_area+0xcf/0x680 [ 1351.350021][T23697] do_sendfile+0xb06/0xe50 [ 1351.350075][T23697] ? __pfx_do_sendfile+0x10/0x10 [ 1351.350122][T23697] ? __fget_files+0x20e/0x3c0 [ 1351.350177][T23697] __x64_sys_sendfile64+0x1d8/0x220 [ 1351.350208][T23697] ? ksys_write+0x1ac/0x250 [ 1351.350254][T23697] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1351.350323][T23697] do_syscall_64+0xcd/0x490 [ 1351.350378][T23697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1351.350413][T23697] RIP: 0033:0x7fa8f3f8e929 [ 1351.350451][T23697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1351.350485][T23697] RSP: 002b:00007fa8f4ec7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1351.350517][T23697] RAX: ffffffffffffffda RBX: 00007fa8f41b5fa0 RCX: 00007fa8f3f8e929 [ 1351.350546][T23697] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1351.350566][T23697] RBP: 00007fa8f4ec7090 R08: 0000000000000000 R09: 0000000000000000 [ 1351.350586][T23697] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 1351.350606][T23697] R13: 0000000000000000 R14: 00007fa8f41b5fa0 R15: 00007fff80dd3eb8 [ 1351.350649][T23697] [ 1351.449017][T23705] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1351.791432][T23700] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3309'. [ 1351.863286][T23700] veth0_macvtap: left promiscuous mode [ 1352.323514][ T3937] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 886 with max blocks 31 with error 74 [ 1352.424805][ T3937] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1352.424805][ T3937] [ 1352.479131][ T3937] EXT4-fs (sda1): Delayed block allocation failed for inode 2029 at logical offset 935 with max blocks 1 with error 117 [ 1352.518637][ T3937] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1352.518637][ T3937] [ 1357.543805][T23769] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3320'. [ 1357.712069][T23769] macsec0: entered promiscuous mode [ 1357.743029][T23769] macsec0: entered allmulticast mode [ 1357.864870][T23769] veth1_macvtap: entered allmulticast mode [ 1357.902915][T23765] could not allocate digest TFM handle [ 1358.624782][T23787] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3323'. [ 1359.460597][T23800] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input58 [ 1362.014717][T23848] block nbd9: NBD_DISCONNECT [ 1366.766180][T23914] FAULT_INJECTION: forcing a failure. [ 1366.766180][T23914] name failslab, interval 1, probability 0, space 0, times 0 [ 1366.834061][T23914] CPU: 1 UID: 0 PID: 23914 Comm: syz.0.3342 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1366.834139][T23914] Tainted: [U]=USER [ 1366.834150][T23914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1366.834170][T23914] Call Trace: [ 1366.834181][T23914] [ 1366.834195][T23914] dump_stack_lvl+0x16c/0x1f0 [ 1366.834255][T23914] should_fail_ex+0x512/0x640 [ 1366.834303][T23914] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1366.834354][T23914] should_failslab+0xc2/0x120 [ 1366.834387][T23914] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1366.834432][T23914] ? tracing_open+0x328/0xf90 [ 1366.834475][T23914] tracing_open+0x328/0xf90 [ 1366.834510][T23914] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1366.834561][T23914] do_dentry_open+0x741/0x1c10 [ 1366.834610][T23914] ? __pfx_tracing_open+0x10/0x10 [ 1366.834653][T23914] vfs_open+0x82/0x3f0 [ 1366.834694][T23914] path_openat+0x1de4/0x2cb0 [ 1366.834753][T23914] ? __pfx_path_openat+0x10/0x10 [ 1366.834801][T23914] ? __lock_acquire+0xb8a/0x1c90 [ 1366.834849][T23914] do_filp_open+0x20b/0x470 [ 1366.834899][T23914] ? __pfx_do_filp_open+0x10/0x10 [ 1366.834978][T23914] ? alloc_fd+0x471/0x7d0 [ 1366.835036][T23914] do_sys_openat2+0x11b/0x1d0 [ 1366.835085][T23914] ? __pfx_do_sys_openat2+0x10/0x10 [ 1366.835127][T23914] ? ksys_semctl.constprop.0+0x152/0x2f0 [ 1366.835179][T23914] __x64_sys_openat+0x174/0x210 [ 1366.835215][T23914] ? __pfx___x64_sys_openat+0x10/0x10 [ 1366.835268][T23914] do_syscall_64+0xcd/0x490 [ 1366.835325][T23914] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1366.835357][T23914] RIP: 0033:0x7f11c7f8e929 [ 1366.835387][T23914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1366.835421][T23914] RSP: 002b:00007f11c8e79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1366.835452][T23914] RAX: ffffffffffffffda RBX: 00007f11c81b6080 RCX: 00007f11c7f8e929 [ 1366.835474][T23914] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1366.835496][T23914] RBP: 00007f11c8010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1366.835516][T23914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1366.835535][T23914] R13: 0000000000000000 R14: 00007f11c81b6080 R15: 00007fff6ffa15c8 [ 1366.835578][T23914] [ 1367.448216][T23909] block nbd9: NBD_DISCONNECT [ 1368.429096][T23937] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3350'. [ 1371.545728][T23985] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1372.196422][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1372.203190][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1377.560778][T24071] ima: policy update failed [ 1377.568021][T24071] netlink: 25 bytes leftover after parsing attributes in process `syz.4.3379'. [ 1377.579164][ T31] audit: type=1802 audit(4294970808.700:34): pid=24071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.3379" res=0 errno=0 [ 1379.743533][T24111] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1380.064603][T24118] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input59 [ 1380.373717][T24123] can: request_module (can-proto-4) failed. [ 1381.027775][T24126] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1381.035846][T24126] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1381.042591][T24126] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1381.048855][T24126] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1381.152944][T24126] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1381.159045][T24126] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1381.438241][T24143] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3392'. [ 1381.476456][T24138] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3392'. [ 1381.490322][T24138] netlink: 290 bytes leftover after parsing attributes in process `syz.4.3392'. [ 1382.340049][T24152] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3394'. [ 1382.350651][T24158] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3394'. [ 1382.775104][ T5847] Bluetooth: hci0: command 0x0c1a tx timeout [ 1382.895909][T11006] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1352 with max blocks 18 with error 117 [ 1382.957662][T11006] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1382.957662][T11006] [ 1383.091062][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 1383.091073][T20704] Bluetooth: hci1: command 0x0419 tx timeout [ 1383.180532][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 1385.197916][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 1385.229805][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 1386.657975][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.665974][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.673393][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.681003][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.688390][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.695769][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.703127][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.710566][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.717926][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.725325][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.732700][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.740023][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.747471][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.755331][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.762704][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.770485][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.777913][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.785576][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.792959][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.800282][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.807702][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.815137][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.822569][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.829924][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.837306][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.844686][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.852071][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.859718][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.867108][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.874483][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.881873][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.889474][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1386.896904][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 4 < 18 [ 1390.174592][T24282] netlink: 'syz.2.3411': attribute type 1 has an invalid length. [ 1391.069936][T24296] FAULT_INJECTION: forcing a failure. [ 1391.069936][T24296] name failslab, interval 1, probability 0, space 0, times 0 [ 1391.179670][T24296] CPU: 1 UID: 0 PID: 24296 Comm: syz.3.3413 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1391.179717][T24296] Tainted: [U]=USER [ 1391.179726][T24296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1391.179742][T24296] Call Trace: [ 1391.179751][T24296] [ 1391.179762][T24296] dump_stack_lvl+0x16c/0x1f0 [ 1391.179818][T24296] should_fail_ex+0x512/0x640 [ 1391.179855][T24296] ? __kmalloc_noprof+0xbf/0x510 [ 1391.179895][T24296] ? create_ruleset+0x21/0x140 [ 1391.179934][T24296] should_failslab+0xc2/0x120 [ 1391.179959][T24296] __kmalloc_noprof+0xd2/0x510 [ 1391.179994][T24296] ? __might_fault+0xe3/0x190 [ 1391.180030][T24296] ? __might_fault+0xe3/0x190 [ 1391.180069][T24296] create_ruleset+0x21/0x140 [ 1391.180110][T24296] landlock_create_ruleset+0x77/0x230 [ 1391.180142][T24296] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1391.180184][T24296] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1391.180237][T24296] do_syscall_64+0xcd/0x490 [ 1391.180279][T24296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1391.180305][T24296] RIP: 0033:0x7fd36cf8e929 [ 1391.180326][T24296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1391.180351][T24296] RSP: 002b:00007fd36dd86038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1391.180374][T24296] RAX: ffffffffffffffda RBX: 00007fd36d1b6080 RCX: 00007fd36cf8e929 [ 1391.180392][T24296] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1391.180408][T24296] RBP: 00007fd36d010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1391.180423][T24296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1391.180439][T24296] R13: 0000000000000000 R14: 00007fd36d1b6080 R15: 00007ffe372a7748 [ 1391.180469][T24296] [ 1393.088666][T24320] binder: 24319:24320 ioctl c0046209 0 returned -22 [ 1393.520395][T24326] netlink: 326 bytes leftover after parsing attributes in process `syz.2.3419'. [ 1395.379231][T24342] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3421'. [ 