last executing test programs: 4m16.078174253s ago: executing program 3 (id=2664): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/nbd9\x00', 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_DISCONNECT(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)={&(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRES16=r1, @ANYRESOCT=0x0], 0x1c}, 0x1, 0x0, 0x0, 0xc000}, 0x2000c800) madvise$auto(0x0, 0x2003f0, 0x15) r2 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f00000000c0), 0x402, 0x0) write$auto_cachefiles_daemon_fops_internal(r2, &(0x7f0000000500)='\n', 0x1) mlock$auto(0x5, 0xffff) r3 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x2, 0x0) socket(0x13, 0x5, 0x4) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r4 = socket(0x22, 0x801, 0x108) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1258, 0x1, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x5, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0x3, 0x7, 0x10007, 0x8, 0x2a0, 0x0, 0xa, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x3, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000]}, 0x1fe, 0xd) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x24b342, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r3, 0x8000, &(0x7f0000000380)="4d67ad96018c2bd102daeae8064d48f4d46d3d8de28da6fe") mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r5 = io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000003fc0), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_GET(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000004500)={&(0x7f0000000000)=ANY=[], 0x18}, 0x1, 0x0, 0x0, 0x40081}, 0x20000c50) write$auto(r4, &(0x7f0000000000)='*\x00', 0xfd) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x6, 0x0) symlink$auto(&(0x7f0000000300)='\\\':.\x00', &(0x7f0000000100)='\xfb\x00') socket(0x2d, 0x1, 0x0) 4m15.066052252s ago: executing program 3 (id=2668): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x800) bpf$auto(0x6, &(0x7f00000001c0)=@test={r0, 0x10004, 0x0, 0x1000, 0x106, 0x0, 0x0, 0xfff, 0x10000, 0x9, 0x0, 0x4, 0x7, 0x2, 0xfffeffff}, 0x1) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) mount$auto(0x0, &(0x7f00000001c0)='}[,&*}\x00', 0x0, 0x7fff, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x7, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xa}, 0x7}, 0x3, 0x0) 4m14.842628359s ago: executing program 3 (id=2671): openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/error_log\x00', 0x200b01, 0x0) (async) write$auto(0x3, 0x0, 0x7fffffff) 4m14.63263142s ago: executing program 3 (id=2673): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/version\x00', 0x3fbd02, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x400000, 0x4020009, 0xdf, 0x4000eb1, r0, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0xd3, 0x1, 0x6, 0x0, 0x1, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) getsockopt$auto_SO_TIMESTAMPNS_NEW(r1, 0x80000001, 0x40, &(0x7f0000000100)='/Od\xa5o1\x00\x00\xfc\xff\xff\xff', &(0x7f0000000140)=0x7) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$auto(r2, 0x5453, r2) getrandom$auto(0x0, 0x6000000, 0x3) socketpair$auto(0x3, 0x5, 0x7, 0x0) socket(0xa, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x1d, 0x3, 0x1) r4 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000841) socket(0x2, 0x1, 0x84) connect$auto(r3, 0x0, 0x856) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) 4m13.460439277s ago: executing program 3 (id=2679): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/version\x00', 0x3fbd02, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x400000, 0x4020009, 0xdf, 0x4000eb1, r0, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0xd3, 0x1, 0x6, 0x0, 0x1, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) getsockopt$auto_SO_TIMESTAMPNS_NEW(r1, 0x80000001, 0x40, &(0x7f0000000100)='/Od\xa5o1\x00\x00\xfc\xff\xff\xff', &(0x7f0000000140)=0x7) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$auto(r2, 0x5453, r2) getrandom$auto(0x0, 0x6000000, 0x3) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x1d, 0x3, 0x1) r5 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000841) socket(0x2, 0x1, 0x84) connect$auto(r4, 0x0, 0x856) listen$auto(0x3, 0x81) 4m12.375437198s ago: executing program 3 (id=2685): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x4000000000000, 0x6, 0x9, 0x2013, 0x3, 0x10006) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffff7fffffffffd, 0xd1, 0x3, 0x6, 0x0, 0xffffffffffffffff, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x31, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x10001, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$auto_FS_IOC_GETFSUUID(0xffffffffffffffff, 0x80111500, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) futex$auto(0x0, 0x8d, 0x0, 0x0, 0x0, 0x100) mmap$auto(0x4, 0x2000000000003, 0x4000000000df, 0x40eb2, 0xffffffffffffffff, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000006640), 0x2, 0x0) readv$auto(r1, &(0x7f0000000040)={0x0, 0x36a}, 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy8/netdev:wlan1/ap_power_level\x00', 0x400400, 0x0) preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x59, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioperm$auto(0x3, 0x8001, 0x2000000000000149) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/afs/addr_prefs\x00', 0x441, 0x0) write$auto(r2, 0x0, 0x40) mmap$auto(0x2, 0xfffffffffffffffc, 0x1, 0xeb1, r2, 0x8000) 3m57.14603132s ago: executing program 32 (id=2685): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x4000000000000, 0x6, 0x9, 0x2013, 0x3, 0x10006) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffff7fffffffffd, 0xd1, 0x3, 0x6, 0x0, 0xffffffffffffffff, 0x368e, 0x2, {0x100000000, 0x10000}, 0x5, 0x31, 0xfffffffffffffffd, 0x1008000, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0xa747, 0xdeb1, 0x804}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x0, 0x10001, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x15) ioctl$auto_FS_IOC_GETFSUUID(0xffffffffffffffff, 0x80111500, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) futex$auto(0x0, 0x8d, 0x0, 0x0, 0x0, 0x100) mmap$auto(0x4, 0x2000000000003, 0x4000000000df, 0x40eb2, 0xffffffffffffffff, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_cpu_latency_qos_fops_qos(0xffffffffffffff9c, &(0x7f0000006640), 0x2, 0x0) readv$auto(r1, &(0x7f0000000040)={0x0, 0x36a}, 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy8/netdev:wlan1/ap_power_level\x00', 0x400400, 0x0) preadv$auto(0x40000000000003, 0x0, 0x6, 0x8, 0x5) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x59, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioperm$auto(0x3, 0x8001, 0x2000000000000149) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/afs/addr_prefs\x00', 0x441, 0x0) write$auto(r2, 0x0, 0x40) mmap$auto(0x2, 0xfffffffffffffffc, 0x1, 0xeb1, r2, 0x8000) 9.771141847s ago: executing program 2 (id=3515): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sysfs$auto(0x2, 0x4, 0x0) utimes$auto(0x0, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x400, 0x0) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000580), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000005c0)={'rose0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'geneve1\x00', 0x0}) r4 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000540), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_NET_SHAPER_CMD_DELETE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x47, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090027bd7000fbdbdf250200000008000800", @ANYRES32=r6, @ANYBLOB="1400018008000200060000000800010003"], 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0xc050) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r0, &(0x7f00000007c0)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000640)={0x140, r1, 0x800, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_TSINFO_HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x24, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x1ff}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x7}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x6}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x4}]}, @ETHTOOL_A_TSINFO_HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}]}, @ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x1c, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x10000}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x8001}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x5}]}, @ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x2c, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x8}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x1}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x3ff}]}, @ETHTOOL_A_TSINFO_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}]}, 0x140}, 0x1, 0x0, 0x0, 0x80}, 0x4000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vkms/drm/card1/card1-Virtual-1/edid\x00', 0x8000, 0x0) read$auto(0x3, 0x0, 0x80) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c05, 0xfffffffffffffffd) shmctl$auto_IPC_INFO(0x7, 0x3, &(0x7f0000000240)={{0x1, 0xee01, 0x0, 0x3ae, 0x2, 0x3, 0x8f}, 0x47, 0x80000000000, 0xfffffffffffffffd, 0xe9d, @raw=0x5, @raw=0x9, 0xfff9, 0x0, &(0x7f0000000040)="80d80a2bfb638ac8577f31985d0dd2912f72ba10a65370c807e97f95794b1052a556920da467237a410c7fcf0dc91902e1cd9fb3c5bf56b20a3ab0ccae6998c9ef8f820ba14f0ccb5d0f7e647a79e3e94169a036960a66ac6357dbe7b0e109bf4763a1b51f0cd5bcd76ca9e22c56f2e1bf75ee727bb4ac4d0af5688520758bde7a7b3a35c47067a6ddae3861347ec3c4db2646f614d723867fc9b4d7c24c63eebf7245bfee241376d6e91a3e2f0c6d0e03272a76ec12447b44f1f2000f1612f2b9a4ea40ccf90d834f7218409d0463df37078db86790a6b395ccf72861e265", &(0x7f0000000140)="1065dcbaf7d487e6bf6f72d7ac19895c13587e4a72ef66d0be1b8453e5baa588e90ee12c02a04e8f83cedfc9babb50ffd2e392980b346da70cc9035531d13b58fefae0e5194970108cf1491a3390ccd711d80a68bd08074fce264bb3906150d834225a9d160767e338733ffa3a89c0a33f07fbb7a8a66132cc1969a564b842470fc2751e8720330fe139ba3edfaf2e35f75b48f4f3829dac2b0401c7e3a844540bbad3f6150d77395a02f6171623166410c28254321791993825fab582c87bd12092c2da5a0cc0b4ee0962af07ed3c8886"}) shmctl$auto_SHM_STAT(0x6, 0xd, &(0x7f0000000400)={{0x1, 0xee00, 0xee01, 0x6, 0x7ff, 0x0, 0xa0}, 0x1, 0x4, 0x4, 0xe87, @inferred=0xffffffffffffffff, @inferred, 0x5, 0x0, &(0x7f00000002c0)="955129f31008e1fdf35afa47d0aa5837b2c832ba072aa83db6a740f20e0a49b6e63afcebd4d97852c0b5e2ace320c6139c9c457b08969bc9b278f7122d165f8627f928ef05aba78911e47e865cb2d2b000dc4f0cdde951a070c5a7cd2aa7c0c3190a98ae6a035e4270fde16465767677f5e7b5022068c98e4f281d8f76b2064e315484c80500b0176dc3a92cfb11cbe1e68911f4be7f934dc718b1e926", &(0x7f0000000380)="b0df12a5e71c63d160fe74a0189da074986b0ae4715628cc4106701790d5b944b9c634a02a3bc51ac8b0c7c160d9121906ec5927df1e1ea7932232fbaccdd988a3d91eb002522f271f62265adcb9617e380f7f0992d1c0c7b80af5ebfcc387"}) ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f0000000480)={0x273, @raw=0x100000001, @inferred=r0, 0x0, 0xfffffffffffffff3, '\x00', {0x40, 0x1, 0x0, 0xee00, 0xffffffffffffffff, 0x3, 0x0, 0x8, {0x8}, {0x2, 0x9}, {0xfffffffffffffffc, 0x2}, 0xb3, 0x2, 0x3708, 0x10001, 0x8, 0x4, 0x2, 0x1ff, 0xce, 0x8, '\x00', 0x5, 0xa, 0x4d, 0x55}}) keyctl$auto_KEY_SPEC_USER_KEYRING(0xe0, r7, r8, r9, 0xfffffffffffffffc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r10 = socket(0x10, 0x3, 0x9) write$auto(r10, 0x0, 0x5) r11 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f00000002c0)={'syz_tun\x00', 0x0}) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r11, &(0x7f0000004100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x2c, 0x0, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@MACSEC_ATTR_RXSC_CONFIG={0x10, 0x2, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x6}]}, @MACSEC_ATTR_IFINDEX={0x8, 0x1, r12}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040801}, 0x4000040) 8.952807055s ago: executing program 2 (id=3517): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) r0 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) read$auto(r0, 0x0, 0x1) write$auto(0x3, 0x0, 0x5c8) r1 = pidfd_open$auto(0x1, 0x0) r2 = waitid$auto_P_PIDFD(0x3, r1, 0x0, 0xc, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rpc/nfsd.export/channel\x00', 0x8f3b7a51b8162d21, 0x0) write$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000040)="20edd9d1027e0dc0023af10e9bfa1babfa3a3753ca9aee370a", 0x19) mmap$auto(0x0, 0x2000a, 0xdf, 0xeb1, r3, 