last executing test programs: 23m1.769019045s ago: executing program 3 (id=97): close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0x3, 0x0, [{0x4b564d00, 0x3}]}) 23m1.434623956s ago: executing program 3 (id=99): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x29, 0x2, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0xfffffffffffffffd, 0x100, 0x0, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x0, 0x81, 0x8, 0x2, 0xfffffffffffffff8}) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 23m1.254678949s ago: executing program 3 (id=101): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='(\x00\x00\b', @ANYRES16=0x0, @ANYBLOB="1b0026bd7000fddbdf250300000004000800100003800c000a"], 0x28}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x9}, 0x3, 0x0) 23m1.025513715s ago: executing program 3 (id=104): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(r0, 0x24, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, 0x0, 0x55) getsockopt$auto(0x3, 0x0, 0xe, 0x0, 0x0) 23m0.848192924s ago: executing program 3 (id=108): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 22m59.336303333s ago: executing program 3 (id=118): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) io_uring_setup$auto(0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f00000000c0), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x14, r2, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) 22m58.840134751s ago: executing program 32 (id=118): mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) io_uring_setup$auto(0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r0, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f00000000c0), r0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x14, r2, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) 22m58.833399509s ago: executing program 1 (id=122): prctl$auto(0x4, 0x0, 0x0, 0x9, 0x7) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x23, 0x80805, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x7, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0xc060ff0b, r0) 22m58.611326899s ago: executing program 1 (id=124): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) socket(0xa, 0x2, 0x0) write$auto_force_wakeup_fops_hci_vhci(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NET_SHAPER_CMD_DELETE(0xffffffffffffffff, 0x0, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) io_uring_register$auto(0x2, 0x11, &(0x7f0000000180), 0x83) 22m57.39511305s ago: executing program 1 (id=130): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) mlockall$auto(0x3) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f00000000c0)={0x2, 0x0, [{0x206, 0x10, 0x1}]}) 22m55.758063664s ago: executing program 1 (id=134): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x1, 0x5, 0x0) socket(0x2, 0x2, 0x0) epoll_create$auto(0x4) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cpu/0/msr\x00', 0x0, 0x0) pipe$auto(0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) epoll_ctl$auto(0x5, 0x1, r0, 0x0) shutdown$auto(0x200000003, 0x2) 22m55.259659317s ago: executing program 1 (id=137): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 22m52.967402402s ago: executing program 1 (id=149): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x0, 0x1, 0x3, 0x0, 0x2) io_uring_enter$auto(0x3, 0x1, 0x2688, 0x5, 0x0, 0x7) 22m52.509382929s ago: executing program 33 (id=149): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x0, 0x1, 0x3, 0x0, 0x2) io_uring_enter$auto(0x3, 0x1, 0x2688, 0x5, 0x0, 0x7) 18m31.408307485s ago: executing program 2 (id=1740): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x1, 0x5, 0x106) rseq$auto(&(0x7f0000000340)={0x10, 0x401, 0x0, 0x803, 0x7, 0x2}, 0x8000, 0x0, 0x8000006) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) r0 = socket(0x10, 0x80002, 0x8) close_range$auto(r0, r0, 0x0) pipe$auto(0x0) splice$auto(r0, 0x0, 0x2, 0x0, 0x3fb, 0x9) write$auto(0x6, 0x0, 0x100000001) 18m30.338398041s ago: executing program 2 (id=1754): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) getcwd$auto(0x0, 0xfffffffeffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x8, 0x2000000000002) r0 = open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) fanotify_mark$auto(0x0, 0x451, 0xa, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) open(0x0, 0x40000, 0x0) 18m30.090810427s ago: executing program 2 (id=1755): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x1, 0x82400001, 0xb, 0x0, 0xd) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xffffffff}, 0x6, 0x0) io_uring_enter$auto(0x3, 0x5, 0xffffffff, 0x3, 0x0, 0x2) 18m29.723324154s ago: executing program 2 (id=1757): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4000894}, 0x800) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xb, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x3624239c, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000016c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="d4000000", @ANYRES16=0x0, @ANYBLOB="100027bd7000fbdbdf2518000000200001800247eea41fac000014000200766574683100000000000000000000000800070063fbffff0500060001000000840002803d00488013b37090badc49d6dc93876646d25a4d297d01cd3b7da38d12889cc50d505f353dc42d0a3c0a14c7b46428910708003600", @ANYRES32=0x0, @ANYBLOB="0400b3800000003d003b800400a4800c009a00008000000000000004008680c16ab1b1b39dcaa14b6af7dcc011b43cf706e562811c62b28a702b72e0a87126700294f2350000000c000180080003"], 0xd4}, 0x1, 0x0, 0x0, 0x20000010}, 0x20008000) io_uring_setup$auto(0x8, &(0x7f0000000140)={0x0, 0x3, 0x9, 0x10001, 0xc, 0xc05, 0xffffffffffffffff, [0x7fd, 0x1001, 0x8], {0x9, 0x1, 0x6, 0x0, 0x420, 0x1001, 0x3fdc, 0x3, 0x5}, {0x2, 0x140, 0x54ed, 0x0, 0x101, 0xff, 0x7, 0xa, 0x3}}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYBLOB="010027"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 18m29.557223077s ago: executing program 2 (id=1758): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x11, 0x6, 0x7fff, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x2df, 0x500, 0x81, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x5, 0x10001, 0x40, 0x76c5, 0x8, 0x7fffffffffffffff}}) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 18m29.353482414s ago: executing program 2 (id=1761): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket(0x22, 0x2, 0x3) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x8400ae8e, 0x0) 18m13.970788491s ago: executing program 34 (id=1761): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket(0x22, 0x2, 0x3) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x8400ae8e, 0x0) 1m58.054146706s ago: executing program 5 (id=4737): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x22, 0x4, 0x83) setsockopt$auto(r0, 0x84, 0x15, 0x0, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) nanosleep$auto(0x0, 0x0) getpid() socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) semctl$auto_SEM_STAT(0x2, 0x400, 0x12, 0x1) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(r1, &(0x7f0000000040)='/dev/audio1\x00', 0x100000a3d1) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x4, 0x80000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x1, 0x2fe) 1m56.764176866s ago: executing program 5 (id=4740): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) write$auto(0x4, 0x0, 0x100082) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xa00, 0x0, 0xfffffffffffffffd) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r0, 0x5408, r0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000240)="1c520b214b197e", 0x7) unshare$auto(0x40000080) socket(0x6, 0xa, 0x5ffd) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8081, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0xa, 0x2, 0x0) setsockopt$auto(r2, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x2000112) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000140)='./file0\x00', 0x40, 0xa2) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) fanotify_init$auto(0x2208, 0x2) 1m55.678404416s ago: executing program 5 (id=4744): socket(0xa, 0x1, 0x84) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x20343, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0xfffffffffffffffd, 0x4000020809, 0x78, 0xeb8, 0x401, 0x0) ioctl$auto_FIOQSIZE(0xffffffffffffffff, 0x5460, 0x8000000000000ec) ioperm$auto(0x7, 0x5ad2, 0x8) modify_ldt$auto(0xc, 0x0, 0x100000000) mmap$auto(0xffffffff, 0x3, 0x5, 0xeb1, 0x405, 0x8000) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0) unshare$auto(0x40000080) rseq$auto(&(0x7f0000000300)={0x12, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) process_mrelease$auto(0xffffffffffffffff, 0xa) socket(0x1a, 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/smbd_send_credit_target\x00', 0x141001, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) semget$auto(0x0, 0x13c, 0x1ff) r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_SMC_PNETID_ADD(0xffffffffffffffff, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000006c0)={0x2c, r1, 0x1, 0x70bd2c, 0x25dfdc01, {}, [@SMC_PNETID_ETHNAME={0xc, 0x2, '+o*#\x90\x80\x8b\x00'}, @SMC_PNETID_NAME={0xb, 0x1, 'netdev\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x840}, 0x40d0) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x8000, 0x36ec}, 0x1, 0x0) semctl$auto(0x0, 0x9, 0x0, 0x2) 1m55.172037511s ago: executing program 5 (id=4745): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2000000000000021, 0x2, 0x10000000000002) write$auto(0x3, 0x0, 0x40) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) socket(0xf, 0x1, 0xfff) madvise$auto(0x192ad524, 0x1, 0x19) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8004) getrandom$auto(0x0, 0x6000000, 0x3) process_vm_writev$auto(0x1, &(0x7f0000002980)={0x0, 0x4}, 0x8, 0x0, 0x6, 0x0) mmap$auto(0x0, 0x400008, 0xe3, 0xbb72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r0, 0x40081271, r0) listxattrat$auto(0xffffffffffffffff, 0x0, 0x1000, 0x0, 0x3) kill$auto(0x0, 0x21) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) pread64$auto(r1, 0x0, 0x20000000001, 0x7fff) 1m54.033137298s ago: executing program 5 (id=4746): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sysfs$auto(0x2, 0x23, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) write$auto(0xffffffffffffffff, 0x0, 0x1098c7) 1m52.493582689s ago: executing program 5 (id=4750): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x121040, 0x0) pread64$auto(r0, 0x0, 0x100006, 0xc982) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(r1, 0xfffffffffffff000, 0xb) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) socket(0x10, 0x2, 0x0) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r2, 0x0, 0x7) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x9}, 0x3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) close_range$auto(0x2, 0xa, 0x0) 1m37.16637267s ago: executing program 35 (id=4750): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x121040, 0x0) pread64$auto(r0, 0x0, 0x100006, 0xc982) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) close_range$auto(r1, 0xfffffffffffff000, 0xb) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) socket(0x10, 0x2, 0x0) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r2, 0x0, 0x7) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x9}, 0x3) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) close_range$auto(0x2, 0xa, 0x0) 17.285600716s ago: executing program 6 (id=4953): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_macsec(0x0, r0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setrlimit$auto(0xb, 0x0) unshare$auto(0x2a) socket(0x2, 0x1, 0x10000100) mmap$auto(0x40, 0x1, 0x6ae, 0x15, 0xffffffffffffffff, 0x7ffb) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x42, 0x8, 0x0, 0xfffffffffffffffd, 0x5) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r1) sendmsg$auto_NL80211_CMD_ADD_TX_TS(r0, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, r3, 0x59bc18bbb22d8ae3, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48000}, 0x20000001) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) mmap$auto(0x1, 0x32, 0x1, 0x41e, r2, 0x6) r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) r5 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x2a801, 0x0) pwrite64$auto(r5, &(0x7f0000000340)='/dev/vcsa\x00\x84\xbd\xe3\xa8\xaf\xd0E>0Q!\x8dIY\x1cPw+\x85\xdf\xa2\xfd\xf1\x80\xc6\xde>KC\x931\xf7vvjlm\xae\xf8\xc3\xa8\xbe\xdc9|\xfe}\xaf\x9e\'\xef\x84\xa8\xd3eX\x8f\xf8\x82\xe9\x8d\x86\x15\xa4B\xd3\x1e\xbd\x81\x00q\xca\xfe\xa8<\'~\xec\x0f\xc9\x91\x86\x19\x97}\xba\x1f\x1a\xf8\x15\x8a?\xe0\xeb\xfaOS\x11\x964\xd58\xf9q\xdc\xce\t\f\xa3\xc7\x84j\x15\x81\x16\xbb\x8d\xa9\x04\xc4\x03W(\xbc\x03N\x95\xb8\x1b&,\xeb\x94\xc2p}u#\xd22[\xfe@\xfap\x8c\xa8&\xb3\xbe\x12R\xd1V\xd0\xd4\xb1\x8b\xf3\x86\xd2\xba\r\x8a~]\\wg=\raRc\xb8\xf0\x9e\xc7D\xde\xa6;\x7f\x90\xf8\xf3\xc8f\xa1\n\x8b\xd6\xd5\xc6-\xf6X\x8cS\x10\x98)xo\xa3\x92\xa0=?\xde@\xb1\b8\xe1D\xb7\xf2\b\xfa\xad\xa43\x9dI9d\x152\x96\xd7\x9f\x9e\t^\x827\xfe\xb1!Z\x12\xf9\x1e\x9b\xef\xd5\xb7\x17\x8f\xc8]\x9f\x1b\xfaD\xa7\x1f\x8a\xaf\x919\x8ee\xb4\x13\x05\xf1\x04>\r\x80*j&\x99e\v\xfd\x9b\xd0\xb8y\xa2\xa7\x85\x87*\x00\xea\xe1c\xda\x11\xbcF\xc5\xe0T\x9c\xe9\xd2\xc9\xea\f\x9bt\x18\xc5\xa0o\xae\x91X\t\x8a\x91', 0x7b05, 0x3) sendfile$auto(r4, r4, 0x0, 0x10000800000003) 14.492242412s ago: executing program 6 (id=4956): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x8, 0x2020009, 0x3, 0x216, r0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) membarrier$auto(0x2, 0x0, 0x9) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0x401, 0x8000) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r1, 0xc0045405, 0x3) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xfffdfffe}, 0x3ff) socket(0x22, 0x3, 0x1) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mkdir$auto(&(0x7f00000002c0)='./file0\x00', 0x3) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file1/file0\x00', 0x101040, 0x149) rename$auto(&(0x7f0000000280)='./file1/file0\x00', &(0x7f0000000040)='./file0/file0\x00') 13.123610378s ago: executing program 6 (id=4959): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f682, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c) ioctl$auto_EVIOCGEFFECTS(r0, 0x80044584, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto_SO_RXQ_OVFL(0xffffffffffffffff, 0x34, 0x28, &(0x7f0000000280)='!{\x00', 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) clone$auto(0x7fff, 0xad3, 0x0, 0x0, 0x8000004) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004680), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7) 10.443439438s ago: executing program 4 (id=4964): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, r0, 0x8000) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_fake_panic_fops_(0xffffffffffffff9c, &(0x7f0000000140), 0x101880, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) sendmmsg$auto(0x3, 0x0, 0x7878, 0x7000000) mmap$auto(0x0, 0x20009, 0x0, 0x40000000000eb1, r1, 0x8003) r2 = fsopen$auto(0x0, 0x1) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0x8, 0x0) getpriority$auto_PRIO_PGRP(0x1, 0x0) read$auto_ipsec_dbg_fops_ipsec(r1, &(0x7f0000000180)=""/234, 0xea) r3 = io_uring_setup$auto(0x1, 0x0) r4 = socket(0x1a, 0x80003, 0x300) setsockopt$auto(r4, 0x107, 0x1, 0x0, 0x8004) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f00000009c0)=@bpf_attr_3={0x8a, 0x7, 0x2dfa, 0x7302, 0xfff, 0xfffffffb, 0xa0, 0xfffffffd, 0xb, "80c351f01c47e5b7a18d787c217a958a", r5, 0x400, r3, 0x4, 0x4, 0x5, 0x0, 0x0, 0x4, 0x9, @attach_btf_obj_fd=r0, 0xdf3b, 0xffffffff, 0x80000001, 0xc5, 0x7fffffff, r1, r2}, 0x0) sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80fffe040100"}, 0x1c) r6 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) write$auto(r6, 0x0, 0x0) 10.229522228s ago: executing program 6 (id=4965): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x80000000000000a, 0x2, 0x0) r0 = socket(0xa, 0x801, 0x84) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) io_uring_register$auto_IORING_UNREGISTER_NAPI(r2, 0x1c, 0x0, 0x8) ioctl$auto_VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000000)={0x4, r0}) r3 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)='ns/net\x00') ioctl$NS_GET_PARENT(r3, 0x8008b70d, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x0, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_SEQ={0x6, 0x6, 0x81}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xe}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}}, @HSR_A_IF1_AGE={0x8, 0x3, 0x41}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF2_AGE={0x8, 0x4, 0x80}]}, 0x68}, 0x1, 0x0, 0x0, 0x20040084}, 0x44098) close_range$auto(0x0, 0xffffffffffffffff, 0x2) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/mountinfo\x00', 0x40001, 0x0) epoll_create$auto(0x20003f) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x400002, &(0x7f00000002c0)={0x0, 0xc7}, 0x6, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x40000000) 9.208797657s ago: executing program 4 (id=4967): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000000200)="352c8efa610c0bcf83a4ebdb040000000000000021cb244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296ebe6f598901d632a206d9bb056d8c8", 0x3d) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x5, 0x0, 0x102) getpid() r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0xa001, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 9.07986931s ago: executing program 6 (id=4969): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d55745eff6aa689e859dcaeff39bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205415c32797d9450c002895c9b40", 0xd4f) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0xe, 0x0, 0x20) shmctl$auto(0x0, 0xd, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001680), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000002300)={0x0, 0x0, &(0x7f00000022c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="110325bd7000fedbdf2501"], 0x14}}, 0x10040) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000000), r3) syz_genetlink_get_family_id$auto_ovs_datapath(0x0, r3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x15, 0x5, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) 7.082163516s ago: executing program 0 (id=4973): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0x10004010) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto_SO_RCVLOWAT(0xffffffffffffffff, 0x8, 0x12, 0x0, 0x8) write$auto(0xffffffffffffffff, 0x0, 0xdec8) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xf15a}, 0x6, 0x8, 0x5) write$auto(0x3, 0x0, 0x5c8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) lseek$auto(0x3, 0x2, 0x4) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x2280, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/bInterfaceNumber\x00', 0xa140, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0x7f}, 0x6, 0x40005, 0x2005) 7.074318332s ago: executing program 4 (id=4974): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r1, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_register$auto(0xffffffffffffffff, 0x15, 0x0, 0x9) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x83, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x9, 0x20020000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x400c080) kexec_load$auto(0x3, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x40000000, 0x4800c000}, 0x4) read$auto_long_retry_limit_ops_(r1, &(0x7f0000000280)=""/140, 0x8c) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x801, 0x106) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 7.049363473s ago: executing program 6 (id=4975): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x1) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x1) socketpair$auto(0x3, 0x5, 0x7, 0x0) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0x2000000}, 0x68) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3f83, 0xfffffffb) openat$dir(0xffffffffffffff9c, 0x0, 0xc0100, 0x100) connect$auto(0x3, 0x0, 0x54) 6.888132432s ago: executing program 7 (id=4976): socket(0xa, 0x3, 0x3a) r0 = socket(0x2c, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) fcntl$auto_F_GETOWN(0xffffffffffffffff, 0x9, 0x5) sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0xc050) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x2000091}, 0x28000011) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x1, 