last executing test programs: 7m49.098026964s ago: executing program 1 (id=318): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x400053, 0x9) socket(0x10, 0x2, 0x0) r0 = socket(0x18, 0xa, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) connect$auto(0xffffffffffffffff, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x80047437, 0x0) syz_genetlink_get_family_id$auto_nlbl_mgmt(0x0, 0xffffffffffffffff) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x11, 0x80003, 0x300) unshare$auto(0x40000080) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 7m48.45718576s ago: executing program 1 (id=321): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x800000]}, 0x1fe, 0x200c) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20008, 0x4000000000df, 0x2000eb1, 0xffffffffffffffff, 0x3) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="abe4bbfacdb9358406b56db145c06761fcb2990de3b195eca21c7770cc332892dea86e5004d6e7a85d455d8c80516340eb9b6f6df7a824ee7701d38027c42e599e89cdbf30b0ed38f96afe33dec54c5a01d8db7f09cd3e346ce24cc406e385d0a7d92fe7dae8ffacb1030000006344f42e0d0b9f2132151f7c3c4d80c76c35fa33ead576b5bd3d23ce01d03e3972f69bd1361d9c395d10dc423002a7b999378ab7dff170831954933457dd5fa70ddb21935127667271d5c104eb7a60c5b8fb147bfbe94c6456f13cb18eeaca7c98e24829647c958f665227be4702286d6e5c88ffa1b0e24c0ab7c9a3245c8930d38b766a968bdecd3ccf1a979b3f7f49259dde29b21e", @ANYRES16=r2, @ANYBLOB="e5b725bd7000fcdbdd2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) socket(0x1d, 0x1, 0x7fff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), r0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="30010000", @ANYRES16=r3, @ANYBLOB="010026bd7000fddbdf254900000014000400766c616e3100000000000000000000000500880000000000ff00bd0029aa3e736e3cc72126a0198aea41442e951e42b7307de8f1b01f01cebf184362d0ecde1033e880d54cde65bb7993b8eb993149252b40e15cef8621c4747df87664475151288388d6d0ab0ed34496049573f1efa4cabe4d213efe767348e436a9e344552c6f4e96f0ab7656d9419a42965ad59b485d20a6c3afaeb1163adb4db76f56e94f6a5ac4a1eb11b6cba06af8e515d7227ef5ddd2ac8301c5afbfd2f8e63f19c2b6d0c58412ed57cd9dce349a34fa952d3576a60a237aaada4a3f7488e26b266ef8b5ce0554e98b7106d5c7c64eb19aee073d8a0e16d3529c65d259a5696cc8bc02448a3ccfb5ad7e94e7e3eeb647186117a4fc4ead0b068100"], 0x130}, 0x1, 0x0, 0x0, 0x20040000}, 0x10) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x4, 0x0, 0x4) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) read$auto_dfs_cpu_ops_debugfs(r5, &(0x7f0000000040)=""/29, 0x1d) writev$auto(r6, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/i915/parameters/mitigations\x00', 0x88302, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x440100, 0x0) 7m46.140538077s ago: executing program 1 (id=330): openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000001000)='/dev/mtd0\x00', 0x8042, 0x0) mmap$auto(0x0, 0x4000b, 0xa, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0x5, 0x0) r0 = pipe$auto(0x0) bpf$auto_BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)=@token_create={0x4}, 0x1) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000040)=""/4096, 0x1000) write$auto(0x1, 0x0, 0x80000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/fail_over_mac\x00', 0x103b02, 0x0) open(0x0, 0x440, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff011) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x40080, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) sendfile$auto(0xffffffffffffffff, 0x3, 0x0, 0x7ffff000) close_range$auto(0x2, 0x8, 0x0) openat$auto_dev_fops_plock(0xffffffffffffff9c, 0x0, 0x101000, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x40000, 0x0) syz_clone3(0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/workqueue/parameters/default_affinity_scope\x00', 0x1a9242, 0x0) sendfile$auto(r1, r1, 0x0, 0x2) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x480, 0x0) mmap$auto(0x0, 0x400108, 0x3, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x3, 0x0) r2 = fsopen$auto(0x0, 0x1) fsconfig$auto(r2, 0x8, 0x0, 0x0, 0x0) fsconfig$auto(r2, 0x1, &(0x7f0000000000)='\x00', &(0x7f0000000040), 0x0) r3 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x6, 0x2, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x76c5, 0x400005, 0x100000005}}) io_uring_enter$auto(r3, 0x9, 0x820e, 0x6, 0x0, 0x18) 7m45.064863344s ago: executing program 1 (id=333): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0xc) sendmsg$auto_NFC_CMD_DEV_UP(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x6b0577283aa219a7}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="0001d5e8f02ab38e71354d64b0c225bd708f0b5117f5b398ebcb076ceeb0c4bf3ab325"], 0x1c}, 0x1, 0x0, 0x0, 0x20000801}, 0xc000) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0xa, 0x3, 0x3a) semctl$auto(0x80001ff, 0x804, 0x13, 0x4) setsockopt$auto(0x400000000000003, 0x29, 0xd2, 0x0, 0x567) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x10a, 0x400, 0x718c1257}]}) open_by_handle_at$auto(r2, &(0x7f00000000c0)={0x70, 0xec5, "1f59a9197a5e95fb249d86118c2a0fbf0fc96dfaa0e3ac0b49c57513847b6d88e326ac428d9941daa0352b25fb5a96c810bab62873813464a16ea5b0ce58ce3bb0edefbce255d5c5e0993c3cec0ea3b3d79af519d7b671006d747a291c2e3f0d8e6feed6848bca01c2b0391faaf4f19c"}, 0x7) 7m44.407596205s ago: executing program 1 (id=336): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001cc0)='/dev/input/event1\x00', 0x40000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) socket(0xa, 0x3, 0x3b) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0x8d, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) (fail_nth: 1) open_tree_attr$auto(0xffffffffffffff9c, 0x0, 0x8, &(0x7f00000002c0)={0x401, 0x101, 0x2b1, @raw=0x7}, 0x6) socket(0x28, 0x1, 0x0) 7m43.44433462s ago: executing program 1 (id=339): rt_sigqueueinfo$auto(0x0, 0x7e, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x41, 0x7e73, @_sigfault={0x0, @_perf={0xc, 0x40009, 0x9}}}}) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) fchdir$auto(0xffffffffffffffff) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) syz_clone(0x20011, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x3, 0x20809, 0x1, 0x410, r0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x200000001000000, 0xfffff7fffffffff7, 0x3ee) mmap$auto(0x100, 0x20000000000004, 0xfffffffffffffffc, 0x40eb1, 0x401, 0x300000000000) bpf$auto(0x6, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x9000, 0x8002, 0x2) mprotect$auto(0x0, 0x806121, 0x6) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20443, 0x0) r2 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r2, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x100, 0x0) close_range$auto(r2, r1, 0x800) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) 7m28.233320541s ago: executing program 32 (id=339): rt_sigqueueinfo$auto(0x0, 0x7e, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x41, 0x7e73, @_sigfault={0x0, @_perf={0xc, 0x40009, 0x9}}}}) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) fchdir$auto(0xffffffffffffffff) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) syz_clone(0x20011, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x3, 0x20809, 0x1, 0x410, r0, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x200000001000000, 0xfffff7fffffffff7, 0x3ee) mmap$auto(0x100, 0x20000000000004, 0xfffffffffffffffc, 0x40eb1, 0x401, 0x300000000000) bpf$auto(0x6, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x9000, 0x8002, 0x2) mprotect$auto(0x0, 0x806121, 0x6) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20443, 0x0) r2 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r2, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x100, 0x0) close_range$auto(r2, r1, 0x800) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) 16.298798847s ago: executing program 4 (id=3388): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x800000]}, 0x1fe, 0x200c) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20008, 0x4000000000df, 0x2000eb1, 0xffffffffffffffff, 0x3) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="abe4bbfacdb9358406b56db145c06761fcb2990de3b195eca21c7770cc332892dea86e5004d6e7a85d455d8c80516340eb9b6f6df7a824ee7701d38027c42e599e89cdbf30b0ed38f96afe33dec54c5a01d8db7f09cd3e346ce24cc406e385d0a7d92fe7dae8ffacb1030000006344f42e0d0b9f2132151f7c3c4d80c76c35fa33ead576b5bd3d23ce01d03e3972f69bd1361d9c395d10dc423002a7b999378ab7dff170831954933457dd5fa70ddb21935127667271d5c104eb7a60c5b8fb147bfbe94c6456f13cb18eeaca7c98e24829647c958f665227be4702286d6e5c88ffa1b0e24c0ab7c9a3245c8930d38b766a968bdecd3ccf1a979b3f7f49259dde29b21e", @ANYRES16=r2, @ANYBLOB="e5b725bd7000fcdbdd2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) socket(0x1d, 0x1, 0x7fff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), r0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="30010000", @ANYRES16=r3, @ANYBLOB="010026bd7000fddbdf254900000014000400766c616e3100000000000000000000000500880000000000ff00bd0029aa3e736e3cc72126a0198aea41442e951e42b7307de8f1b01f01cebf184362d0ecde1033e880d54cde65bb7993b8eb993149252b40e15cef8621c4747df87664475151288388d6d0ab0ed34496049573f1efa4cabe4d213efe767348e436a9e344552c6f4e96f0ab7656d9419a42965ad59b485d20a6c3afaeb1163adb4db76f56e94f6a5ac4a1eb11b6cba06af8e515d7227ef5ddd2ac8301c5afbfd2f8e63f19c2b6d0c58412ed57cd9dce349a34fa952d3576a60a237aaada4a3f7488e26b266ef8b5ce0554e98b7106d5c7c64eb19aee073d8a0e16d3529c65d259a5696cc8bc02448a3ccfb5ad7e94e7e3eeb6471861"], 0x130}, 0x1, 0x0, 0x0, 0x20040000}, 0x10) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) read$auto_dfs_cpu_ops_debugfs(r5, &(0x7f0000000040)=""/29, 0x1d) writev$auto(r6, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/i915/parameters/mitigations\x00', 0x88302, 0x0) sendfile$auto(r7, r7, 0x0, 0x7ffff000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x440100, 0x0) 16.035081019s ago: executing program 2 (id=3389): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) ioctl$auto(r0, 0x5646, r0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x440, 0x0) socket(0x29, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b82, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r2], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfc7c, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40c0}, 0x48050) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) uname$auto(0x0) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi15\x00', 0x802, 0x0) write$auto(r4, &(0x7f0000000340)='%]{\fZ', 0xffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) 14.675582832s ago: executing program 2 (id=3390): r0 = pipe2$auto(0x0, 0x0) open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x4) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r1, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_XFS_IOC_FREESP(r0, 0x4030580b, &(0x7f0000000100)={0x6a6e, 0x2, 0x0, 0x5f6, 0x1, 0x0}) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x7, 0x4) read$auto_vhci_fops_hci_vhci(r2, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x200948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x6, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) request_key$auto_KEY_SPEC_GROUP_KEYRING(0x0, 0x0, 0x0, 0xfffffffffffffffa) ioctl$auto(0x3, 0x8905, 0x38) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) futex$auto(0x0, 0x9, 0x2948, 0x0, 0x0, 0x9) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0) 14.259271012s ago: executing program 3 (id=3391): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x96243, 0x0) pwrite64$auto(0xc8, &(0x7f0000000440)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00q\xa8\xb3P\x90\xdc\xf8\xc3\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4\x0e\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\t\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\x00v\xdb\xa9\x9cs\xd8\xf2W\xaf@\xd3U_kn\xd3\xf0\r\'$?