0x8000) prctl$auto(0x5, 0x4, r2, 0x6, 0x1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000740), 0x101000, 0x0) ioctl$auto_USB_RAW_IOCTL_RUN(r4, 0x5501, 0x0) setuid$auto(0x800000000008) 7.768402044s ago: executing program 2 (id=3519): syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000f40)={'batadv0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x140000e4) 7.361335739s ago: executing program 2 (id=3522): sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, 0x0, 0x14) getpid() mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x9bc, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x23, 0x80805, 0x0) fanotify_init$auto(0x5, 0x2000000000002) io_uring_setup$auto(0x3, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYRES8=r0, @ANYRES32], 0x18}, 0x1, 0x2000}, 0x80) 6.786260303s ago: executing program 2 (id=3524): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) mmap$auto(0x2, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zram0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r1, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0x10b000, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r2, 0xffffffffffdffe00, &(0x7f0000000140)=';') socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xfffffffffffff81f, 0x3, 0x7fff, 0xfffffffffffffffa, 0x8001) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0x42c883, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x4, 0x0, 0x9, 0x7) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) msgrcv$auto(0x71, &(0x7f0000000040)={0x4, 0x3}, 0x59, 0x7fffffffffffffff, 0x5) msgrcv$auto(0x0, 0x0, 0x3, 0x1, 0xf1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) ioctl$auto(r4, 0x5609, r5) 5.746518207s ago: executing program 4 (id=3529): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000f40)={'batadv0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r0, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x140000e4) 5.646607845s ago: executing program 0 (id=3530): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="3b3d2abd7000fcdbdf250200000008000300", @ANYRES32=0x0, @ANYBLOB="0a00090001"], 0x28}}, 0x80) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e"], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/amidi2\x00', 0xb02c4, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0xfffffffffffffffc, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x40040) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0xc0603d06, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r2 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r2, 0x9, &(0x7f00000001c0), 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x10000a, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x1, 0x10000, 0x80, 0x7, 0x0, 0x8000027, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100]}, 0x1fe, 0x200d) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5.275083551s ago: executing program 0 (id=3531): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_SET_MESH(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x24, r0, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140000e4) (fail_nth: 1) 5.120465369s ago: executing program 4 (id=3532): socket(0x2, 0x3, 0xa) (async) sendto$auto(0x3, 0x0, 0x11, 0x10, &(0x7f0000000140)=@ax25={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x3}, 0x19) 5.037572845s ago: executing program 1 (id=3533): sendmsg$auto_NET_SHAPER_CMD_GROUP(0xffffffffffffffff, 0x0, 0x14) getpid() mmap$auto(0x0, 0x4, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x9bc, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0x23, 0x80805, 0x0) fanotify_init$auto(0x5, 0x2000000000002) io_uring_setup$auto(0x3, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYRES8=r0, @ANYRES32], 0x18}, 0x1, 0x2000}, 0x80) 4.456081211s ago: executing program 0 (id=3534): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/gro_flush_timeout\x00', 0x88282, 0x0) write$auto(r0, &(0x7f0000000000)='\x00', 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x200000000000404, 0x0) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x389803, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x2081, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_STALL(r2, 0x550c, 0x5f) rt_sigaction$auto(0x7, 0x0, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r3 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) ioperm$auto(0x4000000000080, 0xfffffffffffffffb, 0x5) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x4000000) connect$auto(r3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x25, 0x0, 0x90) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xa00c0, 0x0) prctl$auto(0x3e, 0x10000001, 0x0, 0x1, 0xffffffff) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x6, 0x4) eventfd$auto(0x5d5d) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x4, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) madvise$auto(0x0, 0x200007, 0x19) mq_getsetattr$auto(r4, 0x0, 0x0) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="01002d"], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) 4.432083317s ago: executing program 2 (id=3535): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x63a2) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/v4l-subdev3\x00', 0x16ba00, 0x0) ioctl$auto(r0, 0x800004, r0) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/iscsi_transport/iser/uevent\x00', 0x2000, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0xc01) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x1, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x7fffffffffffffff, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x1, 0x14, 0x8) setfsgid$auto(0xee01) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/swaps\x00', 0x40000, 0x0) remap_file_pages$auto(0x6a2b, 0x81000, 0x0, 0x400b74, 0x66a) read$auto_proc_pid_maps_operations_internal(r2, &(0x7f00000010c0)=""/4096, 0x1000) setsockopt$auto_SO_MARK(r1, 0x4, 0x24, &(0x7f0000000100)=']}&##/\'.\x00', 0x6) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/psaux\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/udp_early_demux\x00', 0x28802, 0x0) read$auto(0x3, 0x0, 0x80) r3 = openat$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/trap_flow_action_cookie\x00', 0x2302, 0x0) write$auto(r3, 0x0, 0x2000009) 4.324712658s ago: executing program 4 (id=3536): mmap$auto(0x0, 0x7fffffff, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$auto(0x0, 0x1, 0x7fffffffffffffff, 0x9b72, 0x5, 0x0) socket(0xa, 0x801, 0x186) listen$auto(0x3, 0x83) setsockopt$auto(0x3, 0x1, 0x1, 0x0, 0x9) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram9/queue/write_zeroes_max_bytes\x00', 0x20400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)=""/255, 0xff) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC1D1p\x00', 0xa00, 0x0) mmap$auto(0x4, 0x40009, 0x80000000, 0x200000000009b72, 0x7, 0xa) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram4\x00', 0xdd01, 0x0) ioctl$auto_BLKRRPART(r2, 0x125f, 0x700000000000000) msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'macvtap0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="e5b726bd7000fcdbdd251900000020000180140002006d61637674617030000000000000000008000100b5e197cfa6534b99ccf4dd787eb07931ff9da1b1be7ad2a9ca81cc97f8ef2cf7e308e1579fda486b6fd860ce5867896d40c2977c39fb795852808b279c9f5f55e54f28627f6af3d4cf4926229d11fad9a3ad6e0b14f92cffccae0423051b59118b264f865095f6310e6d9e2d8fd2d6efe8f1e32ea120cf9faeb20ebcd6a5fa30900d714d5a4094a41f4cd4147de0666f5ba683073cb555c64ec66506e45f60d481e54b1c663dcf2c1632977333b275b2c8627af93590298cb82862d6bf0a4f782b19d858459c4c7db7734b73aa3a96567381f64255552a53199d582184fc06ba8e3ba3fa130d40f753035a84a5012d9294096aeb41ccf3825a9d297eb6077859aa5cce6d669b51d1735a8e368bcdfa64cb70fad61ef8e0ef0a793e1c9dccda7e86f4382e4e41aea7db057a9fd44f58257ce75fde2c4c57708ace964789fa518c868ac4259abf28757fada86176a404c4ef7c0dfeaac8df8883ecb6ea5853fadca4824d1ed4df6900b725ac82acd3d84b66ab377d2878bfcd1263e819e164da08058c2c860843666656637566d733534483f1a091a9be34c810d14d4f986ccd37ff27417b0535563241f17a3eafc205698ba37cbb72", @ANYRES32=r5, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) close_range$auto(r1, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x200, 0x1) open(&(0x7f0000001bc0)='./file0\x00', 0x68340, 0x0) r6 = open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sysfs$auto(0x2, 0x100000000000034, 0x0) fsopen$auto(0x0, 0x1) sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(r6, &(0x7f0000000a80)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000a40)={&(0x7f0000001c00)=ANY=[@ANYBLOB="a4130000", @ANYRES16=0x0, @ANYBLOB="08002cbd7000ffdbdf251400000088132f800800cf00000000003710c980a710d0c7f18e3175504b7bf950174074c4ddaf7e5bfc3314006f00fe8000000000000000000000000000aa0400568004103500d4e394dda18aaf62faf177e370d6f5495dfa7478f8883d877211b6f4eb3423d0688098987aff1ae87cd60501bfa8e4baac81ad768dca46f5ecf73fb7f619aa18308470834af10c615bf2317331ee3495e23d1dade3d3c914e8107e6b9ee3d470dfdc614ec806ff2721da977f9e7f71ee327592a4a7e5580a1768a52420bc851ea4693149f4026b4cb489c0765fb3a04f70106d4b0401e8a0fe814c7001db360c82b8dabfb4af6120be79818ef7999c38112aec2efa81f47f7d3c6545de6f28243534b42bec5e5b8506f7ee59dd582273a7e191f940e19cc180eba002359084bef73146f77f78a5d34bc1ccd4eb5eb1e3cf366000199a096ba6c6a8647e8ca0b9cc8695dda1f496e201e83075d8f3e71d6f5fc82bda9a2a336f9d5a1aad52f9f3d3f9fe5a5bb45c2c60effa6abc998edf175e369a85b01bb8d928870d4a8300f2f794fdb12291635d23daf21d3386d208b15e507a9a3f3b1d5a5c5c3a9c7e32b4efbc05d73b66b2a3a6f94c391d91d74b5902ce706427da703adac965f7de0b3d742f3c90dabce9a527fe0913ed3e2385e48f62f4b90727368180aadd8392875e468df21b612a2f8ccd392658c904de3bd0efa3fe07f45437c42e3666d83acf214b9292161c2ac18032a6c82d6fad10b3457e7fc81ef7818c1d968dd6152b992f98023b4ec4d4e010e69fe49925c5bcff8efb9eb3611ad94599f7fec4d578e71a1dab20533c2b22c622248c978f5cc55eceed72876020f81039f63d2dc8a225aa3429766f3baa621cc1a012ab65294c4a0a146dc3380a32b72893201af372a935e7e65089e8eb04e03ebd81d962a96fa8f78e78606b522db247cad341e0b039a6ec453cf1054aa1350ed240cc1192c88faf6434fd6079ee24b45ded386d406140ccf29b48707f0f57473fdb890edc99b7be21a5ca5b20b2d69d66b6002d9857540a5512ade5c5698329b2f4dcccb8276a9b633bd5ef2a3e179c4ba4c53c9d75bd17313e6b05061c76125badd4e54a290196de3739fc7535d8e9d7cae8e9f5cbb51c77c873ca8a443616dd0cec8ab57b093f054d3f50ad74df91330fe5745cd23eb769bb5263c23b97bf1b85f55d71b1f8440ada1ad431aa9f03886a6b07b780fa9382195ee5bca5fe0828501a86ea15cc8bc523b750d86ce30762a3483ceae7447b510cec3cdddd7e79f4680c79a455796b47e66a23f156aba7e622ff6603633c2f8c6c1a5501352e9a7840ac35c8cea806b471178c2f7d11d269ecee1f0b869c88aebe8fb1bda54e14afc7aad2fc20789f028c20f88b38e97fcf4d260c0ece904cbcd3c75cbe7ed6b08f83ea86ffa008b35ad0adec21e2c4df85ed915afe6d1726a13b763ca1cde511e985c15614e9cfbfe6a2a392e0765651dcc1a5b3f1889e30d36f12f6e61a5cd7f2ebb7260d7ab0447f6b817bf2c0c5b7c1bb907e1113c1973121af6a7f394218b88cd9ea5297a22e5b67c247b8fa00c6f5815e302c92fd8bd621f74596b2dc45cbb5da18176bc579124b38566748c29496ff65462019adcec614e88b31e85282ebfbc80df8e9763f19056d071623777578b83d8460be72258c9b239545b879cf337eb15b2b623129a114cc3a4d126f24d7a5084e5a7202d27c24acc2ee4b3fb1e51552186c5591b0f571f69ae475cee234c9ba1c7c31085ff08b740cfd6b76a600a8b0cf7cb7c51fc51c3f1a8971c5a184d1649bbfa68d4ef04bd5f78e56f1972051fe24238e1c7b5a9e9cef2ac68142fe22f202b754b5c25b2e1323a237be962c65d0814ca847bfd69dca32a9bcb8c38df2184f7e628505572c5147e575e978ab9d8749a67baf25d20710d9a897d68ebd7dc877600faed46dc66dc9632e0c5b73ca67a95a2d29dbc2101d6c7a6f9bb310b39fcfe4cd873c418615c29a9d5ea0a182891bc12959b31c056595ff117a8691d17024e037a1dffb6c683042ade292fb6e16af3659037c00a6705440e5bb013a9e8569db26f5b44300fa88e04b1b9774f22cf36326fdc8f53375842ed153a1552d513cffb0d1e3bde1aed47862efc24a41425f71f59d4f455aaf6663a9125dc9000fb333b8e6528bdf72414fb70b3de130062c6968ac41bf07d705759f295b830e7109abbf16ca3aea4f599579da3109a9f4ee2330f3b84e7b279e5b8bb68de35372de4fddf403939df989b07f6d4847777817f08615dfd60419722aa9556e653cf786b6bda150614943b2a78ea8c0137ed3dc612fcf957611594d40ba7fe81d187d5831f85efc4ad4060387d6468d9ec7daac4a941106a8c302078360541f5b32019b2e82c18ad5cb6fe4cf422932126bbbc3bb8366fc47beb3212b4274d8135a9f424133e4da9df7eb06061d2b87b714b69dd4a19f08ff7b5661d1a2e0b196da394c0c11f5c3dddebfa76d81533e9d1e3b4a2576f0ebe82be9c4f7efd8677b88c5a31ee41b29ea69eff41edc7946db7b5b3a1664e288665819bf54bedbe3e3ea7f609e6c3a29666cc9c650b4510f71d626dd5f3c700c3c318434ce635b0ffac4c670202b8fe344c388250ad232b6369322ee9615fcba20d2b883fa7620f119ac1237bd7dd5052aacfba7c81