last executing test programs: 13m10.38502698s ago: executing program 2 (id=231): mmap$auto(0x0, 0x40009, 0xdd, 0x9b72, 0x7, 0x28000) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) r0 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x15, r0, 0x300000000000) connect$auto(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x1, 0x0) write$auto_bm_entry_operations_binfmt_misc(r1, 0x0, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = io_uring_setup$auto(0x480000, 0x0) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)={0x7}) write$auto_sg_fops_sg(r2, &(0x7f0000000040), 0x0) openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0x109002, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) clone$auto(0x8001, 0x4000000000000a, 0xffffffffffffffff, 0xfffffffffffffffc, 0xb) futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x8, 0x0, &(0x7f0000000100)=0x4, 0x440a48d3) epoll_create$auto(0x3e) 13m8.435854323s ago: executing program 2 (id=233): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0xe0742, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_ovs_vport(0xfffffffffffffffe, 0xffffffffffffffff) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x80000001, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x3) madvise$auto(0x0, 0x2003f0, 0x15) getresgid$auto(0x0, &(0x7f0000000a40)=0x2, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x40, 0x0) setsockopt$auto(r1, 0x1, 0x10, &(0x7f0000000280)='\x00\x15\x8d\xca`\xbcgY\xd2w\xf6\xaedN\x00\x00\x00\x00\x04\x00\x00\x00*\xaaL\'\xab>q\x9e\xdd`\x84_\r\xc2\x17\xb1\xaf\xd2\f\xfd[Iy\xbb*$\xec\xca\x8b\xde\xdcV@\x04+\x00\x00\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\xc3\xa2\x1a\xf1\xdf\x12\b?Q\xec*\b`\'\xfe\xcb\xe9\xc0\xf4\x119\xf6f\v\xf7\x13\xe6\xd8\xa2\xd3\xfd\xa7', 0xba) shmctl$auto_SHM_LOCK(0x1, 0xb, &(0x7f00000003c0)={{0x4, 0x0, 0xee01, 0x18, 0x9, 0x21, 0x6}, 0xe, 0xc4, 0x1, 0x4, @inferred, @raw=0x4c000, 0x3, 0x0, 0x0, 0x0}) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x30}, 0x1, 0x0, 0x0, 0x810}, 0x4000080) mmap$auto(0x0, 0x5, 0x4000000000df, 0x40eb1, 0x401, 0x9) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r2, 0x0, 0xb4d3) write$auto(r0, 0x0, 0x7ff) write$auto(0x3, 0x0, 0xffd8) syz_genetlink_get_family_id$auto_ioam6(0x0, r0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) 13m5.004745079s ago: executing program 2 (id=238): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_BLKROGET(r0, 0x125e, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x23, 0x80805, 0x0) modify_ldt$auto(0x1, 0x0, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) modify_ldt$auto(0x1, 0x0, 0x10) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x4d69, 0xffffffffffffffff, 0x8, 0x2) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r2 = openat$auto_clear_warn_once_fops_(0xffffffffffffff9c, &(0x7f0000000240), 0x40, 0x0) readv$auto(r2, &(0x7f0000000300)={0x0, 0x2}, 0x101) io_uring_setup$auto(0x1, 0x0) ioctl$auto_I2C_SMBUS(0xffffffffffffffff, 0x720, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x20000, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) pwrite64$auto(r3, 0x0, 0x1, 0x8) 13m2.075361721s ago: executing program 2 (id=240): mmap$auto(0x0, 0x40009, 0xdd, 0x9b72, 0x7, 0x28000) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) r0 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x15, r0, 0x300000000000) connect$auto(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x1, 0x0) write$auto_bm_entry_operations_binfmt_misc(r1, 0x0, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = io_uring_setup$auto(0x480000, 0x0) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)={0x7}) write$auto_sg_fops_sg(r2, &(0x7f0000000040)="7da2cc36d979", 0x6) openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0x109002, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) clone$auto(0x8001, 0x4000000000000a, 0xffffffffffffffff, 0xfffffffffffffffc, 0xb) futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x8, 0x0, &(0x7f0000000100)=0x4, 0x440a48d3) epoll_create$auto(0x3e) 12m59.955231124s ago: executing program 2 (id=244): mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r0 = socket(0x2, 0x1, 0x0) r1 = epoll_create$auto(0x4) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x101002, 0x0) syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000200), r0) r2 = syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x40000) sendmsg$auto_GTP_CMD_GETPDP(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x60, r2, 0x300, 0x70bd2a, 0x25dfdbfb, {}, [@GTPA_TID={0xc, 0x3, 0xfffffffffffffffb}, @GTPA_MS_ADDR6={0x14, 0xc, @local}, @GTPA_MS_ADDRESS={0x8, 0x5, @broadcast}, @GTPA_VERSION={0x8, 0x2, 0x7}, @GTPA_MS_ADDR6={0x14, 0xc, @private0={0xfc, 0x0, '\x00', 0x1}}, @GTPA_PEER_ADDRESS={0x8, 0x4, @empty}]}, 0x60}, 0x1, 0x0, 0x0, 0x4044800}, 0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) fcntl$auto(0x3, 0x4, 0xa553) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r3, 0x7, 0x3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) 12m55.035194154s ago: executing program 2 (id=248): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x2004c0c4) sendmmsg$auto(r0, 0x0, 0x7, 0x8) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x80502, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x24c802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) pidfd_open$auto(0x0, 0x10001) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0x5b2, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) memfd_create$auto(0x0, 0x4) 12m48.09856285s ago: executing program 1 (id=252): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) modify_ldt$auto(0x3, 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) write$auto(0x3, 0x0, 0xffd8) process_mrelease$auto(0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mincore$auto(0x1000, 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) 12m46.568480654s ago: executing program 1 (id=254): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x40, r1, 0x1b, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x9, 0x0, 0x1, [@nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4788, 0x33}]}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908288a8"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0x2020009, 0x1003, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x24048084) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/pagemap\x00', 0x0, 0x0) readv$auto(r2, &(0x7f0000000400)={0x0, 0x40}, 0x6) write$auto(0x3, 0x0, 0x100082) ioctl$auto_SNDCTL_DSP_SYNC(r0, 0x5001, 0xfffffffffffffffc) r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r3, 0x400454a4, &(0x7f0000000100)) semctl$auto_SEM_INFO(0x4, 0x4e, 0x13, 0x8) getsockopt$auto_SO_BUF_LOCK(r2, 0x6, 0x48, &(0x7f0000000080)='\x00', &(0x7f00000000c0)=0x10002) ioctl$auto_SNDRV_PCM_IOCTL_FORWARD2(0xffffffffffffffff, 0x40084149, &(0x7f0000000100)=0x3) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x40, 0x0) ioctl$auto_HDIO_GETGEO(r4, 0x301, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000180), 0xffffffffffffffff) ioperm$auto(0x4, 0xbc6, 0x81) 12m45.308303578s ago: executing program 1 (id=257): adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0xfffffffffffffffd, 0xd4, 0x1, 0x6, 0x0, 0x1, 0x368e, 0x2, {0x100000002, 0x10000}, 0x5, 0x6, 0xfffffffffffffffd, 0x1008000, 0x0, 0x9, 0x81, 0xdfffffffffff628e, 0x6, 0xdeb1, 0x808}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0x20499d, 0x9) kill$auto(0x0, 0x12) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40008d0}, 0xc800) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) r1 = socket(0xa, 0x5, 0x84) sendto$auto(r1, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80fffefec03f00"}, 0x1c) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0xf7374674b920089e) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) fcntl$auto_F_SETSIG(0xffffffffffffffff, 0xa, 0x3) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) 12m42.15155158s ago: executing program 1 (id=260): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3) r0 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0) readv$auto(r0, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) fsopen$auto(&(0x7f0000000000)='nlctrl\x00', 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x9, 0x400000072, 0x8b72, 0x1000000002, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) clone$auto(0x21002, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9) 12m39.503314036s ago: executing program 32 (id=248): openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x2004c0c4) sendmmsg$auto(r0, 0x0, 0x7, 0x8) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x80502, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x24c802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) pidfd_open$auto(0x0, 0x10001) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0x5b2, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) memfd_create$auto(0x0, 0x4) 12m37.989716416s ago: executing program 1 (id=264): mmap$auto(0x0, 0x40009, 0xdd, 0x9b72, 0x7, 0x28000) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0x200004, 0x4000000000df, 0x15, r0, 0x300000000000) connect$auto(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x1, 0x0) write$auto_bm_entry_operations_binfmt_misc(r1, 0x0, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = io_uring_setup$auto(0x480000, 0x0) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)={0x7}) write$auto_sg_fops_sg(r2, &(0x7f0000000040)="7da2cc36d9790b", 0x7) openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0x109002, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) clone$auto(0x8001, 0x4000000000000a, 0xffffffffffffffff, 0xfffffffffffffffc, 0xb) futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x8, 0x0, &(0x7f0000000100)=0x4, 0x440a48d3) epoll_create$auto(0x3e) 12m36.956600326s ago: executing program 1 (id=267): unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) socket(0x28, 0x1, 0x0) read$auto(0x3, 0x0, 0x80) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) unshare$auto(0x40001080) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x40400, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_dev_fops_plock(0xffffffffffffff9c, 0x0, 0x5663c46b2c722ba, 0x0) mmap$auto(0x0, 0x4, 0x3, 0x400000000000019, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) listen$auto(0x3, 0xfffffffa) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty30\x00', 0x62c00, 0x0) socket(0xa, 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xdff1, 0xfffffffffffffffd, 0xd4, 0xffffffffffffffc0, 0x6, 0x0, 0x80009, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x8, 0x5, 0x29a, 0xdeb1, 0x1800}) write$auto(0xca, &(0x7f0000000140)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00/jn>9\xd2\xdb\x88\xf4\xc2\xd3qm\xe6q\xf9\xa6u\x8e\x1a\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4\x00\x00\x00\x00\x00\x00\x00\x00', 0x9) 12m21.578325405s ago: executing program 33 (id=267): unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) socket(0x28, 0x1, 0x0) read$auto(0x3, 0x0, 0x80) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0xa, 0x0) unshare$auto(0x40001080) prctl$auto(0x39, 0x1, 0x0, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x40400, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x80102, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_dev_fops_plock(0xffffffffffffff9c, 0x0, 0x5663c46b2c722ba, 0x0) mmap$auto(0x0, 0x4, 0x3, 0x400000000000019, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) listen$auto(0x3, 0xfffffffa) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty30\x00', 0x62c00, 0x0) socket(0xa, 0x2, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xdff1, 0xfffffffffffffffd, 0xd4, 0xffffffffffffffc0, 0x6, 0x0, 0x80009, 0x1, 0x2, {0x2100000000, 0x10000}, 0x3, 0x6, 0xffffffffffffffdd, 0x1008000, 0x0, 0x80000004, 0x8, 0x5, 0x29a, 0xdeb1, 0x1800}) write$auto(0xca, &(0x7f0000000140)='\x04\x1d\x19\x00\x00\x00\x00\x00\x00\x00/jn>9\xd2\xdb\x88\xf4\xc2\xd3qm\xe6q\xf9\xa6u\x8e\x1a\x00\xf8*C]\xfd)/\xf3\xa1\x92|\x06|\xd0\x82\x93\xa5\x9a5if\xd0\x8e%g,\xc5\xec\x19\x17\xb0\xe1s\xf6U\xc0\x90r\xc5\xc8H\xa3\x9d\xce\x98\xe7\xb1B:\x179\xdc8\xa8) \x15\xce\xd8\x86\xff-\x80\xf5jMj\xda\x8f\x03EO\xe6\xa4Q\x81+v\xc9\xb8\x00\xcf\x94_\xa7\xadV\xc9\x7f;1R\xa0\x7f\xbe\x1e\x83\an/w[i\th\x9c\xb8\xd1\xed\xba\\\v\xe1\v\x81\xcc\xba\x03-N@ \x14\x1e\n\xe9g\x9fF\x05\xc8\x9f\xe5[\xba\xd2V\x9b\xc1\x9f\xf1%\x9c\xba\xf9\xb4\xa8\xd4\x05G\xf6\x82\xf3m\xe6V\xba\xa0\xf9K\x15\xcc_H\xce\xfd\xe2\x88\"\xe0\xd5Ld\x7f\x1c\x90^\x8d%\xb4\x00\x00\x00\x00\x00\x00\x00\x00', 0x9) 6.806640955s ago: executing program 4 (id=1967): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0xffffffffffffffff, &(0x7f0000000000)='\'\x00', 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x20) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x80000000}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x100000000000027, 0x0) r0 = fsopen$auto(0x0, 0x1) preadv2$auto(r0, &(0x7f0000000480)={&(0x7f0000000800), 0x2766}, 0x2, 0x6, 0xfffffffffffff371, 0x4) socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000001500), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x0, 0x8, 0xd, 0x3, 0x81, 0xffffffff, 0x2000000000000002, 0x0, 0x9, 0x1, 0x2, 0x80000001, 0xb0, 0x9, 0x20000800001, 0xffffffff, 0x5, 0x7, 0x6, 0x7, 0x0, 0xffffffee, 0x2a17}, 0x9, 0x81) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000200)='5', 0x1) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0xc090) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4000010}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0xffffffff, 0x0) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 6.588203949s ago: executing program 0 (id=1969): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x40400, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) socket(0x1, 0x803, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x141241, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000380)="d0c7b195833faee72dc5291be21225d8c83201ac850dfa8e862126684a9cb822f42be45f1b96f35269fe4647932760c225dd83dfc9e56ae5398a9d3319a8d950f12cb50dfe1003383a7d7c1650caf627037fae97af7b3d35942b50004a5eadc5a58c63c7600c09ae4b451df40ca0c82e5258ddfbe18e1c69820a34fcb4fb48d5233ee33e2079f016357595c9182055fa1467d36ad6cb75bfcbea658bf7c857206256f3b4a7fbd8ea699df63075e3796081765e51e6043d9b4adfe4e50035ffa69a006b0c56b975ea50b9ab7b6cfde70077411b22cc3c9c9fc79d1eab73b030b12d1d4ec5780c83528487328ced16d63279bc6bf14c4a9c5df9f615cd5cdbda4dfcda81a9325f829ef4b5445382c89cce86a81f24440cc726bd9aa4ed65f08153bbd25061c688ab9f4957fdfe219b87a082a0d23eaa27230d45556369be59811ad0aac67940c33de5fc4a86d1efa0892a7532305e221f1ef98c89f3c6", 0x7111}, 0x8) socket(0xa, 0x2, 0x73) acct$auto(&(0x7f0000000000)='/dev/snd/seq\x00') r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) connect$auto(0x3, 0x0, 0x6b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptys3\x00', 0x101880, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) close_range$auto(r0, r1, 0x0) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0x40001, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0) write$auto(r4, 0x0, 0x6) 5.709972782s ago: executing program 0 (id=1970): r0 = socket(0x10, 0x2, 0x0) openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000140), 0x40000, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x0, 0x0) socket(0x28, 0x1, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) set_mempolicy$auto(0x3, &(0x7f0000000040)=0x5, 0x8) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f00000000c0)={0x8, "e6c26c22ab89af11056b0001ac097e0a0728d9300000c500"}) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x800000001fc, 0x9, 0x100000000000d, 0x3, 0x9488, 0x6, 0x8, 0x400000002, 0x40000000000002, 0x300000000000000, 