last executing test programs: 9.799328608s ago: executing program 2 (id=746): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4000840}, 0x2000c840) sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x34000}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x3f3) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) getsockopt$auto(0x4, 0x6, 0x17, 0xfffffffffffffffc, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0) sendfile$auto(r2, 0x3, 0x0, 0x7) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) sendfile$auto(0x3, 0xffffffffffffffff, 0x0, 0x400000000006) open(0x0, 0x1e1401, 0xe5) mmap$auto(0x0, 0xda32, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0xd840) clock_nanosleep$auto(0x9, 0x0, 0x0, 0xffffffffffffffff) tkill$auto(0x0, 0x7) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'veth1_to_batadv\x00'}) write$auto(0x3, 0x0, 0x100082) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) 7.375828252s ago: executing program 0 (id=750): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)="58fcb282bcbc38bfaef257e019406ea6c445cd4f7f7662ac0f8834baa918d5b3cea133243c4f2b9a39e536b67f5a1a2bfdf589da2b1c980e1ce53883444996d1721d7f3ae627c6c604000000000000007910fbc02d899ab93d002d849884a5377ff11be2ed012110f2f520") r1 = socket(0x10, 0x2, 0x4) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ip6gre0/power/control\x00', 0x10b142, 0x0) r3 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0xc, 0x3, 0x0, 0x0, 0x2) socket(0x3, 0x3, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r5, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r5, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9 \xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) r6 = socket(0x15, 0x5, 0x0) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r6) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r7, 0x5, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_RX_BUF_LEN={0x8, 0xa, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80080) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x0) getsockopt$auto(r6, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) sendfile$auto(r2, r2, 0x0, 0x1000200) 6.184233801s ago: executing program 3 (id=751): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r2, 0x0, 0x20000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) socket(0x1a, 0x4, 0x6) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000e00)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742", 0xc33) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28003) mmap$auto(0x0, 0x2060009, 0x3, 0xeb2, r0, 0x8000) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) io_uring_setup$auto(0x7ff, &(0x7f0000000080)={0x7efffffc, 0x8, 0x3002, 0x7, 0x7, 0x4006, 0xffffffffffffffff, [0x0, 0x0, 0x4000000], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x69cb, 0x6, 0x3}, {0x5, 0x8001, 0x2052, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card0\x00', 0x440, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) pkey_mprotect$auto(0x6, 0x8001, 0x8, 0x2) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 6.180014619s ago: executing program 1 (id=760): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x2100, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, 0x0) r0 = prctl$auto(0x1, 0x5, 0x0, 0x51, 0xf2a3) madvise$auto(0x400000080005, 0xffffffffffff0205, 0x6) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r1, 0x400454a4, 0x0) ioctl$auto_BCH_IOCTL_DEV_USAGE_V2(r0, 0xc020bc12, &(0x7f0000000180)={0x87, 0x7, 0x9, 0x4, '\x00', 0x649, 0x4675be1e, [{0x8, 0x0, 0x8000000000000000}, {0xffff, 0xd9, 0x1ff}, {0xffffffffffffffff, 0x101, 0x8}]}) r2 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000000), 0x20140, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm0p/oss\x00', 0x101000, 0x0) r4 = getpgrp(0x0) bpf$auto_BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)=@task_fd_query={r4, r2, 0x81, 0x220, 0x2, 0x4, r3, 0x7, 0x2}, 0x9) pread64$auto(r3, 0x0, 0x8, 0x8000) ioctl$auto_IOCTL_STOP_ACCEL_DEV(r2, 0x40096101, &(0x7f0000000240)={@padding, 0xfe}) fstat$auto(r2, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f0000000080)="cd37011072215b75d2329f987080bfb7") socket(0xa, 0x1, 0x100) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r6, 0x0, 0x4d) 6.053640292s ago: executing program 2 (id=752): mmap$auto(0x9, 0x2000810004, 0xffb, 0x8008000000208015, 0x3, 0x8000) r0 = socket(0x15, 0x5, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000c80), r1) sendmsg$auto_OVS_FLOW_CMD_SET(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f00000004c0)=ANY=[@ANYRES8=r2, @ANYRES16=r2, @ANYRESOCT=r0, @ANYRES32=0x0, @ANYRES8=r2, @ANYRES32=r0, @ANYBLOB="4800ce0026c0275a97a5314c2fdbc76c69e0d2c4a215134a9ca5271d711ede53ec553bdf42b4d27e2b58ab8b56609d6c0f967393d89081dc3fbf18d8cce90cebc375ccc5ebe013bf04001b80cceb1f7dc504f6035033ed72b0f981a47e838c2cf79087b74e0ff89f4b69af4c7f0d8af32a8bd47133830f89373cdf2ec0600c2d5ae732bc3da4bce238dc979f1e80273ae0ad03cf7db99035438a50fd664be510d8012a62b1a5c0786792e75b838ff5a2f9fa5566083f2ec9e82762f67e7ea121b6d0a548d1791bdaba13ddc365d7d4a5181d177fd7de4bcfe6ed23f20c9134ed898f8efb73807bc4f4e18b0404000000e6e440b8a6cdc758b62885c0459d4a2656e25b6ad7b619294fe9181e2c3d52715518ad1f0bbec54dbe7b864520aab65f2b4c46841bdee2a2dd148fe9b53572100ee24abe6bc281cfe3e6fa655f57f2141913548ff63a83bc823925b2638d4eca435d60550e30cc313b0757b7e26332f812002dfb0fbcba8100b2df30a70da382fd9b8108bac666c8be85557f0fd0d9e4ac4c60a60bf2154dd7e49aec62fa1dd6a3a6d8735b8ec52c2abead6027274b55531c00d380040045800400078004003b800400178008004500e00000020c000d00f9ffffffffffffff0018002b80140058800c00310001f0ffffffffffff04001880fc914ef75cc85461cc1f656c93d6593b209584ad487b66f47725199ef184f9f00a66aaa616459ce000"/538], 0x34c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyc5\x00', 0x44280, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/mm/transparent_hugepage/hugepages-512kB/stats/split_deferred\x00', 0x80404, 0x0) read$auto(r3, &(0x7f0000000200)='/sys/devices/platform/vhci_hcd.8/usb26/descriptors\x00U\x06\x95:W\x80\xf8\xb3l\xd8\xbf*\xf9\xc3\x12\xd9\x17\xbb\xa1#\xa4b=\xf4\x01=\\\xb2\xe6\xea;\xf5\xbd\x93A\xe7\xb1\x85T\xc3;Kut\b\xab\xad\xa9\x1e\x88}\xf6\xd3\x15\xb6h\x1c\xe4;\xb8\xefC\xca,\xd6\x05\x94\x8aO2\xe0\xe4\xf2\xf9&\x01P\xab)1\x86\x83P\nc\'\xa5\xdds\xddn\xbdN\x03\xfdPi\xbeR\xfe0;\x90\xe2\xc7\x84\xd8#\x83\xaa\xf4\x98e\xbaDj\xe9\xf3\xe6v\xff\\\x88d~\x9a\xab:\xa0\x1d\x9aF\xb4\x87\xadCi\xc7', 0x4000000000009) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x1000002, 0x3, 0x1000, 0x9b72, 0x2, 0x0) socket(0x2b, 0x5, 0x1) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x4, 0x3, 0x3, 0x62, 0x8000001e, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0) mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r5 = socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(r5, 0x10000000084, 0x19, 0x0, 0x8) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/vhci_hcd.14/usb38/bmAttributes\x00', 0x119882, 0x0) sendfile$auto(r6, r6, 0x0, 0x8) 5.050552449s ago: executing program 0 (id=753): futex$auto(&(0x7f00000000c0)=0x1, 0x8c, 0x1, 0x0, 0x0, 0x1) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000300)="e3466055fec4a3c2fbc89686e869c201ff") ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x100, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000480)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB="bbe71000", @ANYRES16=0x0, @ANYBLOB="120028bd7000fedbdf2502000000080001000600000008000300ffffff7f0d0004002f6465762f6b766d00000000080001000000008008000200050000006a0004002e2e006bac8c1d0e9880d2afa1f21ee15231a28ecea01708493327c57477d71da6f4232bfad701b96a3c0bf4370aa7d28b11653c2ffd9be49947ea539aad75283a943aaf06633d333e31b3fd6404a920317197c42ca95ec1b6a1710fd10133876cb91e0590a20000"], 0xb0}, 0x1, 0x0, 0x0, 0x20008000}, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x80, 0x80000001, 0x4000000000db, 0xeb1, r3, 0x8001) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r4) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) r5 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r5, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000280)={{0x3, 0x10000, 0x0, 0x1, 0x4}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 4.960176906s ago: executing program 1 (id=754): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r0 = socket(0xf, 0xa, 0xf) setsockopt$auto(r0, 0x1, 0xc, 0x0, 0x7fffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000080), r2) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r2, 0x0, 0xc000) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(r2, 0x57, r1) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) ioctl$auto_SIOCGIFHWADDR2(r2, 0x8927, &(0x7f00000001c0)="f7ab310f77ea24eb0255cb3f87260a21fa8aed171088e0912126accb7abe04f0b7182712cb378b") execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189082, 0x0) mmap$auto(0x1000000400000000, 0xa, 0xdb, 0x18, 0x5, 0x7ff9) sysfs$auto(0x2, 0x2, 0x0) ioctl$auto_PPPIOCSPASS(r3, 0x40107447, 0x0) getsockopt$auto_SO_REUSEADDR(r0, 0x7fffffff, 0x2, &(0x7f0000000040)='.\x00', &(0x7f0000000200)=0x2) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000580), 0x2400, 0x0) 4.59900257s ago: executing program 2 (id=756): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x40, 0x0) r0 = socketcall$auto_SYS_SOCKET(0x1, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000040)={0x6, 0x57, 0x6, 0x1, 0x4, "bcbf2363c7b4fd5f03341b37"}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) lstat$auto(0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000100), r0) sendmsg$auto_OVS_VPORT_CMD_SET(r2, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r3, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@OVS_VPORT_ATTR_UPCALL_PID={0x15, 0x5, "9282ad038ec005333caecd511e21638e75"}]}, 0x2c}, 0x1, 0x0, 0x0, 0x604c044}, 0x810) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r5) 3.732822577s ago: executing program 1 (id=757): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) userfaultfd$auto(0x1) ppoll$auto(&(0x7f0000000140)={0xffffffffffffffff, 0x8, 0x1}, 0x7f, 0x0, &(0x7f00000001c0)={0x3}, 0x8) mmap$auto(0x4, 0x2020009, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x4000000) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, 0x0, 0x20008000) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027bd"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x10, 0x0, 0x3000000, 0x9}, 0x7}, 0x3, 0xe) read$auto(0x3, 0x0, 0x80) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x189c00, 0x0) 3.577656167s ago: executing program 3 (id=758): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8a080, 0x0) poll$auto(0x0, 0x5, 0xfffffffe) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3a) r0 = epoll_create$auto(0x2) epoll_pwait2$auto(r0, 0x0, 0x8, 0x0, 0x0, 0x8) sysfs$auto(0x2, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r1, 0x0) r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) ioctl$auto_UBI_IOCATT(r2, 0x40186f40, 0x0) 2.923528598s ago: executing program 2 (id=759): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cpu.pressure\x00', 0x183142, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) mkdir$auto(&(0x7f00000001c0)='}[,&*}\x00', 0xc001) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0) mount$auto(0x0, &(0x7f0000000240)='}[,&*}\x00', 0x0, 0x100000044000, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0xecb02, 0x0) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x11, 0x40, 0x8000000000000000, 0x0) sendmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x10000000008}, 0x106, 0x0, 0x1, 0x3}, 0x3}, 0x9ae, 0x100) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r1, 0x0, 0x1f41) socket(0xb, 0x4, 0xf8) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x4}, 0x4) getpgid$auto(0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r3, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f2058c3b43dd46344b92e000a029e6daf42c4d12e3a470487eb5cca6e2014b87e5a5aee1c6b9485472d18aaea4ebefe77c6901cd52e303083d6b2e47f4be756fb4dd02acd4938e6ae5f7178623b3b4bad0a83c2c511fd4a9e1da40efff3ca03326278860a6c507e50717f0ea9288daa0a33748cdaa74ec20f7b5671ab50d2a0ea649b9c1b258fa833e808ce0f0fb537e75e9e4c8e1b5c7fe8ca456e6c32fdb86b88c0bc30e44c5ec22634cf5b6b78574a5aae4cfd5b011095e2ea022a2fd15495319ddfad5b3fdabcf012d8f182af76c9ea3b083b66fb34b0ba87957fcd34cb0a55478bfb857bb79b52ec8cf52fcdaf09a20b743b765310cb24d4b05e55790ebbc410cc1342c3dc27facd2ae8c2ea0916bbe0e1372c09f2b98d486294c1ad0776828ec7feebdd969af66b82f708494c4abd5841d70a71ed0c6c7eef68559527ea4c43fe26e8889f9410cda85b13dc02bd03692198ce526997cb45b322a6354d58344e94944f9fa25950ae239c17b75d313f75405c012d959eeb2991130ec84e703193d749671264f3aafd55cfcfb2f5762979724318d6f1ed0b5e570d0b050ed9282a71de1533cb642ea831444a4bb7668745bf9814a180b18835e7c61d907e4321c25b5400be50d0117537ca13190ffde1bb077eb0cd74f6163abcb87a2b1e261b2c2084224d743b27b67f404b3b2d66a9c12892fb6894cd87c018e4018cfe5cb05b6114b90fb7faff3e591e4f60803318cc54783f9c1473276b33f59a3e545340299036ce3eefeb5775b4ddc00759012e5a408ea73b702c05c102740c6ba5b140a89cef6a7e9591c9afca16e478698cd9a3b4d103a553a194cc30e498b14c2315c61e5e6c329722c5cb50b6c114e4901c067ccfdb54268eb51b1d43b0cf36b78c2e91abf18675c3b69614e0d10c3f15014d69067a97953ba58e7da1b625ae43465346bb7cff85515f83c1934956b2195cebef82db5fd2e9083da8240e4d7d1ade0d4f2be992f2f23197df1054c89bb1b7ad9c03a3c3cecb278221889cb30374987dd72d0d58015dfee54acb6db2127dc467ba3ce0a2353e809622b23d03a6b52666f10cde5a2abb02571b845d58d6590afc59bd16caa59ae4026888efa3f6b1d0f879afb71a580486005db5a411073f8f4964f73103efa972ecf481118b12ae48ba55c50a5fd7c31991b73242bb7448bcb4e412427a4ab9657a0e1f8ff3332e9da5b6f695dfcc4e6fbeb5f2cea1c70703f7fe4b685feb246b27601163c98a661ee30467ac71ee1df93812258dfd19f30fcd059c1cde93e142a6fe6976f9f78b580073528e1a2ca6084eea907db9e3b1ac68eb150ee596519613a667c897afe767f17f3f227db922972bd9bfdc6b7ebd8f1e6a51587e31dd1bc3abeed8a338cc458ff7031507b678c97d51f03b92292ded0ac1f004fe460cbc56f355d17c8b3aa73645d06fac0664e6b2da6dfdf56a2efbe5fe06ae5f0bb3f1e91e3914dc9cf71b66515a7b669bb60f1ccc7ca1ffa1d76dd8762a7d2c106f3f42b8d7e1c337236bafcd8744a53f175ff22d3fbc3ff2bb70714c512d9e2c5f833276b8be411724a41dc99e21fa744af8be985d800f274cfbf11df693aa52f4b9a2b3503123f50830942dcd8a574b439a1f052019bdcab9c15e72aba31d9ef3dffcad1e9033ae5a9babbc6f1ab1705c910dbce3e1e086d02e0cd276f7e2bbc07239328242c9dcf978cbc65848a5075b1de6ca677bad27cbede3c05a93480b6f3eb46f8a8e12230aeb21ca5cd7ce42e8732fa37dfb17b83a19af95729bab425c07461e0816e9d5708034c63def894fa6907de93dac8395e82597b9213041950ea18ed7e8ba7b0f493b4b11e798a0513d4ad1f97301af8d53a5b86af41d4932c23830a5682fa5743955450683827e8a0e558a0e268af340fc8a26ecae297ae3c0ad82a46b4363f51822627d2aab585a2fb69fb6d411949a2221fddadf68c694594c6147880176c1f84474a0d510ebafd8f41658586139628551948b5ed07901bd308ea017ac2b6c137417247c0a7ae0b785962ef0d9057b6b0f80beffea656bd5d69f2d4bd6150e2375e5036756c4302a7e282c00240ad1dff076162eb833ca72837df82d31061346aff14b6dcb826605a850d9fc87a80632d8f1bde73b6baf858e71981976f2a3113a8d01248cc8514aaaf1d79cc1f99a81d86c4ad42286dae6ba36e4b2d45b6afcd9a5d6db9fe9642d3a7a4eb35439389f68a69c6a66ca7d6d00f5c0d1163a7cd3e39dbc7ffcd4c2fb3f8921e0fb59d3624417360a82c98a466548e0dfa2152ee833d0f65b5b2fdeca7287efa260ad91f0fe21682b8ab70c4b19d5d9cbb0ad8cb68973585646047da47518dde987a24e2fd0bb9e1d02215bee1bacee391b995cce351f1ccf04109160b05dce5d569ee7dc84c068521b37", 0xace) timer_create$auto(0x3, 0x0, &(0x7f0000000140)=0x6) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/112, 0x70) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyde\x00', 0x1a9d02, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) bpf$auto_BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000040)=@bpf_attr_5={@target_fd=r2, 0xffffffffffffffff, 0x5, 0x10, r4, @relative_fd=r1, 0x4}, 0x13) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x6a742, 0x0) open(0x0, 0xeee00, 0x31) 2.682329043s ago: executing program 1 (id=761): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)="58fcb282bcbc38bfaef257e019406ea6c445cd4f7f7662ac0f8834baa918d5b3cea133243c4f2b9a39e536b67f5a1a2bfdf589da2b1c980e1ce53883444996d1721d7f3ae627c6c604000000000000007910fbc02d899ab93d002d849884a5377ff11be2ed012110f2f520") r1 = socket(0x10, 0x2, 0x4) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ip6gre0/power/control\x00', 0x10b142, 0x0) r3 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0xc, 0x3, 0x0, 0x0, 0x2) socket(0x3, 0x3, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x5e, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r4, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r4, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9 \xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) r5 = socket(0x15, 0x5, 0x0) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r5) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r6, 0x5, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_RX_BUF_LEN={0x8, 0xa, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80080) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x0) getsockopt$auto(r5, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) sendfile$auto(r2, r2, 0x0, 0x1000200) 2.681439714s ago: executing program 2 (id=762): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)="58fcb282bcbc38bfaef257e019406ea6c445cd4f7f7662ac0f8834baa918d5b3cea133243c4f2b9a39e536b67f5a1a2bfdf589da2b1c980e1ce53883444996d1721d7f3ae627c6c604000000000000007910fbc02d899ab93d002d849884a5377ff11be2ed012110f2f520") r1 = socket(0x10, 0x2, 0x4) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ip6gre0/power/control\x00', 0x10b142, 0x0) r3 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0xc, 0x3, 0x0, 0x0, 0x2) socket(0x3, 0x3, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r5, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r5, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9 \xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) r6 = socket(0x15, 0x5, 0x0) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r6) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r7, 0x5, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_RX_BUF_LEN={0x8, 0xa, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80080) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x0) getsockopt$auto(r6, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) sendfile$auto(r2, r2, 0x0, 0x1000200) 2.536786193s ago: executing program 3 (id=763): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x480101, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000240)={0x3, 0x81, 0x5b, 0x4, &(0x7f0000000280)="df8ffd0e0fe88b8c8b1cdc85c62b43d253524cdfa6c75162a8ee185e84dde7237c7a12f5eeb1c1f78079f434e99d1b1eddf7323094b7b1c9dd89d18d010100006d91af1b8105cac351711eede10da21a283278dedcb8791f6aa19b1616432b108497d10d020df54c4bce9a1e6f60c676ca7ee9e63d39a40ba03d276c1bd949be8110f55f285e123ed5dc228c1589ba96696277c5be7583603887fa2c28a236025d24368666a4e91cb309ecf663c8c090255f934ab663ce487ef449045d7b44e6db8d4abf", 0x9, 0xeb90, 0x2, @stream_id=0x100, 0x7, 0x476, 0x0}) 1.623879803s ago: executing program 0 (id=764): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x2100, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, 0x0) r0 = prctl$auto(0x1, 0x5, 0x0, 0x51, 0xf2a3) madvise$auto(0x400000080005, 0xffffffffffff0205, 0x6) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r1, 0x400454a4, 0x0) ioctl$auto_BCH_IOCTL_DEV_USAGE_V2(r0, 0xc020bc12, &(0x7f0000000180)={0x87, 0x7, 0x9, 0x4, '\x00', 0x649, 0x4675be1e, [{0x8, 0x0, 0x8000000000000000}, {0xffff, 0xd9, 0x1ff}, {0xffffffffffffffff, 0x101, 0x8}]}) r2 = openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000000), 0x20140, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm0p/oss\x00', 0x101000, 0x0) r4 = getpgrp(0x0) bpf$auto_BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)=@task_fd_query={r4, r2, 0x81, 0x220, 0x2, 0x4, r3, 0x7, 0x2}, 0x9) pread64$auto(r3, 0x0, 0x8, 0x8000) ioctl$auto_IOCTL_STOP_ACCEL_DEV(r2, 