c4075c064611b14d239fceffd396e7929d0a7e205818b3116f12ac38934fb84fe51ac4eed99ca0179b734991407afbf3f9ad37fb717590fcf9a6933f90ae77c6dd800bce27ba716dea89492e5a5187ba5d0e7b0dbe31bd36a57d4c3b487174f379ee7a27a03f9706b0ea7eabb646675a1d13b3b56e49a6a5cdee18f153ef1ff3042823420f5fa7665c511c94273beb8e707e50f0e421c82c756eb57515b2c72da81d3d69137fbfd21611cd05abd30d9dadeb3e460e437600c19258961e1fa0a6f5650d510dde2879c35305ddcf1f797a356a63dc312268e301f2dedeb05fd96bd26a6503d233866be7bd53ef329ebce1d2ffbb6454755a67d6888999214073a06b4022220d97c9f6abf950d02b17046f278c483326e0cda2b9d74e63f56cee7535ada50d7f4a5bb25cf40a6eb2890873a8b35ffc0cce9a7f57c4bd2939eb82f2c88e24bf8ce07df24af706d4c6b3590d1dc3e3db4693265b82f09ddd5984ca62466e36584b8444ba200cee51d01c8d2ce20bc0020d335f1ce67597cf1beeb3dbb2f700316032e2f7c6386a4911cc15154509eb535bb247d38f09add39274300e21a1a51cbd1fe9fe9c49ea90b72866ee6b2952d75d4792fe1fbff14bc61c44d056295c89afdb9d8001519a0dfc2b29ceb21ed2a0f5ce9f47d60120f1c835e79ebe2f4c4790d389d7e1c0858d7affdec6f25a12f16e1411c82e8653e2ee748c847630a76127f5eba8905cfe1b35168c616e998eca18178e8da932501d6c802259702e99aaa0fcd484b37daa56b7325324363559e174814d04b0913032e113362b9f1c1c922ae62ffa4b09c1e8a16992f501ea28e5e308c84b52ad91d69f33451d1479da29ecf7e049fb51e061744117577cb49e8e70fe95b3dcdc358191986c6237b6ea999ead4aea903016e84a17e2bd78faf271a6f12fecae5967faf78992f29540d8131ddd20225cc82808252a3e9d0c9caf634e6a569f6bd88533123c2be0dce5410316e45e43d89e6ba7822d6661f409decac356815b7e1a42eded1c2e3df6d550d1f09d34fb98e295582db3b4681d1f202079590fff469735ab40322d76d42fb336612de637e9eb8c0fc5ec123a6fb486b5b49e06ad4ae8e30c2ad5cd81d67bfa8ca8408141d0bf002f2ce60a67b3e3facadd09dfe687925c5ab680ae258eab392c24faed34b2047062d1adf5192b5a806107855df672d492e3292519fe35240c267dbcff6444a37dcceda3a26c996cacf10aaaaa9a2139c5d5de62c64cf511c20dc8ccb0f2a7d74af81a9a0c052587a2f768391ca2bf4d6950c3cd0abb4b9dba7f5214f37ad3b52e3eae4096b0b6892c2ea63428a322faa5818cef9c74fb42f4fae79324769c5a2a555f9f591dec9ce75e3665f144c9606d778645f92958f43b3efdb65e4783d85354ba02216337e228bc844870b40536c637cc5dc1e619b22bed4063579c492137fcd3b72098a03707107e041c05f7db27521c0acc6863cc3e2691422e07fed4f6ef2754a47f90a92ce05b4788574301a0c8551474c887003b9bae56d1c1a71d2fc75a8557908f919c974046c31bbb15f75ee76e227b59c2bba866f32dee5360efc809a5868887c3fe243dfc3aa89694b0ea5d0ffd129b23174dedef3f6e07db907d0821870c824f03369f15d16183d81a2c0b40c5ab113219dded882357ac71260aca56c21c956483ad782a604618758bcd61e35dbb2a80a30916867e2405036c19c29437093989c165f98d46f152d1dbcbedbc0190c4d73685fb81409174d048a78f790372244b65e2301d92fc90fbd34aee4cf4c6b40ff53689b46add8c2d3eeb51fafade72c9157a5796f2c364ce545a290f97fd7df13a1df4dc57e4a45372b98f727cb0723286f18d12ad9c2241b2e3fb5582ab44f18b1d8d90331149d859de8c198c91d7b730a4f4ae561858ecc87ff9880c3bc042d80db5267eacf74715bd4af9a8822fd08860467da078d7366d0aadc7376cf472509664cf4e1b67a6c3edc05767b10695fde457cdc5c6f05436470db65705a7bb7b28317c4a9375f44afbca0059e0f5a1a321534b8ea62c3f645f2fd4450740a19af15a778ea4e996326961045ff717d771bdb3c110af5dcae93a8c98e13c2afb979a32aa7ffec89dc9e665f9b1271877de9ebf1823ffdede211c749a244f1feecac807238876b1cf2a718b850dab4fe02eab6ab2578dc821becbdaee6fe61167b40d1d7c1d9f1d9f23a3f9721d849a554f7083f611115501db08ff78abc5a4bd7184a7eb6a217475967ce61cc8ba8d7dbe1f65fe4438581010263c4dff9654039471084c4a9f4990d9ac271a10bc62d7535601c13c76782e9921c817620c5e6e0719b27485af4dce25945f4246c8161162bbddfd16812d187f1902451ffeb13221ac3b298f7ce4202b80dc5556e6a74452bb6ef497f5a96d532259ec8bb3b3b15a1a248129e2171c077e04b66cdccb4ed5c8fd95202549aa709f796e26fb2a3f256face32f287afe47f16c0395637b2e3226a0041bf3d6e2c9d5272ba4d2693245bc26e27fc07104e8eb6346a6b9b3938c32e26769a0ec3d9c8c64e930383bf2e94521e8d66c91244b815011f7997fd2ddad8a646d6060e95b11500b12e26bc0db4af1c48785e19db95a8202fac0111a9fb1a24ae80b2d47c084b9eae38cca82b437c3c0cbc065970b6211271c625f797dec080b0fbf6d9dfb02abcf178ead9ce5582259b5d0d9fad818a434c7e44ee55f943c5010a7e100b210f9e1fd8bc9a13ee04c111e606986f6fb228ee6f7b5e1d7164a8141e859ac902518e88117298f4217e1ed918f4cbf2aae2c027eab843c219087c4fa01187426b5353c23515f2bd53a883bb097dc0d9840e6d11f2d8118137d3d72ba2f7ca13545a7c3193d1ee65663a2ea9791f811de93d5811c9a740c6398f7b598ac0fe55418cfb84de76b4e94e6ba710c53372e96fd90c4d0580fbdb0ad16429834277a6ec81a314e1295177d0057fa53360e3acfb10b11222b5a3a6f9a5315c4666412aa3de4a6520aaeebe296d53ab199ca47c95c09c796236cf92e1efa2b5e93f21452d650811d2dda13769b68259a1d4e8141f484b943a1e3fd1d794e336b0ae2a503d791400a7ca1c06a077f9681852d877d983db29c8b0977b094de9059667079ad233912253afb4a62ef5295208b893358c74f2994e3ee8cd553d92e6409add006901af8008003f00", @ANYRES32=0xee01, @ANYBLOB="9f003d0007171a1c5583ae030ff5b4438805134c05bde16882a2197afb8175368df2c8519263107827bdaa655fdb7be005bc7bffa87352d5d90456b03327f6bcadbafa4b940c74e1d1463fe3a28d81ff6ecaff38b6dafe6868cc2e6457b4d0e1d749b6005ae3b2ed50e3edb9dc766d43e4549ffc216463e5007d087ffb83d95b2e8482a8d00b7b0f0ffd5960b069992a1ff97abbf62cf380f4dd5c95ca89bf00741720c425791aedcfe0c3783113f670dbdbf8465aa60bf0d7bebbe5a558474a479367aea62448e298445f48656b84280d3d507ad8eff3e0485fe85377d725db2691f923425a55558815f0257f507cddaa19223d4461f2654974649297cfe85c236c90edff8b5494aefcd4afa3c15d34fc38993a2e9ca2cf029f9603aff0cc90c7d6eae4d1422b023decc9894f28dd4350b7b9fce3c6282539608a4e17af54112aab25ac04a64e7b467c5038de4ecb3af973af107bbf5e64bf04007d8000000008001f00", @ANYRES32=0x0, @ANYBLOB="4201278008000200", @ANYRES32, @ANYBLOB="6cc04bbcf4fd57b9215be6b862eb9e5471cd60e5b20f961abf55c8ae2a6cb22df87323d690b89eb8a9e55f21a3620c00ad000100000000000000d8ddff8c04b4ec6f8c14ae3f6b88fb70d4fd193feef6feb5637ccafec37706643874e785e3c0f1affa1140b606936fc60cc03423e82367017f15ebc26c11358f89f298ea02decac8ee5a3afa30c91e1a0956d151cf6968004d7a49700771bf01cb2a608381781fe84044300f9d250d13ece19c6467da44190b556048a4e1af95a1e3f02195855f313409caf9a3300c2dc5fc90943366ce5a2111359ca3c4ddd2cd554ef082fe75bf9c50517a70a3dfe448c40a1838943dc7f6ca6d2be2b4d0657177a92527ac1fbe78b4ac267ffe19b6d45a97cb7e3a4b3dfd73c36436d32f9b296c661a382258758b7fad8408000600", @ANYRES32=0x0, @ANYBLOB='\b\x00D\x00', @ANYRES32=0x0, @ANYBLOB="00008c00b08004007d8014003d0000000000000000000000ffff00000000c1e9c9bceb923e3891338ba849f6a407eb1c0d4c4577fc6feee4e2261979e7924e7d602323fce4aed99f3062ace1233d35954f40125707057e4ca6df88f90a211fde9c579bab230bcd5fc47a20cd660097b1af2d37190a2996a7fab98a2c7a6308006a00000100000800d000", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=r6, @ANYBLOB], 0x13a4}, 0x1, 0x0, 0x0, 0xc0}, 0x8080) 4.306064227s ago: executing program 1 (id=3537): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/version\x00', 0x3fbd02, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x400000, 0x4020009, 0xdf, 0x4000eb1, r0, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6c, 0x0, 0x0, 0xfffffffffffffffd, 0xd3, 0x1, 0x6, 0x0, 0x1, 0x368a, 0x2, {0x100000000, 0x10000}, 0x5, 0x8, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r1, 0x0, 0xa3db) getsockopt$auto_SO_TIMESTAMPNS_NEW(r1, 0x80000001, 0x40, &(0x7f0000000100)='/Od\xa5o1\x00\x00\xfc\xff\xff\xff', &(0x7f0000000140)=0x7) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) ioctl$auto(r2, 0x5453, r2) getrandom$auto(0x0, 0x6000000, 0x3) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x1d, 0x3, 0x1) r5 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000841) socket(0x2, 0x1, 0x84) connect$auto(r4, 0x0, 0x856) listen$auto(0x3, 0x81) 3.012539889s ago: executing program 1 (id=3538): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x20, r1, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_WDEV={0xc, 0x99, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x400c080}, 0x0) r2 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_SET_MESH(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x24, r2, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140000e4) socket(0x1f, 0x0, 0xfffffffd) 2.83532363s ago: executing program 1 (id=3539): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_bch_chardev_fops_chardev(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, 0x0, 0x141f02, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, 0xffffffffffffffff, 0x4, 0x1ff, r1, @relative_id=0x13, 0xe600}, 0xf) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) readv$auto(0x6, &(0x7f00000000c0)={0x0, 0x1}, 0x1) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/dummy_hcd.6/usb7/power/wakeup_last_time_ms\x00', 0x111040, 0x0) 2.70544989s ago: executing program 4 (id=3540): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="3b3d2abd7000fcdbdf250200000008000300", @ANYRES32=0x0, @ANYBLOB="0a00090001"], 0x28}}, 0x80) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e"], 0x1ac}, 0x1, 0x0, 0x0, 0x4044000}, 0x800) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/amidi2\x00', 0xb02c4, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0xfffffffffffffffc, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x40040) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0xc0603d06, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x10000a, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x1, 0x10000, 0x80, 0x7, 0x0, 0x8000027, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100]}, 0x1fe, 0x200d) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.96713887s ago: executing program 0 (id=3541): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000f40)={'batadv0\x00'}) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x1c, r0, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x140000e4) 1.86524275s ago: executing program 1 (id=3542): getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x8) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x3d, 0x0) (async) sysfs$auto(0x2, 0x3d, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8) ioctl$auto_SG_GET_ACCESS_COUNT(r2, 0x2289, &(0x7f00000001c0)="748c71542be98e7700000000000000007884738ab8c9fd79566afe07fed0766d2e8bd35c75d932c63b808ac700554d6a78d7bbe3399917458bbc021fdb7ee40383d779897f9063e4b275c918f0673b89058d76baf95d9101d716f1deb20e64fb1855a6998b29bb21f4557521a2e6b09332284f8a1c410f8cb5237a2c2dfdf413c7896d1dbd0321cc7b0d144d5d53515e268687110969051804deb3cce3b2b0f81123e08f43a5d76cf8c3120934107ad931d62e53d861d3f5e79eb900e9f537cc2f62eca0b4348aec16bb8ab6ad1463b157d37dbef4b455fead5a81a4f5149a5cd1c4") modify_ldt$auto(0x1, 0x0, 0x10) (async) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) (async) r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0x0, 0x0) pread64$auto(r3, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) (async) pread64$auto(r3, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) getpid() prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch8\x00', 0x0, 0x0) (async) r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-touch8\x00', 0x0, 0x0) read$auto_v4l2_fops_v4l2_dev(r5, &(0x7f0000001040)=""/4096, 0xfffffffffffffc91) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xe, 0x1, 0x948b, 0x3, 0x11f4da0a, 0x3, 0x3, 0x262, 0x8000001f, 0x4785, 0x6d3e, 0x9, 0x5, 0x400000000000]}, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xe, 0x1, 0x948b, 0x3, 0x11f4da0a, 0x3, 0x3, 0x262, 0x8000001f, 0x4785, 0x6d3e, 0x9, 0x5, 0x400000000000]}, 0x0) openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/trace_options\x00', 0x40000, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) write$auto(0x3, 0x0, 0xffd8) r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2100, 0x0) ioctl$auto(r6, 0x8000451a, r6) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x48080, 0x0) fcntl$auto(0x3, 0x4, 0xa553) (async) fcntl$auto(0x3, 0x4, 0xa553) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/handlers\x00', 0xc00, 0x0) 1.808094275s ago: executing program 4 (id=3543): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mtdblock0\x00', 0x14f642, 0x0) readahead$auto(r0, 0x7ff, 0x9) write$auto(0x3, 0x0, 0x7ffffff4) 772.125608ms ago: executing program 1 (id=3544): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f0000000040)={[0x100000001ff, 0x8, 0x3, 0x8fd6, 0x4, 0x3, 0x15f4da0a, 0x3, 0x5, 0x62, 0x1, 0x5, 0x6, 0x9, 0x5, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(r2, &(0x7f0000000000)='./cgroup/memory.pressure\x00', 0x6bc, 0x5) readahead$auto(r2, 0x4, 0x4) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r3 = io_uring_setup$auto(0x6, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x101803, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(r4, 0xc1205531, r3) sysfs$auto(0x5, 0x100000074e, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0x3, 