last executing test programs: 5.18381819s ago: executing program 1 (id=5083): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) recvmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x4, &(0x7f0000000080)={0x0, 0x803}, 0x5, 0x0, 0x2, 0x8}, 0x800}, 0x1fe, 0x8, 0x0) r1 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) write$auto_rfkill_fops_core(r1, 0x0, 0x700) 5.075783251s ago: executing program 1 (id=5086): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(r0, 0x84, 0x1, 0x0, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r1, 0x4, 0x7ff) ptrace$auto(0x2, r1, 0x3, 0x4f) 4.966803578s ago: executing program 1 (id=5088): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000800)='/sys/devices/virtual/bdi/43:384/max_bytes\x00', 0x181482, 0x0) read$auto(r0, 0x0, 0x9) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x311) prctl$auto(0x38, 0x1, 0x0, 0x0, 0x7ff) prctl$auto(0x6, 0x0, 0x2, 0x2000000, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) r1 = socket(0xa, 0x3, 0xff) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x3f) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x96141, 0x0) r2 = socket(0x1b, 0x3, 0x76) madvise$auto(0x0, 0x2000040080000003, 0xa) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r3, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(r0, 0x1, 0x52, 0x0, &(0x7f00000001c0)) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x4, 0x0, 0x0, 0x0, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x801, 0x106) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x40041) syz_genetlink_get_family_id$auto_nlctrl(0x0, r2) 3.67851479s ago: executing program 1 (id=5095): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff024}}) write$auto(r0, 0x0, 0x6) 2.668249923s ago: executing program 2 (id=5098): r0 = socket(0x2, 0x3, 0xa) open(0x0, 0x149443, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lo/tx_queue_len\x00', 0x100, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.0/detach\x00', 0x2501, 0x0) write$auto(r0, &(0x7f0000000380)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1d\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xfe\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) 2.488438563s ago: executing program 3 (id=5100): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/auto_online_blocks\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x80) write$auto(0x3, 0x0, 0xfdef) 2.471631231s ago: executing program 2 (id=5101): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi0\x00', 0x408dc1, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x20, 0xf1, 0xb0, @raw=0x68e8}}) 2.423717503s ago: executing program 1 (id=5102): close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/nfsd.fh/channel\x00', 0x8f3b7a51b80ebd01, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty51\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x4b71, r0) 2.327792698s ago: executing program 3 (id=5104): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0) read$auto(r0, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 2.250409537s ago: executing program 2 (id=5105): mmap$auto(0x0, 0x400008, 0x7, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto(r0, 0x800089f0, r0) 2.13744911s ago: executing program 3 (id=5107): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0xffffffffffffffff, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video3\x00', 0x40080, 0x0) ioctl$auto(0x3, 0x4020565a, 0x38) 1.919302401s ago: executing program 2 (id=5109): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x400008, 0xe3, 0xbb72, 0x2, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x4, 0x14000000000df, 0x40eb2, r0, 0x300000000000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) write$auto(0x3, 0x0, 0x100082) 1.89418119s ago: executing program 3 (id=5110): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r2 = socket(0x18, 0x3, 0x2) accept$auto(r2, 0x0, 0x0) write$auto_tty_fops_tty_io(r1, &(0x7f00000001c0)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fd9b5d", 0x25) sched_get_priority_min$auto(0x40) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0xb49dc2, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000002140)='/proc/sys/fs/file-nr\x00', 0x0, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r3, &(0x7f0000002180)=""/211, 0xd3) socket(0x6, 0x2, 0x80000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x10084) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) bpf$auto(0x0, &(0x7f0000000340)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0xfa, 0x80}, 0x96) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x0, 0x0) open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0xc) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000002280)={0x1d64, r5, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IE_RIC={0x7e4, 0xb2, "ca895e8b907db2bf1ebd2e830cab4eb970fa3ab01cdc0e49c2ecabe163916b75ab6c090a40fb17c6053976bd3fa14ac8e2b9d1acb86949b7b08629d9c71663644d03db9c036745cdca7bd8063616c240041dd1fa67fe2668720f8755afa127d364416171d07db0935e931fc26898cafdb0f71be23a8a08bb754700e9d9415fc08c43b91bd299c3e7a458ea90fee83a32df69410d01a07089da12ecbee585bd9d27f7c5750d36ade3b4338f85b3cd0dd27eccda2893b25e0d3bbbca01712c6374380ad5db6efa5ebab85d947b026672ccb2c72bb52a0cf13b62e15556605158a223c98950049e49ffe066689b23b072bd3ec14ef709eca320da28fa7804c19a3ec7941fe99e2e7e2940e0035cd35e26fd0617dead8b55a8748571b6615b12ff257962c1acb1b3bf35e43fdb406dac960934e82a78656f4d20022739b868d6f7dfd9d2f27439ef1ac889e905f71a22514ace9df1a3d59d4f0b5b9cf97db56b7b63bdc9392c9b650e011d41f7c6555c78cda1c36ac2480a2e858beca0f3d112dc77d8a27362b755bf4cc7449862841e39f4b2b576adaf84087c0c4f47dac02e529419a595e8d081df0505c04c0e9eda83c1608822c305858023e8eb201ae094b1f665c9c6bb5f60d2bdf157111db031e05b7f5f304c7d9a8319f0d4e529e5e15548981243471faf7140eb1b19a7ee3139a52d76c57230355e7e6817affddc6adc12d3534bc96ad7db8454977b2c8541a878f7082d536764cfee7db69d2a0027408e57a5cc69f7ed25e09625d5de6a832830ec59ed9e71e4d7739900070ced1a2c1d526144fa46b50eec1abd6e549ce1eaee117940afe96a2f2d16f84fd9b89c481bd32d298120875c6dc98a1f06290325ec5df8795508a9afd1edc9235b57c0d1233aaaceaabe60d034bf01a9e0951cdabe31aa4f2ccb010d70d2f01d6078e78387f78e517915f452d2f8e4557ef1836f56b2ea9ffde7f6ea51158c15fbb0c5ade803c2faf340b518dfb608ad89b2ab9162ee80ac0145681b4704f140ea5e0ff16d9f387a03e640822772da65e3121f1334b2da2044e78f394c53d7d9ff2dacce609df3ecd3a8dd1912b2f79c63cbea3c5bdeae7cdf7bc8e417401e99ec59e8b5e182cce49b4dc51e874b12329f9173f3f355835bf675e82887c1ec7c362fc3254cfa76aaf13dbbe4b8da019c2bbd5fd86bdfa0594de7e9d5e91515367315371fb2833062dfde6793700e19542338de994f32b1dab4d7c9fce1de7feb7a1928289e4e1ea52a08c8df9411c9099008edc9050b6422341a0c80d25bf8ba11b68cfbb391241f881be6ca975ad8e83882ca315125e93126166500ae6ef1620aea6ce62d1feb173b63f5f807930d526a5728934fac6d8442fd6e3aa4cb57fb7e9c8e23690461e3645705b4e38c9d54c4099804a42215e62988eebd8e77bab5261264b42dd948c2f1c6c7953f0c9fe677dab16e2ee8bfb7f158290101fdd3117df77ce1a124a569db404e85d56e513c4a1e39443440b3196136d0df0f5c303b1781e6bb8c0599ca7aa6e72914a2db946b67696853c3c0e8db279b3a4ccf89ff79959972acbf2b6ac324c36e2a809042bbb4beb017bbb084c943ae561127ab44554a796df1f4ff1ad1a2fcaa9307b45d56fe415915f83cbd170fe03c789518d5f6ab340b1c674f5f69e928f99b90ca4c56f2a07b0d2dd2d408f34b13e090aab1a1d4cbe6047e4e6b52ae73d2ca388ef88c0e0f584325984120e412c7e5d0b668aa2b294bcdfa7a1842a2cea3f9a57437909a764d5413538dae65657587d4a9fdccac8c20fc32748ffc1edbc1b573cd39a6a981ba66187945a9e8b018aacc229b963d879971f0e2b3f7a77108b70aaa5cc42889decf22d0a6af445c958ac7af3c9a590fa7e36dbab700a2b8f852e9c2144d37941a6e6626ddb20adf347ceb7cdbc21735c90547af9390b940adec446cecca63d2f5505b3b0ae68c09daae481a7d9ba46a9f33e39f4cd18f6236a223594bd6c83e6cc37450f590bacb846c8084ea8d19238e538ba32dfad2f398167a3144925684a0eabdc19d4752bf120eb0c63d628e1253fe3d8fb1b36f87bc21fae4cdea7f6e1b19b65903421bab55b149240911b437aea762cbc34ae9c3a7d8afda477097f52f56311cae334e23a1fef25f85ed1d962adf7832dca99530fdd05fbce28097dddd45e5649aa6611e892fa7d6d723128fafd95230b4a89fe0b8acb71f8df3bed0d645df7525b166e115d40f0528f8534bf3e3310534feb4f83f22281b7345335eb4caf954e340ef5f47700c9fe827b1ecc2f4b62818a4799f1e401cd2f3b5738564b2c5fea0ecbaba42abbf56eae447447419f5c5174a3412df49ff84649bd5e99fe0e6fd0183a26f7193d35f71ccbc84ca725c3fca9b77e3df274814ef51f682775114737e55960c4068a079aad92cc83060152884c20ac0e9929ff282f2203e290eafc259f461c698e3cd3f3a1763ed601018d12aa63fc63e5c65a77b07530e4ca6e320e2d22a263c3cf085d1f2a5a21296a69186985b48be31c93fb6788e98a358b24c3bcff4a8118d7a115db74c7de25c9450b7491934e8c2be9f62e5336bd3d572935098bb66c6896320c9b81c0a9dd0c0f8b8c77f09dbbb484696c36fa1a00736beb49a632a7f13cc26e820d1535ae73e8950021bb014ba3d464592a96b52da6dfbd20054924aea63b768313d0cf6559478f5475ec2724c551c1a136d261396ea9c745ba6ca9ca7f83b1fbeab7ccd0c9a9efda33b9bc15b55e7ada861d7f2309839f1d57bab60cba323d60787c088be00a804379544f984d58d440eac22188c9b200e11cce46f32ad1c8d275cc0710d"}, @NL80211_ATTR_SCAN_FREQUENCIES={0x336, 0x2c, 0x0, 0x1, [@nested={0x1a2, 0x12d, 0x0, 0x1, [@typed={0x4, 0x97}, @generic="49111ab4c5c23cb66e35182776468dcf5744d8d8586d566ff806a1448ae196e1e863ffab56b1ca0b7247fbdd25679699b59893d3f46ee632e6c7b1171ce11236a035de3a5c623e7563ab9160ad4b61cfed6f2b07eb2007ce1bce34b3599a80193a136849cb60fbdfd0aea680feaf99404cd92fb120a4e0bc91156a57225845a40a22a471e00c3f0209f0ab27011452d6caba2a5b29749781517e146e5f6109449b1f9a2954e6ecc5c36c81531c6046c6607edeed03820ccefa3e0f5f9423cca959b0de6b7499ec7d9d97d94a8cec724ebca194bef2d7ef", @generic="718b52203b0e51b36b4323ab2d6fb711b86210fba0580aae7f3658c82a3b1bade4d28720410c142ba9d9c951eb7ad3d0a22c17a233764bc866b1c0052bdd2f190e45f0a7a6a3f8dc06e2994200f5627bf8c283b3f046a341586171ee94974aac5f5eca8577ae6ae03ed29932cb4cda61ce05256988f65682080860989f2ffb349d3603c0e207607308864fa952d10dd247c34bfdf2326575e25df1dced75f02d65f2fde10c2d90032248e509679e5bf3fb9dc3f52db7385bbb5fd7a695a222", @nested={0x4, 0x23}]}, @generic="e841830fff6840034fbafd54d4fab8ebac8c53a776478550b080f99d173d49143fd0b8cbe7fd39a52bb132fdbf844f3406c81657834107c6b1e8f381642345d5f6d2dfb266b626abc60e110dbf5325abd7cf64dfdd073bf60852bbd219238023c85645aa7a50da46060024852a1c8f9eaad829eca060341e5000fbf5b98a006a7327ba67093442c306edd2c70974ad12f0a25482f4c09e42382aaff9d9aad0af60afb52e7b5ad8bcccc5af96cbf1ad9c0ff6f9e78741d1077137cecb9d4e0d64145c147d90903a", @nested={0xa0, 0x0, 0x0, 0x1, [@typed={0x19, 0x2c, 0x0, 0x0, @str='/proc/sys/fs/file-nr\x00'}, @typed={0x4, 0x14}, @typed={0xc, 0x2, 0x0, 0x0, @u64}, @typed={0x70, 0xb4, 0x0, 0x0, @binary="ca6cd34baffc9b9b1e8f18a2536c98855e4fb3ca66912c8a0340b6945e7f62a19e7ed3ce5f7f97f210108c085c499d913f3cc18e40e02dca2aaa590bc1f10d126718e575c3e9643240bbab524545ef63f8f98416912c2aebc426a468b9d5f5553edfe71ebe3227eb697624aa"}]}, @generic="77f464165eee1cd5b30ef2d3e57266bfdcff7adba31785f52e49117ef5782bbfcb53b250234ccb"]}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x9}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x240}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x40}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x293}, @NL80211_ATTR_TID_CONFIG={0x11d8, 0x11d, 0x0, 0x1, [{0x106c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x1c, 0xd, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x51}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x4}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x101c, 0xd, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x1000, 0x5, "3617f69ace468b80d8161c3de01df6bfe69910c27e1736c98a624cc5a4f8cb84296b0f6e479780c848ab061d2fc25a1c5ae83ec7c56417a97437d5dfe361e9a85f680fbd278d439a721797f8ac5d056d7331a8fcafa100434437f3b270c21e7fd1620cabf4193acf936d7b28fc5d8feaf2d266b0c9d63c576f3443c1dcc0ef8e4be85765b5cebea68f56f72a485d92bcb1e091c9c24b044057d0d11b23028e303290575e43d39f7d419c9ba4378fd4d9dcb12649ce75048b2ab91d11e46e566828aefb4f1bdc9a6918b15ef6e5f14e2ec155f065f78e0525e3ef16a2ae6b6825f38e46336bbb469dc06ad2730293bcd279526aaa00b167b48d3c3b30b426a62efab6c2d9d3f487c3ea93fe6fab2b8a0067c7a731e60893eb747e3067158e34c864c879ea58e4386fd8464aac83900456dfbde5d1346b6e977f13e753833dcc739c30150cb5dbf92e6b8b54ce2d979540bcf1d7e2402017af65deeae2a7a8f9a18b034a4b4f1b3a85a293eabd1802eea8831219a009737bdc6e11414a887bf482fb035f6f0c1373cd96acf6d201bceeb9b9f5416326a6dcd00ea83b6ced32c2c4fc6d8ce30f083b67395055e8ad4f2d79f45934c01819c8f4bb2084b96269b7bf4252d5d0d5f3e679499c60d7385c63ba7e869c1824ceeb8c3cfd24c5b6c1f0c809646d765a26d816a3d867426179be1a7516db11802d2ac915e47f99f196c5f3a7e8dad9ae6657f7b50f82ffaff262b4c915b44f7341177f97e10d7c951e85d6bd8afb2f483823798e6919ab2de6ffcd4df9f1fc0647acc9967a997db9a1dbda66b101ca733962dfe1032bfe03b850fcf4a4fc985caafbefdeccd16bfd1881cc57b28ba629cba0efc6821ccbff9e68df3a9cc6c96386e4c4e7ee598eb6e4861813928060388a3bc387742e700ce3984e6b39cb24d323bce8056b8bda33ea644d22c9b369f069404ee8a5a1e8caf3a036f6a5693b850f4c7f9e2c02c6abcbcfffdc010429d952e85b6237498116f254aa92a9029fa7114a55ad8d5d3c9828ebaea3d6ec51e7e2757be234276c23487da2a99b2e30c15f662fe775f38b45f0a9f1abcd741ee41faa6c65b088b728c570a2a5ce32a84eb2f182b0d220676e055b8a63c564cf2c0dab3030f6d7f26de44d462caef0f3be4d5e0669a50cc817960cf25c932c5cb74de56c3469ed9c117573542dd15c017cdbedef1b1c34df24a9e64bb2b77ecf8ce36de582dc3b7c978719e993fee471aebcb7156df6e9325a3366cca8b4871fae9bf5bd0b329add1fbb3b66d6f963b5cca721bbd76fc8b2aed856357f80458000cd512773593ab871c92a203efaacf3890819a52dd3874991c3942c3941f0b856bf95ee1289ea1bc899735211f5a20e9d552e576da382d2fc0b744fadf1190eb21adee101a45f5ff887e2a4a4e43913f7c3b383231ea1159fe50d7a0f357f3d38fdc69f803c5ea0db726a9e4ae08d8c37ad14668de96aeb20df84b3f47a9e079c352b3b1e11aa59c4d1c0da11ffde899e179ae82e55bc8db45ead57aa99244b19966302dfd1e76e41d6b0810837a5ad89e217fb51b402df33d6691b3d07ab0a67d3d2a2fe9e1ce3d2875eb0616707f211a46305c69058d19b1c5ed6748f2e2caad135457f87a217185901b4c599b08e665a648b37a4af547efa96a117d7c4d6ee2e8603bf036dcb6affd54bd97b18a12afbbd30f445c537d1f39582d3caa0d5be2af7e027499e87e7f9a3cfc8000b533e3b847ddd6c18a0004fb287e59255da98d919b6cb9c148eb5955adf887815ed326f02e34d8d7e93495dd4056e574d2a7d38119b28c4076b083f1b04207871044d857c64cb8303096baa7146a04f0967df2009769dd66a81de7489165cf71a4519e78bd9c97c4e4281af8063b0fe51c56b13927d1c56c2dfd6320056f2d9c9e6aa7fc64a77d25c2d5eebc85c4f7d558acd344e7cacda6b2aa4a3790ee970b0f9bd595583751e068ae82e11c175c63633ffbcd594fb9e83c6b6e8638b846482ec7908d89fea8b4fbaae244c5d48f2f668db4cc699f52541c1c9f24fc37374d840b1dc1ea21ff3e29175504a8803584aa58598e13f0d30c25cbfeadc2880b73c4e91754065d7117cf8bb4ec64c834f1fb9ef34f88faf7749375c3bb5888048482281ba95f025944ec2670bcbd960cdf915ba8397763d8745f05c747d13ff1a4ad73297de3e6eb00d992f9d6b54451131c8c4e2738fedb69ecba3defd833b425da6bd0d7777191fa8678c52c436087606cc60f7c88d7d28db47c963532447e91149881e96b69bbd6b61c4e4ac108c721602e3701f4687d572379fc88a133cdd0a8d38e19adb6616c58c0a29566e8988784c2fe99574941f77ca5ca90823c1534fd54b9aa403e9b82c3724633f0e24a9b09b82dd0ab770d2fa91915fa65595ed9f804af247184df7047497320d8cca1e7f4014847e1c403cd6b518d300acef0a4a5b4ae89ea7d065015e791ec151b7aee4e620c7bbbfec7a299452bd028ce634dd861353c030345fccc831f2dccc60441f365108bd54f4925fb9c13c57a454796f241178b48bbc02bf17e3f1f651dd9fef0902297706880d38f593d36d335551657003486050fb05579e1a5565e215911df580d6c343132dae5efde7324caf1e63383c63db151afcbc25a49e69c17b95138f819ababe7ba32974a0dfe8cc88fe76648760d5ebc98adfdee2110f2b624545e9ae415838b2d197a3019340b365a3ce9133bac35ef0e262f979dc0cb9211319bbe8de17c059ab97026925ba32e7ee8f5b1b4928828accff587d5abbf6d2ea776cb4996ff3f2b822a9171141f7fd7a183c9a6a07f43b46c6bfe42a957672253e4a171f7c9a46532bb746dca946b53a9b5deff866a54a3c35d7b99e1b4a7edc9cb9d2daedb556752095ba80b550403985d1136faadd47d724d50a0cc45afd9f1ef5bdf2b8c1bc7f5e7f01c01a770919ed807e428f4f170406f343591ff083740a54a4fcd70fc8453db3d9cfdee62b5db39fb015c7e8d862f0156ac8c0921aa8331ebcd3da199d60ec189922b168dcc66d45265fd8296f893c58120b342edebac63b47fbefc2a1685682bce0944a6dc0ec02f626b972585b3924f6c5ca482a6b702f89fc474186cc2a2c5dcd0054a2335ca1da7e94b37dc50d5be6163646a4fef073cb3b8faf58fc049f21086df7d3dc78af4e4f74d60ab7452dd26e7fca8075c747252fde9c13b2112268ed4e57cac2fa8ae4bc226652728a501b86eacdef66d51e3bfab0d67845cec63660f4b0371e5de7ac1af23aad5be9b8c8c80d806ebf7a9a55918bea191e8c3da90bb8b36447fb69dd5b9a8827beddd79dc311d226ed000d4839017cc9419958b045e5052561fa1ea8642c0c6f940d6fa5b69c3e2a4b9405a76d69bb7a371bb252c16d150b89cc4596705f971b5c77cf0a90748f07cccf6f6f9d656136a77ecf2c7f3f897f432bc983a74cebc8f80770d722c3aadc8bb66cd9ba6acca006b9360c28117a668da4ac926511623d43f1cecac68f7ceab6c2dd3b943d1056a639ae3bcfe3bf451b6278d3a126593a37dae6b03033d03c18c527f1a68827a7a25b46c11322e46d4e06fb01e88dcf7f76ac8aff75a6706ae37de368fb7c7c12e975f476d5b9d1bc7fc1f167637d3aa3779e4b20f156c69baf8b11801c0ee4f3d00401c909bf0afa87fc14045d86c631e0de71673e812bd9a39213885af5e0db527623b44609c70cc14bef06aedf4cb8fe1953f7cb9064e2c11acdf8951a8381902ac7f05b07dc77b01da774514ab1929f0d26bf171b6ab52a7e89374f321b167adc799025087da9f54d4eb1feed7d663d9ac2294c70c3fe8a97cfc65bb7153006abe03fb509ef08902a6682a1a3422f901c24ffcdbb2b229aac607f6d7eaec3295b8bf07c2e6b4257fce83d14bdac9993ff4cba6ffdc1790b56a974c364c8c290b997c6457ba190291bbc4daa18e082e1c7520b8b5c4c50dd7d90f7492a149ba9a20957ffc949a4c6855761fdaff9411f455b0bac1c5dcfadf28d2cf712d537a716bf538ee92aa3135fda61f5f2189c38fdd76f49d43f80c2ce2244e3f999794203475eb6964cedd42d76cfabc1485366a391aa9e14f82de2df86eab684579186c54fb4eb7cc7833fa9c7e7ebd0c7de6b48f38ffddb769cf14a7239003c64d01fdcb63177ca80b2b0945ce5d1d759d9f352793da1f72f6aaa029588b37bb6bfff964b070e519524f8a83f34f36726aa3e755197dbf4333a9d95d1d4ec5d1e7a4b426fe56ce2c6b4efdf43d1de04990b3af9661c650c363711c66b86a275f45317632ccbf9f97d04a4d5d950c0ae2dc1c90191ba8af0572c4696f477b777b8e73c17d37a1c05c2daf48910f508ac67588d776dcfe67bb4ff66a4c0ec9f0d06a07bcd802bee6b61783125c62e53514d0d118ec7f0875e2543693b5081e91d9abbf87fbeea922d418e87bdd00bd2b3781025cd02bc0426002f6bb796724b28d331c85a1966636fd078efd447e967f128cf2fd2e6410ab217770f5129e4f5d0c398e26c12fd4f08d5fd98064fcfbfc66e44af9144f5b2a3a42444c31db7dab2b3ac4f1706bf466804f0b59a084367ff33b5d8538d17987334573fc5a1d44e76e9b7d50665ac9eb86be4574409231f9defbd8771018601d797f13378179203fa1a14e7b4898b25e2b62b8460786a7320dc31eed98c783cbcf7079c749b3507d6df336da94046c379f8e756ad18961afaa649046016a03648285d8655097d73b76f91b41968eafd52be0bfb4fe1d5a94ca699a0c787f028b0e46ccfdb9989931c13ddc7a9550d6c28ee4f5e2688fb9aca9f7b824a8a4a46de7e1f0b17b41935e74e21b32f2501864dcac6b4c21993214569f3772466c683c13f7d6a7d013efc3d28cfe5ef26742a34552bd6e9b31fd60e6dfc95badc5bd18f8898cbbb4a32c95940b147f6effa8bff917951bb92c8782305194fe0c1a4d43f96e6d03c84bfc8bf91ba7b2807799360f6740006ad8ca4165454ffc896628714555d2fca7e0960836e0f993da27951828948858f5de86a5cd30d6660f12b83544d602d19e82be52adfdbc73ae19bcad2e0f0afdba88f9d2e801ea8be411c3af7b3957c288104f33874f18c73468382fdfd173dc926e8810dc2aa8a1a35cdf73489d0d267d6844b9e9fbefdcc9381eaa6b58942a92b5a38c0dddcdf5863dffdc35435e5539d407253b2dc9355c5a74f09b873a91c0cbdc59c3fdc9920fe0c7d3a4d316a75aeb9a128e6e4c1f84f5531e43a71a331ab548f494a3a5dade0add25078bf66276a9d3c71c9667b54a46e89131d0f559bc61de5416a667f49b3f4218b2efc31e72ddef04b54cd7469472514a5b785bb1825ecb0f08ec18c6169122cabd706c52aeaa25d68ae37c012c5e56b5d11ee647e9a3ed0cfc71da1dd33551df5a6cd0ba246389a1d0823246c203893874502fa365d502b19e0b72e5552790ffe2920b650aff70586e555240d6be0d5a6db0bda864ca0a2e2f5fb638ef9475a1aee318f545c29e29c21aa5e14a65ab0ad5f0e304ad14aa427cf8e988a44cf3ee2ad51fdddde333017f34a861f9f2758f5ababe2fee9b73a199cb63daaf5fbef77673fc9b2998074352df3f5010bfc5e3c4648814c4b580548c286ac48e878051651094c3dba3e71a22712e4b3ba4dd5c1a0d6e5ef220567dcec4bb1069eeb4c0832292609b5fb0434621d95a44b3941ec52e3be4b7b4f235a3eccf2da2fcae653232202bc562129d9bf74b1b3d5944782d6aeef7949c1b0ca6443f19d6e"}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x81}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x3}]}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x2ce3}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xc}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8001}]}, {0x144, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x40, 0xd, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0xf}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x30, 0x3, "a66c7c61b1359b09c73cda1e0c8b28d46402dcf0ae0b2829832d78f9ed8fa409ef9a1b8e37dfb80e2bcf0230"}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xf0, 0xd, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x23, 0x1, "7797f3ff4e7f066a4892b8102af68529822f945819b980a076adeef5057cdb"}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x10}, @NL80211_TXRATE_LEGACY={0x21, 0x1, "6d041c770a3fffc4412f60af20c4c653ae11e66b74131d229160a8e5bf"}, @NL80211_TXRATE_VHT={0x8a, 0x3, "327a31e098960bf8a991024b796fcc97a50278ff59c684f94a83aaa0dfb67d5c0ab06dabc14c0c259a2eb0292d646aa6169e7e60bd4948fb91b10b385412053bbcbb929bf8e3a0db50071968897098617beb2e936c6c5b25406fb26f170725d7e48ed9cef42c89d3b0f3ff07c28569a2d0553c32ec1bf3350dcb3f88aedc9d720247065aa874"}, @NL80211_TXRATE_HT={0x7, 0x2, "2004a5"}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x80}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x1000}]}]}, @NL80211_ATTR_FILS_CACHE_ID={0x38, 0xfd, "9e4a980f08b5cc0c9d7191abc80af2990526096feaadbcd6d984133a6aadf4d0f62a96729d665c44458ddfb43bb0c53706fe4991"}]}, 0x1d64}, 0x1, 0x0, 0x0, 0x8c0}, 0x880) setsockopt$auto(0x5, 0x104000000000010e, 0x2, 0x0, 0x16) 1.86117282s ago: executing program 1 (id=5111): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x103, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) r1 = socketpair$auto(0xb, 0x2, 0xfffffff9, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000001840), r2) sendmsg$auto_NL802154_CMD_GET_SEC_DEVKEY(r2, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000f97298a5241095d1fce08ebc00a5f6af6899878e49a7c085cfb0d38f32ed44a0894ccec7ff840b032295c53a3ccea333c0f079fa828152907d96b7647bcd2a31f07398a279753d8e2226567d948822e990e7fc9ca4fa72a4f3905286f1e22e177798301a9254f22734267bc9a37c7dc13865fca1352abbf8768dc1cc7423d208d9c10b4f4ec132a92dfb778f91003cfe9daaa93fe10d53c240abd50096dbda872284edb3dac7d97689e85eeb3d693d203ccb92de3e", @ANYRES16=r3, @ANYBLOB="090f2abd7000fddbdf251c000000"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$auto_NL802154_CMD_ASSOCIATE(r1, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000040)={0x0, 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x24040000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000062c0), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r4, &(0x7f00000000c0)={0xfffffffffffffffd, 0x0, &(0x7f0000006340)={&(0x7f0000000100)={0x20, r5, 0x38f, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4044040}, 0x4000) r7 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20942, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r7, 0x40045010, &(0x7f0000000040)) gettid() write$auto_snd_pcm_oss_f_reg_pcm_oss(r7, 0x0, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r7, 0x5001, 0xfffffffffffffffc) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x80, 0x0) 1.721756227s ago: executing program 0 (id=5112): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/fail-nth\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x300, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/040/001\x00', 0x10b880, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/ubifs/uevent\x00', 0x1, 0x0) openat$auto_dfs_dom_ops_debugfs(0xffffffffffffff9c, &(0x7f0000001400), 0x60600, 0x0) prctl$auto(0x23, 0xd, 0x8, 0x0, 0x0) 1.512820498s ago: executing program 0 (id=5113): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x60102, 0x0) io_uring_setup$auto(0x6, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x6) close_range$auto(0x2, 0x8000, 0x0) open(0x0, 0xa22c0, 0x155) open(0x0, 0xa240, 0x1de) 1.497735325s ago: executing program 2 (id=5114): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x8a403, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r0, 0x7a7, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000180)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xd8\xb7\x93\x12\xcb;\x85~ qT\xdc\x11\x892\x91\xdd\x1cTI\xe9\"}Hh\xdc{\x15\xcd\xdaE\xf8\xe2y\xf6\xae\vB\f\x86<\x93y\xbd#\x1ej\x86\xc3\xbb\xee1O\xb9\x9dD~\xb9b)\xe6)i\xe1\x9d\t7K\x82\xfc\xdf|\xcf\x91\x96tC\xc7\xe4Y\x06,\xe1\xe5r\'\xf3_\xcf\x17\x97q\xe8\x88\x88\xa5\xd3\x87\x88\xe0#\x89n\xe81\xb6f\x98\xe3\xdc\xf4\xdb+r\x95\xc7Z3\xcff\x8c \xc5\x1eR%\x9dr$t\xd5\x8a?M\x16yM\x02\xa0H\x82\x12\xcb\xe7\x94fV\xcb\xa8\xb6\xdc8a\xf7\x96\xaa\xf1\xb0\x93\xa1\xe2\xe4\x92x\xa1\xcc\x9cn_\xfdW\xbe=\xb8\x99d\x89l\x10\x1c\x81\xbf\x97[\xb8\x1c\x1dv1F\xe2\xf6\xa7\x9aC=\xc8\x9d\x9d\x92r\xe9$\xf9\xcf\x81\x1f\b\x1eI\xd8\xab\xb3M\xdf\aJ`F\b\x91\xfa:\x16F\x81\x8a\x94\xb1\x98\xf0\'\xd0Un \"\x9b\xf2\x90d\x86\x00\x02C\xbcb6\x96odBf\t\x0f-\xcb\xd4\xb2\xf7\xd7\x0f\xd5\xe9', 0x82) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) 1.281286207s ago: executing program 0 (id=5115): write$auto_seq_oss_f_ops_seq_oss(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/query\x00', 0xc0802, 0x0) 659.509815ms ago: executing program 0 (id=5116): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r1, 0xffffffffffdffe00, &(0x7f0000000140)=';') ioctl$auto(0x3, 0x40086200, 0x38) 655.478108ms ago: executing program 3 (id=5117): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) ioctl$auto(0x3, 0x6f50, 0xffffffffffffffff) 492.267906ms ago: executing program 0 (id=5118): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x103440, 0xa0) socketpair$auto(0x8, 0x7, 0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x80047437, 0x0) 401.742418ms ago: executing program 3 (id=5119): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r2 = socket(0x18, 0x3, 0x2) accept$auto(r2, 0x0, 0x0) write$auto_tty_fops_tty_io(r1, &(0x7f00000001c0)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fd9b5d", 0x25) sched_get_priority_min$auto(0x40) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0xb49dc2, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000002140)='/proc/sys/fs/file-nr\x00', 0x0, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r3, &(0x7f0000002180)=""/211, 0xd3) socket(0x6, 0x2, 0x80000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x10084) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) bpf$auto(0x0, &(0x7f0000000340)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0xfa, 0x80}, 0x96) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x0, 0x0) open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0xc) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000002280)={0x1d64, r5, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IE_RIC={0x7e4, 0xb2, "ca895e8b907db2bf1ebd2e830cab4eb970fa3ab01cdc0e49c2ecabe163916b75ab6c090a40fb17c6053976bd3fa14ac8e2b9d1acb86949b7b08629d9c71663644d03db9c036745cdca7bd8063616c240041dd1fa67fe2668720f8755afa127d364416171d07db0935e931fc26898cafdb0f71be23a8a08bb754700e9d9415fc08c43b91bd299c3e7a458ea90fee83a32df69410d01a07089da12ecbee585bd9d27f7c5750d36ade3b4338f85b3cd0dd27eccda2893b25e0d3bbbca01712c6374380ad5db6efa5ebab85d947b026672ccb2c72bb52a0cf13b62e15556605158a223c98950049e49ffe066689b23b072bd3ec14ef709eca320da28fa7804c19a3ec7941fe99e2e7e2940e0035cd35e26fd0617dead8b55a8748571b6615b12ff257962c1acb1b3bf35e43fdb406dac960934e82a78656f4d20022739b868d6f7dfd9d2f27439ef1ac889e905f71a22514ace9df1a3d59d4f0b5b9cf97db56b7b63bdc9392c9b650e011d41f7c6555c78cda1c36ac2480a2e858beca0f3d112dc77d8a27362b755bf4cc7449862841e39f4b2b576adaf84087c0c4f47dac02e529419a595e8d081df0505c04c0e9eda83c1608822c305858023e8eb201ae094b1f665c9c6bb5f60d2bdf157111db031e05b7f5f304c7d9a8319f0d4e529e5e15548981243471faf7140eb1b19a7ee3139a52d76c57230355e7e6817affddc6adc12d3534bc96ad7db8454977b2c8541a878f7082d536764cfee7db69d2a0027408e57a5cc69f7ed25e09625d5de6a832830ec59ed9e71e4d7739900070ced1a2c1d526144fa46b50eec1abd6e549ce1eaee117940afe96a2f2d16f84fd9b89c481bd32d298120875c6dc98a1f06290325ec5df8795508a9afd1edc9235b57c0d1233aaaceaabe60d034bf01a9e0951cdabe31aa4f2ccb010d70d2f01d6078e78387f78e517915f452d2f8e4557ef1836f56b2ea9ffde7f6ea51158c15fbb0c5ade803c2faf340b518dfb608ad89b2ab9162ee80ac0145681b4704f140ea5e0ff16d9f387a03e640822772da65e3121f1334b2da2044e78f394c53d7d9ff2dacce609df3ecd3a8dd1912b2f79c63cbea3c5bdeae7cdf7bc8e417401e99ec59e8b5e182cce49b4dc51e874b12329f9173f3f355835bf675e82887c1ec7c362fc3254cfa76aaf13dbbe4b8da019c2bbd5fd86bdfa0594de7e9d5e91515367315371fb2833062dfde6793700e19542338de994f32b1dab4d7c9fce1de7feb7a1928289e4e1ea52a08c8df9411c9099008edc9050b6422341a0c80d25bf8ba11b68cfbb391241f881be6ca975ad8e83882ca315125e93126166500ae6ef1620aea6ce62d1feb173b63f5f807930d526a5728934fac6d8442fd6e3aa4cb57fb7e9c8e23690461e3645705b4e38c9d54c4099804a42215e62988eebd8e77bab5261264b42dd948c2f1c6c7953f0c9fe677dab16e2ee8bfb7f158290101fdd3117df77ce1a124a569db404e85d56e513c4a1e39443440b3196136d0df0f5c303b1781e6bb8c0599ca7aa6e72914a2db946b67696853c3c0e8db279b3a4ccf89ff79959972acbf2b6ac324c36e2a809042bbb4beb017bbb084c943ae561127ab44554a796df1f4ff1ad1a2fcaa9307b45d56fe415915f83cbd170fe03c789518d5f6ab340b1c674f5f69e928f99b90ca4c56f2a07b0d2dd2d408f34b13e090aab1a1d4cbe6047e4e6b52ae73d2ca388ef88c0e0f584325984120e412c7e5d0b668aa2b294bcdfa7a1842a2cea3f9a57437909a764d5413538dae65657587d4a9fdccac8c20fc32748ffc1edbc1b573cd39a6a981ba66187945a9e8b018aacc229b963d879971f0e2b3f7a77108b70aaa5cc42889decf22d0a6af445c958ac7af3c9a590fa7e36dbab700a2b8f852e9c2144d37941a6e6626ddb20adf347ceb7cdbc21735c90547af9390b940adec446cecca63d2f5505b3b0ae68c09daae481a7d9ba46a9f33e39f4cd18f6236a223594bd6c83e6cc37450f590bacb846c8084ea8d19238e538ba32dfad2f398167a3144925684a0eabdc19d4752bf120eb0c63d628e1253fe3d8fb1b36f87bc21fae4cdea7f6e1b19b65903421bab55b149240911b437aea762cbc34ae9c3a7d8afda477097f52f56311cae334e23a1fef25f85ed1d962adf7832dca99530fdd05fbce28097dddd45e5649aa6611e892fa7d6d723128fafd95230b4a89fe0b8acb71f8df3bed0d645df7525b166e115d40f0528f8534bf3e3310534feb4f83f22281b7345335eb4caf954e340ef5f47700c9fe827b1ecc2f4b62818a4799f1e401cd2f3b5738564b2c5fea0ecbaba42abbf56eae447447419f5c5174a3412df49ff84649bd5e99fe0e6fd0183a26f7193d35f71ccbc84ca725c3fca9b77e3df274814ef51f682775114737e55960c4068a079aad92cc83060152884c20ac0e9929ff282f2203e290eafc259f461c698e3cd3f3a1763ed601018d12aa63fc63e5c65a77b07530e4ca6e320e2d22a263c3cf085d1f2a5a21296a69186985b48be31c93fb6788e98a358b24c3bcff4a8118d7a115db74c7de25c9450b7491934e8c2be9f62e5336bd3d572935098bb66c6896320c9b81c0a9dd0c0f8b8c77f09dbbb484696c36fa1a00736beb49a632a7f13cc26e820d1535ae73e8950021bb014ba3d464592a96b52da6dfbd20054924aea63b768313d0cf6559478f5475ec2724c551c1a136d261396ea9c745ba6ca9ca7f83b1fbeab7ccd0c9a9efda33b9bc15b55e7ada861d7f2309839f1d57bab60cba323d60787c088be00a804379544f984d58d440eac22188c9b200e11cce46f32ad1c8d275cc0710d"}, @NL80211_ATTR_SCAN_FREQUENCIES={0x336, 0x2c, 0x0, 0x1, [@nested={0x1a2, 0x12d, 0x0, 0x1, [@typed={0x4, 0x97}, @generic="49111ab4c5c23cb66e35182776468dcf5744d8d8586d566ff806a1448ae196e1e863ffab56b1ca0b7247fbdd25679699b59893d3f46ee632e6c7b1171ce11236a035de3a5c623e7563ab9160ad4b61cfed6f2b07eb2007ce1bce34b3599a80193a136849cb60fbdfd0aea680feaf99404cd92fb120a4e0bc91156a57225845a40a22a471e00c3f0209f0ab27011452d6caba2a5b29749781517e146e5f6109449b1f9a2954e6ecc5c36c81531c6046c6607edeed03820ccefa3e0f5f9423cca959b0de6b7499ec7d9d97d94a8cec724ebca194bef2d7ef", @generic="718b52203b0e51b36b4323ab2d6fb711b86210fba0580aae7f3658c82a3b1bade4d28720410c142ba9d9c951eb7ad3d0a22c17a233764bc866b1c0052bdd2f190e45f0a7a6a3f8dc06e2994200f5627bf8c283b3f046a341586171ee94974aac5f5eca8577ae6ae03ed29932cb4cda61ce05256988f65682080860989f2ffb349d3603c0e207607308864fa952d10dd247c34bfdf2326575e25df1dced75f02d65f2fde10c2d90032248e509679e5bf3fb9dc3f52db7385bbb5fd7a695a222", @nested={0x4, 0x23}]}, @generic="e841830fff6840034fbafd54d4fab8ebac8c53a776478550b080f99d173d49143fd0b8cbe7fd39a52bb132fdbf844f3406c81657834107c6b1e8f381642345d5f6d2dfb266b626abc60e110dbf5325abd7cf64dfdd073bf60852bbd219238023c85645aa7a50da46060024852a1c8f9eaad829eca060341e5000fbf5b98a006a7327ba67093442c306edd2c70974ad12f0a25482f4c09e42382aaff9d9aad0af60afb52e7b5ad8bcccc5af96cbf1ad9c0ff6f9e78741d1077137cecb9d4e0d64145c147d90903a", @nested={0xa0, 0x0, 0x0, 0x1, [@typed={0x19, 0x2c, 0x0, 0x0, @str='/proc/sys/fs/file-nr\x00'}, @typed={0x4, 0x14}, @typed={0xc, 0x2, 0x0, 0x0, @u64}, @typed={0x70, 0xb4, 0x0, 0x0, @binary="ca6cd34baffc9b9b1e8f18a2536c98855e4fb3ca66912c8a0340b6945e7f62a19e7ed3ce5f7f97f210108c085c499d913f3cc18e40e02dca2aaa590bc1f10d126718e575c3e9643240bbab524545ef63f8f98416912c2aebc426a468b9d5f5553edfe71ebe3227eb697624aa"}]}, @generic="77f464165eee1cd5b30ef2d3e57266bfdcff7adba31785f52e49117ef5782bbfcb53b250234ccb"]}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x9}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x240}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x40}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x293}, @NL80211_ATTR_TID_CONFIG={0x11d8, 0x11d, 0x0, 0x1, [{0x106c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x1c, 0xd, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x51}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x4}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x101c, 0xd, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x1000, 0x5, "3617f69ace468b80d8161c3de01df6bfe69910c27e1736c98a624cc5a4f8cb84296b0f6e479780c848ab061d2fc25a1c5ae83ec7c56417a97437d5dfe361e9a85f680fbd278d439a721797f8ac5d056d7331a8fcafa100434437f3b270c21e7fd1620cabf4193acf936d7b28fc5d8feaf2d266b0c9d63c576f3443c1dcc0ef8e4be85765b5cebea68f56f72a485d92bcb1e091c9c24b044057d0d11b23028e303290575e43d39f7d419c9ba4378fd4d9dcb12649ce75048b2ab91d11e46e566828aefb4f1bdc9a6918b15ef6e5f14e2ec155f065f78e0525e3ef16a2ae6b6825f38e46336bbb469dc06ad2730293bcd279526aaa00b167b48d3c3b30b426a62efab6c2d9d3f487c3ea93fe6fab2b8a0067c7a731e60893eb747e3067158e34c864c879ea58e4386fd8464aac83900456dfbde5d1346b6e977f13e753833dcc739c30150cb5dbf92e6b8b54ce2d979540bcf1d7e2402017af65deeae2a7a8f9a18b034a4b4f1b3a85a293eabd1802eea8831219a009737bdc6e11414a887bf482fb035f6f0c1373cd96acf6d201bceeb9b9f5416326a6dcd00ea83b6ced32c2c4fc6d8ce30f083b67395055e8ad4f2d79f45934c01819c8f4bb2084b96269b7bf4252d5d0d5f3e679499c60d7385c63ba7e869c1824ceeb8c3cfd24c5b6c1f0c809646d765a26d816a3d867426179be1a7516db11802d2ac915e47f99f196c5f3a7e8dad9ae6657f7b50f82ffaff262b4c915b44f7341177f97e10d7c951e85d6bd8afb2f483823798e6919ab2de6ffcd4df9f1fc0647acc9967a997db9a1dbda66b101ca733962dfe1032bfe03b850fcf4a4fc985caafbefdeccd16bfd1881cc57b28ba629cba0efc6821ccbff9e68df3a9cc6c96386e4c4e7ee598eb6e4861813928060388a3bc387742e700ce3984e6b39cb24d323bce8056b8bda33ea644d22c9b369f069404ee8a5a1e8caf3a036f6a5693b850f4c7f9e2c02c6abcbcfffdc010429d952e85b6237498116f254aa92a9029fa7114a55ad8d5d3c9828ebaea3d6ec51e7e2757be234276c23487da2a99b2e30c15f662fe775f38b45f0a9f1abcd741ee41faa6c65b088b728c570a2a5ce32a84eb2f182b0d220676e055b8a63c564cf2c0dab3030f6d7f26de44d462caef0f3be4d5e0669a50cc817960cf25c932c5cb74de56c3469ed9c117573542dd15c017cdbedef1b1c34df24a9e64bb2b77ecf8ce36de582dc3b7c978719e993fee471aebcb7156df6e9325a3366cca8b4871fae9bf5bd0b329add1fbb3b66d6f963b5cca721bbd76fc8b2aed856357f80458000cd512773593ab871c92a203efaacf3890819a52dd3874991c3942c3941f0b856bf95ee1289ea1bc899735211f5a20e9d552e576da382d2fc0b744fadf1190eb21adee101a45f5ff887e2a4a4e43913f7c3b383231ea1159fe50d7a0f357f3d38fdc69f803c5ea0db726a9e4ae08d8c37ad14668de96aeb20df84b3f47a9e079c352b3b1e11aa59c4d1c0da11ffde899e179ae82e55bc8db45ead57aa99244b19966302dfd1e76e41d6b0810837a5ad89e217fb51b402df33d6691b3d07ab0a67d3d2a2fe9e1ce3d2875eb0616707f211a46305c69058d19b1c5ed6748f2e2caad135457f87a217185901b4c599b08e665a648b37a4af547efa96a117d7c4d6ee2e8603bf036dcb6affd54bd97b18a12afbbd30f445c537d1f39582d3caa0d5be2af7e027499e87e7f9a3cfc8000b533e3b847ddd6c18a0004fb287e59255da98d919b6cb9c148eb5955adf887815ed326f02e34d8d7e93495dd4056e574d2a7d38119b28c4076b083f1b04207871044d857c64cb8303096baa7146a04f0967df2009769dd66a81de7489165cf71a4519e78bd9c97c4e4281af8063b0fe51c56b13927d1c56c2dfd6320056f2d9c9e6aa7fc64a77d25c2d5eebc85c4f7d558acd344e7cacda6b2aa4a3790ee970b0f9bd595583751e068ae82e11c175c63633ffbcd594fb9e83c6b6e8638b846482ec7908d89fea8b4fbaae244c5d48f2f668db4cc699f52541c1c9f24fc37374d840b1dc1ea21ff3e29175504a8803584aa58598e13f0d30c25cbfeadc2880b73c4e91754065d7117cf8bb4ec64c834f1fb9ef34f88faf7749375c3bb5888048482281ba95f025944ec2670bcbd960cdf915ba8397763d8745f05c747d13ff1a4ad73297de3e6eb00d992f9d6b54451131c8c4e2738fedb69ecba3defd833b425da6bd0d7777191fa8678c52c436087606cc60f7c88d7d28db47c963532447e91149881e96b69bbd6b61c4e4ac108c721602e3701f4687d572379fc88a133cdd0a8d38e19adb6616c58c0a29566e8988784c2fe99574941f77ca5ca90823c1534fd54b9aa403e9b82c3724633f0e24a9b09b82dd0ab770d2fa91915fa65595ed9f804af247184df7047497320d8cca1e7f4014847e1c403cd6b518d300acef0a4a5b4ae89ea7d065015e791ec151b7aee4e620c7bbbfec7a299452bd028ce634dd861353c030345fccc831f2dccc60441f365108bd54f4925fb9c13c57a454796f241178b48bbc02bf17e3f1f651dd9fef0902297706880d38f593d36d335551657003486050fb05579e1a5565e215911df580d6c343132dae5efde7324caf1e63383c63db151afcbc25a49e69c17b95138f819ababe7ba32974a0dfe8cc88fe76648760d5ebc98adfdee2110f2b624545e9ae415838b2d197a3019340b365a3ce9133bac35ef0e262f979dc0cb9211319bbe8de17c059ab97026925ba32e7ee8f5b1b4928828accff587d5abbf6d2ea776cb4996ff3f2b822a9171141f7fd7a183c9a6a07f43b46c6bfe42a957672253e4a171f7c9a46532bb746dca946b53a9b5deff866a54a3c35d7b99e1b4a7edc9cb9d2daedb556752095ba80b550403985d1136faadd47d724d50a0cc45afd9f1ef5bdf2b8c1bc7f5e7f01c01a770919ed807e428f4f170406f343591ff083740a54a4fcd70fc8453db3d9cfdee62b5db39fb015c7e8d862f0156ac8c0921aa8331ebcd3da199d60ec189922b168dcc66d45265fd8296f893c58120b342edebac63b47fbefc2a1685682bce0944a6dc0ec02f626b972585b3924f6c5ca482a6b702f89fc474186cc2a2c5dcd0054a2335ca1da7e94b37dc50d5be6163646a4fef073cb3b8faf58fc049f21086df7d3dc78af4e4f74d60ab7452dd26e7fca8075c747252fde9c13b2112268ed4e57cac2fa8ae4bc226652728a501b86eacdef66d51e3bfab0d67845cec63660f4b0371e5de7ac1af23aad5be9b8c8c80d806ebf7a9a55918bea191e8c3da90bb8b36447fb69dd5b9a8827beddd79dc311d226ed000d4839017cc9419958b045e5052561fa1ea8642c0c6f940d6fa5b69c3e2a4b9405a76d69bb7a371bb252c16d150b89cc4596705f971b5c77cf0a90748f07cccf6f6f9d656136a77ecf2c7f3f897f432bc983a74cebc8f80770d722c3aadc8bb66cd9ba6acca006b9360c28117a668da4ac926511623d43f1cecac68f7ceab6c2dd3b943d1056a639ae3bcfe3bf451b6278d3a126593a37dae6b03033d03c18c527f1a68827a7a25b46c11322e46d4e06fb01e88dcf7f76ac8aff75a6706ae37de368fb7c7c12e975f476d5b9d1bc7fc1f167637d3aa3779e4b20f156c69baf8b11801c0ee4f3d00401c909bf0afa87fc14045d86c631e0de71673e812bd9a39213885af5e0db527623b44609c70cc14bef06aedf4cb8fe1953f7cb9064e2c11acdf8951a8381902ac7f05b07dc77b01da774514ab1929f0d26bf171b6ab52a7e89374f321b167adc799025087da9f54d4eb1feed7d663d9ac2294c70c3fe8a97cfc65bb7153006abe03fb509ef08902a6682a1a3422f901c24ffcdbb2b229aac607f6d7eaec3295b8bf07c2e6b4257fce83d14bdac9993ff4cba6ffdc1790b56a974c364c8c290b997c6457ba190291bbc4daa18e082e1c7520b8b5c4c50dd7d90f7492a149ba9a20957ffc949a4c6855761fdaff9411f455b0bac1c5dcfadf28d2cf712d537a716bf538ee92aa3135fda61f5f2189c38fdd76f49d43f80c2ce2244e3f999794203475eb6964cedd42d76cfabc1485366a391aa9e14f82de2df86eab684579186c54fb4eb7cc7833fa9c7e7ebd0c7de6b48f38ffddb769cf14a7239003c64d01fdcb63177ca80b2b0945ce5d1d759d9f352793da1f72f6aaa029588b37bb6bfff964b070e519524f8a83f34f36726aa3e755197dbf4333a9d95d1d4ec5d1e7a4b426fe56ce2c6b4efdf43d1de04990b3af9661c650c363711c66b86a275f45317632ccbf9f97d04a4d5d950c0ae2dc1c90191ba8af0572c4696f477b777b8e73c17d37a1c05c2daf48910f508ac67588d776dcfe67bb4ff66a4c0ec9f0d06a07bcd802bee6b61783125c62e53514d0d118ec7f0875e2543693b5081e91d9abbf87fbeea922d418e87bdd00bd2b3781025cd02bc0426002f6bb796724b28d331c85a1966636fd078efd447e967f128cf2fd2e6410ab217770f5129e4f5d0c398e26c12fd4f08d5fd98064fcfbfc66e44af9144f5b2a3a42444c31db7dab2b3ac4f1706bf466804f0b59a084367ff33b5d8538d17987334573fc5a1d44e76e9b7d50665ac9eb86be4574409231f9defbd8771018601d797f13378179203fa1a14e7b4898b25e2b62b8460786a7320dc31eed98c783cbcf7079c749b3507d6df336da94046c379f8e756ad18961afaa649046016a03648285d8655097d73b76f91b41968eafd52be0bfb4fe1d5a94ca699a0c787f028b0e46ccfdb9989931c13ddc7a9550d6c28ee4f5e2688fb9aca9f7b824a8a4a46de7e1f0b17b41935e74e21b32f2501864dcac6b4c21993214569f3772466c683c13f7d6a7d013efc3d28cfe5ef26742a34552bd6e9b31fd60e6dfc95badc5bd18f8898cbbb4a32c95940b147f6effa8bff917951bb92c8782305194fe0c1a4d43f96e6d03c84bfc8bf91ba7b2807799360f6740006ad8ca4165454ffc896628714555d2fca7e0960836e0f993da27951828948858f5de86a5cd30d6660f12b83544d602d19e82be52adfdbc73ae19bcad2e0f0afdba88f9d2e801ea8be411c3af7b3957c288104f33874f18c73468382fdfd173dc926e8810dc2aa8a1a35cdf73489d0d267d6844b9e9fbefdcc9381eaa6b58942a92b5a38c0dddcdf5863dffdc35435e5539d407253b2dc9355c5a74f09b873a91c0cbdc59c3fdc9920fe0c7d3a4d316a75aeb9a128e6e4c1f84f5531e43a71a331ab548f494a3a5dade0add25078bf66276a9d3c71c9667b54a46e89131d0f559bc61de5416a667f49b3f4218b2efc31e72ddef04b54cd7469472514a5b785bb1825ecb0f08ec18c6169122cabd706c52aeaa25d68ae37c012c5e56b5d11ee647e9a3ed0cfc71da1dd33551df5a6cd0ba246389a1d0823246c203893874502fa365d502b19e0b72e5552790ffe2920b650aff70586e555240d6be0d5a6db0bda864ca0a2e2f5fb638ef9475a1aee318f545c29e29c21aa5e14a65ab0ad5f0e304ad14aa427cf8e988a44cf3ee2ad51fdddde333017f34a861f9f2758f5ababe2fee9b73a199cb63daaf5fbef77673fc9b2998074352df3f5010bfc5e3c4648814c4b580548c286ac48e878051651094c3dba3e71a22712e4b3ba4dd5c1a0d6e5ef220567dcec4bb1069eeb4c0832292609b5fb0434621d95a44b3941ec52e3be4b7b4f235a3eccf2da2fcae653232202bc562129d9bf74b1b3d5944782d6aeef7949c1b0ca6443f19d6e"}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x81}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x3}]}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x2ce3}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xc}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8001}]}, {0x144, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x40, 0xd, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0xf}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x30, 0x3, "a66c7c61b1359b09c73cda1e0c8b28d46402dcf0ae0b2829832d78f9ed8fa409ef9a1b8e37dfb80e2bcf0230"}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xf0, 0xd, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x23, 0x1, "7797f3ff4e7f066a4892b8102af68529822f945819b980a076adeef5057cdb"}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x10}, @NL80211_TXRATE_LEGACY={0x21, 0x1, "6d041c770a3fffc4412f60af20c4c653ae11e66b74131d229160a8e5bf"}, @NL80211_TXRATE_VHT={0x8a, 0x3, "327a31e098960bf8a991024b796fcc97a50278ff59c684f94a83aaa0dfb67d5c0ab06dabc14c0c259a2eb0292d646aa6169e7e60bd4948fb91b10b385412053bbcbb929bf8e3a0db50071968897098617beb2e936c6c5b25406fb26f170725d7e48ed9cef42c89d3b0f3ff07c28569a2d0553c32ec1bf3350dcb3f88aedc9d720247065aa874"}, @NL80211_TXRATE_HT={0x7, 0x2, "2004a5"}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x80}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x1000}]}]}, @NL80211_ATTR_FILS_CACHE_ID={0x38, 0xfd, "9e4a980f08b5cc0c9d7191abc80af2990526096feaadbcd6d984133a6aadf4d0f62a96729d665c44458ddfb43bb0c53706fe4991"}]}, 0x1d64}, 0x1, 0x0, 0x0, 0x8c0}, 0x880) setsockopt$auto(0x5, 0x104000000000010e, 0x2, 0x0, 0x16) 370.952479ms ago: executing program 0 (id=5120): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0xfffd, 0x8000, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r2 = socket(0x18, 0x3, 0x2) accept$auto(r2, 0x0, 0x0) write$auto_tty_fops_tty_io(r1, &(0x7f00000001c0)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fd9b5d", 0x25) sched_get_priority_min$auto(0x40) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0xb49dc2, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000002140)='/proc/sys/fs/file-nr\x00', 0x0, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r3, &(0x7f0000002180)=""/211, 0xd3) socket(0x6, 0x2, 0x80000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r0, 0x0, 0x10084) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) bpf$auto(0x0, &(0x7f0000000340)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0xfa, 0x80}, 0x96) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x0, 0x0) open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x80842, 0x91) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = io_uring_setup$auto(0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0xc) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_JOIN_IBSS(r4, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f0000002280)={0x1d68, r5, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IE_RIC={0x7e4, 0xb2, "ca895e8b907db2bf1ebd2e830cab4eb970fa3ab01cdc0e49c2ecabe163916b75ab6c090a40fb17c6053976bd3fa14ac8e2b9d1acb86949b7b08629d9c71663644d03db9c036745cdca7bd8063616c240041dd1fa67fe2668720f8755afa127d364416171d07db0935e931fc26898cafdb0f71be23a8a08bb754700e9d9415fc08c43b91bd299c3e7a458ea90fee83a32df69410d01a07089da12ecbee585bd9d27f7c5750d36ade3b4338f85b3cd0dd27eccda2893b25e0d3bbbca01712c6374380ad5db6efa5ebab85d947b026672ccb2c72bb52a0cf13b62e15556605158a223c98950049e49ffe066689b23b072bd3ec14ef709eca320da28fa7804c19a3ec7941fe99e2e7e2940e0035cd35e26fd0617dead8b55a8748571b6615b12ff257962c1acb1b3bf35e43fdb406dac960934e82a78656f4d20022739b868d6f7dfd9d2f27439ef1ac889e905f71a22514ace9df1a3d59d4f0b5b9cf97db56b7b63bdc9392c9b650e011d41f7c6555c78cda1c36ac2480a2e858beca0f3d112dc77d8a27362b755bf4cc7449862841e39f4b2b576adaf84087c0c4f47dac02e529419a595e8d081df0505c04c0e9eda83c1608822c305858023e8eb201ae094b1f665c9c6bb5f60d2bdf157111db031e05b7f5f304c7d9a8319f0d4e529e5e15548981243471faf7140eb1b19a7ee3139a52d76c57230355e7e6817affddc6adc12d3534bc96ad7db8454977b2c8541a878f7082d536764cfee7db69d2a0027408e57a5cc69f7ed25e09625d5de6a832830ec59ed9e71e4d7739900070ced1a2c1d526144fa46b50eec1abd6e549ce1eaee117940afe96a2f2d16f84fd9b89c481bd32d298120875c6dc98a1f06290325ec5df8795508a9afd1edc9235b57c0d1233aaaceaabe60d034bf01a9e0951cdabe31aa4f2ccb010d70d2f01d6078e78387f78e517915f452d2f8e4557ef1836f56b2ea9ffde7f6ea51158c15fbb0c5ade803c2faf340b518dfb608ad89b2ab9162ee80ac0145681b4704f140ea5e0ff16d9f387a03e640822772da65e3121f1334b2da2044e78f394c53d7d9ff2dacce609df3ecd3a8dd1912b2f79c63cbea3c5bdeae7cdf7bc8e417401e99ec59e8b5e182cce49b4dc51e874b12329f9173f3f355835bf675e82887c1ec7c362fc3254cfa76aaf13dbbe4b8da019c2bbd5fd86bdfa0594de7e9d5e91515367315371fb2833062dfde6793700e19542338de994f32b1dab4d7c9fce1de7feb7a1928289e4e1ea52a08c8df9411c9099008edc9050b6422341a0c80d25bf8ba11b68cfbb391241f881be6ca975ad8e83882ca315125e93126166500ae6ef1620aea6ce62d1feb173b63f5f807930d526a5728934fac6d8442fd6e3aa4cb57fb7e9c8e23690461e3645705b4e38c9d54c4099804a42215e62988eebd8e77bab5261264b42dd948c2f1c6c7953f0c9fe677dab16e2ee8bfb7f158290101fdd3117df77ce1a124a569db404e85d56e513c4a1e39443440b3196136d0df0f5c303b1781e6bb8c0599ca7aa6e72914a2db946b67696853c3c0e8db279b3a4ccf89ff79959972acbf2b6ac324c36e2a809042bbb4beb017bbb084c943ae561127ab44554a796df1f4ff1ad1a2fcaa9307b45d56fe415915f83cbd170fe03c789518d5f6ab340b1c674f5f69e928f99b90ca4c56f2a07b0d2dd2d408f34b13e090aab1a1d4cbe6047e4e6b52ae73d2ca388ef88c0e0f584325984120e412c7e5d0b668aa2b294bcdfa7a1842a2cea3f9a57437909a764d5413538dae65657587d4a9fdccac8c20fc32748ffc1edbc1b573cd39a6a981ba66187945a9e8b018aacc229b963d879971f0e2b3f7a77108b70aaa5cc42889decf22d0a6af445c958ac7af3c9a590fa7e36dbab700a2b8f852e9c2144d37941a6e6626ddb20adf347ceb7cdbc21735c90547af9390b940adec446cecca63d2f5505b3b0ae68c09daae481a7d9ba46a9f33e39f4cd18f6236a223594bd6c83e6cc37450f590bacb846c8084ea8d19238e538ba32dfad2f398167a3144925684a0eabdc19d4752bf120eb0c63d628e1253fe3d8fb1b36f87bc21fae4cdea7f6e1b19b65903421bab55b149240911b437aea762cbc34ae9c3a7d8afda477097f52f56311cae334e23a1fef25f85ed1d962adf7832dca99530fdd05fbce28097dddd45e5649aa6611e892fa7d6d723128fafd95230b4a89fe0b8acb71f8df3bed0d645df7525b166e115d40f0528f8534bf3e3310534feb4f83f22281b7345335eb4caf954e340ef5f47700c9fe827b1ecc2f4b62818a4799f1e401cd2f3b5738564b2c5fea0ecbaba42abbf56eae447447419f5c5174a3412df49ff84649bd5e99fe0e6fd0183a26f7193d35f71ccbc84ca725c3fca9b77e3df274814ef51f682775114737e55960c4068a079aad92cc83060152884c20ac0e9929ff282f2203e290eafc259f461c698e3cd3f3a1763ed601018d12aa63fc63e5c65a77b07530e4ca6e320e2d22a263c3cf085d1f2a5a21296a69186985b48be31c93fb6788e98a358b24c3bcff4a8118d7a115db74c7de25c9450b7491934e8c2be9f62e5336bd3d572935098bb66c6896320c9b81c0a9dd0c0f8b8c77f09dbbb484696c36fa1a00736beb49a632a7f13cc26e820d1535ae73e8950021bb014ba3d464592a96b52da6dfbd20054924aea63b768313d0cf6559478f5475ec2724c551c1a136d261396ea9c745ba6ca9ca7f83b1fbeab7ccd0c9a9efda33b9bc15b55e7ada861d7f2309839f1d57bab60cba323d60787c088be00a804379544f984d58d440eac22188c9b200e11cce46f32ad1c8d275cc0710d"}, @NL80211_ATTR_SCAN_FREQUENCIES={0x336, 0x2c, 0x0, 0x1, [@nested={0x1a2, 0x12d, 0x0, 0x1, [@typed={0x4, 