last executing test programs: 2m40.479371844s ago: executing program 2 (id=1393): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x0, @my=0x1}, 0x55) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/bpq2/statistics/rx_missed_errors\x00', 0x48500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000010c0)=""/4090, 0xffa) socket(0x2, 0x1, 0x106) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/block/nbd11/hctx0/busy\x00', 0x60000, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x4f4, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x2a, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r6, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r6, 0x100, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) madvise$auto(0x0, 0x200007, 0x19) 2m33.139965865s ago: executing program 3 (id=1413): read$auto_ctl_device_fops_user(0xffffffffffffffff, &(0x7f0000000180)=""/186, 0xba) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r0 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/keycreate\x00', 0x1, 0x0) write$auto_proc_pid_attr_operations_base(r0, 0x0, 0x0) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\\\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') read$auto_ctl_device_fops_user(0xffffffffffffffff, &(0x7f0000000180)=""/186, 0xba) (async) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) (async) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) (async) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/keycreate\x00', 0x1, 0x0) (async) write$auto_proc_pid_attr_operations_base(r0, 0x0, 0x0) (async) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) (async) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\\\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') (async) 2m32.91154448s ago: executing program 3 (id=1414): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) r0 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x40, r0, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0xa, 0x2, 0x0, 0x1, [@generic="00b487080d9c"]}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x44000884}, 0xc880) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0xb12, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x0) mmap$auto(0xb96b, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe2$auto(0x0, 0x80) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r2) sendmsg$auto_NFSD_CMD_VERSION_SET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x28, r3, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x14, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_MINOR={0x8}, @NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000001}, 0x4004840) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'hsr0\x00', 0x0}) bpf$auto_BPF_MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)=@link_create={@prog_fd=r2, @target_ifindex=r4, 0x9, 0x6, @uprobe_multi={0x4, 0xf3, 0xbe72, 0x3, 0x70e56496, 0x5, 0xffffffffffffffff}}, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) write$auto(0x3, 0x0, 0x100082) 2m25.261573537s ago: executing program 32 (id=1393): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x0, @my=0x1}, 0x55) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/bpq2/statistics/rx_missed_errors\x00', 0x48500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000010c0)=""/4090, 0xffa) socket(0x2, 0x1, 0x106) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/block/nbd11/hctx0/busy\x00', 0x60000, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x4f4, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x2a, 0xc, 0x400000000003, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x0, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYRES8, @ANYRES16, @ANYBLOB="df250c0000000000000000"], 0x14}}, 0x24048004) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000380), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r6, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r1, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r6, 0x100, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) madvise$auto(0x0, 0x200007, 0x19) 2m18.082992629s ago: executing program 0 (id=1456): mmap$auto(0x0, 0x9, 0xdf, 0x18, 0xffffffffffffffff, 0xa) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCGIDLE32(r0, 0x8008743f, 0x0) mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/scsi_mod/parameters/default_dev_flags\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/ad_actor_sys_prio\x00', 0x942, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2, 0x801, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyu3\x00', 0x12803, 0x0) r1 = socket(0x1e, 0x80805, 0x0) listen$auto(r1, 0x9) accept$auto(r1, 0x0, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) ioctl$auto(r2, 0x541c, r3) r4 = socket(0xa, 0x801, 0x84) connect$auto(r4, &(0x7f0000000080)=@generic={0xa, "509235679a5532c63bacddae0710"}, 0x54) r5 = socket(0x2, 0x1, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r6) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[], 0x24}}, 0x4000000) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) 2m18.020762459s ago: executing program 0 (id=1457): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/teql0/queues/tx-0/byte_queue_limits/limit_min\x00', 0x88282, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x8800fffffdef) r1 = fcntl$auto(0xffffffffffffffff, 0x20007, 0xa553) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) getsockopt$auto_SO_MEMINFO(r1, 0x8, 0x37, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_delete$auto(0x1) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) unshare$auto(0x40000080) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x1e, 0x1, 0x0) close_range$auto(0x0, 0x5, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x123002, 0x0) ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000180)={0x7}) ioctl$auto_SNDCTL_DSP_GETBLKSIZE(r4, 0xc0045004, &(0x7f0000000000)) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0xfffffffffffffffe, 0x240007, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r5 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYRES8=r3], 0x3c}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) 2m17.481937455s ago: executing program 33 (id=1414): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) r0 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x40, r0, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0xa, 0x2, 0x0, 0x1, [@generic="00b487080d9c"]}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x44000884}, 0xc880) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0xb12, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x0) mmap$auto(0xb96b, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe2$auto(0x0, 0x80) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r2) sendmsg$auto_NFSD_CMD_VERSION_SET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x28, r3, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x14, 0x1, 0x0, 0x1, [@NFSD_A_VERSION_MINOR={0x8}, @NFSD_A_VERSION_MAJOR={0x8, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000001}, 0x4004840) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'hsr0\x00', 0x0}) bpf$auto_BPF_MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)=@link_create={@prog_fd=r2, @target_ifindex=r4, 0x9, 0x6, @uprobe_multi={0x4, 0xf3, 0xbe72, 0x3, 0x70e56496, 0x5, 0xffffffffffffffff}}, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) write$auto(0x3, 0x0, 0x100082) 2m12.857062814s ago: executing program 0 (id=1469): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/tty/ptybd/dev\x00', 0x2440, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/tty/ptybd/dev\x00', 0x2440, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/nvme/parameters/io_queue_depth\x00', 0x20001, 0x0) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) (async) read$auto(r2, 0x0, 0x20) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) writev$auto(r0, &(0x7f0000000080)={0x0, 0x5}, 0x82a) 2m12.24670834s ago: executing program 0 (id=1471): timerfd_settime$auto(0xffffffffffffffff, 0x6, &(0x7f0000000080)={{0x2, 0x8000000000000000}, {0x2, 0x80}}, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop10/queue/rotational\x00', 0x26e040, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r2, @ANYBLOB="00012bbd7000fbdbdf25020000000600510140000000060014010400000008005700000000000600b4000200000008004d01fffffffff000c7002db0d19d20d6a337fdbce8ea5ef9d17f9ee835333e33ed5f87752011f72206e047229c4f5eaa8c64837398f5aeb2e7aebbcbdecb35b43fa2dfbe575db54539343dd60f5b4d773d2ea8bbae1364725e6e8e169ca209c8991171914b115a4c186c21a5863e61f24156662875d3fec9f6e3081435fa0284b194489498ccc031043560fa80b80441e4b7a6dad24aac9b10d162e922717b5349782de9f11e02d6a29ee26ed2bc7cb9f25d06aa0481706cd34dd860c3c1e7188b718561c603a7f4fad26f872b6c8da7c27da9c13abcec045aade965017ca20aaa80f3b28ebc428d5d31fb519f3dbddaaa23f0f546d8b5a57f8a9556f6"], 0x12c}, 0x1, 0x0, 0x0, 0x5}, 0x40) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000300)=""/77, 0x4d) 2m11.958361756s ago: executing program 0 (id=1472): mprotect$auto(0x0, 0x8000000000000001, 0x8) r0 = socket(0x1d, 0x3, 0x1) bind$auto(0x3, &(0x7f0000000040)=@can, 0x6a) setsockopt$auto(r0, 0x65, 0x1, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r1 = epoll_create$auto(0x3e) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f00000000c0)={0x3, 0x7, 0x8, 0xe74, 0x2}) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) io_cancel$auto(0x3, &(0x7f0000000000)={0x0, 0x7, 0x4, 0x5, 0x7ff, r0, 0x1, 0x6, 0x100, 0x0, 0xfffffff9, r0}, &(0x7f0000000080)={0x7, 0x7, 0x5, 0x2e80d4cd}) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0xc0ed0000, 0x0) 2m11.481458831s ago: executing program 0 (id=1475): r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) ioctl$auto(r0, 0xab0a, 0xffffffffffffffff) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000080)='/sys/kernel/deb\\g/sync/sw_sync\x00', &(0x7f00000002c0)="b7b80923cdc800c979236e1d818539eff1fb19b2d916dc446967864e5de594d91025e7bfc6385143ae464fd2b1c65bd22542cebfee84c9b40f1bc2ff5fa6541b8af327d7727ae41566810b0900f388c03161fa5d259341e1eaf9cb7c1d361468715e04996baf2b3c4855234411d37399f1fb21da9f1d08bafa7b625ac5e90cdfcad4c5cab002d1a419cb6e81efec008a0295f8dec73e93b53a217d1e3dab3581bd", 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x6101, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_COALESCE(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.0/usb1/bDeviceProtocol\x00', 0x12bc00, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto_FS_IOC_GETFSUUID(r2, 0x80111500, 0x4f) mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, 0x0) ioctl$auto(0x3, 0xc0383e04, 0xffffffffffffffff) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r5, 0x3, &(0x7f0000001640)='+\x00', &(0x7f0000001680)="df", 0x0) read$auto_stat_fops_per_vm_kvm_main(0xffffffffffffffff, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01002dbd0900fedbdf257e"], 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r7 = open(&(0x7f00000001c0)='./cgroup\x00', 0x80400, 0x42) open_by_handle_at$auto(r7, &(0x7f0000000200)={0x8, 0xfe, "0200000000000000"}, 0x100004) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r8) r10 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0) write$auto(r10, &(0x7f0000000440)='ON\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf0F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\xed\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0xb8c5) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r8, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010027bd7000fbdbdf2504000000090017200800000004000e00c49d1866756a"], 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) 1m56.055048665s ago: executing program 34 (id=1475): r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) ioctl$auto(r0, 0xab0a, 0xffffffffffffffff) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000080)='/sys/kernel/deb\\g/sync/sw_sync\x00', &(0x7f00000002c0)="b7b80923cdc800c979236e1d818539eff1fb19b2d916dc446967864e5de594d91025e7bfc6385143ae464fd2b1c65bd22542cebfee84c9b40f1bc2ff5fa6541b8af327d7727ae41566810b0900f388c03161fa5d259341e1eaf9cb7c1d361468715e04996baf2b3c4855234411d37399f1fb21da9f1d08bafa7b625ac5e90cdfcad4c5cab002d1a419cb6e81efec008a0295f8dec73e93b53a217d1e3dab3581bd", 0x8) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x6101, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_COALESCE(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/dummy_hcd.0/usb1/bDeviceProtocol\x00', 0x12bc00, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto_FS_IOC_GETFSUUID(r2, 0x80111500, 0x4f) mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, 0x0) ioctl$auto(0x3, 0xc0383e04, 0xffffffffffffffff) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r5, 0x3, &(0x7f0000001640)='+\x00', &(0x7f0000001680)="df", 0x0) read$auto_stat_fops_per_vm_kvm_main(0xffffffffffffffff, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01002dbd0900fedbdf257e"], 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r7 = open(&(0x7f00000001c0)='./cgroup\x00', 0x80400, 0x42) open_by_handle_at$auto(r7, &(0x7f0000000200)={0x8, 0xfe, "0200000000000000"}, 0x100004) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r8) r10 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0) write$auto(r10, &(0x7f0000000440)='ON\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf0F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\xed\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0xb8c5) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r8, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010027bd7000fbdbdf2504000000090017200800000004000e00c49d1866756a"], 0x20}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) 1m30.386360385s ago: executing program 5 (id=1601): openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0xc401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) mq_unlink$auto(0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000280)='/proc/asound/card1/pcm0c/sub2/sw_params\x00', 0x28102, 0x0) readv$auto(0x3, &(0x7f0000000040)={&(0x7f00000001c0)="7e1f32b48a545de69da3bcea41edfe0cb478f77c19bcbf63a212d936e84f3dae1731a7e1a0325de5eddd5e96b3960d848cd623dd2825c1356fa29e01f8329714dfe2981ff78d284d83545ecb43ba78171bce4ab995d3209aae4de5e370a1ef614fccbc52c2dd99df2483e75b689f70a399f268f9b31f4abaf3fce1a03ab28cdf75fb4bf2d533f0f9f291d54239965eb9e881d371e9cdef080b0c834269cfd503a04f2355e2f1687eb7f7f595c500000000000000", 0x20000}, 0x5) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/6/smp_affinity\x00', 0x40d81, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2402, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x40800) futex$auto(&(0x7f0000000000)=0x7, 0x9, 0x7, &(0x7f0000000040)={0xb, 0x401}, &(0x7f00000002c0)=0x6f5, 0x200) unshare$auto(0x40000080) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000180)='/dev/usbmon37\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r3, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000140)={0x0, 0x2000004, 0x7}) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/008/001\x00', 0x8101, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mprotect$auto(0x0, 0x806121, 0x6) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x16bd00, 0x0) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_5={@target_ifindex, r1, 0x8, 0x6, r2, @relative_id=0xe, 0xb60}, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x80802, 0x0) 1m29.300988539s ago: executing program 5 (id=1604): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) eventfd$auto(0x0) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$auto_RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000280)={0x1, 0x8, 0x0, 0x60, 0x5, 0x80, 0xcf, 0x6c35, 0xe}) r1 = socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x200, 0x400008, 0x200, 0x9b72, r1, 0x6) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x20, 0x0) fsopen$auto(0x0, 0x1) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) pivot_root$auto(&(0x7f0000000080)='..\x00', 0x0) shmget$auto(0x8, 0x10563, 0x568d1af2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) bpf$auto(0x14, &(0x7f00000000c0)=@enable_stats={0x1}, 0x7) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) 1m28.863224126s ago: executing program 5 (id=1606): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video54\x00', 0x42942, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x9}, 0x8) r0 = socket(0x1d, 0x2, 0x2) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/controlC1\x00', 0x68080, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/nr6/tx_queue_len\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000440)=""/139, 0x8b) sendmsg$auto_IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="4d0448847000ffdbdf250400000008000400080000002b11cb2bc91a1b7d5e3832293c74befc142cc314d89067e616d4c859342bdf5ecf4f84aec702fa8efdd525c39926ed3dbcbb0dffdaee0d001ae260db65049bf85edcf99bb7d79ce4c577bba35200c0d2c6176e7d8037f09006303a63ac7f055eba88c189c13b86a947ef291f28f3f137b70b4459513d296a39b3ab149714e872729fdb3e2c9ac855fbccb16294c6f96d5a037af3f0d89449092e821cb00ea3a8be21a0708b8506aef095239adc1eda0b54b10298bf116ab18daf41f7e13621307b9f905d018d11011a4a3e35e586b935e368195fadcae9c4f4afe38ef12615b7c7aca5c1abfcf9ab207471914518d061ee0961c823c698882a2201ca71fa6402524bb8ac7d53a1d1055f84376a1ded45baffffffff73615f6c5ca1f1233804f1762500d6ee313f09c8cbb8261b725eec3ed9211455ff536eabbb300983f5a70e84dd5d"], 0x1c}, 0x1, 0x0, 0x0, 0x24008000}, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x40000000, 0x9645, 0xdf, 0x8011, 0x2, 0x2d4a29c0) pivot_root$auto(0x0, 0x0) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) mmap$auto(0x0, 0x7fff, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x400000000008000) setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x9) madvise$auto(0x0, 0x2000040080000000, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x7f, 0x82020009, 0x7ff, 0xeb1, r0, 0xfff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x200007, 0x8) 1m27.826139699s ago: executing program 5 (id=1611): socket(0x29, 0x5, 0x0) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_NS_GET_TGID_IN_PIDNS(r0, 0x8004b709, &(0x7f0000000140)=0x7) ioctl$auto_UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, &(0x7f0000000100)=0x101) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x3, 0xb, 0xdd, 0xebe, 0xffffffffffffffff, 0x8000) semctl$auto_SEM_INFO(0x7fff, 0x10001, 0x13, 0x200) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0xd2, 0x0, 0x567) adjtimex$auto(&(0x7f00000004c0)={0xffff6888, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x962, {0x2000100000000, 0x10000}, 0x5, 0x6, 0xffffffffffeffffb, 0x6, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0x20000a747, 0xdeb1, 0x804}) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, 0x0, 0xd0) ioctl$auto_TCSBRKP2(r1, 0x5425, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f00000001c0)="9666375a3902d1f245545e387feb0591593d185bb78a3d9e2e56c8f9ab6ce227e7046bb0eab1d4b3714a18196d65c09c1b6330872c07709b071a705ccf342a490879bf67198bb662fe2e698370e1eb53e8cf3c4f33a23873f5ac099078c711245a2bd14117952e15cb439ce143acb22a38e11afd158d3307f50ee1d15d7774ccadd9a5e0c7d70b2ad14a6fcb4dd8391fd15196e9e15c1bce02f3ded741d4b7530584fcf6d4ffe0dc9e3a321c1f9d3a8df3b2cdb7967f8f60846cf739e6bea3d1374bfc9f4c3b503498ce191d3ff6e708e25db0434b8ec1e084a35ddc7b95e5aacff3bfbc4cff3d53df673008186e7af8c62d066b93c33aac944d6da756eb3983af03f015810da670107bd3d4ec828cf87a671263528f9d55c1063d844ebc84b98f794d64d82d9a5b252ffa394b9b1d0fa5abf0fcfceb6cd1631cc4c8597de7cff36e7ad2e5d9ebaf0f0e4767921af674d7011bfe68f656c222862013956e188dec0f2838e64c12c82c0ec84e233158e26f0cb921ae7eed3153cd9f88efb027489d40098848ee3c8105a4573fff0a21dcd35734831e612ee7348e834747ebd373f8804d055b869da71f0b250cbf4fe6ffd88caf11b70605f78bd595c96b2d0b608e72d0e29cceb0f728f9f7f850865b983148f626baa54fb81b1d420708f4f5c77d5658464dd07a13d21245f78f19e4df644813ec4099d83714bdf582898a76ddf22198b6100df0f566df724ea90298e70f4697b8a9a585229e0b46e0ce039d2085916aa884faa4dbdd36cef25498d6a78d6ac56be308ae4a09daf0fe17eff6f612adde7b3f4d22a7720de025ec0b824fd2aab48708e2a66b3a5b8ee317677a8dda0f5c540139e99b1780bea0fe9bff71ca056be0c324eb411ff50873bb06583fe6dabda4d283315e7b6ce60ceeaf4c42accec7368fb88a439c750127742a542a5693be4d0ed5c32c159e12f328333fbb4334d081a893fa9354299c9dd4d173402aaacec7a7e61cd13b28b7d8761e574442a86fe66fd0d6a60609ca5570c5520972d628befdc5cf21028ae88fdf4214c61914403aa2689f7c06b0ea87cc476dea64603fe7eb2076777246d91420c3176a8fbfd82e35a06e75615d19590d4dd4cf320be6e4f3fada1df0b82985d7b60c807e36d5b63746da297e3a134a873943a59b", 0x341) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) clock_nanosleep$auto(0xa, 0x9, 0x0, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/zswap/parameters/compressor\x00', 0x82002, 0x0) write$auto_ocfs2_control_fops_stack_user(r4, &(0x7f0000000140)="fb5796eeeb933bc50230eb18aabb843f753d38e57dd6188303954cad18d628a34591a41010a4d6b9896a6a961c382bd5c4787005a597089d15c89c8b8c4e6b52b3a6b0a4756feac7176f8bffac3cb553d448a0be7def4564097da1ecf61b0e50a28538613c76", 0x66) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, 0x0, 0x9800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1m27.244091604s ago: executing program 5 (id=1613): mmap$auto(0x0, 0xe97f, 0xdf, 0xeb1, 0x401, 0x200000f) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) (async) socket(0x10, 0x2, 0x0) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) unshare$auto(0x40000080) r0 = pidfd_open$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0xa0801, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x8000, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r2) socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x1c, 0x0, 0x13, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f00000000c0)={0x9, 0x0, [{0x40000072, 0x400, 0x2}]}) setns(r0, 0x60020000) (async) setns(r0, 0x60020000) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video25\x00', 0xa281ce3665c25fe5, 0x0) read$auto_v4l2_fops_v4l2_dev(r6, &(0x7f0000000180)=""/117, 0x75) (async) read$auto_v4l2_fops_v4l2_dev(r6, &(0x7f0000000180)=""/117, 0x75) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) pivot_root$auto(&(0x7f0000000100)='..\x00', &(0x7f0000000340)='.\x00z\x86E\xb8\xf1\xcbx\xf6cu<\x0e\xd8\xa5\xcd~\xaf\x80\xd3\xf4\xe5\x02\xf9q p\xe2\x8b\xc0\xedf\xba\x16*\x8ar\xa0\'$A\xe5\xc5\x89\xcb\xd5\xac\x98,\xd4Pycv\xdd\xa1\x84\xfb\xe9\r\x82\x15P*IM\xf7.\xf3v\x85Q\xbc:\xef\xd5\x1a\x9e\xbck\x1d\x114^\x1b\x02\xa1\xb0(\xa2\xdb\xbc\x1a\t\x94\x14\xbb\xc8\xfa\x18I\xff\x7f\xab\xf0\x8f\xd3Gr\xfb5\xf1,\x11\x052u&\xde\x9aF\n\xf0\x06\xfc\x1b\x17\x82%\x14\xb3\x19\x13\f\xbe_\xfdi\x17\xfcv\x82*\xbf<\xfa5\xfd\x8b\x1d\x99\a`\xde\xf4\x8a,\tP) \xf4\xdc\r\x17x\xc6\x18Y\xeaaUY\xeb\xd2\x81\xbare\x00\x8e\xfdA\x93\xb9\xac\xf1\x0eq\x85\xd9\x90\x8a%K\x95\x8fm\v\x98y\x9bc-\xa7;\x117\x19)\x04\xb4\nJ\x0e\x1b\x97e\xee\xdb\xc3\xca\xfe\xa7y\x12\xff\xce') connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0xc, @empty}, 0x54) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0xc, @empty}, 0x54) openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000280), 0x240201, 0x0) 1m26.304151018s ago: executing program 5 (id=1619): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x1, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x84c01, 0x0) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x81) mprotect$auto(0x200000000000, 0x806121, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) request_key$auto(0x0, 0x0, 0x0, 0x9) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) mmap$auto(0x7f, 0x202000c, 0x3f15, 0xeb2, r0, 0x8000) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) preadv$auto(r2, &(0x7f00000002c0)={0x0, 0x8010000}, 0x5, 0xfb, 0x8100000001) 1m11.053109207s ago: executing program 1 (id=1671): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r1 = socket(0x1d, 0x2, 0x7) r2 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r1, &(0x7f0000000000)=@can={0x1d, r3}, 0x6a) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r4}, 0x18) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = io_uring_setup$auto(0x6, 0x0) r7 = socket(0xa, 0x2, 0x88) timerfd_settime$auto(r0, 0xebd7, &(0x7f0000000200)={{0x4, 0x3}, {0x0, 0x9d}}, &(0x7f0000000240)={{0x0, 0x800}, {0x8, 0x2}}) r8 = bpf$auto(0x0, &(0x7f0000000000)=@link_update={r7, @new_prog_fd=0x4, 0x4, @old_prog_fd=r5}, 0xa3) bpf$auto(0x4, &(0x7f0000000040)=@link_update={r8, @new_prog_fd=r9, 0x1, @old_prog_fd=r6}, 0x9) ioctl$auto_XFS_IOC_START_COMMIT(r8, 0x80585882, &(0x7f0000000180)={r2, 0x0, 0x4, 0x7, 0xe3, 0x4, [0x5f9, 0xff, 0x2, 0x6, 0x1fffe00000000000, 0xa]}) write$auto(r0, &(0x7f0000000100)='\xca\xc2\x95\x12\xf0&\x139\x96\x80\xd5\xe4\xa0\xd3W\xb7\xca\xef\xc6\xc4Jm\x8e\xd5z\xef\x9b\xe0^\xe6xW\xc0p\x9b+A\xb48\x7fQ\xf9\xe7\x9c\xb2\x83\xb7\x8c\xffd6{\x15', 0x80000000) 1m10.999896406s ago: executing program 35 (id=1619): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x1, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x84c01, 0x0) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(r1, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x81) mprotect$auto(0x200000000000, 0x806121, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) request_key$auto(0x0, 0x0, 0x0, 0x9) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) mmap$auto(0x7f, 0x202000c, 0x3f15, 0xeb2, r0, 0x8000) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) preadv$auto(r2, &(0x7f00000002c0)={0x0, 0x8010000}, 0x5, 0xfb, 0x8100000001) 1m10.576693795s ago: executing program 1 (id=1675): socket(0x10, 0x3, 0x6) (async) socket(0x10, 0x3, 0x6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) timerfd_create$auto(0x40, 0x8) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1m10.265288891s ago: executing program 1 (id=1677): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001700), r0) sendmsg$auto_NETDEV_CMD_DEV_GET(r0, &(0x7f0000001840)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)={0x14, r1, 0x301, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0xf0ffff, 0x0, 0x4005}, 0x28044004) getsockopt$auto_SO_RXQ_OVFL(r0, 0x8, 0x28, &(0x7f0000000500)=',{\x00', &(0x7f0000000540)=0x5) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r2, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8974a9e22d77cb94cae6c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d721dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f90019498601fcbcea6aa6a2d7983e6823f480185ef9c3b4ed19c4f94c108067c89d69bc4e0da0112280ecd0caff8a454fb3e6655dc6a35cdd053aef882e403458754f5e84bd2210f18a61106af8c5a2c18dc48ff87cfda6d545014009a167570f0550e5121d0bdf4b20a1177b708e5515ee33db3baf29633440999ddd36eb0299a1efcd8934ab60c1a88d9db6fa0d2b3f0bf12e87630e0dc5eddca8f291ad85141391e6f9fe56ee4ddb39a1ac7a573cb69ec14f012ea0b721df3ea40747d1130a61802e859519ae1bc5a3673105fa87485f88b8981a3a208a3576848c2df152a023f5e573c867b43b10247336b110956eb28e5288d7aa19219e8324857cdf6d17530385720afd5a1ffd23aa1bd061b73caafa05afdd1441040989d081814635347f1d55669b1c38be4698e3a085e2010e35d2747b4e39ef4920f58d6b4585d737c13221a44ad5543099bb0ab228722ef9cbc0d621178012495837d6a220eeaaf498ccc01", 0x4ba) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003180), r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x44, r6, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x1c, 0x3, 0x0, 0x1, [@nested={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0x70, 0x0, 0x0, @ipv6=@empty}]}]}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_KEY={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x1d, 0x0, 0x0, @ipv4=@remote}]}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x44}, 0x1, 0x0, 0x0, 0x4004040}, 0xc884) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f0000000000)={0x14, r4, 0x301, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) madvise$auto(0x0, 0xffffff7fffff0005, 