0x8000401) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) r5 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r5) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) 763.213404ms ago: executing program 0 (id=3552): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe0a00, 0x0) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x101000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) (fail_nth: 2) 741.600902ms ago: executing program 4 (id=3545): unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x1f40) stat$auto(0x0, &(0x7f0000000380)={0x3, 0x3, 0x6, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0xa, 0xff, 0x100, 0x401, 0x5f57, 0x80000000, 0xaa}) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x0, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) getsockopt$auto_SO_PASSCRED(0xffffffffffffffff, 0x1, 0x10, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20048801) ioperm$auto(0x400000ffff, 0xe, 0x1) syz_genetlink_get_family_id$auto_taskstats(0x0, 0xffffffffffffffff) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) pread64$auto(0xffffffffffffffff, 0x0, 0xe, 0x100000000007) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00'}) statmount$auto(0x0, 0x0, 0xfffff7fffffffffa, 0x81) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) io_setup$auto(0xffff, &(0x7f0000000580)) r4 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_proc_page_owner_operations_page_owner(r4, &(0x7f0000002080)=""/4096, 0x1000) write$auto(0x3, 0x0, 0xfffffdef) r5 = socket$nl_generic(0x11, 0x3, 0x10) bind$auto(r5, &(0x7f0000000200)=@generic={0x11, "0000100000000000929e006300"}, 0x80) 0s ago: executing program 0 (id=3546): mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(&(0x7f0000000280)='TIPCv2\x00', 0x6, 0x4) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/ptywb\x00', 0x101f81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x2d, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x800) r1 = bpf$auto(0x7, &(0x7f00000001c0)=@test={r0, 0x10004, 0xfffffffc, 0x0, 0x106, 0x0, 0x0, 0xbff, 0x10000, 0x10, 0x0, 0x4, 0x7, 0x2, 0xfffefffe}, 0x1) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) timer_create$auto(0x8, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x7ffd, 0x30d}, {0x7, 0x4}}, 0x0) socket(0x10, 0x2, 0xc) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0xce, 0xe3, 0xffffffffffffffff}]}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x10, 0x2, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(r6, &(0x7f0000002540)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002580)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="151f2cbd7000fbdbdf2516000000100001800c00017f08002500", @ANYRES32=0x0, @ANYBLOB], 0x24}, 0x1, 0x9eff, 0x0, 0xc000}, 0x20000080) bpf$auto(0xff, &(0x7f00000004c0)=@link_update={r4, @new_map_fd=r0, 0xc2, @old_map_fd=r1}, 0x3fc) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='f\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, &(0x7f0000000300)="7ecbd7349b0000000000000005e80c9e35627185b241b4504b28390700017e6dfaae91d371c860a358e0689a5904a628742c9e8253dca3ca45c05fe70d3a6a55f7b5db34d4882022faf7992d48f3936178cca05bb69a9fc09ea48e4e6c3f6c8837960000ac431a4698be1e4588afece3864eb5b47e2d9234c5cc5202548cd59617a94173740ebf296db9188f9d271718", 0x7, 0xa505}, 0x803}, 0x4, 0x8) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) kernel console output (not intermixed with test programs):                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  [ 889.794901][T19559] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2957'. [ 889.822896][T19559] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2957'. [ 890.101460][T19571] netlink: 'syz.0.2964': attribute type 8 has an invalid length. [ 891.191075][T19589] netlink: 'syz.1.2969': attribute type 11 has an invalid length. [ 891.234844][T19589] netlink: 'syz.1.2969': attribute type 11 has an invalid length. [ 891.270861][T19589] netlink: 'syz.1.2969': attribute type 11 has an invalid length. [ 891.319136][T19589] netlink: 'syz.1.2969': attribute type 11 has an invalid length. [ 891.913263][ T5156] Bluetooth: hci5: unexpected event 0x1d length: 10 > 5 [ 893.359622][T19639] netlink: 334 bytes leftover after parsing attributes in process `syz.1.2978'. [ 894.437482][T19668] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input64 [ 894.740458][T19670] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input65 [ 894.809924][T19677] loop6: detected capacity change from 0 to 8192 [ 897.087412][T19727] FAULT_INJECTION: forcing a failure. [ 897.087412][T19727] name failslab, interval 1, probability 0, space 0, times 0 [ 897.147592][T19727] CPU: 0 UID: 0 PID: 19727 Comm: syz.4.2992 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 897.147649][T19727] Tainted: [I]=FIRMWARE_WORKAROUND [ 897.147662][T19727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 897.147683][T19727] Call Trace: [ 897.147694][T19727] [ 897.147707][T19727] dump_stack_lvl+0x16c/0x1f0 [ 897.147765][T19727] should_fail_ex+0x512/0x640 [ 897.147819][T19727] ? tomoyo_encode2+0x100/0x3e0 [ 897.147864][T19727] should_failslab+0xc2/0x120 [ 897.147896][T19727] __kmalloc_noprof+0xd2/0x510 [ 897.147945][T19727] ? d_absolute_path+0x136/0x1a0 [ 897.147982][T19727] tomoyo_encode2+0x100/0x3e0 [ 897.148030][T19727] tomoyo_encode+0x29/0x50 [ 897.148072][T19727] tomoyo_realpath_from_path+0x18f/0x6e0 [ 897.148127][T19727] tomoyo_path_number_perm+0x245/0x580 [ 897.148166][T19727] ? tomoyo_path_number_perm+0x237/0x580 [ 897.148207][T19727] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 897.148247][T19727] ? futex_wake+0x1ad/0x530 [ 897.148309][T19727] ? rcu_is_watching+0x12/0xc0 [ 897.148343][T19727] ? __fget_files+0x204/0x3c0 [ 897.148386][T19727] ? hook_file_ioctl_common+0x145/0x410 [ 897.148422][T19727] ? lock_release+0x201/0x2f0 [ 897.148466][T19727] ? __fget_files+0x20e/0x3c0 [ 897.148525][T19727] security_file_ioctl+0x9b/0x240 [ 897.148568][T19727] __x64_sys_ioctl+0xb7/0x210 [ 897.148609][T19727] do_syscall_64+0xcd/0x490 [ 897.148641][T19727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 897.148675][T19727] RIP: 0033:0x7fe480d8e929 [ 897.148701][T19727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 897.148735][T19727] RSP: 002b:00007fe481b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 897.148767][T19727] RAX: ffffffffffffffda RBX: 00007fe480fb5fa0 RCX: 00007fe480d8e929 [ 897.148789][T19727] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000007 [ 897.148809][T19727] RBP: 00007fe480e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 897.148828][T19727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 897.148848][T19727] R13: 0000000000000000 R14: 00007fe480fb5fa0 R15: 00007fff3cb43518 [ 897.148879][T19727] [ 897.148902][T19727] ERROR: Out of memory at tomoyo_realpath_from_path. [ 897.321957][ C0] vkms_vblank_simulate: vblank timer overrun [ 903.239608][ T5156] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 904.583918][T19902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3017'. [ 904.654121][T19904] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3018'. [ 905.210209][T19915] netlink: 'syz.0.3020': attribute type 19 has an invalid length. [ 905.257911][T19915] netlink: 114 bytes leftover after parsing attributes in process `syz.0.3020'. [ 906.166186][T19936] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3025'. [ 906.234138][T19932] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3025'. [ 906.941222][T19949] zswap: compressor not available [ 908.460805][T19975] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3034'. [ 909.111602][T19989] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 909.132863][T19983] Format for linking two devices is "netnsfd_a:ifidx_a netnsfd_b:ifidx_b" (int uint int uint). [ 909.158598][T19987] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 909.165709][T19987] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 909.173343][T19987] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 909.195111][T19987] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 909.233956][T19987] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 909.266981][ T30] audit: type=1800 audit(4294967401.615:28): pid=19995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3038" name=307830303036303030300A dev="tmpfs" ino=767 res=0 errno=0 [ 909.957203][T20009] tc_dump_action: action bad kind [ 910.134722][T20011] FAULT_INJECTION: forcing a failure. [ 910.134722][T20011] name failslab, interval 1, probability 0, space 0, times 0 [ 910.159929][T20011] CPU: 1 UID: 0 PID: 20011 Comm: syz.0.3043 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 910.159983][T20011] Tainted: [I]=FIRMWARE_WORKAROUND [ 910.159998][T20011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 910.160017][T20011] Call Trace: [ 910.160028][T20011] [ 910.160040][T20011] dump_stack_lvl+0x16c/0x1f0 [ 910.160096][T20011] should_fail_ex+0x512/0x640 [ 910.160157][T20011] ? lsm_blob_alloc+0x68/0x90 [ 910.160204][T20011] should_failslab+0xc2/0x120 [ 910.160233][T20011] __kmalloc_noprof+0xd2/0x510 [ 910.160282][T20011] lsm_blob_alloc+0x68/0x90 [ 910.160330][T20011] security_sk_alloc+0x30/0x270 [ 910.160364][T20011] sk_prot_alloc+0x1c7/0x2a0 [ 910.160402][T20011] sk_alloc+0x36/0xc20 [ 910.160467][T20011] __netlink_create+0x5e/0x2c0 [ 910.160525][T20011] ? __wake_up+0x3f/0x60 [ 910.160560][T20011] netlink_create+0x39e/0x620 [ 910.160591][T20011] ? __pfx_genl_bind+0x10/0x10 [ 910.160630][T20011] ? __pfx_genl_unbind+0x10/0x10 [ 910.160670][T20011] ? __pfx_genl_release+0x10/0x10 [ 910.160714][T20011] __sock_create+0x338/0x8d0 [ 910.160757][T20011] __sys_socket+0x14d/0x260 [ 910.160795][T20011] ? lock_release+0x201/0x2f0 [ 910.160836][T20011] ? __pfx___sys_socket+0x10/0x10 [ 910.160894][T20011] ? do_user_addr_fault+0x843/0x1370 [ 910.160943][T20011] __x64_sys_socket+0x72/0xb0 [ 910.160986][T20011] do_syscall_64+0xcd/0x490 [ 910.161016][T20011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 910.161048][T20011] RIP: 0033:0x7f3f03990847 [ 910.161073][T20011] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 910.161106][T20011] RSP: 002b:00007f3f047f7fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 910.161139][T20011] RAX: ffffffffffffffda RBX: 00007f3f03bb5fa0 RCX: 00007f3f03990847 [ 910.161160][T20011] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 910.161179][T20011] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 910.161199][T20011] R10: 0000200000000180 R11: 0000000000000286 R12: 0000000000000000 [ 910.161218][T20011] R13: 0000000000000000 R14: 00007f3f03bb5fa0 R15: 00007ffce30a0f68 [ 910.161249][T20011] [ 910.751291][T20010] Process accounting paused [ 911.243224][T16667] Bluetooth: hci3: command 0x0c1a tx timeout [ 911.249353][T16236] Bluetooth: hci4: command 0x0c1a tx timeout [ 911.255806][ T5156] Bluetooth: hci5: command 0x0c1a tx timeout [ 911.313321][ T5156] Bluetooth: hci0: command 0x0c1a tx timeout [ 911.391888][T20035] block nbd7: not configured, cannot reconfigure [ 912.001040][T20038] Invalid ELF header magic: != ELF [ 913.313190][ T5156] Bluetooth: hci3: command 0x0c1a tx timeout [ 916.291649][T20094] kexec: Could not allocate control_code_buffer [ 916.499062][ T30] audit: type=1800 audit(4294967408.865:29): pid=20110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3065" name="members" dev="configfs" ino=77914 res=0 errno=0 [ 918.616205][T20135] cifs: Unknown parameter 'no+ 1`rsFn)aHāh`9kA}1\D@.ZCg^5)ܶkzM0uOOzLBkUaX`SCJzLP' [ 918.698331][T20138] WARNING! power/level is deprecated; use power/control instead [ 919.890730][T20166] random: crng reseeded on system resumption [ 919.922144][T20166] PM: hibernation: Marking nosave pages: [mem 0x00000000-0x00000fff] [ 919.964122][T20166] PM: hibernation: Marking nosave pages: [mem 0x0009f000-0x000fffff] [ 920.033215][T20166] PM: hibernation: Marking nosave pages: [mem 0xbfffd000-0xffffffff] [ 920.083253][T20166] PM: hibernation: Basic memory bitmaps created [ 920.105149][T20166] PM: hibernation: Basic memory bitmaps freed [ 922.725041][T20198] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input66 [ 923.482365][T20201] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input67 [ 924.666948][T20225] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 926.497668][T20259] netlink: Conntrack attr has 4 unknown bytes [ 928.024545][T20287] block nbd7: not configured, cannot