0x40096101, &(0x7f0000000240)={@padding, 0xfe}) fstat$auto(r2, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f0000000080)="cd37011072215b75d2329f987080bfb7") socket(0xa, 0x1, 0x100) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x2, 0x8000) r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mtd\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r6, 0x0, 0x4d) 1.415357932s ago: executing program 3 (id=765): r0 = socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x55) setsockopt$auto(r0, 0x6, 0x100d, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) mmap$auto(0x1, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="0a00006784a2404cdd426cde20be52637ded", @ANYRES16=r2, @ANYBLOB="d3c809000000fedbdf25020000000400020008000100f8ffffff"], 0x20}}, 0x8080) prctl$auto(0x10000000017, 0x28, 0x4, 0x8000000156, 0x0) madvise$auto(0x10020200000000, 0x7fffffffffffffff, 0xa) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0) write$auto_drm_edid_fops_drm_debugfs(r4, &(0x7f0000000580), 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003040), r3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) prctl$auto(0x801, 0x1, 0x0, 0x3, 0xfffffffffffffffb) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NETDEV_CMD_QSTATS_GET(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010327bd7000fedbdf250c00000008000100", @ANYRES32=r5, @ANYBLOB="bf2adbb00c081e97e7f08f619895d8289b71db7c8b742fa16d7b240a316a42834fc5609fba71f938eef6be96437818050236914f325e67df7e47ced2510ff66d5d00ab15c5c16e09655265f9e581b13c2f7396ecb3c7bf3700a1139098b6e3da095af8d2f7b3d7f45a9365e438da0739d5cee110738ff3ec9d355a99dd9edcc724955e0ca4d2fc155b8c8dff2a56bf0fe082c4c583edee8eb5890ce165602470ca0215921cc03800d1c4a654283836cfc8", @ANYRES32=r5, @ANYBLOB], 0x24}, 0x1, 0x1c00, 0x0, 0x20004000}, 0x8000) socket(0x22, 0x2, 0x2) setsockopt$auto(0x7, 0x114, 0x3, 0xffffffffffffffff, 0xa0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0xe8) 1.075181491s ago: executing program 1 (id=766): setsockopt$auto(0xffffffffffffffff, 0x107, 0xe, 0x0, 0x4) (async) setsockopt$auto(0xffffffffffffffff, 0x107, 0xe, 0x0, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:01.0/remove\x00', 0xb01, 0x0) (async) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:01.0/remove\x00', 0xb01, 0x0) write$auto(r0, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x9) (async) write$auto(r0, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x2, 0x2, 0x1) (async) socket(0x2, 0x2, 0x1) io_uring_setup$auto(0x6, 0x0) write$auto(0x3, 0x0, 0xfdef) socket(0x10, 0x2, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x400000b4, 0x400, 0x9}]}) open(0x0, 0xeee00, 0x31) (async) open(0x0, 0xeee00, 0x31) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0xa) (async) mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0xa) open(0x0, 0x1e1401, 0xe5) rt_sigtimedwait$auto(0x0, 0x0, 0x0, 0x8) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0xc, 0xbc5, 0x13, 0x3, 0x8000) (async) mmap$auto(0x0, 0xc, 0xbc5, 0x13, 0x3, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) clone$auto(0x4, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x100000000006) writev$auto(0x1, 0x0, 0x1) socket(0x5, 0x2, 0x73) 628.64191ms ago: executing program 3 (id=767): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x480101, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r0, 0x8000) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000240)={0x3, 0x81, 0x5b, 0x4, &(0x7f0000000280)="df8ffd0e0fe88b8c8b1cdc85c62b43d253524cdfa6c75162a8ee185e84dde7237c7a12f5eeb1c1f78079f434e99d1b1eddf7323094b7b1c9dd89d18d010100006d91af1b8105cac351711eede10da21a283278dedcb8791f6aa19b1616432b108497d10d020df54c4bce9a1e6f60c676ca7ee9e63d39a40ba03d276c1bd949be8110f55f285e123ed5dc228c1589ba96696277c5be7583603887fa2c28a236025d24368666a4e91cb309ecf663c8c090255f934ab663ce487ef449045d7b44e6db8d4abf", 0x9, 0xeb90, 0x2, @stream_id=0x100, 0x7, 0x476, 0x0}) 448.399685ms ago: executing program 0 (id=768): mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd13/queue/rotational\x00', 0x10b142, 0x0) capset$auto(0x0, 0x0) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x541b, 0x10000000000402) socket(0xa, 0x1, 0x100) ioctl$auto_USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522, 0x0) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc4201, 0x0) pread64$auto(r0, &(0x7f00000001c0)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9eK\xec\x9e{W\xed:\xe7l\xcb\x90\\/\x84\x99!}x\xd4\xa5D\xfa\xe5\xf9od^\xa6\x80\x00\x00', 0x7fb, 0x1000000404) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x791800, 0x0) socket(0x21, 0x3, 0x9) prctl$auto(0x203b, 0x8, 0xffffffffffffffff, 0x1, 0x5) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x4, 0x200000000000000d, 0x1, 0x9489, 0x3, 0x2000015f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x100480, 0x0) write$auto(0x3, 0x0, 0xffd8) r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x2c00, 0x0) ioctl$auto_MEMREADOOB(r2, 0xc0104d04, &(0x7f0000000080)={0x7761, 0x80, 0x0}) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socket(0x2a, 0xa, 0xfa2) r4 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0) preadv$auto(r3, &(0x7f00000004c0)={0x0, 0x8000000}, 0x3, 0x10000, 0x9) setsockopt$auto(r4, 0x10f, 0x7, 0x0, 0x14) 295.695952ms ago: executing program 0 (id=769): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cpu.pressure\x00', 0x183142, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) mkdir$auto(&(0x7f00000001c0)='}[,&*}\x00', 0xc001) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0) mount$auto(0x0, &(0x7f0000000240)='}[,&*}\x00', 0x0, 0x100000044000, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0xecb02, 0x0) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x11, 0x40, 0x8000000000000000, 0x0) sendmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x10000000008}, 0x106, 0x0, 0x1, 0x3}, 0x3}, 0x9ae, 0x100) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r1, 0x0, 0x1f41) socket(0xb, 0x4, 0xf8) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x4}, 0x4) getpgid$auto(0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r3, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f2058c3b43dd46344b92e000a029e6daf42c4d12e3a470487eb5cca6e2014b87e5a5aee1c6b9485472d18aaea4ebefe77c6901cd52e303083d6b2e47f4be756fb4dd02acd4938e6ae5f7178623b3b4bad0a83c2c511fd4a9e1da40efff3ca03326278860a6c507e50717f0ea9288daa0a33748cdaa74ec20f7b5671ab50d2a0ea649b9c1b258fa833e808ce0f0fb537e75e9e4c8e1b5c7fe8ca456e6c32fdb86b88c0bc30e44c5ec22634cf5b6b78574a5aae4cfd5b011095e2ea022a2fd15495319ddfad5b3fdabcf012d8f182af76c9ea3b083b66fb34b0ba87957fcd34cb0a55478bfb857bb79b52ec8cf52fcdaf09a20b743b765310cb24d4b05e55790ebbc410cc1342c3dc27facd2ae8c2ea0916bbe0e1372c09f2b98d486294c1ad0776828ec7feebdd969af66b82f708494c4abd5841d70a71ed0c6c7eef68559527ea4c43fe26e8889f9410cda85b13dc02bd03692198ce526997cb45b322a6354d58344e94944f9fa25950ae239c17b75d313f75405c012d959eeb2991130ec84e703193d749671264f3aafd55cfcfb2f5762979724318d6f1ed0b5e570d0b050ed9282a71de1533cb642ea831444a4bb7668745bf9814a180b18835e7c61d907e4321c25b5400be50d0117537ca13190ffde1bb077eb0cd74f6163abcb87a2b1e261b2c2084224d743b27b67f404b3b2d66a9c12892fb6894cd87c018e4018cfe5cb05b6114b90fb7faff3e591e4f60803318cc54783f9c1473276b33f59a3e545340299036ce3eefeb5775b4ddc00759012e5a408ea73b702c05c102740c6ba5b140a89cef6a7e9591c9afca16e478698cd9a3b4d103a553a194cc30e498b14c2315c61e5e6c329722c5cb50b6c114e4901c067ccfdb54268eb51b1d43b0cf36b78c2e91abf18675c3b69614e0d10c3f15014d69067a97953ba58e7da1b625ae43465346bb7cff85515f83c1934956b2195cebef82db5fd2e9083da8240e4d7d1ade0d4f2be992f2f23197df1054c89bb1b7ad9c03a3c3cecb278221889cb30374987dd72d0d58015dfee54acb6db2127dc467ba3ce0a2353e809622b23d03a6b52666f10cde5a2abb02571b845d58d6590afc59bd16caa59ae4026888efa3f6b1d0f879afb71a580486005db5a411073f8f4964f73103efa972ecf481118b12ae48ba55c50a5fd7c31991b73242bb7448bcb4e412427a4ab9657a0e1f8ff3332e9da5b6f695dfcc4e6fbeb5f2cea1c70703f7fe4b685feb246b27601163c98a661ee30467ac71ee1df93812258dfd19f30fcd059c1cde93e142a6fe6976f9f78b580073528e1a2ca6084eea907db9e3b1ac68eb150ee596519613a667c897afe767f17f3f227db922972bd9bfdc6b7ebd8f1e6a51587e31dd1bc3abeed8a338cc458ff7031507b678c97d51f03b92292ded0ac1f004fe460cbc56f355d17c8b3aa73645d06fac0664e6b2da6dfdf56a2efbe5fe06ae5f0bb3f1e91e3914dc9cf71b66515a7b669bb60f1ccc7ca1ffa1d76dd8762a7d2c106f3f42b8d7e1c337236bafcd8744a53f175ff22d3fbc3ff2bb70714c512d9e2c5f833276b8be411724a41dc99e21fa744af8be985d800f274cfbf11df693aa52f4b9a2b3503123f50830942dcd8a574b439a1f052019bdcab9c15e72aba31d9ef3dffcad1e9033ae5a9babbc6f1ab1705c910dbce3e1e086d02e0cd276f7e2bbc07239328242c9dcf978cbc65848a5075b1de6ca677bad27cbede3c05a93480b6f3eb46f8a8e12230aeb21ca5cd7ce42e8732fa37dfb17b83a19af95729bab425c07461e0816e9d5708034c63def894fa6907de93dac8395e82597b9213041950ea18ed7e8ba7b0f493b4b11e798a0513d4ad1f97301af8d53a5b86af41d4932c23830a5682fa5743955450683827e8a0e558a0e268af340fc8a26ecae297ae3c0ad82a46b4363f51822627d2aab585a2fb69fb6d411949a2221fddadf68c694594c6147880176c1f84474a0d510ebafd8f41658586139628551948b5ed07901bd308ea017ac2b6c137417247c0a7ae0b785962ef0d9057b6b0f80beffea656bd5d69f2d4bd6150e2375e5036756c4302a7e282c00240ad1dff076162eb833ca72837df82d31061346aff14b6dcb826605a850d9fc87a80632d8f1bde73b6baf858e71981976f2a3113a8d01248cc8514aaaf1d79cc1f99a81d86c4ad42286dae6ba36e4b2d45b6afcd9a5d6db9fe9642d3a7a4eb35439389f68a69c6a66ca7d6d00f5c0d1163a7cd3e39dbc7ffcd4c2fb3f8921e0fb59d3624417360a82c98a466548e0dfa2152ee833d0f65b5b2fdeca7287efa260ad91f0fe21682b8ab70c4b19d5d9cbb0ad8cb68973585646047da47518dde987a24e2fd0bb9e1d02215bee1bacee391b995cce351f1ccf04109160b05dce5d569ee7dc84c068521b37", 0xace) timer_create$auto(0x3, 0x0, &(0x7f0000000140)=0x6) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000140)=""/112, 0x70) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyde\x00', 0x1a9d02, 0x0) ioctl$auto_TIOCSETD2(r4, 0x5423, 0x0) bpf$auto_BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000040)=@bpf_attr_5={@target_fd=r2, 0xffffffffffffffff, 0x5, 0x10, r4, @relative_fd=r1, 0x4}, 0x13) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x6a742, 0x0) open(0x0, 0xeee00, 0x31) 295.434244ms ago: executing program 2 (id=770): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4000840}, 0x2000c840) sendmmsg$auto(r0, &(0x7f0000000240)={{0x0, 0x4, &(0x7f0000000200)={0x0, 0x34000}, 0x1, 0x0, 0xfffffffffffffffe, 0x17}, 0x7}, 0x3, 0x10003ef) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x10, 0x4, 0xffffffc0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0xf1, 0x2, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0) sendfile$auto(r3, 0x3, 0x0, 0x7) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) sendfile$auto(0x3, 0xffffffffffffffff, 0x0, 0x400000000006) open(0x0, 0x1e1401, 0xe5) mmap$auto(0x0, 0xda32, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x23, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video8\x00', 0x40001, 0x0) close_range$auto(0x2, 0x8, 0x0) clock_nanosleep$auto(0x9, 0x0, 0x0, 0xffffffffffffffff) tkill$auto(0x0, 0x7) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00'}) write$auto(0x3, 0x0, 0x100082) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) move_mount$auto(0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x77) setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4) 45.408649ms ago: executing program 0 (id=771): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon0\x00', 0x515000, 0x0) ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r0, 0xc0109207, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x24600, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) 1.712895ms ago: executing program 1 (id=772): r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)="58fcb282bcbc38bfaef257e019406ea6c445cd4f7f7662ac0f8834baa918d5b3cea133243c4f2b9a39e536b67f5a1a2bfdf589da2b1c980e1ce53883444996d1721d7f3ae627c6c604000000000000007910fbc02d899ab93d002d849884a5377ff11be2ed012110f2f520") r1 = socket(0x10, 0x2, 0x4) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ip6gre0/power/control\x00', 0x10b142, 0x0) r3 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0xc, 0x3, 0x0, 0x0, 0x2) socket(0x3, 0x3, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r5, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r5, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9 \xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) r6 = socket(0x15, 0x5, 0x0) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r6) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000001d40)={0x28, r7, 0x5, 0x70bd27, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_RINGS_RX_BUF_LEN={0x8, 0xa, 0x3}]}, 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80080) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000180)='nfsd\x00', 0x8, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, 0x0) getsockopt$auto(r6, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) sendfile$auto(r2, r2, 0x0, 0x1000200) 0s ago: executing program 3 (id=773): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:04.0/broken_parity_status\x00', 0xc3002, 0x0) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x802, 0x0, 0x1, 0x0, 0x2, 0x7ffd}, 0x7}, 0x8, 0xcad7) shutdown$auto(0x200000003, 0x2) r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfd, 0x0, 0xfffffffffffffffd) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r2 = getsockopt$auto(r1, 0x2, 0x2, &(0x7f0000000000)='!\x00', &(0x7f00000000c0)=0x3ff) mmap$auto(0x0, 0x20009, 0x8000000000000000, 0x55, r2, 0x8000) mmap$auto(0x0, 0x8, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) shutdown$auto(r0, 0x463) kernel console output (not intermixed with test programs): 09] QAT: Stopping all acceleration devices. [ 143.314565][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.343867][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.894370][ T6319] bridge0: port 3(bond0) entered blocking state [ 144.922441][ T6319] bridge0: port 3(bond0) entered disabled state [ 144.984109][ T6319] bond0: entered allmulticast mode [ 144.989601][ T6319] bond_slave_0: entered allmulticast mode [ 145.020875][ T6319] bond_slave_1: entered allmulticast mode [ 145.048103][ T6319] bond0: entered promiscuous mode [ 145.073808][ T6319] bond_slave_0: entered promiscuous mode [ 145.135446][ T6319] bond_slave_1: entered promiscuous mode [ 145.142280][ T6319] bridge0: port 3(bond0) entered blocking state [ 145.148939][ T6319] bridge0: port 3(bond0) entered forwarding state [ 145.983314][ T6334] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 146.860317][ T6354] netlink: 4 bytes leftover after parsing attributes in process `syz.3.73'. [ 146.879196][ T6354] netlink: 13 bytes leftover after parsing attributes in process `syz.3.73'. [ 147.002777][ T6350] zswap: compressor not available [ 147.775126][ T6372] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 147.934409][ T6376] QAT: Stopping all acceleration devices. [ 148.236694][ T6374] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 148.247102][ T6383] process 'syz.0.78' launched './file0' with NULL argv: empty string added [ 148.844439][ T6383] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 148.889352][ T6383] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 149.092175][ T6383] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 149.160491][ T6383] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 149.189136][ T6383] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 149.240942][ T6383] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 149.301698][ T6383] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 149.310333][ T6383] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 149.399767][ T6383] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 149.501779][ T6383] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 149.519697][ T6383] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 149.590022][ T6383] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 150.195778][ T6398] random: crng reseeded on system resumption [ 150.745519][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 151.240333][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 151.304808][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 151.637538][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 152.825752][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.306624][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 153.384160][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 153.704114][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 153.918146][ T6436] ======================================================= [ 153.918146][ T6436] WARNING: The mand mount option has been deprecated and [ 153.918146][ T6436] and is ignored by this kernel. Remove the mand [ 153.918146][ T6436] option from the mount to silence this warning. [ 153.918146][ T6436] ======================================================= [ 154.904391][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 155.105605][ T6453] QAT: Stopping all acceleration devices. [ 155.384152][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 155.468179][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 155.783894][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 157.884635][ T6477] binder: 6469:6477 ioctl c00c620f 200000000180 returned -22 [ 159.021461][ T6490] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 160.161766][ T6492] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 161.299048][ T6489] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 161.646954][ T6494] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 162.850197][ T6509] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 164.002447][ T6510] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 166.311264][ T6553] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 166.848801][ T6554] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 170.762108][ T6598] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 170.958376][ T6591] zswap: compressor not available [ 171.310160][ T6609] QAT: Stopping all acceleration devices. [ 171.787070][ T6601] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 174.228835][ T6624] netlink: 342 bytes leftover after parsing attributes in process `syz.1.116'. [ 175.557355][ T6640] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input25 [ 177.274402][ T6646] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 177.916157][ T6667] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 179.276657][ T6676] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 180.076197][ T6678] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 181.085287][ T6682] random: crng reseeded on system resumption [ 181.447571][ T6686] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 182.907245][ T6688] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 183.588219][ T6707] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 184.261784][ T6709] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 185.639913][ T6731] random: crng reseeded on system resumption [ 186.002882][ T6728] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 186.045131][ T6728] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 186.134123][ T6735] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 187.100320][ T6736] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 187.600570][ T6741] netlink: 'syz.3.133': attribute type 4 has an invalid length. [ 187.616110][ T6741] netlink: 'syz.3.133': attribute type 1 has an invalid length. [ 188.286250][ T6749] QAT: Stopping all acceleration devices. [ 189.849488][ T6757] random: crng reseeded on system resumption [ 190.372149][ T6768] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 190.469887][ T6756] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 190.483615][ T6756] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 