0xffff, 0x5, 0x6d3c, 0x7c00000000, 0x6, 0x4]}, 0x0) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x20000, 0x0) pread64$auto(r3, &(0x7f0000000040)='/proc/scsi/sg/device\x95\x00', 0x100000001, 0xff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xd, 0x3, 0xeb1, 0xfffffffffffffffe, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r6, r5, 0x4, 0x1ff, 0xffffffffffffffff, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x6}, 0xc) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0xb, 0x5, 0x1ffde, 0x3, 0x1000006, 0xfffffffffffffffb, 0x9, 0x5, 0x20000000003, 0x6, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4]}, 0x1fe, 0x84) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x44040) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0xc20f0000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8) 5.627800422s ago: executing program 5 (id=1971): mmap$auto(0x3, 0x2020009, 0x100000001, 0x15, 0xffffffffffffffff, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) getrandom$auto(0x0, 0x6000000, 0x3) r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0) sendmsg$auto_NFC_CMD_STOP_POLL(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)={0x58, r2, 0x200, 0x70bd2a, 0x25dfdbfc, {}, [@NFC_ATTR_TARGET_INDEX={0x8, 0x4, 0xa}, @NFC_ATTR_DEVICE_NAME={0x7, 0x2, '(:-'}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x3}, @NFC_ATTR_FIRMWARE_NAME={0x6, 0x14, '})'}, @NFC_ATTR_LLC_PARAM_RW={0x5, 0x10, 0x3}, @NFC_ATTR_DEVICE_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x6}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x44084) mmap$auto(0x0, 0x6426, 0x3, 0x400000eb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) close_range$auto(0x2, 0x8, 0x0) 5.55986938s ago: executing program 4 (id=1972): syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) setsockopt$auto(0x4, 0x29, 0x2a, 0x0, 0x200577) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) shutdown$auto(0x200000003, 0x0) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r1, 0xc0603d06, 0x0) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2a, 0xffffffffffffffff, 0x3, 0x62, 0x7, 0x7, 0x6d3f, 0x9, 0x4, 0x5]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0xfffffffffffffff7, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000021, 0x400000007, 0x6d3e, 0x7fff, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x602, 0x1) open(&(0x7f0000000080)='./bus\x00', 0x12ba7e, 0x45) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/firmware/acpi/interrupts/gpe0E\x00', 0x0, 0x0) 5.320186367s ago: executing program 3 (id=1973): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:2/max_ratio_fine\x00', 0xa001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x3, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x11, 0x3, 0x6) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event1\x00', 0x101242, 0x0) ioctl$auto_EVIOCREVOKE(r1, 0x40044591, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x8}) mmap$auto(0x0, 0x4, 0xffffffffffffffff, 0x400eb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0xffffffffffffffff, r0, 0x400) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) madvise$auto(0x0, 0xffffffffffff0004, 0x19) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) getpgid$auto(0x0) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/interrupts\x00', 0x10b402, 0x0) pread64$auto(r3, 0x0, 0x20000000058, 0x3) 4.934569048s ago: executing program 3 (id=1974): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14) fcntl$auto(r2, 0x409, 0x40003f) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001100)=""/192, 0xc0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x8, 0xc, 0x0, 0x567) unshare$auto(0x40000080) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) migrate_pages$auto(0x0, 0x8, 0x0, &(0x7f00000001c0)=0x7b) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f00000001c0)) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82, 0x0) r4 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$auto_TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)=0x4) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x6d2fc1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpuidle/current_driver\x00', 0x408440, 0x0) ioctl$auto_SNDCTL_DSP_RESET(r0, 0x5000, 0x0) 4.934303405s ago: executing program 0 (id=1975): nanosleep$auto(&(0x7f0000000d40)={0x4, 0xffffffffffffffff}, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0) ioctl$auto_FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff) ioctl$auto_NS_GET_PID_FROM_PIDNS(0xffffffffffffffff, 0x8004b706, &(0x7f0000000000)) r1 = socket(0x11, 0x80003, 0x300) open(&(0x7f0000000800)='./file0\x00', 0x200840, 0x154) syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000200), r1) socket(0x2, 0x2, 0x6) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x4, 0x28000) getsockopt$auto(0x6, 0x1, 0x4d, 0xfffffffffffffffe, 0x0) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x1aa, &(0x7f0000000300)={0x0, 0x4a}, 0x5, 0x0, 0x5, 0x5}, 0x5}, 0x2, 0x100) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0x2003f0, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) capset$auto(0x0, &(0x7f0000000040)={0x2f, 0x4, 0x3ff}) ioctl$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, 0x3, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, 0x0, 0x4000084) ioctl$auto(r2, 0x90006442, 0xc35) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r3) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000007c0)="2996f5d27a440ce9faf71c3508666b2b2a5880a91123e55238bef0342a9c01fd5673f76eee086476bbf8bc71135157887dfb8dc47e175972c8801f2d38564744c698b98be51d174ce142cd13257697c28603f576917d11965970717c8316ed3ff1ba4fbcf65b8cd02c21e40bd93778574472be9fb525a05bdb7d8645b5241633113ff17f478dcb0399ce398d9646663d8ac36cf872ab47483b324c3cf5bb113dd2da7ce81e9ebfaef438830b2d63a1840c031f4690d5b8049aeb22999ea3c95b769d3913af71f4c2053482a04d6dcb76718fae1ae96bf1b9b9f25bd5e3cb17fa2869a8fd884e44d0a1c44deecb0e580c5053adea7195e871583489586056f0f09f90213b72b6d68da0b1c829795dd757a8049a7a664903f04830eae1d32ce0ebed189dace91ba276df7b7138caecdbd7a955b7dcb9e491896dd89b8e4895141f8e54b4b877ed994380cf7af82df38aca6e520725a7325dccce7830d2e9aa356ff9d0ebe28ff2d5957c333ed56c10f1532a4c8cf5dd2fab436467d391e08a175b431e3d43770d8b6595c46d29abfff2d56c23c83a8bef9d2793539e89a12ecd73486769152de0bbdb545925dcb946a7852a38fa1bd26e460454ff488797fde6bf0d3f93ff960fde697b00d739c52fb4d3baf57742c363a9c47c449cb46e1e5e3d161f9cf78c4ff5a4d2f9fd3d3cffcfb77832c87c04b7a24ae09fb62a535c114036dff8ca2e6ebd0127d3acc18748758d4e9e1f0aaae9ed2a9794268124d228d8958b023e562935db8ac7c7575c883e11207c4abb1d5922ed2f889ae9feabd7c779b301c445d60a23b7b695691cc32254c191039e1cff749479ef6566f7bc17b4606424826ab31c58c4eaae383955d660c87a79fc0575440d536c6868716d0e47c622ba7afd41a6663c21d8e6e238139456d1e3bb5bd17f53e6b5f1a67ff244b86d25aeae57a23c7f696067c30039f053763dddfb923e77144bc6d6a9f2a78699407af5f0775f3e7326390b22bf10542a32ccdf4825376bb9e602468c5ddb62c512ab74becf8f664292b6d133fad45ce90182180ea2d39730d71f35f2f84d3ca292f41be61ac465968364abe48df5e11d44552588a0e77357ed4a6c4a6451a4ec2b87b2ce7c9eacf35f193474efef489a6843a6ebaa48e2eecde69dab237383677ac879d2096129c3b17d7765f756b7281b269d735a2d476257400ef5c00cb3c1e5e3cc7555f38d15454219dec3cf14c0b8fbdf8bcb6da46488aecb81641940c37866266318a8eb2488c5a532554d45b89d7dfe735e8fcb133ed8af217cf758a1e90b895aa9f515ff2360ae1e9909bcb30b754b56e0b56f0af79933506e35a9ea23621f6dee68d3f4488a9c42b9e3fab0e6cc6fd22022a3a2dafacaecacd66b98496f105755b09c017d542cf18c4fb0cfe9dbe6ffad6db6fa96303f7361c847a4516b9845ef5eafec89fcfbef38a0d367db8c10ed5460c8ba96cbec43e174b4ee5dd755bc987e50ef58c483327a19245ee2a2c9753225622837fccea3934d2d5fba043a323b9fedb5e7ca23d9aaf22bfb9a42447e89acab0a6268a7cbc20997ee0713f0cce2172f6f360401953e359a026004ed765e421e24a96cc33db0eba7a94cba3a36b501482e2c4f06270aa32a613fc22143bc3a951bac23aea4de2c15be6b9e42434a69b383cad441cbe49f4b1932ecaaa65a1e898eee88c6a6dbb1bd1d1830f7b50afc0d33f4a5d16ca6449671649d5f25e333762761b0f30eb0c82ac0d2a0476d14c689dfc3b2e0ac25c06bc2692d2b6c29d50483b76ffaabe4d0081ef598893ea2e9ec1f5afdf43fad511bbee12f662b836773fbb260a5ed96be3a13e2d07d884d93d4eff3a2edab53359ee6bb3c207bf4043736f29e51e00ddcdf360a576199049867f5df0830c877ef372ee2d213dd05d3cfc4d41dbc1c27e795bdefb5285e42ef432f6f0e4c35c0a326db442d9c90b3556e1db9a34e66e7e221c58912d369150a357e3edee1b22cf9860fedf2a6e47e98ef1614c9fa299b8d0ba529b9952ba5e6fd47982489a6fb955430e509119c7192cc0bc3d9c901d7986030fdff62ff9ae833cfd008678a76f0727618f7bbc322ae6195e2c0273685e7080ed88b0077cdce57feed07e3485bf680c73ed114a6fcdfdac7b773d45da37d6254cef387d4613ed427e3668e94b5a184149340ee6af311f4e4b88d4e6375563b3f20019c5593575bbb854ea25fd0916f20e052a29dabf035aee9be8f9a82becee856cb93762b9105b58b1e8fdd30beacc811f0560e06ba92fd261e7c9190bf9388997a17023bb5bf59c1cf0cf5bcfb4f704a00a37dbf0baadafa5b512da9759284b39ae9340e0444c6e13cd5c87f0b4003685387058f78336c7a0c8174005a5840142825e1836b4dd7e038a3a51cc788a5e76e381ed751f160af40ef4baf93845c44d5d6f4b3a001020fc56f0737729ac035ea75c141b80cdd3c944518751e99be30532d70c56bdd8de5e8e831d9b04848d0f9cebdb162ea04229cabc17571b4eb6680155f0faf62a49bf93eb9fcef979541789ae2f2eb448bf5f9670044e98a8afaf4a70bc8a0dd80267f88097fbd6b795d5328fb5242c128bfb76434d0f961ca6ab45bee8138158137bc4b2f14bd2585c973ad38dca1619a2ef9f8f3d9edfb1b5e2ae3ac7e74b700a59b69aeb072b967bda3b4f70f3140c788f01093fa9e7de807a463485b4dc0d315dd38463b3664321ce2a55e414a5ac9ec8b9ef66d1275aad5f96337893b1227052bb4532f21f49d54cb8cb185785a10cd7a0e1b80606efc75afefd66fc889e0668a4921bdbaa55d2c56e9583724d308548acc77374abb1d467211fc2e86b1d637ac08b481f257e01284bee5557202662574a4aeaa8328ab42a757c9a19af5781c86f1dbbb267e65fb16525d209494a37834ca25ba9dcb1634805ab8e9d794ff4f18a8c89627a9b2c07fdbb01aa02bddf7f34edf086cc44fc1b849a8c39114d5cebb963efb886c35270e32bd434f2b9d5598fa1f56f723b31a7f14324c70e15005220aedd8917b497ed4801fec9e75545539f3c56a36c15cc78e342417f084e36533e14642e35c0c838a633230b119544a406e3efcc655f40f4ca05227533bb1d8f34531f49431f23c66b8f7c022b52a2a41e073adf0f1009311c6dc21cf78fe8d8d85b8f57bbbbf2a1e24825a22627215758e8ee89ff77a26ab612a5c9f775a0ee302ffe3b1573d9247cc6a3c42afd7b7bb17568c612bfa852e4b468a3de03a84fcc5950e5ac317f7f23adb25e66fcb6ccf27f3decaeced6c3288ec1e557f0965baedd703f731102faaa1f377192ac270148386567c1092e49a3024f8eb99fa9ba85639e32b097010362afe942a112934dd6bf9e39781abee24feca5285c8c6804883c7e306a1301d60f2d3ce90fcd6496c224fd6631b753d26e049bfc91e9cd4dd437282d6af1eb0ef8a8667d818439ac967b23fa3adc7c1de78e46a46325011957083fb214c1e68bd857df389ee6aaad1e71f1eefaf901c2013366b77235bc593f091e66758aea34708d50e629701ee9e2080577264c3638e6680d01bf678504ebbc9c44dd1135dcc0aa375b76964e6acda7012595c2c36f67e55a54f69b5026b0f467780ff7fc612e0d0bee44daeb5931845f57c5638c7e7c9aaa4aec7d655b6f1e4ae83281843568bbf11f15ed49431312421be15788240a6cf7a29ef626e79c90478ad5c2216a37f8596fa51bf6e3f5700bc0cd64b176800cb9889a32eaf26b9262061fc7dc140821e5fe62840fa4a6e3e64af1dd6b37718dcaa63904ceef134b9768015dcf519d6fae9eba7169023bd4cdf472570d7f9974d177baee6ff3107633aacd9d5d6f49cbc3496e488e90cb5c67a1fd5669e7defd2edd4d9f38cb5bec0b19a392e649d40ffd5e1cc7995b8595ac7a7c31f3cd86c20c69246fc35d0e46363b47ee74dc7c09732e96f40b8bf8db8901a41e160fd1e32f7b06941582cdecf04444b9992efed3f785b7993f6e3dfbc37698092918cee02a037e2db3b3b4c0dc105008157eb6924cc0721dc4be344da84a5fe4fc4a581e85f894c6db7963115d678fca7bf4fabe2112900a71d85cf5566a3a8e25162ea09c37735d6bb34d4665a7f23ce3e524425b208540ffed61998f10c4e69af492da073def08efae821713596c04c80546b8ff6d525016172778b368613f976253dcee583e542bee65ca077e8b736a701f82b7829a5e3c46b2aebfbbc57c7fad4beee41fc5c64d06dd499cd1c4ff3c79150be63eaab235faf049423cd10775444e600c9f47ea057d82bdb3176c5730ec65fd3f9ded5e1c59d822306117b40c6c5ac2bde653981d6294288dadd38aa9fe67b11bbe51b13123f4bfdbfb4d468b9a52559b69cb73f27e774c6238f1724d99a62fc653738d1795cbba38025749f10be6c393fc37f722b06ad092855b95b1bcf48f69fc9ed321a9207436f32a5329d3ea451327bde03132ccc47d665236ef53133a9ee1025ea69d47acae2b1b7eab508fce8d479dea9c6f0bbc81c192592c03b093f92d2b284bf2c0c432f4a0e438d2623e5b8e637937a2b76f03892a9299cf6abd3c93642548216e718ac4e34cf9ea7cd91b41b5855097e914a4cf73919087cf21dd56a3d57ae3eab3848ebf2026adf6dfb21f4369a1494687b1538a905902b3fd0eb700a0ec314250b2256e79d6da514774fa7c4d412cd00bdd0dfe751346281e0c2c2ed238d8befbda8af43d7278fb968e695d8a7c9d100fc97f8e23905faa5fb3b82154cf880423b6de7ae54fc46ba288fab336ea25dbf1e57ff0cc266d0559e23af043831b8be3e2369371a593a023fa7080a465ef8620b87bacc37218b7d1cacab0ed5e6f3e903b156f7b4fbe334d3e0d1eb6125b5e13b7c1e330ed61e2cc9eff656298d0aca3f6e1a68e937412369c8de3f6a1bf042e2bc2bf2cd923809340fb98d55184a80dd94e175fb8c86006e4bfe0cfe88567c4297d01c7321e3cd7f99082b562c231683579b61e962361d66fcc5f83840d0b0e1cf08377356d66f63d146f5980c8c1f9f012832202bcefa2454d1b3c9f51fb59cf4da8d8e9e65d18ca0f58a893f3db8fb7a28a7e125f250c2dd1e26be906124bdd9f7a20a68784e1c5392b83856cd6523c9a870377eecfa6eefb9236c25235c73b2335bbd1b5c1ab307648cf90b2581c630d33fd38713fc34045d31da617341991b5c14d701d44cbd25c21c1d86aaf521c05c2286dd47e434b864ea36bc5ab90d93c87bd14e5ee0990b19a365bee0596260f1be43cc43586c8d6f6882303b13f295277684b98038c232b51059fd2234b115625e900c37893bafedbca082e5925642b8506a2dc02fef7f71e876d202215ff34fbbd17b1ecba2f978b2f147e8eb329c7c2d21246c75af38af49b7644c14e02bdd4cc4", 0xf00) 4.195958318s ago: executing program 5 (id=1976): close_range$auto(0x2, 0x8, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socketpair$auto(0x0, 0x200, 0xc7, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x10b142, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0xa00, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) io_uring_setup$auto(0x6, 0x0) ioctl$auto(r0, 0x4b47, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001300)='/proc/asound/card1/pcm1p/sub2/info\x00', 0x20401, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000a80)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x40000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/loop0/queue/zone_write_granularity\x00', 0x2800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) socket(0x1d, 0x2, 0x6) socket(0x2, 0x2, 0x1) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_setup$auto(0x2, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) socketpair$auto(0x4, 0x1, 0x20000, 0x0) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x1, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x4, 0x20, 0x0, 0x2c, 0x2d, 0x7, 0x3}) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001240)='/sys/devices/platform/dummy_hcd.5/usb6/6-0:1.0/bInterfaceProtocol\x00', 0x80400, 0x0) 4.195402589s ago: executing program 4 (id=1977): write$auto(0x800000000000c8, 0x0, 0x1a) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) shutdown$auto(0x200000003, 0x2) socket(0xa, 0x801, 0x106) setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x200000007b, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) madvise$auto(0x0, 0xffffffffffff0005, 0x19) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xf5s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000100), 0x20400, 0x0) r1 = epoll_create$auto(0x3e) r2 = socket(0xa, 0x2, 0x3a) epoll_ctl$auto(r1, 0x1, r0, 0x0) renameat2$auto(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, &(0x7f00000001c0)='./file1\x00', 0x4000) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PVERSION(r1, 0x80045700, &(0x7f0000000200)=0xfff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x800eb1, r2, 0x8000) r3 = openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x2480, 0x0) io_uring_setup$auto(0x7, &(0x7f0000000040)={0x5, 0x3ff, 0x5968, 0xfffffffd, 0x1, 0x8, r3, [0xf5, 0x1, 0xf76], {0x3, 0x8, 0x5, 0x9, 0xfffffffa, 0x5, 0x156c, 0x7, 0x83}, {0x7ff, 0x13, 0x3b, 0x8, 0x5, 0x553, 0x3, 0x9, 0x4}}) keyctl$auto(0x7ff, 0x0, 0xee01, 0x0, 0x0) keyctl$auto(0x15, 0xffffffffffffffff, 0x5, 0xffffffffffffffff, 