0x8) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x200007, 0x8) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.6/usb7/7-0:1.0/usb7-port1/power/autosuspend_delay_ms\x00', 0x8080, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x62c00, 0x0) read$auto(r7, 0x0, 0x20) r8 = openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000000), 0x12b002, 0x0) write$auto(r8, 0x0, 0x1a) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x6, 0x40000000029, 0x1a, 0xfffffffffffffffe, 0x0) 1m9.477846561s ago: executing program 1 (id=1681): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video54\x00', 0x42942, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000140), 0x9}, 0x8) r0 = socket(0x1d, 0x2, 0x2) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/controlC1\x00', 0x68080, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/nr6/tx_queue_len\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000440)=""/139, 0x8b) sendmsg$auto_IPVS_CMD_GET_SERVICE(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="4d0448847000ffdbdf250400000008000400080000002b11cb2bc91a1b7d5e3832293c74befc142cc314d89067e616d4c859342bdf5ecf4f84aec702fa8efdd525c39926ed3dbcbb0dffdaee0d001ae260db65049bf85edcf99bb7d79ce4c577bba35200c0d2c6176e7d8037f09006303a63ac7f055eba88c189c13b86a947ef291f28f3f137b70b4459513d296a39b3ab149714e872729fdb3e2c9ac855fbccb16294c6f96d5a037af3f0d89449092e821cb00ea3a8be21a0708b8506aef095239adc1eda0b54b10298bf116ab18daf41f7e13621307b9f905d018d11011a4a3e35e586b935e368195fadcae9c4f4afe38ef12615b7c7aca5c1abfcf9ab207471914518d061ee0961c823c698882a2201ca71fa6402524bb8ac7d53a1d1055f84376a1ded45baffffffff73615f6c5ca1f1233804f1762500d6ee313f09c8cbb8261b725eec3ed9211455ff536eabbb300983f5a70e84dd5d"], 0x1c}, 0x1, 0x0, 0x0, 0x24008000}, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x40000000, 0x9645, 0xdf, 0x8011, 0x2, 0x2d4a29c0) pivot_root$auto(0x0, 0x0) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) mmap$auto(0x0, 0x7fff, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x400000000008000) setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x9) madvise$auto(0x0, 0x2000040080000000, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x7f, 0x82020009, 0x7ff, 0xeb1, r0, 0xfff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x200007, 0x8) connect$auto(0x3, 0x0, 0x10) unshare$auto(0x40000080) r3 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) readv$auto(r3, &(0x7f0000000a80)={0x0, 0x5b54}, 0x1) getsockopt$auto(0xffffffffffffffff, 0x9, 0x2, &(0x7f0000000040)='/dev/cec27\x00', 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 1m8.425534353s ago: executing program 6 (id=1682): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="770e0000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf250300000008000600020000000c0014"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/ram8/queue/max_integrity_segments\x00', 0x8080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000018c0)=""/189, 0xbd) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000080)) setgroups$auto(0x8, &(0x7f0000000000)=0x5) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) write$auto_proc_mem_operations_base(r0, &(0x7f0000000400)="94c5be883ae7ee95e2bff5f990f6f7249475e8960bf6c1ee8796193bfbd249c19c9460ea0c1c18bb983b84aebb8629e8e9e25558c9bfeb22ed79fdab8065d67eec271b56d08971f043224fe7604598e2506e785c6318c1b7696b10324d1e7db02961facdf9fab2640716f07dd1c617dcb6f1bb648821a53f78be14a6dc8f336e92e389609b991019c180950ed085b91123", 0x91) syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) 1m7.762604262s ago: executing program 6 (id=1685): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000001640), 0x200, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/slab/kmalloc-64/cpu_partial\x00', 0x109101, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x400c000) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) (async) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000001640), 0x200, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/slab/kmalloc-64/cpu_partial\x00', 0x109101, 0x0) (async) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x400c000) (async) bpf$auto(0x5, &(0x7f0000000100)=@task_fd_query={0x2, 0x2, 0x4, 0x0, 0x85, 0x7, 0x9, 0x6, 0x8001}, 0x101) (async) 1m7.512006881s ago: executing program 1 (id=1686): mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0x10000, 0x0) mmap$auto(0x0, 0xf, 0x3, 0xeb1, 0xffffffffffffffff, 0x10000000008000) keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0x0, 0xe) r0 = open(&(0x7f0000000200)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06\x00', 0x0, 0x6f) getdents64$auto(r0, 0x0, 0x18) 1m7.4554372s ago: executing program 6 (id=1687): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyq2\x00', 0x6a0201, 0x0) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card0\x00', 0x6202c1, 0x0) mmap$auto_vmwgfx_driver_fops_vmwgfx_drv(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000003, 0x80010, r0, 0x6) 1m7.365599218s ago: executing program 1 (id=1688): mmap$auto(0x2, 0x400008, 0xdf, 0x11, 0x2, 0x800008003) io_setup$auto(0x7ffe, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/self/clear_refs\x00', 0x2, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x2440, 0x0) read$auto(r0, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x10000000000007) 1m7.271498986s ago: executing program 6 (id=1689): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) r0 = socket(0x2, 0x80802, 0x0) (async) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x2, 0x2) r1 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000180), r0) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="ee7ff15e", @ANYRES16=r1, @ANYBLOB="00002cbd7000fcdbdf25040000000c000500c3e30000000000002400018008000100f8c80000080001000300000000000200b400000008000200060000000c00098008000100ffffffff"], 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x80) (async) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000340)={0x8, 0x100, 0x9, 0x9, 0x0, "0aa8a2f11291385f713af9380cc246d64a9238ae131287b7a38ea0a8efd1e006196d9650560d73e9567763c55d42cc1e781c017fa41ab67bc8fed57e"}) (async) mmap$auto(0x0, 0x4, 0xfefe, 0x12, r0, 0x300000000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x4000000) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2c, 0x3, 0x16) (async) r2 = socket(0x2, 0x1, 0x0) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) (async) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) (async) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x9, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x0, 0x0, 0xf89, 0x9, 0x839, 0x8}}) (async, rerun: 64) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0x1ac}}, 0x40000) (async, rerun: 64) r3 = socket(0x11, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmmsg$auto(r3, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f00000003c0), 0x5, 0x1000}, 0x5}, 0x2, 0x100) (async) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) remap_file_pages$auto(0x7fffffff, 0x513e42ea, 0x0, 0xfffffffffffffffe, 0x741a7957) (async) socketpair$auto(0xb2c, 0x2, 0x20000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7) mmap$auto(0x100000001, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7) (async) socket(0x2, 0x80002, 0x73) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x945) 1m7.111609105s ago: executing program 6 (id=1690): socket(0x2, 0x3, 0xa) r0 = socket(0xa, 0x1, 0x84) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getsockopt$auto(r0, 0x84, 0x7c, 0x0, 0x0) prctl$auto(0x1d, 0xfffffffffffffffb, 0x8, 0x384, 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram1/integrity/tag_size\x00', 0x68e00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000001c0)=""/112, 0x70) poll$auto(0x0, 0x5, 0x400) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/adsp1\x00', 0x80502, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) write$auto(0x3, 0x0, 0xfdef) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000140)='nfsd\x00', 0x10000, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x40100, 0x0) mmap$auto(0x0, 0x40, 0x5, 0x8000000008012, r2, 0x0) r3 = open(&(0x7f0000000100)='.\x00', 0x0, 0x1) lseek$auto(r3, 0x9, 0x0) getdents$auto(r3, 0x0, 0x62d4) read$auto(0x3, 0x0, 0x1f40) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, 0x0) r4 = semctl$auto_GETPID(0x2, 0x101, 0xb, 0x5) prctl$auto(0x3e, 0x400000001, r4, 0x2, 0xfffffff7fffffffd) 1m6.220450056s ago: executing program 6 (id=1693): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="770e0000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf250300000008000600020000000c0014"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/ram8/queue/max_integrity_segments\x00', 0x8080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000018c0)=""/189, 0xbd) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000080)) setgroups$auto(0x8, &(0x7f0000000000)=0x5) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) write$auto_proc_mem_operations_base(r0, &(0x7f0000000400)="94c5be883ae7ee95e2bff5f990f6f7249475e8960bf6c1ee8796193bfbd249c19c9460ea0c1c18bb983b84aebb8629e8e9e25558c9bfeb22ed79fdab8065d67eec271b56d08971f043224fe7604598e2506e785c6318c1b7696b10324d1e7db02961facdf9fab2640716f07dd1c617dcb6f1bb648821a53f78be14a6dc8f336e92e389609b991019c180950ed085b91123", 0x91) syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) 51.995529548s ago: executing program 36 (id=1688): mmap$auto(0x2, 0x400008, 0xdf, 0x11, 0x2, 0x800008003) io_setup$auto(0x7ffe, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/self/clear_refs\x00', 0x2, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x2440, 0x0) read$auto(r0, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x10000000000007) 50.941049733s ago: executing program 37 (id=1693): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="770e0000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf250300000008000600020000000c0014"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/ram8/queue/max_integrity_segments\x00', 0x8080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000018c0)=""/189, 0xbd) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000080)) setgroups$auto(0x8, &(0x7f0000000000)=0x5) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) write$auto_proc_mem_operations_base(r0, &(0x7f0000000400)="94c5be883ae7ee95e2bff5f990f6f7249475e8960bf6c1ee8796193bfbd249c19c9460ea0c1c18bb983b84aebb8629e8e9e25558c9bfeb22ed79fdab8065d67eec271b56d08971f043224fe7604598e2506e785c6318c1b7696b10324d1e7db02961facdf9fab2640716f07dd1c617dcb6f1bb648821a53f78be14a6dc8f336e92e389609b991019c180950ed085b91123", 0x91) syz_genetlink_get_family_id$auto_smc_pnetid(0x0, 0xffffffffffffffff) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) 42.737662647s ago: executing program 8 (id=1735): mmap$auto(0x0, 0x400008, 0x1000dd, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = socket(0xa, 0x3, 0x3b) getsockopt$auto(r0, 0x29, 0x40, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x2, 0x1, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d91, 0x4, 0x4}, 0x77, 0x2, 0x0, 0x62c1) r1 = socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x6) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000000040)="03", 0x1) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/module/kernel/parameters/panic_print\x00', 0x80862, 0x0) sendfile$auto(0x2, 0x3, 0x0, 0xc3e0) sendfile$auto(r3, 0x3, 0x0, 0x2) socket(0xa, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) eventfd$auto(0x0) r4 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=0x4, 0x4, @old_map_fd=r1}, 0xa3) 42.035532538s ago: executing program 8 (id=1753): mprotect$auto(0x110c230000, 0x1, 0x2) (async, rerun: 32) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) (async, rerun: 32) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x10400, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) mmap$auto(0x0, 0x20009, 0x386, 0xeb1, 0x401, 0x8000) (async) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0) pread64$auto(r0, 0x0, 0x80000000008, 0x8000) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r1, 0x4, 0x7) (async, rerun: 64) ptrace$auto_PTRACE_SETREGSET(0x4205, r1, 0x1, 0x9) (rerun: 64) ioctl$auto(0x3, 0x400454ca, 0x38) (async) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000100), 0x2002, 0x0) ioctl$auto(r2, 0x400454ca, 0x38) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0) write$auto(r3, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x1400) futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7) (async, rerun: 32) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) (rerun: 32) 36.349890888s ago: executing program 9 (id=1764): mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x800000404, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/pts/ptmx\x00', 0xa0540, 0x0) ioctl$auto(r0, 0x80045430, 0x38) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vimc.0/video4linux/v4l-subdev2/index\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x6) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0x25, 0x1, 0x1) 34.340557386s ago: executing program 9 (id=1769): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) (async, rerun: 64) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/vxlan/parameters/udp_port\x00', 0x2400, 0x0) openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000640)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/format\x00', 0x40, 0x0) (async, rerun: 32) r2 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000180), 0x400000, 0x0) (rerun: 32) pread64$auto(r2, &(0x7f0000000300)='/sys/kernel/tracing/events/vmalloc/allop_area/format\x00\x00\x00\x00\x00\x00\x0f:\xe23j\xb2\x93\x99\r\x02\xd0f\x87Wz\x1b\xc7\x9f\x0f7\xe8\x94\xac(,\x03\x03\xff\xc4*o\xcbf\xe4\x8a\x10\xf3\x7fA\x02:Y\xcf\x1b\x8e\x91%\x00\xf9\xff6\xa6\\\x80\x0f\xfa\xd4\xec\xa6\x0e\x1c,\'\\Aq\xae\x8e\x9c_ \x0f\v\xd3\xcb\xe4\"\xf2\x95\x8e\xc0q\x03;\x16\x84apq\xb4\x88o\xe2\x8c\xb2\xbf\x18z\xee\x8f\x05\x84\xdb\xcbP\xfa\xcec\xa4\xec\xd3\xa9[\x91xV\xd5g\xdf)\xfbJ\xaeNI\x13o\xb8\x98\xc9\x06yP>N\xe7\xf4e\xc2\x97\x02_\xeaV\xc9Vk\xaff\v\xc7\x7f\xdc\xd4\xca\xcf\x94\xb6\x1dK\xc0\xdd\x83w\xe0\x8dx\f\x17>\xa1\riQ\xb7\x03=1\xb7\xed\x1e&t\xffHx>\xc9\xac\x17/\x16\x92y\x87\xc6\x90\x8c\xcb\x86H5\n\xa2\xe8\x03\x92\xc3\xa9\xfb\x9eh\xec\xa9\x8d\xb80\x86\xa6\xa5\xd4I\xfe\xc6]F\xbe\xa0\xda\xa2\x13\xc6\xfb\xe6\xee\xf4Z,\x10\x10C0\x8b\xfd\xfb\xee\x93\x125\xfe\xc4z\"\xc6=Z\xacM\x14\x8f?w\x88S;eNL\xcd.(\xccT\xfaI\a\x1c\xb5\x8d\xf8\xccd\x1f\x1b\xb48\xb1\xbc\xfb\x13f\xa5\xd2\xfb\x17\xff\xe8\xd9\b3\x95\xa7\x85\xb1\x98\xd0\xcf\xbf=\xf7\xd0q1\b\xd2|\xc1B\xcc#5', 0x100000001, 0x7) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r3) (async, rerun: 64) r5 = socket$nl_generic(0x10, 0x3, 0x10) (rerun: 64) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) (async) mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/dfscache\x00', 0x101a41, 0x0) write$auto(r7, 0x0, 0x6) (async) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010027bd7080ffdbdf25100000000c00018008000100", @ANYRES32=r6, @ANYBLOB='\b\x00\t\x00'], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80000) epoll_ctl$auto_EPOLL_CTL_DEL(r0, 0x2, r1, &(0x7f0000000000)={0x9, 0x100000000}) (async) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f0000000140)={0x0, 0xc3}, 0x6, 0x0, 0x0, 0x504}, 0x1}, 0x2, 0x0) futex$auto(0x0, 0x5, 0x4, 0x0, 0x0, 0x3000000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/manager\x00', 0x82a02, 0x0) (async, rerun: 64) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter\x00', 0x2, 0x0) (async, rerun: 64) r8 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r9 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r9, 0x0, 0x20) (async) writev$auto(r8, &(0x7f0000000200)={0x0, 0x7}, 0x3) (async) bpf$auto_BPF_MAP_DELETE_BATCH(0x1b, 0x0, 0xfffffffe) (async) write$auto(0x3, 0x0, 0x5c8) (async, rerun: 64) read$auto(r1, 0x0, 0x20) (async, rerun: 64) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) 33.055995964s ago: executing program 9 (id=1774): fanotify_init$auto(0x2208, 0x2) mmap$auto(0x0, 0x20009, 0xe2, 0x13, 0x405, 0x8000) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) ioctl$auto(0x3, 0x80004508, 0x10000000000402) socket(0x2b, 0x1, 0x1) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a5, 0x47ffff7a) socket(0x2c, 0x80003, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x81, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0xfffffffc, 0x7fffffff, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, [0x0, 0x0, 0x0, 0x4, 0x100000009, 0xa, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8000, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x45e0]}, 0x1fb, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) syz_genetlink_get_family_id$auto_ovs_vport(0xfffffffffffffffe, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram2/partscan\x00', 0x80200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000004300)=""/108, 0x6c) close_range$auto(0x2, 0x8, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8006, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu0/buffer_size_kb\x00', 0x10bb41, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/net/bond0/queues/tx-3/xps_cpus\x00', 0x181482, 0x0) read$auto(r1, 0x0, 0x80000) write$auto(0x3, 0x0, 0xfdef) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdeb}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 31.979141644s ago: executing program 9 (id=1777): mmap$auto(0x0, 0x2020009, 0x3, 0x12, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x18) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity_list\x00', 0x129542, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000d80), 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0) setresuid$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x4010ae42, 0x38) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xca, &(0x7f0000000240)='\x04>\x01\x06\xfb\xff\x01?m\xf2\xe8l\xc4\xba_\x00\xe7\xbb\x17W?\x9ex<\xe2k\xeecf\xd2@\xa7\xb9K\\5\xbc,\x85\x95s\xaaR\xe9\x96\xd3?j\xdb\xca\x91\xe6\x0e\x04DD\xe0wV\a\x06\x9397C\xd9\xc1\x14\xf6', 0x2d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xdcfaeb3549df84fd, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x40000008000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x41811}, 0x20000000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r2, 0x4068aea3, &(0x7f0000000080)={0xc0}) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/fail_over_mac\x00', 0x103b02, 0x0) 31.072051089s ago: executing program 9 (id=1779): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x7e1b, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x4008550c, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r2, 0x5001, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x400000000001, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe\x00', 0x131203, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/002/001\x00', 0x10002, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x3, 0x3, 0x3, 0x3, 0x8000000000000000, 0x2, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) close_range$auto(0x2, 0x8, 0x0) r5 = getpid() openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/tty/ptyb5/uevent\x00', 0x141480, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0) ioctl$auto(r6, 0x400454d0, r6) process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x10ffffffff}, 0x6, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, r3) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) 29.912091069s ago: executing program 9 (id=1781): openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) ioctl$auto(0x3, 0x80004508, 0x10000000000402) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000600)='/dev/snd/controlC1\x00', 0x82200, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000006c0)={{@raw=0x9, 0x2, 0x2, 0x1, "162629e6b2259bee9878f8e7b039aa20b33e487d34917b4a9acce903cb72dd4cd8dde6d41c914d63af7a9de9"}, 0x0, @integer=@value=[0x400000000006, 0x12d800000000000, 0x179, 0xfffffffffffff8ad, 0x5, 0x7, 0x4, 0x8, 0x80000000004, 0x7, 0x15b61f2, 0x7, 0x100000001, 0x3, 0x9, 0x5, 0x7f, 0x9f, 0x8, 0x9, 0xb1, 0x0, 0x3, 0x8, 0xffffffff, 0x10001, 0x1, 0x80000000, 0x8000, 0x9, 0x0, 0x80000000, 0xf, 0xfffffffffffffffe, 0x4, 0x1, 0x3, 0x0, 0x800, 0x3638, 0x3, 0x4f3, 0xc, 0x4, 0x7, 0x0, 0xe4, 0x5, 0x6, 0x81, 0x401, 0x400000000084, 0xa, 0xfffffffbfffffffd, 0x6, 0x800, 0xfffffffffffffffd, 0x7, 0x101, 0x82, 0xc9d, 0x3fe, 0x9, 0x8, 0x640c, 0x3, 0x1000, 0x6, 0x201, 0x0, 0xec31, 0x9, 0x1fd, 0x0, 0xfff0000000000000, 0x4, 0xbd2a, 0x903, 0x80007, 0x7fffffffffffffff, 0x5, 0x1, 0xfffffffffffffffe, 0x0, 0x7eda8566, 0x800000007, 0x8000000000000001, 0x9, 0x401, 0xfffffffffffffff7, 0x9, 0x14000000000000, 0x6, 0xfffffffffffffffe, 0x0, 0x1, 0x8000000000000001, 0x5, 0x1ff, 0xf057, 0x40, 0x5, 0x7, 0x2, 0x8, 0x8, 0x1f, 0x8001, 0xc13, 0x6, 0xbf5, 0x2, 0xff, 0x7, 0xf, 0xe0, 0x3, 0x8, 0x3, 0x80000000, 0x6, 0x2, 0x1, 0xa, 0x5, 0x2, 0x100, 0xffff], "54a5f1d1dd2f17b169e8263c3a740d6611142f4b3c69d0f6e967c91125d235ac53e1b00d9fddc53d8f56969329274a57d5f4213fb46616a4faa700873d91426befc561500a5391d522c480bd37f8e7f0050cedfc627c6702978a8f018ad9a7b04711dc3a5c6a755e7a506645ea28e2baa4a6786ca43b3d5d976157eb07c3cdb8"}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)='-7', 0x2) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x7, 0x3, 0x0, 0x5, 0x50913599) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_PVERSION(r3, 0x80045500, &(0x7f0000000200)=0x4) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xa8, 0x0, 0x2, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_SUPPORTED_COMMANDS={0x4}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'batadv0\x00'}, @NL802154_ATTR_WPAN_PHY_NAME={0x3d, 0x2, '/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00'}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x5}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x6}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x2}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x6}, @NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x1c}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x20000810) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) (async) ioctl$auto(0x3, 0x80004508, 0x10000000000402) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000600)='/dev/snd/controlC1\x00', 0x82200, 0x0) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000006c0)={{@raw=0x9, 0x2, 0x2, 0x1, "162629e6b2259bee9878f8e7b039aa20b33e487d34917b4a9acce903cb72dd4cd8dde6d41c914d63af7a9de9"}, 0x0, @integer=@value=[0x400000000006, 0x12d800000000000, 0x179, 0xfffffffffffff8ad, 0x5, 0x7, 0x4, 0x8, 0x80000000004, 0x7, 0x15b61f2, 0x7, 0x100000001, 0x3, 0x9, 0x5, 0x7f, 0x9f, 0x8, 0x9, 0xb1, 0x0, 0x3, 0x8, 0xffffffff, 0x10001, 0x1, 0x80000000, 0x8000, 0x9, 0x0, 0x80000000, 0xf, 0xfffffffffffffffe, 0x4, 0x1, 0x3, 0x0, 0x800, 0x3638, 0x3, 0x4f3, 0xc, 0x4, 0x7, 0x0, 0xe4, 0x5, 0x6, 0x81, 0x401, 0x400000000084, 0xa, 0xfffffffbfffffffd, 0x6, 0x800, 0xfffffffffffffffd, 0x7, 0x101, 0x82, 0xc9d, 0x3fe, 0x9, 0x8, 0x640c, 0x3, 0x1000, 0x6, 0x201, 0x0, 0xec31, 0x9, 0x1fd, 0x0, 0xfff0000000000000, 0x4, 0xbd2a, 0x903, 0x80007, 0x7fffffffffffffff, 0x5, 0x1, 0xfffffffffffffffe, 0x0, 0x7eda8566, 0x800000007, 0x8000000000000001, 0x9, 0x401, 0xfffffffffffffff7, 0x9, 0x14000000000000, 0x6, 0xfffffffffffffffe, 0x0, 0x1, 0x8000000000000001, 0x5, 0x1ff, 0xf057, 0x40, 0x5, 0x7, 0x2, 0x8, 0x8, 0x1f, 0x8001, 0xc13, 0x6, 0xbf5, 0x2, 0xff, 0x7, 0xf, 0xe0, 0x3, 0x8, 0x3, 0x80000000, 0x6, 0x2, 0x1, 0xa, 0x5, 0x2, 0x100, 0xffff], "54a5f1d1dd2f17b169e8263c3a740d6611142f4b3c69d0f6e967c91125d235ac53e1b00d9fddc53d8f56969329274a57d5f4213fb46616a4faa700873d91426befc561500a5391d522c480bd37f8e7f0050cedfc627c6702978a8f018ad9a7b04711dc3a5c6a755e7a506645ea28e2baa4a6786ca43b3d5d976157eb07c3cdb8"}) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00', 0x20681, 0x0) (async) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)='-7', 0x2) (async) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x7, 0x3, 0x0, 0x5, 0x50913599) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) (async) sendmsg$auto_NFSD_CMD_VERSION_GET(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async) ioctl$auto_SNDRV_CTL_IOCTL_PVERSION(r3, 0x80045500, &(0x7f0000000200)=0x4) (async) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xa8, 0x0, 0x2, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_SUPPORTED_COMMANDS={0x4}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'batadv0\x00'}, @NL802154_ATTR_WPAN_PHY_NAME={0x3d, 0x2, '/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00'}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x5}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x6}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x2}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x6}, @NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x1c}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x20000810) (async) 26.914001494s ago: executing program 38 (id=1753): mprotect$auto(0x110c230000, 0x1, 0x2) (async, rerun: 32) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x404, 0x8000) (async, rerun: 32) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x10400, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) (async) mmap$auto(0x0, 0x20009, 0x386, 0xeb1, 0x401, 0x8000) (async) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0) pread64$auto(r0, 0x0, 0x80000000008, 0x8000) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r1, 0x4, 0x7) (async, rerun: 64) ptrace$auto_PTRACE_SETREGSET(0x4205, r1, 0x1, 0x9) (rerun: 64) ioctl$auto(0x3, 0x400454ca, 0x38) (async) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000100), 0x2002, 0x0) ioctl$auto(r2, 0x400454ca, 0x38) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0) write$auto(r3, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x1400) futex$auto(0x0, 0x86, 0x8, 0x0, 0x0, 0x7) (async, rerun: 32) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) (rerun: 32) 21.583997964s ago: executing program 7 (id=1799): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0) mmap$auto(0xfffffffffffffffd, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/net\x00') sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x880) timer_create$auto(0x9, 0x0, 0x0) ioctl$auto(0xffffffffffffffff, 0xd5ff, 0xffffffffffffffff) read$auto(0x3, 0x0, 0x8080) socket(0xf, 0x5, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000280)={{0x80, 0xee00, 0xee00, 0x6, 0x8, 0x404bd6, 0x5}, 0x0, 0xfffffffffffffffe, 0x8000000000000000, 0x1, @raw=0x38, @inferred, 0x9, 0x0, &(0x7f0000000180)="bc0800e836e1a6e889bfbddd7e89c27da3e66a1e2b3d3b51e066bb26d7097253b500"/52, &(0x7f0000000100)}) write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0)="624d1bfe595046ab5c98199adf260600de16baef6176e6021e1dce210500e8fdffff0000000000fffffffe00a7ed73de11691c13403c82be", 0x7b) process_mrelease$auto(0xffffffffffffffff, 0xa) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2, 0x1, 0x106) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/vhci_hcd.4/usb18/18-0:1.0/usb18-port3/location\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0) connect$auto(r3, &(0x7f0000000080)=@qipcrtr={0x2a, 0xffffffffffffffff, 0x3fff}, 0x54) ioctl$auto(0x3, 0x80000541b, 0x38) read$auto(0x3, 0x0, 0x80000003) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) 18.881849516s ago: executing program 7 (id=1802): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x2, 0x9, 0x7, 0xeb1, 0xffffffffffffffff, 0x8003) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/irq/7/affinity_hint\x00', 0x4b102, 0x0) read$auto_proc_iter_file_ops_compat_inode(r0, &(0x7f0000000180)=""/178, 0xb2) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, 0x0, 0x2000c840) close_range$auto(0x2, 0x8, 0x0) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0xffff}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) io_uring_register$auto(r1, 