190.495440][ T6774] QAT: Stopping all acceleration devices. [ 191.175128][ T6775] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 192.295875][ T6788] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 193.229579][ T6798] zram0: detected capacity change from 0 to 8 [ 193.290090][ T6800] QAT: Stopping all acceleration devices. [ 193.404012][ T6793] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 195.611034][ T6821] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39 [ 196.088487][ T6833] : renamed from gre0 (while UP) [ 196.200965][ T6824] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 197.504617][ T6853] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41 [ 198.307758][ T6854] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42 [ 198.361569][ T6861] QAT: Stopping all acceleration devices. [ 200.428620][ T6895] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input43 [ 201.338190][ T6896] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input44 [ 201.364392][ T6910] ubi0: attaching mtd0 [ 201.433581][ T6910] ubi0: scanning is finished [ 201.454010][ T6910] ubi0: empty MTD device detected [ 202.177738][ T6918] random: crng reseeded on system resumption [ 202.379732][ T6910] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 202.387527][ T6910] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 202.526195][ T6910] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 202.575959][ T6910] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 202.583438][ T6910] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 202.635456][ T6910] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 202.643498][ T6910] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3465996333 [ 202.674007][ T6910] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 202.708175][ T6920] ubi0: background thread "ubi_bgt0d" started, PID 6920 [ 202.738292][ T6911] ubi0: detaching mtd0 [ 202.795425][ T6911] ubi0: mtd0 is detached [ 203.830866][ T6924] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input45 [ 204.680214][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.689183][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.956034][ T6928] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46 [ 205.712951][ T6949] QAT: Stopping all acceleration devices. [ 206.924575][ T6964] random: crng reseeded on system resumption [ 207.934024][ T6968] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47 [ 208.649555][ T6971] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input48 [ 210.391818][ T6994] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input49 [ 210.596535][ T6989] usb usb36: usbfs: process 6989 (syz.0.174) did not claim interface 0 before use [ 211.362109][ T6995] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input50 [ 212.872685][ T7019] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input51 [ 213.361169][ T7022] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input52 [ 214.897753][ T7021] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 214.921696][ T7021] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 218.337597][ T7069] random: crng reseeded on system resumption [ 218.675108][ T7063] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 218.720598][ T7063] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.174738][ T7085] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input53 [ 220.925383][ T7092] random: crng reseeded on system resumption [ 221.099081][ T7087] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input54 [ 222.261840][ T7083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 222.324706][ T7083] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 224.199583][ T7120] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input55 [ 224.751927][ T7123] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input56 [ 225.216925][ T7121] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input57 [ 226.118223][ T7126] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input58 [ 227.609917][ T7152] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input59 [ 229.827788][ T7157] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input60 [ 230.106497][ T7164] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 230.156697][ T7164] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 230.375232][ T7168] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input61 [ 230.937140][ T7169] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input62 [ 231.390287][ T7186] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input63 [ 232.234016][ T7187] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input64 [ 232.558360][ T7204] random: crng reseeded on system resumption [ 232.968328][ T7197] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 233.003172][ T7197] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 233.597377][ T7209] QAT: Stopping all acceleration devices. [ 234.192295][ T7219] QAT: Stopping all acceleration devices. [ 234.814262][ T7230] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input65 [ 235.307412][ T7232] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input66 [ 236.358512][ T7245] QAT: Stopping all acceleration devices. [ 237.444896][ T7259] binder: 7251:7259 ioctl c00c620f 200000000180 returned -22 [ 237.709644][ T7265] netlink: 4 bytes leftover after parsing attributes in process `syz.1.218'. [ 239.864986][ T7298] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input67 [ 241.196750][ T7310] binder: 7306:7310 ioctl c00c620f 200000000180 returned -22 [ 241.816500][ T7300] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input68 [ 243.254487][ T7326] QAT: Stopping all acceleration devices. [ 243.379953][ T7328] netlink: 4 bytes leftover after parsing attributes in process `syz.3.227'. [ 244.352099][ T7337] QAT: Stopping all acceleration devices. [ 244.588003][ T7347] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input69 [ 245.192668][ T7349] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input70 [ 245.600458][ T7359] QAT: Stopping all acceleration devices. [ 246.264557][ T7345] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input71 [ 246.845221][ T7371] QAT: Stopping all acceleration devices. [ 247.109916][ T7351] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input72 [ 249.279413][ T7397] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 249.335085][ T7397] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 249.373426][ T7397] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 249.380639][ T7397] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 249.512342][ T7402] FAULT_INJECTION: forcing a failure. [ 249.512342][ T7402] name failslab, interval 1, probability 0, space 0, times 1 [ 249.574924][ T7402] CPU: 1 UID: 0 PID: 7402 Comm: syz.3.241 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 249.574971][ T7402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 249.574990][ T7402] Call Trace: [ 249.575001][ T7402] [ 249.575017][ T7402] dump_stack_lvl+0x16c/0x1f0 [ 249.575059][ T7402] should_fail_ex+0x512/0x640 [ 249.575093][ T7402] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 249.575133][ T7402] should_failslab+0xc2/0x120 [ 249.575173][ T7402] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 249.575207][ T7402] ? __proc_create+0xc3/0x8c0 [ 249.575243][ T7402] ? __proc_create+0x2ce/0x8c0 [ 249.575286][ T7402] __proc_create+0x2ce/0x8c0 [ 249.575325][ T7402] ? __pfx___proc_create+0x10/0x10 [ 249.575360][ T7402] ? __register_sysctl_table+0x736/0x1900 [ 249.575406][ T7402] ? _raw_spin_unlock+0x28/0x50 [ 249.575463][ T7402] proc_create_reg+0x7d/0x180 [ 249.575506][ T7402] proc_create_net_data+0x8e/0x1b0 [ 249.575586][ T7402] ? __pfx_proc_create_net_data+0x10/0x10 [ 249.575637][ T7402] ? __pfx_arp_net_init+0x10/0x10 [ 249.575688][ T7402] arp_net_init+0x53/0x70 [ 249.575738][ T7402] ops_init+0x1df/0x5f0 [ 249.575780][ T7402] setup_net+0x1ff/0x510 [ 249.575817][ T7402] ? lockdep_init_map_type+0x5c/0x280 [ 249.575865][ T7402] ? __pfx_setup_net+0x10/0x10 [ 249.575910][ T7402] ? debug_mutex_init+0x37/0x70 [ 249.575948][ T7402] copy_net_ns+0x2a6/0x5f0 [ 249.575995][ T7402] create_new_namespaces+0x3ea/0xa90 [ 249.576044][ T7402] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 249.576087][ T7402] ksys_unshare+0x45b/0xa40 [ 249.576134][ T7402] ? __pfx_ksys_unshare+0x10/0x10 [ 249.576182][ T7402] ? xfd_validate_state+0x61/0x180 [ 249.576240][ T7402] __x64_sys_unshare+0x31/0x40 [ 249.576286][ T7402] do_syscall_64+0xcd/0x490 [ 249.576325][ T7402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.576358][ T7402] RIP: 0033:0x7fdb35d8e9a9 [ 249.576385][ T7402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.576419][ T7402] RSP: 002b:00007fdb33bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 249.576450][ T7402] RAX: ffffffffffffffda RBX: 00007fdb35fb6080 RCX: 00007fdb35d8e9a9 [ 249.576472][ T7402] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 249.576492][ T7402] RBP: 00007fdb35e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 249.576511][ T7402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 249.576537][ T7402] R13: 0000000000000000 R14: 00007fdb35fb6080 R15: 00007fff495b9738 [ 249.576580][ T7402] [ 249.863439][ T7408] QAT: Stopping all acceleration devices. [ 250.903861][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 251.150952][ T7422] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input73 [ 251.402091][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 251.402110][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 251.402176][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 251.688947][ T7426] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input74 [ 252.669792][ T7443] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input75 [ 253.520582][ T7445] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input76 [ 255.027534][ T7467] syz.3.254 uses obsolete (PF_INET,SOCK_PACKET) [ 255.342577][ T7475] binder: 7468:7475 ioctl c00c620f 200000000180 returned -22 [ 255.618032][ T7479] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input77 [ 255.876572][ T7486] netlink: 4 bytes leftover after parsing attributes in process `syz.1.258'. [ 256.091105][ T7484] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input78 [ 257.245463][ T7491] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 257.251735][ T7491] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 257.259491][ T7491] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 257.266152][ T7491] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 258.768985][ T7522] FAULT_INJECTION: forcing a failure. [ 258.768985][ T7522] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 258.845292][ T7522] CPU: 0 UID: 0 PID: 7522 Comm: syz.0.265 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 258.845337][ T7522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 258.845355][ T7522] Call Trace: [ 258.845365][ T7522] [ 258.845376][ T7522] dump_stack_lvl+0x16c/0x1f0 [ 258.845412][ T7522] should_fail_ex+0x512/0x640 [ 258.845450][ T7522] should_fail_alloc_page+0xe7/0x130 [ 258.845490][ T7522] prepare_alloc_pages+0x3c2/0x610 [ 258.845535][ T7522] ? lockdep_hardirqs_on+0x7c/0x110 [ 258.845571][ T7522] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 258.845617][ T7522] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 258.845660][ T7522] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 258.845696][ T7522] ? __pfx___text_poke+0x10/0x10 [ 258.845727][ T7522] ? find_held_lock+0x2b/0x80 [ 258.845769][ T7522] ? static_key_slow_inc_cpuslocked+0xd2/0x120 [ 258.845830][ T7522] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 258.845863][ T7522] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 258.845922][ T7522] ? policy_nodemask+0xea/0x4e0 [ 258.845963][ T7522] alloc_pages_mpol+0x1fb/0x550 [ 258.846011][ T7522] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 258.846060][ T7522] alloc_pages_noprof+0x131/0x390 [ 258.846099][ T7522] kvm_arch_vcpu_create+0x2a7/0xb20 [ 258.846141][ T7522] ? lockdep_init_map_type+0x5c/0x280 [ 258.846195][ T7522] kvm_vm_ioctl+0xf6f/0x3dd0 [ 258.846262][ T7522] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 258.846333][ T7522] ? kasan_quarantine_put+0x10a/0x240 [ 258.846364][ T7522] ? lockdep_hardirqs_on+0x7c/0x110 [ 258.846417][ T7522] ? find_held_lock+0x2b/0x80 [ 258.846451][ T7522] ? tomoyo_path_number_perm+0x295/0x580 [ 258.846504][ T7522] ? tomoyo_path_number_perm+0x18d/0x580 [ 258.846554][ T7522] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 258.846599][ T7522] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 258.846650][ T7522] ? do_vfs_ioctl+0x523/0x1a60 [ 258.846696][ T7522] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 258.846768][ T7522] ? find_held_lock+0x2b/0x80 [ 258.846801][ T7522] ? hook_file_ioctl_common+0x145/0x410 [ 258.846854][ T7522] ? __fget_files+0x20e/0x3c0 [ 258.846919][ T7522] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 258.846981][ T7522] __x64_sys_ioctl+0x18e/0x210 [ 258.847030][ T7522] do_syscall_64+0xcd/0x490 [ 258.847068][ T7522] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.847101][ T7522] RIP: 0033:0x7f656638e9a9 [ 258.847126][ T7522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 258.847155][ T7522] RSP: 002b:00007f6567196038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 258.847184][ T7522] RAX: ffffffffffffffda RBX: 00007f65665b5fa0 RCX: 00007f656638e9a9 [ 258.847204][ T7522] RDX: 0000000000000038 RSI: 000000000000ae41 RDI: 0000000000000003 [ 258.847223][ T7522] RBP: 00007f6567196090 R08: 0000000000000000 R09: 0000000000000000 [ 258.847242][ T7522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 258.847261][ T7522] R13: 0000000000000000 R14: 00007f65665b5fa0 R15: 00007fff9a5aca18 [ 258.847302][ T7522] [ 259.304506][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 259.323740][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 259.329863][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 259.336080][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 261.500744][ T7563] FAULT_INJECTION: forcing a failure. [ 261.500744][ T7563] name failslab, interval 1, probability 0, space 0, times 0 [ 261.606531][ T7559] zram: Added device: zram1 [ 261.645571][ T7563] CPU: 1 UID: 0 PID: 7563 Comm: syz.2.273 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 261.645616][ T7563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 261.645636][ T7563] Call Trace: [ 261.645646][ T7563] [ 261.645658][ T7563] dump_stack_lvl+0x16c/0x1f0 [ 261.645697][ T7563] should_fail_ex+0x512/0x640 [ 261.645730][ T7563] ? __kvmalloc_node_noprof+0x124/0x620 [ 261.645788][ T7563] should_failslab+0xc2/0x120 [ 261.645830][ T7563] __kvmalloc_node_noprof+0x137/0x620 [ 261.645899][ T7563] ? io_alloc_cache_init+0x33/0x170 [ 261.645940][ T7563] ? io_alloc_cache_init+0x33/0x170 [ 261.645969][ T7563] io_alloc_cache_init+0x33/0x170 [ 261.646005][ T7563] io_uring_setup+0x675/0x2080 [ 261.646059][ T7563] ? __pfx_io_uring_setup+0x10/0x10 [ 261.646105][ T7563] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 261.646144][ T7563] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 261.646181][ T7563] ? __fget_files+0x20e/0x3c0 [ 261.646241][ T7563] ? ksys_write+0x1ac/0x250 [ 261.646272][ T7563] ? __pfx_ksys_write+0x10/0x10 [ 261.646309][ T7563] __x64_sys_io_uring_setup+0xc2/0x170 [ 261.646360][ T7563] do_syscall_64+0xcd/0x490 [ 261.646396][ T7563] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.646426][ T7563] RIP: 0033:0x7f66c838e9a9 [ 261.646449][ T7563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.646489][ T7563] RSP: 002b:00007f66c9133038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 261.646517][ T7563] RAX: ffffffffffffffda RBX: 00007f66c85b5fa0 RCX: 00007f66c838e9a9 [ 261.646537][ T7563] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000059 [ 261.646556][ T7563] RBP: 00007f66c9133090 R08: 0000000000000000 R09: 0000000000000000 [ 261.646574][ T7563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 261.646592][ T7563] R13: 0000000000000000 R14: 00007f66c85b5fa0 R15: 00007ffe623f2858 [ 261.646630][ T7563] [ 262.267866][ T7569] usb usb36: usbfs: process 7569 (syz.2.275) did not claim interface 0 before use [ 262.387330][ T7581] netlink: 4 bytes leftover after parsing attributes in process `syz.1.278'. [ 262.631876][ T7586] QAT: Stopping all acceleration devices. [ 262.858405][ T7588] QAT: Stopping all acceleration devices. [ 264.088557][ T7615] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input79 [ 264.649301][ T7622] capability: warning: `syz.1.286' uses 32-bit capabilities (legacy support in use) [ 264.795966][ T7617] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input80 [ 266.113874][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.121902][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.206389][ T7637] usb usb36: usbfs: process 7637 (syz.0.289) did not claim interface 0 before use [ 266.679370][ T7648] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input82 [ 267.287609][ T7651] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input83 [ 267.550053][ T7649] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 267.674026][ T7649] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 267.680202][ T7649] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 267.743934][ T7649] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 268.912407][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 269.044998][ T7675] QAT: Stopping all acceleration devices. [ 269.135353][ T7677] FAULT_INJECTION: forcing a failure. [ 269.135353][ T7677] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 269.163895][ T7677] CPU: 0 UID: 0 PID: 7677 Comm: syz.2.298 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 269.163944][ T7677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 269.163964][ T7677] Call Trace: [ 269.163974][ T7677] [ 269.163987][ T7677] dump_stack_lvl+0x16c/0x1f0 [ 269.164028][ T7677] should_fail_ex+0x512/0x640 [ 269.164078][ T7677] should_fail_alloc_page+0xe7/0x130 [ 269.164121][ T7677] prepare_alloc_pages+0x3c2/0x610 [ 269.164174][ T7677] ? event_pid_write.isra.0+0xf8/0x7c0 [ 269.164219][ T7677] ? vfs_writev+0x5dc/0xde0 [ 269.164273][ T7677] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 269.164330][ T7677] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 269.164395][ T7677] ? rcu_is_watching+0x12/0xc0 [ 269.164432][ T7677] ? trace_kmalloc+0x2b/0xd0 [ 269.164473][ T7677] ? __kmalloc_node_noprof+0x23b/0x500 [ 269.164519][ T7677] __alloc_pages_noprof+0xb/0x1b0 [ 269.164553][ T7677] __rb_allocate_pages+0x650/0xeb0 [ 269.164609][ T7677] ring_buffer_resize+0x71a/0x15c0 [ 269.164662][ T7677] ? __pfx_update_last_data+0x10/0x10 [ 269.164703][ T7677] __tracing_resize_ring_buffer.part.0+0x52/0x1f0 [ 269.164765][ T7677] tracing_update_buffers+0x102/0x130 [ 269.164812][ T7677] event_pid_write.isra.0+0xf8/0x7c0 [ 269.164864][ T7677] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 269.164926][ T7677] ? __pfx_ftrace_event_pid_write+0x10/0x10 [ 269.164972][ T7677] vfs_writev+0x5dc/0xde0 [ 269.165023][ T7677] ? __pfx___mutex_trylock_common+0x10/0x10 [ 269.165094][ T7677] ? __pfx_vfs_writev+0x10/0x10 [ 269.165148][ T7677] ? __mutex_lock+0x1ca/0xb90 [ 269.165194][ T7677] ? __pfx___mutex_lock+0x10/0x10 [ 269.165246][ T7677] ? __fget_files+0x20e/0x3c0 [ 269.165316][ T7677] ? do_writev+0x132/0x340 [ 269.165366][ T7677] do_writev+0x132/0x340 [ 269.165419][ T7677] ? __pfx_do_writev+0x10/0x10 [ 269.165486][ T7677] do_syscall_64+0xcd/0x490 [ 269.165526][ T7677] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.165561][ T7677] RIP: 0033:0x7f66c838e9a9 [ 269.165588][ T7677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.165620][ T7677] RSP: 