0x8) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) mmap$auto(0x1, 0x20009, 0x4000000000e3, 0x17, 0x401, 0x8003) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0xfffffffffffffffe, 0xdf, 0xeb1, 0x401, 0x7ffc) unshare$auto(0x40000080) 3.972680548s ago: executing program 0 (id=1978): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = clone$auto(0x20003b46, 0x100000000000005, 0x0, 0x0, 0x2) r1 = socket(0x1d, 0x2, 0x6) bind$auto(0x3, &(0x7f0000000040), 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x2, 0x88) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r5, r4, 0x8, 0xff, r2, @relative_fd, 0xe600}, 0xf) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xb) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) socket(0xa, 0x3, 0x6) sendmsg$auto_BATADV_CMD_TP_METER(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x20, 0x70bd25, 0x25dfdbfc, {}, [@BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4004000) futex_waitv$auto(&(0x7f0000000000)={0x3ff, 0x5dd8, 0x2, 0xfff}, 0x3, 0x0, 0x0, 0x623d) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_prog_fd=0x77, 0xa}, 0xa3) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex, 0x7f, 0x99, 0x8, 0x1, @relative_id=0x8, 0x5}, 0x92) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) recvmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x7, &(0x7f0000000040)={0x0, 0x1}, 0x6, 0x0, 0x4, 0x6}, 0x1) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x7000000) syz_open_procfs$namespace(r0, &(0x7f0000000040)) 3.802765674s ago: executing program 3 (id=1979): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\\\x00\x00\x00'], 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x8587) sendmsg$auto_TIPC_NL_BEARER_SET(r1, 0x0, 0x40044) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000002b40)=ANY=[@ANYRES16=r2, @ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000800) recvmmsg$auto(r0, 0x0, 0x6, 0x5, &(0x7f0000000440)={0x7, 0x40}) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/set_event\x00', 0x40, 0x0) unshare$auto(0x40000080) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000001c80)={0x0, 0x0, &(0x7f0000001c40)={&(0x7f0000001500)={0x14, r4, 0x303, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0xf0ffff, 0x0, 0x8800}, 0x40040) pread64$auto(r3, &(0x7f0000000000)='\xae\xa9\x16\xee\xb5\x84\xde\xff\x9f_\a\xa9\x89N\x86\xbc\xb1\xfe\xf6&\v\xe9\xac\',Yd[\xac\x94C\x93\xe8\'-\x92N\xc6\xeaKZA\xde\x98j\x10\xe0f\xc7\x81\xa1\xf3L\xec\'c\xe4\xe8\xe5\xfdU\xa39\x11a\xb7\xf7\xef\xf3^w\xbeP\xfbynT|l;\xf2\xc7u\xcd\x17', 0xf, 0x5af) r5 = socket(0x28, 0x5, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x7}, 0x3, 0x0) bind$auto(r5, &(0x7f0000000080)=@in={0x28, 0x4e20, @multicast2}, 0x68) 3.597015205s ago: executing program 5 (id=1980): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x40400, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) syz_clone3(&(0x7f0000000100)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) socket(0x1, 0x803, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x141241, 0x0) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000380)="d0c7b195833faee72dc5291be21225d8c83201ac850dfa8e862126684a9cb822f42be45f1b96f35269fe4647932760c225dd83dfc9e56ae5398a9d3319a8d950f12cb50dfe1003383a7d7c1650caf627037fae97af7b3d35942b50004a5eadc5a58c63c7600c09ae4b451df40ca0c82e5258ddfbe18e1c69820a34fcb4fb48d5233ee33e2079f016357595c9182055fa1467d36ad6cb75bfcbea658bf7c857206256f3b4a7fbd8ea699df63075e3796081765e51e6043d9b4adfe4e50035ffa69a006b0c56b975ea50b9ab7b6cfde70077411b22cc3c9c9fc79d1eab73b030b12d1d4ec5780c83528487328ced16d63279bc6bf14c4a9c5df9f615cd5cdbda4dfcda81a9325f829ef4b5445382c89cce86a81f24440cc726bd9aa4ed65f08153bbd25061c688ab9f4957fdfe219b87a082a0d23eaa27230d45556369be59811ad0aac67940c33de5fc4a86d1efa0892a7532305e221f1ef98c89f3c6", 0x7111}, 0x8) socket(0xa, 0x2, 0x73) acct$auto(&(0x7f0000000000)='/dev/snd/seq\x00') r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) connect$auto(0x3, 0x0, 0x6b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptys3\x00', 0x101880, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) close_range$auto(r0, r1, 0x0) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x48402, 0x0) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0x40001, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0xc8201, 0x0) write$auto(r4, 0x0, 0x6) 3.416617535s ago: executing program 0 (id=1981): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:2/max_ratio_fine\x00', 0xa001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x3, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x400, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x11, 0x3, 0x6) r2 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event1\x00', 0x101242, 0x0) ioctl$auto_EVIOCREVOKE(r2, 0x40044591, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x8}) mmap$auto(0x0, 0x4, 0xffffffffffffffff, 0x400eb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(r0, r1, 0x400) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) r3 = socket(0xa, 0x3, 0xff) connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) madvise$auto(0x0, 0xffffffffffff0004, 0x19) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) getpgid$auto(0x0) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/interrupts\x00', 0x10b402, 0x0) pread64$auto(r4, 0x0, 0x20000000058, 0x3) 2.995126396s ago: executing program 5 (id=1982): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x842, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socket(0x15, 0x5, 0x0) userfaultfd$auto(0x1) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x9, 0x3, 0x1, &(0x7f0000000000)=0x2) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) r0 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x14, 0x0, 0x4) sendmmsg$auto(r0, &(0x7f00000000c0)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1004}, 0x1}, 0x2, 0x103) 2.907803061s ago: executing program 3 (id=1983): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/1:2/max_ratio_fine\x00', 0xa001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x3, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x11, 0x3, 0x6) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event1\x00', 0x101242, 0x0) ioctl$auto_EVIOCREVOKE(r1, 0x40044591, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x8}) mmap$auto(0x0, 0x4, 0xffffffffffffffff, 0x400eb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0xffffffffffffffff, r0, 0x400) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) madvise$auto(0x0, 0xffffffffffff0004, 0x19) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) getpgid$auto(0x0) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/interrupts\x00', 0x10b402, 0x0) pread64$auto(r3, 0x0, 0x20000000058, 0x3) 2.552266929s ago: executing program 5 (id=1984): read$auto_stat_fops_per_vm_kvm_main(0xffffffffffffffff, 0x0, 0x0) prctl$auto_PR_PAC_RESET_KEYS(0x36, 0xe, 0x3, 0x6, 0x7) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video30\x00', 0x2381, 0x0) mmap$auto(0x0, 0x810004, 0xfff, 0x8000000008012, 0x3, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) socket(0xa, 0x6, 0x0) connect$auto(0x3, &(0x7f0000000240)=@generic={0xa, "000000000000000000c3f546d200"}, 0x55) set_tid_address$auto(0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = open(&(0x7f00000001c0)='./cgroup\x00', 0x800, 0x8a) bpf$auto(0x10, &(0x7f00000000c0)=@link_detach={r0}, 0x40) mbind$auto(0x0, 0x4, 0x5, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x400, 0x3f) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x1ffff000, 0x7, 0x100000000) shmget$auto(0x8, 0x10563, 0x568d1af2) mknod$auto(&(0x7f0000000080)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x1081, 0x8) acct$auto(&(0x7f0000000480)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x0f\x18\xc5\x82-s\x83\xe6\xaeR\x81\r_\x0e\x19\x12\x85\bvf(e\xday)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbHL9aD\xb4\x80\xed\xba>\"\xb6\x7f\xa3f\x1d\a\xa1\x87\x84uA\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e') acct$auto(&(0x7f0000000040)='/dev/sequencer2\x00') r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(r2, 0x1, r1) open(&(0x7f0000000840)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x22240, 0x0) 2.090757861s ago: executing program 3 (id=1985): r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000000)={0xffffff8c, 0x7, 0x622e337e, 0x7, 0x2, 0x1002, 0xce, 0x6c35, 0x3}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) write$auto(r1, 0x0, 0xfffffde9) shutdown$auto(0x200000003, 0x2) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000340), 0x108800, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x2, 0x2) madvise$auto(0x0, 0xffffffff97fb20a5, 0x10002) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0xb0141, 0x0) r3 = socket(0x1f, 0x800, 0xffffff01) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x14}}, 0x4000000) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x8440, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x6482, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400, 0xdf, 0x8000000000000eb1, r3, 0x0) socket(0x15, 0x1, 0x0) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x4004004}, 0x8000) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="f60f00000000000000"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) io_uring_setup$auto(0x4, 0x0) 2.011708509s ago: executing program 4 (id=1986): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r1 = socket(0x2b, 0x1, 0x1) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r1, 0x0, 0x20000001) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000040)=""/141, 0x8d) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYRES64=r0], 0x2c}, 0x1, 0x0, 0x0, 0x40084}, 0x400c000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/firmware/acpi/hotplug/pci_root/enabled\x00', 0x183941, 0x0) write$auto(r3, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\xd6\x84\xef\xf5\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xed\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\x05\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd?\x13\xe2\xad\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH', 0x8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0) sendmsg$auto_NL80211_CMD_GET_MPP(r1, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(r3, &(0x7f00000000c0)={{0x0, 0x3, 0x0, 0x20a3, &(0x7f0000000180)="bcfdfd71f46d0d9bdb06c4837f6392975c3dce07fe23702dd7346a3e7774e8881be6660ef6514d314dc7c2a7b07582635940668ee4020f9bb4b577322dbddb1dcc92fbad285a54e448c0423f71bef721ac0eacdf0e2184faac074151ca1655bf5e8814d73eeff0e81d76aad5aced3625f066f3eeb4e7d741b11edc7af44162", 0x8000, 0x2}, 0x5}, 0x4, 0x102) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0x7}, 0xb, 0x0) setsockopt$auto(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x2) bind$auto(0xffffffffffffffff, 0x0, 0x5) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) 902.275177ms ago: executing program 3 (id=1987): nanosleep$auto(&(0x7f0000000d40)={0x4, 0xffffffffffffffff}, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0) ioctl$auto_FICLONE(0xffffffffffffffff, 0x40049409, 0xffffffffffffffff) ioctl$auto_NS_GET_PID_FROM_PIDNS(0xffffffffffffffff, 0x8004b706, &(0x7f0000000000)) r1 = socket(0x11, 0x80003, 0x300) open(&(0x7f0000000800)='./file0\x00', 0x200840, 0x154) syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000200), r1) socket(0x2, 0x2, 0x6) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x4, 0x28000) getsockopt$auto(0x6, 0x1, 0x4d, 0xfffffffffffffffe, 0x0) setsockopt$auto(r1, 0x107, 0x12, 0x0, 0x4) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x1aa, &(0x7f0000000300)={0x0, 0x4a}, 0x5, 0x0, 0x5, 0x5}, 0x5}, 0x2, 0x100) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0x2003f0, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) capset$auto(0x0, &(0x7f0000000040)={0x2f, 0x4, 0x3ff}) ioctl$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, 0x3, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, 0x0, 0x4000084) ioctl$auto(r2, 0x90006442, 0xc35) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r3) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000007c0)="2996f5d27a440ce9faf71c3508666b2b2a5880a91123e55238bef0342a9c01fd5673f76eee086476bbf8bc71135157887dfb8dc47e175972c8801f2d38564744c698b98be51d174ce142cd13257697c28603f576917d11965970717c8316ed3ff1ba4fbcf65b8cd02c21e40bd93778574472be9fb525a05bdb7d8645b5241633113ff17f478dcb0399ce398d9646663d8ac36cf872ab47483b324c3cf5bb113dd2da7ce81e9ebfaef438830b2d63a1840c031f4690d5b8049aeb22999ea3c95b769d3913af71f4c2053482a04d6dcb76718fae1ae96bf1b9b9f25bd5e3cb17fa2869a8fd884e44d0a1c44deecb0e580c5053adea7195e871583489586056f0f09f90213b72b6d68da0b1c829795dd757a8049a7a664903f04830eae1d32ce0ebed189dace91ba276df7b7138caecdbd7a955b7dcb9e491896dd89b8e4895141f8e54b4b877ed994380cf7af82df38aca6e520725a7325dccce7830d2e9aa356ff9d0ebe28ff2d5957c333ed56c10f1532a4c8cf5dd2fab436467d391e08a175b431e3d43770d8b6595c46d29abfff2d56c23c83a8bef9d2793539e89a12ecd73486769152de0bbdb545925dcb946a7852a38fa1bd26e460454ff488797fde6bf0d3f93ff960fde697b00d739c52fb4d3baf57742c363a9c47c449cb46e1e5e3d161f9cf78c4ff5a4d2f9fd3d3cffcfb77832c87c04b7a24ae09fb62a535c114036dff8ca2e6ebd0127d3acc18748758d4e9e1f0aaae9ed2a9794268124d228d8958b023e562935db8ac7c7575c883e11207c4abb1d5922ed2f889ae9feabd7c779b301c445d60a23b7b695691cc32254c191039e1cff749479ef6566f7bc17b4606424826ab31c58c4eaae383955d660c87a79fc0575440d536c6868716d0e47c622ba7afd41a6663c21d8e6e238139456d1e3bb5bd17f53e6b5f1a67ff244b86d25aeae57a23c7f696067c30039f053763dddfb923e77144bc6d6a9f2a78699407af5f0775f3e7326390b22bf10542a32ccdf4825376bb9e602468c5ddb62c512ab74becf8f664292b6d133fad45ce90182180ea2d39730d71f35f2f84d3ca292f41be61ac465968364abe48df5e11d44552588a0e77357ed4a6c4a6451a4ec2b87b2ce7c9eacf35f193474efef489a6843a6ebaa48e2eecde69dab237383677ac879d2096129c3b17d7765f756b7281b269d735a2d476257400ef5c00cb3c1e5e3cc7555f38d15454219dec3cf14c0b8fbdf8bcb6da46488aecb81641940c37866266318a8eb2488c5a532554d45b89d7dfe735e8fcb133ed8af217cf758a1e90b895aa9f515ff2360ae1e9909bcb30b754b56e0b56f0af79933506e35a9ea23621f6dee68d3f4488a9c42b9e3fab0e6cc6fd22022a3a2dafacaecacd66b98496f105755b09c017d542cf18c4fb0cfe9dbe6ffad6db6fa96303f7361c847a4516b9845ef5eafec89fcfbef38a0d367db8c10ed5460c8ba96cbec43e174b4ee5dd755bc987e50ef58c483327a19245ee2a2c9753225622837fccea3934d2d5fba043a323b9fedb5e7ca23d9aaf22bfb9a42447e89acab0a6268a7cbc20997ee0713f0cce2172f6f360401953e359a026004ed765e421e24a96cc33db0eba7a94cba3a36b501482e2c4f06270aa32a613fc22143bc3a951bac23aea4de2c15be6b9e42434a69b383cad441cbe49f4b1932ecaaa65a1e898eee88c6a6dbb1bd1d1830f7b50afc0d33f4a5d16ca6449671649d5f25e333762761b0f30eb0c82ac0d2a0476d14c689dfc3b2e0ac25c06bc2692d2b6c29d50483b76ffaabe4d0081ef598893ea2e9ec1f5afdf43fad511bbee12f662b836773fbb260a5ed96be3a13e2d07d884d93d4eff3a2edab53359ee6bb3c207bf4043736f29e51e00ddcdf360a576199049867f5df0830c877ef372ee2d213dd05d3cfc4d41dbc1c27e795bdefb5285e42ef432f6f0e4c35c0a326db442d9c90b3556e1db9a34e66e7e221c58912d369150a357e3edee1b22cf9860fedf2a6e47e98ef1614c9fa299b8d0ba529b9952ba5e6fd47982489a6fb955430e509119c7192cc0bc3d9c901d7986030fdff62ff9ae833cfd008678a76f0727618f7bbc322ae6195e2c0273685e7080ed88b0077cdce57feed07e3485bf680c73ed114a6fcdfdac7b773d45da37d6254cef387d4613ed427e3668e94b5a184149340ee6af311f4e4b88d4e6375563b3f20019c5593575bbb854ea25fd0916f20e052a29dabf035aee9be8f9a82becee856cb93762b9105b58b1e8fdd30beacc811f0560e06ba92fd261e7c9190bf9388997a17023bb5bf59c1cf0cf5bcfb4f704a00a37dbf0baadafa5b512da9759284b39ae9340e0444c6e13cd5c87f0b4003685387058f78336c7a0c8174005a5840142825e1836b4dd7e038a3a51cc788a5e76e381ed751f160af40ef4baf93845c44d5d6f4b3a001020fc56f0737729ac035ea75c141b80cdd3c944518751e99be30532d70c56bdd8de5e8e831d9b04848d0f9cebdb162ea04229cabc17571b4eb6680155f0faf62a49bf93eb9fcef979541789ae2f2eb448