1397.926353][T24370] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1397.933010][T24370] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1397.963432][T24366] FAULT_INJECTION: forcing a failure. [ 1397.963432][T24366] name failslab, interval 1, probability 0, space 0, times 0 [ 1397.985298][T24366] CPU: 0 UID: 0 PID: 24366 Comm: syz.2.3427 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1397.985359][T24366] Tainted: [U]=USER [ 1397.985372][T24366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1397.985393][T24366] Call Trace: [ 1397.985405][T24366] [ 1397.985419][T24366] dump_stack_lvl+0x16c/0x1f0 [ 1397.985479][T24366] should_fail_ex+0x512/0x640 [ 1397.985527][T24366] ? __kmalloc_noprof+0xbf/0x510 [ 1397.985577][T24366] ? alloc_pipe_info+0x1ec/0x590 [ 1397.985627][T24366] should_failslab+0xc2/0x120 [ 1397.985659][T24366] __kmalloc_noprof+0xd2/0x510 [ 1397.985717][T24366] alloc_pipe_info+0x1ec/0x590 [ 1397.985772][T24366] splice_direct_to_actor+0x77d/0xa30 [ 1397.985819][T24366] ? __pfx_direct_splice_actor+0x10/0x10 [ 1397.985867][T24366] ? __pfx_aa_file_perm+0x10/0x10 [ 1397.985915][T24366] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1397.985972][T24366] do_splice_direct+0x174/0x240 [ 1397.986016][T24366] ? __pfx_do_splice_direct+0x10/0x10 [ 1397.986060][T24366] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1397.986118][T24366] ? rw_verify_area+0xcf/0x680 [ 1397.986167][T24366] do_sendfile+0xb06/0xe50 [ 1397.986222][T24366] ? __pfx_do_sendfile+0x10/0x10 [ 1397.986272][T24366] ? __x64_sys_futex+0x1e0/0x4c0 [ 1397.986311][T24366] ? __x64_sys_futex+0x1e9/0x4c0 [ 1397.986357][T24366] __x64_sys_sendfile64+0x1d8/0x220 [ 1397.986391][T24366] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1397.986461][T24366] do_syscall_64+0xcd/0x490 [ 1397.986519][T24366] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1397.986555][T24366] RIP: 0033:0x7fa8f3f8e929 [ 1397.986584][T24366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1397.986621][T24366] RSP: 002b:00007fa8f4ec7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1397.986655][T24366] RAX: ffffffffffffffda RBX: 00007fa8f41b5fa0 RCX: 00007fa8f3f8e929 [ 1397.986680][T24366] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 1397.986700][T24366] RBP: 00007fa8f4010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1397.986722][T24366] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1397.986743][T24366] R13: 0000000000000000 R14: 00007fa8f41b5fa0 R15: 00007fff80dd3eb8 [ 1397.986789][T24366] [ 1403.514107][T24428] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3439'. [ 1404.764716][T24434] Invalid ELF header magic: != ELF [ 1405.471191][T24435] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 1405.471191][T24435] The task syz.0.3441 (24435) triggered the difference, watch for misbehavior. [ 1405.504211][ T31] audit: type=1800 audit(4294967319.007:35): pid=24436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3441" name="lu_gp_id" dev="configfs" ino=75909 res=0 errno=0 [ 1405.622313][ T5847] Bluetooth: hci1: unexpected event 0x23 length: 127 > 13 [ 1409.367624][T24511] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1413.553281][T24249] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 3576 with max blocks 8 with error 117 [ 1413.637909][T24249] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1413.637909][T24249] [ 1413.730140][T24249] EXT4-fs (sda1): Delayed block allocation failed for inode 2033 at logical offset 3170 with max blocks 338 with error 117 [ 1413.828562][T24249] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1413.828562][T24249] [ 1424.101800][T24677] netlink: 'syz.2.3489': attribute type 4 has an invalid length. [ 1424.211207][T24677] netlink: 314 bytes leftover after parsing attributes in process `syz.2.3489'. [ 1424.336214][T24677] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1424.343671][T24677] IPv6: NLM_F_CREATE should be set when creating new route [ 1425.799348][T24700] FAULT_INJECTION: forcing a failure. [ 1425.799348][T24700] name failslab, interval 1, probability 0, space 0, times 0 [ 1425.832488][T24700] CPU: 1 UID: 0 PID: 24700 Comm: syz.2.3493 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1425.832535][T24700] Tainted: [U]=USER [ 1425.832544][T24700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1425.832561][T24700] Call Trace: [ 1425.832570][T24700] [ 1425.832581][T24700] dump_stack_lvl+0x16c/0x1f0 [ 1425.832627][T24700] should_fail_ex+0x512/0x640 [ 1425.832666][T24700] ? __kmalloc_noprof+0xbf/0x510 [ 1425.832706][T24700] ? create_ruleset+0x21/0x140 [ 1425.832747][T24700] should_failslab+0xc2/0x120 [ 1425.832772][T24700] __kmalloc_noprof+0xd2/0x510 [ 1425.832809][T24700] ? __might_fault+0xe3/0x190 [ 1425.832846][T24700] ? __might_fault+0xe3/0x190 [ 1425.832887][T24700] create_ruleset+0x21/0x140 [ 1425.832929][T24700] landlock_create_ruleset+0x77/0x230 [ 1425.832957][T24700] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1425.833001][T24700] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1425.833056][T24700] do_syscall_64+0xcd/0x490 [ 1425.833101][T24700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1425.833128][T24700] RIP: 0033:0x7fa8f3f8e929 [ 1425.833149][T24700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1425.833175][T24700] RSP: 002b:00007fa8f4ea6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1425.833200][T24700] RAX: ffffffffffffffda RBX: 00007fa8f41b6080 RCX: 00007fa8f3f8e929 [ 1425.833217][T24700] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1425.833234][T24700] RBP: 00007fa8f4010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1425.833250][T24700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1425.833267][T24700] R13: 0000000000000000 R14: 00007fa8f41b6080 R15: 00007fff80dd3eb8 [ 1425.833299][T24700] [ 1428.593759][T24741] FAULT_INJECTION: forcing a failure. [ 1428.593759][T24741] name failslab, interval 1, probability 0, space 0, times 0 [ 1428.702706][T24741] CPU: 1 UID: 0 PID: 24741 Comm: syz.2.3501 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1428.702765][T24741] Tainted: [U]=USER [ 1428.702778][T24741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1428.702798][T24741] Call Trace: [ 1428.702811][T24741] [ 1428.702826][T24741] dump_stack_lvl+0x16c/0x1f0 [ 1428.702889][T24741] should_fail_ex+0x512/0x640 [ 1428.702939][T24741] ? __kmalloc_noprof+0xbf/0x510 [ 1428.702992][T24741] ? create_ruleset+0x21/0x140 [ 1428.703046][T24741] should_failslab+0xc2/0x120 [ 1428.703080][T24741] __kmalloc_noprof+0xd2/0x510 [ 1428.703130][T24741] ? __might_fault+0xe3/0x190 [ 1428.703178][T24741] ? __might_fault+0xe3/0x190 [ 1428.703234][T24741] create_ruleset+0x21/0x140 [ 1428.703290][T24741] landlock_create_ruleset+0x77/0x230 [ 1428.703329][T24741] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1428.703397][T24741] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1428.703474][T24741] do_syscall_64+0xcd/0x490 [ 1428.703535][T24741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1428.703571][T24741] RIP: 0033:0x7fa8f3f8e929 [ 1428.703600][T24741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1428.703637][T24741] RSP: 002b:00007fa8f4ea6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1428.703671][T24741] RAX: ffffffffffffffda RBX: 00007fa8f41b6080 RCX: 00007fa8f3f8e929 [ 1428.703694][T24741] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1428.703716][T24741] RBP: 00007fa8f4010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1428.703738][T24741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1428.703758][T24741] R13: 0000000000000000 R14: 00007fa8f41b6080 R15: 00007fff80dd3eb8 [ 1428.703803][T24741] [ 1429.377466][T24733] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1433.287166][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1433.293592][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1437.716058][T24853] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61 [ 1437.943102][T24857] FAULT_INJECTION: forcing a failure. [ 1437.943102][T24857] name failslab, interval 1, probability 0, space 0, times 0 [ 1437.984769][T24857] CPU: 1 UID: 0 PID: 24857 Comm: syz.0.3520 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1437.984826][T24857] Tainted: [U]=USER [ 1437.984839][T24857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1437.984860][T24857] Call Trace: [ 1437.984871][T24857] [ 1437.984885][T24857] dump_stack_lvl+0x16c/0x1f0 [ 1437.984948][T24857] should_fail_ex+0x512/0x640 [ 1437.984997][T24857] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1437.985046][T24857] should_failslab+0xc2/0x120 [ 1437.985078][T24857] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1437.985124][T24857] ? police_init_net+0x56/0x270 [ 1437.985177][T24857] ? __pfx_police_init_net+0x10/0x10 [ 1437.985229][T24857] police_init_net+0x56/0x270 [ 1437.985280][T24857] ops_init+0x1e2/0x5f0 [ 1437.985318][T24857] setup_net+0x1ff/0x510 [ 1437.985350][T24857] ? lockdep_init_map_type+0x5c/0x280 [ 1437.985398][T24857] ? __pfx_setup_net+0x10/0x10 [ 1437.985436][T24857] ? debug_mutex_init+0x37/0x70 [ 1437.985475][T24857] copy_net_ns+0x2a6/0x5f0 [ 1437.985533][T24857] create_new_namespaces+0x3ea/0xa90 [ 1437.985582][T24857] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1437.985626][T24857] ksys_unshare+0x45b/0xa40 [ 1437.985672][T24857] ? __pfx_ksys_unshare+0x10/0x10 [ 1437.985718][T24857] ? xfd_validate_state+0x61/0x180 [ 1437.985776][T24857] __x64_sys_unshare+0x31/0x40 [ 1437.985822][T24857] do_syscall_64+0xcd/0x490 [ 1437.985879][T24857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1437.985912][T24857] RIP: 0033:0x7f11c7f8e929 [ 1437.985942][T24857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1437.985976][T24857] RSP: 002b:00007f11c8e37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1437.986011][T24857] RAX: ffffffffffffffda RBX: 00007f11c81b6240 RCX: 00007f11c7f8e929 [ 1437.986065][T24857] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1437.986087][T24857] RBP: 00007f11c8010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1437.986109][T24857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1437.986131][T24857] R13: 0000000000000000 R14: 00007f11c81b6240 R15: 00007fff6ffa15c8 [ 1437.986177][T24857] [ 1440.039707][T24876] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3527'. [ 1440.056905][T24884] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1440.266343][T24883] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1440.273021][T24883] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1440.287026][T24883] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1440.296974][T24883] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1440.638935][T24899] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1440.934643][T24906] FAULT_INJECTION: forcing a failure. [ 1440.934643][T24906] name failslab, interval 1, probability 0, space 0, times 0 [ 1440.966150][T24906] CPU: 0 UID: 0 PID: 24906 Comm: syz.4.3534 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1440.966213][T24906] Tainted: [U]=USER [ 1440.966226][T24906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1440.966246][T24906] Call Trace: [ 1440.966258][T24906] [ 1440.966272][T24906] dump_stack_lvl+0x16c/0x1f0 [ 