002b:00007f66c9133038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 269.165651][ T7677] RAX: ffffffffffffffda RBX: 00007f66c85b5fa0 RCX: 00007f66c838e9a9 [ 269.165673][ T7677] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 269.165694][ T7677] RBP: 00007f66c8410d69 R08: 0000000000000000 R09: 0000000000000000 [ 269.165714][ T7677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.165734][ T7677] R13: 0000000000000000 R14: 00007f66c85b5fa0 R15: 00007ffe623f2858 [ 269.165779][ T7677] [ 269.437109][ C0] vkms_vblank_simulate: vblank timer overrun [ 269.703797][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 269.709918][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 269.853798][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 270.486577][ T7688] usb usb36: usbfs: process 7688 (syz.1.300) did not claim interface 0 before use [ 271.400399][ T7699] usb usb36: usbfs: process 7699 (syz.1.311) did not claim interface 0 before use [ 272.184298][ T7707] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 272.195472][ T7707] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 272.222541][ T7707] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 272.230191][ T7707] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 273.447578][ T7731] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 273.478227][ T7731] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 273.485522][ T7731] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 273.519088][ T7731] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 274.367020][ T7750] FAULT_INJECTION: forcing a failure. [ 274.367020][ T7750] name failslab, interval 1, probability 0, space 0, times 0 [ 274.382400][ T7750] CPU: 0 UID: 0 PID: 7750 Comm: syz.0.319 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 274.382441][ T7750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 274.382459][ T7750] Call Trace: [ 274.382470][ T7750] [ 274.382482][ T7750] dump_stack_lvl+0x16c/0x1f0 [ 274.382520][ T7750] should_fail_ex+0x512/0x640 [ 274.382557][ T7750] ? __kmalloc_noprof+0xbf/0x510 [ 274.382593][ T7750] ? __list_lru_init+0xe8/0x4c0 [ 274.382621][ T7750] should_failslab+0xc2/0x120 [ 274.382659][ T7750] __kmalloc_noprof+0xd2/0x510 [ 274.382698][ T7750] __list_lru_init+0xe8/0x4c0 [ 274.382727][ T7750] alloc_super+0x904/0xbd0 [ 274.382780][ T7750] sget_fc+0x116/0xc20 [ 274.382827][ T7750] ? __pfx_set_anon_super_fc+0x10/0x10 [ 274.382876][ T7750] ? __pfx_dlmfs_fill_super+0x10/0x10 [ 274.382910][ T7750] get_tree_nodev+0x28/0x190 [ 274.382944][ T7750] vfs_get_tree+0x8e/0x340 [ 274.382990][ T7750] vfs_cmd_create+0xd7/0x2a0 [ 274.383028][ T7750] __do_sys_fsconfig+0x7b8/0xbe0 [ 274.383069][ T7750] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 274.383104][ T7750] ? fput+0x70/0xf0 [ 274.383159][ T7750] do_syscall_64+0xcd/0x490 [ 274.383194][ T7750] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.383227][ T7750] RIP: 0033:0x7f656638e9a9 [ 274.383253][ T7750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 274.383282][ T7750] RSP: 002b:00007f6567196038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 274.383311][ T7750] RAX: ffffffffffffffda RBX: 00007f65665b5fa0 RCX: 00007f656638e9a9 [ 274.383332][ T7750] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 274.383350][ T7750] RBP: 00007f6567196090 R08: 0000000000000000 R09: 0000000000000000 [ 274.383369][ T7750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 274.383398][ T7750] R13: 0000000000000000 R14: 00007f65665b5fa0 R15: 00007fff9a5aca18 [ 274.383439][ T7750] [ 274.421056][ T7746] usb usb36: usbfs: process 7746 (syz.3.316) did not claim interface 0 before use [ 274.421360][ C0] vkms_vblank_simulate: vblank timer overrun [ 274.593574][ C0] vkms_vblank_simulate: vblank timer overrun [ 275.143757][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 275.377701][ T7771] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input84 [ 275.543837][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 275.543854][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 275.543904][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 276.096779][ T7775] FAULT_INJECTION: forcing a failure. [ 276.096779][ T7775] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 276.129781][ T7775] CPU: 1 UID: 0 PID: 7775 Comm: syz.1.324 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 276.129823][ T7775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 276.129840][ T7775] Call Trace: [ 276.129850][ T7775] [ 276.129861][ T7775] dump_stack_lvl+0x16c/0x1f0 [ 276.129900][ T7775] should_fail_ex+0x512/0x640 [ 276.129938][ T7775] should_fail_alloc_page+0xe7/0x130 [ 276.129977][ T7775] prepare_alloc_pages+0x3c2/0x610 [ 276.130021][ T7775] ? rcu_is_watching+0x12/0xc0 [ 276.130059][ T7775] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 276.130094][ T7775] ? __lock_acquire+0xb8a/0x1c90 [ 276.130154][ T7775] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 276.130187][ T7775] ? do_raw_spin_lock+0x12c/0x2b0 [ 276.130238][ T7775] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 276.130288][ T7775] ? find_held_lock+0x2b/0x80 [ 276.130333][ T7775] ? __lock_acquire+0xb8a/0x1c90 [ 276.130374][ T7775] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 276.130422][ T7775] ? policy_nodemask+0xea/0x4e0 [ 276.130468][ T7775] alloc_pages_mpol+0x1fb/0x550 [ 276.130505][ T7775] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 276.130562][ T7775] folio_alloc_mpol_noprof+0x36/0x2f0 [ 276.130604][ T7775] shmem_alloc_folio+0x135/0x160 [ 276.130666][ T7775] shmem_alloc_and_add_folio+0x499/0xc20 [ 276.130725][ T7775] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 276.130781][ T7775] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 276.130835][ T7775] shmem_get_folio_gfp+0x67f/0x1600 [ 276.130883][ T7775] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 276.130913][ T7775] ? __lock_acquire+0x622/0x1c90 [ 276.130956][ T7775] shmem_fault+0x1fe/0xa30 [ 276.130984][ T7775] ? __pfx_shmem_fault+0x10/0x10 [ 276.131024][ T7775] __do_fault+0x10d/0x490 [ 276.131055][ T7775] ? __pfx_filemap_map_pages+0x10/0x10 [ 276.131085][ T7775] __handle_mm_fault+0x374c/0x5490 [ 276.131142][ T7775] ? __pfx___handle_mm_fault+0x10/0x10 [ 276.131186][ T7775] ? __pfx_mt_find+0x10/0x10 [ 276.131241][ T7775] ? find_vma+0xbf/0x140 [ 276.131278][ T7775] ? __pfx_find_vma+0x10/0x10 [ 276.131319][ T7775] handle_mm_fault+0x589/0xd10 [ 276.131368][ T7775] ? __pkru_allows_pkey+0x51/0xb0 [ 276.131412][ T7775] do_user_addr_fault+0x7a6/0x1370 [ 276.131464][ T7775] ? rcu_is_watching+0x12/0xc0 [ 276.131500][ T7775] exc_page_fault+0x5c/0xb0 [ 276.131550][ T7775] asm_exc_page_fault+0x26/0x30 [ 276.131579][ T7775] RIP: 0010:__put_user_8+0xd/0x20 [ 276.131608][ T7775] Code: 89 01 31 c9 0f 01 ca e9 11 5b 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca c3 cc cc cc cc 66 0f 1f 44 00 00 90 90 90 [ 276.131635][ T7775] RSP: 0018:ffffc900032c7bf8 EFLAGS: 00050206 [ 276.131658][ T7775] RAX: 0000000100000000 RBX: 0000000000000000 RCX: 000000000000b000 [ 276.131695][ T7775] RDX: ffff88801e32bc00 RSI: ffffffff825d7ed7 RDI: ffffffff8c155ee0 [ 276.131715][ T7775] RBP: 00000000000051d0 R08: 8bff7bbba9f4edf6 R09: 0000000000000000 [ 276.131735][ T7775] R10: 0000000000000000 R11: 0000000000000001 R12: 000000000000b000 [ 276.131753][ T7775] R13: 0000000000001600 R14: 0000000000000000 R15: 0000000100000000 [ 276.131786][ T7775] ? kpage_read.constprop.0+0x137/0x5e0 [ 276.131839][ T7775] kpage_read.constprop.0+0x142/0x5e0 [ 276.131885][ T7775] ? __pfx_kpageflags_read+0x10/0x10 [ 276.131932][ T7775] proc_reg_read+0x120/0x330 [ 276.131968][ T7775] ? __pfx_proc_reg_read+0x10/0x10 [ 276.131999][ T7775] vfs_readv+0x5c1/0x8b0 [ 276.132057][ T7775] ? __pfx_vfs_readv+0x10/0x10 [ 276.132106][ T7775] ? __mutex_lock+0x1ca/0xb90 [ 276.132148][ T7775] ? __pfx___mutex_lock+0x10/0x10 [ 276.132196][ T7775] ? __fget_files+0x20e/0x3c0 [ 276.132245][ T7775] ? __fget_files+0x1b0/0x3c0 [ 276.132306][ T7775] ? do_readv+0x132/0x340 [ 276.132369][ T7775] do_readv+0x132/0x340 [ 276.132419][ T7775] ? __pfx_do_readv+0x10/0x10 [ 276.132489][ T7775] do_syscall_64+0xcd/0x490 [ 276.132526][ T7775] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.132559][ T7775] RIP: 0033:0x7fbf4a38e9a9 [ 276.132585][ T7775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 276.132614][ T7775] RSP: 002b:00007fbf4b289038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 276.132643][ T7775] RAX: ffffffffffffffda RBX: 00007fbf4a5b5fa0 RCX: 00007fbf4a38e9a9 [ 276.132664][ T7775] RDX: 0000000000000400 RSI: 00002000000000c0 RDI: 0000000000000003 [ 276.132683][ T7775] RBP: 00007fbf4b289090 R08: 0000000000000000 R09: 0000000000000000 [ 276.132702][ T7775] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 276.132721][ T7775] R13: 0000000000000000 R14: 00007fbf4a5b5fa0 R15: 00007ffda32fefe8 [ 276.132763][ T7775] [ 277.259225][ T7785] usb usb36: usbfs: process 7785 (syz.1.328) did not claim interface 0 before use [ 277.322889][ T7783] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 277.404079][ T7783] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 277.449121][ T7783] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 277.468578][ T7783] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 277.729343][ T7799] FAULT_INJECTION: forcing a failure. [ 277.729343][ T7799] name failslab, interval 1, probability 0, space 0, times 0 [ 277.787847][ T7799] CPU: 0 UID: 0 PID: 7799 Comm: syz.2.331 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 277.787897][ T7799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 277.787919][ T7799] Call Trace: [ 277.787932][ T7799] [ 277.787945][ T7799] dump_stack_lvl+0x16c/0x1f0 [ 277.787988][ T7799] should_fail_ex+0x512/0x640 [ 277.788022][ T7799] ? fs_reclaim_acquire+0xae/0x150 [ 277.788082][ T7799] should_failslab+0xc2/0x120 [ 277.788123][ T7799] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 277.788159][ T7799] ? security_inode_alloc+0x3b/0x2b0 [ 277.788212][ T7799] security_inode_alloc+0x3b/0x2b0 [ 277.788259][ T7799] inode_init_always_gfp+0xce4/0x1030 [ 277.788323][ T7799] alloc_inode+0x86/0x240 [ 277.788364][ T7799] new_inode+0x22/0x1c0 [ 277.788410][ T7799] __debugfs_create_file+0x11c/0x6b0 [ 277.788470][ T7799] debugfs_create_file_full+0x41/0x60 [ 277.788529][ T7799] kvm_dev_ioctl+0x14ff/0x1ad0 [ 277.788577][ T7799] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 277.788623][ T7799] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 277.788656][ T7799] __x64_sys_ioctl+0x18e/0x210 [ 277.788705][ T7799] do_syscall_64+0xcd/0x490 [ 277.788741][ T7799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.788775][ T7799] RIP: 0033:0x7f66c838e9a9 [ 277.788802][ T7799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.788834][ T7799] RSP: 002b:00007f66c9112038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 277.788865][ T7799] RAX: ffffffffffffffda RBX: 00007f66c85b6080 RCX: 00007f66c838e9a9 [ 277.788886][ T7799] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000007 [ 277.788905][ T7799] RBP: 00007f66c8410d69 R08: 0000000000000000 R09: 0000000000000000 [ 277.788925][ T7799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.788945][ T7799] R13: 0000000000000000 R14: 00007f66c85b6080 R15: 00007ffe623f2858 [ 277.788988][ T7799] [ 277.789029][ T7799] debugfs: out of free dentries, can not create file 'pages_2m' [ 278.098445][ T7803] usb usb36: usbfs: process 7803 (syz.1.341) did not claim interface 0 before use [ 278.133305][ T7811] random: crng reseeded on system resumption [ 278.795670][ T7821] blktrace: Concurrent blktraces are not allowed on ram7 [ 279.073053][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 279.463833][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 279.469985][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 279.570474][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 280.027676][ T7839] ubi0: attaching mtd0 [ 280.041753][ T7839] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 280.107865][ T7839] openvswitch: netlink: nsh attribute has unmatched MD type 0. [ 280.414770][ T7844] netlink: 4 bytes leftover after parsing attributes in process `syz.0.340'. [ 280.442497][ T7844] netlink: 'syz.0.340': attribute type 1 has an invalid length. [ 280.493409][ T7844] netlink: 13 bytes leftover after parsing attributes in process `syz.0.340'. [ 281.548373][ T7849] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 281.565840][ T7849] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 281.615276][ T7849] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 281.634857][ T7849] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 281.726148][ T7858] usb usb36: usbfs: process 7858 (syz.1.346) did not claim interface 0 before use [ 281.871986][ T7863] QAT: Stopping all acceleration devices. [ 282.473772][ T7873] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input86 [ 282.857238][ T7871] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 282.903708][ T7871] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 282.934094][ T7871] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 282.968641][ T7871] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 283.559890][ T7879] QAT: Stopping all acceleration devices. [ 284.595988][ T7886] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 284.663899][ T7886] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 284.683467][ T7886] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 284.703182][ T7886] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 285.116600][ T7896] netlink: 354 bytes leftover after parsing attributes in process `syz.3.357'. [ 286.016313][ T7913] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input87 [ 286.029747][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 286.420537][ T7917] netlink: 4 bytes leftover after parsing attributes in process `syz.1.361'. [ 286.501595][ T7912] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 286.509794][ T7917] netlink: 'syz.1.361': attribute type 1 has an invalid length. [ 286.533975][ T7912] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 286.540297][ T7912] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 286.548117][ T7912] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 286.578956][ T7917] netlink: 13 bytes leftover after parsing attributes in process `syz.1.361'. [ 286.763790][ T7915] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input88 [ 288.029602][ T7932] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 288.103135][ T7932] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 288.112971][ T7932] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 288.213811][ T7932] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 288.745779][ T7941] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 288.906927][ T7942] zram: Added device: zram2 [ 289.057623][ T7946] netlink: 334 bytes leftover after parsing attributes in process `syz.3.368'. [ 289.062743][ T7948] usb usb36: usbfs: process 7948 (syz.2.369) did not claim interface 0 before use [ 289.096625][ T7946] netlink: 8 bytes leftover after parsing attributes in process `syz.3.368'. [ 289.870205][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 290.113731][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 290.188162][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 290.284139][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 291.472883][ T7987] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 291.557834][ T7987] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 291.603588][ T7987] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 291.617421][ T7987] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 292.775536][ T8013] FAULT_INJECTION: forcing a failure. [ 292.775536][ T8013] name failslab, interval 1, probability 0, space 0, times 0 [ 292.813830][ T8013] CPU: 1 UID: 0 PID: 8013 Comm: syz.3.381 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 292.813878][ T8013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 292.813897][ T8013] Call Trace: [ 292.813907][ T8013] [ 292.813920][ T8013] dump_stack_lvl+0x16c/0x1f0 [ 292.813958][ T8013] should_fail_ex+0x512/0x640 [ 292.814000][ T8013] ? fs_reclaim_acquire+0xae/0x150 [ 292.814051][ T8013] should_failslab+0xc2/0x120 [ 292.814091][ T8013] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 292.814128][ T8013] ? security_inode_alloc+0x3b/0x2b0 [ 292.814185][ T8013] security_inode_alloc+0x3b/0x2b0 [ 292.814232][ T8013] inode_init_always_gfp+0xce4/0x1030 [ 292.814295][ T8013] alloc_inode+0x86/0x240 [ 292.814336][ T8013] new_inode+0x22/0x1c0 [ 292.814382][ T8013] bdev_alloc+0x2b/0x420 [ 292.814437][ T8013] __alloc_disk_node+0x116/0x630 [ 292.814479][ T8013] __blk_mq_alloc_disk+0x89/0x120 [ 292.814515][ T8013] loop_add+0x49e/0xb70 [ 292.814562][ T8013] ? do_vfs_ioctl+0x523/0x1a60 [ 292.814609][ T8013] ? __pfx_loop_add+0x10/0x10 [ 292.814653][ T8013] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 292.814727][ T8013] ? find_held_lock+0x2b/0x80 [ 292.814770][ T8013] loop_control_ioctl+0x13e/0x630 [ 292.814821][ T8013] ? __pfx_loop_control_ioctl+0x10/0x10 [ 292.814877][ T8013] ? __pfx_loop_control_ioctl+0x10/0x10 [ 292.814927][ T8013] __x64_sys_ioctl+0x18e/0x210 [ 292.814986][ T8013] do_syscall_64+0xcd/0x490 [ 292.815026][ T8013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.815062][ T8013] RIP: 0033:0x7fdb35d8e9a9 [ 292.815088][ T8013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 292.815121][ T8013] RSP: 002b:00007fdb36b27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 292.815153][ T8013] RAX: ffffffffffffffda RBX: 00007fdb35fb5fa0 RCX: 00007fdb35d8e9a9 [ 292.815175][ T8013] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000007 [ 292.815194][ T8013] RBP: 00007fdb35e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 292.815212][ T8013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 292.815226][ T8013] R13: 0000000000000000 R14: 00007fdb35fb5fa0 R15: 00007fff495b9738 [ 292.815255][ T8013] [ 293.114521][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 293.149403][ T8010] usb usb36: usbfs: process 8010 (syz.0.380) did not claim interface 0 before use [ 293.435189][ T8020] QAT: Stopping all acceleration devices. [ 293.618615][ T8025] QAT: Stopping all acceleration devices. [ 293.623934][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 293.630466][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 293.636910][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 295.391593][ T8058] FAULT_INJECTION: forcing a failure. [ 295.391593][ T8058] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 295.422066][ T8058] CPU: 1 UID: 0 PID: 8058 Comm: syz.3.394 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 295.422112][ T8058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 295.422131][ T8058] Call Trace: [ 295.422141][ T8058] [ 295.422152][ T8058] dump_stack_lvl+0x16c/0x1f0 [ 295.422192][ T8058] should_fail_ex+0x512/0x640 [ 295.422231][ T8058] _copy_to_iter+0x463/0x16f0 [ 295.422277][ T8058] ? __pfx__copy_to_iter+0x10/0x10 [ 295.422317][ T8058] ? seq_read_iter+0x826/0x12c0 [ 295.422372][ T8058] seq_read_iter+0xcf8/0x12c0 [ 295.422439][ T8058] seq_read+0x39e/0x4e0 [ 295.422495][ T8058] ? __pfx_seq_read+0x10/0x10 [ 295.422537][ T8058] ? __lock_acquire+0xb8a/0x1c90 [ 295.422589][ T8058] ? get_pid_task+0xfc/0x250 [ 295.422650][ T8058] full_proxy_read+0x13c/0x200 [ 295.422690][ T8058] ? __pfx_full_proxy_read+0x10/0x10 [ 295.422732][ T8058] vfs_read+0x1e4/0xc60 [ 295.422765][ T8058] ? __pfx___mutex_lock+0x10/0x10 [ 295.422799][ T8058] ? __pfx_vfs_read+0x10/0x10 [ 295.422839][ T8058] ? __fget_files+0x20e/0x3c0 [ 295.422903][ T8058] ksys_read+0x12a/0x250 [ 295.422932][ T8058] ? __pfx_ksys_read+0x10/0x10 [ 295.422963][ T8058] do_syscall_64+0xcd/0x490 [ 