0x97}, @generic="49111ab4c5c23cb66e35182776468dcf5744d8d8586d566ff806a1448ae196e1e863ffab56b1ca0b7247fbdd25679699b59893d3f46ee632e6c7b1171ce11236a035de3a5c623e7563ab9160ad4b61cfed6f2b07eb2007ce1bce34b3599a80193a136849cb60fbdfd0aea680feaf99404cd92fb120a4e0bc91156a57225845a40a22a471e00c3f0209f0ab27011452d6caba2a5b29749781517e146e5f6109449b1f9a2954e6ecc5c36c81531c6046c6607edeed03820ccefa3e0f5f9423cca959b0de6b7499ec7d9d97d94a8cec724ebca194bef2d7ef", @generic="718b52203b0e51b36b4323ab2d6fb711b86210fba0580aae7f3658c82a3b1bade4d28720410c142ba9d9c951eb7ad3d0a22c17a233764bc866b1c0052bdd2f190e45f0a7a6a3f8dc06e2994200f5627bf8c283b3f046a341586171ee94974aac5f5eca8577ae6ae03ed29932cb4cda61ce05256988f65682080860989f2ffb349d3603c0e207607308864fa952d10dd247c34bfdf2326575e25df1dced75f02d65f2fde10c2d90032248e509679e5bf3fb9dc3f52db7385bbb5fd7a695a222", @nested={0x4, 0x23}]}, @generic="e841830fff6840034fbafd54d4fab8ebac8c53a776478550b080f99d173d49143fd0b8cbe7fd39a52bb132fdbf844f3406c81657834107c6b1e8f381642345d5f6d2dfb266b626abc60e110dbf5325abd7cf64dfdd073bf60852bbd219238023c85645aa7a50da46060024852a1c8f9eaad829eca060341e5000fbf5b98a006a7327ba67093442c306edd2c70974ad12f0a25482f4c09e42382aaff9d9aad0af60afb52e7b5ad8bcccc5af96cbf1ad9c0ff6f9e78741d1077137cecb9d4e0d64145c147d90903a", @nested={0xa0, 0x0, 0x0, 0x1, [@typed={0x19, 0x2c, 0x0, 0x0, @str='/proc/sys/fs/file-nr\x00'}, @typed={0x4, 0x14}, @typed={0xc, 0x2, 0x0, 0x0, @u64}, @typed={0x70, 0xb4, 0x0, 0x0, @binary="ca6cd34baffc9b9b1e8f18a2536c98855e4fb3ca66912c8a0340b6945e7f62a19e7ed3ce5f7f97f210108c085c499d913f3cc18e40e02dca2aaa590bc1f10d126718e575c3e9643240bbab524545ef63f8f98416912c2aebc426a468b9d5f5553edfe71ebe3227eb697624aa"}]}, @generic="77f464165eee1cd5b30ef2d3e57266bfdcff7adba31785f52e49117ef5782bbfcb53b250234ccb"]}, @NL80211_ATTR_SCHED_SCAN_DELAY={0x8, 0xdc, 0x9}, @NL80211_ATTR_STA_TX_POWER={0x6, 0x114, 0x240}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x40}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x293}, @NL80211_ATTR_TID_CONFIG={0x11dc, 0x11d, 0x0, 0x1, [{0x1070, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x1c, 0xd, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x51}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x4}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x8}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x8}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x1020, 0xd, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x1003, 0x5, "3617f69ace468b80d8161c3de01df6bfe69910c27e1736c98a624cc5a4f8cb84296b0f6e479780c848ab061d2fc25a1c5ae83ec7c56417a97437d5dfe361e9a85f680fbd278d439a721797f8ac5d056d7331a8fcafa100434437f3b270c21e7fd1620cabf4193acf936d7b28fc5d8feaf2d266b0c9d63c576f3443c1dcc0ef8e4be85765b5cebea68f56f72a485d92bcb1e091c9c24b044057d0d11b23028e303290575e43d39f7d419c9ba4378fd4d9dcb12649ce75048b2ab91d11e46e566828aefb4f1bdc9a6918b15ef6e5f14e2ec155f065f78e0525e3ef16a2ae6b6825f38e46336bbb469dc06ad2730293bcd279526aaa00b167b48d3c3b30b426a62efab6c2d9d3f487c3ea93fe6fab2b8a0067c7a731e60893eb747e3067158e34c864c879ea58e4386fd8464aac83900456dfbde5d1346b6e977f13e753833dcc739c30150cb5dbf92e6b8b54ce2d979540bcf1d7e2402017af65deeae2a7a8f9a18b034a4b4f1b3a85a293eabd1802eea8831219a009737bdc6e11414a887bf482fb035f6f0c1373cd96acf6d201bceeb9b9f5416326a6dcd00ea83b6ced32c2c4fc6d8ce30f083b67395055e8ad4f2d79f45934c01819c8f4bb2084b96269b7bf4252d5d0d5f3e679499c60d7385c63ba7e869c1824ceeb8c3cfd24c5b6c1f0c809646d765a26d816a3d867426179be1a7516db11802d2ac915e47f99f196c5f3a7e8dad9ae6657f7b50f82ffaff262b4c915b44f7341177f97e10d7c951e85d6bd8afb2f483823798e6919ab2de6ffcd4df9f1fc0647acc9967a997db9a1dbda66b101ca733962dfe1032bfe03b850fcf4a4fc985caafbefdeccd16bfd1881cc57b28ba629cba0efc6821ccbff9e68df3a9cc6c96386e4c4e7ee598eb6e4861813928060388a3bc387742e700ce3984e6b39cb24d323bce8056b8bda33ea644d22c9b369f069404ee8a5a1e8caf3a036f6a5693b850f4c7f9e2c02c6abcbcfffdc010429d952e85b6237498116f254aa92a9029fa7114a55ad8d5d3c9828ebaea3d6ec51e7e2757be234276c23487da2a99b2e30c15f662fe775f38b45f0a9f1abcd741ee41faa6c65b088b728c570a2a5ce32a84eb2f182b0d220676e055b8a63c564cf2c0dab3030f6d7f26de44d462caef0f3be4d5e0669a50cc817960cf25c932c5cb74de56c3469ed9c117573542dd15c017cdbedef1b1c34df24a9e64bb2b77ecf8ce36de582dc3b7c978719e993fee471aebcb7156df6e9325a3366cca8b4871fae9bf5bd0b329add1fbb3b66d6f963b5cca721bbd76fc8b2aed856357f80458000cd512773593ab871c92a203efaacf3890819a52dd3874991c3942c3941f0b856bf95ee1289ea1bc899735211f5a20e9d552e576da382d2fc0b744fadf1190eb21adee101a45f5ff887e2a4a4e43913f7c3b383231ea1159fe50d7a0f357f3d38fdc69f803c5ea0db726a9e4ae08d8c37ad14668de96aeb20df84b3f47a9e079c352b3b1e11aa59c4d1c0da11ffde899e179ae82e55bc8db45ead57aa99244b19966302dfd1e76e41d6b0810837a5ad89e217fb51b402df33d6691b3d07ab0a67d3d2a2fe9e1ce3d2875eb0616707f211a46305c69058d19b1c5ed6748f2e2caad135457f87a217185901b4c599b08e665a648b37a4af547efa96a117d7c4d6ee2e8603bf036dcb6affd54bd97b18a12afbbd30f445c537d1f39582d3caa0d5be2af7e027499e87e7f9a3cfc8000b533e3b847ddd6c18a0004fb287e59255da98d919b6cb9c148eb5955adf887815ed326f02e34d8d7e93495dd4056e574d2a7d38119b28c4076b083f1b04207871044d857c64cb8303096baa7146a04f0967df2009769dd66a81de7489165cf71a4519e78bd9c97c4e4281af8063b0fe51c56b13927d1c56c2dfd6320056f2d9c9e6aa7fc64a77d25c2d5eebc85c4f7d558acd344e7cacda6b2aa4a3790ee970b0f9bd595583751e068ae82e11c175c63633ffbcd594fb9e83c6b6e8638b846482ec7908d89fea8b4fbaae244c5d48f2f668db4cc699f52541c1c9f24fc37374d840b1dc1ea21ff3e29175504a8803584aa58598e13f0d30c25cbfeadc2880b73c4e91754065d7117cf8bb4ec64c834f1fb9ef34f88faf7749375c3bb5888048482281ba95f025944ec2670bcbd960cdf915ba8397763d8745f05c747d13ff1a4ad73297de3e6eb00d992f9d6b54451131c8c4e2738fedb69ecba3defd833b425da6bd0d7777191fa8678c52c436087606cc60f7c88d7d28db47c963532447e91149881e96b69bbd6b61c4e4ac108c721602e3701f4687d572379fc88a133cdd0a8d38e19adb6616c58c0a29566e8988784c2fe99574941f77ca5ca90823c1534fd54b9aa403e9b82c3724633f0e24a9b09b82dd0ab770d2fa91915fa65595ed9f804af247184df7047497320d8cca1e7f4014847e1c403cd6b518d300acef0a4a5b4ae89ea7d065015e791ec151b7aee4e620c7bbbfec7a299452bd028ce634dd861353c030345fccc831f2dccc60441f365108bd54f4925fb9c13c57a454796f241178b48bbc02bf17e3f1f651dd9fef0902297706880d38f593d36d335551657003486050fb05579e1a5565e215911df580d6c343132dae5efde7324caf1e63383c63db151afcbc25a49e69c17b95138f819ababe7ba32974a0dfe8cc88fe76648760d5ebc98adfdee2110f2b624545e9ae415838b2d197a3019340b365a3ce9133bac35ef0e262f979dc0cb9211319bbe8de17c059ab97026925ba32e7ee8f5b1b4928828accff587d5abbf6d2ea776cb4996ff3f2b822a9171141f7fd7a183c9a6a07f43b46c6bfe42a957672253e4a171f7c9a46532bb746dca946b53a9b5deff866a54a3c35d7b99e1b4a7edc9cb9d2daedb556752095ba80b550403985d1136faadd47d724d50a0cc45afd9f1ef5bdf2b8c1bc7f5e7f01c01a770919ed807e428f4f170406f343591ff083740a54a4fcd70fc8453db3d9cfdee62b5db39fb015c7e8d862f0156ac8c0921aa8331ebcd3da199d60ec189922b168dcc66d45265fd8296f893c58120b342edebac63b47fbefc2a1685682bce0944a6dc0ec02f626b972585b3924f6c5ca482a6b702f89fc474186cc2a2c5dcd0054a2335ca1da7e94b37dc50d5be6163646a4fef073cb3b8faf58fc049f21086df7d3dc78af4e4f74d60ab7452dd26e7fca8075c747252fde9c13b2112268ed4e57cac2fa8ae4bc226652728a501b86eacdef66d51e3bfab0d67845cec63660f4b0371e5de7ac1af23aad5be9b8c8c80d806ebf7a9a55918bea191e8c3da90bb8b36447fb69dd5b9a8827beddd79dc311d226ed000d4839017cc9419958b045e5052561fa1ea8642c0c6f940d6fa5b69c3e2a4b9405a76d69bb7a371bb252c16d150b89cc4596705f971b5c77cf0a90748f07cccf6f6f9d656136a77ecf2c7f3f897f432bc983a74cebc8f80770d722c3aadc8bb66cd9ba6acca006b9360c28117a668da4ac926511623d43f1cecac68f7ceab6c2dd3b943d1056a639ae3bcfe3bf451b6278d3a126593a37dae6b03033d03c18c527f1a68827a7a25b46c11322e46d4e06fb01e88dcf7f76ac8aff75a6706ae37de368fb7c7c12e975f476d5b9d1bc7fc1f167637d3aa3779e4b20f156c69baf8b11801c0ee4f3d00401c909bf0afa87fc14045d86c631e0de71673e812bd9a39213885af5e0db527623b44609c70cc14bef06aedf4cb8fe1953f7cb9064e2c11acdf8951a8381902ac7f05b07dc77b01da774514ab1929f0d26bf171b6ab52a7e89374f321b167adc799025087da9f54d4eb1feed7d663d9ac2294c70c3fe8a97cfc65bb7153006abe03fb509ef08902a6682a1a3422f901c24ffcdbb2b229aac607f6d7eaec3295b8bf07c2e6b4257fce83d14bdac9993ff4cba6ffdc1790b56a974c364c8c290b997c6457ba190291bbc4daa18e082e1c7520b8b5c4c50dd7d90f7492a149ba9a20957ffc949a4c6855761fdaff9411f455b0bac1c5dcfadf28d2cf712d537a716bf538ee92aa3135fda61f5f2189c38fdd76f49d43f80c2ce2244e3f999794203475eb6964cedd42d76cfabc1485366a391aa9e14f82de2df86eab684579186c54fb4eb7cc7833fa9c7e7ebd0c7de6b48f38ffddb769cf14a7239003c64d01fdcb63177ca80b2b0945ce5d1d759d9f352793da1f72f6aaa029588b37bb6bfff964b070e519524f8a83f34f36726aa3e755197dbf4333a9d95d1d4ec5d1e7a4b426fe56ce2c6b4efdf43d1de04990b3af9661c650c363711c66b86a275f45317632ccbf9f97d04a4d5d950c0ae2dc1c90191ba8af0572c4696f477b777b8e73c17d37a1c05c2daf48910f508ac67588d776dcfe67bb4ff66a4c0ec9f0d06a07bcd802bee6b61783125c62e53514d0d118ec7f0875e2543693b5081e91d9abbf87fbeea922d418e87bdd00bd2b3781025cd02bc0426002f6bb796724b28d331c85a1966636fd078efd447e967f128cf2fd2e6410ab217770f5129e4f5d0c398e26c12fd4f08d5fd98064fcfbfc66e44af9144f5b2a3a42444c31db7dab2b3ac4f1706bf466804f0b59a084367ff33b5d8538d17987334573fc5a1d44e76e9b7d50665ac9eb86be4574409231f9defbd8771018601d797f13378179203fa1a14e7b4898b25e2b62b8460786a7320dc31eed98c783cbcf7079c749b3507d6df336da94046c379f8e756ad18961afaa649046016a03648285d8655097d73b76f91b41968eafd52be0bfb4fe1d5a94ca699a0c787f028b0e46ccfdb9989931c13ddc7a9550d6c28ee4f5e2688fb9aca9f7b824a8a4a46de7e1f0b17b41935e74e21b32f2501864dcac6b4c21993214569f3772466c683c13f7d6a7d013efc3d28cfe5ef26742a34552bd6e9b31fd60e6dfc95badc5bd18f8898cbbb4a32c95940b147f6effa8bff917951bb92c8782305194fe0c1a4d43f96e6d03c84bfc8bf91ba7b2807799360f6740006ad8ca4165454ffc896628714555d2fca7e0960836e0f993da27951828948858f5de86a5cd30d6660f12b83544d602d19e82be52adfdbc73ae19bcad2e0f0afdba88f9d2e801ea8be411c3af7b3957c288104f33874f18c73468382fdfd173dc926e8810dc2aa8a1a35cdf73489d0d267d6844b9e9fbefdcc9381eaa6b58942a92b5a38c0dddcdf5863dffdc35435e5539d407253b2dc9355c5a74f09b873a91c0cbdc59c3fdc9920fe0c7d3a4d316a75aeb9a128e6e4c1f84f5531e43a71a331ab548f494a3a5dade0add25078bf66276a9d3c71c9667b54a46e89131d0f559bc61de5416a667f49b3f4218b2efc31e72ddef04b54cd7469472514a5b785bb1825ecb0f08ec18c6169122cabd706c52aeaa25d68ae37c012c5e56b5d11ee647e9a3ed0cfc71da1dd33551df5a6cd0ba246389a1d0823246c203893874502fa365d502b19e0b72e5552790ffe2920b650aff70586e555240d6be0d5a6db0bda864ca0a2e2f5fb638ef9475a1aee318f545c29e29c21aa5e14a65ab0ad5f0e304ad14aa427cf8e988a44cf3ee2ad51fdddde333017f34a861f9f2758f5ababe2fee9b73a199cb63daaf5fbef77673fc9b2998074352df3f5010bfc5e3c4648814c4b580548c286ac48e878051651094c3dba3e71a22712e4b3ba4dd5c1a0d6e5ef220567dcec4bb1069eeb4c0832292609b5fb0434621d95a44b3941ec52e3be4b7b4f235a3eccf2da2fcae653232202bc562129d9bf74b1b3d5944782d6aeef7949c1b0ca6443f19d6e9674f3"}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x81}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x3}]}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x8}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x2ce3}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xc}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8001}]}, {0x144, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x40, 0xd, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0xf}, @NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_VHT={0x30, 0x3, "a66c7c61b1359b09c73cda1e0c8b28d46402dcf0ae0b2829832d78f9ed8fa409ef9a1b8e37dfb80e2bcf0230"}]}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0xf0, 0xd, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x23, 0x1, "7797f3ff4e7f066a4892b8102af68529822f945819b980a076adeef5057cdb"}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x10}, @NL80211_TXRATE_LEGACY={0x21, 0x1, "6d041c770a3fffc4412f60af20c4c653ae11e66b74131d229160a8e5bf"}, @NL80211_TXRATE_VHT={0x8a, 0x3, "327a31e098960bf8a991024b796fcc97a50278ff59c684f94a83aaa0dfb67d5c0ab06dabc14c0c259a2eb0292d646aa6169e7e60bd4948fb91b10b385412053bbcbb929bf8e3a0db50071968897098617beb2e936c6c5b25406fb26f170725d7e48ed9cef42c89d3b0f3ff07c28569a2d0553c32ec1bf3350dcb3f88aedc9d720247065aa874"}, @NL80211_TXRATE_HT={0x7, 0x2, "2004a5"}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x80}]}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x1000}]}]}, @NL80211_ATTR_FILS_CACHE_ID={0x38, 0xfd, "9e4a980f08b5cc0c9d7191abc80af2990526096feaadbcd6d984133a6aadf4d0f62a96729d665c44458ddfb43bb0c53706fe4991"}]}, 0x1d68}, 0x1, 0x0, 0x0, 0x8c0}, 0x880) setsockopt$auto(0x5, 0x104000000000010e, 0x2, 0x0, 0x16) 0s ago: executing program 2 (id=5121): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0) ioctl$auto(0x3, 0x6f43, 0xffffffffffffffff) kernel console output (not intermixed with test programs): imeout [ 1470.825325][T30491] netlink: 246 bytes leftover after parsing attributes in process `syz.3.4402'. [ 1473.033495][T30526] FAULT_INJECTION: forcing a failure. [ 1473.033495][T30526] name failslab, interval 1, probability 0, space 0, times 0 [ 1473.047921][T30526] CPU: 1 UID: 0 PID: 30526 Comm: syz.2.4411 Tainted: G U syzkaller #0 PREEMPT(full) [ 1473.047948][T30526] Tainted: [U]=USER [ 1473.047953][T30526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1473.047962][T30526] Call Trace: [ 1473.047970][T30526] [ 1473.047977][T30526] dump_stack_lvl+0x16c/0x1f0 [ 1473.048005][T30526] should_fail_ex+0x512/0x640 [ 1473.048031][T30526] ? sctp_make_init_ack+0x314/0x1410 [ 1473.048055][T30526] should_failslab+0xc2/0x120 [ 1473.048075][T30526] __kmalloc_noprof+0xd2/0x510 [ 1473.048093][T30526] ? sctp_assoc_update_frag_point+0x21c/0x330 [ 1473.048119][T30526] sctp_make_init_ack+0x314/0x1410 [ 1473.048142][T30526] ? __pfx_sctp_make_init_ack+0x10/0x10 [ 1473.048165][T30526] ? sctp_bind_addr_copy+0x23a/0x530 [ 1473.048187][T30526] sctp_sf_do_unexpected_init.isra.0+0xdd6/0x16f0 [ 1473.048231][T30526] ? __pfx_sctp_sf_do_unexpected_init.isra.0+0x10/0x10 [ 1473.048259][T30526] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 1473.048283][T30526] ? __pfx_sctp_cname+0x10/0x10 [ 1473.048301][T30526] sctp_do_sm+0x181/0x5c80 [ 1473.048320][T30526] ? __pfx_stack_trace_save+0x10/0x10 [ 1473.048336][T30526] ? inet_sendmsg+0x11c/0x140 [ 1473.048353][T30526] ? stack_depot_save_flags+0x29/0x9c0 [ 1473.048375][T30526] ? __x64_sys_sendmmsg+0x9c/0x100 [ 1473.048397][T30526] ? __pfx_sctp_do_sm+0x10/0x10 [ 1473.048414][T30526] ? kasan_save_stack+0x42/0x60 [ 1473.048450][T30526] ? ktime_get+0x200/0x310 [ 1473.048471][T30526] ? lockdep_hardirqs_on+0x7c/0x110 [ 1473.048495][T30526] sctp_assoc_bh_rcv+0x392/0x6f0 [ 1473.048522][T30526] sctp_inq_push+0x1db/0x270 [ 1473.048537][T30526] sctp_backlog_rcv+0x169/0x590 [ 1473.048555][T30526] ? __pfx_sctp_backlog_rcv+0x10/0x10 [ 1473.048571][T30526] __release_sock+0x362/0x400 [ 1473.048592][T30526] ? lockdep_hardirqs_on+0x7c/0x110 [ 1473.048616][T30526] release_sock+0x5a/0x220 [ 1473.048636][T30526] sctp_wait_for_connect+0x1c4/0x5c0 [ 1473.048660][T30526] ? __pfx_sctp_wait_for_connect+0x10/0x10 [ 1473.048680][T30526] ? skb_set_owner_w+0x31f/0x710 [ 1473.048699][T30526] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1473.048717][T30526] ? sctp_datamsg_put+0x58/0x5f0 [ 1473.048734][T30526] ? sctp_primitive_SEND+0x9f/0xd0 [ 1473.048751][T30526] sctp_sendmsg_to_asoc+0x182b/0x1bf0 [ 1473.048772][T30526] ? sctp_assoc_set_primary+0x81/0x300 [ 1473.048797][T30526] ? sctp_assoc_add_peer+0x252/0x1550 [ 1473.048823][T30526] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 1473.048843][T30526] ? sctp_connect_new_asoc+0x41e/0x770 [ 1473.048859][T30526] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1473.048873][T30526] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 1473.048896][T30526] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1473.048920][T30526] sctp_sendmsg+0xea2/0x1e10 [ 1473.048940][T30526] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1473.048952][T30526] ? __pfx___might_resched+0x10/0x10 [ 1473.048966][T30526] ? do_user_addr_fault+0x843/0x1370 [ 1473.048992][T30526] ? aa_sk_perm+0x2f4/0xb10 [ 1473.049013][T30526] ? __pfx_aa_sk_perm+0x10/0x10 [ 1473.049041][T30526] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1473.049057][T30526] inet_sendmsg+0x11c/0x140 [ 1473.049076][T30526] ____sys_sendmsg+0x973/0xc70 [ 1473.049096][T30526] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1473.049114][T30526] ? find_held_lock+0x2b/0x80 [ 1473.049129][T30526] ? futex_unqueue+0x133/0x2c0 [ 1473.049150][T30526] ___sys_sendmsg+0x134/0x1d0 [ 1473.049173][T30526] ? __pfx____sys_sendmsg+0x10/0x10 [ 1473.049203][T30526] ? find_held_lock+0x2b/0x80 [ 1473.049229][T30526] __sys_sendmmsg+0x200/0x420 [ 1473.049252][T30526] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1473.049279][T30526] ? __pfx_do_futex+0x10/0x10 [ 1473.049307][T30526] ? xfd_validate_state+0x61/0x180 [ 1473.049328][T30526] ? __pfx___do_sys_close_range+0x10/0x10 [ 1473.049349][T30526] __x64_sys_sendmmsg+0x9c/0x100 [ 1473.049370][T30526] ? lockdep_hardirqs_on+0x7c/0x110 [ 1473.049389][T30526] do_syscall_64+0xcd/0x4c0 [ 1473.049412][T30526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1473.049427][T30526] RIP: 0033:0x7fc35238eba9 [ 1473.049440][T30526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1473.049454][T30526] RSP: 002b:00007fc3531f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1473.049469][T30526] RAX: ffffffffffffffda RBX: 00007fc3525d5fa0 RCX: 00007fc35238eba9 [ 1473.049479][T30526] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003 [ 1473.049493][T30526] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1473.049503][T30526] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 1473.049512][T30526] R13: 00007fc3525d6038 R14: 00007fc3525d5fa0 R15: 00007fff4075d2f8 [ 1473.049532][T30526] [ 1473.886811][T30526] Process accounting resumed [ 1474.000270][T30538] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4415'. [ 1474.084523][T30544] netlink: 25 bytes leftover after parsing attributes in process `syz.0.4416'. [ 1474.265599][T30550] Invalid ELF header magic: != ELF [ 1475.817301][T30584] FAULT_INJECTION: forcing a failure. [ 1475.817301][T30584] name failslab, interval 1, probability 0, space 0, times 0 [ 1475.832550][T30584] CPU: 1 UID: 0 PID: 30584 Comm: syz.1.4427 Tainted: G U syzkaller #0 PREEMPT(full) [ 1475.832580][T30584] Tainted: [U]=USER [ 1475.832585][T30584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1475.832595][T30584] Call Trace: [ 1475.832601][T30584] [ 1475.832608][T30584] dump_stack_lvl+0x16c/0x1f0 [ 1475.832635][T30584] should_fail_ex+0x512/0x640 [ 1475.832658][T30584] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1475.832676][T30584] should_failslab+0xc2/0x120 [ 1475.832694][T30584] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1475.832709][T30584] ? __lock_acquire+0xb97/0x1ce0 [ 1475.832728][T30584] ? snd_timer_instance_new+0x47/0x2e0 [ 1475.832747][T30584] snd_timer_instance_new+0x47/0x2e0 [ 1475.832763][T30584] snd_seq_timer_open+0x1cc/0x600 [ 1475.832788][T30584] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 1475.832810][T30584] ? find_held_lock+0x2b/0x80 [ 1475.832826][T30584] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1475.832846][T30584] ? lockdep_hardirqs_on+0x7c/0x110 [ 1475.832867][T30584] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1475.832888][T30584] queue_use+0xe3/0x250 [ 1475.832905][T30584] snd_seq_queue_alloc+0x2e5/0x5a0 [ 1475.832926][T30584] snd_seq_ioctl_create_queue+0xa9/0x380 [ 1475.832950][T30584] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 1475.832969][T30584] alloc_seq_queue+0xda/0x180 [ 1475.832993][T30584] ? __pfx_alloc_seq_queue+0x10/0x10 [ 1475.833041][T30584] ? mark_held_locks+0x49/0x80 [ 1475.833073][T30584] ? _raw_spin_unlock_irq+0x23/0x50 [ 1475.833109][T30584] snd_seq_oss_open+0x38c/0xa20 [ 1475.833143][T30584] odev_open+0x6f/0x90 [ 1475.833165][T30584] ? __pfx_odev_open+0x10/0x10 [ 1475.833181][T30584] soundcore_open+0x40c/0x580 [ 1475.833205][T30584] ? __pfx_soundcore_open+0x10/0x10 [ 1475.833226][T30584] chrdev_open+0x234/0x6a0 [ 1475.833245][T30584] ? __pfx_apparmor_file_open+0x10/0x10 [ 1475.833261][T30584] ? __pfx_chrdev_open+0x10/0x10 [ 1475.833280][T30584] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1475.833300][T30584] do_dentry_open+0x982/0x1530 [ 1475.833319][T30584] ? __pfx_chrdev_open+0x10/0x10 [ 1475.833340][T30584] vfs_open+0x82/0x3f0 [ 1475.833364][T30584] path_openat+0x1de4/0x2cb0 [ 1475.833387][T30584] ? __pfx_path_openat+0x10/0x10 [ 1475.833409][T30584] do_filp_open+0x20b/0x470 [ 1475.833427][T30584] ? __pfx_do_filp_open+0x10/0x10 [ 1475.833458][T30584] ? alloc_fd+0x471/0x7d0 [ 1475.833479][T30584] do_sys_openat2+0x11b/0x1d0 [ 1475.833500][T30584] ? __pfx_do_sys_openat2+0x10/0x10 [ 1475.833543][T30584] __x64_sys_openat+0x174/0x210 [ 1475.833557][T30584] ? __pfx___x64_sys_openat+0x10/0x10 [ 1475.833578][T30584] do_syscall_64+0xcd/0x4c0 [ 1475.833602][T30584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1475.833617][T30584] RIP: 0033:0x7f3cd2b8eba9 [ 1475.833630][T30584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1475.833644][T30584] RSP: 002b:00007f3cd3a72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1475.833659][T30584] RAX: ffffffffffffffda RBX: 00007f3cd2dd5fa0 RCX: 00007f3cd2b8eba9 [ 1475.833669][T30584] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 1475.833679][T30584] RBP: 00007f3cd2c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1475.833688][T30584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1475.833698][T30584] R13: 00007f3cd2dd6038 R14: 00007f3cd2dd5fa0 R15: 00007ffd7c9ddb68 [ 1475.833718][T30584] [ 1476.397824][T30574] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1476.404022][T30574] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1476.410257][T30574] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1476.416509][T30574] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1476.818331][T30598] FAULT_INJECTION: forcing a failure. [ 1476.818331][T30598] name failslab, interval 1, probability 0, space 0, times 0 [ 1476.868186][T30598] CPU: 0 UID: 0 PID: 30598 Comm: syz.1.4430 Tainted: G U syzkaller #0 PREEMPT(full) [ 1476.868232][T30598] Tainted: [U]=USER [ 1476.868241][T30598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1476.868258][T30598] Call Trace: [ 1476.868267][T30598] [ 1476.868278][T30598] dump_stack_lvl+0x16c/0x1f0 [ 1476.868321][T30598] should_fail_ex+0x512/0x640 [ 1476.868358][T30598] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 1476.868396][T30598] should_failslab+0xc2/0x120 [ 1476.868427][T30598] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 1476.868460][T30598] ? trace_kmem_cache_alloc+0x28/0xc0 [ 1476.868498][T30598] ? key_alloc+0x43e/0x1330 [ 1476.868539][T30598] kmemdup_noprof+0x29/0x60 [ 1476.868573][T30598] key_alloc+0x43e/0x1330 [ 1476.868616][T30598] ? trace_kmalloc+0x2b/0xd0 [ 1476.868650][T30598] ? __kmalloc_noprof+0x242/0x510 [ 1476.868680][T30598] ? __pfx_key_alloc+0x10/0x10 [ 1476.868728][T30598] ? aa_get_newest_label+0xd2/0x250 [ 1476.868765][T30598] keyring_alloc+0x44/0xc0 [ 1476.868807][T30598] lookup_user_key+0xa3f/0x1300 [ 1476.868846][T30598] ? __pfx_lookup_user_key+0x10/0x10 [ 1476.868878][T30598] ? find_held_lock+0x2b/0x80 [ 1476.868903][T30598] ? putname+0x154/0x1a0 [ 1476.868938][T30598] ? do_sys_openat2+0x1b0/0x1d0 [ 1476.868979][T30598] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1476.869028][T30598] keyctl_setperm_key+0x9d/0x3a0 [ 1476.869059][T30598] ? __pfx_keyctl_setperm_key+0x10/0x10 [ 1476.869089][T30598] ? xfd_validate_state+0x61/0x180 [ 1476.869134][T30598] __do_sys_keyctl+0x29a/0x590 [ 1476.869165][T30598] do_syscall_64+0xcd/0x4c0 [ 1476.869211][T30598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1476.869239][T30598] RIP: 0033:0x7f3cd2b8eba9 [ 1476.869263][T30598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1476.869289][T30598] RSP: 002b:00007f3cd3a72038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1476.869316][T30598] RAX: ffffffffffffffda RBX: 00007f3cd2dd5fa0 RCX: 00007f3cd2b8eba9 [ 1476.869335][T30598] RDX: 0000000000000107 RSI: ffffeffffffffffe RDI: 0000000000000005 [ 1476.869352][T30598] RBP: 00007f3cd2c11e19 R08: 000800000000000c R09: 0000000000000000 [ 1476.869369][T30598] R10: 0000000000000803 R11: 0000000000000246 R12: 