0x180, 0x0, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0xc040810) madvise$auto(0x110c230000, 0x1, 0x9) setitimer$auto(0x1, &(0x7f0000000000)={{0x802, 0x1000007f}, {0x800100004, 0x3}}, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb/drivers/dsbr100/new_id\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, 0x0, 0x0) remap_file_pages$auto(0x6, 0x1000, 0x800000, 0xb74, 0x166a) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000000000008000) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, r3, 0x8000) select$auto(0x8, 0x0, 0x0, 0x0, 0x0) io_setup$auto(0x7ffe, 0x0) msync$auto(0x110d230080, 0x0, 0x1) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) waitid$auto_P_ALL(0x0, 0xbf5, &(0x7f0000000240)={@_si_pad}, 0x1f2, &(0x7f00000002c0)={{0x6, 0x100}, {0xffffffffffffffff, 0x1}, 0x3ff, 0x7, 0xa9, 0x1, 0x3, 0x80000000, 0x8000000000000001, 0xd110, 0x842, 0x3, 0x4, 0x3, 0x7, 0x3}) r5 = pidfd_open$auto(0x0, 0x3fffffd) setns(r5, 0x60020000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', 0x0, 0x44003, 0x0) ptrace$auto(0x10, r4, 0x4, 0x7ff) 17.499223317s ago: executing program 7 (id=1804): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x1, 0x5, 0x7, 0xeb1, r0, 0x8003) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/controlC0\x00', 0x204800, 0x0) socket(0x11, 0x800, 0x800000d) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/admmidi2\x00', 0x450481, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TCP_METRICS_CMD_GET(0xffffffffffffffff, 0x0, 0x5b020f7d7a84fe6e) unshare$auto(0x4000007d) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/wireless\x00', 0x80, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r4 = socket$nl_generic(0x10, 0x3, 0x10) getsockname$auto(r4, 0x0, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, r0) ioprio_set$auto(0x3, 0x0, 0x4b34) sendmsg$auto_NL80211_CMD_PROBE_CLIENT(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="74bec700", @ANYRES16=0x0, @ANYBLOB="000429bd7000fedbdf2554000000050060000000000005001d00dd00000043032a00266588d8804fd89fe7ad92e487f3faa62c3b57331a027d1dfe7b53c02b0ccaeb2ebefde8b1cbc734e5ac5dd332a51da438234e7d570d2bd6ece31410a98c9515fa4ec838636e5f856bb42188e12283079c2799890c0492d7e95e19075904042cbb86ecf69e27efb03ee2e1310ced4e34f6803332bdef77c1c17ba4c5a62f116584ee2e2c1083bf380c23e592b553feee95e9b0e62bb86034b8bbda7662ffba2c30a8434235b37166c06725819d63578bfe042da2e673b32efae8f303f495986c17a9d195da728f784a54607b3bd483c2cee60c2f88238aa1bc3bd9a0db24f3ad1c4df92262b4832474466b401a98eeef3badb53a6f446eb48ce32afe1fe8f9579a37ed9403aa5f9e3e111fd342d23a12c1e0a97ed7c0cdbf7dd8fa8a66053202f3a9d75afbb8e9c6300aea72b209c0e6b13b3b5865f5299c65d060ea3f294f5b9d793f944d4842aa7ad4ac3802eba33f08ce17cd840991f76c2d4f94437245f967e137075649e9c14b17990601c29ac91218251b46cf88c1b4a6394bf31a323256ab9504240f4378682244ad977af34f21c833ae032684d4bc5d0e3f46803862e9daa9972e13db5f3ab727540d34a4791583f203b5c2393095cb01e03e78560cdc34d17aa13a122fb82cec8d033ac3966c17d43f84b4b586d3baa456f4c97e577da851537725de8b2d142d9dcd653fbc7fbfbb5bdd347e2ae5070069f7c49fff8905b36f36415e4eefb4fe5a3c7beea0df89d859088818d9012638d2e9cc6f45d594f9c62fc6c1e8cc48a08ba551772bf11a28c1254426ee77f96efa92d189e412419d2dd63b993dac239638f43dc41c04aa5ffaff1b56fc1a4f75dcafb3a7c9a490a7981d5da978a5ff12d6883e187234bf14510ad366e83d9fd8c413ccadc9881000d7e60e046e6e11796bf110be6a55a429ed124fe52f5c7c33ed3a2d8fed9eea00961c63abf089dde5ef61c987d48a8364b69cc1ebc5be53bf805811605fff027a912aa573781377fc0ecd8cad4c8c0f668e6a18fbd3ab5cf193bd14a047859a44e4c243edc1a9b94c59aaf2b813402e8f7c0cd7599646078a909c88927064c202f00f4f9b3f920b899ecc4f509e03b6a799e3ea6f5937e3b7f2efd4e8064ab11fb2cc9701632e61a274a76d8e3d2ce1c381e9ba677e24a5e87bb098fe0004000b000500c200d2000000"], 0x374}, 0x1, 0x0, 0x0, 0x40001}, 0x4008040) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x40007, 0x1000000000000e2, 0x4000000009372, 0xffffffffffffffff, 0xffffffff00000001) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x1000, 0x2) mmap$auto(0x0, 0x400009, 0x200, 0x9b72, 0x2, 0x6) sendmsg$auto_SMC_NETLINK_GET_SYS_INFO(r3, 0x0, 0x18) pread64$auto(r2, 0x0, 0x201, 0xc000) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) mmap$auto(0x2e, 0x2020009, 0x3, 0xfffffffffffffffd, r3, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) 17.159138217s ago: executing program 2 (id=1789): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r1 = socket(0x1d, 0x2, 0x7) r2 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) ioctl$auto_BLKTRACESETUP32(r0, 0xc0401273, &(0x7f0000000180)={"06a4b6e23ca90f6e0ec566e24202b56d8f4e9e3e4061a795549989ed3d27fec3", 0x4, 0x54c2, 0xbaba, 0xfffffffffffffffe, 0x8, 0x0}) ptrace$auto(0xb7d2, r4, 0x5, 0x8) bind$auto(r1, &(0x7f0000000000)=@can={0x1d, r3}, 0x6a) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r5}, 0x18) write$auto(r0, &(0x7f0000000100)='\xca\xc2\x95\x12\xf0&\x139\x96\x80\xd5\xe4\xa0\xd3W\xb7\xca\xef\xc6\xc4Jm\x8e\xd5z\xef\x9b\xe0^\xe6xW\xc0p\x9b+A\xb48\x7fQ\xf9\xe7\x9c\xb2\x83\xb7\x8c\xffd6{\x15', 0x80000000) 17.055056387s ago: executing program 7 (id=1805): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_GET_DEST(r2, &(0x7f0000003a40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040011}, 0x40010) sendmsg$auto_IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x0, 0x200, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000045}, 0x0) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0a3765c9b0ff8fbbff63336633bec215ead541e5766cb7e6a546c58ddbc3cbd84697b73ae550f26f7eb", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001280)={&(0x7f0000001140)={0x108, 0x0, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x9}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x17, 0x13, "13c366f9244357d432f6e44cc4bf4e5878fe5d"}, @NL80211_ATTR_WIPHY_NAME={0x8, 0x2, '/${\x00'}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x8}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x2}, @NL80211_ATTR_HT_CAPABILITY={0x45, 0x1f, "ff8ddbe0dca3a0c40b31575a0fc89a052ad1070f85525f215dde201061c7ecbce4e876ab8d9dd571ee3b51789e3654f47243f6e34471afffdadef51ab57ef583e9"}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x5c, 0x75, 0x0, 0x1, [@generic="ba6aeb15a3f761572ca4eb336e5dfaa39a4e112524144c26d5a6468d0f3a3919ee7a2bf863f683c121bc3b2170c49b100b274baaf7e35af6d0f2356f99129b14dfb3c040f557f81b", @typed={0x8, 0x138, 0x0, 0x0, @u32=0x400}, @typed={0x8, 0xe6, 0x0, 0x0, @fd=r0}]}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x8}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x7}]}, 0x108}, 0x1, 0x0, 0x0, 0x91}, 0x10) ioctl$auto_MON_IOCX_MFETCH(r3, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r3, 0xc0109207, 0x0) mlockall$auto(0x7) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/midiC2D1\x00', 0x40f00, 0x0) 16.898943593s ago: executing program 2 (id=1807): unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x2c, 0x1, 0x0) prctl$auto(0x3e, 0x5fa, 0x0, 0x400000006, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x40012, 0x0, 0xd, 0x0, 0x1f, 0x101}, 0x28}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x100000000) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, 0x0, 0xa901, 0x0) r1 = openat$auto_o2hb_debug_fops_heartbeat(0xffffffffffffff9c, 0x0, 0xa040, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r2 = signalfd4$auto(0xffffffff, 0x0, 0x20000008, 0x0) timer_create$auto(0x2, 0x0, 0x0) read$auto_ftrace_set_event_pid_fops_trace_events(r2, &(0x7f00000001c0)=""/185, 0xb9) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffff7ffffffffffa, 0x8000) futex$auto(0x0, 0x85, 0x5, 0x0, 0x0, 0x30000007) r3 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00'}) preadv$auto(r3, &(0x7f0000000180)={&(0x7f0000000140), 0x5}, 0x2, 0x3, 0xf7) shutdown$auto(0x200000003, 0x2) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x101202, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) prctl$auto(0x41, 0x1, 0x0, 0x0, 0x0) 15.863261253s ago: executing program 2 (id=1808): mmap$auto(0x3ff, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x100000000) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) mmap$auto(0x0, 0x2000b, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x22, 0x2, 0x1) socketpair$auto(0x7, 0x3, 0xffffffff, 0x0) fstat$auto(r0, 0x0) r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) ioctl$auto(r1, 0x3b87, 0x38) close_range$auto(0x2, 0x8, 0x0) fanotify_init$auto(0x6, 0x1) r2 = socket(0x2, 0x801, 0x100) mmap$auto(0x0, 0x100000400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x261c2, 0x184) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x602, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) ustat$auto(0x801, 0x0) close_range$auto(r2, 0x8, 0x0) open(0x0, 0x41781, 0x9d) socket(0x2, 0x2, 0x0) socket(0x2, 0x1, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/def_reserved_size\x00', 0x402, 0x0) write$auto(r3, &(0x7f0000000500)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x9f\xe2\xc7cOM\xb6\xa3,!oc.\xe7\x1d$\x9a`\xd8/g\xd3\x1a\xcd\x8e\x1d\xbb\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xa9O\x00\x00\x00\x00\xabxo\xd9\x90\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xb6\xb0N\x99\x04z\xd0I>\x8f\x00\xe5\x1c*\xedE\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xa3\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xa5\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\xac\x92\x7f]|\x04\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x85R\x96\xa6\x89\xdd\xce\xab\xd5\xe4+\xeaF\x06Y\xe9\xa1`\xb1\x8d\x85\xe0w+\x1e\x8b+\xd67IH\xff\x80N\xd1E8\xb7\xff\xa7\xff\x80\xd0y\x0f\x1d(!\x99\xab\xdf\x01\x00\x00\x00\x00\x00\x00\x00\xcdd\x87\x06\xfbK\xb9/\x19\xe5\x8b\x10P\xe7i8\xbe', 0x7) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/trigger\x00', 0x2301, 0x0) socket(0x1f, 0x4, 0x102) mmap$auto(0x0, 0x20009, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0xffffffffffff0006, 0x17) 15.246632062s ago: executing program 7 (id=1809): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/vt/parameters/default_blu\x00', 0xe0244, 0x0) r1 = socket(0x2, 0x1, 0x106) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/mm/mempolicy/weighted_interleave/node0\x00', 0xa001, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x6, 0x0, 0x9, 0x0, 0x1000, 0xb}, 0x84000c}, 0x5, 0x2000fdff) read$auto(0xffffffffffffffff, 0x0, 0x1) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) r3 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x5, 0x3d, 0x6, 0x1ffe2, 0x7, 0x6, 0x2, 0x9, 0x43, 0x6, 0x4, 0xb2, 0x9, 0x3, 0xfffc, 0x80, 0x7, 0x40000, 0x7, 0x20000, 0x200, 0x0, 0x81, 0x0, 0x7, 0x0, 0x0, 0x10000, [0x1000000001, 0x0, 0x6, 0x0, 0x0, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x5, 0x6, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2000000]}, 0x202, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x5}, 0x7, 0x0) bind$auto(0x3, &(0x7f0000000040)=@nfc={0x27, 0x0, 0x0, 0x4}, 0x2006a) connect$auto(r1, &(0x7f00000001c0)=@in={0x2, 0x3}, 0x55) recvfrom$auto(r1, 0x0, 0xfffffffffffffff6, 0x80, 0x0, 0x0) mmap$auto(0x0, 0x1000003, 0x1000000000001, 0x8000000018011, 0x3, 0x0) connect$auto(0x3, &(0x7f0000000080)=@ethernet={0x0, @multicast}, 0x58) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x100, 0x0) r4 = ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, &(0x7f0000000080)=0xffff) ioctl$auto_BTRFS_IOC_SEND(r4, 0x40489426, &(0x7f0000000140)={@raw=0xd, 0xc, &(0x7f00000000c0)=0x6, 0xc7d3, 0x0, 0x2, "f9ecc7402acac562f11fadd8aede2aafc8fa71085d9412201632e240"}) pselect6$auto(0x9, &(0x7f0000000000)={[0x8, 0x4, 0x0, 0x6, 0x8001, 0x4000000000002bc8, 0xfff, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r5 = socket(0xa, 0x1, 0x84) getsockopt$auto(r5, 0x0, 0x34, 0x0, 0x0) recvmmsg$auto(r4, &(0x7f0000001380)={{&(0x7f0000000200), 0x0, &(0x7f0000001240)={&(0x7f0000000240)="815445bb55d9b7152e964cd93ca65101598abbba6abdff85c429d9936bf45435e21ca29d661a22e88f92caf2aeaf7ff0a11e499042c3d47e1681260892dd20566cc9d72beba452e1ff33c6cdb670e9eb08705f57f21b32ce73abb10ec89170f7ad2829dd6962302bbbde5c85902fbf7c19c1023db70e52b14a8b3b1228ea54816d750c41149f78ab763f01f9b4160be7f977d128f94ce2c91457f57601569c7600ba732893d3a4ce8fc2bccb35e158bfe3e21965992f30ab0112338c725344087bbc2bf16ce1cd573cbb0b2d4541d05a3e2b610bd22e6bbd6e52f66457855d5d1b6f02b92a71339b565cc9b2cbc38ebd7c63159e4105359d9e21d93bf81b7dec3ca3c42a97abdca3bd35b2c105e11f5c9406ef597dd2aeb36c19fb7f7c8bdc54d8db89a416400cdd2441867d822bb3f744065c35bf360551405558aa04536fd331f901feb9dbc4b2f411e55718ec198078f467c09f0c1a4c81595cff8c70b1d3cbacfabd8b0d50da75fc0f231df2696baa5dcf215f7d2a7f7c94c726deb642b7aeaf9eeadb9160e215836a5b8389ef84b403239197e2819076cd369f33a65871b6725590c86a27962fc5e4509a15e17a6053486aef40ad491a0c7258f5a4a18d9c2f62f9d79f219f7152a7c9c9653804e7be195666d25e345a65401162795801cd2b254ed212583583d044151130333c87cb38fd2a32cec8ae7672fb950b457949f5df19e4b648a6388bdc9dbcc70a2499c99f67e2220cbcea6d0d21c4ed3c7798e84e4ea9d255248e5ea8e34e5a5a41c9eac5c86848226d6450e1e65c28b582d155ab1395dee8afc35313a3e8bb483d0e3c991b465e20f3bebb19f7c0d0b39ad5beb0bc9a572149e2ce3299a6de710b5d8667657a8b9215034f8f7a1871284c884cfb363c8265ba12478676d65ea7e4d6f740e1adaf1076633c8cfc39a4df5c4e8c2f0e35e9c380c33d9aed0f1c9161e216c948abfb389a42e0d3ade20a0c8ea28a30b1cc206b682877920287b521bb4e9f6c19072a516c2bac64cfb41ee6a579f4ff2df6df7ed5735c5ef5286e6152789e531e9ab5dc6c8c7847456caea733f6fbf3ccd1cf015e8a6a42a8ddedcb295b625a794914624ab96b174ff100cf86e1c4bb0c49af7a4978f59b536294477ba3faf3217c1490c37684c30068acb876b1cca3ef3a9ce478c92d02acaaeae631e5e6f3ec18cb7c86d19c8e0cbf65a885e1d26731c62202de29707c1fd8e02c47a1c4172e8f480a8d63dd4dae24823249e7e72b7da58769b6568acc11a5cb696c52e482bb6c42d3a50f6af18bc94531d8ddd7f6f9bc726204884893a5e852255850b54dce1a4f3645da203d275dc1f05d0edcd45555fcd5ae965104f0a04b76b7ec72ac8f2ef79fe8fcef9e71b9ca6ccf6aed8947ab680c67ef9508e858a4a29ba89c859710776ff4a2aafb919b81e017c4ce2f1c89c14c0b3270c8e15a4d2807863e65e30c7e181c6bfcc3384d7e7b6758be5b32196ab4d39c6035e1b42905b744fa1b21dea8e4d4aeb907fecdbb9615a6c848c634d44a1394ba9ad4309be84042e9cace22086492ef3c2997b8ef642f27c500d7a26072b512ad3a4bd3ca8a414f813a4954d3dfec4c3792400c1457c430ef13c000e46c98ec0cc19c097fc4fc34acaf94c5c8f5cd073771293a5a4d3ac2fdf7179955f197f9230eda4712823f1577f23d58dd6620c0a24054759cedfa160172e7263b9918130cbae305cfcd4ee475414fe0e811d9fd26cb1c62c897fe03e8a8e91194b1b22f836574cf60af42c7abce37f7bbde6fa37c92428c3800f127d8aaba80d3f832323d970aae2ce2c22e8e16db17c25c8eec051daaec67dccb92b7f0320378e74094fdff4bed6e39ca06c5d7625c6bd7df7f012fe9ff9acf7eab442812005d7d58310cae306d2e0d0eb3fae7e27b1041d68cdb000683d7cfdf3c35b59b9d2467effd31e506858319bf91823e4aec05aa2b212afc2c4ca3506b060a8d84f9ce1c58e2e78af4d55490fabe24108fd591a8e31daf0c2a49c1f676c9d79ce930a941bffb09e41b13208c3221b6ea10e316dcc3348730ce40ef9763127da9b95f5abb8f913cc11834a1e38fbf2e2f013030c8fcf661bbdf663819b4350ff3e7d6499e6863c93871e7cb35eae386a3152be53ac11d210f2eb901388c1abda48aa95ac067b837217b94b19051a675a7c50ab718d3536f64f5cc9e8af19f02e36bd7ed70f3dff0f6bdf6631ec83d3f461f2aa360e330326fb815593da4b7900d82ca69d2c67588e9888ea236781b31db388a6f511f022c9e49b14d46d2dde31770a4c81c734755bd5b54abdf561ea218c21ab641d3ecc069328500ea717decb458b4a1d8478c560bb156515a9566222c6c2cdea3cb11eae657af6b6936c307ea45631fa43d9eb7843dc63102386094a6bef2953c30fb25a19c0b7850b4f8228e8d7055cbee706ed20398ca31e6e54dc7fe8d3f4707c6247dce2d8c66137ed2ef30e69dc9b508b7fdc45e2b354d61e4a4b8afcb17a69fd4f272cc3506f8e8da9e3d6b1d7c33e52cfc56413c404d040cfbfc67107b8009f98b961782aba752195dcd00a4cf2cdf0d536ac49aec6e66e151c453e9c66d19ab0c58868d6221b0e62958b3dc55906795a63e18c49c054f86c8043ea9d8764208ca75c08e935e50c6eb5c0c83a2845c9a374c7694107461f3be2e320156097865ffaac23077720d0ed51c3a01f6d5d1eb0b56a0bfcaf137554f11c38c805849bb400a4c25d005da8e342cc9a936d4d8c01b5386bd7a1d31aae96656a4f630189fbe071595113e6e152f43e35a843961e12c261f2437e136366c7b921b81ec186d9a1ea7e83638f172d2c0ccaa972aef51185323bd8625388f61c5c18f81e66515e1468655a1fe25fdced462f08a13b084f00693596828aed2ea815347e1b0bb16fa3c46d8a053cbaec65a5623a00dbdcb11c038fb116bd6821b8dfdc9a1c58d9becb9a2de4e217d59c8280ef2512a37511df424bb7845a854fc553dee9e73b176c4603f5151b6c3f410715ffe1191ad63845f2750e03ad3f78bf6132556f5f4c18f03ea0185af77455f961ca3f436f96f23f60de0f9b4b2542dffbf9be5260740a420b0de64818244d8197a9652f6e03344ceac829deb36b5c7be9c1bc938007609cca0cc905700491a8e2e73183e86d6fa12b3f5ec2fe087d84afa242d70f9cb13b2270996b5ceea8f211c6a630d43241ff070017e9c5a1ddffe9e7075a814d5a9c8be8cf4492c22d4c5e465cc1f9ee953a778888e0192cbbcc06a9f2086395120fb7fe30d604b3d605bd71f36511e8d1a920778bf85a192ac53999d2b67313b993f4c9e0f903dc5b2012bc77ea97d8a5f4be5d72bb006211278f32699f1ff2ac4ea2a2bb3602046916772b922849faecd059c809f56c3bef07882da7f1a8a39fa9be2d2f8335330c48b9be3513603472b549ed76feb90c809b380e2110ee206c7aa846f02aa9bdbace1dc152b4dbcae7ebde54ce3b4084a4916c3530c95feaba9045d3fe0eeb12212d3413fa026d238c38060b141f14bbf784d8f857c90a38580bc432a68f93db5a3124bf1f9fe5c0421b371f1fbcd0b1dfb53ad9dc3acc9832e6b164007582b8e49a9a8d5454d683029308638aa26f416892b6adb96e5be5cf1683d89c6fc17c20ea01aefd8826765773f20b7c54397b7b8f277580c4fbfb9acc17b3db0b0f8735279fe31c71ab84a8ebcfdd3c3471f9f8a7391acade3bf5fd1e6a086d650add4f675687e3a4975ef315743925362330bc7e4af5369dd9a9aea14de3dd46a048a19479c22e83ce59cf93297f33dceb56ebdc2553ca8ded1ef01cd32edf8ed4559f118a6d10d496000fbec65fcb4aafe9730e9cf7a88ddc3810ebe0e3703a7a818bca815d4e5b9f9820ad0553d7ab3e53d1925f9983494e7623bad81e560b936aa5594f184bb76ffc77c8d9c3cdf1a4d6bb562ad3118013e0025d292d6737d12e33676e90093a4e00d52dbedb42c3e0ef24de6c5710d46c472fccafd1690ab6f0fa4b89e82191cbbb96fa55e29b8a784ef0c08c4485fd14d7b179e49b76c932e27d9d45dda664f73deaa1cc2fad90bcdd872f1e973d9dcf062134c49f11df06af4656fd95ecc4ccd12064a6f2f88681b6a9561148905739a95ebb03b51f39e9f94669f04e5a5886bb42df18d9dc275fcb0deb3e5c78a1a777fdc46d0a6847b946770e989d4e62669303be6a55e9dff0f57d1e43f3fc30c7325ea2517195dd4f08ffea3a3f1fe288b9186ab3fad8dc76599913e8394ee6ff2f41eeca34d71cde3a9c9b4084ace38dc12b6da85f1d1f182405ed57702929e7dc77100fd9fe67af6f94c9178d97ed4afbdbd0b1f758a7bc75cfafac9f696924f8911af1bcda2de6120c68f256698e07e87f35d7b3e07db6be75c343d1a13bda23c75b2cfc622f65c270258f9be46bcd66f2f8990458578b02a7a877120872fd3a24ac15cca52049917821ac62ec1420c19929985f4181106f320d04a6f448aa9bf7b44d4362c9f2b2a0ab050ec0c6dd912d50b6800958a565786ddf7113565421775a92f3d4ebae94f29dce4ade14264053bd91994eda41b1fda029537b8a5853b17db6d7bae4bd305cd3a63798839fba57d2eb86a7c91e0b874aef70dcf99c276a665e8131891517ee02d616cd1d40cec26b6e0e11b263ca16c1ef0b1299f27dee0e8c77ede164b735804a7844bf39e78b3d7fcb149e41126e31c0c00b74255be7ccc42221c329484040fceaeaf8f14595a66ed9580871b7a46bf275afa7f42ba357542dbf83e86c07b4eb8f99113841ec912eeafe17061118ab08a12c085bcfb41c15f03c2975be6a0648704c5673d267d3775890861f7e7fe478cd47585b509e38fb015a08720ababbe53648cff431964da6d8dddb08f3833cff8b0be59e8f1b11fc2d593c3b12f2ce4b85e61a844ed3438a309491c935b41134fbe89d1a5785285cb36855799818eb360628386b88b86860bf5e4cab56967e1c468ed22cfe656b87fab091b25465779939d953a4df0683302ab8914422f31c6f5eb864853e832f75c645daf8dad8af5f3d7d893d062c58546647ded6e1d5898436b90bf18899ecbf15a863a7410ca860e0a2942d4dc69bb79cfe982cc26c288a4bd1ea2833345fdb45f636431e42f4f0af592d792f994ba6613cd7a7ee496f2504b970edbf61fc6b1d529d76aaea3028909e66f427a076037ea7f8af355e0695a1d9714f14fd5990518676981bd7623ad24b5f30ca9665fceb8f10b6f7ddfe9d966212f3bb9cb34a1908339d791902d8e3f6c94c8177b4164474d43ed2cb69e053f8e344b8eae9102f60ee23415760842100096eb3711d879e3488b4bb951d923a4ec2d4533d05abc379410f5c019b7ced0d6c635a4f2beb914365f73ab244f8ac802d851c3999771516673646b0c1673d62eeb4e8fc14c8c4a0878ce68b0202cab7c5dcee73e3301f5af51f33b57bb11cca48c6595b757366deb66f3e8bec193dda4ecb97a4152cf91613a01ad5424f575912a8faae925ded0859f059e031f013495bab672e25b39442a18edd7e93e779c3e36878fcd1b78fbba3bfe4dcaaf03414b3c2dbe464982541d130ef865af180aadab6d4bb6c32e869f82e4c87d9d7da8a4f7ad421ea93bc6f677cbebcb98e26b7aa64e05ccbae38201e54b62411b3f4ec429900ad8db4527dfa82a8d903ea3caa7cb5ac8c6241a0b5705c9325c02dcb796b69fcfc7c2ed196b6837f778a43eb0a43046a90e3de799e72448288f12688c2abeb8e6c3b4934dd8e8", 0x7}, 0x7, &(0x7f0000001280)="3da1ba6ef9cea57f5bd4fca8d363a0148d8311a1a1f95d1c1082b03134e9546e4a28e5c065ba5a1d1c24ffee7372bc4e36033f8910ad4b61525e2918f1dc21ad44fe59a6a36a3373490f7bbde512c2a2468a3b80134d9093f6f6d9c7651d7cf829bfb6319835456f2ca9075c57bf265abe76ff362e4bc8d3d9ba2d832018977ac0196cd6e93ad181096c36ad31dfb3496a2291ead167131787930f8036f141fc84bc0840755c62dd1be37a79559c6dcc7d8f0c5a6b93ee65cb2426bd07a3976a0fc5c4b1d2fe0bf7eb5c3ade981a3061cb3c8175d9c340560a2791aaa35f062f957adf24dae517e0510b5fe0e0ea12ddafce6bd3bfb5d9561d51d4", 0x1, 0x7ff}, 0x8}, 0x4ca, 0x7, &(0x7f00000013c0)={0x6, 0x1}) setsockopt$auto_SO_TIMESTAMPNS_OLD(r4, 0xdf88, 0x23, &(0x7f00000001c0)='^\x00', 0xfba5) futex_requeue$auto(&(0x7f0000000040)={0xfffffffffffff001, 0x6, 0x2}, 0x0, 0xf, 0x9) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)=""/28, 0x1c) 15.137499292s ago: executing program 2 (id=1810): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/pids.peak\x00', 0x8000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x200, 0x10000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) ustat$auto(0x801, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x4038ae7a, r0) socket(0x29, 0x2, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x1009644, 0xdf, 0x18, 0x2, 0x2d4a29c0) r2 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r2, &(0x7f0000000180)=""/61, 0xfffffeeb) pivot_root$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x0, 0x800) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) connect$auto(0xffffffffffffffff, 0x0, 0x2) openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000600), 0x104800, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000140)="e7696e5891a9bccbf2a814c2b1c2da6a4642e71e423e55bb3bdfb80fb3496c6bac2c4769", 0x24) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) unshare$auto(0x40000080) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000200), 0x3c1941, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/power/wakeup_max_time_ms\x00', 0x40200, 0x0) read$auto(r4, 0x0, 0x20) 14.82680686s ago: executing program 39 (id=1781): openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) ioctl$auto(0x3, 0x80004508, 0x10000000000402) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000600)='/dev/snd/controlC1\x00', 0x82200, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000006c0)={{@raw=0x9, 0x2, 0x2, 0x1, "162629e6b2259bee9878f8e7b039aa20b33e487d34917b4a9acce903cb72dd4cd8dde6d41c914d63af7a9de9"}, 0x0, @integer=@value=[0x400000000006, 0x12d800000000000, 0x179, 0xfffffffffffff8ad, 0x5, 0x7, 0x4, 0x8, 0x80000000004, 0x7, 0x15b61f2, 0x7, 0x100000001, 0x3, 0x9, 0x5, 0x7f, 0x9f, 0x8, 0x9, 0xb1, 0x0, 0x3, 0x8, 0xffffffff, 0x10001, 0x1, 0x80000000, 0x8000, 0x9, 0x0, 0x80000000, 0xf, 0xfffffffffffffffe, 0x4, 0x1, 0x3, 0x0, 0x800, 0x3638, 0x3, 0x4f3, 0xc, 0x4, 0x7, 0x0, 0xe4, 0x5, 0x6, 0x81, 0x401, 0x400000000084, 0xa, 0xfffffffbfffffffd, 0x6, 0x800, 0xfffffffffffffffd, 0x7, 0x101, 0x82, 0xc9d, 0x3fe, 0x9, 0x8, 0x640c, 0x3, 0x1000, 0x6, 0x201, 0x0, 0xec31, 0x9, 0x1fd, 0x0, 0xfff0000000000000, 0x4, 0xbd2a, 0x903, 0x80007, 0x7fffffffffffffff, 0x5, 0x1, 0xfffffffffffffffe, 0x0, 0x7eda8566, 0x800000007, 0x8000000000000001, 0x9, 0x401, 0xfffffffffffffff7, 0x9, 0x14000000000000, 0x6, 0xfffffffffffffffe, 0x0, 0x1, 0x8000000000000001, 0x5, 0x1ff, 0xf057, 0x40, 0x5, 0x7, 0x2, 0x8, 0x8, 0x1f, 0x8001, 0xc13, 0x6, 0xbf5, 0x2, 0xff, 0x7, 0xf, 0xe0, 0x3, 0x8, 0x3, 0x80000000, 0x6, 0x2, 0x1, 0xa, 0x5, 0x2, 0x100, 0xffff], "54a5f1d1dd2f17b169e8263c3a740d6611142f4b3c69d0f6e967c91125d235ac53e1b00d9fddc53d8f56969329274a57d5f4213fb46616a4faa700873d91426befc561500a5391d522c480bd37f8e7f0050cedfc627c6702978a8f018ad9a7b04711dc3a5c6a755e7a506645ea28e2baa4a6786ca43b3d5d976157eb07c3cdb8"}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)='-7', 0x2) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x7, 0x3, 0x0, 0x5, 0x50913599) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) sendmsg$auto_NFSD_CMD_VERSION_GET(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_PVERSION(r3, 0x80045500, &(0x7f0000000200)=0x4) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xa8, 0x0, 0x2, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_SUPPORTED_COMMANDS={0x4}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'batadv0\x00'}, @NL802154_ATTR_WPAN_PHY_NAME={0x3d, 0x2, '/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00'}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x5}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x6}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x2}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x6}, @NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x1c}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x20000810) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x902, 0x0) (async) ioctl$auto(0x3, 0x80004508, 0x10000000000402) (async) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000600)='/dev/snd/controlC1\x00', 0x82200, 0x0) (async) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r0, 0xc4c85512, &(0x7f00000006c0)={{@raw=0x9, 0x2, 0x2, 0x1, "162629e6b2259bee9878f8e7b039aa20b33e487d34917b4a9acce903cb72dd4cd8dde6d41c914d63af7a9de9"}, 0x0, @integer=@value=[0x400000000006, 0x12d800000000000, 0x179, 0xfffffffffffff8ad, 0x5, 0x7, 0x4, 0x8, 0x80000000004, 0x7, 0x15b61f2, 0x7, 0x100000001, 0x3, 0x9, 0x5, 0x7f, 0x9f, 0x8, 0x9, 0xb1, 0x0, 0x3, 0x8, 0xffffffff, 0x10001, 0x1, 0x80000000, 0x8000, 0x9, 0x0, 0x80000000, 0xf, 0xfffffffffffffffe, 0x4, 0x1, 0x3, 0x0, 0x800, 0x3638, 0x3, 0x4f3, 0xc, 0x4, 0x7, 0x0, 0xe4, 0x5, 0x6, 0x81, 0x401, 0x400000000084, 0xa, 0xfffffffbfffffffd, 0x6, 0x800, 0xfffffffffffffffd, 0x7, 0x101, 0x82, 0xc9d, 0x3fe, 0x9, 0x8, 0x640c, 0x3, 0x1000, 0x6, 0x201, 0x0, 0xec31, 0x9, 0x1fd, 0x0, 0xfff0000000000000, 0x4, 0xbd2a, 0x903, 0x80007, 0x7fffffffffffffff, 0x5, 0x1, 0xfffffffffffffffe, 0x0, 0x7eda8566, 0x800000007, 0x8000000000000001, 0x9, 0x401, 0xfffffffffffffff7, 0x9, 0x14000000000000, 0x6, 0xfffffffffffffffe, 0x0, 0x1, 0x8000000000000001, 0x5, 0x1ff, 0xf057, 0x40, 0x5, 0x7, 0x2, 0x8, 0x8, 0x1f, 0x8001, 0xc13, 0x6, 0xbf5, 0x2, 0xff, 0x7, 0xf, 0xe0, 0x3, 0x8, 0x3, 0x80000000, 0x6, 0x2, 0x1, 0xa, 0x5, 0x2, 0x100, 0xffff], "54a5f1d1dd2f17b169e8263c3a740d6611142f4b3c69d0f6e967c91125d235ac53e1b00d9fddc53d8f56969329274a57d5f4213fb46616a4faa700873d91426befc561500a5391d522c480bd37f8e7f0050cedfc627c6702978a8f018ad9a7b04711dc3a5c6a755e7a506645ea28e2baa4a6786ca43b3d5d976157eb07c3cdb8"}) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00', 0x20681, 0x0) (async) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f00000000c0)='-7', 0x2) (async) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x7, 0x3, 0x0, 0x5, 0x50913599) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0xa8, r5, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_SCOPE={0x81, 0x4, 'nfsf\x00\xd8\xef\xe4-\x13+r\xf3\fT1Z\xa7J[\x81\a\xcf-\xdf\x90\x1f\x8f\xc8\x13e\xe2R7D\x832j\xce}\xa3V\xb7\xa1o\\\xe6\x13\xbc\f\xe3\xae\xb8~\xd3\xd2+J\'\xc3\xec\xc9\fp\xc8a\xbe\xfe`\xa7\xa9AKDd\'\xa0\x01\xf6\x13y\xe8\xca\xf4Q\x9e\x03*]\xda\x1e\x11t\xe2\xd5uw+\x93\xfc\x04l\xd3\xa6t\x86k\x80\xd9\x14s\xec\xe2H\xc0=(\xf99\x8ac\xa7\x85\x99\x87'}, @NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x85}, @NFSD_A_SERVER_THREADS={0x8, 0x1, 0x2}]}, 0xa8}}, 0x4000) (async) sendmsg$auto_NFSD_CMD_VERSION_GET(r3, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) (async) ioctl$auto_SNDRV_CTL_IOCTL_PVERSION(r3, 0x80045500, &(0x7f0000000200)=0x4) (async) sendmsg$auto_NL802154_CMD_SET_CHANNEL(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0xa8, 0x0, 0x2, 0x70bd28, 0x25dfdbfd, {}, [@NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_SUPPORTED_COMMANDS={0x4}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'batadv0\x00'}, @NL802154_ATTR_WPAN_PHY_NAME={0x3d, 