1440.966334][T24906] should_fail_ex+0x512/0x640 [ 1440.966384][T24906] ? __kmalloc_noprof+0xbf/0x510 [ 1440.966436][T24906] ? create_ruleset+0x21/0x140 [ 1440.966489][T24906] should_failslab+0xc2/0x120 [ 1440.966521][T24906] __kmalloc_noprof+0xd2/0x510 [ 1440.966570][T24906] ? __might_fault+0xe3/0x190 [ 1440.966618][T24906] ? __might_fault+0xe3/0x190 [ 1440.966672][T24906] create_ruleset+0x21/0x140 [ 1440.966727][T24906] landlock_create_ruleset+0x77/0x230 [ 1440.966768][T24906] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1440.966825][T24906] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1440.966901][T24906] do_syscall_64+0xcd/0x490 [ 1440.966971][T24906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1440.967009][T24906] RIP: 0033:0x7f30ec78e929 [ 1440.967039][T24906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1440.967080][T24906] RSP: 002b:00007f30ea5d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1440.967115][T24906] RAX: ffffffffffffffda RBX: 00007f30ec9b6080 RCX: 00007f30ec78e929 [ 1440.967138][T24906] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1440.967159][T24906] RBP: 00007f30ec810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1440.967179][T24906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1440.967201][T24906] R13: 0000000000000000 R14: 00007f30ec9b6080 R15: 00007fff856752b8 [ 1440.967246][T24906] [ 1442.196542][T24894] Bluetooth: hci0: command 0x0c1a tx timeout [ 1442.345097][T24894] Bluetooth: hci3: command 0x0406 tx timeout [ 1442.351701][ T5847] Bluetooth: hci1: command 0x0419 tx timeout [ 1442.357910][ T5847] Bluetooth: hci2: command 0x0406 tx timeout [ 1444.670063][T24960] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3544'. [ 1444.701263][T24960] vcan0: entered promiscuous mode [ 1445.331280][T24966] FAULT_INJECTION: forcing a failure. [ 1445.331280][T24966] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1445.352521][T24966] CPU: 0 UID: 0 PID: 24966 Comm: syz.2.3547 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1445.352576][T24966] Tainted: [U]=USER [ 1445.352587][T24966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1445.352607][T24966] Call Trace: [ 1445.352618][T24966] [ 1445.352631][T24966] dump_stack_lvl+0x16c/0x1f0 [ 1445.352686][T24966] should_fail_ex+0x512/0x640 [ 1445.352738][T24966] _copy_from_user+0x2e/0xd0 [ 1445.352800][T24966] copy_msghdr_from_user+0x98/0x160 [ 1445.352853][T24966] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1445.352912][T24966] ? __pfx__kstrtoull+0x10/0x10 [ 1445.352957][T24966] ___sys_sendmsg+0xfe/0x1d0 [ 1445.353010][T24966] ? __pfx____sys_sendmsg+0x10/0x10 [ 1445.353083][T24966] ? find_held_lock+0x2b/0x80 [ 1445.353145][T24966] __sys_sendmmsg+0x200/0x420 [ 1445.353202][T24966] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1445.353273][T24966] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1445.353343][T24966] ? fput+0x70/0xf0 [ 1445.353373][T24966] ? ksys_write+0x1ac/0x250 [ 1445.353416][T24966] ? __pfx_ksys_write+0x10/0x10 [ 1445.353471][T24966] __x64_sys_sendmmsg+0x9c/0x100 [ 1445.353522][T24966] ? lockdep_hardirqs_on+0x7c/0x110 [ 1445.353573][T24966] do_syscall_64+0xcd/0x490 [ 1445.353629][T24966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1445.353663][T24966] RIP: 0033:0x7fa8f3f8e929 [ 1445.353690][T24966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1445.353730][T24966] RSP: 002b:00007fa8f4ec7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1445.353763][T24966] RAX: ffffffffffffffda RBX: 00007fa8f41b5fa0 RCX: 00007fa8f3f8e929 [ 1445.353795][T24966] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000003 [ 1445.353814][T24966] RBP: 00007fa8f4ec7090 R08: 0000000000000000 R09: 0000000000000000 [ 1445.353833][T24966] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 1445.353853][T24966] R13: 0000000000000000 R14: 00007fa8f41b5fa0 R15: 00007fff80dd3eb8 [ 1445.353894][T24966] [ 1445.581866][T24969] [U] [ 1445.584794][T24969] [U] [ 1445.587580][T24969] [U] [ 1445.590361][T24969] [U] [ 1445.593578][T24969] [U] [ 1445.596364][T24969] [U] [ 1445.599145][T24969] [U] [ 1445.601917][T24969] [U] [ 1445.605071][T24969] [U] [ 1445.607878][T24969] [U] [ 1445.610654][T24969] [U] [ 1445.613446][T24969] [U] [ 1445.616936][T24969] [U] [ 1445.619725][T24969] [U] [ 1445.622503][T24969] [U] [ 1445.625266][T24969] [U] [ 1445.628318][T24969] [U] [ 1445.631093][T24969] [U] [ 1445.633866][T24969] [U] [ 1445.636640][T24969] [U] [ 1445.640118][T24969] [U] [ 1445.642918][T24969] [U] [ 1445.645698][T24969] [U] [ 1445.648490][T24969] [U] [ 1445.651566][T24969] [U] [ 1445.654337][T24969] [U] [ 1445.657117][T24969] [U] [ 1445.659907][T24969] [U] [ 1445.663012][T24969] [U] [ 1445.665814][T24969] [U] [ 1445.668608][T24969] [U] [ 1445.671384][T24969] [U] [ 1445.674545][T24969] [U] [ 1445.677352][T24969] [U] [ 1445.680126][T24969] [U] [ 1445.682886][T24969] [U] [ 1445.686292][T24969] [U] [ 1445.689061][T24969] [U] [ 1445.691815][T24969] [U] [ 1445.694566][T24969] [U] [ 1445.697591][T24969] [U] [ 1445.700358][T24969] [U] [ 1445.703115][T24969] [U] [ 1445.705876][T24969] [U] [ 1445.709389][T24969] [U] [ 1445.712187][T24969] [U] [ 1445.714971][T24969] [U] [ 1445.717762][T24969] [U] [ 1445.720847][T24969] [U] [ 1445.723629][T24969] [U] [ 1445.726412][T24969] [U] [ 1445.729195][T24969] [U] [ 1445.732338][T24969] [U] [ 1445.735104][T24969] [U] [ 1445.737873][T24969] [U] [ 1445.740624][T24969] [U] [ 1445.744098][T24969] [U] [ 1445.746895][T24969] [U] [ 1445.749679][T24969] [U] [ 1445.752465][T24969] [U] [ 1445.755575][T24969] [U] [ 1445.758358][T24969] [U] [ 1445.761125][T24969] [U] [ 1445.763892][T24969] [U] [ 1445.767049][T24969] [U] [ 1445.769840][T24969] [U] [ 1445.772604][T24969] [U] [ 1445.775371][T24969] [U] [ 1445.778760][T24969] [U] [ 1445.781543][T24969] [U] [ 1445.784310][T24969] [U] [ 1445.787085][T24969] [U] [ 1445.790174][T24969] [U] [ 1445.792952][T24969] [U] [ 1445.795726][T24969] [U] [ 1445.798502][T24969] [U] [ 1445.801608][T24969] [U] [ 1445.804374][T24969] [U] [ 1445.807136][T24969] [U] [ 1445.809890][T24969] [U] [ 1445.813886][T24969] [U] [ 1445.816679][T24969] [U] [ 1445.819429][T24969] [U] [ 1445.822173][T24969] [U] [ 1445.825518][T24969] [U] [ 1445.828305][T24969] [U] [ 1445.831092][T24969] [U] [ 1445.833864][T24969] [U] [ 1445.908344][T24969] [U] [ 1445.911188][T24969] [U] [ 1445.913965][T24969] [U] [ 1445.916749][T24969] [U] [ 1445.963136][T24969] [U] [ 1445.965967][T24969] [U] [ 1445.968761][T24969] [U] [ 1445.971531][T24969] [U] [ 1446.019363][T24969] [U] [ 1446.022214][T24969] [U] [ 1446.024997][T24969] [U] [ 1446.027779][T24969] [U] [ 1446.065742][T24969] [U] [ 1446.068667][T24969] [U] [ 1446.071442][T24969] [U] [ 1446.074222][T24969] [U] [ 1446.096242][T24978] [U] [ 1446.849624][T24991] vivid-003: ================= START STATUS ================= [ 1446.872799][T24991] vivid-003: Radio HW Seek Mode: Bounded [ 1446.927868][T24991] vivid-003: Radio Programmable HW Seek: false [ 1446.966531][T24991] vivid-003: RDS Rx I/O Mode: Block I/O [ 1446.996486][T24991] vivid-003: Generate RBDS Instead of RDS: false [ 1447.018545][T24991] vivid-003: RDS Reception: true [ 1447.023627][T24991] vivid-003: RDS Program Type: 0 inactive [ 1447.081196][T24991] vivid-003: RDS PS Name: inactive [ 1447.287160][T24991] vivid-003: RDS Radio Text: inactive [ 1447.292798][T24991] vivid-003: RDS Traffic Announcement: false inactive [ 1447.421051][T24991] vivid-003: RDS Traffic Program: false inactive [ 1447.492988][T24991] vivid-003: RDS Music: false inactive [ 1447.552244][T24991] vivid-003: ================== END STATUS ================== [ 1449.826665][T25019] FAULT_INJECTION: forcing a failure. [ 1449.826665][T25019] name failslab, interval 1, probability 0, space 0, times 0 [ 1450.035721][T25019] CPU: 0 UID: 0 PID: 25019 Comm: syz.0.3557 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1450.035783][T25019] Tainted: [U]=USER [ 1450.035795][T25019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1450.035815][T25019] Call Trace: [ 1450.035826][T25019] [ 1450.035841][T25019] dump_stack_lvl+0x16c/0x1f0 [ 1450.035901][T25019] should_fail_ex+0x512/0x640 [ 1450.035951][T25019] ? __kmalloc_noprof+0xbf/0x510 [ 1450.036004][T25019] ? create_ruleset+0x21/0x140 [ 1450.036057][T25019] should_failslab+0xc2/0x120 [ 1450.036091][T25019] __kmalloc_noprof+0xd2/0x510 [ 1450.036141][T25019] ? __might_fault+0xe3/0x190 [ 1450.036189][T25019] ? __might_fault+0xe3/0x190 [ 1450.036242][T25019] create_ruleset+0x21/0x140 [ 1450.036302][T25019] landlock_create_ruleset+0x77/0x230 [ 1450.036338][T25019] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1450.036410][T25019] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1450.036486][T25019] do_syscall_64+0xcd/0x490 [ 1450.036547][T25019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1450.036583][T25019] RIP: 0033:0x7f11c7f8e929 [ 1450.036613][T25019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1450.036648][T25019] RSP: 002b:00007f11c8e79038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1450.036683][T25019] RAX: ffffffffffffffda RBX: 00007f11c81b6080 RCX: 00007f11c7f8e929 [ 1450.036707][T25019] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1450.036729][T25019] RBP: 00007f11c8010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1450.036750][T25019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1450.036772][T25019] R13: 0000000000000000 R14: 00007f11c81b6080 R15: 00007fff6ffa15c8 [ 1450.036817][T25019] [ 1456.477140][T25100] vivid-003: ================= START STATUS ================= [ 1456.499188][T25100] vivid-003: Radio HW Seek Mode: Bounded [ 1456.514210][T25100] vivid-003: Radio Programmable HW Seek: false [ 1456.531217][T25100] vivid-003: RDS Rx I/O Mode: Block I/O [ 1456.547131][T25100] vivid-003: Generate RBDS Instead of RDS: false [ 1456.591037][T25100] vivid-003: RDS Reception: true [ 1456.627556][T25100] vivid-003: RDS Program Type: 0 inactive [ 1456.670158][T25100] vivid-003: RDS PS Name: inactive [ 1456.720603][T25100] vivid-003: RDS Radio Text: inactive [ 1456.772609][T25100] vivid-003: RDS Traffic Announcement: false inactive [ 1456.825005][T25100] vivid-003: RDS Traffic Program: false inactive [ 1456.831513][T25100] vivid-003: RDS Music: false inactive [ 1456.951903][T25100] vivid-003: ================== END STATUS ================== [ 1459.677776][T25136] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input62 [ 1461.149001][T25157] ptrace attach of "./syz-executor exec"[25159] was attempted by "./syz-executor exec"[25157] [ 1461.221793][T25160] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1466.078864][T25218] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1467.209878][T25227] FAULT_INJECTION: forcing a failure. [ 1467.209878][T25227] name failslab, interval 1, probability 0, space 0, times 0 [ 1467.371925][T25227] CPU: 1 UID: 0 PID: 25227 Comm: syz.4.3604 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1467.371984][T25227] Tainted: [U]=USER [ 1467.371995][T25227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1467.372015][T25227] Call Trace: [ 1467.372027][T25227] [ 1467.372041][T25227] dump_stack_lvl+0x16c/0x1f0 [ 1467.372105][T25227] should_fail_ex+0x512/0x640 [ 1467.372156][T25227] ? __kmalloc_noprof+0xbf/0x510 [ 1467.372214][T25227] ? create_ruleset+0x21/0x140 [ 1467.372265][T25227] should_failslab+0xc2/0x120 [ 1467.372298][T25227] __kmalloc_noprof+0xd2/0x510 [ 1467.372361][T25227] ? __might_fault+0xe3/0x190 [ 1467.372414][T25227] ? __might_fault+0xe3/0x190 [ 1467.372471][T25227] create_ruleset+0x21/0x140 [ 1467.372530][T25227] landlock_create_ruleset+0x77/0x230 [ 1467.372570][T25227] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1467.372630][T25227] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1467.372707][T25227] do_syscall_64+0xcd/0x490 [ 1467.372767][T25227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1467.372805][T25227] RIP: 0033:0x7f30ec78e929 [ 1467.372835][T25227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1467.372870][T25227] RSP: 002b:00007f30ea5d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1467.372903][T25227] RAX: ffffffffffffffda RBX: 00007f30ec9b6080 RCX: 00007f30ec78e929 [ 1467.372927][T25227] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1467.372949][T25227] RBP: 00007f30ec810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1467.372970][T25227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1467.372991][T25227] R13: 0000000000000000 R14: 00007f30ec9b6080 R15: 00007fff856752b8 [ 1467.373036][T25227] [ 1470.675803][T25264] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 1470.682346][T25264] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 1472.132200][T25280] FAULT_INJECTION: forcing a failure. [ 1472.132200][T25280] name failslab, interval 1, probability 0, space 0, times 0 [ 1472.215044][T25280] CPU: 0 UID: 0 PID: 25280 Comm: syz.3.3616 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1472.215087][T25280] Tainted: [U]=USER [ 1472.215096][T25280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1472.215111][T25280] Call Trace: [ 1472.215120][T25280] [ 1472.215130][T25280] dump_stack_lvl+0x16c/0x1f0 [ 1472.215187][T25280] should_fail_ex+0x512/0x640 [ 1472.215223][T25280] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1472.215266][T25280] should_failslab+0xc2/0x120 [ 1472.215301][T25280] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1472.215335][T25280] ? __lock_acquire+0xb8a/0x1c90 [ 1472.215365][T25280] ? __d_alloc+0x31/0xaa0 [ 1472.215404][T25280] __d_alloc+0x31/0xaa0 [ 1472.215442][T25280] d_alloc_pseudo+0x1c/0xc0 [ 1472.215467][T25280] alloc_file_pseudo+0xcf/0x230 [ 1472.215494][T25280] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1472.215519][T25280] ? do_raw_spin_unlock+0x172/0x230 [ 1472.215560][T25280] __anon_inode_getfile+0xf7/0x3a0 [ 1472.215598][T25280] anon_inode_getfd+0x52/0xb0 [ 1472.215653][T25280] __do_sys_landlock_create_ruleset+0x294/0x4e0 [ 1472.215696][T25280] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1472.215766][T25280] do_syscall_64+0xcd/0x490 [ 1472.215809][T25280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1472.215835][T25280] RIP: 0033:0x7fd36cf8e929 [ 1472.215855][T25280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1472.215880][T25280] RSP: 002b:00007fd36dd86038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1472.215903][T25280] RAX: ffffffffffffffda RBX: 00007fd36d1b6080 RCX: 00007fd36cf8e929 [ 1472.215920][T25280] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1472.215936][T25280] RBP: 00007fd36d010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1472.215951][T25280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1472.215967][T25280] R13: 0000000000000000 R14: 00007fd36d1b6080 R15: 00007ffe372a7748 [ 1472.215997][T25280] [ 1473.057310][T25290] vivid-003: ================= START STATUS ================= [ 1473.070157][T25290] vivid-003: Radio HW Seek Mode: Bounded [ 1473.075886][T25290] vivid-003: Radio Programmable HW Seek: false [ 1473.115816][T25290] vivid-003: RDS Rx I/O Mode: Block I/O [ 1473.129471][T25290] vivid-003: Generate RBDS Instead of RDS: false [ 1473.135943][T25290] vivid-003: RDS Reception: true [ 1473.169366][T25290] vivid-003: RDS Program Type: 0 inactive [ 1473.175378][T25290] vivid-003: RDS PS Name: inactive [ 1473.181282][T25290] vivid-003: RDS Radio Text: inactive [ 1473.187022][T25290] vivid-003: RDS Traffic Announcement: false inactive [ 1473.197134][T25290] vivid-003: RDS Traffic Program: false inactive [ 1473.209470][T25290] vivid-003: RDS Music: false inactive [ 1473.215216][T25290] vivid-003: ================== END STATUS ================== [ 1474.648648][T24261] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 1368 with max blocks 2 with error 117 [ 1474.701240][T24261] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1474.701240][T24261] [ 1476.406658][T25333] FAULT_INJECTION: forcing a failure. [ 1476.406658][T25333] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.525711][T25333] CPU: 1 UID: 0 PID: 25333 Comm: syz.0.3628 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1476.525762][T25333] Tainted: [U]=USER [ 1476.525772][T25333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1476.525787][T25333] Call Trace: [ 1476.525795][T25333] [ 1476.525806][T25333] dump_stack_lvl+0x16c/0x1f0 [ 1476.525857][T25333] should_fail_ex+0x512/0x640 [ 1476.525894][T25333] ? __kmalloc_noprof+0xbf/0x510 [ 1476.525934][T25333] ? create_ruleset+0x21/0x140 [ 1476.525973][T25333] should_failslab+0xc2/0x120 [ 1476.525996][T25333] __kmalloc_noprof+0xd2/0x510 [ 1476.526033][T25333] ? __might_fault+0xe3/0x190 [ 1476.526068][T25333] ? __might_fault+0xe3/0x190 [ 1476.526108][T25333] create_ruleset+0x21/0x140 [ 1476.526148][T25333] landlock_create_ruleset+0x77/0x230 [ 1476.526176][T25333] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1476.526217][T25333] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1476.526276][T25333] do_syscall_64+0xcd/0x490 [ 1476.526318][T25333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1476.526344][T25333] RIP: 0033:0x7f11c7f8e929 [ 1476.526364][T25333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1476.526389][T25333] RSP: 002b:00007f11c8e9a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1476.526414][T25333] RAX: ffffffffffffffda RBX: 00007f11c81b5fa0 RCX: 00007f11c7f8e929 [ 1476.526431][T25333] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1476.526447][T25333] RBP: 00007f11c8010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1476.526463][T25333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1476.526479][T25333] R13: 0000000000000000 R14: 00007f11c81b5fa0 R15: 00007fff6ffa15c8 [ 1476.526528][T25333] [ 1483.903168][T25419] vivid-003: ================= START STATUS ================= [ 1483.911271][T25419] vivid-003: Radio HW Seek Mode: Bounded [ 1483.918871][T25419] vivid-003: Radio Programmable HW Seek: false [ 1483.925355][T25419] vivid-003: RDS Rx I/O Mode: Block I/O [ 1483.931681][T25419] vivid-003: Generate RBDS Instead of RDS: false [ 1483.938408][T25419] vivid-003: RDS Reception: true [ 1483.945025][T25419] vivid-003: RDS Program Type: 0 inactive [ 1483.951466][T25419] vivid-003: RDS PS Name: inactive [ 1483.957096][T25419] vivid-003: RDS Radio Text: inactive [ 1483.975521][T25419] vivid-003: RDS Traffic Announcement: false inactive [ 1484.042408][T25419] vivid-003: RDS Traffic Program: false inactive [ 1484.049831][T25419] vivid-003: RDS Music: false inactive [ 1484.055521][T25419] vivid-003: ================== END STATUS ================== [ 1492.487888][T25553] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3674'. [ 1492.650878][T25557] vivid-003: ================= START STATUS ================= [ 1492.661214][T25557] vivid-003: Radio HW Seek Mode: Bounded [ 1492.666994][T25557] vivid-003: Radio Programmable HW Seek: false [ 1492.718465][T25557] vivid-003: RDS Rx I/O Mode: Block I/O [ 1492.739836][T25557] vivid-003: Generate RBDS Instead of RDS: false [ 1492.746329][T25557] vivid-003: RDS Reception: true [ 1492.778035][T25557] vivid-003: RDS Program Type: 0 inactive [ 1492.802593][T25557] vivid-003: RDS PS Name: inactive [ 1492.808661][T25557] vivid-003: RDS Radio Text: inactive [ 1492.847484][T25557] vivid-003: RDS Traffic Announcement: false inactive [ 1492.872220][T25557] vivid-003: RDS Traffic Program: false inactive [ 1492.899405][T25557] vivid-003: RDS Music: false inactive [ 1492.916583][T25557] vivid-003: ================== END STATUS ================== [ 1493.009247][T25562] vivid-003: ================= START STATUS ================= [ 1493.044374][T25562] vivid-003: Radio HW Seek Mode: Bounded [ 1493.056681][T25562] vivid-003: Radio Programmable HW Seek: false [ 1493.090227][T25562] vivid-003: RDS Rx I/O Mode: Block I/O [ 1493.136530][T25562] vivid-003: Generate RBDS Instead of RDS: false [ 1493.168762][T25562] vivid-003: RDS Reception: true [ 1493.200109][T25562] vivid-003: RDS Program Type: 0 inactive [ 1493.245625][T25562] vivid-003: RDS PS Name: inactive [ 1493.251177][T25562] vivid-003: RDS Radio Text: inactive [ 1493.288609][T25562] vivid-003: RDS Traffic Announcement: false inactive [ 1493.310454][T25562] vivid-003: RDS Traffic Program: false inactive [ 1493.335505][T25562] vivid-003: RDS Music: false inactive [ 1493.345885][T25562] vivid-003: ================== END STATUS ================== [ 1494.384025][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1494.390655][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1494.424893][T25589] FAULT_INJECTION: forcing a failure. [ 1494.424893][T25589] name failslab, interval 1, probability 0, space 0, times 0 [ 1494.476830][T25589] CPU: 1 UID: 0 PID: 25589 Comm: syz.4.3682 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1494.476890][T25589] Tainted: [U]=USER [ 1494.476901][T25589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1494.476920][T25589] Call Trace: [ 1494.476931][T25589] [ 1494.476944][T25589] dump_stack_lvl+0x16c/0x1f0 [ 1494.477002][T25589] should_fail_ex+0x512/0x640 [ 1494.477050][T25589] ? __kmalloc_noprof+0xbf/0x510 [ 1494.477112][T25589] ? create_ruleset+0x21/0x140 [ 1494.477163][T25589] should_failslab+0xc2/0x120 [ 1494.477196][T25589] __kmalloc_noprof+0xd2/0x510 [ 1494.477261][T25589] ? __might_fault+0xe3/0x190 [ 1494.477307][T25589] ? __might_fault+0xe3/0x190 [ 1494.477361][T25589] create_ruleset+0x21/0x140 [ 1494.477413][T25589] landlock_create_ruleset+0x77/0x230 [ 1494.477451][T25589] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1494.477504][T25589] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1494.477576][T25589] do_syscall_64+0xcd/0x490 [ 1494.477630][T25589] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1494.477664][T25589] RIP: 0033:0x7f30ec78e929 [ 1494.477691][T25589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1494.477723][T25589] RSP: 002b:00007f30ea5d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1494.477753][T25589] RAX: ffffffffffffffda RBX: 00007f30ec9b6080 RCX: 00007f30ec78e929 [ 1494.477775][T25589] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1494.477795][T25589] RBP: 00007f30ec810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1494.477815][T25589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1494.477835][T25589] R13: 0000000000000000 R14: 00007f30ec9b6080 R15: 00007fff856752b8 [ 1494.477879][T25589] [ 1494.805670][T25595] FAULT_INJECTION: forcing a failure. [ 1494.805670][T25595] name failslab, interval 1, probability 0, space 0, times 0 [ 1494.871044][T25595] CPU: 1 UID: 0 PID: 25595 Comm: syz.3.3684 