0x0) memfd_create$auto(0x0, 0x4) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001800), 0x101101, 0x0) ioctl$auto(r1, 0x5459, 0x0) 6.31924555s ago: executing program 0 (id=4977): openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000240), 0x40, 0x0) r0 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/13t\x00', 0x101080, 0x0) socket(0xb, 0x80805, 0x0) nanosleep$auto(&(0x7f0000000280)={0x100, 0xc12}, &(0x7f0000000380)={0xffffffffffffffff, 0x7c}) fadvise64$auto_POSIX_FADV_NOREUSE(r0, 0x2, 0x6, 0x5) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da09, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0xffffffffffffff7f, 0x6d3f, 0x9, 0x2, 0xffffffffffffffff]}, 0x0) write$auto(r1, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1fc, 0x7, 0xd, 0x9cd5, 0x958b, 0x3, 0x15f4da0a, 0x400000000003, 0x3, 0x8f, 0x40008000001f, 0x4, 0x6d3e, 0x9, 0x2, 0x40]}, 0x0) close_range$auto(0x2, 0x8, 0x0) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f00000003c0)='\xb2\x00\x00\x00\xd2\x8e\x9dj\xef\x13\xc9n\b\xea\xcb\xc0&V\xf9TY\x8c\xa0{\xb4\x1e\t\xb3\xe1\xad\xadA\xa2I!W\xd2F\n\xf05>1y\x84\x88\xc8v\xa0\xf0{\x1c\xdbUk\xde\xf29\x91\x85\xf3s\x19\x82\x96\xad\x9bH:\x7f,\xb5\xa0\xb3\xe7\x80\xd5\x83\xd3\xb8\x0eC \xcfp\x7f\x14P\xb7\xc0\xfe\xc8\x89\x85u\xec-\'z\xf7\x8bh\xa5\xeaX^\xc1\'\xf6L`\xa9\xd6V\x18RLF\x9f\v\f0uC\xa68\xac\xaf\xa0\x9f\'\xc7\xec', 0x3, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000380), 0x80180, 0x0) r3 = socket(0x2c, 0x3, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r3) readv$auto(r2, &(0x7f00000000c0)={0x0, 0x7}, 0x6) 5.195252308s ago: executing program 0 (id=4978): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x80000000948b, 0x400000000003, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0xc0000, 0x0) mmap$auto(0x0, 0x2000d, 0xe0, 0x46b1, 0x401, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) 5.195049958s ago: executing program 4 (id=4979): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) close_range$auto(0xffffffffffffffff, 0x8, 0x2) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000007380)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x109041, 0x0) write$auto(r0, &(0x7f0000008d40)='($}-)#@\x00', 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x10cc3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r1 = socket(0xf, 0xa, 0xf) setsockopt$auto(r1, 0x1, 0xc, 0x0, 0x7fffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') 4.812991825s ago: executing program 7 (id=4980): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1ff, 0x7, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x80, 0x4, 0x0, 0xa, 0x22000, 0x200, 0x0, 0x84}, 0x1fe, 0xd) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0xc0189436, 0x0) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) r2 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x102, 0x0) ioctl$auto_SNDCTL_SEQ_GETOUTCOUNT(r3, 0x80045104, &(0x7f0000000040)) write$auto(r2, 0x0, 0xfffffdf1) linkat$auto(r2, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fcntl$auto_F_OFD_GETLK(r0, 0x24, 0x16e) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, 0x0) syz_clone3(&(0x7f0000001380)={0x400, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)=0x0, {0x2d}, &(0x7f00000000c0)=""/127, 0x7f, &(0x7f0000000380)=""/4096, &(0x7f0000000140)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x8}, 0x58) ioctl$auto_LOOP_CTL_ADD(r2, 0x4c80, r5) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd0e, &(0x7f00000001c0)) process_vm_writev$auto(0x1, &(0x7f0000000200)={0x0, 0x4}, 0x8, &(0x7f0000002a40)={0x0, 0x7ffffffe}, 0x6, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/arp_all_targets\x00', 0x140b02, 0x0) sendfile$auto(r6, r6, 0x0, 0x3) 2.406526443s ago: executing program 0 (id=4981): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x8000000401, 0x8000) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x2, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) rt_sigtimedwait$auto(&(0x7f0000000040)={0xfffffffffffffbff}, 0x0, 0x0, 0x8) socket$nl_generic(0x11, 0x3, 0x10) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x14b040, 0x0) openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, 0x0, 0x200400, 0x0) read$auto_rng_chrdev_ops_core(r2, &(0x7f0000000040)=""/4096, 0xfffffe82) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) fsopen$auto(0x0, 0x1) 2.406346584s ago: executing program 7 (id=4982): mmap$auto(0x0, 0x3, 0x40000000009f, 0x10000000040eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x201, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) socket(0x28, 0x0, 0x300) ioctl$auto_SNDRV_PCM_IOCTL_HW_FREE2(0xffffffffffffffff, 0x4112, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.net/net_prio.ifpriomap\x00', 0x10b142, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1e2142, 0x0) sendfile$auto(r2, r2, 0x0, 0x7fff) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x101400, 0x0) sendfile$auto(r1, r1, 0x0, 0x5) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000200), 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x6040, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$auto_TCSBRK2(0xffffffffffffffff, 0x5409, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) mbind$auto(0x8000, 0xfa9d, 0x2, 0x0, 0x3, 0x1) socket(0x2a, 0x2, 0x1) setsockopt$auto(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000000)='\x00', 0x8) 2.406217968s ago: executing program 4 (id=4983): mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x8002, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x4504c1, 0x0) ioctl$auto(0x3, 0x89e0, 0x74) madvise$auto(0x0, 0xffffffffffff0001, 0x15) unshare$auto(0x40000080) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mknod$auto(0x0, 0x1081, 0x3) creat$auto(0x0, 0x4) r0 = socket(0x28, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) close_range$auto(0x2, 0x8, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x0, 0xffffffffffffffff, 0x2) landlock_create_ruleset$auto(0x0, 0x9, 0x0) sendmsg$auto_MACSEC_CMD_ADD_TXSA(0xffffffffffffffff, 0x0, 0x0) r1 = syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) fchdir$auto(r1) rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='./cgroup\x00') 1.991620947s ago: executing program 7 (id=4984): mmap$auto(0x0, 0x4, 0x3, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x5, 0x200000000000948b, 0x3, 0x15f4da09, 0x1, 0x3, 0x62, 0x80000001, 0x5, 0x6d3c, 0x9, 0x2, 0xffffffffffffffff]}, 0x0) sendmsg$auto_SMC_NETLINK_DUMP_HS_LIMITATION(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000200)={&(0x7f0000001200)={0xe14, 0x0, 0x100, 0x70bd28, 0x25dfdbfc, {}, "a940c530182f5f5d14b6d299bb1ae5977dcba06eadd6e048b8b1c62c6bf7af3e102bb72a56d7de7dfa520beda15bd0a69d3471f9eddb2cc8d7c78cffc291358f0a79fe241710913551e51bec1bcf89c854cdcdb1b9cb90b16695a674b000b2cd52cd1d4ab062197cde744c5761ab1e414146f368b8a9fbda388258d06827feb152b716b9c38ead86d87ad0b9cdb9460add8f4f8b66880bbea4fa5d0cb05d3083670da316d324e0e43f1d1ef75fd2aa77109e4842acd9058517322ca8ce4400244ca2b35f9cfa97a54e98558a372841d0400470ca0865cd6047e3dc429cb493b558597159fc574b9d0092a2a6c435a8dacc33b0f2edb2a7842b4c57a7cdb94aecfb7a2da3393555785c039dd9d6bb412cfcb5c5418b506646b9efa49923b935e38b04942843fcc85cd51eb7991c6730d86b3185ebb92221dc74d53dbbd59c3d473515009d3fca6dc574c3cdb14deec0e41531955e384a46833935cf690fd5246aa88afc5e56eed3bfcdd3d42f1c528c8dbb1b35f3b65d59587fce1a1526f2d814d1dc522184967d73c6345028ddd54675ae28b2b9f73a6053e1e66292c98892a9818e67f1877ee48a7a8c11dbb9189851d7256e558d7148d7d2c4aca6b9a4a1acc3b0e5374cae2706932d80166cc8eb973998f115b40f8cfd6e4300e36b9389ede15345a545d3dd44a7c7ab01faf08edfa57138c6d9af0ee4479329e978b87f106eaad62f7e06c49e3636d22b1f94d49ca25fe32bd2eb166158d891ad31306e818414c6360eb7979ff3ddde51e07785d13c299f3e958da2cbe9e09b0886c625cfe6b36dd25ac3a0ce639b04e215c0e519df0de12e25b1517a3070df0823aba56a25da62ae8e98a75a3a0bcf8b84f56da13649f8a93437378b7194ff3f27cb919cb872458bca94db54aa8bbbbb71f698764843d63ffdb05f543a523413ba136550eead4ccaca8870b139fdd27e625251e6764f3f20bc18304a202000c1db6be6ea1ef46f1fb8a7ed274c1e1c0d51d7e6e2f2b7199ee148886088ebfee93d6b7a3e4f5052b4a4629565773ffdce9cb19d677d31deac2d5191823e04d35b5e2a73f6ec49880beaba934e01668a89bc232f90aeb6ec8208848bdbd062dea06f1fb9203f55bf80266a9165f9ae63c8d57201ae86f5dece9cdc17df82d0207a05732cde2bae839c96e02aa35d8b86603e2fa1f10397a55a840248cc1bbb42d29b5face0940cb01b637b2aae7ece49b6c464d7a11feb1cedfff4df604adfa5f245b9d8f8a6ca713ca6fd940ca9282d1ca758a4fcce3e5efeadec714f29e7479157ae3ece8b49e115096a76d318080482027bf87a82840b8514110ca9e70967e25386bcf97073ad960f90d7fe1df4501d1367f8a10553e7267c12ff6df6663442002aecb8bf45d99d345fbb4e95d914dcbf84e02867020a4aef05b5774bdad2c6562e5b1ff5e422662a11db0c0f4fdf8c73f77b4b1b5a9e157d33926612ae0d442e5dcff34093ed3931308a1e0951784b695bb7f2b9306b748fb367ffa9f991cf5c5e5fe301cb9a24a27920bea62dd11a6a9452d24f63745d4ba4c572378775fe18be3f0f9cd9c6246048a17e02ede661666ffc4e40783883067add83870f7b7ae733e65bb6e5212aa59793d23e2831856aca8b1522450806c949c97dec4530b4e3cd278bb03b11b8c24ebbd4eb2ec95c513dc81ddb6c7707c75ae4a743f811282da7e51e54e433991dbc6c47b4b695ebd7c127f242691de2cd461b49921d3478e8a403b1144bdfb2ba5766a9f8b222a53998a034fb9584d64e93b4f6a1c9edcef024d5ced6b4cdd5d25fb6ef741e583418a715d26e3504df7e5a5bfc2d0f10baf759e29a3f8b7957bc6b5bde852ebb5f1b143fc2ab5a31cf81b990130a083ab6b6e39a06430ce50fd62518de3ea6c82d80fac5dc14e077c77534fc5ec37a893044de8a3f1bd76f5f18dff2c7d9c2113121484eedc5885ccfa8ec2471e1e18e568120903ba3fff85eed97dfd631ead850ece8e16c5195b4be06bd7616a25ea237f896a8b6c3a6e19fe7f4ec270873a56fe385be2b22559595bb0a1ad6902e0065bcfe1d5c2a8b87db82f20963758daed68d0449050971d2338efd1db62659a9daa5b0b9cebcb4a5c3df6153c571bf3adbd08da1d2f072498c9f2ba7909140437a5477662b7edcab8e40c466ccfea64bef4ae99f5753e239e2e6df099ef8db00acbad5a186451bcb136f565879f07d2d2422f0fbe8ed27b1f669bcd95144ba70bb8907cdff0784f7652f3c0725ec1ee4f93a960c01084e56d4148b9c63b8106d1e5cdc19bbc03647a2d850400baea207fc27c029a699baedec92aa450475e6063f8ef13c8f80b3c28dff330b2ec25a2cf7b138134a6b0f738811549688d0c2b935af4ccce338ebb95637277b1d4474780ccb4b69f81a38032d43ac6624ae7d72be2d22945b04e97af6de5c891dc3768f67d5b84c5ed4620e8e5560759073f00795097460ffea2b9b77ca22cf5bde58df13a531c5dc13c5bb6f0ca8de400aa2731da8f718510d012b0bda5a0093be5b9c95b71c954298f5e373e9256baac510cf78962f08f43c867c579e5226be558dc7d86de2c7e4ef62fd985a8b9fea9624f515c826a20f33ccda6c4ed065d2036760a9542a3cc8948c5b45f8e332a9eed9ecd41e1065e2b5d5232934cb7a1081114486c671ae88f0c515c5fc344d6d1bbe5dff560a5a69321311aa57ed88cb3331462254ceb3e7e9b28343468f461536fd11e3db4b3f5656501f4aad2933d52f98f03a2f7529e0c3afb32e8a34863f98cea4bdeb568a84d089971c0c36733fe6c0af94067c105ae360b823e303ce6bff51cc118765f3f05dcdc1fb253436a67b4b40f47eebe0b2949fe9a234413872ba818fd8aa4de88982f564a263f9cfe7b4b01157a267223ba7a296e716f53091c1bec05893d579bfcd20d16665f289e03773e65d7de03411650eb90a54bb084d18fe676d8927b084989525ddfaad5010aad000c6a36af892827c597998f560f61247e1b421bb56baa53f1b9c0a5fb031503ac937bebd67b8c4efb709093d6973ec82bdff5b67f7f3a3bbd8841c55ae3deb48e280ef51f24890e30a7b66303fcd85a3edcf2921cebb6ce118b2804eb533331bf74c79e74d48a4ad2533d6498dece59db74c164930ea170a518c7fca3f34e19fcacc7d14fd243ebd7629c6523ae926edff3e85420b910ea5eeb856ef3291c62c497e4a9ab05fffd155d350bcbd06693481f0414ace189e4df521cab05e7de7328d5b23134602c18622a84fca1e7e65266e3f7a37c32724219975439f13f30751269610df334e22dcae26c6da83fcd13f09f0d1dedf1f3d0186842c2417e7a6f7110c9e4f03c44a53043286d9ee5bb31eeea9bdbbbc0594ad8834d399881e52aedd99d1b6fdeeb089b204c2750a75411fb36066c6b1a33f4047565c30fbbf00b45b2be2234be755a1543310bb404462e15eaba6926125146a50584bcc034334e54d41fa66ea6247c7261195b3f8a30d20f0155cdfca031ec7d759ff51590ffd2a237ebdc4d120af2cd04ec1cc385af23f9e21d6d77d2f385068ce174e1d6e1a6d0f530c392af54391e935479d04688fd70f24ca89f107af1e1c02fd8391ec9f596fb0656a2b92c8517c805550eff64b8bef79b1ae97168c59a22fdec30a043e14ba75bb8a91a688dd447d79120b1245d362aefc04d0911be4d7d45bfd81fe48113488dbb29074bf27a3bac56597d16835cfbb5a87d886b9aef6682c55c0a20cc5759111e0f763a82b949e2a042a4add1307706e4a75ca0e82f018f74b5642e9287c31409bd816b2f94b9c11657e13bd6821e45292a8e47c7b7f4ee060ccea1563a701159f24e3a16ee4e84eabc3158a16996efc502190a26364307045e448ded657aed2c3988ff3d6d1e09669c44692bb297fe5b4b875db88b1eca36f0a23a2d5bf8e73c81f0e1342cbcfff571ba312073c3975dbf496d65c436983fdd038848623890b17d295b4d552f24b8a70778957a586fa9554429d1adefb4b9584d19616586d8eafd3d6d40283698119ac31f13e5240b7c71c9f4c76959b6caba3d13e8e52ad48ac63cf6371b728901804eb33c90275d3aaca2fc2b4496e6b24e27e03f690f3cfa0899a0ddc5746324ad425c87a04f0c9d4071c8542a0d83e3df8319b03a91750a29998a6bda8b7f37a482781f2184e0f20bb1517387e77c0284c240bcf75c0335657f23881ae0527cfbc8009040d64bcd1a5b89129a2b882d7c915c367af6b25fa3ed219556826a67bbb26679136be748367d8d03a2c2d109228c5faede60ba2319c0d172fbbc1a8e4b46c0400816520d4ee3479639b169b029a50885f48379f5f3d3c5efd6dd91c7ba0dd59749b7f68d61bf05d8c2e5143a59a6da1add5634acbb5036f6e689fc883ef771034372f450cde0c273cd09bb79f87c69e00925f7ae1bd603136abdd38711432a84eb21c3639b313ee7f73b4ac2205a345a27a67dfff3c93803e359fbe5b1b2d0af36f42a266b715f4af0b360a3c4f133a83f0c07b5b7b90f9cabf19eb49503d05feb1a51c2033b47c7e9204b475789139b67bf400a0947a3dbbf244dc58f9b559db8bcf470cdd11a12fe9da5be771c8457f961e45b3354de326c8ccbcac21a628cad81eb59ac44d540a6d5f72fdbda44fe4c2765a4c9a19d21bd63e928fa6e52d1bd1399e4b161889967e9c2275cec9d0ab01960545b88fa25e4ce9c25e17246622ce4587c1f0e0a0c22ede1f01c47fb3b1226d4301650ec62e6cc4bb07eb2c28ca2cbb180341908b215b0c0ed2a6914cd0c2aaf8651af14ff20ccff2d34299ceda3a073a6f7893bc749f2fda08aa98b9ccd7be3409cf68e84171bf3f1c998ffbeb2874fc3341daad5e3a8034422cb1446361fdf1763d8b1877188d4fb66d40518cc4a88897fbc8068f652bc58f1a8fcc58abfa5180f0972633a7221cb860ab5a3b2b4e9ecbcf572f86295e68bfd7fdaceace5a70d1a7eaedf8751c252f0d3a43496f5ff34dd0ba9084ff0609b4debcaad1e228c04e326b0bfdc161dabb243f976733d2961662b1"}, 0xe14}, 0x1, 0x0, 0x0, 0x20004090}, 0x40051) mremap$auto(0x0, 0x4000007, 0x3fd7, 0x0, 0x20000020000000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) move_pages$auto(0x0, 0x91, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) process_vm_readv$auto(0x0, &(0x7f00000000c0)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) clone3$auto(0x0, 0xa) read$auto(0xffffffffffffffff, 0x0, 0x10) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) syz_clone3(&(0x7f00000003c0)={0x383201180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioctl$auto(0x3, 0xae60, 0x38) 1.475750527s ago: executing program 7 (id=4985): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810008, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000040)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) r1 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$auto_IMADDTIMER(r1, 0x80044940, 0x0) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) ioctl$auto_VHOST_SET_BACKEND_FEATURES(0xffffffffffffffff, 0x4008af25, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000040), 0x2482, 0x0) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) r2 = socket(0x23, 0x5, 0x0) bind$auto(r2, &(0x7f0000000140)=@phonet={0x23, 0x6, 0x0, 0xa3}, 0x80) 1.175290149s ago: executing program 0 (id=4986): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r1, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_register$auto(0xffffffffffffffff, 0x15, 0x0, 0x9) r2 = socket(0xa, 0x801, 0x84) getsockopt$auto(r2, 0x84, 0x83, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x9, 0x20020000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, 0x0, 0x400c080) kexec_load$auto(0x3, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x40000000, 0x4800c000}, 0x4) read$auto_long_retry_limit_ops_(r1, &(0x7f0000000280)=""/140, 0x8c) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x801, 0x106) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 1.175171509s ago: executing program 4 (id=4987): msgctl$auto_IPC_INFO(0xa6, 0x3, &(0x7f0000000100)={{0x7, 0x0, 0x0, 0x0, 0x3f7a8df9, 0x9, 0x8}, 0x0, &(0x7f0000000040)=0xa, 0x3e, 0x7f, 0x7, 0x100000000, 0xffffffffffffffff, 0x2cc, 0x2, 0x0, @raw=0x80, @raw=0x80000001}) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) writev$auto(0x3, 0x0, 0x8009) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) socket(0x1b, 0x3, 0x1) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) syz_genetlink_get_family_id$auto_ila(0x0, 0xffffffffffffffff) futex$auto(0x0, 0x5, 0x0, 0x0, 0x0, 0xa0000001) openat$auto_bm_status_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x40002, 0x0) 190.682911ms ago: executing program 0 (id=4988): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x14, r1, 0x1, 0x70bd2d, 0x25dfdbf9, {0x1, 0x0, 0xff0f}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x541c, r2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x0, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) read$auto_check_wx_fops_(0xffffffffffffffff, &(0x7f0000000140)=""/154, 0x9a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x200007, 0x8) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 7 (id=4989): write$auto(0xffffffffffffffff, 0x0, 0x1) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram7\x00', 0x60742, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) connect$auto(0x3, 0x0, 0x8) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d00", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d}) ioctl$auto_BLKTRACETEARDOWN(r1, 0x1276, 0x0) madvise$auto(0x0, 0x5, 0x15) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto(r2, 0x0, 0x3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000180)) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) read$auto_nvram_misc_fops_nvram(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x440c5) lstat$auto(0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x89fc, 0x0) kernel console output (not intermixed with test programs): pcode 0x0406 failed: -4 [ 1055.356189][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.363503][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1056.041856][T19586] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek [ 1058.594081][T19639] dump_stack_lvl+0x16c/0x1f0 [ 1058.594124][T19639] should_fail_ex+0x512/0x640 [ 1058.594188][T19639] ? __kmalloc_noprof+0xca/0x880 [ 1058.594243][T19639] should_failslab+0xc2/0x120 [ 1058.594288][T19639] __kmalloc_noprof+0xdd/0x880 [ 1058.594340][T19639] ? __register_sysctl_table+0xb3/0x1900 [ 1058.594397][T19639] ? __register_sysctl_table+0xb3/0x1900 [ 1058.594447][T19639] __register_sysctl_table+0xb3/0x1900 [ 1058.594498][T19639] ? is_module_address+0x5f/0xf0 [ 1058.594552][T19639] ? __pfx___register_sysctl_table+0x10/0x10 [ 1058.594607][T19639] ? is_module_address+0x69/0xf0 [ 1058.594652][T19639] ? register_net_sysctl_sz+0x228/0x3e0 [ 1058.594699][T19639] ? __asan_memcpy+0x3c/0x60 [ 1058.594738][T19639] sysctl_route_net_init+0x15e/0x2c0 [ 1058.594783][T19639] ? __pfx_sysctl_route_net_init+0x10/0x10 [ 1058.594824][T19639] ops_init+0x1e2/0x5f0 [ 1058.594862][T19639] setup_net+0x100/0x390 [ 1058.594896][T19639] ? __pfx_setup_net+0x10/0x10 [ 1058.594929][T19639] ? debug_mutex_init+0x37/0x70 [ 1058.594968][T19639] copy_net_ns+0x2f8/0x690 [ 1058.595011][T19639] create_new_namespaces+0x3ea/0xa90 [ 1058.595062][T19639] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1058.595105][T19639] ksys_unshare+0x45b/0xa40 [ 1058.595161][T19639] ? __pfx_ksys_unshare+0x10/0x10 [ 1058.595209][T19639] ? xfd_validate_state+0x61/0x180 [ 1058.595270][T19639] __x64_sys_unshare+0x31/0x40 [ 1058.595314][T19639] do_syscall_64+0xcd/0xfa0 [ 1058.595353][T19639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1058.595386][T19639] RIP: 0033:0x7fe75098efc9 [ 1058.595413][T19639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1058.595447][T19639] RSP: 002b:00007fe75188a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1058.595479][T19639] RAX: ffffffffffffffda RBX: 00007fe750be5fa0 RCX: 00007fe75098efc9 [ 1058.595502][T19639] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1058.595521][T19639] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1058.595541][T19639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1058.595562][T19639] R13: 00007fe750be6038 R14: 00007fe750be5fa0 R15: 00007ffcb25c5ab8 [ 1058.595609][T19639] [ 1059.281293][T19651] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4024: iget: checksum invalid [ 1059.293601][T19651] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1059.305898][T19651] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4024: iget: checksum invalid [ 1059.321675][T19651] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1059.329019][T18931] Bluetooth: hci5: command 0x0406 tx timeout [ 1059.345869][T19651] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4024: iget: checksum invalid [ 1059.387033][T19651] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1059.403487][T19651] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4024: iget: checksum invalid [ 1059.506680][T19651] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1059.522154][T19651] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1059.535968][T19651] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1060.169585][T19666] netlink: 9 bytes leftover after parsing attributes in process `syz.5.4028'. [ 1061.039705][T19668] sp0: Synchronizing with TNC [ 1061.071527][T19675] sp0: Found TNC [ 1062.605813][T19691] Process accounting resumed [ 1069.328077][T19764] bond0: invalid ARP target specified [ 1071.479201][T19782] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4053'. [ 1071.529132][T19782] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1071.542266][T19784] ICMPv6: process `syz.4.4061' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 1071.593644][T19782] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1072.960510][T19794] cifs: Unknown parameter 'T.