0x2, '/sys/devices/virtual/block/nbd8/queue/iosched/fifo_batch\x00'}, @NL802154_ATTR_PAGE={0x5, 0x7, 0x5}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x6}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x2}, @NL802154_ATTR_MAX_CSMA_BACKOFFS={0x5, 0x12, 0x6}, @NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x1c}]}, 0xa8}, 0x1, 0x0, 0x0, 0x8000}, 0x20000810) (async) 14.816615758s ago: executing program 7 (id=1812): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/adsp1\x00', 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) setsockopt$auto(0x3, 0x1, 0x2a, 0x0, 0x9) recvfrom$auto(0x3, 0x0, 0x80000000002, 0x6, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x24, r3, 0x1, 0x70bd2c, 0x25dfdc01, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xa}]}, 0x24}}, 0xc000) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) ioctl$auto_SNDCTL_DSP_GETFMTS(r0, 0x8004500b, 0x0) 11.635504291s ago: executing program 2 (id=1816): r0 = open(&(0x7f0000000240)='./cgroup.cpu/cgroup.procs\x00', 0x181080, 0x18) open_by_handle_at$auto(r0, &(0x7f0000000040)={0x14, 0x30001, "b190a905237d4b53ef8cbae4c6ca99c160daa361"}, 0x1) prctl$auto_PR_SET_VMA(0x53564d41, 0xd38f, 0x400000000000800, 0x8003, 0x5) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/lockd/parameters/nlm_tcpport\x00', 0xc2481, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000180)="2d37e7", 0x3) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x24, r3, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NFSD_A_SERVER_THREADS={0x8, 0x1, 0x4a}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0x9}]}, 0x24}}, 0x4000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x100000000000039, 0x0) r4 = fsopen$auto(0x0, 0x1) fsconfig$auto(r4, 0x8, 0x0, 0x0, 0x0) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000100)={0x20041, 0x9, 0x2}, 0x18) socket(0x2c, 0x3, 0x6) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b74, 0x7, 0xfffffffffffffff8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) write$auto(0x1, 0x0, 0x80000000) mmap$auto(0x0, 0x4, 0x3, 0xf8, 0xfffffffffffffffa, 0x200000000008000) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/disksize\x00', 0x2202, 0x0) read$auto_cachefiles_daemon_fops_internal(r6, &(0x7f0000000080)=""/232, 0xe8) madvise$auto(0x0, 0x2000040080000004, 0xe) r7 = getpid() process_vm_readv$auto(r7, 0x0, 0x1, 0x0, 0x4, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r8, r8, 0x0, 0x3) 5.787459201s ago: executing program 3 (id=1811): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/class/firmware/timeout\x00', 0x1a1942, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x2440, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000080)={0x0, 0x4000000001}, 0x6) 5.674978226s ago: executing program 3 (id=1824): r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, r0, 0xbd5) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000dc0), r2) sendmsg$auto_IPVS_CMD_GET_DEST(r2, &(0x7f0000003a40)={0x0, 0x0, &(0x7f0000003a00)={&(0x7f0000000e80)={0x1c, r3, 0xc0dce8a66cb0a7ff, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x5, 0x2, 0x0, 0x1, [@generic="f1"]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040011}, 0x40010) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0a3765c9b0ff8fbbff63336633bec215ead541e5766cb7e6a546c58ddbc3cbd84697b73ae550f26f7eb", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001280)={&(0x7f0000001140)={0x108, 0x0, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x9}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x17, 0x13, "13c366f9244357d432f6e44cc4bf4e5878fe5d"}, @NL80211_ATTR_WIPHY_NAME={0x8, 0x2, '/${\x00'}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x8}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x2}, @NL80211_ATTR_HT_CAPABILITY={0x45, 0x1f, "ff8ddbe0dca3a0c40b31575a0fc89a052ad1070f85525f215dde201061c7ecbce4e876ab8d9dd571ee3b51789e3654f47243f6e34471afffdadef51ab57ef583e9"}, @NL80211_ATTR_WOWLAN_TRIGGERS={0x5c, 0x75, 0x0, 0x1, [@generic="ba6aeb15a3f761572ca4eb336e5dfaa39a4e112524144c26d5a6468d0f3a3919ee7a2bf863f683c121bc3b2170c49b100b274baaf7e35af6d0f2356f99129b14dfb3c040f557f81b", @typed={0x8, 0x138, 0x0, 0x0, @u32=0x400}, @typed={0x8, 0xe6, 0x0, 0x0, @fd=r1}]}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x8}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x7}]}, 0x108}, 0x1, 0x0, 0x0, 0x91}, 0x10) ioctl$auto_MON_IOCX_MFETCH(r4, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r4, 0xc0109207, 0x0) mlockall$auto(0x7) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000200)='/dev/snd/midiC2D1\x00', 0x40f00, 0x0) 4.458673421s ago: executing program 3 (id=1827): pipe$auto(0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x0) mount$auto(0x0, &(0x7f0000000540)='}[,&*}\x00', &(0x7f0000000040)='nfsd\x00', 0x3, 0x0) lchown$auto(&(0x7f0000000480)='}[,&*}\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) socket(0x11, 0xd8569d29615822ea, 0x8) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="1302", @ANYRES32=r2, @ANYBLOB='\b\x00a\x00\x00\x00\x00\x00'], 0x24}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) mmap$auto(0x8, 0x8000000000000000, 0x3, 0x40eb2, r1, 0x9) mprotect$auto(0x0, 0x806121, 0x6) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NLBL_UNLABEL_C_STATICADDDEF(r1, &(0x7f0000000240)={&(0x7f0000000140), 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x30, 0x0, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000800}, 0x50) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x103000, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f00000000c0), r5) ioctl$auto_KVM_CREATE_VM(r3, 0x4018aee1, 0x0) 4.14522833s ago: executing program 3 (id=1828): r0 = socket(0x10, 0x3, 0x6) sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="010000bd6af4c3f05500000000008fbee45ca4c8cc542911c461ffbff0a91ea4d65f8c7c10daba31c76dd7d6d7de0bf797f7c3364b4bdb674a8fb733d817fa6e0c6990231c7fa62900561bbd01000000000000006302a4d4070000575d41ebcd"], 0x14}, 0x1, 0x0, 0x0, 0x4004080}, 0x2400c0c0) 2.276954625s ago: executing program 4 (id=1835): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vbi0\x00', 0x8280, 0x0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000000)=""/130, 0x82) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) 2.099771812s ago: executing program 4 (id=1836): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x85, 0x2, 0xb, 0x76c5, 0x8, 0x100000000}}) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/usb/usbmon/35u\x00', 0x20100, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x202002, 0x0) r1 = socket(0x10, 0x2, 0x4) keyctl$auto_KEY_REQKEY_DEFL_USER_KEYRING(0x7ffffffe, 0x4, 0x0, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES8, @ANYRES32=0x0, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x2400c0c0}, 0x2004c802) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="600000009f2cfbce7e465f756c2f8d0789b4b4411efd4acac4f94be7529cb2da6f5a202f7682976be3ab7af169a22b48c370cf46d914504847e7d68e9e7c0980cc86cc30ba0f8b2c02169518b5aeff3792a652650490047c0db2b3a693c442b9eab1d1d7ea2f06a57729f2953e73a9a41e5246d7d7851c8ee067", @ANYRES16=0x0, @ANYBLOB="100026bd7000fedbdf25030000000800040008000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a000100aaaaaaaaaabb00000a000500aaaaaaaaaa3a000008000200", @ANYRES32=r3, @ANYBLOB="08000300faffffff"], 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x15, 0x2, 0x8001) sysfs$auto(0x2, 0x3c, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x3ff, 0x4}, 0x7f, 0x0, 0x0, 0x8) 2.007721642s ago: executing program 4 (id=1837): mmap$auto(0x0, 0x3, 0x10, 0xeb1, 0x403, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) read$auto(0x4, 0x0, 0xfdef) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) setuid$auto(0xe) syz_clone(0x10008000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x4, 0x5, 0x1000017) mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0x100000000) sched_setattr$auto(0x0, &(0x7f00000002c0)={0x1000, 0x50, 0x1d, 0xa9, 0x0, 0x4, 0x9, 0x9, 0xb, 0x6}, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x2, 0x5, 0xffffffff) setsockopt$auto(0x3, 0x10000000084, 0x71, 0x0, 0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x19) pkey_mprotect$auto(0x800000000000, 0xb, 0x6, 0x0) 1.120758954s ago: executing program 4 (id=1838): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder1\x00', 0x280500, 0x0) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x200, 0x400008, 0x200, 0x9b72, r0, 0x6) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x20, 0x0) fsopen$auto(0x0, 0x1) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) shmget$auto(0x8, 0x10563, 0x568d1af2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) bpf$auto(0x14, &(0x7f00000000c0)=@enable_stats={0x1}, 0x7) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) arch_prctl$auto(0x5005, 0x9) 212.94626ms ago: executing program 4 (id=1839): mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) r0 = socket(0x22, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x80184947, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_CONNECT(r1, 0x0, 0x20040000) (async) fcntl$getown(r1, 0x9) (async) unshare$auto(0x40000080) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) r3 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket(0x22, 0x2, 0x1) (async) r4 = socketpair$auto(0x1, 0x100, 0x8000000000000000, 0x0) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0) (async) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r4, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)={0x5d4, r5, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0xfa}, @NL80211_ATTR_CONTROL_PORT_NO_PREAUTH={0x4}, @NL80211_ATTR_TDLS_SUPPORT={0x4}, @NL80211_ATTR_EMA_RNR_ELEMS={0xf2, 0x145, 0x0, 0x1, [@generic="acbd5a249eca13c8b85a177eec0835cda675b2acf59a5fe9ee330f48e9e4b868607d433bad15e3ab8efd113512ac2012cc9d0a7da52461493742bf77908b92d4d1d34b350c0885fa617cdbfa647258bbad353b282a74e9702b36d47b5106ffae8020be87aa4a4b22f9c5e422a62d3af9b0ff0f3e3fe76b95d75470e595286f12a8374ee176f10af11bb3d887a2b8065441f5dbb4137ed60d3b27c680c26ae8391be00718ac6a84ca5f7b75f12623ab8690322fc806d6916f61f51170940ff24cc2c331ea9c148cbbd83eccfdb13c5433fe49bbda30cf1e0dba00e2ed3b96bfd15fe310d4f714", @typed={0x6, 0xd4, 0x0, 0x0, @str=']\x00'}]}, @NL80211_ATTR_REKEY_DATA={0x4b9, 0x7a, 0x0, 0x1, [@generic="821441406df3eef7643d1fa30112b961c089cfe3fde797f32bd9a060a77e645d5ef8fe9128b4a8cd84a26565bfc7a44188c101dc53dce71b17efd4101fd133c94b2e21adf67ed24fe511ec40984ac37b99dbb63b6cff5f44ec6d71c94ec7064f809d7af16ef3fbfb2726f7ee05c0fd4339357057c12d206e5c0f314f763de7ed92065dc4567a1832f0ba9ed9b41f1ea13e4476f9ade26dfd336b970048d5fefbd685dda85a6e6a2b077def3b5c3e075ad3872b321e41065a6a8fade68f5319721aabece9d2258b7490cebdc83270f731b10ec6a7fa27478cf0b5187bd136d6adc29b2718e335c9bbb698e4ebaf9883c4ab90a94722512a525365415c02", @generic="24a310e39303b6dcb1adca4b3aceb440d9159c41bc077f38a6b3c20082019a3fa39bc21a614f39f794c4fb890a6f437b16e4386ceb3521550427a32add19c96d0bbcca2bd73623c24d73997d8f2bef222885edc6a5896569d399dde63af84778f266327112fc6d6f20071e615cd305f9414ec80635020e82a9c3dd8973ca05ecea70f8271de6c8816c5cfa07e58b4f2b464f569aa875f6195b38ef73ff13f075ec4e161a20fbd8d95a6635c82bc22e1fb10487e9d7ae3c9121978f7c85526e23efcf6f930ac92c6ebac5f32dc36c", @nested={0x26a, 0xed, 0x0, 0x1, [@typed={0x8, 0x129, 0x0, 0x0, @u32=0xb10e}, @generic="c54eb0b9064b92e50fb5c6d31b6923c1e2eca1e66859456b3ce95b40d2bafbf119c18b6f9efab82d8302d69ff4f49b1102396fc400fda355728bb3049dcfd14148fbf527b86769d43142f31857e017b1a4f12297bf1b", @typed={0x14, 0xec, 0x0, 0x0, @ipv6=@private2}, @generic="3769c55bba9480caa6f23cdff9f35a0701c14a3058a9f09948c168c6dfc03163f13fdff0bbddd092240e289d51180c8dadeb4c4c040401e071406d1ad818559a5a67fc4d197bc5db2a477987bdc28e8951a28a83198040c447cc30848f3212afbd2bf6f6dcd3a963b81985953c8296a8585f", @generic="2a38887eec14696aaa5a3009eca8e509981958e0e0f9b0522815c9c2ec0b4e97ffbfe3f0df4cbb4796491edba2f70b2870779a62fef0231222c3f6490d1ebf276fb4affae9cfeb93ec2c169c05ab5e95296f49fb41cb090feb254d1fc9e069eb4789930b8b06853b747c94dd6f13d85c8122206d152da2b0dba4c3424d3945e9ea6dddc392ab2a19ff4d8717f715911665b2d4378520d9473ef40187d3aa826239cc267e69f2bee09332fda3c4dcab8091a0855d444b7336233b48482aaccb25dc", @generic="c83905b61a86174a7716238228c64e530abefc45c83b7d20482ea2d67ee59874072eb380053a81f083139c8087ef61cc652d8c57942b53fd85312cf9eb55532695a2f960426f80185187441789aca4e478f4faf5bad6a07f5f87505bffb27491cf53f9c3429e0218d9062c4a70d91a4926a7777d76b5fb23638ccfb964029831f27a76768046b3c6b8a0298953dd6f75ed17925831efbbfa2c942b45fe4eb169f773d57d9b699a5ec17e732b9bccd1e07dfd9fd383cb41e38d", @nested={0x4, 0x105}, @nested={0x4, 0x11d}]}, @generic="e415f06749a367b48bcf9236d70e2514cde24ff73af697ab7f058f3fb1326e908eb2d57bf998eb9413e966d1c7505ca3534ed5e0396bc26ce6b03a8323e221b7851a8e6d4a488ac5f9a5b28123f28348b06e3a72e7e5a3e93656498c8ab1e627a7da0d3c433ab46c4670203723342c0d4d88f81d93dc76ed0ac97d7a624f"]}]}, 0x5d4}, 0x1, 0x0, 0x0, 0x40001}, 0x80) close_range$auto(0x2, 0xffffffffffffffff, 0x0) (async) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) r7 = ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) close_range$auto(0x2, 0x8, 0x0) (async) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x15, 0x1000, 0x47, 0xc, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x3]}, 0x0, 0x0) (async) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) io_uring_register$auto(0x2, 0x1, 0x0, 0x0) (async) ioctl$auto(r7, 0xae41, r6) 0s ago: executing program 4 (id=1840): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r2 = socket(0x10, 0x2, 0x4) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="fdff36018008000100e512b0c3e8aaf5d352dc250456ea9b30c41871adbb6065834cb989aa609b7caa15375865945f7af3c07ca6743fb8ef7fde68a48c1ae44b28de29e9", @ANYRES32=0x0, @ANYBLOB], 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x80000) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r3, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) madvise$auto(0x0, 0xffffffffffff0005, 0x19) shmat$auto(0x0, 0x0, 0xfffffffc) kernel console output (not intermixed with test programs): ould_fail_ex.cold+0x5/0xa [ 434.762265][T12795] _copy_to_user+0x32/0xd0 [ 434.762305][T12795] copy_siginfo_to_user+0x27/0xc0 [ 434.762339][T12795] x64_setup_rt_frame+0xa03/0xce0 [ 434.762382][T12795] ? __pfx_x64_setup_rt_frame+0x10/0x10 [ 434.762415][T12795] ? __pfx_force_sig_fault+0x10/0x10 [ 434.762454][T12795] arch_do_signal_or_restart+0x587/0x770 [ 434.762489][T12795] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 434.762534][T12795] ? do_user_addr_fault+0x8d6/0x12f0 [ 434.762571][T12795] irqentry_exit+0x1f8/0x670 [ 434.762604][T12795] asm_exc_page_fault+0x26/0x30 [ 434.762628][T12795] RIP: 0033:0x7f396be52af1 [ 434.762648][T12795] Code: 05 d4 f5 3b 00 c7 00 00 00 01 00 5b c3 66 66 2e 0f 1f 84 00 00 00 00 00 90 80 3d c2 52 3c 00 00 48 8b 47 18 48 8b 4f 28 74 1f <48> 8b 30 89 f2 83 c6 02 48 8d 04 f0 89 57 04 48 39 c1 0f 92 c0 88 [ 434.762673][T12795] RSP: 002b:00007f396a193048 EFLAGS: 00010202 [ 434.762694][T12795] RAX: 0000000000000000 RBX: 00007f396c216270 RCX: 0000000000000000 [ 434.762709][T12795] RDX: 00007f396c0b6920 RSI: 0000000002021000 RDI: 00007f396c216308 [ 434.762725][T12795] RBP: 00007f396c008c1f R08: 0000000000000000 R09: 0000000000000000 [ 434.762741][T12795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 434.762764][T12795] R13: 00007f396c216308 R14: 00007f396c216270 R15: 00007ffe6a5a8a18 [ 434.762800][T12795] [ 435.107198][ T30] audit: type=1804 audit(1843104704.940:22): pid=12789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1317" name="/newroot/sys/kernel/debug/tracing/trace_marker" dev="tracefs" ino=1068 res=1 errno=0 [ 435.242059][T12801] size and base must be multiples of 4 kiB [ 435.260420][T12801] CPU: 0 UID: 0 PID: 12801 Comm: syz.0.1318 Tainted: G U L syzkaller #0 PREEMPT(full) [ 435.260476][T12801] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 435.260488][T12801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 435.260507][T12801] Call Trace: [ 435.260518][T12801] [ 435.260530][T12801] dump_stack_lvl+0x100/0x190 [ 435.260583][T12801] mtrr_add.cold+0x74/0x87 [ 435.260617][T12801] mtrr_ioctl+0x25a/0xcf0 [ 435.260665][T12801] ? __pfx_mtrr_ioctl+0x10/0x10 [ 435.260718][T12801] ? find_held_lock+0x2b/0x80 [ 435.260761][T12801] ? __fget_files+0x21f/0x3d0 [ 435.260797][T12801] ? __pfx_mtrr_ioctl+0x10/0x10 [ 435.260841][T12801] proc_reg_unlocked_ioctl+0x229/0x320 [ 435.260885][T12801] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 435.260934][T12801] __x64_sys_ioctl+0x18e/0x210 [ 435.260986][T12801] do_syscall_64+0xc9/0xf80 [ 435.261026][T12801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 435.261057][T12801] RIP: 0033:0x7f396bf9aeb9 [ 435.261084][T12801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 435.261114][T12801] RSP: 002b:00007f396a1d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 435.261144][T12801] RAX: ffffffffffffffda RBX: 00007f396c216090 RCX: 00007f396bf9aeb9 [ 435.261165][T12801] RDX: 0000000000000007 RSI: 00000000400c4d01 RDI: 0000000000000007 [ 435.261183][T12801] RBP: 00007f396c008c1f R08: 0000000000000000 R09: 0000000000000000 [ 435.261201][T12801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 435.261219][T12801] R13: 00007f396c216128 R14: 00007f396c216090 R15: 00007ffe6a5a8a18 [ 435.261260][T12801] [ 435.457331][T12803] vivid-007: ================= START STATUS ================= [ 435.465009][T12803] vivid-007: Generate PTS: true [ 435.469946][T12803] vivid-007: Generate SCR: true [ 435.475434][T12803] tpg source WxH: 320x240 (Y'CbCr) [ 435.480595][T12803] tpg field: 1 [ 435.483969][T12803] tpg crop: (0,0)/320x240 [ 435.488443][T12803] tpg compose: (0,0)/320x240 [ 435.493041][T12803] tpg colorspace: 8 [ 435.496846][T12803] tpg transfer function: 0/0 [ 435.501456][T12803] tpg Y'CbCr encoding: 0/0 [ 435.505879][T12803] tpg quantization: 0/0 [ 435.510104][T12803] tpg RGB range: 0/2 [ 435.514009][T12803] vivid-007: ================== END STATUS ================== [ 435.669207][T12801] ubi31: attaching mtd0 [ 437.192631][T12837] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 439.277869][T12868] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1333'. [ 439.320658][T12868] ima: policy update failed [ 439.338206][ T30] audit: type=1802 audit(1843104709.520:23): pid=12868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1333" res=0 errno=0 [ 439.756813][T12877] netlink: 326 bytes leftover after parsing attributes in process `syz.2.1335'. [ 440.731095][T12883] program syz.3.1336 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 441.788917][T12892] NFSD: Failed to start, no listeners configured. [ 443.224271][T12929] zswap: compressor  not available [ 443.237705][T12937] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 443.583694][T12948] ptp ptp0: only physical clock in use now [ 444.651139][T12972] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 445.292061][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.298767][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.988018][T12990] FAULT_INJECTION: forcing a failure. [ 445.988018][T12990] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 446.017183][T12990] CPU: 0 UID: 0 PID: 12990 Comm: syz.0.1360 Tainted: G U L syzkaller #0 PREEMPT(full) [ 446.017236][T12990] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 446.017247][T12990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 446.017263][T12990] Call Trace: [ 446.017272][T12990] [ 446.017283][T12990] dump_stack_lvl+0x100/0x190 [ 446.017331][T12990] should_fail_ex.cold+0x5/0xa [ 446.017379][T12990] _copy_from_iter+0x1f4/0x1690 [ 446.017435][T12990] ? __pfx__copy_from_iter+0x10/0x10 [ 446.017499][T12990] copy_page_from_iter+0xde/0x180 [ 446.017548][T12990] anon_pipe_write+0xae4/0x1d40 [ 446.017599][T12990] ? __pfx_anon_pipe_write+0x10/0x10 [ 446.017632][T12990] ? common_file_perm+0x1ab/0x4f0 [ 446.017677][T12990] ? __pfx_autoremove_wake_function+0x10/0x10 [ 446.017717][T12990] ? bpf_lsm_file_permission+0x9/0x10 [ 446.017762][T12990] ? security_file_permission+0x76/0x210 [ 446.017809][T12990] ? rw_verify_area+0xce/0x6d0 [ 446.017842][T12990] vfs_write+0x6ac/0x1070 [ 446.017876][T12990] ? __pfx_anon_pipe_write+0x10/0x10 [ 446.017927][T12990] ? __pfx_vfs_write+0x10/0x10 [ 446.017957][T12990] ? find_held_lock+0x2b/0x80 [ 446.018011][T12990] ksys_write+0x1f8/0x250 [ 446.018041][T12990] ? __pfx_ksys_write+0x10/0x10 [ 446.018086][T12990] do_syscall_64+0xc9/0xf80 [ 446.018125][T12990] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.018154][T12990] RIP: 0033:0x7f396bf9aeb9 [ 446.018178][T12990] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 446.018207][T12990] RSP: 002b:00007f396a1d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 446.018235][T12990] RAX: ffffffffffffffda RBX: 00007f396c216090 RCX: 00007f396bf9aeb9 [ 446.018255][T12990] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 446.018272][T12990] RBP: 00007f396c008c1f R08: 0000000000000000 R09: 0000000000000000 [ 446.018289][T12990] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.018305][T12990] R13: 00007f396c216128 R14: 00007f396c216090 R15: 00007ffe6a5a8a18 [ 446.018356][T12990] [ 446.604121][T13010] FAULT_INJECTION: forcing a failure. [ 446.604121][T13010] name fail_futex, interval 1, probability 0, space 0, times 0 [ 446.617398][T13010] CPU: 0 UID: 0 PID: 13010 Comm: syz.0.1364 Tainted: G U L syzkaller #0 PREEMPT(full) [ 446.617454][T13010] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 446.617464][T13010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 446.617480][T13010] Call Trace: [ 446.617490][T13010] [ 446.617501][T13010] dump_stack_lvl+0x100/0x190 [ 446.617541][T13010] should_fail_ex.cold+0x5/0xa [ 446.617588][T13010] get_futex_key+0x1d2/0x1620 [ 446.617629][T13010] ? __pfx_get_futex_key+0x10/0x10 [ 446.617678][T13010] futex_wait_setup+0x81/0x500 [ 446.617716][T13010] __futex_wait+0x19f/0x300 [ 446.617747][T13010] ? __pfx___futex_wait+0x10/0x10 [ 446.617781][T13010] ? __pfx_futex_wake_mark+0x10/0x10 [ 446.617832][T13010] ? futex_hash+0x2c5/0x380 [ 446.617879][T13010] futex_wait+0xed/0x380 [ 446.617907][T13010] ? __pfx_futex_wait+0x10/0x10 [ 446.617942][T13010] ? vfs_write+0x15d/0x1070 [ 446.617975][T13010] ? __pfx_sg_write+0x10/0x10 [ 446.618005][T13010] do_futex+0x1ef/0x350 [ 446.618044][T13010] ? __pfx_do_futex+0x10/0x10 [ 446.618093][T13010] __x64_sys_futex+0x34f/0x4d0 [ 446.618135][T13010] ? fput+0x79/0x100 [ 446.618171][T13010] ? __pfx___x64_sys_futex+0x10/0x10 [ 446.618207][T13010] ? ksys_write+0x1ac/0x250 [ 446.618237][T13010] ? __pfx_ksys_write+0x10/0x10 [ 446.618281][T13010] do_syscall_64+0xc9/0xf80 [ 446.618318][T13010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.618347][T13010] RIP: 0033:0x7f396bf9aeb9 [ 446.618370][T13010] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 446.618397][T13010] RSP: 002b:00007f396a1f60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 446.618434][T13010] RAX: ffffffffffffffda RBX: 00007f396c215fa8 RCX: 00007f396bf9aeb9 [ 446.618453][T13010] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f396c215fa8 [ 446.618469][T13010] RBP: 00007f396c215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 446.618486][T13010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.618504][T13010] R13: 00007f396c216038 R14: 00007ffe6a5a8930 R15: 00007ffe6a5a8a18 [ 446.618543][T13010] [ 447.662700][T13027] sysfs_service_op_show: Client not running :-5: [ 448.489981][T13032] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1367'. [ 448.901828][T13051] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1371'. [ 448.912757][ T30] audit: type=1800 audit(1843104719.070:24): pid=13051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1371" name="dbroot" dev="configfs" ino=53463 res=0 errno=0 [ 449.063264][T13052] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1371'. [ 449.154892][T13055] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1372'. [ 449.423511][T13062] nfs: Unknown parameter 'BålY¶ 7³w±·E»É®H¶âs[åØu` ]‹§e©©6z¦c§ÚÞ•â[$(‡uÊ×ÃÒÃÒž€ô%ÏE¹ƒtO–÷2*è‚pãè[ˆÄÁOugÇãɧr©ts÷þ¤QZ×€z' [ 451.564313][T13103] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 452.691874][T13124] serio: Serial port ttyS2 [ 453.898952][ T5146] Bluetooth: hci2: unexpected subevent 0x0c length: 118 > 5 [ 454.150716][T13138] netlink: set zone limit has 8 unknown bytes [ 455.463725][T13161] random: crng reseeded on system resumption [ 457.097566][T13188] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1399'. [ 457.109714][T13188] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 457.146274][T13188] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 457.181351][T13188] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 457.217831][T13188] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 460.311047][T13233] vhci_hcd vhci_hcd.2: invalid port number 16 [ 460.331609][T13233] vhci_hcd vhci_hcd.2: invalid port number 16 [ 460.658599][T13238] synth uevent: /devices/virtual/tty/tty46: unknown uevent action string [ 460.678439][T13238] tty tty46: uevent: failed to send synthetic uevent: -22 [ 461.898345][T13249] sysfs_service_op_show: Client not running :-5: [ 463.572874][T13266] vivid-007: ================= START STATUS ================= [ 463.587224][T13266] vivid-007: Generate PTS: true [ 463.597703][T13266] vivid-007: Generate SCR: true [ 463.612869][T13266] tpg source WxH: 320x240 (Y'CbCr) [ 463.623000][T13266] tpg field: 1 [ 463.626446][T13266] tpg crop: (0,0)/320x240 [ 463.637166][T13266] tpg compose: (0,0)/320x240 [ 463.647415][T13266] tpg colorspace: 8 [ 463.651271][T13266] tpg transfer function: 0/0 [ 463.666340][T13266] tpg Y'CbCr encoding: 0/0 [ 463.676485][T13266] tpg quantization: 0/0 [ 463.686610][T13266] tpg RGB range: 0/2 [ 463.690627][T13266] vivid-007: ================== END STATUS ================== [ 467.060157][ T30] audit: type=1800 audit(1843104737.240:25): pid=13295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1421" name="members" dev="configfs" ino=54802 res=0 errno=0 [ 468.375296][T13308] FAULT_INJECTION: forcing a failure. [ 468.375296][T13308] name failslab, interval 1, probability 0, space 0, times 0 [ 468.392481][T13308] CPU: 1 UID: 0 PID: 13308 Comm: syz.0.1424 Tainted: G U L syzkaller #0 PREEMPT(full) [ 468.392536][T13308] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 468.392547][T13308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 468.392565][T13308] Call Trace: [ 468.392575][T13308] [ 468.392582][T13308] dump_stack_lvl+0x100/0x190 [ 468.392608][T13308] should_fail_ex.cold+0x5/0xa [ 468.392639][T13308] should_failslab+0xc2/0x120 [ 468.392666][T13308] kmem_cache_alloc_noprof+0x83/0x780 [ 468.392689][T13308] ? __pfx_map_id_range_down+0x10/0x10 [ 468.392708][T13308] ? security_inode_alloc+0x3b/0x2c0 [ 468.392737][T13308] ? security_inode_alloc+0x3b/0x2c0 [ 468.392760][T13308] security_inode_alloc+0x3b/0x2c0 [ 468.392786][T13308] inode_init_always_gfp+0xced/0x1040 [ 468.392811][T13308] alloc_inode+0x8e/0x250 [ 468.392838][T13308] path_from_stashed+0x25b/0x750 [ 468.392859][T13308] ? do_raw_spin_unlock+0x145/0x1e0 [ 468.392908][T13308] ns_get_path+0x60/0x80 [ 468.392929][T13308] proc_ns_get_link+0x121/0x230 [ 468.392954][T13308] ? __pfx_proc_ns_get_link+0x10/0x10 [ 468.392980][T13308] ? atime_needs_update+0x8b/0x6b0 [ 468.393010][T13308] pick_link+0xd17/0x13c0 [ 468.393027][T13308] ? __pfx_proc_ns_get_link+0x10/0x10 [ 468.393061][T13308] step_into_slowpath+0x6c2/0xf50 [ 468.393083][T13308] ? __pfx_step_into_slowpath+0x10/0x10 [ 468.393100][T13308] ? find_held_lock+0x2b/0x80 [ 468.393125][T13308] path_openat+0xf95/0x3120 [ 