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1494.871099][T25595] Tainted: [U]=USER [ 1494.871110][T25595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1494.871131][T25595] Call Trace: [ 1494.871141][T25595] [ 1494.871155][T25595] dump_stack_lvl+0x16c/0x1f0 [ 1494.871213][T25595] should_fail_ex+0x512/0x640 [ 1494.871258][T25595] ? __kmalloc_noprof+0xbf/0x510 [ 1494.871309][T25595] ? create_ruleset+0x21/0x140 [ 1494.871358][T25595] should_failslab+0xc2/0x120 [ 1494.871390][T25595] __kmalloc_noprof+0xd2/0x510 [ 1494.871437][T25595] ? __might_fault+0xe3/0x190 [ 1494.871485][T25595] ? __might_fault+0xe3/0x190 [ 1494.871539][T25595] create_ruleset+0x21/0x140 [ 1494.871592][T25595] landlock_create_ruleset+0x77/0x230 [ 1494.871629][T25595] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1494.871686][T25595] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1494.871757][T25595] do_syscall_64+0xcd/0x490 [ 1494.871814][T25595] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1494.871847][T25595] RIP: 0033:0x7fd36cf8e929 [ 1494.871876][T25595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1494.871909][T25595] RSP: 002b:00007fd36dd86038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1494.871941][T25595] RAX: ffffffffffffffda RBX: 00007fd36d1b6080 RCX: 00007fd36cf8e929 [ 1494.871971][T25595] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1494.871992][T25595] RBP: 00007fd36d010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1494.872012][T25595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1494.872031][T25595] R13: 0000000000000000 R14: 00007fd36d1b6080 R15: 00007ffe372a7748 [ 1494.872073][T25595] [ 1495.501037][T25610] ICMPv6: process `syz.3.3687' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 1495.608710][T25610] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3687'. [ 1495.937711][T25622] FAULT_INJECTION: forcing a failure. [ 1495.937711][T25622] name failslab, interval 1, probability 0, space 0, times 0 [ 1495.977392][T25622] CPU: 0 UID: 0 PID: 25622 Comm: syz.0.3696 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1495.977452][T25622] Tainted: [U]=USER [ 1495.977464][T25622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1495.977484][T25622] Call Trace: [ 1495.977496][T25622] [ 1495.977510][T25622] dump_stack_lvl+0x16c/0x1f0 [ 1495.977566][T25622] should_fail_ex+0x512/0x640 [ 1495.977615][T25622] ? __kmalloc_noprof+0xbf/0x510 [ 1495.977666][T25622] ? create_ruleset+0x21/0x140 [ 1495.977728][T25622] should_failslab+0xc2/0x120 [ 1495.977759][T25622] __kmalloc_noprof+0xd2/0x510 [ 1495.977804][T25622] ? __might_fault+0xe3/0x190 [ 1495.977853][T25622] ? __might_fault+0xe3/0x190 [ 1495.977903][T25622] create_ruleset+0x21/0x140 [ 1495.977954][T25622] landlock_create_ruleset+0x77/0x230 [ 1495.977990][T25622] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1495.978042][T25622] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1495.978115][T25622] do_syscall_64+0xcd/0x490 [ 1495.978170][T25622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1495.978202][T25622] RIP: 0033:0x7f11c7f8e929 [ 1495.978227][T25622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1495.978261][T25622] RSP: 002b:00007f11c8e79038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1495.978294][T25622] RAX: ffffffffffffffda RBX: 00007f11c81b6080 RCX: 00007f11c7f8e929 [ 1495.978318][T25622] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1495.978338][T25622] RBP: 00007f11c8010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1495.978358][T25622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1495.978378][T25622] R13: 0000000000000000 R14: 00007f11c81b6080 R15: 00007fff6ffa15c8 [ 1495.978418][T25622] [ 1498.223491][T25655] vivid-003: ================= START STATUS ================= [ 1498.233970][T25655] vivid-003: Radio HW Seek Mode: Bounded [ 1498.274865][T25655] vivid-003: Radio Programmable HW Seek: false [ 1498.305858][T25655] vivid-003: RDS Rx I/O Mode: Block I/O [ 1498.466083][T25655] vivid-003: Generate RBDS Instead of RDS: false [ 1498.623291][T25655] vivid-003: RDS Reception: true [ 1498.717267][T25655] vivid-003: RDS Program Type: 0 inactive [ 1498.806688][T25655] vivid-003: RDS PS Name: inactive [ 1498.928827][T25655] vivid-003: RDS Radio Text: inactive [ 1498.973952][T25655] vivid-003: RDS Traffic Announcement: false inactive [ 1498.993641][T25655] vivid-003: RDS Traffic Program: false inactive [ 1499.020986][T25655] vivid-003: RDS Music: false inactive [ 1499.064413][T25655] vivid-003: ================== END STATUS ================== [ 1499.521887][T25674] FAULT_INJECTION: forcing a failure. [ 1499.521887][T25674] name failslab, interval 1, probability 0, space 0, times 0 [ 1499.564432][T25674] CPU: 1 UID: 0 PID: 25674 Comm: syz.3.3699 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1499.564521][T25674] Tainted: [U]=USER [ 1499.564533][T25674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1499.564553][T25674] Call Trace: [ 1499.564565][T25674] [ 1499.564579][T25674] dump_stack_lvl+0x16c/0x1f0 [ 1499.564638][T25674] should_fail_ex+0x512/0x640 [ 1499.564688][T25674] ? __kmalloc_noprof+0xbf/0x510 [ 1499.564743][T25674] ? create_ruleset+0x21/0x140 [ 1499.564795][T25674] should_failslab+0xc2/0x120 [ 1499.564828][T25674] __kmalloc_noprof+0xd2/0x510 [ 1499.564875][T25674] ? __might_fault+0xe3/0x190 [ 1499.564923][T25674] ? __might_fault+0xe3/0x190 [ 1499.564975][T25674] create_ruleset+0x21/0x140 [ 1499.565028][T25674] landlock_create_ruleset+0x77/0x230 [ 1499.565066][T25674] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1499.565123][T25674] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1499.565194][T25674] do_syscall_64+0xcd/0x490 [ 1499.565247][T25674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1499.565282][T25674] RIP: 0033:0x7fd36cf8e929 [ 1499.565309][T25674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1499.565341][T25674] RSP: 002b:00007fd36dd86038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1499.565371][T25674] RAX: ffffffffffffffda RBX: 00007fd36d1b6080 RCX: 00007fd36cf8e929 [ 1499.565393][T25674] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1499.565413][T25674] RBP: 00007fd36d010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1499.565434][T25674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1499.565453][T25674] R13: 0000000000000000 R14: 00007fd36d1b6080 R15: 00007ffe372a7748 [ 1499.565495][T25674] [ 1504.994680][T15939] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 3577 with max blocks 7 with error 117 [ 1505.041731][T15939] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1505.041731][T15939] [ 1506.865559][T25776] FAULT_INJECTION: forcing a failure. [ 1506.865559][T25776] name failslab, interval 1, probability 0, space 0, times 0 [ 1506.918634][T25776] CPU: 1 UID: 0 PID: 25776 Comm: syz.2.3716 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1506.918678][T25776] Tainted: [U]=USER [ 1506.918687][T25776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1506.918704][T25776] Call Trace: [ 1506.918712][T25776] [ 1506.918722][T25776] dump_stack_lvl+0x16c/0x1f0 [ 1506.918766][T25776] should_fail_ex+0x512/0x640 [ 1506.918802][T25776] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1506.918855][T25776] should_failslab+0xc2/0x120 [ 1506.918879][T25776] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1506.918916][T25776] ? d_instantiate+0x77/0x90 [ 1506.918955][T25776] ? alloc_empty_file+0x55/0x1e0 [ 1506.918984][T25776] alloc_empty_file+0x55/0x1e0 [ 1506.919011][T25776] alloc_file_pseudo+0x13a/0x230 [ 1506.919038][T25776] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1506.919066][T25776] ? do_raw_spin_unlock+0x172/0x230 [ 1506.919111][T25776] __anon_inode_getfile+0xf7/0x3a0 [ 1506.919152][T25776] anon_inode_getfd+0x52/0xb0 [ 1506.919188][T25776] __do_sys_landlock_create_ruleset+0x294/0x4e0 [ 1506.919230][T25776] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1506.919286][T25776] do_syscall_64+0xcd/0x490 [ 1506.919327][T25776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1506.919352][T25776] RIP: 0033:0x7fa8f3f8e929 [ 1506.919373][T25776] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1506.919422][T25776] RSP: 002b:00007fa8f4ea6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1506.919446][T25776] RAX: ffffffffffffffda RBX: 00007fa8f41b6080 RCX: 00007fa8f3f8e929 [ 1506.919463][T25776] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1506.919479][T25776] RBP: 00007fa8f4010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1506.919495][T25776] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1506.919511][T25776] R13: 0000000000000000 R14: 00007fa8f41b6080 R15: 00007fff80dd3eb8 [ 1506.919542][T25776] [ 1507.174583][T25779] FAULT_INJECTION: forcing a failure. [ 1507.174583][T25779] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1507.282985][T25779] CPU: 1 UID: 0 PID: 25779 Comm: syz.0.3717 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1507.283039][T25779] Tainted: [U]=USER [ 1507.283050][T25779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1507.283068][T25779] Call Trace: [ 1507.283079][T25779] [ 1507.283093][T25779] dump_stack_lvl+0x16c/0x1f0 [ 1507.283147][T25779] should_fail_ex+0x512/0x640 [ 1507.283198][T25779] _copy_to_user+0x32/0xd0 [ 1507.283250][T25779] simple_read_from_buffer+0xcb/0x170 [ 1507.283295][T25779] proc_fail_nth_read+0x197/0x270 [ 1507.283335][T25779] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1507.283374][T25779] ? rw_verify_area+0xcf/0x680 [ 1507.283414][T25779] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1507.283453][T25779] vfs_read+0x1e1/0xc60 [ 1507.283503][T25779] ? __pfx___mutex_lock+0x10/0x10 [ 1507.283553][T25779] ? __pfx_vfs_read+0x10/0x10 [ 1507.283610][T25779] ? __fget_files+0x20e/0x3c0 [ 1507.283665][T25779] ksys_read+0x12a/0x250 [ 1507.283710][T25779] ? __pfx_ksys_read+0x10/0x10 [ 1507.283771][T25779] do_syscall_64+0xcd/0x490 [ 1507.283834][T25779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1507.283869][T25779] RIP: 0033:0x7f11c7f8d33c [ 1507.283896][T25779] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1507.283929][T25779] RSP: 002b:00007f11c8e9a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1507.283961][T25779] RAX: ffffffffffffffda RBX: 00007f11c81b5fa0 RCX: 00007f11c7f8d33c [ 1507.283988][T25779] RDX: 000000000000000f RSI: 00007f11c8e9a0a0 RDI: 0000000000000004 [ 1507.284007][T25779] RBP: 00007f11c8e9a090 R08: 0000000000000000 R09: 0000000000000000 [ 1507.284026][T25779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1507.284045][T25779] R13: 0000000000000000 R14: 00007f11c81b5fa0 R15: 00007fff6ffa15c8 [ 1507.284088][T25779] [ 1509.137809][T25809] vivid-003: ================= START STATUS ================= [ 1509.162711][T25809] vivid-003: Radio HW Seek Mode: Bounded [ 1509.168549][T25809] vivid-003: Radio Programmable HW Seek: false [ 1509.201926][T25809] vivid-003: RDS Rx I/O Mode: Block I/O [ 1509.220261][T25809] vivid-003: Generate RBDS Instead of RDS: false [ 1509.243749][T25809] vivid-003: RDS Reception: true [ 1509.266942][T25809] vivid-003: RDS Program Type: 0 inactive [ 1509.272956][T25809] vivid-003: RDS PS Name: inactive [ 1509.278650][T25809] vivid-003: RDS Radio Text: inactive [ 1509.284592][T25809] vivid-003: RDS Traffic Announcement: false inactive [ 1509.294252][T25809] vivid-003: RDS Traffic Program: false inactive [ 1509.300734][T25809] vivid-003: RDS Music: false inactive [ 1509.321844][T25809] vivid-003: ================== END STATUS ================== [ 1511.003788][T25836] FAULT_INJECTION: forcing a failure. [ 1511.003788][T25836] name failslab, interval 1, probability 0, space 0, times 0 [ 1511.106711][T25836] CPU: 0 UID: 0 PID: 25836 Comm: syz.3.3728 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1511.106766][T25836] Tainted: [U]=USER [ 1511.106777][T25836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1511.106796][T25836] Call Trace: [ 1511.106808][T25836] [ 1511.106822][T25836] dump_stack_lvl+0x16c/0x1f0 [ 1511.106880][T25836] should_fail_ex+0x512/0x640 [ 1511.106928][T25836] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1511.106979][T25836] should_failslab+0xc2/0x120 [ 1511.107010][T25836] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1511.107058][T25836] ? d_instantiate+0x77/0x90 [ 1511.107107][T25836] ? alloc_empty_file+0x55/0x1e0 [ 1511.107146][T25836] alloc_empty_file+0x55/0x1e0 [ 1511.107180][T25836] alloc_file_pseudo+0x13a/0x230 [ 1511.107217][T25836] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1511.107253][T25836] ? do_raw_spin_unlock+0x172/0x230 [ 1511.107314][T25836] __anon_inode_getfile+0xf7/0x3a0 [ 1511.107369][T25836] anon_inode_getfd+0x52/0xb0 [ 1511.107426][T25836] __do_sys_landlock_create_ruleset+0x294/0x4e0 [ 1511.107483][T25836] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1511.107548][T25836] do_syscall_64+0xcd/0x490 [ 1511.107605][T25836] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1511.107637][T25836] RIP: 0033:0x7fd36cf8e929 [ 1511.107665][T25836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1511.107699][T25836] RSP: 002b:00007fd36dd86038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1511.107733][T25836] RAX: ffffffffffffffda RBX: 00007fd36d1b6080 RCX: 00007fd36cf8e929 [ 1511.107756][T25836] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1511.107776][T25836] RBP: 00007fd36d010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1511.107797][T25836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1511.107817][T25836] R13: 0000000000000000 R14: 00007fd36d1b6080 R15: 00007ffe372a7748 [ 1511.107860][T25836] [ 1515.253581][T25908] vivid-003: ================= START STATUS ================= [ 1515.291126][T25908] vivid-003: Radio HW Seek Mode: Bounded [ 1515.296921][T25908] vivid-003: Radio Programmable HW Seek: false [ 1515.305252][T25908] vivid-003: RDS Rx I/O Mode: Block I/O [ 1515.330684][T25908] vivid-003: Generate RBDS Instead of RDS: false [ 1515.370943][T25908] vivid-003: RDS Reception: true [ 1515.431317][T25908] vivid-003: RDS Program Type: 0 inactive [ 1515.471850][T25908] vivid-003: RDS PS Name: inactive [ 1515.477276][T25908] vivid-003: RDS Radio Text: inactive [ 1515.503411][T25908] vivid-003: RDS Traffic Announcement: false inactive [ 1515.527753][T25908] vivid-003: RDS Traffic Program: false inactive [ 1515.538257][T25908] vivid-003: RDS Music: false inactive [ 1515.592155][T25915] FAULT_INJECTION: forcing a failure. [ 1515.592155][T25915] name failslab, interval 1, probability 0, space 0, times 0 [ 1515.620843][T25908] vivid-003: ================== END STATUS ================== [ 1515.639011][T25915] CPU: 1 UID: 0 PID: 25915 Comm: syz.2.3745 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1515.639089][T25915] Tainted: [U]=USER [ 1515.639101][T25915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1515.639122][T25915] Call Trace: [ 1515.639135][T25915] [ 1515.639149][T25915] dump_stack_lvl+0x16c/0x1f0 [ 1515.639204][T25915] should_fail_ex+0x512/0x640 [ 1515.639254][T25915] ? __kmalloc_noprof+0xbf/0x510 [ 1515.639306][T25915] ? create_ruleset+0x21/0x140 [ 1515.639355][T25915] should_failslab+0xc2/0x120 [ 1515.639389][T25915] __kmalloc_noprof+0xd2/0x510 [ 1515.639435][T25915] ? __might_fault+0xe3/0x190 [ 1515.639484][T25915] ? __might_fault+0xe3/0x190 [ 1515.639536][T25915] create_ruleset+0x21/0x140 [ 1515.639589][T25915] landlock_create_ruleset+0x77/0x230 [ 1515.639627][T25915] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 1515.639692][T25915] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1515.639765][T25915] do_syscall_64+0xcd/0x490 [ 1515.639821][T25915] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1515.639856][T25915] RIP: 0033:0x7fa8f3f8e929 [ 1515.639883][T25915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1515.639916][T25915] RSP: 002b:00007fa8f4ea6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1515.639949][T25915] RAX: ffffffffffffffda RBX: 00007fa8f41b6080 RCX: 00007fa8f3f8e929 [ 1515.639972][T25915] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1515.639992][T25915] RBP: 00007fa8f4010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1515.640013][T25915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1515.640033][T25915] R13: 0000000000000000 R14: 00007fa8f41b6080 R15: 00007fff80dd3eb8 [ 1515.640076][T25915] [ 1516.517655][T25935] ptrace attach of "./syz-executor exec"[21256] was attempted by "./syz-executor exec"[25935] [ 1518.490362][T25973] vivid-003: ================= START STATUS ================= [ 1518.502802][T25973] vivid-003: Radio HW Seek Mode: Bounded [ 1518.509208][T25973] vivid-003: Radio Programmable HW Seek: false [ 1518.516024][T25973] vivid-003: RDS Rx I/O Mode: Block I/O [ 1518.523142][T25973] vivid-003: Generate RBDS Instead of RDS: false [ 1518.530067][T25973] vivid-003: RDS Reception: true [ 1518.535574][T25973] vivid-003: RDS Program Type: 0 inactive [ 1518.542682][T25973] vivid-003: RDS PS Name: inactive [ 1518.549321][T25973] vivid-003: RDS Radio Text: inactive [ 1518.555381][T25973] vivid-003: RDS Traffic Announcement: false inactive [ 1518.562468][T25973] vivid-003: RDS Traffic Program: false inactive [ 1518.569951][T25973] vivid-003: RDS Music: false inactive [ 1518.575918][T25973] vivid-003: ================== END STATUS ================== [ 1520.897117][T25997] Process accounting resumed [ 1525.342131][T26080] netlink: 350 bytes leftover after parsing attributes in process `syz.0.3778'. [ 1526.192362][T26103] vivid-003: ================= START STATUS ================= [ 1526.237925][T26103] vivid-003: Radio HW Seek Mode: Bounded [ 1526.243708][T26103] vivid-003: Radio Programmable HW Seek: false [ 1526.292561][T26103] vivid-003: RDS Rx I/O Mode: Block I/O [ 1526.315288][T26103] vivid-003: Generate RBDS Instead of RDS: false [ 1526.357429][T26103] vivid-003: RDS Reception: true [ 1526.398383][T26103] vivid-003: RDS Program Type: 0 inactive [ 1526.488866][T26103] vivid-003: RDS PS Name: inactive [ 1526.687941][T26103] vivid-003: RDS Radio Text: inactive [ 1526.711378][T26103] vivid-003: RDS Traffic Announcement: false inactive [ 1526.911170][T26103] vivid-003: RDS Traffic Program: false inactive [ 1526.930374][T26103] vivid-003: RDS Music: false inactive [ 1526.945472][T26103] vivid-003: ================== END STATUS ================== [ 1527.906400][T26133] netlink: 'syz.3.3792': attribute type 11 has an invalid length. [ 1528.079430][T26139] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1529.099454][T26149] cifs: Unknown parameter 'à' [ 1529.998252][T26171] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3799'. [ 1530.360660][T26178] vivid-003: ================= START STATUS ================= [ 1530.388199][T26178] vivid-003: Radio HW Seek Mode: Bounded [ 1530.410575][T26178] vivid-003: Radio Programmable HW Seek: false [ 1530.471680][T26178] vivid-003: RDS Rx I/O Mode: Block I/O [ 1530.525681][T26178] vivid-003: Generate RBDS Instead of RDS: false [ 1530.557898][T26178] vivid-003: RDS Reception: true [ 1530.635000][T26178] vivid-003: RDS Program Type: 0 inactive [ 1530.651189][T26178] vivid-003: RDS PS Name: inactive [ 1530.665380][T26178] vivid-003: RDS Radio Text: inactive [ 1530.691186][T26178] vivid-003: RDS Traffic Announcement: false inactive [ 1530.729884][T26178] vivid-003: RDS Traffic Program: false inactive [ 1530.811318][T26178] vivid-003: RDS Music: false inactive [ 1531.017397][T26178] vivid-003: ================== END STATUS ================== [ 1531.181802][T26190] vivid-003: ================= START STATUS ================= [ 1531.210317][T26190] vivid-003: Radio HW Seek Mode: Bounded [ 1531.237910][T26190] vivid-003: Radio Programmable HW Seek: false [ 1531.244263][T26190] vivid-003: RDS Rx I/O Mode: Block I/O [ 1531.316631][T26190] vivid-003: Generate RBDS Instead of RDS: false [ 1531.360015][T26190] vivid-003: RDS Reception: true [ 1531.379932][T26190] vivid-003: RDS Program Type: 0 inactive [ 1531.386209][T26190] vivid-003: RDS PS Name: inactive [ 1531.477854][T26190] vivid-003: RDS Radio Text: inactive [ 1531.483467][T26190] vivid-003: RDS Traffic Announcement: false inactive [ 1531.513338][T26190] vivid-003: RDS Traffic Program: false inactive [ 1531.666131][T26190] vivid-003: RDS Music: false inactive [ 1531.671762][T26190] vivid-003: ================== END STATUS ================== [ 1533.549573][T26243] vivid-003: ================= START STATUS ================= [ 1533.600981][T26243] vivid-003: Radio HW Seek Mode: Bounded [ 1533.665025][T26243] vivid-003: Radio Programmable HW Seek: false [ 1533.746051][T26243] vivid-003: RDS Rx I/O Mode: Block I/O [ 1533.751778][T26243] vivid-003: Generate RBDS Instead of RDS: false [ 1533.789034][T26243] vivid-003: RDS Reception: true [ 1533.802716][T26243] vivid-003: RDS Program Type: 0 inactive [ 1533.836982][T26243] vivid-003: RDS PS Name: inactive [ 1533.848999][T26243] vivid-003: RDS Radio Text: inactive [ 1533.898508][T26243] vivid-003: RDS Traffic Announcement: false inactive [ 1533.950117][T26243] vivid-003: RDS Traffic Program: false inactive [ 1534.012576][T26243] vivid-003: RDS Music: false inactive [ 1534.059068][T26243] vivid-003: ================== END STATUS ================== [ 1535.358222][T15937] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 3577 with max blocks 7 with error 117 [ 1535.399890][T15937] EXT4-fs (sda1): This should not happen!! Data will be lost [ 1535.399890][T15937] [ 1539.081677][T26309] netlink: 504 bytes leftover after parsing attributes in process `syz.3.3828'. [ 1539.514954][T26339] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3835'. [ 1540.237753][T26350] FAULT_INJECTION: forcing a failure. [ 1540.237753][T26350] name failslab, interval 1, probability 0, space 0, times 0 [ 1540.315967][T26353] vmstat_refresh: nr_hugetlb -23040 [ 1540.341092][T26350] CPU: 1 UID: 0 PID: 26350 Comm: syz.2.3839 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1540.341135][T26350] Tainted: [U]=USER [ 1540.341143][T26350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1540.341157][T26350] Call Trace: [ 1540.341166][T26350] [ 1540.341176][T26350] dump_stack_lvl+0x16c/0x1f0 [ 1540.341219][T26350] should_fail_ex+0x512/0x640 [ 1540.341253][T26350] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1540.341287][T26350] should_failslab+0xc2/0x120 [ 1540.341310][T26350] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1540.341341][T26350] ? mark_held_locks+0x49/0x80 [ 1540.341370][T26350] ? rfkill_fop_open+0x1b6/0x750 [ 1540.341405][T26350] rfkill_fop_open+0x1b6/0x750 [ 