295.422989][ T8058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.423018][ T8058] RIP: 0033:0x7fdb35d8e9a9 [ 295.423036][ T8058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.423058][ T8058] RSP: 002b:00007fdb36b27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 295.423079][ T8058] RAX: ffffffffffffffda RBX: 00007fdb35fb5fa0 RCX: 00007fdb35d8e9a9 [ 295.423094][ T8058] RDX: 00000000000000de RSI: 0000200000000300 RDI: 0000000000000003 [ 295.423108][ T8058] RBP: 00007fdb36b27090 R08: 0000000000000000 R09: 0000000000000000 [ 295.423122][ T8058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 295.423135][ T8058] R13: 0000000000000000 R14: 00007fdb35fb5fa0 R15: 00007fff495b9738 [ 295.423164][ T8058] [ 295.719370][ T8048] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 295.727247][ T8048] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 295.733435][ T8048] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 295.743950][ T8048] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 296.005899][ T8066] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 296.189259][ T8067] zram: Added device: zram3 [ 296.501189][ T8074] QAT: Stopping all acceleration devices. [ 296.507315][ T8072] QAT: Stopping all acceleration devices. [ 296.917338][ T8070] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 296.939294][ T8070] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 297.022593][ T8070] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 297.063561][ T8070] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 298.071889][ T8103] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input89 [ 298.342540][ T8105] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input90 [ 298.514061][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 298.990235][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 299.063747][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 299.153833][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 299.249016][ T8115] debugfs: Directory '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' with parent 'ieee80211' already present! [ 299.488496][ T8117] zram: Added device: zram4 [ 300.376741][ T8131] usb usb36: usbfs: process 8131 (syz.3.413) did not claim interface 0 before use [ 300.427548][ T8126] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 300.503928][ T8126] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 300.510046][ T8126] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 300.547190][ T8126] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 300.789060][ T8141] FAULT_INJECTION: forcing a failure. [ 300.789060][ T8141] name failslab, interval 1, probability 0, space 0, times 0 [ 300.815775][ T8141] CPU: 0 UID: 0 PID: 8141 Comm: syz.1.416 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 300.815820][ T8141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 300.815838][ T8141] Call Trace: [ 300.815848][ T8141] [ 300.815860][ T8141] dump_stack_lvl+0x16c/0x1f0 [ 300.815901][ T8141] should_fail_ex+0x512/0x640 [ 300.815933][ T8141] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 300.815970][ T8141] should_failslab+0xc2/0x120 [ 300.816007][ T8141] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 300.816048][ T8141] ? __pmd_alloc+0xbf/0x930 [ 300.816094][ T8141] __pmd_alloc+0xbf/0x930 [ 300.816134][ T8141] ? find_held_lock+0x2b/0x80 [ 300.816170][ T8141] __handle_mm_fault+0xaac/0x5490 [ 300.816229][ T8141] ? __pfx___handle_mm_fault+0x10/0x10 [ 300.816276][ T8141] ? __pfx_mt_find+0x10/0x10 [ 300.816328][ T8141] ? find_vma+0xbf/0x140 [ 300.816356][ T8141] ? __pfx_find_vma+0x10/0x10 [ 300.816386][ T8141] handle_mm_fault+0x589/0xd10 [ 300.816422][ T8141] ? __pkru_allows_pkey+0x51/0xb0 [ 300.816456][ T8141] do_user_addr_fault+0x7a6/0x1370 [ 300.816491][ T8141] ? rcu_is_watching+0x12/0xc0 [ 300.816521][ T8141] exc_page_fault+0x5c/0xb0 [ 300.816559][ T8141] asm_exc_page_fault+0x26/0x30 [ 300.816581][ T8141] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 300.816613][ T8141] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 4d 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 300.816634][ T8141] RSP: 0018:ffffc9000bb279b0 EFLAGS: 00050246 [ 300.816651][ T8141] RAX: 5f626c7465677568 RBX: 0000000000000008 RCX: 0000000000000008 [ 300.816665][ T8141] RDX: ffffed100b7c0404 RSI: ffff88805be02018 RDI: 0000000000000000 [ 300.816678][ T8141] RBP: 0000000000000008 R08: 0000000000000000 R09: ffffed100b7c0403 [ 300.816692][ T8141] R10: ffff88805be0201f R11: 0000000000000001 R12: 0000000000000000 [ 300.816705][ T8141] R13: ffffc9000bb27bc8 R14: ffff88805be02018 R15: 0000000000000000 [ 300.816733][ T8141] _copy_to_iter+0x4eb/0x16f0 [ 300.816767][ T8141] ? __pfx__copy_to_iter+0x10/0x10 [ 300.816792][ T8141] ? s_next+0x7f/0xb0 [ 300.816821][ T8141] ? traverse.part.0.constprop.0+0x2c5/0x640 [ 300.816865][ T8141] seq_read_iter+0x719/0x12c0 [ 300.816900][ T8141] ? aa_file_perm+0x4d6/0xfb0 [ 300.816928][ T8141] seq_read+0x39e/0x4e0 [ 300.816969][ T8141] ? __pfx_seq_read+0x10/0x10 [ 300.817007][ T8141] ? get_pid_task+0xfc/0x250 [ 300.817054][ T8141] ? __pfx_seq_read+0x10/0x10 [ 300.817086][ T8141] proc_reg_read+0x23d/0x330 [ 300.817109][ T8141] ? __pfx_proc_reg_read+0x10/0x10 [ 300.817132][ T8141] vfs_read+0x1e4/0xc60 [ 300.817158][ T8141] ? __pfx_vfs_read+0x10/0x10 [ 300.817176][ T8141] ? __pfx_vfs_write+0x10/0x10 [ 300.817197][ T8141] ? do_sys_openat2+0x157/0x1d0 [ 300.817227][ T8141] ? __pfx_do_sys_openat2+0x10/0x10 [ 300.817271][ T8141] __x64_sys_pread64+0x1eb/0x250 [ 300.817296][ T8141] ? __pfx___x64_sys_pread64+0x10/0x10 [ 300.817328][ T8141] do_syscall_64+0xcd/0x490 [ 300.817353][ T8141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.817374][ T8141] RIP: 0033:0x7fbf4a38e9a9 [ 300.817391][ T8141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 300.817412][ T8141] RSP: 002b:00007fbf4b289038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011 [ 300.817431][ T8141] RAX: ffffffffffffffda RBX: 00007fbf4a5b5fa0 RCX: 00007fbf4a38e9a9 [ 300.817445][ T8141] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000001 [ 300.817458][ T8141] RBP: 00007fbf4b289090 R08: 0000000000000000 R09: 0000000000000000 [ 300.817471][ T8141] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001 [ 300.817484][ T8141] R13: 0000000000000000 R14: 00007fbf4a5b5fa0 R15: 00007ffda32fefe8 [ 300.817512][ T8141] [ 301.825221][ T8156] QAT: Stopping all acceleration devices. [ 301.943747][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 302.176416][ T8167] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input91 [ 302.577295][ T8169] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input92 [ 302.593695][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 302.599826][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 302.599865][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 303.172860][ T8174] usb usb36: usbfs: process 8174 (syz.1.423) did not claim interface 0 before use [ 305.024288][ T30] audit: type=1800 audit(1753485159.430:2): pid=8193 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.428" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 305.103834][ T8187] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 305.137845][ T8187] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 305.163992][ T8187] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 305.230457][ T8187] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 305.690598][ T8209] input: jJǸ-¶š9ã%vø“û¨lÐQ  J8fi‘ as /devices/virtual/input/input93 [ 306.593732][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 306.645810][ T8218] random: crng reseeded on system resumption [ 307.188377][ T8215] usb usb36: usbfs: process 8215 (syz.3.433) did not claim interface 0 before use [ 307.223947][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 307.230485][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 307.303867][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 308.298966][ T30] audit: type=1800 audit(1753485162.780:3): pid=8240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.438" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 311.287208][ T8277] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 311.304014][ T8277] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 311.345459][ T8277] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 311.363921][ T8277] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 311.797129][ T8288] input: jJǸ-¶š9ã%vø“û¨lÐQ  J8fi‘ as /devices/virtual/input/input95 [ 312.293745][ T8305] FAULT_INJECTION: forcing a failure. [ 312.293745][ T8305] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 312.308986][ T8305] CPU: 1 UID: 0 PID: 8305 Comm: syz.2.453 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 312.309027][ T8305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 312.309054][ T8305] Call Trace: [ 312.309064][ T8305] [ 312.309075][ T8305] dump_stack_lvl+0x16c/0x1f0 [ 312.309112][ T8305] should_fail_ex+0x512/0x640 [ 312.309151][ T8305] _copy_to_user+0x32/0xd0 [ 312.309190][ T8305] simple_read_from_buffer+0xcb/0x170 [ 312.309241][ T8305] proc_fail_nth_read+0x197/0x270 [ 312.309294][ T8305] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 312.309342][ T8305] ? rw_verify_area+0xcf/0x680 [ 312.309387][ T8305] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 312.309431][ T8305] vfs_read+0x1e4/0xc60 [ 312.309465][ T8305] ? __pfx___mutex_lock+0x10/0x10 [ 312.309498][ T8305] ? __pfx_vfs_read+0x10/0x10 [ 312.309539][ T8305] ? __fget_files+0x20e/0x3c0 [ 312.309600][ T8305] ksys_read+0x12a/0x250 [ 312.309629][ T8305] ? __pfx_ksys_read+0x10/0x10 [ 312.309671][ T8305] do_syscall_64+0xcd/0x490 [ 312.309707][ T8305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.309738][ T8305] RIP: 0033:0x7f66c838d3bc [ 312.309763][ T8305] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 312.309791][ T8305] RSP: 002b:00007f66c9133030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 312.309819][ T8305] RAX: ffffffffffffffda RBX: 00007f66c85b5fa0 RCX: 00007f66c838d3bc [ 312.309839][ T8305] RDX: 000000000000000f RSI: 00007f66c91330a0 RDI: 0000000000000005 [ 312.309858][ T8305] RBP: 00007f66c9133090 R08: 0000000000000000 R09: 0000000000000000 [ 312.309876][ T8305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 312.309895][ T8305] R13: 0000000000000000 R14: 00007f66c85b5fa0 R15: 00007ffe623f2858 [ 312.309934][ T8305] [ 312.823856][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 313.433711][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 313.433761][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 313.439786][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 313.800187][ T8325] netlink: 4 bytes leftover after parsing attributes in process `syz.3.457'. [ 313.965346][ T8325] netlink: 'syz.3.457': attribute type 1 has an invalid length. [ 314.074963][ T8325] netlink: 13 bytes leftover after parsing attributes in process `syz.3.457'. [ 314.473230][ T8320] random: crng reseeded on system resumption [ 316.871034][ T8364] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input97 [ 317.283878][ T8369] sp0: Synchronizing with TNC [ 317.701045][ T8365] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input98 [ 318.326986][ T8378] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input99 [ 318.460457][ T8375] futex_wake_op: syz.1.467 tries to shift op by -2048; fix this program [ 318.488305][ T8375] futex_wake_op: syz.1.467 tries to shift op by -2048; fix this program [ 318.728592][ T8381] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input100 [ 319.744748][ T8398] netlink: 4 bytes leftover after parsing attributes in process `syz.2.474'. [ 319.779974][ T8398] netlink: 'syz.2.474': attribute type 1 has an invalid length. [ 319.808305][ T8398] netlink: 13 bytes leftover after parsing attributes in process `syz.2.474'. [ 319.821178][ T8396] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input101 [ 320.382443][ T8400] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input102 [ 320.433236][ T8408] QAT: Stopping all acceleration devices. [ 320.652969][ T8407] random: crng reseeded on system resumption [ 322.467559][ T8428] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input103 [ 322.688462][ T8423] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 322.724075][ T8423] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 322.730276][ T8423] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 322.856763][ T8423] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 323.890836][ T8435] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input104 [ 324.263810][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 324.823821][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 324.830332][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 324.903701][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 325.601968][ T8470] netlink: 4 bytes leftover after parsing attributes in process `syz.3.488'. [ 325.654578][ T8470] netlink: 13 bytes leftover after parsing attributes in process `syz.3.488'. [ 327.267566][ T8488] can: request_module (can-proto-3) failed. [ 327.548060][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.554489][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.819302][ T8495] FAULT_INJECTION: forcing a failure. [ 327.819302][ T8495] name failslab, interval 1, probability 0, space 0, times 0 [ 327.867847][ T8495] CPU: 1 UID: 0 PID: 8495 Comm: syz.3.493 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 327.867895][ T8495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 327.867925][ T8495] Call Trace: [ 327.867937][ T8495] [ 327.867949][ T8495] dump_stack_lvl+0x16c/0x1f0 [ 327.867989][ T8495] should_fail_ex+0x512/0x640 [ 327.868022][ T8495] ? __kvmalloc_node_noprof+0x124/0x620 [ 327.868084][ T8495] should_failslab+0xc2/0x120 [ 327.868123][ T8495] __kvmalloc_node_noprof+0x137/0x620 [ 327.868196][ T8495] ? lockdep_init_map_type+0x5c/0x280 [ 327.868247][ T8495] ? open_substream+0x30c/0x9b0 [ 327.868302][ T8495] ? open_substream+0x30c/0x9b0 [ 327.868357][ T8495] ? open_substream+0x19a/0x9b0 [ 327.868399][ T8495] open_substream+0x30c/0x9b0 [ 327.868460][ T8495] ? lockdep_hardirqs_on+0x7c/0x110 [ 327.868497][ T8495] rawmidi_open_priv+0x543/0x6e0 [ 327.868558][ T8495] snd_rawmidi_open+0x4cc/0xbf0 [ 327.868619][ T8495] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 327.868675][ T8495] ? __pfx_default_wake_function+0x10/0x10 [ 327.868718][ T8495] ? kobject_get_unless_zero+0x156/0x1e0 [ 327.868763][ T8495] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 327.868816][ T8495] snd_open+0x1fe/0x450 [ 327.868856][ T8495] ? __pfx_snd_open+0x10/0x10 [ 327.868895][ T8495] chrdev_open+0x231/0x6a0 [ 327.868940][ T8495] ? __pfx_apparmor_file_open+0x10/0x10 [ 327.868994][ T8495] ? __pfx_chrdev_open+0x10/0x10 [ 327.869036][ T8495] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 327.869099][ T8495] do_dentry_open+0x744/0x1c10 [ 327.869136][ T8495] ? __pfx_chrdev_open+0x10/0x10 [ 327.869186][ T8495] vfs_open+0x82/0x3f0 [ 327.869237][ T8495] path_openat+0x1de4/0x2cb0 [ 327.869285][ T8495] ? __pfx_path_openat+0x10/0x10 [ 327.869322][ T8495] ? __lock_acquire+0xb8a/0x1c90 [ 327.869375][ T8495] do_filp_open+0x20b/0x470 [ 327.869409][ T8495] ? __pfx_do_filp_open+0x10/0x10 [ 327.869475][ T8495] ? alloc_fd+0x471/0x7d0 [ 327.869542][ T8495] do_sys_openat2+0x11b/0x1d0 [ 327.869589][ T8495] ? __pfx_do_sys_openat2+0x10/0x10 [ 327.869632][ T8495] ? __fget_files+0x204/0x3c0 [ 327.869701][ T8495] __x64_sys_openat+0x174/0x210 [ 327.869749][ T8495] ? __pfx___x64_sys_openat+0x10/0x10 [ 327.869815][ T8495] do_syscall_64+0xcd/0x490 [ 327.869854][ T8495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.869889][ T8495] RIP: 0033:0x7fdb35d8e9a9 [ 327.869924][ T8495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 327.869957][ T8495] RSP: 002b:00007fdb33bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 327.869990][ T8495] RAX: ffffffffffffffda RBX: 00007fdb35fb6080 RCX: 00007fdb35d8e9a9 [ 327.870013][ T8495] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 327.870034][ T8495] RBP: 00007fdb35e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 327.870054][ T8495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 327.870075][ T8495] R13: 0000000000000000 R14: 00007fdb35fb6080 R15: 00007fff495b9738 [ 327.870118][ T8495] [ 328.587735][ T8493] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 328.587970][ T8493] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 328.596482][ T8493] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 328.596668][ T8493] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 329.604084][ T8517] QAT: Stopping all acceleration devices. [ 330.009559][ T8512] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 330.034226][ T8512] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 330.064098][ T8519] usb usb36: usbfs: process 8519 (syz.3.498) did not claim interface 0 before use [ 330.069503][ T8512] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 330.115221][ T8512] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 331.629586][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 332.104475][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 332.104484][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 332.128778][ T8558] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input105 [ 332.196633][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 332.408727][ T8559] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input106 [ 333.153799][ T8557] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input107 [ 333.177788][ T8569] netlink: 4 bytes leftover after parsing attributes in process `syz.2.506'. [ 333.204098][ T8569] netlink: 13 bytes leftover after parsing attributes in process `syz.2.506'. [ 334.372444][ T8562] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input108 [ 334.557091][ T8566] FAULT_INJECTION: forcing a failure. [ 334.557091][ T8566] name failslab, interval 1, probability 0, space 0, times 0 [ 334.573140][ T8566] CPU: 1 UID: 0 PID: 8566 Comm: syz.3.505 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 334.573186][ T8566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 334.573206][ T8566] Call Trace: [ 334.573217][ T8566] [ 334.573230][ T8566] dump_stack_lvl+0x16c/0x1f0 [ 334.573270][ T8566] should_fail_ex+0x512/0x640 [ 334.573304][ T8566] ? __kmalloc_noprof+0xbf/0x510 [ 334.573341][ T8566] ? constrain_params_by_rules+0x175/0xca0 [ 334.573387][ T8566] should_failslab+0xc2/0x120 [ 334.573427][ T8566] __kmalloc_noprof+0xd2/0x510 [ 334.573458][ T8566] ? unwind_get_return_address+0x59/0xa0 [ 334.573513][ T8566] ? arch_stack_walk+0xa6/0x100 [ 334.573550][ T8566] constrain_params_by_rules+0x175/0xca0 [ 334.573608][ T8566] ? stack_trace_save+0x8e/0xc0 [ 334.573648][ T8566] ? stack_depot_save_flags+0x28/0xa40 [ 334.573685][ T8566] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 334.573728][ T8566] ? kfree+0x2b4/0x4d0 [ 334.573771][ T8566] ? snd_pcm_hw_param_near.constprop.0+0x72f/0x8e0 [ 334.573825][ T8566] ? __kasan_kmalloc+0xaa/0xb0 [ 334.573855][ T8566] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0 [ 334.573898][ T8566] ? snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 334.573942][ T8566] ? snd_pcm_oss_make_ready+0xe6/0x1b0 [ 334.574000][ T8566] ? snd_interval_refine+0x2fa/0x580 [ 334.574036][ T8566] snd_pcm_hw_refine+0x7de/0xad0 [ 334.574109][ T8566] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 334.574169][ T8566] ? _snd_pcm_hw_param_min+0x259/0x630 [ 334.574215][ T8566] snd_pcm_hw_param_near.constprop.0+0x58a/0x8e0 [ 334.574303][ T8566] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 334.574352][ T8566] ? __asan_memset+0x23/0x50 [ 334.574401][ T8566] ? calc_src_frames.isra.0+0x187/0x1d0 [ 