reconfigure [ 934.736157][T20376] netlink: 186 bytes leftover after parsing attributes in process `syz.4.3125'. [ 936.615523][T20416] FAULT_INJECTION: forcing a failure. [ 936.615523][T20416] name failslab, interval 1, probability 0, space 0, times 0 [ 936.628693][T20416] CPU: 1 UID: 0 PID: 20416 Comm: syz.1.3134 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 936.628744][T20416] Tainted: [I]=FIRMWARE_WORKAROUND [ 936.628757][T20416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 936.628778][T20416] Call Trace: [ 936.628788][T20416] [ 936.628801][T20416] dump_stack_lvl+0x16c/0x1f0 [ 936.628859][T20416] should_fail_ex+0x512/0x640 [ 936.628911][T20416] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 936.628959][T20416] should_failslab+0xc2/0x120 [ 936.628991][T20416] __kmalloc_noprof+0xd2/0x510 [ 936.629042][T20416] tomoyo_realpath_from_path+0xc2/0x6e0 [ 936.629090][T20416] ? tomoyo_profile+0x47/0x60 [ 936.629143][T20416] tomoyo_path_number_perm+0x245/0x580 [ 936.629180][T20416] ? tomoyo_path_number_perm+0x237/0x580 [ 936.629220][T20416] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 936.629258][T20416] ? futex_wake+0x1ad/0x530 [ 936.629320][T20416] ? kmem_cache_free+0x2d1/0x4d0 [ 936.629376][T20416] ? rcu_is_watching+0x12/0xc0 [ 936.629409][T20416] ? __fget_files+0x204/0x3c0 [ 936.629453][T20416] ? hook_file_ioctl_common+0x145/0x410 [ 936.629489][T20416] ? lock_release+0x201/0x2f0 [ 936.629532][T20416] ? __fget_files+0x20e/0x3c0 [ 936.629578][T20416] security_file_ioctl+0x9b/0x240 [ 936.629619][T20416] __x64_sys_ioctl+0xb7/0x210 [ 936.629657][T20416] do_syscall_64+0xcd/0x490 [ 936.629689][T20416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 936.629724][T20416] RIP: 0033:0x7f072cb8e929 [ 936.629750][T20416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 936.629784][T20416] RSP: 002b:00007f072dac5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 936.629816][T20416] RAX: ffffffffffffffda RBX: 00007f072cdb5fa0 RCX: 00007f072cb8e929 [ 936.629838][T20416] RDX: 0000000000000001 RSI: 0000000000004b2f RDI: 0000000000000008 [ 936.629857][T20416] RBP: 00007f072cc10b39 R08: 0000000000000000 R09: 0000000000000000 [ 936.629877][T20416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 936.629896][T20416] R13: 0000000000000000 R14: 00007f072cdb5fa0 R15: 00007ffd6fd85c98 [ 936.629927][T20416] [ 936.629941][T20416] ERROR: Out of memory at tomoyo_realpath_from_path. [ 937.515027][T20424] Invalid ELF header magic: != ELF [ 939.060460][T20453] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3143'. [ 940.205185][T20482] block nbd7: not configured, cannot reconfigure [ 941.264226][T20491] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 941.270419][T20491] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 941.456369][T20491] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 941.717821][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 941.725054][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 941.768179][T20491] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 941.916003][T20336] Process accounting resumed [ 943.271650][T20507] CIFS mount error: No usable UNC path provided in device string! [ 943.271650][T20507] [ 943.285149][T20507] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 943.315299][ T5156] Bluetooth: hci3: command 0x0c1a tx timeout [ 943.321485][ T5156] Bluetooth: hci4: command 0x0c1a tx timeout [ 943.485518][ T5156] Bluetooth: hci5: command 0x0c1a tx timeout [ 943.796060][ T5156] Bluetooth: hci0: command 0x0c1a tx timeout [ 943.925995][T20520] Process accounting resumed [ 944.416815][T20526] vivid-003: ================= START STATUS ================= [ 944.485994][T20526] vivid-003: Radio HW Seek Mode: Bounded [ 944.491932][T20526] vivid-003: Radio Programmable HW Seek: false [ 944.651726][T20526] vivid-003: RDS Rx I/O Mode: Block I/O [ 944.707314][T20526] vivid-003: Generate RBDS Instead of RDS: false [ 944.836372][T20526] vivid-003: RDS Reception: true [ 944.943915][T20526] vivid-003: RDS Program Type: 0 inactive [ 945.019968][T20526] vivid-003: RDS PS Name: inactive [ 945.066366][T20526] vivid-003: RDS Radio Text: inactive [ 945.071966][T20526] vivid-003: RDS Traffic Announcement: false inactive [ 945.156871][T20526] vivid-003: RDS Traffic Program: false inactive [ 945.183095][T20526] vivid-003: RDS Music: false inactive [ 945.189478][T20526] vivid-003: ================== END STATUS ================== [ 945.650119][T20534] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3160'. [ 949.674083][T20569] netlink: 504 bytes leftover after parsing attributes in process `syz.1.3168'. [ 950.585351][T20581] could not allocate digest TFM handle [ 950.880078][T20581] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3169'. [ 956.067795][T20637] netlink: 504 bytes leftover after parsing attributes in process `syz.2.3180'. [ 956.396415][T20647] could not allocate digest TFM handle [ 956.743841][T20645] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3183'. [ 957.861857][T20665] caif:caif_disconnect_client(): nothing to disconnect [ 963.662044][T20741] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 963.738842][T20741] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 963.745062][T20741] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 963.751750][T20741] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 965.538883][T20724] ptrace attach of "./syz-executor exec"[18662] was attempted by "./syz-executor exec"[20724] [ 965.726499][ T5156] Bluetooth: hci4: command 0x0c1a tx timeout [ 965.806680][ T5156] Bluetooth: hci0: command 0x0c1a tx timeout [ 965.812950][T16236] Bluetooth: hci5: command 0x0c1a tx timeout [ 965.812960][T16667] Bluetooth: hci3: command 0x0c1a tx timeout [ 966.220190][T20758] vcan0: tx drop: invalid da for name 0x000000000000003f [ 967.205267][T20781] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3214'. [ 968.484167][T20779] CIFS mount error: No usable UNC path provided in device string! [ 968.484167][T20779] [ 968.498334][T20779] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 968.733290][T20793] program syz.4.3217 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 971.810783][T20828] could not allocate digest TFM handle [ 972.211417][T20824] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3231'. [ 972.447497][T20833] Process accounting paused [ 974.363383][T20848] Process accounting paused [ 974.733888][T20857] CIFS mount error: No usable UNC path provided in device string! [ 974.733888][T20857] [ 974.754304][T20857] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 974.805851][T20844] ptrace attach of "./syz-executor exec"[17333] was attempted by "./syz-executor exec"[20844] [ 983.947297][T20943] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3249'. [ 983.998842][T20943] netlink: 302 bytes leftover after parsing attributes in process `syz.1.3249'. [ 991.314725][T21009] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3266'. [ 993.585215][T21025] could not allocate digest TFM handle [ 993.816104][T21037] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3274'. [ 993.920012][T21037] bond0: (slave bond_slave_0): Releasing backup interface [ 994.587231][T21047] could not allocate digest TFM handle [ 998.207304][T21085] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3287'. [ 999.102150][T21099] could not allocate digest TFM handle [ 1000.400725][T21129] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3300'. [ 1002.137303][T21151] netlink: 504 bytes leftover after parsing attributes in process `syz.4.3302'. [ 1002.147169][T21146] could not allocate digest TFM handle [ 1002.521495][T21141] Process accounting resumed [ 1003.191693][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.198304][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1003.690828][T21175] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3312'. [ 1004.658517][T21170] Process accounting resumed [ 1005.959633][T21197] netlink: 'syz.0.3319': attribute type 13 has an invalid length. [ 1006.330802][T21208] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3323'. [ 1006.341160][T21208] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3323'. [ 1009.319658][T21232] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3337'. [ 1011.658482][T21252] could not allocate digest TFM handle binfmt_misc [ 1014.718006][T21290] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3342'. [ 1014.727958][T21290] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3342'. [ 1017.026680][T21319] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3350'. [ 1017.125093][T21322] could not allocate digest TFM handle [ 1017.337613][T21328] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3352'. [ 1017.351334][T21328] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3352'. [ 1017.416393][T21330] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3353'. [ 1019.861740][T21365] block nbd7: not configured, cannot reconfigure [ 1020.299170][T21372] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3364'. [ 1020.456632][T21372] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3364'. [ 1023.660665][T21405] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3375'. [ 1023.670985][T21405] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3375'. [ 1024.418961][T21414] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3378'. [ 1024.751213][T21415] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3379'. [ 1024.801675][T21416] could not allocate digest TFM handle [ 1025.113276][T21430] FAULT_INJECTION: forcing a failure. [ 1025.113276][T21430] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.181044][T21430] CPU: 1 UID: 0 PID: 21430 Comm: syz.4.3383 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1025.181097][T21430] Tainted: [I]=FIRMWARE_WORKAROUND [ 1025.181110][T21430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1025.181130][T21430] Call Trace: [ 1025.181141][T21430] [ 1025.181153][T21430] dump_stack_lvl+0x16c/0x1f0 [ 1025.181216][T21430] should_fail_ex+0x512/0x640 [ 1025.181267][T21430] should_failslab+0xc2/0x120 [ 1025.181297][T21430] __kmalloc_cache_node_noprof+0x6d/0x420 [ 1025.181344][T21430] ? __alloc_workqueue+0x694/0x1810 [ 1025.181387][T21430] __alloc_workqueue+0x694/0x1810 [ 1025.181433][T21430] alloc_workqueue+0xd2/0x200 [ 1025.181482][T21430] ? __pfx_alloc_workqueue+0x10/0x10 [ 1025.181520][T21430] ? rcu_is_watching+0x12/0xc0 [ 1025.181551][T21430] ? __kmalloc_noprof+0x242/0x510 [ 1025.181594][T21430] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1025.181643][T21430] ieee80211_register_hw+0x1e92/0x4140 [ 1025.181683][T21430] ? __debug_object_init+0x221/0x3d0 [ 1025.181720][T21430] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1025.181758][T21430] ? net_generic+0xea/0x2a0 [ 1025.181794][T21430] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1025.181840][T21430] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1025.181875][T21430] ? __hrtimer_setup+0x176/0x280 [ 1025.181922][T21430] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 1025.181979][T21430] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1025.182032][T21430] hwsim_new_radio_nl+0xb51/0x12c0 [ 1025.182079][T21430] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1025.182130][T21430] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1025.182183][T21430] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1025.182232][T21430] genl_family_rcv_msg_doit+0x206/0x2f0 [ 1025.182275][T21430] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1025.182318][T21430] ? trace_cap_capable+0x18d/0x200 [ 1025.182353][T21430] ? bpf_lsm_capable+0x9/0x10 [ 1025.182390][T21430] ? security_capable+0x7e/0x260 [ 1025.182420][T21430] ? ns_capable+0xd7/0x110 [ 1025.182451][T21430] genl_rcv_msg+0x55c/0x800 [ 1025.182503][T21430] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1025.182541][T21430] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1025.182589][T21430] netlink_rcv_skb+0x155/0x420 [ 1025.182622][T21430] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1025.182660][T21430] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1025.182700][T21430] ? netlink_deliver_tap+0x1ae/0xd30 [ 1025.182732][T21430] genl_rcv+0x28/0x40 [ 1025.182764][T21430] netlink_unicast+0x53d/0x7f0 [ 1025.182798][T21430] ? __pfx_netlink_unicast+0x10/0x10 [ 1025.182852][T21430] netlink_sendmsg+0x8d1/0xdd0 [ 1025.182889][T21430] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1025.182932][T21430] ____sys_sendmsg+0xa95/0xc70 [ 1025.182970][T21430] ? copy_msghdr_from_user+0x10a/0x160 [ 1025.183018][T21430] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1025.183060][T21430] ? __pfx_futex_wake_mark+0x10/0x10 [ 1025.183106][T21430] ___sys_sendmsg+0x134/0x1d0 [ 1025.183154][T21430] ? __pfx____sys_sendmsg+0x10/0x10 [ 1025.183218][T21430] ? rcu_is_watching+0x12/0xc0 [ 1025.183261][T21430] __sys_sendmsg+0x16d/0x220 [ 1025.183289][T21430] ? __pfx___sys_sendmsg+0x10/0x10 [ 1025.183316][T21430] ? __x64_sys_futex+0x1e0/0x4c0 [ 1025.183363][T21430] do_syscall_64+0xcd/0x490 [ 1025.183393][T21430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1025.183425][T21430] RIP: 0033:0x7fe480d8e929 [ 1025.183450][T21430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1025.183481][T21430] RSP: 002b:00007fe481b87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1025.183510][T21430] RAX: ffffffffffffffda RBX: 00007fe480fb5fa0 RCX: 00007fe480d8e929 [ 1025.183530][T21430] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006 [ 1025.183550][T21430] RBP: 00007fe480e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1025.183569][T21430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1025.183587][T21430] R13: 0000000000000000 R14: 00007fe480fb5fa0 R15: 00007fff3cb43518 [ 1025.183615][T21430] [ 1026.239065][T21440] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3386'. [ 1026.302673][T21438] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3386'. [ 1027.504757][T21449] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3389'. [ 1028.450654][T21458] could not allocate digest TFM handle [ 1028.499301][T21454] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3392'. [ 1029.461405][T21478] FAULT_INJECTION: forcing a failure. [ 1029.461405][T21478] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1029.529723][T21478] CPU: 1 UID: 0 PID: 21478 Comm: syz.0.3399 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1029.529794][T21478] Tainted: [I]=FIRMWARE_WORKAROUND [ 1029.529807][T21478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1029.529826][T21478] Call Trace: [ 1029.529843][T21478] [ 1029.529857][T21478] dump_stack_lvl+0x16c/0x1f0 [ 1029.529909][T21478] should_fail_ex+0x512/0x640 [ 1029.529957][T21478] _copy_from_user+0x2e/0xd0 [ 1029.530006][T21478] copy_msghdr_from_user+0x98/0x160 [ 1029.530055][T21478] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1029.530110][T21478] ? __pfx__kstrtoull+0x10/0x10 [ 1029.530148][T21478] ? aa_file_perm+0x4c7/0xfb0 [ 1029.530192][T21478] ___sys_sendmsg+0xfe/0x1d0 [ 1029.530242][T21478] ? __pfx____sys_sendmsg+0x10/0x10 [ 1029.530299][T21478] ? rcu_is_watching+0x12/0xc0 [ 1029.530338][T21478] ? proc_fail_nth_write+0x9f/0x250 [ 1029.530379][T21478] __sys_sendmmsg+0x200/0x420 [ 1029.530411][T21478] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1029.530446][T21478] ? do_sys_openat2+0x157/0x1d0 [ 1029.530480][T21478] ? __pfx_do_sys_openat2+0x10/0x10 [ 1029.530524][T21478] ? ksys_write+0x1ac/0x250 [ 1029.530567][T21478] ? __pfx_ksys_write+0x10/0x10 [ 1029.530616][T21478] __x64_sys_sendmmsg+0x9c/0x100 [ 1029.530645][T21478] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1029.530695][T21478] do_syscall_64+0xcd/0x490 [ 1029.530732][T21478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1029.530764][T21478] RIP: 0033:0x7f3f0398e929 [ 1029.530787][T21478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1029.530819][T21478] RSP: 002b:00007f3f047f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1029.530856][T21478] RAX: ffffffffffffffda RBX: 00007f3f03bb5fa0 RCX: 00007f3f0398e929 [ 1029.530878][T21478] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1029.530898][T21478] RBP: 00007f3f047f9090 R08: 0000000000000000 R09: 0000000000000000 [ 1029.530917][T21478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1029.530948][T21478] R13: 0000000000000000 R14: 00007f3f03bb5fa0 R15: 00007ffce30a0f68 [ 1029.530977][T21478] [ 1030.248687][T21488] FAULT_INJECTION: forcing a failure. [ 1030.248687][T21488] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.268635][T21488] CPU: 1 UID: 0 PID: 21488 Comm: syz.0.3400 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1030.268690][T21488] Tainted: [I]=FIRMWARE_WORKAROUND [ 1030.268704][T21488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1030.268724][T21488] Call Trace: [ 1030.268735][T21488] [ 1030.268748][T21488] dump_stack_lvl+0x16c/0x1f0 [ 1030.268804][T21488] should_fail_ex+0x512/0x640 [ 1030.268867][T21488] should_failslab+0xc2/0x120 [ 1030.268897][T21488] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1030.268942][T21488] ? apply_wqattrs_prepare+0x130/0xbd0 [ 1030.268978][T21488] apply_wqattrs_prepare+0x130/0xbd0 [ 1030.269018][T21488] apply_workqueue_attrs_locked+0x64/0xe0 [ 1030.269053][T21488] __alloc_workqueue+0xf41/0x1810 [ 1030.269094][T21488] alloc_workqueue+0xd2/0x200 [ 1030.269126][T21488] ? __pfx_alloc_workqueue+0x10/0x10 [ 1030.269163][T21488] ? rcu_is_watching+0x12/0xc0 [ 1030.269189][T21488] ? __kmalloc_noprof+0x242/0x510 [ 1030.269228][T21488] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1030.269272][T21488] ieee80211_register_hw+0x1e92/0x4140 [ 1030.269307][T21488] ? __debug_object_init+0x221/0x3d0 [ 1030.269341][T21488] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 1030.269376][T21488] ? net_generic+0xea/0x2a0 [ 1030.269410][T21488] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1030.269452][T21488] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 1030.269485][T21488] ? __hrtimer_setup+0x176/0x280 [ 1030.269527][T21488] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 1030.269579][T21488] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1030.269627][T21488] hwsim_new_radio_nl+0xb51/0x12c0 [ 1030.269691][T21488] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1030.269738][T21488] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1030.269781][T21488] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1030.269825][T21488] genl_family_rcv_msg_doit+0x206/0x2f0 [ 1030.269869][T21488] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1030.269907][T21488] ? trace_cap_capable+0x18d/0x200 [ 1030.269937][T21488] ? bpf_lsm_capable+0x9/0x10 [ 1030.269972][T21488] ? security_capable+0x7e/0x260 [ 1030.269997][T21488] ? ns_capable+0xd7/0x110 [ 1030.270025][T21488] genl_rcv_msg+0x55c/0x800 [ 1030.270063][T21488] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1030.270101][T21488] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1030.270149][T21488] netlink_rcv_skb+0x155/0x420 [ 1030.270180][T21488] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1030.270218][T21488] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1030.270257][T21488] ? netlink_deliver_tap+0x1ae/0xd30 [ 1030.270288][T21488] genl_rcv+0x28/0x40 [ 1030.270320][T21488] netlink_unicast+0x53d/0x7f0 [ 1030.270353][T21488] ? __pfx_netlink_unicast+0x10/0x10 [ 1030.270390][T21488] netlink_sendmsg+0x8d1/0xdd0 [ 1030.270424][T21488] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1030.270462][T21488] ____sys_sendmsg+0xa95/0xc70 [ 1030.270495][T21488] ? copy_msghdr_from_user+0x10a/0x160 [ 1030.270539][T21488] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1030.270576][T21488] ? __pfx_futex_wake_mark+0x10/0x10 [ 1030.270616][T21488] ___sys_sendmsg+0x134/0x1d0 [ 1030.270660][T21488] ? __pfx____sys_sendmsg+0x10/0x10 [ 1030.270712][T21488] ? rcu_is_watching+0x12/0xc0 [ 1030.270751][T21488] __sys_sendmsg+0x16d/0x220 [ 1030.270775][T21488] ? __pfx___sys_sendmsg+0x10/0x10 [ 1030.270801][T21488] ? __x64_sys_futex+0x1e0/0x4c0 [ 1030.270850][T21488] do_syscall_64+0xcd/0x490 [ 1030.270889][T21488] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.270918][T21488] RIP: 0033:0x7f3f0398e929 [ 1030.270939][T21488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1030.270966][T21488] RSP: 002b:00007f3f047f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1030.270993][T21488] RAX: ffffffffffffffda RBX: 00007f3f03bb5fa0 RCX: 00007f3f0398e929 [ 1030.271011][T21488] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000006 [ 1030.271029][T21488] RBP: 00007f3f03a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1030.271046][T21488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1030.271064][T21488] R13: 0000000000000000 R14: 00007f3f03bb5fa0 R15: 00007ffce30a0f68 [ 1030.271090][T21488] [ 1032.517836][T21499] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3401'. [ 1032.560709][T21499] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3401'. [ 1032.631294][T21504] Process accounting paused [ 1033.277452][T21518] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3406'. [ 1033.397608][T21521] could not allocate digest TFM handle [ 1034.050693][T16236] Bluetooth: hci5: unexpected event 0x02 length: 726 > 260 [ 1034.953300][T21536] Process accounting paused [ 1035.741518][T21555] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3418'. [ 1036.190810][T21564] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69 [ 1036.569925][T21566] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70 [ 1037.355840][T21580] FAULT_INJECTION: forcing a failure. [ 1037.355840][T21580] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.432362][T21580] CPU: 1 UID: 0 PID: 21580 Comm: syz.4.3423 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1037.432411][T21580] Tainted: [I]=FIRMWARE_WORKAROUND [ 1037.432423][T21580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1037.432485][T21580] Call Trace: [ 1037.432495][T21580] [ 1037.432506][T21580] dump_stack_lvl+0x16c/0x1f0 [ 1037.432557][T21580] should_fail_ex+0x512/0x640 [ 1037.432605][T21580] ? __blkdev_direct_IO_simple+0x691/0x850 [ 1037.432651][T21580] should_failslab+0xc2/0x120 [ 1037.432681][T21580] __kmalloc_noprof+0xd2/0x510 [ 1037.432724][T21580] ? mlock_drain_local+0x24c/0x4f0 [ 1037.432773][T21580] __blkdev_direct_IO_simple+0x691/0x850 [ 1037.432825][T21580] ? __pfx___blkdev_direct_IO_simple+0x10/0x10 [ 1037.432892][T21580] ? iov_iter_is_aligned+0xf2/0x5a0 [ 1037.432938][T21580] ? iov_iter_npages+0xf0/0x5a0 [ 1037.432985][T21580] blkdev_direct_IO+0xc3e/0x1ff0 [ 1037.433040][T21580] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 1037.433085][T21580] ? rcu_is_watching+0x12/0xc0 [ 1037.433116][T21580] ? filemap_check_errors+0xa9/0x160 [ 1037.433159][T21580] blkdev_write_iter+0x6fd/0xdf0 [ 1037.433208][T21580] vfs_write+0x6c4/0x1150 [ 1037.433251][T21580] ? __pfx_blkdev_write_iter+0x10/0x10 [ 1037.433298][T21580] ? __pfx_vfs_write+0x10/0x10 [ 1037.433341][T21580] ? lock_release+0x201/0x2f0 [ 1037.433390][T21580] ksys_write+0x12a/0x250 [ 1037.433429][T21580] ? __pfx_ksys_write+0x10/0x10 [ 1037.433486][T21580] do_syscall_64+0xcd/0x490 [ 1037.433516][T21580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1037.433547][T21580] RIP: 0033:0x7fe480d8e929 [ 1037.433572][T21580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1037.433604][T21580] RSP: 002b:00007fe481b87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1037.433633][T21580] RAX: ffffffffffffffda RBX: 00007fe480fb5fa0 RCX: 00007fe480d8e929 [ 1037.433654][T21580] RDX: 000000007fffffff RSI: 0000000000000000 RDI: 0000000000000003 [ 1037.433673][T21580] RBP: 00007fe481b87090 R08: 0000000000000000 R09: 0000000000000000 [ 1037.433691][T21580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1037.433711][T21580] R13: 0000000000000000 R14: 00007fe480fb5fa0 R15: 00007fff3cb43518 [ 1037.433741][T21580] [ 1038.622507][T21591] FAULT_INJECTION: forcing a failure. [ 1038.622507][T21591] name failslab, interval 1, probability 0, space 0, times 0 [ 1038.662963][T21591] CPU: 0 UID: 0 PID: 21591 Comm: syz.0.3427 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1038.663014][T21591] Tainted: [I]=FIRMWARE_WORKAROUND [ 1038.663026][T21591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1038.663045][T21591] Call Trace: [ 1038.663056][T21591] [ 1038.663067][T21591] dump_stack_lvl+0x16c/0x1f0 [ 1038.663120][T21591] should_fail_ex+0x512/0x640 [ 1038.663168][T21591] should_failslab+0xc2/0x120 [ 1038.663198][T21591] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 1038.663245][T21591] ? __alloc_skb+0x2b2/0x380 [ 1038.663294][T21591] __alloc_skb+0x2b2/0x380 [ 1038.663339][T21591] ? __pfx___alloc_skb+0x10/0x10 [ 