\xb9b\x18Y\xf3\x15)\xe3\xa1;1\x9c=a\xf9Jf\xe9\xf4\xfc\xc3\xe5\x94s\xcc\xed\x85\xd0%\x89\xc3\xc7\xacY\xe7{pu\xbb\x18\xaeo\'\xb8\xb3\x90\xd2\xc6\xc8\x00T\xee;|\xb9\xe5B\xd7\'9\xad\xc5Gc`\x8a\xb7\xa8hz\xef\xf5\x9eJ.+\xa9\xee`?\x94\xf6fg\xe9\x80\xbf[\x00\x99\x88\xc1\x88\xcb\xa3\xdb($\xd2>h\xfe\xfcq\x92\xc40\xb3a\xbbN`!\x1f*wy:t\xee\xb1xOg\xf6\x8e\x93j\xa4\x05\xd7eb\xe4u\x01\xc3\x87\x04\xff\x86\x12\x00\x00\xfe\xffp\x90\x88y;\x87\x1c\x8e\xba\x86\x91E^\x8b\xfb\x98\xb9', 0xfdf2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket(0x23, 0x80805, 0x0) mmap$auto(0x8000000000000001, 0x4ae, 0x6, 0x50, r0, 0x70e) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x18000) keyctl$auto_KEYCTL_INSTANTIATE_IOV(0x14, 0x1000000000000000, 0x1, 0x31, 0x0) io_uring_setup$auto(0x4, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/kpagecgroup\x00', 0x20000, 0x0) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) 13.666491485s ago: executing program 0 (id=3392): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) seccomp$auto(0x2, 0x10, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2c40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001c00)=""/4109, 0x100d) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0xa0000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) get_mempolicy$auto(0x0, 0x0, 0x2, 0x86, 0x9) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card2\x00', 0x688200, 0x0) mmap$auto(0xd, 0x20007, 0x5, 0xeb1, 0x401, 0x10000008000) unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103b02, 0x0) sendfile$auto(r0, r0, 0x0, 0x8080000001) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) io_submit$auto(0x8e4, 0x2, 0x0) read$auto(0xffffffffffffffff, &(0x7f0000000080)='/dev/snapshot\x00', 0xb00) r1 = socket(0x2a, 0x2, 0xffffffff) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55) getpeername$auto(r1, 0x0, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) 12.595902977s ago: executing program 3 (id=3393): pipe2$auto(0x0, 0x0) open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x4) unshare$auto(0x40000080) socket(0x10, 0x2, 0x14) mmap$auto(0x1000000000, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto_PR_SET_MM_ENV_END(0xfffffffa, 0xb, 0xffffffffffffffff, 0x79, 0x5) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) get_robust_list$auto(0x1, 0x0, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8006, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSFLAGS(r0, 0x40047459, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x8041, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x7, 0x4) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000100)=""/22, 0x16) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 12.262692946s ago: executing program 4 (id=3394): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) seccomp$auto(0x2, 0x10, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2c40, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001c00)=""/4109, 0x100d) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0xa0000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x2, 0x1d2c, 0x3, 0x4, 0x15f4da0e, 0x6, 0x9, 0x100000000000000c, 0x8, 0x4, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) get_mempolicy$auto(0x0, 0x0, 0x2, 0x86, 0x9) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dri/card2\x00', 0x688200, 0x0) mmap$auto(0xd, 0x20007, 0x5, 0xeb1, 0x401, 0x10000008000) unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x103b02, 0x0) sendfile$auto(r0, r0, 0x0, 0x8080000001) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) io_submit$auto(0x8e4, 0x2, 0x0) read$auto(0xffffffffffffffff, &(0x7f0000000080)='/dev/snapshot\x00', 0xb00) r1 = socket(0x2a, 0x2, 0xffffffff) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55) getpeername$auto(r1, 0x0, &(0x7f0000000040)=0x4) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) 11.999171232s ago: executing program 0 (id=3395): rt_sigqueueinfo$auto(0x0, 0x6, &(0x7f0000000040)={@siginfo_0_0={0xffffff80, 0x7, 0xffffffc4, @_sigsys={0x0, 0xfffffffe, 0x5}}}) mmap$auto(0x32a82e25, 0xa, 0x8, 0xeb1, 0xfffffffffffffffa, 0x8004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2a, 0x2, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(r0, &(0x7f0000000040)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) io_uring_setup$auto(0x1, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) getcwd$auto(0x0, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1_vlan\x00'}) connect$auto(r0, 0x0, 0x53) r1 = prctl$auto(0x3e, 0x80000003ca, 0x0, 0x28, 0x7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x531300, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) unshare$auto(0x40000080) r3 = socket(0xa, 0x3, 0x3) mmap$auto(0x0, 0x3ffffd, 0x7, 0x11, r2, 0x0) ioctl$auto(r3, 0x8982, 0x1) r4 = socket(0x1e, 0x3, 0xfffffeff) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) write$auto(0x1, 0x0, 0x80000000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x1) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r4) openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0x80200, 0x0) close_range$auto(0x2, r1, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) 9.456167944s ago: executing program 0 (id=3396): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x800000]}, 0x1fe, 0x200c) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20008, 0x4000000000df, 0x2000eb1, 0xffffffffffffffff, 0x3) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="abe4bbfacdb9358406b56db145c06761fcb2990de3b195eca21c7770cc332892dea86e5004d6e7a85d455d8c80516340eb9b6f6df7a824ee7701d38027c42e599e89cdbf30b0ed38f96afe33dec54c5a01d8db7f09cd3e346ce24cc406e385d0a7d92fe7dae8ffacb1030000006344f42e0d0b9f2132151f7c3c4d80c76c35fa33ead576b5bd3d23ce01d03e3972f69bd1361d9c395d10dc423002a7b999378ab7dff170831954933457dd5fa70ddb21935127667271d5c104eb7a60c5b8fb147bfbe94c6456f13cb18eeaca7c98e24829647c958f665227be4702286d6e5c88ffa1b0e24c0ab7c9a3245c8930d38b766a968bdecd3ccf1a979b3f7f49259dde29", @ANYRES16=r2, @ANYBLOB="e5b725bd7000fcdbdd2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) socket(0x1d, 0x1, 0x7fff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), r0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="30010000", @ANYRES16=r3, @ANYBLOB="010026bd7000fddbdf254900000014000400766c616e3100000000000000000000000500880000000000ff00bd0029aa3e736e3cc72126a0198aea41442e951e42b7307de8f1b01f01cebf184362d0ecde1033e880d54cde65bb7993b8eb993149252b40e15cef8621c4747df87664475151288388d6d0ab0ed34496049573f1efa4cabe4d213efe767348e436a9e344552c6f4e96f0ab7656d9419a42965ad59b485d20a6c3afaeb1163adb4db76f56e94f6a5ac4a1eb11b6cba06af8e515d7227ef5ddd2ac8301c5afbfd2f8e63f19c2b6d0c58412ed57cd9dce349a34fa952d3576a60a237aaada4a3f7488e26b266ef8b5ce0554e98b7106d5c7c64eb19aee073d8a0e16d3529c65d259a5696cc8bc02448a3ccfb5ad7e94e7e3eeb647186117a4fc4ead0b068100"], 0x130}, 0x1, 0x0, 0x0, 0x20040000}, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x4, 0x0, 0x4) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) read$auto_dfs_cpu_ops_debugfs(r4, &(0x7f0000000040)=""/29, 0x1d) writev$auto(r5, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/i915/parameters/mitigations\x00', 0x88302, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x440100, 0x0) 9.263515606s ago: executing program 4 (id=3397): exit$auto(0xffffff9f) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_taskstats(0x0, r0) getpgrp(0x0) sendmsg$auto_TASKSTATS_CMD_GET(r0, 0x0, 0x20000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) fcntl$auto_F_SETSIG(0xffffffffffffffff, 0xa, 0x400000000000) r1 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001bc0)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x168081, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001e40)="2e271caeedc13d69b4fc13780654c968af9f176b5bbf60445af0b193e8756a01222effbf37f05a957cb25aa6ff48fc0f820814b41e96d12cf8677427b39d1d0c92c87beaf864f5f006a2bd510c18feaf2fec4e848ef5f5f0cba87d0fa2d929", 0x5f) writev$auto(0x3, 0x0, 0x1b) unshare$auto(0x40000080) lsm_set_self_attr$auto(0x5, 0x0, 0x7fff, 0x1783) pwrite64$auto(0xc8, &(0x7f0000000480)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11:\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\t^\xbe\xa2E\xd8?\'\rg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\b\x00\x00\x00\x00\x00\x00\x00g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00Z4\x14\xf5\xc1\xc4cp\xda|\xf1\xc7\x83a\xc2\bk\xb5\xf2vc8\b8\xc9\x8d\xe1\t\\\xdd\x06g\xe6\n\xa2\x81\xa4\n\x17C\x9b`\xcf\xf7Lc\x87\x92\xe5\xf0\xd7;\x8f\x9f<\xb7\'\xb7\x84\xa6\x02\xe7\xa6(|9\xb5\x91\xea\x8b\x9d\xbfo\xe1\xb3\xad\xbc\f\x17\x01\x05{%\xce\xc6-O\xd3\xb2\xf3\r\x1aF\xe7\x7f\xed\xf6\xff\x9dGNe,\x8b\xf2]\x7f\x90\xbb\xf7\x1c0\xcc\xed\x1eJ\xff\xea\xd9M\t\xf8\x82}\xbb\xb96\xacm\xbd`\xd6kx\x93H\a\xf8\x11\xe4\xb4\x9c\xe9\x98\v\xbe\x96\xaf\xb3\xa4\xbeR|\xb6\xeay\x95\xb3\xc9s\x17\x91\xa5\xd0\'!0S\x9eGm@r;a\xeak\x8d\x98\xc7\xe7\x13\'!\xbcs\xe00\xe9O!