1540.341438][T26350] ? __pfx_rfkill_fop_open+0x10/0x10 [ 1540.341468][T26350] misc_open+0x35d/0x420 [ 1540.341498][T26350] ? __pfx_misc_open+0x10/0x10 [ 1540.341527][T26350] chrdev_open+0x234/0x6a0 [ 1540.341564][T26350] ? __pfx_apparmor_file_open+0x10/0x10 [ 1540.341596][T26350] ? __pfx_chrdev_open+0x10/0x10 [ 1540.341644][T26350] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1540.341682][T26350] do_dentry_open+0x741/0x1c10 [ 1540.341721][T26350] ? __pfx_chrdev_open+0x10/0x10 [ 1540.341765][T26350] vfs_open+0x82/0x3f0 [ 1540.341794][T26350] path_openat+0x1de4/0x2cb0 [ 1540.341845][T26350] ? __pfx_path_openat+0x10/0x10 [ 1540.341882][T26350] ? __lock_acquire+0xb8a/0x1c90 [ 1540.341917][T26350] do_filp_open+0x20b/0x470 [ 1540.341954][T26350] ? __pfx_do_filp_open+0x10/0x10 [ 1540.342011][T26350] ? alloc_fd+0x471/0x7d0 [ 1540.342052][T26350] do_sys_openat2+0x11b/0x1d0 [ 1540.342078][T26350] ? __pfx_do_sys_openat2+0x10/0x10 [ 1540.342117][T26350] __x64_sys_openat+0x174/0x210 [ 1540.342145][T26350] ? __pfx___x64_sys_openat+0x10/0x10 [ 1540.342185][T26350] do_syscall_64+0xcd/0x490 [ 1540.342226][T26350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1540.342251][T26350] RIP: 0033:0x7fa8f3f8e929 [ 1540.342271][T26350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1540.342295][T26350] RSP: 002b:00007fa8f4ec7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1540.342318][T26350] RAX: ffffffffffffffda RBX: 00007fa8f41b5fa0 RCX: 00007fa8f3f8e929 [ 1540.342335][T26350] RDX: 0000000000080480 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1540.342351][T26350] RBP: 00007fa8f4010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1540.342366][T26350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1540.342381][T26350] R13: 0000000000000000 R14: 00007fa8f41b5fa0 R15: 00007fff80dd3eb8 [ 1540.342412][T26350] [ 1540.703811][T26361] vmstat_refresh: nr_hugetlb -23040 [ 1541.547394][T26376] cifs: Unknown parameter 'à' [ 1542.533511][T26384] vivid-003: ================= START STATUS ================= [ 1542.546444][T26384] vivid-003: Radio HW Seek Mode: Bounded [ 1542.553744][T26384] vivid-003: Radio Programmable HW Seek: false [ 1542.596459][T26384] vivid-003: RDS Rx I/O Mode: Block I/O [ 1542.668471][T26384] vivid-003: Generate RBDS Instead of RDS: false [ 1542.675049][T26384] vivid-003: RDS Reception: true [ 1542.744852][T26384] vivid-003: RDS Program Type: 0 inactive [ 1542.820619][T26384] vivid-003: RDS PS Name: inactive [ 1542.825978][T26384] vivid-003: RDS Radio Text: inactive [ 1542.848007][T26384] vivid-003: RDS Traffic Announcement: false inactive [ 1542.870826][T26384] vivid-003: RDS Traffic Program: false inactive [ 1542.972209][T26384] vivid-003: RDS Music: false inactive [ 1543.049063][T26384] vivid-003: ================== END STATUS ================== [ 1543.134333][T26392] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 1543.240867][T26397] vivid-003: ================= START STATUS ================= [ 1543.311146][T26397] vivid-003: Radio HW Seek Mode: Bounded [ 1543.343706][T26397] vivid-003: Radio Programmable HW Seek: false [ 1543.390138][T26397] vivid-003: RDS Rx I/O Mode: Block I/O [ 1543.440431][T26397] vivid-003: Generate RBDS Instead of RDS: false [ 1543.467653][T26397] vivid-003: RDS Reception: true [ 1543.493172][T26397] vivid-003: RDS Program Type: 0 inactive [ 1543.525241][T26397] vivid-003: RDS PS Name: inactive [ 1543.570999][T26397] vivid-003: RDS Radio Text: inactive [ 1543.643380][T26397] vivid-003: RDS Traffic Announcement: false inactive [ 1543.694980][T26397] vivid-003: RDS Traffic Program: false inactive [ 1543.769342][T26397] vivid-003: RDS Music: false inactive [ 1543.807954][T26397] vivid-003: ================== END STATUS ================== [ 1544.427226][T26412] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3849'. [ 1544.506876][T26412] netlink: 338 bytes leftover after parsing attributes in process `syz.3.3849'. [ 1544.632794][T26417] FAULT_INJECTION: forcing a failure. [ 1544.632794][T26417] name failslab, interval 1, probability 0, space 0, times 0 [ 1544.666200][T26417] CPU: 1 UID: 0 PID: 26417 Comm: syz.4.3850 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1544.666258][T26417] Tainted: [U]=USER [ 1544.666270][T26417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1544.666290][T26417] Call Trace: [ 1544.666302][T26417] [ 1544.666316][T26417] dump_stack_lvl+0x16c/0x1f0 [ 1544.666374][T26417] should_fail_ex+0x512/0x640 [ 1544.666423][T26417] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1544.666480][T26417] should_failslab+0xc2/0x120 [ 1544.666514][T26417] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1544.666562][T26417] ? d_instantiate+0x77/0x90 [ 1544.666614][T26417] ? alloc_empty_file+0x55/0x1e0 [ 1544.666656][T26417] alloc_empty_file+0x55/0x1e0 [ 1544.666689][T26417] alloc_file_pseudo+0x13a/0x230 [ 1544.666727][T26417] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1544.666764][T26417] ? do_raw_spin_unlock+0x172/0x230 [ 1544.666824][T26417] __anon_inode_getfile+0xf7/0x3a0 [ 1544.666880][T26417] anon_inode_getfd+0x52/0xb0 [ 1544.666927][T26417] __do_sys_landlock_create_ruleset+0x294/0x4e0 [ 1544.666999][T26417] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 1544.667070][T26417] do_syscall_64+0xcd/0x490 [ 1544.667123][T26417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1544.667155][T26417] RIP: 0033:0x7f30ec78e929 [ 1544.667183][T26417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1544.667216][T26417] RSP: 002b:00007f30ea5f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 1544.667249][T26417] RAX: ffffffffffffffda RBX: 00007f30ec9b5fa0 RCX: 00007f30ec78e929 [ 1544.667273][T26417] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 1544.667295][T26417] RBP: 00007f30ec810b39 R08: 0000000000000000 R09: 0000000000000000 [ 1544.667315][T26417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1544.667335][T26417] R13: 0000000000000000 R14: 00007f30ec9b5fa0 R15: 00007fff856752b8 [ 1544.667377][T26417] [ 1545.227826][T26419] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3851'. [ 1545.273569][T26419] netlink: 338 bytes leftover after parsing attributes in process `syz.4.3851'. [ 1545.315184][T26419] netlink: 254 bytes leftover after parsing attributes in process `syz.4.3851'. [ 1545.934698][T26440] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3857'. [ 1547.769269][T26467] vivid-003: ================= START STATUS ================= [ 1547.840927][T26467] vivid-003: Radio HW Seek Mode: Bounded [ 1547.871373][T26467] vivid-003: Radio Programmable HW Seek: false [ 1547.894241][T26467] vivid-003: RDS Rx I/O Mode: Block I/O [ 1547.911128][T26467] vivid-003: Generate RBDS Instead of RDS: false [ 1547.935129][T26467] vivid-003: RDS Reception: true [ 1547.949337][T26467] vivid-003: RDS Program Type: 0 inactive [ 1547.972879][T26467] vivid-003: RDS PS Name: inactive [ 1548.023841][T26467] vivid-003: RDS Radio Text: inactive [ 1548.056650][T26467] vivid-003: RDS Traffic Announcement: false inactive [ 1548.108435][T26467] vivid-003: RDS Traffic Program: false inactive [ 1548.154170][T26467] vivid-003: RDS Music: false inactive [ 1548.180162][T26467] vivid-003: ================== END STATUS ================== [ 1549.500093][T26494] vivid-003: ================= START STATUS ================= [ 1549.517859][T26494] vivid-003: Radio HW Seek Mode: Bounded [ 1549.527147][T26494] vivid-003: Radio Programmable HW Seek: false [ 1549.537363][T26494] vivid-003: RDS Rx I/O Mode: Block I/O [ 1549.558337][T26494] vivid-003: Generate RBDS Instead of RDS: false [ 1549.570349][T26494] vivid-003: RDS Reception: true [ 1549.578398][T26494] vivid-003: RDS Program Type: 0 inactive [ 1549.635672][T26494] vivid-003: RDS PS Name: inactive [ 1549.641038][T26494] vivid-003: RDS Radio Text: inactive [ 1549.713047][T26494] vivid-003: RDS Traffic Announcement: false inactive [ 1549.990519][T26494] vivid-003: RDS Traffic Program: false inactive [ 1550.012195][T26494] vivid-003: RDS Music: false inactive [ 1550.017805][T26494] vivid-003: ================== END STATUS ================== [ 1550.595295][T26501] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 1550.603211][T26501] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 1550.693327][T26501] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1550.729618][T26501] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1551.418779][T26501] Process accounting paused [ 1551.704128][T26523] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3875'. [ 1551.944260][T26529] netlink: 338 bytes leftover after parsing attributes in process `syz.0.3877'. [ 1552.485740][T26525] netlink: 504 bytes leftover after parsing attributes in process `syz.2.3876'. [ 1552.659786][T26553] cifs: Unknown parameter 'à' [ 1553.382304][T26562] vivid-003: ================= START STATUS ================= [ 1553.390558][T26562] vivid-003: Radio HW Seek Mode: Bounded [ 1553.396516][T26562] vivid-003: Radio Programmable HW Seek: false [ 1553.402961][T26562] vivid-003: RDS Rx I/O Mode: Block I/O [ 1553.408725][T26562] vivid-003: Generate RBDS Instead of RDS: false [ 1553.415477][T26562] vivid-003: RDS Reception: true [ 1553.420580][T26562] vivid-003: RDS Program Type: 0 inactive [ 1553.426664][T26562] vivid-003: RDS PS Name: inactive [ 1553.432048][T26562] vivid-003: RDS Radio Text: inactive [ 1553.437817][T26562] vivid-003: RDS Traffic Announcement: false inactive [ 1553.455269][T26562] vivid-003: RDS Traffic Program: false inactive [ 1553.492737][T26562] vivid-003: RDS Music: false inactive [ 1553.545112][T26562] vivid-003: ================== END STATUS ================== [ 1554.267577][T26574] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 1554.275249][T26574] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 1554.318374][T26574] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1554.404035][T26574] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1554.906167][T26587] vivid-003: ================= START STATUS ================= [ 1554.971339][T26587] vivid-003: Radio HW Seek Mode: Bounded [ 1555.026247][T26587] vivid-003: Radio Programmable HW Seek: false [ 1555.043904][T26587] vivid-003: RDS Rx I/O Mode: Block I/O [ 1555.049848][T26587] vivid-003: Generate RBDS Instead of RDS: false [ 1555.112094][T26587] vivid-003: RDS Reception: true [ 1555.163552][T26587] vivid-003: RDS Program Type: 0 inactive [ 1555.169419][T26587] vivid-003: RDS PS Name: inactive [ 1555.203918][T26587] vivid-003: RDS Radio Text: inactive [ 1555.209888][T26587] vivid-003: RDS Traffic Announcement: false inactive [ 1555.216912][T26587] vivid-003: RDS Traffic Program: false inactive [ 1555.227312][T26587] vivid-003: RDS Music: false inactive [ 1555.243673][T26587] vivid-003: ================== END STATUS ================== [ 1555.524453][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1555.538054][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1557.439972][T26625] vivid-003: ================= START STATUS ================= [ 1557.471792][T26625] vivid-003: Radio HW Seek Mode: Bounded [ 1557.499447][T26625] vivid-003: Radio Programmable HW Seek: false [ 1557.509513][T26625] vivid-003: RDS Rx I/O Mode: Block I/O [ 1557.539521][T26625] vivid-003: Generate RBDS Instead of RDS: false [ 