468.393153][T13308] ? __pfx_path_openat+0x10/0x10 [ 468.393183][T13308] do_filp_open+0x1f7/0x420 [ 468.393206][T13308] ? __pfx_do_filp_open+0x10/0x10 [ 468.393244][T13308] ? _raw_spin_unlock+0x28/0x50 [ 468.393262][T13308] ? alloc_fd+0x476/0x790 [ 468.393287][T13308] do_sys_openat2+0x12e/0x220 [ 468.393315][T13308] ? __pfx_do_sys_openat2+0x10/0x10 [ 468.393344][T13308] ? __fget_files+0x21f/0x3d0 [ 468.393367][T13308] __x64_sys_openat+0x12d/0x210 [ 468.393395][T13308] ? __pfx___x64_sys_openat+0x10/0x10 [ 468.393431][T13308] do_syscall_64+0xc9/0xf80 [ 468.393455][T13308] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.393474][T13308] RIP: 0033:0x7f396bf5b78e [ 468.393490][T13308] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 468.393507][T13308] RSP: 002b:00007f396a1f5ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 468.393525][T13308] RAX: ffffffffffffffda RBX: 00007f396a1f66c0 RCX: 00007f396bf5b78e [ 468.393537][T13308] RDX: 0000000000000002 RSI: 00007f396a1f5f90 RDI: ffffffffffffff9c [ 468.393548][T13308] RBP: 00007f396c008c1f R08: 0000000000000000 R09: 0000000000000000 [ 468.393558][T13308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 468.393569][T13308] R13: 00007f396c216038 R14: 00007f396c215fa0 R15: 00007ffe6a5a8a18 [ 468.393591][T13308] [ 469.081081][ T30] audit: type=1800 audit(1843104739.260:26): pid=13315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1425" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 469.611205][T13330] Invalid ELF header magic: != ELF [ 469.686919][T13330] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1428'. [ 470.576464][T13342] FAULT_INJECTION: forcing a failure. [ 470.576464][T13342] name fail_futex, interval 1, probability 0, space 0, times 0 [ 470.632809][T13342] CPU: 1 UID: 0 PID: 13342 Comm: syz.0.1433 Tainted: G U L syzkaller #0 PREEMPT(full) [ 470.632877][T13342] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 470.632889][T13342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 470.632906][T13342] Call Trace: [ 470.632916][T13342] [ 470.632926][T13342] dump_stack_lvl+0x100/0x190 [ 470.632968][T13342] should_fail_ex.cold+0x5/0xa [ 470.633021][T13342] get_futex_key+0x1d2/0x1620 [ 470.633063][T13342] ? __pfx_get_futex_key+0x10/0x10 [ 470.633104][T13342] ? __pfx_fs_bdev_sync+0x10/0x10 [ 470.633133][T13342] ? invalidate_bdev+0x92/0xb0 [ 470.633162][T13342] futex_wake+0xea/0x530 [ 470.633208][T13342] ? __pfx_futex_wake+0x10/0x10 [ 470.633257][T13342] ? do_vfs_ioctl+0x226/0x13e0 [ 470.633305][T13342] do_futex+0x32b/0x350 [ 470.633352][T13342] ? __pfx_do_futex+0x10/0x10 [ 470.633393][T13342] ? find_held_lock+0x2b/0x80 [ 470.633428][T13342] __x64_sys_futex+0x34f/0x4d0 [ 470.633470][T13342] ? __pfx_blkdev_ioctl+0x10/0x10 [ 470.633500][T13342] ? __pfx___x64_sys_futex+0x10/0x10 [ 470.633534][T13342] ? xfd_validate_state+0x129/0x190 [ 470.633584][T13342] do_syscall_64+0xc9/0xf80 [ 470.633615][T13342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 470.633640][T13342] RIP: 0033:0x7f396bf9aeb9 [ 470.633660][T13342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 470.633682][T13342] RSP: 002b:00007f396a1b40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 470.633705][T13342] RAX: ffffffffffffffda RBX: 00007f396c216188 RCX: 00007f396bf9aeb9 [ 470.633720][T13342] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f396c21618c [ 470.633734][T13342] RBP: 00007f396c216180 R08: 0000000000000000 R09: 0000000000000000 [ 470.633747][T13342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 470.633760][T13342] R13: 00007f396c216218 R14: 00007ffe6a5a8930 R15: 00007ffe6a5a8a18 [ 470.633789][T13342] [ 470.903183][ T5837] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 470.927995][ T5837] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 470.938903][ T5837] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 470.957825][ T5837] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 470.965591][ T5837] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 471.326547][T13351] chnl_net:caif_netlink_parms(): no params data found [ 471.671649][T13351] bridge0: port 1(bridge_slave_0) entered blocking state [ 471.698372][T13351] bridge0: port 1(bridge_slave_0) entered disabled state [ 471.709632][T13351] bridge_slave_0: entered allmulticast mode [ 471.719301][T13351] bridge_slave_0: entered promiscuous mode [ 471.744728][T13351] bridge0: port 2(bridge_slave_1) entered blocking state [ 471.752948][T13351] bridge0: port 2(bridge_slave_1) entered disabled state [ 471.766862][T13351] bridge_slave_1: entered allmulticast mode [ 471.778948][T13351] bridge_slave_1: entered promiscuous mode [ 471.929356][T13351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 471.945730][T13351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 472.008646][T13351] team0: Port device team_slave_0 added [ 472.016473][T13351] team0: Port device team_slave_1 added [ 472.048302][T13351] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 472.055328][T13351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 472.090425][T13351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 472.104947][T13351] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 472.113991][T13351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 472.141723][T13351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 472.223137][T13382] sysfs_service_op_show: Client not running :-5: [ 472.312863][T13351] hsr_slave_0: entered promiscuous mode [ 472.323627][T13351] hsr_slave_1: entered promiscuous mode [ 472.333433][T13351] debugfs: 'hsr0' already exists in 'hsr' [ 472.341255][T13351] Cannot create hsr debugfs directory [ 472.616924][T13351] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 472.646006][T13351] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 472.666860][T13351] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 472.682836][T13351] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 472.850969][T13351] 8021q: adding VLAN 0 to HW filter on device bond0 [ 472.862454][ T30] audit: type=1800 audit(1843104743.050:27): pid=13409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1444" name="dbroot" dev="configfs" ino=55859 res=0 errno=0 [ 472.903925][T13410] tipc: Started in network mode [ 472.918046][T13410] tipc: Node identity ffffffff, cluster identity 4711 [ 472.925230][T13410] tipc: Node number set to 4294967295 [ 472.982307][T13351] 8021q: adding VLAN 0 to HW filter on device team0 [ 473.039139][ T5837] Bluetooth: hci5: command tx timeout [ 473.084824][ T66] bridge0: port 1(bridge_slave_0) entered blocking state [ 473.092043][ T66] bridge0: port 1(bridge_slave_0) entered forwarding state [ 473.186919][ T66] bridge0: port 2(bridge_slave_1) entered blocking state [ 473.194214][ T66] bridge0: port 2(bridge_slave_1) entered forwarding state [ 473.872877][T13351] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 474.612125][T13351] veth0_vlan: entered promiscuous mode [ 474.649278][T13351] veth1_vlan: entered promiscuous mode [ 474.715076][T13351] veth0_macvtap: entered promiscuous mode [ 474.799505][T13351] veth1_macvtap: entered promiscuous mode [ 474.833286][T13351] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 474.921590][T13351] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 474.968701][ T7184] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.076147][ T7184] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.107697][ T7184] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.116578][ T7184] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 475.125821][ T5837] Bluetooth: hci5: command tx timeout [ 475.270418][ T66] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.296694][ T66] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 475.556649][ T7185] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 475.564611][ T7185] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 476.652403][T13477] blktrace: Concurrent blktraces are not allowed on loop2 [ 476.695291][T13480] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1451'. [ 477.028972][T13489] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1451'. [ 477.113207][T13480] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1451'. [ 477.188458][T13489] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1451'. [ 477.198292][ T5837] Bluetooth: hci5: command tx timeout [ 477.264171][T13480] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1451'. [ 477.312720][T13489] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1451'. [ 478.988123][ T5146] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 478.998350][ T5146] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 479.006401][ T5146] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 479.014719][ T5146] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 479.022370][ T5146] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 479.277142][ T5146] Bluetooth: hci5: command tx timeout [ 479.767343][T13531] FAULT_INJECTION: forcing a failure. [ 479.767343][T13531] name failslab, interval 1, probability 0, space 0, times 0 [ 479.805393][T13531] CPU: 1 UID: 0 PID: 13531 Comm: syz.4.1461 Tainted: G U L syzkaller #0 PREEMPT(full) [ 479.805444][T13531] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 479.805456][T13531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 479.805473][T13531] Call Trace: [ 479.805483][T13531] [ 479.805495][T13531] dump_stack_lvl+0x100/0x190 [ 479.805535][T13531] should_fail_ex.cold+0x5/0xa [ 479.805581][T13531] should_failslab+0xc2/0x120 [ 479.805621][T13531] ? copy_splice_read+0x1a3/0xb90 [ 479.805651][T13531] __kmalloc_noprof+0xf6/0x9c0 [ 479.805677][T13531] ? splice_from_pipe_next+0x1ec/0x5a0 [ 479.805720][T13531] ? copy_splice_read+0x1a3/0xb90 [ 479.805748][T13531] copy_splice_read+0x1a3/0xb90 [ 479.805776][T13531] ? __pfx_pipe_to_null+0x10/0x10 [ 479.805826][T13531] ? __pfx_copy_splice_read+0x10/0x10 [ 479.805864][T13531] ? __pfx_splice_from_pipe+0x10/0x10 [ 479.805919][T13531] ? do_splice_read+0x28d/0x370 [ 479.805952][T13531] ? __pfx_copy_splice_read+0x10/0x10 [ 479.805982][T13531] do_splice_read+0x285/0x370 [ 479.806018][T13531] splice_direct_to_actor+0x2a1/0xa30 [ 479.806053][T13531] ? __pfx_direct_splice_actor+0x10/0x10 [ 479.806093][T13531] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 479.806137][T13531] do_splice_direct+0x174/0x240 [ 479.806170][T13531] ? __pfx_do_splice_direct+0x10/0x10 [ 479.806199][T13531] ? common_file_perm+0x1ab/0x4f0 [ 479.806241][T13531] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 479.806275][T13531] ? bpf_lsm_file_permission+0x9/0x10 [ 479.806315][T13531] ? security_file_permission+0x76/0x210 [ 479.806362][T13531] ? rw_verify_area+0xce/0x6d0 [ 479.806394][T13531] do_sendfile+0xadc/0xe20 [ 479.806434][T13531] ? __pfx_do_sendfile+0x10/0x10 [ 479.806471][T13531] ? __x64_sys_futex+0x34f/0x4d0 [ 479.806510][T13531] ? __x64_sys_futex+0x358/0x4d0 [ 479.806554][T13531] __x64_sys_sendfile64+0x1d8/0x220 [ 479.806594][T13531] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 479.806636][T13531] ? __sys_getsockname+0xce/0x110 [ 479.806682][T13531] do_syscall_64+0xc9/0xf80 [ 479.806719][T13531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.806749][T13531] RIP: 0033:0x7fcaa8d9aeb9 [ 479.806771][T13531] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 479.806798][T13531] RSP: 002b:00007fcaa9c13028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 479.806828][T13531] RAX: ffffffffffffffda RBX: 00007fcaa9016090 RCX: 00007fcaa8d9aeb9 [ 479.806848][T13531] RDX: 0000000000000000 RSI: 000000000000000a RDI: 000000000000000a [ 479.806865][T13531] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 479.806892][T13531] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 479.806909][T13531] R13: 00007fcaa9016128 R14: 00007fcaa9016090 R15: 00007ffd285483b8 [ 479.806944][T13531] [ 481.037244][ T5146] Bluetooth: hci4: command tx timeout [ 481.993785][T13552] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1466'. [ 482.313223][T13523] chnl_net:caif_netlink_parms(): no params data found [ 482.584144][T13523] bridge0: port 1(bridge_slave_0) entered blocking state [ 482.607635][T13523] bridge0: port 1(bridge_slave_0) entered disabled state [ 482.633552][T13523] bridge_slave_0: entered allmulticast mode [ 482.656411][T13523] bridge_slave_0: entered promiscuous mode [ 482.700195][T13523] bridge0: port 2(bridge_slave_1) entered blocking state [ 482.728649][T13523] bridge0: port 2(bridge_slave_1) entered disabled state [ 482.740408][T13523] bridge_slave_1: entered allmulticast mode [ 482.771078][T13523] bridge_slave_1: entered promiscuous mode [ 482.849760][T13523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 482.870293][T13523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 482.969334][T13523] team0: Port device team_slave_0 added [ 482.995601][T13523] team0: Port device team_slave_1 added [ 483.086362][T13523] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 483.118939][T13523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 483.119113][ T5837] Bluetooth: hci4: command tx timeout [ 483.156047][T13569] zswap: compressor not available [ 483.164295][T13523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 483.213989][T13523] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 483.247378][T13523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 483.322535][T13523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 483.438885][T13523] hsr_slave_0: entered promiscuous mode [ 483.445939][T13523] hsr_slave_1: entered promiscuous mode [ 483.455759][T13523] debugfs: 'hsr0' already exists in 'hsr' [ 483.464882][T13523] Cannot create hsr debugfs directory [ 483.870576][T13584] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1473'. [ 483.925905][T13587] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 484.200412][T13523] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 484.228998][T13523] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 484.254019][T13523] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 484.280127][T13523] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 484.477165][ T5146] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 484.575724][T13523] 8021q: adding VLAN 0 to HW filter on device bond0 [ 484.648569][T13523] 8021q: adding VLAN 0 to HW filter on device team0 [ 484.651682][T13600] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1476'. [ 484.664146][ T7178] bridge0: port 1(bridge_slave_0) entered blocking state [ 484.671597][ T7178] bridge0: port 1(bridge_slave_0) entered forwarding state [ 484.697340][T13600] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 484.808558][T13600] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 484.922192][ T7178] bridge0: port 2(bridge_slave_1) entered blocking state [ 484.929503][ T7178] bridge0: port 2(bridge_slave_1) entered forwarding state [ 485.197254][ T5146] Bluetooth: hci4: command tx timeout [ 485.567656][T13624] nfs4: Unknown parameter '@' [ 485.841751][T13523] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 487.219530][T13523] veth0_vlan: entered promiscuous mode [ 487.251908][T13523] veth1_vlan: entered promiscuous mode [ 487.283333][ T5146] Bluetooth: hci4: command tx timeout [ 487.354536][T13523] veth0_macvtap: entered promiscuous mode [ 487.380689][T13523] veth1_macvtap: entered promiscuous mode [ 487.420398][T13523] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 487.474055][T13523] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 487.509288][T11778] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 487.521488][T11778] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 487.532657][T11778] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 487.542222][T11778] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 487.699706][ T7172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 487.734210][ T7172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 487.805582][ T7172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 487.824746][ T7172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 489.229668][T13671] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 489.261562][T13671] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 489.268357][T13671] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 489.274580][T13671] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 489.284668][T13671] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 489.326949][T13674] futex_wake_op: syz.4.1487 tries to shift op by -2048; fix this program [ 489.367861][T13674] futex_wake_op: syz.4.1487 tries to shift op by -2048; fix this program [ 489.399579][T13671] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 489.421251][T13671] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 489.460528][T13671] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 489.488213][T13671] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 490.715335][T13703] __vm_enough_memory: pid: 13703, comm: syz.1.1493, bytes: 8589938688 not enough memory for the allocation [ 490.975367][T13708] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1495'. [ 490.995232][T13708] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1495'. [ 491.277180][ T5146] Bluetooth: hci5: command 0x0c1a tx timeout [ 491.284372][ T5837] Bluetooth: hci3: command 0x0c1a tx timeout [ 491.284937][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout [ 491.290476][ T5837] Bluetooth: hci1: command 0x2016 tx timeout [ 491.437368][ T5835] Bluetooth: hci4: command 0x0c1a tx timeout [ 493.357175][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout [ 493.517192][ T5835] Bluetooth: hci4: command 0x0c1a tx timeout [ 494.312297][T13746] FAULT_INJECTION: forcing a failure. [ 494.312297][T13746] name failslab, interval 1, probability 0, space 0, times 0 [ 494.370384][T13746] CPU: 0 UID: 0 PID: 13746 Comm: syz.4.1503 Tainted: G U L syzkaller #0 PREEMPT(full) [ 494.370441][T13746] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 494.370452][T13746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 494.370469][T13746] Call Trace: [ 494.370478][T13746] [ 494.370490][T13746] dump_stack_lvl+0x100/0x190 [ 494.370519][T13746] should_fail_ex.cold+0x5/0xa [ 494.370550][T13746] should_failslab+0xc2/0x120 [ 494.370576][T13746] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 494.370600][T13746] ? stack_depot_save_flags+0x27/0x9c0 [ 494.370629][T13746] ? __d_alloc+0x34/0xa80 [ 494.370654][T13746] ? __d_alloc+0x34/0xa80 [ 494.370675][T13746] __d_alloc+0x34/0xa80 [ 494.370700][T13746] d_alloc_parallel+0x111/0x14e0 [ 494.370743][T13746] ? find_held_lock+0x2b/0x80 [ 494.370761][T13746] ? __d_lookup+0x25c/0x4a0 [ 494.370789][T13746] ? __pfx_d_alloc_parallel+0x10/0x10 [ 494.370823][T13746] ? __d_lookup+0x266/0x4a0 [ 494.370873][T13746] lookup_open.isra.0+0x633/0x1890 [ 494.370901][T13746] ? do_raw_spin_lock+0x128/0x260 [ 494.370946][T13746] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 494.370981][T13746] ? lookup_fast+0x2da/0x600 [ 494.371000][T13746] path_openat+0xa9b/0x3120 [ 494.371029][T13746] ? __pfx_path_openat+0x10/0x10 [ 494.371059][T13746] do_filp_open+0x1f7/0x420 [ 494.371085][T13746] ? __pfx_do_filp_open+0x10/0x10 [ 494.371133][T13746] ? __pfx_kfree_link+0x10/0x10 [ 494.371185][T13746] ? _raw_spin_unlock+0x28/0x50 [ 494.371211][T13746] ? alloc_fd+0x476/0x790 [ 494.371256][T13746] do_sys_openat2+0x12e/0x220 [ 494.371286][T13746] ? __pfx_do_sys_openat2+0x10/0x10 [ 494.371322][T13746] __x64_sys_openat+0x12d/0x210 [ 494.371351][T13746] ? __pfx___x64_sys_openat+0x10/0x10 [ 494.371377][T13746] ? xfd_validate_state+0x129/0x190 [ 494.371413][T13746] do_syscall_64+0xc9/0xf80 [ 494.371436][T13746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 494.371455][T13746] RIP: 0033:0x7fcaa8d9aeb9 [ 494.371478][T13746] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 494.371505][T13746] RSP: 002b:00007fcaa9c13028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 494.371532][T13746] RAX: ffffffffffffffda RBX: 00007fcaa9016090 RCX: 00007fcaa8d9aeb9 [ 494.371551][T13746] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 494.371565][T13746] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 494.371576][T13746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 494.371586][T13746] R13: 00007fcaa9016128 R14: 00007fcaa9016090 R15: 00007ffd285483b8 [ 494.371610][T13746] [ 495.447860][ T5835] Bluetooth: hci5: command 0x0c1a tx timeout [ 495.597260][ T5835] Bluetooth: hci4: command 0x0c1a tx timeout [ 496.634294][T13773] zswap: compressor û not available [ 496.662859][T13770] Setting dangerous option i915.mitigations - tainting kernel [ 496.680383][T13777] Setting dangerous option i915.mitigations - tainting kernel [ 497.961215][T13801] FAULT_INJECTION: forcing a failure. [ 497.961215][T13801] name failslab, interval 1, probability 0, space 0, times 0 [ 498.000896][T13801] CPU: 1 UID: 0 PID: 13801 Comm: syz.5.1515 Tainted: G U L syzkaller #0 PREEMPT(full) [ 498.000964][T13801] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 498.000977][T13801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 498.000995][T13801] Call Trace: [ 498.001006][T13801] [ 498.001018][T13801] dump_stack_lvl+0x100/0x190 [ 498.001062][T13801] should_fail_ex.cold+0x5/0xa [ 498.001112][T13801] should_failslab+0xc2/0x120 [ 498.001157][T13801] kmem_cache_alloc_noprof+0x83/0x780 [ 498.001196][T13801] ? d_instantiate+0x90/0xb0 [ 498.001235][T13801] ? alloc_empty_file+0x55/0x1c0 [ 498.001286][T13801] ? alloc_empty_file+0x55/0x1c0 [ 498.001329][T13801] alloc_empty_file+0x55/0x1c0 [ 498.001374][T13801] alloc_file_pseudo+0x13a/0x230 [ 498.001421][T13801] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 498.001468][T13801] ? alloc_fd+0x476/0x790 [ 498.001509][T13801] sock_alloc_file+0x50/0x210 [ 498.001561][T13801] __sys_socket+0x1c0/0x260 [ 498.001599][T13801] ? __pfx___sys_socket+0x10/0x10 [ 498.001634][T13801] ? xfd_validate_state+0x129/0x190 [ 498.001691][T13801] __x64_sys_socket+0x72/0xb0 [ 498.001727][T13801] ? lockdep_hardirqs_on+0x78/0x100 [ 498.001765][T13801] do_syscall_64+0xc9/0xf80 [ 498.001805][T13801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.001837][T13801] RIP: 0033:0x7fd38eb9aeb9 [ 498.001863][T13801] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 498.001893][T13801] RSP: 002b:00007fd38f994028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 498.001933][T13801] RAX: ffffffffffffffda RBX: 00007fd38ee15fa0 RCX: 00007fd38eb9aeb9 [ 498.001954][T13801] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 498.001972][T13801] RBP: 00007fd38ec08c1f R08: 0000000000000000 R09: 0000000000000000 [ 498.001990][T13801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 498.002008][T13801] R13: 00007fd38ee16038 R14: 00007fd38ee15fa0 R15: 00007ffcd4c4e758 [ 498.002050][T13801] [ 498.767631][T13814] usb usb36: usbfs: process 13814 (syz.4.1517) did not claim interface 0 before use [ 498.910052][T13822] Invalid ELF header magic: != ELF [ 499.408045][T13829] zswap: compressor not available [ 500.340114][ T5837] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 500.373295][ T5837] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 500.381820][ T5837] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 500.414104][ T5837] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 500.422632][ T5837] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 500.689275][T13860] sd 0:0:1:0: PR command failed: 1026 [ 500.697177][T13860] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 500.707721][T13860] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 501.143717][T13851] nfs4: Unknown parameter '' [ 501.976853][T13856] chnl_net:caif_netlink_parms(): no params data found [ 502.320469][ T5835] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 502.475713][T13856] bridge0: port 1(bridge_slave_0) entered blocking state [ 502.487196][ T5835] Bluetooth: hci6: command tx timeout [ 502.508378][T13856] bridge0: port 1(bridge_slave_0) entered disabled state [ 502.515668][T13856] bridge_slave_0: entered allmulticast mode [ 502.547265][T13856] bridge_slave_0: entered promiscuous mode [ 502.562649][T13856] bridge0: port 2(bridge_slave_1) entered blocking state [ 502.621138][T13856] bridge0: port 2(bridge_slave_1) entered disabled state [ 502.646536][T13856] bridge_slave_1: entered allmulticast mode [ 502.655375][T13856] bridge_slave_1: entered promiscuous mode [ 502.767654][T13879] sp0: Synchronizing with TNC [ 502.770715][T13856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 502.819966][T13856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 503.104008][T13890] FAULT_INJECTION: forcing a failure. [ 503.104008][T13890] name failslab, interval 1, probability 0, space 0, times 0 [ 503.137250][T13890] CPU: 1 UID: 0 PID: 13890 Comm: syz.4.1530 Tainted: G U L syzkaller #0 PREEMPT(full) [ 503.137301][T13890] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 503.137313][T13890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 503.137331][T13890] Call Trace: [ 503.137341][T13890] [ 503.137352][T13890] dump_stack_lvl+0x100/0x190 [ 503.137395][T13890] should_fail_ex.cold+0x5/0xa [ 503.137445][T13890] should_failslab+0xc2/0x120 [ 503.137495][T13890] __kmalloc_cache_noprof+0x80/0x810 [ 503.137526][T13890] ? kernfs_root+0xee/0x2a0 [ 503.137555][T13890] ? kernfs_fop_open+0x23d/0xd50 [ 503.137593][T13890] ? kernfs_fop_open+0x23d/0xd50 [ 503.137620][T13890] kernfs_fop_open+0x23d/0xd50 [ 503.137661][T13890] do_dentry_open+0x73e/0x1570 [ 503.137697][T13890] ? __pfx_kernfs_fop_open+0x10/0x10 [ 503.137728][T13890] ? security_inode_permission+0xbf/0x250 [ 503.137779][T13890] vfs_open+0x82/0x3f0 [ 503.137828][T13890] path_openat+0x21dc/0x3120 [ 503.137889][T13890] ? __pfx_path_openat+0x10/0x10 [ 503.137941][T13890] do_filp_open+0x1f7/0x420 [ 503.137980][T13890] ? __pfx_do_filp_open+0x10/0x10 [ 503.138046][T13890] ? _raw_spin_unlock+0x28/0x50 [ 503.138075][T13890] ? alloc_fd+0x476/0x790 [ 503.138124][T13890] do_sys_openat2+0x12e/0x220 [ 503.138170][T13890] ? __pfx_do_sys_openat2+0x10/0x10 [ 503.138220][T13890] ? __fget_files+0x21f/0x3d0 [ 503.138263][T13890] __x64_sys_openat+0x12d/0x210 [ 503.138309][T13890] ? __pfx___x64_sys_openat+0x10/0x10 [ 503.138354][T13890] ? xfd_validate_state+0x129/0x190 [ 503.138416][T13890] do_syscall_64+0xc9/0xf80 [ 503.138456][T13890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.138487][T13890] RIP: 0033:0x7fcaa8d9aeb9 [ 503.138518][T13890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 503.138546][T13890] RSP: 002b:00007fcaa9c34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 503.138576][T13890] RAX: ffffffffffffffda RBX: 00007fcaa9015fa0 RCX: 00007fcaa8d9aeb9 [ 503.138595][T13890] RDX: 000000000000a801 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 503.138614][T13890] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 503.138632][T13890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 503.138650][T13890] R13: 00007fcaa9016038 R14: 00007fcaa9015fa0 R15: 00007ffd285483b8 [ 503.138691][T13890] [ 503.147755][T13856] team0: Port device team_slave_0 added [ 503.401589][T13856] team0: Port device team_slave_1 added [ 503.598581][T13856] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 503.605748][T13856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 503.633063][T13856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 503.647607][T13856] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 503.654740][T13856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 503.683613][T13856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 504.294960][T13899] Process accounting resumed [ 504.353990][T13856] hsr_slave_0: entered promiscuous mode [ 