last executing test programs: 9.146260405s ago: executing program 1 (id=818): mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) clone$auto(0x1000020003b49, 0x1, 0x0, 0x0, 0x2) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) write$auto(0x3, 0x0, 0x5c8) 8.971149575s ago: executing program 1 (id=822): unshare$auto(0x40000080) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) write$auto(r0, 0x0, 0xfff) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) listmount$auto(0x0, &(0x7f00000001c0)=0x4, 0x4, 0x101) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x9c2342, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000afd003a5394e965231da1bd312e7af6d67d09340d0a4bd7805e18ac78f35cb77d1029c69e7270148078c13a91f6dff64055ad11608f0fb"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendfile$auto(r3, r2, 0x0, 0x10) r4 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x28800, 0x0) r5 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, 0x0, 0x1c1200, 0x0) ioctl$auto(r3, 0x7, r5) readv$auto(r4, &(0x7f00000011c0)={0x0, 0x94}, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0x5, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/loop14/queue/stable_writes\x00', 0x182b02, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/audit\x00', 0xc0c02, 0x0) pidfd_open$auto(0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001200)=ANY=[@ANYBLOB="3011f522", @ANYRES16=0x0, @ANYBLOB="080025bd7000fbdbdf2541000000f010a68008004c00080000007b821598b7f96e4822980fcf4347f047f7f763bd8b169fde3100452ef35daf8018e5e29aa3e839890d4012eccb963df27dc35c2ac687bf8a0fb8159a1104e0d3380c5ad753391dce0852d1221c463573235ba6b38f2c990c5bbcc7067b5ee2abfd2f631b9f8e66257e6126fe2b563d9469790fbf6e6f7f060bce4f3b295f86eab5428eb80894fb8803536246743778b0c9ec7fa031d0555668234fc127a42867ab96e8e6d3954171de5401f84d25c2d6e33ea743f2551ad208333226af2ef6b9124d874c194948d420b09e150afdfb936bc3f0c134d060e2d8b708b8377505e523dc15e64afc08fdda2be260f702182720b72f3782caeb6be86f94e8808ad7719ac126df1aefc701128f4731811f311419b3611908ce4ff912f7c9c434d1af136ebea7606de5844695f4f5a4bde5f551f01b20ceeac85c083ebe4548f544dba9358ebde9eea53ee52752e6bd01fc59abd6c13f93e5247c29a503a5816859920b3b649a30088c4bdc3293c9157dda23cf75b48b3bff74c2b4f315bc37383b6855feaa0b0d62649d304ceba75a298befd8b80367aa64757e9e1f167344674d4c5f682cd6d387211b46b18d6fffa5cc8568312428952864122b9626e08b6c4bfc284d35976dbafeb806de3ce43cda220f4794492e755945a012fb18c0aef9fceb2e96182be54ce975fe54d6622d036e255aedfd5ff7eb77ff774f1a0dc8eacdc18f94f0de006c7252e6677e9596de643acb4e695ba8640652b28f539c0352e0898b4a1ac5955d908707380970717c805d641e74cb3c355aab4449284eeca20d26d5efaea62492649d57bc677fa4de48d9f873bc2ba190c3830fe6d0ab6e64164ed52dec5af78c536c9fc1b4d3e9c958a18a029e222646a76a7cdd77c2bd722c5b3cb5584e2f2338fed0f4050287ce762de5195bd4d19522eface96286b95f095e27e413dbbbe3824487f0f1398f8a9dc16fbb0ee065ff202e76027894eb5e88778298943fc7248f89918dbd250ce2a9df66a15df505dc3904c4d42e780d9c610cc5892201360a55cea4665e5e35e572adb51a16b85cb5a23fdd22a49889d22bd6d1f1d6e3338d2de8decb50125aeeaca4a5ce3b33d15686445a1999a444c5d51d4d18d5b675f2adda73622e68a7014d74f44e3adbfa66be725fbf41c1a8e682668140335b16393e5785702c8845efbb35468c1fe529ee7ecf86c75150ff2fb6ba73b99a9c469058c5969e2e012d8d962a68888f0662c5dc4d7e968b7908bb786c0f49aafe8f0ccbee0071d31c80a2687e4b57d62738f880413c8e3a4ef7cca91f6273d645c377d40717ffcf1f87b5b8b535e924a6c0df60ace98b9673a1e91da8fcd4553ee8f24afd600acb8d12c58158ed3624d03f3ce6437da64af55d474affde10ad6a58697a6a51b07c88a1998b39c4c8f1cd66ac89f3eebbd9a3c68231d116e2f1e9407dd0e8f06b91a33d56589308f5196b0b97a0597f04acdc7fa5ebd5f2da65a8edcf0f8d2397fdd57f66d51cb296464b0fba93bfd68b22dc62a3ed7c0b0d791f28e3dbbcc736226ec5170cdd537e9f2b468d39b6a7a07df57312b04ac9366a20529c416436045ce82e63698108dc1442004de30a55e93b31540e172175824e2463f24de3858807fcf58919dc8a8314e734eab70f3828bfbfbe8dc83d6ef9fefab99d96d8fea30edf2d40a5a2931f9f77d687fae3ede7aa3d849e038ee221431b33144cff6d9e5e803cfa8aa8ab9bf67c85905cc7dbd7cc89003f21bd0d458553f3783ab63882a9d2c3d3752f183ae57f007a592653b33635e7abf8b31ed8a4acb1e8f110e4dff4692d6344a18d24c257e960ab47eb69007d02c5ceda2c9c35e18f9b2031e63c29b9be288551764fd06b8527d4d362520f0b72e0729aa5d5977d556489372534ea57c2d551a29721c6d6d5ca23b9de6bceac41f0eeddce2a62d3b873751782f8b3d7e31fb75519056a3b77d8e09c7dd0a8a1ae0381b69ade928935ad27576d8352e232a2820b70af5e488a2165ada3c64ab0e378ef9a1cbdde2b2173423c7f64b104ae79c30fc98ddf28e9376c1c9f4ff40e0ee4fa185b2ebbe6082e4c90821ce8d8cb1ac96b167127a6e10f61ca96f817673cb46799f1569a8688507f5c38aef34c2b69bd6c15e46cbd4b74b9774572d1a09e6cf3d8a3ee80a9f6d482702623d3beeaa0602d9d427e648c1294da9b7b5396524b0b4076e263ab49345e0b51b7f71243841dbb11506d751d76de9dd8313187000827646224ba28d5ff922583dfdab1a4fd1a376396a2fd2ade5878f3ffd8b0daf3a76785880b0653a6b21425700f0c029983f6d3e8956e6a58cdf41c2fd4327dcef4a9307eae580b866604337ba527078320334ce129a144c86dfee39060b5851f1e8e19e9cf862c66de2de4c5350fc7ef554319bce825b85a29e9ddfd5a24175fc48c4534ae31c42a9ca320fc382271776603f47070bc33ec39a17abd4d3de6e23c3eee65968b982ef3e7539ef50df05591f11d063dce71405fb785f76db2daf3a72b6514de265be14cb71b5351ffe1440e87f743665630f0b77057d161575dee2e434fe05db179d8120278fafc8f91dcf3b6dc6d5fe83ca6fc39e31d40f85164422b0196a361ed582c17208103f45a7638409e47a3baa22e26e6d9ba14c25c9db0380f084354e61bef3d57e76805131e95348c48dff567ffed9e7d26ed11d2d074af9308c925098b8ab43146e8935b03206bf900ea337fdf5ac956438617087a1ec608e45f7f06ceff9233cde7228ad7c2b6b0e0c0a4514f20bd98b37177ffb5cc236d7b8fa1992e72abe190d53d43ceb4dd92b06f250aa5c61a73c99de626f32e00e287faa6695b43a625cd9f7fdf69eeaced4cae21adfedc96ae9d4ed985dfefaeaffc315f42b37ddf1c36fb1c2c9d0270b9453cc85ec7feec070f6160e3dc5c6ab5b3296f857d803a8c40a92d72265a45b477873ec0daa3a8fb90613844f876e40c76f3e838bb0334e8d76a6b610fd0570f6d54efd5a6cf7289f222a1614d4edc2e1ff1998f259e4c09ac79ff63bdcb4d7b8e6dd0667bf68bb9ab7eba501f5f0b16f0f4282ac50b3f5574383096ef8c8500007ee79be82962e562cde99c8267828fb328bf321205dda831f42b1522b1825dabe1895e5f46f3910b7ec216313f473ebce6134b0464462ea8bf741083ac9f0c03e9fafa66228fdab6c2530c3877e55c40087bac71aafa9519f1a56a47277ae10c283f6ed65926368582259ffef70896bcd3db878b2bc05ce4ad16c8da23086b9822e9ba6b9d5add765a127bf12a48a5687701f3fa6b1ee83f31d3d749df51db266f5c5bbe1ffbf7d97d8f10ae6448ab4b021f6db3c2f747f19d528dd6ea94ea4a4564289873882c558a445f083b366cee94afd0215eeac6dbf203e570d5461f957522894795f61d6b03d6ed92001a2ed83fe6a8787e6f85b53a109743d53b7876d830cf27ffef5c956d8a94d81b8d1ba3616b3fc8ff49e4e857285fd4c306ca336ecbee59f8de98bcf451c8c55bc18aa000c7a54d9d9edbf91192e1ab65cc901eb24e1238a2e16c1bba914585333fa8d528f385841a54d5c3491d562ca470e54774885b063a013d1c31f91f880d2f5e408b2f0d6e698df41ea80cfc61b4a7e85661252ba849c473cd5badcc95fe9084fb39bb172c177feab2b49de12fcfbcf8148e82a6ba14dfe8862558c7054ac2d8d5ccd9b89f6444c896595df9fe5b5295596caf1e494a709595ca23317d849a911ba98718a5788fbe2772b7e16279f57ba9b7f277ce0d65f9283bd5df42da8af94904fa9f0a812237c69876fc47d8b591b51700c14c2179ffe7ed7f090e28e2b16c5e11ebd25be7c6c601ce9965302bfb709336120f3a893c068ab975aeb1f125bbccfdf164b364449da7bf84718da5028a11bc570e9313d64ff77067439bd8564959b461b141b77cbc8447dc141e78f856a54c5081d20a333f26bdc3dbaee7ffb6a3ace5a0beaf34240e06a69a60e4e2323247461bd00b6adb40cae98f5461fb9872e0be3e3ca8f363cf6aac298fee776d32426c3078350a936df534223abcf235ac06c0d658152bfc00903af351b4aaf8d92b909fee802cce01153ab011c59aca4abbf85cf007f10f6934f43b490aa65442ab93fd5585ef32b30563f3b5ff5606183aeda90baa1e5df3aaaaede2edf6a52bfc131fbf94b5b069a560b8be0578fcb456a825618f830094d585b48343686b9d397a55f4a2122cf6d186aa5f5a873d510b60d7d49b9c198f1f645870fa00652e0a6f294bf4d1879add56448683c26e8ee8a9e90eae42af8edd19e0c10a5e0b846a4ba5877c2ff295b41603140dd48dc32fe1289c5f26d7a192fd8cdaf8cbe80ecb0cba63c4796792daf500933f7c9f2783100c7791960bdb086f372cf23cf5a905c26aa3083912151d7de5cc705b9227c488f164b7dde0bc617bb83c8e91b57fca5ced7ac9fb727088eb402e52f1c62ad24a19ac1edf6d5a3123a91a9fbab97256b8591198ef48708e609c840e7d74afef7728fce50aeb6c6f1d900b34e909bab61b1d78c8a333eb75516402c2d57ccb84c3196a816c8b7d435dff1d03cd0e55124fa780b425dd6c43f3cffef3d8fe35c06bf8d98e332dd67ee92c23ef18afb008ecc250c91745d082973265d6f429a104eab203d5ee1a8c957d60c5a9ba890605e5f1c1c340f7c78f9e66013b0945f9037359cd6a2e9b51a6a0e95ffbd39b8f92c84658c75b966ad8a40cc76434d272c741ba6c55e935338fcb82a596c98e5b7e91a4204de18d7c434b0a0f823b96a90bb7032120c5bd5af2329b5dc4c700de78465afb98f7049e803c299f3c453562656a1a9daeed097917234b241085240e70ee1b2417f91f3743c0770a15382d9a3195f40204fcbfb21db8ef8bfb7bb0b61b20f05d077978e0a091574cfd6a960f7b8c7432a4c5a4c32568a218acbaafa75b23b19996506ea1b7f46fc5b8cd18ca4e6e40ae72c38e12617f3dd9a4471ba9c9bdc07dc9c1e7333a719e2b79f531ea9db1f86d6f260bf07b707a205c7b2025b424a946b98558c0ec4e3b663da56fe0af2a478045c4d4cd4c4322a96aa6a67f745867fce096256dd751ff43e73925a6ef699de2f5e1ebb6ce301407c8c963dce2f18cae3ddc841289d45205680458770568a05262fc6f6b96230c156d8ec000f5b13e8051135a7171f646a832518b30bfa0e2b9216f99979b0c17226b2454006e20cedf16157fe46e18b68aa1b0aca71e7d65acba22d527a77bed6a470ae2325c9b38fd3b1712dd2f028460e78ea3753e0d85a83be736d95b59cee6deb3e9606c69063d2d17362dae6696f50a73e582f174d0d07803aaa0c4610e0f7f71406f83a87fd99eba341d72fe034c5618f70a21f1baa687b42d5650ca7cd31582b0e705bb2ac010a2128041df723cf6d846a4e8cd8e2bb345029b1deb6b3e334cfb822f57abfba6233018c11b42158268dc66eb6c32f62f0e6da3560374ee5c96e92e93b2ba66fa3ab26d4d0196eafbf16a67c694f5619d57681990ea99fcc0f20b5d5cf62a64935ac3ff0afc24481eb387c3744e7fa8afed6401125a56427ccee11df906f9aa15b8da713ba8d37b573d961c41298c23c84c490fb0f0bd4c54300c2b39c39db38e489f1973b28a70a6deb4ede960bd59c2f971050fca604827e86d1bbb98081d9f4086b61585f90a2c13154ecb8706b52b37904d50fa8aa77a2f8156700c99e8ca973bee603c6c2447ac0b710478aa84d55e6c51d56189fec707cf132b124fc1200095cee7a8177a3dac922c747aedce85b466f81ff7a580a1c89a67247c22e6ba908db0240c4c1749f170061dbf34359297fff4e65d9d12a524abeafbb71741a715f52feee48d8087e08c1f2a8d052b2edec722f2661b161f8c70dbaee7f5185568cb50d7a130d2bb88a3777028672710422ca58eeec533fb1cdc4b5f3fd55a3c52129d3d7ba175d08796e8ee8c006ea9a250af9b45ba1a790dcdd8ca004d5fd2e303f62651ada71194d91500b0fdb3353c80c7f8fe66dea99f28e10e6c1d6be2fb5572939ab3182dbb9e522a8d39d721c32da7642f8014846f99661dcaab1cff6507852c5827d69fd3d6b9530b9fbfe2694da6b32f29040087000600b100060000000500d500020000000500d600020000000800c3"], 0x1130}, 0x1, 0x0, 0x0, 0x4}, 0x20044891) 5.42665814s ago: executing program 2 (id=831): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x8932, 0x24) 5.426086754s ago: executing program 1 (id=832): sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x309c02, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/smbd_send_credit_target\x00', 0x8542, 0x0) read$auto(0x3, 0x0, 0x7) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc) 5.287795974s ago: executing program 3 (id=834): unshare$auto(0x40000080) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) write$auto(r0, 0x0, 0xfff) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) listmount$auto(0x0, &(0x7f00000001c0)=0x4, 0x4, 0x101) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/nvme-reset-wq/cpumask\x00', 0x9c2342, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000afd003a5394e965231da1bd312e7af6d67d09340d0a4bd7805e18ac78f35cb77d1029c69e7270148078c13a91f6dff64055ad11608f0fb"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendfile$auto(r3, r2, 0x0, 0x10) r4 = openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x28800, 0x0) r5 = openat$auto_ptdump_curusr_fops_(0xffffffffffffff9c, 0x0, 0x1c1200, 0x0) ioctl$auto(r3, 0x7, r5) readv$auto(r4, &(0x7f00000011c0)={0x0, 0x94}, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0x5, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/loop14/queue/stable_writes\x00', 0x182b02, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/audit\x00', 0xc0c02, 0x0) pidfd_open$auto(0x1, 