\xa2n\xcc\x80\b\x89&\x9a\xc7x\xce&\x80\xf3\xa8', 0x40fdef, 0x200) openat$auto_random_fops_random(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x10001, 0x16, 0x52ac1259, 0x40eb1, 0x401, 0x300000000000) ioctl$auto_PPPIOCSMRRU(0xffffffffffffffff, 0x4004743b, 0x0) write$auto_dfs_global_fops_debug(0xffffffffffffffff, 0x0, 0x0) msgget$auto(0x0, 0x5) msgsnd$auto(0x0, 0x0, 0x400, 0x2) msgrcv$auto(0x0, 0x0, 0x4bd, 0x1, 0xf1) r2 = socket(0x18, 0x5, 0x1) mmap$auto(0x0, 0x9076, 0x400000000000001, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0xa, 0x5, 0x84) getsockopt$auto(r3, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x1000c0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'pim6reg1\x00', 0x0}) connect$auto(r2, &(0x7f0000000000)=@xdp={0x2c, 0x1, r4, 0x1e}, 0x100004) 9.253942459s ago: executing program 2 (id=3398): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket(0x22, 0x3, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r0, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, 0x0, 0x0) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) futex_wake$auto(0x0, 0x5, 0x4, 0xa) futex_wake$auto(&(0x7f0000000000)="facff2b53ab3522cb329b5a87bdbc091f5a6ad597f2789e870d64db4cf6503135f5a750abc973b65703b664991ab45d13445d9c4df1d25210345f44468854c9689b943d1c65073bf11fd0c98fb48f9f4d67c0908e7470167", 0xfffffffffffffff8, 0xfff, 0x7f) shmget$auto(0x8, 0x10563, 0x568d1af2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000e1, 0xeb2, 0x401, 0x8000) 7.930332666s ago: executing program 3 (id=3399): rt_sigqueueinfo$auto(0x0, 0x6, &(0x7f0000000040)={@siginfo_0_0={0xffffff80, 0x7, 0xffffffc4, @_sigsys={0x0, 0xfffffffe, 0x5}}}) mmap$auto(0x32a82e25, 0xa, 0x8, 0xeb1, 0xfffffffffffffffa, 0x8004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2a, 0x2, 0x1) io_uring_setup$auto(0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1_vlan\x00'}) connect$auto(r0, &(0x7f0000000000)=@in={0x2, 0x4e24, @private=0xa010102}, 0x53) r1 = prctl$auto(0x3e, 0x80000003ca, 0x0, 0x28, 0x7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x531300, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f00000003c0)='4', 0x1) unshare$auto(0x40000080) r3 = socket(0xa, 0x3, 0x3) ioctl$auto(r3, 0x8982, 0x1) r4 = socket(0x1e, 0x3, 0xfffffeff) write$auto(0x1, 0x0, 0x80000000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r4) openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0x80200, 0x0) close_range$auto(0x2, r1, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) 6.065892812s ago: executing program 3 (id=3400): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x800000]}, 0x1fe, 0x200c) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20008, 0x4000000000df, 0x2000eb1, 0xffffffffffffffff, 0x3) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="abe4bbfacdb9358406b56db145c06761fcb2990de3b195eca21c7770cc332892dea86e5004d6e7a85d455d8c80516340eb9b6f6df7a824ee7701d38027c42e599e89cdbf30b0ed38f96afe33dec54c5a01d8db7f09cd3e346ce24cc406e385d0a7d92fe7dae8ffacb1030000006344f42e0d0b9f2132151f7c3c4d80c76c35fa33ead576b5bd3d23ce01d03e3972f69bd1361d9c395d10dc423002a7b999378ab7dff170831954933457dd5fa70ddb21935127667271d5c104eb7a60c5b8fb147bfbe94c6456f13cb18eeaca7c98e24829647c958f665227be4702286d6e5c88ffa1b0e24c0ab7c9a3245c8930d38b766a968bdecd3ccf1a979b3f7f49259dde29b21e", @ANYRES16=r2, @ANYBLOB="e5b725bd7000fcdbdd2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) socket(0x1d, 0x1, 0x7fff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), r0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="30010000", @ANYRES16=r3, @ANYBLOB="010026bd7000fddbdf254900000014000400766c616e3100000000000000000000000500880000000000ff00bd0029aa3e736e3cc72126a0198aea41442e951e42b7307de8f1b01f01cebf184362d0ecde1033e880d54cde65bb7993b8eb993149252b40e15cef8621c4747df87664475151288388d6d0ab0ed34496049573f1efa4cabe4d213efe767348e436a9e344552c6f4e96f0ab7656d9419a42965ad59b485d20a6c3afaeb1163adb4db76f56e94f6a5ac4a1eb11b6cba06af8e515d7227ef5ddd2ac8301c5afbfd2f8e63f19c2b6d0c58412ed57cd9dce349a34fa952d3576a60a237aaada4a3f7488e26b266ef8b5ce0554e98b7106d5c7c64eb19aee073d8a0e16d3529c65d259a5696cc8bc02448a3ccfb5ad7e94e7e3eeb647186117a4fc4ead"], 0x130}, 0x1, 0x0, 0x0, 0x20040000}, 0x10) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) read$auto_dfs_cpu_ops_debugfs(r5, &(0x7f0000000040)=""/29, 0x1d) writev$auto(r6, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/i915/parameters/mitigations\x00', 0x88302, 0x0) sendfile$auto(r7, r7, 0x0, 0x7ffff000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x440100, 0x0) 5.807715068s ago: executing program 4 (id=3401): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x800000]}, 0x1fe, 0x200c) r0 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20008, 0x4000000000df, 0x2000eb1, 0xffffffffffffffff, 0x3) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="abe4bbfacdb9358406b56db145c06761fcb2990de3b195eca21c7770cc332892dea86e5004d6e7a85d455d8c80516340eb9b6f6df7a824ee7701d38027c42e599e89cdbf30b0ed38f96afe33dec54c5a01d8db7f09cd3e346ce24cc406e385d0a7d92fe7dae8ffacb1030000006344f42e0d0b9f2132151f7c3c4d80c76c35fa33ead576b5bd3d23ce01d03e3972f69bd1361d9c395d10dc423002a7b999378ab7dff170831954933457dd5fa70ddb21935127667271d5c104eb7a60c5b8fb147bfbe94c6456f13cb18eeaca7c98e24829647c958f665227be4702286d6e5c88ffa1b0e24c0ab7c9a3245c8930d38b766a968bdecd3ccf1a979b3f7f49259dde29b21e", @ANYRES16=r2, @ANYBLOB="e5b725bd7000fcdbdd2519000000"], 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) socket(0x1d, 0x1, 0x7fff) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), r0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(r0, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB="30010000", @ANYRES16=r3, @ANYBLOB="010026bd7000fddbdf254900000014000400766c616e3100000000000000000000000500880000000000ff00bd0029aa3e736e3cc72126a0198aea41442e951e42b7307de8f1b01f01cebf184362d0ecde1033e880d54cde65bb7993b8eb993149252b40e15cef8621c4747df87664475151288388d6d0ab0ed34496049573f1efa4cabe4d213efe767348e436a9e344552c6f4e96f0ab7656d9419a42965ad59b485d20a6c3afaeb1163adb4db76f56e94f6a5ac4a1eb11b6cba06af8e515d7227ef5ddd2ac8301c5afbfd2f8e63f19c2b6d0c58412ed57cd9dce349a34fa952d3576a60a237aaada4a3f7488e26b266ef8b5ce0554e98b7106d5c7c64eb19aee073d8a0e16d3529c65d259a5696cc8bc02448a3ccfb5ad7e94e7e3eeb647186117a4fc4ead"], 0x130}, 0x1, 0x0, 0x0, 0x20040000}, 0x10) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) read$auto_dfs_cpu_ops_debugfs(r5, &(0x7f0000000040)=""/29, 0x1d) writev$auto(r6, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001080)='/sys/module/i915/parameters/mitigations\x00', 0x88302, 0x0) sendfile$auto(r7, r7, 0x0, 0x7ffff000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x440100, 0x0) 5.473454423s ago: executing program 2 (id=3402): r0 = openat$auto_ns_file_operations_nsfs(0xffffffffffffff9c, &(0x7f0000005dc0)='/proc/thread-self/ns/cgroup\x00', 0x800, 0x0) open_by_handle_at$auto(r0, &(0x7f0000005e00)={0x10, 0xf1, "82a0d48cb31f0af60000000823b40e62"}, 0x80000001) r1 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000001f00), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003a80)={0x0, 0x0, &(0x7f0000003a40)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd2e, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x10, 0x1, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @str='@):^\\/\\\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x24040804) 4.987681279s ago: executing program 0 (id=3403): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) r0 = syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, 0x0, 0x2000c055) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r4, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000100)={0x30, r5, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0xd, 0x4, 0x0, 0x1, [@nested={0x4, 0x45}, @generic="141fc94af8"]}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x48000}, 0x0) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)={0x154, r3, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x1, 0x7}}, @NL80211_ATTR_STA_SUPPORTED_RATES={0x17, 0x13, "13c366f9244357d432f2e44cc4bf4e5878fe5d"}, @NL80211_ATTR_WIPHY_NAME={0x8, 0x2, '/${\x00'}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x8}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x2}, @NL80211_ATTR_SCAN_SSIDS={0xe0, 0x2d, 0x0, 0x1, [@typed={0xdb, 0x9e, 0x0, 0x0, @binary="b4fd0d01c34ee935559dfeee2d5379f816ca8beef6bffba850a2bb7cb3dbf29cc7f3c293e5141baa70de2f3150d0346dc2bf13c66d273e9492155da97106304601c218d9948eb5181f91d2d23af177cada692bff7e26f553cf563f9667bc0535dd31bcd34030a2c3f49e31790e9c7224a832221de5435944a790e58e20765d5a0ba416d5a1df1a52c8b0d50829461b158b8b9a01e5d61008355a55e513193448e41337a1bc732a4e8e1260c9758a1739b2fc4061bca043457cd851f9d642c1ae9694bf61dd1f8acadbf547a0c05b0adcfd9908164ef2dd"}]}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@typed={0xc, 0x140, 0x0, 0x0, @u64=0x3}]}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x8}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x7}]}, 0x154}, 0x1, 0x0, 0x0, 0x20000800}, 0x10) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) mlockall$auto(0x7) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4, 0xffffffffffffffff}, 0xa) r7 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000180), r6) sendmsg$auto_OVS_METER_CMD_SET(r1, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x18, r7, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x1}, 0x44000) ptrace$auto(0x80010, r0, 0x2, 0x1007ff) 4.892391691s ago: executing program 2 (id=3404): pipe2$auto(0x0, 0x0) open_tree_attr$auto(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x4) unshare$auto(0x40000080) socket(0x10, 0x2, 0x14) mmap$auto(0x1000000000, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto_PR_SET_MM_ENV_END(0xfffffffa, 0xb, 0xffffffffffffffff, 0x79, 0x5) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) get_robust_list$auto(0x1, 0x0, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8006, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSFLAGS(r0, 0x40047459, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x8041, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x0, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ptrace$auto_PTRACE_SECCOMP_GET_METADATA(0x420d, 0x0, 0x7, 0x4) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000100)=""/22, 0x16) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 3.196711134s ago: executing program 0 (id=3405): rt_sigqueueinfo$auto(0x0, 0x6, &(0x7f0000000040)={@siginfo_0_0={0xffffff80, 0x7, 0xffffffc4, @_sigsys={0x0, 0xfffffffe, 0x5}}}) mmap$auto(0x32a82e25, 0xa, 0x8, 0xeb1, 0xfffffffffffffffa, 0x8004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2a, 0x2, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(r0, &(0x7f0000000040)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) io_uring_setup$auto(0x1, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) getcwd$auto(0x0, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth1_vlan\x00'}) connect$auto(r0, 0x0, 0x53) r1 = prctl$auto(0x3e, 0x80000003ca, 0x0, 0x28, 0x7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x531300, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) unshare$auto(0x40000080) r3 = socket(0xa, 0x3, 0x3) mmap$auto(0x0, 0x3ffffd, 0x7, 0x11, r2, 0x0) ioctl$auto(r3, 0x8982, 0x1) r4 = socket(0x1e, 0x3, 0xfffffeff) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) write$auto(0x1, 0x0, 0x80000000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x1) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r4) openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0x80200, 