bf5f9670044e98a8afaf4a70bc8a0dd80267f88097fbd6b795d5328fb5242c128bfb76434d0f961ca6ab45bee8138158137bc4b2f14bd2585c973ad38dca1619a2ef9f8f3d9edfb1b5e2ae3ac7e74b700a59b69aeb072b967bda3b4f70f3140c788f01093fa9e7de807a463485b4dc0d315dd38463b3664321ce2a55e414a5ac9ec8b9ef66d1275aad5f96337893b1227052bb4532f21f49d54cb8cb185785a10cd7a0e1b80606efc75afefd66fc889e0668a4921bdbaa55d2c56e9583724d308548acc77374abb1d467211fc2e86b1d637ac08b481f257e01284bee5557202662574a4aeaa8328ab42a757c9a19af5781c86f1dbbb267e65fb16525d209494a37834ca25ba9dcb1634805ab8e9d794ff4f18a8c89627a9b2c07fdbb01aa02bddf7f34edf086cc44fc1b849a8c39114d5cebb963efb886c35270e32bd434f2b9d5598fa1f56f723b31a7f14324c70e15005220aedd8917b497ed4801fec9e75545539f3c56a36c15cc78e342417f084e36533e14642e35c0c838a633230b119544a406e3efcc655f40f4ca05227533bb1d8f34531f49431f23c66b8f7c022b52a2a41e073adf0f1009311c6dc21cf78fe8d8d85b8f57bbbbf2a1e24825a22627215758e8ee89ff77a26ab612a5c9f775a0ee302ffe3b1573d9247cc6a3c42afd7b7bb17568c612bfa852e4b468a3de03a84fcc5950e5ac317f7f23adb25e66fcb6ccf27f3decaeced6c3288ec1e557f0965baedd703f731102faaa1f377192ac270148386567c1092e49a3024f8eb99fa9ba85639e32b097010362afe942a112934dd6bf9e39781abee24feca5285c8c6804883c7e306a1301d60f2d3ce90fcd6496c224fd6631b753d26e049bfc91e9cd4dd437282d6af1eb0ef8a8667d818439ac967b23fa3adc7c1de78e46a46325011957083fb214c1e68bd857df389ee6aaad1e71f1eefaf901c2013366b77235bc593f091e66758aea34708d50e629701ee9e2080577264c3638e6680d01bf678504ebbc9c44dd1135dcc0aa375b76964e6acda7012595c2c36f67e55a54f69b5026b0f467780ff7fc612e0d0bee44daeb5931845f57c5638c7e7c9aaa4aec7d655b6f1e4ae83281843568bbf11f15ed49431312421be15788240a6cf7a29ef626e79c90478ad5c2216a37f8596fa51bf6e3f5700bc0cd64b176800cb9889a32eaf26b9262061fc7dc140821e5fe62840fa4a6e3e64af1dd6b37718dcaa63904ceef134b9768015dcf519d6fae9eba7169023bd4cdf472570d7f9974d177baee6ff3107633aacd9d5d6f49cbc3496e488e90cb5c67a1fd5669e7defd2edd4d9f38cb5bec0b19a392e649d40ffd5e1cc7995b8595ac7a7c31f3cd86c20c69246fc35d0e46363b47ee74dc7c09732e96f40b8bf8db8901a41e160fd1e32f7b06941582cdecf04444b9992efed3f785b7993f6e3dfbc37698092918cee02a037e2db3b3b4c0dc105008157eb6924cc0721dc4be344da84a5fe4fc4a581e85f894c6db7963115d678fca7bf4fabe2112900a71d85cf5566a3a8e25162ea09c37735d6bb34d4665a7f23ce3e524425b208540ffed61998f10c4e69af492da073def08efae821713596c04c80546b8ff6d525016172778b368613f976253dcee583e542bee65ca077e8b736a701f82b7829a5e3c46b2aebfbbc57c7fad4beee41fc5c64d06dd499cd1c4ff3c79150be63eaab235faf049423cd10775444e600c9f47ea057d82bdb3176c5730ec65fd3f9ded5e1c59d822306117b40c6c5ac2bde653981d6294288dadd38aa9fe67b11bbe51b13123f4bfdbfb4d468b9a52559b69cb73f27e774c6238f1724d99a62fc653738d1795cbba38025749f10be6c393fc37f722b06ad092855b95b1bcf48f69fc9ed321a9207436f32a5329d3ea451327bde03132ccc47d665236ef53133a9ee1025ea69d47acae2b1b7eab508fce8d479dea9c6f0bbc81c192592c03b093f92d2b284bf2c0c432f4a0e438d2623e5b8e637937a2b76f03892a9299cf6abd3c93642548216e718ac4e34cf9ea7cd91b41b5855097e914a4cf73919087cf21dd56a3d57ae3eab3848ebf2026adf6dfb21f4369a1494687b1538a905902b3fd0eb700a0ec314250b2256e79d6da514774fa7c4d412cd00bdd0dfe751346281e0c2c2ed238d8befbda8af43d7278fb968e695d8a7c9d100fc97f8e23905faa5fb3b82154cf880423b6de7ae54fc46ba288fab336ea25dbf1e57ff0cc266d0559e23af043831b8be3e2369371a593a023fa7080a465ef8620b87bacc37218b7d1cacab0ed5e6f3e903b156f7b4fbe334d3e0d1eb6125b5e13b7c1e330ed61e2cc9eff656298d0aca3f6e1a68e937412369c8de3f6a1bf042e2bc2bf2cd923809340fb98d55184a80dd94e175fb8c86006e4bfe0cfe88567c4297d01c7321e3cd7f99082b562c231683579b61e962361d66fcc5f83840d0b0e1cf08377356d66f63d146f5980c8c1f9f012832202bcefa2454d1b3c9f51fb59cf4da8d8e9e65d18ca0f58a893f3db8fb7a28a7e125f250c2dd1e26be906124bdd9f7a20a68784e1c5392b83856cd6523c9a870377eecfa6eefb9236c25235c73b2335bbd1b5c1ab307648cf90b2581c630d33fd38713fc34045d31da617341991b5c14d701d44cbd25c21c1d86aaf521c05c2286dd47e434b864ea36bc5ab90d93c87bd14e5ee0990b19a365bee0596260f1be43cc43586c8d6f6882303b13f295277684b98038c232b51059fd2234b115625e900c37893bafedbca082e5925642b8506a2dc02fef7f71e876d202215ff34fbbd17b1ecba2f978b2f147e8eb329c7c2d21246c75af38af49b7644c14e02bdd4cc4", 0xf00) 901.131768ms ago: executing program 0 (id=1995): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) r1 = socket(0xf, 0x5, 0x20) setsockopt$auto(r1, 0x6, 0xc, 0x0, 0x7fffffff) r2 = getsockopt$auto(r1, 0x4, 0x9, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xebf, 0x401, 0x5) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/mountinfo\x00', 0x42100, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r4, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, &(0x7f00000000c0)={&(0x7f0000001500)=ANY=[@ANYRESOCT=r1, @ANYRES16, @ANYRES32=r4], 0x1094}, 0x1, 0x0, 0x0, 0x4081}, 0xc000) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0xca, 0x7fffffff, 0x16, r4, 0x4) ioctl$auto(r4, 0x57, r3) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') r5 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r6 = openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/trace_clock\x00', 0x0, 0x0) ioctl$auto_UDMABUF_CREATE_LIST(r4, 0x40087543, &(0x7f00000004c0)={0x1, 0x80, [{r2, 0x0, 0x5, 0xef0}, {r5, 0x0, 0xffffffffffffffff, 0x9}, {r0, 0x0, 0x10000333d, 0x7}, {r6, 0x0, 0x7, 0x2}, {r0, 0x0, 0x8, 0xd589}, {r1, 0x0, 0xa7, 0x2}]}) sysfs$auto(0x2, 0x11, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp1\x00', 0x20040, 0x0) fsconfig$auto(0xffffffffffffffff, 0x8, 0x0, 0x0, 0x0) close_range$auto(r2, r4, 0x4f) 900.400008ms ago: executing program 5 (id=1988): unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(0xffffffffffffffff, 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x1f40) stat$auto(0x0, &(0x7f0000000380)={0x3, 0x3, 0x6, 0x4, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0xa, 0xff, 0x100, 0x401, 0x5f57, 0x80000000, 0xaa}) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) getsockopt$auto_SO_PASSCRED(r3, 0x1, 0x10, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/tty/ptypb/power/control\x00', 0x124001, 0x0) mmap$auto(0x0, 0x400005, 0x800000000000df, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, 0x0, 0x20048801) ioperm$auto(0xffff, 0xe, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) fcntl$auto_F_SETLK(0xffffffffffffffff, 0x6, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/can/rcvlist_inv\x00', 0x0, 0x0) pread64$auto(r4, 0x0, 0xe, 0x100000000007) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bond0\x00'}) statmount$auto(0x0, &(0x7f0000000180)={0x8000008, 0x1, 0x9, 0x3, 0x400026, 0x940, 0x1ffde, 0x3, 0x6, 0x7ff, 0xfffffffa, 0x400005, 0xfff, 0x0, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x2}, 0xfffff7fffffffffa, 0x81) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) io_setup$auto(0xffff, &(0x7f0000000580)) write$auto(0x3, 0x0, 0xfffffdef) 542.239503ms ago: executing program 4 (id=1989): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) ioctl$auto_RTC_RD_TIME(r0, 0x80247009, 0x0) socket(0xa, 0x2, 0x88) socket(0x10, 0x2, 0xc) sendmsg$auto_OVS_VPORT_CMD_NEW(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x8100) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, 0x0, 0x40) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) r1 = socket(0x22, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x80044944, 0x0) close_range$auto(0x2, 0x8, 0x0) getuid() socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0x0, 0x1, 0xd4, 0x7fffffff, 0x6, 0x0, 0xa89e, 0x3690, 0x2, {0xfffffffc, 0x10000}, 0xa81e, 0x6, 0xffffffffffffffff, 0x1008000, 0x0, 0x80000080000004, 0x84, 0xffffffffffff6291, 0xffff, 0xdeb1, 0x806}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x101080, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/igmp6\x00', 0x101d41, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, &(0x7f00000000c0), 0x240803, 0x0) read$auto_ptdump_curusr_fops_(r3, &(0x7f0000000100)=""/25, 0x19) prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff) setresuid$auto(0x8, 0x8, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x1feff, 0x1c, 0x0) 0s ago: executing program 4 (id=1990): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) r0 = socket(0x29, 0x5, 0x0) open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x8802, 0x0) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) mmap$auto(0x9, 0x40, 0x9, 0x110, r0, 0x0) read$auto(r1, 0x0, 0x1) write$auto(0x3, 0x0, 0xfdef) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x42146, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40200, 0x0) ioctl$auto(0xffffffffffffffff, 0x9, r4) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000840)='./cgroup.cpu/memory.stat\x00', 0x80200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000240)=""/118, 0x76) kernel console output (not intermixed with test programs): 7] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 751.380854][T13987] RSP: 002b:00007f534d8a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 751.380879][T13987] RAX: ffffffffffffffda RBX: 00007f534cbb5fa0 RCX: 00007f534c98e169 [ 751.380897][T13987] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 751.380913][T13987] RBP: 00007f534ca10a68 R08: 0000000000000000 R09: 0000000000000000 [ 751.380928][T13987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 751.380944][T13987] R13: 0000000000000000 R14: 00007f534cbb5fa0 R15: 00007ffc9e377e88 [ 751.380987][T13987] [ 752.997105][T14006] random: crng reseeded on system resumption [ 753.886525][T14022] random: crng reseeded on system resumption [ 755.749228][T14050] vivid-007: ================= START STATUS ================= [ 755.850336][T14050] vivid-007: Generate PTS: true [ 755.900454][T14050] vivid-007: Generate SCR: true [ 755.976071][T14050] tpg source WxH: 640x360 (Y'CbCr) [ 755.990391][T14050] tpg field: 1 [ 755.993988][T14050] tpg crop: (0,0)/640x360 [ 756.010752][T14050] tpg compose: (0,0)/640x360 [ 756.014961][T14055] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1328'. [ 756.029710][T14050] tpg colorspace: 8 [ 756.036034][T14050] tpg transfer function: 0/0 [ 756.043713][T14050] tpg Y'CbCr encoding: 0/0 [ 756.050257][T14050] tpg quantization: 0/0 [ 756.057461][T14050] tpg RGB range: 0/2 [ 756.064325][T14050] vivid-007: ================== END STATUS ================== [ 756.117559][T14055] FAULT_INJECTION: forcing a failure. [ 756.117559][T14055] name failslab, interval 1, probability 0, space 0, times 0 [ 756.146763][T14052] vivid-007: kernel_thread() failed [ 756.155719][T14055] CPU: 0 UID: 0 PID: 14055 Comm: syz.3.1328 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 756.155762][T14055] Tainted: [U]=USER [ 756.155771][T14055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 756.155787][T14055] Call Trace: [ 756.155796][T14055] [ 756.155807][T14055] dump_stack_lvl+0x16c/0x1f0 [ 756.155847][T14055] should_fail_ex+0x512/0x640 [ 756.155876][T14055] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 756.155909][T14055] should_failslab+0xc2/0x120 [ 756.155942][T14055] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 756.155971][T14055] ? __proc_create+0xc3/0x8c0 [ 756.155999][T14055] ? __proc_create+0x2ce/0x8c0 [ 756.156139][T14055] __proc_create+0x2ce/0x8c0 [ 756.156178][T14055] ? __pfx___proc_create+0x10/0x10 [ 756.156215][T14055] ? _raw_write_unlock+0x28/0x50 [ 756.156245][T14055] ? proc_register+0x314/0x5f0 [ 756.156277][T14055] proc_create_reg+0x7d/0x180 [ 756.156309][T14055] proc_create_net_data+0x8e/0x1b0 [ 756.156352][T14055] ? __pfx_proc_create_net_data+0x10/0x10 [ 756.156390][T14055] sctp_proc_init+0x14c/0x270 [ 756.156423][T14055] ? __pfx_sctp_defaults_init+0x10/0x10 [ 756.156454][T14055] sctp_defaults_init+0x74a/0xd80 [ 756.156489][T14055] ? __pfx_sctp_defaults_init+0x10/0x10 [ 756.156524][T14055] ops_init+0x1df/0x5f0 [ 756.156562][T14055] setup_net+0x21e/0x850 [ 756.156598][T14055] ? __pfx_setup_net+0x10/0x10 [ 756.156629][T14055] ? lockdep_init_map_type+0x5c/0x280 [ 756.156664][T14055] ? __pfx_down_read_killable+0x10/0x10 [ 756.156690][T14055] ? debug_mutex_init+0x37/0x70 [ 756.156720][T14055] copy_net_ns+0x2a6/0x5f0 [ 756.156760][T14055] create_new_namespaces+0x3ea/0xad0 [ 756.156797][T14055] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 756.156831][T14055] ksys_unshare+0x45b/0xa40 [ 756.156866][T14055] ? __pfx_ksys_unshare+0x10/0x10 [ 756.156898][T14055] ? xfd_validate_state+0x5d/0x180 [ 756.156925][T14055] ? rcu_is_watching+0x12/0xc0 [ 756.156959][T14055] __x64_sys_unshare+0x31/0x40 [ 756.156992][T14055] do_syscall_64+0xcd/0x230 [ 756.157029][T14055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.157053][T14055] RIP: 0033:0x7f534c98e169 [ 756.157074][T14055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 756.157102][T14055] RSP: 002b:00007f534d8a8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 756.157127][T14055] RAX: ffffffffffffffda RBX: 00007f534cbb5fa0 RCX: 00007f534c98e169 [ 756.157145][T14055] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 756.157162][T14055] RBP: 00007f534ca10a68 R08: 0000000000000000 R09: 0000000000000000 [ 756.157178][T14055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 756.157194][T14055] R13: 0000000000000000 R14: 00007f534cbb5fa0 R15: 00007ffc9e377e88 [ 756.157228][T14055] [ 757.958215][T14072] random: crng reseeded on system resumption [ 758.990176][T14094] CIFS mount error: No usable UNC path provided in device string! [ 758.990176][T14094] [ 759.305591][T14094] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 759.634699][T14090] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[14090] [ 760.316396][T14102] vivid-007: ================= START STATUS ================= [ 760.324262][T14102] vivid-007: Generate PTS: true [ 760.329376][T14102] vivid-007: Generate SCR: true [ 760.334246][T14102] tpg source WxH: 640x360 (Y'CbCr) [ 760.342104][T14102] tpg field: 1 [ 760.374764][T14102] tpg crop: (0,0)/640x360 [ 760.425078][T14102] tpg compose: (0,0)/640x360 [ 760.430915][T14102] tpg colorspace: 8 [ 760.437100][T14102] tpg transfer function: 0/0 [ 760.442673][T14102] tpg Y'CbCr encoding: 0/0 [ 760.449327][T14102] tpg quantization: 0/0 [ 760.454823][T14102] tpg RGB range: 0/2 [ 760.460309][T14102] vivid-007: ================== END STATUS ================== [ 761.777369][T14130] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 762.368970][T14140] random: crng reseeded on system resumption [ 762.647507][T14149] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1345'. [ 762.909645][T14149] FAULT_INJECTION: forcing a failure. [ 762.909645][T14149] name failslab, interval 1, probability 0, space 0, times 0 [ 763.108667][T14149] CPU: 1 UID: 0 PID: 14149 Comm: syz.0.1345 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 763.108715][T14149] Tainted: [U]=USER [ 763.108725][T14149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 763.108742][T14149] Call Trace: [ 763.108751][T14149] [ 763.108762][T14149] dump_stack_lvl+0x16c/0x1f0 [ 763.108804][T14149] should_fail_ex+0x512/0x640 [ 763.108834][T14149] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 763.108865][T14149] should_failslab+0xc2/0x120 [ 763.108898][T14149] __kmalloc_cache_noprof+0x6a/0x3e0 [ 763.108926][T14149] ? sctp_auth_shkey_create+0x9e/0x210 [ 763.108969][T14149] sctp_auth_shkey_create+0x9e/0x210 [ 763.109009][T14149] sctp_endpoint_new+0x562/0xcd0 [ 763.109056][T14149] sctp_init_sock+0xe2d/0x1330 [ 763.109091][T14149] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 763.109128][T14149] sctp_v6_init_sock+0x16/0x70 [ 763.109161][T14149] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 763.109195][T14149] inet6_create+0xb2d/0x1300 [ 763.109227][T14149] ? inet6_create+0x7f/0x1300 [ 763.109260][T14149] __sock_create+0x335/0x8d0 [ 763.109294][T14149] inet_ctl_sock_create+0x94/0x230 [ 763.109334][T14149] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 763.109368][T14149] ? lockdep_init_map_type+0x5c/0x280 [ 763.109404][T14149] ? do_init_timer+0xc9/0x110 [ 763.109443][T14149] ? __pfx_sctp_ctrlsock_init+0x10/0x10 [ 763.109477][T14149] sctp_ctrlsock_init+0x40/0xf0 [ 763.109512][T14149] ops_init+0x1df/0x5f0 [ 763.109551][T14149] setup_net+0x21e/0x850 [ 763.109588][T14149] ? __pfx_setup_net+0x10/0x10 [ 763.109620][T14149] ? lockdep_init_map_type+0x5c/0x280 [ 763.109653][T14149] ? __pfx_down_read_killable+0x10/0x10 [ 763.109681][T14149] ? debug_mutex_init+0x37/0x70 [ 763.109711][T14149] copy_net_ns+0x2a6/0x5f0 [ 763.109749][T14149] create_new_namespaces+0x3ea/0xad0 [ 763.109786][T14149] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 763.109819][T14149] ksys_unshare+0x45b/0xa40 [ 763.109854][T14149] ? __pfx_ksys_unshare+0x10/0x10 [ 763.109887][T14149] ? xfd_validate_state+0x5d/0x180 [ 763.109915][T14149] ? rcu_is_watching+0x12/0xc0 [ 763.109949][T14149] __x64_sys_unshare+0x31/0x40 [ 763.109983][T14149] do_syscall_64+0xcd/0x230 [ 763.110020][T14149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 763.110045][T14149] RIP: 0033:0x7f14e538e169 [ 763.110067][T14149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 763.110092][T14149] RSP: 002b:00007f14e62b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 763.110118][T14149] RAX: ffffffffffffffda RBX: 00007f14e55b5fa0 RCX: 00007f14e538e169 [ 763.110137][T14149] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 763.110155][T14149] RBP: 00007f14e5410a68 R08: 0000000000000000 R09: 0000000000000000 [ 763.110172][T14149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 763.110189][T14149] R13: 0000000000000000 R14: 00007f14e55b5fa0 R15: 00007ffe42c30398 [ 763.110225][T14149] [ 764.287695][T14161] vivid-007: ================= START STATUS ================= [ 764.338188][T14161] vivid-007: Generate PTS: true [ 764.373104][T14161] vivid-007: Generate SCR: true [ 764.401776][T14161] tpg source WxH: 640x360 (Y'CbCr) [ 764.433581][T14161] tpg field: 1 [ 764.443844][T14161] tpg crop: (0,0)/640x360 [ 764.450377][T14161] tpg compose: (0,0)/640x360 [ 764.473285][T14161] tpg colorspace: 8 [ 764.481585][T14161] tpg transfer function: 0/0 [ 764.486447][T14161] tpg Y'CbCr encoding: 0/0 [ 764.492391][T14161] tpg quantization: 0/0 [ 764.497681][T14161] tpg RGB range: 0/2 [ 764.509000][T14161] vivid-007: ================== END STATUS ================== [ 764.595064][T14163] vivid-007: kernel_thread() failed [ 768.335061][T14203] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 768.495999][T14206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1354'. [ 769.383666][T14213] random: crng reseeded on system resumption [ 772.929944][T14240] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 772.945695][T14240] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 772.970100][T14240] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 772.986602][T14240] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 774.210727][T14269] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1366'. [ 775.001483][ T5853] Bluetooth: hci2: command 0x0406 tx timeout [ 775.007798][T12072] Bluetooth: hci4: command 0x0406 tx timeout [ 775.013850][T12072] Bluetooth: hci1: command 0x0406 tx timeout [ 775.015500][T11441] Bluetooth: hci0: command 0x0406 tx timeout [ 775.067568][T14281] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1369'. [ 776.504093][T14291] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[14291] [ 779.301548][T14324] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 779.320101][T14324] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 779.411902][T14324] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 779.445772][T14324] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 780.248276][T14350] .SR: entered promiscuous mode [ 780.261794][T14353] Invalid ELF header magic: != ELF [ 780.436121][T14278] Bluetooth: hci0: command 0x0406 tx timeout [ 781.167614][T14350] could not allocate digest TFM handle [ 781.251987][T14353] could not allocate digest TFM handle [ 781.372751][T14366] random: crng reseeded on system resumption [ 781.412782][T14278] Bluetooth: hci1: command 0x0406 tx timeout [ 781.483142][T14278] Bluetooth: hci2: command 0x0406 tx timeout [ 781.489300][ T5849] Bluetooth: hci4: command 0x0406 tx timeout [ 781.827831][T14384] vivid-007: ================= START STATUS ================= [ 781.902929][T14384] vivid-007: Generate PTS: true [ 781.931546][T14384] vivid-007: Generate SCR: true [ 781.940309][T14384] tpg source WxH: 640x360 (Y'CbCr) [ 781.980521][T14384] tpg field: 1 [ 781.984026][T14384] tpg crop: (0,0)/640x360 [ 781.991126][T14384] tpg compose: (0,0)/640x360 [ 781.998778][T14384] tpg colorspace: 8 [ 782.003901][T14384] tpg transfer function: 0/0 [ 782.009973][T14384] tpg Y'CbCr encoding: 0/0 [ 782.018958][T14384] tpg quantization: 0/0 [ 782.024483][T14384] tpg RGB range: 0/2 [ 782.029982][T14384] vivid-007: ================== END STATUS ================== [ 782.486292][T14404] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1390'. [ 782.501077][T14400] random: crng reseeded on system resumption [ 782.554022][T14404] FAULT_INJECTION: forcing a failure. [ 782.554022][T14404] name failslab, interval 1, probability 0, space 0, times 0 [ 782.621924][T14404] CPU: 0 UID: 0 PID: 14404 Comm: syz.4.1390 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 782.621971][T14404] Tainted: [U]=USER [ 782.621980][T14404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 782.621995][T14404] Call Trace: [ 782.622004][T14404] [ 782.622015][T14404] dump_stack_lvl+0x16c/0x1f0 [ 782.622056][T14404] should_fail_ex+0x512/0x640 [ 782.622091][T14404] should_failslab+0xc2/0x120 [ 782.622124][T14404] __kmalloc_cache_noprof+0x6a/0x3e0 [ 782.622151][T14404] ? cfmuxl_create+0x40/0x210 [ 782.622187][T14404] ? __pfx_caif_init_net+0x10/0x10 [ 782.622218][T14404] cfmuxl_create+0x40/0x210 [ 782.622251][T14404] cfcnfg_create+0x78/0x500 [ 782.622280][T14404] ? debug_mutex_init+0x37/0x70 [ 782.622306][T14404] ? __pfx_caif_init_net+0x10/0x10 [ 782.622335][T14404] caif_init_net+0x7d/0xe0 [ 782.622367][T14404] ops_init+0x1df/0x5f0 [ 782.622405][T14404] setup_net+0x21e/0x850 [ 782.622442][T14404] ? __pfx_setup_net+0x10/0x10 [ 782.622472][T14404] ? lockdep_init_map_type+0x5c/0x280 [ 782.622505][T14404] ? __pfx_down_read_killable+0x10/0x10 [ 782.622534][T14404] ? debug_mutex_init+0x37/0x70 [ 782.622563][T14404] copy_net_ns+0x2a6/0x5f0 [ 782.622602][T14404] create_new_namespaces+0x3ea/0xad0 [ 782.622641][T14404] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 782.622673][T14404] ksys_unshare+0x45b/0xa40 [ 782.622707][T14404] ? __pfx_ksys_unshare+0x10/0x10 [ 782.622746][T14404] ? xfd_validate_state+0x5d/0x180 [ 782.622775][T14404] ? rcu_is_watching+0x12/0xc0 [ 782.622810][T14404] __x64_sys_unshare+0x31/0x40 [ 782.622844][T14404] do_syscall_64+0xcd/0x230 [ 782.622883][T14404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.622907][T14404] RIP: 0033:0x7f035e98e169 [ 782.622929][T14404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 782.622954][T14404] RSP: 002b:00007f035f71b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 782.622978][T14404] RAX: ffffffffffffffda RBX: 00007f035ebb5fa0 RCX: 00007f035e98e169 [ 782.622997][T14404] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 782.623013][T14404] RBP: 00007f035ea10a68 R08: 0000000000000000 R09: 0000000000000000 [ 782.623029][T14404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 782.623044][T14404] R13: 0000000000000000 R14: 00007f035ebb5fa0 R15: 00007ffd423305d8 [ 782.623078][T14404] [ 783.623173][T14422] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 784.015226][T14437] random: crng reseeded on system resumption [ 784.200772][T14443] vivid-007: ================= START STATUS ================= [ 784.213067][T14443] vivid-007: Generate PTS: true [ 784.230224][T14443] vivid-007: Generate SCR: true [ 784.250809][T14443] tpg source WxH: 640x360 (Y'CbCr) [ 784.256883][T14443] tpg field: 1 [ 784.264425][T14443] tpg crop: (0,0)/640x360 [ 784.276539][T14443] tpg compose: (0,0)/640x360 [ 784.308369][T14443] tpg colorspace: 8 [ 784.315724][T14443] tpg transfer function: 0/0 [ 784.322187][T14443] tpg Y'CbCr encoding: 0/0 [ 784.411768][T14443] tpg quantization: 0/0 [ 784.446756][T14443] tpg RGB range: 0/2 [ 784.450816][T14443] vivid-007: ================== END STATUS ================== [ 784.803823][T14451] FAULT_INJECTION: forcing a failure. [ 784.803823][T14451] name failslab, interval 1, probability 0, space 0, times 0 [ 784.803897][T14451] CPU: 0 UID: 0 PID: 14451 Comm: syz.0.1408 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 784.803937][T14451] Tainted: [U]=USER [ 784.803947][T14451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 784.803962][T14451] Call Trace: [ 784.803972][T14451] [ 784.803982][T14451] dump_stack_lvl+0x16c/0x1f0 [ 784.804024][T14451] should_fail_ex+0x512/0x640 [ 784.804054][T14451] ? __kmalloc_noprof+0xbf/0x510 [ 784.804090][T14451] ? tracing_log_err+0x4b4/0x6a0 [ 784.804119][T14451] should_failslab+0xc2/0x120 [ 784.804153][T14451] __kmalloc_noprof+0xd2/0x510 [ 784.804186][T14451] ? kasan_save_track+0x14/0x30 [ 784.804219][T14451] tracing_log_err+0x4b4/0x6a0 [ 784.804258][T14451] append_filter_err+0x380/0x5e0 [ 784.804326][T14451] apply_subsystem_event_filter+0x678/0x1450 [ 784.804369][T14451] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 784.804411][T14451] ? _copy_from_user+0x59/0xd0 [ 784.804447][T14451] subsystem_filter_write+0x95/0x120 [ 784.804480][T14451] vfs_write+0x25c/0x1180 [ 784.804505][T14451] ? __pfx_subsystem_filter_write+0x10/0x10 [ 784.804539][T14451] ? __pfx___mutex_lock+0x10/0x10 [ 784.804575][T14451] ? __pfx_vfs_write+0x10/0x10 [ 784.804611][T14451] ? __fget_files+0x20e/0x3c0 [ 784.804646][T14451] ksys_write+0x12a/0x240 [ 784.804673][T14451] ? __pfx_ksys_write+0x10/0x10 [ 784.804698][T14451] ? rcu_is_watching+0x12/0xc0 [ 784.804734][T14451] do_syscall_64+0xcd/0x230 [ 784.804772][T14451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 784.804799][T14451] RIP: 0033:0x7f14e538e169 [ 784.804820][T14451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 784.804845][T14451] RSP: 002b:00007f14e62b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 784.804871][T14451] RAX: ffffffffffffffda RBX: 00007f14e55b5fa0 RCX: 00007f14e538e169 [ 784.804889][T14451] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007 [ 784.804905][T14451] RBP: 00007f14e5410a68 R08: 0000000000000000 R09: 0000000000000000 [ 784.804921][T14451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 784.804936][T14451] R13: 0000000000000000 R14: 00007f14e55b5fa0 R15: 00007ffe42c30398 [ 784.804970][T14451] [ 786.339005][T14483] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1405'. [ 786.374150][T14483] FAULT_INJECTION: forcing a failure. [ 786.374150][T14483] name failslab, interval 1, probability 0, space 0, times 0 [ 786.426565][T14483] CPU: 0 UID: 0 PID: 14483 Comm: syz.4.1405 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 786.426609][T14483] Tainted: [U]=USER [ 786.426617][T14483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 786.426629][T14483] Call Trace: [ 786.426637][T14483] [ 786.426646][T14483] dump_stack_lvl+0x16c/0x1f0 [ 786.426688][T14483] should_fail_ex+0x512/0x640 [ 786.426715][T14483] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 786.426743][T14483] should_failslab+0xc2/0x120 [ 786.426772][T14483] __kmalloc_cache_noprof+0x6a/0x3e0 [ 786.426798][T14483] ? sctp_endpoint_new+0x11f/0xcd0 [ 786.426835][T14483] sctp_endpoint_new+0x11f/0xcd0 [ 786.426876][T14483] sctp_init_sock+0xe2d/0x1330 [ 786.426907][T14483] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 786.426941][T14483] sctp_v6_init_sock+0x16/0x70 [ 786.426972][T14483] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 786.427007][T14483] inet6_create+0xb2d/0x1300 [ 786.427040][T14483] ? inet6_create+0x7f/0x1300 [ 786.427075][T14483] __sock_create+0x335/0x8d0 [ 786.427108][T14483] inet_ctl_sock_create+0x94/0x230 [ 786.427146][T14483] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 786.427182][T14483] ? lockdep_init_map_type+0x5c/0x280 [ 786.427217][T14483] ? do_init_timer+0xc9/0x110 [ 786.427249][T14483] ? __pfx_sctp_ctrlsock_init+0x10/0x10 [ 786.427283][T14483] sctp_ctrlsock_init+0x40/0xf0 [ 786.427316][T14483] ops_init+0x1df/0x5f0 [ 786.427354][T14483] setup_net+0x21e/0x850 [ 786.427392][T14483] ? __pfx_setup_net+0x10/0x10 [ 786.427432][T14483] ? lockdep_init_map_type+0x5c/0x280 [ 786.427468][T14483] ? __pfx_down_read_killable+0x10/0x10 [ 786.427497][T14483] ? debug_mutex_init+0x37/0x70 [ 786.427528][T14483] copy_net_ns+0x2a6/0x5f0 [ 786.427569][T14483] create_new_namespaces+0x3ea/0xad0 [ 786.427608][T14483] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 786.427642][T14483] ksys_unshare+0x45b/0xa40 [ 786.427678][T14483] ? __pfx_ksys_unshare+0x10/0x10 [ 786.427710][T14483] ? xfd_validate_state+0x5d/0x180 [ 786.427739][T14483] ? rcu_is_watching+0x12/0xc0 [ 786.427773][T14483] __x64_sys_unshare+0x31/0x40 [ 786.427807][T14483] do_syscall_64+0xcd/0x230 [ 786.427845][T14483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 786.427870][T14483] RIP: 0033:0x7f035e98e169 [ 786.427892][T14483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 786.427918][T14483] RSP: 002b:00007f035f71b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 786.427943][T14483] RAX: ffffffffffffffda RBX: 00007f035ebb5fa0 RCX: 00007f035e98e169 [ 786.427962][T14483] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 786.427978][T14483] RBP: 00007f035ea10a68 R08: 0000000000000000 R09: 0000000000000000 [ 786.427994][T14483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 786.428011][T14483] R13: 0000000000000000 R14: 00007f035ebb5fa0 R15: 00007ffd423305d8 [ 786.428046][T14483] [ 788.114443][T14495] random: crng reseeded on system resumption [ 788.458411][T14509] random: crng reseeded on system resumption [ 789.591511][T14523] FAULT_INJECTION: forcing a failure. [ 789.591511][T14523] name failslab, interval 1, probability 0, space 0, times 0 [ 789.620191][T14523] CPU: 1 UID: 0 PID: 14523 Comm: syz.5.1412 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 789.620236][T14523] Tainted: [U]=USER [ 789.620245][T14523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 789.620261][T14523] Call Trace: [ 789.620270][T14523] [ 789.620281][T14523] dump_stack_lvl+0x16c/0x1f0 [ 789.620322][T14523] should_fail_ex+0x512/0x640 [ 789.620351][T14523] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 789.620382][T14523] should_failslab+0xc2/0x120 [ 789.620414][T14523] __kmalloc_cache_noprof+0x6a/0x3e0 [ 789.620442][T14523] ? apply_subsystem_event_filter+0x3c0/0x1450 [ 789.620478][T14523] apply_subsystem_event_filter+0x3c0/0x1450 [ 789.620519][T14523] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 789.620559][T14523] ? _copy_from_user+0x59/0xd0 [ 789.620591][T14523] subsystem_filter_write+0x95/0x120 [ 789.620621][T14523] vfs_write+0x25c/0x1180 [ 789.620643][T14523] ? __pfx_subsystem_filter_write+0x10/0x10 [ 789.620675][T14523] ? __pfx___mutex_lock+0x10/0x10 [ 789.620708][T14523] ? __pfx_vfs_write+0x10/0x10 [ 789.620741][T14523] ? __fget_files+0x20e/0x3c0 [ 789.620772][T14523] ksys_write+0x12a/0x240 [ 789.620797][T14523] ? __pfx_ksys_write+0x10/0x10 [ 789.620820][T14523] ? rcu_is_watching+0x12/0xc0 [ 789.620856][T14523] do_syscall_64+0xcd/0x230 [ 789.620903][T14523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.620928][T14523] RIP: 0033:0x7f20e1b8e169 [ 789.620949][T14523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 789.620971][T14523] RSP: 002b:00007f20e2a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 789.620993][T14523] RAX: ffffffffffffffda RBX: 00007f20e1db5fa0 