334.574457][ T8566] snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 334.574524][ T8566] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 334.574575][ T8566] ? __pfx___mutex_lock+0x10/0x10 [ 334.574639][ T8566] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 334.574687][ T8566] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 334.574732][ T8566] snd_pcm_oss_sync+0x1de/0x840 [ 334.574782][ T8566] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 334.574828][ T8566] snd_pcm_oss_release+0x28b/0x310 [ 334.574876][ T8566] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 334.574920][ T8566] __fput+0x402/0xb70 [ 334.574970][ T8566] task_work_run+0x14d/0x240 [ 334.575025][ T8566] ? __pfx_task_work_run+0x10/0x10 [ 334.575087][ T8566] ? __pfx___do_sys_close_range+0x10/0x10 [ 334.575131][ T8566] exit_to_user_mode_loop+0xeb/0x110 [ 334.575188][ T8566] do_syscall_64+0x3f6/0x490 [ 334.575227][ T8566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.575260][ T8566] RIP: 0033:0x7fdb35d8e9a9 [ 334.575286][ T8566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 334.575318][ T8566] RSP: 002b:00007fdb36b27038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 334.575349][ T8566] RAX: 0000000000000000 RBX: 00007fdb35fb5fa0 RCX: 00007fdb35d8e9a9 [ 334.575370][ T8566] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 334.575391][ T8566] RBP: 00007fdb35e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 334.575428][ T8566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.575447][ T8566] R13: 0000000000000000 R14: 00007fdb35fb5fa0 R15: 00007fff495b9738 [ 334.575488][ T8566] [ 335.458087][ T8581] QAT: Stopping all acceleration devices. [ 335.585759][ T8579] usb usb36: usbfs: process 8579 (syz.1.509) did not claim interface 0 before use [ 337.293023][ T5852] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 338.695575][ T8606] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 338.701613][ T8606] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 338.729396][ T8606] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 338.744114][ T8606] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 338.752988][ T8606] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 339.146724][ T8599] kexec: Could not allocate control_code_buffer [ 340.031001][ T8622] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 340.077259][ T8622] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 340.098712][ T8622] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 340.136299][ T8622] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 341.383756][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 341.583024][ T8654] usb usb36: usbfs: process 8654 (syz.2.521) did not claim interface 0 before use [ 342.106506][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 342.106546][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 342.183786][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 342.471005][ T8665] netlink: 4 bytes leftover after parsing attributes in process `syz.0.525'. [ 342.523226][ T8665] netlink: 13 bytes leftover after parsing attributes in process `syz.0.525'. [ 343.464295][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 343.684938][ T8667] FAULT_INJECTION: forcing a failure. [ 343.684938][ T8667] name failslab, interval 1, probability 0, space 0, times 0 [ 343.824018][ T8667] CPU: 1 UID: 0 PID: 8667 Comm: syz.2.532 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 343.824065][ T8667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 343.824084][ T8667] Call Trace: [ 343.824095][ T8667] [ 343.824108][ T8667] dump_stack_lvl+0x16c/0x1f0 [ 343.824147][ T8667] should_fail_ex+0x512/0x640 [ 343.824180][ T8667] ? __kmalloc_noprof+0xbf/0x510 [ 343.824216][ T8667] ? constrain_params_by_rules+0x175/0xca0 [ 343.824293][ T8667] should_failslab+0xc2/0x120 [ 343.824333][ T8667] __kmalloc_noprof+0xd2/0x510 [ 343.824364][ T8667] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 343.824414][ T8667] constrain_params_by_rules+0x175/0xca0 [ 343.824461][ T8667] ? arch_stack_walk+0xa6/0x100 [ 343.824506][ T8667] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 343.824555][ T8667] ? stack_trace_save+0x8e/0xc0 [ 343.824593][ T8667] ? __pfx_stack_trace_save+0x10/0x10 [ 343.824637][ T8667] ? stack_trace_save+0x8e/0xc0 [ 343.824684][ T8667] ? snd_pcm_oss_change_params_locked+0x9cd/0x3a30 [ 343.824730][ T8667] ? snd_pcm_oss_make_ready+0xe6/0x1b0 [ 343.824773][ T8667] ? snd_pcm_oss_sync+0x1de/0x840 [ 343.824815][ T8667] ? snd_pcm_oss_release+0x28b/0x310 [ 343.824858][ T8667] ? __fput+0x402/0xb70 [ 343.824895][ T8667] ? task_work_run+0x14d/0x240 [ 343.824944][ T8667] ? snd_interval_refine+0x2fa/0x580 [ 343.824982][ T8667] snd_pcm_hw_refine+0x7de/0xad0 [ 343.825041][ T8667] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 343.825116][ T8667] snd_pcm_hw_param_first+0x334/0x6f0 [ 343.825169][ T8667] snd_pcm_hw_param_near.constprop.0+0x702/0x8e0 [ 343.825223][ T8667] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 343.825280][ T8667] ? snd_pcm_oss_change_params_locked+0x958/0x3a30 [ 343.825336][ T8667] snd_pcm_oss_change_params_locked+0x9cd/0x3a30 [ 343.825389][ T8667] ? rcu_watching_snap_stopped_since+0xb7/0x110 [ 343.825443][ T8667] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 343.825494][ T8667] ? __pfx___mutex_lock+0x10/0x10 [ 343.825559][ T8667] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 343.825607][ T8667] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 343.825652][ T8667] snd_pcm_oss_sync+0x1de/0x840 [ 343.825703][ T8667] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 343.825749][ T8667] snd_pcm_oss_release+0x28b/0x310 [ 343.825797][ T8667] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 343.825852][ T8667] __fput+0x402/0xb70 [ 343.825902][ T8667] task_work_run+0x14d/0x240 [ 343.825957][ T8667] ? __pfx_task_work_run+0x10/0x10 [ 343.826011][ T8667] ? __pfx___do_sys_close_range+0x10/0x10 [ 343.826055][ T8667] exit_to_user_mode_loop+0xeb/0x110 [ 343.826112][ T8667] do_syscall_64+0x3f6/0x490 [ 343.826150][ T8667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.826183][ T8667] RIP: 0033:0x7f66c838e9a9 [ 343.826210][ T8667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.826242][ T8667] RSP: 002b:00007f66c9112038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 343.826283][ T8667] RAX: 0000000000000000 RBX: 00007f66c85b6080 RCX: 00007f66c838e9a9 [ 343.826304][ T8667] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 343.826324][ T8667] RBP: 00007f66c8410d69 R08: 0000000000000000 R09: 0000000000000000 [ 343.826344][ T8667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 343.826363][ T8667] R13: 0000000000000000 R14: 00007f66c85b6080 R15: 00007ffe623f2858 [ 343.826407][ T8667] [ 346.505844][ T8703] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input109 [ 346.609951][ T8700] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 346.616331][ T8700] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 346.622608][ T8700] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 346.630382][ T8700] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 347.167243][ T8715] FAULT_INJECTION: forcing a failure. [ 347.167243][ T8715] name failslab, interval 1, probability 0, space 0, times 0 [ 347.180641][ T8715] CPU: 0 UID: 0 PID: 8715 Comm: syz.2.534 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 347.180685][ T8715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 347.180705][ T8715] Call Trace: [ 347.180716][ T8715] [ 347.180728][ T8715] dump_stack_lvl+0x16c/0x1f0 [ 347.180767][ T8715] should_fail_ex+0x512/0x640 [ 347.180798][ T8715] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 347.180841][ T8715] should_failslab+0xc2/0x120 [ 347.180878][ T8715] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 347.180916][ T8715] ? bonding_sysfs_store_option+0x67/0x120 [ 347.180968][ T8715] kstrndup+0x6d/0x160 [ 347.181009][ T8715] ? __pfx_bonding_sysfs_store_option+0x10/0x10 [ 347.181053][ T8715] bonding_sysfs_store_option+0x67/0x120 [ 347.181102][ T8715] dev_attr_store+0x58/0x80 [ 347.181140][ T8715] ? __pfx_dev_attr_store+0x10/0x10 [ 347.181179][ T8715] sysfs_kf_write+0xf2/0x150 [ 347.181229][ T8715] kernfs_fop_write_iter+0x354/0x510 [ 347.181270][ T8715] ? __pfx_sysfs_kf_write+0x10/0x10 [ 347.181322][ T8715] do_iter_readv_writev+0x657/0x950 [ 347.181379][ T8715] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 347.181455][ T8715] vfs_writev+0x35f/0xde0 [ 347.181520][ T8715] ? __pfx_vfs_writev+0x10/0x10 [ 347.181607][ T8715] ? __fget_files+0x20e/0x3c0 [ 347.181673][ T8715] ? do_pwritev+0x1a6/0x270 [ 347.181724][ T8715] do_pwritev+0x1a6/0x270 [ 347.181776][ T8715] ? __pfx_do_pwritev+0x10/0x10 [ 347.181843][ T8715] do_syscall_64+0xcd/0x490 [ 347.181881][ T8715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.181913][ T8715] RIP: 0033:0x7f66c838e9a9 [ 347.181938][ T8715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.181968][ T8715] RSP: 002b:00007f66c9112038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 347.182007][ T8715] RAX: ffffffffffffffda RBX: 00007f66c85b6080 RCX: 00007f66c838e9a9 [ 347.182030][ T8715] RDX: 0000000000000005 RSI: 0000200000001000 RDI: 0000000000000003 [ 347.182050][ T8715] RBP: 00007f66c8410d69 R08: 0000000000000009 R09: 0000000000000000 [ 347.182070][ T8715] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 347.182089][ T8715] R13: 0000000000000000 R14: 00007f66c85b6080 R15: 00007ffe623f2858 [ 347.182132][ T8715] [ 347.535613][ T8704] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input110 [ 348.104128][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 348.419426][ T8728] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input111 [ 348.668482][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 348.674610][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 348.680645][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 348.906793][ T8729] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input112 [ 349.183380][ T8735] netlink: zone id is out of range [ 349.223308][ T8735] netlink: zone id is out of range [ 349.293847][ T8735] netlink: zone id is out of range [ 349.305911][ T8738] can: request_module (can-proto-0) failed. [ 349.328291][ T8735] netlink: zone id is out of range [ 349.333498][ T8735] netlink: zone id is out of range [ 349.378196][ T8735] netlink: zone id is out of range [ 349.383466][ T8735] netlink: zone id is out of range [ 349.410635][ T8735] netlink: zone id is out of range [ 349.420796][ T8735] netlink: zone id is out of range [ 349.432042][ T8735] netlink: zone id is out of range [ 349.485805][ T8737] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input113 [ 350.068067][ T8750] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input114 [ 350.788508][ T8747] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 350.806923][ T8747] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 350.834525][ T8747] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 350.851543][ T8747] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 351.058495][ T8763] netlink: 4 bytes leftover after parsing attributes in process `syz.0.545'. [ 351.087273][ T8763] netlink: 'syz.0.545': attribute type 1 has an invalid length. [ 351.095282][ T8763] netlink: 13 bytes leftover after parsing attributes in process `syz.0.545'. [ 351.121239][ T8765] QAT: Device 0 not found [ 351.381000][ T8771] netlink: 4 bytes leftover after parsing attributes in process `syz.3.547'. [ 351.391353][ T8771] netlink: 13 bytes leftover after parsing attributes in process `syz.3.547'. [ 351.449396][ T8769] netlink: 4 bytes leftover after parsing attributes in process `syz.0.556'. [ 351.467626][ T8769] netlink: 'syz.0.556': attribute type 1 has an invalid length. [ 351.511713][ T8769] netlink: 13 bytes leftover after parsing attributes in process `syz.0.556'. [ 351.912994][ T8780] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input115 [ 352.105686][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 352.369066][ T8781] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input116 [ 352.829477][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 352.904119][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 352.904140][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 353.245832][ T8798] usb usb36: usbfs: process 8798 (syz.3.553) did not claim interface 0 before use [ 353.748626][ T8809] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input117 [ 354.120207][ T8812] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input118 [ 354.623154][ T8787] kexec: Could not allocate control_code_buffer [ 354.683481][ T8817] netlink: 4 bytes leftover after parsing attributes in process `syz.1.558'. [ 354.735894][ T8817] netlink: 'syz.1.558': attribute type 1 has an invalid length. [ 354.763464][ T8817] netlink: 13 bytes leftover after parsing attributes in process `syz.1.558'. [ 354.785785][ T8821] netlink: 4 bytes leftover after parsing attributes in process `syz.3.560'. [ 354.820676][ T8821] netlink: 'syz.3.560': attribute type 1 has an invalid length. [ 354.838008][ T8821] netlink: 13 bytes leftover after parsing attributes in process `syz.3.560'. [ 355.028120][ T8824] QAT: Stopping all acceleration devices. [ 355.400504][ T8831] usb usb36: usbfs: process 8831 (syz.0.565) did not claim interface 0 before use [ 356.529858][ T8857] QAT: Stopping all acceleration devices. [ 357.140766][ T8870] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input119 [ 357.533377][ T8876] netlink: 4 bytes leftover after parsing attributes in process `syz.2.570'. [ 357.564625][ T8876] netlink: 'syz.2.570': attribute type 1 has an invalid length. [ 357.573737][ T8876] netlink: 13 bytes leftover after parsing attributes in process `syz.2.570'. [ 357.708830][ T8871] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input120 [ 358.312654][ T8885] FAULT_INJECTION: forcing a failure. [ 358.312654][ T8885] name failslab, interval 1, probability 0, space 0, times 0 [ 358.384205][ T8869] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input121 [ 358.423374][ T8885] CPU: 1 UID: 0 PID: 8885 Comm: syz.1.572 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 358.423422][ T8885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 358.423442][ T8885] Call Trace: [ 358.423452][ T8885] [ 358.423464][ T8885] dump_stack_lvl+0x16c/0x1f0 [ 358.423504][ T8885] should_fail_ex+0x512/0x640 [ 358.423538][ T8885] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 358.423588][ T8885] should_failslab+0xc2/0x120 [ 358.423628][ T8885] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 358.423669][ T8885] ? __kthread_create_on_node+0x186/0x3f0 [ 358.423720][ T8885] kvasprintf+0xbc/0x160 [ 358.423757][ T8885] ? __pfx_kvasprintf+0x10/0x10 [ 358.423810][ T8885] ? __pfx_worker_thread+0x10/0x10 [ 358.423861][ T8885] __kthread_create_on_node+0x186/0x3f0 [ 358.423908][ T8885] ? __pfx___kthread_create_on_node+0x10/0x10 [ 358.423977][ T8885] ? __pfx_worker_thread+0x10/0x10 [ 358.424033][ T8885] kthread_create_on_node+0xc7/0x100 [ 358.424078][ T8885] ? __pfx_kthread_create_on_node+0x10/0x10 [ 358.424159][ T8885] create_worker+0x416/0x7e0 [ 358.424212][ T8885] ? __pfx_create_worker+0x10/0x10 [ 358.424259][ T8885] ? idr_alloc+0xdd/0x130 [ 358.424332][ T8885] alloc_unbound_pwq+0xb94/0xe10 [ 358.424375][ T8885] ? kasan_save_track+0x14/0x30 [ 358.424414][ T8885] apply_wqattrs_prepare+0x3af/0xbd0 [ 358.424470][ T8885] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 358.424516][ T8885] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 358.424557][ T8885] ? bitmap_parse+0x327/0x410 [ 358.424611][ T8885] cpumask_store+0x1ad/0x220 [ 358.424648][ T8885] ? __pfx_cpumask_store+0x10/0x10 [ 358.424686][ T8885] ? find_held_lock+0x2b/0x80 [ 358.424723][ T8885] ? sysfs_file_kobj+0xe4/0x290 [ 358.424774][ T8885] ? __pfx_cpumask_store+0x10/0x10 [ 358.424809][ T8885] dev_attr_store+0x58/0x80 [ 358.424851][ T8885] ? __pfx_dev_attr_store+0x10/0x10 [ 358.424894][ T8885] sysfs_kf_write+0xf2/0x150 [ 358.424946][ T8885] kernfs_fop_write_iter+0x354/0x510 [ 358.424988][ T8885] ? __pfx_sysfs_kf_write+0x10/0x10 [ 358.425042][ T8885] vfs_write+0x6c4/0x1150 [ 358.425076][ T8885] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 358.425123][ T8885] ? __pfx___mutex_lock+0x10/0x10 [ 358.425165][ T8885] ? __pfx_vfs_write+0x10/0x10 [ 358.425228][ T8885] ksys_write+0x12a/0x250 [ 358.425261][ T8885] ? __pfx_ksys_write+0x10/0x10 [ 358.425308][ T8885] do_syscall_64+0xcd/0x490 [ 358.425366][ T8885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.425400][ T8885] RIP: 0033:0x7fbf4a38e9a9 [ 358.425428][ T8885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 358.425459][ T8885] RSP: 002b:00007fbf4b268038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 358.425490][ T8885] RAX: ffffffffffffffda RBX: 00007fbf4a5b6080 RCX: 00007fbf4a38e9a9 [ 358.425512][ T8885] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 358.425532][ T8885] RBP: 00007fbf4a410d69 R08: 0000000000000000 R09: 0000000000000000 [ 358.425552][ T8885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 358.425572][ T8885] R13: 0000000000000000 R14: 00007fbf4a5b6080 R15: 00007ffda32fefe8 [ 358.425617][ T8885] [ 358.739751][ C1] vkms_vblank_simulate: vblank timer overrun [ 358.785556][ T8885] workqueue: Failed to create a worker thread: -ENOMEM [ 359.356866][ T8897] FAULT_INJECTION: forcing a failure. [ 359.356866][ T8897] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 359.417997][ T8897] CPU: 1 UID: 0 PID: 8897 Comm: syz.0.573 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 359.418042][ T8897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 359.418056][ T8897] Call Trace: [ 359.418063][ T8897] [ 359.418072][ T8897] dump_stack_lvl+0x16c/0x1f0 [ 359.418108][ T8897] should_fail_ex+0x512/0x640 [ 359.418136][ T8897] should_fail_alloc_page+0xe7/0x130 [ 359.418167][ T8897] prepare_alloc_pages+0x3c2/0x610 [ 359.418206][ T8897] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 359.418235][ T8897] ? stack_trace_save+0x8e/0xc0 [ 359.418263][ T8897] ? __pfx_stack_trace_save+0x10/0x10 [ 359.418289][ T8897] ? stack_depot_save_flags+0x28/0xa40 [ 359.418320][ T8897] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 359.418344][ T8897] ? kasan_save_stack+0x42/0x60 [ 359.418366][ T8897] ? kasan_save_track+0x14/0x30 [ 359.418388][ T8897] ? snd_pcm_attach_substream+0x441/0xd60 [ 359.418426][ T8897] ? snd_pcm_open_substream+0x8d/0x17f0 [ 359.418464][ T8897] ? snd_pcm_oss_open+0x735/0x1400 [ 359.418492][ T8897] ? soundcore_open+0x409/0x580 [ 359.418515][ T8897] ? chrdev_open+0x231/0x6a0 [ 359.418539][ T8897] ? do_dentry_open+0x744/0x1c10 [ 359.418561][ T8897] ? vfs_open+0x82/0x3f0 [ 359.418592][ T8897] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.418624][ T8897] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 359.418662][ T8897] ? policy_nodemask+0xea/0x4e0 [ 359.418701][ T8897] alloc_pages_mpol+0x1fb/0x550 [ 359.418742][ T8897] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 359.418795][ T8897] alloc_pages_noprof+0x131/0x390 [ 359.418824][ T8897] alloc_pages_exact_noprof+0x37/0xe0 [ 359.418862][ T8897] snd_pcm_attach_substream+0x468/0xd60 [ 359.418908][ T8897] snd_pcm_open_substream+0x8d/0x17f0 [ 359.418947][ T8897] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 359.418983][ T8897] ? lockdep_init_map_type+0x5c/0x280 [ 359.419019][ T8897] ? lockdep_init_map_type+0x5c/0x280 [ 359.419057][ T8897] snd_pcm_oss_open+0x735/0x1400 [ 359.419110][ T8897] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 359.419143][ T8897] ? __lock_acquire+0xb8a/0x1c90 [ 359.419177][ T8897] ? __pfx_default_wake_function+0x10/0x10 [ 359.419206][ T8897] ? __lock_acquire+0xb8a/0x1c90 [ 359.419245][ T8897] ? do_raw_spin_lock+0x12c/0x2b0 [ 