0x0) close_range$auto(0x2, r1, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) 2.689792305s ago: executing program 3 (id=3406): close_range$auto(0x2, 0x8, 0x0) (async) r0 = socket(0x10, 0x2, 0xc) (async) socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) (async, rerun: 64) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) (rerun: 64) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000040), 0xa40c0, 0x0) (async, rerun: 64) r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) (rerun: 64) ioctl$auto(r4, 0x9000643b, 0xffffffffffffffff) socketpair$auto(0x4, 0x400, 0x6, &(0x7f0000000300)=0x7) (async) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_STOP_AP(r3, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)=ANY=[@ANYBLOB="44010000", @ANYRES16=r5, @ANYBLOB="000126bd7000fddbdf25100000000800c90001000000060014019a02000004005f000400bf009500be00ce7b213be0b91e8eb5597f41c2c2021ca2ca75ddd1719f4285665290c3f8108faf8d90d9cbbe6a736ee2f273a2d1858d7baba594089142a1ebf1d90bb52e2a5b5f004bd1629fdfc4231c4044055d98e959000000000000006d0d23d7a70636137ea3960fe944298ddf3d4df38c915d83c21a0b83dda1fe39f719af59f34be5ea3007dc1d07280a669d6d5ec1a87f8658ae0000001400cd0082430f98fb80c804e1025d13cda7eca56c001a004550c2fe07a04749a42d46d78983e16f854239b3ab57f1a80e265b8eb039ab03e6b0d749559e18311b2fb2866b31da09d2bb6a846ee65f65527878cc649f5beb955a6643c298338f6c4b0b0ca1f808b23d10e6ac987983a27780b76b8d549703928d1432cfaace8a"], 0x144}}, 0x0) ioctl$auto(0x3, 0x800, r3) ioctl$auto_KVM_GET_MSRS(r1, 0x4138ae84, 0x0) 2.175875104s ago: executing program 3 (id=3407): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x20499d, 0x9) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0x29, 0x2, 0x0) r0 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0) write$auto(r0, 0x0, 0x5) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x20002, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000000)="7f07d3") close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0x0, &(0x7f0000000000)={0x8, 0x3ff, 0x2, 0x1, 0x2, 0xa, 0xffffffffffffffff, [0x0, 0xffffffff], {0x8, 0x3, 0x1, 0x22b, 0x8000100, 0x584, 0x1ff, 0x1000006, 0xffffffffffffffff}, {0xbfc7, 0x1, 0x52, 0x8, 0x3, 0x3d, 0x8, 0x7, 0x100000000}}) r3 = open(&(0x7f0000000080)='./bus\x00', 0x64040, 0xc0) fcntl$auto(r3, 0x0, 0xa8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) execve$auto(&(0x7f00000000c0)='.\x00', &(0x7f0000000140)=&(0x7f0000000100)='[#-:\x00', &(0x7f00000001c0)=&(0x7f0000000180)=')\x00') mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) ioctl$auto(r4, 0x40104d04, r4) fcntl$auto_F_GETOWN(r2, 0x9, 0x6) openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, 0x0, 0x42000, 0x0) read$auto_proc_pid_smaps_operations_internal(r3, &(0x7f00000002c0)=""/190, 0xbe) write$auto(0x3, 0x0, 0x8) 792.451682ms ago: executing program 0 (id=3408): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000007c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057\x1c&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\x7f\x00\x00\x00AN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81.f\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00\x00\x00\xec\xbd_r\xf16\xec\xf3\xbb[.\xf3\xef\xf8\x16x\x9e\xb3*:/L\xa0Kg\xf0\xa2\x84\xa3o\xcc\x9e\xd3\xeb\xd3(\xaa\x93g~\x01\x81\x1eV\xf1L\xfc\xad\xa9#O\xe4\x12\xd3\xbda\xbc\x9a\x9f+9\'\xc4\x13\xf0\xc88\x1d80?\xc2\a\af\xdc?-&\xedAd\x9c\xe5&\xb9\x14\xe1\x85 \xbf\x18\xfc:#\xcf\x7ffT\xefPb\xe1\xfa]\xcc\x8a\xe3\x99\x98u\x9bj>\x9d\xc2\x1fk\x87\x92\xfb(U\xa8\xcd4+\xf6e5],\xec\x84 \x1b\x10d\x1b@\x84X\xa1\xa8\xd7\xccO\xb0Qq\x1a\xa4<\\\x0e\xa4\x7f^\x1a|\xfd\xe6#\x00\x9e\x1d\x00k\x84\x1b\xa3\xb1O\xe0IzJRO\xf4,\xe5\xdb\x03CA\x13Q\x84\xbb\x88\xb4\xe3\xba\xf0/\xd0\x04\ny\a\x8d\x12h\xe22\xcb\"\xce\x00\x00', 0x5) ioctl$auto_USBDEVFS_CLAIMINTERFACE(0xffffffffffffffff, 0x8004550f, 0x0) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) bpf$auto_BPF_PROG_ATTACH(0x8, &(0x7f0000000140)=@raw_tracepoint={0x9, r1, 0x0, 0x7}, 0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_JOIN_OCB(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000d00)={0x1c, r4, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x37c60ad6183ba5b}, 0x810) sendmsg$auto_NL80211_CMD_STOP_P2P_DEVICE(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000200)={0x78, r4, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_MLO_TTLM_ULINK={0x62, 0x149, "6887ed94c46028ccfe7e576ce01d65f46be24b996b2179ad575e091a0e7361c64f687bd257c96d216e9fd51cab42f83f97dc9db72889b87dd2857b3bec7db9daab4a9ad78e01690100c00b47721f22045977eaeb47a480d955720a93e68e"}]}, 0x78}, 0x1, 0x0, 0x0, 0x2400c001}, 0x804) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 528.313915ms ago: executing program 4 (id=3409): mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', 0x0, 0x10000, 0x0) open(0x0, 0x0, 0x6f) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x8850) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/midiC2D0\x00', 0x0, 0x0) r1 = socket$nl_generic(0x11, 0x3, 0x10) bind$auto(r1, &(0x7f0000000200)=@generic={0x11, "0000000000000000d29e006300"}, 0x80) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) read$auto_ep0_operations_inode(r0, &(0x7f0000000280)=""/96, 0x60) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x400, 0x0) close_range$auto(0x2, 0x8, 0x0) 190.652613ms ago: executing program 2 (id=3410): exit$auto(0xffffff9f) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_taskstats(0x0, r0) getpgrp(0x0) sendmsg$auto_TASKSTATS_CMD_GET(r0, 0x0, 0x20000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) fcntl$auto_F_SETSIG(0xffffffffffffffff, 0xa, 0x400000000000) r1 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001bc0)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x168081, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001e40)="2e271caeedc13d69b4fc13780654c968af9f176b5bbf60445af0b193e8756a01222effbf37f05a957cb25aa6ff48fc0f820814b41e96d12cf8677427b39d1d0c92c87beaf864f5f006a2bd510c18feaf2fec4e848ef5f5f0cba87d0fa2d929", 0x5f) writev$auto(0x3, 0x0, 0x1b) unshare$auto(0x40000080) lsm_set_self_attr$auto(0x5, 0x0, 0x7fff, 0x1783) pwrite64$auto(0xc8, &(0x7f0000000480)='\vX\xc9\xb3\xbc\x8c\x1dga08\x90\x86\xdde\x1cJ\x99\x00\x11:\x14\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xfe\x80\x12\x00\x00\x00\x00\x00\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\t^\xbe\xa2E\xd8?\'\rg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\b\x00\x00\x00\x00\x00\x00\x00g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd8\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00Z4\x14\xf5\xc1\xc4cp\xda|\xf1\xc7\x83a\xc2\bk\xb5\xf2vc8\b8\xc9\x8d\xe1\t\\\xdd\x06g\xe6\n\xa2\x81\xa4\n\x17C\x9b`\xcf\xf7Lc\x87\x92\xe5\xf0\xd7;\x8f\x9f<\xb7\'\xb7\x84\xa6\x02\xe7\xa6(|9\xb5\x91\xea\x8b\x9d\xbfo\xe1\xb3\xad\xbc\f\x17\x01\x05{%\xce\xc6-O\xd3\xb2\xf3\r\x1aF\xe7\x7f\xed\xf6\xff\x9dGNe,\x8b\xf2]\x7f\x90\xbb\xf7\x1c0\xcc\xed\x1eJ\xff\xea\xd9M\t\xf8\x82}\xbb\xb96\xacm\xbd`\xd6kx\x93H\a\xf8\x11\xe4\xb4\x9c\xe9\x98\v\xbe\x96\xaf\xb3\xa4\xbeR|\xb6\xeay\x95\xb3\xc9s\x17\x91\xa5\xd0\'!0S\x9eGm@r;a\xeak\x8d\x98\xc7\xe7\x13\'!\xbcs\xe00\xe9O!\xa2n\xcc\x80\b\x89&\x9a\xc7x\xce&\x80\xf3\xa8', 0x40fdef, 0x200) openat$auto_random_fops_random(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x10001, 0x16, 0x52ac1259, 0x40eb1, 0x401, 0x300000000000) ioctl$auto_PPPIOCSMRRU(0xffffffffffffffff, 0x4004743b, 0x0) write$auto_dfs_global_fops_debug(0xffffffffffffffff, 0x0, 0x0) msgget$auto(0x0, 0x5) msgsnd$auto(0x0, 0x0, 0x400, 0x2) msgrcv$auto(0x0, 0x0, 0x4bd, 0x1, 0xf1) r2 = socket(0x18, 0x5, 0x1) mmap$auto(0x0, 0x9076, 0x400000000000001, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r3 = socket(0xa, 0x5, 0x84) getsockopt$auto(r3, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x1000c0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'pim6reg1\x00', 0x0}) connect$auto(r2, &(0x7f0000000000)=@xdp={0x2c, 0x1, r4, 0x1e}, 0x100004) 0s ago: executing program 4 (id=3411): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) acct$auto(&(0x7f00000001c0)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/lu_gp_id\x1f') mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(r0, 0x8000, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) symlink$auto(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00') mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1d, 0x2, 0x2) socket(0x10, 0x3, 0x6) ioctl$auto(0x3, 0x8906, 0xd) r1 = socket(0x2, 0x80002, 0x73) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/vhci_hcd.11/usb32/32-0:1.0/usb32-port7/power/pm_qos_no_power_off\x00', 0x40000, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$auto(0x3, 0x404c534a, 0x38) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r1) sendmsg$auto_NL802154_CMD_SET_LBT_MODE(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="200025bd7000fcdbdf251200000008000c00000000000c001700f80900003aede3c705001a00f8000000"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0) prctl$auto(0x41555856, 0xc, 0x2008, 0x0, 0x0) r4 = socket(0xa, 0x3, 0x3a) ioctl$auto(r4, 0x890c, 0x1) r5 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VFIO_IOMMU_MAP_DMA(r5, 0x3b71, 0x0) kernel console output (not intermixed with test programs): [ 266.693636][ T7766] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 266.735423][ T7766] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 266.775009][ T7766] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 266.826092][ T7766] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 266.843801][ T7766] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 267.667092][ T5827] Bluetooth: hci0: command 0x0c1a tx timeout [ 268.535914][ T7755] Process accounting paused [ 268.697272][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout [ 268.782163][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 268.788326][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 268.794459][ T5827] Bluetooth: hci4: command 0x0c1a tx timeout [ 270.857301][ T5827] Bluetooth: hci4: command 0x0c1a tx timeout [ 271.823367][ T7810] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 271.857559][ T7810] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 271.897870][ T7810] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 271.907567][ T7810] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 271.913883][ T7810] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 272.254167][ T7823] kvm: kvm [7821]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x4000000e) = 0x4 [ 272.377162][ T5827] Bluetooth: hci0: command 0x0c1a tx timeout [ 273.897430][ T5827] Bluetooth: hci1: command 0x0c1a tx timeout [ 273.984987][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 273.985029][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 273.991528][ T5827] Bluetooth: hci4: command 0x0c1a tx timeout [ 274.020317][ T7828] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 274.027653][ T7828] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 274.034204][ T7828] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 274.042523][ T7828] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 274.052689][ T7828] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 275.097212][ T5827] Bluetooth: hci0: command 0x0c1a tx timeout [ 275.480344][ T7855] netlink: 28 bytes leftover after parsing attributes in process `syz.4.402'. [ 275.876242][ T7855] team0 (unregistering): Port device team_slave_0 removed [ 275.931868][ T7855] team0 (unregistering): Port device team_slave_1 removed [ 276.057934][ T5827] Bluetooth: hci4: command 0x0c1a tx timeout [ 276.057961][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 276.064545][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 276.070463][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout [ 277.233669][ T7867] FAULT_INJECTION: forcing a failure. [ 277.233669][ T7867] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 277.308186][ T7867] CPU: 0 UID: 0 PID: 7867 Comm: syz.3.405 Tainted: G U syzkaller #0 PREEMPT(full) [ 277.308247][ T7867] Tainted: [U]=USER [ 277.308257][ T7867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 277.308276][ T7867] Call Trace: [ 277.308287][ T7867] [ 277.308298][ T7867] dump_stack_lvl+0x100/0x190 [ 277.308352][ T7867] should_fail_ex.cold+0x5/0xa [ 277.308391][ T7867] _copy_from_user+0x2e/0xd0 [ 277.308442][ T7867] move_addr_to_kernel+0x65/0x170 [ 277.308491][ T7867] copy_msghdr_from_user+0x417/0x4f0 [ 277.308540][ T7867] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 277.308594][ T7867] ? __pfx__kstrtoull+0x10/0x10 [ 277.308639][ T7867] ___sys_sendmsg+0x106/0x1e0 [ 277.308689][ T7867] ? __pfx____sys_sendmsg+0x10/0x10 [ 277.308778][ T7867] ? find_held_lock+0x2b/0x80 [ 277.308857][ T7867] __sys_sendmmsg+0x205/0x430 [ 277.308897][ T7867] ? __pfx___sys_sendmmsg+0x10/0x10 [ 277.308947][ T7867] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 277.308995][ T7867] ? fput+0x79/0x100 [ 277.309027][ T7867] ? ksys_write+0x1ac/0x250 [ 277.309075][ T7867] ? __pfx_ksys_write+0x10/0x10 [ 277.309130][ T7867] __x64_sys_sendmmsg+0x9c/0x100 [ 277.309165][ T7867] ? lockdep_hardirqs_on+0x78/0x100 [ 277.309208][ T7867] do_syscall_64+0x106/0xf80 [ 277.309242][ T7867] ? clear_bhb_loop+0x40/0x90 [ 277.309282][ T7867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.309314][ T7867] RIP: 0033:0x7fee7d59c629 [ 277.309340][ T7867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.309372][ T7867] RSP: 002b:00007fee7e465028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 277.309403][ T7867] RAX: ffffffffffffffda RBX: 00007fee7d816090 RCX: 00007fee7d59c629 [ 277.309424][ T7867] RDX: 0000000000000005 RSI: 0000200000000000 RDI: 0000000000000004 [ 277.309442][ T7867] RBP: 00007fee7e465090 R08: 0000000000000000 R09: 0000000000000000 [ 277.309461][ T7867] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 277.309479][ T7867] R13: 00007fee7d816128 R14: 00007fee7d816090 R15: 00007ffcebf9e908 [ 277.309521][ T7867] [ 277.929493][ T7873] netlink: 342 bytes leftover after parsing attributes in process `syz.2.408'. [ 279.096806][ T7890] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input6 [ 280.728680][ T7909] netlink: 330 bytes leftover after parsing attributes in process `syz.3.418'. [ 280.738454][ T7911] netlink: 330 bytes leftover after parsing attributes in process `syz.3.418'. [ 281.461531][ T7917] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 281.511159][ T7917] audit: out of memory in audit_log_start [ 282.380049][ T7927] rcu: RCU calculated value of scheduler-enlistment delay is 10 jiffies. [ 285.956818][ T7959] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 285.963301][ T7959] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 285.970954][ T7959] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 286.002490][ T7959] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 286.012090][ T7959] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 286.591445][ T7982] FAULT_INJECTION: forcing a failure. [ 286.591445][ T7982] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 286.728407][ T7982] CPU: 1 UID: 0 PID: 7982 Comm: syz.4.435 Tainted: G U syzkaller #0 PREEMPT(full) [ 286.728500][ T7982] Tainted: [U]=USER [ 286.728509][ T7982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 286.728524][ T7982] Call Trace: [ 286.728541][ T7982] [ 286.728551][ T7982] dump_stack_lvl+0x100/0x190 [ 286.728593][ T7982] should_fail_ex.cold+0x5/0xa [ 286.728620][ T7982] ? prepare_alloc_pages+0x16d/0x5f0 [ 286.728658][ T7982] should_fail_alloc_page+0xeb/0x140 [ 286.728700][ T7982] prepare_alloc_pages+0x1f0/0x5f0 [ 286.728731][ T7982] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 286.728776][ T7982] ? rcu_is_watching+0x12/0xc0 [ 286.728812][ T7982] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 286.728847][ T7982] ? __mod_zone_page_state+0xe2/0x190 [ 286.728879][ T7982] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 286.728915][ T7982] ? lru_gen_add_folio+0x20f/0x13e0 [ 286.729019][ T7982] ? folios_put_refs+0x66d/0x840 [ 286.729060][ T7982] ? __pfx_folios_put_refs+0x10/0x10 [ 286.729099][ T7982] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 286.729142][ T7982] ? policy_nodemask+0xed/0x4f0 [ 286.729185][ T7982] alloc_pages_mpol+0x1fb/0x550 [ 286.729236][ T7982] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 286.729278][ T7982] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 286.729314][ T7982] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 286.729356][ T7982] folio_alloc_mpol_noprof+0x36/0x340 [ 286.729389][ T7982] shmem_alloc_folio+0x135/0x160 [ 286.729419][ T7982] shmem_alloc_and_add_folio+0x371/0xd40 [ 286.729460][ T7982] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 286.729499][ T7982] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 286.729534][ T7982] ? __lock_acquire+0x3c0/0x2630 [ 286.729569][ T7982] shmem_get_folio_gfp+0x6ab/0x1900 [ 286.729620][ T7982] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 286.729658][ T7982] ? __pfx___might_resched+0x10/0x10 [ 286.729694][ T7982] ? noop_dirty_folio+0xfd/0x160 [ 286.729742][ T7982] shmem_fallocate+0x6d7/0x1060 [ 286.729793][ T7982] ? __pfx_shmem_fallocate+0x10/0x10 [ 286.729827][ T7982] ? aa_file_perm+0x7f3/0x14d0 [ 286.729864][ T7982] ? __lock_acquire+0x4a5/0x2630 [ 286.729922][ T7982] ? __pfx_shmem_fallocate+0x10/0x10 [ 286.729970][ T7982] vfs_fallocate+0x576/0x10d0 [ 286.730013][ T7982] ? __pfx_vfs_fallocate+0x10/0x10 [ 286.730063][ T7982] __x64_sys_fallocate+0xd5/0x140 [ 286.730091][ T7982] do_syscall_64+0x106/0xf80 [ 286.730123][ T7982] ? clear_bhb_loop+0x40/0x90 [ 286.730153][ T7982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.730179][ T7982] RIP: 0033:0x7fd8cbb9c629 [ 286.730210][ T7982] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 286.730237][ T7982] RSP: 002b:00007fd8ccb11028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 286.730259][ T7982] RAX: ffffffffffffffda RBX: 00007fd8cbe15fa0 RCX: 00007fd8cbb9c629 [ 286.730275][ T7982] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005 [ 286.730289][ T7982] RBP: 00007fd8cbc32b39 R08: 0000000000000000 R09: 0000000000000000 [ 286.730303][ T7982] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000 [ 286.730317][ T7982] R13: 00007fd8cbe16038 R14: 00007fd8cbe15fa0 R15: 00007fff9933db28 [ 286.730347][ T7982] [ 287.409471][ T5142] Bluetooth: hci0: command 0x0c1a tx timeout [ 287.995645][ T5142] Bluetooth: hci2: command 0x0c1a tx timeout [ 288.001808][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout [ 288.057150][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 288.057186][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 288.838326][ T7996] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(15) [ 290.140313][ T8020] nfsd: Unknown parameter '^B-' [ 290.308346][ T8025] FAULT_INJECTION: forcing a failure. [ 290.308346][ T8025] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 290.357192][ T8025] CPU: 0 UID: 0 PID: 8025 Comm: syz.3.446 Tainted: G U syzkaller #0 PREEMPT(full) [ 290.357244][ T8025] Tainted: [U]=USER [ 290.357254][ T8025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 290.357273][ T8025] Call Trace: [ 290.357285][ T8025] [ 290.357298][ T8025] dump_stack_lvl+0x100/0x190 [ 290.357352][ T8025] should_fail_ex.cold+0x5/0xa [ 290.357389][ T8025] _copy_from_iter+0x1f4/0x1690 [ 290.357444][ T8025] ? __asan_memset+0x23/0x50 [ 290.357487][ T8025] ? __pfx__copy_from_iter+0x10/0x10 [ 290.357538][ T8025] ? __pfx___alloc_skb+0x10/0x10 [ 290.357685][ T8025] netlink_sendmsg+0x808/0xda0 [ 290.357735][ T8025] ? __pfx_netlink_sendmsg+0x10/0x10 [ 290.357771][ T8025] ? __import_iovec+0x1d2/0x640 [ 290.357825][ T8025] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 290.357874][ T8025] ____sys_sendmsg+0xa54/0xc30 [ 290.357923][ T8025] ? __pfx_____sys_sendmsg+0x10/0x10 [ 290.357989][ T8025] ___sys_sendmsg+0x190/0x1e0 [ 290.358038][ T8025] ? __pfx____sys_sendmsg+0x10/0x10 [ 290.358141][ T8025] __sys_sendmsg+0x170/0x220 [ 290.358178][ T8025] ? __pfx___sys_sendmsg+0x10/0x10 [ 290.358240][ T8025] do_syscall_64+0x106/0xf80 [ 290.358275][ T8025] ? clear_bhb_loop+0x40/0x90 [ 290.358315][ T8025] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.358347][ T8025] RIP: 0033:0x7fee7d59c629 [ 290.358374][ T8025] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 290.358406][ T8025] RSP: 002b:00007fee7e486028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 290.358436][ T8025] RAX: ffffffffffffffda RBX: 00007fee7d815fa0 RCX: 00007fee7d59c629 [ 290.358456][ T8025] RDX: 0000000020000000 RSI: 0000200000005380 RDI: 0000000000000004 [ 290.358475][ T8025] RBP: 00007fee7e486090 R08: 0000000000000000 R09: 0000000000000000 [ 290.358493][ T8025] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 290.358511][ T8025] R13: 00007fee7d816038 R14: 00007fee7d815fa0 R15: 00007ffcebf9e908 [ 290.358553][ T8025] [ 291.427473][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.0.448'. [ 291.500738][ T8039] netlink: 'syz.0.448': attribute type 1 has an invalid length. [ 291.569868][ T8039] netlink: 5 bytes leftover after parsing attributes in process `syz.0.448'. [ 292.206375][ T8044] FAULT_INJECTION: forcing a failure. [ 292.206375][ T8044] name fail_futex, interval 1, probability 0, space 0, times 1 [ 292.247173][ T8044] CPU: 1 UID: 0 PID: 8044 Comm: syz.3.452 Tainted: G U syzkaller #0 PREEMPT(full) [ 292.247221][ T8044] Tainted: [U]=USER [ 292.247232][ T8044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 292.247250][ T8044] Call Trace: [ 292.247261][ T8044] [ 292.247273][ T8044] dump_stack_lvl+0x100/0x190 [ 292.247343][ T8044] should_fail_ex.cold+0x5/0xa [ 292.247379][ T8044] get_futex_key+0x1d2/0x1620 [ 292.247419][ T8044] ? __pfx_get_futex_key+0x10/0x10 [ 292.247456][ T8044] ? lock_acquire+0x1cf/0x380 [ 292.247509][ T8044] futex_wake+0xea/0x530 [ 292.247568][ T8044] ? __pfx_futex_wake+0x10/0x10 [ 292.247614][ T8044] ? exit_mm_release+0x19/0x30 [ 292.247663][ T8044] do_futex+0x32b/0x350 [ 292.247701][ T8044] ? __pfx_do_futex+0x10/0x10 [ 292.247737][ T8044] ? __might_fault+0xc5/0x140 [ 292.247789][ T8044] mm_release+0x24a/0x2f0 [ 292.247820][ T8044] do_exit+0x675/0x2aa0 [ 292.247866][ T8044] ? __pfx_do_exit+0x10/0x10 [ 292.247905][ T8044] ? do_raw_spin_lock+0x128/0x260 [ 292.247957][ T8044] ? find_held_lock+0x2b/0x80 [ 292.248005][ T8044] ? get_signal+0x7e0/0x21e0 [ 292.248040][ T8044] do_group_exit+0xd5/0x2a0 [ 292.248084][ T8044] get_signal+0x1ec7/0x21e0 [ 292.248131][ T8044] ? __pfx_get_signal+0x10/0x10 [ 292.248164][ T8044] ? do_futex+0x192/0x350 [ 292.248207][ T8044] arch_do_signal_or_restart+0x91/0x770 [ 292.248247][ T8044] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 292.248297][ T8044] ? __pfx___x64_sys_futex+0x10/0x10 [ 292.248345][ T8044] exit_to_user_mode_loop+0x86/0x4a0 [ 292.248389][ T8044] do_syscall_64+0x668/0xf80 [ 292.248422][ T8044] ? clear_bhb_loop+0x40/0x90 [ 292.248467][ T8044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 292.248509][ T8044] RIP: 0033:0x7fee7d59c629 [ 292.248535][ T8044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 292.248565][ T8044] RSP: 002b:00007fee7e4650e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 292.248593][ T8044] RAX: fffffffffffffe00 RBX: 00007fee7d816098 RCX: 00007fee7d59c629 [ 292.248613][ T8044] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fee7d816098 [ 292.248632][ T8044] RBP: 00007fee7d816090 R08: 0000000000000000 R09: 0000000000000000 [ 292.248649][ T8044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 292.248666][ T8044] R13: 00007fee7d816128 R14: 00007ffcebf9e820 R15: 00007ffcebf9e908 [ 292.248707][ T8044] [ 294.183631][ T8074] vivid-007: ================= START STATUS ================= [ 294.227124][ T8074] vivid-007: Generate PTS: true [ 294.227182][ T8074] vivid-007: Generate SCR: true [ 294.227217][ T8074] tpg source WxH: 320x240 (Y'CbCr) [ 294.227238][ T8074] tpg field: 1 [ 294.227250][ T8074] tpg crop: (0,0)/320x240 [ 294.227272][ T8074] tpg compose: (0,0)/320x240 [ 294.227293][ T8074] tpg colorspace: 8 [ 294.227305][ T8074] tpg transfer function: 0/0 [ 294.227322][ T8074] tpg Y'CbCr encoding: 0/0 [ 294.227337][ T8074] tpg quantization: 0/0 [ 294.227354][ T8074] tpg RGB range: 0/2 [ 294.227370][ T8074] vivid-007: ================== END STATUS ================== [ 294.531369][ T8080] vivid-007: ================= START STATUS ================= [ 294.557340][ T8080] vivid-007: Generate PTS: true [ 294.572587][ T8080] vivid-007: Generate SCR: true [ 294.597118][ T8080] tpg source WxH: 320x240 (Y'CbCr) [ 294.602752][ T8080] tpg field: 1 [ 294.654936][ T8080] tpg crop: (0,0)/320x240 [ 294.660097][ T8080] tpg compose: (0,0)/320x240 [ 294.664865][ T8080] tpg colorspace: 8 [ 294.674594][ T8080] tpg transfer function: 0/0 [ 294.697563][ T8080] tpg Y'CbCr encoding: 0/0 [ 294.702064][ T8080] tpg quantization: 0/0 [ 294.751561][ T8080] tpg RGB range: 0/2 [ 294.793514][ T8080] vivid-007: ================== END STATUS ================== [ 297.873075][ T8113] FAULT_INJECTION: forcing a failure. [ 297.873075][ T8113] name failslab, interval 1, probability 0, space 0, times 0 [ 297.987155][ T8113] CPU: 1 UID: 0 PID: 8113 Comm: syz.0.469 Tainted: G U syzkaller #0 PREEMPT(full) [ 297.987203][ T8113] Tainted: [U]=USER [ 297.987222][ T8113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 297.987241][ T8113] Call Trace: [ 297.987252][ T8113] [ 297.987263][ T8113] dump_stack_lvl+0x100/0x190 [ 297.987315][ T8113] should_fail_ex.cold+0x5/0xa [ 297.987353][ T8113] should_failslab+0xc2/0x120 [ 297.987405][ T8113] __kmalloc_cache_noprof+0x7a/0x6f0 [ 297.987444][ T8113] ? proc_thread_self_get_link+0x1a6/0x210 [ 297.987497][ T8113] proc_thread_self_get_link+0x1a6/0x210 [ 297.987544][ T8113] pick_link+0xac2/0x13c0 [ 297.987588][ T8113] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 297.987639][ T8113] step_into_slowpath+0x9ba/0xf90 [ 297.987691][ T8113] ? __pfx_step_into_slowpath+0x10/0x10 [ 297.987745][ T8113] ? lookup_fast+0x2da/0x600 [ 297.987784][ T8113] ? inode_permission+0x374/0x620 [ 297.987828][ T8113] link_path_walk+0xf28/0x1cc0 [ 297.987889][ T8113] path_openat+0x1be/0x31a0 [ 297.987916][ T8113] ? kasan_save_stack+0x3f/0x50 [ 297.987958][ T8113] ? kasan_save_stack+0x30/0x50 [ 297.988003][ T8113] ? kasan_save_track+0x14/0x30 [ 297.988048][ T8113] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 297.988104][ T8113] ? __pfx_path_openat+0x10/0x10 [ 297.988170][ T8113] do_file_open+0x20e/0x430 [ 297.988203][ T8113] ? __pfx_do_file_open+0x10/0x10 [ 297.988274][ T8113] ? alloc_fd+0x476/0x790 [ 297.988328][ T8113] ? do_getname+0x191/0x390 [ 297.988367][ T8113] do_sys_openat2+0x10d/0x1e0 [ 297.988405][ T8113] ? __pfx_do_sys_openat2+0x10/0x10 [ 297.988458][ T8113] __x64_sys_openat+0x12d/0x210 [ 297.988497][ T8113] ? __pfx___x64_sys_openat+0x10/0x10 [ 297.988535][ T8113] ? ksys_write+0x1ac/0x250 [ 297.988601][ T8113] do_syscall_64+0x106/0xf80 [ 297.988636][ T8113] ? clear_bhb_loop+0x40/0x90 [ 297.988675][ T8113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.988708][ T8113] RIP: 0033:0x7f3792b5cece [ 297.988734][ T8113] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 297.988767][ T8113] RSP: 002b:00007f37939baf98 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 297.988798][ T8113] RAX: ffffffffffffffda RBX: 00007f37939bb6c0 RCX: 00007f3792b5cece [ 297.988819][ T8113] RDX: 0000000000000002 RSI: 00007f3792c32440 RDI: ffffffffffffff9c [ 297.988838][ T8113] RBP: 00007f3792c32b39 R08: 0000000000000000 R09: 0000000000000000 [ 297.988857][ T8113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 297.988875][ T8113] R13: 00007f3792e16038 R14: 00007f3792e15fa0 R15: 00007ffcd147a2a8 [ 297.988919][ T8113] [ 297.989438][ T8113] FAULT_INJECTION: forcing a failure. [ 297.989438][ T8113] name failslab, interval 1, probability 0, space 0, times 0 [ 298.447479][ T8113] CPU: 0 UID: 0 PID: 8113 Comm: syz.0.469 Tainted: G U syzkaller #0 PREEMPT(full) [ 298.447531][ T8113] Tainted: [U]=USER [ 298.447541][ T8113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 298.447560][ T8113] Call Trace: [ 298.447570][ T8113] [ 298.447583][ T8113] dump_stack_lvl+0x100/0x190 [ 298.447636][ T8113] should_fail_ex.cold+0x5/0xa [ 298.447672][ T8113] should_failslab+0xc2/0x120 [ 298.447725][ T8113] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 298.447774][ T8113] ? register_pidns_sysctls+0x48/0x1c0 [ 298.447817][ T8113] ? rcu_is_watching+0x12/0xc0 [ 298.447871][ T8113] kmemdup_noprof+0x29/0x60 [ 298.447919][ T8113] register_pidns_sysctls+0x48/0x1c0 [ 298.447963][ T8113] ? __ns_common_init+0x299/0x4b0 [ 298.448001][ T8113] copy_pid_ns+0x680/0x10a0 [ 298.448039][ T8113] ? __pfx_copy_pid_ns+0x10/0x10 [ 298.448074][ T8113] ? rcu_is_watching+0x12/0xc0 [ 298.448130][ T8113] ? copy_mnt_ns+0x106/0xc30 [ 298.448163][ T8113] ? create_new_namespaces+0x30/0xac0 [ 298.448202][ T8113] create_new_namespaces+0x2aa/0xac0 [ 298.448243][ T8113] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 298.448278][ T8113] ksys_unshare+0x455/0xab0 [ 298.448319][ T8113] ? __pfx_ksys_unshare+0x10/0x10 [ 298.448356][ T8113] ? ksys_write+0x1ac/0x250 [ 298.448414][ T8113] __x64_sys_unshare+0x31/0x40 [ 298.448450][ T8113] do_syscall_64+0x106/0xf80 [ 298.448483][ T8113] ? clear_bhb_loop+0x40/0x90 [ 298.448520][ T8113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.448553][ T8113] RIP: 0033:0x7f3792b9c629 [ 298.448579][ T8113] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 298.448610][ T8113] RSP: 002b:00007f37939bb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 298.448641][ T8113] RAX: ffffffffffffffda RBX: 00007f3792e15fa0 RCX: 00007f3792b9c629 [ 298.448661][ T8113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 298.448679][ T8113] RBP: 00007f37939bb090 R08: 0000000000000000 R09: 0000000000000000 [ 298.448697][ T8113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 298.448715][ T8113] R13: 00007f3792e16038 R14: 00007f3792e15fa0 R15: 00007ffcd147a2a8 [ 298.448755][ T8113] [ 298.715146][ T8104] Process accounting resumed [ 300.202895][ T8106] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 300.394114][ T5142] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 300.402366][ T5142] Bluetooth: hci0: Invalid handle: 0x3a4a > 0x0eff [ 300.611102][ T8142] netlink: 12 bytes leftover after parsing attributes in process `syz.2.474'. [ 302.377379][ T8166] zswap: compressor 3 not available [ 302.761411][ T8166] zswap: compressor query not available [ 302.772686][ T8159] Setting dangerous option i915.mitigations - tainting kernel [ 303.437569][ T8178] vivid-007: ================= START STATUS ================= [ 303.445716][ T8178] vivid-007: Generate PTS: true [ 303.458676][ T8178] vivid-007: Generate SCR: true [ 303.463663][ T8178] tpg source WxH: 320x240 (Y'CbCr) [ 303.526026][ T8178] tpg field: 1 [ 303.567657][ T8178] tpg crop: (0,0)/320x240 [ 303.573258][ T8178] tpg compose: (0,0)/320x240 [ 303.628028][ T8178] tpg colorspace: 8 [ 303.660630][ T8182] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 303.672514][ T8178] tpg transfer function: 0/0 [ 303.689721][ T8178] tpg Y'CbCr encoding: 0/0 [ 303.694324][ T8178] tpg quantization: 0/0 [ 303.727582][ T8178] tpg RGB range: 0/2 [ 303.766058][ T8178] vivid-007: ================== END STATUS ================== [ 304.996619][ T8191] random: crng reseeded on system resumption [ 305.541419][ T8205] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 307.183457][ T8208] Setting dangerous option i915.mitigations - tainting kernel [ 308.627557][ T8225] FAULT_INJECTION: forcing a failure. [ 308.627557][ T8225] name failslab, interval 1, probability 0, space 0, times 0 [ 308.677480][ T8225] CPU: 0 UID: 0 PID: 8225 Comm: syz.3.494 Tainted: G U L syzkaller #0 PREEMPT(full) [ 308.677539][ T8225] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 308.677553][ T8225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 308.677577][ T8225] Call Trace: [ 308.677590][ T8225] [ 308.677602][ T8225] dump_stack_lvl+0x100/0x190 [ 308.677659][ T8225] should_fail_ex.cold+0x5/0xa [ 308.677699][ T8225] should_failslab+0xc2/0x120 [ 308.677753][ T8225] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 308.677806][ T8225] ? security_file_alloc+0x34/0x2c0 [ 308.677859][ T8225] ? trace_kmem_cache_alloc+0xf3/0x120 [ 308.677899][ T8225] security_file_alloc+0x34/0x2c0 [ 308.677967][ T8225] init_file+0x95/0x480 [ 308.678005][ T8225] alloc_empty_file+0x73/0x1c0 [ 308.678051][ T8225] path_openat+0xe8/0x31a0 [ 308.678080][ T8225] ? kasan_save_stack+0x3f/0x50 [ 308.678124][ T8225] ? kasan_save_stack+0x30/0x50 [ 308.678178][ T8225] ? kasan_save_track+0x14/0x30 [ 308.678226][ T8225] ? __kasan_slab_alloc+0x89/0x90 [ 308.678275][ T8225] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 308.678321][ T8225] ? do_getname+0x35/0x390 [ 308.678366][ T8225] ? do_sys_openat2+0xc5/0x1e0 [ 308.678406][ T8225] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.678460][ T8225] ? __pfx_path_openat+0x10/0x10 [ 308.678530][ T8225] do_file_open+0x20e/0x430 [ 308.678564][ T8225] ? __pfx_do_file_open+0x10/0x10 [ 308.678625][ T8225] ? alloc_fd+0x476/0x790 [ 308.678683][ T8225] ? do_getname+0x191/0x390 [ 308.678725][ T8225] do_sys_openat2+0x10d/0x1e0 [ 308.678766][ T8225] ? __pfx_do_sys_openat2+0x10/0x10 [ 308.678811][ T8225] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 308.678862][ T8225] __x64_sys_openat+0x12d/0x210 [ 308.678905][ T8225] ? __pfx___x64_sys_openat+0x10/0x10 [ 308.678964][ T8225] do_syscall_64+0x106/0xf80 [ 308.679000][ T8225] ? clear_bhb_loop+0x40/0x90 [ 308.679041][ T8225] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.679081][ T8225] RIP: 0033:0x7fee7d59c629 [ 308.679110][ T8225] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 308.679143][ T8225] RSP: 002b:00007fee7e486028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 308.679191][ T8225] RAX: ffffffffffffffda RBX: 00007fee7d815fa0 RCX: 00007fee7d59c629 [ 308.679214][ T8225] RDX: 0000000000000040 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 308.679236][ T8225] RBP: 00007fee7d632b39 R08: 0000000000000000 R09: 0000000000000000 [ 308.679256][ T8225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.679277][ T8225] R13: 00007fee7d816038 R14: 00007fee7d815fa0 R15: 00007ffcebf9e908 [ 308.679321][ T8225] [ 311.096826][ T8236] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 311.121052][ T8236] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 311.140444][ T8236] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 311.156926][ T8236] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 311.171833][ T8236] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 311.474048][ T8260] FAULT_INJECTION: forcing a failure. [ 311.474048][ T8260] name failslab, interval 1, probability 0, space 0, times 0 [ 311.760514][ T8260] CPU: 0 UID: 0 PID: 8260 Comm: syz.2.502 Tainted: G U L syzkaller #0 PREEMPT(full) [ 311.760562][ T8260] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 311.760571][ T8260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 311.760585][ T8260] Call Trace: [ 311.760593][ T8260] [ 311.760604][ T8260] dump_stack_lvl+0x100/0x190 [ 311.760643][ T8260] should_fail_ex.cold+0x5/0xa [ 311.760669][ T8260] ? apply_wqattrs_prepare+0xfe/0xbb0 [ 311.760706][ T8260] should_failslab+0xc2/0x120 [ 311.760745][ T8260] __kmalloc_noprof+0xe0/0x850 [ 311.760783][ T8260] apply_wqattrs_prepare+0xfe/0xbb0 [ 311.760831][ T8260] apply_workqueue_attrs_locked+0x64/0xe0 [ 311.760878][ T8260] apply_workqueue_attrs+0x2a/0x50 [ 311.760902][ T8260] padata_set_cpumask+0x233/0x4c0 [ 311.760931][ T8260] store_cpumask+0x120/0x1a0 [ 311.760952][ T8260] ? __pfx_store_cpumask+0x10/0x10 [ 311.760974][ T8260] ? find_held_lock+0x2b/0x80 [ 311.761010][ T8260] ? sysfs_file_kobj+0xe4/0x290 [ 311.761034][ T8260] ? sysfs_file_kobj+0xe4/0x290 [ 311.761060][ T8260] ? __pfx_store_cpumask+0x10/0x10 [ 311.761081][ T8260] padata_sysfs_store+0x5c/0x90 [ 311.761117][ T8260] ? __pfx_padata_sysfs_store+0x10/0x10 [ 311.761153][ T8260] sysfs_kf_write+0xf2/0x150 [ 311.761181][ T8260] kernfs_fop_write_iter+0x3e0/0x5f0 [ 311.761217][ T8260] ? __pfx_sysfs_kf_write+0x10/0x10 [ 311.761246][ T8260] vfs_write+0x6ac/0x1070 [ 311.761280][ T8260] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 311.761321][ T8260] ? __pfx_vfs_write+0x10/0x10 [ 311.761375][ T8260] ksys_write+0x12a/0x250 [ 311.761410][ T8260] ? __pfx_ksys_write+0x10/0x10 [ 311.761455][ T8260] do_syscall_64+0x106/0xf80 [ 311.761480][ T8260] ? clear_bhb_loop+0x40/0x90 [ 311.761508][ T8260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.761532][ T8260] RIP: 0033:0x7f99c039c629 [ 311.761573][ T8260] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 311.761605][ T8260] RSP: 002b:00007f99c1262028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 311.761636][ T8260] RAX: ffffffffffffffda RBX: 00007f99c0615fa0 RCX: 00007f99c039c629 [ 311.761660][ T8260] RDX: 0000000000000003 RSI: 0000200000000340 RDI: 0000000000000003 [ 311.761673][ T8260] RBP: 00007f99c1262090 R08: 0000000000000000 R09: 0000000000000000 [ 311.761687][ T8260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 311.761701][ T8260] R13: 00007f99c0616038 R14: 00007f99c0615fa0 R15: 00007fff3828ba98 [ 311.761732][ T8260] [ 312.106928][ T8270] snd_aloop snd_aloop.0: Parsing timer source '.Ş#( 'cC:w [ 312.165864][ T8270] dump_stack_lvl+0x100/0x190 [ 312.165903][ T8270] should_fail_ex.cold+0x5/0xa [ 312.165930][ T8270] should_failslab+0xc2/0x120 [ 312.165970][ T8270] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 312.166003][ T8270] ? prepare_creds+0x2c/0x950 [ 312.166038][ T8270] ? from_kuid_munged+0xaa/0x130 [ 312.166088][ T8270] prepare_creds+0x2c/0x950 [ 312.166127][ T8270] __sys_setfsuid+0xda/0x380 [ 312.166154][ T8270] do_syscall_64+0x106/0xf80 [ 312.166180][ T8270] ? clear_bhb_loop+0x40/0x90 [ 312.166209][ T8270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.166235][ T8270] RIP: 0033:0x7f3792b9c629 [ 312.166255][ T8270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 312.166279][ T8270] RSP: 002b:00007f37939bb028 EFLAGS: 00000246 ORIG_RAX: 000000000000007a [ 312.166301][ T8270] RAX: ffffffffffffffda RBX: 00007f3792e15fa0 RCX: 00007f3792b9c629 [ 312.166317][ T8270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000ee00 [ 312.166331][ T8270] RBP: 00007f3792c32b39 R08: 0000000000000000 R09: 0000000000000000 [ 312.166346][ T8270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 312.166360][ T8270] R13: 00007f3792e16038 R14: 00007f3792e15fa0 R15: 00007ffcd147a2a8 [ 312.166391][ T8270] [ 312.367104][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 312.367108][ T30] audit: type=1800 audit(2147483751.940:3): pid=8270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.504" name="dbroot" dev="configfs" ino=20174 res=0 errno=0 [ 312.367266][ T30] audit: type=1806 audit(2147483752.170:4): xattr=990B05 res=-22 [ 313.180042][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 313.180070][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 313.186249][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 313.192184][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout [ 315.262158][ T8313] [U]  [ 315.265456][ T8313] [U] [ 315.268218][ T8313] [U] [ 315.270973][ T8313] [U] [ 315.309863][ T8313] [U] [ 315.312656][ T8313] [U] [ 315.315396][ T8313] [U] [ 315.318167][ T8313] [U] [ 315.405891][ T8313] FAULT_INJECTION: forcing a failure. [ 315.405891][ T8313] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 315.437182][ T8313] CPU: 1 UID: 0 PID: 8313 Comm: syz.3.513 Tainted: G U L syzkaller #0 PREEMPT(full) [ 315.437233][ T8313] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 315.437245][ T8313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 315.437263][ T8313] Call Trace: [ 315.437273][ T8313] [ 315.437284][ T8313] dump_stack_lvl+0x100/0x190 [ 315.437343][ T8313] should_fail_ex.cold+0x5/0xa [ 315.437381][ T8313] _copy_from_iter+0x1f4/0x1690 [ 315.437440][ T8313] ? __pfx__copy_from_iter+0x10/0x10 [ 315.437498][ T8313] ? __pfx___might_resched+0x10/0x10 [ 315.437553][ T8313] file_tty_write.isra.0+0x45b/0x890 [ 315.437603][ T8313] vfs_write+0x6ac/0x1070 [ 315.437652][ T8313] ? __pfx_tty_write+0x10/0x10 [ 315.437691][ T8313] ? __pfx_vfs_write+0x10/0x10 [ 315.437734][ T8313] ? find_held_lock+0x2b/0x80 [ 315.437811][ T8313] ksys_write+0x12a/0x250 [ 315.437858][ T8313] ? __pfx_ksys_write+0x10/0x10 [ 315.437918][ T8313] do_syscall_64+0x106/0xf80 [ 315.437953][ T8313] ? clear_bhb_loop+0x40/0x90 [ 315.437992][ T8313] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 315.438024][ T8313] RIP: 0033:0x7fee7d59c629 [ 315.438050][ T8313] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 315.438080][ T8313] RSP: 002b:00007fee7e465028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 315.438110][ T8313] RAX: ffffffffffffffda RBX: 00007fee7d816090 RCX: 00007fee7d59c629 [ 315.438130][ T8313] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 315.438149][ T8313] RBP: 00007fee7e465090 R08: 0000000000000000 R09: 0000000000000000 [ 315.438167][ T8313] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 315.438185][ T8313] R13: 00007fee7d816128 R14: 00007fee7d816090 R15: 00007ffcebf9e908 [ 315.438233][ T8313] [ 315.908313][ T8311] [U] [ 315.958456][ T30] audit: type=1326 audit(2147483755.790:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8316 comm="syz.4.514" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd8cbb9c629 code=0x0 [ 317.583721][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.591894][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.677148][ T8334] Setting dangerous option i915.mitigations - tainting kernel [ 320.350334][ T8375] FAULT_INJECTION: forcing a failure. [ 320.350334][ T8375] name failslab, interval 1, probability 0, space 0, times 0 [ 320.400419][ T8375] CPU: 1 UID: 0 PID: 8375 Comm: syz.3.523 Tainted: G U L syzkaller #0 PREEMPT(full) [ 320.400461][ T8375] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 320.400470][ T8375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 320.400485][ T8375] Call Trace: [ 320.400493][ T8375] [ 320.400503][ T8375] dump_stack_lvl+0x100/0x190 [ 320.400543][ T8375] should_fail_ex.cold+0x5/0xa [ 320.400570][ T8375] ? copy_splice_read+0x1a3/0xb90 [ 320.400605][ T8375] should_failslab+0xc2/0x120 [ 320.400644][ T8375] __kmalloc_noprof+0xe0/0x850 [ 320.400678][ T8375] ? current_time+0x8a/0x3b0 [ 320.400708][ T8375] copy_splice_read+0x1a3/0xb90 [ 320.400742][ T8375] ? ktime_get_coarse_real_ts64_mg+0x249/0x300 [ 320.400777][ T8375] ? ktime_get_coarse_real_ts64_mg+0x1e0/0x300 [ 320.400813][ T8375] ? __pfx_copy_splice_read+0x10/0x10 [ 320.400863][ T8375] ? find_held_lock+0x2b/0x80 [ 320.400903][ T8375] ? __pfx_copy_splice_read+0x10/0x10 [ 320.400939][ T8375] do_splice_read+0x285/0x370 [ 320.400978][ T8375] splice_direct_to_actor+0x2a1/0xa30 [ 320.401018][ T8375] ? __pfx_direct_splice_actor+0x10/0x10 [ 320.401062][ T8375] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 320.401108][ T8375] do_splice_direct+0x174/0x240 [ 320.401146][ T8375] ? __pfx_do_splice_direct+0x10/0x10 [ 320.401184][ T8375] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 320.401226][ T8375] ? rw_verify_area+0xce/0x6d0 [ 320.401261][ T8375] do_sendfile+0xadc/0xe20 [ 320.401301][ T8375] ? __pfx_do_sendfile+0x10/0x10 [ 320.401336][ T8375] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 320.401373][ T8375] __x64_sys_sendfile64+0x1d8/0x220 [ 320.401399][ T8375] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 320.401433][ T8375] do_syscall_64+0x106/0xf80 [ 320.401459][ T8375] ? clear_bhb_loop+0x40/0x90 [ 320.401489][ T8375] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.401514][ T8375] RIP: 0033:0x7fee7d59c629 [ 320.401534][ T8375] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 320.401558][ T8375] RSP: 002b:00007fee7e444028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 320.401581][ T8375] RAX: ffffffffffffffda RBX: 00007fee7d816180 RCX: 00007fee7d59c629 [ 320.401596][ T8375] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005 [ 320.401610][ T8375] RBP: 00007fee7d632b39 R08: 0000000000000000 R09: 0000000000000000 [ 320.401625][ T8375] R10: 0000000000004a00 R11: 0000000000000246 R12: 0000000000000000 [ 320.401640][ T8375] R13: 00007fee7d816218 R14: 00007fee7d816180 R15: 00007ffcebf9e908 [ 320.401670][ T8375] [ 321.222036][ T8381] snd_aloop snd_aloop.0: Parsing timer source '.