RCX: 00007f20e1b8e169 [ 789.621009][T14523] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007 [ 789.621023][T14523] RBP: 00007f20e1c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 789.621025][T14526] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1413'. [ 789.621038][T14523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 789.621052][T14523] R13: 0000000000000000 R14: 00007f20e1db5fa0 R15: 00007ffcc4e42858 [ 789.621079][T14523] [ 790.842406][T14534] random: crng reseeded on system resumption [ 791.025145][T14546] syz.0.1417: vmalloc error: size 1863680, failed to allocate pages, mode:0xcc2(GFP_KERNEL|__GFP_HIGHMEM), nodemask=(null),cpuset=/,mems_allowed=0-1                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             syzkaller syzkaller login: [ 887.807573][T15899] kernel write not supported for file /status (pid: 15899 comm: syz.5.1642) [ 888.142456][T15927] device-mapper: ioctl: device name cannot contain '/' [ 888.829173][T15921] kernel write not supported for file /status (pid: 15921 comm: syz.5.1649) [ 890.185078][T15940] kernel write not supported for file /status (pid: 15940 comm: syz.5.1651) [ 890.512709][T15957] kernel write not supported for file /status (pid: 15957 comm: syz.5.1656) [ 891.641110][T15970] kernel write not supported for file /status (pid: 15970 comm: syz.5.1657) [ 891.675168][T15978] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1658'. [ 892.062850][T15983] kernel write not supported for file /status (pid: 15983 comm: syz.5.1660) [ 893.275549][T15994] erspan0: entered allmulticast mode [ 894.035928][T16001] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 894.056826][T16001] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 894.063601][T16001] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 894.095587][T16001] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 894.473702][T15999] kernel write not supported for file /status (pid: 15999 comm: syz.5.1661) [ 895.797235][T11441] Bluetooth: hci0: command 0x0406 tx timeout [ 896.115795][T11441] Bluetooth: hci1: command 0x040f tx timeout [ 896.115921][ T5849] Bluetooth: hci2: command 0x0406 tx timeout [ 896.122794][T11441] Bluetooth: hci4: command 0x0406 tx timeout [ 896.509471][T16032] kernel write not supported for file /status (pid: 16032 comm: syz.5.1663) [ 896.767901][T16029] kernel write not supported for file /status (pid: 16029 comm: syz.5.1663) [ 900.025189][T16035] kernel write not supported for file /status (pid: 16035 comm: syz.5.1666) [ 900.248004][T16069] netlink: 346 bytes leftover after parsing attributes in process `syz.4.1674'. [ 900.953102][T16075] kernel write not supported for file /status (pid: 16075 comm: syz.5.1672) [ 902.886622][T16073] kernel write not supported for file /status (pid: 16073 comm: syz.5.1672) [ 902.917725][T15985] kernel write not supported for file /status (pid: 15985 comm: syz.5.1660) [ 903.121114][T16110] kernel write not supported for file /status (pid: 16110 comm: syz.5.1680) [ 903.784506][T16107] kernel write not supported for file /status (pid: 16107 comm: syz.5.1680) [ 904.750391][T16136] netlink: 346 bytes leftover after parsing attributes in process `syz.0.1684'. [ 904.976670][T16142] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1683'. [ 905.052962][T16131] kernel write not supported for file /status (pid: 16131 comm: syz.5.1683) [ 905.712034][T16130] kernel write not supported for file /status (pid: 16130 comm: syz.5.1683) [ 906.622915][T16162] erspan0: entered allmulticast mode [ 908.908635][T16171] Process accounting paused [ 910.472406][T16191] CIFS mount error: No usable UNC path provided in device string! [ 910.472406][T16191] [ 910.550154][T16191] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 911.864436][T16224] Invalid ELF header magic: != ELF [ 913.936938][T16247] vivid-007: ================= START STATUS ================= [ 913.986690][T16247] vivid-007: Generate PTS: true [ 913.999633][T16247] vivid-007: Generate SCR: true [ 914.005558][T16247] tpg source WxH: 640x360 (Y'CbCr) [ 914.011203][T16247] tpg field: 1 [ 914.014918][T16247] tpg crop: (0,0)/640x360 [ 914.035555][T16247] tpg compose: (0,0)/640x360 [ 914.049702][T16247] tpg colorspace: 8 [ 914.056206][T16247] tpg transfer function: 0/0 [ 914.061295][T16247] tpg Y'CbCr encoding: 0/0 [ 914.073139][T16247] tpg quantization: 0/0 [ 914.079193][T16247] tpg RGB range: 0/2 [ 914.087544][T16247] vivid-007: ================== END STATUS ================== [ 914.712349][T16263] vivid-007: ================= START STATUS ================= [ 914.730390][T16263] vivid-007: Generate PTS: true [ 914.747440][T16263] vivid-007: Generate SCR: true [ 914.760800][T16263] tpg source WxH: 640x360 (Y'CbCr) [ 914.775574][T16263] tpg field: 1 [ 914.784608][T16263] tpg crop: (0,0)/640x360 [ 914.789569][T16263] tpg compose: (0,0)/640x360 [ 914.825713][T16263] tpg colorspace: 8 [ 914.829983][T16263] tpg transfer function: 0/0 [ 914.837288][T16263] tpg Y'CbCr encoding: 0/0 [ 914.842252][T16263] tpg quantization: 0/0 [ 914.848148][T16263] tpg RGB range: 0/2 [ 914.853674][T16263] vivid-007: ================== END STATUS ================== [ 915.753998][T16297] Invalid ELF header magic: != ELF [ 916.407596][T16292] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1708'. [ 917.797375][T16331] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1714'. [ 918.408423][T16337] vivid-007: ================= START STATUS ================= [ 918.458446][T16337] vivid-007: Generate PTS: true [ 918.464776][T16337] vivid-007: Generate SCR: true [ 918.509567][T16337] tpg source WxH: 640x360 (Y'CbCr) [ 918.519356][T16337] tpg field: 1 [ 918.524923][T16337] tpg crop: (0,0)/640x360 [ 918.533221][T16337] tpg compose: (0,0)/640x360 [ 918.539966][T16337] tpg colorspace: 8 [ 918.546627][T16337] tpg transfer function: 0/0 [ 918.551793][T16337] tpg Y'CbCr encoding: 0/0 [ 918.571855][T16337] tpg quantization: 0/0 [ 918.579158][T16337] tpg RGB range: 0/2 [ 918.592603][T16337] vivid-007: ================== END STATUS ================== [ 921.599457][T16375] kernel read not supported for file /set_event_notrace_pid (pid: 16375 comm: syz.5.1724) [ 921.612728][ T30] audit: type=1800 audit(6040332054.045:3): pid=16375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1724" name="set_event_notrace_pid" dev="tracefs" ino=7 res=0 errno=0 [ 921.980310][T16394] netlink: 346 bytes leftover after parsing attributes in process `syz.5.1728'. [ 923.070030][T11441] Bluetooth: hci0: Unable to find connection for big 0xd2 [ 923.627249][T16423] Invalid ELF header magic: != ELF syzkaller syzkaller login: [ 926.693489][T16476] vivid-007: ================= START STATUS ================= [ 926.785217][T16476] vivid-007: Generate PTS: true [ 926.820083][T16476] vivid-007: Generate SCR: true [ 926.845527][T16476] tpg source WxH: 640x360 (Y'CbCr) [ 926.885101][T16476] tpg field: 1 [ 926.897238][T16476] tpg crop: (0,0)/640x360 [ 926.901702][T16488] Invalid ELF header magic: != ELF [ 926.903370][T16476] tpg compose: (0,0)/640x360 [ 926.975584][T16476] tpg colorspace: 8 [ 927.065558][T16476] tpg transfer function: 0/0 [ 927.080666][T16476] tpg Y'CbCr encoding: 0/0 [ 927.086952][T16476] tpg quantization: 0/0 [ 927.096521][T16476] tpg RGB range: 0/2 [ 927.102021][T16476] vivid-007: ================== END STATUS ================== [ 931.646593][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.653612][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 934.849405][T16662] Invalid ELF header magic: != ELF [ 935.968138][T16675] vivid-007: ================= START STATUS ================= [ 935.995434][T16675] vivid-007: Generate PTS: true [ 936.007183][T16675] vivid-007: Generate SCR: true [ 936.022759][T16675] tpg source WxH: 640x360 (Y'CbCr) [ 936.032905][T16675] tpg field: 1 [ 936.042996][T16675] tpg crop: (0,0)/640x360 [ 936.073511][T16675] tpg compose: (0,0)/640x360 [ 936.079276][T16675] tpg colorspace: 8 [ 936.085187][T16675] tpg transfer function: 0/0 [ 936.117333][T16675] tpg Y'CbCr encoding: 0/0 [ 936.125485][T16675] tpg quantization: 0/0 [ 936.143613][T16675] tpg RGB range: 0/2 [ 936.150391][T16675] vivid-007: ================== END STATUS ================== [ 939.441341][T16714] Process accounting resumed [ 939.498838][T16714] kernel write not supported for file /status (pid: 16714 comm: syz.5.1777) [ 939.724633][T16725] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1779'. [ 940.082153][T16725] bond0: (slave bond_slave_1): Releasing backup interface [ 940.317642][T16724] kernel write not supported for file /status (pid: 16724 comm: syz.5.1779) [ 940.407176][T16731] vivid-007: ================= START STATUS ================= [ 940.425390][T16731] vivid-007: Generate PTS: true [ 940.430801][T16731] vivid-007: Generate SCR: true [ 940.457299][T16731] tpg source WxH: 640x360 (Y'CbCr) [ 940.485400][T16731] tpg field: 1 [ 940.489125][T16731] tpg crop: (0,0)/640x360 [ 940.515030][T16731] tpg compose: (0,0)/640x360 [ 940.525831][T16731] tpg colorspace: 8 [ 940.531321][T16731] tpg transfer function: 0/0 [ 940.538952][T16731] tpg Y'CbCr encoding: 0/0 [ 940.546610][T16731] tpg quantization: 0/0 [ 940.553162][T16731] tpg RGB range: 0/2 [ 940.558695][T16731] vivid-007: ================== END STATUS ================== [ 940.614760][T16738] netlink: zone id is out of range [ 940.654171][T16738] netlink: zone id is out of range [ 940.684935][T16738] netlink: zone id is out of range [ 940.688549][T16740] netlink: 'syz.4.1781': attribute type 1 has an invalid length. [ 940.709658][T16738] netlink: zone id is out of range [ 940.750676][T16738] netlink: zone id is out of range [ 940.757291][T16738] netlink: zone id is out of range [ 940.830496][T16738] netlink: zone id is out of range [ 940.856105][T16738] netlink: zone id is out of range [ 940.861769][T16738] netlink: zone id is out of range [ 940.878244][T16738] netlink: zone id is out of range [ 941.080938][T16748] FAULT_INJECTION: forcing a failure. [ 941.080938][T16748] name failslab, interval 1, probability 0, space 0, times 0 [ 941.136746][T16748] CPU: 1 UID: 0 PID: 16748 Comm: syz.0.1783 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 941.136833][T16748] Tainted: [U]=USER [ 941.136843][T16748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 941.136858][T16748] Call Trace: [ 941.136867][T16748] [ 941.136878][T16748] dump_stack_lvl+0x16c/0x1f0 [ 941.136919][T16748] should_fail_ex+0x512/0x640 [ 941.136948][T16748] ? __kmalloc_node_noprof+0xc5/0x500 [ 941.136982][T16748] should_failslab+0xc2/0x120 [ 941.137014][T16748] __kmalloc_node_noprof+0xd8/0x500 [ 941.137045][T16748] ? blk_mq_alloc_tag_set+0x51a/0x1250 [ 941.137081][T16748] blk_mq_alloc_tag_set+0x51a/0x1250 [ 941.137122][T16748] loop_add+0x3b7/0xb70 [ 941.137150][T16748] ? do_vfs_ioctl+0x512/0x1990 [ 941.137187][T16748] ? __pfx_loop_add+0x10/0x10 [ 941.137212][T16748] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 941.137278][T16748] ? find_held_lock+0x2b/0x80 [ 941.137310][T16748] loop_control_ioctl+0x13c/0x630 [ 941.137342][T16748] ? __pfx_loop_control_ioctl+0x10/0x10 [ 941.137377][T16748] ? __pfx_loop_control_ioctl+0x10/0x10 [ 941.137410][T16748] __x64_sys_ioctl+0x190/0x200 [ 941.137446][T16748] do_syscall_64+0xcd/0x230 [ 941.137483][T16748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 941.137509][T16748] RIP: 0033:0x7f14e538e169 [ 941.137536][T16748] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 941.137562][T16748] RSP: 002b:00007f14e62b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 941.137587][T16748] RAX: ffffffffffffffda RBX: 00007f14e55b5fa0 RCX: 00007f14e538e169 [ 941.137604][T16748] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000009 [ 941.137620][T16748] RBP: 00007f14e5410a68 R08: 0000000000000000 R09: 0000000000000000 [ 941.137636][T16748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 941.137651][T16748] R13: 0000000000000000 R14: 00007f14e55b5fa0 R15: 00007ffe42c30398 [ 941.137684][T16748] [ 941.152248][T16749] Invalid ELF header magic: != ELF [ 941.310236][ C0] vkms_vblank_simulate: vblank timer overrun [ 943.313507][T16750] kernel write not supported for file /status (pid: 16750 comm: syz.5.1790) [ 945.492338][T16772] kernel write not supported for file /status (pid: 16772 comm: syz.5.1786) [ 946.991649][T16805] kernel write not supported for file /status (pid: 16805 comm: syz.5.1794) [ 947.440223][T16818] Invalid ELF header magic: != ELF [ 947.988528][T16815] net_ratelimit: 19 callbacks suppressed [ 947.988558][T16815] netlink: Conntrack attr type has unexpected length (type=3, length=0, expected=8) [ 948.021023][T16825] kernel write not supported for file /status (pid: 16825 comm: syz.5.1798) [ 948.658757][T16835] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1800'. [ 948.695133][T16835] veth0_macvtap: left promiscuous mode [ 949.049078][T16843] FAULT_INJECTION: forcing a failure. [ 949.049078][T16843] name failslab, interval 1, probability 0, space 0, times 0 [ 949.068515][T16843] CPU: 0 UID: 0 PID: 16843 Comm: syz.3.1803 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 949.068558][T16843] Tainted: [U]=USER [ 949.068567][T16843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 949.068583][T16843] Call Trace: [ 949.068592][T16843] [ 949.068603][T16843] dump_stack_lvl+0x16c/0x1f0 [ 949.068643][T16843] should_fail_ex+0x512/0x640 [ 949.068671][T16843] ? fs_reclaim_acquire+0xae/0x150 [ 949.068711][T16843] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 949.068746][T16843] should_failslab+0xc2/0x120 [ 949.068778][T16843] __kmalloc_noprof+0xd2/0x510 [ 949.068816][T16843] tomoyo_realpath_from_path+0xc2/0x6e0 [ 949.068860][T16843] tomoyo_check_open_permission+0x2ab/0x3c0 [ 949.068893][T16843] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 949.068951][T16843] ? find_held_lock+0x2b/0x80 [ 949.068984][T16843] tomoyo_file_open+0x6b/0x90 [ 949.069012][T16843] security_file_open+0x84/0x1e0 [ 949.069046][T16843] do_dentry_open+0x596/0x1c10 [ 949.069085][T16843] vfs_open+0x82/0x3f0 [ 949.069123][T16843] path_openat+0x1e5e/0x2d40 [ 949.069163][T16843] ? __pfx_path_openat+0x10/0x10 [ 949.069199][T16843] do_filp_open+0x20b/0x470 [ 949.069226][T16843] ? __pfx_do_filp_open+0x10/0x10 [ 949.069278][T16843] ? alloc_fd+0x471/0x7d0 [ 949.069313][T16843] do_sys_openat2+0x11b/0x1d0 [ 949.069346][T16843] ? __pfx_do_sys_openat2+0x10/0x10 [ 949.069393][T16843] __x64_sys_openat+0x174/0x210 [ 949.069433][T16843] ? __pfx___x64_sys_openat+0x10/0x10 [ 949.069473][T16843] ? rcu_is_watching+0x12/0xc0 [ 949.069509][T16843] do_syscall_64+0xcd/0x230 [ 949.069547][T16843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 949.069572][T16843] RIP: 0033:0x7f229718e169 [ 949.069593][T16843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 949.069618][T16843] RSP: 002b:00007f2297ffb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 949.069643][T16843] RAX: ffffffffffffffda RBX: 00007f22973b6080 RCX: 00007f229718e169 [ 949.069661][T16843] RDX: 00000000001c1041 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 949.069676][T16843] RBP: 00007f2297210a68 R08: 0000000000000000 R09: 0000000000000000 [ 949.069692][T16843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 949.069708][T16843] R13: 0000000000000000 R14: 00007f22973b6080 R15: 00007fff521178e8 [ 949.069742][T16843] [ 949.069752][T16843] ERROR: Out of memory at tomoyo_realpath_from_path. [ 949.148892][T16816] kernel write not supported for file /status (pid: 16816 comm: syz.5.1798) [ 949.283455][ C1] vkms_vblank_simulate: vblank timer overrun [ 950.583684][T16850] kernel write not supported for file /status (pid: 16850 comm: syz.5.1806) [ 951.025667][T16874] HfR: entered promiscuous mode [ 