żc[$⁍)UÑnE-ʙl- -_5Z omfwYh*/xDlݩgkǐA79Xa/f_ARxM vp$^;q3n-6+ek/7=k™<dvLk&<#znR [ 1111.426735][T20170] [U] mS(t Np.Wc|/Î?ޤ!1ׂ%@<ڼ3 [ 1111.435001][T20170] [U] RG 64w,&'wrjѷhr ܇+T֏Į~rG퍕ˮHc\=P_F3b"oٙDꇊ,$z_w!ϣrGݐ|;"Q8ӵ2 [ 1111.453265][T20170] [U] Ǿ=? 6>/C%ot:&e9 *̧6på]xOg\[r'ԘYϾpnwq [ 1111.469873][T20170] [U] Y%r^*jlP$fQPƜ+wIR|'Vh۪Ӟ[`J,&\,Q[ .kL *m}jNR-o8&de^P=?66H4:}wf`m>LԆḬk: [ 1111.488475][T20170] [U] TCP%ġ"*_|"6^ZzHiBbQ{U6l [ 1111.497897][T20170] [U] c0}qԊp#|E/xNmUyj@ DPP?Z[-:jkyjAgƚ$C͌nNYWbT܌w\ɕ?P-R$V,< Fo0=Ӈzw̆rW@Z"O [ 1111.765391][T20183] netlink: 326 bytes leftover after parsing attributes in process `syz.6.4141'. [ 1111.811897][T20170] [U] c䯩=ɀbp?/AT [ 1111.817841][T20170] [U] [ 1111.820946][T20170] [U] [ 1111.824145][T20170] [U] [ 1111.935207][T20170] [U] [ 1113.847365][T20202] Falling back ldisc for pty66. [ 1114.110531][T20206] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 1114.591354][T20206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4146'. [ 1114.643080][T20208] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 1115.981603][T20229] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1116.009737][T20229] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1116.033999][T20229] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1116.064303][T20229] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1116.492474][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.499775][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1116.595183][T20239] netlink: 17 bytes leftover after parsing attributes in process `syz.5.4156'. [ 1116.744034][T20240] i2c i2c-0: new_device: Missing parameters [ 1117.993566][T18931] Bluetooth: hci3: command 0x0406 tx timeout [ 1118.063578][T18931] Bluetooth: hci5: command 0x0406 tx timeout [ 1118.071050][T18931] Bluetooth: hci4: command 0x0c1a tx timeout [ 1118.077916][T18931] Bluetooth: hci1: command 0x0c1a tx timeout [ 1121.438533][T20286] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4166'. [ 1124.733977][T20307] Process accounting resumed [ 1128.950750][T20369] i2c i2c-0: new_device: Extra parameters [ 1131.364366][T20397] syz.0.4192: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1131.380503][T20397] CPU: 1 UID: 0 PID: 20397 Comm: syz.0.4192 Not tainted syzkaller #0 PREEMPT(full) [ 1131.380542][T20397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1131.380558][T20397] Call Trace: [ 1131.380571][T20397] [ 1131.380582][T20397] dump_stack_lvl+0x16c/0x1f0 [ 1131.380621][T20397] warn_alloc+0x248/0x3a0 [ 1131.380650][T20397] ? __pfx_warn_alloc+0x10/0x10 [ 1131.380693][T20397] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 1131.380729][T20397] __vmalloc_node_range_noprof+0xfbc/0x1480 [ 1131.380770][T20397] ? __pfx___might_resched+0x10/0x10 [ 1131.380798][T20397] ? rcu_is_watching+0x12/0xc0 [ 1131.380825][T20397] ? trace_contention_end+0xdd/0x130 [ 1131.380861][T20397] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 1131.380894][T20397] ? tomoyo_path_number_perm+0x295/0x580 [ 1131.380941][T20397] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1131.380976][T20397] ? __pfx___mutex_lock+0x10/0x10 [ 1131.381008][T20397] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1131.381061][T20397] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 1131.381094][T20397] __vmalloc_node_noprof+0xad/0xf0 [ 1131.381131][T20397] ? dvb_dvr_do_ioctl+0x15d/0x290 [ 1131.381169][T20397] dvb_dvr_do_ioctl+0x15d/0x290 [ 1131.381209][T20397] dvb_usercopy+0x167/0x340 [ 1131.381241][T20397] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 1131.381276][T20397] ? __pfx_dvb_usercopy+0x10/0x10 [ 1131.381321][T20397] ? __fget_files+0x20e/0x3c0 [ 1131.381352][T20397] dvb_dvr_ioctl+0x29/0x40 [ 1131.381383][T20397] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 1131.381415][T20397] __x64_sys_ioctl+0x18e/0x210 [ 1131.381454][T20397] do_syscall_64+0xcd/0xfa0 [ 1131.381484][T20397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1131.381528][T20397] RIP: 0033:0x7f941b98efc9 [ 1131.381548][T20397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1131.381573][T20397] RSP: 002b:00007f941c88f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1131.381596][T20397] RAX: ffffffffffffffda RBX: 00007f941bbe6270 RCX: 00007f941b98efc9 [ 1131.381613][T20397] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000006 [ 1131.381627][T20397] RBP: 00007f941ba11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1131.381642][T20397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1131.381657][T20397] R13: 00007f941bbe6308 R14: 00007f941bbe6270 R15: 00007fff37daeb88 [ 1131.381690][T20397] [ 1131.381699][T20397] Mem-Info: [ 1131.704289][T20397] active_anon:10880 inactive_anon:40181 isolated_anon:24 [ 1131.704289][T20397] active_file:40884 inactive_file:38011 isolated_file:0 [ 1131.704289][T20397] unevictable:768 dirty:342 writeback:0 [ 1131.704289][T20397] slab_reclaimable:13127 slab_unreclaimable:98489 [ 1131.704289][T20397] mapped:40085 shmem:34294 pagetables:1767 [ 1131.704289][T20397] sec_pagetables:0 bounce:0 [ 1131.704289][T20397] kernel_misc_reclaimable:0 [ 1131.704289][T20397] free:1246755 free_pcp:12911 free_cma:0 [ 1131.825673][T20397] Node 0 active_anon:43520kB inactive_anon:163424kB active_file:163456kB inactive_file:153964kB unevictable:1536kB isolated(anon):96kB isolated(file):0kB mapped:162824kB dirty:1368kB writeback:0kB shmem:138540kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:2048kB kernel_stack:12580kB pagetables:6912kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1131.968379][T20397] Node 1 active_anon:0kB inactive_anon:0kB active_file:80kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1132.101213][T20397] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1132.174179][T20397] lowmem_reserve[]: 0 2485 2487 2487 2487 [ 1132.396195][T20397] Node 0 DMA32 free:1048992kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:43520kB inactive_anon:169820kB active_file:163456kB inactive_file:154220kB unevictable:1536kB writepending:1700kB zspages:1468kB present:3129332kB managed:2545108kB mlocked:0kB bounce:0kB free_pcp:39672kB local_pcp:14784kB free_cma:0kB [ 1132.627045][T20397] lowmem_reserve[]: 0 0 1 1 1 [ 1132.665674][T20397] Node 0 Normal free:12kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1132.965673][T20397] lowmem_reserve[]: 0 0 0 0 0 [ 1132.970831][T20397] Node 1 Normal free:3911484kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:80kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:9464kB local_pcp:8980kB free_cma:0kB [ 1133.035651][T20397] lowmem_reserve[]: 0 0 0 0 0 [ 1133.040885][T20397] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1133.141908][T20397] Node 0 DMA32: 585*4kB (UME) 718*8kB (UME) 567*16kB (UME) 187*32kB (UME) 707*64kB (UME) 352*128kB (UME) 174*256kB (UME) 36*512kB (UME) 20*1024kB (UM) 1*2048kB (U) 205*4096kB (UM) = 1038628kB [ 1133.184622][T20397] Node 0 Normal: 1*4kB (U) 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB [ 1133.301529][T20397] Node 1 Normal: 225*4kB (UME) 65*8kB (UME) 45*16kB (UME) 209*32kB (UME) 97*64kB (UME) 35*128kB (UME) 17*256kB (UME) 8*512kB (UM) 3*1024kB (UME) 3*2048kB (UME) 946*4096kB (UM) = 3911996kB [ 1133.399215][T20397] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1133.466735][T20397] Node 0 hugepages_total=4 hugepages_free=2 hugepages_surp=4 hugepages_size=2048kB [ 1133.546095][T20397] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1133.632224][T20397] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1133.693432][T20397] 121463 total pagecache pages [ 1133.699245][T20397] 41 pages in swap cache [ 1133.738655][T20397] Free swap = 115436kB [ 1133.765929][T20397] Total swap = 124996kB [ 1133.784926][T20397] 2097051 pages RAM [ 1133.789106][T20397] 0 pages HighMem/MovableOnly [ 1133.831142][T20397] 428684 pages reserved [ 1133.835410][T20397] 0 pages cma reserved [ 1137.080359][T20434] FAULT_INJECTION: forcing a failure. [ 1137.080359][T20434] name failslab, interval 1, probability 0, space 0, times 0 [ 1137.124483][T20434] CPU: 1 UID: 0 PID: 20434 Comm: syz.6.4204 Not tainted syzkaller #0 PREEMPT(full) [ 1137.124541][T20434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1137.124562][T20434] Call Trace: [ 1137.124573][T20434] [ 1137.124587][T20434] dump_stack_lvl+0x16c/0x1f0 [ 1137.124632][T20434] should_fail_ex+0x512/0x640 [ 1137.124681][T20434] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1137.124720][T20434] should_failslab+0xc2/0x120 [ 1137.124764][T20434] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1137.124800][T20434] ? __proc_create+0x2ce/0x8e0 [ 1137.124859][T20434] ? __proc_create+0x2ce/0x8e0 [ 1137.124905][T20434] __proc_create+0x2ce/0x8e0 [ 1137.124954][T20434] ? __pfx___proc_create+0x10/0x10 [ 1137.125010][T20434] ? _raw_write_unlock+0x28/0x50 [ 1137.125042][T20434] ? proc_register+0x559/0x8b0 [ 1137.125094][T20434] proc_create_reg+0x7d/0x180 [ 1137.125148][T20434] proc_create_net_data+0x8e/0x1c0 [ 1137.125197][T20434] ? __pfx_proc_create_net_data+0x10/0x10 [ 1137.125247][T20434] ? __pfx_ndisc_net_init+0x10/0x10 [ 1137.125301][T20434] ? __pfx_if6_proc_net_init+0x10/0x10 [ 1137.125354][T20434] if6_proc_net_init+0x53/0x70 [ 1137.125406][T20434] ops_init+0x1e2/0x5f0 [ 1137.125446][T20434] setup_net+0x100/0x390 [ 1137.125482][T20434] ? __pfx_setup_net+0x10/0x10 [ 1137.125525][T20434] ? debug_mutex_init+0x37/0x70 [ 1137.125568][T20434] copy_net_ns+0x2f8/0x690 [ 1137.125612][T20434] create_new_namespaces+0x3ea/0xa90 [ 1137.125662][T20434] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1137.125707][T20434] ksys_unshare+0x45b/0xa40 [ 1137.125752][T20434] ? __pfx_ksys_unshare+0x10/0x10 [ 1137.125813][T20434] __x64_sys_unshare+0x31/0x40 [ 1137.125857][T20434] do_syscall_64+0xcd/0xfa0 [ 1137.125896][T20434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1137.125928][T20434] RIP: 0033:0x7fe75098efc9 [ 1137.125954][T20434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1137.125989][T20434] RSP: 002b:00007fe75188a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1137.126022][T20434] RAX: ffffffffffffffda RBX: 00007fe750be5fa0 RCX: 00007fe75098efc9 [ 1137.126045][T20434] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1137.126065][T20434] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1137.126083][T20434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1137.126102][T20434] R13: 00007fe750be6038 R14: 00007fe750be5fa0 R15: 00007ffcb25c5ab8 [ 1137.126149][T20434] [ 1138.030762][T11754] usb usb38-port5: attempt power cycle [ 1138.516968][T20445] netlink: 'syz.4.4208': attribute type 15 has an invalid length. [ 1138.592255][T20445] netlink: 252 bytes leftover after parsing attributes in process `syz.4.4208'. [ 1138.628250][T11754] usb usb38-port5: unable to enumerate USB device [ 1138.636621][T20447] netlink: 'syz.4.4208': attribute type 15 has an invalid length. [ 1138.664322][T20447] netlink: 252 bytes leftover after parsing attributes in process `syz.4.4208'. [ 1138.933286][T20449] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4209'. [ 1138.982541][T20449] netlink: 354 bytes leftover after parsing attributes in process `syz.0.4209'. [ 1140.948760][T20472] zram: Added device: zram4 [ 1141.665004][T20483] ima: policy update failed [ 1141.670074][ T30] audit: type=1802 audit(4294967378.415:24): pid=20483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.4219" res=0 errno=0 [ 1141.714298][T20483] netlink: 25 bytes leftover after parsing attributes in process `syz.0.4219'. [ 1141.998138][T20488] Invalid ELF header magic: != ELF [ 1143.275072][T20506] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4227'. [ 1143.507251][T20512] random: crng reseeded on system resumption [ 1143.929523][T20514] Unrecognized hibernate image header format! [ 1143.948898][T20514] PM: hibernation: Image mismatch: architecture specific data [ 1145.466494][T20527] Invalid ELF header magic: != ELF [ 1146.180904][T20539] program syz.6.4233 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1151.925573][T20602] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4247'. [ 1154.131768][T20627] Invalid ELF header magic: != ELF [ 1154.908553][T20643] HfR: entered promiscuous mode [ 1156.201294][T20641] Process accounting paused [ 1159.343394][T20685] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4263'. [ 1162.071665][T20716] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4273'. [ 1165.771679][T20754] Console: switching to colour VGA+ 80x25 [ 1169.682494][T20784] random: crng reseeded on system resumption [ 1170.413517][T20794] blktrace: Concurrent blktraces are not allowed on loop2 [ 1172.988395][T20822] Invalid ELF header magic: != ELF [ 1174.921133][T20840] binder: 20836:20840 ioctl 400c620e 0 returned -22 [ 1175.875486][T20843] random: crng reseeded on system resumption [ 1175.934302][ T36] Trying to write to read-only block-device sda1 [ 1175.961134][ T36] Trying to write to read-only block-device sda [ 1176.043216][T20805] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1177.601096][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1177.607846][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1177.757757][T20871] FAULT_INJECTION: forcing a failure. [ 1177.757757][T20871] name failslab, interval 1, probability 0, space 0, times 0 [ 1177.837959][T20871] CPU: 1 UID: 0 PID: 20871 Comm: syz.6.4304 Not tainted syzkaller #0 PREEMPT(full) [ 1177.838017][T20871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1177.838040][T20871] Call Trace: [ 1177.838052][T20871] [ 1177.838067][T20871] dump_stack_lvl+0x16c/0x1f0 [ 1177.838139][T20871] should_fail_ex+0x512/0x640 [ 1177.838194][T20871] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1177.838256][T20871] should_failslab+0xc2/0x120 [ 1177.838304][T20871] __kmalloc_cache_noprof+0x72/0x780 [ 1177.838360][T20871] ? trace_kmalloc+0x2b/0xd0 [ 1177.838401][T20871] ? snd_virmidi_output_open+0xc4/0x670 [ 1177.838451][T20871] ? snd_virmidi_output_open+0xc4/0x670 [ 1177.838493][T20871] snd_virmidi_output_open+0xc4/0x670 [ 1177.838541][T20871] open_substream+0x480/0x990 [ 1177.838600][T20871] rawmidi_open_priv+0x543/0x6e0 [ 1177.838659][T20871] snd_rawmidi_open+0x4cb/0xbf0 [ 1177.838720][T20871] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1177.838775][T20871] ? __pfx_default_wake_function+0x10/0x10 [ 1177.838817][T20871] ? kobject_get_unless_zero+0x156/0x1e0 [ 1177.838866][T20871] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 1177.838919][T20871] snd_open+0x22d/0x4c0 [ 1177.838962][T20871] ? __pfx_snd_open+0x10/0x10 [ 1177.839008][T20871] chrdev_open+0x234/0x6a0 [ 1177.839050][T20871] ? __pfx_apparmor_file_open+0x10/0x10 [ 1177.839105][T20871] ? __pfx_chrdev_open+0x10/0x10 [ 1177.839150][T20871] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1177.839198][T20871] do_dentry_open+0x982/0x1530 [ 1177.839240][T20871] ? __pfx_chrdev_open+0x10/0x10 [ 1177.839291][T20871] vfs_open+0x82/0x3f0 [ 1177.839346][T20871] path_openat+0x1de4/0x2cb0 [ 1177.839400][T20871] ? __pfx_path_openat+0x10/0x10 [ 1177.839442][T20871] ? __lock_acquire+0xb8a/0x1c90 [ 1177.839494][T20871] do_filp_open+0x20b/0x470 [ 1177.839535][T20871] ? __pfx_do_filp_open+0x10/0x10 [ 1177.839606][T20871] ? alloc_fd+0x471/0x7d0 [ 1177.839654][T20871] do_sys_openat2+0x11b/0x1d0 [ 1177.839705][T20871] ? __pfx_do_sys_openat2+0x10/0x10 [ 1177.839757][T20871] ? __pfx___might_resched+0x10/0x10 [ 1177.839805][T20871] __x64_sys_openat+0x174/0x210 [ 1177.839858][T20871] ? __pfx___x64_sys_openat+0x10/0x10 [ 1177.839939][T20871] do_syscall_64+0xcd/0xfa0 [ 1177.839982][T20871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1177.840028][T20871] RIP: 0033:0x7fe75098efc9 [ 1177.840067][T20871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1177.840103][T20871] RSP: 002b:00007fe751869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1177.840138][T20871] RAX: ffffffffffffffda RBX: 00007fe750be6090 RCX: 00007fe75098efc9 [ 1177.840162][T20871] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1177.840186][T20871] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1177.840208][T20871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1177.840230][T20871] R13: 00007fe750be6128 R14: 00007fe750be6090 R15: 00007ffcb25c5ab8 [ 1177.840278][T20871] [ 1179.072903][T20867] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 1179.181274][T20867] File: /dev/ram7 PID: 20867 Comm: syz.4.4303 [ 1179.875886][T20889] Console: switching to colour frame buffer device 4x6 [ 1181.087766][T20898] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4309'. [ 1181.141336][T20900] netlink: 354 bytes leftover after parsing attributes in process `syz.6.4309'. [ 1183.235146][T20906] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1184.499816][T20926] sysfs_service_op_show: Client not running :-5: [ 1185.453950][T20932] zswap: compressor 000 not available [ 1185.956444][T20948] blktrace: Concurrent blktraces are not allowed on loop2 [ 1186.633715][T20955] Process accounting resumed [ 1186.940994][ T30] audit: type=1804 audit(4294967423.921:25): pid=20957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.4320" name="/newroot/999/file0" dev="tmpfs" ino=5209 res=1 errno=0 [ 1191.815794][T18931] Bluetooth: hci5: unexpected subevent 0x12 length: 123 > 5 [ 1192.858392][T21022] nbd: socks must be embedded in a SOCK_ITEM attr [ 1194.872008][T21013] kexec: Could not allocate control_code_buffer [ 1196.922677][T21068] FAULT_INJECTION: forcing a failure. [ 1196.922677][T21068] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1197.154727][T21068] CPU: 1 UID: 0 PID: 21068 Comm: syz.6.4346 Not tainted syzkaller #0 PREEMPT(full) [ 1197.154762][T21068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1197.154778][T21068] Call Trace: [ 1197.154786][T21068] [ 1197.154796][T21068] dump_stack_lvl+0x16c/0x1f0 [ 1197.154827][T21068] should_fail_ex+0x512/0x640 [ 1197.154869][T21068] should_fail_alloc_page+0xe7/0x130 [ 1197.154905][T21068] prepare_alloc_pages+0x3c2/0x610 [ 1197.154943][T21068] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1197.154970][T21068] ? __alloc_frozen_pages_noprof+0x292/0x2470 [ 1197.155008][T21068] ? find_held_lock+0x2b/0x80 [ 1197.155034][T21068] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1197.155058][T21068] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1197.155087][T21068] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1197.155118][T21068] ? look_up_lock_class+0x59/0x150 [ 1197.155148][T21068] ? unwind_get_return_address+0x59/0xa0 [ 1197.155174][T21068] ? arch_stack_walk+0xa6/0x100 [ 1197.155202][T21068] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1197.155245][T21068] ? policy_nodemask+0xea/0x4e0 [ 1197.155280][T21068] alloc_pages_mpol+0x1fb/0x550 [ 