359.419289][ T8897] ? soundcore_open+0x35a/0x580 [ 359.419316][ T8897] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 359.419348][ T8897] soundcore_open+0x409/0x580 [ 359.419376][ T8897] ? __pfx_soundcore_open+0x10/0x10 [ 359.419402][ T8897] chrdev_open+0x231/0x6a0 [ 359.419426][ T8897] ? __pfx_apparmor_file_open+0x10/0x10 [ 359.419463][ T8897] ? __pfx_chrdev_open+0x10/0x10 [ 359.419491][ T8897] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 359.419534][ T8897] do_dentry_open+0x744/0x1c10 [ 359.419559][ T8897] ? __pfx_chrdev_open+0x10/0x10 [ 359.419591][ T8897] vfs_open+0x82/0x3f0 [ 359.419626][ T8897] path_openat+0x1de4/0x2cb0 [ 359.419658][ T8897] ? __pfx_path_openat+0x10/0x10 [ 359.419683][ T8897] ? __lock_acquire+0xb8a/0x1c90 [ 359.419719][ T8897] do_filp_open+0x20b/0x470 [ 359.419742][ T8897] ? __pfx_do_filp_open+0x10/0x10 [ 359.419786][ T8897] ? alloc_fd+0x471/0x7d0 [ 359.419832][ T8897] do_sys_openat2+0x11b/0x1d0 [ 359.419863][ T8897] ? __pfx_do_sys_openat2+0x10/0x10 [ 359.419897][ T8897] ? __pfx___might_resched+0x10/0x10 [ 359.419930][ T8897] __x64_sys_openat+0x174/0x210 [ 359.419963][ T8897] ? __pfx___x64_sys_openat+0x10/0x10 [ 359.420008][ T8897] do_syscall_64+0xcd/0x490 [ 359.420035][ T8897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.420059][ T8897] RIP: 0033:0x7f656638e9a9 [ 359.420077][ T8897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.420105][ T8897] RSP: 002b:00007f6567175038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 359.420127][ T8897] RAX: ffffffffffffffda RBX: 00007f65665b6080 RCX: 00007f656638e9a9 [ 359.420143][ T8897] RDX: 0000000000000102 RSI: 0000200000004000 RDI: ffffffffffffff9c [ 359.420157][ T8897] RBP: 00007f6566410d69 R08: 0000000000000000 R09: 0000000000000000 [ 359.420172][ T8897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.420185][ T8897] R13: 0000000000000000 R14: 00007f65665b6080 R15: 00007fff9a5aca18 [ 359.420215][ T8897] [ 359.835570][ C1] vkms_vblank_simulate: vblank timer overrun [ 360.318560][ T8872] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input122 [ 360.325118][ T8900] QAT: Device 0 not found [ 360.912815][ T8918] FAULT_INJECTION: forcing a failure. [ 360.912815][ T8918] name failslab, interval 1, probability 0, space 0, times 0 [ 361.019860][ T8918] CPU: 0 UID: 0 PID: 8918 Comm: syz.1.577 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 361.019907][ T8918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 361.019926][ T8918] Call Trace: [ 361.019936][ T8918] [ 361.019949][ T8918] dump_stack_lvl+0x16c/0x1f0 [ 361.019988][ T8918] should_fail_ex+0x512/0x640 [ 361.020022][ T8918] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 361.020067][ T8918] should_failslab+0xc2/0x120 [ 361.020107][ T8918] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 361.020152][ T8918] ? kasprintf+0xc7/0x100 [ 361.020198][ T8918] kvasprintf+0xbc/0x160 [ 361.020238][ T8918] ? __pfx_kvasprintf+0x10/0x10 [ 361.020312][ T8918] kasprintf+0xc7/0x100 [ 361.020365][ T8918] ? __pfx_kasprintf+0x10/0x10 [ 361.020408][ T8918] ? __is_module_percpu_address+0x1e0/0x440 [ 361.020472][ T8918] alloc_workqueue+0x114/0x200 [ 361.020516][ T8918] ? __pfx_alloc_workqueue+0x10/0x10 [ 361.020567][ T8918] ? rcu_is_watching+0x12/0xc0 [ 361.020603][ T8918] ? trace_kmalloc+0x2b/0xd0 [ 361.020645][ T8918] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 361.020705][ T8918] ieee80211_register_hw+0x1e92/0x4140 [ 361.020774][ T8918] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 361.020825][ T8918] ? find_held_lock+0x2b/0x80 [ 361.020862][ T8918] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 361.020916][ T8918] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 361.020963][ T8918] ? __hrtimer_setup+0x176/0x280 [ 361.021021][ T8918] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 361.021084][ T8918] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 361.021136][ T8918] hwsim_new_radio_nl+0xb51/0x12c0 [ 361.021177][ T8918] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 361.021227][ T8918] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 361.021279][ T8918] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 361.021338][ T8918] genl_family_rcv_msg_doit+0x209/0x2f0 [ 361.021390][ T8918] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 361.021440][ T8918] ? trace_cap_capable+0x18d/0x200 [ 361.021492][ T8918] ? bpf_lsm_capable+0x9/0x10 [ 361.021541][ T8918] ? security_capable+0x7e/0x260 [ 361.021582][ T8918] ? ns_capable+0xd7/0x110 [ 361.021622][ T8918] genl_rcv_msg+0x55c/0x800 [ 361.021674][ T8918] ? __pfx_genl_rcv_msg+0x10/0x10 [ 361.021725][ T8918] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 361.021786][ T8918] netlink_rcv_skb+0x158/0x420 [ 361.021829][ T8918] ? __pfx_genl_rcv_msg+0x10/0x10 [ 361.021880][ T8918] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 361.021952][ T8918] genl_rcv+0x28/0x40 [ 361.021994][ T8918] netlink_unicast+0x58a/0x850 [ 361.022043][ T8918] ? __pfx_netlink_unicast+0x10/0x10 [ 361.022097][ T8918] netlink_sendmsg+0x8d1/0xdd0 [ 361.022146][ T8918] ? __pfx_netlink_sendmsg+0x10/0x10 [ 361.022205][ T8918] ____sys_sendmsg+0xa95/0xc70 [ 361.022253][ T8918] ? copy_msghdr_from_user+0x10a/0x160 [ 361.022289][ T8918] ? __pfx_____sys_sendmsg+0x10/0x10 [ 361.022345][ T8918] ? __pfx_futex_wake_mark+0x10/0x10 [ 361.022401][ T8918] ___sys_sendmsg+0x134/0x1d0 [ 361.022439][ T8918] ? __pfx____sys_sendmsg+0x10/0x10 [ 361.022483][ T8918] ? __lock_acquire+0x622/0x1c90 [ 361.022575][ T8918] __sys_sendmsg+0x16d/0x220 [ 361.022630][ T8918] ? __pfx___sys_sendmsg+0x10/0x10 [ 361.022665][ T8918] ? __x64_sys_futex+0x1e0/0x4c0 [ 361.022732][ T8918] do_syscall_64+0xcd/0x490 [ 361.022780][ T8918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 361.022814][ T8918] RIP: 0033:0x7fbf4a38e9a9 [ 361.022840][ T8918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 361.022873][ T8918] RSP: 002b:00007fbf4b247038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 361.022905][ T8918] RAX: ffffffffffffffda RBX: 00007fbf4a5b6160 RCX: 00007fbf4a38e9a9 [ 361.022928][ T8918] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 000000000000000b [ 361.022948][ T8918] RBP: 00007fbf4a410d69 R08: 0000000000000000 R09: 0000000000000000 [ 361.022969][ T8918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 361.022988][ T8918] R13: 0000000000000000 R14: 00007fbf4a5b6160 R15: 00007ffda32fefe8 [ 361.023031][ T8918] [ 364.131226][ T8904] kexec: Could not allocate control_code_buffer [ 365.505878][ T8978] QAT: Device 0 not found [ 367.839283][ T9011] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input123 [ 368.789854][ T9014] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input124 [ 368.988870][ T9000] kexec: Could not allocate control_code_buffer [ 369.479113][ T9022] QAT: Stopping all acceleration devices. [ 371.291504][ T9046] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input125 [ 371.727996][ T9050] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input126 [ 373.559137][ T9073] FAULT_INJECTION: forcing a failure. [ 373.559137][ T9073] name failslab, interval 1, probability 0, space 0, times 0 [ 373.572625][ T9073] CPU: 0 UID: 0 PID: 9073 Comm: syz.3.606 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 373.572658][ T9073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 373.572671][ T9073] Call Trace: [ 373.572679][ T9073] [ 373.572688][ T9073] dump_stack_lvl+0x16c/0x1f0 [ 373.572715][ T9073] should_fail_ex+0x512/0x640 [ 373.572738][ T9073] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 373.572770][ T9073] should_failslab+0xc2/0x120 [ 373.572798][ T9073] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 373.572825][ T9073] ? kstrdup_const+0x63/0x80 [ 373.572854][ T9073] kstrdup+0x53/0x100 [ 373.572878][ T9073] kstrdup_const+0x63/0x80 [ 373.572901][ T9073] __kernfs_new_node+0x9b/0x8e0 [ 373.572960][ T9073] ? __pfx___kernfs_new_node+0x10/0x10 [ 373.573023][ T9073] ? find_held_lock+0x2b/0x80 [ 373.573062][ T9073] ? kernfs_root+0xee/0x2a0 [ 373.573091][ T9073] kernfs_new_node+0x13c/0x1e0 [ 373.573123][ T9073] kernfs_create_link+0xcc/0x240 [ 373.573158][ T9073] sysfs_do_create_link_sd+0x90/0x140 [ 373.573200][ T9073] sysfs_create_link+0x61/0xc0 [ 373.573238][ T9073] device_add+0x62c/0x1a70 [ 373.573271][ T9073] ? rcu_is_watching+0x12/0xc0 [ 373.573296][ T9073] ? __pfx_device_add+0x10/0x10 [ 373.573339][ T9073] device_create_groups_vargs+0x1f8/0x270 [ 373.573376][ T9073] device_create+0xed/0x130 [ 373.573410][ T9073] ? __pfx_device_create+0x10/0x10 [ 373.573463][ T9073] ? do_init_timer+0xc9/0x110 [ 373.573493][ T9073] ? ieee80211_roc_setup+0x136/0x270 [ 373.573517][ T9073] ? ieee80211_alloc_hw_nm+0x231/0x2260 [ 373.573557][ T9073] mac80211_hwsim_new_radio+0x369/0x54d0 [ 373.573621][ T9073] ? __asan_memset+0x23/0x50 [ 373.573677][ T9073] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 373.573726][ T9073] hwsim_new_radio_nl+0xb51/0x12c0 [ 373.573755][ T9073] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 373.573791][ T9073] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 373.573834][ T9073] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 373.573884][ T9073] genl_family_rcv_msg_doit+0x209/0x2f0 [ 373.573921][ T9073] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 373.573957][ T9073] ? trace_cap_capable+0x18d/0x200 [ 373.573994][ T9073] ? bpf_lsm_capable+0x9/0x10 [ 373.574030][ T9073] ? security_capable+0x7e/0x260 [ 373.574060][ T9073] ? ns_capable+0xd7/0x110 [ 373.574088][ T9073] genl_rcv_msg+0x55c/0x800 [ 373.574125][ T9073] ? __pfx_genl_rcv_msg+0x10/0x10 [ 373.574160][ T9073] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 373.574201][ T9073] netlink_rcv_skb+0x158/0x420 [ 373.574231][ T9073] ? __pfx_genl_rcv_msg+0x10/0x10 [ 373.574267][ T9073] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 373.574310][ T9073] ? netlink_deliver_tap+0x1ae/0xd30 [ 373.574342][ T9073] genl_rcv+0x28/0x40 [ 373.574372][ T9073] netlink_unicast+0x58a/0x850 [ 373.574406][ T9073] ? __pfx_netlink_unicast+0x10/0x10 [ 373.574444][ T9073] netlink_sendmsg+0x8d1/0xdd0 [ 373.574485][ T9073] ? __pfx_netlink_sendmsg+0x10/0x10 [ 373.574542][ T9073] ____sys_sendmsg+0xa95/0xc70 [ 373.574586][ T9073] ? copy_msghdr_from_user+0x10a/0x160 [ 373.574612][ T9073] ? __pfx_____sys_sendmsg+0x10/0x10 [ 373.574652][ T9073] ? __pfx_futex_wake_mark+0x10/0x10 [ 373.574693][ T9073] ___sys_sendmsg+0x134/0x1d0 [ 373.574720][ T9073] ? __pfx____sys_sendmsg+0x10/0x10 [ 373.574756][ T9073] ? __lock_acquire+0x622/0x1c90 [ 373.574825][ T9073] __sys_sendmsg+0x16d/0x220 [ 373.574851][ T9073] ? __pfx___sys_sendmsg+0x10/0x10 [ 373.574875][ T9073] ? __x64_sys_futex+0x1e0/0x4c0 [ 373.574921][ T9073] do_syscall_64+0xcd/0x490 [ 373.574947][ T9073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.574971][ T9073] RIP: 0033:0x7fdb35d8e9a9 [ 373.574990][ T9073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.575013][ T9073] RSP: 002b:00007fdb33bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 373.575035][ T9073] RAX: ffffffffffffffda RBX: 00007fdb35fb6160 RCX: 00007fdb35d8e9a9 [ 373.575051][ T9073] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 000000000000000b [ 373.575066][ T9073] RBP: 00007fdb35e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 373.575079][ T9073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 373.575093][ T9073] R13: 0000000000000000 R14: 00007fdb35fb6160 R15: 00007fff495b9738 [ 373.575140][ T9073] [ 374.438650][ T9072] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input127 [ 374.505936][ T9078] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 374.530958][ T9078] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 374.571728][ T9078] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 374.601160][ T9078] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 374.956088][ T9083] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input128 [ 376.058578][ T9103] netlink: 4 bytes leftover after parsing attributes in process `syz.1.610'. [ 376.593849][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 376.593921][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 376.663808][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 377.081285][ T9109] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 377.135349][ T9109] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 377.173958][ T9109] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 377.201273][ T9109] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 377.830843][ T9129] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input129 [ 378.252446][ T9118] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 378.290838][ T9118] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 378.339796][ T9118] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 378.369825][ T9130] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input130 [ 378.379877][ T9118] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 379.863812][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 380.354137][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 380.425969][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 380.432710][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 380.978012][ T9169] QAT: Stopping all acceleration devices. [ 380.983914][ T9170] ubi0: attaching mtd0 [ 380.986249][ T9170] ubi0: scanning is finished [ 381.010089][ T9171] netlink: 4 bytes leftover after parsing attributes in process `syz.1.623'. [ 381.172292][ T9174] QAT: Stopping all acceleration devices. [ 381.603049][ T9170] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 381.797080][ T9170] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 381.824063][ T9170] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 381.862730][ T9170] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 381.883870][ T9170] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 381.890719][ T9170] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 381.938977][ T9170] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3465996333 [ 382.009689][ T9170] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 382.041283][ T9173] ubi0: detaching mtd0 [ 382.050469][ T9184] ubi0: background thread "ubi_bgt0d" started, PID 9184 [ 382.115585][ T9173] ubi0: mtd0 is detached [ 382.589697][ T9192] netlink: 4 bytes leftover after parsing attributes in process `syz.3.625'. [ 384.163460][ T9213] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input131 [ 384.815259][ T9193] kexec: Could not allocate control_code_buffer [ 385.327147][ T9227] QAT: Stopping all acceleration devices. [ 386.276626][ T9242] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input132 [ 386.984900][ T9255] FAULT_INJECTION: forcing a failure. [ 386.984900][ T9255] name failslab, interval 1, probability 0, space 0, times 0 [ 387.003690][ T9255] CPU: 0 UID: 0 PID: 9255 Comm: syz.3.639 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 387.003724][ T9255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 387.003757][ T9255] Call Trace: [ 387.003765][ T9255] [ 387.003774][ T9255] dump_stack_lvl+0x16c/0x1f0 [ 387.003818][ T9255] should_fail_ex+0x512/0x640 [ 387.003861][ T9255] ? __kmalloc_noprof+0xbf/0x510 [ 387.003888][ T9255] ? drm_ioctl+0x4cc/0xc30 [ 387.003915][ T9255] should_failslab+0xc2/0x120 [ 387.003944][ T9255] __kmalloc_noprof+0xd2/0x510 [ 387.003967][ T9255] ? drm_dev_exit+0x41/0x60 [ 387.004001][ T9255] drm_ioctl+0x4cc/0xc30 [ 387.004032][ T9255] ? __pfx_drm_mode_getblob_ioctl+0x10/0x10 [ 387.004058][ T9255] ? __pfx_drm_ioctl+0x10/0x10 [ 387.004086][ T9255] ? find_held_lock+0x2b/0x80 [ 387.004126][ T9255] ? __pfx_drm_ioctl+0x10/0x10 [ 387.004154][ T9255] __x64_sys_ioctl+0x18e/0x210 [ 387.004191][ T9255] do_syscall_64+0xcd/0x490 [ 387.004221][ T9255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 387.004247][ T9255] RIP: 0033:0x7fdb35d8e9a9 [ 387.004266][ T9255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 387.004289][ T9255] RSP: 002b:00007fdb36b27038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 387.004312][ T9255] RAX: ffffffffffffffda RBX: 00007fdb35fb5fa0 RCX: 00007fdb35d8e9a9 [ 387.004329][ T9255] RDX: 0000000000000005 RSI: 00000000901064ac RDI: 0000000000000005 [ 387.004344][ T9255] RBP: 00007fdb35e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 387.004359][ T9255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 387.004373][ T9255] R13: 0000000000000000 R14: 00007fdb35fb5fa0 R15: 00007fff495b9738 [ 387.004402][ T9255] [ 387.189382][ C0] vkms_vblank_simulate: vblank timer overrun [ 387.787690][ T9263] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input133 [ 389.004550][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 389.013383][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 390.091455][ T9286] QAT: Stopping all acceleration devices. [ 391.281376][ T9298] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 391.293964][ T9298] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 391.300097][ T9298] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 391.348430][ T9298] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 391.597640][ T9302] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input134 [ 393.143754][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 393.383785][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 393.390285][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 393.390290][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 393.980146][ T9335] FAULT_INJECTION: forcing a failure. [ 393.980146][ T9335] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 394.038259][ T9335] CPU: 1 UID: 0 PID: 9335 Comm: syz.2.655 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 394.038305][ T9335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 394.038324][ T9335] Call Trace: [ 394.038335][ T9335] [ 394.038347][ T9335] dump_stack_lvl+0x16c/0x1f0 [ 394.038386][ T9335] should_fail_ex+0x512/0x640 [ 394.038425][ T9335] _copy_from_user+0x2e/0xd0 [ 394.038463][ T9335] core_sys_select+0x35b/0xc10 [ 394.038526][ T9335] ? __pfx_core_sys_select+0x10/0x10 [ 394.038585][ T9335] ? proc_fail_nth_write+0x9f/0x250 [ 394.038664][ T9335] ? do_sys_openat2+0x157/0x1d0 [ 394.038709][ T9335] ? __pfx_do_sys_openat2+0x10/0x10 [ 394.038786][ T9335] kern_select+0x15d/0x1e0 [ 394.038835][ T9335] ? __pfx_kern_select+0x10/0x10 [ 394.038890][ T9335] ? __pfx_ksys_write+0x10/0x10 [ 394.038949][ T9335] __x64_sys_select+0xbd/0x160 [ 394.038997][ T9335] ? do_syscall_64+0x91/0x490 [ 394.039030][ T9335] ? lockdep_hardirqs_on+0x7c/0x110 [ 394.039060][ T9335] do_syscall_64+0xcd/0x490 [ 394.039096][ T9335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.039128][ T9335] RIP: 0033:0x7f66c838e9a9 [ 394.039154][ T9335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.039185][ T9335] RSP: 002b:00007f66c9133038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 394.039227][ T9335] RAX: ffffffffffffffda RBX: 00007f66c85b5fa0 RCX: 00007f66c838e9a9 [ 394.039248][ T9335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 394.039266][ T9335] RBP: 00007f66c9133090 R08: 0000000000000000 R09: 0000000000000000 [ 394.039285][ T9335] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 394.039304][ T9335] R13: 0000000000000000 R14: 00007f66c85b5fa0 R15: 00007ffe623f2858 [ 394.039345][ T9335] [ 394.267677][ T9343] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input135 [ 395.183369][ T9349] FAULT_INJECTION: forcing a failure. [ 395.183369][ T9349] name failslab, interval 1, probability 0, space 0, times 0 [ 395.265080][ T9349] CPU: 1 UID: 8 PID: 9349 Comm: syz.2.658 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 395.265113][ T9349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 395.265127][ T9349] Call Trace: [ 395.265134][ T9349] [ 395.265143][ T9349] dump_stack_lvl+0x16c/0x1f0 [ 395.265170][ T9349] should_fail_ex+0x512/0x640 [ 395.265193][ T9349] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 395.265219][ T9349] should_failslab+0xc2/0x120 [ 395.265246][ T9349] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 395.265269][ T9349] ? getname_flags.part.0+0x4c/0x550 [ 395.265304][ T9349] getname_flags.part.0+0x4c/0x550 [ 395.265337][ T9349] getname_flags+0x93/0xf0 [ 395.265392][ T9349] user_path_at+0x24/0x60 [ 395.265414][ T9349] do_faccessat+0x139/0xba0 [ 395.265439][ T9349] ? __pfx_do_faccessat+0x10/0x10 [ 395.265483][ T9349] __x64_sys_access+0x5b/0x80 [ 395.265508][ T9349] do_syscall_64+0xcd/0x490 [ 395.265533][ T9349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.265556][ T9349] RIP: 0033:0x7f66c838e9a9 [ 395.265573][ T9349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.265596][ T9349] RSP: 002b:00007f66c9133038 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 395.265616][ T9349] RAX: ffffffffffffffda RBX: 00007f66c85b5fa0 RCX: 00007f66c838e9a9 [ 395.265631][ T9349] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000000 [ 395.265644][ T9349] RBP: 00007f66c9133090 R08: 0000000000000000 R09: 0000000000000000 [ 395.265662][ T9349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 395.265675][ T9349] R13: 0000000000000000 R14: 00007f66c85b5fa0 R15: 00007ffe623f2858 [ 395.265702][ T9349] [ 395.554172][ T9347] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 395.560279][ T9347] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 395.576950][ T9347] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 395.583019][ T9347] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 396.711897][ T9362] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 396.719435][ T9362] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 396.726045][ T9362] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 396.734195][ T9362] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 397.206732][ T30] audit: type=1804 audit(1753485191.656:4): pid=9378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.667" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 397.671335][ T9367] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 397.698650][ T9367] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 397.793316][ T9367] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 397.845090][ T9367] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 399.143786][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 399.455904][ T9416] syz.3.676 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 399.703815][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 399.863836][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 399.870051][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 400.112502][ T9422] netlink: 4 bytes leftover after parsing attributes in process `syz.3.677'. [ 401.640170][ T9432] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input136 [ 401.729613][ T9428] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 401.793457][ T9428] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 401.852128][ T9428] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 401.859111][ T9428] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 402.483307][ T9439] QAT: Stopping all acceleration devices. [ 403.383714][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 403.448842][ T9458] netlink: 8 bytes leftover after parsing attributes in process `syz.0.686'. [ 403.863744][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 403.863937][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 403.876362][ T5852] Bluetooth: hci2: command 0x0c1a tx timeout [ 404.947789][ T9477] netlink: 186 bytes leftover after parsing attributes in process `syz.0.688'. [ 407.722386][ T9509] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 407.778607][ T9509] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 407.803911][ T9509] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 407.810118][ T9509] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 408.992167][ T9524] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 409.033943][ T9524] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 409.066965][ T9524] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 409.107120][ T9524] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 409.658086][ T9536] netlink: 28 bytes leftover after parsing attributes in process `syz.3.699'. [ 410.632571][ T9552] sp0: Synchronizing with TNC [ 410.744013][ T5852] Bluetooth: hci0: command 0x0c1a tx timeout [ 411.063722][ T5852] Bluetooth: hci1: command 0x0c1a tx timeout [ 411.144099][ T5852] Bluetooth: hci3: command 0x0c1a tx timeout [ 411.149949][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 411.756924][ T9566] QAT: Stopping all acceleration devices. [ 412.186820][ T9574] random: crng reseeded on system resumption [ 413.769244][ T9591] FAULT_INJECTION: forcing a failure. [ 413.769244][ T9591] name failslab, interval 1, probability 0, space 0, times 0 [ 413.769336][ T9591] CPU: 0 UID: 0 PID: 9591 Comm: syz.2.711 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 413.769374][ T9591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 413.769392][ T9591] Call Trace: [ 413.769403][ T9591] [ 413.769414][ T9591] dump_stack_lvl+0x16c/0x1f0 [ 413.769451][ T9591] should_fail_ex+0x512/0x640 [ 413.769482][ T9591] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 413.769537][ T9591] should_failslab+0xc2/0x120 [ 413.769574][ T9591] __kmalloc_cache_noprof+0x6a/0x3e0 [ 413.769624][ T9591] ? drm_atomic_helper_connector_duplicate_state+0x70/0xd0 [ 413.769678][ T9591] drm_atomic_helper_connector_duplicate_state+0x70/0xd0 [ 413.769725][ T9591] drm_atomic_get_connector_state+0x388/0x740 [ 413.769777][ T9591] drm_atomic_add_affected_connectors+0x2e0/0x3f0 [ 413.769826][ T9591] ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10 [ 413.769868][ T9591] ? ww_mutex_lock+0x37/0x160 [ 413.769916][ T9591] ? modeset_lock+0x114/0x6e0 [ 413.770020][ T9591] __drm_atomic_helper_set_config+0x5ef/0xea0 [ 413.770079][ T9591] ? __pfx___drm_atomic_helper_set_config+0x10/0x10 [ 413.770134][ T9591] ? drm_client_rotation+0x4da/0x6a0 [ 413.770187][ T9591] drm_client_modeset_commit_atomic+0x53d/0x7e0 [ 413.770248][ T9591] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 413.770314][ T9591] drm_client_modeset_commit_locked+0x14d/0x580 [ 413.770351][ T9591] drm_client_modeset_commit+0x4f/0x80 [ 413.770384][ T9591] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 413.770416][ T9591] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 413.770456][ T9591] drm_fbdev_client_restore+0x2c/0x40 [ 413.770493][ T9591] drm_client_dev_restore+0x1f3/0x2a0 [ 413.770529][ T9591] drm_release+0x2c4/0x360 [ 413.770560][ T9591] ? __pfx_drm_release+0x10/0x10 [ 413.770587][ T9591] __fput+0x402/0xb70 [ 413.770627][ T9591] task_work_run+0x14d/0x240 [ 413.770712][ T9591] ? __pfx_task_work_run+0x10/0x10 [ 413.770749][ T9591] ? __pfx___do_sys_close_range+0x10/0x10 [ 413.770780][ T9591] exit_to_user_mode_loop+0xeb/0x110 [ 413.770819][ T9591] do_syscall_64+0x3f6/0x490 [ 413.770845][ T9591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.770869][ T9591] RIP: 0033:0x7f66c838e9a9 [ 413.770887][ T9591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 413.770910][ T9591] RSP: 002b:00007f66c61f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 413.770976][ T9591] RAX: 0000000000000000 RBX: 00007f66c85b6160 RCX: 00007f66c838e9a9 [ 413.770991][ T9591] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 413.771005][ T9591] RBP: 00007f66c8410d69 R08: 0000000000000000 R09: 0000000000000000 [ 413.771019][ T9591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 413.771157][ T9591] R13: 0000000000000000 R14: 00007f66c85b6160 R15: 00007ffe623f2858 [ 413.771200][ T9591] [ 414.545020][ T9592] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 414.545281][ T9592] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 414.545454][ T9592] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 414.545595][ T9592] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 415.590289][ T9609] usb usb36: usbfs: process 9609 (syz.1.716) did not claim interface 0 before use [ 415.951003][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout [ 416.010508][ T9619] QAT: Stopping all acceleration devices. [ 416.583757][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout [ 416.589863][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout [ 416.595942][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 420.316927][ T9696] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input137 [ 420.362469][ T9699] QAT: Stopping all acceleration devices. [ 420.621749][ T9700] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input138 [ 420.648649][ T9686] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 420.719401][ T9686] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 420.781561][ T9686] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 420.894924][ T9686] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 422.263882][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 422.743921][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 422.832863][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 422.910876][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 423.333412][ T9744] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input139 [ 423.678229][ T9752] netlink: 4 bytes leftover after parsing attributes in process `syz.1.739'. [ 423.695816][ T9752] netlink: 25 bytes leftover after parsing attributes in process `syz.1.739'. [ 423.772573][ T9745] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input140 [ 424.001409][ T9758] net_ratelimit: 78 callbacks suppressed [ 424.001444][ T9758] openvswitch: netlink: IP tunnel dst address not specified [ 425.168314][ T9771] QAT: Stopping all acceleration devices. [ 425.863672][ T5851] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 426.026380][ T9779] netlink: 8 bytes leftover after parsing attributes in process `syz.1.743'. [ 426.092538][ T9782] FAULT_INJECTION: forcing a failure. [ 426.092538][ T9782] name failslab, interval 1, probability 0, space 0, times 0 [ 426.189978][ T9782] CPU: 0 UID: 0 PID: 9782 Comm: syz.3.742 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 426.190009][ T9782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 426.190023][ T9782] Call Trace: [ 426.190030][ T9782] [ 426.190038][ T9782] dump_stack_lvl+0x16c/0x1f0 [ 426.190065][ T9782] should_fail_ex+0x512/0x640 [ 426.190088][ T9782] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 426.190126][ T9782] should_failslab+0xc2/0x120 [ 426.190152][ T9782] __kmalloc_cache_noprof+0x6a/0x3e0 [ 426.190187][ T9782] ? drm_atomic_helper_connector_duplicate_state+0x70/0xd0 [ 426.190225][ T9782] drm_atomic_helper_connector_duplicate_state+0x70/0xd0 [ 426.190257][ T9782] drm_atomic_get_connector_state+0x388/0x740 [ 426.190293][ T9782] drm_atomic_add_affected_connectors+0x2e0/0x3f0 [ 426.190328][ T9782] ? __pfx_drm_atomic_add_affected_connectors+0x10/0x10 [ 426.190357][ T9782] ? ww_mutex_lock+0x37/0x160 [ 426.190381][ T9782] ? modeset_lock+0x114/0x6e0 [ 426.190408][ T9782] __drm_atomic_helper_set_config+0x5ef/0xea0 [ 426.190443][ T9782] ? __pfx___drm_atomic_helper_set_config+0x10/0x10 [ 426.190478][ T9782] ? drm_client_rotation+0x4da/0x6a0 [ 426.190511][ T9782] drm_client_modeset_commit_atomic+0x53d/0x7e0 [ 426.190550][ T9782] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 426.190608][ T9782] drm_client_modeset_commit_locked+0x14d/0x580 [ 426.190642][ T9782] drm_client_modeset_commit+0x4f/0x80 [ 426.190673][ T9782] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 426.190702][ T9782] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 426.190740][ T9782] drm_fbdev_client_restore+0x2c/0x40 [ 426.190775][ T9782] drm_client_dev_restore+0x1f3/0x2a0 [ 426.190809][ T9782] drm_release+0x2c4/0x360 [ 426.190837][ T9782] ? __pfx_drm_release+0x10/0x10 [ 426.190862][ T9782] __fput+0x402/0xb70 [ 426.190895][ T9782] task_work_run+0x14d/0x240 [ 426.190931][ T9782] ? __pfx_task_work_run+0x10/0x10 [ 426.190973][ T9782] ? __pfx___do_sys_close_range+0x10/0x10 [ 426.191002][ T9782] exit_to_user_mode_loop+0xeb/0x110 [ 426.191039][ T9782] do_syscall_64+0x3f6/0x490 [ 426.191064][ T9782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 426.191086][ T9782] RIP: 0033:0x7fdb35d8e9a9 [ 426.191103][ T9782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 426.191125][ T9782] RSP: 002b:00007fdb33bd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 426.191145][ T9782] RAX: 0000000000000000 RBX: 00007fdb35fb6160 RCX: 00007fdb35d8e9a9 [ 426.191159][ T9782] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 426.191172][ T9782] RBP: 00007fdb35e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 426.191185][ T9782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 426.191197][ T9782] R13: 0000000000000000 R14: 00007fdb35fb6160 R15: 00007fff495b9738 [ 426.191225][ T9782] [ 426.597336][ T9787] usb usb36: usbfs: process 9787 (syz.2.745) did not claim interface 0 before use [ 426.857447][ T9795] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 427.663213][ T9802] netlink: 4 bytes leftover after parsing attributes in process `syz.0.755'. [ 427.723186][ T9805] netlink: 25 bytes leftover after parsing attributes in process `syz.0.755'. [ 429.630963][ T9824] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input141 [ 430.011092][ T9819] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 430.018340][ T9819] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 430.027956][ T9819] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 430.053960][ T9819] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 430.247206][ T9826] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input142 [ 430.482540][ T9838] QAT: Stopping all acceleration devices. [ 431.543722][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 432.023999][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 432.103739][ T5167] Bluetooth: hci2: command 0x0c1a tx timeout [ 432.110406][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 432.358052][ T9861] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 432.402569][ T9861] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 432.452602][ T9861] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 432.501654][ T9861] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 433.956783][ T5851] Bluetooth: hci0: command 0x0c1a tx timeout [ 434.037203][ T9902] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input143 [ 434.397317][ T9899] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input144 [ 434.423868][ T5851] Bluetooth: hci1: command 0x0c1a tx timeout [ 434.503702][ T5851] Bluetooth: hci2: command 0x0c1a tx timeout [ 434.593674][ T5851] Bluetooth: hci3: command 0x0c1a tx timeout [ 434.765907][ T9901] usb usb36: usbfs: process 9901 (syz.3.763) did not claim interface 0 before use [ 435.164789][ T9914] QAT: Stopping all acceleration devices. [ 436.272357][ T9929] usb usb36: usbfs: process 9929 (syz.3.767) did not claim interface 0 before use [ 436.854889][ T9946] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input145 [ 437.321673][ T9947] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input146 [ 438.266758][ T5851] ================================================================== [ 438.274891][ T5851] BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 [ 438.282769][ T5851] Read of size 140 at addr ffffc900062fb000 by task kworker/u9:3/5851 [ 438.290967][ T5851] [ 438.293328][ T5851] CPU: 0 UID: 0 PID: 5851 Comm: kworker/u9:3 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 438.293379][ T5851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 438.293403][ T5851] Workqueue: hci0 hci_devcd_timeout [ 438.293454][ T5851] Call Trace: [ 438.293472][ T5851] [ 438.293484][ T5851] dump_stack_lvl+0x116/0x1f0 [ 438.293518][ T5851] print_report+0xcd/0x630 [ 438.293555][ T5851] ? __virt_addr_valid+0x81/0x610 [ 438.293593][ T5851] ? hci_devcd_dump+0x142/0x240 [ 438.293638][ T5851] kasan_report+0xe0/0x110 [ 438.293674][ T5851] ? hci_devcd_dump+0x142/0x240 [ 438.293726][ T5851] kasan_check_range+0x100/0x1b0 [ 438.293772][ T5851] __asan_memcpy+0x23/0x60 [ 438.293820][ T5851] hci_devcd_dump+0x142/0x240 [ 438.293861][ T5851] hci_devcd_timeout+0xb5/0x2e0 [ 438.293901][ T5851] ? rcu_is_watching+0x12/0xc0 [ 438.293933][ T5851] process_one_work+0x9cc/0x1b70 [ 438.293983][ T5851] ? __pfx_process_one_work+0x10/0x10 [ 438.294031][ T5851] ? assign_work+0x1a0/0x250 [ 438.294072][ T5851] worker_thread+0x6c8/0xf10 [ 438.294122][ T5851] ? __pfx_worker_thread+0x10/0x10 [ 438.294172][ T5851] kthread+0x3c5/0x780 [ 438.294211][ T5851] ? __pfx_kthread+0x10/0x10 [ 438.294251][ T5851] ? rcu_is_watching+0x12/0xc0 [ 438.294279][ T5851] ? __pfx_kthread+0x10/0x10 [ 438.294318][ T5851] ret_from_fork+0x5d4/0x6f0 [ 438.294357][ T5851] ? __pfx_kthread+0x10/0x10 [ 438.294395][ T5851] ret_from_fork_asm+0x1a/0x30 [ 438.294434][ T5851] [ 438.294442][ T5851] [ 438.441752][ T5851] The buggy address belongs to a vmalloc virtual mapping [ 438.448801][ T5851] Memory state around the buggy address: [ 438.454449][ T5851] ffffc900062faf00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 438.462528][ T5851] ffffc900062faf80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 438.470610][ T5851] >ffffc900062fb000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 438.478688][ T5851] ^ [ 438.482770][ T5851] ffffc900062fb080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 438.490854][ T5851] ffffc900062fb100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 438.498959][ T5851] ================================================================== [ 438.511745][ T5851] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 438.518966][ T5851] CPU: 0 UID: 0 PID: 5851 Comm: kworker/u9:3 Not tainted 6.16.0-rc7-syzkaller-00105-g2942242dde89 #0 PREEMPT(full) [ 438.531134][ T5851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 438.541204][ T5851] Workqueue: hci0 hci_devcd_timeout [ 438.546448][ T5851] Call Trace: [ 438.549738][ T5851] [ 438.552669][ T5851] dump_stack_lvl+0x3d/0x1f0 [ 438.557269][ T5851] panic+0x71c/0x800 [ 438.561193][ T5851] ? __pfx_panic+0x10/0x10 [ 438.565650][ T5851] ? mark_held_locks+0x49/0x80 [ 438.570438][ T5851] ? preempt_schedule_thunk+0x16/0x30 [ 438.575850][ T5851] ? hci_devcd_dump+0x142/0x240 [ 438.580726][ T5851] ? preempt_schedule_common+0x44/0xc0 [ 438.586202][ T5851] ? check_panic_on_warn+0x1f/0xb0 [ 438.591330][ T5851] ? hci_devcd_dump+0x142/0x240 [ 438.596218][ T5851] check_panic_on_warn+0xab/0xb0 [ 438.601185][ T5851] end_report+0x107/0x170 [ 438.605537][ T5851] kasan_report+0xee/0x110 [ 438.609984][ T5851] ? hci_devcd_dump+0x142/0x240 [ 438.614870][ T5851] kasan_check_range+0x100/0x1b0 [ 438.619849][ T5851] __asan_memcpy+0x23/0x60 [ 438.624303][ T5851] hci_devcd_dump+0x142/0x240 [ 438.629015][ T5851] hci_devcd_timeout+0xb5/0x2e0 [ 438.633968][ T5851] ? rcu_is_watching+0x12/0xc0 [ 438.638764][ T5851] process_one_work+0x9cc/0x1b70 [ 438.643743][ T5851] ? __pfx_process_one_work+0x10/0x10 [ 438.649141][ T5851] ? assign_work+0x1a0/0x250 [ 438.653760][ T5851] worker_thread+0x6c8/0xf10 [ 438.658376][ T5851] ? __pfx_worker_thread+0x10/0x10 [ 438.663517][ T5851] kthread+0x3c5/0x780 [ 438.667610][ T5851] ? __pfx_kthread+0x10/0x10 [ 438.672269][ T5851] ? rcu_is_watching+0x12/0xc0 [ 438.677048][ T5851] ? __pfx_kthread+0x10/0x10 [ 438.681661][ T5851] ret_from_fork+0x5d4/0x6f0 [ 438.686300][ T5851] ? __pfx_kthread+0x10/0x10 [ 438.690918][ T5851] ret_from_fork_asm+0x1a/0x30 [ 438.695718][ T5851] [ 438.699102][ T5851] Kernel Offset: disabled [ 438.703437][ T5851] Rebooting in 86400 seconds..