0000000000000000 [ 1476.869386][T30598] R13: 00007f3cd2dd6038 R14: 00007f3cd2dd5fa0 R15: 00007ffd7c9ddb68 [ 1476.869422][T30598] [ 1477.109379][ C0] vkms_vblank_simulate: vblank timer overrun [ 1477.141476][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout [ 1477.453974][T30608] FAULT_INJECTION: forcing a failure. [ 1477.453974][T30608] name failslab, interval 1, probability 0, space 0, times 0 [ 1477.539731][T30608] CPU: 1 UID: 0 PID: 30608 Comm: syz.1.4435 Tainted: G U syzkaller #0 PREEMPT(full) [ 1477.539776][T30608] Tainted: [U]=USER [ 1477.539786][T30608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1477.539802][T30608] Call Trace: [ 1477.539812][T30608] [ 1477.539823][T30608] dump_stack_lvl+0x16c/0x1f0 [ 1477.539868][T30608] should_fail_ex+0x512/0x640 [ 1477.539907][T30608] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1477.539944][T30608] should_failslab+0xc2/0x120 [ 1477.539977][T30608] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1477.540009][T30608] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 1477.540050][T30608] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 1477.540091][T30608] radix_tree_insert+0x247/0x630 [ 1477.540132][T30608] qrtr_node_enqueue+0x1077/0x12e0 [ 1477.540166][T30608] ? __asan_memcpy+0x3c/0x60 [ 1477.540195][T30608] ? __pfx_qrtr_node_enqueue+0x10/0x10 [ 1477.540219][T30608] ? skb_set_owner_w+0x31f/0x710 [ 1477.540252][T30608] ? skb_copy_header+0x20/0x2b0 [ 1477.540286][T30608] ? __pfx_skb_set_owner_w+0x10/0x10 [ 1477.540319][T30608] ? __pskb_copy_fclone+0x48e/0xb50 [ 1477.540347][T30608] ? __pfx__copy_from_iter+0x10/0x10 [ 1477.540383][T30608] qrtr_bcast_enqueue+0xc7/0x1b0 [ 1477.540419][T30608] qrtr_sendmsg+0x444/0x7b0 [ 1477.540455][T30608] ? __pfx_qrtr_bcast_enqueue+0x10/0x10 [ 1477.540483][T30608] ? __pfx_qrtr_sendmsg+0x10/0x10 [ 1477.540515][T30608] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1477.540553][T30608] sock_write_iter+0x4fc/0x5b0 [ 1477.540585][T30608] ? __pfx_sock_write_iter+0x10/0x10 [ 1477.540628][T30608] ? __lock_acquire+0x62e/0x1ce0 [ 1477.540665][T30608] ? copy_iovec_from_user+0x131/0x170 [ 1477.540695][T30608] do_iter_readv_writev+0x65f/0x9e0 [ 1477.540728][T30608] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1477.540764][T30608] ? bpf_lsm_file_permission+0x9/0x10 [ 1477.540800][T30608] ? security_file_permission+0x71/0x210 [ 1477.540836][T30608] ? rw_verify_area+0xcf/0x6c0 [ 1477.540865][T30608] vfs_writev+0x35f/0xde0 [ 1477.540898][T30608] ? __lock_acquire+0x62e/0x1ce0 [ 1477.540934][T30608] ? __pfx_vfs_writev+0x10/0x10 [ 1477.540959][T30608] ? __mutex_lock+0x1c5/0x1060 [ 1477.541024][T30608] ? __fget_files+0x20e/0x3c0 [ 1477.541064][T30608] ? do_writev+0x28c/0x340 [ 1477.541089][T30608] do_writev+0x28c/0x340 [ 1477.541116][T30608] ? __pfx_do_writev+0x10/0x10 [ 1477.541157][T30608] do_syscall_64+0xcd/0x4c0 [ 1477.541197][T30608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1477.541224][T30608] RIP: 0033:0x7f3cd2b8eba9 [ 1477.541244][T30608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1477.541268][T30608] RSP: 002b:00007f3cd3a72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1477.541293][T30608] RAX: ffffffffffffffda RBX: 00007f3cd2dd5fa0 RCX: 00007f3cd2b8eba9 [ 1477.541310][T30608] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 1477.541326][T30608] RBP: 00007f3cd2c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1477.541340][T30608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1477.541354][T30608] R13: 00007f3cd2dd6038 R14: 00007f3cd2dd5fa0 R15: 00007ffd7c9ddb68 [ 1477.541384][T30608] [ 1477.898956][T30614] Invalid ELF header magic: != ELF [ 1478.484161][ T5865] Bluetooth: hci1: command 0x0c1a tx timeout [ 1478.490233][ T5865] Bluetooth: hci3: command 0x0c1a tx timeout [ 1478.496551][ T5865] Bluetooth: hci2: command 0x0c1a tx timeout [ 1479.358921][T30614] Process accounting resumed [ 1479.421814][T30644] TCP: TCP_TX_DELAY enabled [ 1479.630468][T30651] FAULT_INJECTION: forcing a failure. [ 1479.630468][T30651] name failslab, interval 1, probability 0, space 0, times 0 [ 1479.656814][T30651] CPU: 0 UID: 0 PID: 30651 Comm: syz.1.4443 Tainted: G U syzkaller #0 PREEMPT(full) [ 1479.656860][T30651] Tainted: [U]=USER [ 1479.656869][T30651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1479.656886][T30651] Call Trace: [ 1479.656896][T30651] [ 1479.656907][T30651] dump_stack_lvl+0x16c/0x1f0 [ 1479.656952][T30651] should_fail_ex+0x512/0x640 [ 1479.656989][T30651] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1479.657022][T30651] should_failslab+0xc2/0x120 [ 1479.657057][T30651] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1479.657082][T30651] ? vhost_net_open+0x28/0x8a0 [ 1479.657120][T30651] ? vhost_net_open+0x6e/0x8a0 [ 1479.657161][T30651] ? __pfx_vhost_net_open+0x10/0x10 [ 1479.657198][T30651] vhost_net_open+0x6e/0x8a0 [ 1479.657234][T30651] ? __pfx_vhost_net_open+0x10/0x10 [ 1479.657272][T30651] misc_open+0x35d/0x420 [ 1479.657304][T30651] ? __pfx_misc_open+0x10/0x10 [ 1479.657335][T30651] chrdev_open+0x234/0x6a0 [ 1479.657367][T30651] ? __pfx_apparmor_file_open+0x10/0x10 [ 1479.657397][T30651] ? __pfx_chrdev_open+0x10/0x10 [ 1479.657432][T30651] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1479.657470][T30651] do_dentry_open+0x982/0x1530 [ 1479.657513][T30651] ? __pfx_chrdev_open+0x10/0x10 [ 1479.657555][T30651] vfs_open+0x82/0x3f0 [ 1479.657598][T30651] path_openat+0x1de4/0x2cb0 [ 1479.657643][T30651] ? __pfx_path_openat+0x10/0x10 [ 1479.657682][T30651] do_filp_open+0x20b/0x470 [ 1479.657712][T30651] ? __pfx_do_filp_open+0x10/0x10 [ 1479.657765][T30651] ? alloc_fd+0x471/0x7d0 [ 1479.657804][T30651] do_sys_openat2+0x11b/0x1d0 [ 1479.657843][T30651] ? __pfx_do_sys_openat2+0x10/0x10 [ 1479.657884][T30651] ? do_fcntl+0x1eb/0x15a0 [ 1479.657929][T30651] __x64_sys_openat+0x174/0x210 [ 1479.657954][T30651] ? __pfx___x64_sys_openat+0x10/0x10 [ 1479.657995][T30651] do_syscall_64+0xcd/0x4c0 [ 1479.658036][T30651] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1479.658064][T30651] RIP: 0033:0x7f3cd2b8eba9 [ 1479.658087][T30651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1479.658116][T30651] RSP: 002b:00007f3cd3a51038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1479.658142][T30651] RAX: ffffffffffffffda RBX: 00007f3cd2dd6090 RCX: 00007f3cd2b8eba9 [ 1479.658161][T30651] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1479.658177][T30651] RBP: 00007f3cd2c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1479.658194][T30651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1479.658210][T30651] R13: 00007f3cd2dd6128 R14: 00007f3cd2dd6090 R15: 00007ffd7c9ddb68 [ 1479.658244][T30651] [ 1479.980416][T30653] input: f as /devices/virtual/input/input53 [ 1480.188065][T30657] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1480.434158][T30662] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1480.665885][T30662] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1480.789417][T30662] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1480.796333][T30662] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1481.348718][T30688] Invalid ELF header magic: != ELF [ 1482.513034][T13915] Bluetooth: hci0: command 0x0c1a tx timeout [ 1482.532978][T30698] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1482.702377][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1482.781507][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1482.861335][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1484.627777][T30726] Invalid ELF header magic: != ELF [ 1485.767390][T30755] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1485.776446][T30755] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1485.782704][T30755] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1485.825022][T30755] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1487.795543][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1487.801671][ T5865] Bluetooth: hci3: command 0x0c1a tx timeout [ 1487.805425][T29541] Bluetooth: hci0: command 0x0c1a tx timeout [ 1487.885087][T29541] Bluetooth: hci1: command 0x0c1a tx timeout [ 1488.734041][T30810] FAULT_INJECTION: forcing a failure. [ 1488.734041][T30810] name failslab, interval 1, probability 0, space 0, times 0 [ 1488.760557][T30810] CPU: 1 UID: 0 PID: 30810 Comm: syz.3.4482 Tainted: G U syzkaller #0 PREEMPT(full) [ 1488.760602][T30810] Tainted: [U]=USER [ 1488.760611][T30810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1488.760627][T30810] Call Trace: [ 1488.760637][T30810] [ 1488.760647][T30810] dump_stack_lvl+0x16c/0x1f0 [ 1488.760692][T30810] should_fail_ex+0x512/0x640 [ 1488.760730][T30810] ? __kmalloc_noprof+0xbf/0x510 [ 1488.760763][T30810] ? copy_splice_read+0x1a8/0xc20 [ 1488.760787][T30810] should_failslab+0xc2/0x120 [ 1488.760830][T30810] __kmalloc_noprof+0xd2/0x510 [ 1488.760870][T30810] copy_splice_read+0x1a8/0xc20 [ 1488.760899][T30810] ? __pfx_pipe_to_null+0x10/0x10 [ 1488.760943][T30810] ? __pfx_copy_splice_read+0x10/0x10 [ 1488.760968][T30810] ? pipe_unlock+0x4a/0x70 [ 1488.761000][T30810] ? __pfx_splice_from_pipe+0x10/0x10 [ 1488.761038][T30810] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1488.761076][T30810] ? __pfx_copy_splice_read+0x10/0x10 [ 1488.761102][T30810] do_splice_read+0x285/0x370 [ 1488.761134][T30810] splice_direct_to_actor+0x2a1/0xa30 [ 1488.761164][T30810] ? __pfx_direct_splice_actor+0x10/0x10 [ 1488.761200][T30810] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1488.761239][T30810] do_splice_direct+0x174/0x240 [ 1488.761267][T30810] ? __pfx_do_splice_direct+0x10/0x10 [ 1488.761296][T30810] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1488.761325][T30810] ? bpf_lsm_file_permission+0x9/0x10 [ 1488.761361][T30810] ? security_file_permission+0x71/0x210 [ 1488.761405][T30810] ? rw_verify_area+0xcf/0x6c0 [ 1488.761442][T30810] do_sendfile+0xb06/0xe50 [ 1488.761479][T30810] ? __pfx_do_sendfile+0x10/0x10 [ 1488.761512][T30810] ? __x64_sys_futex+0x1e0/0x4c0 [ 1488.761545][T30810] ? __x64_sys_futex+0x1e9/0x4c0 [ 1488.761584][T30810] __x64_sys_sendfile64+0x1d8/0x220 [ 1488.761621][T30810] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1488.761667][T30810] do_syscall_64+0xcd/0x4c0 [ 1488.761708][T30810] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1488.761735][T30810] RIP: 0033:0x7f4f5e18eba9 [ 1488.761758][T30810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1488.761786][T30810] RSP: 002b:00007f4f5c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1488.761821][T30810] RAX: ffffffffffffffda RBX: 00007f4f5e3d6090 RCX: 00007f4f5e18eba9 [ 1488.761840][T30810] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005 [ 1488.761857][T30810] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1488.761875][T30810] R10: 0010000800000003 R11: 0000000000000246 R12: 0000000000000000 [ 1488.761892][T30810] R13: 00007f4f5e3d6128 R14: 00007f4f5e3d6090 R15: 00007ffc7f9b40f8 [ 1488.761928][T30810] [ 1489.290393][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1489.296875][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1489.614138][T30809] Invalid ELF header magic: != ELF [ 1489.732863][T30824] netlink: 342 bytes leftover after parsing attributes in process `syz.0.4485'. [ 1489.875935][T30823] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1489.999433][T30823] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1490.015599][T30823] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1490.129873][T30823] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1491.934374][T29541] Bluetooth: hci0: command 0x0c1a tx timeout [ 1492.015102][T29541] Bluetooth: hci2: command 0x0c1a tx timeout [ 1492.021170][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1492.172940][T29541] Bluetooth: hci1: command 0x0c1a tx timeout [ 1492.839705][T30873] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1492.845996][T30873] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1492.853783][T30873] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1492.860263][T30873] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1493.436464][T30890] FAULT_INJECTION: forcing a failure. [ 1493.436464][T30890] name failslab, interval 1, probability 0, space 0, times 0 [ 1493.454174][T30890] CPU: 1 UID: 0 PID: 30890 Comm: syz.3.4501 Tainted: G U syzkaller #0 PREEMPT(full) [ 1493.454223][T30890] Tainted: [U]=USER [ 1493.454229][T30890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1493.454238][T30890] Call Trace: [ 1493.454245][T30890] [ 1493.454252][T30890] dump_stack_lvl+0x16c/0x1f0 [ 1493.454279][T30890] should_fail_ex+0x512/0x640 [ 1493.454305][T30890] should_failslab+0xc2/0x120 [ 1493.454325][T30890] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1493.454341][T30890] ? sctp_inet6addr_event+0x47d/0x910 [ 1493.454368][T30890] sctp_inet6addr_event+0x47d/0x910 [ 1493.454393][T30890] ? ieee80211_ifa6_changed+0xe5/0x430 [ 1493.454417][T30890] notifier_call_chain+0xb9/0x410 [ 1493.454441][T30890] ? __pfx_sctp_inet6addr_event+0x10/0x10 [ 1493.454467][T30890] atomic_notifier_call_chain+0x71/0x1c0 [ 1493.454488][T30890] ipv6_add_addr+0x1388/0x1fe0 [ 1493.454512][T30890] ? __pfx_ipv6_add_addr+0x10/0x10 [ 1493.454535][T30890] ? add_addr+0xde/0x350 [ 1493.454549][T30890] add_addr+0xde/0x350 [ 1493.454565][T30890] ? __pfx_add_addr+0x10/0x10 [ 1493.454591][T30890] add_v4_addrs+0x642/0x980 [ 1493.454606][T30890] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1493.454632][T30890] ? __pfx_add_v4_addrs+0x10/0x10 [ 1493.454655][T30890] ? addrconf_init_auto_addrs+0x353/0x810 [ 1493.454671][T30890] addrconf_init_auto_addrs+0x353/0x810 [ 1493.454688][T30890] addrconf_sysctl_addr_gen_mode+0x7ee/0xe50 [ 1493.454709][T30890] ? __pfx_addrconf_sysctl_addr_gen_mode+0x10/0x10 [ 1493.454733][T30890] ? __pfx_net_ctl_permissions+0x10/0x10 [ 1493.454746][T30890] ? proc_sys_call_handler+0x281/0x570 [ 1493.454771][T30890] proc_sys_call_handler+0x43d/0x570 [ 1493.454793][T30890] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 1493.454819][T30890] vfs_write+0x7d3/0x11d0 [ 1493.454837][T30890] ? __pfx_proc_sys_write+0x10/0x10 [ 1493.454857][T30890] ? __pfx___mutex_lock+0x10/0x10 [ 1493.454878][T30890] ? __pfx_vfs_write+0x10/0x10 [ 1493.454908][T30890] ksys_write+0x12a/0x250 [ 1493.454924][T30890] ? __pfx_ksys_write+0x10/0x10 [ 1493.454947][T30890] do_syscall_64+0xcd/0x4c0 [ 1493.454970][T30890] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1493.454985][T30890] RIP: 0033:0x7f4f5e18eba9 [ 1493.454998][T30890] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1493.455013][T30890] RSP: 002b:00007f4f5c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1493.455027][T30890] RAX: ffffffffffffffda RBX: 00007f4f5e3d6090 RCX: 00007f4f5e18eba9 [ 1493.455037][T30890] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000006 [ 1493.455046][T30890] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1493.455055][T30890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1493.455065][T30890] R13: 00007f4f5e3d6128 R14: 00007f4f5e3d6090 R15: 00007ffc7f9b40f8 [ 1493.455087][T30890] [ 1494.908739][T29541] Bluetooth: hci1: command 0x0c1a tx timeout [ 1494.915823][T29541] Bluetooth: hci2: command 0x0c1a tx timeout [ 1494.922418][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1494.928504][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout [ 1495.688635][T30916] erspan0: entered allmulticast mode [ 1496.035958][T30924] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1496.046250][T30924] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1496.066676][T30924] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1496.092463][T30924] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1496.624139][T30943] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4515'. [ 1496.706967][T30944] FAULT_INJECTION: forcing a failure. [ 1496.706967][T30944] name failslab, interval 1, probability 0, space 0, times 0 [ 1496.846141][T30944] CPU: 0 UID: 0 PID: 30944 Comm: syz.3.4516 Tainted: G U syzkaller #0 PREEMPT(full) [ 1496.846183][T30944] Tainted: [U]=USER [ 1496.846191][T30944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1496.846207][T30944] Call Trace: [ 1496.846215][T30944] [ 1496.846226][T30944] dump_stack_lvl+0x16c/0x1f0 [ 1496.846265][T30944] should_fail_ex+0x512/0x640 [ 1496.846303][T30944] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1496.846330][T30944] should_failslab+0xc2/0x120 [ 1496.846361][T30944] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1496.846383][T30944] ? mem_cgroup_css_alloc+0xdc/0x1e80 [ 1496.846409][T30944] ? mem_cgroup_css_alloc+0x83a/0x1e80 [ 1496.846446][T30944] mem_cgroup_css_alloc+0x83a/0x1e80 [ 1496.846484][T30944] cgroup_apply_control_enable+0x4b0/0xbb0 [ 1496.846533][T30944] cgroup_mkdir+0x5e7/0x11f0 [ 1496.846598][T30944] ? __pfx_cgroup_mkdir+0x10/0x10 [ 1496.846638][T30944] kernfs_iop_mkdir+0x10e/0x190 [ 1496.846672][T30944] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 1496.846705][T30944] vfs_mkdir+0x593/0x8c0 [ 1496.846735][T30944] do_mkdirat+0x304/0x3e0 [ 1496.846766][T30944] ? __pfx_do_mkdirat+0x10/0x10 [ 1496.846798][T30944] ? getname_flags.part.0+0x1c5/0x550 [ 1496.846835][T30944] __x64_sys_mkdir+0xef/0x140 [ 1496.846865][T30944] do_syscall_64+0xcd/0x4c0 [ 1496.846902][T30944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1496.846926][T30944] RIP: 0033:0x7f4f5e18eba9 [ 1496.846948][T30944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1496.846974][T30944] RSP: 002b:00007f4f5ef46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 1496.847012][T30944] RAX: ffffffffffffffda RBX: 00007f4f5e3d5fa0 RCX: 00007f4f5e18eba9 [ 1496.847028][T30944] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 1496.847042][T30944] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1496.847055][T30944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1496.847068][T30944] R13: 00007f4f5e3d6038 R14: 00007f4f5e3d5fa0 R15: 00007ffc7f9b40f8 [ 1496.847101][T30944] [ 1497.181685][T30951] FAULT_INJECTION: forcing a failure. [ 1497.181685][T30951] name failslab, interval 1, probability 0, space 0, times 0 [ 1497.356769][T30951] CPU: 0 UID: 0 PID: 30951 Comm: syz.1.4519 Tainted: G U syzkaller #0 PREEMPT(full) [ 1497.356815][T30951] Tainted: [U]=USER [ 1497.356824][T30951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1497.356841][T30951] Call Trace: [ 1497.356851][T30951] [ 1497.356862][T30951] dump_stack_lvl+0x16c/0x1f0 [ 1497.356907][T30951] should_fail_ex+0x512/0x640 [ 1497.356945][T30951] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1497.356980][T30951] should_failslab+0xc2/0x120 [ 1497.357014][T30951] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1497.357046][T30951] ? __d_alloc+0x32/0xae0 [ 1497.357084][T30951] __d_alloc+0x32/0xae0 [ 1497.357110][T30951] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 1497.357140][T30951] ? security_inode_alloc+0x3b/0x2b0 [ 1497.357172][T30951] d_alloc_parallel+0x111/0x1480 [ 1497.357212][T30951] ? do_syscall_64+0xcd/0x4c0 [ 1497.357248][T30951] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1497.357291][T30951] ? __lock_acquire+0xb97/0x1ce0 [ 1497.357326][T30951] ? __pfx_d_alloc_parallel+0x10/0x10 [ 1497.357379][T30951] ? lockdep_init_map_type+0x5c/0x280 [ 1497.357416][T30951] ? lockdep_init_map_type+0x5c/0x280 [ 1497.357456][T30951] __lookup_slow+0x193/0x460 [ 1497.357495][T30951] ? __pfx___lookup_slow+0x10/0x10 [ 1497.357538][T30951] ? perf_trace_mm_compaction_suitable_template+0x120/0x5e0 [ 1497.357584][T30951] ? perf_trace_mm_compaction_suitable_template+0x120/0x5e0 [ 1497.357622][T30951] ? d_lookup+0xe7/0x190 [ 1497.357665][T30951] lookup_noperm+0xe1/0x110 [ 1497.357704][T30951] simple_start_creating+0xd1/0x1b0 [ 1497.357734][T30951] rpc_new_dir+0x27/0x440 [ 1497.357766][T30951] rpc_populate.constprop.0+0x51/0x1d0 [ 1497.357795][T30951] ? d_instantiate+0x77/0x90 [ 1497.357826][T30951] ? __pfx_rpc_fill_super+0x10/0x10 [ 1497.357853][T30951] rpc_fill_super+0x2b9/0x4f0 [ 1497.357884][T30951] ? __pfx_rpc_fill_super+0x10/0x10 [ 1497.357908][T30951] get_tree_keyed+0x10e/0x1d0 [ 1497.357938][T30951] vfs_get_tree+0x8e/0x340 [ 1497.357962][T30951] vfs_cmd_create+0xd7/0x2a0 [ 1497.357995][T30951] __do_sys_fsconfig+0x7b8/0xbe0 [ 1497.358027][T30951] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 1497.358078][T30951] do_syscall_64+0xcd/0x4c0 [ 1497.358117][T30951] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1497.358142][T30951] RIP: 0033:0x7f3cd2b8eba9 [ 1497.358163][T30951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1497.358188][T30951] RSP: 002b:00007f3cd3a72038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 1497.358211][T30951] RAX: ffffffffffffffda RBX: 00007f3cd2dd5fa0 RCX: 00007f3cd2b8eba9 [ 1497.358227][T30951] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 1497.358243][T30951] RBP: 00007f3cd2c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1497.358257][T30951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1497.358280][T30951] R13: 00007f3cd2dd6038 R14: 00007f3cd2dd5fa0 R15: 00007ffd7c9ddb68 [ 1497.358313][T30951] [ 1497.358532][T30951] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 1497.416550][T13915] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 1498.062321][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1498.068538][T29541] Bluetooth: hci3: command 0x0c1a tx timeout [ 1498.074867][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1498.143500][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1499.726392][T30968] Process accounting resumed [ 1500.441221][T31004] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1500.447323][T31004] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1500.469976][T31004] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1500.533578][T31004] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 1500.643331][T31004] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1501.049943][T31019] Invalid ELF header magic: != ELF [ 1502.132741][T31038] random: crng reseeded on system resumption [ 1502.450785][T31040] Unrecognized hibernate image header format! [ 1502.518963][T31040] PM: hibernation: Image mismatch: architecture specific data [ 1502.542182][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1502.542215][T24217] Bluetooth: hci3: command 0x0c1a tx timeout [ 1502.548232][T13915] Bluetooth: hci0: command 0x0c1a tx timeout [ 1502.678087][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1504.159530][T31068] Process accounting paused [ 1504.593025][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1505.683657][T31113] netlink: 330 bytes leftover after parsing attributes in process `syz.0.4545'. [ 1505.694859][T31113] \: renamed from lo (while UP) [ 1505.969778][T31103] kexec: Could not allocate control_code_buffer [ 1506.520968][T31126] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4547'. [ 1506.937037][T31134] netlink: 29 bytes leftover after parsing attributes in process `syz.1.4549'. [ 1507.067546][T31109] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4544'. [ 1507.342276][T31138] MTRR 1 not used [ 1507.764131][T31140] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1507.783762][T31140] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1507.818293][T31140] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1507.834794][T31140] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1508.592970][T31161] FAULT_INJECTION: forcing a failure. [ 1508.592970][T31161] name failslab, interval 1, probability 0, space 0, times 0 [ 1508.627224][T31161] CPU: 1 UID: 0 PID: 31161 Comm: syz.2.4554 Tainted: G U syzkaller #0 PREEMPT(full) [ 1508.627251][T31161] Tainted: [U]=USER [ 1508.627256][T31161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1508.627266][T31161] Call Trace: [ 1508.627273][T31161] [ 1508.627279][T31161] dump_stack_lvl+0x16c/0x1f0 [ 1508.627317][T31161] should_fail_ex+0x512/0x640 [ 1508.627341][T31161] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1508.627363][T31161] should_failslab+0xc2/0x120 [ 1508.627383][T31161] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1508.627400][T31161] ? inode_set_ctime_current+0x2a1/0x8f0 [ 1508.627420][T31161] ? __d_alloc+0x32/0xae0 [ 1508.627440][T31161] __d_alloc+0x32/0xae0 [ 1508.627459][T31161] d_alloc_pseudo+0x1c/0xc0 [ 1508.627481][T31161] alloc_file_pseudo+0xcf/0x230 [ 1508.627503][T31161] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 1508.627526][T31161] ? hugetlbfs_get_inode+0x31f/0x730 [ 1508.627544][T31161] hugetlb_file_setup+0x4ce/0x620 [ 1508.627561][T31161] ksys_mmap_pgoff+0x189/0x5c0 [ 1508.627585][T31161] __x64_sys_mmap+0x125/0x190 [ 1508.627609][T31161] do_syscall_64+0xcd/0x4c0 [ 1508.627633][T31161] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1508.627648][T31161] RIP: 0033:0x7fc35238eba9 [ 1508.627661][T31161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1508.627675][T31161] RSP: 002b:00007fc3531f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1508.627689][T31161] RAX: ffffffffffffffda RBX: 00007fc3525d5fa0 RCX: 00007fc35238eba9 [ 1508.627699][T31161] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 1508.627708][T31161] RBP: 00007fc352411e19 R08: 0000000000000401 R09: 0000300000000000 [ 1508.627717][T31161] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1508.627726][T31161] R13: 00007fc3525d6038 R14: 00007fc3525d5fa0 R15: 00007fff4075d2f8 [ 1508.627745][T31161] [ 1509.274726][T31143] Process accounting paused [ 1509.538846][T31164] FAULT_INJECTION: forcing a failure. [ 1509.538846][T31164] name failslab, interval 1, probability 0, space 0, times 0 [ 1509.665144][T31164] CPU: 1 UID: 0 PID: 31164 Comm: syz.2.4556 Tainted: G U syzkaller #0 PREEMPT(full) [ 1509.665188][T31164] Tainted: [U]=USER [ 1509.665198][T31164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1509.665214][T31164] Call Trace: [ 1509.665223][T31164] [ 1509.665233][T31164] dump_stack_lvl+0x16c/0x1f0 [ 1509.665277][T31164] should_fail_ex+0x512/0x640 [ 1509.665315][T31164] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1509.665348][T31164] should_failslab+0xc2/0x120 [ 1509.665382][T31164] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1509.665411][T31164] ? apply_subsystem_event_filter+0x567/0x17e0 [ 1509.665452][T31164] apply_subsystem_event_filter+0x567/0x17e0 [ 1509.665498][T31164] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 1509.665540][T31164] ? _copy_from_user+0x59/0xd0 [ 1509.665572][T31164] subsystem_filter_write+0x95/0x120 [ 1509.665608][T31164] ? __pfx_subsystem_filter_write+0x10/0x10 [ 1509.665639][T31164] vfs_write+0x2a0/0x11d0 [ 1509.665677][T31164] ? __pfx___mutex_lock+0x10/0x10 [ 1509.665716][T31164] ? __pfx_vfs_write+0x10/0x10 [ 1509.665757][T31164] ? __fget_files+0x20e/0x3c0 [ 1509.665797][T31164] ksys_write+0x12a/0x250 [ 1509.665826][T31164] ? __pfx_ksys_write+0x10/0x10 [ 1509.665868][T31164] do_syscall_64+0xcd/0x4c0 [ 1509.665909][T31164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1509.665935][T31164] RIP: 0033:0x7fc35238eba9 [ 1509.665957][T31164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1509.665991][T31164] RSP: 002b:00007fc3531f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1509.666019][T31164] RAX: ffffffffffffffda RBX: 00007fc3525d5fa0 RCX: 00007fc35238eba9 [ 1509.666040][T31164] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 1509.666058][T31164] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1509.666075][T31164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1509.666091][T31164] R13: 00007fc3525d6038 R14: 00007fc3525d5fa0 R15: 00007fff4075d2f8 [ 1509.666128][T31164] [ 1509.877625][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1509.883804][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1509.890223][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1509.896707][T24217] Bluetooth: hci3: command 0x0c1a tx timeout [ 1510.607290][T31195] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4570'. [ 1510.724930][T31188] Invalid ELF header magic: != ELF [ 1511.932658][T31208] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1512.021686][T31208] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1512.031752][T31208] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1512.037919][T31208] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1513.088496][T31224] Invalid ELF header magic: != ELF [ 1513.989037][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1514.074032][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1514.080348][T29541] Bluetooth: hci2: command 0x0c1a tx timeout [ 1514.086429][T29541] Bluetooth: hci3: command 0x0c1a tx timeout [ 1514.385321][T31256] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1514.439379][T29541] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 1514.834359][T31268] FAULT_INJECTION: forcing a failure. [ 1514.834359][T31268] name failslab, interval 1, probability 0, space 0, times 0 [ 1514.863165][T31268] CPU: 1 UID: 0 PID: 31268 Comm: syz.2.4575 Tainted: G U syzkaller #0 PREEMPT(full) [ 1514.863212][T31268] Tainted: [U]=USER [ 1514.863223][T31268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1514.863240][T31268] Call Trace: [ 1514.863249][T31268] [ 1514.863260][T31268] dump_stack_lvl+0x16c/0x1f0 [ 1514.863305][T31268] should_fail_ex+0x512/0x640 [ 1514.863344][T31268] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 1514.863382][T31268] should_failslab+0xc2/0x120 [ 1514.863416][T31268] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 1514.863451][T31268] ? sock_alloc_inode+0x25/0x1c0 [ 1514.863483][T31268] ? __pfx_sock_alloc_inode+0x10/0x10 [ 1514.863515][T31268] sock_alloc_inode+0x25/0x1c0 [ 1514.863543][T31268] alloc_inode+0x64/0x240 [ 1514.863583][T31268] sock_alloc+0x40/0x280 [ 1514.863621][T31268] __sock_create+0xc1/0x8d0 [ 1514.863658][T31268] __sys_socket+0x14d/0x260 [ 1514.863692][T31268] ? __pfx___sys_socket+0x10/0x10 [ 1514.863724][T31268] ? xfd_validate_state+0x61/0x180 [ 1514.863760][T31268] ? __pfx___do_sys_close_range+0x10/0x10 [ 1514.863797][T31268] __x64_sys_socket+0x72/0xb0 [ 1514.863826][T31268] ? lockdep_hardirqs_on+0x7c/0x110 [ 1514.863862][T31268] do_syscall_64+0xcd/0x4c0 [ 1514.863903][T31268] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1514.863930][T31268] RIP: 0033:0x7fc35238eba9 [ 1514.863953][T31268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1514.863978][T31268] RSP: 002b:00007fc3531b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 1514.864004][T31268] RAX: ffffffffffffffda RBX: 00007fc3525d6180 RCX: 00007fc35238eba9 [ 1514.864023][T31268] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 1514.864044][T31268] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1514.864061][T31268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1514.864077][T31268] R13: 00007fc3525d6218 R14: 00007fc3525d6180 R15: 00007fff4075d2f8 [ 1514.864113][T31268] [ 1515.016620][T31268] socket: no more sockets [ 1515.758959][T31279] __vm_enough_memory: pid: 31279, comm: syz.0.4577, bytes: 4398046511104 not enough memory for the allocation [ 1516.468909][T31290] Invalid ELF header magic: != ELF [ 1518.089542][T31318] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1518.108918][T31318] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1518.168368][T31318] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1518.218669][T31318] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1518.224865][T31318] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1519.765873][T31342] netlink: 296 bytes leftover after parsing attributes in process `syz.1.4588'. [ 1520.109040][T29541] Bluetooth: hci0: command 0x0c1a tx timeout [ 1520.176483][T31349] Invalid ELF header magic: != ELF [ 1520.202458][T29541] Bluetooth: hci3: command 0x0c1a tx timeout [ 1520.267043][T29541] Bluetooth: hci1: command 0x0c1a tx timeout [ 1520.267282][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1521.125888][T31363] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4591'. [ 1521.670832][T31379] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4594'. [ 1522.176792][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1522.247834][T31382] writing to auto_msgmni has no effect [ 1523.284130][T31405] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1523.336869][T31405] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1523.398747][T31405] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1523.418578][T31405] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1523.564327][T31415] Invalid ELF header magic: != ELF [ 1524.707169][T31422] Invalid ELF header magic: != ELF [ 1525.280645][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1525.360183][T24217] Bluetooth: hci3: command 0x0c1a tx timeout [ 1525.439939][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1525.444754][T29541] Bluetooth: hci2: command 0x0c1a tx timeout [ 1528.056956][T31471] Invalid ELF header magic: != ELF [ 1529.549739][T31491] Invalid ELF header magic: != ELF [ 1529.729491][T31471] Process accounting paused [ 1530.492213][T31513] Invalid ELF header magic: != ELF [ 1534.065015][T31566] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1534.102809][T31566] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1534.148255][T31566] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1534.237874][T31566] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1534.843051][T31575] Invalid ELF header magic: != ELF [ 1535.129455][T31591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 1535.229028][T31591] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1535.306309][T31591] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 1535.333350][T31591] page_type: f5(slab) [ 1535.337401][T31591] raw: 00fff00000000040 ffff88801b842140 ffffea0000d24200 dead000000000002 [ 1535.437942][T31591] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 1535.454559][T31591] head: 00fff00000000040 ffff88801b842140 ffffea0000d24200 dead000000000002 [ 1535.464431][T31591] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 1535.485218][T31591] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 1535.608876][T31591] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 1535.721861][T31591] page dumped because: unmovable page [ 1535.738107][T31591] page_owner tracks the page as allocated [ 1535.782986][T31591] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5241, tgid 5241 (udevd), ts 37248573676, free_ts 29883520796 [ 1535.852449][T31591] post_alloc_hook+0x1c0/0x230 [ 1535.861360][T31591] get_page_from_freelist+0x132b/0x38e0 [ 1535.875564][T31591] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1535.893574][T31591] alloc_pages_mpol+0x1fb/0x550 [ 1535.963160][T31591] new_slab+0x247/0x330 [ 1535.994755][T31591] ___slab_alloc+0xcf2/0x1750 [ 1536.010182][T31591] __slab_alloc.constprop.0+0x56/0xb0 [ 1536.021528][T31591] __kmalloc_noprof+0x2f2/0x510 [ 1536.043382][T31591] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1536.104527][T29541] Bluetooth: hci3: command 0x0c1a tx timeout [ 1536.104541][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1536.129519][T31591] tomoyo_path_perm+0x274/0x460 [ 1536.188436][T29541] Bluetooth: hci2: command 0x0c1a tx timeout [ 1536.201482][T31591] security_inode_getattr+0x116/0x290 [ 1536.220403][T31591] vfs_statx+0x121/0x3f0 [ 1536.244683][T31591] vfs_fstatat+0x7b/0xf0 [ 1536.248996][T31591] __do_sys_newfstatat+0x97/0x120 [ 1536.263729][T29541] Bluetooth: hci1: command 0x0c1a tx timeout [ 1536.282407][T31591] do_syscall_64+0xcd/0x4c0 [ 1536.297268][T31591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1536.317456][T31591] page last free pid 1 tgid 1 stack trace: [ 1536.336753][T31591] __free_frozen_pages+0x7d5/0x10f0 [ 1536.352283][T31591] free_contig_range+0x183/0x4b0 [ 1536.368671][T31591] destroy_args+0x794/0xc10 [ 1536.385602][T31591] debug_vm_pgtable+0x1a32/0x3640 [ 1536.402235][T31591] do_one_initcall+0x120/0x6e0 [ 1536.417549][T31591] kernel_init_freeable+0x5c2/0x910 [ 1536.425487][T31570] Process accounting resumed [ 1536.436332][T31591] kernel_init+0x1c/0x2b0 [ 1536.452691][T31591] ret_from_fork+0x56d/0x730 [ 1536.468822][T31591] ret_from_fork_asm+0x1a/0x30 [ 1538.072709][T31632] Invalid ELF header magic: != ELF [ 1539.275094][T31662] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4646'. [ 1539.845664][T31675] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1539.858195][T31675] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1539.890607][T31675] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1539.909382][T31675] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1539.976144][T31659] Process accounting resumed [ 1541.916588][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1541.916649][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1541.916700][T13915] Bluetooth: hci0: command 0x0c1a tx timeout [ 1541.923107][T29541] Bluetooth: hci1: command 0x0c1a tx timeout [ 1542.046116][T31721] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4657'. [ 1542.262485][T31715] netlink: zone id is out of range [ 1542.267638][T31715] netlink: zone id is out of range [ 1542.544123][T31715] netlink: zone id is out of range [ 1542.603557][T31715] netlink: zone id is out of range [ 1542.776781][T31715] netlink: zone id is out of range [ 1542.839250][T31715] netlink: zone id is out of range [ 1542.844559][T31715] netlink: zone id is out of range [ 1542.850167][T31715] netlink: zone id is out of range [ 1542.855654][T31715] netlink: zone id is out of range [ 1542.861265][T31715] netlink: zone id is out of range [ 1543.692329][T31741] FAULT_INJECTION: forcing a failure. [ 1543.692329][T31741] name failslab, interval 1, probability 0, space 0, times 0 [ 1543.721154][T31741] CPU: 0 UID: 0 PID: 31741 Comm: syz.3.4663 Tainted: G U syzkaller #0 PREEMPT(full) [ 1543.721200][T31741] Tainted: [U]=USER [ 1543.721209][T31741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1543.721226][T31741] Call Trace: [ 1543.721237][T31741] [ 1543.721249][T31741] dump_stack_lvl+0x16c/0x1f0 [ 1543.721292][T31741] should_fail_ex+0x512/0x640 [ 1543.721330][T31741] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1543.721366][T31741] should_failslab+0xc2/0x120 [ 1543.721399][T31741] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1543.721431][T31741] ? seq_open+0x55/0x170 [ 1543.721478][T31741] ? __pfx_cmdline_proc_show+0x10/0x10 [ 1543.721507][T31741] seq_open+0x55/0x170 [ 1543.721541][T31741] ? __pfx_cmdline_proc_show+0x10/0x10 [ 1543.721567][T31741] single_open+0xfc/0x1f0 [ 1543.721596][T31741] ? __pfx_proc_single_open+0x10/0x10 [ 1543.721631][T31741] proc_reg_open+0x137/0x5f0 [ 1543.721665][T31741] do_dentry_open+0x982/0x1530 [ 1543.721697][T31741] ? __pfx_proc_reg_open+0x10/0x10 [ 1543.721736][T31741] vfs_open+0x82/0x3f0 [ 1543.721776][T31741] path_openat+0x1de4/0x2cb0 [ 1543.721818][T31741] ? __pfx_path_openat+0x10/0x10 [ 1543.721858][T31741] do_filp_open+0x20b/0x470 [ 1543.721888][T31741] ? __pfx_do_filp_open+0x10/0x10 [ 1543.721943][T31741] ? alloc_fd+0x471/0x7d0 [ 1543.721980][T31741] do_sys_openat2+0x11b/0x1d0 [ 1543.722017][T31741] ? __pfx_do_sys_openat2+0x10/0x10 [ 1543.722052][T31741] ? __fget_files+0x204/0x3c0 [ 1543.722092][T31741] __x64_sys_openat+0x174/0x210 [ 1543.722116][T31741] ? __pfx___x64_sys_openat+0x10/0x10 [ 1543.722153][T31741] do_syscall_64+0xcd/0x4c0 [ 1543.722192][T31741] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1543.722217][T31741] RIP: 0033:0x7f4f5e18eba9 [ 1543.722238][T31741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1543.722266][T31741] RSP: 002b:00007f4f5c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1543.722293][T31741] RAX: ffffffffffffffda RBX: 00007f4f5e3d6090 RCX: 00007f4f5e18eba9 [ 1543.722311][T31741] RDX: 0000000000008401 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1543.722328][T31741] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1543.722344][T31741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1543.722360][T31741] R13: 00007f4f5e3d6128 R14: 00007f4f5e3d6090 R15: 00007ffc7f9b40f8 [ 1543.722392][T31741] [ 1547.166434][T31802] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4673'. [ 1547.252431][T31802] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4673'. [ 1548.310768][ T30] audit: type=1804 audit(6442455749.033:34): pid=31820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.4677" name="/newroot/sys/kernel/tracing/buffer_percent" dev="tracefs" ino=235 res=1 errno=0 [ 1548.499983][T31822] FAULT_INJECTION: forcing a failure. [ 1548.499983][T31822] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1548.531842][T31822] CPU: 0 UID: 0 PID: 31822 Comm: syz.1.4677 Tainted: G U syzkaller #0 PREEMPT(full) [ 1548.531889][T31822] Tainted: [U]=USER [ 1548.531900][T31822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1548.531917][T31822] Call Trace: [ 1548.531928][T31822] [ 1548.531939][T31822] dump_stack_lvl+0x16c/0x1f0 [ 1548.531985][T31822] should_fail_ex+0x512/0x640 [ 1548.532030][T31822] get_futex_key+0x1d0/0x1560 [ 1548.532068][T31822] ? __pfx_get_futex_key+0x10/0x10 [ 1548.532098][T31822] ? __pfx___schedule+0x10/0x10 [ 1548.532135][T31822] ? do_raw_spin_unlock+0x172/0x230 [ 1548.532178][T31822] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1548.532219][T31822] futex_wait_setup+0x9d/0x550 [ 1548.532268][T31822] __futex_wait+0x194/0x2f0 [ 1548.532308][T31822] ? __pfx___futex_wait+0x10/0x10 [ 1548.532394][T31822] ? __pfx_futex_wake_mark+0x10/0x10 [ 1548.532440][T31822] ? futex_private_hash_put+0x176/0x300 [ 1548.532478][T31822] ? futex_private_hash_put+0x18a/0x300 [ 1548.532515][T31822] futex_wait+0xe8/0x380 [ 1548.532552][T31822] ? __pfx_futex_wait+0x10/0x10 [ 1548.532611][T31822] do_futex+0x229/0x350 [ 1548.532644][T31822] ? __pfx_do_futex+0x10/0x10 [ 1548.532681][T31822] ? __pfx___might_resched+0x10/0x10 [ 1548.532712][T31822] __x64_sys_futex+0x1e0/0x4c0 [ 1548.532747][T31822] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 1548.532785][T31822] ? __pfx___x64_sys_futex+0x10/0x10 [ 1548.532819][T31822] ? __pfx___do_sys_close_range+0x10/0x10 [ 1548.532866][T31822] do_syscall_64+0xcd/0x4c0 [ 1548.532908][T31822] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1548.532937][T31822] RIP: 0033:0x7f3cd2b8eba9 [ 1548.532960][T31822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1548.532986][T31822] RSP: 002b:00007f3cd3a300e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1548.533013][T31822] RAX: ffffffffffffffda RBX: 00007f3cd2dd6188 RCX: 00007f3cd2b8eba9 [ 1548.533032][T31822] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3cd2dd6188 [ 1548.533050][T31822] RBP: 00007f3cd2dd6180 R08: 0000000000000000 R09: 0000000000000000 [ 1548.533067][T31822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1548.533083][T31822] R13: 00007f3cd2dd6218 R14: 00007ffd7c9dda80 R15: 00007ffd7c9ddb68 [ 1548.533119][T31822] [ 1549.506277][T31834] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1550.129934][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1550.144612][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1551.902568][T31865] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1552.067382][T31865] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1552.076503][T31865] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1552.104843][T31865] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1552.564366][T31887] FAULT_INJECTION: forcing a failure. [ 1552.564366][T31887] name failslab, interval 1, probability 0, space 0, times 0 [ 1552.674409][T31887] CPU: 1 UID: 0 PID: 31887 Comm: syz.3.4687 Tainted: G U syzkaller #0 PREEMPT(full) [ 1552.674456][T31887] Tainted: [U]=USER [ 1552.674465][T31887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1552.674480][T31887] Call Trace: [ 1552.674493][T31887] [ 1552.674506][T31887] dump_stack_lvl+0x16c/0x1f0 [ 1552.674555][T31887] should_fail_ex+0x512/0x640 [ 1552.674595][T31887] ? __kmalloc_noprof+0xbf/0x510 [ 1552.674627][T31887] ? __seq_open_private+0x22/0xd0 [ 1552.674661][T31887] should_failslab+0xc2/0x120 [ 1552.674694][T31887] __kmalloc_noprof+0xd2/0x510 [ 1552.674733][T31887] ? __pfx_sc_fop_open+0x10/0x10 [ 1552.674771][T31887] __seq_open_private+0x22/0xd0 [ 1552.674811][T31887] sc_common_open+0x6b/0x200 [ 1552.674850][T31887] full_proxy_open_regular+0x1b6/0x360 [ 1552.674883][T31887] do_dentry_open+0x982/0x1530 [ 1552.674916][T31887] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1552.674951][T31887] vfs_open+0x82/0x3f0 [ 1552.674993][T31887] path_openat+0x1de4/0x2cb0 [ 1552.675131][T31887] ? __pfx_path_openat+0x10/0x10 [ 1552.675170][T31887] do_filp_open+0x20b/0x470 [ 1552.675199][T31887] ? __pfx_do_filp_open+0x10/0x10 [ 1552.675259][T31887] ? alloc_fd+0x471/0x7d0 [ 1552.675300][T31887] do_sys_openat2+0x11b/0x1d0 [ 1552.675342][T31887] ? __pfx_do_sys_openat2+0x10/0x10 [ 1552.675394][T31887] __x64_sys_openat+0x174/0x210 [ 1552.675419][T31887] ? __pfx___x64_sys_openat+0x10/0x10 [ 1552.675459][T31887] do_syscall_64+0xcd/0x4c0 [ 1552.675500][T31887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1552.675527][T31887] RIP: 0033:0x7f4f5e18eba9 [ 1552.675550][T31887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1552.675577][T31887] RSP: 002b:00007f4f5ef46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1552.675603][T31887] RAX: ffffffffffffffda RBX: 00007f4f5e3d5fa0 RCX: 00007f4f5e18eba9 [ 1552.675621][T31887] RDX: 0000000000088080 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 1552.675639][T31887] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1552.675662][T31887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1552.675678][T31887] R13: 00007f4f5e3d6038 R14: 00007f4f5e3d5fa0 R15: 00007ffc7f9b40f8 [ 1552.675715][T31887] [ 1553.945641][T29541] Bluetooth: hci0: command 0x0c1a tx timeout [ 1554.106963][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1554.113455][T29541] Bluetooth: hci3: command 0x0c1a tx timeout [ 1554.170351][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1555.342290][T31913] Invalid ELF header magic: != ELF [ 1555.358515][T31906] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 1555.391718][T31912] hugetlbfs: syz.0.4693 (31912): Using mlock ulimits for SHM_HUGETLB is obsolete [ 1557.090747][T31946] ubi0: attaching mtd0 [ 1557.106330][T31946] ubi0: scanning is finished [ 1557.111135][T31946] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1557.881138][T31946] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1560.227923][T31975] Process accounting resumed [ 1561.589730][T13915] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 1562.051689][T13915] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 1562.051735][T13915] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 1562.068919][T13915] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 1562.420196][T32005] Invalid ELF header magic: != ELF [ 1563.998436][T31900] ima: policy update failed [ 1564.003326][ T30] audit: type=1802 audit(6442455764.815:35): pid=31900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.4688" res=0 errno=0 [ 1567.238316][T32061] Process accounting paused [ 1567.372402][T32083] netlink: 'syz.0.4720': attribute type 12 has an invalid length. [ 1568.883286][T32101] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1568.927684][T32101] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1569.124196][T32101] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1569.174970][T32101] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1570.542993][T32117] Process accounting paused [ 1570.889929][T13915] Bluetooth: hci0: command 0x0c1a tx timeout [ 1570.963508][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1571.122194][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1571.190607][T32144] FAULT_INJECTION: forcing a failure. [ 1571.190607][T32144] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1571.219839][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1571.275047][T32144] CPU: 0 UID: 0 PID: 32144 Comm: syz.2.4733 Tainted: G U syzkaller #0 PREEMPT(full) [ 1571.275095][T32144] Tainted: [U]=USER [ 1571.275105][T32144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1571.275121][T32144] Call Trace: [ 1571.275131][T32144] [ 1571.275142][T32144] dump_stack_lvl+0x16c/0x1f0 [ 