504.368533][T13856] hsr_slave_1: entered promiscuous mode [ 504.387319][T13856] debugfs: 'hsr0' already exists in 'hsr' [ 504.393199][T13856] Cannot create hsr debugfs directory [ 504.559722][ T5835] Bluetooth: hci6: command tx timeout [ 504.672210][T13913] bridge0: port 3(bond0) entered blocking state [ 504.680507][T13913] bridge0: port 3(bond0) entered disabled state [ 504.688537][T13913] bond0: entered allmulticast mode [ 504.694124][T13913] bond_slave_0: entered allmulticast mode [ 504.700871][T13913] bond_slave_1: entered allmulticast mode [ 504.708432][T13913] bond0: entered promiscuous mode [ 504.713575][T13913] bond_slave_0: entered promiscuous mode [ 504.719813][T13913] bond_slave_1: entered promiscuous mode [ 504.726139][T13913] bridge0: port 3(bond0) entered blocking state [ 504.733153][T13913] bridge0: port 3(bond0) entered forwarding state [ 505.905252][T13856] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 506.052023][T13856] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 506.074706][T13856] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 506.121947][T13856] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 506.637186][ T5835] Bluetooth: hci6: command tx timeout [ 506.724443][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.734385][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.844882][T13856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 506.910535][T13856] 8021q: adding VLAN 0 to HW filter on device team0 [ 506.985554][T11767] bridge0: port 1(bridge_slave_0) entered blocking state [ 506.992733][T11767] bridge0: port 1(bridge_slave_0) entered forwarding state [ 507.093153][ T7185] bridge0: port 2(bridge_slave_1) entered blocking state [ 507.100400][ T7185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 507.372013][T13954] FAULT_INJECTION: forcing a failure. [ 507.372013][T13954] name failslab, interval 1, probability 0, space 0, times 0 [ 507.478467][T13954] CPU: 1 UID: 0 PID: 13954 Comm: syz.5.1541 Tainted: G U L syzkaller #0 PREEMPT(full) [ 507.478525][T13954] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 507.478536][T13954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 507.478552][T13954] Call Trace: [ 507.478562][T13954] [ 507.478573][T13954] dump_stack_lvl+0x100/0x190 [ 507.478614][T13954] should_fail_ex.cold+0x5/0xa [ 507.478660][T13954] should_failslab+0xc2/0x120 [ 507.478700][T13954] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 507.478728][T13954] __kmalloc_noprof+0xf6/0x9c0 [ 507.478779][T13954] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 507.478806][T13954] kernfs_fop_write_iter+0x26a/0x5f0 [ 507.478840][T13954] vfs_write+0x6ac/0x1070 [ 507.478874][T13954] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 507.478907][T13954] ? __pfx_vfs_write+0x10/0x10 [ 507.478936][T13954] ? find_held_lock+0x2b/0x80 [ 507.478990][T13954] ksys_write+0x12a/0x250 [ 507.479022][T13954] ? __pfx_ksys_write+0x10/0x10 [ 507.479066][T13954] do_syscall_64+0xc9/0xf80 [ 507.479106][T13954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 507.479133][T13954] RIP: 0033:0x7fd38eb9aeb9 [ 507.479157][T13954] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 507.479183][T13954] RSP: 002b:00007fd38f973028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 507.479211][T13954] RAX: ffffffffffffffda RBX: 00007fd38ee16090 RCX: 00007fd38eb9aeb9 [ 507.479230][T13954] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 507.479246][T13954] RBP: 00007fd38f973090 R08: 0000000000000000 R09: 0000000000000000 [ 507.479262][T13954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 507.479279][T13954] R13: 00007fd38ee16128 R14: 00007fd38ee16090 R15: 00007ffcd4c4e758 [ 507.479319][T13954] [ 507.836254][T13856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 507.984975][T13965] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1542'. [ 508.729420][ T5835] Bluetooth: hci6: command tx timeout [ 509.066088][T13856] veth0_vlan: entered promiscuous mode [ 509.145805][T13856] veth1_vlan: entered promiscuous mode [ 509.473626][T13996] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1547'. [ 509.938487][T13996] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 510.026929][T13996] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 510.629092][T13856] veth0_macvtap: entered promiscuous mode [ 510.656502][T13856] veth1_macvtap: entered promiscuous mode [ 510.760001][T13856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 510.786714][T13856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 510.822843][ T7172] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 510.840590][ T7172] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 510.858226][ T7172] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 510.878462][ T7172] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 511.058721][ T7172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 511.066613][ T7172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 511.195571][ T7670] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 511.205484][ T7670] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 511.552673][T13986] kexec: Could not allocate control_code_buffer [ 511.995160][T14036] netlink: 98 bytes leftover after parsing attributes in process `syz.6.1552'. [ 512.076347][T14036] futex_wake_op: syz.6.1552 tries to shift op by -2048; fix this program [ 512.114201][T14036] futex_wake_op: syz.6.1552 tries to shift op by -2048; fix this program [ 512.177340][T14036] 0x000000000001-0x000000020000 : "" [ 512.229781][T14036] ftl_cs: FTL header corrupt! [ 512.415196][T14046] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 512.426167][T14043] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1553'. [ 512.855013][T14050] sp0: Synchronizing with TNC [ 513.203857][T14057] FAULT_INJECTION: forcing a failure. [ 513.203857][T14057] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 513.222794][T14057] CPU: 1 UID: 0 PID: 14057 Comm: syz.6.1555 Tainted: G U L syzkaller #0 PREEMPT(full) [ 513.222846][T14057] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 513.222858][T14057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 513.222876][T14057] Call Trace: [ 513.222886][T14057] [ 513.222898][T14057] dump_stack_lvl+0x100/0x190 [ 513.222940][T14057] should_fail_ex.cold+0x5/0xa [ 513.222991][T14057] _copy_from_user+0x2e/0xd0 [ 513.223039][T14057] copy_msghdr_from_user+0x9f/0x4f0 [ 513.223077][T14057] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 513.223125][T14057] ? __lock_acquire+0x4a5/0x2630 [ 513.223173][T14057] ___sys_recvmsg+0xdd/0x1a0 [ 513.223209][T14057] ? __pfx____sys_recvmsg+0x10/0x10 [ 513.223267][T14057] ? __pfx___might_resched+0x10/0x10 [ 513.223321][T14057] do_recvmmsg+0x301/0x760 [ 513.223363][T14057] ? __pfx_do_recvmmsg+0x10/0x10 [ 513.223409][T14057] ? do_futex+0x192/0x350 [ 513.223476][T14057] ? __x64_sys_futex+0x34f/0x4d0 [ 513.223524][T14057] __x64_sys_recvmmsg+0x22a/0x280 [ 513.223574][T14057] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 513.223634][T14057] do_syscall_64+0xc9/0xf80 [ 513.223675][T14057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 513.223706][T14057] RIP: 0033:0x7fa2d2d9aeb9 [ 513.223731][T14057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 513.223760][T14057] RSP: 002b:00007fa2d3bc3028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 513.223790][T14057] RAX: ffffffffffffffda RBX: 00007fa2d3016090 RCX: 00007fa2d2d9aeb9 [ 513.223809][T14057] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 513.223827][T14057] RBP: 00007fa2d2e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 513.223845][T14057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 513.223863][T14057] R13: 00007fa2d3016128 R14: 00007fa2d3016090 R15: 00007ffc043dbd68 [ 513.223903][T14057] [ 513.981664][T14073] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1558'. [ 515.513442][T14092] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 516.261888][T14111] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1565'. [ 516.287530][T14112] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1565'. [ 517.731120][T14147] sd 0:0:1:0: PR command failed: 1026 [ 517.739413][T14147] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 517.746686][T14148] netlink: 'syz.5.1573': attribute type 1 has an invalid length. [ 517.777491][T14147] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 519.382129][T14184] sock: sock_timestamping_bind_phc: sock not bind to device [ 521.339966][T14220] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 522.564834][T14245] GUP no longer grows the stack in syz.4.1592 (14245): 14000-18000 (4000) [ 522.618261][T14245] CPU: 1 UID: 0 PID: 14245 Comm: syz.4.1592 Tainted: G U L syzkaller #0 PREEMPT(full) [ 522.618316][T14245] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 522.618328][T14245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 522.618356][T14245] Call Trace: [ 522.618366][T14245] [ 522.618379][T14245] dump_stack_lvl+0x100/0x190 [ 522.618425][T14245] gup_vma_lookup.cold+0x83/0x96 [ 522.618469][T14245] __get_user_pages+0x241/0x34d0 [ 522.618527][T14245] ? find_held_lock+0x2b/0x80 [ 522.618559][T14245] ? mtree_load+0x311/0xa40 [ 522.618594][T14245] ? __pfx___get_user_pages+0x10/0x10 [ 522.618653][T14245] get_user_pages_remote+0x3d2/0xb10 [ 522.618708][T14245] ? __pfx_get_user_pages_remote+0x10/0x10 [ 522.618758][T14245] ? noop_dirty_folio+0x98/0x160 [ 522.618814][T14245] __access_remote_vm+0x3ba/0xa70 [ 522.618866][T14245] ? __pfx___access_remote_vm+0x10/0x10 [ 522.618921][T14245] mem_rw+0x20a/0x640 [ 522.618959][T14245] vfs_write+0x2aa/0x1070 [ 522.618996][T14245] ? __pfx_mem_write+0x10/0x10 [ 522.619030][T14245] ? __pfx_vfs_write+0x10/0x10 [ 522.619057][T14245] ? find_held_lock+0x2b/0x80 [ 522.619086][T14245] ? __fget_files+0x215/0x3d0 [ 522.619126][T14245] ? __fget_files+0x21f/0x3d0 [ 522.619172][T14245] ksys_write+0x12a/0x250 [ 522.619206][T14245] ? __pfx_ksys_write+0x10/0x10 [ 522.619253][T14245] do_syscall_64+0xc9/0xf80 [ 522.619301][T14245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 522.619332][T14245] RIP: 0033:0x7fcaa8d9aeb9 [ 522.619367][T14245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 522.619396][T14245] RSP: 002b:00007fcaa9c34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 522.619427][T14245] RAX: ffffffffffffffda RBX: 00007fcaa9015fa0 RCX: 00007fcaa8d9aeb9 [ 522.619448][T14245] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 522.619466][T14245] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 522.619485][T14245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 522.619502][T14245] R13: 00007fcaa9016038 R14: 00007fcaa9015fa0 R15: 00007ffd285483b8 [ 522.619547][T14245] [ 523.152495][T14251] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1594'. [ 523.171995][T14251] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 523.345294][T14251] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 523.562864][ T5835] Bluetooth: hci6: unexpected event 0x09 length: 435 > 3 [ 527.046835][T14318] FAULT_INJECTION: forcing a failure. [ 527.046835][T14318] name failslab, interval 1, probability 0, space 0, times 0 [ 527.142561][T14318] CPU: 1 UID: 0 PID: 14318 Comm: syz.6.1608 Tainted: G U L syzkaller #0 PREEMPT(full) [ 527.142595][T14318] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 527.142602][T14318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 527.142613][T14318] Call Trace: [ 527.142619][T14318] [ 527.142627][T14318] dump_stack_lvl+0x100/0x190 [ 527.142654][T14318] should_fail_ex.cold+0x5/0xa [ 527.142683][T14318] should_failslab+0xc2/0x120 [ 527.142710][T14318] __kmalloc_cache_noprof+0x80/0x810 [ 527.142729][T14318] ? append_filter_err+0x435/0x620 [ 527.142755][T14318] ? apply_subsystem_event_filter+0x565/0x17a0 [ 527.142778][T14318] ? apply_subsystem_event_filter+0x565/0x17a0 [ 527.142795][T14318] apply_subsystem_event_filter+0x565/0x17a0 [ 527.142820][T14318] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 527.142843][T14318] ? _copy_from_user+0x59/0xd0 [ 527.142889][T14318] subsystem_filter_write+0x95/0x120 [ 527.142920][T14318] vfs_write+0x2aa/0x1070 [ 527.142942][T14318] ? __pfx_subsystem_filter_write+0x10/0x10 [ 527.142962][T14318] ? __pfx_vfs_write+0x10/0x10 [ 527.142981][T14318] ? find_held_lock+0x2b/0x80 [ 527.143000][T14318] ? __fget_files+0x215/0x3d0 [ 527.143023][T14318] ? __fget_files+0x21f/0x3d0 [ 527.143049][T14318] ksys_write+0x12a/0x250 [ 527.143068][T14318] ? __pfx_ksys_write+0x10/0x10 [ 527.143095][T14318] do_syscall_64+0xc9/0xf80 [ 527.143119][T14318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 527.143138][T14318] RIP: 0033:0x7fa2d2d9aeb9 [ 527.143153][T14318] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 527.143170][T14318] RSP: 002b:00007fa2d3be4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 527.143188][T14318] RAX: ffffffffffffffda RBX: 00007fa2d3015fa0 RCX: 00007fa2d2d9aeb9 [ 527.143200][T14318] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007 [ 527.143219][T14318] RBP: 00007fa2d2e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 527.143230][T14318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 527.143240][T14318] R13: 00007fa2d3016038 R14: 00007fa2d3015fa0 R15: 00007ffc043dbd68 [ 527.143264][T14318] [ 527.499467][T14322] random: crng reseeded on system resumption [ 528.201697][T14341] zswap: compressor ûW–îë“;Å0못„?u=8å}Öƒ•L­Ö(£E‘¤¤Ö¹‰jj–8+ÕÄxp¥—Èœ‹ŒNkR³¦°¤uoêÇo‹ÿ¬<µSÔH ¾}ïEd }¡ìöP¢…8a [ 533.416830][T14431] dump_stack_lvl+0x100/0x190 [ 533.416871][T14431] should_fail_ex.cold+0x5/0xa [ 533.416921][T14431] should_failslab+0xc2/0x120 [ 533.416961][T14431] kmem_cache_alloc_noprof+0x83/0x780 [ 533.416994][T14431] ? irqentry_exit+0x180/0x670 [ 533.417028][T14431] ? __kernfs_new_node+0xd2/0x960 [ 533.417073][T14431] ? __kernfs_new_node+0xd2/0x960 [ 533.417109][T14431] __kernfs_new_node+0xd2/0x960 [ 533.417161][T14431] ? mark_held_locks+0x40/0x70 [ 533.417201][T14431] ? __pfx___kernfs_new_node+0x10/0x10 [ 533.417240][T14431] ? lockdep_hardirqs_on+0x78/0x100 [ 533.417279][T14431] ? rcu_preempt_deferred_qs_irqrestore+0x4fd/0xb90 [ 533.417337][T14431] ? __rcu_read_unlock+0x24d/0x550 [ 533.417385][T14431] kernfs_new_node+0x11b/0x1a0 [ 533.417435][T14431] __kernfs_create_file+0x53/0x350 [ 533.417473][T14431] sysfs_add_file_mode_ns+0x207/0x3c0 [ 533.417521][T14431] internal_create_group+0x593/0xf40 [ 533.417572][T14431] ? __pfx_internal_create_group+0x10/0x10 [ 533.417618][T14431] ? kernfs_create_link+0x1bd/0x240 [ 533.417653][T14431] internal_create_groups+0x9d/0x150 [ 533.417698][T14431] device_add+0x71a/0x1950 [ 533.417743][T14431] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 533.417776][T14431] ? __pfx_device_add+0x10/0x10 [ 533.417819][T14431] ? lockdep_init_map_type+0x5c/0x250 [ 533.417862][T14431] ? __init_waitqueue_head+0xca/0x150 [ 533.417921][T14431] netdev_register_kobject+0x1a9/0x3d0 [ 533.417961][T14431] register_netdevice+0x12b3/0x21d0 [ 533.418017][T14431] ? __pfx_register_netdevice+0x10/0x10 [ 533.418070][T14431] slip_open+0xb8a/0x1120 [ 533.418115][T14431] ? __pfx_slip_open+0x10/0x10 [ 533.418160][T14431] ? tty_set_ldisc+0x2b1/0x740 [ 533.418211][T14431] ? __pfx_slip_open+0x10/0x10 [ 533.418249][T14431] tty_ldisc_open+0xa2/0x120 [ 533.418290][T14431] tty_set_ldisc+0x325/0x740 [ 533.418335][T14431] tty_ioctl+0x695/0x1690 [ 533.418381][T14431] ? __pfx_tty_ioctl+0x10/0x10 [ 533.418437][T14431] ? find_held_lock+0x2b/0x80 [ 533.418466][T14431] ? hook_file_ioctl_common+0x146/0x410 [ 533.418520][T14431] ? __fget_files+0x21f/0x3d0 [ 533.418561][T14431] ? __pfx_tty_ioctl+0x10/0x10 [ 533.418608][T14431] __x64_sys_ioctl+0x18e/0x210 [ 533.418659][T14431] do_syscall_64+0xc9/0xf80 [ 533.418700][T14431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 533.418731][T14431] RIP: 0033:0x7fcaa8d9aeb9 [ 533.418756][T14431] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 533.418786][T14431] RSP: 002b:00007fcaa9c34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 533.418816][T14431] RAX: ffffffffffffffda RBX: 00007fcaa9015fa0 RCX: 00007fcaa8d9aeb9 [ 533.418836][T14431] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000008 [ 533.418853][T14431] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 533.418871][T14431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 533.418888][T14431] R13: 00007fcaa9016038 R14: 00007fcaa9015fa0 R15: 00007ffd285483b8 [ 533.418931][T14431] [ 533.973159][T14442] netlink: 330 bytes leftover after parsing attributes in process `syz.6.1638'. [ 534.452842][T14449] zswap: compressor not available [ 535.754536][T14457] Process accounting paused [ 536.730910][T14485] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1647'. [ 537.002067][T14471] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 537.097323][T14471] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 537.116091][T14471] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 537.137533][T14471] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 537.153270][T14471] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 537.168117][T14471] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 537.188694][T14471] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 537.242313][T14471] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 538.157725][T13715] Bluetooth: hci1: command 0x2016 tx timeout [ 538.502357][T14515] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 539.117213][T13715] Bluetooth: hci2: command 0x0c1a tx timeout [ 539.197988][T13715] Bluetooth: hci5: command 0x0c1a tx timeout [ 539.205525][ T5835] Bluetooth: hci6: command 0x0c1a tx timeout [ 539.208379][ T5837] Bluetooth: hci4: command 0x0c1a tx timeout [ 539.211763][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 539.452201][T14527] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1654'. [ 539.523655][T14527] veth0_macvtap: left promiscuous mode [ 540.226739][T14542] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1659'. [ 541.300074][ T5835] Bluetooth: hci6: command 0x0c1a tx timeout [ 541.539578][T14556] nfs: Unknown parameter 'nl802154' [ 543.276177][T14584] zswap: compressor not available [ 543.367481][T13715] Bluetooth: hci6: command 0x0c1a tx timeout [ 543.373583][ T5835] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 544.984091][T13715] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 545.002442][T13715] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 545.020884][T13715] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 545.041158][T13715] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 545.060087][T13715] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 545.252055][T14627] netlink: 294 bytes leftover after parsing attributes in process `syz.1.1675'. [ 545.762374][ T30] audit: type=1806 audit(1843104815.930:29): xattr=08 res=-22 [ 545.781046][T14620] chnl_net:caif_netlink_parms(): no params data found [ 546.092028][T14650] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1679'. [ 546.633631][T14620] bridge0: port 1(bridge_slave_0) entered blocking state [ 546.655790][T14620] bridge0: port 1(bridge_slave_0) entered disabled state [ 546.680114][T14620] bridge_slave_0: entered allmulticast mode [ 546.707907][T14620] bridge_slave_0: entered promiscuous mode [ 546.757986][T14620] bridge0: port 2(bridge_slave_1) entered blocking state [ 546.780010][T14620] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.847342][T14620] bridge_slave_1: entered allmulticast mode [ 546.862683][T14620] bridge_slave_1: entered promiscuous mode [ 547.110225][T14620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 547.127349][ T5835] Bluetooth: hci0: command tx timeout [ 547.157758][T14620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 547.347410][T14620] team0: Port device team_slave_0 added [ 547.386210][T14673] netlink: 342 bytes leftover after parsing attributes in process `syz.6.1682'. [ 547.484288][T14671] can: request_module (can-proto-4) failed. [ 547.505264][T14620] team0: Port device team_slave_1 added [ 547.686172][T14620] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 547.709733][T14620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 547.773033][T14620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 547.814166][T14620] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 547.835754][T14620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 547.885661][T14620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 548.029441][T14620] hsr_slave_0: entered promiscuous mode [ 548.035929][T14620] hsr_slave_1: entered promiscuous mode [ 548.061950][T14620] debugfs: 'hsr0' already exists in 'hsr' [ 548.070445][T14620] Cannot create hsr debugfs directory [ 548.561712][T14620] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 548.584352][T14620] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 548.620997][T14620] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 548.649928][T14620] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 549.002758][T14620] 8021q: adding VLAN 0 to HW filter on device bond0 [ 549.069544][T14620] 8021q: adding VLAN 0 to HW filter on device team0 [ 549.115283][ T7178] bridge0: port 1(bridge_slave_0) entered blocking state [ 549.122580][ T7178] bridge0: port 1(bridge_slave_0) entered forwarding state [ 549.143253][ T7184] bridge0: port 2(bridge_slave_1) entered blocking state [ 549.150410][ T7184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 549.197772][ T5835] Bluetooth: hci0: command tx timeout [ 549.743170][T14620] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 550.183713][T14620] veth0_vlan: entered promiscuous mode [ 550.214081][T14620] veth1_vlan: entered promiscuous mode [ 550.264041][T14620] veth0_macvtap: entered promiscuous mode [ 550.286764][T14620] veth1_macvtap: entered promiscuous mode [ 550.354142][T14620] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 550.399104][T14620] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 550.433291][ T7185] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.466967][ T7185] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.506800][ T7185] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.532624][ T7185] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 550.580041][ T7185] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 550.596667][ T7185] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 550.689238][T11767] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 550.704907][T11767] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 551.287903][ T5835] Bluetooth: hci0: command tx timeout [ 551.634739][T14754] vhci_hcd vhci_hcd.2: default hub control req: 0503 v0014 i0006 l2042 [ 551.900545][T14760] netlink: 'syz.7.1696': attribute type 1 has an invalid length. [ 552.025473][ T799] smpboot: CPU 1 is now offline [ 553.359158][ T5835] Bluetooth: hci0: command tx timeout [ 555.308394][T14809] zswap: compressor not available [ 555.585012][T14809] FAULT_INJECTION: forcing a failure. [ 555.585012][T14809] name failslab, interval 1, probability 0, space 0, times 0 [ 555.651451][T14809] CPU: 0 UID: 0 PID: 14809 Comm: syz.4.1707 Tainted: G U L syzkaller #0 PREEMPT(full) [ 555.651484][T14809] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 555.651491][T14809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 555.651502][T14809] Call Trace: [ 555.651508][T14809] [ 555.651515][T14809] dump_stack_lvl+0x100/0x190 [ 555.651542][T14809] should_fail_ex.cold+0x5/0xa [ 555.651571][T14809] should_failslab+0xc2/0x120 [ 555.651598][T14809] kmem_cache_alloc_noprof+0x83/0x780 [ 555.651622][T14809] ? alloc_empty_file+0x55/0x1c0 [ 555.651651][T14809] ? alloc_empty_file+0x55/0x1c0 [ 555.651688][T14809] alloc_empty_file+0x55/0x1c0 [ 555.651715][T14809] path_openat+0xe8/0x3120 [ 555.651735][T14809] ? getname_flags+0x93/0xf0 [ 555.651751][T14809] ? do_sys_openat2+0xc5/0x220 [ 555.651776][T14809] ? __x64_sys_open+0xfe/0x1d0 [ 555.651801][T14809] ? do_syscall_64+0xc9/0xf80 [ 555.651822][T14809] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.651845][T14809] ? __pfx_path_openat+0x10/0x10 [ 555.651874][T14809] do_filp_open+0x1f7/0x420 [ 555.651896][T14809] ? __pfx_do_filp_open+0x10/0x10 [ 555.651941][T14809] ? alloc_fd+0x476/0x790 [ 555.651966][T14809] do_sys_openat2+0x12e/0x220 [ 555.651994][T14809] ? __pfx_do_sys_openat2+0x10/0x10 [ 555.652022][T14809] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 555.652052][T14809] __x64_sys_open+0xfe/0x1d0 [ 555.652079][T14809] ? __pfx___x64_sys_open+0x10/0x10 [ 555.652106][T14809] ? xfd_validate_state+0x129/0x190 [ 555.652141][T14809] do_syscall_64+0xc9/0xf80 [ 555.652164][T14809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 555.652182][T14809] RIP: 0033:0x7fcaa8d9aeb9 [ 555.652197][T14809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 555.652215][T14809] RSP: 002b:00007fcaa9c34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 555.652233][T14809] RAX: ffffffffffffffda RBX: 00007fcaa9015fa0 RCX: 00007fcaa8d9aeb9 [ 555.652245][T14809] RDX: 0000000000000408 RSI: 0000000000000000 RDI: 0000200000000100 [ 555.652255][T14809] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 555.652266][T14809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 555.652276][T14809] R13: 00007fcaa9016038 R14: 00007fcaa9015fa0 R15: 00007ffd285483b8 [ 555.652298][T14809] [ 560.023255][T14878] FAULT_INJECTION: forcing a failure. [ 560.023255][T14878] name failslab, interval 1, probability 0, space 0, times 0 [ 560.053286][T14878] CPU: 0 UID: 0 PID: 14878 Comm: syz.4.1721 Tainted: G U L syzkaller #0 PREEMPT(full) [ 560.053320][T14878] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 560.053327][T14878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 560.053337][T14878] Call Trace: [ 560.053344][T14878] [ 560.053351][T14878] dump_stack_lvl+0x100/0x190 [ 560.053377][T14878] should_fail_ex.cold+0x5/0xa [ 560.053407][T14878] should_failslab+0xc2/0x120 [ 560.053434][T14878] ? drm_atomic_state_init+0xec/0x540 [ 560.053456][T14878] __kmalloc_noprof+0xf6/0x9c0 [ 560.053481][T14878] ? drm_atomic_state_init+0xec/0x540 [ 560.053502][T14878] drm_atomic_state_init+0xec/0x540 [ 560.053523][T14878] ? kasan_save_track+0x14/0x30 [ 560.053548][T14878] drm_atomic_state_alloc+0xd3/0x120 [ 560.053572][T14878] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 560.053599][T14878] ? trace_contention_end+0xd6/0x110 [ 560.053625][T14878] ? __mutex_lock+0x26a/0x1b90 [ 560.053647][T14878] ? __mutex_lock+0x26a/0x1b90 [ 560.053669][T14878] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 560.053695][T14878] ? drm_master_internal_acquire+0x21/0x80 [ 560.053742][T14878] drm_client_modeset_commit_locked+0x14d/0x580 [ 560.053772][T14878] drm_client_modeset_commit+0x4f/0x80 [ 560.053804][T14878] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 560.053833][T14878] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 560.053867][T14878] drm_fbdev_client_restore+0x1b/0x30 [ 560.053887][T14878] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 560.053907][T14878] drm_client_dev_restore+0x205/0x2a0 [ 560.053938][T14878] drm_release+0x2c6/0x360 [ 560.053961][T14878] ? __pfx_drm_release+0x10/0x10 [ 560.053984][T14878] __fput+0x3ff/0xb40 [ 560.054014][T14878] task_work_run+0x150/0x240 [ 560.054043][T14878] ? __pfx_task_work_run+0x10/0x10 [ 560.054078][T14878] exit_to_user_mode_loop+0x100/0x4b0 [ 560.054103][T14878] ? rcu_is_watching+0x12/0xc0 [ 560.054123][T14878] do_syscall_64+0x4ea/0xf80 [ 560.054146][T14878] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 560.054165][T14878] RIP: 0033:0x7fcaa8d9aeb9 [ 560.054180][T14878] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 560.054197][T14878] RSP: 002b:00007fcaa9c34028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 