1557.550968][T26625] vivid-003: RDS Reception: true [ 1557.556144][T26625] vivid-003: RDS Program Type: 0 inactive [ 1557.581130][T26625] vivid-003: RDS PS Name: inactive [ 1557.604989][T26625] vivid-003: RDS Radio Text: inactive [ 1557.650943][T26625] vivid-003: RDS Traffic Announcement: false inactive [ 1557.748001][T26625] vivid-003: RDS Traffic Program: false inactive [ 1557.851444][T26625] vivid-003: RDS Music: false inactive [ 1557.857007][T26625] vivid-003: ================== END STATUS ================== [ 1559.451836][T26658] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3899'. [ 1559.470244][T26656] cifs: Unknown parameter 'à' [ 1560.031618][T26666] ================================================================== [ 1560.039787][T26666] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 1560.047578][T26666] Read of size 8 at addr ffff888144b13c18 by task syz.2.3903/26666 [ 1560.055516][T26666] [ 1560.057891][T26666] CPU: 0 UID: 0 PID: 26666 Comm: syz.2.3903 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1560.057940][T26666] Tainted: [U]=USER [ 1560.057952][T26666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1560.057971][T26666] Call Trace: [ 1560.057983][T26666] [ 1560.057997][T26666] dump_stack_lvl+0x116/0x1f0 [ 1560.058055][T26666] print_report+0xcd/0x680 [ 1560.058107][T26666] ? __virt_addr_valid+0x81/0x610 [ 1560.058137][T26666] ? __phys_addr+0xe8/0x180 [ 1560.058167][T26666] ? dvb_device_open+0x36a/0x3b0 [ 1560.058210][T26666] kasan_report+0xe0/0x110 [ 1560.058254][T26666] ? dvb_device_open+0x36a/0x3b0 [ 1560.058299][T26666] ? __pfx_dvb_device_open+0x10/0x10 [ 1560.058342][T26666] dvb_device_open+0x36a/0x3b0 [ 1560.058385][T26666] ? __pfx_dvb_device_open+0x10/0x10 [ 1560.058438][T26666] chrdev_open+0x234/0x6a0 [ 1560.058483][T26666] ? __pfx_apparmor_file_open+0x10/0x10 [ 1560.058522][T26666] ? __pfx_chrdev_open+0x10/0x10 [ 1560.058568][T26666] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1560.058610][T26666] do_dentry_open+0x741/0x1c10 [ 1560.058655][T26666] ? __pfx_chrdev_open+0x10/0x10 [ 1560.058703][T26666] vfs_open+0x82/0x3f0 [ 1560.058734][T26666] path_openat+0x1de4/0x2cb0 [ 1560.058779][T26666] ? __pfx_path_openat+0x10/0x10 [ 1560.058820][T26666] ? __lock_acquire+0xb8a/0x1c90 [ 1560.058859][T26666] do_filp_open+0x20b/0x470 [ 1560.058899][T26666] ? __pfx_do_filp_open+0x10/0x10 [ 1560.058951][T26666] ? alloc_fd+0x471/0x7d0 [ 1560.058992][T26666] do_sys_openat2+0x11b/0x1d0 [ 1560.059021][T26666] ? __pfx_do_sys_openat2+0x10/0x10 [ 1560.059059][T26666] __x64_sys_openat+0x174/0x210 [ 1560.059090][T26666] ? __pfx___x64_sys_openat+0x10/0x10 [ 1560.059130][T26666] do_syscall_64+0xcd/0x490 [ 1560.059176][T26666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1560.059206][T26666] RIP: 0033:0x7fa8f3f8e929 [ 1560.059230][T26666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1560.059259][T26666] RSP: 002b:00007fa8f4ea6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1560.059286][T26666] RAX: ffffffffffffffda RBX: 00007fa8f41b6080 RCX: 00007fa8f3f8e929 [ 1560.059305][T26666] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1560.059324][T26666] RBP: 00007fa8f4010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1560.059342][T26666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1560.059359][T26666] R13: 0000000000000000 R14: 00007fa8f41b6080 R15: 00007fff80dd3eb8 [ 1560.059387][T26666] [ 1560.059398][T26666] [ 1560.314046][T26666] Allocated by task 1: [ 1560.318157][T26666] kasan_save_stack+0x33/0x60 [ 1560.322907][T26666] kasan_save_track+0x14/0x30 [ 1560.327650][T26666] __kasan_kmalloc+0xaa/0xb0 [ 1560.332311][T26666] dvb_register_device+0x1e4/0x2370 [ 1560.337578][T26666] dvb_register_frontend+0x5a6/0x880 [ 1560.342925][T26666] vidtv_bridge_probe+0x459/0xa90 [ 1560.348011][T26666] platform_probe+0xff/0x1f0 [ 1560.352656][T26666] really_probe+0x241/0xa90 [ 1560.357219][T26666] __driver_probe_device+0x1de/0x440 [ 1560.362575][T26666] driver_probe_device+0x4c/0x1b0 [ 1560.367661][T26666] __driver_attach+0x283/0x580 [ 1560.372498][T26666] bus_for_each_dev+0x13e/0x1d0 [ 1560.377402][T26666] bus_add_driver+0x2e9/0x690 [ 1560.382137][T26666] driver_register+0x15c/0x4b0 [ 1560.386946][T26666] vidtv_bridge_init+0x45/0x80 [ 1560.391756][T26666] do_one_initcall+0x120/0x6e0 [ 1560.396567][T26666] kernel_init_freeable+0x5c2/0x900 [ 1560.401819][T26666] kernel_init+0x1c/0x2b0 [ 1560.406204][T26666] ret_from_fork+0x5d4/0x6f0 [ 1560.410882][T26666] ret_from_fork_asm+0x1a/0x30 [ 1560.415705][T26666] [ 1560.418063][T26666] Freed by task 26392: [ 1560.422253][T26666] kasan_save_stack+0x33/0x60 [ 1560.426994][T26666] kasan_save_track+0x14/0x30 [ 1560.431738][T26666] kasan_save_free_info+0x3b/0x60 [ 1560.436821][T26666] __kasan_slab_free+0x51/0x70 [ 1560.441653][T26666] kfree+0x2b4/0x4d0 [ 1560.445608][T26666] dvb_device_put.part.0+0x60/0x90 [ 1560.450794][T26666] dvb_device_open+0x2a4/0x3b0 [ 1560.455630][T26666] chrdev_open+0x234/0x6a0 [ 1560.460125][T26666] do_dentry_open+0x741/0x1c10 [ 1560.464951][T26666] vfs_open+0x82/0x3f0 [ 1560.469072][T26666] path_openat+0x1de4/0x2cb0 [ 1560.473725][T26666] do_filp_open+0x20b/0x470 [ 1560.478289][T26666] do_sys_openat2+0x11b/0x1d0 [ 1560.483012][T26666] __x64_sys_openat+0x174/0x210 [ 1560.487915][T26666] do_syscall_64+0xcd/0x490 [ 1560.492480][T26666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1560.498425][T26666] [ 1560.500778][T26666] The buggy address belongs to the object at ffff888144b13c00 [ 1560.500778][T26666] which belongs to the cache kmalloc-256 of size 256 [ 1560.514882][T26666] The buggy address is located 24 bytes inside of [ 1560.514882][T26666] freed 256-byte region [ffff888144b13c00, ffff888144b13d00) [ 1560.528751][T26666] [ 1560.531107][T26666] The buggy address belongs to the physical page: [ 1560.537559][T26666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x144b12 [ 1560.546515][T26666] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1560.555066][T26666] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff) [ 1560.562744][T26666] page_type: f5(slab) [ 1560.566766][T26666] raw: 057ff00000000040 ffff88801b441b40 dead000000000122 0000000000000000 [ 1560.575401][T26666] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1560.584036][T26666] head: 057ff00000000040 ffff88801b441b40 dead000000000122 0000000000000000 [ 1560.592757][T26666] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1560.601481][T26666] head: 057ff00000000001 ffffea000512c481 00000000ffffffff 00000000ffffffff [ 1560.610213][T26666] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 1560.618928][T26666] page dumped because: kasan: bad access detected [ 1560.625382][T26666] page_owner tracks the page as allocated [ 1560.631132][T26666] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 26952540979, free_ts 0 [ 1560.650997][T26666] post_alloc_hook+0x1c0/0x230 [ 1560.655819][T26666] get_page_from_freelist+0x1321/0x3890 [ 1560.661423][T26666] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1560.667380][T26666] alloc_pages_mpol+0x1fb/0x550 [ 1560.672304][T26666] new_slab+0x23b/0x330 [ 1560.676518][T26666] ___slab_alloc+0xd9c/0x1940 [ 1560.681247][T26666] __slab_alloc.constprop.0+0x56/0xb0 [ 1560.686680][T26666] __kmalloc_cache_noprof+0xfb/0x3e0 [ 1560.692020][T26666] bus_add_driver+0x92/0x690 [ 1560.696679][T26666] driver_register+0x15c/0x4b0 [ 1560.701500][T26666] usb_register_driver+0x216/0x4d0 [ 1560.706675][T26666] do_one_initcall+0x120/0x6e0 [ 1560.711489][T26666] kernel_init_freeable+0x5c2/0x900 [ 1560.716744][T26666] kernel_init+0x1c/0x2b0 [ 1560.721123][T26666] ret_from_fork+0x5d4/0x6f0 [ 1560.725772][T26666] ret_from_fork_asm+0x1a/0x30 [ 1560.730587][T26666] page_owner free stack trace missing [ 1560.735992][T26666] [ 1560.738349][T26666] Memory state around the buggy address: [ 1560.744013][T26666] ffff888144b13b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1560.752119][T26666] ffff888144b13b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1560.760231][T26666] >ffff888144b13c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1560.768330][T26666] ^ [ 1560.773212][T26666] ffff888144b13c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1560.781335][T26666] ffff888144b13d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1560.789436][T26666] ================================================================== [ 1560.838913][T26666] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1560.846222][T26666] CPU: 1 UID: 0 PID: 26666 Comm: syz.2.3903 Tainted: G U 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) [ 1560.859920][T26666] Tainted: [U]=USER [ 1560.863758][T26666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1560.873860][T26666] Call Trace: [ 1560.877177][T26666] [ 1560.880146][T26666] dump_stack_lvl+0x3d/0x1f0 [ 1560.884835][T26666] panic+0x71c/0x800 [ 1560.888799][T26666] ? __pfx_panic+0x10/0x10 [ 1560.893286][T26666] ? mark_held_locks+0x49/0x80 [ 1560.898107][T26666] ? preempt_schedule_thunk+0x16/0x30 [ 1560.903547][T26666] ? dvb_device_open+0x36a/0x3b0 [ 1560.908564][T26666] ? preempt_schedule_common+0x44/0xc0 [ 1560.914097][T26666] ? dvb_device_open+0x36a/0x3b0 [ 1560.919103][T26666] check_panic_on_warn+0xab/0xb0 [ 1560.924114][T26666] end_report+0x107/0x170 [ 1560.928512][T26666] kasan_report+0xee/0x110 [ 1560.933001][T26666] ? dvb_device_open+0x36a/0x3b0 [ 1560.938100][T26666] ? __pfx_dvb_device_open+0x10/0x10 [ 1560.943458][T26666] dvb_device_open+0x36a/0x3b0 [ 1560.948294][T26666] ? __pfx_dvb_device_open+0x10/0x10 [ 1560.953691][T26666] chrdev_open+0x234/0x6a0 [ 1560.958174][T26666] ? __pfx_apparmor_file_open+0x10/0x10 [ 1560.963782][T26666] ? __pfx_chrdev_open+0x10/0x10 [ 1560.968789][T26666] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 1560.975620][T26666] do_dentry_open+0x741/0x1c10 [ 1560.980456][T26666] ? __pfx_chrdev_open+0x10/0x10 [ 1560.985469][T26666] vfs_open+0x82/0x3f0 [ 1560.989598][T26666] path_openat+0x1de4/0x2cb0 [ 1560.994271][T26666] ? __pfx_path_openat+0x10/0x10 [ 1560.999280][T26666] ? __lock_acquire+0xb8a/0x1c90 [ 1561.004279][T26666] do_filp_open+0x20b/0x470 [ 1561.008856][T26666] ? __pfx_do_filp_open+0x10/0x10 [ 1561.013957][T26666] ? alloc_fd+0x471/0x7d0 [ 1561.018355][T26666] do_sys_openat2+0x11b/0x1d0 [ 1561.023086][T26666] ? __pfx_do_sys_openat2+0x10/0x10 [ 1561.028344][T26666] __x64_sys_openat+0x174/0x210 [ 1561.033262][T26666] ? __pfx___x64_sys_openat+0x10/0x10 [ 1561.038698][T26666] do_syscall_64+0xcd/0x490 [ 1561.043269][T26666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1561.049218][T26666] RIP: 0033:0x7fa8f3f8e929 [ 1561.053680][T26666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1561.073345][T26666] RSP: 002b:00007fa8f4ea6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1561.081815][T26666] RAX: ffffffffffffffda RBX: 00007fa8f41b6080 RCX: 00007fa8f3f8e929 [ 1561.089841][T26666] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1561.097856][T26666] RBP: 00007fa8f4010b39 R08: 0000000000000000 R09: 0000000000000000 [ 1561.105881][T26666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1561.113909][T26666] R13: 0000000000000000 R14: 00007fa8f41b6080 R15: 00007fff80dd3eb8 [ 1561.121940][T26666] [ 1561.125361][T26666] Kernel Offset: disabled [ 1561.129712][T26666] Rebooting in 86400 seconds..