1571.275187][T32144] should_fail_ex+0x512/0x640 [ 1571.275234][T32144] get_futex_key+0x1d0/0x1560 [ 1571.275273][T32144] ? __pfx_get_futex_key+0x10/0x10 [ 1571.275299][T32144] ? rcu_is_watching+0x12/0xc0 [ 1571.275325][T32144] ? kasan_quarantine_put+0x10a/0x240 [ 1571.275354][T32144] ? lockdep_hardirqs_on+0x7c/0x110 [ 1571.275398][T32144] futex_wake+0xea/0x530 [ 1571.275439][T32144] ? __pfx_futex_wake+0x10/0x10 [ 1571.275492][T32144] do_futex+0x1e3/0x350 [ 1571.275523][T32144] ? __pfx_do_futex+0x10/0x10 [ 1571.275562][T32144] __x64_sys_futex+0x1e0/0x4c0 [ 1571.275595][T32144] ? __pfx___x64_sys_futex+0x10/0x10 [ 1571.275630][T32144] ? getname_flags.part.0+0x1c5/0x550 [ 1571.275676][T32144] do_syscall_64+0xcd/0x4c0 [ 1571.275710][T32144] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1571.275732][T32144] RIP: 0033:0x7fc35238eba9 [ 1571.275749][T32144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1571.275769][T32144] RSP: 002b:00007fc3531f40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1571.275790][T32144] RAX: ffffffffffffffda RBX: 00007fc3525d5fa8 RCX: 00007fc35238eba9 [ 1571.275804][T32144] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fc3525d5fac [ 1571.275817][T32144] RBP: 00007fc3525d5fa0 R08: 00007fc3531f5000 R09: 0000000000000000 [ 1571.275830][T32144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1571.275843][T32144] R13: 00007fc3525d6038 R14: 00007fff4075d210 R15: 00007fff4075d2f8 [ 1571.275871][T32144] [ 1573.664578][T13915] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 1573.817585][T32183] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1573.824192][T32183] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1573.843566][T32183] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1573.923201][T32183] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1573.932045][T32183] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1574.283519][T32198] Invalid ELF header magic: != ELF [ 1574.906352][T32211] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1575.323251][T32221] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4745'. [ 1575.334586][T32215] zswap: compressor not available [ 1575.379189][T32221] veth0_macvtap: left promiscuous mode [ 1575.428086][T32221] macvtap0: entered promiscuous mode [ 1575.452514][T32221] macvtap0: entered allmulticast mode [ 1575.570571][T32230] vivid-007: ================= START STATUS ================= [ 1575.578412][T32230] vivid-007: Generate PTS: true [ 1575.584370][T32230] vivid-007: Generate SCR: true [ 1575.590250][T32230] tpg source WxH: 320x240 (Y'CbCr) [ 1575.595384][T32230] tpg field: 1 [ 1575.638830][T32230] tpg crop: (0,0)/320x240 [ 1575.648789][T32230] tpg compose: (0,0)/320x240 [ 1575.658487][T32230] tpg colorspace: 8 [ 1575.664212][T32230] tpg transfer function: 0/0 [ 1575.689493][T32230] tpg Y'CbCr encoding: 0/0 [ 1575.741813][T32230] tpg quantization: 0/0 [ 1575.746124][T32230] tpg RGB range: 0/2 [ 1575.750264][T32230] vivid-007: ================== END STATUS ================== [ 1575.827912][T13915] Bluetooth: hci0: command 0x0c1a tx timeout [ 1575.834128][T29541] Bluetooth: hci3: command 0x0c1a tx timeout [ 1575.838204][T32242] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 1575.897266][T29541] Bluetooth: hci2: command 0x0c1a tx timeout [ 1575.929124][T32231] Invalid ELF header magic: != ELF [ 1575.976814][T29541] Bluetooth: hci1: command 0x0c1a tx timeout [ 1576.754343][T32255] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1576.792958][T32255] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1576.902401][T32255] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1576.958594][T32255] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1578.782302][T29541] Bluetooth: hci0: command 0x0c1a tx timeout [ 1578.842207][T29541] Bluetooth: hci3: command 0x0c1a tx timeout [ 1578.921600][T29541] Bluetooth: hci2: command 0x0c1a tx timeout [ 1579.011336][T29541] Bluetooth: hci1: command 0x0c1a tx timeout [ 1579.837392][T32306] FAULT_INJECTION: forcing a failure. [ 1579.837392][T32306] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1579.854506][T32306] CPU: 1 UID: 0 PID: 32306 Comm: syz.2.4760 Tainted: G U syzkaller #0 PREEMPT(full) [ 1579.854550][T32306] Tainted: [U]=USER [ 1579.854559][T32306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1579.854576][T32306] Call Trace: [ 1579.854586][T32306] [ 1579.854596][T32306] dump_stack_lvl+0x16c/0x1f0 [ 1579.854640][T32306] should_fail_ex+0x512/0x640 [ 1579.854686][T32306] should_fail_alloc_page+0xe7/0x130 [ 1579.854726][T32306] prepare_alloc_pages+0x3c2/0x610 [ 1579.854761][T32306] ? rcu_is_watching+0x12/0xc0 [ 1579.854795][T32306] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 1579.854833][T32306] ? rcu_is_watching+0x12/0xc0 [ 1579.854860][T32306] ? trace_mm_page_alloc+0x11f/0x1a0 [ 1579.854902][T32306] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 1579.854935][T32306] ? stack_trace_save+0x8e/0xc0 [ 1579.854965][T32306] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1579.855019][T32306] ? stack_depot_save_flags+0x29/0x9c0 [ 1579.855071][T32306] ? __kasan_slab_alloc+0x89/0x90 [ 1579.855104][T32306] ? alloc_vmap_area+0xdcf/0x29c0 [ 1579.855141][T32306] ? __vmalloc_node_range_noprof+0x271/0x14b0 [ 1579.855166][T32306] ? __kvmalloc_node_noprof+0x30a/0x620 [ 1579.855195][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1579.855220][T32306] ? do_syscall_64+0xcd/0x4c0 [ 1579.855257][T32306] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1579.855299][T32306] alloc_pages_bulk_noprof+0x71c/0x1410 [ 1579.855331][T32306] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1579.855369][T32306] ? policy_nodemask+0xea/0x4e0 [ 1579.855405][T32306] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1579.855436][T32306] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1579.855483][T32306] kasan_populate_vmalloc+0x112/0x2d0 [ 1579.855512][T32306] ? alloc_vmap_area+0x8b5/0x29c0 [ 1579.855555][T32306] alloc_vmap_area+0x960/0x29c0 [ 1579.855607][T32306] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1579.855654][T32306] __get_vm_area_node+0x1ca/0x330 [ 1579.855700][T32306] __vmalloc_node_range_noprof+0x271/0x14b0 [ 1579.855727][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1579.855753][T32306] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1579.855793][T32306] ? policy_nodemask+0xea/0x4e0 [ 1579.855829][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1579.855865][T32306] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1579.855898][T32306] ? ___kmalloc_large_node+0xed/0x160 [ 1579.855944][T32306] __kvmalloc_node_noprof+0x30a/0x620 [ 1579.855974][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1579.856011][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1579.856046][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1579.856071][T32306] __do_sys_listmount+0x1c2/0xf80 [ 1579.856107][T32306] ? __x64_sys_futex+0x1e0/0x4c0 [ 1579.856140][T32306] ? __x64_sys_futex+0x1e9/0x4c0 [ 1579.856174][T32306] ? __pfx___do_sys_listmount+0x10/0x10 [ 1579.856218][T32306] do_syscall_64+0xcd/0x4c0 [ 1579.856258][T32306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1579.856285][T32306] RIP: 0033:0x7fc35238eba9 [ 1579.856308][T32306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1579.856334][T32306] RSP: 002b:00007fc3531d3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1579.856360][T32306] RAX: ffffffffffffffda RBX: 00007fc3525d6090 RCX: 00007fc35238eba9 [ 1579.856378][T32306] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 1579.856396][T32306] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1579.856414][T32306] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1579.856431][T32306] R13: 00007fc3525d6128 R14: 00007fc3525d6090 R15: 00007fff4075d2f8 [ 1579.856466][T32306] [ 1580.226336][T32306] syz.2.4760: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1580.582995][T32306] CPU: 1 UID: 0 PID: 32306 Comm: syz.2.4760 Tainted: G U syzkaller #0 PREEMPT(full) [ 1580.583036][T32306] Tainted: [U]=USER [ 1580.583045][T32306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1580.583060][T32306] Call Trace: [ 1580.583070][T32306] [ 1580.583079][T32306] dump_stack_lvl+0x16c/0x1f0 [ 1580.583123][T32306] warn_alloc+0x248/0x3a0 [ 1580.583157][T32306] ? __pfx_warn_alloc+0x10/0x10 [ 1580.583191][T32306] ? kfree+0x2b4/0x4d0 [ 1580.583224][T32306] ? __get_vm_area_node+0x208/0x330 [ 1580.583268][T32306] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 1580.583293][T32306] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1580.583331][T32306] ? policy_nodemask+0xea/0x4e0 [ 1580.583364][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1580.583400][T32306] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1580.583432][T32306] ? ___kmalloc_large_node+0xed/0x160 [ 1580.583473][T32306] __kvmalloc_node_noprof+0x30a/0x620 [ 1580.583511][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1580.583539][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1580.583569][T32306] ? __do_sys_listmount+0x1c2/0xf80 [ 1580.583592][T32306] __do_sys_listmount+0x1c2/0xf80 [ 1580.583620][T32306] ? __x64_sys_futex+0x1e0/0x4c0 [ 1580.583648][T32306] ? __x64_sys_futex+0x1e9/0x4c0 [ 1580.583680][T32306] ? __pfx___do_sys_listmount+0x10/0x10 [ 1580.583731][T32306] do_syscall_64+0xcd/0x4c0 [ 1580.583770][T32306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1580.583799][T32306] RIP: 0033:0x7fc35238eba9 [ 1580.583822][T32306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1580.583847][T32306] RSP: 002b:00007fc3531d3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1580.583869][T32306] RAX: ffffffffffffffda RBX: 00007fc3525d6090 RCX: 00007fc35238eba9 [ 1580.583883][T32306] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000100 [ 1580.583900][T32306] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1580.583916][T32306] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1580.583930][T32306] R13: 00007fc3525d6128 R14: 00007fc3525d6090 R15: 00007fff4075d2f8 [ 1580.583962][T32306] [ 1580.583972][T32306] Mem-Info: [ 1580.809751][T32306] active_anon:4847 inactive_anon:41063 isolated_anon:0 [ 1580.809751][T32306] active_file:22283 inactive_file:38362 isolated_file:0 [ 1580.809751][T32306] unevictable:768 dirty:893 writeback:0 [ 1580.809751][T32306] slab_reclaimable:17872 slab_unreclaimable:122922 [ 1580.809751][T32306] mapped:42183 shmem:30391 pagetables:1339 [ 1580.809751][T32306] sec_pagetables:0 bounce:0 [ 1580.809751][T32306] kernel_misc_reclaimable:0 [ 1580.809751][T32306] free:1241138 free_pcp:9773 free_cma:0 [ 1580.855951][T32306] Node 0 active_anon:19388kB inactive_anon:164096kB active_file:89124kB inactive_file:153320kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:168728kB dirty:3572kB writeback:0kB shmem:120028kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:6144kB kernel_stack:11544kB pagetables:5256kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1580.871513][T32312] blktrace: Concurrent blktraces are not allowed on loop2 [ 1580.920414][T32306] Node 1 active_anon:0kB inactive_anon:156kB active_file:8kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:100kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 1581.024238][T32306] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1581.163677][T32306] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 1581.169671][T32306] Node 0 DMA32 free:1035108kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:19240kB inactive_anon:176472kB active_file:87880kB inactive_file:153248kB unevictable:2036kB writepending:3572kB present:3129332kB managed:2539540kB mlocked:500kB bounce:0kB free_pcp:28416kB local_pcp:18088kB free_cma:0kB [ 1581.211432][T32306] lowmem_reserve[]: 0 0 1 1 1 [ 1581.218284][T32306] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:1244kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:24kB local_pcp:12kB free_cma:0kB [ 1581.251355][T32306] lowmem_reserve[]: 0 0 0 0 0 [ 1581.256353][T32306] Node 1 Normal free:3907548kB boost:0kB min:55560kB low:69448kB high:83336kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:156kB active_file:8kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:4348kB local_pcp:4348kB free_cma:0kB [ 1581.272199][T32299] bond0: option arp_interval: invalid value () [ 1581.289815][T32306] lowmem_reserve[]: 0 0 0 0 0 [ 1581.300946][T32306] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 1581.314217][T32306] Node 0 DMA32: 1449*4kB (UE) 190*8kB (UE) 88*16kB (UME) 1029*32kB (UME) 727*64kB (UME) 761*128kB (ME) 584*256kB (UM) 447*512kB (ME) 302*1024kB (UME) 11*2048kB (UM) 34*4096kB (UM) = 1034996kB [ 1581.344302][T32306] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1581.366276][T32299] bond0: option arp_interval: allowed values 0 - 2147483647 [ 1581.465294][T32306] Node 1 Normal: 123*4kB (UME) 56*8kB (UME) 53*16kB (UME) 251*32kB (UME) 104*64kB (UME) 23*128kB (UME) 10*256kB (UM) 5*512kB (UME) 4*1024kB (UM) 2*2048kB (UE) 946*4096kB (M) = 3907548kB [ 1581.502642][T32306] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1581.526878][T32306] Node 0 hugepages_total=4 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB [ 1581.539260][T32306] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1581.554428][T32306] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1581.566020][T32306] 94892 total pagecache pages [ 1581.572511][T32306] 53 pages in swap cache [ 1581.577003][T32306] Free swap = 124308kB [ 1581.582201][T32306] Total swap = 124996kB [ 1581.587099][T32306] 2097051 pages RAM [ 1581.593150][T32306] 0 pages HighMem/MovableOnly [ 1581.631553][T32306] 430204 pages reserved [ 1581.635763][T32306] 0 pages cma reserved [ 1583.150884][T32337] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 1584.588968][T32359] Invalid ELF header magic: != ELF [ 1587.414913][T32369] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1589.817897][T32451] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 1590.802395][T32453] Process accounting paused [ 1592.918541][T32489] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4795'. [ 1592.931030][T32489] mac80211_hwsim hwsim142 : renamed from wlan0 (while UP) [ 1593.441974][T32500] Invalid ELF header magic: != ELF [ 1594.138005][T32512] Invalid ELF header magic: != ELF [ 1596.205581][T32535] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1596.214201][T32535] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1596.230672][T32535] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1596.319591][T32535] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1597.371789][T32540] Process accounting resumed [ 1597.800210][T32576] FAULT_INJECTION: forcing a failure. [ 1597.800210][T32576] name failslab, interval 1, probability 0, space 0, times 0 [ 1597.815188][T32576] CPU: 0 UID: 0 PID: 32576 Comm: syz.3.4808 Tainted: G U syzkaller #0 PREEMPT(full) [ 1597.815214][T32576] Tainted: [U]=USER [ 1597.815219][T32576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1597.815229][T32576] Call Trace: [ 1597.815235][T32576] [ 1597.815242][T32576] dump_stack_lvl+0x16c/0x1f0 [ 1597.815269][T32576] should_fail_ex+0x512/0x640 [ 1597.815292][T32576] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1597.815312][T32576] ? __pfx_stat_open+0x10/0x10 [ 1597.815328][T32576] should_failslab+0xc2/0x120 [ 1597.815347][T32576] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1597.815365][T32576] ? seq_open+0x55/0x170 [ 1597.815387][T32576] ? __pfx_stat_open+0x10/0x10 [ 1597.815402][T32576] ? __pfx_stat_show+0x10/0x10 [ 1597.815417][T32576] seq_open+0x55/0x170 [ 1597.815436][T32576] ? __pfx_stat_show+0x10/0x10 [ 1597.815451][T32576] single_open+0xfc/0x1f0 [ 1597.815473][T32576] full_proxy_open_regular+0x1b6/0x360 [ 1597.815490][T32576] do_dentry_open+0x982/0x1530 [ 1597.815509][T32576] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 1597.815527][T32576] vfs_open+0x82/0x3f0 [ 1597.815551][T32576] path_openat+0x1de4/0x2cb0 [ 1597.815576][T32576] ? __pfx_path_openat+0x10/0x10 [ 1597.815598][T32576] do_filp_open+0x20b/0x470 [ 1597.815615][T32576] ? __pfx_do_filp_open+0x10/0x10 [ 1597.815645][T32576] ? alloc_fd+0x471/0x7d0 [ 1597.815665][T32576] do_sys_openat2+0x11b/0x1d0 [ 1597.815687][T32576] ? __pfx_do_sys_openat2+0x10/0x10 [ 1597.815709][T32576] ? find_held_lock+0x2b/0x80 [ 1597.815740][T32576] __x64_sys_openat+0x174/0x210 [ 1597.815755][T32576] ? __pfx___x64_sys_openat+0x10/0x10 [ 1597.815776][T32576] do_syscall_64+0xcd/0x4c0 [ 1597.815800][T32576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1597.815815][T32576] RIP: 0033:0x7f4f5e18eba9 [ 1597.815828][T32576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1597.815842][T32576] RSP: 002b:00007f4f5c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1597.815857][T32576] RAX: ffffffffffffffda RBX: 00007f4f5e3d6090 RCX: 00007f4f5e18eba9 [ 1597.815867][T32576] RDX: 0000000000080880 RSI: 0000200000003300 RDI: ffffffffffffff9c [ 1597.815877][T32576] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1597.815886][T32576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1597.815896][T32576] R13: 00007f4f5e3d6128 R14: 00007f4f5e3d6090 R15: 00007ffc7f9b40f8 [ 1597.815914][T32576] [ 1598.330994][T29541] Bluetooth: hci2: command 0x0c1a tx timeout [ 1598.337150][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1598.343231][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1598.349785][ T5865] Bluetooth: hci1: command 0x0c1a tx timeout [ 1598.459642][T32578] bond0: option arp_interval: invalid value () [ 1598.466651][T32578] bond0: option arp_interval: allowed values 0 - 2147483647 [ 1601.519200][T32625] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4817'. [ 1601.565883][T32625] netlink: 93 bytes leftover after parsing attributes in process `syz.2.4817'. [ 1601.892530][T32621] kfence: disabled [ 1602.278133][T32626] Process accounting resumed [ 1602.602102][T32646] snd_aloop snd_aloop.0: control 16781581:65539:5:'x?F/zF˷fC:7 is already present [ 1602.622786][T32647] random: crng reseeded on system resumption [ 1605.013359][T32685] FAULT_INJECTION: forcing a failure. [ 1605.013359][T32685] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1605.063162][T32685] CPU: 0 UID: 0 PID: 32685 Comm: syz.3.4825 Tainted: G U syzkaller #0 PREEMPT(full) [ 1605.063208][T32685] Tainted: [U]=USER [ 1605.063218][T32685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1605.063234][T32685] Call Trace: [ 1605.063244][T32685] [ 1605.063256][T32685] dump_stack_lvl+0x16c/0x1f0 [ 1605.063299][T32685] should_fail_ex+0x512/0x640 [ 1605.063341][T32685] get_futex_key+0x1d0/0x1560 [ 1605.063374][T32685] ? __pfx_get_futex_key+0x10/0x10 [ 1605.063415][T32685] futex_wake+0xea/0x530 [ 1605.063440][T32685] ? rcu_is_watching+0x12/0xc0 [ 1605.063455][T32685] ? __pfx_futex_wake+0x10/0x10 [ 1605.063478][T32685] ? kmem_cache_free+0x2d1/0x4d0 [ 1605.063494][T32685] ? fd_install+0x225/0x750 [ 1605.063511][T32685] ? putname+0x154/0x1a0 [ 1605.063534][T32685] do_futex+0x1e3/0x350 [ 1605.063552][T32685] ? __pfx_do_futex+0x10/0x10 [ 1605.063572][T32685] ? find_held_lock+0x2b/0x80 [ 1605.063588][T32685] __x64_sys_futex+0x1e0/0x4c0 [ 1605.063608][T32685] ? __x64_sys_openat+0x174/0x210 [ 1605.063621][T32685] ? __pfx___x64_sys_futex+0x10/0x10 [ 1605.063647][T32685] do_syscall_64+0xcd/0x4c0 [ 1605.063670][T32685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1605.063684][T32685] RIP: 0033:0x7f4f5e18eba9 [ 1605.063697][T32685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1605.063711][T32685] RSP: 002b:00007f4f5c3d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1605.063726][T32685] RAX: ffffffffffffffda RBX: 00007f4f5e3d6188 RCX: 00007f4f5e18eba9 [ 1605.063735][T32685] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f4f5e3d618c [ 1605.063744][T32685] RBP: 00007f4f5e3d6180 R08: 00007f4f5ef47000 R09: 0000000000000000 [ 1605.063753][T32685] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 1605.063762][T32685] R13: 00007f4f5e3d6218 R14: 00007ffc7f9b4010 R15: 00007ffc7f9b40f8 [ 1605.063780][T32685] [ 1605.502367][T32689] usb usb36: usbfs: process 32689 (syz.1.4826) did not claim interface 0 before use [ 1606.885150][T32720] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4834'. [ 1607.031877][T32702] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1608.656188][T32755] Invalid ELF header magic: != ELF [ 1608.836080][T32758] i2c i2c-0: Failed to register i2c client card: at 0x01 (-16) [ 1609.116516][T32752] i2c i2c-0: Failed to register i2c client card: at 0x01 (-16) [ 1609.805620][T16633] smpboot: CPU 1 is now offline [ 1610.254996][ T312] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1610.276416][ T312] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1610.353429][ T312] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1610.429539][ T312] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1611.241319][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1611.259393][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1611.469719][ T313] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1612.272888][T24217] Bluetooth: hci3: command 0x0c1a tx timeout [ 1612.278942][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1612.353910][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1612.430606][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1612.513730][ T336] snd_aloop snd_aloop.0: control 16781581:65539:5:'x?F/zF˷fC:7 is already present [ 1613.403264][ T352] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4851'. [ 1615.565224][ T364] Invalid ELF header magic: != ELF [ 1617.621504][ T404] sd 0:0:1:0: PR command failed: 1026 [ 1617.777667][ T404] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1617.784419][ T404] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1618.792107][ T411] FAULT_INJECTION: forcing a failure. [ 1618.792107][ T411] name failslab, interval 1, probability 0, space 0, times 0 [ 1618.931858][ T411] CPU: 0 UID: 0 PID: 411 Comm: syz.3.4861 Tainted: G U syzkaller #0 PREEMPT(full) [ 1618.931883][ T411] Tainted: [U]=USER [ 1618.931888][ T411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1618.931897][ T411] Call Trace: [ 1618.931904][ T411] [ 1618.931910][ T411] dump_stack_lvl+0x16c/0x1f0 [ 1618.931938][ T411] should_fail_ex+0x512/0x640 [ 1618.931961][ T411] ? __kmalloc_noprof+0xbf/0x510 [ 1618.931981][ T411] ? snd_pcm_plugin_build+0x434/0x650 [ 1618.931999][ T411] should_failslab+0xc2/0x120 [ 1618.932018][ T411] __kmalloc_noprof+0xd2/0x510 [ 1618.932035][ T411] ? __mutex_unlock_slowpath+0xb1/0x7b0 [ 1618.932060][ T411] snd_pcm_plugin_build+0x434/0x650 [ 1618.932087][ T411] snd_pcm_plugin_build_linear+0x29d/0x850 [ 1618.932110][ T411] ? wake_up_all_idle_cpus+0x165/0x1e0 [ 1618.932126][ T411] ? __pfx_snd_pcm_plugin_build_linear+0x10/0x10 [ 1618.932149][ T411] ? snd_pcm_hw_params+0xcd/0x1ba0 [ 1618.932170][ T411] snd_pcm_plug_format_plugins+0x7f8/0x1430 [ 1618.932191][ T411] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 1618.932213][ T411] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1618.932236][ T411] snd_pcm_oss_change_params_locked+0x2dec/0x3a30 [ 1618.932262][ T411] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1618.932295][ T411] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 1618.932315][ T411] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 1618.932333][ T411] ? hook_file_ioctl_common+0x145/0x410 [ 1618.932353][ T411] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1618.932372][ T411] ? __fget_files+0x20e/0x3c0 [ 1618.932390][ T411] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 1618.932408][ T411] __x64_sys_ioctl+0x18b/0x210 [ 1618.932432][ T411] do_syscall_64+0xcd/0x4c0 [ 1618.932455][ T411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1618.932470][ T411] RIP: 0033:0x7f4f5e18eba9 [ 1618.932483][ T411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1618.932497][ T411] RSP: 002b:00007f4f5ef46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1618.932512][ T411] RAX: ffffffffffffffda RBX: 00007f4f5e3d5fa0 RCX: 00007f4f5e18eba9 [ 1618.932521][ T411] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 1618.932530][ T411] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1618.932539][ T411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1618.932547][ T411] R13: 00007f4f5e3d6038 R14: 00007f4f5e3d5fa0 R15: 00007ffc7f9b40f8 [ 1618.932566][ T411] [ 1620.497156][ T417] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1620.605628][ T417] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1620.699362][ T417] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1620.783143][ T417] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1621.115504][T24217] Bluetooth: hci1: unexpected event 0x01 length: 5 > 1 [ 1621.303377][ T444] can: request_module (can-proto-0) failed. [ 1621.888468][ T456] ptrace attach of "./syz-executor exec"[7958] was attempted by "*<\x5cq.e\x1b_|E{9[.sn0HWjP @)'lNb^Yz7V_t\x5c\x5cXFϱk\x0bLm5r \x0c`$o&*3D/!