951.114230][T16874] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1809'. [ 951.124898][T16874] HfR: left promiscuous mode [ 951.167420][T16876] device-mapper: ioctl: Unable to rename non-existent device,  to [ 951.961951][T16879] kernel write not supported for file /status (pid: 16879 comm: syz.5.1809) [ 952.412786][T16885] vivid-007: ================= START STATUS ================= [ 952.453876][T16885] vivid-007: Generate PTS: true [ 952.473144][T16885] vivid-007: Generate SCR: true [ 952.514353][T16885] tpg source WxH: 640x360 (Y'CbCr) [ 952.524059][T16885] tpg field: 1 [ 952.529057][T16885] tpg crop: (0,0)/640x360 [ 952.544074][T16885] tpg compose: (0,0)/640x360 [ 952.552068][T16885] tpg colorspace: 8 [ 952.567817][T16885] tpg transfer function: 0/0 [ 952.574755][T16885] tpg Y'CbCr encoding: 0/0 [ 952.582432][T16885] tpg quantization: 0/0 [ 952.589015][T16885] tpg RGB range: 0/2 [ 952.595652][T16885] vivid-007: ================== END STATUS ================== [ 952.761878][T16892] kernel write not supported for file /status (pid: 16892 comm: syz.5.1811) [ 953.244241][T16910] kernel write not supported for file /status (pid: 16910 comm: syz.5.1815) [ 953.393198][T16915] kernel write not supported for file /status (pid: 16915 comm: syz.5.1815) [ 953.711186][ T5853] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 953.869704][T16922] kernel write not supported for file /status (pid: 16922 comm: syz.5.1817) [ 954.893949][T16941] kernel write not supported for file /status (pid: 16941 comm: syz.5.1818) [ 955.163213][T16927] kernel write not supported for file /status (pid: 16927 comm: syz.5.1818) [ 955.240969][T16947] netlink: 346 bytes leftover after parsing attributes in process `syz.3.1821'. [ 955.795453][ T5853] Bluetooth: hci1: command 0x040f tx timeout [ 955.808363][T16962] vivid-007: ================= START STATUS ================= [ 955.885531][T16962] vivid-007: Generate PTS: true [ 955.891428][T16962] vivid-007: Generate SCR: true [ 955.897558][T16962] tpg source WxH: 640x360 (Y'CbCr) [ 955.903198][T16962] tpg field: 1 [ 955.907377][T16962] tpg crop: (0,0)/640x360 [ 955.912130][T16962] tpg compose: (0,0)/640x360 [ 955.917532][T16962] tpg colorspace: 8 [ 955.921702][T16962] tpg transfer function: 0/0 [ 955.927114][T16962] tpg Y'CbCr encoding: 0/0 [ 955.931982][T16962] tpg quantization: 0/0 [ 955.936910][T16962] tpg RGB range: 0/2 [ 955.941178][T16962] vivid-007: ================== END STATUS ================== [ 956.172473][T16962] kernel write not supported for file /status (pid: 16962 comm: syz.5.1824) [ 959.128456][T16984] kernel write not supported for file /status (pid: 16984 comm: syz.5.1828) [ 959.966798][T17024] vivid-007: ================= START STATUS ================= [ 959.981946][T17024] vivid-007: Generate PTS: true [ 960.015465][T17024] vivid-007: Generate SCR: true [ 960.030864][T17024] tpg source WxH: 640x360 (Y'CbCr) [ 960.050990][T17024] tpg field: 1 [ 960.054737][T17024] tpg crop: (0,0)/640x360 [ 960.059678][T17024] tpg compose: (0,0)/640x360 [ 960.077926][T17024] tpg colorspace: 8 [ 960.082151][T17024] tpg transfer function: 0/0 [ 960.091471][T17024] tpg Y'CbCr encoding: 0/0 [ 960.097765][T17024] tpg quantization: 0/0 [ 960.102480][T17024] tpg RGB range: 0/2 [ 960.106998][T17024] vivid-007: ================== END STATUS ================== [ 960.163379][T17020] kernel write not supported for file /status (pid: 17020 comm: syz.5.1836) [ 960.405550][T17031] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1838'. [ 960.415812][T17031] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0) [ 960.432164][T17031] bridge0: port 2(bridge_slave_1) entered disabled state [ 960.440101][T17031] bridge0: port 1(bridge_slave_0) entered disabled state [ 960.667408][T17040] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1841'. [ 961.270627][T17038] FAULT_INJECTION: forcing a failure. [ 961.270627][T17038] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 961.303953][T17034] kernel write not supported for file /status (pid: 17034 comm: syz.5.1840) [ 961.349641][T17038] CPU: 1 UID: 0 PID: 17038 Comm: syz.0.1839 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 961.349685][T17038] Tainted: [U]=USER [ 961.349694][T17038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 961.349708][T17038] Call Trace: [ 961.349715][T17038] [ 961.349725][T17038] dump_stack_lvl+0x16c/0x1f0 [ 961.349760][T17038] should_fail_ex+0x512/0x640 [ 961.349788][T17038] should_fail_alloc_page+0xe7/0x130 [ 961.349818][T17038] prepare_alloc_pages+0x3c2/0x610 [ 961.349854][T17038] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 961.349882][T17038] ? stack_trace_save+0x8e/0xc0 [ 961.349904][T17038] ? __pfx_stack_trace_save+0x10/0x10 [ 961.349925][T17038] ? stack_depot_save_flags+0x28/0xa50 [ 961.349949][T17038] ? __kernel_text_address+0xd/0x40 [ 961.349974][T17038] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 961.349996][T17038] ? kasan_save_track+0x14/0x30 [ 961.350018][T17038] ? snd_pcm_attach_substream+0x441/0xd60 [ 961.350042][T17038] ? snd_pcm_oss_open+0x735/0x1400 [ 961.350059][T17038] ? soundcore_open+0x409/0x580 [ 961.350084][T17038] ? chrdev_open+0x231/0x6a0 [ 961.350104][T17038] ? do_dentry_open+0x741/0x1c10 [ 961.350124][T17038] ? vfs_open+0x82/0x3f0 [ 961.350147][T17038] ? path_openat+0x1e5e/0x2d40 [ 961.350165][T17038] ? do_filp_open+0x20b/0x470 [ 961.350195][T17038] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 961.350224][T17038] ? policy_nodemask+0xea/0x4e0 [ 961.350252][T17038] alloc_pages_mpol+0x1fb/0x550 [ 961.350279][T17038] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 961.350316][T17038] alloc_pages_noprof+0x131/0x390 [ 961.350354][T17038] alloc_pages_exact_noprof+0x31/0x90 [ 961.350376][T17038] snd_pcm_attach_substream+0x468/0xd60 [ 961.350409][T17038] snd_pcm_open_substream+0x8d/0x17f0 [ 961.350434][T17038] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 961.350466][T17038] snd_pcm_oss_open+0x735/0x1400 [ 961.350496][T17038] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 961.350524][T17038] ? __lock_acquire+0xaa4/0x1ba0 [ 961.350554][T17038] ? __pfx_default_wake_function+0x10/0x10 [ 961.350580][T17038] ? __lock_acquire+0xaa4/0x1ba0 [ 961.350626][T17038] ? do_raw_spin_lock+0x12c/0x2b0 [ 961.350648][T17038] ? soundcore_open+0x35a/0x580 [ 961.350686][T17038] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 961.350708][T17038] soundcore_open+0x409/0x580 [ 961.350738][T17038] ? __pfx_soundcore_open+0x10/0x10 [ 961.350765][T17038] chrdev_open+0x231/0x6a0 [ 961.350787][T17038] ? __pfx_apparmor_file_open+0x10/0x10 [ 961.350813][T17038] ? __pfx_chrdev_open+0x10/0x10 [ 961.350837][T17038] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 961.350871][T17038] do_dentry_open+0x741/0x1c10 [ 961.350893][T17038] ? __pfx_chrdev_open+0x10/0x10 [ 961.350922][T17038] vfs_open+0x82/0x3f0 [ 961.350951][T17038] path_openat+0x1e5e/0x2d40 [ 961.350983][T17038] ? __pfx_path_openat+0x10/0x10 [ 961.351011][T17038] do_filp_open+0x20b/0x470 [ 961.351032][T17038] ? __pfx_do_filp_open+0x10/0x10 [ 961.351073][T17038] ? alloc_fd+0x471/0x7d0 [ 961.351100][T17038] do_sys_openat2+0x11b/0x1d0 [ 961.351126][T17038] ? __pfx_do_sys_openat2+0x10/0x10 [ 961.351163][T17038] __x64_sys_openat+0x174/0x210 [ 961.351191][T17038] ? __pfx___x64_sys_openat+0x10/0x10 [ 961.351219][T17038] ? rcu_is_watching+0x12/0xc0 [ 961.351247][T17038] do_syscall_64+0xcd/0x230 [ 961.351279][T17038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 961.351300][T17038] RIP: 0033:0x7f14e538e169 [ 961.351320][T17038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 961.351339][T17038] RSP: 002b:00007f14e6296038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 961.351364][T17038] RAX: ffffffffffffffda RBX: 00007f14e55b6080 RCX: 00007f14e538e169 [ 961.351378][T17038] RDX: 0000000000008000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 961.351391][T17038] RBP: 00007f14e5410a68 R08: 0000000000000000 R09: 0000000000000000 [ 961.351404][T17038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 961.351416][T17038] R13: 0000000000000000 R14: 00007f14e55b6080 R15: 00007ffe42c30398 [ 961.351442][T17038] [ 962.259561][T17052] kernel write not supported for file /status (pid: 17052 comm: syz.5.1844) [ 962.446096][T17062] netlink: 342 bytes leftover after parsing attributes in process `syz.5.1845'. [ 962.476412][T17062] zram: Added device: zram1 [ 962.616946][T17056] kernel write not supported for file /status (pid: 17056 comm: syz.5.1845) [ 963.707156][T17082] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 964.138013][T17091] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1849'. [ 965.264258][T17072] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1848'. [ 965.762012][T17069] kernel write not supported for file /status (pid: 17069 comm: syz.5.1848) [ 966.237214][T17116] Invalid ELF header magic: != ELF [ 966.642817][T17124] kernel write not supported for file /status (pid: 17124 comm: syz.5.1854) [ 966.720348][T17116] kernel write not supported for file /status (pid: 17116 comm: syz.5.1854) [ 967.128768][T17137] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 967.413181][ T5853] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 967.669210][T17145] Invalid ELF header magic: != ELF [ 968.312784][T17132] kernel write not supported for file /status (pid: 17132 comm: syz.5.1856) [ 969.541041][T17163] Process accounting paused [ 971.504979][T17204] ubi0: attaching mtd0 [ 971.538058][T17204] ubi0: scanning is finished [ 971.560583][T17204] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 971.598607][T17203] Invalid ELF header magic: != ELF [ 971.857861][T17204] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 972.380154][T17218] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1871'. [ 976.050636][T17272] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1885'. [ 976.152787][T17274] netlink: 354 bytes leftover after parsing attributes in process `syz.4.1885'. [ 976.853474][T17277] CIFS mount error: No usable UNC path provided in device string! [ 976.853474][T17277] [ 976.897271][T17277] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 976.914468][T17281] ptrace attach of "./syz-executor exec"[7377] was attempted by "./syz-executor exec"[17281] [ 980.094540][T17308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1893'. [ 982.301052][T17343] kexec: Could not allocate control_code_buffer [ 983.257374][T17385] vivid-007: ================= START STATUS ================= [ 983.281673][T17385] vivid-007: Generate PTS: true [ 983.305698][T17397] can0: slcan on ttyS2. [ 983.316570][T17385] vivid-007: Generate SCR: true [ 983.321955][T17385] tpg source WxH: 640x360 (Y'CbCr) [ 983.344854][T17385] tpg field: 1 [ 983.370327][T17385] tpg crop: (0,0)/640x360 [ 983.375220][T17385] tpg compose: (0,0)/640x360 [ 983.380791][T17385] tpg colorspace: 8 [ 983.391386][T17385] tpg transfer function: 0/0 [ 983.396654][T17393] can0 (unregistered): slcan off ttyS2. [ 983.412603][T17385] tpg Y'CbCr encoding: 0/0 [ 983.443545][T17385] tpg quantization: 0/0 [ 983.454372][T17385] tpg RGB range: 0/2 [ 983.476638][T17385] vivid-007: ================== END STATUS ================== [ 985.581841][T17446] ptrace attach of "./syz-executor exec"[5837] was attempted by "./syz-executor exec"[17446] [ 985.764740][T17449] vivid-007: ================= START STATUS ================= [ 985.773638][T17449] vivid-007: Generate PTS: true [ 985.781838][T17449] vivid-007: Generate SCR: true [ 985.788699][T17449] tpg source WxH: 640x360 (Y'CbCr) [ 985.804402][T17449] tpg field: 1 [ 985.808745][T17449] tpg crop: (0,0)/640x360 [ 985.813650][T17449] tpg compose: (0,0)/640x360 [ 985.819026][T17449] tpg colorspace: 8 [ 985.833590][T17449] tpg transfer function: 0/0 [ 985.838820][T17449] tpg Y'CbCr encoding: 0/0 [ 985.843856][T17449] tpg quantization: 0/0 [ 985.848950][T17449] tpg RGB range: 0/2 [ 985.853323][T17449] vivid-007: ================== END STATUS ================== [ 985.912079][T17452] FAULT_INJECTION: forcing a failure. [ 985.912079][T17452] name failslab, interval 1, probability 0, space 0, times 0 [ 985.979133][T17452] CPU: 1 UID: 0 PID: 17452 Comm: syz.5.1920 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 985.979179][T17452] Tainted: [U]=USER [ 985.979187][T17452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 985.979203][T17452] Call Trace: [ 985.979212][T17452] [ 985.979223][T17452] dump_stack_lvl+0x16c/0x1f0 [ 985.979263][T17452] should_fail_ex+0x512/0x640 [ 985.979293][T17452] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 985.979327][T17452] should_failslab+0xc2/0x120 [ 985.979359][T17452] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 985.979391][T17452] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 985.979428][T17452] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 985.979467][T17452] idr_get_free+0x528/0xa30 [ 985.979513][T17452] idr_alloc_u32+0x190/0x2f0 [ 985.979549][T17452] ? __pfx_idr_alloc_u32+0x10/0x10 [ 985.979585][T17452] ? __pfx___mutex_lock+0x10/0x10 [ 985.979625][T17452] idr_alloc+0xc0/0x130 [ 985.979655][T17452] ? __pfx_idr_alloc+0x10/0x10 [ 985.979686][T17452] ? __radix_tree_lookup+0x21f/0x2c0 [ 985.979723][T17452] ppp_dev_configure+0x905/0xc80 [ 985.979757][T17452] ppp_ioctl+0x17e0/0x2660 [ 985.979786][T17452] ? find_held_lock+0x2b/0x80 [ 985.979812][T17452] ? __pfx_ppp_ioctl+0x10/0x10 [ 985.979859][T17452] ? __fget_files+0x20e/0x3c0 [ 985.979892][T17452] ? __pfx_ppp_ioctl+0x10/0x10 [ 985.979920][T17452] __x64_sys_ioctl+0x190/0x200 [ 985.979964][T17452] do_syscall_64+0xcd/0x230 [ 985.980003][T17452] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 985.980030][T17452] RIP: 0033:0x7f20e1b8e169 [ 985.980051][T17452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 985.980075][T17452] RSP: 002b:00007f20e2a87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 985.980101][T17452] RAX: ffffffffffffffda RBX: 00007f20e1db5fa0 RCX: 00007f20e1b8e169 [ 985.980121][T17452] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000007 [ 985.980138][T17452] RBP: 00007f20e1c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 985.980154][T17452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 985.980169][T17452] R13: 0000000000000000 R14: 00007f20e1db5fa0 R15: 00007ffcc4e42858 [ 985.980205][T17452] [ 986.230901][ C1] vkms_vblank_simulate: vblank timer overrun [ 986.874076][T17458] netlink: 11 bytes leftover after parsing attributes in process `syz.4.1921'. [ 989.236681][T17523] vivid-007: ================= START STATUS ================= [ 989.294301][T17523] vivid-007: Generate PTS: true [ 989.340836][T17523] vivid-007: Generate SCR: true [ 989.405426][T17523] tpg source WxH: 640x360 (Y'CbCr) [ 989.437324][T17523] tpg field: 1 [ 989.478464][T17523] tpg crop: (0,0)/640x360 [ 989.488669][T17523] tpg compose: (0,0)/640x360 [ 989.493889][T17523] tpg colorspace: 8 [ 989.501844][T17523] tpg transfer function: 0/0 [ 989.508450][T17523] tpg Y'CbCr encoding: 0/0 [ 989.519491][T17523] tpg quantization: 0/0 [ 989.529427][T17523] tpg RGB range: 0/2 [ 989.537303][T17523] vivid-007: ================== END STATUS ================== [ 989.807424][T17520] scsi_dev_info_list_add_str: bad dev info string ')zD 5fk+*X#R84*VsndvqQW}~YrȀ-8VGDƘLB%v†v}Ypq|?O[,! 