1038.663388][T21591] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 1038.663428][T21591] netlink_alloc_large_skb+0x69/0x130 [ 1038.663465][T21591] netlink_sendmsg+0x6a1/0xdd0 [ 1038.663505][T21591] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1038.663548][T21591] ____sys_sendmsg+0xa95/0xc70 [ 1038.663600][T21591] ? copy_msghdr_from_user+0x10a/0x160 [ 1038.663649][T21591] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1038.663691][T21591] ? __pfx__kstrtoull+0x10/0x10 [ 1038.663731][T21591] ? aa_file_perm+0x4c7/0xfb0 [ 1038.663775][T21591] ___sys_sendmsg+0x134/0x1d0 [ 1038.663826][T21591] ? __pfx____sys_sendmsg+0x10/0x10 [ 1038.663882][T21591] ? rcu_is_watching+0x12/0xc0 [ 1038.663922][T21591] ? proc_fail_nth_write+0x9f/0x250 [ 1038.663962][T21591] __sys_sendmmsg+0x200/0x420 [ 1038.663994][T21591] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1038.664028][T21591] ? do_sys_openat2+0x157/0x1d0 [ 1038.664061][T21591] ? __pfx_do_sys_openat2+0x10/0x10 [ 1038.664103][T21591] ? ksys_write+0x1ac/0x250 [ 1038.664145][T21591] ? __pfx_ksys_write+0x10/0x10 [ 1038.664192][T21591] __x64_sys_sendmmsg+0x9c/0x100 [ 1038.664221][T21591] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 1038.664271][T21591] do_syscall_64+0xcd/0x490 [ 1038.664302][T21591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1038.664335][T21591] RIP: 0033:0x7f3f0398e929 [ 1038.664360][T21591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1038.664391][T21591] RSP: 002b:00007f3f047f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1038.664419][T21591] RAX: ffffffffffffffda RBX: 00007f3f03bb5fa0 RCX: 00007f3f0398e929 [ 1038.664439][T21591] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1038.664457][T21591] RBP: 00007f3f047f9090 R08: 0000000000000000 R09: 0000000000000000 [ 1038.664475][T21591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1038.664492][T21591] R13: 0000000000000000 R14: 00007f3f03bb5fa0 R15: 00007ffce30a0f68 [ 1038.664520][T21591] [ 1038.977985][T21588] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3426'. [ 1039.301102][T21592] could not allocate digest TFM handle [ 1039.586182][ T30] audit: type=1804 audit(4294968435.405:30): pid=21586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.3425" name="/newroot/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw" dev="tracefs" ino=1193 res=1 errno=0 [ 1039.971783][T21607] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3431'. [ 1041.773531][T21617] base_sock_release(ffff88807b742400) sk=ffff88802b39d000 [ 1041.875909][T21624] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3438'. [ 1042.119756][T21628] could not allocate digest TFM handle [ 1043.042533][T21651] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3445'. [ 1043.466970][T21656] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3446'. [ 1045.427244][T16236] Bluetooth: hci4: unexpected event 0x1d length: 10 > 5 [ 1046.757035][T21702] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3458'. [ 1047.649039][T21714] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3471'. [ 1047.961489][T21726] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input72 [ 1048.346592][T21728] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input73 [ 1048.400173][T21736] FAULT_INJECTION: forcing a failure. [ 1048.400173][T21736] name failslab, interval 1, probability 0, space 0, times 0 [ 1048.459586][T21736] CPU: 1 UID: 0 PID: 21736 Comm: syz.0.3470 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1048.459637][T21736] Tainted: [I]=FIRMWARE_WORKAROUND [ 1048.459651][T21736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1048.459669][T21736] Call Trace: [ 1048.459679][T21736] [ 1048.459691][T21736] dump_stack_lvl+0x16c/0x1f0 [ 1048.459741][T21736] should_fail_ex+0x512/0x640 [ 1048.459796][T21736] should_failslab+0xc2/0x120 [ 1048.459825][T21736] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1048.459880][T21736] ? rcu_is_watching+0x12/0xc0 [ 1048.459911][T21736] ? vm_area_dup+0x27/0x8d0 [ 1048.459953][T21736] vm_area_dup+0x27/0x8d0 [ 1048.459991][T21736] __split_vma+0x18e/0x1070 [ 1048.460037][T21736] ? __pfx___split_vma+0x10/0x10 [ 1048.460080][T21736] ? rcu_is_watching+0x12/0xc0 [ 1048.460113][T21736] ? process_measurement+0x4a6/0x23e0 [ 1048.460159][T21736] ? rcu_is_watching+0x12/0xc0 [ 1048.460188][T21736] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1048.460236][T21736] vms_gather_munmap_vmas+0x1c2/0x1310 [ 1048.460283][T21736] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1048.460329][T21736] ? mas_walk+0x6a6/0x910 [ 1048.460381][T21736] __mmap_region+0x3c7/0x25e0 [ 1048.460429][T21736] ? __pfx___mmap_region+0x10/0x10 [ 1048.460478][T21736] ? rcu_is_watching+0x12/0xc0 [ 1048.460508][T21736] ? lock_release+0x201/0x2f0 [ 1048.460547][T21736] ? bpf_ksym_find+0x124/0x1c0 [ 1048.460579][T21736] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1048.460614][T21736] ? is_bpf_text_address+0x94/0x1a0 [ 1048.460657][T21736] ? kernel_text_address+0x8d/0x100 [ 1048.460705][T21736] ? __kernel_text_address+0xd/0x40 [ 1048.460750][T21736] ? unwind_get_return_address+0x59/0xa0 [ 1048.460798][T21736] ? arch_stack_walk+0xa6/0x100 [ 1048.460883][T21736] ? rcu_is_watching+0x12/0xc0 [ 1048.460914][T21736] ? trace_cap_capable+0x18d/0x200 [ 1048.460949][T21736] mmap_region+0x1ab/0x3f0 [ 1048.461000][T21736] do_mmap+0xa3e/0x1210 [ 1048.461038][T21736] ? __pfx_do_mmap+0x10/0x10 [ 1048.461071][T21736] ? __pfx_down_write_killable+0x10/0x10 [ 1048.461110][T21736] vm_mmap_pgoff+0x281/0x450 [ 1048.461144][T21736] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1048.461176][T21736] ? lock_release+0x201/0x2f0 [ 1048.461217][T21736] ? __fget_files+0x20e/0x3c0 [ 1048.461262][T21736] ksys_mmap_pgoff+0x32c/0x5c0 [ 1048.461295][T21736] ? __pfx_ksys_write+0x10/0x10 [ 1048.461340][T21736] __x64_sys_mmap+0x125/0x190 [ 1048.461386][T21736] do_syscall_64+0xcd/0x490 [ 1048.461416][T21736] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1048.461447][T21736] RIP: 0033:0x7f3f0398e929 [ 1048.461471][T21736] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1048.461503][T21736] RSP: 002b:00007f3f047f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1048.461533][T21736] RAX: ffffffffffffffda RBX: 00007f3f03bb5fa0 RCX: 00007f3f0398e929 [ 1048.461555][T21736] RDX: 0000000000000001 RSI: 0000000000004000 RDI: 0000200000ffc000 [ 1048.461575][T21736] RBP: 00007f3f047f9090 R08: 0000000000000003 R09: 0000000000000000 [ 1048.461595][T21736] R10: 000000000008e051 R11: 0000000000000246 R12: 0000000000000001 [ 1048.461614][T21736] R13: 0000000000000000 R14: 00007f3f03bb5fa0 R15: 00007ffce30a0f68 [ 1048.461644][T21736] [ 1048.780628][ C1] vkms_vblank_simulate: vblank timer overrun [ 1049.757487][T21748] netlink: 'syz.4.3475': attribute type 19 has an invalid length. [ 1049.765496][T21748] netlink: 114 bytes leftover after parsing attributes in process `syz.4.3475'. [ 1050.063344][T21751] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3474'. [ 1050.173960][T21753] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3476'. [ 1050.222062][T21746] could not allocate digest TFM handle [ 1050.924408][T21764] tc_dump_action: action bad kind [ 1051.761793][T21779] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3482'. [ 1051.868424][T21779] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1051.919458][T21779] bond0 (unregistering): Released all slaves [ 1052.517399][T21791] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3485'. [ 1053.838410][T21808] could not allocate digest TFM handle [ 1054.090216][T21802] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3488'. [ 1054.784459][T21820] netlink: 334 bytes leftover after parsing attributes in process `syz.4.3493'. [ 1056.135051][T21840] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3498'. [ 1056.186107][T21843] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3498'. [ 1056.304590][T21840] netlink: 218 bytes leftover after parsing attributes in process `syz.0.3498'. [ 1057.256354][T21851] could not allocate digest TFM handle [ 1057.298398][T21850] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3501'. [ 1058.312983][T21844] base_sock_release(ffff88803c7c8000) sk=ffff888028ada000 [ 1062.047774][T21916] ptp ptp0: max value is 20 [ 1063.031799][T21904] Process accounting resumed [ 1063.043401][T21923] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3526'. [ 1063.195323][T21926] could not allocate digest TFM handle [ 1064.649481][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1064.663373][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1064.883620][T21955] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3528'. [ 1064.960206][T21957] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3528'. [ 1065.077773][T21955] netlink: 302 bytes leftover after parsing attributes in process `syz.0.3528'. [ 1065.462949][T21966] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3530'. [ 1065.777357][T21972] FAULT_INJECTION: forcing a failure. [ 1065.777357][T21972] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1065.902972][T21972] CPU: 0 UID: 0 PID: 21972 Comm: syz.0.3531 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1065.903023][T21972] Tainted: [I]=FIRMWARE_WORKAROUND [ 1065.903033][T21972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1065.903048][T21972] Call Trace: [ 1065.903062][T21972] [ 1065.903072][T21972] dump_stack_lvl+0x16c/0x1f0 [ 1065.903115][T21972] should_fail_ex+0x512/0x640 [ 1065.903154][T21972] _copy_from_user+0x2e/0xd0 [ 1065.903207][T21972] copy_msghdr_from_user+0x98/0x160 [ 1065.903259][T21972] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1065.903298][T21972] ? __pfx_kstrtouint+0x10/0x10 [ 1065.903330][T21972] ? kstrtouint_from_user+0x13c/0x1d0 [ 1065.903361][T21972] ___sys_sendmsg+0xfe/0x1d0 [ 1065.903399][T21972] ? __pfx____sys_sendmsg+0x10/0x10 [ 1065.903442][T21972] ? rcu_is_watching+0x12/0xc0 [ 1065.903475][T21972] __sys_sendmsg+0x16d/0x220 [ 1065.903496][T21972] ? __pfx___sys_sendmsg+0x10/0x10 [ 1065.903525][T21972] do_syscall_64+0xcd/0x490 [ 1065.903546][T21972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1065.903570][T21972] RIP: 0033:0x7f3f0398e929 [ 1065.903588][T21972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1065.903611][T21972] RSP: 002b:00007f3f047f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1065.903633][T21972] RAX: ffffffffffffffda RBX: 00007f3f03bb5fa0 RCX: 00007f3f0398e929 [ 1065.903649][T21972] RDX: 00000000140000e4 RSI: 0000200000000380 RDI: 0000000000000004 [ 1065.903664][T21972] RBP: 00007f3f047f9090 R08: 0000000000000000 R09: 0000000000000000 [ 1065.903678][T21972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1065.903692][T21972] R13: 0000000000000000 R14: 00007f3f03bb5fa0 R15: 00007ffce30a0f68 [ 1065.903714][T21972] [ 1066.192526][T21884] Process accounting resumed [ 1066.274274][T21974] raw_sendmsg: syz.4.3532 forgot to set AF_INET. Fix it! [ 1068.714981][T21999] netlink: 342 bytes leftover after parsing attributes in process `syz.4.3540'. [ 1068.864168][T21999] netlink: 302 bytes leftover after parsing attributes in process `syz.4.3540'. [ 1070.193700][T22016] FAULT_INJECTION: forcing a failure. [ 1070.193700][T22016] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.283266][T22016] CPU: 1 UID: 0 PID: 22016 Comm: syz.0.3552 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1070.283316][T22016] Tainted: [I]=FIRMWARE_WORKAROUND [ 1070.283328][T22016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1070.283345][T22016] Call Trace: [ 1070.283355][T22016] [ 1070.283366][T22016] dump_stack_lvl+0x16c/0x1f0 [ 1070.283417][T22016] should_fail_ex+0x512/0x640 [ 1070.283465][T22016] should_failslab+0xc2/0x120 [ 1070.283493][T22016] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1070.283540][T22016] ? mas_alloc_nodes+0x18b/0x8b0 [ 1070.283595][T22016] mas_alloc_nodes+0x18b/0x8b0 [ 1070.283644][T22016] mas_node_count_gfp+0x105/0x130 [ 1070.283688][T22016] mas_preallocate+0x77b/0xda0 [ 1070.283721][T22016] ? __memcg_slab_post_alloc_hook+0x442/0x960 [ 1070.283756][T22016] ? __pfx_mas_preallocate+0x10/0x10 [ 1070.283796][T22016] ? lockdep_init_map_type+0x5c/0x280 [ 1070.283837][T22016] ? anon_vma_name+0x75/0x100 [ 1070.283872][T22016] __split_vma+0x34a/0x1070 [ 1070.283915][T22016] ? __pfx___split_vma+0x10/0x10 [ 1070.283952][T22016] ? rcu_is_watching+0x12/0xc0 [ 1070.283987][T22016] ? process_measurement+0x4a6/0x23e0 [ 1070.284042][T22016] ? rcu_is_watching+0x12/0xc0 [ 1070.284068][T22016] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1070.284114][T22016] vms_gather_munmap_vmas+0x1c2/0x1310 [ 1070.284158][T22016] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 1070.284201][T22016] ? mas_walk+0x6a6/0x910 [ 1070.284247][T22016] __mmap_region+0x3c7/0x25e0 [ 1070.284292][T22016] ? __pfx___mmap_region+0x10/0x10 [ 1070.284338][T22016] ? rcu_is_watching+0x12/0xc0 [ 1070.284366][T22016] ? lock_release+0x201/0x2f0 [ 1070.284400][T22016] ? bpf_ksym_find+0x124/0x1c0 [ 1070.284429][T22016] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1070.284461][T22016] ? is_bpf_text_address+0x94/0x1a0 [ 1070.284499][T22016] ? kernel_text_address+0x8d/0x100 [ 1070.284544][T22016] ? __kernel_text_address+0xd/0x40 [ 1070.284596][T22016] ? unwind_get_return_address+0x59/0xa0 [ 1070.284638][T22016] ? arch_stack_walk+0xa6/0x100 [ 1070.284706][T22016] ? rcu_is_watching+0x12/0xc0 [ 1070.284733][T22016] ? trace_cap_capable+0x18d/0x200 [ 1070.284764][T22016] mmap_region+0x1ab/0x3f0 [ 1070.284810][T22016] do_mmap+0xa3e/0x1210 [ 1070.284844][T22016] ? __pfx_do_mmap+0x10/0x10 [ 1070.284895][T22016] ? __pfx_down_write_killable+0x10/0x10 [ 1070.284932][T22016] vm_mmap_pgoff+0x281/0x450 [ 1070.284965][T22016] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1070.284994][T22016] ? lock_release+0x201/0x2f0 [ 1070.285033][T22016] ? __fget_files+0x20e/0x3c0 [ 1070.285079][T22016] ksys_mmap_pgoff+0x32c/0x5c0 [ 1070.285110][T22016] ? __pfx_ksys_write+0x10/0x10 [ 1070.285155][T22016] __x64_sys_mmap+0x125/0x190 [ 1070.285197][T22016] do_syscall_64+0xcd/0x490 [ 1070.285224][T22016] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.285254][T22016] RIP: 0033:0x7f3f0398e929 [ 1070.285278][T22016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1070.285307][T22016] RSP: 002b:00007f3f047f9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1070.285335][T22016] RAX: ffffffffffffffda RBX: 00007f3f03bb5fa0 RCX: 00007f3f0398e929 [ 1070.285353][T22016] RDX: 0000000000000001 RSI: 0000000000004000 RDI: 0000200000ffc000 [ 1070.285370][T22016] RBP: 00007f3f047f9090 R08: 0000000000000003 R09: 0000000000000000 [ 1070.285386][T22016] R10: 000000000008e051 R11: 0000000000000246 R12: 0000000000000001 [ 1070.285402][T22016] R13: 0000000000000000 R14: 00007f3f03bb5fa0 R15: 00007ffce30a0f68 [ 1070.285429][T22016] [ 1071.248319][T22021] ================================================================== [ 1071.248342][T22021] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 1071.248405][T22021] Read of size 6 at addr ffff8880578bf3fc by task syz.4.3545/22021 [ 1071.248435][T22021] [ 1071.248455][T22021] CPU: 0 UID: 0 PID: 22021 Comm: syz.4.3545 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1071.248501][T22021] Tainted: [I]=FIRMWARE_WORKAROUND [ 1071.248514][T22021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1071.248534][T22021] Call Trace: [ 1071.248544][T22021] [ 1071.248557][T22021] dump_stack_lvl+0x116/0x1f0 [ 1071.248611][T22021] print_report+0xcd/0x680 [ 1071.248640][T22021] ? __virt_addr_valid+0x81/0x610 [ 1071.248672][T22021] ? __phys_addr+0xe8/0x180 [ 1071.248707][T22021] ? fbcon_prepare_logo+0xa03/0xc70 [ 1071.248755][T22021] kasan_report+0xe0/0x110 [ 1071.248786][T22021] ? fbcon_prepare_logo+0xa03/0xc70 [ 1071.248852][T22021] kasan_check_range+0x100/0x1b0 [ 1071.248890][T22021] __asan_memcpy+0x23/0x60 [ 1071.248932][T22021] fbcon_prepare_logo+0xa03/0xc70 [ 1071.248991][T22021] fbcon_init+0xd77/0x1900 [ 1071.249044][T22021] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 1071.249102][T22021] visual_init+0x320/0x620 [ 1071.249144][T22021] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1071.249199][T22021] store_bind+0x61d/0x760 [ 1071.249252][T22021] ? __pfx_store_bind+0x10/0x10 [ 1071.249300][T22021] dev_attr_store+0x58/0x80 [ 1071.249331][T22021] ? __pfx_dev_attr_store+0x10/0x10 [ 1071.249363][T22021] sysfs_kf_write+0xf2/0x150 [ 1071.249406][T22021] kernfs_fop_write_iter+0x351/0x510 [ 1071.249440][T22021] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1071.249480][T22021] vfs_write+0x6c4/0x1150 [ 1071.249525][T22021] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1071.249561][T22021] ? __pfx___mutex_lock+0x10/0x10 [ 1071.249593][T22021] ? __pfx_vfs_write+0x10/0x10 [ 1071.249652][T22021] ksys_write+0x12a/0x250 [ 1071.249697][T22021] ? __pfx_ksys_write+0x10/0x10 [ 1071.249749][T22021] do_syscall_64+0xcd/0x490 [ 1071.249781][T22021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.249823][T22021] RIP: 0033:0x7fe480d8e929 [ 1071.249850][T22021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1071.249885][T22021] RSP: 002b:00007fe481b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1071.249918][T22021] RAX: ffffffffffffffda RBX: 00007fe480fb6080 RCX: 00007fe480d8e929 [ 1071.249940][T22021] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1071.249961][T22021] RBP: 00007fe480e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1071.249982][T22021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1071.250001][T22021] R13: 0000000000000000 R14: 00007fe480fb6080 R15: 00007fff3cb43518 [ 1071.250033][T22021] [ 1071.250045][T22021] [ 1071.250054][T22021] Allocated by task 22021: [ 1071.250071][T22021] kasan_save_stack+0x33/0x60 [ 1071.250117][T22021] kasan_save_track+0x14/0x30 [ 1071.250163][T22021] __kasan_kmalloc+0xaa/0xb0 [ 1071.250208][T22021] __kmalloc_noprof+0x223/0x510 [ 1071.250256][T22021] vc_do_resize+0x1de/0x10e0 [ 1071.250301][T22021] fbcon_init+0xd53/0x1900 [ 1071.250351][T22021] visual_init+0x320/0x620 [ 1071.250390][T22021] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1071.250440][T22021] store_bind+0x61d/0x760 [ 1071.250485][T22021] dev_attr_store+0x58/0x80 [ 1071.250514][T22021] sysfs_kf_write+0xf2/0x150 [ 1071.250550][T22021] kernfs_fop_write_iter+0x351/0x510 [ 1071.250583][T22021] vfs_write+0x6c4/0x1150 [ 1071.250626][T22021] ksys_write+0x12a/0x250 [ 1071.250669][T22021] do_syscall_64+0xcd/0x490 [ 1071.250694][T22021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.250725][T22021] [ 1071.250733][T22021] The buggy address belongs to the object at ffff8880578bf3e0 [ 1071.250733][T22021] which belongs to the cache kmalloc-8 of size 8 [ 1071.250760][T22021] The buggy address is located 22 bytes to the right of [ 1071.250760][T22021] allocated 6-byte region [ffff8880578bf3e0, ffff8880578bf3e6) [ 1071.250793][T22021] [ 1071.250801][T22021] The buggy address belongs to the physical page: [ 1071.250822][T22021] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x578bf [ 1071.250853][T22021] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 1071.250878][T22021] page_type: f5(slab) [ 1071.250906][T22021] raw: 00fff00000000000 ffff88801b441500 dead000000000100 dead000000000122 [ 1071.250935][T22021] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 1071.250953][T22021] page dumped because: kasan: bad access detected [ 1071.250969][T22021] page_owner tracks the page as allocated [ 1071.250981][T22021] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 18662, tgid 18662 (syz-executor), ts 914540161346, free_ts 914540147020 [ 1071.251035][T22021] post_alloc_hook+0x1c0/0x230 [ 1071.251076][T22021] get_page_from_freelist+0x1321/0x3890 [ 1071.251123][T22021] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1071.251170][T22021] alloc_pages_mpol+0x1fb/0x550 [ 1071.251198][T22021] new_slab+0x23b/0x330 [ 1071.251235][T22021] ___slab_alloc+0xd9c/0x1940 [ 1071.251273][T22021] __slab_alloc.constprop.0+0x56/0xb0 [ 1071.251313][T22021] __kmalloc_node_noprof+0x2ed/0x500 [ 1071.251360][T22021] __vmalloc_node_range_noprof+0x3e5/0x14b0 [ 1071.251401][T22021] __vmalloc_node_noprof+0xad/0xf0 [ 1071.251437][T22021] do_ip6t_get_ctl+0x63f/0xa50 [ 1071.251479][T22021] nf_getsockopt+0x7c/0xe0 [ 1071.251514][T22021] ipv6_getsockopt+0x1f7/0x280 [ 1071.251551][T22021] tcp_getsockopt+0xa1/0x100 [ 1071.251578][T22021] do_sock_getsockopt+0x3fc/0x800 [ 1071.251617][T22021] __sys_getsockopt+0x123/0x1b0 [ 1071.251666][T22021] page last free pid 18662 tgid 18662 stack trace: [ 1071.251686][T22021] __free_frozen_pages+0x7fe/0x1180 [ 1071.251725][T22021] kasan_populate_vmalloc+0x13d/0x1f0 [ 1071.251769][T22021] alloc_vmap_area+0x959/0x29c0 [ 1071.251801][T22021] __get_vm_area_node+0x1ca/0x330 [ 1071.251845][T22021] __vmalloc_node_range_noprof+0x271/0x14b0 [ 1071.251886][T22021] __vmalloc_node_noprof+0xad/0xf0 [ 1071.251924][T22021] do_ip6t_get_ctl+0x63f/0xa50 [ 1071.251964][T22021] nf_getsockopt+0x7c/0xe0 [ 1071.251998][T22021] ipv6_getsockopt+0x1f7/0x280 [ 1071.252036][T22021] tcp_getsockopt+0xa1/0x100 [ 1071.252064][T22021] do_sock_getsockopt+0x3fc/0x800 [ 1071.252100][T22021] __sys_getsockopt+0x123/0x1b0 [ 1071.252149][T22021] __x64_sys_getsockopt+0xbd/0x160 [ 1071.252198][T22021] do_syscall_64+0xcd/0x490 [ 1071.252226][T22021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.252259][T22021] [ 1071.252267][T22021] Memory state around the buggy address: [ 1071.252285][T22021] ffff8880578bf280: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 1071.252309][T22021] ffff8880578bf300: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 1071.252334][T22021] >ffff8880578bf380: fa fc fc fc fa fc fc fc fa fc fc fc 06 fc fc fc [ 1071.252353][T22021] ^ [ 1071.252374][T22021] ffff8880578bf400: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 1071.252399][T22021] ffff8880578bf480: fa fc fc fc fa fc fc fc 05 fc fc fc fa fc fc fc [ 1071.252419][T22021] ================================================================== [ 1071.252707][T22021] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1071.252736][T22021] CPU: 0 UID: 0 PID: 22021 Comm: syz.4.3545 Tainted: G I 6.16.0-rc1-syzkaller #0 PREEMPT(full) [ 1071.252785][T22021] Tainted: [I]=FIRMWARE_WORKAROUND [ 1071.252799][T22021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 1071.252832][T22021] Call Trace: [ 1071.252843][T22021] [ 1071.252856][T22021] dump_stack_lvl+0x3d/0x1f0 [ 1071.252910][T22021] panic+0x71c/0x800 [ 1071.252955][T22021] ? __pfx_panic+0x10/0x10 [ 1071.252999][T22021] ? rcu_is_watching+0x12/0xc0 [ 1071.253034][T22021] ? fbcon_prepare_logo+0xa03/0xc70 [ 1071.253092][T22021] ? fbcon_prepare_logo+0xa03/0xc70 [ 1071.253142][T22021] check_panic_on_warn+0xab/0xb0 [ 1071.253194][T22021] end_report+0x107/0x170 [ 1071.253242][T22021] kasan_report+0xee/0x110 [ 1071.253270][T22021] ? fbcon_prepare_logo+0xa03/0xc70 [ 1071.253318][T22021] kasan_check_range+0x100/0x1b0 [ 1071.253350][T22021] __asan_memcpy+0x23/0x60 [ 1071.253387][T22021] fbcon_prepare_logo+0xa03/0xc70 [ 1071.253438][T22021] fbcon_init+0xd77/0x1900 [ 1071.253482][T22021] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 1071.253532][T22021] visual_init+0x320/0x620 [ 1071.253646][T22021] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1071.253706][T22021] store_bind+0x61d/0x760 [ 1071.253755][T22021] ? __pfx_store_bind+0x10/0x10 [ 1071.253806][T22021] dev_attr_store+0x58/0x80 [ 1071.253836][T22021] ? __pfx_dev_attr_store+0x10/0x10 [ 1071.253864][T22021] sysfs_kf_write+0xf2/0x150 [ 1071.253901][T22021] kernfs_fop_write_iter+0x351/0x510 [ 1071.253931][T22021] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1071.253967][T22021] vfs_write+0x6c4/0x1150 [ 1071.254007][T22021] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1071.254038][T22021] ? __pfx___mutex_lock+0x10/0x10 [ 1071.254064][T22021] ? __pfx_vfs_write+0x10/0x10 [ 1071.254115][T22021] ksys_write+0x12a/0x250 [ 1071.254155][T22021] ? __pfx_ksys_write+0x10/0x10 [ 1071.254200][T22021] do_syscall_64+0xcd/0x490 [ 1071.254226][T22021] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1071.254257][T22021] RIP: 0033:0x7fe480d8e929 [ 1071.254281][T22021] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1071.254312][T22021] RSP: 002b:00007fe481b66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1071.254342][T22021] RAX: ffffffffffffffda RBX: 00007fe480fb6080 RCX: 00007fe480d8e929 [ 1071.254363][T22021] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1071.254382][T22021] RBP: 00007fe480e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 1071.254401][T22021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1071.254420][T22021] R13: 0000000000000000 R14: 00007fe480fb6080 R15: 00007fff3cb43518 [ 1071.254450][T22021] [ 1071.254741][T22021] Kernel Offset: disabled