Ǹ4}~pjeC!vNPj˶ˊ_37E5ry@\x07ԍiTAT'Ȱ1\x5cX΁댞Iɤ >'U,/3\x0dM\x0bp=\x222Tme#KÓtn\x07zq%96L=ik1S)?w\x5c qr\x09=s?o0&_\x22XIucP(xx\x5cobRRLB%dRĝ*uV\x09s Nb&\x0b7)_!W܌1)?X}:%Wky ~rݽ`43]+3@: RvH\x22k\x22YHd\x09W\x09TQW9(w9%o)YfO3J82b]\x0cGRx'w~JtQ|*l뺨@QR8-\x0b\x0b:4J,h~}2xc`!TU\x22&L.; Ek߯sh.#].“/\x0b4ZD/7yԿ'8սxø\x0d8Nh ѝm)Orf+rA+!ހH=\x5c [ 1622.306618][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1622.628019][T24217] Bluetooth: hci3: command 0x0c1a tx timeout [ 1622.705288][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1622.782050][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1623.404988][ T433] Process accounting resumed [ 1623.976941][ T488] binder: 482:488 ioctl c0306201 200000001040 returned -14 [ 1624.744015][ T499] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1624.775224][ T499] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1624.820268][ T499] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1624.861254][ T499] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1626.222252][ T531] FAULT_INJECTION: forcing a failure. [ 1626.222252][ T531] name failslab, interval 1, probability 0, space 0, times 0 [ 1626.292975][ T531] CPU: 0 UID: 0 PID: 531 Comm: syz.3.4882 Tainted: G U syzkaller #0 PREEMPT(full) [ 1626.293003][ T531] Tainted: [U]=USER [ 1626.293008][ T531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1626.293018][ T531] Call Trace: [ 1626.293024][ T531] [ 1626.293030][ T531] dump_stack_lvl+0x16c/0x1f0 [ 1626.293057][ T531] should_fail_ex+0x512/0x640 [ 1626.293081][ T531] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1626.293102][ T531] should_failslab+0xc2/0x120 [ 1626.293123][ T531] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1626.293139][ T531] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1626.293154][ T531] ? fuse_request_alloc+0x22/0x200 [ 1626.293173][ T531] fuse_request_alloc+0x22/0x200 [ 1626.293189][ T531] fuse_get_req+0x748/0xfd0 [ 1626.293210][ T531] ? __pfx_fuse_get_req+0x10/0x10 [ 1626.293235][ T531] fuse_simple_background+0x464/0x5f0 [ 1626.293252][ T531] ? kasan_save_track+0x14/0x30 [ 1626.293270][ T531] cuse_channel_open+0x561/0x7f0 [ 1626.293302][ T531] ? __pfx_cuse_channel_open+0x10/0x10 [ 1626.293324][ T531] misc_open+0x35d/0x420 [ 1626.293343][ T531] ? __pfx_misc_open+0x10/0x10 [ 1626.293361][ T531] chrdev_open+0x234/0x6a0 [ 1626.293379][ T531] ? __pfx_apparmor_file_open+0x10/0x10 [ 1626.293396][ T531] ? __pfx_chrdev_open+0x10/0x10 [ 1626.293416][ T531] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1626.293436][ T531] do_dentry_open+0x982/0x1530 [ 1626.293455][ T531] ? __pfx_chrdev_open+0x10/0x10 [ 1626.293478][ T531] vfs_open+0x82/0x3f0 [ 1626.293506][ T531] path_openat+0x1de4/0x2cb0 [ 1626.293530][ T531] ? __pfx_path_openat+0x10/0x10 [ 1626.293552][ T531] do_filp_open+0x20b/0x470 [ 1626.293570][ T531] ? __pfx_do_filp_open+0x10/0x10 [ 1626.293602][ T531] ? alloc_fd+0x471/0x7d0 [ 1626.293623][ T531] do_sys_openat2+0x11b/0x1d0 [ 1626.293645][ T531] ? __pfx_do_sys_openat2+0x10/0x10 [ 1626.293674][ T531] __x64_sys_openat+0x174/0x210 [ 1626.293687][ T531] ? __pfx___x64_sys_openat+0x10/0x10 [ 1626.293707][ T531] do_syscall_64+0xcd/0x4c0 [ 1626.293731][ T531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1626.293745][ T531] RIP: 0033:0x7f4f5e18eba9 [ 1626.293758][ T531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1626.293773][ T531] RSP: 002b:00007f4f5ef46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1626.293788][ T531] RAX: ffffffffffffffda RBX: 00007f4f5e3d5fa0 RCX: 00007f4f5e18eba9 [ 1626.293797][ T531] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 1626.293806][ T531] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1626.293818][ T531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1626.293827][ T531] R13: 00007f4f5e3d6038 R14: 00007f4f5e3d5fa0 R15: 00007ffc7f9b40f8 [ 1626.293845][ T531] [ 1626.821975][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1626.903211][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1626.914260][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1626.962518][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1628.819188][ T566] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1628.847890][ T566] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1628.892765][ T566] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1628.936532][ T545] Process accounting paused [ 1628.964416][ T566] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1629.193008][ T582] net_ratelimit: 19 callbacks suppressed [ 1629.193028][ T582] netlink: zone id is out of range [ 1629.392149][ T582] netlink: zone id is out of range [ 1629.475568][ T582] netlink: zone id is out of range [ 1629.498458][ T582] netlink: zone id is out of range [ 1629.538823][ T582] netlink: zone id is out of range [ 1629.593028][ T582] netlink: zone id is out of range [ 1629.645296][ T582] netlink: zone id is out of range [ 1629.698454][ T582] netlink: zone id is out of range [ 1629.783822][ T582] netlink: zone id is out of range [ 1629.860232][ T582] netlink: zone id is out of range [ 1630.101415][ T593] FAULT_INJECTION: forcing a failure. [ 1630.101415][ T593] name failslab, interval 1, probability 0, space 0, times 0 [ 1630.178980][ T593] CPU: 0 UID: 0 PID: 593 Comm: syz.2.4893 Tainted: G U syzkaller #0 PREEMPT(full) [ 1630.179026][ T593] Tainted: [U]=USER [ 1630.179031][ T593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1630.179041][ T593] Call Trace: [ 1630.179046][ T593] [ 1630.179053][ T593] dump_stack_lvl+0x16c/0x1f0 [ 1630.179081][ T593] should_fail_ex+0x512/0x640 [ 1630.179105][ T593] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1630.179125][ T593] should_failslab+0xc2/0x120 [ 1630.179145][ T593] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1630.179161][ T593] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1630.179177][ T593] ? fuse_request_alloc+0x22/0x200 [ 1630.179196][ T593] fuse_request_alloc+0x22/0x200 [ 1630.179212][ T593] fuse_get_req+0x748/0xfd0 [ 1630.179233][ T593] ? __pfx_fuse_get_req+0x10/0x10 [ 1630.179260][ T593] fuse_simple_background+0x464/0x5f0 [ 1630.179278][ T593] ? kasan_save_track+0x14/0x30 [ 1630.179296][ T593] cuse_channel_open+0x561/0x7f0 [ 1630.179316][ T593] ? __pfx_cuse_channel_open+0x10/0x10 [ 1630.179337][ T593] misc_open+0x35d/0x420 [ 1630.179355][ T593] ? __pfx_misc_open+0x10/0x10 [ 1630.179372][ T593] chrdev_open+0x234/0x6a0 [ 1630.179393][ T593] ? __pfx_apparmor_file_open+0x10/0x10 [ 1630.179410][ T593] ? __pfx_chrdev_open+0x10/0x10 [ 1630.179430][ T593] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1630.179449][ T593] do_dentry_open+0x982/0x1530 [ 1630.179468][ T593] ? __pfx_chrdev_open+0x10/0x10 [ 1630.179490][ T593] vfs_open+0x82/0x3f0 [ 1630.179513][ T593] path_openat+0x1de4/0x2cb0 [ 1630.179537][ T593] ? __pfx_path_openat+0x10/0x10 [ 1630.179559][ T593] do_filp_open+0x20b/0x470 [ 1630.179577][ T593] ? __pfx_do_filp_open+0x10/0x10 [ 1630.179607][ T593] ? alloc_fd+0x471/0x7d0 [ 1630.179628][ T593] do_sys_openat2+0x11b/0x1d0 [ 1630.179649][ T593] ? __pfx_do_sys_openat2+0x10/0x10 [ 1630.179678][ T593] __x64_sys_openat+0x174/0x210 [ 1630.179691][ T593] ? __pfx___x64_sys_openat+0x10/0x10 [ 1630.179712][ T593] do_syscall_64+0xcd/0x4c0 [ 1630.179735][ T593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1630.179750][ T593] RIP: 0033:0x7fc35238eba9 [ 1630.179762][ T593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1630.179776][ T593] RSP: 002b:00007fc3531f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1630.179791][ T593] RAX: ffffffffffffffda RBX: 00007fc3525d5fa0 RCX: 00007fc35238eba9 [ 1630.179801][ T593] RDX: 0000000000000000 RSI: 0000200000000380 RDI: ffffffffffffff9c [ 1630.179811][ T593] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1630.179820][ T593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1630.179829][ T593] R13: 00007fc3525d6038 R14: 00007fc3525d5fa0 R15: 00007fff4075d2f8 [ 1630.179849][ T593] [ 1630.463124][ C0] vkms_vblank_simulate: vblank timer overrun [ 1630.903279][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1630.932611][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1630.939475][T24217] Bluetooth: hci3: command 0x0c1a tx timeout [ 1631.001114][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1632.266440][ T583] Process accounting paused [ 1632.272257][ T629] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1632.380545][ T629] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1632.473950][ T629] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1632.497205][ T638] netlink: 268 bytes leftover after parsing attributes in process `syz.0.4903'. [ 1632.580067][ T629] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1634.327732][T13915] Bluetooth: hci0: command 0x0c1a tx timeout [ 1634.407359][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1634.487299][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1634.646304][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1634.904756][ T694] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 1636.286797][ T716] FAULT_INJECTION: forcing a failure. [ 1636.286797][ T716] name failslab, interval 1, probability 0, space 0, times 0 [ 1636.376518][ T716] CPU: 0 UID: 0 PID: 716 Comm: syz.2.4915 Tainted: G U syzkaller #0 PREEMPT(full) [ 1636.376545][ T716] Tainted: [U]=USER [ 1636.376550][ T716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1636.376559][ T716] Call Trace: [ 1636.376566][ T716] [ 1636.376572][ T716] dump_stack_lvl+0x16c/0x1f0 [ 1636.376607][ T716] should_fail_ex+0x512/0x640 [ 1636.376630][ T716] ? __kmalloc_noprof+0xbf/0x510 [ 1636.376649][ T716] ? lsm_blob_alloc+0x68/0x90 [ 1636.376661][ T716] should_failslab+0xc2/0x120 [ 1636.376680][ T716] __kmalloc_noprof+0xd2/0x510 [ 1636.376702][ T716] lsm_blob_alloc+0x68/0x90 [ 1636.376716][ T716] security_sk_alloc+0x30/0x270 [ 1636.376733][ T716] sk_prot_alloc+0x1c7/0x2a0 [ 1636.376751][ T716] sk_alloc+0x36/0xc20 [ 1636.376771][ T716] __netlink_create+0x5e/0x2c0 [ 1636.376792][ T716] __netlink_kernel_create+0xed/0x750 [ 1636.376813][ T716] ? __lock_acquire+0x62e/0x1ce0 [ 1636.376833][ T716] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1636.376859][ T716] ? __pfx_diag_net_init+0x10/0x10 [ 1636.376878][ T716] diag_net_init+0xbd/0x140 [ 1636.376897][ T716] ? __pfx_diag_net_init+0x10/0x10 [ 1636.376914][ T716] ? find_held_lock+0x2b/0x80 [ 1636.376928][ T716] ? __pfx_sock_diag_rcv+0x10/0x10 [ 1636.376945][ T716] ? __pfx_sock_diag_bind+0x10/0x10 [ 1636.376963][ T716] ? __raw_spin_lock_init+0x3a/0x110 [ 1636.376985][ T716] ? __pfx_cma_init_net+0x10/0x10 [ 1636.377004][ T716] ops_init+0x1e2/0x5f0 [ 1636.377028][ T716] setup_net+0x10f/0x380 [ 1636.377040][ T716] ? lockdep_init_map_type+0x5c/0x280 [ 1636.377060][ T716] ? __pfx_setup_net+0x10/0x10 [ 1636.377073][ T716] ? debug_mutex_init+0x37/0x70 [ 1636.377090][ T716] copy_net_ns+0x2a6/0x5f0 [ 1636.377106][ T716] create_new_namespaces+0x3ea/0xa90 [ 1636.377127][ T716] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1636.377145][ T716] ksys_unshare+0x45b/0xa40 [ 1636.377166][ T716] ? __pfx_ksys_unshare+0x10/0x10 [ 1636.377186][ T716] ? xfd_validate_state+0x61/0x180 [ 1636.377212][ T716] __x64_sys_unshare+0x31/0x40 [ 1636.377231][ T716] do_syscall_64+0xcd/0x4c0 [ 1636.377255][ T716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1636.377269][ T716] RIP: 0033:0x7fc35238eba9 [ 1636.377282][ T716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1636.377297][ T716] RSP: 002b:00007fc3531f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1636.377311][ T716] RAX: ffffffffffffffda RBX: 00007fc3525d5fa0 RCX: 00007fc35238eba9 [ 1636.377321][ T716] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1636.377330][ T716] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1636.377339][ T716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1636.377348][ T716] R13: 00007fc3525d6038 R14: 00007fc3525d5fa0 R15: 00007fff4075d2f8 [ 1636.377368][ T716] [ 1640.431693][ T798] random: crng reseeded on system resumption [ 1641.603202][T13915] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 1641.756727][ T818] Invalid ELF header magic: != ELF [ 1641.980184][ T827] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4933'. [ 1642.005924][ T826] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1642.028609][ T826] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1642.083122][ T826] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1642.123329][ T826] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1643.458271][ T841] bond0: option arp_interval: invalid value () [ 1643.464543][ T841] bond0: option arp_interval: allowed values 0 - 2147483647 [ 1644.042215][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1644.048618][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1644.121943][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1644.128059][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1646.426074][ T897] Invalid ELF header magic: != ELF [ 1647.789547][ T934] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1647.869945][ T934] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1647.946802][ T934] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1648.054935][ T934] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1648.855976][ T965] FAULT_INJECTION: forcing a failure. [ 1648.855976][ T965] name failslab, interval 1, probability 0, space 0, times 0 [ 1648.930885][ T965] CPU: 0 UID: 0 PID: 965 Comm: syz.2.4954 Tainted: G U syzkaller #0 PREEMPT(full) [ 1648.930912][ T965] Tainted: [U]=USER [ 1648.930917][ T965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1648.930927][ T965] Call Trace: [ 1648.930933][ T965] [ 1648.930940][ T965] dump_stack_lvl+0x16c/0x1f0 [ 1648.930966][ T965] should_fail_ex+0x512/0x640 [ 1648.930989][ T965] ? __kmalloc_noprof+0xbf/0x510 [ 1648.931009][ T965] ? sk_prot_alloc+0x1a8/0x2a0 [ 1648.931023][ T965] should_failslab+0xc2/0x120 [ 1648.931042][ T965] __kmalloc_noprof+0xd2/0x510 [ 1648.931059][ T965] ? evm_inode_alloc_security+0x49/0xc0 [ 1648.931080][ T965] sk_prot_alloc+0x1a8/0x2a0 [ 1648.931097][ T965] sk_alloc+0x36/0xc20 [ 1648.931117][ T965] __netlink_create+0x5e/0x2c0 [ 1648.931139][ T965] __netlink_kernel_create+0xed/0x750 [ 1648.931162][ T965] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1648.931190][ T965] uevent_net_init+0xf8/0x350 [ 1648.931205][ T965] ? __pfx_uevent_net_init+0x10/0x10 [ 1648.931221][ T965] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1648.931242][ T965] ? __pfx_uevent_net_init+0x10/0x10 [ 1648.931255][ T965] ops_init+0x1e2/0x5f0 [ 1648.931280][ T965] setup_net+0x10f/0x380 [ 1648.931292][ T965] ? lockdep_init_map_type+0x5c/0x280 [ 1648.931312][ T965] ? __pfx_setup_net+0x10/0x10 [ 1648.931326][ T965] ? debug_mutex_init+0x37/0x70 [ 1648.931343][ T965] copy_net_ns+0x2a6/0x5f0 [ 1648.931359][ T965] create_new_namespaces+0x3ea/0xa90 [ 1648.931380][ T965] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1648.931398][ T965] ksys_unshare+0x45b/0xa40 [ 1648.931425][ T965] ? __pfx_ksys_unshare+0x10/0x10 [ 1648.931446][ T965] ? xfd_validate_state+0x61/0x180 [ 1648.931474][ T965] __x64_sys_unshare+0x31/0x40 [ 1648.931494][ T965] do_syscall_64+0xcd/0x4c0 [ 1648.931517][ T965] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1648.931532][ T965] RIP: 0033:0x7fc35238eba9 [ 1648.931545][ T965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1648.931559][ T965] RSP: 002b:00007fc3531d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1648.931573][ T965] RAX: ffffffffffffffda RBX: 00007fc3525d6090 RCX: 00007fc35238eba9 [ 1648.931583][ T965] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1648.931591][ T965] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1648.931600][ T965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1648.931609][ T965] R13: 00007fc3525d6128 R14: 00007fc3525d6090 R15: 00007fff4075d2f8 [ 1648.931629][ T965] [ 1648.937818][ T965] kobject_uevent: unable to create netlink socket! [ 1649.876899][T13915] Bluetooth: hci0: command 0x0c1a tx timeout [ 1649.956318][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1650.025610][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1650.103566][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1650.147364][ T962] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4954'. [ 1652.032661][ T1005] Invalid ELF header magic: != ELF [ 1652.716474][ T1015] Invalid ELF header magic: != ELF [ 1653.200618][ T1027] netlink: 93 bytes leftover after parsing attributes in process `syz.1.4964'. [ 1653.944276][ T1025] Process accounting paused [ 1654.433424][ T1047] snd_aloop snd_aloop.0: control 16781581:65539:5:'x?F/zF˷fC:7 is already present [ 1655.694441][ T1086] vivid-003: ================= START STATUS ================= [ 1655.738728][ T1086] vivid-003: Radio HW Seek Mode: Bounded [ 1655.770910][ T1086] vivid-003: Radio Programmable HW Seek: false [ 1655.841145][ T1086] vivid-003: RDS Rx I/O Mode: Block I/O [ 1655.927691][ T1086] vivid-003: Generate RBDS Instead of RDS: false [ 1655.966142][ T1086] vivid-003: RDS Reception: true [ 1655.994911][ T1086] vivid-003: RDS Program Type: 0 inactive [ 1656.034990][ T1086] vivid-003: RDS PS Name: inactive [ 1656.054743][ T1086] vivid-003: RDS Radio Text: inactive [ 1656.095081][ T1086] vivid-003: RDS Traffic Announcement: false inactive [ 1656.129518][ T1086] vivid-003: RDS Traffic Program: false inactive [ 1656.154570][ T1086] vivid-003: RDS Music: false inactive [ 1656.182955][ T1086] vivid-003: ================== END STATUS ================== [ 1656.513328][ T1104] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1656.541894][ T1104] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1656.619331][ T1104] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1656.675515][ T1104] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1658.408421][ T1138] netlink: 446 bytes leftover after parsing attributes in process `syz.1.4980'. [ 1658.543843][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1658.549896][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1658.695352][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1658.701400][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1659.395975][ T1141] Process accounting resumed [ 1661.275700][ T1177] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1661.326145][ T1177] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1661.432393][ T1177] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1661.569573][ T1177] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1662.184165][ T1184] Process accounting resumed [ 1663.188438][ T1228] ecryptfs_miscdev_write: Invalid packet size [192] [ 1663.313534][T24217] Bluetooth: hci0: command 0x0c1a tx timeout [ 1663.359434][ T1216] Invalid ELF header magic: != ELF [ 1663.391360][T24217] Bluetooth: hci3: command 0x0c1a tx timeout [ 1663.470804][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1663.531765][ T1239] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1663.612889][ T1242] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1663.630626][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1663.953263][ T1216] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1664.071210][ T1249] random: crng reseeded on system resumption [ 1665.846127][ T1276] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1666.490994][ T1287] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1666.527542][ T1287] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1666.533662][ T1287] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1666.596190][ T1287] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1666.686728][ T1294] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5012'. [ 1667.425639][ T1294] team0: Port device team_slave_1 removed [ 1668.330683][ T1336] Invalid ELF header magic: != ELF [ 1668.567205][T24217] Bluetooth: hci3: command 0x0c1a tx timeout [ 1668.573379][ T5865] Bluetooth: hci0: command 0x0c1a tx timeout [ 1668.579660][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1668.646435][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1668.744397][ T1336] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1670.258238][ T1386] Invalid ELF header magic: != ELF [ 1670.288918][ T1388] Console: switching to colour VGA+ 32x12 [ 1670.607853][ T1404] FAULT_INJECTION: forcing a failure. [ 1670.607853][ T1404] name failslab, interval 1, probability 0, space 0, times 0 [ 1670.695931][ T1404] CPU: 0 UID: 0 PID: 1404 Comm: syz.1.5043 Tainted: G U syzkaller #0 PREEMPT(full) [ 1670.695958][ T1404] Tainted: [U]=USER [ 1670.695963][ T1404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1670.695975][ T1404] Call Trace: [ 1670.695981][ T1404] [ 1670.695988][ T1404] dump_stack_lvl+0x16c/0x1f0 [ 1670.696015][ T1404] should_fail_ex+0x512/0x640 [ 1670.696039][ T1404] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 1670.696057][ T1404] should_failslab+0xc2/0x120 [ 1670.696076][ T1404] __kmalloc_cache_noprof+0x6a/0x3e0 [ 1670.696096][ T1404] ? __do_sys_fanotify_init+0x4bb/0xc00 [ 1670.696122][ T1404] __do_sys_fanotify_init+0x4bb/0xc00 [ 1670.696147][ T1404] do_syscall_64+0xcd/0x4c0 [ 1670.696172][ T1404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1670.696187][ T1404] RIP: 0033:0x7f3cd2b8eba9 [ 1670.696199][ T1404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1670.696214][ T1404] RSP: 002b:00007f3cd3a72038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 1670.696240][ T1404] RAX: ffffffffffffffda RBX: 00007f3cd2dd5fa0 RCX: 00007f3cd2b8eba9 [ 1670.696250][ T1404] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000401 [ 1670.696259][ T1404] RBP: 00007f3cd2c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1670.696269][ T1404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1670.696277][ T1404] R13: 00007f3cd2dd6038 R14: 00007f3cd2dd5fa0 R15: 00007ffd7c9ddb68 [ 1670.696298][ T1404] [ 1672.330527][ T1440] Invalid ELF header magic: != ELF [ 1672.391832][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1672.399740][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1673.389624][ T1437] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1673.794879][ T1478] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1673.855769][ T1478] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1673.968304][ T1478] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1674.051581][ T1478] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1674.253290][ T1492] netlink: 'syz.2.5062': attribute type 1 has an invalid length. [ 1675.392775][ T1527] FAULT_INJECTION: forcing a failure. [ 1675.392775][ T1527] name failslab, interval 1, probability 0, space 0, times 0 [ 1675.405805][ T1527] CPU: 0 UID: 0 PID: 1527 Comm: syz.1.5073 Tainted: G U syzkaller #0 PREEMPT(full) [ 1675.405831][ T1527] Tainted: [U]=USER [ 1675.405836][ T1527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1675.405846][ T1527] Call Trace: [ 1675.405853][ T1527] [ 1675.405860][ T1527] dump_stack_lvl+0x16c/0x1f0 [ 1675.405886][ T1527] should_fail_ex+0x512/0x640 [ 1675.405912][ T1527] should_failslab+0xc2/0x120 [ 1675.405933][ T1527] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1675.405951][ T1527] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 