0x0) sendmsg$auto_NL80211_CMD_SET_CHANNEL(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000001200)=ANY=[@ANYBLOB="3011f522", @ANYRES16=0x0, @ANYBLOB="080025bd7000fbdbdf2541000000f010a68008004c00080000007b821598b7f96e4822980fcf4347f047f7f763bd8b169fde3100452ef35daf8018e5e29aa3e839890d4012eccb963df27dc35c2ac687bf8a0fb8159a1104e0d3380c5ad753391dce0852d1221c463573235ba6b38f2c990c5bbcc7067b5ee2abfd2f631b9f8e66257e6126fe2b563d9469790fbf6e6f7f060bce4f3b295f86eab5428eb80894fb8803536246743778b0c9ec7fa031d0555668234fc127a42867ab96e8e6d3954171de5401f84d25c2d6e33ea743f2551ad208333226af2ef6b9124d874c194948d420b09e150afdfb936bc3f0c134d060e2d8b708b8377505e523dc15e64afc08fdda2be260f702182720b72f3782caeb6be86f94e8808ad7719ac126df1aefc701128f4731811f311419b3611908ce4ff912f7c9c434d1af136ebea7606de5844695f4f5a4bde5f551f01b20ceeac85c083ebe4548f544dba9358ebde9eea53ee52752e6bd01fc59abd6c13f93e5247c29a503a5816859920b3b649a30088c4bdc3293c9157dda23cf75b48b3bff74c2b4f315bc37383b6855feaa0b0d62649d304ceba75a298befd8b80367aa64757e9e1f167344674d4c5f682cd6d387211b46b18d6fffa5cc8568312428952864122b9626e08b6c4bfc284d35976dbafeb806de3ce43cda220f4794492e755945a012fb18c0aef9fceb2e96182be54ce975fe54d6622d036e255aedfd5ff7eb77ff774f1a0dc8eacdc18f94f0de006c7252e6677e9596de643acb4e695ba8640652b28f539c0352e0898b4a1ac5955d908707380970717c805d641e74cb3c355aab4449284eeca20d26d5efaea62492649d57bc677fa4de48d9f873bc2ba190c3830fe6d0ab6e64164ed52dec5af78c536c9fc1b4d3e9c958a18a029e222646a76a7cdd77c2bd722c5b3cb5584e2f2338fed0f4050287ce762de5195bd4d19522eface96286b95f095e27e413dbbbe3824487f0f1398f8a9dc16fbb0ee065ff202e76027894eb5e88778298943fc7248f89918dbd250ce2a9df66a15df505dc3904c4d42e780d9c610cc5892201360a55cea4665e5e35e572adb51a16b85cb5a23fdd22a49889d22bd6d1f1d6e3338d2de8decb50125aeeaca4a5ce3b33d15686445a1999a444c5d51d4d18d5b675f2adda73622e68a7014d74f44e3adbfa66be725fbf41c1a8e682668140335b16393e5785702c8845efbb35468c1fe529ee7ecf86c75150ff2fb6ba73b99a9c469058c5969e2e012d8d962a68888f0662c5dc4d7e968b7908bb786c0f49aafe8f0ccbee0071d31c80a2687e4b57d62738f880413c8e3a4ef7cca91f6273d645c377d40717ffcf1f87b5b8b535e924a6c0df60ace98b9673a1e91da8fcd4553ee8f24afd600acb8d12c58158ed3624d03f3ce6437da64af55d474affde10ad6a58697a6a51b07c88a1998b39c4c8f1cd66ac89f3eebbd9a3c68231d116e2f1e9407dd0e8f06b91a33d56589308f5196b0b97a0597f04acdc7fa5ebd5f2da65a8edcf0f8d2397fdd57f66d51cb296464b0fba93bfd68b22dc62a3ed7c0b0d791f28e3dbbcc736226ec5170cdd537e9f2b468d39b6a7a07df57312b04ac9366a20529c416436045ce82e63698108dc1442004de30a55e93b31540e172175824e2463f24de3858807fcf58919dc8a8314e734eab70f3828bfbfbe8dc83d6ef9fefab99d96d8fea30edf2d40a5a2931f9f77d687fae3ede7aa3d849e038ee221431b33144cff6d9e5e803cfa8aa8ab9bf67c85905cc7dbd7cc89003f21bd0d458553f3783ab63882a9d2c3d3752f183ae57f007a592653b33635e7abf8b31ed8a4acb1e8f110e4dff4692d6344a18d24c257e960ab47eb69007d02c5ceda2c9c35e18f9b2031e63c29b9be288551764fd06b8527d4d362520f0b72e0729aa5d5977d556489372534ea57c2d551a29721c6d6d5ca23b9de6bceac41f0eeddce2a62d3b873751782f8b3d7e31fb75519056a3b77d8e09c7dd0a8a1ae0381b69ade928935ad27576d8352e232a2820b70af5e488a2165ada3c64ab0e378ef9a1cbdde2b2173423c7f64b104ae79c30fc98ddf28e9376c1c9f4ff40e0ee4fa185b2ebbe6082e4c90821ce8d8cb1ac96b167127a6e10f61ca96f817673cb46799f1569a8688507f5c38aef34c2b69bd6c15e46cbd4b74b9774572d1a09e6cf3d8a3ee80a9f6d482702623d3beeaa0602d9d427e648c1294da9b7b5396524b0b4076e263ab49345e0b51b7f71243841dbb11506d751d76de9dd8313187000827646224ba28d5ff922583dfdab1a4fd1a376396a2fd2ade5878f3ffd8b0daf3a76785880b0653a6b21425700f0c029983f6d3e8956e6a58cdf41c2fd4327dcef4a9307eae580b866604337ba527078320334ce129a144c86dfee39060b5851f1e8e19e9cf862c66de2de4c5350fc7ef554319bce825b85a29e9ddfd5a24175fc48c4534ae31c42a9ca320fc382271776603f47070bc33ec39a17abd4d3de6e23c3eee65968b982ef3e7539ef50df05591f11d063dce71405fb785f76db2daf3a72b6514de265be14cb71b5351ffe1440e87f743665630f0b77057d161575dee2e434fe05db179d8120278fafc8f91dcf3b6dc6d5fe83ca6fc39e31d40f85164422b0196a361ed582c17208103f45a7638409e47a3baa22e26e6d9ba14c25c9db0380f084354e61bef3d57e76805131e95348c48dff567ffed9e7d26ed11d2d074af9308c925098b8ab43146e8935b03206bf900ea337fdf5ac956438617087a1ec608e45f7f06ceff9233cde7228ad7c2b6b0e0c0a4514f20bd98b37177ffb5cc236d7b8fa1992e72abe190d53d43ceb4dd92b06f250aa5c61a73c99de626f32e00e287faa6695b43a625cd9f7fdf69eeaced4cae21adfedc96ae9d4ed985dfefaeaffc315f42b37ddf1c36fb1c2c9d0270b9453cc85ec7feec070f6160e3dc5c6ab5b3296f857d803a8c40a92d72265a45b477873ec0daa3a8fb90613844f876e40c76f3e838bb0334e8d76a6b610fd0570f6d54efd5a6cf7289f222a1614d4edc2e1ff1998f259e4c09ac79ff63bdcb4d7b8e6dd0667bf68bb9ab7eba501f5f0b16f0f4282ac50b3f5574383096ef8c8500007ee79be82962e562cde99c8267828fb328bf321205dda831f42b1522b1825dabe1895e5f46f3910b7ec216313f473ebce6134b0464462ea8bf741083ac9f0c03e9fafa66228fdab6c2530c3877e55c40087bac71aafa9519f1a56a47277ae10c283f6ed65926368582259ffef70896bcd3db878b2bc05ce4ad16c8da23086b9822e9ba6b9d5add765a127bf12a48a5687701f3fa6b1ee83f31d3d749df51db266f5c5bbe1ffbf7d97d8f10ae6448ab4b021f6db3c2f747f19d528dd6ea94ea4a4564289873882c558a445f083b366cee94afd0215eeac6dbf203e570d5461f957522894795f61d6b03d6ed92001a2ed83fe6a8787e6f85b53a109743d53b7876d830cf27ffef5c956d8a94d81b8d1ba3616b3fc8ff49e4e857285fd4c306ca336ecbee59f8de98bcf451c8c55bc18aa000c7a54d9d9edbf91192e1ab65cc901eb24e1238a2e16c1bba914585333fa8d528f385841a54d5c3491d562ca470e54774885b063a013d1c31f91f880d2f5e408b2f0d6e698df41ea80cfc61b4a7e85661252ba849c473cd5badcc95fe9084fb39bb172c177feab2b49de12fcfbcf8148e82a6ba14dfe8862558c7054ac2d8d5ccd9b89f6444c896595df9fe5b5295596caf1e494a709595ca23317d849a911ba98718a5788fbe2772b7e16279f57ba9b7f277ce0d65f9283bd5df42da8af94904fa9f0a812237c69876fc47d8b591b51700c14c2179ffe7ed7f090e28e2b16c5e11ebd25be7c6c601ce9965302bfb709336120f3a893c068ab975aeb1f125bbccfdf164b364449da7bf84718da5028a11bc570e9313d64ff77067439bd8564959b461b141b77cbc8447dc141e78f856a54c5081d20a333f26bdc3dbaee7ffb6a3ace5a0beaf34240e06a69a60e4e2323247461bd00b6adb40cae98f5461fb9872e0be3e3ca8f363cf6aac298fee776d32426c3078350a936df534223abcf235ac06c0d658152bfc00903af351b4aaf8d92b909fee802cce01153ab011c59aca4abbf85cf007f10f6934f43b490aa65442ab93fd5585ef32b30563f3b5ff5606183aeda90baa1e5df3aaaaede2edf6a52bfc131fbf94b5b069a560b8be0578fcb456a825618f830094d585b48343686b9d397a55f4a2122cf6d186aa5f5a873d510b60d7d49b9c198f1f645870fa00652e0a6f294bf4d1879add56448683c26e8ee8a9e90eae42af8edd19e0c10a5e0b846a4ba5877c2ff295b41603140dd48dc32fe1289c5f26d7a192fd8cdaf8cbe80ecb0cba63c4796792daf500933f7c9f2783100c7791960bdb086f372cf23cf5a905c26aa3083912151d7de5cc705b9227c488f164b7dde0bc617bb83c8e91b57fca5ced7ac9fb727088eb402e52f1c62ad24a19ac1edf6d5a3123a91a9fbab97256b8591198ef48708e609c840e7d74afef7728fce50aeb6c6f1d900b34e909bab61b1d78c8a333eb75516402c2d57ccb84c3196a816c8b7d435dff1d03cd0e55124fa780b425dd6c43f3cffef3d8fe35c06bf8d98e332dd67ee92c23ef18afb008ecc250c91745d082973265d6f429a104eab203d5ee1a8c957d60c5a9ba890605e5f1c1c340f7c78f9e66013b0945f9037359cd6a2e9b51a6a0e95ffbd39b8f92c84658c75b966ad8a40cc76434d272c741ba6c55e935338fcb82a596c98e5b7e91a4204de18d7c434b0a0f823b96a90bb7032120c5bd5af2329b5dc4c700de78465afb98f7049e803c299f3c453562656a1a9daeed097917234b241085240e70ee1b2417f91f3743c0770a15382d9a3195f40204fcbfb21db8ef8bfb7bb0b61b20f05d077978e0a091574cfd6a960f7b8c7432a4c5a4c32568a218acbaafa75b23b19996506ea1b7f46fc5b8cd18ca4e6e40ae72c38e12617f3dd9a4471ba9c9bdc07dc9c1e7333a719e2b79f531ea9db1f86d6f260bf07b707a205c7b2025b424a946b98558c0ec4e3b663da56fe0af2a478045c4d4cd4c4322a96aa6a67f745867fce096256dd751ff43e73925a6ef699de2f5e1ebb6ce301407c8c963dce2f18cae3ddc841289d45205680458770568a05262fc6f6b96230c156d8ec000f5b13e8051135a7171f646a832518b30bfa0e2b9216f99979b0c17226b2454006e20cedf16157fe46e18b68aa1b0aca71e7d65acba22d527a77bed6a470ae2325c9b38fd3b1712dd2f028460e78ea3753e0d85a83be736d95b59cee6deb3e9606c69063d2d17362dae6696f50a73e582f174d0d07803aaa0c4610e0f7f71406f83a87fd99eba341d72fe034c5618f70a21f1baa687b42d5650ca7cd31582b0e705bb2ac010a2128041df723cf6d846a4e8cd8e2bb345029b1deb6b3e334cfb822f57abfba6233018c11b42158268dc66eb6c32f62f0e6da3560374ee5c96e92e93b2ba66fa3ab26d4d0196eafbf16a67c694f5619d57681990ea99fcc0f20b5d5cf62a64935ac3ff0afc24481eb387c3744e7fa8afed6401125a56427ccee11df906f9aa15b8da713ba8d37b573d961c41298c23c84c490fb0f0bd4c54300c2b39c39db38e489f1973b28a70a6deb4ede960bd59c2f971050fca604827e86d1bbb98081d9f4086b61585f90a2c13154ecb8706b52b37904d50fa8aa77a2f8156700c99e8ca973bee603c6c2447ac0b710478aa84d55e6c51d56189fec707cf132b124fc1200095cee7a8177a3dac922c747aedce85b466f81ff7a580a1c89a67247c22e6ba908db0240c4c1749f170061dbf34359297fff4e65d9d12a524abeafbb71741a715f52feee48d8087e08c1f2a8d052b2edec722f2661b161f8c70dbaee7f5185568cb50d7a130d2bb88a3777028672710422ca58eeec533fb1cdc4b5f3fd55a3c52129d3d7ba175d08796e8ee8c006ea9a250af9b45ba1a790dcdd8ca004d5fd2e303f62651ada71194d91500b0fdb3353c80c7f8fe66dea99f28e10e6c1d6be2fb5572939ab3182dbb9e522a8d39d721c32da7642f8014846f99661dcaab1cff6507852c5827d69fd3d6b9530b9fbfe2694da6b32f29040087000600b100060000000500d500020000000500d600020000000800c30008"], 0x1130}, 0x1, 0x0, 0x0, 0x4}, 0x20044891) 4.602712807s ago: executing program 1 (id=836): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000a00)=0x101) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0) read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88202, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) lsm_set_self_attr$auto(0x8, &(0x7f0000000040)={0x6, 0xc7b, 0x2, 0xa4, "6da549af92b3c797f14b68f1871bdf2bca524a178d5f78de92a8f31de38aac23b34814d7bdb8c3755bc2b5a80a3564254ead5cd661a41d16e32f6d7e6465fd9a74b830b8fe880245564bb67a4d0ecfb78b9905af2a2f2de8677e181a3371cabc34f497b122263e2ba86a87a7e76ed0bbe08e08b6f0f3b25364fb6f9f33d5342ed76cc5453f8e8634458e6bf54825f7be456def0174640630a68b450b159e0d65748bb353"}, 0x6, 0x9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.445617091s ago: executing program 0 (id=837): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000a00)=0x101) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0) read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88202, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) lsm_set_self_attr$auto(0x8, &(0x7f0000000040)={0x6, 0xc7b, 0x2, 0xa5, "6da549af92b3c797f14b68f1871bdf2bca524a178d5f78de92a8f31de38aac23b34814d7bdb8c3755bc2b5a80a3564254ead5cd661a41d16e32f6d7e6465fd9a74b830b8fe880245564bb67a4d0ecfb78b9905af2a2f2de8677e181a3371cabc34f497b122263e2ba86a87a7e76ed0bbe08e08b6f0f3b25364fb6f9f33d5342ed76cc5453f8e8634458e6bf54825f7be456def0174640630a68b450b159e0d65748bb3538e"}, 0x6, 0x9) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.420179618s ago: executing program 2 (id=838): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000a00)=0x101) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0) read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88202, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) lsm_set_self_attr$auto(0x8, &(0x7f0000000040)={0x6, 0xc7b, 0x2, 0xa5, "6da549af92b3c797f14b68f1871bdf2bca524a178d5f78de92a8f31de38aac23b34814d7bdb8c3755bc2b5a80a3564254ead5cd661a41d16e32f6d7e6465fd9a74b830b8fe880245564bb67a4d0ecfb78b9905af2a2f2de8677e181a3371cabc34f497b122263e2ba86a87a7e76ed0bbe08e08b6f0f3b25364fb6f9f33d5342ed76cc5453f8e8634458e6bf54825f7be456def0174640630a68b450b159e0d65748bb3538e"}, 0x6, 0x9) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.280145248s ago: executing program 3 (id=839): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi2\x00', 0xa200, 0x0) ioctl$auto(r1, 0xc0585611, r1) 3.589589627s ago: executing program 3 (id=840): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000a00)=0x101) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0) read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88202, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) lsm_set_self_attr$auto(0x8, &(0x7f0000000040)={0x6, 0xc7b, 0x2, 0xa5, "6da549af92b3c797f14b68f1871bdf2bca524a178d5f78de92a8f31de38aac23b34814d7bdb8c3755bc2b5a80a3564254ead5cd661a41d16e32f6d7e6465fd9a74b830b8fe880245564bb67a4d0ecfb78b9905af2a2f2de8677e181a3371cabc34f497b122263e2ba86a87a7e76ed0bbe08e08b6f0f3b25364fb6f9f33d5342ed76cc5453f8e8634458e6bf54825f7be456def0174640630a68b450b159e0d65748bb3538e"}, 0x6, 0x9) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.837298873s ago: executing program 0 (id=841): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x20002, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000000)="7f0d40") r1 = epoll_create$auto(0x8) epoll_ctl$auto(r1, 0x1, 0x8000000000000000, 0x0) 2.66515332s ago: executing program 2 (id=842): r0 = socket$nl_generic(0x10, 0x3, 0x10) poll$auto(&(0x7f0000003640)={r0, 0x7, 0x6}, 0x6, 0x100000) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003980)={&(0x7f0000000000)={0x54, r2, 0x301, 0x70bd2b, 0x25dfdbfd, {}, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x950}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0xfffffffb}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x4}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x6}]}, 0x54}, 0x1, 0x0, 0x0, 0x2004c005}, 0xc4) 2.65288261s ago: executing program 0 (id=843): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) sendfile$auto(r0, r1, 0x0, 0x3) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) write$auto(r2, 0x0, 0x300000000000) 2.357810052s ago: executing program 2 (id=844): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x8090ae81, &(0x7f0000000040)={0x2}) 2.220093806s ago: executing program 3 (id=845): close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) close_range$auto(0x2, 0x8, 0x0) 2.216250158s ago: executing program 1 (id=846): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x8) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) 2.062149928s ago: executing program 0 (id=847): r0 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/default/ioam6_id_wide\x00', 0x40100, 0x0) read$auto(r1, 0x0, 0x1fc) close_range$auto(r0, 0xa, 0x0) socket(0xa, 0x801, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) 1.656177835s ago: executing program 2 (id=848): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) r0 = socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x8, r2, 0x0, 0x33}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r3, 0x540a, 0x0) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) madvise$auto(0x2, 0x5c61fa2c, 0xf) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRESHEX=r0, @ANYBLOB="130029bd704fb068c18e97d09150d3fdaa6dd200fbdbdf25030000000400080914000180080002800400325908001400a9c12c20"], 0x2c}, 0x1, 0x0, 0x0, 0x40010}, 0x800) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r5, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, 0x0, 0x40001, 0x0) 1.618594652s ago: executing program 0 (id=849): r0 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x406a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0xb, 0x0, 0x8) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 1.536314911s ago: executing program 3 (id=850): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000a00)=0x101) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0) read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88202, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) lsm_set_self_attr$auto(0x8, &(0x7f0000000040)={0x6, 0xc7b, 0x2, 0xa5, "6da549af92b3c797f14b68f1871bdf2bca524a178d5f78de92a8f31de38aac23b34814d7bdb8c3755bc2b5a80a3564254ead5cd661a41d16e32f6d7e6465fd9a74b830b8fe880245564bb67a4d0ecfb78b9905af2a2f2de8677e181a3371cabc34f497b122263e2ba86a87a7e76ed0bbe08e08b6f0f3b25364fb6f9f33d5342ed76cc5453f8e8634458e6bf54825f7be456def0174640630a68b450b159e0d65748bb3538e"}, 0x6, 0x9) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.457105827s ago: executing program 1 (id=851): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = setfsuid$auto(0xee01) setresuid$auto(0x0, r0, 0x0) 779.29578ms ago: executing program 0 (id=852): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000a00)=0x101) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0) read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88202, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) lsm_set_self_attr$auto(0x8, &(0x7f0000000040)={0x6, 0xc7b, 0x2, 0xa5, "6da549af92b3c797f14b68f1871bdf2bca524a178d5f78de92a8f31de38aac23b34814d7bdb8c3755bc2b5a80a3564254ead5cd661a41d16e32f6d7e6465fd9a74b830b8fe880245564bb67a4d0ecfb78b9905af2a2f2de8677e181a3371cabc34f497b122263e2ba86a87a7e76ed0bbe08e08b6f0f3b25364fb6f9f33d5342ed76cc5453f8e8634458e6bf54825f7be456def0174640630a68b450b159e0d65748bb3538e"}, 0x6, 0x9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x103742, 0x0) close_range$auto(0x2, 0x8, 0x0) 107.870496ms ago: executing program 3 (id=853): mmap$auto(0x0, 0x20009, 0x7, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x4, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12de82, 0x0) ioctl$auto(0x3, 0x80026f48, r0) 0s ago: executing program 2 (id=854): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000a00)=0x101) mmap$auto(0x0, 0xe981, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x640, 0x0) ioctl$auto_MON_IOCX_GET(r1, 0x40189206, 0x0) read$auto_mon_fops_binary_mon_bin(r3, 0x0, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x88202, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) lsm_set_self_attr$auto(0x8, &(0x7f0000000040)={0x6, 0xc7b, 0x2, 0xa5, "6da549af92b3c797f14b68f1871bdf2bca524a178d5f78de92a8f31de38aac23b34814d7bdb8c3755bc2b5a80a3564254ead5cd661a41d16e32f6d7e6465fd9a74b830b8fe880245564bb67a4d0ecfb78b9905af2a2f2de8677e181a3371cabc34f497b122263e2ba86a87a7e76ed0bbe08e08b6f0f3b25364fb6f9f33d5342ed76cc5453f8e8634458e6bf54825f7be456def0174640630a68b450b159e0d65748bb3538e"}, 0x6, 0x9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000005480), 0xffffffffffffffff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x103742, 0x0) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.238' (ED25519) to the list of known hosts. [ 75.603074][ T5852] cgroup: Unknown subsys name 'net' [ 75.708396][ T5852] cgroup: Unknown subsys name 'cpuset' [ 75.717444][ T5852] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 77.139788][ T5852] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 79.454487][ T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 79.464183][ T5873] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 79.472918][ T5873] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 79.480520][ T5873] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 79.489263][ T5873] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 79.497211][ T5877] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 79.504754][ T5873] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 79.509536][ T5875] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 79.520142][ T5875] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 79.529545][ T5875] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 79.535029][ T5873] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 79.537587][ T5875] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.551133][ T5873] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 79.565101][ T5873] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 79.578234][ T5877] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 79.587598][ T5873] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 79.596872][ T5868] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 79.597466][ T5873] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 79.604633][ T5868] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.620738][ T5868] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 79.999268][ T5863] chnl_net:caif_netlink_parms(): no params data found [ 80.210917][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.218409][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.226153][ T5863] bridge_slave_0: entered allmulticast mode [ 80.233162][ T5863] bridge_slave_0: entered promiscuous mode [ 80.257947][ T5870] chnl_net:caif_netlink_parms(): no params data found [ 80.284474][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.291801][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.299174][ T5863] bridge_slave_1: entered allmulticast mode [ 80.307213][ T5863] bridge_slave_1: entered promiscuous mode [ 80.314519][ T5861] chnl_net:caif_netlink_parms(): no params data found [ 80.421051][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.467368][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.481380][ T5869] chnl_net:caif_netlink_parms(): no params data found [ 80.524621][ T5870] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.532402][ T5870] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.539731][ T5870] bridge_slave_0: entered allmulticast mode [ 80.546922][ T5870] bridge_slave_0: entered promiscuous mode [ 80.579401][ T5870] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.588146][ T5870] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.595938][ T5870] bridge_slave_1: entered allmulticast mode [ 80.602823][ T5870] bridge_slave_1: entered promiscuous mode [ 80.612086][ T5863] team0: Port device team_slave_0 added [ 80.653451][ T5863] team0: Port device team_slave_1 added [ 80.699300][ T5861] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.706905][ T5861] bridge0: port 1(bridge_slave_0) entered disabled state [ 80.714182][ T5861] bridge_slave_0: entered allmulticast mode [ 80.721419][ T5861] bridge_slave_0: entered promiscuous mode [ 80.736176][ T5870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.757507][ T5861] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.764699][ T5861] bridge0: port 2(bridge_slave_1) entered disabled state [ 80.772133][ T5861] bridge_slave_1: entered allmulticast mode [ 80.779176][ T5861] bridge_slave_1: entered promiscuous mode [ 80.792268][ T5870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.817835][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.824929][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.851009][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.899726][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.906896][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 80.933516][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.978699][ T5870] team0: Port device team_slave_0 added [ 80.984754][ T5869] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.993096][ T5869] bridge0: port 1(bridge_slave_0) entered disabled state [ 81.000851][ T5869] bridge_slave_0: entered allmulticast mode [ 81.007867][ T5869] bridge_slave_0: entered promiscuous mode [ 81.024264][ T5861] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.036180][ T5870] team0: Port device team_slave_1 added [ 81.052840][ T5869] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.060729][ T5869] bridge0: port 2(bridge_slave_1) entered disabled state [ 81.068420][ T5869] bridge_slave_1: entered allmulticast mode [ 81.075999][ T5869] bridge_slave_1: entered promiscuous mode [ 81.094550][ T5861] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.155389][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.162361][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.188383][ T5870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.201691][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.208776][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.235024][ T5870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.261261][ T5869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 81.292092][ T5861] team0: Port device team_slave_0 added [ 81.304110][ T5863] hsr_slave_0: entered promiscuous mode [ 81.311343][ T5863] hsr_slave_1: entered promiscuous mode [ 81.320402][ T5869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 81.342538][ T5861] team0: Port device team_slave_1 added [ 81.402936][ T5869] team0: Port device team_slave_0 added [ 81.412156][ T5869] team0: Port device team_slave_1 added [ 81.418724][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.427891][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.453846][ T5861] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.498488][ T5861] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.505743][ T5861] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.531773][ T5861] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.555092][ T5870] hsr_slave_0: entered promiscuous mode [ 81.561303][ T5870] hsr_slave_1: entered promiscuous mode [ 81.567581][ T5870] debugfs: 'hsr0' already exists in 'hsr' [ 81.573416][ T5870] Cannot create hsr debugfs directory [ 81.623736][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 81.631750][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.631834][ T5868] Bluetooth: hci1: command tx timeout [ 81.659056][ T5869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 81.688764][ T5869] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 81.695919][ T5869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 81.705167][ T5868] Bluetooth: hci2: command tx timeout [ 81.722303][ T51] Bluetooth: hci3: command tx timeout [ 81.727789][ T5185] Bluetooth: hci0: command tx timeout [ 81.739130][ T5869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 81.843252][ T5861] hsr_slave_0: entered promiscuous mode [ 81.851134][ T5861] hsr_slave_1: entered promiscuous mode [ 81.857589][ T5861] debugfs: 'hsr0' already exists in 'hsr' [ 81.863319][ T5861] Cannot create hsr debugfs directory [ 81.909475][ T5869] hsr_slave_0: entered promiscuous mode [ 81.916135][ T5869] hsr_slave_1: entered promiscuous mode [ 81.922107][ T5869] debugfs: 'hsr0' already exists in 'hsr' [ 81.928165][ T5869] Cannot create hsr debugfs directory [ 82.233810][ T5863] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 82.267485][ T5863] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 82.306296][ T5863] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 82.332968][ T5863] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 82.373989][ T5870] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 82.388006][ T5870] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 82.405789][ T5870] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 82.430277][ T5870] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 82.486264][ T5861] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 82.503160][ T5861] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 82.513490][ T5861] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 82.534368][ T5861] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 82.639337][ T5869] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 82.653373][ T5869] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 82.676763][ T5869] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 82.688434][ T5869] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 82.813042][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.861596][ T5861] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.900348][ T5863] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.913674][ T5869] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.927892][ T5870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.940295][ T3465] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.947601][ T3465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.961797][ T5861] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.989550][ T3465] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.996700][ T3465] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.007078][ T3465] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.014183][ T3465] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.030840][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.038036][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.049359][ T5869] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.069208][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.076332][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.115064][ T5870] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.127278][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.134388][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.182831][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.189958][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.219914][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.227103][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.708315][ T5868] Bluetooth: hci1: command tx timeout [ 83.770311][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.785544][ T5868] Bluetooth: hci3: command tx timeout [ 83.790998][ T5868] Bluetooth: hci2: command tx timeout [ 83.797312][ T5185] Bluetooth: hci0: command tx timeout [ 83.840196][ T5869] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.866527][ T5861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.899898][ T5870] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.950898][ T5863] veth0_vlan: entered promiscuous mode [ 83.987781][ T5869] veth0_vlan: entered promiscuous mode [ 84.003150][ T5863] veth1_vlan: entered promiscuous mode [ 84.018803][ T5861] veth0_vlan: entered promiscuous mode [ 84.041577][ T5861] veth1_vlan: entered promiscuous mode [ 84.050206][ T5869] veth1_vlan: entered promiscuous mode [ 84.137609][ T5870] veth0_vlan: entered promiscuous mode [ 84.143805][ T5869] veth0_macvtap: entered promiscuous mode [ 84.157125][ T5861] veth0_macvtap: entered promiscuous mode [ 84.168051][ T5863] veth0_macvtap: entered promiscuous mode [ 84.178307][ T5869] veth1_macvtap: entered promiscuous mode [ 84.189851][ T5861] veth1_macvtap: entered promiscuous mode [ 84.199755][ T5870] veth1_vlan: entered promiscuous mode [ 84.209800][ T5863] veth1_macvtap: entered promiscuous mode [ 84.246576][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.263780][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.289918][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.304417][ T5861] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.324310][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.333618][ T5869] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.365821][ T3531] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.386422][ T5870] veth0_macvtap: entered promiscuous mode [ 84.398839][ T3531] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.413008][ T3531] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.427338][ T5870] veth1_macvtap: entered promiscuous mode [ 84.439425][ T3531] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.473090][ T3531] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.482072][ T3531] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.507759][ T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.518849][ T3531] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.529263][ T3531] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.543604][ T3531] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.557923][ T3531] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.587658][ T3531] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.620329][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.662808][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.709381][ T3072] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.715579][ T3465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.725604][ T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.734422][ T3072] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.738045][ T3465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.761022][ T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.788489][ T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.799074][ T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.820123][ T3465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.828337][ T3465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.883873][ T3072] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.893591][ T3072] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.930709][ T3465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.943831][ T3465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.009144][ T5861] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 85.015952][ T3465] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.054014][ T3465] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.198513][ T3465] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.219527][ T3465] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.298642][ T3531] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.313264][ T3531] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.785223][ T5868] Bluetooth: hci1: command tx timeout [ 85.865263][ T5868] Bluetooth: hci2: command tx timeout [ 85.870716][ T5868] Bluetooth: hci0: command tx timeout [ 85.877051][ T5185] Bluetooth: hci3: command tx timeout [ 86.074281][ T5967] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 86.374282][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.386422][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.394703][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 86.405280][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.045440][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 87.545384][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.553924][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 87.867020][ T51] Bluetooth: hci1: command tx timeout [ 87.955646][ T51] Bluetooth: hci0: command tx timeout [ 87.959380][ T5868] Bluetooth: hci3: command tx timeout [ 87.961163][ T51] Bluetooth: hci2: command tx timeout [ 88.172485][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 88.975155][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 89.225700][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 89.296276][ T6011] Zero length message leads to an empty skb [ 89.563038][ T6013] netlink: 146 bytes leftover after parsing attributes in process `syz.1.9'. [ 90.305415][ T6024] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 90.305415][ T6024] The task syz.2.10 (6024) triggered the difference, watch for misbehavior. [ 91.652849][ T6052] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 91.827904][ T6051] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 91.902024][ T10] cfg80211: failed to load regulatory.db [ 93.814937][ T6076] netlink: 146 bytes leftover after parsing attributes in process `syz.1.21'. [ 94.918232][ T6092] netlink: 146 bytes leftover after parsing attributes in process `syz.2.23'. [ 96.815189][ T6135] snd_aloop snd_aloop.0: control 16781581:65539:5:é'x?F¢é/èìzFË·fCªáª:7 is already present [ 107.072666][ T6308] netlink: 146 bytes leftover after parsing attributes in process `syz.3.61'. [ 107.951145][ T6320] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 108.329927][ T6329] netlink: 146 bytes leftover after parsing attributes in process `syz.1.72'. [ 109.321360][ T6338] random: crng reseeded on system resumption [ 110.297503][ T6361] netlink: 146 bytes leftover after parsing attributes in process `syz.0.69'. [ 112.221940][ T6398] netlink: 146 bytes leftover after parsing attributes in process `syz.2.76'. [ 114.848943][ T6458] random: crng reseeded on system resumption [ 115.664361][ T6472] netlink: 146 bytes leftover after parsing attributes in process `syz.2.92'. [ 118.456029][ T6538] netlink: 146 bytes leftover after parsing attributes in process `syz.1.103'. [ 122.061844][ T6598] netlink: 146 bytes leftover after parsing attributes in process `syz.1.116'. [ 123.218852][ T6625] binder: 6623:6625 ioctl c0046209 7fffffffffffffff returned -22 [ 125.355408][ T6661] nbd: couldn't find device at index 137 [ 125.867194][ T6656] netlink: 28 bytes leftover after parsing attributes in process `syz.2.129'. [ 125.947845][ T6668] netlink: 146 bytes leftover after parsing attributes in process `syz.3.132'. [ 125.991774][ T6656] bridge_slave_1: left allmulticast mode [ 126.002997][ T6656] bridge_slave_1: left promiscuous mode [ 126.090091][ T6656] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.192475][ T6656] bridge_slave_0: left allmulticast mode [ 126.198373][ T6656] bridge_slave_0: left promiscuous mode [ 126.214752][ T6656] bridge0: port 1(bridge_slave_0) entered disabled state [ 126.646211][ T6673] vhci_hcd: invalid port number 16 [ 126.651640][ T6673] vhci_hcd: invalid port number 16 [ 129.173034][ T6723] netlink: 146 bytes leftover after parsing attributes in process `syz.3.145'. [ 130.222789][ T6745] netlink: 146 bytes leftover after parsing attributes in process `syz.2.155'. [ 130.366624][ T6738] nbd: couldn't find device at index 137 [ 130.679153][ T6741] netlink: 28 bytes leftover after parsing attributes in process `syz.3.147'. [ 130.715617][ T6741] bridge_slave_1: left allmulticast mode [ 130.765327][ T6741] bridge_slave_1: left promiscuous mode [ 130.802279][ T6741] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.937194][ T6744] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 131.101584][ T6741] bridge_slave_0: left allmulticast mode [ 131.155984][ T6741] bridge_slave_0: left promiscuous mode [ 131.161856][ T6741] bridge0: port 1(bridge_slave_0) entered disabled state [ 132.855304][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.866648][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.617455][ T6813] FAULT_INJECTION: forcing a failure. [ 134.617455][ T6813] name failslab, interval 1, probability 0, space 0, times 1 [ 134.647378][ T6813] CPU: 0 UID: 0 PID: 6813 Comm: syz.2.160 Not tainted syzkaller #0 PREEMPT(full) [ 134.647406][ T6813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 134.647418][ T6813] Call Trace: [ 134.647426][ T6813] [ 134.647437][ T6813] dump_stack_lvl+0x16c/0x1f0 [ 134.647466][ T6813] should_fail_ex+0x512/0x640 [ 134.647487][ T6813] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 134.647506][ T6813] should_failslab+0xc2/0x120 [ 134.647526][ T6813] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 134.647542][ T6813] ? d_instantiate+0x77/0x90 [ 134.647560][ T6813] ? alloc_empty_file+0x55/0x1e0 [ 134.647586][ T6813] alloc_empty_file+0x55/0x1e0 [ 134.647606][ T6813] alloc_file_pseudo+0x13a/0x230 [ 134.647628][ T6813] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 134.647650][ T6813] ? do_raw_spin_unlock+0x172/0x230 [ 134.647674][ T6813] __anon_inode_getfile+0xe8/0x280 [ 134.647693][ T6813] anon_inode_getfile_fmode+0x37/0xa0 [ 134.647715][ T6813] __do_sys_fanotify_init+0x96d/0xc00 [ 134.647740][ T6813] do_syscall_64+0xcd/0x490 [ 134.647760][ T6813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.647775][ T6813] RIP: 0033:0x7f560ff8ebe9 [ 134.647799][ T6813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.647817][ T6813] RSP: 002b:00007f560e1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 134.647832][ T6813] RAX: ffffffffffffffda RBX: 00007f56101b5fa0 RCX: 00007f560ff8ebe9 [ 134.647841][ T6813] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 134.647850][ T6813] RBP: 00007f5610011e19 R08: 0000000000000000 R09: 0000000000000000 [ 134.647858][ T6813] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.647866][ T6813] R13: 00007f56101b6038 R14: 00007f56101b5fa0 R15: 00007ffec9f57238 [ 134.647885][ T6813] [ 134.836024][ C0] vkms_vblank_simulate: vblank timer overrun [ 136.440975][ T6839] nbd: couldn't find device at index 137 [ 136.854721][ T6839] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 138.322216][ T6856] binder: 6855:6856 ioctl c0306201 200000000000 returned -14 [ 139.257844][ T6860] netlink: 28 bytes leftover after parsing attributes in process `syz.0.163'. [ 139.266983][ T6860] bridge_slave_1: left allmulticast mode [ 139.280358][ T6860] bridge_slave_1: left promiscuous mode [ 139.367654][ T6860] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.550020][ T6860] bridge_slave_0: left allmulticast mode [ 139.556716][ T6860] bridge_slave_0: left promiscuous mode [ 139.589545][ T6860] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.606470][ T6863] random: crng reseeded on system resumption [ 144.014731][ T6979] netlink: 146 bytes leftover after parsing attributes in process `syz.0.192'. [ 145.657315][ T7008] Invalid ELF header magic: != ELF [ 146.184557][ T7026] random: crng reseeded on system resumption [ 148.096670][ T7068] netlink: 146 bytes leftover after parsing attributes in process `syz.0.207'. [ 149.761464][ T7090] netlink: 28 bytes leftover after parsing attributes in process `syz.0.212'. [ 150.636765][ T7123] netlink: 146 bytes leftover after parsing attributes in process `syz.1.218'. [ 151.595736][ T7140] netlink: 146 bytes leftover after parsing attributes in process `syz.0.220'. [ 153.939657][ T7193] netlink: 146 bytes leftover after parsing attributes in process `syz.0.230'. [ 154.354605][ T7207] ksmbd: Unknown IPC event: 14, ignore. [ 155.893369][ T7243] random: crng reseeded on system resumption [ 156.823173][ T7248] ptrace attach of ""[7249] was attempted by "./syz-executor exec"[7248] [ 160.114871][ T51] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 164.964683][ T7441] netlink: 146 bytes leftover after parsing attributes in process `syz.3.270'. [ 165.498830][ T7452] binder: 7451:7452 ioctl c0306201 200000000000 returned -14 [ 168.373592][ T7509] ovs_: entered promiscuous mode [ 169.008702][ T7524] ptrace attach of "./syz-executor exec"[7525] was attempted by "./syz-executor exec"[7524] [ 170.517458][ T7551] netlink: 146 bytes leftover after parsing attributes in process `syz.1.290'. [ 175.403372][ T7657] ptrace attach of "./syz-executor exec"[7667] was attempted by "./syz-executor exec"[7657] [ 175.771408][ T7682] FAULT_INJECTION: forcing a failure. [ 175.771408][ T7682] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 175.811489][ T7682] CPU: 0 UID: 0 PID: 7682 Comm: syz.1.308 Not tainted syzkaller #0 PREEMPT(full) [ 175.811526][ T7682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 175.811549][ T7682] Call Trace: [ 175.811559][ T7682] [ 175.811569][ T7682] dump_stack_lvl+0x16c/0x1f0 [ 175.811613][ T7682] should_fail_ex+0x512/0x640 [ 175.811655][ T7682] _copy_from_iter+0x29f/0x1720 [ 175.811704][ T7682] ? __pfx__copy_from_iter+0x10/0x10 [ 175.811742][ T7682] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 175.811789][ T7682] copy_page_from_iter+0xde/0x180 [ 175.811832][ T7682] tun_build_skb.constprop.0+0x2e8/0x1500 [ 175.811887][ T7682] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 175.811922][ T7682] ? __lock_acquire+0x62e/0x1ce0 [ 175.811982][ T7682] tun_get_user+0x14ae/0x3ce0 [ 175.812020][ T7682] ? __pfx_tun_get_user+0x10/0x10 [ 175.812048][ T7682] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 175.812097][ T7682] ? find_held_lock+0x2b/0x80 [ 175.812122][ T7682] ? tun_get+0x191/0x370 [ 175.812169][ T7682] tun_chr_write_iter+0xdc/0x210 [ 175.812198][ T7682] vfs_write+0x7d0/0x11d0 [ 175.812228][ T7682] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 175.812258][ T7682] ? __pfx_vfs_write+0x10/0x10 [ 175.812283][ T7682] ? find_held_lock+0x2b/0x80 [ 175.812332][ T7682] __x64_sys_pwrite64+0x1eb/0x250 [ 175.812364][ T7682] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 175.812407][ T7682] do_syscall_64+0xcd/0x490 [ 175.812443][ T7682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.812469][ T7682] RIP: 0033:0x7f6cbe18ebe9 [ 175.812490][ T7682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.812514][ T7682] RSP: 002b:00007f6cbefb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 175.812552][ T7682] RAX: ffffffffffffffda RBX: 00007f6cbe3b5fa0 RCX: 00007f6cbe18ebe9 [ 175.812570][ T7682] RDX: 000000000000004e RSI: 0000200000000600 RDI: 00000000000000c8 [ 175.812586][ T7682] RBP: 00007f6cbe211e19 R08: 0000000000000000 R09: 0000000000000000 [ 175.812602][ T7682] R10: 00000000000008bc R11: 0000000000000246 R12: 0000000000000000 [ 175.812618][ T7682] R13: 00007f6cbe3b6038 R14: 00007f6cbe3b5fa0 R15: 00007ffe58985208 [ 175.812653][ T7682] [ 177.725429][ T7701] process 'syz.2.311' launched './file0' with NULL argv: empty string added [ 177.890384][ T7723] FAULT_INJECTION: forcing a failure. [ 177.890384][ T7723] name failslab, interval 1, probability 0, space 0, times 0 [ 177.907500][ T7723] CPU: 1 UID: 0 PID: 7723 Comm: syz.2.315 Not tainted syzkaller #0 PREEMPT(full) [ 177.907535][ T7723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 177.907551][ T7723] Call Trace: [ 177.907560][ T7723] [ 177.907568][ T7723] dump_stack_lvl+0x16c/0x1f0 [ 177.907608][ T7723] should_fail_ex+0x512/0x640 [ 177.907643][ T7723] ? __kmalloc_noprof+0xbf/0x510 [ 177.907675][ T7723] ? lsm_blob_alloc+0x68/0x90 [ 177.907696][ T7723] should_failslab+0xc2/0x120 [ 177.907729][ T7723] __kmalloc_noprof+0xd2/0x510 [ 177.907764][ T7723] lsm_blob_alloc+0x68/0x90 [ 177.907785][ T7723] security_sk_alloc+0x30/0x270 [ 177.907813][ T7723] sk_prot_alloc+0x1c7/0x2a0 [ 177.907852][ T7723] sk_alloc+0x36/0xc20 [ 177.907879][ T7723] pppoe_create+0x32/0x310 [ 177.907906][ T7723] pppox_create+0x159/0x2c0 [ 177.907935][ T7723] __sock_create+0x335/0x8d0 [ 177.907966][ T7723] __sys_socket+0x14d/0x260 [ 177.907989][ T7723] ? __pfx___sys_socket+0x10/0x10 [ 177.908005][ T7723] ? xfd_validate_state+0x61/0x180 [ 177.908025][ T7723] ? __pfx_ksys_write+0x10/0x10 [ 177.908046][ T7723] __x64_sys_socket+0x72/0xb0 [ 177.908061][ T7723] ? lockdep_hardirqs_on+0x7c/0x110 [ 177.908079][ T7723] do_syscall_64+0xcd/0x490 [ 177.908098][ T7723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.908112][ T7723] RIP: 0033:0x7f560ff8ebe9 [ 177.908125][ T7723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 177.908139][ T7723] RSP: 002b:00007f560e1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 177.908153][ T7723] RAX: ffffffffffffffda RBX: 00007f56101b5fa0 RCX: 00007f560ff8ebe9 [ 177.908162][ T7723] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000018 [ 177.908170][ T7723] RBP: 00007f5610011e19 R08: 0000000000000000 R09: 0000000000000000 [ 177.908178][ T7723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.908186][ T7723] R13: 00007f56101b6038 R14: 00007f56101b5fa0 R15: 00007ffec9f57238 [ 177.908204][ T7723] [ 179.905544][ T7757] ptrace attach of ""[7758] was attempted by "./syz-executor exec"[7757] [ 182.026336][ T7799] netlink: 146 bytes leftover after parsing attributes in process `syz.1.326'. [ 185.812695][ T7884] netlink: 146 bytes leftover after parsing attributes in process `syz.2.339'. [ 189.832468][ T7968] netlink: 146 bytes leftover after parsing attributes in process `syz.1.354'. [ 194.273117][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.281543][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.357237][ T8073] netlink: 146 bytes leftover after parsing attributes in process `syz.1.371'. [ 195.305527][ T8093] FAULT_INJECTION: forcing a failure. [ 195.305527][ T8093] name failslab, interval 1, probability 0, space 0, times 0 [ 195.341345][ T8093] CPU: 0 UID: 0 PID: 8093 Comm: syz.3.376 Not tainted syzkaller #0 PREEMPT(full) [ 195.341383][ T8093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 195.341404][ T8093] Call Trace: [ 195.341414][ T8093] [ 195.341424][ T8093] dump_stack_lvl+0x16c/0x1f0 [ 195.341465][ T8093] should_fail_ex+0x512/0x640 [ 195.341499][ T8093] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 195.341528][ T8093] should_failslab+0xc2/0x120 [ 195.341563][ T8093] __kmalloc_cache_noprof+0x6a/0x3e0 [ 195.341589][ T8093] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 195.341620][ T8093] ? __request_module+0x2ad/0x690 [ 195.341655][ T8093] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 195.341689][ T8093] __request_module+0x2ad/0x690 [ 195.341726][ T8093] ? __pfx___request_module+0x10/0x10 [ 195.341761][ T8093] ? trace_kmem_cache_alloc+0x28/0xc0 [ 195.341799][ T8093] ? security_inode_alloc+0x3b/0x2b0 [ 195.341839][ T8093] ? inode_init_always_gfp+0xd05/0x1030 [ 195.341880][ T8093] __sock_create+0x5c3/0x8d0 [ 195.341912][ T8093] __sys_socket+0x14d/0x260 [ 195.341939][ T8093] ? __pfx___sys_socket+0x10/0x10 [ 195.341965][ T8093] ? xfd_validate_state+0x61/0x180 [ 195.341998][ T8093] ? __pfx_ksys_write+0x10/0x10 [ 195.342034][ T8093] __x64_sys_socket+0x72/0xb0 [ 195.342059][ T8093] ? lockdep_hardirqs_on+0x7c/0x110 [ 195.342091][ T8093] do_syscall_64+0xcd/0x490 [ 195.342127][ T8093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.342150][ T8093] RIP: 0033:0x7f014158ebe9 [ 195.342170][ T8093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 195.342191][ T8093] RSP: 002b:00007f014241d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 195.342213][ T8093] RAX: ffffffffffffffda RBX: 00007f01417b5fa0 RCX: 00007f014158ebe9 [ 195.342227][ T8093] RDX: 0000000000000005 RSI: 000000000000000a RDI: 0000000000000005 [ 195.342241][ T8093] RBP: 00007f0141611e19 R08: 0000000000000000 R09: 0000000000000000 [ 195.342257][ T8093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 195.342271][ T8093] R13: 00007f01417b6038 R14: 00007f01417b5fa0 R15: 00007ffcf576ae58 [ 195.342301][ T8093] [ 195.556735][ C0] vkms_vblank_simulate: vblank timer overrun [ 196.206837][ T8110] FAULT_INJECTION: forcing a failure. [ 196.206837][ T8110] name failslab, interval 1, probability 0, space 0, times 0 [ 196.224274][ T8110] CPU: 1 UID: 0 PID: 8110 Comm: syz.1.378 Not tainted syzkaller #0 PREEMPT(full) [ 196.224310][ T8110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 196.224325][ T8110] Call Trace: [ 196.224334][ T8110] [ 196.224344][ T8110] dump_stack_lvl+0x16c/0x1f0 [ 196.224385][ T8110] should_fail_ex+0x512/0x640 [ 196.224420][ T8110] ? __kmalloc_noprof+0xbf/0x510 [ 196.224454][ T8110] ? lsm_blob_alloc+0x68/0x90 [ 196.224476][ T8110] should_failslab+0xc2/0x120 [ 196.224510][ T8110] __kmalloc_noprof+0xd2/0x510 [ 196.224548][ T8110] lsm_blob_alloc+0x68/0x90 [ 196.224572][ T8110] security_sk_alloc+0x30/0x270 [ 196.224611][ T8110] sk_prot_alloc+0xfb/0x2a0 [ 196.224657][ T8110] sk_alloc+0x36/0xc20 [ 196.224691][ T8110] pn_socket_create+0x22d/0x560 [ 196.224721][ T8110] __sock_create+0x335/0x8d0 [ 196.224757][ T8110] __sys_socket+0x14d/0x260 [ 196.224782][ T8110] ? __pfx___sys_socket+0x10/0x10 [ 196.224807][ T8110] ? xfd_validate_state+0x61/0x180 [ 196.224839][ T8110] ? __task_pid_nr_ns+0x17c/0x500 [ 196.224880][ T8110] __x64_sys_socket+0x72/0xb0 [ 196.224904][ T8110] ? lockdep_hardirqs_on+0x7c/0x110 [ 196.224933][ T8110] do_syscall_64+0xcd/0x490 [ 196.224967][ T8110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.224993][ T8110] RIP: 0033:0x7f6cbe18ebe9 [ 196.225012][ T8110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.225035][ T8110] RSP: 002b:00007f6cbefb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 196.225057][ T8110] RAX: ffffffffffffffda RBX: 00007f6cbe3b5fa0 RCX: 00007f6cbe18ebe9 [ 196.225073][ T8110] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000023 [ 196.225087][ T8110] RBP: 00007f6cbe211e19 R08: 0000000000000000 R09: 0000000000000000 [ 196.225102][ T8110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.225116][ T8110] R13: 00007f6cbe3b6038 R14: 00007f6cbe3b5fa0 R15: 00007ffe58985208 [ 196.225149][ T8110] [ 197.293383][ T8129] netlink: 146 bytes leftover after parsing attributes in process `syz.1.381'. [ 198.631668][ T8155] netlink: 4 bytes leftover after parsing attributes in process `syz.0.386'. [ 199.148886][ T8168] zswap: compressor not available [ 200.677445][ T8204] netlink: 146 bytes leftover after parsing attributes in process `syz.1.393'. [ 202.243276][ T8245] netlink: 146 bytes leftover after parsing attributes in process `syz.2.400'. [ 204.950484][ T8295] FAULT_INJECTION: forcing a failure. [ 204.950484][ T8295] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 205.052730][ T8295] CPU: 0 UID: 0 PID: 8295 Comm: syz.1.410 Not tainted syzkaller #0 PREEMPT(full) [ 205.052764][ T8295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 205.052779][ T8295] Call Trace: [ 205.052788][ T8295] [ 205.052796][ T8295] dump_stack_lvl+0x16c/0x1f0 [ 205.052820][ T8295] should_fail_ex+0x512/0x640 [ 205.052844][ T8295] should_fail_alloc_page+0xe7/0x130 [ 205.052866][ T8295] prepare_alloc_pages+0x3c2/0x610 [ 205.052890][ T8295] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 205.052908][ T8295] ? __lock_acquire+0x62e/0x1ce0 [ 205.052927][ T8295] ? __lock_acquire+0x62e/0x1ce0 [ 205.052949][ T8295] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 205.052976][ T8295] ? find_held_lock+0x2b/0x80 [ 205.052989][ T8295] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 205.053011][ T8295] ? policy_nodemask+0xea/0x4e0 [ 205.053032][ T8295] alloc_pages_mpol+0x1fb/0x550 [ 205.053051][ T8295] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 205.053074][ T8295] folio_alloc_mpol_noprof+0x36/0x2f0 [ 205.053096][ T8295] shmem_alloc_folio+0x135/0x160 [ 205.053120][ T8295] shmem_alloc_and_add_folio+0x499/0xc20 [ 205.053140][ T8295] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 205.053158][ T8295] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 205.053177][ T8295] shmem_get_folio_gfp+0x67f/0x1600 [ 205.053197][ T8295] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 205.053215][ T8295] ? filemap_map_pages+0xf58/0x1670 [ 205.053234][ T8295] shmem_fault+0x1fe/0xa30 [ 205.053251][ T8295] ? __pfx_shmem_fault+0x10/0x10 [ 205.053268][ T8295] ? rcu_is_watching+0x12/0xc0 [ 205.053283][ T8295] ? __pfx_filemap_map_pages+0x10/0x10 [ 205.053308][ T8295] ? __pfx_filemap_map_pages+0x10/0x10 [ 205.053324][ T8295] __do_fault+0x10d/0x490 [ 205.053343][ T8295] ? __pfx_filemap_map_pages+0x10/0x10 [ 205.053359][ T8295] do_pte_missing+0xf50/0x3ba0 [ 205.053375][ T8295] ? do_raw_spin_unlock+0x172/0x230 [ 205.053397][ T8295] ? __pmd_alloc+0x3fb/0x930 [ 205.053420][ T8295] __handle_mm_fault+0x152a/0x2a50 [ 205.053437][ T8295] ? mt_find+0x3ef/0xa30 [ 205.053457][ T8295] ? __pfx___handle_mm_fault+0x10/0x10 [ 205.053470][ T8295] ? __pfx_mt_find+0x10/0x10 [ 205.053507][ T8295] ? find_vma+0xbf/0x140 [ 205.053526][ T8295] ? __pfx_find_vma+0x10/0x10 [ 205.053546][ T8295] handle_mm_fault+0x589/0xd10 [ 205.053561][ T8295] ? __bpf_trace_exceptions+0x1/0x40 [ 205.053584][ T8295] do_user_addr_fault+0x7a6/0x1370 [ 205.053608][ T8295] ? rcu_is_watching+0x12/0xc0 [ 205.053625][ T8295] exc_page_fault+0x5c/0xb0 [ 205.053642][ T8295] asm_exc_page_fault+0x26/0x30 [ 205.053656][ T8295] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 205.053672][ T8295] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 205.053685][ T8295] RSP: 0018:ffffc90018977e68 EFLAGS: 00050212 [ 205.053697][ T8295] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000010 [ 205.053706][ T8295] RDX: fffff5200312efda RSI: 0000000000000000 RDI: ffffc90018977ec0 [ 205.053715][ T8295] RBP: 0000000000000010 R08: 0000000000000001 R09: fffff5200312efd9 [ 205.053724][ T8295] R10: ffffc90018977ecf R11: 0000000000000000 R12: 0000000000000000 [ 205.053733][ T8295] R13: ffffc90018977ec0 R14: 0000000000000000 R15: 0000000000000000 [ 205.053753][ T8295] _copy_from_user+0x98/0xd0 [ 205.053776][ T8295] __x64_sys_setrlimit+0xc6/0x160 [ 205.053797][ T8295] ? xfd_validate_state+0x61/0x180 [ 205.053818][ T8295] ? __pfx___x64_sys_setrlimit+0x10/0x10 [ 205.053840][ T8295] ? rcu_is_watching+0x12/0xc0 [ 205.053856][ T8295] do_syscall_64+0xcd/0x490 [ 205.053875][ T8295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.053889][ T8295] RIP: 0033:0x7f6cbe18ebe9 [ 205.053900][ T8295] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.053912][ T8295] RSP: 002b:00007f6cbefb4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a0 [ 205.053925][ T8295] RAX: ffffffffffffffda RBX: 00007f6cbe3b5fa0 RCX: 00007f6cbe18ebe9 [ 205.053934][ T8295] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 205.053941][ T8295] RBP: 00007f6cbe211e19 R08: 0000000000000000 R09: 0000000000000000 [ 205.053949][ T8295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.053957][ T8295] R13: 00007f6cbe3b6038 R14: 00007f6cbe3b5fa0 R15: 00007ffe58985208 [ 205.053975][ T8295] [ 206.615699][ T5876] Bluetooth: hci1: command 0x0406 tx timeout [ 206.621998][ T5877] Bluetooth: hci2: command 0x0406 tx timeout [ 206.628286][ T5876] Bluetooth: hci0: command 0x0406 tx timeout [ 206.634346][ T5873] Bluetooth: hci3: command 0x0406 tx timeout [ 208.686259][ T8381] capability: warning: `syz.3.434' uses 32-bit capabilities (legacy support in use) [ 213.315046][ T8482] FAULT_INJECTION: forcing a failure. [ 213.315046][ T8482] name failslab, interval 1, probability 0, space 0, times 0 [ 213.327953][ T8482] CPU: 1 UID: 0 PID: 8482 Comm: syz.3.453 Not tainted syzkaller #0 PREEMPT(full) [ 213.327989][ T8482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 213.328004][ T8482] Call Trace: [ 213.328013][ T8482] [ 213.328024][ T8482] dump_stack_lvl+0x16c/0x1f0 [ 213.328064][ T8482] should_fail_ex+0x512/0x640 [ 213.328106][ T8482] should_failslab+0xc2/0x120 [ 213.328140][ T8482] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 213.328172][ T8482] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 213.328208][ T8482] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 213.328244][ T8482] idr_get_free+0x528/0xa30 [ 213.328289][ T8482] idr_alloc_u32+0x190/0x2f0 [ 213.328323][ T8482] ? __pfx_idr_alloc_u32+0x10/0x10 [ 213.328357][ T8482] ? lock_acquire+0x179/0x350 [ 213.328399][ T8482] idr_alloc_cyclic+0x10b/0x230 [ 213.328432][ T8482] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 213.328459][ T8482] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 213.328503][ T8482] map_create+0xae3/0x1f80 [ 213.328550][ T8482] ? __pfx_map_create+0x10/0x10 [ 213.328582][ T8482] ? __might_fault+0xe3/0x190 [ 213.328610][ T8482] ? __might_fault+0xe3/0x190 [ 213.328636][ T8482] ? __might_fault+0x13b/0x190 [ 213.328689][ T8482] __sys_bpf+0x44d2/0x4de0 [ 213.328732][ T8482] ? __pfx___sys_bpf+0x10/0x10 [ 213.328772][ T8482] ? ksys_write+0x190/0x250 [ 213.328810][ T8482] ? do_futex+0x122/0x350 [ 213.328844][ T8482] ? __pfx_do_futex+0x10/0x10 [ 213.328891][ T8482] ? fput+0x9b/0xd0 [ 213.328926][ T8482] ? xfd_validate_state+0x61/0x180 [ 213.328959][ T8482] ? __pfx_ksys_write+0x10/0x10 [ 213.328995][ T8482] __x64_sys_bpf+0x78/0xc0 [ 213.329032][ T8482] ? lockdep_hardirqs_on+0x7c/0x110 [ 213.329063][ T8482] do_syscall_64+0xcd/0x490 [ 213.329097][ T8482] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.329121][ T8482] RIP: 0033:0x7f014158ebe9 [ 213.329143][ T8482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.329167][ T8482] RSP: 002b:00007f014241d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 213.329192][ T8482] RAX: ffffffffffffffda RBX: 00007f01417b5fa0 RCX: 00007f014158ebe9 [ 213.329210][ T8482] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 213.329226][ T8482] RBP: 00007f0141611e19 R08: 0000000000000000 R09: 0000000000000000 [ 213.329242][ T8482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.329257][ T8482] R13: 00007f01417b6038 R14: 00007f01417b5fa0 R15: 00007ffcf576ae58 [ 213.329294][ T8482] [ 215.314473][ T30] audit: type=1326 audit(1756387124.057:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8525 comm="syz.1.459" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6cbe18ebe9 code=0x0 [ 216.915387][ T8557] FAULT_INJECTION: forcing a failure. [ 216.915387][ T8557] name failslab, interval 1, probability 0, space 0, times 0 [ 216.947801][ T8557] CPU: 0 UID: 0 PID: 8557 Comm: syz.1.466 Not tainted syzkaller #0 PREEMPT(full) [ 216.947837][ T8557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 216.947852][ T8557] Call Trace: [ 216.947861][ T8557] [ 216.947872][ T8557] dump_stack_lvl+0x16c/0x1f0 [ 216.947911][ T8557] should_fail_ex+0x512/0x640 [ 216.947945][ T8557] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 216.947982][ T8557] should_failslab+0xc2/0x120 [ 216.948015][ T8557] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 216.948045][ T8557] ? alloc_uid+0x13d/0x4c0 [ 216.948077][ T8557] ? _raw_spin_unlock_irq+0x23/0x50 [ 216.948109][ T8557] alloc_uid+0x13d/0x4c0 [ 216.948140][ T8557] ? __pfx_alloc_uid+0x10/0x10 [ 216.948173][ T8557] ? bpf_lsm_capable+0x9/0x10 [ 216.948195][ T8557] ? security_capable+0x7e/0x260 [ 216.948227][ T8557] __sys_setreuid+0x63d/0xaf0 [ 216.948260][ T8557] do_syscall_64+0xcd/0x490 [ 216.948300][ T8557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.948324][ T8557] RIP: 0033:0x7f6cbe18ebe9 [ 216.948343][ T8557] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.948374][ T8557] RSP: 002b:00007f6cbefb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 216.948398][ T8557] RAX: ffffffffffffffda RBX: 00007f6cbe3b5fa0 RCX: 00007f6cbe18ebe9 [ 216.948415][ T8557] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000009 [ 216.948429][ T8557] RBP: 00007f6cbe211e19 R08: 0000000000000000 R09: 0000000000000000 [ 216.948444][ T8557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.948458][ T8557] R13: 00007f6cbe3b6038 R14: 00007f6cbe3b5fa0 R15: 00007ffe58985208 [ 216.948491][ T8557] [ 219.802216][ T8630] FAULT_INJECTION: forcing a failure. [ 219.802216][ T8630] name failslab, interval 1, probability 0, space 0, times 0 [ 219.878378][ T8630] CPU: 0 UID: 0 PID: 8630 Comm: syz.2.481 Not tainted syzkaller #0 PREEMPT(full) [ 219.878400][ T8630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 219.878408][ T8630] Call Trace: [ 219.878414][ T8630] [ 219.878420][ T8630] dump_stack_lvl+0x16c/0x1f0 [ 219.878444][ T8630] should_fail_ex+0x512/0x640 [ 219.878465][ T8630] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 219.878484][ T8630] should_failslab+0xc2/0x120 [ 219.878503][ T8630] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 219.878519][ T8630] ? __pfx_map_id_range_down+0x10/0x10 [ 219.878540][ T8630] ? prepare_creds+0x2c/0x7d0 [ 219.878563][ T8630] prepare_creds+0x2c/0x7d0 [ 219.878583][ T8630] __sys_setfsuid+0xda/0x350 [ 219.878599][ T8630] ? rcu_is_watching+0x12/0xc0 [ 219.878614][ T8630] do_syscall_64+0xcd/0x490 [ 219.878635][ T8630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.878649][ T8630] RIP: 0033:0x7f560ff8ebe9 [ 219.878661][ T8630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.878674][ T8630] RSP: 002b:00007f560e1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000007a [ 219.878688][ T8630] RAX: ffffffffffffffda RBX: 00007f56101b5fa0 RCX: 00007f560ff8ebe9 [ 219.878697][ T8630] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee01 [ 219.878705][ T8630] RBP: 00007f5610011e19 R08: 0000000000000000 R09: 0000000000000000 [ 219.878713][ T8630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 219.878720][ T8630] R13: 00007f56101b6038 R14: 00007f56101b5fa0 R15: 00007ffec9f57238 [ 219.878745][ T8630] [ 220.768296][ T8642] netlink: 146 bytes leftover after parsing attributes in process `syz.3.484'. [ 221.076243][ T8653] netlink: 146 bytes leftover after parsing attributes in process `syz.1.485'. [ 223.120287][ T8699] netlink: 146 bytes leftover after parsing attributes in process `syz.0.495'. [ 226.212215][ T8765] could not allocate digest TFM handle  [ 230.690734][ T8896] netlink: 146 bytes leftover after parsing attributes in process `syz.1.535'. [ 232.987475][ T30] audit: type=1804 audit(1756387141.737:3): pid=8947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.546" name=2F6E6577726F6F742F3133372F22050820 dev="tmpfs" ino=728 res=1 errno=0 [ 233.100030][ T30] audit: type=1800 audit(1756387141.737:4): pid=8947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.546" name=22050820 dev="tmpfs" ino=728 res=0 errno=0 [ 236.176705][ T9013] program syz.3.562 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 236.765975][ T9037] netlink: 146 bytes leftover after parsing attributes in process `syz.3.564'. [ 238.487211][ T9084] netlink: 146 bytes leftover after parsing attributes in process `syz.3.576'. [ 246.549365][ T9274] netlink: 146 bytes leftover after parsing attributes in process `syz.2.615'. [ 247.383988][ T9294] syz.3.618 uses obsolete (PF_INET,SOCK_PACKET) [ 249.453731][ T9332] program syz.2.626 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 249.665130][ T9349] netlink: 146 bytes leftover after parsing attributes in process `syz.0.630'. [ 252.906149][ T9422] __vm_enough_memory: pid: 9422, comm: syz.2.642, bytes: 4398046511104 not enough memory for the allocation [ 253.462158][ T9432] netlink: 146 bytes leftover after parsing attributes in process `syz.0.643'. [ 255.710049][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.718408][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.617242][ T30] audit: type=1806 audit(1756387166.367:5): xattr="0x00060000" res=-22 [ 259.338550][ T9559] FAULT_INJECTION: forcing a failure. [ 259.338550][ T9559] name failslab, interval 1, probability 0, space 0, times 0 [ 259.351393][ T9559] CPU: 0 UID: 0 PID: 9559 Comm: syz.1.670 Not tainted syzkaller #0 PREEMPT(full) [ 259.351430][ T9559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 259.351457][ T9559] Call Trace: [ 259.351470][ T9559] [ 259.351480][ T9559] dump_stack_lvl+0x16c/0x1f0 [ 259.351521][ T9559] should_fail_ex+0x512/0x640 [ 259.351556][ T9559] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 259.351593][ T9559] should_failslab+0xc2/0x120 [ 259.351629][ T9559] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 259.351659][ T9559] ? __pfx___might_resched+0x10/0x10 [ 259.351685][ T9559] ? __anon_vma_prepare+0xae/0x5e0 [ 259.351718][ T9559] __anon_vma_prepare+0xae/0x5e0 [ 259.351750][ T9559] madvise_vma_behavior+0x225c/0x2d60 [ 259.351790][ T9559] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 259.351824][ T9559] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 259.351864][ T9559] ? __pfx_mas_prev+0x10/0x10 [ 259.351905][ T9559] ? find_vma_prev+0xda/0x160 [ 259.351939][ T9559] ? find_held_lock+0x2b/0x80 [ 259.351963][ T9559] ? __pfx_find_vma_prev+0x10/0x10 [ 259.351997][ T9559] ? futex_unqueue+0x133/0x2c0 [ 259.352038][ T9559] ? __futex_wait+0x24c/0x2f0 [ 259.352079][ T9559] madvise_walk_vmas+0x31f/0x9c0 [ 259.352120][ T9559] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 259.352167][ T9559] madvise_do_behavior+0x1e2/0x530 [ 259.352202][ T9559] ? futex_private_hash_put+0x18a/0x300 [ 259.352233][ T9559] ? __pfx_madvise_do_behavior+0x10/0x10 [ 259.352271][ T9559] ? down_read+0x13d/0x480 [ 259.352330][ T9559] do_madvise+0x176/0x240 [ 259.352366][ T9559] ? __pfx_do_madvise+0x10/0x10 [ 259.352402][ T9559] ? do_futex+0x122/0x350 [ 259.352461][ T9559] ? xfd_validate_state+0x61/0x180 [ 259.352506][ T9559] __x64_sys_madvise+0xa9/0x110 [ 259.352541][ T9559] ? lockdep_hardirqs_on+0x7c/0x110 [ 259.352572][ T9559] do_syscall_64+0xcd/0x490 [ 259.352608][ T9559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.352633][ T9559] RIP: 0033:0x7f6cbe18ebe9 [ 259.352654][ T9559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.352679][ T9559] RSP: 002b:00007f6cbefb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 259.352703][ T9559] RAX: ffffffffffffffda RBX: 00007f6cbe3b5fa0 RCX: 00007f6cbe18ebe9 [ 259.352720][ T9559] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 259.352735][ T9559] RBP: 00007f6cbe211e19 R08: 0000000000000000 R09: 0000000000000000 [ 259.352751][ T9559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.352766][ T9559] R13: 00007f6cbe3b6038 R14: 00007f6cbe3b5fa0 R15: 00007ffe58985208 [ 259.352803][ T9559] [ 259.610442][ C0] vkms_vblank_simulate: vblank timer overrun [ 260.691788][ T9586] FAULT_INJECTION: forcing a failure. [ 260.691788][ T9586] name fail_futex, interval 1, probability 0, space 0, times 1 [ 260.760136][ T9586] CPU: 1 UID: 0 PID: 9586 Comm: syz.0.677 Not tainted syzkaller #0 PREEMPT(full) [ 260.760167][ T9586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 260.760180][ T9586] Call Trace: [ 260.760189][ T9586] [ 260.760197][ T9586] dump_stack_lvl+0x16c/0x1f0 [ 260.760244][ T9586] should_fail_ex+0x512/0x640 [ 260.760281][ T9586] get_futex_key+0x1d0/0x1560 [ 260.760314][ T9586] ? __pfx_get_futex_key+0x10/0x10 [ 260.760341][ T9586] ? __mutex_trylock_common+0xe9/0x250 [ 260.760383][ T9586] futex_wake+0xea/0x530 [ 260.760419][ T9586] ? __pfx_futex_wake+0x10/0x10 [ 260.760467][ T9586] do_futex+0x1e3/0x350 [ 260.760487][ T9586] ? __pfx_do_futex+0x10/0x10 [ 260.760502][ T9586] ? __might_fault+0xe3/0x190 [ 260.760523][ T9586] mm_release+0x24e/0x300 [ 260.760540][ T9586] do_exit+0x68e/0x2bf0 [ 260.760563][ T9586] ? __pfx_do_exit+0x10/0x10 [ 260.760581][ T9586] ? do_raw_spin_lock+0x12c/0x2b0 [ 260.760600][ T9586] ? find_held_lock+0x2b/0x80 [ 260.760616][ T9586] do_group_exit+0xd3/0x2a0 [ 260.760636][ T9586] get_signal+0x2673/0x26d0 [ 260.760659][ T9586] ? __pfx_get_signal+0x10/0x10 [ 260.760673][ T9586] ? do_futex+0x122/0x350 [ 260.760690][ T9586] ? __pfx_do_futex+0x10/0x10 [ 260.760708][ T9586] arch_do_signal_or_restart+0x8f/0x790 [ 260.760728][ T9586] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 260.760751][ T9586] ? __pfx___do_sys_close_range+0x10/0x10 [ 260.760771][ T9586] exit_to_user_mode_loop+0x84/0x110 [ 260.760792][ T9586] do_syscall_64+0x3f6/0x490 [ 260.760812][ T9586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.760826][ T9586] RIP: 0033:0x7feac8d8ebe9 [ 260.760838][ T9586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.760851][ T9586] RSP: 002b:00007feac9c140e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 260.760864][ T9586] RAX: fffffffffffffe00 RBX: 00007feac8fb6098 RCX: 00007feac8d8ebe9 [ 260.760873][ T9586] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007feac8fb6098 [ 260.760881][ T9586] RBP: 00007feac8fb6090 R08: 0000000000000000 R09: 0000000000000000 [ 260.760889][ T9586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.760897][ T9586] R13: 00007feac8fb6128 R14: 00007fff22cae440 R15: 00007fff22cae528 [ 260.760914][ T9586] [ 263.017433][ T9638] netlink: 146 bytes leftover after parsing attributes in process `syz.2.684'. [ 265.005517][ T9682] netlink: 146 bytes leftover after parsing attributes in process `syz.0.692'. [ 267.607064][ T9740] netlink: 146 bytes leftover after parsing attributes in process `syz.2.701'. [ 269.501613][ T9769] netlink: 146 bytes leftover after parsing attributes in process `syz.2.709'. [ 272.614086][ T9843] netlink: 146 bytes leftover after parsing attributes in process `syz.1.724'. [ 273.943034][ T9867] sock: sock_timestamping_bind_phc: sock not bind to device [ 276.611617][ T9932] netlink: 146 bytes leftover after parsing attributes in process `syz.1.745'. [ 279.072354][ T9985] zswap: compressor not available [ 281.278969][T10045] FAULT_INJECTION: forcing a failure. [ 281.278969][T10045] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 281.378600][T10045] CPU: 0 UID: 0 PID: 10045 Comm: syz.1.767 Not tainted syzkaller #0 PREEMPT(full) [ 281.378635][T10045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 281.378651][T10045] Call Trace: [ 281.378659][T10045] [ 281.378668][T10045] dump_stack_lvl+0x16c/0x1f0 [ 281.378709][T10045] should_fail_ex+0x512/0x640 [ 281.378744][T10045] ? page_copy_sane+0xcd/0x2d0 [ 281.378784][T10045] copy_folio_from_iter_atomic+0x4d3/0x1ac0 [ 281.378828][T10045] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 281.378854][T10045] ? shmem_write_begin+0x176/0x300 [ 281.378884][T10045] ? __pfx_fault_in_readable+0x10/0x10 [ 281.378919][T10045] ? __pfx_shmem_write_begin+0x10/0x10 [ 281.378951][T10045] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 281.378998][T10045] generic_perform_write+0x221/0x900 [ 281.379039][T10045] ? __pfx_generic_perform_write+0x10/0x10 [ 281.379071][T10045] ? generic_update_time+0xcf/0xf0 [ 281.379103][T10045] ? mnt_put_write_access_file+0x45/0xf0 [ 281.379130][T10045] shmem_file_write_iter+0x10e/0x140 [ 281.379165][T10045] do_iter_readv_writev+0x65f/0x9e0 [ 281.379208][T10045] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 281.379252][T10045] vfs_writev+0x35f/0xde0 [ 281.379286][T10045] ? __pfx_vfs_writev+0x10/0x10 [ 281.379311][T10045] ? __mutex_lock+0x1c5/0x1060 [ 281.379352][T10045] ? __pfx___mutex_lock+0x10/0x10 [ 281.379397][T10045] ? __fget_files+0x20e/0x3c0 [ 281.379435][T10045] ? do_writev+0x132/0x340 [ 281.379459][T10045] do_writev+0x132/0x340 [ 281.379483][T10045] ? __pfx_do_writev+0x10/0x10 [ 281.379525][T10045] do_syscall_64+0xcd/0x490 [ 281.379562][T10045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.379589][T10045] RIP: 0033:0x7f6cbe18ebe9 [ 281.379610][T10045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 281.379634][T10045] RSP: 002b:00007f6cbefb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 281.379660][T10045] RAX: ffffffffffffffda RBX: 00007f6cbe3b5fa0 RCX: 00007f6cbe18ebe9 [ 281.379677][T10045] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 281.379693][T10045] RBP: 00007f6cbe211e19 R08: 0000000000000000 R09: 0000000000000000 [ 281.379707][T10045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 281.379721][T10045] R13: 00007f6cbe3b6038 R14: 00007f6cbe3b5fa0 R15: 00007ffe58985208 [ 281.379757][T10045] [ 282.004360][T10054] FAULT_INJECTION: forcing a failure. [ 282.004360][T10054] name failslab, interval 1, probability 0, space 0, times 0 [ 282.084922][T10054] CPU: 1 UID: 0 PID: 10054 Comm: syz.2.771 Not tainted syzkaller #0 PREEMPT(full) [ 282.084955][T10054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 282.084969][T10054] Call Trace: [ 282.084977][T10054] [ 282.084987][T10054] dump_stack_lvl+0x16c/0x1f0 [ 282.085024][T10054] should_fail_ex+0x512/0x640 [ 282.085057][T10054] ? __kmalloc_noprof+0xbf/0x510 [ 282.085088][T10054] ? get_modalias+0xbb/0x380 [ 282.085110][T10054] should_failslab+0xc2/0x120 [ 282.085142][T10054] __kmalloc_noprof+0xd2/0x510 [ 282.085168][T10054] ? get_modalias+0x20f/0x380 [ 282.085197][T10054] get_modalias+0xbb/0x380 [ 282.085225][T10054] ? __pfx_sys_dmi_modalias_show+0x10/0x10 [ 282.085248][T10054] sys_dmi_modalias_show+0x1f/0xb0 [ 282.085272][T10054] dev_attr_show+0x53/0xe0 [ 282.085310][T10054] ? __pfx_dev_attr_show+0x10/0x10 [ 282.085346][T10054] sysfs_kf_seq_show+0x216/0x3e0 [ 282.085379][T10054] seq_read_iter+0x509/0x12c0 [ 282.085407][T10054] ? __mutex_trylock_common+0xe9/0x250 [ 282.085454][T10054] kernfs_fop_read_iter+0x40f/0x5a0 [ 282.085489][T10054] ? rw_verify_area+0xcf/0x6c0 [ 282.085519][T10054] vfs_read+0x8bc/0xcf0 [ 282.085552][T10054] ? __pfx___mutex_lock+0x10/0x10 [ 282.085585][T10054] ? __pfx_vfs_read+0x10/0x10 [ 282.085641][T10054] ksys_read+0x12a/0x250 [ 282.085671][T10054] ? __pfx_ksys_read+0x10/0x10 [ 282.085714][T10054] do_syscall_64+0xcd/0x490 [ 282.085751][T10054] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.085777][T10054] RIP: 0033:0x7f560ff8ebe9 [ 282.085797][T10054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 282.085821][T10054] RSP: 002b:00007f560e1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 282.085845][T10054] RAX: ffffffffffffffda RBX: 00007f56101b5fa0 RCX: 00007f560ff8ebe9 [ 282.085863][T10054] RDX: 0000000000001016 RSI: 0000200000000000 RDI: 0000000000000003 [ 282.085879][T10054] RBP: 00007f5610011e19 R08: 0000000000000000 R09: 0000000000000000 [ 282.085894][T10054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 282.085909][T10054] R13: 00007f56101b6038 R14: 00007f56101b5fa0 R15: 00007ffec9f57238 [ 282.085945][T10054] [ 283.799658][T10089] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 287.625518][T10170] netlink: 146 bytes leftover after parsing attributes in process `syz.3.793'. [ 290.017888][T10216] FAULT_INJECTION: forcing a failure. [ 290.017888][T10216] name failslab, interval 1, probability 0, space 0, times 0 [ 290.050274][T10216] CPU: 1 UID: 0 PID: 10216 Comm: syz.0.801 Not tainted syzkaller #0 PREEMPT(full) [ 290.050312][T10216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 290.050327][T10216] Call Trace: [ 290.050336][T10216] [ 290.050347][T10216] dump_stack_lvl+0x16c/0x1f0 [ 290.050387][T10216] should_fail_ex+0x512/0x640 [ 290.050423][T10216] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 290.050464][T10216] should_failslab+0xc2/0x120 [ 290.050497][T10216] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 290.050532][T10216] ? __kthread_create_on_node+0x186/0x3f0 [ 290.050572][T10216] kvasprintf+0xbc/0x160 [ 290.050597][T10216] ? __pfx_kvasprintf+0x10/0x10 [ 290.050636][T10216] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 290.050680][T10216] __kthread_create_on_node+0x186/0x3f0 [ 290.050717][T10216] ? __pfx___kthread_create_on_node+0x10/0x10 [ 290.050764][T10216] ? __lock_acquire+0xb97/0x1ce0 [ 290.050801][T10216] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 290.050838][T10216] kthread_create_on_node+0xc7/0x100 [ 290.050869][T10216] ? __pfx_kthread_create_on_node+0x10/0x10 [ 290.050909][T10216] ? mark_held_locks+0x49/0x80 [ 290.050941][T10216] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 290.050971][T10216] ? lockdep_hardirqs_on+0x7c/0x110 [ 290.051010][T10216] dvb_frontend_open+0xf47/0x1730 [ 290.051055][T10216] ? __pfx_dvb_frontend_open+0x10/0x10 [ 290.051092][T10216] dvb_device_open+0x270/0x3b0 [ 290.051128][T10216] ? __pfx_dvb_device_open+0x10/0x10 [ 290.051163][T10216] chrdev_open+0x234/0x6a0 [ 290.051195][T10216] ? __pfx_apparmor_file_open+0x10/0x10 [ 290.051223][T10216] ? __pfx_chrdev_open+0x10/0x10 [ 290.051258][T10216] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 290.051294][T10216] do_dentry_open+0x982/0x1530 [ 290.051325][T10216] ? __pfx_chrdev_open+0x10/0x10 [ 290.051360][T10216] vfs_open+0x82/0x3f0 [ 290.051399][T10216] path_openat+0x1de4/0x2cb0 [ 290.051441][T10216] ? __pfx_path_openat+0x10/0x10 [ 290.051483][T10216] do_filp_open+0x20b/0x470 [ 290.051514][T10216] ? __pfx_do_filp_open+0x10/0x10 [ 290.051575][T10216] ? alloc_fd+0x471/0x7d0 [ 290.051614][T10216] do_sys_openat2+0x11b/0x1d0 [ 290.051659][T10216] ? __pfx_do_sys_openat2+0x10/0x10 [ 290.051715][T10216] __x64_sys_openat+0x174/0x210 [ 290.051755][T10216] ? __pfx___x64_sys_openat+0x10/0x10 [ 290.051811][T10216] do_syscall_64+0xcd/0x490 [ 290.051848][T10216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.051874][T10216] RIP: 0033:0x7feac8d8ebe9 [ 290.051896][T10216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 290.051920][T10216] RSP: 002b:00007feac9c35038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 290.051945][T10216] RAX: ffffffffffffffda RBX: 00007feac8fb5fa0 RCX: 00007feac8d8ebe9 [ 290.051962][T10216] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 290.051978][T10216] RBP: 00007feac8e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 290.051994][T10216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 290.052009][T10216] R13: 00007feac8fb6038 R14: 00007feac8fb5fa0 R15: 00007fff22cae528 [ 290.052046][T10216] [ 290.052094][T10216] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12) [ 290.185529][T10221] FAULT_INJECTION: forcing a failure. [ 290.185529][T10221] name failslab, interval 1, probability 0, space 0, times 0 [ 290.397863][T10221] CPU: 0 UID: 0 PID: 10221 Comm: syz.1.804 Not tainted syzkaller #0 PREEMPT(full) [ 290.397900][T10221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 290.397914][T10221] Call Trace: [ 290.397923][T10221] [ 290.397933][T10221] dump_stack_lvl+0x16c/0x1f0 [ 290.397971][T10221] should_fail_ex+0x512/0x640 [ 290.398003][T10221] ? __kmalloc_noprof+0xbf/0x510 [ 290.398034][T10221] ? realloc_user_queue+0x288/0x320 [ 290.398059][T10221] should_failslab+0xc2/0x120 [ 290.398090][T10221] __kmalloc_noprof+0xd2/0x510 [ 290.398124][T10221] realloc_user_queue+0x288/0x320 [ 290.398149][T10221] ? __pfx_snd_timer_user_open+0x10/0x10 [ 290.398174][T10221] snd_timer_user_open+0xfc/0x180 [ 290.398201][T10221] snd_open+0x22d/0x4c0 [ 290.398233][T10221] ? __pfx_snd_open+0x10/0x10 [ 290.398267][T10221] chrdev_open+0x234/0x6a0 [ 290.398298][T10221] ? __pfx_apparmor_file_open+0x10/0x10 [ 290.398350][T10221] ? __pfx_chrdev_open+0x10/0x10 [ 290.398386][T10221] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 290.398430][T10221] do_dentry_open+0x982/0x1530 [ 290.398464][T10221] ? __pfx_chrdev_open+0x10/0x10 [ 290.398506][T10221] vfs_open+0x82/0x3f0 [ 290.398543][T10221] path_openat+0x1de4/0x2cb0 [ 290.398581][T10221] ? __pfx_path_openat+0x10/0x10 [ 290.398615][T10221] do_filp_open+0x20b/0x470 [ 290.398640][T10221] ? __pfx_do_filp_open+0x10/0x10 [ 290.398688][T10221] ? alloc_fd+0x471/0x7d0 [ 290.398722][T10221] do_sys_openat2+0x11b/0x1d0 [ 290.398755][T10221] ? __pfx_do_sys_openat2+0x10/0x10 [ 290.398797][T10221] __x64_sys_openat+0x174/0x210 [ 290.398830][T10221] ? __pfx___x64_sys_openat+0x10/0x10 [ 290.398876][T10221] do_syscall_64+0xcd/0x490 [ 290.398910][T10221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.398935][T10221] RIP: 0033:0x7f6cbe18ebe9 [ 290.398953][T10221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 290.398976][T10221] RSP: 002b:00007f6cbefb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 290.399000][T10221] RAX: ffffffffffffffda RBX: 00007f6cbe3b5fa0 RCX: 00007f6cbe18ebe9 [ 290.399015][T10221] RDX: 0000000000101440 RSI: 0000200000001cc0 RDI: ffffffffffffff9c [ 290.399034][T10221] RBP: 00007f6cbe211e19 R08: 0000000000000000 R09: 0000000000000000 [ 290.399049][T10221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 290.399064][T10221] R13: 00007f6cbe3b6038 R14: 00007f6cbe3b5fa0 R15: 00007ffe58985208 [ 290.399094][T10221] [ 291.111656][T10242] workqueue: max_active 109830553 requested for writeback is out of range, clamping between 1 and 2048 [ 291.795149][T10257] netlink: 146 bytes leftover after parsing attributes in process `syz.1.809'. [ 294.029525][T10305] Process accounting resumed [ 294.054688][T10304] qrtr: Invalid version 4 [ 294.489381][T10321] netlink: 146 bytes leftover after parsing attributes in process `syz.1.822'. [ 294.708194][T10328] FAULT_INJECTION: forcing a failure. [ 294.708194][T10328] name failslab, interval 1, probability 0, space 0, times 0 [ 294.848739][T10328] CPU: 1 UID: 0 PID: 10328 Comm: syz.0.826 Not tainted syzkaller #0 PREEMPT(full) [ 294.848762][T10328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 294.848771][T10328] Call Trace: [ 294.848776][T10328] [ 294.848783][T10328] dump_stack_lvl+0x16c/0x1f0 [ 294.848806][T10328] should_fail_ex+0x512/0x640 [ 294.848827][T10328] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 294.848844][T10328] should_failslab+0xc2/0x120 [ 294.848862][T10328] __kmalloc_cache_noprof+0x6a/0x3e0 [ 294.848877][T10328] ? lockdep_init_map_type+0x5c/0x280 [ 294.848895][T10328] ? snd_seq_prioq_new+0x3f/0x110 [ 294.848916][T10328] snd_seq_prioq_new+0x3f/0x110 [ 294.848933][T10328] snd_seq_queue_alloc+0x153/0x5a0 [ 294.848952][T10328] snd_seq_ioctl_create_queue+0xa9/0x380 [ 294.848974][T10328] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 294.848997][T10328] alloc_seq_queue+0xda/0x180 [ 294.849018][T10328] ? __pfx_alloc_seq_queue+0x10/0x10 [ 294.849050][T10328] ? mark_held_locks+0x49/0x80 [ 294.849066][T10328] ? _raw_spin_unlock_irq+0x23/0x50 [ 294.849084][T10328] snd_seq_oss_open+0x38c/0xa20 [ 294.849109][T10328] odev_open+0x6f/0x90 [ 294.849127][T10328] ? __pfx_odev_open+0x10/0x10 [ 294.849146][T10328] soundcore_open+0x40c/0x580 [ 294.849167][T10328] ? __pfx_soundcore_open+0x10/0x10 [ 294.849196][T10328] chrdev_open+0x234/0x6a0 [ 294.849215][T10328] ? __pfx_apparmor_file_open+0x10/0x10 [ 294.849231][T10328] ? __pfx_chrdev_open+0x10/0x10 [ 294.849250][T10328] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 294.849269][T10328] do_dentry_open+0x982/0x1530 [ 294.849287][T10328] ? __pfx_chrdev_open+0x10/0x10 [ 294.849309][T10328] vfs_open+0x82/0x3f0 [ 294.849333][T10328] path_openat+0x1de4/0x2cb0 [ 294.849355][T10328] ? __pfx_path_openat+0x10/0x10 [ 294.849377][T10328] do_filp_open+0x20b/0x470 [ 294.849393][T10328] ? __pfx_do_filp_open+0x10/0x10 [ 294.849423][T10328] ? alloc_fd+0x471/0x7d0 [ 294.849444][T10328] do_sys_openat2+0x11b/0x1d0 [ 294.849464][T10328] ? __pfx_do_sys_openat2+0x10/0x10 [ 294.849492][T10328] __x64_sys_openat+0x174/0x210 [ 294.849513][T10328] ? __pfx___x64_sys_openat+0x10/0x10 [ 294.849542][T10328] do_syscall_64+0xcd/0x490 [ 294.849562][T10328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.849576][T10328] RIP: 0033:0x7feac8d8ebe9 [ 294.849588][T10328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 294.849601][T10328] RSP: 002b:00007feac9c35038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 294.849615][T10328] RAX: ffffffffffffffda RBX: 00007feac8fb5fa0 RCX: 00007feac8d8ebe9 [ 294.849625][T10328] RDX: 0000000000143900 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 294.849634][T10328] RBP: 00007feac8e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 294.849643][T10328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 294.849651][T10328] R13: 00007feac8fb6038 R14: 00007feac8fb5fa0 R15: 00007fff22cae528 [ 294.849670][T10328] [ 298.157845][T10386] netlink: 146 bytes leftover after parsing attributes in process `syz.3.834'. [ 300.884079][T10433] zswap: compressor 000 not available [ 301.002778][T10442] FAULT_INJECTION: forcing a failure. [ 301.002778][T10442] name failslab, interval 1, probability 0, space 0, times 0 [ 301.019592][T10442] CPU: 1 UID: 0 PID: 10442 Comm: syz.1.846 Not tainted syzkaller #0 PREEMPT(full) [ 301.019628][T10442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 301.019643][T10442] Call Trace: [ 301.019652][T10442] [ 301.019662][T10442] dump_stack_lvl+0x16c/0x1f0 [ 301.019703][T10442] should_fail_ex+0x512/0x640 [ 301.019738][T10442] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 301.019777][T10442] should_failslab+0xc2/0x120 [ 301.019810][T10442] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 301.019845][T10442] ? __kthread_create_on_node+0x186/0x3f0 [ 301.019885][T10442] kvasprintf+0xbc/0x160 [ 301.019909][T10442] ? __pfx_kvasprintf+0x10/0x10 [ 301.019948][T10442] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 301.019981][T10442] __kthread_create_on_node+0x186/0x3f0 [ 301.020015][T10442] ? __pfx___kthread_create_on_node+0x10/0x10 [ 301.020060][T10442] ? __lock_acquire+0xb97/0x1ce0 [ 301.020096][T10442] ? __pfx_dvb_frontend_thread+0x10/0x10 [ 301.020133][T10442] kthread_create_on_node+0xc7/0x100 [ 301.020165][T10442] ? __pfx_kthread_create_on_node+0x10/0x10 [ 301.020205][T10442] ? mark_held_locks+0x49/0x80 [ 301.020236][T10442] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 301.020263][T10442] ? lockdep_hardirqs_on+0x7c/0x110 [ 301.020301][T10442] dvb_frontend_open+0xf47/0x1730 [ 301.020355][T10442] ? __pfx_dvb_frontend_open+0x10/0x10 [ 301.020393][T10442] dvb_device_open+0x270/0x3b0 [ 301.020430][T10442] ? __pfx_dvb_device_open+0x10/0x10 [ 301.020463][T10442] chrdev_open+0x234/0x6a0 [ 301.020493][T10442] ? __pfx_apparmor_file_open+0x10/0x10 [ 301.020521][T10442] ? __pfx_chrdev_open+0x10/0x10 [ 301.020556][T10442] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 301.020588][T10442] do_dentry_open+0x982/0x1530 [ 301.020617][T10442] ? __pfx_chrdev_open+0x10/0x10 [ 301.020653][T10442] vfs_open+0x82/0x3f0 [ 301.020692][T10442] path_openat+0x1de4/0x2cb0 [ 301.020734][T10442] ? __pfx_path_openat+0x10/0x10 [ 301.020772][T10442] do_filp_open+0x20b/0x470 [ 301.020802][T10442] ? __pfx_do_filp_open+0x10/0x10 [ 301.020858][T10442] ? alloc_fd+0x471/0x7d0 [ 301.020896][T10442] do_sys_openat2+0x11b/0x1d0 [ 301.020933][T10442] ? __pfx_do_sys_openat2+0x10/0x10 [ 301.020985][T10442] __x64_sys_openat+0x174/0x210 [ 301.021023][T10442] ? __pfx___x64_sys_openat+0x10/0x10 [ 301.021074][T10442] do_syscall_64+0xcd/0x490 [ 301.021109][T10442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 301.021134][T10442] RIP: 0033:0x7f6cbe18ebe9 [ 301.021156][T10442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 301.021180][T10442] RSP: 002b:00007f6cbefb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 301.021202][T10442] RAX: ffffffffffffffda RBX: 00007f6cbe3b5fa0 RCX: 00007f6cbe18ebe9 [ 301.021217][T10442] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 301.021233][T10442] RBP: 00007f6cbe211e19 R08: 0000000000000000 R09: 0000000000000000 [ 301.021248][T10442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 301.021261][T10442] R13: 00007f6cbe3b6038 R14: 00007f6cbe3b5fa0 R15: 00007ffe58985208 [ 301.021296][T10442] [ 301.021337][T10442] i2c i2c-0: dvb_frontend_start: failed to start kthread (-12) [ 303.499863][T10481] ================================================================== [ 303.507982][T10481] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 303.515738][T10481] Read of size 8 at addr ffff88802a3e0818 by task syz.3.853/10481 [ 303.523572][T10481] [ 303.525909][T10481] CPU: 0 UID: 0 PID: 10481 Comm: syz.3.853 Not tainted syzkaller #0 PREEMPT(full) [ 303.525941][T10481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 303.525957][T10481] Call Trace: [ 303.525966][T10481] [ 303.525976][T10481] dump_stack_lvl+0x116/0x1f0 [ 303.526015][T10481] print_report+0xcd/0x630 [ 303.526048][T10481] ? __virt_addr_valid+0x81/0x610 [ 303.526079][T10481] ? __phys_addr+0xe8/0x180 [ 303.526120][T10481] ? dvb_device_open+0x36a/0x3b0 [ 303.526157][T10481] kasan_report+0xe0/0x110 [ 303.526191][T10481] ? dvb_device_open+0x36a/0x3b0 [ 303.526230][T10481] ? __pfx_dvb_device_open+0x10/0x10 [ 303.526265][T10481] dvb_device_open+0x36a/0x3b0 [ 303.526300][T10481] ? __pfx_dvb_device_open+0x10/0x10 [ 303.526334][T10481] chrdev_open+0x234/0x6a0 [ 303.526365][T10481] ? __pfx_apparmor_file_open+0x10/0x10 [ 303.526390][T10481] ? __pfx_chrdev_open+0x10/0x10 [ 303.526422][T10481] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 303.526455][T10481] do_dentry_open+0x982/0x1530 [ 303.526486][T10481] ? __pfx_chrdev_open+0x10/0x10 [ 303.526521][T10481] vfs_open+0x82/0x3f0 [ 303.526560][T10481] path_openat+0x1de4/0x2cb0 [ 303.526595][T10481] ? __pfx_path_openat+0x10/0x10 [ 303.526630][T10481] do_filp_open+0x20b/0x470 [ 303.526659][T10481] ? __pfx_do_filp_open+0x10/0x10 [ 303.526701][T10481] ? alloc_fd+0x471/0x7d0 [ 303.526732][T10481] do_sys_openat2+0x11b/0x1d0 [ 303.526769][T10481] ? __pfx_do_sys_openat2+0x10/0x10 [ 303.526805][T10481] ? __pfx_do_sys_openat2+0x10/0x10 [ 303.526849][T10481] __x64_sys_openat+0x174/0x210 [ 303.526887][T10481] ? __pfx___x64_sys_openat+0x10/0x10 [ 303.526933][T10481] do_syscall_64+0xcd/0x490 [ 303.526969][T10481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.526995][T10481] RIP: 0033:0x7f014158ebe9 [ 303.527016][T10481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.527039][T10481] RSP: 002b:00007f014241d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 303.527065][T10481] RAX: ffffffffffffffda RBX: 00007f01417b5fa0 RCX: 00007f014158ebe9 [ 303.527082][T10481] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 303.527100][T10481] RBP: 00007f0141611e19 R08: 0000000000000000 R09: 0000000000000000 [ 303.527125][T10481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.527141][T10481] R13: 00007f01417b6038 R14: 00007f01417b5fa0 R15: 00007ffcf576ae58 [ 303.527168][T10481] [ 303.527177][T10481] [ 303.771963][T10481] Allocated by task 1: [ 303.776036][T10481] kasan_save_stack+0x33/0x60 [ 303.780729][T10481] kasan_save_track+0x14/0x30 [ 303.785404][T10481] __kasan_kmalloc+0xaa/0xb0 [ 303.789988][T10481] dvb_register_device+0x1e4/0x2370 [ 303.795192][T10481] dvb_register_frontend+0x5a6/0x880 [ 303.800485][T10481] vidtv_bridge_probe+0x459/0xa90 [ 303.805511][T10481] platform_probe+0x106/0x1d0 [ 303.810186][T10481] really_probe+0x23e/0xa90 [ 303.814688][T10481] __driver_probe_device+0x1de/0x440 [ 303.819977][T10481] driver_probe_device+0x4c/0x1b0 [ 303.825002][T10481] __driver_attach+0x283/0x580 [ 303.829767][T10481] bus_for_each_dev+0x13b/0x1d0 [ 303.834612][T10481] bus_add_driver+0x2e9/0x690 [ 303.839290][T10481] driver_register+0x15c/0x4b0 [ 303.844066][T10481] vidtv_bridge_init+0x45/0x80 [ 303.848835][T10481] do_one_initcall+0x120/0x6e0 [ 303.853598][T10481] kernel_init_freeable+0x5c2/0x910 [ 303.858791][T10481] kernel_init+0x1c/0x2b0 [ 303.863117][T10481] ret_from_fork+0x5d4/0x6f0 [ 303.867711][T10481] ret_from_fork_asm+0x1a/0x30 [ 303.872472][T10481] [ 303.874782][T10481] Freed by task 10442: [ 303.878835][T10481] kasan_save_stack+0x33/0x60 [ 303.883508][T10481] kasan_save_track+0x14/0x30 [ 303.888181][T10481] kasan_save_free_info+0x3b/0x60 [ 303.893223][T10481] __kasan_slab_free+0x60/0x70 [ 303.897982][T10481] kfree+0x2b4/0x4d0 [ 303.901872][T10481] dvb_device_put.part.0+0x60/0x90 [ 303.906983][T10481] dvb_device_open+0x2a4/0x3b0 [ 303.911747][T10481] chrdev_open+0x234/0x6a0 [ 303.916164][T10481] do_dentry_open+0x982/0x1530 [ 303.920929][T10481] vfs_open+0x82/0x3f0 [ 303.925001][T10481] path_openat+0x1de4/0x2cb0 [ 303.929589][T10481] do_filp_open+0x20b/0x470 [ 303.934090][T10481] do_sys_openat2+0x11b/0x1d0 [ 303.938772][T10481] __x64_sys_openat+0x174/0x210 [ 303.943633][T10481] do_syscall_64+0xcd/0x490 [ 303.948139][T10481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.954023][T10481] [ 303.956334][T10481] The buggy address belongs to the object at ffff88802a3e0800 [ 303.956334][T10481] which belongs to the cache kmalloc-256 of size 256 [ 303.970380][T10481] The buggy address is located 24 bytes inside of [ 303.970380][T10481] freed 256-byte region [ffff88802a3e0800, ffff88802a3e0900) [ 303.984082][T10481] [ 303.986394][T10481] The buggy address belongs to the physical page: [ 303.992801][T10481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2a3e0 [ 304.001559][T10481] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 304.010050][T10481] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 304.017597][T10481] page_type: f5(slab) [ 304.021582][T10481] raw: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 304.030164][T10481] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 304.038743][T10481] head: 00fff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 304.047407][T10481] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 304.056078][T10481] head: 00fff00000000001 ffffea0000a8f801 00000000ffffffff 00000000ffffffff [ 304.064753][T10481] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 304.073416][T10481] page dumped because: kasan: bad access detected [ 304.079830][T10481] page_owner tracks the page as allocated [ 304.085530][T10481] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 19032799374, free_ts 0 [ 304.105237][T10481] post_alloc_hook+0x1c0/0x230 [ 304.109999][T10481] get_page_from_freelist+0x132b/0x38e0 [ 304.115540][T10481] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 304.121428][T10481] alloc_pages_mpol+0x1fb/0x550 [ 304.126275][T10481] new_slab+0x247/0x330 [ 304.130423][T10481] ___slab_alloc+0xcf2/0x1740 [ 304.135092][T10481] __slab_alloc.constprop.0+0x56/0xb0 [ 304.140469][T10481] __kmalloc_cache_noprof+0xfb/0x3e0 [ 304.145748][T10481] bus_add_driver+0x92/0x690 [ 304.150335][T10481] driver_register+0x15c/0x4b0 [ 304.155098][T10481] usb_register_driver+0x216/0x4d0 [ 304.160212][T10481] au0828_init+0xb7/0x1a0 [ 304.164541][T10481] do_one_initcall+0x120/0x6e0 [ 304.169301][T10481] kernel_init_freeable+0x5c2/0x910 [ 304.174491][T10481] kernel_init+0x1c/0x2b0 [ 304.178808][T10481] ret_from_fork+0x5d4/0x6f0 [ 304.183401][T10481] page_owner free stack trace missing [ 304.188750][T10481] [ 304.191058][T10481] Memory state around the buggy address: [ 304.196672][T10481] ffff88802a3e0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 304.204725][T10481] ffff88802a3e0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 304.212778][T10481] >ffff88802a3e0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 304.220822][T10481] ^ [ 304.225657][T10481] ffff88802a3e0880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 304.233709][T10481] ffff88802a3e0900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 304.241755][T10481] ================================================================== [ 304.296083][T10481] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 304.303305][T10481] CPU: 1 UID: 0 PID: 10481 Comm: syz.3.853 Not tainted syzkaller #0 PREEMPT(full) [ 304.312596][T10481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 304.322638][T10481] Call Trace: [ 304.325905][T10481] [ 304.328818][T10481] dump_stack_lvl+0x3d/0x1f0 [ 304.333398][T10481] vpanic+0x6e8/0x7a0 [ 304.337372][T10481] ? __pfx_vpanic+0x10/0x10 [ 304.341863][T10481] ? __pfx_vprintk_emit+0x10/0x10 [ 304.346877][T10481] ? dvb_device_open+0x36a/0x3b0 [ 304.351803][T10481] panic+0xca/0xd0 [ 304.355516][T10481] ? __pfx_panic+0x10/0x10 [ 304.359917][T10481] ? dvb_device_open+0x36a/0x3b0 [ 304.364845][T10481] ? preempt_schedule_common+0x44/0xc0 [ 304.370288][T10481] ? preempt_schedule_thunk+0x16/0x30 [ 304.375648][T10481] check_panic_on_warn+0xab/0xb0 [ 304.380573][T10481] end_report+0x107/0x170 [ 304.384887][T10481] kasan_report+0xee/0x110 [ 304.389290][T10481] ? dvb_device_open+0x36a/0x3b0 [ 304.394214][T10481] ? __pfx_dvb_device_open+0x10/0x10 [ 304.399487][T10481] dvb_device_open+0x36a/0x3b0 [ 304.404239][T10481] ? __pfx_dvb_device_open+0x10/0x10 [ 304.409515][T10481] chrdev_open+0x234/0x6a0 [ 304.413951][T10481] ? __pfx_apparmor_file_open+0x10/0x10 [ 304.419485][T10481] ? __pfx_chrdev_open+0x10/0x10 [ 304.424410][T10481] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 304.430726][T10481] do_dentry_open+0x982/0x1530 [ 304.435481][T10481] ? __pfx_chrdev_open+0x10/0x10 [ 304.440413][T10481] vfs_open+0x82/0x3f0 [ 304.444495][T10481] path_openat+0x1de4/0x2cb0 [ 304.449072][T10481] ? __pfx_path_openat+0x10/0x10 [ 304.453998][T10481] do_filp_open+0x20b/0x470 [ 304.458490][T10481] ? __pfx_do_filp_open+0x10/0x10 [ 304.463523][T10481] ? alloc_fd+0x471/0x7d0 [ 304.467839][T10481] do_sys_openat2+0x11b/0x1d0 [ 304.472508][T10481] ? __pfx_do_sys_openat2+0x10/0x10 [ 304.477694][T10481] ? __pfx_do_sys_openat2+0x10/0x10 [ 304.482885][T10481] __x64_sys_openat+0x174/0x210 [ 304.487726][T10481] ? __pfx___x64_sys_openat+0x10/0x10 [ 304.493091][T10481] do_syscall_64+0xcd/0x490 [ 304.497601][T10481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.503480][T10481] RIP: 0033:0x7f014158ebe9 [ 304.507893][T10481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.527484][T10481] RSP: 002b:00007f014241d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 304.535880][T10481] RAX: ffffffffffffffda RBX: 00007f01417b5fa0 RCX: 00007f014158ebe9 [ 304.543845][T10481] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 304.551807][T10481] RBP: 00007f0141611e19 R08: 0000000000000000 R09: 0000000000000000 [ 304.559767][T10481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.567724][T10481] R13: 00007f01417b6038 R14: 00007f01417b5fa0 R15: 00007ffcf576ae58 [ 304.575685][T10481] [ 304.578949][T10481] Kernel Offset: disabled [ 304.583272][T10481] Rebooting in 86400 seconds..