560.054215][T14878] RAX: 0000000000000000 RBX: 00007fcaa9015fa0 RCX: 00007fcaa8d9aeb9 [ 560.054226][T14878] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 560.054236][T14878] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 560.054247][T14878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 560.054257][T14878] R13: 00007fcaa9016038 R14: 00007fcaa9015fa0 R15: 00007ffd285483b8 [ 560.054280][T14878] [ 560.472005][ T30] audit: type=1800 audit(1843104830.590:30): pid=14881 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1722" name="dbroot" dev="configfs" ino=66614 res=0 errno=0 [ 562.191515][ T5835] Bluetooth: hci5: unexpected subevent 0x01 length: 123 > 18 [ 562.205672][ T5835] Bluetooth: hci5: Unable to find connection for big 0xd2 [ 563.173477][T14936] FAULT_INJECTION: forcing a failure. [ 563.173477][T14936] name failslab, interval 1, probability 0, space 0, times 0 [ 563.187288][T14936] CPU: 0 UID: 0 PID: 14936 Comm: syz.4.1734 Tainted: G U L syzkaller #0 PREEMPT(full) [ 563.187320][T14936] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 563.187327][T14936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 563.187338][T14936] Call Trace: [ 563.187344][T14936] [ 563.187351][T14936] dump_stack_lvl+0x100/0x190 [ 563.187378][T14936] should_fail_ex.cold+0x5/0xa [ 563.187408][T14936] should_failslab+0xc2/0x120 [ 563.187434][T14936] __kmalloc_cache_noprof+0x80/0x810 [ 563.187454][T14936] ? kobject_uevent_env+0x263/0x18b0 [ 563.187486][T14936] ? kobject_uevent_env+0x263/0x18b0 [ 563.187512][T14936] kobject_uevent_env+0x263/0x18b0 [ 563.187543][T14936] ? internal_create_groups+0x11a/0x150 [ 563.187572][T14936] netdev_queue_update_kobjects+0x1a7/0x6f0 [ 563.187599][T14936] netdev_register_kobject+0x2b3/0x3d0 [ 563.187620][T14936] register_netdevice+0x12b3/0x21d0 [ 563.187653][T14936] ? __pfx_register_netdevice+0x10/0x10 [ 563.187690][T14936] __ip_tunnel_create+0x52b/0x670 [ 563.187721][T14936] ? __pfx___ip_tunnel_create+0x10/0x10 [ 563.187749][T14936] ? net_generic+0xea/0x2a0 [ 563.187771][T14936] ip_tunnel_init_net+0x230/0x780 [ 563.187791][T14936] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 563.187817][T14936] ? __pfx_ipgre_init_net+0x10/0x10 [ 563.187842][T14936] ops_init+0x1e2/0x5f0 [ 563.187872][T14936] setup_net+0x118/0x3a0 [ 563.187900][T14936] ? __pfx_setup_net+0x10/0x10 [ 563.187927][T14936] ? lockdep_init_map_type+0x5c/0x250 [ 563.187953][T14936] ? mutex_init_lockep+0x110/0x150 [ 563.187981][T14936] copy_net_ns+0x46f/0x7c0 [ 563.188002][T14936] create_new_namespaces+0x3ea/0xab0 [ 563.188037][T14936] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 563.188059][T14936] ksys_unshare+0x455/0xab0 [ 563.188086][T14936] ? __pfx_ksys_unshare+0x10/0x10 [ 563.188112][T14936] ? xfd_validate_state+0x129/0x190 [ 563.188149][T14936] __x64_sys_unshare+0x31/0x40 [ 563.188174][T14936] do_syscall_64+0xc9/0xf80 [ 563.188199][T14936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.188217][T14936] RIP: 0033:0x7fcaa8d9aeb9 [ 563.188233][T14936] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 563.188250][T14936] RSP: 002b:00007fcaa9c34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 563.188268][T14936] RAX: ffffffffffffffda RBX: 00007fcaa9015fa0 RCX: 00007fcaa8d9aeb9 [ 563.188280][T14936] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 563.188290][T14936] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 563.188301][T14936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.188311][T14936] R13: 00007fcaa9016038 R14: 00007fcaa9015fa0 R15: 00007ffd285483b8 [ 563.188334][T14936] [ 563.746540][T13715] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 563.760133][T13715] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 563.768720][T13715] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 563.776424][T13715] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 563.785042][T13715] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 564.004169][T14939] chnl_net:caif_netlink_parms(): no params data found [ 564.081958][T14939] bridge0: port 1(bridge_slave_0) entered blocking state [ 564.090136][T14939] bridge0: port 1(bridge_slave_0) entered disabled state [ 564.097819][T14939] bridge_slave_0: entered allmulticast mode [ 564.105170][T14939] bridge_slave_0: entered promiscuous mode [ 564.113605][T14939] bridge0: port 2(bridge_slave_1) entered blocking state [ 564.121155][T14939] bridge0: port 2(bridge_slave_1) entered disabled state [ 564.133751][T14939] bridge_slave_1: entered allmulticast mode [ 564.142695][T14939] bridge_slave_1: entered promiscuous mode [ 564.175278][T14939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 564.188531][T14939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 564.218035][T14939] team0: Port device team_slave_0 added [ 564.226217][T14939] team0: Port device team_slave_1 added [ 564.256876][T14939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 564.264019][T14939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 564.294044][T14939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 564.306584][T14939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 564.314074][T14939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 564.344363][T14939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 564.398382][T14939] hsr_slave_0: entered promiscuous mode [ 564.405165][T14939] hsr_slave_1: entered promiscuous mode [ 564.411951][T14939] debugfs: 'hsr0' already exists in 'hsr' [ 564.418363][T14939] Cannot create hsr debugfs directory [ 564.610836][T14939] netdevsim netdevsim8 netdevsim0: renamed from eth0 [ 564.621739][T14939] netdevsim netdevsim8 netdevsim1: renamed from eth1 [ 564.634439][T14939] netdevsim netdevsim8 netdevsim2: renamed from eth2 [ 564.661364][T14939] netdevsim netdevsim8 netdevsim3: renamed from eth3 [ 564.748940][T14939] bridge0: port 2(bridge_slave_1) entered blocking state [ 564.756203][T14939] bridge0: port 2(bridge_slave_1) entered forwarding state [ 564.763825][T14939] bridge0: port 1(bridge_slave_0) entered blocking state [ 564.771090][T14939] bridge0: port 1(bridge_slave_0) entered forwarding state [ 564.972964][ T7184] bridge0: port 1(bridge_slave_0) entered disabled state [ 565.032854][ T7184] bridge0: port 2(bridge_slave_1) entered disabled state [ 565.070888][T13715] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 565.081809][T13715] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 565.093051][T13715] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 565.110277][T13715] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 565.123299][T13715] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 565.370308][T14939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 565.475044][T14972] FAULT_INJECTION: forcing a failure. [ 565.475044][T14972] name failslab, interval 1, probability 0, space 0, times 0 [ 565.540212][T14972] CPU: 0 UID: 0 PID: 14972 Comm: syz.7.1740 Tainted: G U L syzkaller #0 PREEMPT(full) [ 565.540245][T14972] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 565.540253][T14972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 565.540263][T14972] Call Trace: [ 565.540271][T14972] [ 565.540281][T14972] dump_stack_lvl+0x100/0x190 [ 565.540308][T14972] should_fail_ex.cold+0x5/0xa [ 565.540338][T14972] should_failslab+0xc2/0x120 [ 565.540365][T14972] __kmalloc_node_track_caller_noprof+0xf9/0x9d0 [ 565.540389][T14972] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 565.540418][T14972] ? lockdep_hardirqs_on+0x78/0x100 [ 565.540438][T14972] ? ip6_route_net_init+0x224/0x8d0 [ 565.540467][T14972] ? kmemdup_noprof+0x29/0x60 [ 565.540490][T14972] kmemdup_noprof+0x29/0x60 [ 565.540514][T14972] ip6_route_net_init+0x224/0x8d0 [ 565.540542][T14972] ? __pfx_ip6_route_net_init+0x10/0x10 [ 565.540567][T14972] ops_init+0x1e2/0x5f0 [ 565.540598][T14972] setup_net+0x118/0x3a0 [ 565.540626][T14972] ? __pfx_setup_net+0x10/0x10 [ 565.540657][T14972] ? lockdep_init_map_type+0x5c/0x250 [ 565.540684][T14972] ? mutex_init_lockep+0x110/0x150 [ 565.540713][T14972] copy_net_ns+0x46f/0x7c0 [ 565.540733][T14972] create_new_namespaces+0x3ea/0xab0 [ 565.540758][T14972] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 565.540781][T14972] ksys_unshare+0x455/0xab0 [ 565.540809][T14972] ? __pfx_ksys_unshare+0x10/0x10 [ 565.540835][T14972] ? xfd_validate_state+0x129/0x190 [ 565.540870][T14972] __x64_sys_unshare+0x31/0x40 [ 565.540895][T14972] do_syscall_64+0xc9/0xf80 [ 565.540918][T14972] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.540936][T14972] RIP: 0033:0x7f7dc2b9aeb9 [ 565.540960][T14972] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 565.540978][T14972] RSP: 002b:00007f7dc3a09028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 565.540997][T14972] RAX: ffffffffffffffda RBX: 00007f7dc2e15fa0 RCX: 00007f7dc2b9aeb9 [ 565.541008][T14972] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 565.541019][T14972] RBP: 00007f7dc2c08c1f R08: 0000000000000000 R09: 0000000000000000 [ 565.541030][T14972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 565.541041][T14972] R13: 00007f7dc2e16038 R14: 00007f7dc2e15fa0 R15: 00007ffcc2388ba8 [ 565.541064][T14972] [ 565.862800][T13715] Bluetooth: hci7: command tx timeout [ 566.044224][T14939] 8021q: adding VLAN 0 to HW filter on device team0 [ 566.089432][ T7184] bridge0: port 1(bridge_slave_0) entered blocking state [ 566.096699][ T7184] bridge0: port 1(bridge_slave_0) entered forwarding state [ 566.186823][ T7184] bridge0: port 2(bridge_slave_1) entered blocking state [ 566.193992][ T7184] bridge0: port 2(bridge_slave_1) entered forwarding state [ 566.452886][T14939] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 566.599434][T14964] chnl_net:caif_netlink_parms(): no params data found [ 567.197216][T13715] Bluetooth: hci8: command tx timeout [ 567.920822][T13715] Bluetooth: hci7: command tx timeout [ 568.163220][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.177644][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.277781][T13715] Bluetooth: hci8: command tx timeout [ 569.489476][T14964] bridge0: port 1(bridge_slave_0) entered blocking state [ 569.498635][T14964] bridge0: port 1(bridge_slave_0) entered disabled state [ 569.505827][T14964] bridge_slave_0: entered allmulticast mode [ 569.514530][T14964] bridge_slave_0: entered promiscuous mode [ 569.561531][T14964] bridge0: port 2(bridge_slave_1) entered blocking state [ 569.571097][T14964] bridge0: port 2(bridge_slave_1) entered disabled state [ 569.578863][T14964] bridge_slave_1: entered allmulticast mode [ 569.586247][T14964] bridge_slave_1: entered promiscuous mode [ 569.612326][T14939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 569.700767][T14964] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 569.756109][T14964] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 569.917849][T14964] team0: Port device team_slave_0 added [ 569.948125][T14964] team0: Port device team_slave_1 added [ 570.003049][T13715] Bluetooth: hci7: command tx timeout [ 570.105073][T14964] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 570.136699][T15009] netlink: 672 bytes leftover after parsing attributes in process `syz.4.1745'. [ 570.155595][T14964] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 570.244940][T14964] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 570.312471][T14964] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 570.322268][T15013] FAULT_INJECTION: forcing a failure. [ 570.322268][T15013] name failslab, interval 1, probability 0, space 0, times 0 [ 570.357208][T14964] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 570.435552][T15013] CPU: 0 UID: 0 PID: 15013 Comm: syz.7.1746 Tainted: G U L syzkaller #0 PREEMPT(full) [ 570.435586][T15013] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 570.435593][T15013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 570.435603][T15013] Call Trace: [ 570.435609][T15013] [ 570.435616][T15013] dump_stack_lvl+0x100/0x190 [ 570.435644][T15013] should_fail_ex.cold+0x5/0xa [ 570.435683][T15013] should_failslab+0xc2/0x120 [ 570.435709][T15013] ? lsm_blob_alloc+0x68/0x90 [ 570.435728][T15013] __kmalloc_noprof+0xf6/0x9c0 [ 570.435753][T15013] ? lsm_blob_alloc+0x68/0x90 [ 570.435772][T15013] lsm_blob_alloc+0x68/0x90 [ 570.435792][T15013] security_sk_alloc+0x2d/0x290 [ 570.435817][T15013] sk_prot_alloc+0x1d1/0x2a0 [ 570.435838][T15013] sk_alloc+0x36/0xe80 [ 570.435865][T15013] inet_create+0x3a0/0x1060 [ 570.435886][T15013] ? inet_create+0x94/0x1060 [ 570.435911][T15013] __sock_create+0x339/0x860 [ 570.435935][T15013] mptcp_subflow_create_socket+0xec/0xa30 [ 570.435966][T15013] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 570.436001][T15013] __mptcp_nmpc_sk+0x17f/0x870 [ 570.436030][T15013] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 570.436062][T15013] ? __local_bh_enable_ip+0x9e/0x120 [ 570.436089][T15013] mptcp_bind+0xa3/0x1e0 [ 570.436118][T15013] __sys_bind+0x1a9/0x260 [ 570.436142][T15013] ? __pfx___sys_bind+0x10/0x10 [ 570.436178][T15013] __x64_sys_bind+0x72/0xb0 [ 570.436200][T15013] ? lockdep_hardirqs_on+0x78/0x100 [ 570.436221][T15013] do_syscall_64+0xc9/0xf80 [ 570.436245][T15013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.436264][T15013] RIP: 0033:0x7f7dc2b9aeb9 [ 570.436280][T15013] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 570.436298][T15013] RSP: 002b:00007f7dc39e8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 570.436316][T15013] RAX: ffffffffffffffda RBX: 00007f7dc2e16090 RCX: 00007f7dc2b9aeb9 [ 570.436327][T15013] RDX: 000000000000006a RSI: 0000200000000040 RDI: 000000000000000b [ 570.436338][T15013] RBP: 00007f7dc2c08c1f R08: 0000000000000000 R09: 0000000000000000 [ 570.436349][T15013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 570.436360][T15013] R13: 00007f7dc2e16128 R14: 00007f7dc2e16090 R15: 00007ffcc2388ba8 [ 570.436382][T15013] [ 570.709913][T14964] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 570.751086][T14964] hsr_slave_0: entered promiscuous mode [ 570.757516][T14964] hsr_slave_1: entered promiscuous mode [ 570.763825][T14964] debugfs: 'hsr0' already exists in 'hsr' [ 570.769601][T14964] Cannot create hsr debugfs directory [ 571.075650][T14964] netdevsim netdevsim9 netdevsim0: renamed from eth0 [ 571.173944][T14964] netdevsim netdevsim9 netdevsim1: renamed from eth1 [ 571.186164][T14964] netdevsim netdevsim9 netdevsim2: renamed from eth2 [ 571.210805][T14939] veth0_vlan: entered promiscuous mode [ 571.218786][T14964] netdevsim netdevsim9 netdevsim3: renamed from eth3 [ 571.275313][T14939] veth1_vlan: entered promiscuous mode [ 571.358182][T13715] Bluetooth: hci8: command tx timeout [ 571.460230][T14939] veth0_macvtap: entered promiscuous mode [ 571.669464][T14939] veth1_macvtap: entered promiscuous mode [ 571.830382][T14939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 571.896008][T14964] 8021q: adding VLAN 0 to HW filter on device bond0 [ 571.939842][T14939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 571.999140][ T7180] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 572.026359][T14964] 8021q: adding VLAN 0 to HW filter on device team0 [ 572.064524][ T7180] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 572.082818][ T5835] Bluetooth: hci7: command tx timeout [ 572.101234][ T7180] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 572.168897][T11767] bridge0: port 1(bridge_slave_0) entered blocking state [ 572.176028][T11767] bridge0: port 1(bridge_slave_0) entered forwarding state [ 572.221827][ T7180] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 572.283128][T11767] bridge0: port 2(bridge_slave_1) entered blocking state [ 572.290289][T11767] bridge0: port 2(bridge_slave_1) entered forwarding state [ 572.465701][T11767] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 572.516134][T11767] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 572.620376][ T7172] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 572.652824][ T7172] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 573.184512][T14964] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 573.323529][T15061] random: crng reseeded on system resumption [ 573.424454][T15054] zswap: compressor  not available [ 573.437322][ T5835] Bluetooth: hci8: command tx timeout [ 573.916330][T15074] FAULT_INJECTION: forcing a failure. [ 573.916330][T15074] name fail_futex, interval 1, probability 0, space 0, times 0 [ 573.930197][T15074] CPU: 0 UID: 0 PID: 15074 Comm: syz.8.1753 Tainted: G U L syzkaller #0 PREEMPT(full) [ 573.930228][T15074] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 573.930234][T15074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 573.930245][T15074] Call Trace: [ 573.930251][T15074] [ 573.930258][T15074] dump_stack_lvl+0x100/0x190 [ 573.930285][T15074] should_fail_ex.cold+0x5/0xa [ 573.930315][T15074] should_fail_futex+0x4c/0x60 [ 573.930339][T15074] lock_pi_update_atomic+0x20/0x130 [ 573.930369][T15074] futex_lock_pi_atomic+0x3c5/0xaf0 [ 573.930403][T15074] futex_lock_pi+0x246/0x7b0 [ 573.930434][T15074] ? __pfx_futex_lock_pi+0x10/0x10 [ 573.930465][T15074] ? __pfx___futex_wait+0x10/0x10 [ 573.930482][T15074] ? lockdep_hardirqs_on+0x78/0x100 [ 573.930520][T15074] ? __pfx_futex_wake_mark+0x10/0x10 [ 573.930555][T15074] ? ksys_write+0x190/0x250 [ 573.930575][T15074] ? ksys_write+0x190/0x250 [ 573.930599][T15074] do_futex+0x18a/0x350 [ 573.930624][T15074] ? __pfx_do_futex+0x10/0x10 [ 573.930662][T15074] __x64_sys_futex+0x34f/0x4d0 [ 573.930689][T15074] ? fput+0x79/0x100 [ 573.930713][T15074] ? __pfx___x64_sys_futex+0x10/0x10 [ 573.930738][T15074] ? xfd_validate_state+0x129/0x190 [ 573.930774][T15074] do_syscall_64+0xc9/0xf80 [ 573.930797][T15074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.930816][T15074] RIP: 0033:0x7f31dff9aeb9 [ 573.930831][T15074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 573.930849][T15074] RSP: 002b:00007f31e0e09028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 573.930867][T15074] RAX: ffffffffffffffda RBX: 00007f31e0216270 RCX: 00007f31dff9aeb9 [ 573.930879][T15074] RDX: 0000000000000008 RSI: 0000000000000086 RDI: 0000000000000000 [ 573.930890][T15074] RBP: 00007f31e0008c1f R08: 0000000000000000 R09: 0000000000000007 [ 573.930900][T15074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 573.930911][T15074] R13: 00007f31e0216308 R14: 00007f31e0216270 R15: 00007ffcbe920ea8 [ 573.930933][T15074] [ 575.403476][T14964] veth0_vlan: entered promiscuous mode [ 575.490783][T14964] veth1_vlan: entered promiscuous mode [ 575.727798][T14964] veth0_macvtap: entered promiscuous mode [ 575.766508][T14964] veth1_macvtap: entered promiscuous mode [ 575.833430][T14964] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 575.913666][T14964] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 576.017158][T11767] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.026011][T11767] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.082231][T11767] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.174446][T11767] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 576.537148][ T7172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 576.544981][ T7172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 576.744833][T11767] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 576.799175][T11767] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 578.622911][T15135] Invalid ELF header magic: != ELF [ 579.488175][T15154] FAULT_INJECTION: forcing a failure. [ 579.488175][T15154] name failslab, interval 1, probability 0, space 0, times 0 [ 579.603658][T15154] CPU: 0 UID: 0 PID: 15154 Comm: syz.9.1764 Tainted: G U L syzkaller #0 PREEMPT(full) [ 579.603692][T15154] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 579.603700][T15154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 579.603710][T15154] Call Trace: [ 579.603717][T15154] [ 579.603725][T15154] dump_stack_lvl+0x100/0x190 [ 579.603751][T15154] should_fail_ex.cold+0x5/0xa [ 579.603780][T15154] should_failslab+0xc2/0x120 [ 579.603806][T15154] ? lsm_blob_alloc+0x68/0x90 [ 579.603824][T15154] __kmalloc_noprof+0xf6/0x9c0 [ 579.603841][T15154] ? sk_prot_alloc+0x10b/0x2a0 [ 579.603860][T15154] ? rcu_is_watching+0x12/0xc0 [ 579.603877][T15154] ? sk_prot_alloc+0x10b/0x2a0 [ 579.603898][T15154] ? lsm_blob_alloc+0x68/0x90 [ 579.603916][T15154] lsm_blob_alloc+0x68/0x90 [ 579.603935][T15154] security_sk_alloc+0x2d/0x290 [ 579.603960][T15154] sk_prot_alloc+0x12a/0x2a0 [ 579.603980][T15154] sk_alloc+0x36/0xe80 [ 579.604005][T15154] caif_create+0x10b/0x430 [ 579.604029][T15154] __sock_create+0x339/0x860 [ 579.604053][T15154] __sys_socket+0x14d/0x260 [ 579.604075][T15154] ? __pfx___sys_socket+0x10/0x10 [ 579.604095][T15154] ? xfd_validate_state+0x129/0x190 [ 579.604128][T15154] __x64_sys_socket+0x72/0xb0 [ 579.604149][T15154] ? lockdep_hardirqs_on+0x78/0x100 [ 579.604169][T15154] do_syscall_64+0xc9/0xf80 [ 579.604192][T15154] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.604210][T15154] RIP: 0033:0x7fb85e39aeb9 [ 579.604224][T15154] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 579.604241][T15154] RSP: 002b:00007fb85f257028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 579.604259][T15154] RAX: ffffffffffffffda RBX: 00007fb85e615fa0 RCX: 00007fb85e39aeb9 [ 579.604271][T15154] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000025 [ 579.604281][T15154] RBP: 00007fb85e408c1f R08: 0000000000000000 R09: 0000000000000000 [ 579.604291][T15154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 579.604301][T15154] R13: 00007fb85e616038 R14: 00007fb85e615fa0 R15: 00007ffcd3bd34e8 [ 579.604323][T15154] [ 580.263737][T15164] FAULT_INJECTION: forcing a failure. [ 580.263737][T15164] name failslab, interval 1, probability 0, space 0, times 0 [ 580.307265][T15164] CPU: 0 UID: 0 PID: 15164 Comm: syz.4.1766 Tainted: G U L syzkaller #0 PREEMPT(full) [ 580.307300][T15164] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 580.307307][T15164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 580.307317][T15164] Call Trace: [ 580.307323][T15164] [ 580.307330][T15164] dump_stack_lvl+0x100/0x190 [ 580.307356][T15164] should_fail_ex.cold+0x5/0xa [ 580.307386][T15164] should_failslab+0xc2/0x120 [ 580.307412][T15164] __kmalloc_cache_noprof+0x80/0x810 [ 580.307432][T15164] ? alloc_fdtable+0xbd/0x2d0 [ 580.307449][T15164] ? do_raw_spin_lock+0x128/0x260 [ 580.307480][T15164] ? alloc_fdtable+0xbd/0x2d0 [ 580.307498][T15164] alloc_fdtable+0xbd/0x2d0 [ 580.307526][T15164] dup_fd+0x995/0xd10 [ 580.307549][T15164] ? apparmor_task_alloc+0x2c1/0x3b0 [ 580.307574][T15164] copy_process+0x26cc/0x7890 [ 580.307598][T15164] ? __pfx___futex_wait+0x10/0x10 [ 580.307624][T15164] ? __pfx_copy_process+0x10/0x10 [ 580.307658][T15164] kernel_clone+0xfc/0x930 [ 580.307680][T15164] ? __pfx_futex_wait+0x10/0x10 [ 580.307698][T15164] ? __pfx_kernel_clone+0x10/0x10 [ 580.307732][T15164] ? 0xffffffffff600000 [ 580.307745][T15164] __do_sys_clone+0xd9/0x120 [ 580.307769][T15164] ? __pfx___do_sys_clone+0x10/0x10 [ 580.307793][T15164] ? __sys_sendmsg+0x18f/0x220 [ 580.307819][T15164] ? 0xffffffffff600000 [ 580.307837][T15164] ? xfd_validate_state+0x129/0x190 [ 580.307872][T15164] do_syscall_64+0xc9/0xf80 [ 580.307896][T15164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.307914][T15164] RIP: 0033:0x7fcaa8d9aeb9 [ 580.307928][T15164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 580.307945][T15164] RSP: 002b:00007fcaa9c34028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 580.307963][T15164] RAX: ffffffffffffffda RBX: 00007fcaa9015fa0 RCX: 00007fcaa8d9aeb9 [ 580.307974][T15164] RDX: ffffffffffffffff RSI: 0000000000000005 RDI: 0000000000009001 [ 580.307984][T15164] RBP: 00007fcaa8e08c1f R08: 0000000000000005 R09: 0000000000000000 [ 580.307995][T15164] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000000 [ 580.308005][T15164] R13: 00007fcaa9016038 R14: 00007fcaa9015fa0 R15: 00007ffd285483b8 [ 580.308020][T15164] ? 0xffffffffff600000 [ 580.308039][T15164] [ 581.634807][T15186] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 582.830201][T15262] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1774'. [ 582.926084][T15262] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 582.960649][T15262] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 583.061236][T15262] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 583.068867][T15262] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 583.533474][T15273] FAULT_INJECTION: forcing a failure. [ 583.533474][T15273] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 583.725437][T15273] CPU: 0 UID: 0 PID: 15273 Comm: syz.4.1776 Tainted: G U L syzkaller #0 PREEMPT(full) [ 583.725471][T15273] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 583.725478][T15273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 583.725488][T15273] Call Trace: [ 583.725503][T15273] [ 583.725510][T15273] dump_stack_lvl+0x100/0x190 [ 583.725537][T15273] should_fail_ex.cold+0x5/0xa [ 583.725564][T15273] ? prepare_alloc_pages+0x16d/0x5f0 [ 583.725595][T15273] should_fail_alloc_page+0xeb/0x140 [ 583.725627][T15273] prepare_alloc_pages+0x1f0/0x5f0 [ 583.725654][T15273] ? rcu_is_watching+0x12/0xc0 [ 583.725675][T15273] __alloc_frozen_pages_noprof+0x193/0x2410 [ 583.725703][T15273] ? __lock_acquire+0x4a5/0x2630 [ 583.725726][T15273] ? css_rstat_updated+0x1ce/0x5a0 [ 583.725748][T15273] ? __pfx_css_rstat_updated+0x10/0x10 [ 583.725768][T15273] ? xas_create+0x1f4/0x14e0 [ 583.725791][T15273] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 583.725817][T15273] ? rcu_is_watching+0x12/0xc0 [ 583.725841][T15273] ? __lock_acquire+0x4a5/0x2630 [ 583.725864][T15273] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 583.725885][T15273] ? policy_nodemask+0xed/0x4f0 [ 583.725912][T15273] alloc_pages_mpol+0x1fb/0x550 [ 583.725939][T15273] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 583.725965][T15273] ? find_held_lock+0x2b/0x80 [ 583.725981][T15273] ? filemap_get_entry+0x1a7/0x3b0 [ 583.726006][T15273] ? filemap_get_entry+0x1a7/0x3b0 [ 583.726033][T15273] folio_alloc_noprof+0x22/0x330 [ 583.726062][T15273] filemap_alloc_folio_noprof.part.0+0x377/0x450 [ 583.726081][T15273] ? __pfx_filemap_get_entry+0x10/0x10 [ 583.726104][T15273] ? filemap_add_folio+0x114/0x690 [ 583.726129][T15273] ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10 [ 583.726149][T15273] ? ioctx_alloc+0x1717/0x21e0 [ 583.726171][T15273] ? rcu_is_watching+0x12/0xc0 [ 583.726191][T15273] __filemap_get_folio_mpol+0x6a4/0xe70 [ 583.726222][T15273] ioctx_alloc+0x7a0/0x21e0 [ 583.726253][T15273] ? __pfx_ioctx_alloc+0x10/0x10 [ 583.726282][T15273] __x64_sys_io_setup+0xc9/0x220 [ 583.726306][T15273] do_syscall_64+0xc9/0xf80 [ 583.726329][T15273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.726348][T15273] RIP: 0033:0x7fcaa8d9aeb9 [ 583.726363][T15273] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 583.726380][T15273] RSP: 002b:00007fcaa9c13028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 583.726399][T15273] RAX: ffffffffffffffda RBX: 00007fcaa9016090 RCX: 00007fcaa8d9aeb9 [ 583.726410][T15273] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ff1f [ 583.726421][T15273] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 583.726431][T15273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.726442][T15273] R13: 00007fcaa9016128 R14: 00007fcaa9016090 R15: 00007ffd285483b8 [ 583.726465][T15273] [ 586.913011][T15307] kexec: Could not allocate control_code_buffer [ 588.274703][T15339] random: crng reseeded on system resumption [ 589.159286][T13715] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 589.171358][T13715] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 589.183392][T13715] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 589.201934][T13715] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 589.212374][T13715] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 590.087877][T15352] chnl_net:caif_netlink_parms(): no params data found [ 590.456967][T15352] bridge0: port 1(bridge_slave_0) entered blocking state [ 590.487524][T15352] bridge0: port 1(bridge_slave_0) entered disabled state [ 590.533838][T15352] bridge_slave_0: entered allmulticast mode [ 590.575328][T15352] bridge_slave_0: entered promiscuous mode [ 590.622563][T15352] bridge0: port 2(bridge_slave_1) entered blocking state [ 590.665203][T15352] bridge0: port 2(bridge_slave_1) entered disabled state [ 590.705931][T15352] bridge_slave_1: entered allmulticast mode [ 590.753484][T15352] bridge_slave_1: entered promiscuous mode [ 590.892012][T15352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 590.966174][T15352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 591.116704][T15352] team0: Port device team_slave_0 added [ 591.151878][T15352] team0: Port device team_slave_1 added [ 591.277497][ T5835] Bluetooth: hci9: command tx timeout [ 591.285236][T15352] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 591.325884][T15352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 591.423263][T15352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 591.497970][T15352] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 591.529344][T15352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 591.617656][T15352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 591.842093][T15352] hsr_slave_0: entered promiscuous mode [ 591.871816][T15352] hsr_slave_1: entered promiscuous mode [ 591.890062][T15352] debugfs: 'hsr0' already exists in 'hsr' [ 591.916781][T15352] Cannot create hsr debugfs directory [ 592.672560][T15352] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 592.886891][T15388] random: crng reseeded on system resumption [ 592.976351][T15352] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.173661][T15352] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.309333][T15352] bridge0: port 3(netdevsim0) entered disabled state [ 593.357319][ T5835] Bluetooth: hci9: command tx timeout [ 593.369947][T15352] netdevsim netdevsim2 netdevsim0 (unregistering): left allmulticast mode [ 593.387143][T15352] netdevsim netdevsim2 netdevsim0 (unregistering): left promiscuous mode [ 593.408996][T15352] bridge0: port 3(netdevsim0) entered disabled state [ 593.430069][T15352] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 593.923002][T15352] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 593.958945][T15396] vivid-007: ================= START STATUS ================= [ 593.982975][T15396] vivid-007: Generate PTS: true [ 593.991851][T15352] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 594.020174][T15396] vivid-007: Generate SCR: true [ 594.025091][T15396] tpg source WxH: 320x240 (Y'CbCr) [ 594.068702][T15352] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 594.088875][T15396] tpg field: 1 [ 594.092279][T15396] tpg crop: (0,0)/320x240 [ 594.117510][T15352] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 594.128350][T15396] tpg compose: (0,0)/320x240 [ 594.132976][T15396] tpg colorspace: 8 [ 594.172819][T15399] FAULT_INJECTION: forcing a failure. [ 594.172819][T15399] name failslab, interval 1, probability 0, space 0, times 0 [ 594.192456][T15396] tpg transfer function: 0/0 [ 594.209372][T15396] tpg Y'CbCr encoding: 0/0 [ 594.213817][T15396] tpg quantization: 0/0 [ 594.244075][T15399] CPU: 0 UID: 0 PID: 15399 Comm: syz.7.1799 Tainted: G U L syzkaller #0 PREEMPT(full) [ 594.244107][T15399] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 594.244114][T15399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 594.244125][T15399] Call Trace: [ 594.244132][T15399] [ 594.244139][T15399] dump_stack_lvl+0x100/0x190 [ 594.244165][T15399] should_fail_ex.cold+0x5/0xa [ 594.244195][T15399] should_failslab+0xc2/0x120 [ 594.244222][T15399] kmem_cache_alloc_noprof+0x83/0x780 [ 594.244246][T15399] ? __pfx_map_id_range_down+0x10/0x10 [ 594.244264][T15399] ? security_inode_alloc+0x3b/0x2c0 [ 594.244292][T15399] ? security_inode_alloc+0x3b/0x2c0 [ 594.244315][T15399] security_inode_alloc+0x3b/0x2c0 [ 594.244340][T15399] inode_init_always_gfp+0xced/0x1040 [ 594.244365][T15399] alloc_inode+0x8e/0x250 [ 594.244391][T15399] path_from_stashed+0x25b/0x750 [ 594.244412][T15399] ? do_raw_spin_unlock+0x145/0x1e0 [ 594.244444][T15399] ns_get_path+0x60/0x80 [ 594.244465][T15399] proc_ns_get_link+0x121/0x230 [ 594.244490][T15399] ? __pfx_proc_ns_get_link+0x10/0x10 [ 594.244516][T15399] ? atime_needs_update+0x8b/0x6b0 [ 594.244553][T15399] pick_link+0xd17/0x13c0 [ 594.244569][T15399] ? __pfx_proc_ns_get_link+0x10/0x10 [ 594.244596][T15399] step_into_slowpath+0x6c2/0xf50 [ 594.244617][T15399] ? __pfx_step_into_slowpath+0x10/0x10 [ 594.244634][T15399] ? find_held_lock+0x2b/0x80 [ 594.244658][T15399] path_openat+0xf95/0x3120 [ 594.244687][T15399] ? __pfx_path_openat+0x10/0x10 [ 594.244715][T15399] do_filp_open+0x1f7/0x420 [ 594.244738][T15399] ? __pfx_do_filp_open+0x10/0x10 [ 594.244774][T15399] ? _raw_spin_unlock+0x28/0x50 [ 594.244791][T15399] ? alloc_fd+0x476/0x790 [ 594.244816][T15399] do_sys_openat2+0x12e/0x220 [ 594.244844][T15399] ? __pfx_do_sys_openat2+0x10/0x10 [ 594.244873][T15399] ? __fget_files+0x21f/0x3d0 [ 594.244897][T15399] __x64_sys_openat+0x12d/0x210 [ 594.244925][T15399] ? __pfx___x64_sys_openat+0x10/0x10 [ 594.244952][T15399] ? xfd_validate_state+0x129/0x190 [ 594.244987][T15399] do_syscall_64+0xc9/0xf80 [ 594.245011][T15399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 594.245030][T15399] RIP: 0033:0x7f7dc2b5b78e [ 594.245045][T15399] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 594.245063][T15399] RSP: 002b:00007f7dc3a08ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 594.245081][T15399] RAX: ffffffffffffffda RBX: 00007f7dc3a096c0 RCX: 00007f7dc2b5b78e [ 594.245093][T15399] RDX: 0000000000000002 RSI: 00007f7dc3a08f90 RDI: ffffffffffffff9c [ 594.245104][T15399] RBP: 00007f7dc2c08c1f R08: 0000000000000000 R09: 0000000000000000 [ 594.245114][T15399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 594.245125][T15399] R13: 00007f7dc2e16038 R14: 00007f7dc2e15fa0 R15: 00007ffcc2388ba8 [ 594.245147][T15399] [ 594.847105][T15396] tpg RGB range: 0/2 [ 594.851041][T15396] vivid-007: ================== END STATUS ================== [ 595.364529][T15352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 595.476901][ T5835] Bluetooth: hci9: command tx timeout [ 595.543928][T15352] 8021q: adding VLAN 0 to HW filter on device team0 [ 595.578865][ T7172] bridge0: port 1(bridge_slave_0) entered blocking state [ 595.586014][ T7172] bridge0: port 1(bridge_slave_0) entered forwarding state [ 595.627423][ T7172] bridge0: port 2(bridge_slave_1) entered blocking state [ 595.634555][ T7172] bridge0: port 2(bridge_slave_1) entered forwarding state [ 596.613308][T15352] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 596.914054][T15352] veth0_vlan: entered promiscuous mode [ 597.092554][T15352] veth1_vlan: entered promiscuous mode [ 597.288223][T15352] veth0_macvtap: entered promiscuous mode [ 597.407799][T15352] veth1_macvtap: entered promiscuous mode [ 597.474066][T15352] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 597.526103][ T5835] Bluetooth: hci9: command tx timeout [ 597.610497][T15352] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 597.673066][ T7184] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.715512][ T7184] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.744889][ T7184] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 597.832303][ T7184] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 598.039116][ T7180] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 598.109672][ T7180] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 598.252305][ T7178] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 598.291580][ T7178] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 599.025341][ T7172] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.263113][ T7172] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.583711][ T7172] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 599.708628][ T7172] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 600.332454][ T7172] bridge_slave_1: left allmulticast mode [ 600.371480][ T7172] bridge_slave_1: left promiscuous mode [ 600.429001][ T7172] bridge0: port 2(bridge_slave_1) entered disabled state [ 600.480902][ T7172] bridge_slave_0: left allmulticast mode [ 600.506908][ T7172] bridge_slave_0: left promiscuous mode [ 600.537264][ T7172] bridge0: port 1(bridge_slave_0) entered disabled state [ 600.654044][T15478] block2mtd: error: cannot open device çinX‘©¼Ëò¨±ÂÚjFBçB>U»;߸³Ilk¬ [ 601.217863][T13715] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 601.230728][T13715] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 601.243914][T13715] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 601.252192][T13715] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 601.260778][T13715] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 601.619628][ T7172] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 601.632833][ T7172] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 601.653578][ T7172] bond0 (unregistering): Released all slaves [ 602.260130][ T7172] hsr_slave_0: left promiscuous mode [ 602.299499][ T7172] hsr_slave_1: left promiscuous mode [ 602.315756][ T7172] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 602.347219][ T7172] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 602.373311][ T7172] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 602.387175][ T7172] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 602.441760][ T7172] veth1_macvtap: left promiscuous mode [ 602.463883][ T7172] veth0_macvtap: left promiscuous mode [ 602.475826][ T7172] veth1_vlan: left promiscuous mode [ 602.492439][ T7172] veth0_vlan: left promiscuous mode [ 603.255106][ T7172] team0 (unregistering): Port device team_slave_1 removed [ 603.280854][ T5835] Bluetooth: hci7: command tx timeout [ 603.315956][ T7172] team0 (unregistering): Port device team_slave_0 removed [ 604.231168][T15492] chnl_net:caif_netlink_parms(): no params data found [ 604.941754][T15492] bridge0: port 1(bridge_slave_0) entered blocking state [ 604.980432][T15492] bridge0: port 1(bridge_slave_0) entered disabled state [ 605.032213][T15492] bridge_slave_0: entered allmulticast mode [ 605.083668][T15492] bridge_slave_0: entered promiscuous mode [ 605.129126][T15492] bridge0: port 2(bridge_slave_1) entered blocking state [ 605.136248][T15492] bridge0: port 2(bridge_slave_1) entered disabled state [ 605.209176][T15492] bridge_slave_1: entered allmulticast mode [ 605.216305][T15492] bridge_slave_1: entered promiscuous mode [ 605.357366][ T5835] Bluetooth: hci7: command tx timeout [ 605.419802][T15492] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 605.475652][T15492] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 605.585388][T15546] FAULT_INJECTION: forcing a failure. [ 605.585388][T15546] name failslab, interval 1, probability 0, space 0, times 0 [ 605.640123][T15492] team0: Port device team_slave_0 added [ 605.669660][T15492] team0: Port device team_slave_1 added [ 605.678771][T15546] CPU: 0 UID: 0 PID: 15546 Comm: syz.4.1817 Tainted: G U L syzkaller #0 PREEMPT(full) [ 605.678803][T15546] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 605.678810][T15546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 605.678821][T15546] Call Trace: [ 605.678827][T15546] [ 605.678835][T15546] dump_stack_lvl+0x100/0x190 [ 605.678861][T15546] should_fail_ex.cold+0x5/0xa [ 605.678891][T15546] should_failslab+0xc2/0x120 [ 605.678918][T15546] kmem_cache_alloc_noprof+0x83/0x780 [ 605.678942][T15546] ? __proc_create+0xc2/0x8c0 [ 605.678969][T15546] ? __proc_create+0x2cb/0x8c0 [ 605.679000][T15546] ? __proc_create+0x2cb/0x8c0 [ 605.679026][T15546] __proc_create+0x2cb/0x8c0 [ 605.679054][T15546] ? __pfx___proc_create+0x10/0x10 [ 605.679085][T15546] ? _raw_write_unlock+0x28/0x50 [ 605.679104][T15546] ? proc_register+0x559/0x8a0 [ 605.679135][T15546] proc_create_reg+0x75/0x170 [ 605.679152][T15546] ? __pfx_can_stats_proc_show+0x10/0x10 [ 605.679188][T15546] proc_create_net_single+0x86/0x180 [ 605.679218][T15546] ? __pfx_proc_create_net_single+0x10/0x10 [ 605.679250][T15546] ? round_jiffies+0x10a/0x160 [ 605.679277][T15546] can_init_proc+0xac/0x4b0 [ 605.679304][T15546] can_pernet_init+0x1e4/0x370 [ 605.679330][T15546] ? __pfx_can_pernet_init+0x10/0x10 [ 605.679354][T15546] ops_init+0x1e2/0x5f0 [ 605.679383][T15546] setup_net+0x118/0x3a0 [ 605.679411][T15546] ? __pfx_setup_net+0x10/0x10 [ 605.679438][T15546] ? lockdep_init_map_type+0x5c/0x250 [ 605.679463][T15546] ? mutex_init_lockep+0x110/0x150 [ 605.679492][T15546] copy_net_ns+0x46f/0x7c0 [ 605.679513][T15546] create_new_namespaces+0x3ea/0xab0 [ 605.679539][T15546] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 605.679562][T15546] ksys_unshare+0x455/0xab0 [ 605.679589][T15546] ? __pfx_ksys_unshare+0x10/0x10 [ 605.679615][T15546] ? xfd_validate_state+0x129/0x190 [ 605.679650][T15546] __x64_sys_unshare+0x31/0x40 [ 605.679676][T15546] do_syscall_64+0xc9/0xf80 [ 605.679699][T15546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.679718][T15546] RIP: 0033:0x7fcaa8d9aeb9 [ 605.679732][T15546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 605.679750][T15546] RSP: 002b:00007fcaa9c13028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 605.679768][T15546] RAX: ffffffffffffffda RBX: 00007fcaa9016090 RCX: 00007fcaa8d9aeb9 [ 605.679779][T15546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 605.679789][T15546] RBP: 00007fcaa8e08c1f R08: 0000000000000000 R09: 0000000000000000 [ 605.679800][T15546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 605.679810][T15546] R13: 00007fcaa9016128 R14: 00007fcaa9016090 R15: 00007ffd285483b8 [ 605.679833][T15546] [ 605.994965][T15492] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 606.002192][T15492] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 606.028241][T15492] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 606.040250][T15492] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 606.049782][T15492] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 606.076328][T15492] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 606.115333][T15492] hsr_slave_0: entered promiscuous mode [ 606.121711][T15492] hsr_slave_1: entered promiscuous mode [ 606.127901][T15492] debugfs: 'hsr0' already exists in 'hsr' [ 606.133622][T15492] Cannot create hsr debugfs directory [ 606.644846][T15492] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 606.798075][T15492] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.003066][T15561] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1818'. [ 607.040484][T15492] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.231491][T15492] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 607.437378][ T5835] Bluetooth: hci7: command tx timeout [ 607.663008][T15492] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 607.703315][T15492] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 607.759398][T15492] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 607.801240][T15492] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 607.899176][T15586] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1820'. [ 608.063280][T15492] 8021q: adding VLAN 0 to HW filter on device bond0 [ 608.229478][T15492] 8021q: adding VLAN 0 to HW filter on device team0 [ 608.291826][ T7178] bridge0: port 1(bridge_slave_0) entered blocking state [ 608.299009][ T7178] bridge0: port 1(bridge_slave_0) entered forwarding state [ 608.433588][ T7178] bridge0: port 2(bridge_slave_1) entered blocking state [ 608.440745][ T7178] bridge0: port 2(bridge_slave_1) entered forwarding state [ 608.930911][T15492] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 609.040649][T15492] veth0_vlan: entered promiscuous mode [ 609.080612][T15492] veth1_vlan: entered promiscuous mode [ 609.232868][T15492] veth0_macvtap: entered promiscuous mode [ 609.270239][T15492] veth1_macvtap: entered promiscuous mode [ 609.345593][T15492] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 609.388880][T15492] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 609.414150][ T7172] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 609.433709][ T7172] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 609.484358][ T7172] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 609.514695][ T7172] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 609.524784][ T5835] Bluetooth: hci7: command tx timeout [ 609.623212][ T7172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 609.654577][ T7172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 609.719144][ T7180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 609.734316][ T7180] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 609.989167][T15608] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1823'. [ 611.831231][ T7178] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 612.210725][T15651] netlink: 206 bytes leftover after parsing attributes in process `syz.4.1831'. [ 612.281559][T15654] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1832'. [ 613.712329][T15675] __vm_enough_memory: pid: 15675, comm: syz.4.1837, bytes: 4398046511104 not enough memory for the allocation [ 616.158008][ T31] INFO: task syz.3.1414:13263 blocked for more than 142 seconds. [ 616.170584][ T31] Tainted: G U L syzkaller #0 [ 616.187071][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 616.207441][ T31] task:syz.3.1414 state:D stack:25928 pid:13263 tgid:13262 ppid:5826 task_flags:0x400140 flags:0x00080002 [ 616.249810][ T31] Call Trace: [ 616.259454][ T31] [ 616.262425][ T31] ? __schedule+0xf65/0x5e10 [ 616.283895][ T31] __schedule+0xfe4/0x5e10 [ 616.304671][ T31] ? __lock_acquire+0x4a5/0x2630 [ 616.358901][ T31] ? __pfx___schedule+0x10/0x10 [ 616.363807][ T31] ? find_held_lock+0x2b/0x80 [ 616.443886][ T31] ? schedule+0x2bf/0x390 [ 616.464158][ T31] schedule+0xdd/0x390 [ 616.479148][ T31] schedule_preempt_disabled+0x13/0x30 [ 616.484711][ T31] __mutex_lock+0xc9a/0x1b90 [ 616.512116][ T31] ? nfsd_nl_version_set_doit+0xc4/0x7a0 [ 616.522665][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 616.534185][ T31] ? __pfx___nla_validate_parse+0x10/0x10 [ 616.550934][ T31] ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 616.567230][ T31] ? nfsd_nl_version_set_doit+0xc4/0x7a0 [ 616.572903][ T31] nfsd_nl_version_set_doit+0xc4/0x7a0 [ 616.585123][ T31] ? __pfx_nfsd_nl_version_set_doit+0x10/0x10 [ 616.591420][ T31] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 616.602672][ T31] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 616.610078][ T31] genl_family_rcv_msg_doit+0x214/0x300 [ 616.615652][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 616.622706][ T31] ? genl_get_cmd+0x3ef/0x720 [ 616.627600][ T31] ? bpf_lsm_capable+0x9/0x10 [ 616.632285][ T31] ? security_capable+0x80/0x260 [ 616.640999][ T31] genl_rcv_msg+0x560/0x800 [ 616.645525][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 616.650825][ T31] ? __pfx_nfsd_nl_version_set_doit+0x10/0x10 [ 616.656928][ T31] netlink_rcv_skb+0x159/0x420 [ 616.666097][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 616.671337][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 616.676648][ T31] ? netlink_deliver_tap+0x1ae/0xcc0 [ 616.682210][ T31] genl_rcv+0x28/0x40 [ 616.686195][ T31] netlink_unicast+0x5aa/0x870 [ 616.691927][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 616.701465][ T31] ? __pfx___might_resched+0x10/0x10 [ 616.706775][ T31] ? __lock_acquire+0x4a5/0x2630 [ 616.712088][ T31] netlink_sendmsg+0x8b0/0xda0 [ 616.716928][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 616.723498][ T31] ? __import_iovec+0x1d2/0x640 [ 616.728561][ T31] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 616.734212][ T31] ____sys_sendmsg+0xa54/0xc30 [ 616.739401][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 616.744778][ T31] ? __pfx___futex_wait+0x10/0x10 [ 616.752140][ T31] ? __pfx_futex_wake_mark+0x10/0x10 [ 616.757637][ T31] ___sys_sendmsg+0x190/0x1e0 [ 616.762323][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 616.771523][ T31] ? find_held_lock+0x2b/0x80 [ 616.776231][ T31] __sys_sendmsg+0x170/0x220 [ 616.781234][ T31] ? __pfx___sys_sendmsg+0x10/0x10 [ 616.786465][ T31] ? __x64_sys_futex+0x34f/0x4d0 [ 616.791710][ T31] do_syscall_64+0xc9/0xf80 [ 616.796226][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 616.809721][ T31] RIP: 0033:0x7f6c8f39aeb9 [ 616.814241][ T31] RSP: 002b:00007f6c902dd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 616.823750][ T31] RAX: ffffffffffffffda RBX: 00007f6c8f615fa0 RCX: 00007f6c8f39aeb9 [ 616.832125][ T31] RDX: 0000000004004840 RSI: 00002000000004c0 RDI: 0000000000000002 [ 616.840301][ T31] RBP: 00007f6c8f408c1f R08: 0000000000000000 R09: 0000000000000000 [ 616.848445][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 616.856432][ T31] R13: 00007f6c8f616038 R14: 00007f6c8f615fa0 R15: 00007fff679ae5e8 [ 616.866462][ T31] [ 616.885747][ T31] [ 616.885747][ T31] Showing all locks held in the system: [ 616.938093][ T31] 1 lock held by khungtaskd/31: [ 616.942974][ T31] #0: ffffffff8e5e3120 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 616.968786][ T31] 2 locks held by getty/5586: [ 616.973491][ T31] #0: ffff8880329a00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 617.022109][ T31] #1: ffffc900036bb2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 617.047299][ T31] 2 locks held by syz-executor/5825: [ 617.052630][ T31] #0: ffff88802e1a40e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110 [ 617.078808][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 617.100955][ T31] 2 locks held by syz-executor/5827: [ 617.110313][ T31] #0: ffff8880570020e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110 [ 617.139587][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 617.157511][ T31] 2 locks held by syz.2.1393/13176: [ 617.162843][ T31] #0: ffffffff904a2850 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 617.188848][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 617.214034][ T31] 2 locks held by syz.3.1414/13263: [ 617.219600][ T31] #0: ffffffff904a2850 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 617.228112][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_version_set_doit+0xc4/0x7a0 [ 617.239451][ T31] 2 locks held by syz-executor/13523: [ 617.244835][ T31] #0: ffff88802331c0e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110 [ 617.256085][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 617.266173][ T31] 2 locks held by syz-executor/13856: [ 617.272132][ T31] #0: ffff8880935e00e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110 [ 617.283228][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 617.293110][ T31] 2 locks held by syz.9.1781/15300: [ 617.300233][ T31] #0: ffffffff904a2850 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 617.312506][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 617.326782][ T31] 2 locks held by syz.7.1812/15484: [ 617.332238][ T31] #0: ffffffff904a2850 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 617.341405][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 617.351683][ T31] 2 locks held by syz-executor/15492: [ 617.357834][ T31] #0: ffff88807cb8a0e0 (&type->s_umount_key#51){+.+.}-{4:4}, at: deactivate_super+0xdf/0x110 [ 617.368705][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 617.378707][ T31] 2 locks held by syz.2.1816/15523: [ 617.383924][ T31] #0: ffffffff904a2850 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 617.392645][ T31] #1: ffffffff8ea470e8 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 617.402867][ T31] 5 locks held by syz.4.1840/15691: [ 617.410475][ T31] #0: ffff8880794c8ec0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0xb0 [ 617.426019][ T31] #1: ffff8880794c80c0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x35c/0x1240 [ 617.442497][ T31] #2: ffffffff9068eaa8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x280 [ 617.452887][ T31] #3: ffff888059dafb38 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x760 [ 617.462453][ T31] #4: ffffffff8e5ef8f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x27f/0x3c0 [ 617.491753][ T31] [ 617.494114][ T31] ============================================= [ 617.494114][ T31] [ 617.529473][ T31] NMI backtrace for cpu 0 [ 617.529491][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 617.529519][ T31] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 617.529526][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 617.529536][ T31] Call Trace: [ 617.529542][ T31] [ 617.529549][ T31] dump_stack_lvl+0x100/0x190 [ 617.529576][ T31] nmi_cpu_backtrace.cold+0x12d/0x151 [ 617.529601][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 617.529633][ T31] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 617.529664][ T31] sys_info+0x141/0x190 [ 617.529688][ T31] watchdog+0xcc3/0xfe0 [ 617.529713][ T31] ? __pfx_watchdog+0x10/0x10 [ 617.529733][ T31] ? __kthread_parkme+0x18c/0x230 [ 617.529756][ T31] ? __pfx_watchdog+0x10/0x10 [ 617.529776][ T31] ? __pfx_watchdog+0x10/0x10 [ 617.529793][ T31] kthread+0x3b3/0x730 [ 617.529820][ T31] ? __pfx_kthread+0x10/0x10 [ 617.529845][ T31] ? ret_from_fork+0x79/0xaf0 [ 617.529861][ T31] ? ret_from_fork+0x79/0xaf0 [ 617.529878][ T31] ? rcu_is_watching+0x12/0xc0 [ 617.529896][ T31] ? __pfx_kthread+0x10/0x10 [ 617.529924][ T31] ret_from_fork+0x754/0xaf0 [ 617.529941][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 617.529960][ T31] ? __switch_to+0x7b9/0x10c0 [ 617.529994][ T31] ? __pfx_kthread+0x10/0x10 [ 617.530021][ T31] ret_from_fork_asm+0x1a/0x30 [ 617.530058][ T31] [ 617.686341][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 617.693223][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U L syzkaller #0 PREEMPT(full) [ 617.703916][ T31] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 617.709108][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026 [ 617.719159][ T31] Call Trace: [ 617.722433][ T31] [ 617.725371][ T31] dump_stack_lvl+0x100/0x190 [ 617.730052][ T31] vpanic+0x20d/0x630 [ 617.734037][ T31] panic+0xd1/0xd1 [ 617.737872][ T31] ? __pfx_panic+0x10/0x10 [ 617.742287][ T31] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 617.748451][ T31] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 617.754622][ T31] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 617.760785][ T31] ? watchdog.cold+0x198/0x1ca [ 617.765549][ T31] ? watchdog+0xcd3/0xfe0 [ 617.769879][ T31] watchdog.cold+0x1a9/0x1ca [ 617.774477][ T31] ? __pfx_watchdog+0x10/0x10 [ 617.779153][ T31] ? __kthread_parkme+0x18c/0x230 [ 617.784180][ T31] ? __pfx_watchdog+0x10/0x10 [ 617.788862][ T31] ? __pfx_watchdog+0x10/0x10 [ 617.793536][ T31] kthread+0x3b3/0x730 [ 617.797628][ T31] ? __pfx_kthread+0x10/0x10 [ 617.802221][ T31] ? ret_from_fork+0x79/0xaf0 [ 617.806956][ T31] ? ret_from_fork+0x79/0xaf0 [ 617.811634][ T31] ? rcu_is_watching+0x12/0xc0 [ 617.816397][ T31] ? __pfx_kthread+0x10/0x10 [ 617.821037][ T31] ret_from_fork+0x754/0xaf0 [ 617.825625][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 617.830736][ T31] ? __switch_to+0x7b9/0x10c0 [ 617.835419][ T31] ? __pfx_kthread+0x10/0x10 [ 617.840029][ T31] ret_from_fork_asm+0x1a/0x30 [ 617.844810][ T31] [ 617.847887][ T31] Kernel Offset: disabled [ 617.852208][ T31] Rebooting in 86400 seconds..