1197.155314][T21068] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1197.155346][T21068] ? do_raw_spin_lock+0x12c/0x2b0 [ 1197.155393][T21068] ? find_held_lock+0x2b/0x80 [ 1197.155423][T21068] alloc_pages_noprof+0x131/0x390 [ 1197.155457][T21068] __pmd_alloc+0x3b/0x8b0 [ 1197.155489][T21068] ? __pud_alloc+0x51f/0x6b0 [ 1197.155523][T21068] __handle_mm_fault+0xada/0x2aa0 [ 1197.155569][T21068] ? __pfx___handle_mm_fault+0x10/0x10 [ 1197.155632][T21068] handle_mm_fault+0x589/0xd10 [ 1197.155676][T21068] __get_user_pages+0x54e/0x3530 [ 1197.155716][T21068] ? __pfx_validate_mm+0x10/0x10 [ 1197.155758][T21068] ? __pfx___get_user_pages+0x10/0x10 [ 1197.155799][T21068] get_user_pages_remote+0x243/0xab0 [ 1197.155839][T21068] ? __pfx_get_user_pages_remote+0x10/0x10 [ 1197.155871][T21068] ? __pfx_vma_link+0x10/0x10 [ 1197.155905][T21068] get_arg_page+0xf4/0x310 [ 1197.155928][T21068] ? __pfx_get_arg_page+0x10/0x10 [ 1197.155950][T21068] ? up_write+0x1b2/0x520 [ 1197.155991][T21068] copy_string_kernel+0x182/0x520 [ 1197.156022][T21068] do_execveat_common.isra.0+0x2ed/0x610 [ 1197.156054][T21068] __x64_sys_execve+0x8e/0xb0 [ 1197.156080][T21068] do_syscall_64+0xcd/0xfa0 [ 1197.156109][T21068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1197.156134][T21068] RIP: 0033:0x7fe75098efc9 [ 1197.156154][T21068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1197.156178][T21068] RSP: 002b:00007fe75188a038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 1197.156201][T21068] RAX: ffffffffffffffda RBX: 00007fe750be5fa0 RCX: 00007fe75098efc9 [ 1197.156218][T21068] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 1197.156233][T21068] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1197.156248][T21068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1197.156263][T21068] R13: 00007fe750be6038 R14: 00007fe750be5fa0 R15: 00007ffcb25c5ab8 [ 1197.156295][T21068] [ 1199.905083][T21075] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4348'. [ 1199.994613][T21075] bond0: entered allmulticast mode [ 1200.034057][T21075] bond_slave_1: entered allmulticast mode [ 1200.073592][T21075] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1200.829258][T18931] Bluetooth: hci5: unexpected event 0x3e length: 728 > 260 [ 1200.829305][T18931] Bluetooth: hci5: unexpected subevent 0x03 length: 727 > 9 [ 1202.590230][T21118] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1204.262424][T21136] zswap: compressor not available [ 1209.847348][T21185] sd 0:0:1:0: PR command failed: 1026 [ 1209.852965][T21185] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1210.046427][T21185] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1216.834601][T21243] FAULT_INJECTION: forcing a failure. [ 1216.834601][T21243] name failslab, interval 1, probability 0, space 0, times 0 [ 1216.871443][T21243] CPU: 1 UID: 0 PID: 21243 Comm: syz.6.4380 Not tainted syzkaller #0 PREEMPT(full) [ 1216.871489][T21243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1216.871509][T21243] Call Trace: [ 1216.871520][T21243] [ 1216.871534][T21243] dump_stack_lvl+0x16c/0x1f0 [ 1216.871577][T21243] should_fail_ex+0x512/0x640 [ 1216.871628][T21243] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1216.871667][T21243] should_failslab+0xc2/0x120 [ 1216.871713][T21243] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1216.871746][T21243] ? __proc_create+0x2ce/0x8e0 [ 1216.871802][T21243] ? __proc_create+0x2ce/0x8e0 [ 1216.871849][T21243] __proc_create+0x2ce/0x8e0 [ 1216.871900][T21243] ? __pfx___proc_create+0x10/0x10 [ 1216.871955][T21243] ? _raw_write_unlock+0x28/0x50 [ 1216.871988][T21243] ? proc_register+0x559/0x8b0 [ 1216.872043][T21243] proc_create_reg+0x7d/0x180 [ 1216.872099][T21243] proc_create_data+0x86/0x110 [ 1216.872150][T21243] ? __pfx_proc_create_data+0x10/0x10 [ 1216.872205][T21243] ? cache_register_net+0x137/0x5e0 [ 1216.872255][T21243] cache_register_net+0x25a/0x5e0 [ 1216.872310][T21243] nfsd_export_init+0xb6/0x250 [ 1216.872363][T21243] ? __pfx_nfsd_net_init+0x10/0x10 [ 1216.872414][T21243] nfsd_net_init+0x33/0x3d0 [ 1216.872468][T21243] ? __pfx_nfsd_net_init+0x10/0x10 [ 1216.872519][T21243] ops_init+0x1e2/0x5f0 [ 1216.872558][T21243] setup_net+0x100/0x390 [ 1216.872591][T21243] ? __pfx_setup_net+0x10/0x10 [ 1216.872626][T21243] ? debug_mutex_init+0x37/0x70 [ 1216.872666][T21243] copy_net_ns+0x2f8/0x690 [ 1216.872709][T21243] create_new_namespaces+0x3ea/0xa90 [ 1216.872757][T21243] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1216.872801][T21243] ksys_unshare+0x45b/0xa40 [ 1216.872847][T21243] ? __pfx_ksys_unshare+0x10/0x10 [ 1216.872901][T21243] ? xfd_validate_state+0x61/0x180 [ 1216.872962][T21243] __x64_sys_unshare+0x31/0x40 [ 1216.873008][T21243] do_syscall_64+0xcd/0xfa0 [ 1216.873048][T21243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1216.873083][T21243] RIP: 0033:0x7fe75098efc9 [ 1216.873111][T21243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1216.873145][T21243] RSP: 002b:00007fe751869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1216.873179][T21243] RAX: ffffffffffffffda RBX: 00007fe750be6090 RCX: 00007fe75098efc9 [ 1216.873202][T21243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1216.873223][T21243] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1216.873244][T21243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1216.873265][T21243] R13: 00007fe750be6128 R14: 00007fe750be6090 R15: 00007ffcb25c5ab8 [ 1216.873320][T21243] [ 1217.242519][T21231] Process accounting paused [ 1222.780843][T21307] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1222.788742][T21307] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1222.795069][T21307] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1222.863122][T21307] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1224.788603][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 1224.868012][ T52] Bluetooth: hci4: command 0x0c1a tx timeout [ 1224.868036][T18931] Bluetooth: hci3: command 0x0406 tx timeout [ 1224.868056][ T5150] Bluetooth: hci5: command 0x0406 tx timeout [ 1225.597486][T21334] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4397'. [ 1225.645970][T21334] netlink: 'syz.5.4397': attribute type 1 has an invalid length. [ 1225.674121][T21334] netlink: 'syz.5.4397': attribute type 6 has an invalid length. [ 1229.204521][T21373] zswap: compressor 000 not available [ 1229.813331][T21392] XFS: Clearing xfsstats [ 1229.973729][T21397] netlink: 25 bytes leftover after parsing attributes in process `syz.6.4412'. [ 1230.780861][T21403] zswap: compressor not available [ 1230.884000][T21414] vivid-007: ================= START STATUS ================= [ 1230.911871][T21414] vivid-007: Generate PTS: true [ 1230.977325][T21414] vivid-007: Generate SCR: true [ 1230.982400][T21414] tpg source WxH: 320x240 (Y'CbCr) [ 1231.006511][T21414] tpg field: 1 [ 1231.009949][T21414] tpg crop: (0,0)/320x240 [ 1231.057545][T21414] tpg compose: (0,0)/320x240 [ 1231.078931][T21414] tpg colorspace: 8 [ 1231.101721][T21414] tpg transfer function: 0/0 [ 1231.126435][T21414] tpg Y'CbCr encoding: 0/0 [ 1231.136524][T21414] tpg quantization: 0/0 [ 1231.140757][T21414] tpg RGB range: 0/2 [ 1231.152384][T21414] vivid-007: ================== END STATUS ================== [ 1234.780237][T21462] Process accounting resumed [ 1238.715922][T21517] netlink: zone id is out of range [ 1238.721127][T21517] netlink: zone id is out of range [ 1238.746656][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.753065][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1238.775013][T21517] netlink: zone id is out of range [ 1238.846228][T21517] netlink: zone id is out of range [ 1238.851698][T21517] netlink: zone id is out of range [ 1238.940667][T21523] FAULT_INJECTION: forcing a failure. [ 1238.940667][T21523] name failslab, interval 1, probability 0, space 0, times 0 [ 1238.987004][T21523] CPU: 1 UID: 0 PID: 21523 Comm: syz.6.4443 Not tainted syzkaller #0 PREEMPT(full) [ 1238.987054][T21523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1238.987075][T21523] Call Trace: [ 1238.987088][T21523] [ 1238.987103][T21523] dump_stack_lvl+0x16c/0x1f0 [ 1238.987147][T21523] should_fail_ex+0x512/0x640 [ 1238.987198][T21523] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1238.987239][T21523] should_failslab+0xc2/0x120 [ 1238.987286][T21523] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1238.987326][T21523] ? __d_alloc+0x32/0xae0 [ 1238.987373][T21523] ? __d_alloc+0x32/0xae0 [ 1238.987408][T21523] __d_alloc+0x32/0xae0 [ 1238.987443][T21523] ? stack_trace_save+0x8e/0xc0 [ 1238.987487][T21523] d_alloc_parallel+0x111/0x1510 [ 1238.987542][T21523] ? kasan_save_stack+0x33/0x60 [ 1238.987580][T21523] ? __kasan_kmalloc+0xaa/0xb0 [ 1238.987621][T21523] ? __kmalloc_node_track_caller_noprof+0x345/0x8a0 [ 1238.987662][T21523] ? kstrdup+0x53/0x100 [ 1238.987694][T21523] ? debugfs_create_symlink+0x29/0x320 [ 1238.987726][T21523] ? ref_tracker_dir_symlink+0x255/0x360 [ 1238.987778][T21523] ? net_ns_net_init+0xd2/0x120 [ 1238.987810][T21523] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1238.987858][T21523] ? create_new_namespaces+0x3ea/0xa90 [ 1238.987901][T21523] ? lockdep_init_map_type+0x5c/0x280 [ 1238.987952][T21523] ? lockdep_init_map_type+0x5c/0x280 [ 1238.988007][T21523] __lookup_slow+0x193/0x460 [ 1238.988056][T21523] ? __pfx___lookup_slow+0x10/0x10 [ 1238.988111][T21523] ? lruvec_init+0x210/0x210 [ 1238.988166][T21523] ? lruvec_init+0x210/0x210 [ 1238.988211][T21523] ? d_lookup+0xe7/0x190 [ 1238.988265][T21523] lookup_noperm+0xe1/0x110 [ 1238.988314][T21523] simple_start_creating+0xd1/0x1b0 [ 1238.988372][T21523] debugfs_start_creating.part.0+0x82/0x190 [ 1238.988427][T21523] debugfs_create_symlink+0x81/0x320 [ 1238.988464][T21523] ref_tracker_dir_symlink+0x255/0x360 [ 1238.988519][T21523] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 1238.988577][T21523] ? __lock_acquire+0xb8a/0x1c90 [ 1238.988683][T21523] ? __pfx_net_ns_net_init+0x10/0x10 [ 1238.988716][T21523] net_ns_net_init+0xd2/0x120 [ 1238.988750][T21523] ops_init+0x1e2/0x5f0 [ 1238.988788][T21523] setup_net+0x100/0x390 [ 1238.988822][T21523] ? __pfx_setup_net+0x10/0x10 [ 1238.988858][T21523] ? debug_mutex_init+0x37/0x70 [ 1238.988897][T21523] copy_net_ns+0x2f8/0x690 [ 1238.988939][T21523] create_new_namespaces+0x3ea/0xa90 [ 1238.988987][T21523] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1238.989029][T21523] ksys_unshare+0x45b/0xa40 [ 1238.989075][T21523] ? __pfx_ksys_unshare+0x10/0x10 [ 1238.989119][T21523] ? xfd_validate_state+0x61/0x180 [ 1238.989179][T21523] __x64_sys_unshare+0x31/0x40 [ 1238.989222][T21523] do_syscall_64+0xcd/0xfa0 [ 1238.989262][T21523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1238.989297][T21523] RIP: 0033:0x7fe75098efc9 [ 1238.989325][T21523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1238.989360][T21523] RSP: 002b:00007fe75188a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1238.989393][T21523] RAX: ffffffffffffffda RBX: 00007fe750be5fa0 RCX: 00007fe75098efc9 [ 1238.989415][T21523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1238.989437][T21523] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1238.989459][T21523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1238.989480][T21523] R13: 00007fe750be6038 R14: 00007fe750be5fa0 R15: 00007ffcb25c5ab8 [ 1238.989528][T21523] [ 1239.335779][ C1] vkms_vblank_simulate: vblank timer overrun [ 1239.362490][T21517] netlink: zone id is out of range [ 1239.367694][T21517] netlink: zone id is out of range [ 1239.372936][T21517] netlink: zone id is out of range [ 1239.378097][T21517] netlink: zone id is out of range [ 1239.383292][T21517] netlink: zone id is out of range [ 1241.234494][ T30] audit: type=1800 audit(4294967338.424:26): pid=21545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4445" name="features" dev="configfs" ino=265022 res=0 errno=0 [ 1244.470702][T21569] can0: slcan on pty233. [ 1244.785629][T18135] usb usb38-port5: attempt power cycle [ 1244.834274][T21520] Format for deleting device is "id" (uint). [ 1244.895622][T21566] can0 (unregistered): slcan off pty233. [ 1245.317832][T21584] random: crng reseeded on system resumption [ 1245.393943][T18135] usb usb38-port5: unable to enumerate USB device [ 1247.961900][T21624] netlink: 'syz.6.4453': attribute type 1 has an invalid length. [ 1247.995191][T21624] netlink: 17 bytes leftover after parsing attributes in process `syz.6.4453'. [ 1254.171026][T21695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4462'. [ 1254.447070][T21703] netlink: 326 bytes leftover after parsing attributes in process `syz.5.4465'. [ 1254.839777][T21709] netlink: 2 bytes leftover after parsing attributes in process `syz.6.4466'. [ 1254.982464][T21709] FAULT_INJECTION: forcing a failure. [ 1254.982464][T21709] name failslab, interval 1, probability 0, space 0, times 0 [ 1255.051043][T21709] CPU: 1 UID: 0 PID: 21709 Comm: syz.6.4466 Not tainted syzkaller #0 PREEMPT(full) [ 1255.051088][T21709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1255.051109][T21709] Call Trace: [ 1255.051121][T21709] [ 1255.051136][T21709] dump_stack_lvl+0x16c/0x1f0 [ 1255.051179][T21709] should_fail_ex+0x512/0x640 [ 1255.051231][T21709] ? __kmalloc_noprof+0xca/0x880 [ 1255.051288][T21709] should_failslab+0xc2/0x120 [ 1255.051333][T21709] __kmalloc_noprof+0xdd/0x880 [ 1255.051385][T21709] ? tnode_new+0x25a/0x340 [ 1255.051444][T21709] ? tnode_new+0x25a/0x340 [ 1255.051493][T21709] tnode_new+0x25a/0x340 [ 1255.051556][T21709] resize+0x7a9/0x22a0 [ 1255.051611][T21709] fib_insert_alias+0x9b9/0xe30 [ 1255.051644][T21709] ? rtnl_trylock+0x1e/0x20 [ 1255.051695][T21709] fib_trie_unmerge+0x2f9/0xcb0 [ 1255.051739][T21709] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1255.051781][T21709] ? __pfx___mutex_lock+0x10/0x10 [ 1255.051830][T21709] fib_unmerge+0xf8/0x520 [ 1255.051869][T21709] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1255.051916][T21709] fib4_rule_configure+0x383/0x10c0 [ 1255.051974][T21709] fib_newrule+0x35c/0x1e60 [ 1255.052018][T21709] ? lockdep_hardirqs_on+0x7c/0x110 [ 1255.052062][T21709] ? __pfx_fib_newrule+0x10/0x10 [ 1255.052140][T21709] ? find_held_lock+0x2b/0x80 [ 1255.052174][T21709] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1255.052208][T21709] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1255.052242][T21709] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1255.052277][T21709] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1255.052314][T21709] rtnetlink_rcv_msg+0x95e/0xe90 [ 1255.052353][T21709] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1255.052400][T21709] ? ref_tracker_free+0x37c/0x830 [ 1255.052462][T21709] netlink_rcv_skb+0x158/0x420 [ 1255.052503][T21709] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1255.052542][T21709] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1255.052596][T21709] ? netlink_deliver_tap+0x1ae/0xd30 [ 1255.052661][T21709] netlink_unicast+0x5aa/0x870 [ 1255.052702][T21709] ? __pfx_netlink_unicast+0x10/0x10 [ 1255.052735][T21709] ? __pfx___might_resched+0x10/0x10 [ 1255.052785][T21709] netlink_sendmsg+0x8c8/0xdd0 [ 1255.052827][T21709] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1255.052867][T21709] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1255.052928][T21709] ____sys_sendmsg+0xa98/0xc70 [ 1255.052971][T21709] ? copy_msghdr_from_user+0x10a/0x160 [ 1255.053024][T21709] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1255.053072][T21709] ? kfree+0x252/0x6d0 [ 1255.053111][T21709] ___sys_sendmsg+0x134/0x1d0 [ 1255.053146][T21709] ? __pfx____sys_sendmsg+0x10/0x10 [ 1255.053240][T21709] ? __pfx___might_resched+0x10/0x10 [ 1255.053284][T21709] __sys_sendmmsg+0x200/0x420 [ 1255.053322][T21709] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1255.053369][T21709] ? __pfx_do_futex+0x10/0x10 [ 1255.053437][T21709] ? xfd_validate_state+0x61/0x180 [ 1255.053491][T21709] __x64_sys_sendmmsg+0x9c/0x100 [ 1255.053531][T21709] ? lockdep_hardirqs_on+0x7c/0x110 [ 1255.053570][T21709] do_syscall_64+0xcd/0xfa0 [ 1255.053611][T21709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1255.053646][T21709] RIP: 0033:0x7fe75098efc9 [ 1255.053674][T21709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1255.053707][T21709] RSP: 002b:00007fe751869038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1255.053739][T21709] RAX: ffffffffffffffda RBX: 00007fe750be6090 RCX: 00007fe75098efc9 [ 1255.053761][T21709] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1255.053781][T21709] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1255.053800][T21709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1255.053821][T21709] R13: 00007fe750be6128 R14: 00007fe750be6090 R15: 00007ffcb25c5ab8 [ 1255.053863][T21709] [ 1257.912515][T21748] Invalid ELF header magic: != ELF [ 1258.213828][T21719] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1258.254512][T21719] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1258.274342][T21719] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1258.294317][T21719] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1258.760689][T21760] random: crng reseeded on system resumption [ 1258.861382][T21763] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4473'. [ 1259.488076][ T5150] Bluetooth: hci3: command 0x0406 tx timeout [ 1260.157412][T21783] netlink: 25 bytes leftover after parsing attributes in process `syz.6.4477'. [ 1260.283664][ T5150] Bluetooth: hci5: command 0x0406 tx timeout [ 1260.284126][ T52] Bluetooth: hci4: command 0x0c1a tx timeout [ 1260.289759][ T5150] Bluetooth: hci1: command 0x0c1a tx timeout [ 1260.962972][T21803] input: 00 [ 1260.962972][T21803] as /devices/virtual/input/input35 [ 1261.452136][T21809] random: crng reseeded on system resumption [ 1262.072633][T21822] Console: switching to colour VGA+ 80x25 [ 1262.590794][T21830] Console: switching to colour frame buffer device 4x6 [ 1268.283536][T21923] ptrace attach of "./syz-executor exec"[6365] was attempted by ""[21923] [ 1269.441001][T21939] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.4499: iget: checksum invalid [ 1269.461605][T21939] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1269.474342][T21939] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.4499: iget: checksum invalid [ 1269.492905][T21939] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1269.533677][T21939] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.4499: iget: checksum invalid [ 1269.546277][T21939] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1269.561268][T21939] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.4499: iget: checksum invalid [ 1269.575891][T21939] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1269.585777][T21939] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1269.595877][T21939] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1271.929083][T21976] ima: policy update failed [ 1271.963193][ T30] audit: type=1802 audit(4294967369.324:27): pid=21976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.4504" res=0 errno=0 [ 1271.990698][T21976] netlink: 25 bytes leftover after parsing attributes in process `syz.5.4504'. [ 1272.814758][T21994] FAULT_INJECTION: forcing a failure. [ 1272.814758][T21994] name failslab, interval 1, probability 0, space 0, times 0 [ 1272.871722][T21994] CPU: 0 UID: 0 PID: 21994 Comm: syz.6.4506 Not tainted syzkaller #0 PREEMPT(full) [ 1272.871775][T21994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1272.871797][T21994] Call Trace: [ 1272.871809][T21994] [ 1272.871824][T21994] dump_stack_lvl+0x16c/0x1f0 [ 1272.871872][T21994] should_fail_ex+0x512/0x640 [ 1272.871921][T21994] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1272.871981][T21994] should_failslab+0xc2/0x120 [ 1272.872028][T21994] __kmalloc_cache_noprof+0x72/0x780 [ 1272.872086][T21994] ? percpu_ref_init+0xec/0x410 [ 1272.872136][T21994] ? percpu_ref_init+0xec/0x410 [ 1272.872176][T21994] ? __pfx_obj_cgroup_release+0x10/0x10 [ 1272.872209][T21994] percpu_ref_init+0xec/0x410 [ 1272.872260][T21994] ? kasan_save_track+0x14/0x30 [ 1272.872306][T21994] mem_cgroup_css_online+0x7e/0x640 [ 1272.872339][T21994] ? __pfx_mem_cgroup_css_online+0x10/0x10 [ 1272.872374][T21994] online_css+0xb2/0x350 [ 1272.872424][T21994] cgroup_apply_control_enable+0x702/0xbb0 [ 1272.872494][T21994] cgroup_mkdir+0x5e0/0x1310 [ 1272.872534][T21994] ? __pfx_cgroup_mkdir+0x10/0x10 [ 1272.872570][T21994] kernfs_iop_mkdir+0x111/0x190 [ 1272.872618][T21994] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 1272.872657][T21994] vfs_mkdir+0x593/0x8c0 [ 1272.872715][T21994] do_mkdirat+0x304/0x3e0 [ 1272.872756][T21994] ? __pfx_do_mkdirat+0x10/0x10 [ 1272.872798][T21994] ? getname_flags.part.0+0x1c5/0x550 [ 1272.872854][T21994] __x64_sys_mkdir+0xef/0x140 [ 1272.872894][T21994] do_syscall_64+0xcd/0xfa0 [ 1272.872941][T21994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1272.872977][T21994] RIP: 0033:0x7fe75098efc9 [ 1272.873006][T21994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1272.873039][T21994] RSP: 002b:00007fe75188a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1272.873074][T21994] RAX: ffffffffffffffda RBX: 00007fe750be5fa0 RCX: 00007fe75098efc9 [ 1272.873096][T21994] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 1272.873117][T21994] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1272.873138][T21994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1272.873158][T21994] R13: 00007fe750be6038 R14: 00007fe750be5fa0 R15: 00007ffcb25c5ab8 [ 1272.873203][T21994] [ 1274.693881][T22005] FAULT_INJECTION: forcing a failure. [ 1274.693881][T22005] name failslab, interval 1, probability 0, space 0, times 0 [ 1274.707553][T22005] CPU: 1 UID: 0 PID: 22005 Comm: syz.5.4508 Not tainted syzkaller #0 PREEMPT(full) [ 1274.707597][T22005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1274.707630][T22005] Call Trace: [ 1274.707642][T22005] [ 1274.707655][T22005] dump_stack_lvl+0x16c/0x1f0 [ 1274.707698][T22005] should_fail_ex+0x512/0x640 [ 1274.707746][T22005] ? fs_reclaim_acquire+0xae/0x150 [ 1274.707794][T22005] should_failslab+0xc2/0x120 [ 1274.707846][T22005] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1274.707882][T22005] ? __pfx_map_id_range_down+0x10/0x10 [ 1274.707935][T22005] ? security_inode_alloc+0x3b/0x2b0 [ 1274.707992][T22005] ? security_inode_alloc+0x3b/0x2b0 [ 1274.708040][T22005] security_inode_alloc+0x3b/0x2b0 [ 1274.708091][T22005] inode_init_always_gfp+0xce4/0x1030 [ 1274.708133][T22005] alloc_inode+0x86/0x240 [ 1274.708178][T22005] sock_alloc+0x40/0x280 [ 1274.708215][T22005] __sock_create+0xc1/0x8d0 [ 1274.708265][T22005] __sys_socket+0x14d/0x260 [ 1274.708310][T22005] ? __pfx___sys_socket+0x10/0x10 [ 1274.708361][T22005] ? do_user_addr_fault+0x843/0x1370 [ 1274.708399][T22005] __x64_sys_socket+0x72/0xb0 [ 1274.708448][T22005] ? lockdep_hardirqs_on+0x7c/0x110 [ 1274.708485][T22005] do_syscall_64+0xcd/0xfa0 [ 1274.708524][T22005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1274.708559][T22005] RIP: 0033:0x7f490eb90ee7 [ 1274.708585][T22005] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1274.708620][T22005] RSP: 002b:00007f490fac4fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 1274.708652][T22005] RAX: ffffffffffffffda RBX: 00007f490ede6090 RCX: 00007f490eb90ee7 [ 1274.708675][T22005] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1274.708696][T22005] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 1274.708718][T22005] R10: 0000200000000140 R11: 0000000000000286 R12: 0000000000000000 [ 1274.708739][T22005] R13: 00007f490ede6128 R14: 00007f490ede6090 R15: 00007ffcce06eca8 [ 1274.708786][T22005] [ 1275.023922][T22005] net_ratelimit: 417 callbacks suppressed [ 1275.023955][T22005] socket: no more sockets [ 1275.061733][T22015] FAULT_INJECTION: forcing a failure. [ 1275.061733][T22015] name failslab, interval 1, probability 0, space 0, times 0 [ 1275.186105][T22015] CPU: 0 UID: 0 PID: 22015 Comm: syz.4.4512 Not tainted syzkaller #0 PREEMPT(full) [ 1275.186159][T22015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1275.186181][T22015] Call Trace: [ 1275.186195][T22015] [ 1275.186212][T22015] dump_stack_lvl+0x16c/0x1f0 [ 1275.186260][T22015] should_fail_ex+0x512/0x640 [ 1275.186320][T22015] ? __kmalloc_noprof+0xca/0x880 [ 1275.186382][T22015] should_failslab+0xc2/0x120 [ 1275.186431][T22015] __kmalloc_noprof+0xdd/0x880 [ 1275.186486][T22015] ? kasan_quarantine_put+0x10a/0x240 [ 1275.186524][T22015] ? lockdep_hardirqs_on+0x7c/0x110 [ 1275.186560][T22015] ? constrain_params_by_rules+0x175/0xca0 [ 1275.186617][T22015] ? constrain_params_by_rules+0x175/0xca0 [ 1275.186662][T22015] constrain_params_by_rules+0x175/0xca0 [ 1275.186703][T22015] ? rcu_is_watching+0x12/0xc0 [ 1275.186746][T22015] ? constrain_params_by_rules+0xa09/0xca0 [ 1275.186794][T22015] ? constrain_params_by_rules+0xa0e/0xca0 [ 1275.186848][T22015] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1275.186903][T22015] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1275.186948][T22015] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1275.186997][T22015] ? snd_pcm_oss_sync+0x32e/0x840 [ 1275.187072][T22015] ? snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 1275.187132][T22015] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1275.187188][T22015] ? snd_interval_refine+0x2fa/0x580 [ 1275.187234][T22015] snd_pcm_hw_refine+0x7de/0xad0 [ 1275.187300][T22015] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1275.187366][T22015] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1275.187433][T22015] snd_pcm_hw_param_first+0x334/0x6f0 [ 1275.187497][T22015] snd_pcm_hw_param_near.constprop.0+0x702/0x8e0 [ 1275.187567][T22015] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1275.187616][T22015] ? __asan_memset+0x23/0x50 [ 1275.187647][T22015] ? calc_src_frames.isra.0+0x187/0x1d0 [ 1275.187694][T22015] ? calc_dst_frames.constprop.0.isra.0+0x103/0x130 [ 1275.187750][T22015] snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 1275.187813][T22015] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1275.187890][T22015] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1275.187936][T22015] snd_pcm_oss_sync+0x32e/0x840 [ 1275.187984][T22015] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1275.188038][T22015] snd_pcm_oss_release+0x28b/0x310 [ 1275.188088][T22015] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1275.188132][T22015] __fput+0x402/0xb70 [ 1275.188190][T22015] task_work_run+0x150/0x240 [ 1275.188243][T22015] ? __pfx_task_work_run+0x10/0x10 [ 1275.188293][T22015] ? __pfx___do_sys_close_range+0x10/0x10 [ 1275.188338][T22015] exit_to_user_mode_loop+0xec/0x130 [ 1275.188390][T22015] do_syscall_64+0x426/0xfa0 [ 1275.188429][T22015] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1275.188464][T22015] RIP: 0033:0x7f75ce38efc9 [ 1275.188492][T22015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1275.188526][T22015] RSP: 002b:00007f75cf145038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1275.188559][T22015] RAX: 0000000000000000 RBX: 00007f75ce5e5fa0 RCX: 00007f75ce38efc9 [ 1275.188580][T22015] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1275.188600][T22015] RBP: 00007f75ce411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1275.188621][T22015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1275.188641][T22015] R13: 00007f75ce5e6038 R14: 00007f75ce5e5fa0 R15: 00007ffc6f8b5a18 [ 1275.188686][T22015] [ 1276.552926][T22031] FAULT_INJECTION: forcing a failure. [ 1276.552926][T22031] name failslab, interval 1, probability 0, space 0, times 0 [ 1276.606859][T22031] CPU: 1 UID: 0 PID: 22031 Comm: syz.4.4516 Not tainted syzkaller #0 PREEMPT(full) [ 1276.606904][T22031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1276.606924][T22031] Call Trace: [ 1276.606936][T22031] [ 1276.606949][T22031] dump_stack_lvl+0x16c/0x1f0 [ 1276.607000][T22031] should_fail_ex+0x512/0x640 [ 1276.607050][T22031] ? __kmalloc_noprof+0xca/0x880 [ 1276.607108][T22031] should_failslab+0xc2/0x120 [ 1276.607152][T22031] __kmalloc_noprof+0xdd/0x880 [ 1276.607204][T22031] ? usb_hcd_submit_urb+0x5cf/0x1c60 [ 1276.607252][T22031] ? usb_hcd_submit_urb+0x5cf/0x1c60 [ 1276.607290][T22031] usb_hcd_submit_urb+0x5cf/0x1c60 [ 1276.607342][T22031] usb_submit_urb+0x89f/0x1990 [ 1276.607394][T22031] ? __init_swait_queue_head+0xca/0x150 [ 1276.607451][T22031] usb_start_wait_urb+0x104/0x4b0 [ 1276.607502][T22031] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 1276.607563][T22031] ? __asan_memset+0x23/0x50 [ 1276.607604][T22031] usb_control_msg+0x326/0x4a0 [ 1276.607652][T22031] ? __pfx_usb_control_msg+0x10/0x10 [ 1276.607710][T22031] hub_ext_port_status+0x14e/0x670 [ 1276.607769][T22031] hub_activate+0x6e5/0x1d60 [ 1276.607829][T22031] ? __pfx_hub_activate+0x10/0x10 [ 1276.607873][T22031] ? find_held_lock+0x2b/0x80 [ 1276.607909][T22031] ? async_completed+0xb10/0xc60 [ 1276.607961][T22031] hub_resume+0xa8/0x3f0 [ 1276.608022][T22031] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1276.608066][T22031] ? __pfx_hub_resume+0x10/0x10 [ 1276.608112][T22031] ? __pfx_hcd_bus_resume+0x10/0x10 [ 1276.608161][T22031] usb_resume_interface.constprop.0.isra.0+0x2c5/0x3e0 [ 1276.608206][T22031] usb_resume_both+0x237/0x960 [ 1276.608243][T22031] ? __pfx_usb_resume_both+0x10/0x10 [ 1276.608280][T22031] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1276.608324][T22031] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1276.608366][T22031] __rpm_callback+0xc8/0x610 [ 1276.608413][T22031] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1276.608458][T22031] rpm_callback+0x1b7/0x200 [ 1276.608501][T22031] ? __pfx_usb_runtime_resume+0x10/0x10 [ 1276.608539][T22031] rpm_resume+0xd16/0x1320 [ 1276.608592][T22031] ? __pfx_rpm_resume+0x10/0x10 [ 1276.608634][T22031] ? do_raw_spin_lock+0x12c/0x2b0 [ 1276.608687][T22031] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1276.608757][T22031] __pm_runtime_resume+0xb6/0x170 [ 1276.608806][T22031] usb_autoresume_device+0x23/0xe0 [ 1276.608847][T22031] usbdev_open+0x228/0x8b0 [ 1276.608889][T22031] ? kobject_get_unless_zero+0x156/0x1e0 [ 1276.608929][T22031] ? __pfx_usbdev_open+0x10/0x10 [ 1276.608976][T22031] ? chrdev_open+0x10b/0x6a0 [ 1276.609024][T22031] ? __pfx_usbdev_open+0x10/0x10 [ 1276.609062][T22031] chrdev_open+0x234/0x6a0 [ 1276.609099][T22031] ? __pfx_apparmor_file_open+0x10/0x10 [ 1276.609149][T22031] ? __pfx_chrdev_open+0x10/0x10 [ 1276.609192][T22031] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1276.609237][T22031] do_dentry_open+0x982/0x1530 [ 1276.609276][T22031] ? __pfx_chrdev_open+0x10/0x10 [ 1276.609325][T22031] vfs_open+0x82/0x3f0 [ 1276.609377][T22031] path_openat+0x1de4/0x2cb0 [ 1276.609432][T22031] ? __pfx_path_openat+0x10/0x10 [ 1276.609474][T22031] ? __lock_acquire+0xb8a/0x1c90 [ 1276.609523][T22031] do_filp_open+0x20b/0x470 [ 1276.609563][T22031] ? __pfx_do_filp_open+0x10/0x10 [ 1276.609632][T22031] ? alloc_fd+0x471/0x7d0 [ 1276.609679][T22031] do_sys_openat2+0x11b/0x1d0 [ 1276.609730][T22031] ? __pfx_do_sys_openat2+0x10/0x10 [ 1276.609797][T22031] __x64_sys_openat+0x174/0x210 [ 1276.609851][T22031] ? __pfx___x64_sys_openat+0x10/0x10 [ 1276.609920][T22031] do_syscall_64+0xcd/0xfa0 [ 1276.609962][T22031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1276.610007][T22031] RIP: 0033:0x7f75ce38efc9 [ 1276.610035][T22031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1276.610070][T22031] RSP: 002b:00007f75cf145038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1276.610105][T22031] RAX: ffffffffffffffda RBX: 00007f75ce5e5fa0 RCX: 00007f75ce38efc9 [ 1276.610129][T22031] RDX: 0000000000020882 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 1276.610152][T22031] RBP: 00007f75ce411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1276.610174][T22031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1276.610197][T22031] R13: 00007f75ce5e6038 R14: 00007f75ce5e5fa0 R15: 00007ffc6f8b5a18 [ 1276.610244][T22031] [ 1277.218735][T22031] hub 37-0:1.0: hub_ext_port_status failed (err = -12) [ 1279.266415][T22056] mkiss: ax0: crc mode is auto. [ 1280.161012][T22074] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1280.250878][T22074] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1280.257011][T22074] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1280.305219][T22074] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1282.250383][T18931] Bluetooth: hci3: command 0x0406 tx timeout [ 1282.329025][T18931] Bluetooth: hci5: command 0x0406 tx timeout [ 1282.335208][T18931] Bluetooth: hci4: command 0x0c1a tx timeout [ 1282.341726][ T5150] Bluetooth: hci1: command 0x0c1a tx timeout [ 1283.701884][T22104] input: jJǸ-9%vJ86 as /devices/virtual/input/input36 [ 1283.908775][T22106] usb usb24: usbfs: process 22106 (syz.0.4528) did not claim interface 0 before use [ 1285.191353][T22114] hub 1-0:1.0: USB hub found [ 1285.203669][T22114] hub 1-0:1.0: 1 port detected [ 1286.329690][T22127] Console: switching to colour VGA+ 80x25 [ 1286.374717][T22132] [U]  [ 1286.374823][T22132] [U] [ 1286.374887][T22132] [U] [ 1286.374950][T22132] [U] [ 1286.375232][T22132] [U] [ 1286.375305][T22132] [U] [ 1286.375369][T22132] [U] [ 1286.375433][T22132] [U] [ 1286.377408][T22132] [U] [ 1286.377479][T22132] [U] [ 1286.377544][T22132] [U] [ 1286.377605][T22132] [U] [ 1286.378019][T22132] [U] [ 1286.378086][T22132] [U] [ 1286.378152][T22132] [U] [ 1286.378215][T22132] [U] [ 1286.378618][T22132] [U] [ 1286.378680][T22132] [U] [ 1286.378744][T22132] [U] [ 1286.378805][T22132] [U] [ 1286.379093][T22132] [U] [ 1286.379158][T22132] [U] [ 1286.379218][T22132] [U] [ 1286.379290][T22132] [U] [ 1286.379648][T22132] [U] [ 1286.379713][T22132] [U] [ 1286.379778][T22132] [U] [ 1286.379841][T22132] [U] [ 1286.380126][T22132] [U] [ 1286.380190][T22132] [U] [ 1286.380258][T22132] [U] [ 1286.380320][T22132] [U] [ 1286.380664][T22132] [U] [ 1286.380727][T22132] [U] [ 1286.380789][T22132] [U] [ 1286.380852][T22132] [U] [ 1286.381134][T22132] [U] [ 1286.381195][T22132] [U] [ 1286.381263][T22132] [U] [ 1286.381326][T22132] [U] [ 1286.381668][T22132] [U] [ 1286.381733][T22132] [U] [ 1286.381797][T22132] [U] [ 1286.381859][T22132] [U] [ 1286.382142][T22132] [U] [ 1286.382206][T22132] [U] [ 1286.382278][T22132] [U] [ 1286.382342][T22132] [U] [ 1286.382694][T22132] [U] [ 1286.382758][T22132] [U] [ 1286.382822][T22132] [U] [ 1286.382886][T22132] [U] [ 1286.383173][T22132] [U] [ 1286.383237][T22132] [U] [ 1286.383306][T22132] [U] [ 1286.383368][T22132] [U] [ 1286.383703][T22132] [U] [ 1286.383769][T22132] [U] [ 1286.383833][T22132] [U] [ 1286.383894][T22132] [U] [ 1286.384184][T22132] [U] [ 1286.384248][T22132] [U] [ 1286.384320][T22132] [U] [ 1286.384384][T22132] [U] [ 1286.384731][T22132] [U] [ 1286.384795][T22132] [U] [ 1286.384858][T22132] [U] [ 1286.384920][T22132] [U] [ 1286.385218][T22132] [U] [ 1286.385290][T22132] [U] [ 1286.385354][T22132] [U] [ 1286.385419][T22132] [U] [ 1286.385769][T22132] [U] [ 1286.385835][T22132] [U] [ 1286.385899][T22132] [U] [ 1286.385959][T22132] [U] [ 1286.386246][T22132] [U] [ 1286.386318][T22132] [U] [ 1286.386382][T22132] [U] [ 1286.386446][T22132] [U] [ 1286.386794][T22132] [U] [ 1286.386860][T22132] [U] [ 1286.386922][T22132] [U] [ 1286.386986][T22132] [U] [ 1286.387280][T22132] [U] [ 1286.387344][T22132] [U] [ 1286.387407][T22132] [U] [ 1286.387470][T22132] [U] [ 1286.408494][T22132] [U] [ 1286.408567][T22132] [U] [ 1286.408631][T22132] [U] [ 1286.408696][T22132] [U] [ 1286.408984][T22132] [U] [ 1286.409049][T22132] [U] [ 1286.409113][T22132] [U] [ 1286.409177][T22132] [U] [ 1286.409570][T22132] [U] [ 1286.409635][T22132] [U] [ 1286.409698][T22132] [U] [ 1286.409762][T22132] [U] [ 1286.410048][T22132] [U] [ 1286.410114][T22132] [U] [ 1286.410178][T22132] [U] [ 1286.410243][T22132] [U] [ 1286.410609][T22132] [U] [ 1286.410675][T22132] [U] [ 1286.410739][T22132] [U] [ 1286.410798][T22132] [U] [ 1286.411078][T22132] [U] [ 1286.411141][T22132] [U] [ 1286.411205][T22132] [U] [ 1286.411277][T22132] [U] [ 1286.411631][T22132] [U] [ 1286.411692][T22132] [U] [ 1286.411753][T22132] [U] [ 1286.411810][T22132] [U] [ 1286.412071][T22132] [U] [ 1286.412134][T22132] [U] [ 1286.412194][T22132] [U] [ 1286.412259][T22132] [U] [ 1286.412612][T22132] [U] [ 1286.412677][T22132] [U] [ 1286.412738][T22132] [U] [ 1286.412793][T22132] [U] [ 1286.413014][T22132] [U] [ 1286.413074][T22132] [U] [ 1286.413139][T22132] [U] [ 1286.524781][T22132] [U] [ 1287.868143][T22153] qrtr: Invalid version 0 [ 1288.598767][T22124] Console: switching to colour frame buffer device 4x6 [ 1289.795533][ T30] audit: type=1804 audit(4294967387.246:28): pid=22166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.4542" name="/newroot/1052/file0" dev="tmpfs" ino=5513 res=1 errno=0 [ 1290.353453][T22183] ubi0: attaching mtd0 [ 1290.369282][T22183] ubi0: scanning is finished [ 1290.396916][T22183] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1291.155967][T22183] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1291.845199][T22206] netlink: 9 bytes leftover after parsing attributes in process `syz.4.4549'. [ 1294.899672][T18931] Bluetooth: hci4: unexpected subevent 0x12 length: 123 > 5 [ 1295.971091][ T30] audit: type=1804 audit(4294967393.458:29): pid=22239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.4554" name="/newroot/705/file0" dev="tmpfs" ino=3697 res=1 errno=0 [ 1297.296702][T22255] netlink: 326 bytes leftover after parsing attributes in process `syz.0.4557'. [ 1297.324190][T22256] ubi0: attaching mtd0 [ 1297.352473][T22256] ubi0: scanning is finished [ 1297.395912][T22256] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1297.992361][T22256] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1299.843433][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1299.850026][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1301.302253][T22303] qrtr: Invalid version 0 [ 1304.351366][T18931] Bluetooth: hci1: unexpected event 0x3e length: 728 > 260 [ 1304.351414][T18931] Bluetooth: hci1: unexpected subevent 0x03 length: 727 > 9 [ 1305.254197][T22347] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 1305.254197][T22347] M' is too long [ 1305.299603][T22347] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 1305.299603][T22347] W ' is too long [ 1305.608153][T22341] random: crng reseeded on system resumption [ 1306.837726][T22358] ubi0: attaching mtd0 [ 1306.856550][T22358] ubi0: scanning is finished [ 1306.888515][T22358] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1307.345288][T22358] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1307.887012][ T30] audit: type=1804 audit(4294967405.420:30): pid=22369 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4581" name="/newroot/1209/file0" dev="tmpfs" ino=6329 res=1 errno=0 [ 1308.375462][T22380] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1311.301242][T22410] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 1311.301242][T22410] M' is too long [ 1311.335715][T22410] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 1311.335715][T22410] W ' is too long [ 1311.398445][T22411] random: crng reseeded on system resumption [ 1314.920384][T22436] ubi0: attaching mtd0 [ 1314.926690][T22436] ubi0: scanning is finished [ 1315.034085][ T30] audit: type=1804 audit(4294967412.618:31): pid=22431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.4594" name="/newroot/1065/file0" dev="tmpfs" ino=5582 res=1 errno=0 [ 1315.078761][T22436] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1315.558879][T22436] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1318.035976][T22465] nbd: socks must be embedded in a SOCK_ITEM attr [ 1324.038250][ T30] audit: type=1804 audit(4294967421.664:32): pid=22513 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4606" name="/newroot/1216/file0" dev="tmpfs" ino=6367 res=1 errno=0 [ 1327.676297][T22550] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1327.707774][T22550] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1327.723596][T22550] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1327.762970][T22550] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1329.684059][T18931] Bluetooth: hci3: command 0x0406 tx timeout [ 1329.762432][T18931] Bluetooth: hci5: command 0x0406 tx timeout [ 1329.768567][T18931] Bluetooth: hci4: command 0x0c1a tx timeout [ 1329.774749][ T5150] Bluetooth: hci1: command 0x0c1a tx timeout [ 