1675.405974][ T1527] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 1675.405997][ T1527] idr_get_free+0x528/0xa30 [ 1675.406024][ T1527] idr_alloc_u32+0x190/0x2f0 [ 1675.406045][ T1527] ? __pfx_idr_alloc_u32+0x10/0x10 [ 1675.406066][ T1527] ? lock_acquire+0x179/0x350 [ 1675.406088][ T1527] idr_alloc_cyclic+0x10b/0x230 [ 1675.406109][ T1527] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 1675.406127][ T1527] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1675.406154][ T1527] map_create+0xae3/0x1f80 [ 1675.406181][ T1527] ? __pfx_map_create+0x10/0x10 [ 1675.406199][ T1527] ? __might_fault+0xe3/0x190 [ 1675.406215][ T1527] ? __might_fault+0xe3/0x190 [ 1675.406229][ T1527] ? __might_fault+0x13b/0x190 [ 1675.406253][ T1527] __sys_bpf+0x44d2/0x4de0 [ 1675.406276][ T1527] ? __pfx___sys_bpf+0x10/0x10 [ 1675.406298][ T1527] ? ksys_write+0x190/0x250 [ 1675.406318][ T1527] ? do_futex+0x122/0x350 [ 1675.406336][ T1527] ? __pfx_do_futex+0x10/0x10 [ 1675.406361][ T1527] ? fput+0x9b/0xd0 [ 1675.406381][ T1527] ? xfd_validate_state+0x61/0x180 [ 1675.406402][ T1527] ? __pfx_ksys_write+0x10/0x10 [ 1675.406421][ T1527] __x64_sys_bpf+0x78/0xc0 [ 1675.406433][ T1527] ? lockdep_hardirqs_on+0x7c/0x110 [ 1675.406454][ T1527] do_syscall_64+0xcd/0x4c0 [ 1675.406477][ T1527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1675.406492][ T1527] RIP: 0033:0x7f3cd2b8eba9 [ 1675.406505][ T1527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1675.406519][ T1527] RSP: 002b:00007f3cd3a72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1675.406534][ T1527] RAX: ffffffffffffffda RBX: 00007f3cd2dd5fa0 RCX: 00007f3cd2b8eba9 [ 1675.406544][ T1527] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 1675.406553][ T1527] RBP: 00007f3cd2c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1675.406562][ T1527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1675.406571][ T1527] R13: 00007f3cd2dd6038 R14: 00007f3cd2dd5fa0 R15: 00007ffd7c9ddb68 [ 1675.406599][ T1527] [ 1675.407555][ T1518] FAULT_INJECTION: forcing a failure. [ 1675.407555][ T1518] name failslab, interval 1, probability 0, space 0, times 0 [ 1675.733120][ T1525] Invalid ELF header magic: != ELF [ 1675.890583][T13915] Bluetooth: hci0: command 0x0c1a tx timeout [ 1675.897001][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1675.926974][ T1531] FAULT_INJECTION: forcing a failure. [ 1675.926974][ T1531] name failslab, interval 1, probability 0, space 0, times 0 [ 1675.976158][ T1531] CPU: 0 UID: 0 PID: 1531 Comm: syz.1.5074 Tainted: G U syzkaller #0 PREEMPT(full) [ 1675.976186][ T1531] Tainted: [U]=USER [ 1675.976192][ T1531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1675.976201][ T1531] Call Trace: [ 1675.976208][ T1531] [ 1675.976215][ T1531] dump_stack_lvl+0x16c/0x1f0 [ 1675.976243][ T1531] should_fail_ex+0x512/0x640 [ 1675.976266][ T1531] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 1675.976289][ T1531] should_failslab+0xc2/0x120 [ 1675.976308][ T1531] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 1675.976328][ T1531] ? __request_module+0x2cb/0x690 [ 1675.976352][ T1531] kstrdup+0x53/0x100 [ 1675.976370][ T1531] __request_module+0x2cb/0x690 [ 1675.976391][ T1531] ? __pfx___request_module+0x10/0x10 [ 1675.976419][ T1531] ? aa_get_newest_label+0xd2/0x250 [ 1675.976436][ T1531] ? apparmor_capable+0x114/0x1d0 [ 1675.976456][ T1531] dev_load+0x221/0x240 [ 1675.976476][ T1531] dev_ioctl+0x4e4/0x1060 [ 1675.976497][ T1531] sock_do_ioctl+0x19d/0x280 [ 1675.976512][ T1531] ? __pfx_sock_do_ioctl+0x10/0x10 [ 1675.976531][ T1531] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1675.976566][ T1531] sock_ioctl+0x227/0x6b0 [ 1675.976584][ T1531] ? __pfx_sock_ioctl+0x10/0x10 [ 1675.976600][ T1531] ? hook_file_ioctl_common+0x145/0x410 [ 1675.976623][ T1531] ? __fget_files+0x20e/0x3c0 [ 1675.976643][ T1531] ? __pfx_sock_ioctl+0x10/0x10 [ 1675.976661][ T1531] __x64_sys_ioctl+0x18b/0x210 [ 1675.976684][ T1531] do_syscall_64+0xcd/0x4c0 [ 1675.976707][ T1531] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1675.976722][ T1531] RIP: 0033:0x7f3cd2b8eba9 [ 1675.976734][ T1531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1675.976749][ T1531] RSP: 002b:00007f3cd3a72038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1675.976763][ T1531] RAX: ffffffffffffffda RBX: 00007f3cd2dd5fa0 RCX: 00007f3cd2b8eba9 [ 1675.976773][ T1531] RDX: 00002000000000c0 RSI: 0000000000008933 RDI: 0000000000000003 [ 1675.976782][ T1531] RBP: 00007f3cd2c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 1675.976791][ T1531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1675.976800][ T1531] R13: 00007f3cd2dd6038 R14: 00007f3cd2dd5fa0 R15: 00007ffd7c9ddb68 [ 1675.976819][ T1531] [ 1676.416275][T24217] Bluetooth: hci2: command 0x0c1a tx timeout [ 1676.422469][T24217] Bluetooth: hci1: command 0x0c1a tx timeout [ 1677.511316][ T1550] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1678.394439][ T1539] FAULT_INJECTION: forcing a failure. [ 1678.394439][ T1539] name failslab, interval 1, probability 0, space 0, times 0 [ 1678.515822][ T1539] CPU: 0 UID: 0 PID: 1539 Comm: syz.3.5069 Tainted: G U syzkaller #0 PREEMPT(full) [ 1678.515850][ T1539] Tainted: [U]=USER [ 1678.515855][ T1539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1678.515864][ T1539] Call Trace: [ 1678.515871][ T1539] [ 1678.515877][ T1539] dump_stack_lvl+0x16c/0x1f0 [ 1678.515905][ T1539] should_fail_ex+0x512/0x640 [ 1678.515931][ T1539] ? __kmalloc_noprof+0xbf/0x510 [ 1678.515950][ T1539] ? tracing_log_err+0xb9/0x6d0 [ 1678.515969][ T1539] should_failslab+0xc2/0x120 [ 1678.515988][ T1539] __kmalloc_noprof+0xd2/0x510 [ 1678.516009][ T1539] tracing_log_err+0xb9/0x6d0 [ 1678.516032][ T1539] append_filter_err+0x380/0x5e0 [ 1678.516053][ T1539] apply_subsystem_event_filter+0x75a/0x17e0 [ 1678.516078][ T1539] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 1678.516101][ T1539] ? _copy_from_user+0x59/0xd0 [ 1678.516119][ T1539] subsystem_filter_write+0x95/0x120 [ 1678.516139][ T1539] ? __pfx_subsystem_filter_write+0x10/0x10 [ 1678.516156][ T1539] vfs_write+0x2a0/0x11d0 [ 1678.516177][ T1539] ? __pfx___mutex_lock+0x10/0x10 [ 1678.516199][ T1539] ? __pfx_vfs_write+0x10/0x10 [ 1678.516221][ T1539] ? __fget_files+0x20e/0x3c0 [ 1678.516242][ T1539] ksys_write+0x12a/0x250 [ 1678.516259][ T1539] ? __pfx_ksys_write+0x10/0x10 [ 1678.516282][ T1539] do_syscall_64+0xcd/0x4c0 [ 1678.516305][ T1539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1678.516319][ T1539] RIP: 0033:0x7f4f5e18eba9 [ 1678.516332][ T1539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1678.516346][ T1539] RSP: 002b:00007f4f5c3f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1678.516360][ T1539] RAX: ffffffffffffffda RBX: 00007f4f5e3d6090 RCX: 00007f4f5e18eba9 [ 1678.516370][ T1539] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000009 [ 1678.516379][ T1539] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1678.516387][ T1539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1678.516396][ T1539] R13: 00007f4f5e3d6128 R14: 00007f4f5e3d6090 R15: 00007ffc7f9b40f8 [ 1678.516415][ T1539] [ 1678.997706][ T1518] CPU: 0 UID: 0 PID: 1518 Comm: syz.3.5069 Tainted: G U syzkaller #0 PREEMPT(full) [ 1678.997734][ T1518] Tainted: [U]=USER [ 1678.997739][ T1518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1678.997749][ T1518] Call Trace: [ 1678.997755][ T1518] [ 1678.997761][ T1518] dump_stack_lvl+0x16c/0x1f0 [ 1678.997789][ T1518] should_fail_ex+0x512/0x640 [ 1678.997813][ T1518] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 1678.997834][ T1518] should_failslab+0xc2/0x120 [ 1678.997855][ T1518] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 1678.997874][ T1518] ? sk_prot_alloc+0x60/0x2a0 [ 1678.997893][ T1518] sk_prot_alloc+0x60/0x2a0 [ 1678.997910][ T1518] sk_alloc+0x36/0xc20 [ 1678.997931][ T1518] inet_create+0x3a1/0x1040 [ 1678.997950][ T1518] ? inet_create+0x93/0x1040 [ 1678.997970][ T1518] __sock_create+0x338/0x8d0 [ 1678.997991][ T1518] mptcp_subflow_create_socket+0xf5/0xed0 [ 1678.998011][ T1518] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 1678.998034][ T1518] __mptcp_nmpc_sk+0x182/0x850 [ 1678.998052][ T1518] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 1678.998071][ T1518] ? __local_bh_enable_ip+0xa4/0x120 [ 1678.998092][ T1518] mptcp_getsockopt+0xcf8/0xe20 [ 1678.998108][ T1518] ? __pfx_mptcp_getsockopt+0x10/0x10 [ 1678.998123][ T1518] ? find_held_lock+0x2b/0x80 [ 1678.998138][ T1518] ? __might_fault+0xe3/0x190 [ 1678.998155][ T1518] ? __might_fault+0xe3/0x190 [ 1678.998171][ T1518] ? __might_fault+0x13b/0x190 [ 1678.998194][ T1518] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 1678.998209][ T1518] do_sock_getsockopt+0x34d/0x440 [ 1678.998227][ T1518] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 1678.998242][ T1518] ? __fget_files+0x204/0x3c0 [ 1678.998267][ T1518] __sys_getsockopt+0x123/0x1b0 [ 1678.998293][ T1518] __x64_sys_getsockopt+0xbd/0x160 [ 1678.998314][ T1518] ? do_syscall_64+0x91/0x4c0 [ 1678.998337][ T1518] ? lockdep_hardirqs_on+0x7c/0x110 [ 1678.998373][ T1518] do_syscall_64+0xcd/0x4c0 [ 1678.998397][ T1518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1678.998413][ T1518] RIP: 0033:0x7f4f5e18eba9 [ 1678.998427][ T1518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1678.998441][ T1518] RSP: 002b:00007f4f5ef46038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 1678.998456][ T1518] RAX: ffffffffffffffda RBX: 00007f4f5e3d5fa0 RCX: 00007f4f5e18eba9 [ 1678.998467][ T1518] RDX: 0000000000000021 RSI: 0000000000000006 RDI: 0000000000000006 [ 1678.998476][ T1518] RBP: 00007f4f5e211e19 R08: 0000000000000000 R09: 0000000000000000 [ 1678.998485][ T1518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1678.998493][ T1518] R13: 00007f4f5e3d6038 R14: 00007f4f5e3d5fa0 R15: 00007ffc7f9b40f8 [ 1678.998512][ T1518] [ 1679.717665][ T1566] zswap: compressor 000 not available [ 1679.939839][ T1595] Invalid ELF header magic: != ELF [ 1680.231280][ T1582] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1680.385475][ T1582] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1680.463844][ T1582] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1680.540916][ T1609] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5093'. [ 1680.594759][ T1582] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1681.514527][ T1609] team0: Port device team_slave_1 removed [ 1681.754309][ T30] audit: type=1806 audit(6442456906.139:36): xattr="15" res=-22 [ 1681.898258][ T1625] vhci_hcd: not connected 4 [ 1682.263683][T13915] Bluetooth: hci0: command 0x0c1a tx timeout [ 1682.424565][T13915] Bluetooth: hci3: command 0x0c1a tx timeout [ 1682.501497][T13915] Bluetooth: hci2: command 0x0c1a tx timeout [ 1682.660711][T13915] Bluetooth: hci1: command 0x0c1a tx timeout [ 1683.171252][ T1663] Invalid ELF header magic: != ELF [ 1683.187693][ T1672] FAULT_INJECTION: forcing a failure. [ 1683.187693][ T1672] name failslab, interval 1, probability 0, space 0, times 0 [ 1683.281362][ T1672] CPU: 0 UID: 0 PID: 1672 Comm: syz.2.5114 Tainted: G U syzkaller #0 PREEMPT(full) [ 1683.281390][ T1672] Tainted: [U]=USER [ 1683.281395][ T1672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1683.281405][ T1672] Call Trace: [ 1683.281411][ T1672] [ 1683.281417][ T1672] dump_stack_lvl+0x16c/0x1f0 [ 1683.281445][ T1672] should_fail_ex+0x512/0x640 [ 1683.281470][ T1672] ? vmci_handle_arr_create+0x67/0x140 [ 1683.281491][ T1672] should_failslab+0xc2/0x120 [ 1683.281511][ T1672] __kmalloc_noprof+0xd2/0x510 [ 1683.281527][ T1672] ? lockdep_init_map_type+0x5c/0x280 [ 1683.281548][ T1672] ? lockdep_init_map_type+0x5c/0x280 [ 1683.281569][ T1672] vmci_handle_arr_create+0x67/0x140 [ 1683.281590][ T1672] vmci_ctx_create+0x26e/0x740 [ 1683.281608][ T1672] vmci_host_unlocked_ioctl+0x1ad8/0x2040 [ 1683.281631][ T1672] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 1683.281654][ T1672] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1683.281676][ T1672] ? do_vfs_ioctl+0x128/0x14f0 [ 1683.281699][ T1672] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1683.281726][ T1672] ? find_held_lock+0x2b/0x80 [ 1683.281740][ T1672] ? hook_file_ioctl_common+0x145/0x410 [ 1683.281764][ T1672] ? __fget_files+0x20e/0x3c0 [ 1683.281782][ T1672] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 1683.281804][ T1672] __x64_sys_ioctl+0x18b/0x210 [ 1683.281828][ T1672] do_syscall_64+0xcd/0x4c0 [ 1683.281851][ T1672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1683.281866][ T1672] RIP: 0033:0x7fc35238eba9 [ 1683.281878][ T1672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1683.281892][ T1672] RSP: 002b:00007fc3531f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1683.281907][ T1672] RAX: ffffffffffffffda RBX: 00007fc3525d5fa0 RCX: 00007fc35238eba9 [ 1683.281917][ T1672] RDX: 0000000000000006 RSI: 00000000000007a0 RDI: 0000000000000005 [ 1683.281925][ T1672] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1683.281938][ T1672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1683.281946][ T1672] R13: 00007fc3525d6038 R14: 00007fc3525d5fa0 R15: 00007fff4075d2f8 [ 1683.281965][ T1672] [ 1683.956735][ T1663] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1683.965762][ T1682] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 1684.606012][ T1706] ================================================================== [ 1684.614356][ T1706] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 1684.622184][ T1706] Read of size 8 at addr ffff888145eaa018 by task syz.2.5121/1706 [ 1684.630159][ T1706] [ 1684.632501][ T1706] CPU: 0 UID: 0 PID: 1706 Comm: syz.2.5121 Tainted: G U syzkaller #0 PREEMPT(full) [ 1684.632531][ T1706] Tainted: [U]=USER [ 1684.632537][ T1706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1684.632548][ T1706] Call Trace: [ 1684.632558][ T1706] [ 1684.632566][ T1706] dump_stack_lvl+0x116/0x1f0 [ 1684.632598][ T1706] print_report+0xcd/0x630 [ 1684.632619][ T1706] ? __virt_addr_valid+0x81/0x610 [ 1684.632641][ T1706] ? __phys_addr+0xe8/0x180 [ 1684.632661][ T1706] ? dvb_device_open+0x36a/0x3b0 [ 1684.632677][ T1706] kasan_report+0xe0/0x110 [ 1684.632697][ T1706] ? dvb_device_open+0x36a/0x3b0 [ 1684.632711][ T1706] ? __pfx_dvb_device_open+0x10/0x10 [ 1684.632724][ T1706] dvb_device_open+0x36a/0x3b0 [ 1684.632737][ T1706] ? __pfx_dvb_device_open+0x10/0x10 [ 1684.632751][ T1706] chrdev_open+0x234/0x6a0 [ 1684.632772][ T1706] ? __pfx_apparmor_file_open+0x10/0x10 [ 1684.632790][ T1706] ? __pfx_chrdev_open+0x10/0x10 [ 1684.632809][ T1706] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1684.632828][ T1706] do_dentry_open+0x982/0x1530 [ 1684.632849][ T1706] ? __pfx_chrdev_open+0x10/0x10 [ 1684.632869][ T1706] vfs_open+0x82/0x3f0 [ 1684.632890][ T1706] path_openat+0x1de4/0x2cb0 [ 1684.632911][ T1706] ? __pfx_path_openat+0x10/0x10 [ 1684.632929][ T1706] do_filp_open+0x20b/0x470 [ 1684.632946][ T1706] ? __pfx_do_filp_open+0x10/0x10 [ 1684.632969][ T1706] ? alloc_fd+0x471/0x7d0 [ 1684.632986][ T1706] do_sys_openat2+0x11b/0x1d0 [ 1684.633008][ T1706] ? __pfx_do_sys_openat2+0x10/0x10 [ 1684.633119][ T1706] ? __pfx_do_sys_openat2+0x10/0x10 [ 1684.633159][ T1706] __x64_sys_openat+0x174/0x210 [ 1684.633175][ T1706] ? __pfx___x64_sys_openat+0x10/0x10 [ 1684.633198][ T1706] do_syscall_64+0xcd/0x4c0 [ 1684.633223][ T1706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1684.633240][ T1706] RIP: 0033:0x7fc35238eba9 [ 1684.633253][ T1706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1684.633279][ T1706] RSP: 002b:00007fc3531f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1684.633295][ T1706] RAX: ffffffffffffffda RBX: 00007fc3525d5fa0 RCX: 00007fc35238eba9 [ 1684.633306][ T1706] RDX: 0000000000000001 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 1684.633316][ T1706] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1684.633325][ T1706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1684.633334][ T1706] R13: 00007fc3525d6038 R14: 00007fc3525d5fa0 R15: 00007fff4075d2f8 [ 1684.633349][ T1706] [ 1684.633355][ T1706] [ 1684.886246][ T1706] Allocated by task 1: [ 1684.890310][ T1706] kasan_save_stack+0x33/0x60 [ 1684.894987][ T1706] kasan_save_track+0x14/0x30 [ 1684.899657][ T1706] __kasan_kmalloc+0xaa/0xb0 [ 1684.904252][ T1706] dvb_register_device+0x1e4/0x2370 [ 1684.909447][ T1706] dvb_register_frontend+0x5a6/0x880 [ 1684.914752][ T1706] vidtv_bridge_probe+0x459/0xa90 [ 1684.919789][ T1706] platform_probe+0x106/0x1d0 [ 1684.924458][ T1706] really_probe+0x23e/0xa90 [ 1684.928960][ T1706] __driver_probe_device+0x1de/0x440 [ 1684.934261][ T1706] driver_probe_device+0x4c/0x1b0 [ 1684.939301][ T1706] __driver_attach+0x283/0x580 [ 1684.944076][ T1706] bus_for_each_dev+0x13b/0x1d0 [ 1684.948929][ T1706] bus_add_driver+0x2e9/0x690 [ 1684.953615][ T1706] driver_register+0x15c/0x4b0 [ 1684.958371][ T1706] vidtv_bridge_init+0x45/0x80 [ 1684.963128][ T1706] do_one_initcall+0x120/0x6e0 [ 1684.967897][ T1706] kernel_init_freeable+0x5c2/0x910 [ 1684.973102][ T1706] kernel_init+0x1c/0x2b0 [ 1684.977544][ T1706] ret_from_fork+0x56d/0x730 [ 1684.982151][ T1706] ret_from_fork_asm+0x1a/0x30 [ 1684.986999][ T1706] [ 1684.989313][ T1706] Freed by task 1682: [ 1684.993275][ T1706] kasan_save_stack+0x33/0x60 [ 1684.997964][ T1706] kasan_save_track+0x14/0x30 [ 1685.002631][ T1706] kasan_save_free_info+0x3b/0x60 [ 1685.007722][ T1706] __kasan_slab_free+0x60/0x70 [ 1685.012502][ T1706] kfree+0x2b4/0x4d0 [ 1685.016420][ T1706] dvb_device_put.part.0+0x60/0x90 [ 1685.021548][ T1706] dvb_device_open+0x2a4/0x3b0 [ 1685.026424][ T1706] chrdev_open+0x234/0x6a0 [ 1685.030849][ T1706] do_dentry_open+0x982/0x1530 [ 1685.035621][ T1706] vfs_open+0x82/0x3f0 [ 1685.039856][ T1706] path_openat+0x1de4/0x2cb0 [ 1685.044482][ T1706] do_filp_open+0x20b/0x470 [ 1685.048991][ T1706] do_sys_openat2+0x11b/0x1d0 [ 1685.053796][ T1706] __x64_sys_openat+0x174/0x210 [ 1685.058651][ T1706] do_syscall_64+0xcd/0x4c0 [ 1685.063173][ T1706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1685.069078][ T1706] [ 1685.071395][ T1706] The buggy address belongs to the object at ffff888145eaa000 [ 1685.071395][ T1706] which belongs to the cache kmalloc-256 of size 256 [ 1685.085433][ T1706] The buggy address is located 24 bytes inside of [ 1685.085433][ T1706] freed 256-byte region [ffff888145eaa000, ffff888145eaa100) [ 1685.099306][ T1706] [ 1685.101640][ T1706] The buggy address belongs to the physical page: [ 1685.108030][ T1706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x145eaa [ 1685.116886][ T1706] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1685.125373][ T1706] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff) [ 1685.132986][ T1706] page_type: f5(slab) [ 1685.136949][ T1706] raw: 057ff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 1685.145523][ T1706] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1685.154103][ T1706] head: 057ff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 1685.162775][ T1706] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1685.171472][ T1706] head: 057ff00000000001 ffffea000517aa81 00000000ffffffff 00000000ffffffff [ 1685.180143][ T1706] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 1685.188807][ T1706] page dumped because: kasan: bad access detected [ 1685.195213][ T1706] page_owner tracks the page as allocated [ 1685.201263][ T1706] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 20510788037, free_ts 0 [ 1685.220991][ T1706] post_alloc_hook+0x1c0/0x230 [ 1685.225749][ T1706] get_page_from_freelist+0x132b/0x38e0 [ 1685.231291][ T1706] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1685.237271][ T1706] alloc_pages_mpol+0x1fb/0x550 [ 1685.242138][ T1706] new_slab+0x247/0x330 [ 1685.246287][ T1706] ___slab_alloc+0xcf2/0x1750 [ 1685.250961][ T1706] __slab_alloc.constprop.0+0x56/0xb0 [ 1685.256313][ T1706] __kmalloc_cache_noprof+0xfb/0x3e0 [ 1685.261579][ T1706] dvb_register_device+0x1e4/0x2370 [ 1685.266765][ T1706] dvb_register_frontend+0x5a6/0x880 [ 1685.272058][ T1706] vidtv_bridge_probe+0x459/0xa90 [ 1685.277067][ T1706] platform_probe+0x106/0x1d0 [ 1685.281731][ T1706] really_probe+0x23e/0xa90 [ 1685.286235][ T1706] __driver_probe_device+0x1de/0x440 [ 1685.291534][ T1706] driver_probe_device+0x4c/0x1b0 [ 1685.296564][ T1706] __driver_attach+0x283/0x580 [ 1685.301328][ T1706] page_owner free stack trace missing [ 1685.306690][ T1706] [ 1685.309001][ T1706] Memory state around the buggy address: [ 1685.314629][ T1706] ffff888145ea9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1685.322706][ T1706] ffff888145ea9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1685.330770][ T1706] >ffff888145eaa000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1685.338816][ T1706] ^ [ 1685.343661][ T1706] ffff888145eaa080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1685.351707][ T1706] ffff888145eaa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1685.359756][ T1706] ================================================================== [ 1686.099141][ T1675] Process accounting resumed [ 1686.259719][ T1706] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1686.266975][ T1706] CPU: 0 UID: 0 PID: 1706 Comm: syz.2.5121 Tainted: G U syzkaller #0 PREEMPT(full) [ 1686.277937][ T1706] Tainted: [U]=USER [ 1686.281840][ T1706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 1686.291986][ T1706] Call Trace: [ 1686.295262][ T1706] [ 1686.298188][ T1706] dump_stack_lvl+0x3d/0x1f0 [ 1686.302799][ T1706] vpanic+0x6e8/0x7a0 [ 1686.306824][ T1706] ? __pfx_vpanic+0x10/0x10 [ 1686.311364][ T1706] ? __pfx_vprintk_emit+0x10/0x10 [ 1686.316388][ T1706] ? dvb_device_open+0x36a/0x3b0 [ 1686.321324][ T1706] panic+0xca/0xd0 [ 1686.325055][ T1706] ? __pfx_panic+0x10/0x10 [ 1686.329500][ T1706] ? dvb_device_open+0x36a/0x3b0 [ 1686.334461][ T1706] ? preempt_schedule_common+0x44/0xc0 [ 1686.339968][ T1706] ? preempt_schedule_thunk+0x16/0x30 [ 1686.345349][ T1706] check_panic_on_warn+0xab/0xb0 [ 1686.350413][ T1706] end_report+0x107/0x170 [ 1686.354907][ T1706] kasan_report+0xee/0x110 [ 1686.359510][ T1706] ? dvb_device_open+0x36a/0x3b0 [ 1686.364731][ T1706] ? __pfx_dvb_device_open+0x10/0x10 [ 1686.370023][ T1706] dvb_device_open+0x36a/0x3b0 [ 1686.374903][ T1706] ? __pfx_dvb_device_open+0x10/0x10 [ 1686.380435][ T1706] chrdev_open+0x234/0x6a0 [ 1686.385149][ T1706] ? __pfx_apparmor_file_open+0x10/0x10 [ 1686.390793][ T1706] ? __pfx_chrdev_open+0x10/0x10 [ 1686.395738][ T1706] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1686.402071][ T1706] do_dentry_open+0x982/0x1530 [ 1686.406845][ T1706] ? __pfx_chrdev_open+0x10/0x10 [ 1686.411789][ T1706] vfs_open+0x82/0x3f0 [ 1686.415954][ T1706] path_openat+0x1de4/0x2cb0 [ 1686.420576][ T1706] ? __pfx_path_openat+0x10/0x10 [ 1686.425519][ T1706] do_filp_open+0x20b/0x470 [ 1686.430022][ T1706] ? __pfx_do_filp_open+0x10/0x10 [ 1686.435044][ T1706] ? alloc_fd+0x471/0x7d0 [ 1686.439392][ T1706] do_sys_openat2+0x11b/0x1d0 [ 1686.444076][ T1706] ? __pfx_do_sys_openat2+0x10/0x10 [ 1686.449284][ T1706] ? __pfx_do_sys_openat2+0x10/0x10 [ 1686.454496][ T1706] __x64_sys_openat+0x174/0x210 [ 1686.459334][ T1706] ? __pfx___x64_sys_openat+0x10/0x10 [ 1686.464711][ T1706] do_syscall_64+0xcd/0x4c0 [ 1686.469215][ T1706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1686.475099][ T1706] RIP: 0033:0x7fc35238eba9 [ 1686.479513][ T1706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1686.499146][ T1706] RSP: 002b:00007fc3531f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1686.507569][ T1706] RAX: ffffffffffffffda RBX: 00007fc3525d5fa0 RCX: 00007fc35238eba9 [ 1686.515652][ T1706] RDX: 0000000000000001 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 1686.523776][ T1706] RBP: 00007fc352411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1686.531749][ T1706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1686.539812][ T1706] R13: 00007fc3525d6038 R14: 00007fc3525d5fa0 R15: 00007fff4075d2f8 [ 1686.547815][ T1706] [ 1686.550905][ T1706] Kernel Offset: disabled [ 1686.555212][ T1706] Rebooting in 86400 seconds..