7xWDr%[}E$3?G9Ff=lrGH;2L<=|8 -c Fո"[v9q4Mmvqk[(iNDСMX PSqqX4X`V!;r֍)y]WzfIH0,v{q8שUܹ䑉m؛HTwCz-nR%2]x05oՕ|3>lS*L/Cdgӑ[C=Cwem)l#' ''S.sHgi-TY%ܹF*8nFTH?i{' '' [ 992.548203][T17550] kexec: Could not allocate control_code_buffer [ 993.083928][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.093765][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.813607][T17594] vivid-009: ================= START STATUS ================= [ 993.822238][T17594] vivid-009: Enable Output Cropping: true grabbed [ 993.864264][T17594] vivid-009: Enable Output Composing: true grabbed [ 993.914028][T17594] vivid-009: Enable Output Scaler: true grabbed [ 993.958728][T17596] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1944'. [ 994.084482][T17594] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 994.148977][T17596] team_slave_0: entered allmulticast mode [ 994.157440][T17594] vivid-009: Transmit Mode: HDMI grabbed [ 994.192834][T17594] vivid-009: Hotplug Present: 0x00000000 [ 994.232255][T17594] vivid-009: RxSense Present: 0x00000000 [ 994.238784][T17594] vivid-009: EDID Present: 0x00000000 [ 994.244929][T17594] vivid-009: ================== END STATUS ================== [ 996.407784][T17620] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1949'. [ 997.413648][ T5853] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 999.887060][T17670] Process accounting resumed [ 999.955818][T17670] kernel write not supported for file /status (pid: 17670 comm: syz.5.1962) [ 1000.804132][T17669] kernel write not supported for file /status (pid: 17669 comm: syz.5.1962) [ 1000.832000][T17684] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1965'. [ 1001.048788][T17696] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1967'. [ 1001.090650][T17696] bridge_slave_1: left allmulticast mode [ 1001.105414][T17696] bridge_slave_1: left promiscuous mode [ 1001.134140][T17696] bridge0: port 2(bridge_slave_1) entered disabled state [ 1001.164617][T17696] bridge_slave_0: left allmulticast mode [ 1001.171005][T17696] bridge_slave_0: left promiscuous mode [ 1001.187907][T17696] bridge0: port 1(bridge_slave_0) entered disabled state [ 1001.935134][T17697] kernel write not supported for file /status (pid: 17697 comm: syz.5.1968) [ 1002.070429][T17708] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1970'. [ 1003.228166][T17725] scsi_dev_info_list_add_str: bad dev info string ')zD 5fk+*X#R84*VsndvqQW}~YrȀ-8VGDƘLB%v†v}Ypq|?O[,! 7xWDr%[}E$3?G9Ff=lrGH;2L<=|8 -c Fո"[v9q4Mmvqk[(iNDСMX PSqqX4X`V!;r֍)y]WzfIH0,v{q8שUܹ䑉m؛HTwCz-nR%2]x05oՕ|3>lS*L/Cdgӑ[C=Cwem)l#' ''S.sHgi-TY%ܹF*8nFTH?i{' '' [ 1003.279770][ C1] vkms_vblank_simulate: vblank timer overrun [ 1003.379507][T17707] kernel write not supported for file /status (pid: 17707 comm: syz.5.1971) [ 1003.629627][T17736] can0: slcan on ttyS2. [ 1003.819952][T17739] can0 (unregistered): slcan off ttyS2. [ 1003.943970][T17736] kernel write not supported for file /status (pid: 17736 comm: syz.5.1976) [ 1004.458600][T17759] kernel write not supported for file /status (pid: 17759 comm: syz.5.1980) [ 1004.576020][T17758] kernel write not supported for file /status (pid: 17758 comm: syz.5.1980) [ 1004.963450][T17769] kernel write not supported for file /status (pid: 17769 comm: syz.5.1982) [ 1006.634149][T17794] kernel write not supported for file /status (pid: 17794 comm: syz.5.1984) [ 1007.066895][T17822] Console: switching to colour VGA+ 80x25 [ 1007.200325][T17815] FAULT_INJECTION: forcing a failure. [ 1007.200325][T17815] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1007.246192][T17815] CPU: 1 UID: 0 PID: 17815 Comm: syz.5.1988 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 1007.246240][T17815] Tainted: [U]=USER [ 1007.246250][T17815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1007.246266][T17815] Call Trace: [ 1007.246276][T17815] [ 1007.246288][T17815] dump_stack_lvl+0x16c/0x1f0 [ 1007.246330][T17815] should_fail_ex+0x512/0x640 [ 1007.246367][T17815] should_fail_alloc_page+0xe7/0x130 [ 1007.246404][T17815] prepare_alloc_pages+0x3c2/0x610 [ 1007.246444][T17815] ? rcu_is_watching+0x12/0xc0 [ 1007.246474][T17815] __alloc_frozen_pages_noprof+0x18f/0x23a0 [ 1007.246513][T17815] ? __lock_acquire+0x5ca/0x1ba0 [ 1007.246550][T17815] ? xas_create+0x1d7/0x1460 [ 1007.246575][T17815] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1007.246607][T17815] ? cgroup_rstat_updated+0x2a/0xb20 [ 1007.246650][T17815] ? __lock_acquire+0x5ca/0x1ba0 [ 1007.246683][T17815] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1007.246721][T17815] ? policy_nodemask+0xea/0x4e0 [ 1007.246754][T17815] alloc_pages_mpol+0x1fb/0x550 [ 1007.246785][T17815] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1007.246819][T17815] ? filemap_get_entry+0x1a7/0x3b0 [ 1007.246859][T17815] folio_alloc_noprof+0x20/0x2d0 [ 1007.246897][T17815] filemap_alloc_folio_noprof+0x3a1/0x470 [ 1007.246929][T17815] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 1007.246960][T17815] ? rcu_is_watching+0x12/0xc0 [ 1007.246993][T17815] __filemap_get_folio+0x5e9/0xc10 [ 1007.247038][T17815] ioctx_alloc+0x761/0x2060 [ 1007.247099][T17815] ? __pfx_ioctx_alloc+0x10/0x10 [ 1007.247135][T17815] ? __might_fault+0x13b/0x190 [ 1007.247180][T17815] __x64_sys_io_setup+0xc9/0x210 [ 1007.247221][T17815] do_syscall_64+0xcd/0x230 [ 1007.247259][T17815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.247285][T17815] RIP: 0033:0x7f20e1b8e169 [ 1007.247306][T17815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1007.247332][T17815] RSP: 002b:00007f20e2a66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 1007.247358][T17815] RAX: ffffffffffffffda RBX: 00007f20e1db6080 RCX: 00007f20e1b8e169 [ 1007.247376][T17815] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 1007.247393][T17815] RBP: 00007f20e1c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 1007.247409][T17815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1007.247425][T17815] R13: 0000000000000000 R14: 00007f20e1db6080 R15: 00007ffcc4e42858 [ 1007.247460][T17815] [ 1007.844657][T17815] ================================================================== [ 1007.844677][T17815] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 1007.844713][T17815] Read of size 10 at addr ffff88807acd3e5a by task syz.5.1988/17815 [ 1007.844736][T17815] [ 1007.844753][T17815] CPU: 1 UID: 0 PID: 17815 Comm: syz.5.1988 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 1007.844800][T17815] Tainted: [U]=USER [ 1007.844810][T17815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1007.844827][T17815] Call Trace: [ 1007.844836][T17815] [ 1007.844847][T17815] dump_stack_lvl+0x116/0x1f0 [ 1007.844885][T17815] print_report+0xc3/0x670 [ 1007.844917][T17815] ? __virt_addr_valid+0x5e/0x590 [ 1007.844950][T17815] ? __phys_addr+0xc6/0x150 [ 1007.844986][T17815] ? fbcon_prepare_logo+0xa03/0xc70 [ 1007.845010][T17815] kasan_report+0xe0/0x110 [ 1007.845041][T17815] ? fbcon_prepare_logo+0xa03/0xc70 [ 1007.845070][T17815] kasan_check_range+0xef/0x1a0 [ 1007.845110][T17815] __asan_memcpy+0x23/0x60 [ 1007.845137][T17815] fbcon_prepare_logo+0xa03/0xc70 [ 1007.845168][T17815] fbcon_init+0xd77/0x1900 [ 1007.845193][T17815] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 1007.845231][T17815] visual_init+0x31d/0x620 [ 1007.845262][T17815] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1007.845305][T17815] store_bind+0x61d/0x760 [ 1007.845338][T17815] ? sysfs_file_kobj+0xe4/0x290 [ 1007.845372][T17815] ? __pfx_store_bind+0x10/0x10 [ 1007.845407][T17815] dev_attr_store+0x55/0x80 [ 1007.845433][T17815] ? __pfx_dev_attr_store+0x10/0x10 [ 1007.845457][T17815] sysfs_kf_write+0xef/0x150 [ 1007.845493][T17815] kernfs_fop_write_iter+0x351/0x510 [ 1007.845525][T17815] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1007.845562][T17815] vfs_write+0x5ba/0x1180 [ 1007.845588][T17815] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1007.845622][T17815] ? __pfx___mutex_lock+0x10/0x10 [ 1007.845657][T17815] ? __pfx_vfs_write+0x10/0x10 [ 1007.845694][T17815] ksys_write+0x12a/0x240 [ 1007.845720][T17815] ? __pfx_ksys_write+0x10/0x10 [ 1007.845745][T17815] ? rcu_is_watching+0x12/0xc0 [ 1007.845781][T17815] do_syscall_64+0xcd/0x230 [ 1007.845820][T17815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.845846][T17815] RIP: 0033:0x7f20e1b8e169 [ 1007.845868][T17815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1007.845895][T17815] RSP: 002b:00007f20e2a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1007.845921][T17815] RAX: ffffffffffffffda RBX: 00007f20e1db6080 RCX: 00007f20e1b8e169 [ 1007.845939][T17815] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1007.845956][T17815] RBP: 00007f20e1c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 1007.845974][T17815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1007.845990][T17815] R13: 0000000000000000 R14: 00007f20e1db6080 R15: 00007ffcc4e42858 [ 1007.846016][T17815] [ 1007.846026][T17815] [ 1007.846033][T17815] Allocated by task 17815: [ 1007.846046][T17815] kasan_save_stack+0x33/0x60 [ 1007.846072][T17815] kasan_save_track+0x14/0x30 [ 1007.846098][T17815] __kasan_kmalloc+0xaa/0xb0 [ 1007.846123][T17815] __kmalloc_noprof+0x223/0x510 [ 1007.846149][T17815] vc_do_resize+0x1de/0x10e0 [ 1007.846181][T17815] fbcon_init+0xd53/0x1900 [ 1007.846203][T17815] visual_init+0x31d/0x620 [ 1007.846232][T17815] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1007.846267][T17815] store_bind+0x61d/0x760 [ 1007.846299][T17815] dev_attr_store+0x55/0x80 [ 1007.846321][T17815] sysfs_kf_write+0xef/0x150 [ 1007.846352][T17815] kernfs_fop_write_iter+0x351/0x510 [ 1007.846380][T17815] vfs_write+0x5ba/0x1180 [ 1007.846400][T17815] ksys_write+0x12a/0x240 [ 1007.846420][T17815] do_syscall_64+0xcd/0x230 [ 1007.846451][T17815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.846472][T17815] [ 1007.846477][T17815] The buggy address belongs to the object at ffff88807acd3e00 [ 1007.846477][T17815] which belongs to the cache kmalloc-64 of size 64 [ 1007.846493][T17815] The buggy address is located 50 bytes to the right of [ 1007.846493][T17815] allocated 40-byte region [ffff88807acd3e00, ffff88807acd3e28) [ 1007.846508][T17815] [ 1007.846512][T17815] The buggy address belongs to the physical page: [ 1007.846518][T17815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7acd3 [ 1007.846532][T17815] anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 1007.846544][T17815] page_type: f5(slab) [ 1007.846557][T17815] raw: 00fff00000000000 ffff88801b4418c0 ffffea0000b9f240 dead000000000005 [ 1007.846570][T17815] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 1007.846579][T17815] page dumped because: kasan: bad access detected [ 1007.846586][T17815] page_owner tracks the page as allocated [ 1007.846591][T17815] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5839, tgid 5839 (syz-executor), ts 76637076689, free_ts 76316092384 [ 1007.846615][T17815] post_alloc_hook+0x181/0x1b0 [ 1007.846629][T17815] get_page_from_freelist+0x135c/0x3920 [ 1007.846643][T17815] __alloc_frozen_pages_noprof+0x263/0x23a0 [ 1007.846658][T17815] alloc_pages_mpol+0x1fb/0x550 [ 1007.846675][T17815] new_slab+0x244/0x340 [ 1007.846687][T17815] ___slab_alloc+0xd9c/0x1940 [ 1007.846699][T17815] __slab_alloc.constprop.0+0x56/0xb0 [ 1007.846711][T17815] __kmalloc_cache_noprof+0xfb/0x3e0 [ 1007.846724][T17815] ipv6_add_dev+0x652/0x15f0 [ 1007.846739][T17815] addrconf_notify+0x53e/0x19e0 [ 1007.846756][T17815] notifier_call_chain+0xb9/0x410 [ 1007.846772][T17815] call_netdevice_notifiers_info+0xbe/0x140 [ 1007.846795][T17815] register_netdevice+0x182e/0x2270 [ 1007.846814][T17815] veth_newlink+0x30f/0xa00 [ 1007.846828][T17815] rtnl_newlink+0xc42/0x2000 [ 1007.846845][T17815] rtnetlink_rcv_msg+0x95b/0xe90 [ 1007.846862][T17815] page last free pid 5869 tgid 5869 stack trace: [ 1007.846870][T17815] __free_frozen_pages+0x69d/0xff0 [ 1007.846883][T17815] __put_partials+0x16d/0x1c0 [ 1007.846895][T17815] qlist_free_all+0x4e/0x120 [ 1007.846908][T17815] kasan_quarantine_reduce+0x195/0x1e0 [ 1007.846922][T17815] __kasan_slab_alloc+0x69/0x90 [ 1007.846938][T17815] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 1007.846952][T17815] getname_flags.part.0+0x4c/0x550 [ 1007.846969][T17815] getname_flags+0x93/0xf0 [ 1007.846980][T17815] do_sys_openat2+0xb8/0x1d0 [ 1007.846997][T17815] __x64_sys_openat+0x174/0x210 [ 1007.847014][T17815] do_syscall_64+0xcd/0x230 [ 1007.847034][T17815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.847047][T17815] [ 1007.847050][T17815] Memory state around the buggy address: [ 1007.847057][T17815] ffff88807acd3d00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 1007.847067][T17815] ffff88807acd3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 1007.847077][T17815] >ffff88807acd3e00: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 1007.847085][T17815] ^ [ 1007.847092][T17815] ffff88807acd3e80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 1007.847102][T17815] ffff88807acd3f00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 1007.847110][T17815] ================================================================== [ 1007.864901][T17815] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1007.864926][T17815] CPU: 1 UID: 0 PID: 17815 Comm: syz.5.1988 Tainted: G U 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) [ 1007.864968][T17815] Tainted: [U]=USER [ 1007.864979][T17815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 [ 1007.864995][T17815] Call Trace: [ 1007.865004][T17815] [ 1007.865015][T17815] dump_stack_lvl+0x3d/0x1f0 [ 1007.865056][T17815] panic+0x71c/0x800 [ 1007.865093][T17815] ? __pfx_panic+0x10/0x10 [ 1007.865129][T17815] ? irqentry_exit+0x3b/0x90 [ 1007.865163][T17815] ? lockdep_hardirqs_on+0x7c/0x110 [ 1007.865198][T17815] ? preempt_schedule_thunk+0x16/0x30 [ 1007.865225][T17815] ? fbcon_prepare_logo+0xa03/0xc70 [ 1007.865251][T17815] ? preempt_schedule_common+0x44/0xc0 [ 1007.865287][T17815] ? fbcon_prepare_logo+0xa03/0xc70 [ 1007.865314][T17815] check_panic_on_warn+0xab/0xb0 [ 1007.865351][T17815] end_report+0x107/0x170 [ 1007.865384][T17815] kasan_report+0xee/0x110 [ 1007.865417][T17815] ? fbcon_prepare_logo+0xa03/0xc70 [ 1007.865447][T17815] kasan_check_range+0xef/0x1a0 [ 1007.865483][T17815] __asan_memcpy+0x23/0x60 [ 1007.865509][T17815] fbcon_prepare_logo+0xa03/0xc70 [ 1007.865541][T17815] fbcon_init+0xd77/0x1900 [ 1007.865566][T17815] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 1007.865604][T17815] visual_init+0x31d/0x620 [ 1007.865638][T17815] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 1007.865680][T17815] store_bind+0x61d/0x760 [ 1007.865718][T17815] ? sysfs_file_kobj+0xe4/0x290 [ 1007.865753][T17815] ? __pfx_store_bind+0x10/0x10 [ 1007.865796][T17815] dev_attr_store+0x55/0x80 [ 1007.865822][T17815] ? __pfx_dev_attr_store+0x10/0x10 [ 1007.865848][T17815] sysfs_kf_write+0xef/0x150 [ 1007.865886][T17815] kernfs_fop_write_iter+0x351/0x510 [ 1007.865918][T17815] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1007.865953][T17815] vfs_write+0x5ba/0x1180 [ 1007.865978][T17815] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1007.866012][T17815] ? __pfx___mutex_lock+0x10/0x10 [ 1007.866047][T17815] ? __pfx_vfs_write+0x10/0x10 [ 1007.866084][T17815] ksys_write+0x12a/0x240 [ 1007.866111][T17815] ? __pfx_ksys_write+0x10/0x10 [ 1007.866137][T17815] ? rcu_is_watching+0x12/0xc0 [ 1007.866169][T17815] do_syscall_64+0xcd/0x230 [ 1007.866205][T17815] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.866230][T17815] RIP: 0033:0x7f20e1b8e169 [ 1007.866252][T17815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1007.866277][T17815] RSP: 002b:00007f20e2a66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1007.866303][T17815] RAX: ffffffffffffffda RBX: 00007f20e1db6080 RCX: 00007f20e1b8e169 [ 1007.866322][T17815] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1007.866338][T17815] RBP: 00007f20e1c10a68 R08: 0000000000000000 R09: 0000000000000000 [ 1007.866356][T17815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1007.866373][T17815] R13: 0000000000000000 R14: 00007f20e1db6080 R15: 00007ffcc4e42858 [ 1007.866399][T17815] [ 1007.866637][T17815] Kernel Offset: disabled