1330.325693][T22576] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1336.329342][T22623] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 1336.329342][T22623] M' is too long [ 1336.341131][T22623] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 1336.341131][T22623] W ' is too long [ 1339.323243][T22655] zswap: compressor not available [ 1341.452848][T22674] FAULT_INJECTION: forcing a failure. [ 1341.452848][T22674] name failslab, interval 1, probability 0, space 0, times 0 [ 1341.482136][T22674] CPU: 1 UID: 0 PID: 22674 Comm: syz.4.4635 Not tainted syzkaller #0 PREEMPT(full) [ 1341.482181][T22674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1341.482202][T22674] Call Trace: [ 1341.482214][T22674] [ 1341.482227][T22674] dump_stack_lvl+0x16c/0x1f0 [ 1341.482270][T22674] should_fail_ex+0x512/0x640 [ 1341.482319][T22674] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1341.482357][T22674] should_failslab+0xc2/0x120 [ 1341.482402][T22674] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1341.482438][T22674] ? __proc_create+0x2ce/0x8e0 [ 1341.482489][T22674] ? __proc_create+0x2ce/0x8e0 [ 1341.482532][T22674] __proc_create+0x2ce/0x8e0 [ 1341.482590][T22674] ? __pfx___proc_create+0x10/0x10 [ 1341.482655][T22674] proc_mkdir+0x81/0x170 [ 1341.482702][T22674] ? __pfx_proc_mkdir+0x10/0x10 [ 1341.482748][T22674] ? cache_register_net+0x137/0x5e0 [ 1341.482796][T22674] cache_register_net+0x18f/0x5e0 [ 1341.482839][T22674] nfsd_idmap_init+0xb6/0x250 [ 1341.482877][T22674] ? __pfx_nfsd_net_init+0x10/0x10 [ 1341.482925][T22674] nfsd_net_init+0x69/0x3d0 [ 1341.482983][T22674] ? __pfx_nfsd_net_init+0x10/0x10 [ 1341.483031][T22674] ops_init+0x1e2/0x5f0 [ 1341.483069][T22674] setup_net+0x100/0x390 [ 1341.483103][T22674] ? __pfx_setup_net+0x10/0x10 [ 1341.483137][T22674] ? debug_mutex_init+0x37/0x70 [ 1341.483176][T22674] copy_net_ns+0x2f8/0x690 [ 1341.483219][T22674] create_new_namespaces+0x3ea/0xa90 [ 1341.483263][T22674] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1341.483300][T22674] ksys_unshare+0x45b/0xa40 [ 1341.483339][T22674] ? __pfx_ksys_unshare+0x10/0x10 [ 1341.483392][T22674] __x64_sys_unshare+0x31/0x40 [ 1341.483431][T22674] do_syscall_64+0xcd/0xfa0 [ 1341.483468][T22674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1341.483499][T22674] RIP: 0033:0x7f75ce38efc9 [ 1341.483526][T22674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1341.483559][T22674] RSP: 002b:00007f75cc5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1341.483598][T22674] RAX: ffffffffffffffda RBX: 00007f75ce5e6090 RCX: 00007f75ce38efc9 [ 1341.483618][T22674] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1341.483637][T22674] RBP: 00007f75ce411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1341.483658][T22674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1341.483677][T22674] R13: 00007f75ce5e6128 R14: 00007f75ce5e6090 R15: 00007ffc6f8b5a18 [ 1341.483719][T22674] [ 1350.598846][T22764] futex_wake_op: syz.6.4656 tries to shift op by -9; fix this program [ 1351.723228][T22790] mkiss: ax0: crc mode is auto. [ 1351.955159][T22780] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1351.967078][T22780] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1352.038770][T22780] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1352.066594][T22780] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1353.241866][T22814] Bluetooth: hci3: command 0x0406 tx timeout [ 1354.045951][T22814] Bluetooth: hci4: command 0x0c1a tx timeout [ 1354.052410][T22814] Bluetooth: hci1: command 0x0c1a tx timeout [ 1354.125623][T22823] Bluetooth: hci5: command 0x0406 tx timeout [ 1355.051717][T22823] Bluetooth: hci5: unexpected event 0x3e length: 728 > 260 [ 1355.051753][T22823] Bluetooth: hci5: unexpected subevent 0x0c length: 727 > 5 [ 1355.183463][T22833] FAULT_INJECTION: forcing a failure. [ 1355.183463][T22833] name failslab, interval 1, probability 0, space 0, times 0 [ 1355.248799][T22833] CPU: 0 UID: 0 PID: 22833 Comm: syz.6.4668 Not tainted syzkaller #0 PREEMPT(full) [ 1355.248852][T22833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1355.248874][T22833] Call Trace: [ 1355.248886][T22833] [ 1355.248900][T22833] dump_stack_lvl+0x16c/0x1f0 [ 1355.248936][T22833] should_fail_ex+0x512/0x640 [ 1355.248973][T22833] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1355.249008][T22833] should_failslab+0xc2/0x120 [ 1355.249041][T22833] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1355.249072][T22833] ? kstrdup_const+0x63/0x80 [ 1355.249108][T22833] ? kstrdup+0x53/0x100 [ 1355.249140][T22833] kstrdup+0x53/0x100 [ 1355.249177][T22833] kstrdup_const+0x63/0x80 [ 1355.249214][T22833] kvasprintf_const+0x10f/0x1a0 [ 1355.249251][T22833] kobject_set_name_vargs+0x5a/0x140 [ 1355.249298][T22833] dev_set_name+0xc7/0x100 [ 1355.249334][T22833] ? __pfx_dev_set_name+0x10/0x10 [ 1355.249365][T22833] ? lockdep_init_map_type+0x5c/0x280 [ 1355.249401][T22833] ? __init_waitqueue_head+0xca/0x150 [ 1355.249449][T22833] netdev_register_kobject+0xc5/0x3d0 [ 1355.249482][T22833] register_netdevice+0x13dc/0x2270 [ 1355.249515][T22833] ? __pfx_register_netdevice+0x10/0x10 [ 1355.249552][T22833] ppp_dev_configure+0xa1e/0xd40 [ 1355.249594][T22833] ppp_ioctl+0x170e/0x2880 [ 1355.249626][T22833] ? lockdep_hardirqs_on+0x7c/0x110 [ 1355.249655][T22833] ? __pfx_ppp_ioctl+0x10/0x10 [ 1355.249701][T22833] ? __pfx_ppp_ioctl+0x10/0x10 [ 1355.249736][T22833] __x64_sys_ioctl+0x18e/0x210 [ 1355.249774][T22833] do_syscall_64+0xcd/0xfa0 [ 1355.249814][T22833] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1355.249846][T22833] RIP: 0033:0x7fe75098efc9 [ 1355.249871][T22833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1355.249906][T22833] RSP: 002b:00007fe75188a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1355.249940][T22833] RAX: ffffffffffffffda RBX: 00007fe750be5fa0 RCX: 00007fe75098efc9 [ 1355.249962][T22833] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000008 [ 1355.249984][T22833] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1355.250005][T22833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1355.250025][T22833] R13: 00007fe750be6038 R14: 00007fe750be5fa0 R15: 00007ffcb25c5ab8 [ 1355.250072][T22833] [ 1356.329211][T22848] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4672'. [ 1356.359460][T22848] netlink: 354 bytes leftover after parsing attributes in process `syz.6.4672'. [ 1356.855468][T22842] netlink: 268 bytes leftover after parsing attributes in process `syz.0.4670'. [ 1357.000610][T22842] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4670: iget: checksum invalid [ 1357.001038][T22842] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1357.001243][T22842] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4670: iget: checksum invalid [ 1357.001423][T22842] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1357.001576][T22842] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4670: iget: checksum invalid [ 1357.001781][T22842] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1357.002005][T22842] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4670: iget: checksum invalid [ 1357.002175][T22842] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1357.002210][T22842] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1357.002234][T22842] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1359.813410][T22901] netlink: 330 bytes leftover after parsing attributes in process `syz.6.4683'. [ 1360.973739][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1361.013801][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1361.790308][T22936] ptrace attach of "./syz-executor exec"[11534] was attempted by ""[22936] [ 1362.984250][T22961] blktrace: Concurrent blktraces are not allowed on loop2 [ 1364.010208][T22978] netlink: 2 bytes leftover after parsing attributes in process `syz.5.4698'. [ 1364.047114][T22978] FAULT_INJECTION: forcing a failure. [ 1364.047114][T22978] name failslab, interval 1, probability 0, space 0, times 0 [ 1364.065341][T22978] CPU: 0 UID: 0 PID: 22978 Comm: syz.5.4698 Not tainted syzkaller #0 PREEMPT(full) [ 1364.065389][T22978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1364.065411][T22978] Call Trace: [ 1364.065425][T22978] [ 1364.065439][T22978] dump_stack_lvl+0x16c/0x1f0 [ 1364.065482][T22978] should_fail_ex+0x512/0x640 [ 1364.065533][T22978] ? __kmalloc_noprof+0xca/0x880 [ 1364.065591][T22978] should_failslab+0xc2/0x120 [ 1364.065638][T22978] __kmalloc_noprof+0xdd/0x880 [ 1364.065692][T22978] ? tnode_new+0x25a/0x340 [ 1364.065751][T22978] ? tnode_new+0x25a/0x340 [ 1364.065800][T22978] tnode_new+0x25a/0x340 [ 1364.065857][T22978] fib_insert_alias+0x6ee/0xe30 [ 1364.065894][T22978] ? lockdep_rtnl_is_held+0x26/0x40 [ 1364.065958][T22978] fib_trie_unmerge+0x2f9/0xcb0 [ 1364.066003][T22978] ? __pfx_fib_trie_unmerge+0x10/0x10 [ 1364.066038][T22978] ? fib_nl2rule.constprop.0+0x315/0x1c10 [ 1364.066077][T22978] ? __pfx___mutex_lock+0x10/0x10 [ 1364.066132][T22978] fib_unmerge+0xf8/0x520 [ 1364.066173][T22978] ? __pfx_fib_nl2rule.constprop.0+0x10/0x10 [ 1364.066213][T22978] fib4_rule_configure+0x383/0x10c0 [ 1364.066271][T22978] fib_newrule+0x35c/0x1e60 [ 1364.066306][T22978] ? perf_trace_xdp_redirect_template+0x177/0x710 [ 1364.066352][T22978] ? __kernel_text_address+0xd/0x40 [ 1364.066387][T22978] ? arch_stack_walk+0xa6/0x100 [ 1364.066422][T22978] ? __pfx_fib_newrule+0x10/0x10 [ 1364.066500][T22978] ? find_held_lock+0x2b/0x80 [ 1364.066535][T22978] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1364.066570][T22978] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1364.066604][T22978] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 1364.066641][T22978] ? __pfx_fib_nl_newrule+0x10/0x10 [ 1364.066678][T22978] rtnetlink_rcv_msg+0x95e/0xe90 [ 1364.066717][T22978] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1364.066762][T22978] ? __lock_acquire+0x622/0x1c90 [ 1364.066817][T22978] netlink_rcv_skb+0x158/0x420 [ 1364.066854][T22978] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 1364.066891][T22978] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1364.066952][T22978] ? netlink_deliver_tap+0x1ae/0xd30 [ 1364.067018][T22978] netlink_unicast+0x5aa/0x870 [ 1364.067062][T22978] ? __pfx_netlink_unicast+0x10/0x10 [ 1364.067098][T22978] ? __pfx___might_resched+0x10/0x10 [ 1364.067147][T22978] netlink_sendmsg+0x8c8/0xdd0 [ 1364.067189][T22978] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1364.067232][T22978] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1364.067289][T22978] ____sys_sendmsg+0xa98/0xc70 [ 1364.067334][T22978] ? copy_msghdr_from_user+0x10a/0x160 [ 1364.067391][T22978] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1364.067439][T22978] ? kfree+0x252/0x6d0 [ 1364.067479][T22978] ___sys_sendmsg+0x134/0x1d0 [ 1364.067515][T22978] ? __pfx____sys_sendmsg+0x10/0x10 [ 1364.067611][T22978] ? __pfx___might_resched+0x10/0x10 [ 1364.067657][T22978] __sys_sendmmsg+0x200/0x420 [ 1364.067696][T22978] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1364.067742][T22978] ? __pfx_do_futex+0x10/0x10 [ 1364.067816][T22978] ? xfd_validate_state+0x61/0x180 [ 1364.067875][T22978] __x64_sys_sendmmsg+0x9c/0x100 [ 1364.067907][T22978] ? lockdep_hardirqs_on+0x7c/0x110 [ 1364.067952][T22978] do_syscall_64+0xcd/0xfa0 [ 1364.067992][T22978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1364.068027][T22978] RIP: 0033:0x7f490eb8efc9 [ 1364.068055][T22978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1364.068088][T22978] RSP: 002b:00007f490fac6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1364.068122][T22978] RAX: ffffffffffffffda RBX: 00007f490ede6090 RCX: 00007f490eb8efc9 [ 1364.068145][T22978] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 1364.068167][T22978] RBP: 00007f490ec11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1364.068189][T22978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1364.068210][T22978] R13: 00007f490ede6128 R14: 00007f490ede6090 R15: 00007ffcce06eca8 [ 1364.068257][T22978] [ 1367.036796][T23014] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4714'. [ 1369.749278][T23051] random: crng reseeded on system resumption [ 1370.902540][T23066] program syz.6.4715 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1371.484406][T23072] random: crng reseeded on system resumption [ 1374.453704][T23115] random: crng reseeded on system resumption [ 1376.032531][ T30] audit: type=1804 audit(4294967317.736:33): pid=23145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.4731" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1049 res=1 errno=0 [ 1378.267847][T23178] random: crng reseeded on system resumption [ 1380.867414][T23189] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1380.873587][T23189] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1380.926468][T23189] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1380.933943][T23189] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1382.070380][T22823] Bluetooth: hci3: command 0x0406 tx timeout [ 1382.925780][T22823] Bluetooth: hci5: command 0x0406 tx timeout [ 1382.931954][T22823] Bluetooth: hci4: command 0x0c1a tx timeout [ 1382.938200][T22796] Bluetooth: hci1: command 0x0c1a tx timeout [ 1382.977839][T23231] FAULT_INJECTION: forcing a failure. [ 1382.977839][T23231] name failslab, interval 1, probability 0, space 0, times 0 [ 1383.155940][T23231] CPU: 0 UID: 0 PID: 23231 Comm: syz.5.4750 Not tainted syzkaller #0 PREEMPT(full) [ 1383.155988][T23231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1383.156009][T23231] Call Trace: [ 1383.156022][T23231] [ 1383.156035][T23231] dump_stack_lvl+0x16c/0x1f0 [ 1383.156080][T23231] should_fail_ex+0x512/0x640 [ 1383.156140][T23231] should_failslab+0xc2/0x120 [ 1383.156191][T23231] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1383.156226][T23231] ? __pfx___alloc_skb+0x10/0x10 [ 1383.156277][T23231] ? sctp_chunkify+0x51/0x2d0 [ 1383.156338][T23231] ? sctp_chunkify+0x51/0x2d0 [ 1383.156389][T23231] sctp_chunkify+0x51/0x2d0 [ 1383.156447][T23231] _sctp_make_chunk+0x148/0x270 [ 1383.156508][T23231] sctp_make_shutdown_ack+0x2e/0x340 [ 1383.156545][T23231] sctp_sf_do_9_2_shutdown_ack+0x321/0x7c0 [ 1383.156600][T23231] ? __pfx_sctp_cname+0x10/0x10 [ 1383.156634][T23231] sctp_do_sm+0x181/0x5c80 [ 1383.156688][T23231] ? sctp_outq_flush+0xba2/0x3350 [ 1383.156752][T23231] ? mark_held_locks+0x49/0x80 [ 1383.156799][T23231] ? __pfx_sctp_do_sm+0x10/0x10 [ 1383.156849][T23231] ? __pfx_sctp_outq_flush+0x10/0x10 [ 1383.156950][T23231] ? ktime_get+0x200/0x310 [ 1383.156993][T23231] ? lockdep_hardirqs_on+0x7c/0x110 [ 1383.157040][T23231] sctp_assoc_bh_rcv+0x392/0x6f0 [ 1383.157099][T23231] sctp_inq_push+0x1db/0x270 [ 1383.157148][T23231] sctp_backlog_rcv+0x169/0x590 [ 1383.157207][T23231] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 1383.157261][T23231] __release_sock+0x3a9/0x450 [ 1383.157295][T23231] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1383.157340][T23231] release_sock+0x5a/0x220 [ 1383.157373][T23231] sctp_close+0x464/0x940 [ 1383.157423][T23231] ? __pfx_sctp_close+0x10/0x10 [ 1383.157464][T23231] ? lock_acquire+0x1c/0x350 [ 1383.157520][T23231] ? ip_mc_drop_socket+0x1f/0x280 [ 1383.157558][T23231] ? down_write+0x14d/0x200 [ 1383.157606][T23231] inet_release+0xed/0x200 [ 1383.157657][T23231] inet6_release+0x4f/0x70 [ 1383.157702][T23231] __sock_release+0xb3/0x270 [ 1383.157740][T23231] ? __pfx_sock_close+0x10/0x10 [ 1383.157772][T23231] sock_close+0x1c/0x30 [ 1383.157805][T23231] __fput+0x402/0xb70 [ 1383.157862][T23231] task_work_run+0x150/0x240 [ 1383.157918][T23231] ? __pfx_task_work_run+0x10/0x10 [ 1383.157972][T23231] ? __pfx___do_sys_close_range+0x10/0x10 [ 1383.158021][T23231] exit_to_user_mode_loop+0xec/0x130 [ 1383.158076][T23231] do_syscall_64+0x426/0xfa0 [ 1383.158118][T23231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1383.158153][T23231] RIP: 0033:0x7f490eb8efc9 [ 1383.158182][T23231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1383.158216][T23231] RSP: 002b:00007f490fae7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1383.158250][T23231] RAX: 0000000000000000 RBX: 00007f490ede5fa0 RCX: 00007f490eb8efc9 [ 1383.158274][T23231] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 1383.158294][T23231] RBP: 00007f490ec11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1383.158315][T23231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1383.158336][T23231] R13: 00007f490ede6038 R14: 00007f490ede5fa0 R15: 00007ffcce06eca8 [ 1383.158383][T23231] [ 1383.474455][ C0] vkms_vblank_simulate: vblank timer overrun [ 1384.040116][T23255] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4756'. [ 1384.214761][T23261] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4759'. [ 1384.557436][ T30] audit: type=1804 audit(4294967326.301:34): pid=23266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.4760" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1049 res=1 errno=0 [ 1385.576485][T23277] 0x000200000001-0xa29656a63616329 : "" [ 1385.615793][T23277] mtd: partition "" is out of reach -- disabled [ 1385.650886][T23277] ftl_cs: FTL header not found. [ 1388.317638][T23308] futex_wake_op: syz.0.4769 tries to shift op by -9; fix this program [ 1397.843765][T23330] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 1397.879241][T23330] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 1397.898549][T23330] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 1399.376530][T22823] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1399.389020][T22823] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1399.401766][T22823] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1399.410800][T22823] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1399.418688][T22823] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1400.355565][T23356] chnl_net:caif_netlink_parms(): no params data found [ 1400.906139][T23356] bridge0: port 1(bridge_slave_0) entered blocking state [ 1400.918841][T23356] bridge0: port 1(bridge_slave_0) entered disabled state [ 1400.932309][T23356] bridge_slave_0: entered allmulticast mode [ 1400.954851][T23356] bridge_slave_0: entered promiscuous mode [ 1400.975643][T23356] bridge0: port 2(bridge_slave_1) entered blocking state [ 1400.989022][T23356] bridge0: port 2(bridge_slave_1) entered disabled state [ 1401.033362][T23356] bridge_slave_1: entered allmulticast mode [ 1401.067192][T23356] bridge_slave_1: entered promiscuous mode [ 1401.188698][T23356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1401.232421][T23356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1401.381645][T23356] team0: Port device team_slave_0 added [ 1401.401707][T23356] team0: Port device team_slave_1 added [ 1401.469408][T22823] Bluetooth: hci0: command tx timeout [ 1401.592201][T23356] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1401.618526][T23356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1401.668180][T23356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1401.690815][T23356] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1401.716068][T23356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1401.787891][T23356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1401.812316][T23383] bond0: option all_slaves_active: invalid value () [ 1401.978766][T23389] netlink: 268 bytes leftover after parsing attributes in process `syz.4.4785'. [ 1402.186157][T23356] hsr_slave_0: entered promiscuous mode [ 1402.245804][T23356] hsr_slave_1: entered promiscuous mode [ 1402.300127][T23356] debugfs: 'hsr0' already exists in 'hsr' [ 1402.322555][T23356] Cannot create hsr debugfs directory [ 1402.338226][T23389] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.4785: iget: checksum invalid [ 1402.402250][T23389] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1402.415842][T23389] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.4785: iget: checksum invalid [ 1402.435343][T23389] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1402.454865][T23389] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.4785: iget: checksum invalid [ 1402.474298][T23389] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1402.504859][T23389] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.4.4785: iget: checksum invalid [ 1402.525401][T23389] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1402.566613][T23389] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1402.623749][T23389] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1403.026285][T23395] FAULT_INJECTION: forcing a failure. [ 1403.026285][T23395] name failslab, interval 1, probability 0, space 0, times 0 [ 1403.039526][T23395] CPU: 0 UID: 0 PID: 23395 Comm: syz.4.4786 Not tainted syzkaller #0 PREEMPT(full) [ 1403.039567][T23395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1403.039582][T23395] Call Trace: [ 1403.039590][T23395] [ 1403.039599][T23395] dump_stack_lvl+0x16c/0x1f0 [ 1403.039631][T23395] should_fail_ex+0x512/0x640 [ 1403.039668][T23395] ? __kmalloc_noprof+0xca/0x880 [ 1403.039709][T23395] should_failslab+0xc2/0x120 [ 1403.039742][T23395] __kmalloc_noprof+0xdd/0x880 [ 1403.039780][T23395] ? __register_sysctl_table+0xe8e/0x1900 [ 1403.039816][T23395] ? __register_sysctl_table+0xea2/0x1900 [ 1403.039857][T23395] ? __register_sysctl_table+0xea2/0x1900 [ 1403.039892][T23395] __register_sysctl_table+0xea2/0x1900 [ 1403.039934][T23395] ? __pfx___register_sysctl_table+0x10/0x10 [ 1403.039971][T23395] ? is_module_address+0x69/0xf0 [ 1403.040005][T23395] ? register_net_sysctl_sz+0x228/0x3e0 [ 1403.040040][T23395] ? __asan_memcpy+0x3c/0x60 [ 1403.040068][T23395] nf_log_net_init+0x109/0x450 [ 1403.040095][T23395] ? __pfx_nf_log_net_init+0x10/0x10 [ 1403.040120][T23395] ops_init+0x1e2/0x5f0 [ 1403.040148][T23395] setup_net+0x100/0x390 [ 1403.040171][T23395] ? __pfx_setup_net+0x10/0x10 [ 1403.040197][T23395] ? debug_mutex_init+0x37/0x70 [ 1403.040226][T23395] copy_net_ns+0x2f8/0x690 [ 1403.040255][T23395] create_new_namespaces+0x3ea/0xa90 [ 1403.040297][T23395] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1403.040328][T23395] ksys_unshare+0x45b/0xa40 [ 1403.040361][T23395] ? __pfx_ksys_unshare+0x10/0x10 [ 1403.040395][T23395] ? xfd_validate_state+0x61/0x180 [ 1403.040438][T23395] __x64_sys_unshare+0x31/0x40 [ 1403.040470][T23395] do_syscall_64+0xcd/0xfa0 [ 1403.040499][T23395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1403.040523][T23395] RIP: 0033:0x7f75ce38efc9 [ 1403.040544][T23395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1403.040569][T23395] RSP: 002b:00007f75cf145038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1403.040591][T23395] RAX: ffffffffffffffda RBX: 00007f75ce5e5fa0 RCX: 00007f75ce38efc9 [ 1403.040608][T23395] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1403.040622][T23395] RBP: 00007f75ce411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1403.040636][T23395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1403.040650][T23395] R13: 00007f75ce5e6038 R14: 00007f75ce5e5fa0 R15: 00007ffc6f8b5a18 [ 1403.040682][T23395] [ 1403.040693][T23395] sysctl could not get directory: /net/netfilter/nf_log -12 [ 1403.538728][T22823] Bluetooth: hci0: command tx timeout [ 1403.544272][T23356] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 1403.604044][T23356] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 1403.627156][T23356] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 1403.683390][T23356] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 1403.917849][T23406] ptrace attach of "./syz-executor exec"[23407] was attempted by "./syz-executor exec"[23406] [ 1404.010658][T23412] netlink: 25 bytes leftover after parsing attributes in process `syz.4.4788'. [ 1404.178962][T23356] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1404.210206][T23356] 8021q: adding VLAN 0 to HW filter on device team0 [ 1404.243222][T22824] bridge0: port 1(bridge_slave_0) entered blocking state [ 1404.250484][T22824] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1404.288749][T22795] bridge0: port 2(bridge_slave_1) entered blocking state [ 1404.295988][T22795] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1404.548136][T23356] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1404.842637][T23356] veth0_vlan: entered promiscuous mode [ 1404.856216][T23356] veth1_vlan: entered promiscuous mode [ 1404.886044][T23356] veth0_macvtap: entered promiscuous mode [ 1404.902397][T23356] veth1_macvtap: entered promiscuous mode [ 1404.924573][T23356] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1404.939443][T23356] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1404.956593][T22824] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1404.965791][T22824] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1404.980397][T22824] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1404.989737][T22824] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1405.077642][T22798] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1405.096278][T22798] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1405.125623][T22798] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1405.137175][T22798] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1405.608706][T22823] Bluetooth: hci0: command tx timeout [ 1407.677486][T22823] Bluetooth: hci0: command tx timeout [ 1410.719634][T23484] sp0: Synchronizing with TNC [ 1411.286398][T23501] FAULT_INJECTION: forcing a failure. [ 1411.286398][T23501] name failslab, interval 1, probability 0, space 0, times 0 [ 1411.336524][T23501] CPU: 1 UID: 0 PID: 23501 Comm: syz.4.4807 Not tainted syzkaller #0 PREEMPT(full) [ 1411.336569][T23501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1411.336584][T23501] Call Trace: [ 1411.336593][T23501] [ 1411.336602][T23501] dump_stack_lvl+0x16c/0x1f0 [ 1411.336634][T23501] should_fail_ex+0x512/0x640 [ 1411.336671][T23501] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1411.336708][T23501] should_failslab+0xc2/0x120 [ 1411.336742][T23501] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1411.336775][T23501] ? kstrdup_const+0x63/0x80 [ 1411.336807][T23501] ? kstrdup+0x53/0x100 [ 1411.336830][T23501] kstrdup+0x53/0x100 [ 1411.336857][T23501] kstrdup_const+0x63/0x80 [ 1411.336883][T23501] __kmem_cache_create_args+0x16c/0x3c0 [ 1411.336927][T23501] mon_text_open+0x333/0x510 [ 1411.336956][T23501] ? __pfx_mon_text_open+0x10/0x10 [ 1411.336985][T23501] ? __pfx_mon_text_ctor+0x10/0x10 [ 1411.337019][T23501] ? __pfx_apparmor_file_open+0x10/0x10 [ 1411.337055][T23501] ? lockdown_is_locked_down+0x3f/0x130 [ 1411.337088][T23501] ? bpf_lsm_locked_down+0x9/0x10 [ 1411.337125][T23501] ? __pfx_mon_text_open+0x10/0x10 [ 1411.337150][T23501] full_proxy_open_regular+0x1b9/0x360 [ 1411.337190][T23501] do_dentry_open+0x982/0x1530 [ 1411.337219][T23501] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1411.337261][T23501] vfs_open+0x82/0x3f0 [ 1411.337298][T23501] path_openat+0x1de4/0x2cb0 [ 1411.337335][T23501] ? __pfx_path_openat+0x10/0x10 [ 1411.337363][T23501] ? __lock_acquire+0xb8a/0x1c90 [ 1411.337400][T23501] do_filp_open+0x20b/0x470 [ 1411.337427][T23501] ? __pfx_do_filp_open+0x10/0x10 [ 1411.337475][T23501] ? alloc_fd+0x471/0x7d0 [ 1411.337507][T23501] do_sys_openat2+0x11b/0x1d0 [ 1411.337546][T23501] ? __pfx_do_sys_openat2+0x10/0x10 [ 1411.337581][T23501] ? __fget_files+0x204/0x3c0 [ 1411.337615][T23501] __x64_sys_openat+0x174/0x210 [ 1411.337652][T23501] ? __pfx___x64_sys_openat+0x10/0x10 [ 1411.337700][T23501] do_syscall_64+0xcd/0xfa0 [ 1411.337730][T23501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1411.337755][T23501] RIP: 0033:0x7f75ce38efc9 [ 1411.337777][T23501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1411.337801][T23501] RSP: 002b:00007f75cc5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1411.337825][T23501] RAX: ffffffffffffffda RBX: 00007f75ce5e6180 RCX: 00007f75ce38efc9 [ 1411.337848][T23501] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1411.337868][T23501] RBP: 00007f75ce411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1411.337886][T23501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1411.337906][T23501] R13: 00007f75ce5e6218 R14: 00007f75ce5e6180 R15: 00007ffc6f8b5a18 [ 1411.337951][T23501] [ 1412.078878][T23501] __kmem_cache_create_args(mon_text_ffff888067d2c800) failed with error -12 [ 1412.187951][T23501] CPU: 1 UID: 0 PID: 23501 Comm: syz.4.4807 Not tainted syzkaller #0 PREEMPT(full) [ 1412.187996][T23501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1412.188015][T23501] Call Trace: [ 1412.188027][T23501] [ 1412.188039][T23501] dump_stack_lvl+0x16c/0x1f0 [ 1412.188080][T23501] __kmem_cache_create_args+0x128/0x3c0 [ 1412.188136][T23501] mon_text_open+0x333/0x510 [ 1412.188172][T23501] ? __pfx_mon_text_open+0x10/0x10 [ 1412.188208][T23501] ? __pfx_mon_text_ctor+0x10/0x10 [ 1412.188242][T23501] ? __pfx_apparmor_file_open+0x10/0x10 [ 1412.188285][T23501] ? lockdown_is_locked_down+0x3f/0x130 [ 1412.188325][T23501] ? bpf_lsm_locked_down+0x9/0x10 [ 1412.188371][T23501] ? __pfx_mon_text_open+0x10/0x10 [ 1412.188403][T23501] full_proxy_open_regular+0x1b9/0x360 [ 1412.188454][T23501] do_dentry_open+0x982/0x1530 [ 1412.188495][T23501] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1412.188553][T23501] vfs_open+0x82/0x3f0 [ 1412.188608][T23501] path_openat+0x1de4/0x2cb0 [ 1412.188680][T23501] ? __pfx_path_openat+0x10/0x10 [ 1412.188724][T23501] ? __lock_acquire+0xb8a/0x1c90 [ 1412.188779][T23501] do_filp_open+0x20b/0x470 [ 1412.188819][T23501] ? __pfx_do_filp_open+0x10/0x10 [ 1412.188889][T23501] ? alloc_fd+0x471/0x7d0 [ 1412.188936][T23501] do_sys_openat2+0x11b/0x1d0 [ 1412.188987][T23501] ? __pfx_do_sys_openat2+0x10/0x10 [ 1412.189036][T23501] ? __fget_files+0x204/0x3c0 [ 1412.189082][T23501] __x64_sys_openat+0x174/0x210 [ 1412.189131][T23501] ? __pfx___x64_sys_openat+0x10/0x10 [ 1412.189197][T23501] do_syscall_64+0xcd/0xfa0 [ 1412.189236][T23501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1412.189272][T23501] RIP: 0033:0x7f75ce38efc9 [ 1412.189298][T23501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1412.189332][T23501] RSP: 002b:00007f75cc5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1412.189364][T23501] RAX: ffffffffffffffda RBX: 00007f75ce5e6180 RCX: 00007f75ce38efc9 [ 1412.189387][T23501] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1412.189409][T23501] RBP: 00007f75ce411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1412.189430][T23501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1412.189451][T23501] R13: 00007f75ce5e6218 R14: 00007f75ce5e6180 R15: 00007ffc6f8b5a18 [ 1412.189497][T23501] [ 1416.791070][T23557] base or size exceeds the MTRR width [ 1417.916226][T23577] FAULT_INJECTION: forcing a failure. [ 1417.916226][T23577] name failslab, interval 1, probability 0, space 0, times 0 [ 1417.933818][T23577] CPU: 1 UID: 0 PID: 23577 Comm: syz.7.4818 Not tainted syzkaller #0 PREEMPT(full) [ 1417.933863][T23577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1417.933883][T23577] Call Trace: [ 1417.933894][T23577] [ 1417.933908][T23577] dump_stack_lvl+0x16c/0x1f0 [ 1417.933950][T23577] should_fail_ex+0x512/0x640 [ 1417.933999][T23577] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1417.934042][T23577] should_failslab+0xc2/0x120 [ 1417.934088][T23577] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1417.934128][T23577] ? __d_alloc+0x32/0xae0 [ 1417.934174][T23577] ? __d_alloc+0x32/0xae0 [ 1417.934210][T23577] __d_alloc+0x32/0xae0 [ 1417.934244][T23577] ? stack_trace_save+0x8e/0xc0 [ 1417.934288][T23577] d_alloc_parallel+0x111/0x1510 [ 1417.934356][T23577] ? kasan_save_stack+0x33/0x60 [ 1417.934393][T23577] ? __kasan_kmalloc+0xaa/0xb0 [ 1417.934430][T23577] ? __kmalloc_node_track_caller_noprof+0x345/0x8a0 [ 1417.934477][T23577] ? kstrdup+0x53/0x100 [ 1417.934508][T23577] ? debugfs_create_symlink+0x29/0x320 [ 1417.934539][T23577] ? ref_tracker_dir_symlink+0x255/0x360 [ 1417.934591][T23577] ? net_ns_net_init+0xd2/0x120 [ 1417.934623][T23577] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1417.934669][T23577] ? create_new_namespaces+0x3ea/0xa90 [ 1417.934713][T23577] ? lockdep_init_map_type+0x5c/0x280 [ 1417.934762][T23577] ? lockdep_init_map_type+0x5c/0x280 [ 1417.934818][T23577] __lookup_slow+0x193/0x460 [ 1417.934867][T23577] ? __pfx___lookup_slow+0x10/0x10 [ 1417.934921][T23577] ? lruvec_init+0x210/0x210 [ 1417.934978][T23577] ? lruvec_init+0x210/0x210 [ 1417.935022][T23577] ? d_lookup+0xe7/0x190 [ 1417.935079][T23577] lookup_noperm+0xe1/0x110 [ 1417.935129][T23577] simple_start_creating+0xd1/0x1b0 [ 1417.935188][T23577] debugfs_start_creating.part.0+0x82/0x190 [ 1417.935240][T23577] debugfs_create_symlink+0x81/0x320 [ 1417.935265][T23577] ref_tracker_dir_symlink+0x255/0x360 [ 1417.935312][T23577] ? __pfx_ref_tracker_dir_symlink+0x10/0x10 [ 1417.935354][T23577] ? __lock_acquire+0xb8a/0x1c90 [ 1417.935423][T23577] ? __pfx_net_ns_net_init+0x10/0x10 [ 1417.935448][T23577] net_ns_net_init+0xd2/0x120 [ 1417.935474][T23577] ops_init+0x1e2/0x5f0 [ 1417.935500][T23577] setup_net+0x100/0x390 [ 1417.935524][T23577] ? __pfx_setup_net+0x10/0x10 [ 1417.935550][T23577] ? debug_mutex_init+0x37/0x70 [ 1417.935578][T23577] copy_net_ns+0x2f8/0x690 [ 1417.935608][T23577] create_new_namespaces+0x3ea/0xa90 [ 1417.935642][T23577] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1417.935673][T23577] ksys_unshare+0x45b/0xa40 [ 1417.935706][T23577] ? __pfx_ksys_unshare+0x10/0x10 [ 1417.935739][T23577] ? xfd_validate_state+0x61/0x180 [ 1417.935782][T23577] __x64_sys_unshare+0x31/0x40 [ 1417.935814][T23577] do_syscall_64+0xcd/0xfa0 [ 1417.935843][T23577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1417.935868][T23577] RIP: 0033:0x7f02c258efc9 [ 1417.935888][T23577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1417.935911][T23577] RSP: 002b:00007f02c3387038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1417.935934][T23577] RAX: ffffffffffffffda RBX: 00007f02c27e5fa0 RCX: 00007f02c258efc9 [ 1417.935950][T23577] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1417.935965][T23577] RBP: 00007f02c2611f91 R08: 0000000000000000 R09: 0000000000000000 [ 1417.935980][T23577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1417.935994][T23577] R13: 00007f02c27e6038 R14: 00007f02c27e5fa0 R15: 00007ffe14f48ae8 [ 1417.936027][T23577] [ 1422.104529][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1422.111099][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1424.692154][T23635] base or size exceeds the MTRR width [ 1427.863057][T23669] Console: switching to colour VGA+ 80x25 [ 1428.364553][T23675] Console: switching to colour frame buffer device 4x6 [ 1432.465441][T23723] Console: switching to colour VGA+ 80x25 [ 1432.652215][T23720] Console: switching to colour frame buffer device 4x6 [ 1432.816133][T23727] input: jJǸ-9%vJ86 as /devices/virtual/input/input40 [ 1432.868818][T23731] Console: switching to colour VGA+ 80x25 [ 1433.023733][T23727] usb usb24: usbfs: process 23727 (syz.7.4844) did not claim interface 0 before use [ 1436.190174][T23783] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1436.209405][T23783] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1436.216000][T23783] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1436.349555][T23783] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1436.384965][T23783] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1436.406196][T23783] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1436.538194][T23783] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1438.247746][T22823] Bluetooth: hci4: command 0x0c1a tx timeout [ 1438.258041][T23243] Bluetooth: hci1: command 0x0c1a tx timeout [ 1438.267167][T22814] Bluetooth: hci3: command 0x0406 tx timeout [ 1438.397478][T22823] Bluetooth: hci0: command 0x0c1a tx timeout [ 1438.403604][T22823] Bluetooth: hci5: command 0x0406 tx timeout [ 1438.476559][T23825] Console: switching to colour frame buffer device 4x6 [ 1438.569202][T23826] input: jJǸ-9%vJ86 as /devices/virtual/input/input41 [ 1438.692573][T23828] usb usb24: usbfs: process 23828 (syz.6.4859) did not claim interface 0 before use [ 1440.466563][T22823] Bluetooth: hci0: command 0x0c1a tx timeout [ 1442.537279][T22823] Bluetooth: hci0: command 0x0c1a tx timeout [ 1445.097987][T23919] FAULT_INJECTION: forcing a failure. [ 1445.097987][T23919] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1445.170762][T23919] CPU: 1 UID: 0 PID: 23919 Comm: syz.6.4878 Not tainted syzkaller #0 PREEMPT(full) [ 1445.170808][T23919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1445.170829][T23919] Call Trace: [ 1445.170842][T23919] [ 1445.170855][T23919] dump_stack_lvl+0x16c/0x1f0 [ 1445.170899][T23919] should_fail_ex+0x512/0x640 [ 1445.170957][T23919] should_fail_alloc_page+0xe7/0x130 [ 1445.171007][T23919] prepare_alloc_pages+0x3c2/0x610 [ 1445.171053][T23919] ? rcu_is_watching+0x12/0xc0 [ 1445.171094][T23919] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1445.171131][T23919] ? kasan_save_stack+0x42/0x60 [ 1445.171171][T23919] ? kasan_save_track+0x14/0x30 [ 1445.171209][T23919] ? __kasan_kmalloc+0xaa/0xb0 [ 1445.171259][T23919] ? __kvmalloc_node_noprof+0x3a3/0x9c0 [ 1445.171298][T23919] ? relay_open_buf.part.0+0x194/0xc40 [ 1445.171346][T23919] ? relay_open+0x653/0xad0 [ 1445.171390][T23919] ? do_blk_trace_setup+0x4c5/0xb00 [ 1445.171428][T23919] ? blk_trace_setup+0xed/0x1b0 [ 1445.171464][T23919] ? sg_ioctl+0x7d7/0x27f0 [ 1445.171496][T23919] ? __x64_sys_ioctl+0x18e/0x210 [ 1445.171544][T23919] ? do_syscall_64+0xcd/0xfa0 [ 1445.171579][T23919] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1445.171626][T23919] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1445.171699][T23919] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1445.171764][T23919] ? policy_nodemask+0xea/0x4e0 [ 1445.171820][T23919] alloc_pages_mpol+0x1fb/0x550 [ 1445.171867][T23919] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1445.171908][T23919] ? trace_kmalloc+0x2b/0xd0 [ 1445.171948][T23919] ? trace_kmalloc+0x2b/0xd0 [ 1445.171989][T23919] ? relay_open_buf.part.0+0x194/0xc40 [ 1445.172042][T23919] alloc_pages_noprof+0x131/0x390 [ 1445.172089][T23919] relay_open_buf.part.0+0x262/0xc40 [ 1445.172150][T23919] relay_open+0x653/0xad0 [ 1445.172198][T23919] ? debugfs_create_file_full+0x41/0x60 [ 1445.172236][T23919] do_blk_trace_setup+0x4c5/0xb00 [ 1445.172288][T23919] blk_trace_setup+0xed/0x1b0 [ 1445.172332][T23919] ? __pfx_blk_trace_setup+0x10/0x10 [ 1445.172372][T23919] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1445.172443][T23919] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1445.172505][T23919] sg_ioctl+0x7d7/0x27f0 [ 1445.172552][T23919] ? __pfx_sg_ioctl+0x10/0x10 [ 1445.172589][T23919] ? find_held_lock+0x2b/0x80 [ 1445.172624][T23919] ? hook_file_ioctl_common+0x145/0x410 [ 1445.172676][T23919] ? __fget_files+0x20e/0x3c0 [ 1445.172718][T23919] ? __pfx_sg_ioctl+0x10/0x10 [ 1445.172756][T23919] __x64_sys_ioctl+0x18e/0x210 [ 1445.172810][T23919] do_syscall_64+0xcd/0xfa0 [ 1445.172851][T23919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1445.172885][T23919] RIP: 0033:0x7fe75098efc9 [ 1445.172913][T23919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1445.172947][T23919] RSP: 002b:00007fe75188a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1445.172979][T23919] RAX: ffffffffffffffda RBX: 00007fe750be5fa0 RCX: 00007fe75098efc9 [ 1445.173003][T23919] RDX: 0000200000000140 RSI: 00000000c0481273 RDI: 0000000000000005 [ 1445.173025][T23919] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1445.173047][T23919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1445.173068][T23919] R13: 00007fe750be6038 R14: 00007fe750be5fa0 R15: 00007ffcb25c5ab8 [ 1445.173115][T23919] [ 1445.497793][ C1] vkms_vblank_simulate: vblank timer overrun [ 1447.784324][T23942] ptrace attach of "./syz-executor exec"[6249] was attempted by ""[23942] [ 1448.838130][T23956] Console: switching to colour VGA+ 80x25 [ 1449.086079][T23954] Console: switching to colour frame buffer device 4x6 [ 1452.013111][T23996] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1452.070258][T23996] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1452.083505][T23996] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1452.093562][T23996] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1452.101713][T23996] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1452.349561][T23998] sp0: Synchronizing with TNC [ 1452.724274][T24007] sp0: Synchronizing with TNC [ 1452.907178][T24010] random: crng reseeded on system resumption [ 1453.519964][T24019] FAULT_INJECTION: forcing a failure. [ 1453.519964][T24019] name failslab, interval 1, probability 0, space 0, times 0 [ 1453.533097][T24019] CPU: 1 UID: 0 PID: 24019 Comm: syz.6.4899 Not tainted syzkaller #0 PREEMPT(full) [ 1453.533149][T24019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1453.533166][T24019] Call Trace: [ 1453.533175][T24019] [ 1453.533184][T24019] dump_stack_lvl+0x16c/0x1f0 [ 1453.533216][T24019] should_fail_ex+0x512/0x640 [ 1453.533253][T24019] ? __kmalloc_noprof+0xca/0x880 [ 1453.533295][T24019] should_failslab+0xc2/0x120 [ 1453.533327][T24019] __kmalloc_noprof+0xdd/0x880 [ 1453.533364][T24019] ? __kernel_text_address+0xd/0x40 [ 1453.533386][T24019] ? unwind_get_return_address+0x59/0xa0 [ 1453.533411][T24019] ? constrain_params_by_rules+0x175/0xca0 [ 1453.533451][T24019] ? constrain_params_by_rules+0x175/0xca0 [ 1453.533483][T24019] constrain_params_by_rules+0x175/0xca0 [ 1453.533523][T24019] ? stack_trace_save+0x8e/0xc0 [ 1453.533555][T24019] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1453.533588][T24019] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1453.533620][T24019] ? snd_pcm_oss_sync+0x32e/0x840 [ 1453.533656][T24019] ? __kasan_kmalloc+0xaa/0xb0 [ 1453.533681][T24019] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x8e0 [ 1453.533712][T24019] ? snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 1453.533744][T24019] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1453.533786][T24019] ? snd_interval_refine+0x2fa/0x580 [ 1453.533814][T24019] snd_pcm_hw_refine+0x7de/0xad0 [ 1453.533879][T24019] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1453.533927][T24019] ? _snd_pcm_hw_param_min+0x259/0x630 [ 1453.533962][T24019] snd_pcm_hw_param_near.constprop.0+0x58a/0x8e0 [ 1453.534000][T24019] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1453.534034][T24019] ? __asan_memset+0x23/0x50 [ 1453.534061][T24019] ? calc_src_frames.isra.0+0x187/0x1d0 [ 1453.534094][T24019] ? calc_dst_frames.constprop.0.isra.0+0x103/0x130 [ 1453.534143][T24019] snd_pcm_oss_change_params_locked+0x1398/0x3a30 [ 1453.534190][T24019] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1453.534247][T24019] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1453.534283][T24019] snd_pcm_oss_sync+0x32e/0x840 [ 1453.534318][T24019] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1453.534351][T24019] snd_pcm_oss_release+0x28b/0x310 [ 1453.534388][T24019] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1453.534419][T24019] __fput+0x402/0xb70 [ 1453.534458][T24019] task_work_run+0x150/0x240 [ 1453.534498][T24019] ? __pfx_task_work_run+0x10/0x10 [ 1453.534536][T24019] ? __pfx___do_sys_close_range+0x10/0x10 [ 1453.534570][T24019] exit_to_user_mode_loop+0xec/0x130 [ 1453.534609][T24019] do_syscall_64+0x426/0xfa0 [ 1453.534638][T24019] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1453.534663][T24019] RIP: 0033:0x7fe75098efc9 [ 1453.534683][T24019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1453.534707][T24019] RSP: 002b:00007fe75188a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1453.534730][T24019] RAX: 0000000000000000 RBX: 00007fe750be5fa0 RCX: 00007fe75098efc9 [ 1453.534745][T24019] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1453.534760][T24019] RBP: 00007fe750a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1453.534775][T24019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1453.534789][T24019] R13: 00007fe750be6038 R14: 00007fe750be5fa0 R15: 00007ffcb25c5ab8 [ 1453.534822][T24019] [ 1454.215198][T22823] Bluetooth: hci4: command 0x0c1a tx timeout [ 1454.221511][T22823] Bluetooth: hci1: command 0x0c1a tx timeout [ 1454.230281][T22823] Bluetooth: hci3: command 0x0406 tx timeout [ 1454.236735][T22814] Bluetooth: hci0: command 0x0c1a tx timeout [ 1454.252319][T22823] Bluetooth: hci5: command 0x0406 tx timeout syzkaller syzkaller login: [ 1457.540892][T24065] base or size exceeds the MTRR width [ 1458.336113][T24090] Console: switching to colour VGA+ 80x25 [ 1458.516194][T24092] Console: switching to colour frame buffer device 4x6 [ 1462.606534][T24132] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1464.635727][T24166] sp0: Synchronizing with TNC syzkaller syzkaller login: [ 1467.898530][T24192] netlink: 268 bytes leftover after parsing attributes in process `syz.7.4926'. [ 1467.991281][T24192] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.7.4926: iget: checksum invalid [ 1468.006420][T24192] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1468.019306][T24192] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.7.4926: iget: checksum invalid [ 1468.031965][T24192] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1468.042853][T24192] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.7.4926: iget: checksum invalid [ 1468.151014][T24192] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1468.196975][T24192] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.7.4926: iget: checksum invalid [ 1468.208720][T24192] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1468.219040][T24192] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1468.342685][T24192] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1469.732008][T24210] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1469.738973][T24210] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1469.749299][T24210] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1469.759641][T24210] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1469.770116][T24210] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1470.045272][T24231] Console: switching to colour VGA+ 80x25 [ 1470.159150][T24232] Console: switching to colour frame buffer device 4x6 [ 1470.797863][T24250] Console: switching to colour VGA+ 80x25 [ 1471.032860][T22823] Bluetooth: hci3: command 0x0406 tx timeout [ 1471.824620][T22823] Bluetooth: hci0: command 0x0c1a tx timeout [ 1471.830693][T22823] Bluetooth: hci5: command 0x0406 tx timeout [ 1471.836786][T23243] Bluetooth: hci4: command 0x0c1a tx timeout [ 1471.842811][T23243] Bluetooth: hci1: command 0x0c1a tx timeout [ 1472.077117][T24265] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4938: iget: checksum invalid [ 1472.090518][T24265] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 1472.158653][T24265] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4938: iget: checksum invalid [ 1472.209984][T24265] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 1472.227277][T24265] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4938: iget: checksum invalid [ 1472.254087][T24265] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 1472.328220][T24265] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.4938: iget: checksum invalid [ 1472.340627][T24265] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 1472.371970][T24265] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 1472.455352][T24265] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1473.252232][T24282] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 1473.892000][T24295] Console: switching to colour frame buffer device 4x6 [ 1475.455981][T24310] FAULT_INJECTION: forcing a failure. [ 1475.455981][T24310] name failslab, interval 1, probability 0, space 0, times 0 [ 1475.524407][T24310] CPU: 1 UID: 0 PID: 24310 Comm: syz.4.4947 Not tainted syzkaller #0 PREEMPT(full) [ 1475.524452][T24310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1475.524472][T24310] Call Trace: [ 1475.524482][T24310] [ 1475.524495][T24310] dump_stack_lvl+0x16c/0x1f0 [ 1475.524536][T24310] should_fail_ex+0x512/0x640 [ 1475.524585][T24310] ? fs_reclaim_acquire+0xae/0x150 [ 1475.524631][T24310] should_failslab+0xc2/0x120 [ 1475.524675][T24310] __kmalloc_noprof+0xdd/0x880 [ 1475.524728][T24310] ? mempool_init_node+0x2f7/0x6e0 [ 1475.524778][T24310] ? __pfx_mempool_kmalloc+0x10/0x10 [ 1475.524816][T24310] ? mempool_init_node+0x2f7/0x6e0 [ 1475.524855][T24310] ? __pfx_mempool_kmalloc+0x10/0x10 [ 1475.524892][T24310] mempool_init_node+0x2f7/0x6e0 [ 1475.524943][T24310] ? __pfx_mempool_kmalloc+0x10/0x10 [ 1475.524979][T24310] ? __pfx_mempool_kfree+0x10/0x10 [ 1475.525017][T24310] mempool_init_noprof+0x3a/0x50 [ 1475.525063][T24310] do_fanotify_mark+0x2e65/0x39d0 [ 1475.525135][T24310] ? __pfx_do_fanotify_mark+0x10/0x10 [ 1475.525188][T24310] ? __x64_sys_futex+0x1e9/0x4c0 [ 1475.525243][T24310] ? xfd_validate_state+0x61/0x180 [ 1475.525319][T24310] ? __pfx_ksys_write+0x10/0x10 [ 1475.525377][T24310] __x64_sys_fanotify_mark+0xbd/0x160 [ 1475.525428][T24310] ? do_syscall_64+0x91/0xfa0 [ 1475.525463][T24310] ? lockdep_hardirqs_on+0x7c/0x110 [ 1475.525498][T24310] do_syscall_64+0xcd/0xfa0 [ 1475.525535][T24310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1475.525567][T24310] RIP: 0033:0x7f75ce38efc9 [ 1475.525592][T24310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1475.525624][T24310] RSP: 002b:00007f75cc5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012d [ 1475.525653][T24310] RAX: ffffffffffffffda RBX: 00007f75ce5e6090 RCX: 00007f75ce38efc9 [ 1475.525674][T24310] RDX: 0000000000008009 RSI: 0000000000000105 RDI: 0000000000000000 [ 1475.525695][T24310] RBP: 00007f75ce411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1475.525717][T24310] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1475.525738][T24310] R13: 00007f75ce5e6128 R14: 00007f75ce5e6090 R15: 00007ffc6f8b5a18 [ 1475.525783][T24310] [ 1477.001532][T24309] kexec: Could not allocate control_code_buffer [ 1480.532177][T24344] WARNING! power/level is deprecated; use power/control instead [ 1480.579251][T24344] ICMPv6: process `syz.4.4957' is using deprecated sysctl (syscall) net.ipv6.neigh.wg1.retrans_time - use net.ipv6.neigh.wg1.retrans_time_ms instead [ 1481.670011][T24361] mkiss: ax0: crc mode is auto. [ 1483.211097][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1483.220297][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1485.328287][T24399] netlink: 330 bytes leftover after parsing attributes in process `syz.6.4965'. [ 1486.341438][T24421] Console: switching to colour VGA+ 80x25 [ 1491.360463][T24471] device-mapper: ioctl: Invalid ioctl structure: name , dev 8000010007 [ 1491.460913][T24472] ptrace attach of "./syz-executor exec"[23356] was attempted by "./syz-executor exec"[24472] [ 1494.098662][T24503] bond0: option all_slaves_active: invalid value () [ 1495.938141][ T31] INFO: task kworker/u8:9:3546 blocked for more than 143 seconds. [ 1495.946055][ T31] Not tainted syzkaller #0 [ 1495.952591][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1495.963640][ T31] task:kworker/u8:9 state:D stack:23832 pid:3546 tgid:3546 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 1495.978802][ T31] Workqueue: netns cleanup_net SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1495.986426][ T31] Call Trace: [ 1495.990271][ T31] [ 1495.993270][ T31] __schedule+0x1190/0x5de0 [ 1496.017251][ T31] ? __pfx___schedule+0x10/0x10 [ 1496.033411][ T31] ? find_held_lock+0x2b/0x80 [ 1496.055127][ T31] ? schedule+0x2d7/0x3a0 [ 1496.073261][ T31] schedule+0xe7/0x3a0 [ 1496.080763][ T31] schedule_timeout+0x257/0x290 [ 1496.085722][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1496.100335][ T31] ? mark_held_locks+0x49/0x80 [ 1496.105331][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1496.111106][ T31] __wait_for_common+0x2fc/0x4e0 [ 1496.116239][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1496.126401][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 1496.132372][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1496.138044][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 1496.143909][ T31] __flush_workqueue+0x3e2/0x1230 [ 1496.149526][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 1496.155078][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 1496.162063][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 1496.171126][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 1496.177071][ T31] rds_tcp_listen_stop+0x104/0x150 [ 1496.182377][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1496.188218][ T31] rds_tcp_exit_net+0xcb/0x810 [ 1496.198015][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1496.203482][ T31] ? __pfx___might_resched+0x10/0x10 [ 1496.226557][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 1496.236399][ T31] ops_undo_list+0x2ee/0xab0 [ 1496.241091][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 1496.246249][ T31] ? cleanup_net+0x347/0x8b0 [ 1496.253407][ T31] ? idr_destroy+0x62/0x2e0 [ 1496.261709][ T31] cleanup_net+0x41b/0x8b0 [ 1496.266639][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 1496.272097][ T31] ? rcu_is_watching+0x12/0xc0 [ 1496.277543][ T31] process_one_work+0x9cf/0x1b70 [ 1496.282590][ T31] ? __pfx_wg_packet_handshake_send_worker+0x10/0x10 [ 1496.290412][ T31] ? __pfx_process_one_work+0x10/0x10 [ 1496.295898][ T31] ? assign_work+0x1a0/0x250 [ 1496.301085][ T31] worker_thread+0x6c8/0xf10 [ 1496.305778][ T31] ? __kthread_parkme+0x19e/0x250 [ 1496.311450][ T31] ? __pfx_worker_thread+0x10/0x10 [ 1496.316970][ T31] kthread+0x3c5/0x780 [ 1496.321111][ T31] ? __pfx_kthread+0x10/0x10 [ 1496.325855][ T31] ? rcu_is_watching+0x12/0xc0 [ 1496.331574][ T31] ? __pfx_kthread+0x10/0x10 [ 1496.337675][ T31] ret_from_fork+0x675/0x7d0 [ 1496.342353][ T31] ? __pfx_kthread+0x10/0x10 [ 1496.347586][ T31] ret_from_fork_asm+0x1a/0x30 [ 1496.352448][ T31] [ 1496.355682][ T31] [ 1496.355682][ T31] Showing all locks held in the system: [ 1496.363843][ T31] 1 lock held by khungtaskd/31: [ 1496.369634][ T31] #0: ffffffff8e3c42e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 1496.389525][ T31] 3 locks held by kworker/u8:9/3546: [ 1496.394895][ T31] #0: ffff88801ba9f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1496.406475][ T31] #1: ffffc9000b667d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1496.416930][ T31] #2: ffffffff900d38b0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x8b0 [ 1496.426784][ T31] 1 lock held by syz-executor/5816: [ 1496.432049][ T31] 2 locks held by kworker/u10:0/22795: [ 1496.438060][ T31] #0: ffff88801e345148 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1496.449225][ T31] #1: ffffc9000d1b7d00 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1496.461256][ T31] 1 lock held by syz.5.4750/23233: [ 1496.466773][ T31] #0: ffffffff900d38b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x2d6/0x690 [ 1496.477022][ T31] 2 locks held by getty/24180: [ 1496.481833][ T31] #0: ffff88814c9b10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1496.492727][ T31] #1: ffffc9000211a2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 1496.503521][ T31] 1 lock held by syz.6.4975/24446: [ 1496.509083][ T31] #0: ffffffff900d38b0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x2d6/0x690 [ 1496.519057][ T31] [ 1496.521440][ T31] ============================================= [ 1496.521440][ T31] [ 1496.530542][ T31] NMI backtrace for cpu 1 [ 1496.530565][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 1496.530603][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1496.530623][ T31] Call Trace: [ 1496.530634][ T31] [ 1496.530646][ T31] dump_stack_lvl+0x116/0x1f0 [ 1496.530688][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 1496.530735][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1496.530784][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 1496.530836][ T31] watchdog+0xf3f/0x1170 [ 1496.530873][ T31] ? rcu_is_watching+0x12/0xc0 [ 1496.530916][ T31] ? __pfx_watchdog+0x10/0x10 [ 1496.530945][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1496.530984][ T31] ? __kthread_parkme+0x19e/0x250 [ 1496.531027][ T31] ? __pfx_watchdog+0x10/0x10 [ 1496.531059][ T31] kthread+0x3c5/0x780 [ 1496.531108][ T31] ? __pfx_kthread+0x10/0x10 [ 1496.531158][ T31] ? rcu_is_watching+0x12/0xc0 [ 1496.531194][ T31] ? __pfx_kthread+0x10/0x10 [ 1496.531245][ T31] ret_from_fork+0x675/0x7d0 [ 1496.531293][ T31] ? __pfx_kthread+0x10/0x10 [ 1496.531340][ T31] ret_from_fork_asm+0x1a/0x30 [ 1496.531406][ T31] [ 1496.531419][ T31] Sending NMI from CPU 1 to CPUs 0: [ 1496.652669][ C0] NMI backtrace for cpu 0 [ 1496.652690][ C0] CPU: 0 UID: 0 PID: 11521 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) [ 1496.652723][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1496.652740][ C0] RIP: 0010:lock_acquire+0x14f/0x350 [ 1496.652783][ C0] Code: 00 00 85 d2 0f 85 8c 00 00 00 9c 8f 04 24 fa 48 c7 c7 9e 65 b1 8d e8 40 b6 c4 09 45 89 e0 89 e9 44 89 ea 65 ff 05 a9 bc 08 12 <48> 81 24 24 00 02 00 00 44 89 f6 48 89 df 6a 00 6a 00 6a 00 ff b4 [ 1496.652809][ C0] RSP: 0018:ffffc90004a07490 EFLAGS: 00000002 [ 1496.652830][ C0] RAX: 0000000000000000 RBX: ffffffff8e3c4220 RCX: 0000000000000002 [ 1496.652848][ C0] RDX: 0000000000000000 RSI: ffffffff8db1659e RDI: ffffffff8bf07240 [ 1496.652865][ C0] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 1496.652882][ C0] R10: 0000000000001000 R11: 0000000000000001 R12: 0000000000000000 [ 1496.652898][ C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 1496.652915][ C0] FS: 0000000000000000(0000) GS:ffff888124a12000(0000) knlGS:0000000000000000 [ 1496.652940][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1496.652967][ C0] CR2: 00007f8f404ec0a1 CR3: 000000000e182000 CR4: 00000000003526f0 [ 1496.652984][ C0] Call Trace: [ 1496.652993][ C0] [ 1496.653013][ C0] ? find_held_lock+0x2b/0x80 [ 1496.653042][ C0] pfn_valid+0x15c/0x4d0 [ 1496.653067][ C0] ? pfn_valid+0x140/0x4d0 [ 1496.653092][ C0] page_table_check_clear+0x21/0x740 [ 1496.653119][ C0] ? folio_mark_accessed+0xc1/0xc00 [ 1496.653152][ C0] __page_table_check_pte_clear+0xf1/0x100 [ 1496.653181][ C0] ? __pfx___page_table_check_pte_clear+0x10/0x10 [ 1496.653212][ C0] ? __tlb_remove_folio_pages_size.constprop.0+0x162/0x560 [ 1496.653258][ C0] unmap_page_range+0x24d9/0x41b0 [ 1496.653306][ C0] ? __pfx_unmap_page_range+0x10/0x10 [ 1496.653339][ C0] ? mas_next_slot+0x12d3/0x1cb0 [ 1496.653373][ C0] ? uprobe_munmap+0x20/0x600 [ 1496.653403][ C0] unmap_single_vma.constprop.0+0x153/0x240 [ 1496.653441][ C0] unmap_vmas+0x218/0x470 [ 1496.653475][ C0] ? __pfx_unmap_vmas+0x10/0x10 [ 1496.653520][ C0] exit_mmap+0x1b2/0xb90 [ 1496.653556][ C0] ? __pfx_exit_mmap+0x10/0x10 [ 1496.653604][ C0] ? arch_uprobe_clear_state+0x16/0x150 [ 1496.653649][ C0] __mmput+0x12a/0x410 [ 1496.653678][ C0] mmput+0x62/0x70 [ 1496.653706][ C0] do_exit+0x7c7/0x2bf0 [ 1496.653741][ C0] ? find_held_lock+0x2b/0x80 [ 1496.653768][ C0] ? __pfx_do_exit+0x10/0x10 [ 1496.653803][ C0] ? do_raw_spin_lock+0x12c/0x2b0 [ 1496.653842][ C0] ? find_held_lock+0x2b/0x80 [ 1496.653871][ C0] do_group_exit+0xd3/0x2a0 [ 1496.653907][ C0] get_signal+0x2671/0x26d0 [ 1496.653940][ C0] ? css_rstat_updated+0x1c2/0x510 [ 1496.653980][ C0] ? __pfx_get_signal+0x10/0x10 [ 1496.654011][ C0] ? __do_sys_wait4+0xd1/0x170 [ 1496.654051][ C0] arch_do_signal_or_restart+0x8f/0x790 [ 1496.654085][ C0] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1496.654127][ C0] exit_to_user_mode_loop+0x85/0x130 [ 1496.654173][ C0] do_syscall_64+0x426/0xfa0 [ 1496.654203][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1496.654234][ C0] RIP: 0033:0x7fe7509850d3 [ 1496.654255][ C0] Code: Unable to access opcode bytes at 0x7fe7509850a9. [ 1496.654268][ C0] RSP: 002b:00007ffcb25c6008 EFLAGS: 00000202 ORIG_RAX: 000000000000003d [ 1496.654295][ C0] RAX: fffffffffffffe00 RBX: 0000000000002d0e RCX: 00007fe7509850d3 [ 1496.654316][ C0] RDX: 0000000040000000 RSI: 00007ffcb25c601c RDI: 00000000ffffffff [ 1496.654336][ C0] RBP: 00007ffcb25c601c R08: 0000000000000000 R09: 0000000000000000 [ 1496.654356][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008 [ 1496.654376][ C0] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000 [ 1496.654406][ C0] [ 1497.860247][T14576] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1497.901999][T14576] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1498.244274][T14625] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 1498.274840][T14625] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem