last executing test programs: 2m6.424365773s ago: executing program 0 (id=581): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) (async, rerun: 64) sysfs$auto(0x2, 0x10000000000002a, 0x0) (async, rerun: 64) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r0, 0x4008af25, &(0x7f0000000000)=0x7) (async, rerun: 64) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) (rerun: 64) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) socket(0x10, 0x3, 0x6) (async) r1 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000b00), 0x0, 0x0) read$auto(r1, 0x0, 0x4) (async, rerun: 64) rseq$auto(0x0, 0x6, 0x3, 0xff) (rerun: 64) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, r2, 0x27fff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8df41, 0x0) msync$auto(0x1ffff000, 0x1800000ff010000, 0x400000004) socket(0x15, 0xa, 0x5) (async) ioperm$auto(0x3, 0x8001, 0x2000000000000149) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) eventfd$auto(0x0) (async) preadv2$auto(0x3, &(0x7f0000001000)={0x0, 0x9}, 0x5, 0xffffffffffffffff, 0x7, 0x2e) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) socket$nl_generic(0x10, 0x3, 0x10) (async) close_range$auto(0x2, 0xa, 0x0) (async) socket(0x18, 0xa, 0x1) (async) socket(0x1e, 0x2, 0x4) (async, rerun: 64) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) (rerun: 64) 2m5.743578461s ago: executing program 0 (id=585): mmap$auto(0x7fffffff9000, 0x5d3e, 0x7fffffffffffffff, 0x3132, 0x8d73, 0x0) mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x73) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x14) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) read$auto(r0, 0x0, 0x2) madvise$auto(0x0, 0x2003ec, 0x415) madvise$auto(0xfffffffffffffffe, 0x200004, 0x19) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/stat\x00', 0x40440, 0x0) read$auto_proc_single_file_operations_base(r1, &(0x7f0000000040)=""/9, 0x9) fsopen$auto(0x0, 0x3) mmap$auto(0x0, 0x3, 0xb, 0x3132, 0x4008df3, 0x0) syz_clone(0x4180200, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x86, 0x8, &(0x7f0000000280)={0x40000000000800, 0x9}, 0x0, 0x7) mmap$auto(0x7fffffffe000, 0x5, 0x7fffffffffffffff, 0x3132, 0x8d73, 0x0) socketpair$auto(0x9, 0x7, 0x1a, &(0x7f0000000000)=0x60000000) 2m4.344455806s ago: executing program 0 (id=587): mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, 0x0, 0x20000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000001680)='/sys/kernel/tracing/uprobe_events\x00', 0x2, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x2584, 0x0) ioctl$auto(0x3, 0x40045542, 0xb551) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80102, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000300)='/dev/midi2\x00', 0x80b00, 0x0) close_range$auto(0x2, 0x8000, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_nlbl_unlbl(0x0, r0) sendmsg$auto_NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10010}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4081}, 0xc000) ioctl$auto_TIOCSCTTY(r0, 0x540e, &(0x7f0000000040)="f889202fd17ce1d37114caca0e944cd54618f82961bff0b5013c8369d0c4c854a538a27375e63952f4fb4f102715f5a77e4c235d7417ff1c4b6353883893d3b0246bac2fb723bc97b2eb7adf5df723f7") socket(0x11, 0x80003, 0x300) 2m2.302213136s ago: executing program 0 (id=592): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) madvise$auto(0x0, 0xffffffffffff0006, 0x55) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x7ffe) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$dir(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x9, 0x0, 0xfb3) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x80009, 0x0, 0x0, &(0x7f00000002c0)={[0x4, 0x8000, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0xd, 0x1, 0x2, 0x1000, 0x6d3e, 0x9, 0x2, 0x10b]}, 0x0) openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f0000002440)='/sys/kernel/tracing/tracing_on\x00', 0x202, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) sendmsg$auto(r2, 0x0, 0xff) select$auto(0x9, &(0x7f00000000c0)={[0xeeca, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a1842, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) socket(0x2c, 0x3, 0x0) io_uring_register$auto(0x2, 0x0, 0x0, 0x3) 1m57.639577182s ago: executing program 0 (id=601): mmap$auto(0x0, 0x3, 0xb, 0x3132, 0x4008df3, 0x0) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x5, 0x7181, 0x81, 0x7, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000000, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x4000000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) read$auto(0xffffffffffffffff, &(0x7f0000000100)='nl80211\x00', 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="12"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="1f91f2c3881f4610e18d5fc5e5bfd9800e9b50", 0x13) 1m56.62795454s ago: executing program 0 (id=604): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_FS_IOC_SETFLAGS2(0xffffffffffffffff, 0x40086602, 0x0) mmap$auto(0x2, 0x20009, 0x4, 0xeb1, r0, 0x18000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x6) r1 = socket(0x10, 0x2, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) socket(0x28, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a00279e"], 0x1ac}, 0x1, 0x0, 0x0, 0x20000001}, 0x40000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x1f, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x9, 0x5, 0x0, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x205, 0x8, 0x0, 0x3ffff, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x8, 0x0, 0x8000004, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x100000000, 0x1, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x20, 0x4, 0x0, 0x0, 0x2000000000000000]}, 0x203, 0x7d) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0) ioctl$auto_UI_SET_LEDBIT(0xffffffffffffffff, 0x40045569, &(0x7f00000003c0)=0x4) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x6, 0x2, 0x2) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(0x3, 0x89e1, 0x91) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x12a382, 0x0) write$auto_split_huge_pages_fops_huge_memory(r4, &(0x7f0000000100)='1', 0x1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) 1m41.419077353s ago: executing program 32 (id=604): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_FS_IOC_SETFLAGS2(0xffffffffffffffff, 0x40086602, 0x0) mmap$auto(0x2, 0x20009, 0x4, 0xeb1, r0, 0x18000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x3, 0x6) r1 = socket(0x10, 0x2, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) socket(0x28, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1b000000", @ANYBLOB="1a00279e"], 0x1ac}, 0x1, 0x0, 0x0, 0x20000001}, 0x40000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x1f, 0x940, 0x1ffde, 0x3, 0x6, 0x8000003, 0x9, 0x5, 0x0, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x205, 0x8, 0x0, 0x3ffff, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x8, 0x0, 0x8000004, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x100000000, 0x1, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x20, 0x4, 0x0, 0x0, 0x2000000000000000]}, 0x203, 0x7d) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40005, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0) ioctl$auto_UI_SET_LEDBIT(0xffffffffffffffff, 0x40045569, &(0x7f00000003c0)=0x4) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2711}, 0x51) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x6, 0x2, 0x2) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) ioctl$auto(0x3, 0x89e1, 0x91) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x12a382, 0x0) write$auto_split_huge_pages_fops_huge_memory(r4, &(0x7f0000000100)='1', 0x1) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) 21.856818101s ago: executing program 3 (id=773): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x9, 0x10000df, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x5, 0x0) r0 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000000)) setsockopt$auto_SO_BUF_LOCK(r0, 0x1, 0x48, &(0x7f0000000100)='bridge_slave_0\x00', 0x865) unshare$auto(0x40000080) r1 = socket(0x10, 0x2, 0x0) fsopen$auto(0x0, 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0x2, 0x1, 0x106) setuid$auto(0xe) setsockopt$auto(r3, 0x6, 0xd, 0x0, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x850) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0x8000000000000eb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event0\x00', 0x80801, 0x0) ioctl$auto_EVIOCGMASK(r4, 0x80104592, &(0x7f0000000040)={0x4, 0x80, 0x5}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00'}) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40010) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x4000000) 17.576256764s ago: executing program 3 (id=783): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x5, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8}) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x5, 0x94) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) r2 = clone$auto(0x2, 0x32e, &(0x7f0000000180)=0xe, &(0x7f00000001c0)=0x16, 0x3ff) prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_ON(0x1, 0x1, r2, 0x1, 0x199) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) open_by_handle_at$auto(r1, &(0x7f0000000000)={0x8, 0x2, 'u\x00\x00\x00\x00\x00\x00\x00'}, 0x2) 14.231329063s ago: executing program 3 (id=786): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), r1) ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000140)={0x11, 0x4, 0x7, 0x1, 0x8, 0x800, &(0x7f0000000080)="54a2c9f076296d3c9aff8c59eb2ded49f215d08cfed8ee2f4b9625b446e0f2f3e6375079dff68c04dfe60551df68deddfbf0b209661a27b1ab5470a4c07d186d45738d66acff0eb42071560d5f90bddb4fbcf804e4e81baf7c49c5ddc34ac1ee901737e47936c07a5a44741fa2f6b4200b7cc50e4f24d3ad6eb566f89cf7155860812cb939e080bba87c424cab57b8d4e0954656942ec7ab9d01280c642062ae67fbe03a33108660"}) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto_KVM_GET_MSR_FEATURE_INDEX_LIST(r0, 0xc004ae0a, &(0x7f0000000040)={0x5ee, [0x7, 0x5, 0x1ff, 0x80000001]}) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/ram1/queue/zone_write_granularity\x00', 0x8a340, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000000)=""/40, 0x28) 10.443449666s ago: executing program 3 (id=793): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0006, 0x17) madvise$auto(0x0, 0x400053, 0x9) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) nanosleep$auto(&(0x7f0000000180)={0x0, 0x44d4}, 0x0) getpid() clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) socket$nl_generic(0x11, 0x3, 0x10) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) openat$auto_rb_simple_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/tracing_on\x00', 0x80, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3c, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000) r1 = socket(0xa, 0x801, 0x84) r2 = socket(0xa, 0x5, 0x84) getsockopt$auto(r2, 0x84, 0x9, 0x0, &(0x7f0000000000)=0x9b) r3 = socket(0x22, 0x3, 0x0) syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), r3) setsockopt$auto(r1, 0x10000000084, 0x9, 0x0, 0x9c) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) 10.195466641s ago: executing program 2 (id=794): sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001900)=ANY=[@ANYBLOB="042b0000", @ANYRES16, @ANYBLOB="000227bd7000fbdbdf250a0000000800100002000000700115806901bc8019535fe2d9b96eca9b3542e751bb7513af45c70eb79549e6621db9d4719a1be79c25d8a5befafcb9da455471a285295c1d48fe8658f957f31839d4f7dc45de7105b8c541accdada32002aba7e2d8e2a79cc88f5fbe0339e2b98002f61b1c93bcc5934cbbd2ebc6ab91944c51e3aceb9a0f4aac244560bfdf5b289225f77f1c154b56e0a4009c2348a2381b30e0c5929de547e132356e56207edc6008912adf6b527a5581afe70ef1dbac0753a0deac37fc4e3e4f5411eca88b3e084fdd36803a1f25337e1db441919c0ca0ed6d78f688ca2b5ad4fa9323428049fab03be0b8f0b2444f3e9aabc7dbf5af8f91f01a213d6da45a0701f50a0cedc857c1e046f817aeb3aaffd0754ff0d930c02f6f00d9ef09ed1389094b31ba09ace7a769b6063c53955a79e447c05ae4a85f35f9ba3edae6e0a666475ca5a3c6215a5c28527cf60ed9d5ac97040012800800", @ANYRES32, @ANYBLOB="040011800800b20010000000040006800400c58000000028040580af00dc80040056004f51569fdf6032876a3785b1794ce570446bbc540979f9b302debc3d2de2c10c694d41eb5fb432e53daad8608cc6b32de50a266e340ea052675aaba2f1aa4fd70e9424813f9a900dd3da41422675d94abd65c57993bdad7647bc0f6652581bb568112a803ddf4899cdff7dce6050fe5949ee5b08001600", @ANYRES32, @ANYBLOB="0700f4002c280000040033800400978014004f0000000000000000000000ffff6401010108001800", @ANYRES32, @ANYBLOB="00d400f280cc000e001f75e24af5f8cf0dc6c45b31c1cc0052e6d853f47cfe16f0c0a35256fb3cf1ae2a0c57cdcbf6640ca2de0a68c388d29f5f5a9db39e0104df66fdf1ed2edfdfd1a696651aac00f8df6826bbbf10e992c0ae6321024f699d7d9db1a277ec405c7e8ed8e061e4c7e9ce657d2827f3e5ff98b8f12c94fcfea0025ef80922e107b24b683a1c936123c04fa94baf952aa74ce9871171386a435f8d2fdaa5d91d9ce861cf98c205b58f73d3a896cf8329efc477f532ff75831f9f1d2feaa2b247c9234a3e82fc3ad71bfdaa040082800800380002000000080041800400c28037012880517f86a2385b23ae0213e6f24115c850255fc427b76455f48a7a80986ecc06464a0c1adbf3376f702c55b476921b7e8b8f5c1402ac9ab03d507a8a580fcbbbd75a37c45432882507ff45bb447dcbf3039d3d1e59d1f45a6cad95f47f11000400b3803600b0002f7379732f646576696365732f7669727475616c2f626c6f636b2f6c6f6f70312f696e746567726974792f666f726d61740000000400d18008005100040000000800e8", @ANYRES32, @ANYBLOB="04005280246b7a"], 0x2b04}, 0x1, 0x0, 0x0, 0x1051}, 0x44844) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) utimensat$auto(r0, &(0x7f0000000040)='\x00', &(0x7f0000001cc0)={0x23, 0x2}, 0x1000) 9.990288849s ago: executing program 2 (id=795): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)='5', 0x1) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x1000, 0xaf00, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x5, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8}) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x5, 0x94) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) open_by_handle_at$auto(r2, &(0x7f0000000000)={0x8, 0x2, 'u\x00\x00\x00\x00\x00\x00\x00'}, 0x2) 8.994505188s ago: executing program 1 (id=796): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x1c9802, 0x0) pread64$auto(r0, &(0x7f0000000200)='/proc/scsi/sg/devices\x00', 0x100000001, 0xfd) sysfs$auto(0x2, 0x2, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/acpi/interrupts/gpe02\x00', 0x2, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/neigh/veth0/interval_probe_time_ms\x00', 0x62242, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xa) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_kernel_debug_fops_orangefs_debugfs(0xffffffffffffff9c, &(0x7f0000000640), 0x400080, 0x0) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker\x00', 0x201, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) write$auto(0x3, 0x0, 0x5b0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r1, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000000)={0x80000001, 0xe, 0x2, 0x6, 0x5, 0x5, 0xffffffffffffffff, [0xdd8], {0xd74c, 0x6, 0x2, 0x29f, 0x2, 0x7f, 0x104, 0xa, 0x90}, {0xff, 0x1, 0x10001, 0x4, 0x1, 0x40, 0x101, 0x80400008, 0x100000005}}) io_uring_enter$auto(r1, 0x9, 0x820e, 0x9, 0x0, 0x18) 8.123094952s ago: executing program 2 (id=797): mmap$auto(0x0, 0x2020006, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x73) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x14) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) read$auto(r0, 0x0, 0x2) madvise$auto(0x0, 0x2003ec, 0x415) madvise$auto(0xfffffffffffffffe, 0x200004, 0x19) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/stat\x00', 0x40440, 0x0) read$auto_proc_single_file_operations_base(r1, &(0x7f0000000040)=""/9, 0x9) fsopen$auto(0x0, 0x3) mmap$auto(0x0, 0x3, 0xb, 0x3132, 0x4008df3, 0x0) syz_clone(0x4180200, 0x0, 0x0, 0x0, 0x0, 0x0) futex$auto(0x0, 0x86, 0x8, &(0x7f0000000280)={0x40000000000800, 0x9}, 0x0, 0x7) mmap$auto(0x7fffffffe000, 0x5, 0x7fffffffffffffff, 0x3132, 0x8d73, 0x0) socketpair$auto(0x9, 0x7, 0x1a, &(0x7f0000000000)=0x60000000) 7.15734277s ago: executing program 1 (id=798): mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0xa, 0x2, 0x73) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/usbip-vudc.0/udc/usbip-vudc.0/current_speed\x00', 0x181040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)=""/206, 0xce) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000000), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$auto_NETDEV_CMD_NAPI_GET2(r2, &(0x7f0000003f40)={0x0, 0x0, &(0x7f0000003f00)={&(0x7f0000003e80)={0x1c, r3, 0x309, 0x70bd2b, 0x25dfdbfe, {}, [@NETDEV_A_NAPI_IFINDEX={0x8, 0x1, r4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) pkey_mprotect$auto(0x100000001, 0x6, 0x30, 0x100) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)={0x28, r6, 0x1, 0x74bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_TX={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x24010881}, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000000380)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000300)={0x64, r3, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@NETDEV_A_QUEUE_ID={0x8, 0x1, 0x7fffffff}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x9}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r7}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x10}, @NETDEV_A_QUEUE_ID={0x8}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x80}, @NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x5}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x7}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0xc}]}, 0x64}, 0x1, 0x0, 0x0, 0x880}, 0x48004) socket(0x23, 0x2, 0x0) sendto$auto(0x4, 0x0, 0x8000, 0x0, &(0x7f0000000100)=@in={0x23}, 0x80) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x3, 0x21) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r8 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyr7\x00', 0x101e83, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x26, 0x80805, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) mmap$auto(0x0, 0x2000d, 0x4000000000df, 0xeb1, 0x800000404, 0x8000) socket(0x2, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/sync_on_suspend\x00', 0x1a1942, 0x0) read$auto(0x3, 0x0, 0x80) writev$auto(r8, &(0x7f0000000280)={0x0, 0x5}, 0x1) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/smaps_rollup\x00', 0x1a3000, 0x0) 6.991102037s ago: executing program 2 (id=799): mmap$auto(0x0, 0x3, 0xb, 0x3132, 0x4008df3, 0x0) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x5, 0x7181, 0x81, 0x7, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000000, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x4000000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) read$auto(0xffffffffffffffff, 0x0, 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="1f91f2c3881f4610e18d5fc5e5bfd9800e", 0x11) 6.532415567s ago: executing program 2 (id=801): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0x5, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x4000840}, 0x2000c840) sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x34000}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x3f3) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x0, 0x5, 0x0, 0x4, 0x5) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x203, 0x7, 0xd, 0x8fd6, 0x948b, 0x6, 0x6, 0x3, 0x3, 0x0, 0x80000001, 0x800, 0x1, 0x9, 0x200000000001, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400008, 0x10001, 0xf1, 0x2, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0) sendfile$auto(r1, 0x3, 0x0, 0x7) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) sendfile$auto(0x3, 0xffffffffffffffff, 0x0, 0x400000000006) open(0x0, 0x305683, 0x81) tkill$auto(0x0, 0x7) write$auto(0x3, 0x0, 0x100082) unshare$auto(0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_BTRFS_IOC_SUBVOL_CREATE(0xffffffffffffffff, 0x5000940e, &(0x7f0000001180)={@raw, "ad5b0f97f8f1ef80d0973e1936932a63bce50eeda9c003900e74494e066b2d150a3bab3826e5741987d4e60f8d1282301e055d6c76aaf5d0a151881d83847ee37037ea28a1cd66606ae24c647533ff2fa27e656a0632f86b3f442e49d20abafb41893ea58caf1c51f0f47f3303d4b2f3e70dc99eac63059e13bee36def5e2c7a7ec366c63705b6990b31caee33056562aa0c27eb02800de1f3d05db54427d7b2a18bfa88c2a0fd96dfcdb3d6196870fddc7897518819b984548f500998ca924a25c395e24d3bb48349fac2fca64b34e6345b459658f4c55e310a9f7b9d2e24158a70a0e9501fbd758e5eec71c9c5e6eb4153873394c753483505e975d2bf6b3677b5cf48f07b04a3bebe7c236584b45519629e4e7bdac7e16e055f48d1380eee016b12d660d30b1f46cbe14b9e5c215f1381160f6005787b88d3016ea1080c497ae4bf467b6c2365ba8e453a5bae1c8e96ab0618c685882bf99e11aa71c9aa795a6bc987daa49d796f55cc172213f58fc6c5cac2a0633a0d087bcb99386eac328e439c72359b07fc80e4a91d6b92d308e04238d47b86489a8cdd3b1c11d7a95c31e5382009cc7cb4e0ad2cb5b9bff5f7c88b23e213ebbf32202b004600f188e581d6bc1ea2e35dff00a6444c5fd84337a6f21c5035214180714087d06b0dc5ea8134119bb457547dee421f0355e4dad19847a989d5a2bb3a763397ea22c2881ae0cee9b9cf64b0ce22e06f568b216f83ed2714764632e1855689a64ca017e42990702f8c98389373ea635792afe48ae94faa63ab2d563e05fabb3f46b67612ba80a0d16899d9edf6ef15e2660791d32ce1323a088f5b307fa5b71444a62390cae9a543ff09b60558c238b8473e9c2c665e69597347de34acedb8a3d2835029ffca71fdf1a8157dc1e1ee8b59acba9fca38ebaf131c2a6ba84e09012da2e9754440ca6ad9a2e2e7b37dd842b14f10064bda964f3e520138bbf80ff7fec074ba37800730b092303daf279f5f031ab2e46ff24a756982a78270bee31333ab8b53c1fa0db85455ecba4db23c2fbbd6d16f70f7a81f131bc139474e4cf7632a2c967b5d92d06b2ad2389a082a0ab15293bf6593782071d289e9045d72ea08211e6c9447830a62b2fab62a8018854d98d4fe1984d50787805e96c57d89dff4c1d4fa1459ef94b3cbebcbcd64e62c080c9d61530e08d3662fec2122fbd98bb52673c74ae1b17a2b8494feee3d21db79c95a78aa2d88f4bed9d197745d228089804c8a2ed1713fba4753fd7b77cf04422ea4af3c81e0815df620900695e25d2c61b8041aaff7322b7f4090253693435cdcbe770bef46e3315f2a0de0518e82b37af98961b7a41d29e3f07ba710c5261a12b50380fc4bcad113cc3d452af2399872c7e573b28fbdab0489a4035568017ec57e94330433e234da9d86462aed5940927f2da05630c929e0977519f57a01b12320245f068075e357e90459c608700aa2db79403c4f96c2553089eaaaa1bf49e16455128764d33f83f37b286a07e9f15a5dbf7f4e9671bbdfd4dc85079c8c34d99ba5925c0379695686254101fbd14fca94b74222f7c1a3cbdfbb44036b2f16d695f6b472f627c05e65195478e46e7c91ae83091a5c148df66d4482d7b5b5306e0a35d9d9351c6c108658f736b615bab8415e30dd52481a36e416801b774965bd34e4e64cea00c286b0bf35dd4ad8e97f6c8861b03245ede76482d0190ad6c14fa65fe8cb11176407179c6860b497a96a3bb5cdf2f93c72e6918e1f34b54ce55211921d5f61a3d9d56f31f20c5695a3673bc2d4fe6f0d8416c250031f6c9ea85199cb0737a56f1b2b18536e29ed79c125de57a4673730071394992bf9250c8bbc864a6c8bb1b81969d7a147cdbed56bd43425502040b8282b3e402d649ac3bfc2cacdb7276da98c7d181c2ad1ff00b7616f1602242c6fa33c8f202d6c0bac24e28afa4aba4269942db4e418b7ed735134422a3e387c58d9bb148f996dfd3206518fc708df21e495eb8d33c20cb6a97604681f8fc96de9e757db53bcde63bf21581a946d39b1b977075806125aa62c6fd8857fc597c6168456849ffd57b9c4a244f816b5e9a5f01fbe7fd8e0f29a94560ddad531590acb5fb80593143864f7c64e197836ad745733937797230292e2ad9e572b4215918c2219669568864fb27162df46b21ae1a06cae24a3a291a22019a2dafb83ab54cf520ca6c0633350078b77295f54f0310944d451dac31e32bd7e52a1f9fcfb485cbda20edaf6afcf3c9be968682a84027493c6b1856b1bbddb553ff06b23e7f1978a24f33212a5d3b124d885cf1d839910c68d41e8e636dc154fff5bca369a5104bec4b69e8fba763754b58a55b1a20bbbdbcd373cfaa156ef8d64100f159e50ddc369c7123a5e99eb8211aafa7b9242d73f6d7d1d55b8afb389b6105cb765fa558457c39d0a7d8abd0305cf3af1bcbf8774e970d917e2c6355550c8023012fd32e68d0302b095a8ca026142b4ae677577dbe511fdcaca4d1fb007ad4a5589f68f8e17aaf7b39b4bf8a0e2823d772c155412d3d99c73b35e3932deeb40f7e460cf88d130f4bcad676370bf02c3c694c3b9d769a80f2018cbf971c62cf7524e2ca4efd562700f796a181090e4bf585e9e22322cd400e64c4573a4d6ac3d679991868b5517b5a4d7ba662cee0bf7a2c9560cc3a377615bff1e94d702302a3655b3a1235a266de10c4267d2d549c856e8536a6e9665fd6c4d8fe10c89dbdb75f25a33e7190e64a1946416b25732c7378348dc5adc86f2e43a5f504df228ad1ea801e613ce8eab896065d39514b15a17f9ce8f82383bdb54f8f1dbf245300d726d14994389790a471515cc86e518d1e152f6931d74c0c50e663f1fce6a80d17d1b505dcfb739cedc2e896f77ca9c1a8307426d97e71ebc5259c8bbd1256248d43e4399ab9772d7f42c77007d2bf4a1299cd4808e07a911e75641be704a95341cd15f2272ddfdbd47840f91488b3f62a4c6a55f38666d8672a25c18b667bb26d4eaeac13b99c23d8736ffb7d6841c5e584939fe34b0f8b94647f8d30807ea8ea3f799a8186a63da94ab06a90b0062841a685ef7767434ea8b14c9c0b974cf45c39e45100d7c715cad3b8a2acb74f2055f7766edfa999e79805e70ba55a2c356af281bd3004e0e9897b7eb8329d3c14530b8b8c77354b675e16676b4d2f1dfe7f569fe8d5439d7ca95ca2f46907d9ae1af7d29f0667ac573ac9d04a23197f52e6f312fbafce586fb24a752c1307864fc64c0f28fcb4dd48e868be113268727537f7e5cc7c45a842839dc17cbc1a05f540494c6b8831b718ababa61cd51462d25b327cebb0d910959a69020431fb3ff439b92493a0883dbc88795a4bf99f5d595ec9b553477e25e2021be9afdfb39a43353e93ffd95153535f0e66f3195c1c41443b818c1cf65a4b567aeaa68930acab02267b07112c17984f360a5777038f7b4d2470d4dcdd9e54363f62cda509e3328a462c0773de17d58a8f2af2f0178b2599ef1fef242114e43513ac49ca9609965200535de7677af6a97b54cc28659fdf89be35adb2299c1978223cd488a1cb935d048d36d24ba36431825ac3bcf6c5810d30ab1110974df660811b3b6fa635f2cb1b80d8a9683d86a3583f89fb3592583a465a6065d59f85eefec5f7728d7e23f4d4e0edfff0035d8202ab70911f1add2c2192d0941fc26b89fcf86e8b369170e77aabaec2fcd5718c0e5afefaea0857d5febef18f14151b7f611051b8a360f599c2e08ed1b959eb07ae9796b225d8179719683ea9507ed296167e7ed5d8963eeb01739a6c979778c0ba86c1bb3283ee6828289224f107ec10903f2ed03af9b9c7b78a745b43a5f57e5c00ee3410cc408138f24fc11ff1e048fa7a985b31dd70aa2d7f033a23bcb958a490dcda393ef3d5cb9ae4d48da5244169d5f58c3e8dd1860f9dbd05056834dac4ce387bd59627dd31559e0ea9516e37fa24f77b0c172b8883af7abaaa8ee5fc578cb0959bdb90e54cd8b0ed8a51b702221072172759f563c5c2d195b14cfd9c465a0326907bfd7a84bdb6218d7cbcba350704887abd35d50eb0993840670d256a472b77fa8978740a765b7d2b6c87bbf13a7e068129ce93d527aba66c6d0d843d7252ba3b18a8fd7f9f5cd47a0bdd88d92b53a0c82b1860d384e07060792a8e3c33538348aae17167fd34638d2d31d1d2cec8cceb26bd978cbbd91a62ad80656adc38be3d8448737d1ac1e27135b801680bd091ce63f18f2528cb91246350feafed93e4778321ac3bb99c09847f0324335b2a1d86d4411a40d2bc00fc25e46a4bb15d090bb9db05f6e47a8a9359ae743d8263425f08206e0948d96c268eebed62fd150f0621b10aa862d3abdf9ec409a8a15746af323d91489ab01868810b3266ee48d7a706d3a3996384fb31cac51fc92ae2b4f223c8f207bb9ff1c4f1ae3f04f8b40b5dfbca76702fd1308646d79e40a5b6d1bded5493f4d32fc3aaa21feffb8b35b398e96404fe358d8145e25bfc4a34e4d0385f1d8dde6d9f5cd7d79de02449cc62cb955739f3a4190032dbf32786aabe9a24b9926c1d16c02148feb9303cc1c9a2c5430cbc568e4afd3f7e1ce185bc94dc2f232e1b540bec8b3c6c4d66a8febe0679e5fb1af753d22c100709676d1ec36c8aa66e332fc6162390fd4fcdbb05066c91654c6942e307bd08d83684996a918802b58182807b4fce3098d80a752bc6740eaf9959505919e96e16c7d667fb4856ec76cbde89bb9cf75888e768aa857b80859307f93c2d7f4dcd9cc265185c6a8765888ce33146788a6366a589de0196c84b1a010a47a5ca39533339a8540c73b02279844e15faea7bbf7c432f1af13b42bd4ed2a16ca5c0ba1561a432006d925d0d8e4d29d7dfdb3ece337ea2565d5b754c25d9924b848f1cd98481c2e738d2372ff17a55fa9cec696740016d6ea222b9139d3d9cd27893eb9dc0aaaa7aaac84adc93e6d1d3f224a76a3cf25a53d876cff4d820adaab0d0568719e516820caf76318256ce9fd7c432953a8545aac0a20c177c27d62054399350c2df129c73c1f1935f0cd9151bfd6a5a894da150c228cf1c5b28fe9d425db103e8aa300655cd94e7f02ebe822bfa3e5cbf0577c40befcfda1e22f78815b521765bad1ac3c4930264c6bd58cbf82e6b63b1f71e1665656631408e83d7bbd11be401eae31c4143f5d07b781a432111e0b83f109c95791b79e1d3743ca0f996ba1a7375ebd06247da74eae01b4c2cce293b20940b1049454963e131e69d5cdb0d09835347dd49024da90517e14ddb86541e77c396bbab442032ea67ea75cbcd62a04ede42032583d0967831227ff23c4e9dadb09625a06e612430a8d51751836a89b6393c8f48b8af2f0255ff0b3a1db82e150a19604e6f7b1b88cc5a72b8e8070e98620be0595ac6c5b9d834ece08572820a031be456269744900b635760193cd8776ac35de5ae47f24a668d0a79dd9a2d415f433ec46c378ad31b161254480a455626729687787a76484142cdae49462eb629582fca313467b12ff03bd3a53743aa368078b7fd682bb2c30eff177a01a4bc0c600ed2b5429569c4c8735d0a800780058897edc007f0adb20de83df0ef32f1ec10615bf2cd6d8ce42c38bb7a9bc60d85ac678ac0aac1f0d4632d15d73e73af1d214964015d67ba1f6f971804d987482017a33f6b7699b7288de550477ceee37df9333e78312f6919add840ac51a041efb0f3c80d7bff616a70b4e29041ae08689f8"}) 6.258289782s ago: executing program 4 (id=802): r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x268801, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = socket(0xa, 0x2, 0x3a) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r2, 0x0, 0x80) r3 = ioctl$auto_TUNSETDEBUG(0xffffffffffffffff, 0x400454c9, &(0x7f0000000080)=0x8) ioctl$auto(r3, 0x3, r2) read$auto_tracing_entries_fops_trace(r3, &(0x7f0000000140)=""/160, 0xa0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x6, 0x62, 0x80000000, 0x9, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() mlockall$auto(0x5) rt_sigprocmask$auto(0x6, &(0x7f0000000080)={0x6}, 0xffffffffffffffff, 0x8) close_range$auto(0x2, 0x8, 0x0) r4 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto_VHOST_SET_LOG_FD2(r4, 0x4004af07, &(0x7f00000000c0)=r0) unshare$auto(0x4) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000080), r5) sendmsg$auto_NET_DM_CMD_STOP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$auto_TASKSTATS_CMD_GET(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c97ff00", @ANYRES16=r6, @ANYBLOB="010a2bbd7000fbdbdf2501000000080002"], 0x1c}}, 0x20048090) sendmmsg$auto(0x4, 0x0, 0x400, 0x7) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x0, 0x0) socketcall$auto_SYS_GETSOCKOPT(0xf, &(0x7f0000000100)=0x4) 5.544111085s ago: executing program 1 (id=803): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/timer_list\x00', 0x0, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffa7, 0x2}, 0x8000, 0x0, 0x6) bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_map_fd=0x2, 0x7, @old_prog_fd=0x13b}, 0xa3) pread64$auto(r0, 0x0, 0x10, 0x101000000003) acct$auto(&(0x7f0000000000)='/dev/tty\x00`Mx\x9d\xfa\xb3\x9f\xc6k\x01\x13\x9b\x15[\xf7\xaan\x1fOgo\xbb(\xcbx\x9bJ\x91*\xa5a\x02\xf3\x1b\x9d\xddy\xef\xee\x80X\x12H\xa0w\xe0h\xd5\nH\x80\x11\x9aY\xb8\xcb\x90\xackl\xacA\x8d\xeb\xfa\x92\xdb^\x0f/\xf6/\fAb\xbb\xe2\x8a\x17\xddOi\xdb2K\xa9{\x8fO*D\x876\a;\xdc\xc3\xcf\xee\x9a\x92s\x94.\xf4\xe3\x97*\xe1\x1c\xc8\xd9l\x86\xf8\x82;\x02sX\xa5Gp\xb1\x83\xdf\x12\xc6r5\xf0;\x9d\x9a\xef\xdc\x95W`O\xe3~\xb4\xdf\"n\x00'/167) acct$auto(&(0x7f0000000100)='\x00') 5.02659916s ago: executing program 4 (id=804): r0 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) move_mount$auto(r0, 0x0, r0, 0x0, 0x277) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x80800, 0x0) read$auto(r1, 0x0, 0x39b8) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) ioctl$auto(r2, 0x401070cd, 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) sysfs$auto(0x2, 0x100000000000039, 0x0) r3 = fsopen$auto(0x0, 0x1) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) socketpair$auto(0x1, 0x2, 0x1, 0x0) ftruncate$auto(0xffffffffffffffff, 0x7) fsconfig$auto_FSCONFIG_SET_FLAG(r3, 0x0, &(0x7f0000000200)='/sys/kernel/debug/ieee80211/phy9/netdev:wlan1/stations/08:02:11:00:00:00/driver_buffered_tids\x00\x7fq\"\xc8T\x95\x82,S\xf6\x84\xf4\x90f\xcf\xe9\xffr\xdc\xa2\xd7 %\xc5P\x16\xdf\xce\xc6\xfa\xf7\xa4\bz&\xd0\x8e\xe8\xf0\xd0\x8d>\xdfv\xa3\xd6WD\x8d\x87R.\xd2\xfe\xd7\xfc\x0ee\xe1LMJ', &(0x7f0000000000)="330ff8c78b3ddc0ca49cc5d489b0725c03a6b4b2", 0x4e1a) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r0) fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3b}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x4b4b, r4) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) setresuid$auto(0x0, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setuid$auto(0x0) 4.395684919s ago: executing program 4 (id=805): keyctl$auto(0xf, 0x7fffffffffffffff, 0xffff, 0x4, 0x3) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/error_log\x00', 0xb01, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2b, 0x1, 0x1) setsockopt$auto(r1, 0x0, 0x1, 0x0, 0x1e) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r2, 0x5522, 0xf15) ioctl$auto(r2, 0x5523, r2) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x0, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socket(0xa, 0x5, 0x94) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) adjtimex$auto(&(0x7f0000000000)={0x2d38, 0x0, 0x2, 0xff, 0x1ff, 0x0, 0x80200, 0x0, 0x5, 0x6, 0x8, {0x10001, 0x3}, 0x5, 0x200, 0x162c97c6, 0x80000001, 0x0, 0x40, 0x8, 0xfffffffffffffff9, 0x3, 0x3, 0xfffffffd}) msgctl$auto_MSG_STAT_ANY(0x9c, 0xd, &(0x7f0000000180)={{0xb, 0xee00, 0xee01, 0x7fffffff, 0x3, 0xf}, &(0x7f0000000100)=0x8, &(0x7f0000000140)=0x8, 0x4, 0x1, 0x8000, 0x4, 0x32c6968f, 0x8, 0x1, 0x100, @raw=0x2, @raw=0xf5}) 4.302628182s ago: executing program 1 (id=806): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio1\x00', 0x20b42, 0x0) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0xffffffffffffff12, 0x20080, 0x1ff, 0x19, r0, 0x8200) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0xc0502, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0x8000d, 0x1, 0x4, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x5, 0x6d3f, 0x5, 0x600, 0xfffffffffffffffe]}, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) madvise$auto(0x0, 0x6, 0x101) mmap$auto(0x0, 0x7fffffff, 0xdf, 0x9b72, 0x7, 0x28000) 3.050360678s ago: executing program 3 (id=807): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x59616d61, 0xdaffffffffffffff, 0x1, 0x4, 0xfffffffffffffffb) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000300)='/proc/mtrr\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)="205c2020027e0dc0023af10e9bfa1babfa203753ca9a20370a", 0x19) mmap$auto(0x1000, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:00.0/enable\x00', 0x18b042, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) write$auto(0x3, 0x0, 0x7fffffff) clone$auto(0x2, 0x81, 0x0, 0x0, 0x3) 2.939906506s ago: executing program 2 (id=808): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000440)='/dev/ptyzf\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) prctl$auto_PR_SET_MM_ARG_END(0x9, 0x9, 0xffffffffffffffff, 0xd, 0x13) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000200)='5', 0x1) sendmsg$auto(0xffffffffffffffff, 0x0, 0xfff) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x4, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x193, 0xfffffffffffffff9, 0x3, 0x5e4, 0x101f, 0x1, 0x1]}, &(0x7f0000000380)={[0x8000000000000001, 0x5, 0x5, 0x10001, 0xe, 0xf, 0x5, 0x3, 0x59fc8000, 0x200006, 0x8000000000000000, 0x3, 0x800, 0x7, 0x1ff, 0x5]}, &(0x7f0000000280)={0x6, 0xc8}) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x5, 0x94) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x6c800, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0) 2.207820193s ago: executing program 4 (id=809): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) read$auto(r0, 0x0, 0x20) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x2, 0x801, 0x106) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0) ioctl$auto_BLKPG2(r1, 0x1269, 0xe4) syz_clone(0x20000200, 0x0, 0x0, 0x0, 0x0, 0x0) 1.733029798s ago: executing program 4 (id=810): mmap$auto(0x0, 0x3, 0xb, 0x3132, 0x4008df3, 0x0) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000140), 0xffffffffffffffff) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x100000000, 0xd77, 0x5, 0x7181, 0x81, 0x7, 0x3, 0x9a89, 0x5, 0x80005, 0x800, 0x1fffffffffff, 0xb4, 0x3, 0x2, 0x10007, 0x80, 0x0, 0x0, 0xa, 0x22004, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x1, [0x0, 0x0, 0xea4, 0x4, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x5, 0x0, 0x0, 0x100000000, 0x0, 0x3, 0x4, 0x5, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x100000000]}, 0x1fe, 0xd) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x4000000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, 0x0, 0x2, &(0x7f00000001c0), 0x7, 0xda5c}, 0x800}, 0x7, 0x4008) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) read$auto(0xffffffffffffffff, 0x0, 0xbe62) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="1f91f2c3881f4610e18d5fc5e5bfd9800e", 0x11) 1.585454024s ago: executing program 1 (id=811): sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001900)=ANY=[@ANYBLOB="042b0000", @ANYRES16, @ANYBLOB="000227bd7000fbdbdf250a0000000800100002000000700115806901bc8019535fe2d9b96eca9b3542e751bb7513af45c70eb79549e6621db9d4719a1be79c25d8a5befafcb9da455471a285295c1d48fe8658f957f31839d4f7dc45de7105b8c541accdada32002aba7e2d8e2a79cc88f5fbe0339e2b98002f61b1c93bcc5934cbbd2ebc6ab91944c51e3aceb9a0f4aac244560bfdf5b289225f77f1c154b56e0a4009c2348a2381b30e0c5929de547e132356e56207edc6008912adf6b527a5581afe70ef1dbac0753a0deac37fc4e3e4f5411eca88b3e084fdd36803a1f25337e1db441919c0ca0ed6d78f688ca2b5ad4fa9323428049fab03be0b8f0b2444f3e9aabc7dbf5af8f91f01a213d6da45a0701f50a0cedc857c1e046f817aeb3aaffd0754ff0d930c02f6f00d9ef09ed1389094b31ba09ace7a769b6063c53955a79e447c05ae4a85f35f9ba3edae6e0a666475ca5a3c6215a5c28527cf60ed9d5ac9704001280080090", @ANYRES32, @ANYBLOB="040011800800b20010000000040006800400c58000000028040580af00dc80040056004f51569fdf6032876a3785b1794ce570446bbc540979f9b302debc3d2de2c10c694d41eb5fb432e53daad8608cc6b32de50a266e340ea052675aaba2f1aa4fd70e9424813f9a900dd3da41422675d94abd65c57993bdad7647bc0f6652581bb568112a803ddf4899cdff7dce6050fe5949ee5b08001600", @ANYRES32, @ANYBLOB="0700f4002c280000040033800400978014004f0000000000000000000000ffff6401010108001800", @ANYRES32, @ANYBLOB="00d400f280cc000e001f75e24af5f8cf0dc6c45b31c1cc0052e6d853f47cfe16f0c0a35256fb3cf1ae2a0c57cdcbf6640ca2de0a68c388d29f5f5a9db39e0104df66fdf1ed2edfdfd1a696651aac00f8df6826bbbf10e992c0ae6321024f699d7d9db1a277ec405c7e8ed8e061e4c7e9ce657d2827f3e5ff98b8f12c94fcfea0025ef80922e107b24b683a1c936123c04fa94baf952aa74ce9871171386a435f8d2fdaa5d91d9ce861cf98c205b58f73d3a896cf8329efc477f532ff75831f9f1d2feaa2b247c9234a3e82fc3ad71bfdaa040082800800380002000000080041800400c28037012880517f86a2385b23ae0213e6f24115c850255fc427b76455f48a7a80986ecc06464a0c1adbf3376f702c55b476921b7e8b8f5c1402ac9ab03d507a8a580fcbbbd75a37c45432882507ff45bb447dcbf3039d3d1e59d1f45a6cad95f47f11000400b3803600b0002f7379732f646576696365732f7669727475616c2f626c6f636b2f6c6f6f70312f696e746567726974792f666f726d61740000000400d18008005100040000000800e8", @ANYRES32, @ANYBLOB="04005280246b7a"], 0x2b04}, 0x1, 0x0, 0x0, 0x1051}, 0x44844) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) utimensat$auto(r0, &(0x7f0000000040)='\x00', &(0x7f0000001cc0)={0x23, 0x2}, 0x1000) 1.352051251s ago: executing program 4 (id=812): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) read$auto(r0, 0x0, 0x20) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x2, 0x801, 0x106) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0) ioctl$auto_BLKPG2(r1, 0x1269, 0x0) (fail_nth: 9) syz_clone(0x20000200, 0x0, 0x0, 0x0, 0x0, 0x0) 417.775079ms ago: executing program 1 (id=813): mmap$auto(0xa, 0x3, 0x200b, 0x19, 0xffffffffffffffff, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000100)={{&(0x7f00000002c0), 0x6, &(0x7f0000000080)={0x0, 0xc5dd}, 0x4, 0x0, 0x93e, 0x84}, 0xfffffffb}, 0x8, 0xdb22, 0x0) mmap$auto(0x0, 0x101, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram12/discard_alignment\x00', 0x8000, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) mbind$auto(0x0, 0xfa9d, 0x1, &(0x7f0000000280)=0xe9e, 0x400, 0x1) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) socket(0x1e, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x80000000000007, 0x4000000000000f, 0x8fd6, 0x9, 0x9, 0x15f4da09, 0x3, 0x3, 0x63, 0x80000001, 0xcdd, 0xe, 0x0, 0x80000000, 0xfffffffffffffffc]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x28082, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x1, 0x20005, 0xe3, 0xeb1, r0, 0x3) ioctl$auto_SNDCTL_MIDI_PRETIME(r1, 0xc0046d00, &(0x7f00000001c0)="8535ca649dc9a98043ac4358b028ab92ac98d7920d11b123bed030f1f7e656bbf5bfcda0c9f6a1bf87c00a31b5d751aff463e88eb96078ec95429b73d45fc0d958822a47c8fa261177213428c42ed9632296213fe556abaf4c9c16981aadab04eb27ea4166694b93f5d40f9cb4741d1155d2e4f4e25314af2803064cf396fd7356041a488212c11c388d423bf3066f5b638cfb9691511e75ce7a2876fdfeb2944a9c4652bff83f2ce40c3d01c43ccb21d2") setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0x9) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0xe0742, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r2, 0x0, 0xb4d3) mmap$auto(0x0, 0xff, 0x7f, 0xeb1, 0x200000401, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x2, 0x80002, 0x73) 0s ago: executing program 3 (id=814): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) (async) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) (async) socket(0x1d, 0x2, 0x6) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_PMKSA(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x24004814) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) (async) r4 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb1\x00', 0x420401, 0x0) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x400) (async) ioctl$auto_FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000080)) (async) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x48014) write$auto(0x3, 0x0, 0xfffffdef) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xda, 0xeb1, 0x405, 0x0) (async) r5 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) pwrite64$auto(r5, 0x0, 0x400000, 0xc) ioctl$auto_BLKTRACESETUP32(r2, 0xc0401273, &(0x7f0000000180)={"c16f6303d5736a1b0feb8f6a0554277f3190781cfe525c42f1ebed0dc940e2fd", 0x3, 0xff, 0x3798, 0xd, 0x810}) (async) msgctl$auto_MSG_STAT_ANY(0x5, 0xd, &(0x7f0000000380)={{0x4468ebf0, 0xee01, 0x0, 0x7, 0x6, 0x7, 0x102}, &(0x7f0000000100)=0x5, &(0x7f0000000340)=0xa, 0xfffffffffffffff8, 0x0, 0x3, 0x81, 0x3, 0x4, 0xf25, 0x5, @inferred, @raw=0x5}) (async) r6 = gettid() process_vm_readv$auto(r6, &(0x7f0000000040)={0x0, 0x2}, 0x4, &(0x7f00000000c0)={0x0, 0x100000000000002}, 0x3, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.174' (ED25519) to the list of known hosts. [ 92.258020][ T5838] cgroup: Unknown subsys name 'net' [ 92.389681][ T5838] cgroup: Unknown subsys name 'cpuset' [ 92.399344][ T5838] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 94.094935][ T5838] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 96.274714][ T5861] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 96.284878][ T5859] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 96.310860][ T5863] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 96.321912][ T5859] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 96.326758][ T5865] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 96.329963][ T5863] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 96.337951][ T5865] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 96.343550][ T5863] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 96.354959][ T5865] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 96.357250][ T5859] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 96.365264][ T5865] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 96.371784][ T5863] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 96.387050][ T5859] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 96.394518][ T5863] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 96.401858][ T5859] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 96.402525][ T5865] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 96.416728][ T5170] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 96.417206][ T5865] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 96.442108][ T5865] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 96.450043][ T5865] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 96.882417][ T883] cfg80211: failed to load regulatory.db [ 97.038249][ T5849] chnl_net:caif_netlink_parms(): no params data found [ 97.107190][ T5851] chnl_net:caif_netlink_parms(): no params data found [ 97.120782][ T5848] chnl_net:caif_netlink_parms(): no params data found [ 97.278935][ T5850] chnl_net:caif_netlink_parms(): no params data found [ 97.380018][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.387864][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.395237][ T5849] bridge_slave_0: entered allmulticast mode [ 97.404002][ T5849] bridge_slave_0: entered promiscuous mode [ 97.455377][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.463843][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.471225][ T5849] bridge_slave_1: entered allmulticast mode [ 97.479105][ T5849] bridge_slave_1: entered promiscuous mode [ 97.512427][ T5848] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.520065][ T5848] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.527555][ T5848] bridge_slave_0: entered allmulticast mode [ 97.534848][ T5848] bridge_slave_0: entered promiscuous mode [ 97.543785][ T5848] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.551098][ T5848] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.558448][ T5848] bridge_slave_1: entered allmulticast mode [ 97.565571][ T5848] bridge_slave_1: entered promiscuous mode [ 97.604186][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.612763][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.619993][ T5851] bridge_slave_0: entered allmulticast mode [ 97.628277][ T5851] bridge_slave_0: entered promiscuous mode [ 97.660010][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.672847][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.682405][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.689635][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.697503][ T5851] bridge_slave_1: entered allmulticast mode [ 97.704587][ T5851] bridge_slave_1: entered promiscuous mode [ 97.714139][ T5848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.727291][ T5848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.820604][ T5849] team0: Port device team_slave_0 added [ 97.856944][ T5848] team0: Port device team_slave_0 added [ 97.863278][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.872677][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state [ 97.880421][ T5850] bridge_slave_0: entered allmulticast mode [ 97.888593][ T5850] bridge_slave_0: entered promiscuous mode [ 97.898630][ T5849] team0: Port device team_slave_1 added [ 97.904650][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.912025][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.919331][ T5850] bridge_slave_1: entered allmulticast mode [ 97.926710][ T5850] bridge_slave_1: entered promiscuous mode [ 97.943804][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.954591][ T5848] team0: Port device team_slave_1 added [ 98.014405][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.048339][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.055311][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.081852][ T5848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.094457][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.102091][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.129044][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.169828][ T5848] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.177024][ T5848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.203246][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.223059][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.230361][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.258571][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.272635][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 98.286436][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 98.298131][ T5851] team0: Port device team_slave_0 added [ 98.335881][ T5850] team0: Port device team_slave_0 added [ 98.351969][ T5851] team0: Port device team_slave_1 added [ 98.361680][ T5850] team0: Port device team_slave_1 added [ 98.421423][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.428494][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.454730][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.476197][ T5865] Bluetooth: hci2: command tx timeout [ 98.476260][ T5852] Bluetooth: hci1: command tx timeout [ 98.485913][ T5858] Bluetooth: hci3: command tx timeout [ 98.495088][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 98.502086][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.528439][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 98.556245][ T5858] Bluetooth: hci0: command tx timeout [ 98.578823][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.586182][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.613404][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.625066][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 98.632743][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 98.658826][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 98.675356][ T5848] hsr_slave_0: entered promiscuous mode [ 98.682081][ T5848] hsr_slave_1: entered promiscuous mode [ 98.694910][ T5849] hsr_slave_0: entered promiscuous mode [ 98.701515][ T5849] hsr_slave_1: entered promiscuous mode [ 98.707664][ T5849] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 98.715361][ T5849] Cannot create hsr debugfs directory [ 98.795210][ T5850] hsr_slave_0: entered promiscuous mode [ 98.801665][ T5850] hsr_slave_1: entered promiscuous mode [ 98.808585][ T5850] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 98.816234][ T5850] Cannot create hsr debugfs directory [ 98.898535][ T5851] hsr_slave_0: entered promiscuous mode [ 98.905179][ T5851] hsr_slave_1: entered promiscuous mode [ 98.912313][ T5851] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 98.919994][ T5851] Cannot create hsr debugfs directory [ 99.340084][ T5848] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 99.354643][ T5848] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 99.375249][ T5848] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 99.387633][ T5848] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 99.451023][ T5849] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 99.463186][ T5849] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 99.482195][ T5849] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 99.502800][ T5849] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 99.587242][ T5851] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 99.605976][ T5851] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 99.619531][ T5851] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 99.640386][ T5851] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 99.742310][ T5850] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 99.771556][ T5850] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 99.798868][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.807790][ T5850] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 99.820067][ T5850] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 99.889048][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.904128][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.922910][ T3019] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.930310][ T3019] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.964119][ T3019] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.971330][ T3019] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.012326][ T5849] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.044421][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.060121][ T1165] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.067283][ T1165] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.084700][ T2976] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.091911][ T2976] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.141852][ T5851] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.201666][ T3019] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.208890][ T3019] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.259791][ T3019] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.267028][ T3019] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.305211][ T5849] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 100.431044][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.493430][ T5850] 8021q: adding VLAN 0 to HW filter on device team0 [ 100.522594][ T3019] bridge0: port 1(bridge_slave_0) entered blocking state [ 100.529788][ T3019] bridge0: port 1(bridge_slave_0) entered forwarding state [ 100.557035][ T5858] Bluetooth: hci1: command tx timeout [ 100.557052][ T5852] Bluetooth: hci3: command tx timeout [ 100.557088][ T5852] Bluetooth: hci2: command tx timeout [ 100.577681][ T3494] bridge0: port 2(bridge_slave_1) entered blocking state [ 100.584822][ T3494] bridge0: port 2(bridge_slave_1) entered forwarding state [ 100.636901][ T5852] Bluetooth: hci0: command tx timeout [ 100.825360][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.918675][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.961342][ T5848] veth0_vlan: entered promiscuous mode [ 100.993293][ T5848] veth1_vlan: entered promiscuous mode [ 101.013508][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.080383][ T5849] veth0_vlan: entered promiscuous mode [ 101.106624][ T5849] veth1_vlan: entered promiscuous mode [ 101.172636][ T5848] veth0_macvtap: entered promiscuous mode [ 101.209601][ T5848] veth1_macvtap: entered promiscuous mode [ 101.216806][ T5851] veth0_vlan: entered promiscuous mode [ 101.231257][ T5851] veth1_vlan: entered promiscuous mode [ 101.254537][ T5849] veth0_macvtap: entered promiscuous mode [ 101.274809][ T5849] veth1_macvtap: entered promiscuous mode [ 101.293769][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.312227][ T5851] veth0_macvtap: entered promiscuous mode [ 101.339422][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.350848][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.378405][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.390266][ T5851] veth1_macvtap: entered promiscuous mode [ 101.402737][ T5848] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.412811][ T5848] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.422020][ T5848] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.431863][ T5848] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.447090][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.485249][ T5849] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.495128][ T5849] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.505781][ T5849] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.514515][ T5849] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.535794][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.564656][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.594079][ T5851] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.604455][ T5851] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.613606][ T5851] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.623093][ T5851] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.736849][ T1165] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.746408][ T1165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.779684][ T5850] veth0_vlan: entered promiscuous mode [ 101.807593][ T3019] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.819512][ T3019] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.871268][ T5850] veth1_vlan: entered promiscuous mode [ 101.904688][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.923449][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.935536][ T3494] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.965435][ T3494] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.985502][ T1165] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.020306][ T1165] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.048511][ T5850] veth0_macvtap: entered promiscuous mode [ 102.073758][ T5848] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 102.100740][ T3019] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.110648][ T5850] veth1_macvtap: entered promiscuous mode [ 102.116951][ T3019] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.192255][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 102.264774][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 102.299231][ T5850] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.328284][ T5850] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.343949][ T5850] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.355865][ T5850] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 102.637143][ T5852] Bluetooth: hci2: command tx timeout [ 102.645962][ T5852] Bluetooth: hci1: command tx timeout [ 102.646288][ T5865] Bluetooth: hci3: command tx timeout [ 102.695133][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.721234][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.730940][ T5865] Bluetooth: hci0: command tx timeout [ 102.806620][ T5943] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3'. [ 102.855215][ T5943] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3'. [ 102.925971][ T5943] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3'. [ 102.940769][ T1165] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 103.022364][ T1165] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 103.056071][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.091967][ T5943] netlink: 218 bytes leftover after parsing attributes in process `syz.2.3'. [ 103.546441][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.626130][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.634440][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.985819][ T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!! [ 104.457227][ T5966] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2'. [ 104.686170][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.715775][ T5865] Bluetooth: hci1: command tx timeout [ 104.716157][ T5852] Bluetooth: hci2: command tx timeout [ 104.726857][ T5852] Bluetooth: hci3: command tx timeout [ 104.796005][ T5852] Bluetooth: hci0: command tx timeout [ 104.866369][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.936639][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.946162][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 106.236525][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 106.528559][ T5979] netlink: 342 bytes leftover after parsing attributes in process `syz.2.8'. [ 107.276743][ T6005] random: crng reseeded on system resumption syzkaller syzkaller login: [ 111.590713][ T6041] netlink: 4 bytes leftover after parsing attributes in process `syz.3.21'. [ 111.633057][ T6041] Zero length message leads to an empty skb [ 112.736465][ T6057] netlink: 4 bytes leftover after parsing attributes in process `syz.3.24'. [ 117.686021][ T6112] netlink: 24 bytes leftover after parsing attributes in process `syz.3.33'. [ 118.488003][ T6103] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 118.532307][ T6121] random: crng reseeded on system resumption [ 119.364670][ T6127] random: crng reseeded on system resumption [ 122.501296][ T6164] random: crng reseeded on system resumption [ 124.115541][ T6179] netlink: 4 bytes leftover after parsing attributes in process `syz.0.48'. [ 126.472803][ T6215] netlink: 24 bytes leftover after parsing attributes in process `syz.0.54'. [ 126.519586][ T6219] syz.1.56 uses obsolete (PF_INET,SOCK_PACKET) syzkaller syzkaller login: [ 127.371034][ T6228] netlink: 4 bytes leftover after parsing attributes in process `syz.3.59'. [ 127.698983][ T6240] netlink: 24 bytes leftover after parsing attributes in process `syz.1.62'. [ 128.615406][ T6251] netlink: 24 bytes leftover after parsing attributes in process `syz.3.65'. [ 129.135139][ T6260] netlink: 4 bytes leftover after parsing attributes in process `syz.2.69'. [ 130.612795][ T6292] netlink: 24 bytes leftover after parsing attributes in process `syz.1.75'. [ 131.508644][ T6302] netlink: 4 bytes leftover after parsing attributes in process `syz.3.79'. [ 132.338543][ T6323] netlink: 24 bytes leftover after parsing attributes in process `syz.1.83'. [ 133.565970][ T6342] netlink: 24 bytes leftover after parsing attributes in process `syz.1.88'. [ 134.624369][ T6355] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 137.622755][ T6397] FAULT_INJECTION: forcing a failure. [ 137.622755][ T6397] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 137.691676][ T6391] netlink: 342 bytes leftover after parsing attributes in process `syz.3.100'. [ 137.722972][ T6397] CPU: 1 UID: 0 PID: 6397 Comm: syz.2.101 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 137.723034][ T6397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 137.723066][ T6397] Call Trace: [ 137.723076][ T6397] [ 137.723090][ T6397] dump_stack_lvl+0x16c/0x1f0 [ 137.723143][ T6397] should_fail_ex+0x512/0x640 [ 137.723190][ T6397] _copy_from_iter+0x29f/0x16f0 [ 137.723239][ T6397] ? __alloc_skb+0x200/0x380 [ 137.723280][ T6397] ? __pfx__copy_from_iter+0x10/0x10 [ 137.723328][ T6397] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 137.723370][ T6397] netlink_sendmsg+0x829/0xdd0 [ 137.723405][ T6397] ? __pfx_netlink_sendmsg+0x10/0x10 [ 137.723449][ T6397] ____sys_sendmsg+0xa95/0xc70 [ 137.723483][ T6397] ? copy_msghdr_from_user+0x10a/0x160 [ 137.723525][ T6397] ? __pfx_____sys_sendmsg+0x10/0x10 [ 137.723576][ T6397] ___sys_sendmsg+0x134/0x1d0 [ 137.723621][ T6397] ? __pfx____sys_sendmsg+0x10/0x10 [ 137.723661][ T6397] ? __lock_acquire+0x622/0x1c90 [ 137.723747][ T6397] __sys_sendmsg+0x16d/0x220 [ 137.723788][ T6397] ? __pfx___sys_sendmsg+0x10/0x10 [ 137.723864][ T6397] do_syscall_64+0xcd/0x490 [ 137.723906][ T6397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.723933][ T6397] RIP: 0033:0x7ff6b798e929 [ 137.723959][ T6397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.724001][ T6397] RSP: 002b:00007ff6b88c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 137.724027][ T6397] RAX: ffffffffffffffda RBX: 00007ff6b7bb5fa0 RCX: 00007ff6b798e929 [ 137.724044][ T6397] RDX: 0000000000000000 RSI: 0000200000002cc0 RDI: 0000000000000003 [ 137.724061][ T6397] RBP: 00007ff6b88c3090 R08: 0000000000000000 R09: 0000000000000000 [ 137.724077][ T6397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 137.724093][ T6397] R13: 0000000000000000 R14: 00007ff6b7bb5fa0 R15: 00007ffe50a62598 [ 137.724128][ T6397] [ 137.966387][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.973602][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.048874][ T6396] netlink: 342 bytes leftover after parsing attributes in process `syz.3.100'. [ 138.099654][ T6396] netlink: 342 bytes leftover after parsing attributes in process `syz.3.100'. [ 142.316409][ T6453] random: crng reseeded on system resumption [ 145.568960][ T6501] netlink: 24 bytes leftover after parsing attributes in process `syz.0.122'. [ 146.674387][ T6514] netlink: 24 bytes leftover after parsing attributes in process `syz.3.124'. [ 147.434304][ T6518] tipc: Started in network mode [ 147.579752][ T6518] tipc: Node identity ee00, cluster identity 4711 [ 147.586465][ T6518] tipc: Node number set to 60928 [ 149.324951][ T6558] netlink: 24 bytes leftover after parsing attributes in process `syz.2.134'. [ 151.401179][ T6582] hub 1-0:1.0: USB hub found [ 151.423796][ T6582] hub 1-0:1.0: 1 port detected [ 152.452523][ T6600] random: crng reseeded on system resumption [ 153.477668][ T6618] netlink: 24 bytes leftover after parsing attributes in process `syz.3.146'. syzkaller syzkaller login: [ 153.995569][ T6641] input: f¬ as /devices/virtual/input/input6 [ 156.038901][ T30] audit: type=1400 audit(1752577980.695:2): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=6670 comm="syz.3.159" syzkaller syzkaller login: [ 158.077126][ T6700] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 158.098932][ T6700] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 158.684086][ T6709] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.1048576.67108865), cmd(13) [ 158.829316][ T43] smpboot: CPU 0 is now offline [ 159.469298][ T6722] netlink: 8 bytes leftover after parsing attributes in process `syz.0.171'. [ 159.520752][ T6718] netlink: 342 bytes leftover after parsing attributes in process `syz.1.170'. [ 159.636943][ T6723] netlink: 342 bytes leftover after parsing attributes in process `syz.1.170'. [ 159.724893][ T6723] netlink: 342 bytes leftover after parsing attributes in process `syz.1.170'. [ 159.857442][ T6723] netlink: 342 bytes leftover after parsing attributes in process `syz.1.170'. [ 159.978153][ T6723] netlink: 342 bytes leftover after parsing attributes in process `syz.1.170'. [ 163.542786][ T30] audit: type=1326 audit(1752577988.245:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6769 comm="syz.2.181" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff6b798e929 code=0x0 syzkaller syzkaller login: [ 164.063726][ T6777] vivid-003: ================= START STATUS ================= [ 164.113348][ T6777] vivid-003: Radio HW Seek Mode: Bounded [ 164.142283][ T6777] vivid-003: Radio Programmable HW Seek: false [ 164.212692][ T6777] vivid-003: RDS Rx I/O Mode: Block I/O [ 164.263613][ T6777] vivid-003: Generate RBDS Instead of RDS: false [ 164.348022][ T6777] vivid-003: RDS Reception: true [ 164.353026][ T6777] vivid-003: RDS Program Type: 0 inactive [ 164.472808][ T6777] vivid-003: RDS PS Name: inactive [ 164.501661][ T6777] vivid-003: RDS Radio Text: inactive [ 164.578050][ T6777] vivid-003: RDS Traffic Announcement: false inactive [ 164.647151][ T6777] vivid-003: RDS Traffic Program: false inactive [ 164.734101][ T6777] vivid-003: RDS Music: false inactive [ 164.852502][ T6777] vivid-003: ================== END STATUS ================== [ 165.689840][ T6807] netlink: 4 bytes leftover after parsing attributes in process `syz.0.188'. [ 165.854350][ T6811] netlink: 24 bytes leftover after parsing attributes in process `syz.2.189'. [ 167.081229][ T6825] netlink: 342 bytes leftover after parsing attributes in process `syz.1.193'. [ 167.108339][ T6831] FAULT_INJECTION: forcing a failure. [ 167.108339][ T6831] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 167.215810][ T6831] CPU: 1 UID: 0 PID: 6831 Comm: syz.2.192 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 167.215837][ T6831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 167.215849][ T6831] Call Trace: [ 167.215855][ T6831] [ 167.215862][ T6831] dump_stack_lvl+0x16c/0x1f0 [ 167.215914][ T6831] should_fail_ex+0x512/0x640 [ 167.215949][ T6831] should_fail_alloc_page+0xe7/0x130 [ 167.215971][ T6831] prepare_alloc_pages+0x3c2/0x610 [ 167.216000][ T6831] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 167.216038][ T6831] ? find_held_lock+0x2b/0x80 [ 167.216061][ T6831] ? is_bpf_text_address+0x8a/0x1a0 [ 167.216090][ T6831] ? bpf_ksym_find+0x124/0x1c0 [ 167.216123][ T6831] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 167.216153][ T6831] ? is_bpf_text_address+0x94/0x1a0 [ 167.216180][ T6831] ? kernel_text_address+0x8d/0x100 [ 167.216198][ T6831] ? __kernel_text_address+0xd/0x40 [ 167.216221][ T6831] ? unwind_get_return_address+0x59/0xa0 [ 167.216261][ T6831] ? __lock_acquire+0xb8a/0x1c90 [ 167.216294][ T6831] ? snd_ctl_new+0x56/0x1a0 [ 167.216318][ T6831] __alloc_pages_noprof+0xb/0x1b0 [ 167.216346][ T6831] ___kmalloc_large_node+0x84/0x1e0 [ 167.216373][ T6831] ? snd_ctl_new+0x56/0x1a0 [ 167.216396][ T6831] __kmalloc_large_node_noprof+0x1c/0x70 [ 167.216418][ T6831] ? tomoyo_path_number_perm+0x470/0x580 [ 167.216442][ T6831] __kmalloc_noprof.cold+0xc/0x61 [ 167.216477][ T6831] snd_ctl_new+0x56/0x1a0 [ 167.216505][ T6831] snd_ctl_elem_add+0x510/0x14c0 [ 167.216538][ T6831] ? find_held_lock+0x2b/0x80 [ 167.216556][ T6831] ? __might_fault+0xe3/0x190 [ 167.216584][ T6831] ? __might_fault+0xe3/0x190 [ 167.216610][ T6831] ? __might_fault+0x13b/0x190 [ 167.216638][ T6831] ? __pfx_snd_ctl_elem_add+0x10/0x10 [ 167.216674][ T6831] snd_ctl_elem_add_user+0xc3/0x170 [ 167.216703][ T6831] ? __pfx_snd_ctl_elem_add_user+0x10/0x10 [ 167.216731][ T6831] ? find_held_lock+0x2b/0x80 [ 167.216780][ T6831] snd_ctl_ioctl+0x981/0x1320 [ 167.216808][ T6831] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 167.216839][ T6831] ? find_held_lock+0x2b/0x80 [ 167.216858][ T6831] ? hook_file_ioctl_common+0x145/0x410 [ 167.216885][ T6831] ? __fget_files+0x20e/0x3c0 [ 167.216915][ T6831] ? __pfx_snd_ctl_ioctl+0x10/0x10 [ 167.216945][ T6831] __x64_sys_ioctl+0x18b/0x210 [ 167.216970][ T6831] do_syscall_64+0xcd/0x490 [ 167.217002][ T6831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.217021][ T6831] RIP: 0033:0x7ff6b798e929 [ 167.217036][ T6831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.217054][ T6831] RSP: 002b:00007ff6b8860038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 167.217072][ T6831] RAX: ffffffffffffffda RBX: 00007ff6b7bb6240 RCX: 00007ff6b798e929 [ 167.217085][ T6831] RDX: 00002000000001c0 RSI: 00000000c1105517 RDI: 000000000000000a [ 167.217096][ T6831] RBP: 00007ff6b8860090 R08: 0000000000000000 R09: 0000000000000000 [ 167.217107][ T6831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 167.217118][ T6831] R13: 0000000000000000 R14: 00007ff6b7bb6240 R15: 00007ffe50a62598 [ 167.217142][ T6831] [ 167.643985][ T6834] netlink: 'syz.1.194': attribute type 1 has an invalid length. [ 168.295372][ T6846] random: crng reseeded on system resumption [ 169.749439][ T6862] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 171.548577][ T6886] random: crng reseeded on system resumption [ 174.308441][ T6907] could not allocate digest TFM handle [ 176.392914][ T6935] FAULT_INJECTION: forcing a failure. [ 176.392914][ T6935] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 176.460513][ T6935] CPU: 1 UID: 0 PID: 6935 Comm: syz.2.215 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 176.460546][ T6935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 176.460559][ T6935] Call Trace: [ 176.460566][ T6935] [ 176.460574][ T6935] dump_stack_lvl+0x16c/0x1f0 [ 176.460613][ T6935] should_fail_ex+0x512/0x640 [ 176.460650][ T6935] _copy_to_user+0x32/0xd0 [ 176.460687][ T6935] simple_read_from_buffer+0xcb/0x170 [ 176.460719][ T6935] proc_fail_nth_read+0x197/0x270 [ 176.460746][ T6935] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 176.460774][ T6935] ? rw_verify_area+0xcf/0x680 [ 176.460802][ T6935] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 176.460828][ T6935] vfs_read+0x1e4/0xc60 [ 176.460873][ T6935] ? __pfx___mutex_lock+0x10/0x10 [ 176.460922][ T6935] ? __pfx_vfs_read+0x10/0x10 [ 176.460961][ T6935] ? __fget_files+0x20e/0x3c0 [ 176.460999][ T6935] ksys_read+0x12a/0x250 [ 176.461030][ T6935] ? __pfx_ksys_read+0x10/0x10 [ 176.461069][ T6935] do_syscall_64+0xcd/0x490 [ 176.461104][ T6935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.461126][ T6935] RIP: 0033:0x7ff6b798d33c [ 176.461144][ T6935] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 176.461164][ T6935] RSP: 002b:00007ff6b88c3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 176.461184][ T6935] RAX: ffffffffffffffda RBX: 00007ff6b7bb5fa0 RCX: 00007ff6b798d33c [ 176.461199][ T6935] RDX: 000000000000000f RSI: 00007ff6b88c30a0 RDI: 0000000000000004 [ 176.461212][ T6935] RBP: 00007ff6b88c3090 R08: 0000000000000000 R09: 0000000000000000 [ 176.461225][ T6935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 176.461237][ T6935] R13: 0000000000000000 R14: 00007ff6b7bb5fa0 R15: 00007ffe50a62598 [ 176.461264][ T6935] [ 179.356662][ T6969] netlink: 4 bytes leftover after parsing attributes in process `syz.1.222'. [ 184.887748][ T7024] netlink: 4 bytes leftover after parsing attributes in process `syz.1.235'. [ 189.335301][ T7062] mmap: syz.1.237 (7062) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 190.299066][ T7071] netlink: 342 bytes leftover after parsing attributes in process `syz.2.244'. [ 191.812850][ T7090] FAULT_INJECTION: forcing a failure. [ 191.812850][ T7090] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 191.962584][ T7090] CPU: 1 UID: 0 PID: 7090 Comm: syz.1.248 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 191.962617][ T7090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 191.962630][ T7090] Call Trace: [ 191.962637][ T7090] [ 191.962648][ T7090] dump_stack_lvl+0x16c/0x1f0 [ 191.962688][ T7090] should_fail_ex+0x512/0x640 [ 191.962726][ T7090] _copy_to_user+0x32/0xd0 [ 191.962765][ T7090] simple_read_from_buffer+0xcb/0x170 [ 191.962797][ T7090] proc_fail_nth_read+0x197/0x270 [ 191.962825][ T7090] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 191.962855][ T7090] ? rw_verify_area+0xcf/0x680 [ 191.962883][ T7090] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 191.962940][ T7090] vfs_read+0x1e4/0xc60 [ 191.962976][ T7090] ? __pfx___mutex_lock+0x10/0x10 [ 191.963023][ T7090] ? __pfx_vfs_read+0x10/0x10 [ 191.963061][ T7090] ? __fget_files+0x20e/0x3c0 [ 191.963111][ T7090] ksys_read+0x12a/0x250 [ 191.963138][ T7090] ? __pfx_ksys_read+0x10/0x10 [ 191.963172][ T7090] do_syscall_64+0xcd/0x490 [ 191.963203][ T7090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.963223][ T7090] RIP: 0033:0x7f4a91b8d33c [ 191.963238][ T7090] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 191.963256][ T7090] RSP: 002b:00007f4a92ac1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 191.963274][ T7090] RAX: ffffffffffffffda RBX: 00007f4a91db5fa0 RCX: 00007f4a91b8d33c [ 191.963286][ T7090] RDX: 000000000000000f RSI: 00007f4a92ac10a0 RDI: 0000000000000004 [ 191.963298][ T7090] RBP: 00007f4a92ac1090 R08: 0000000000000000 R09: 0000000000000000 [ 191.963309][ T7090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 191.963320][ T7090] R13: 0000000000000000 R14: 00007f4a91db5fa0 R15: 00007ffc8f061828 [ 191.963344][ T7090] [ 192.210605][ T7096] random: crng reseeded on system resumption [ 194.948828][ T7133] process 'syz.3.257' launched '/dev/fd/10' with NULL argv: empty string added [ 198.000289][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 198.006803][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.764191][ T7227] zswap: compressor not available [ 205.594498][ T7239] netlink: 8 bytes leftover after parsing attributes in process `syz.2.281'. [ 205.793701][ T7242] netlink: 8 bytes leftover after parsing attributes in process `syz.2.281'. [ 206.675980][ T7249] netlink: 20 bytes leftover after parsing attributes in process `syz.1.283'. [ 207.114269][ T7257] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 207.197660][ T7257] netlink: 'syz.3.284': attribute type 1 has an invalid length. [ 212.468494][ T7319] FAULT_INJECTION: forcing a failure. [ 212.468494][ T7319] name failslab, interval 1, probability 0, space 0, times 0 [ 212.580839][ T7319] CPU: 1 UID: 0 PID: 7319 Comm: syz.0.298 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 212.580869][ T7319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 212.580881][ T7319] Call Trace: [ 212.580887][ T7319] [ 212.580894][ T7319] dump_stack_lvl+0x16c/0x1f0 [ 212.580931][ T7319] should_fail_ex+0x512/0x640 [ 212.580960][ T7319] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 212.580995][ T7319] should_failslab+0xc2/0x120 [ 212.581014][ T7319] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 212.581045][ T7319] ? unwind_get_return_address+0x59/0xa0 [ 212.581078][ T7319] ? __d_alloc+0x31/0xaa0 [ 212.581112][ T7319] __d_alloc+0x31/0xaa0 [ 212.581146][ T7319] d_alloc+0x4a/0x1e0 [ 212.581178][ T7319] d_alloc_parallel+0xe3/0x12e0 [ 212.581203][ T7319] ? __lock_acquire+0xb8a/0x1c90 [ 212.581246][ T7319] ? __pfx_d_alloc_parallel+0x10/0x10 [ 212.581272][ T7319] ? lockdep_init_map_type+0x5c/0x280 [ 212.581302][ T7319] ? lockdep_init_map_type+0x5c/0x280 [ 212.581336][ T7319] __lookup_slow+0x193/0x460 [ 212.581360][ T7319] ? __pfx___lookup_slow+0x10/0x10 [ 212.581398][ T7319] ? lookup_fast+0x156/0x610 [ 212.581422][ T7319] ? _raw_spin_unlock+0x28/0x50 [ 212.581451][ T7319] walk_component+0x353/0x5b0 [ 212.581479][ T7319] link_path_walk+0x627/0xe20 [ 212.581513][ T7319] path_openat+0x1b0/0x2cb0 [ 212.581540][ T7319] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.581569][ T7319] ? __pfx_path_openat+0x10/0x10 [ 212.581599][ T7319] ? __lock_acquire+0xb8a/0x1c90 [ 212.581630][ T7319] do_filp_open+0x20b/0x470 [ 212.581659][ T7319] ? __pfx_do_filp_open+0x10/0x10 [ 212.581706][ T7319] ? alloc_fd+0x471/0x7d0 [ 212.581740][ T7319] do_sys_openat2+0x11b/0x1d0 [ 212.581762][ T7319] ? __pfx_do_sys_openat2+0x10/0x10 [ 212.581782][ T7319] ? find_held_lock+0x2b/0x80 [ 212.581805][ T7319] ? handle_mm_fault+0x2ab/0xd10 [ 212.581838][ T7319] __x64_sys_openat+0x174/0x210 [ 212.581883][ T7319] ? __pfx___x64_sys_openat+0x10/0x10 [ 212.581922][ T7319] do_syscall_64+0xcd/0x490 [ 212.581960][ T7319] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.581983][ T7319] RIP: 0033:0x7f35dd78e929 [ 212.582001][ T7319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.582023][ T7319] RSP: 002b:00007f35de6d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 212.582045][ T7319] RAX: ffffffffffffffda RBX: 00007f35dd9b5fa0 RCX: 00007f35dd78e929 [ 212.582060][ T7319] RDX: 0000000000000202 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 212.582074][ T7319] RBP: 00007f35dd810b39 R08: 0000000000000000 R09: 0000000000000000 [ 212.582088][ T7319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 212.582101][ T7319] R13: 0000000000000000 R14: 00007f35dd9b5fa0 R15: 00007ffcb25659b8 [ 212.582130][ T7319] [ 218.355559][ T7363] nvme_fabrics: missing parameter 'transport=%s' [ 218.438031][ T7363] nvme_fabrics: missing parameter 'nqn=%s' [ 221.636929][ T7399] FAULT_INJECTION: forcing a failure. [ 221.636929][ T7399] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 221.636962][ T7399] CPU: 1 UID: 0 PID: 7399 Comm: syz.0.315 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 221.636987][ T7399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 221.636999][ T7399] Call Trace: [ 221.637004][ T7399] [ 221.637012][ T7399] dump_stack_lvl+0x16c/0x1f0 [ 221.637046][ T7399] should_fail_ex+0x512/0x640 [ 221.637080][ T7399] should_fail_alloc_page+0xe7/0x130 [ 221.637102][ T7399] prepare_alloc_pages+0x3c2/0x610 [ 221.637131][ T7399] ? rcu_is_watching+0x12/0xc0 [ 221.637155][ T7399] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 221.637191][ T7399] ? rcu_is_watching+0x12/0xc0 [ 221.637212][ T7399] ? trace_mm_page_alloc+0x11f/0x1a0 [ 221.637235][ T7399] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 221.637265][ T7399] ? lockdep_hardirqs_on+0x7c/0x110 [ 221.637293][ T7399] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 221.637321][ T7399] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 221.637380][ T7399] ? alloc_vmap_area+0x645/0x29c0 [ 221.637401][ T7399] ? __vmalloc_node_range_noprof+0x271/0x14b0 [ 221.637428][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.637454][ T7399] ? do_syscall_64+0xcd/0x490 [ 221.637494][ T7399] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.637524][ T7399] alloc_pages_bulk_noprof+0x71c/0x1410 [ 221.637554][ T7399] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 221.637587][ T7399] ? policy_nodemask+0xea/0x4e0 [ 221.637609][ T7399] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 221.637642][ T7399] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 221.637671][ T7399] kasan_populate_vmalloc+0xf1/0x1f0 [ 221.637705][ T7399] alloc_vmap_area+0x959/0x29c0 [ 221.637737][ T7399] ? __pfx_alloc_vmap_area+0x10/0x10 [ 221.637766][ T7399] __get_vm_area_node+0x1ca/0x330 [ 221.637794][ T7399] __vmalloc_node_range_noprof+0x271/0x14b0 [ 221.637821][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.637852][ T7399] ? __lock_acquire+0xb8a/0x1c90 [ 221.637880][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.637911][ T7399] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 221.637957][ T7399] ? __alloc_pages_noprof+0xb/0x1b0 [ 221.637988][ T7399] ? ___kmalloc_large_node+0x84/0x1e0 [ 221.638011][ T7399] ? find_held_lock+0x2b/0x80 [ 221.638038][ T7399] __kvmalloc_node_noprof+0x30a/0x620 [ 221.638068][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.638113][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.638142][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.638166][ T7399] __do_sys_listmount+0x1c2/0xec0 [ 221.638195][ T7399] ? __x64_sys_futex+0x1e0/0x4c0 [ 221.638219][ T7399] ? __x64_sys_futex+0x1e9/0x4c0 [ 221.638245][ T7399] ? __pfx___do_sys_listmount+0x10/0x10 [ 221.638283][ T7399] do_syscall_64+0xcd/0x490 [ 221.638314][ T7399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.638334][ T7399] RIP: 0033:0x7f35dd78e929 [ 221.638349][ T7399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.638367][ T7399] RSP: 002b:00007f35de6b2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 221.638386][ T7399] RAX: ffffffffffffffda RBX: 00007f35dd9b6080 RCX: 00007f35dd78e929 [ 221.638416][ T7399] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 221.638428][ T7399] RBP: 00007f35dd810b39 R08: 0000000000000000 R09: 0000000000000000 [ 221.638440][ T7399] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 221.638452][ T7399] R13: 0000000000000000 R14: 00007f35dd9b6080 R15: 00007ffcb25659b8 [ 221.638488][ T7399] [ 221.639399][ T7399] syz.0.315: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 221.639535][ T7399] CPU: 1 UID: 0 PID: 7399 Comm: syz.0.315 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 221.639559][ T7399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 221.639571][ T7399] Call Trace: [ 221.639576][ T7399] [ 221.639583][ T7399] dump_stack_lvl+0x16c/0x1f0 [ 221.639616][ T7399] warn_alloc+0x248/0x3a0 [ 221.639647][ T7399] ? __pfx_warn_alloc+0x10/0x10 [ 221.639678][ T7399] ? kfree+0x2b4/0x4d0 [ 221.639709][ T7399] ? __get_vm_area_node+0x208/0x330 [ 221.639738][ T7399] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 221.639773][ T7399] ? __lock_acquire+0xb8a/0x1c90 [ 221.639800][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.639832][ T7399] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 221.639860][ T7399] ? __alloc_pages_noprof+0xb/0x1b0 [ 221.639889][ T7399] ? ___kmalloc_large_node+0x84/0x1e0 [ 221.639911][ T7399] ? find_held_lock+0x2b/0x80 [ 221.639936][ T7399] __kvmalloc_node_noprof+0x30a/0x620 [ 221.639964][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.639990][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.640019][ T7399] ? __do_sys_listmount+0x1c2/0xec0 [ 221.640042][ T7399] __do_sys_listmount+0x1c2/0xec0 [ 221.640071][ T7399] ? __x64_sys_futex+0x1e0/0x4c0 [ 221.640095][ T7399] ? __x64_sys_futex+0x1e9/0x4c0 [ 221.640126][ T7399] ? __pfx___do_sys_listmount+0x10/0x10 [ 221.640181][ T7399] do_syscall_64+0xcd/0x490 [ 221.640217][ T7399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.640239][ T7399] RIP: 0033:0x7f35dd78e929 [ 221.640254][ T7399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 221.640274][ T7399] RSP: 002b:00007f35de6b2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 221.640293][ T7399] RAX: ffffffffffffffda RBX: 00007f35dd9b6080 RCX: 00007f35dd78e929 [ 221.640307][ T7399] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 221.640320][ T7399] RBP: 00007f35dd810b39 R08: 0000000000000000 R09: 0000000000000000 [ 221.640333][ T7399] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 221.640345][ T7399] R13: 0000000000000000 R14: 00007f35dd9b6080 R15: 00007ffcb25659b8 [ 221.640371][ T7399] [ 221.733723][ T7399] Mem-Info: [ 221.733745][ T7399] active_anon:103654 inactive_anon:0 isolated_anon:0 [ 221.733745][ T7399] active_file:21428 inactive_file:39967 isolated_file:0 [ 221.733745][ T7399] unevictable:2106 dirty:560 writeback:0 [ 221.733745][ T7399] slab_reclaimable:10528 slab_unreclaimable:94699 [ 221.733745][ T7399] mapped:59294 shmem:96716 pagetables:1301 [ 221.733745][ T7399] sec_pagetables:0 bounce:0 [ 221.733745][ T7399] kernel_misc_reclaimable:0 [ 221.733745][ T7399] free:1218356 free_pcp:11709 free_cma:0 [ 221.733802][ T7399] Node 0 active_anon:414616kB inactive_anon:0kB active_file:82476kB inactive_file:159664kB unevictable:6888kB isolated(anon):0kB isolated(file):0kB mapped:237176kB dirty:2236kB writeback:0kB shmem:385328kB shmem_thp:8192kB shmem_pmdmapped:0kB anon_thp:2048kB writeback_tmp:0kB kernel_stack:12336kB pagetables:5068kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 221.733861][ T7399] Node 1 active_anon:0kB inactive_anon:0kB active_file:3236kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 221.733915][ T7399] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 221.733975][ T7399] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 221.734014][ T7399] Node 0 DMA32 free:951016kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:414568kB inactive_anon:0kB active_file:82476kB inactive_file:158340kB unevictable:6888kB writepending:2232kB present:3129332kB managed:2540344kB mlocked:5352kB bounce:0kB free_pcp:36404kB local_pcp:36404kB free_cma:0kB [ 221.734076][ T7399] lowmem_reserve[]: 0 0 1 1 1 [ 221.734126][ T7399] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:4kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 221.734184][ T7399] lowmem_reserve[]: 0 0 0 0 0 [ 221.734222][ T7399] Node 1 Normal free:3907032kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:3236kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:10432kB local_pcp:10432kB free_cma:0kB [ 221.734284][ T7399] lowmem_reserve[]: 0 0 0 0 0 [ 221.734321][ T7399] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 221.734449][ T7399] Node 0 DMA32: 466*4kB (UE) 468*8kB (UE) 254*16kB (UE) 2*32kB (UM) 3*64kB (UME) 2*128kB (UE) 3*256kB (UME) 2*512kB (ME) 3*1024kB (UME) 3*2048kB (UME) 227*4096kB (M) = 950984kB [ 221.734632][ T7399] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 221.734746][ T7399] Node 1 Normal: 174*4kB (UME) 24*8kB (UME) 10*16kB (UME) 174*32kB (UME) 58*64kB (UME) 15*128kB (UME) 6*256kB (UME) 2*512kB (UM) 3*1024kB (UME) 3*2048kB (UE) 948*4096kB (M) = 3907032kB [ 221.734922][ T7399] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 221.734939][ T7399] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 221.734956][ T7399] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 221.734972][ T7399] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 221.734989][ T7399] 158647 total pagecache pages [ 221.734997][ T7399] 7 pages in swap cache [ 221.735004][ T7399] Free swap = 122952kB [ 221.735012][ T7399] Total swap = 124996kB [ 221.735019][ T7399] 2097051 pages RAM [ 221.735027][ T7399] 0 pages HighMem/MovableOnly [ 221.735034][ T7399] 429987 pages reserved [ 221.735041][ T7399] 0 pages cma reserved [ 221.848752][ T5863] Bluetooth: hci3: command 0x0406 tx timeout [ 221.848820][ T5863] Bluetooth: hci0: command 0x0406 tx timeout [ 221.848858][ T5863] Bluetooth: hci1: command 0x0406 tx timeout [ 221.848888][ T5863] Bluetooth: hci2: command 0x0406 tx timeout [ 225.415814][ T7426] netlink: 16 bytes leftover after parsing attributes in process `syz.2.321'. [ 227.295084][ T7444] snd_aloop snd_aloop.0: control 1:262152:7:̸è:0 is already present [ 228.643323][ T7420] tty tty1: ldisc open failed (-12), clearing slot 0 [ 228.736454][ T7430] pty pty175: ldisc open failed (-12), clearing slot 175 [ 229.681266][ T7454] netlink: 342 bytes leftover after parsing attributes in process `syz.3.329'. [ 229.879570][ T7454] netlink: 218 bytes leftover after parsing attributes in process `syz.3.329'. [ 230.693815][ T7472] netlink: 8 bytes leftover after parsing attributes in process `syz.0.331'. [ 231.719368][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.0.333'. [ 231.835858][ T7482] netlink: 8 bytes leftover after parsing attributes in process `syz.0.333'. [ 234.408801][ T7515] FAULT_INJECTION: forcing a failure. [ 234.408801][ T7515] name failslab, interval 1, probability 0, space 0, times 0 [ 234.478547][ T7515] CPU: 1 UID: 0 PID: 7515 Comm: syz.3.339 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 234.478577][ T7515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 234.478589][ T7515] Call Trace: [ 234.478595][ T7515] [ 234.478603][ T7515] dump_stack_lvl+0x16c/0x1f0 [ 234.478639][ T7515] should_fail_ex+0x512/0x640 [ 234.478669][ T7515] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 234.478700][ T7515] should_failslab+0xc2/0x120 [ 234.478720][ T7515] __kmalloc_cache_noprof+0x6a/0x3e0 [ 234.478747][ T7515] ? snd_ctl_get_preferred_subdevice+0x16c/0x1f0 [ 234.478774][ T7515] ? snd_pcm_attach_substream+0x441/0xd60 [ 234.478805][ T7515] snd_pcm_attach_substream+0x441/0xd60 [ 234.478838][ T7515] snd_pcm_open_substream+0x8d/0x17f0 [ 234.478866][ T7515] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 234.478894][ T7515] ? rcu_is_watching+0x12/0xc0 [ 234.478927][ T7515] snd_pcm_open+0x29e/0x730 [ 234.478955][ T7515] ? __pfx_snd_pcm_open+0x10/0x10 [ 234.478983][ T7515] ? __pfx_default_wake_function+0x10/0x10 [ 234.479012][ T7515] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 234.479038][ T7515] snd_pcm_playback_open+0x86/0xe0 [ 234.479063][ T7515] snd_open+0x201/0x450 [ 234.479095][ T7515] ? __pfx_snd_open+0x10/0x10 [ 234.479125][ T7515] chrdev_open+0x231/0x6a0 [ 234.479156][ T7515] ? __pfx_apparmor_file_open+0x10/0x10 [ 234.479185][ T7515] ? __pfx_chrdev_open+0x10/0x10 [ 234.479218][ T7515] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 234.479251][ T7515] do_dentry_open+0x744/0x1c10 [ 234.479281][ T7515] ? __pfx_chrdev_open+0x10/0x10 [ 234.479318][ T7515] vfs_open+0x82/0x3f0 [ 234.479342][ T7515] path_openat+0x1de4/0x2cb0 [ 234.479379][ T7515] ? __pfx_path_openat+0x10/0x10 [ 234.479410][ T7515] ? __lock_acquire+0xb8a/0x1c90 [ 234.479441][ T7515] do_filp_open+0x20b/0x470 [ 234.479471][ T7515] ? __pfx_do_filp_open+0x10/0x10 [ 234.479518][ T7515] ? alloc_fd+0x471/0x7d0 [ 234.479552][ T7515] do_sys_openat2+0x11b/0x1d0 [ 234.479574][ T7515] ? __pfx_do_sys_openat2+0x10/0x10 [ 234.479606][ T7515] __x64_sys_openat+0x174/0x210 [ 234.479629][ T7515] ? __pfx___x64_sys_openat+0x10/0x10 [ 234.479662][ T7515] do_syscall_64+0xcd/0x490 [ 234.479694][ T7515] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.479714][ T7515] RIP: 0033:0x7f60b258e929 [ 234.479730][ T7515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.479749][ T7515] RSP: 002b:00007f60b349a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 234.479767][ T7515] RAX: ffffffffffffffda RBX: 00007f60b27b5fa0 RCX: 00007f60b258e929 [ 234.479781][ T7515] RDX: 0000000000040100 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 234.479793][ T7515] RBP: 00007f60b2610b39 R08: 0000000000000000 R09: 0000000000000000 [ 234.479805][ T7515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 234.479816][ T7515] R13: 0000000000000000 R14: 00007f60b27b5fa0 R15: 00007ffced397e38 [ 234.479841][ T7515] [ 234.776743][ C1] vkms_vblank_simulate: vblank timer overrun [ 235.830579][ T7526] netlink: 4 bytes leftover after parsing attributes in process `syz.3.341'. [ 237.166038][ T7532] vivid-003: ================= START STATUS ================= [ 237.173728][ T7532] vivid-003: Radio HW Seek Mode: Bounded [ 237.250593][ T7532] vivid-003: Radio Programmable HW Seek: false [ 237.437222][ T7532] vivid-003: RDS Rx I/O Mode: Block I/O [ 237.442831][ T7532] vivid-003: Generate RBDS Instead of RDS: false [ 237.561553][ T7532] vivid-003: RDS Reception: true [ 237.585656][ T7532] vivid-003: RDS Program Type: 0 inactive [ 237.591439][ T7532] vivid-003: RDS PS Name: inactive [ 237.736078][ T7532] vivid-003: RDS Radio Text: inactive [ 237.741622][ T7532] vivid-003: RDS Traffic Announcement: false inactive [ 237.854160][ T7532] vivid-003: RDS Traffic Program: false inactive [ 237.914157][ T7532] vivid-003: RDS Music: false inactive [ 237.946554][ T7532] vivid-003: ================== END STATUS ================== [ 240.834976][ T7558] Invalid ELF header magic: != ELF [ 242.949924][ T7561] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 244.666172][ T7611] netlink: 342 bytes leftover after parsing attributes in process `syz.3.361'. [ 244.761959][ T7611] netlink: 342 bytes leftover after parsing attributes in process `syz.3.361'. [ 251.570386][ T7688] netlink: 4 bytes leftover after parsing attributes in process `syz.1.376'. [ 252.186573][ T7697] sd 0:0:1:0: PR command failed: 1026 [ 252.247439][ T7697] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 252.334493][ T7697] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 254.512229][ T7721] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 254.971147][ T7723] netlink: 28 bytes leftover after parsing attributes in process `syz.2.383'. [ 256.011329][ T7723] bond0: (slave bond_slave_1): Releasing backup interface [ 256.814165][ T7737] cifs: Unknown parameter 'T.ŸÜÛæ¨Å¼c[ŸÐê€$âæµÈ)ü±UóÑnEó-Ê™¾l®öÚ-ºŒ -¾_€™¯Ôåáª5Z äoåé¢mžÐfwYÍhº*/ÿxDlÝ©Š×ígÕkÇAí³ùÏ7ÍØØ9’ôXöa/fê_ÿAR£ˆ™‘ÈxM ‚v¬—pÿ±$^;ôØq‡3±«£n졵-6©+e„k„¾ñÇ<°kœcÔ)n.üeMÍ÷Na¨t®ÐSMÎÆ1,' [ 258.900541][ T7715] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 259.616757][ T7775] futex_wake_op: syz.1.392 tries to shift op by -2048; fix this program [ 260.723125][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.731206][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 263.461925][ T5170] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 263.462078][ T5170] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 263.469753][ T5170] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 263.481247][ T5170] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 263.489320][ T5170] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 263.499279][ T5170] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 263.507185][ T5170] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 263.514396][ T5170] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14 [ 263.522207][ T5170] Bluetooth: hci2: unexpected event 0x3d length: 726 > 14                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            syzkaller syzkaller login: [ 321.254316][ T8471] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 322.127366][ T8480] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 322.173996][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.183254][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.335899][ T8483] netlink: 252 bytes leftover after parsing attributes in process `syz.3.536'. [ 322.524826][ T8489] netlink: 252 bytes leftover after parsing attributes in process `syz.3.536'. [ 324.814081][ T8524] netlink: 28 bytes leftover after parsing attributes in process `syz.3.543'. [ 324.962272][ T8524] ipvlan0: entered allmulticast mode [ 325.065682][ T8524] veth0_vlan: entered allmulticast mode [ 327.639410][ T8582] netlink: 28 bytes leftover after parsing attributes in process `syz.0.557'. [ 327.783706][ T8582] ipvlan0: entered allmulticast mode [ 327.834166][ T8582] veth0_vlan: entered allmulticast mode [ 329.314745][ T8612] Line length is too long: Should be less than 4094 [ 329.485829][ T8616] syz.0.568 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 329.935820][ T8621] futex_wake_op: syz.2.569 tries to shift op by -2048; fix this program [ 330.089161][ T8628] futex_wake_op: syz.1.571 tries to shift op by -2048; fix this program [ 330.258135][ T8625] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 330.291299][ T8625] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 330.341705][ T8625] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 330.360491][ T8625] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 330.450209][ T8625] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 330.491780][ T8625] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 330.534982][ T8625] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 330.560342][ T8625] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 330.618410][ T8625] CPU0 is offline. [ 332.301531][ T8667] netlink: 342 bytes leftover after parsing attributes in process `syz.0.580'. [ 332.315641][ T5170] Bluetooth: hci2: command 0x0406 tx timeout [ 332.398698][ T5170] Bluetooth: hci3: command 0x0406 tx timeout [ 332.476134][ T5170] Bluetooth: hci1: command 0x0406 tx timeout [ 332.548117][ T8663] netlink: 154 bytes leftover after parsing attributes in process `syz.0.580'. [ 332.559662][ T5170] Bluetooth: hci0: command 0x0406 tx timeout [ 334.395612][ T5170] Bluetooth: hci2: command 0x0406 tx timeout [ 334.476009][ T5170] Bluetooth: hci3: command 0x0406 tx timeout [ 334.555688][ T5170] Bluetooth: hci1: command 0x0406 tx timeout [ 334.651371][ T5170] Bluetooth: hci0: command 0x0406 tx timeout [ 336.178119][ T8710] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 340.611647][ T8759] ubi0: attaching mtd0 [ 340.699472][ T8759] ubi0: scanning is finished [ 340.775360][ T8759] ubi0: empty MTD device detected [ 341.207903][ T8759] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 341.258504][ T8759] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 341.397997][ T8759] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 341.405023][ T8759] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 341.594365][ T8759] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 341.705740][ T8759] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 341.763464][ T8770] FAULT_INJECTION: forcing a failure. [ 341.763464][ T8770] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 341.777498][ T8759] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3338567542 [ 341.828523][ T8759] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 341.852263][ T8770] CPU: 1 UID: 0 PID: 8770 Comm: syz.3.602 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 341.852296][ T8770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 341.852309][ T8770] Call Trace: [ 341.852317][ T8770] [ 341.852325][ T8770] dump_stack_lvl+0x16c/0x1f0 [ 341.852365][ T8770] should_fail_ex+0x512/0x640 [ 341.852403][ T8770] should_fail_alloc_page+0xe7/0x130 [ 341.852428][ T8770] prepare_alloc_pages+0x3c2/0x610 [ 341.852460][ T8770] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 341.852501][ T8770] ? find_held_lock+0x2b/0x80 [ 341.852526][ T8770] ? is_bpf_text_address+0x8a/0x1a0 [ 341.852558][ T8770] ? bpf_ksym_find+0x124/0x1c0 [ 341.852584][ T8770] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 341.852618][ T8770] ? is_bpf_text_address+0x94/0x1a0 [ 341.852655][ T8770] ? __kernel_text_address+0xd/0x40 [ 341.852675][ T8770] ? unwind_get_return_address+0x59/0xa0 [ 341.852724][ T8770] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 341.852760][ T8770] ? policy_nodemask+0xea/0x4e0 [ 341.852783][ T8770] alloc_pages_mpol+0x1fb/0x550 [ 341.852805][ T8770] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 341.852825][ T8770] ? kasan_save_stack+0x33/0x60 [ 341.852858][ T8770] ? __kasan_kmalloc+0xaa/0xb0 [ 341.852889][ T8770] ? __get_vm_area_node+0x101/0x330 [ 341.852928][ T8770] alloc_pages_noprof+0x131/0x390 [ 341.852950][ T8770] get_free_pages_noprof+0x10/0xb0 [ 341.852974][ T8770] kasan_populate_vmalloc+0x89/0x1f0 [ 341.853013][ T8770] alloc_vmap_area+0x959/0x29c0 [ 341.853050][ T8770] ? __pfx_alloc_vmap_area+0x10/0x10 [ 341.853082][ T8770] __get_vm_area_node+0x1ca/0x330 [ 341.853131][ T8770] __vmalloc_node_range_noprof+0x271/0x14b0 [ 341.853156][ T8770] ? kernel_clone+0xfc/0x960 [ 341.853180][ T8770] ? local_lock_release+0x99/0x140 [ 341.853207][ T8770] ? kernel_clone+0xfc/0x960 [ 341.853231][ T8770] ? rcu_read_unlock+0x17/0x60 [ 341.853254][ T8770] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 341.853287][ T8770] ? kernel_clone+0xfc/0x960 [ 341.853311][ T8770] __vmalloc_node_noprof+0xad/0xf0 [ 341.853334][ T8770] ? kernel_clone+0xfc/0x960 [ 341.853361][ T8770] copy_process+0x2c70/0x7650 [ 341.853396][ T8770] ? __pfx_copy_process+0x10/0x10 [ 341.853432][ T8770] kernel_clone+0xfc/0x960 [ 341.853459][ T8770] ? __pfx_kernel_clone+0x10/0x10 [ 341.853493][ T8770] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 341.853526][ T8770] __do_sys_clone+0xce/0x120 [ 341.853550][ T8770] ? __pfx___do_sys_clone+0x10/0x10 [ 341.853585][ T8770] ? ksys_write+0x1ac/0x250 [ 341.853613][ T8770] ? __pfx_ksys_write+0x10/0x10 [ 341.853647][ T8770] do_syscall_64+0xcd/0x490 [ 341.853678][ T8770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.853698][ T8770] RIP: 0033:0x7f60b258e929 [ 341.853713][ T8770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 341.853731][ T8770] RSP: 002b:00007f60b3499fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 341.853749][ T8770] RAX: ffffffffffffffda RBX: 00007f60b27b5fa0 RCX: 00007f60b258e929 [ 341.853761][ T8770] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008008000 [ 341.853772][ T8770] RBP: 00007f60b349a090 R08: 0000200000000140 R09: 0000200000000140 [ 341.853784][ T8770] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 341.853795][ T8770] R13: 0000000000000000 R14: 00007f60b27b5fa0 R15: 00007ffced397e38 [ 341.853836][ T8770] [ 341.853896][ T8770] syz.3.602: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) [ 342.228321][ T8761] ubi0: detaching mtd0 [ 342.269563][ T8766] ubi0: background thread "ubi_bgt0d" started, PID 8766 [ 342.580326][ T8761] ubi0: mtd0 is detached [ 342.846278][ T8776] netlink: 28 bytes leftover after parsing attributes in process `syz.0.604'. [ 342.914578][ T8776] bridge0: port 2(bridge_slave_1) entered disabled state [ 343.442818][ T8770] ,cpuset=/,mems_allowed=0-1 [ 343.475594][ T8770] CPU: 1 UID: 0 PID: 8770 Comm: syz.3.602 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 343.475625][ T8770] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 343.475637][ T8770] Call Trace: [ 343.475644][ T8770] [ 343.475651][ T8770] dump_stack_lvl+0x16c/0x1f0 [ 343.475687][ T8770] warn_alloc+0x248/0x3a0 [ 343.475726][ T8770] ? __pfx_warn_alloc+0x10/0x10 [ 343.475758][ T8770] ? kfree+0x2b4/0x4d0 [ 343.475789][ T8770] ? __get_vm_area_node+0x208/0x330 [ 343.475819][ T8770] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 343.475846][ T8770] ? local_lock_release+0x99/0x140 [ 343.475874][ T8770] ? kernel_clone+0xfc/0x960 [ 343.475901][ T8770] ? rcu_read_unlock+0x17/0x60 [ 343.475925][ T8770] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 343.475961][ T8770] ? kernel_clone+0xfc/0x960 [ 343.475986][ T8770] __vmalloc_node_noprof+0xad/0xf0 [ 343.476012][ T8770] ? kernel_clone+0xfc/0x960 [ 343.476040][ T8770] copy_process+0x2c70/0x7650 [ 343.476077][ T8770] ? __pfx_copy_process+0x10/0x10 [ 343.476116][ T8770] kernel_clone+0xfc/0x960 [ 343.476144][ T8770] ? __pfx_kernel_clone+0x10/0x10 [ 343.476180][ T8770] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 343.476216][ T8770] __do_sys_clone+0xce/0x120 [ 343.476242][ T8770] ? __pfx___do_sys_clone+0x10/0x10 [ 343.476279][ T8770] ? ksys_write+0x1ac/0x250 [ 343.476308][ T8770] ? __pfx_ksys_write+0x10/0x10 [ 343.476345][ T8770] do_syscall_64+0xcd/0x490 [ 343.476378][ T8770] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.476399][ T8770] RIP: 0033:0x7f60b258e929 [ 343.476414][ T8770] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.476434][ T8770] RSP: 002b:00007f60b3499fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 343.476453][ T8770] RAX: ffffffffffffffda RBX: 00007f60b27b5fa0 RCX: 00007f60b258e929 [ 343.476466][ T8770] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008008000 [ 343.476478][ T8770] RBP: 00007f60b349a090 R08: 0000200000000140 R09: 0000200000000140 [ 343.476491][ T8770] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001 [ 343.476503][ T8770] R13: 0000000000000000 R14: 00007f60b27b5fa0 R15: 00007ffced397e38 [ 343.476528][ T8770] [ 343.476535][ T8770] Mem-Info: [ 343.823283][ T8776] bridge_slave_1 (unregistering): left allmulticast mode [ 343.885558][ T8776] bridge_slave_1 (unregistering): left promiscuous mode [ 343.992974][ T8776] bridge0: port 2(bridge_slave_1) entered disabled state [ 344.307617][ T8770] active_anon:56277 inactive_anon:0 isolated_anon:0 [ 344.307617][ T8770] active_file:21850 inactive_file:40758 isolated_file:0 [ 344.307617][ T8770] unevictable:768 dirty:786 writeback:0 [ 344.307617][ T8770] slab_reclaimable:10531 slab_unreclaimable:95035 [ 344.307617][ T8770] mapped:51439 shmem:49979 pagetables:1287 [ 344.307617][ T8770] sec_pagetables:0 bounce:0 [ 344.307617][ T8770] kernel_misc_reclaimable:0 [ 344.307617][ T8770] free:1267945 free_pcp:10077 free_cma:0 [ 344.353204][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.512489][ T8770] Node 0 active_anon:231244kB inactive_anon:0kB active_file:84164kB inactive_file:162840kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:209600kB dirty:2936kB writeback:0kB shmem:204568kB shmem_thp:6144kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12080kB pagetables:5064kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 344.546477][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.696186][ T8770] Node 1 active_anon:0kB inactive_anon:0kB active_file:3236kB inactive_file:192kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:56kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 344.727930][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.837671][ T8799] sd 0:0:1:0: PR command failed: 1026 [ 344.863489][ T8770] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 344.892373][ C1] vkms_vblank_simulate: vblank timer overrun [ 344.905444][ T8799] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 344.987576][ T8799] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 345.055589][ T8770] lowmem_reserve[]: 0 2480 2482 2482 2482 [ 345.075781][ T8770] Node 0 DMA32 free:1134396kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:244792kB inactive_anon:0kB active_file:84164kB inactive_file:161532kB unevictable:1536kB writepending:2960kB present:3129332kB managed:2540344kB mlocked:0kB bounce:0kB free_pcp:24292kB local_pcp:24292kB free_cma:0kB [ 345.108327][ C1] vkms_vblank_simulate: vblank timer overrun [ 345.285644][ T8770] lowmem_reserve[]: 0 0 1 1 1 [ 345.302649][ T8770] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1316kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 345.476503][ T8770] lowmem_reserve[]: 0 0 0 0 0 [ 345.481283][ T8770] Node 1 Normal free:3902312kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:3236kB inactive_file:192kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:15312kB local_pcp:15312kB free_cma:0kB [ 345.689950][ T8770] lowmem_reserve[]: 0 0 0 0 0 [ 345.712264][ T8770] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 345.812515][ T8770] Node 0 DMA32: 1*4kB (E) 397*8kB (UME) 230*16kB (UME) 1*32kB (U) 1*64kB (U) 288*128kB (ME) 215*256kB (ME) 119*512kB (M) 68*1024kB (UME) 0*2048kB 217*4096kB (UM) = 1118252kB [ 345.939694][ T8770] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 346.025617][ T8770] Node 1 Normal: 177*4kB (UME) 24*8kB (UE) 11*16kB (UME) 175*32kB (UME) 60*64kB (UME) 13*128kB (UE) 4*256kB (UE) 2*512kB (U) 3*1024kB (UE) 5*2048kB (UME) 946*4096kB (M) = 3902356kB [ 346.158158][ T8770] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 346.222945][ T8770] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 346.285564][ T8770] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 346.351771][ T8770] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 346.400677][ T8770] 122467 total pagecache pages [ 346.427715][ T8770] 0 pages in swap cache [ 346.448540][ T8770] Free swap = 124996kB [ 346.476023][ T8770] Total swap = 124996kB [ 346.495550][ T8770] 2097051 pages RAM [ 346.511869][ T8770] 0 pages HighMem/MovableOnly [ 346.535652][ T8770] 429987 pages reserved [ 346.549937][ T8770] 0 pages cma reserved [ 346.848999][ T30] audit: type=1800 audit(4295360623.032:4): pid=8817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.612" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 347.541267][ T8814] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 353.692445][ T8875] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 356.168295][ T8907] ptrace attach of "./syz-executor exec"[8908] was attempted by "./syz-executor exec"[8907] [ 359.021167][ T5858] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 359.034777][ T5858] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 359.043104][ T5858] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 359.052235][ T5858] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 359.061666][ T5858] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 359.596704][ T8934] netlink: zone id is out of range [ 359.601852][ T8934] netlink: zone id is out of range [ 359.767949][ T8934] netlink: zone id is out of range [ 359.805819][ T8934] netlink: zone id is out of range [ 359.810963][ T8934] netlink: zone id is out of range [ 360.145590][ T8934] netlink: zone id is out of range [ 360.150739][ T8934] netlink: zone id is out of range [ 360.279901][ T8934] netlink: zone id is out of range [ 360.285114][ T8934] netlink: zone id is out of range [ 360.486183][ T8934] netlink: zone id is out of range [ 360.590077][ T8932] chnl_net:caif_netlink_parms(): no params data found [ 361.115611][ T5858] Bluetooth: hci4: command tx timeout [ 363.197720][ T5858] Bluetooth: hci4: command tx timeout [ 365.275685][ T5858] Bluetooth: hci4: command tx timeout [ 366.208346][ T8932] bridge0: port 1(bridge_slave_0) entered blocking state [ 366.245649][ T8932] bridge0: port 1(bridge_slave_0) entered disabled state [ 366.252976][ T8932] bridge_slave_0: entered allmulticast mode [ 366.317547][ T8932] bridge_slave_0: entered promiscuous mode [ 366.378656][ T8932] bridge0: port 2(bridge_slave_1) entered blocking state [ 366.434652][ T8932] bridge0: port 2(bridge_slave_1) entered disabled state [ 366.495936][ T8932] bridge_slave_1: entered allmulticast mode [ 366.503394][ T8932] bridge_slave_1: entered promiscuous mode [ 366.982362][ T8932] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 367.057954][ T8932] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 367.355875][ T5858] Bluetooth: hci4: command tx timeout [ 367.875220][ T8932] team0: Port device team_slave_0 added [ 367.928196][ T8932] team0: Port device team_slave_1 added [ 368.723999][ T6639] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 369.253606][ T8932] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 369.292465][ T8932] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 369.407752][ T8932] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 369.909871][ T6639] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.020023][ T8932] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 370.065606][ T8932] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 370.188203][ T8932] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 370.630485][ T6639] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 371.053267][ T8932] hsr_slave_0: entered promiscuous mode [ 371.076303][ T8932] hsr_slave_1: entered promiscuous mode [ 371.082946][ T8932] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 371.168096][ T8932] Cannot create hsr debugfs directory [ 372.869567][ T6639] bridge_slave_0: left allmulticast mode [ 372.897144][ T6639] bridge_slave_0: left promiscuous mode [ 372.950539][ T6639] bridge0: port 1(bridge_slave_0) entered disabled state [ 373.829079][ T9014] netlink: 28 bytes leftover after parsing attributes in process `syz.3.654'. [ 375.876761][ T6639] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 375.901198][ T6639] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 376.009509][ T6639] bond0 (unregistering): Released all slaves [ 376.069555][ T9014] mac80211_hwsim hwsim5 wlan1: entered allmulticast mode [ 377.120771][ T8932] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 377.206800][ T8932] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 377.379556][ T6639] hsr_slave_0: left promiscuous mode [ 377.428189][ T6639] hsr_slave_1: left promiscuous mode [ 377.434201][ T6639] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 377.500370][ T6639] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 377.527980][ T6639] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 377.535408][ T6639] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 377.750075][ T6639] veth1_macvtap: left promiscuous mode [ 377.778598][ T6639] veth0_macvtap: left promiscuous mode [ 377.785006][ T6639] veth1_vlan: left promiscuous mode [ 377.818366][ T6639] veth0_vlan: left promiscuous mode [ 378.210713][ T9042] FAULT_INJECTION: forcing a failure. [ 378.210713][ T9042] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 378.253729][ T9042] CPU: 1 UID: 0 PID: 9042 Comm: syz.3.657 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 378.253763][ T9042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 378.253777][ T9042] Call Trace: [ 378.253785][ T9042] [ 378.253793][ T9042] dump_stack_lvl+0x16c/0x1f0 [ 378.253834][ T9042] should_fail_ex+0x512/0x640 [ 378.253872][ T9042] should_fail_alloc_page+0xe7/0x130 [ 378.253896][ T9042] prepare_alloc_pages+0x3c2/0x610 [ 378.253924][ T9042] ? rcu_is_watching+0x12/0xc0 [ 378.253951][ T9042] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 378.253993][ T9042] ? css_rstat_updated+0x9d/0xd30 [ 378.254024][ T9042] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 378.254058][ T9042] ? __lock_acquire+0x622/0x1c90 [ 378.254100][ T9042] ? __lock_acquire+0x622/0x1c90 [ 378.254133][ T9042] ? __lock_acquire+0x622/0x1c90 [ 378.254163][ T9042] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 378.254200][ T9042] ? policy_nodemask+0xea/0x4e0 [ 378.254224][ T9042] alloc_pages_mpol+0x1fb/0x550 [ 378.254247][ T9042] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 378.254277][ T9042] folio_alloc_mpol_noprof+0x36/0x2f0 [ 378.254305][ T9042] vma_alloc_folio_noprof+0xed/0x1e0 [ 378.254331][ T9042] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 378.254356][ T9042] ? find_held_lock+0x2b/0x80 [ 378.254380][ T9042] ? __handle_mm_fault+0x1092/0x5490 [ 378.254415][ T9042] __handle_mm_fault+0x2f21/0x5490 [ 378.254459][ T9042] ? __pfx___handle_mm_fault+0x10/0x10 [ 378.254503][ T9042] ? __pte_offset_map_lock+0x174/0x310 [ 378.254537][ T9042] ? find_held_lock+0x2b/0x80 [ 378.254557][ T9042] ? find_held_lock+0x2b/0x80 [ 378.254584][ T9042] ? follow_page_pte+0x3af/0x14c0 [ 378.254614][ T9042] handle_mm_fault+0x589/0xd10 [ 378.254647][ T9042] __get_user_pages+0x589/0x3b80 [ 378.254678][ T9042] ? __pfx_mt_find+0x10/0x10 [ 378.254697][ T9042] ? __pfx___get_user_pages+0x10/0x10 [ 378.254730][ T9042] populate_vma_page_range+0x278/0x3a0 [ 378.254757][ T9042] ? __pfx_populate_vma_page_range+0x10/0x10 [ 378.254782][ T9042] ? __pfx_find_vma_intersection+0x10/0x10 [ 378.254807][ T9042] ? do_mmap+0x69c/0x1210 [ 378.254832][ T9042] __mm_populate+0x1d8/0x380 [ 378.254858][ T9042] ? __pfx___mm_populate+0x10/0x10 [ 378.254885][ T9042] ? up_write+0x1b2/0x520 [ 378.254919][ T9042] vm_mmap_pgoff+0x362/0x450 [ 378.254944][ T9042] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 378.254970][ T9042] ? __x64_sys_futex+0x1e0/0x4c0 [ 378.254995][ T9042] ? __x64_sys_futex+0x1e9/0x4c0 [ 378.255023][ T9042] ksys_mmap_pgoff+0x7d/0x5c0 [ 378.255045][ T9042] ? xfd_validate_state+0x61/0x180 [ 378.255072][ T9042] ? __pfx_do_writev+0x10/0x10 [ 378.255103][ T9042] __x64_sys_mmap+0x125/0x190 [ 378.255137][ T9042] do_syscall_64+0xcd/0x490 [ 378.255170][ T9042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.255191][ T9042] RIP: 0033:0x7f60b258e929 [ 378.255207][ T9042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 378.255238][ T9042] RSP: 002b:00007f60b349a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 378.255257][ T9042] RAX: ffffffffffffffda RBX: 00007f60b27b5fa0 RCX: 00007f60b258e929 [ 378.255270][ T9042] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 378.255281][ T9042] RBP: 00007f60b2610b39 R08: 0000000000000007 R09: 0000000000028000 [ 378.255293][ T9042] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 378.255304][ T9042] R13: 0000000000000000 R14: 00007f60b27b5fa0 R15: 00007ffced397e38 [ 378.255329][ T9042] [ 380.301742][ T6639] team0 (unregistering): Port device team_slave_1 removed [ 380.428957][ T6639] team0 (unregistering): Port device team_slave_0 removed [ 381.730811][ T8932] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 381.840511][ T9042] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 381.870056][ T8932] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 381.879365][ T9042] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 381.906231][ T9042] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 383.398545][ T8932] 8021q: adding VLAN 0 to HW filter on device bond0 [ 383.542539][ T8932] 8021q: adding VLAN 0 to HW filter on device team0 [ 383.606837][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.613154][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 383.731178][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 383.731279][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 383.733464][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 383.733549][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 383.900900][ T8932] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 385.135172][ T8932] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 387.850893][ T8932] veth0_vlan: entered promiscuous mode [ 387.897767][ T8932] veth1_vlan: entered promiscuous mode [ 388.014826][ T8932] veth0_macvtap: entered promiscuous mode [ 388.068547][ T8932] veth1_macvtap: entered promiscuous mode [ 388.660405][ T8932] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 388.711364][ T8932] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 388.788960][ T8932] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 388.847194][ T8932] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 388.892431][ T8932] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 388.933978][ T8932] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 389.870000][ T6632] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 389.938481][ T6632] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 390.290505][ T6632] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 390.358277][ T6632] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 392.999077][ T9173] hub 8-0:1.0: USB hub found [ 393.190633][ T9173] hub 8-0:1.0: 1 port detected [ 393.387251][ T9209] ptrace attach of "./syz-executor exec"[9212] was attempted by "./syz-executor exec"[9209] [ 395.345715][ T9240] ptrace attach of ""[9243] was attempted by "./syz-executor exec"[9240] [ 396.103619][ T9258] nfsd: Unknown parameter ' 0 0 [ 396.103619][ T9258] 1 293980 0 0 [ 396.103619][ T9258] 2 293980 0 0 [ 396.103619][ T9258] 3 }[' [ 396.707152][ T9266] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 396.921830][ T9266] CIFS mount error: No usable UNC path provided in device string! [ 396.921830][ T9266] [ 397.199901][ T9266] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 398.030636][ T9279] vhci_hcd: invalid port number 16 [ 398.077793][ T9279] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 400.166054][ T9300] random: crng reseeded on system resumption [ 401.170060][ T9318] FAULT_INJECTION: forcing a failure. [ 401.170060][ T9318] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 401.279018][ T9318] CPU: 1 UID: 0 PID: 9318 Comm: syz.4.686 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 401.279047][ T9318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 401.279059][ T9318] Call Trace: [ 401.279065][ T9318] [ 401.279072][ T9318] dump_stack_lvl+0x16c/0x1f0 [ 401.279106][ T9318] should_fail_ex+0x512/0x640 [ 401.279139][ T9318] _copy_to_user+0x32/0xd0 [ 401.279172][ T9318] simple_read_from_buffer+0xcb/0x170 [ 401.279199][ T9318] proc_fail_nth_read+0x197/0x270 [ 401.279223][ T9318] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 401.279248][ T9318] ? rw_verify_area+0xcf/0x680 [ 401.279272][ T9318] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 401.279295][ T9318] vfs_read+0x1e4/0xc60 [ 401.279331][ T9318] ? __pfx___mutex_lock+0x10/0x10 [ 401.279361][ T9318] ? __pfx_vfs_read+0x10/0x10 [ 401.279394][ T9318] ? __fget_files+0x20e/0x3c0 [ 401.279428][ T9318] ksys_read+0x12a/0x250 [ 401.279454][ T9318] ? __pfx_ksys_read+0x10/0x10 [ 401.279489][ T9318] do_syscall_64+0xcd/0x490 [ 401.279520][ T9318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.279539][ T9318] RIP: 0033:0x7f383758d33c [ 401.279554][ T9318] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 401.279572][ T9318] RSP: 002b:00007f38383b5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 401.279590][ T9318] RAX: ffffffffffffffda RBX: 00007f38377b5fa0 RCX: 00007f383758d33c [ 401.279603][ T9318] RDX: 000000000000000f RSI: 00007f38383b50a0 RDI: 0000000000000003 [ 401.279614][ T9318] RBP: 00007f38383b5090 R08: 0000000000000000 R09: 0000000000000000 [ 401.279626][ T9318] R10: 0000000055becab1 R11: 0000000000000246 R12: 0000000000000002 [ 401.279637][ T9318] R13: 0000000000000001 R14: 00007f38377b5fa0 R15: 00007ffd98c5e8d8 [ 401.279661][ T9318] [ 402.544843][ T9337] FAULT_INJECTION: forcing a failure. [ 402.544843][ T9337] name failslab, interval 1, probability 0, space 0, times 0 [ 402.656642][ T9337] CPU: 1 UID: 0 PID: 9337 Comm: syz.1.687 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 402.656672][ T9337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 402.656684][ T9337] Call Trace: [ 402.656690][ T9337] [ 402.656698][ T9337] dump_stack_lvl+0x16c/0x1f0 [ 402.656732][ T9337] should_fail_ex+0x512/0x640 [ 402.656762][ T9337] ? __kvmalloc_node_noprof+0x124/0x620 [ 402.656794][ T9337] should_failslab+0xc2/0x120 [ 402.656813][ T9337] __kvmalloc_node_noprof+0x137/0x620 [ 402.656842][ T9337] ? lockdep_init_map_type+0x5c/0x280 [ 402.656871][ T9337] ? alloc_netdev_mqs+0xcf8/0x1570 [ 402.656908][ T9337] ? alloc_netdev_mqs+0xcf8/0x1570 [ 402.656937][ T9337] alloc_netdev_mqs+0xcf8/0x1570 [ 402.656974][ T9337] __ip_tunnel_create+0x3ad/0x6e0 [ 402.656998][ T9337] ? __pfx___ip_tunnel_create+0x10/0x10 [ 402.657028][ T9337] ip_tunnel_init_net+0x22f/0x7d0 [ 402.657054][ T9337] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 402.657081][ T9337] ? trace_kmalloc+0x2b/0xd0 [ 402.657104][ T9337] ? __kmalloc_noprof+0x242/0x510 [ 402.657134][ T9337] ? lockdep_init_map_type+0x5c/0x280 [ 402.657167][ T9337] ? __pfx_ipgre_init_net+0x10/0x10 [ 402.657257][ T9337] ops_init+0x1e2/0x5f0 [ 402.657292][ T9337] setup_net+0x1ff/0x510 [ 402.657322][ T9337] ? lockdep_init_map_type+0x5c/0x280 [ 402.657369][ T9337] ? __pfx_setup_net+0x10/0x10 [ 402.657405][ T9337] ? debug_mutex_init+0x37/0x70 [ 402.657430][ T9337] copy_net_ns+0x2a6/0x5f0 [ 402.657454][ T9337] create_new_namespaces+0x3ea/0xa90 [ 402.657485][ T9337] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 402.657513][ T9337] ksys_unshare+0x45b/0xa40 [ 402.657544][ T9337] ? __pfx_ksys_unshare+0x10/0x10 [ 402.657575][ T9337] ? xfd_validate_state+0x61/0x180 [ 402.657612][ T9337] __x64_sys_unshare+0x31/0x40 [ 402.657642][ T9337] do_syscall_64+0xcd/0x490 [ 402.657677][ T9337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.657699][ T9337] RIP: 0033:0x7f4a91b8e929 [ 402.657716][ T9337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.657736][ T9337] RSP: 002b:00007f4a92ac1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 402.657756][ T9337] RAX: ffffffffffffffda RBX: 00007f4a91db5fa0 RCX: 00007f4a91b8e929 [ 402.657769][ T9337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 402.657782][ T9337] RBP: 00007f4a91c10b39 R08: 0000000000000000 R09: 0000000000000000 [ 402.657795][ T9337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 402.657807][ T9337] R13: 0000000000000000 R14: 00007f4a91db5fa0 R15: 00007ffc8f061828 [ 402.657834][ T9337] [ 403.701608][ T9350] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 407.430449][ T9408] ptrace attach of ""[9414] was attempted by "./syz-executor exec"[9408] [ 407.591073][ T9418] ptrace attach of "./syz-executor exec"[9421] was attempted by "./syz-executor exec"[9418] [ 418.217288][ T9592] CIFS: VFS: Unsupported security flags: 0x10 [ 420.240470][ T9620] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 420.311162][ T9620] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 420.335807][ T9620] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 420.341980][ T9620] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 420.431231][ T9620] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 420.661219][ T9620] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 420.738795][ T9620] CPU0 is offline. [ 422.155568][ T5170] Bluetooth: hci2: command 0x0406 tx timeout [ 422.396527][ T5858] Bluetooth: hci0: command 0x0406 tx timeout [ 422.402668][ T5858] Bluetooth: hci1: command 0x0406 tx timeout [ 422.408764][ T5170] Bluetooth: hci4: command 0x0c1a tx timeout [ 422.542316][ T9675] random: crng reseeded on system resumption [ 424.475970][ T5858] Bluetooth: hci4: command 0x0c1a tx timeout [ 426.555891][ T5858] Bluetooth: hci4: command 0x0c1a tx timeout [ 432.843885][ T9826] netlink: 342 bytes leftover after parsing attributes in process `syz.3.762'. [ 433.400280][ T9836] netlink: 330 bytes leftover after parsing attributes in process `syz.2.764'. [ 433.667529][ T9836] : renamed from lo (while UP) [ 437.606612][ T9872] ubi0: attaching mtd0 [ 437.612047][ T9872] ubi0: scanning is finished [ 437.681571][ T9872] ubi0 warning: ubi_read_volume_table: volume table copy #2 is corrupted [ 437.777577][ T9872] ubi0: volume table was restored [ 438.371565][ T9872] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 438.450817][ T9872] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 438.585567][ T9872] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 438.592580][ T9872] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 438.805769][ T9872] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 438.903267][ T9872] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 439.148885][ T9872] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3338567542 [ 439.311438][ T9872] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 439.405688][ T9885] ubi0: background thread "ubi_bgt0d" started, PID 9885 [ 439.450198][ T9890] netlink: 342 bytes leftover after parsing attributes in process `syz.2.774'. [ 440.024994][ T9898] net_ratelimit: 77 callbacks suppressed [ 440.025012][ T9898] openvswitch: netlink: IP tunnel dst address not specified [ 440.064523][ T9894] can: request_module (can-proto-0) failed. [ 440.196980][ T9901] netlink: 342 bytes leftover after parsing attributes in process `syz.2.777'. [ 440.294871][ T9898] netlink: 342 bytes leftover after parsing attributes in process `syz.2.777'. [ 440.368335][ T9901] IPv6: NLM_F_CREATE should be specified when creating new route [ 440.415752][ T9901] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 440.415825][ T9901] IPv6: NLM_F_CREATE should be set when creating new route [ 440.415845][ T9901] IPv6: NLM_F_CREATE should be set when creating new route [ 445.045037][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.052354][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 445.500263][ T9949] FAULT_INJECTION: forcing a failure. [ 445.500263][ T9949] name failslab, interval 1, probability 0, space 0, times 0 [ 445.574204][ T9949] CPU: 1 UID: 0 PID: 9949 Comm: syz.4.788 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 445.574233][ T9949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 445.574245][ T9949] Call Trace: [ 445.574251][ T9949] [ 445.574259][ T9949] dump_stack_lvl+0x16c/0x1f0 [ 445.574293][ T9949] should_fail_ex+0x512/0x640 [ 445.574321][ T9949] ? fs_reclaim_acquire+0xae/0x150 [ 445.574346][ T9949] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 445.574373][ T9949] should_failslab+0xc2/0x120 [ 445.574392][ T9949] __kmalloc_noprof+0xd2/0x510 [ 445.574426][ T9949] tomoyo_realpath_from_path+0xc2/0x6e0 [ 445.574456][ T9949] ? tomoyo_profile+0x47/0x60 [ 445.574489][ T9949] tomoyo_path_number_perm+0x245/0x580 [ 445.574510][ T9949] ? tomoyo_path_number_perm+0x237/0x580 [ 445.574535][ T9949] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 445.574559][ T9949] ? find_held_lock+0x2b/0x80 [ 445.574601][ T9949] ? find_held_lock+0x2b/0x80 [ 445.574620][ T9949] ? hook_file_ioctl_common+0x145/0x410 [ 445.574646][ T9949] ? __fget_files+0x20e/0x3c0 [ 445.574678][ T9949] security_file_ioctl+0x9b/0x240 [ 445.574703][ T9949] __x64_sys_ioctl+0xb7/0x210 [ 445.574728][ T9949] do_syscall_64+0xcd/0x490 [ 445.574759][ T9949] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.574779][ T9949] RIP: 0033:0x7f383758e929 [ 445.574794][ T9949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.574812][ T9949] RSP: 002b:00007f38383b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 445.574831][ T9949] RAX: ffffffffffffffda RBX: 00007f38377b5fa0 RCX: 00007f383758e929 [ 445.574843][ T9949] RDX: 0000000000000000 RSI: 00000000c004500a RDI: 0000000000000003 [ 445.574854][ T9949] RBP: 00007f38383b5090 R08: 0000000000000000 R09: 0000000000000000 [ 445.574866][ T9949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 445.574877][ T9949] R13: 0000000000000000 R14: 00007f38377b5fa0 R15: 00007ffd98c5e8d8 [ 445.574901][ T9949] [ 445.574908][ T9949] ERROR: Out of memory at tomoyo_realpath_from_path. [ 448.798460][ T9957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.789'. [ 452.709254][T10008] netlink: 342 bytes leftover after parsing attributes in process `syz.4.800'. [ 457.017789][T10039] ptrace attach of "./syz-executor exec"[5849] was attempted by "./syz-executor exec"[10039] [ 457.913410][T10058] 0x000200000001-0xa29656a63616329 : "" [ 457.950618][T10058] mtd: partition "" is out of reach -- disabled [ 457.984939][T10058] FAULT_INJECTION: forcing a failure. [ 457.984939][T10058] name failslab, interval 1, probability 0, space 0, times 0 [ 458.071715][T10058] CPU: 1 UID: 0 PID: 10058 Comm: syz.4.812 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 458.071744][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 458.071755][T10058] Call Trace: [ 458.071761][T10058] [ 458.071768][T10058] dump_stack_lvl+0x16c/0x1f0 [ 458.071802][T10058] should_fail_ex+0x512/0x640 [ 458.071849][T10058] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 458.071886][T10058] should_failslab+0xc2/0x120 [ 458.071905][T10058] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 458.071942][T10058] ? kstrdup_const+0x63/0x80 [ 458.071977][T10058] kstrdup+0x53/0x100 [ 458.072035][T10058] kstrdup_const+0x63/0x80 [ 458.072069][T10058] __kernfs_new_node+0x9b/0x8e0 [ 458.072105][T10058] ? __pfx___kernfs_new_node+0x10/0x10 [ 458.072145][T10058] ? find_held_lock+0x2b/0x80 [ 458.072169][T10058] ? kernfs_root+0xee/0x2a0 [ 458.072207][T10058] kernfs_new_node+0x13c/0x1e0 [ 458.072248][T10058] kernfs_create_dir_ns+0x4c/0x1a0 [ 458.072272][T10058] sysfs_create_dir_ns+0x13a/0x2b0 [ 458.072304][T10058] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 458.072333][T10058] ? find_held_lock+0x2b/0x80 [ 458.072361][T10058] ? class_dir_child_ns_type+0xd/0x60 [ 458.072386][T10058] kobject_add_internal+0x2c4/0x9b0 [ 458.072413][T10058] kobject_add+0x16e/0x240 [ 458.072434][T10058] ? __pfx_kobject_add+0x10/0x10 [ 458.072457][T10058] ? get_device_parent+0x1c5/0x4e0 [ 458.072494][T10058] ? kobject_put+0xab/0x5a0 [ 458.072532][T10058] ? device_add+0xbff/0x1a70 [ 458.072558][T10058] device_add+0x288/0x1a70 [ 458.072583][T10058] ? lockdep_init_map_type+0x5c/0x280 [ 458.072616][T10058] ? __pfx_device_add+0x10/0x10 [ 458.072638][T10058] ? lockdep_init_map_type+0x5c/0x280 [ 458.072671][T10058] ? __init_waitqueue_head+0xca/0x150 [ 458.072701][T10058] add_mtd_device+0x999/0x1720 [ 458.072746][T10058] ? __pfx_add_mtd_device+0x10/0x10 [ 458.072790][T10058] mtd_add_partition+0x30c/0x670 [ 458.072817][T10058] ? __pfx_mtd_add_partition+0x10/0x10 [ 458.072840][T10058] ? __might_fault+0xe3/0x190 [ 458.072872][T10058] ? __might_fault+0xe3/0x190 [ 458.072917][T10058] mtdchar_blkpg_ioctl+0x20b/0x250 [ 458.072944][T10058] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 458.073001][T10058] mtdchar_ioctl+0xbc4/0x2090 [ 458.073040][T10058] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 458.073071][T10058] ? __mutex_trylock_common+0xe9/0x250 [ 458.073105][T10058] ? __pfx___mutex_trylock_common+0x10/0x10 [ 458.073152][T10058] ? __pfx___might_resched+0x10/0x10 [ 458.073180][T10058] ? trace_contention_end+0xdd/0x130 [ 458.073222][T10058] ? __mutex_lock+0x1ca/0xb90 [ 458.073255][T10058] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 458.073281][T10058] ? __pfx___mutex_lock+0x10/0x10 [ 458.073313][T10058] ? fd_install+0x244/0x750 [ 458.073353][T10058] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 458.073376][T10058] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 458.073402][T10058] __x64_sys_ioctl+0x18b/0x210 [ 458.073428][T10058] do_syscall_64+0xcd/0x490 [ 458.073460][T10058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 458.073481][T10058] RIP: 0033:0x7f383758e929 [ 458.073496][T10058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 458.073515][T10058] RSP: 002b:00007f38383b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 458.073533][T10058] RAX: ffffffffffffffda RBX: 00007f38377b5fa0 RCX: 00007f383758e929 [ 458.073557][T10058] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000003 [ 458.073568][T10058] RBP: 00007f38383b5090 R08: 0000000000000000 R09: 0000000000000000 [ 458.073580][T10058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 458.073591][T10058] R13: 0000000000000000 R14: 00007f38377b5fa0 R15: 00007ffd98c5e8d8 [ 458.073633][T10058] [ 458.073644][T10058] kobject: kobject_add_internal failed for mtd1 (error: -12 parent: mtd) [ 459.811628][T10058] ------------[ cut here ]------------ [ 459.817358][T10058] WARNING: CPU: 1 PID: 10058 at drivers/mtd/mtdpart.c:37 release_mtd_partition+0x71/0x90 [ 459.827461][T10058] Modules linked in: [ 459.831510][T10058] CPU: 1 UID: 0 PID: 10058 Comm: syz.4.812 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 459.843658][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 459.853768][T10058] RIP: 0010:release_mtd_partition+0x71/0x90 [ 459.859746][T10058] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 9f 2f ac fb 48 89 df 5b 5d e9 95 2f ac fb e8 90 52 51 fb 90 <0f> 0b 90 eb c2 e8 f5 33 b7 fb eb db 48 89 ef e8 eb 33 b7 fb eb a5 [ 459.879898][T10058] RSP: 0018:ffffc90004957840 EFLAGS: 00010293 [ 459.886430][T10058] RAX: 0000000000000000 RBX: ffff88805f6ec000 RCX: ffffffff8b7fa900 [ 459.894417][T10058] RDX: ffff888021b7da00 RSI: ffffffff866a0c50 RDI: ffff88805f6ec000 [ 459.902558][T10058] RBP: ffff88805f6ec648 R08: 0000000000000005 R09: 0000000000000000 [ 459.910576][T10058] R10: 0000000000000004 R11: ffffffff81000130 R12: 0000000000000000 [ 459.919011][T10058] R13: dffffc0000000000 R14: ffff88807d4283a0 R15: 0000000000000000 [ 459.927027][T10058] FS: 00007f38383b56c0(0000) GS:ffff888124820000(0000) knlGS:0000000000000000 [ 459.936375][T10058] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 459.942975][T10058] CR2: 00007f38383949c8 CR3: 000000007b06a000 CR4: 00000000003526f0 [ 459.951076][T10058] Call Trace: [ 459.954364][T10058] [ 459.957345][T10058] mtd_release+0xa0/0xd0 [ 459.961641][T10058] ? __pfx_mtd_release+0x10/0x10 [ 459.966977][T10058] device_release+0xa4/0x240 [ 459.971581][T10058] kobject_put+0x1e7/0x5a0 [ 459.976294][T10058] put_device+0x1f/0x30 [ 459.980465][T10058] add_mtd_device+0xbc7/0x1720 [ 459.985262][T10058] ? __pfx_add_mtd_device+0x10/0x10 [ 459.990588][T10058] mtd_add_partition+0x30c/0x670 [ 459.995607][T10058] ? __pfx_mtd_add_partition+0x10/0x10 [ 460.001076][T10058] ? __might_fault+0xe3/0x190 [ 460.005808][T10058] ? __might_fault+0xe3/0x190 [ 460.010527][T10058] mtdchar_blkpg_ioctl+0x20b/0x250 [ 460.015707][T10058] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 460.021397][T10058] mtdchar_ioctl+0xbc4/0x2090 [ 460.026158][T10058] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 460.031505][T10058] ? __mutex_trylock_common+0xe9/0x250 [ 460.037080][T10058] ? __pfx___mutex_trylock_common+0x10/0x10 [ 460.043006][T10058] ? __pfx___might_resched+0x10/0x10 [ 460.048353][T10058] ? trace_contention_end+0xdd/0x130 [ 460.053658][T10058] ? __mutex_lock+0x1ca/0xb90 [ 460.058389][T10058] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 460.063770][T10058] ? __pfx___mutex_lock+0x10/0x10 [ 460.069131][T10058] ? fd_install+0x244/0x750 [ 460.073691][T10058] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 460.079149][T10058] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 460.085057][T10058] __x64_sys_ioctl+0x18b/0x210 [ 460.089863][T10058] do_syscall_64+0xcd/0x490 [ 460.094388][T10058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.100348][T10058] RIP: 0033:0x7f383758e929 [ 460.104774][T10058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.124452][T10058] RSP: 002b:00007f38383b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 460.133128][T10058] RAX: ffffffffffffffda RBX: 00007f38377b5fa0 RCX: 00007f383758e929 [ 460.141171][T10058] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000003 [ 460.149185][T10058] RBP: 00007f38383b5090 R08: 0000000000000000 R09: 0000000000000000 [ 460.157248][T10058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 460.165235][T10058] R13: 0000000000000000 R14: 00007f38377b5fa0 R15: 00007ffd98c5e8d8 [ 460.173598][T10058] [ 460.176895][T10058] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 460.184621][T10058] CPU: 1 UID: 0 PID: 10058 Comm: syz.4.812 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) [ 460.196615][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 460.206731][T10058] Call Trace: [ 460.210029][T10058] [ 460.212971][T10058] dump_stack_lvl+0x3d/0x1f0 [ 460.217595][T10058] panic+0x71c/0x800 [ 460.221512][T10058] ? __pfx_panic+0x10/0x10 [ 460.225967][T10058] ? show_trace_log_lvl+0x29b/0x3e0 [ 460.231214][T10058] ? check_panic_on_warn+0x1f/0xb0 [ 460.236359][T10058] ? release_mtd_partition+0x71/0x90 [ 460.241650][T10058] check_panic_on_warn+0xab/0xb0 [ 460.246609][T10058] __warn+0xf6/0x3c0 [ 460.250539][T10058] ? release_mtd_partition+0x71/0x90 [ 460.255834][T10058] report_bug+0x3c3/0x580 [ 460.260184][T10058] ? release_mtd_partition+0x71/0x90 [ 460.265487][T10058] handle_bug+0x184/0x210 [ 460.269827][T10058] exc_invalid_op+0x17/0x50 [ 460.274335][T10058] asm_exc_invalid_op+0x1a/0x20 [ 460.279193][T10058] RIP: 0010:release_mtd_partition+0x71/0x90 [ 460.285092][T10058] Code: 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 1e 48 8b 7b 38 e8 9f 2f ac fb 48 89 df 5b 5d e9 95 2f ac fb e8 90 52 51 fb 90 <0f> 0b 90 eb c2 e8 f5 33 b7 fb eb db 48 89 ef e8 eb 33 b7 fb eb a5 [ 460.304706][T10058] RSP: 0018:ffffc90004957840 EFLAGS: 00010293 [ 460.310803][T10058] RAX: 0000000000000000 RBX: ffff88805f6ec000 RCX: ffffffff8b7fa900 [ 460.318784][T10058] RDX: ffff888021b7da00 RSI: ffffffff866a0c50 RDI: ffff88805f6ec000 [ 460.326783][T10058] RBP: ffff88805f6ec648 R08: 0000000000000005 R09: 0000000000000000 [ 460.334773][T10058] R10: 0000000000000004 R11: ffffffff81000130 R12: 0000000000000000 [ 460.342746][T10058] R13: dffffc0000000000 R14: ffff88807d4283a0 R15: 0000000000000000 [ 460.350740][T10058] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.356836][T10058] ? delete_node+0x2f0/0x8d0 [ 460.361440][T10058] ? release_mtd_partition+0x70/0x90 [ 460.366745][T10058] mtd_release+0xa0/0xd0 [ 460.371030][T10058] ? __pfx_mtd_release+0x10/0x10 [ 460.375986][T10058] device_release+0xa4/0x240 [ 460.380592][T10058] kobject_put+0x1e7/0x5a0 [ 460.385026][T10058] put_device+0x1f/0x30 [ 460.389191][T10058] add_mtd_device+0xbc7/0x1720 [ 460.393992][T10058] ? __pfx_add_mtd_device+0x10/0x10 [ 460.399228][T10058] mtd_add_partition+0x30c/0x670 [ 460.404181][T10058] ? __pfx_mtd_add_partition+0x10/0x10 [ 460.409653][T10058] ? __might_fault+0xe3/0x190 [ 460.414398][T10058] ? __might_fault+0xe3/0x190 [ 460.419132][T10058] mtdchar_blkpg_ioctl+0x20b/0x250 [ 460.424259][T10058] ? __pfx_mtdchar_blkpg_ioctl+0x10/0x10 [ 460.429926][T10058] mtdchar_ioctl+0xbc4/0x2090 [ 460.434620][T10058] ? __pfx_mtdchar_ioctl+0x10/0x10 [ 460.439755][T10058] ? __mutex_trylock_common+0xe9/0x250 [ 460.445235][T10058] ? __pfx___mutex_trylock_common+0x10/0x10 [ 460.451156][T10058] ? __pfx___might_resched+0x10/0x10 [ 460.456469][T10058] ? trace_contention_end+0xdd/0x130 [ 460.461778][T10058] ? __mutex_lock+0x1ca/0xb90 [ 460.466483][T10058] ? mtdchar_unlocked_ioctl+0xa2/0xf0 [ 460.471876][T10058] ? __pfx___mutex_lock+0x10/0x10 [ 460.476927][T10058] ? fd_install+0x244/0x750 [ 460.481459][T10058] mtdchar_unlocked_ioctl+0xb0/0xf0 [ 460.486673][T10058] ? __pfx_mtdchar_unlocked_ioctl+0x10/0x10 [ 460.492590][T10058] __x64_sys_ioctl+0x18b/0x210 [ 460.497374][T10058] do_syscall_64+0xcd/0x490 [ 460.501899][T10058] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.507838][T10058] RIP: 0033:0x7f383758e929 [ 460.512264][T10058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.532026][T10058] RSP: 002b:00007f38383b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 460.540464][T10058] RAX: ffffffffffffffda RBX: 00007f38377b5fa0 RCX: 00007f383758e929 [ 460.548448][T10058] RDX: 0000000000000000 RSI: 0000000000001269 RDI: 0000000000000003 [ 460.556424][T10058] RBP: 00007f38383b5090 R08: 0000000000000000 R09: 0000000000000000 [ 460.564486][T10058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 460.572466][T10058] R13: 0000000000000000 R14: 00007f38377b5fa0 R15: 00007ffd98c5e8d8 [ 460.580478][T10058] [ 460.583601][T10058] Kernel Offset: disabled [ 460.587929][T10058] Rebooting in 86400 seconds..