Ş#( 'cC:w [ 328.705554][ T8457] dump_stack_lvl+0x100/0x190 [ 328.705640][ T8457] should_fail_ex.cold+0x5/0xa [ 328.705671][ T8457] ? prepare_alloc_pages+0x16d/0x5f0 [ 328.705710][ T8457] should_fail_alloc_page+0xeb/0x140 [ 328.705751][ T8457] prepare_alloc_pages+0x1f0/0x5f0 [ 328.705780][ T8457] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 328.705821][ T8457] ? __lock_acquire+0x4a5/0x2630 [ 328.705858][ T8457] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 328.705895][ T8457] ? do_raw_spin_lock+0x128/0x260 [ 328.705928][ T8457] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 328.705962][ T8457] ? find_held_lock+0x2b/0x80 [ 328.706007][ T8457] ? __lock_acquire+0x4a5/0x2630 [ 328.706037][ T8457] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 328.706077][ T8457] ? policy_nodemask+0xed/0x4f0 [ 328.706116][ T8457] alloc_pages_mpol+0x1fb/0x550 [ 328.706155][ T8457] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 328.706193][ T8457] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 328.706228][ T8457] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 328.706272][ T8457] folio_alloc_mpol_noprof+0x36/0x340 [ 328.706301][ T8457] shmem_alloc_folio+0x135/0x160 [ 328.706329][ T8457] shmem_alloc_and_add_folio+0x371/0xd40 [ 328.706369][ T8457] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 328.706405][ T8457] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 328.706445][ T8457] shmem_get_folio_gfp+0x6ab/0x1900 [ 328.706484][ T8457] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 328.706519][ T8457] ? ktime_get_coarse_real_ts64_mg+0x235/0x300 [ 328.706549][ T8457] ? lockdep_hardirqs_on+0x78/0x100 [ 328.706578][ T8457] shmem_fault+0x1f9/0xa20 [ 328.706612][ T8457] ? __lock_acquire+0x4a5/0x2630 [ 328.706639][ T8457] ? __pfx_shmem_fault+0x10/0x10 [ 328.706674][ T8457] ? __up_read+0x2c5/0x700 [ 328.706743][ T8457] ? __pfx_filemap_map_pages+0x10/0x10 [ 328.706789][ T8457] __do_fault+0x10d/0x550 [ 328.706835][ T8457] ? __pfx_filemap_map_pages+0x10/0x10 [ 328.706866][ T8457] do_fault+0x2db/0x1950 [ 328.706895][ T8457] __handle_mm_fault+0x180f/0x2b60 [ 328.706928][ T8457] ? mt_find+0x45e/0x8e0 [ 328.706985][ T8457] ? __pfx___handle_mm_fault+0x10/0x10 [ 328.707022][ T8457] ? __pfx_mt_find+0x10/0x10 [ 328.707083][ T8457] ? find_vma+0xbf/0x140 [ 328.707118][ T8457] ? __pfx_find_vma+0x10/0x10 [ 328.707187][ T8457] handle_mm_fault+0x36d/0xa20 [ 328.707235][ T8457] do_user_addr_fault+0x74c/0x12f0 [ 328.707422][ T8457] exc_page_fault+0x6f/0xd0 [ 328.707449][ T8457] asm_exc_page_fault+0x26/0x30 [ 328.707472][ T8457] RIP: 0010:__put_user_8+0xd/0x20 [ 328.707497][ T8457] Code: 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca e9 06 d0 03 00 66 0f 1f 44 00 00 90 90 90 [ 328.707520][ T8457] RSP: 0018:ffffc90004a3fbc0 EFLAGS: 00050206 [ 328.707539][ T8457] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000003000 [ 328.707553][ T8457] RDX: ffff8880324c1e40 RSI: ffffffff8255c351 RDI: ffffffff8c1aee20 [ 328.707568][ T8457] RBP: 000000000007d010 R08: 0000000000000001 R09: 00000000000001c9 [ 328.707601][ T8457] R10: 0000000000000200 R11: 0000000000000000 R12: 00000000000007fe [ 328.707615][ T8457] R13: 0000000000003000 R14: 0000000000000002 R15: 0000000000000000 [ 328.707638][ T8457] ? __might_fault+0x111/0x140 [ 328.707673][ T8457] kpage_read.isra.0+0x124/0x2b0 [ 328.707699][ T8457] ? __pfx_kpagecgroup_read+0x10/0x10 [ 328.707727][ T8457] proc_reg_read+0x120/0x330 [ 328.707762][ T8457] ? __pfx_proc_reg_read+0x10/0x10 [ 328.707793][ T8457] vfs_readv+0x5d8/0x8d0 [ 328.707889][ T8457] ? rcu_is_watching+0x12/0xc0 [ 328.707946][ T8457] ? __pfx_vfs_readv+0x10/0x10 [ 328.708037][ T8457] ? fdget_pos+0x2aa/0x380 [ 328.708061][ T8457] ? find_held_lock+0x2b/0x80 [ 328.708116][ T8457] ? __fget_files+0x21f/0x3d0 [ 328.708159][ T8457] ? do_readv+0x13e/0x340 [ 328.708190][ T8457] do_readv+0x13e/0x340 [ 328.708225][ T8457] ? __pfx_do_readv+0x10/0x10 [ 328.708266][ T8457] do_syscall_64+0x106/0xf80 [ 328.708292][ T8457] ? clear_bhb_loop+0x40/0x90 [ 328.708320][ T8457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.708344][ T8457] RIP: 0033:0x7fee7d59c629 [ 328.708363][ T8457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 328.708386][ T8457] RSP: 002b:00007fee7e486028 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 328.708407][ T8457] RAX: ffffffffffffffda RBX: 00007fee7d815fa0 RCX: 00007fee7d59c629 [ 328.708422][ T8457] RDX: 0000000100000007 RSI: 00002000000001c0 RDI: 0000000000000003 [ 328.708437][ T8457] RBP: 00007fee7e486090 R08: 0000000000000000 R09: 0000000000000000 [ 328.708451][ T8457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 328.708465][ T8457] R13: 00007fee7d816038 R14: 00007fee7d815fa0 R15: 00007ffcebf9e908 [ 328.708500][ T8457] [ 328.947631][ T8458] Process accounting paused [ 331.110641][ T8468] Setting dangerous option i915.mitigations - tainting kernel [ 333.818460][ T8516] kvm: kvm [8515]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000085) [ 334.970885][ T8543] netlink: 146 bytes leftover after parsing attributes in process `syz.2.560'. [ 336.192882][ T8568] netlink: 28 bytes leftover after parsing attributes in process `syz.0.566'. [ 338.530539][ T8583] zswap: compressor 1 not available [ 339.199840][ T5830] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 339.858605][ T8573] Setting dangerous option i915.mitigations - tainting kernel [ 341.917588][ T8619] netlink: 'syz.3.575': attribute type 3 has an invalid length. [ 342.468169][ T8632] FAULT_INJECTION: forcing a failure. [ 342.468169][ T8632] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 342.564474][ T8632] CPU: 1 UID: 0 PID: 8632 Comm: syz.3.578 Tainted: G U L syzkaller #0 PREEMPT(full) [ 342.564527][ T8632] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 342.564538][ T8632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 342.564557][ T8632] Call Trace: [ 342.564567][ T8632] [ 342.564579][ T8632] dump_stack_lvl+0x100/0x190 [ 342.564642][ T8632] should_fail_ex.cold+0x5/0xa [ 342.564682][ T8632] _copy_from_user+0x2e/0xd0 [ 342.564737][ T8632] ____sys_sendmsg+0x1d1/0xc30 [ 342.564774][ T8632] ? __pfx_____sys_sendmsg+0x10/0x10 [ 342.564812][ T8632] ? __pfx__kstrtoull+0x10/0x10 [ 342.564844][ T8632] ___sys_sendmsg+0x190/0x1e0 [ 342.564880][ T8632] ? __pfx____sys_sendmsg+0x10/0x10 [ 342.564935][ T8632] ? find_held_lock+0x2b/0x80 [ 342.564990][ T8632] __sys_sendmmsg+0x205/0x430 [ 342.565019][ T8632] ? __pfx___sys_sendmmsg+0x10/0x10 [ 342.565055][ T8632] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 342.565095][ T8632] ? fput+0x79/0x100 [ 342.565119][ T8632] ? ksys_write+0x1ac/0x250 [ 342.565154][ T8632] ? __pfx_ksys_write+0x10/0x10 [ 342.565194][ T8632] __x64_sys_sendmmsg+0x9c/0x100 [ 342.565220][ T8632] ? lockdep_hardirqs_on+0x78/0x100 [ 342.565245][ T8632] do_syscall_64+0x106/0xf80 [ 342.565271][ T8632] ? clear_bhb_loop+0x40/0x90 [ 342.565300][ T8632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.565324][ T8632] RIP: 0033:0x7fee7d59c629 [ 342.565344][ T8632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 342.565366][ T8632] RSP: 002b:00007fee7e465028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 342.565389][ T8632] RAX: ffffffffffffffda RBX: 00007fee7d816090 RCX: 00007fee7d59c629 [ 342.565404][ T8632] RDX: 0000000000000005 RSI: 0000200000000000 RDI: 0000000000000004 [ 342.565418][ T8632] RBP: 00007fee7e465090 R08: 0000000000000000 R09: 0000000000000000 [ 342.565432][ T8632] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001 [ 342.565446][ T8632] R13: 00007fee7d816128 R14: 00007fee7d816090 R15: 00007ffcebf9e908 [ 342.565476][ T8632] [ 342.973389][ T8638] netlink: 28 bytes leftover after parsing attributes in process `syz.2.579'. [ 345.313308][ T30] audit: type=1806 audit(2147483785.150:6): xattr=04 res=-22 [ 345.544831][ T8670] netlink: 'syz.3.588': attribute type 32 has an invalid length. [ 347.175031][ T8703] vivid-007: ================= START STATUS ================= [ 347.187427][ T8703] vivid-007: Generate PTS: true [ 347.192553][ T8703] vivid-007: Generate SCR: true [ 347.197671][ T8703] tpg source WxH: 320x240 (Y'CbCr) [ 347.199406][ T8704] FAULT_INJECTION: forcing a failure. [ 347.199406][ T8704] name failslab, interval 1, probability 0, space 0, times 0 [ 347.202871][ T8703] tpg field: 1 [ 347.202890][ T8703] tpg crop: (0,0)/320x240 [ 347.236383][ T8703] tpg compose: (0,0)/320x240 [ 347.247320][ T8704] CPU: 0 UID: 0 PID: 8704 Comm: syz.2.596 Tainted: G U L syzkaller #0 PREEMPT(full) [ 347.247372][ T8704] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 347.247385][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 347.247404][ T8704] Call Trace: [ 347.247414][ T8704] [ 347.247425][ T8704] dump_stack_lvl+0x100/0x190 [ 347.247478][ T8704] should_fail_ex.cold+0x5/0xa [ 347.247527][ T8704] should_failslab+0xc2/0x120 [ 347.247593][ T8704] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 347.247640][ T8704] ? __d_alloc+0x34/0xa80 [ 347.247682][ T8704] __d_alloc+0x34/0xa80 [ 347.247744][ T8704] d_alloc+0x4a/0x1e0 [ 347.247780][ T8704] lookup_one_qstr_excl+0x175/0x250 [ 347.247824][ T8704] start_dirop+0x59/0xb0 [ 347.247873][ T8704] simple_start_creating+0xf9/0x110 [ 347.247919][ T8704] ? __pfx_simple_start_creating+0x10/0x10 [ 347.247966][ T8704] ? mntput+0x70/0xa0 [ 347.248008][ T8704] ? simple_pin_fs+0xa3/0x190 [ 347.248051][ T8704] debugfs_start_creating.part.0+0x82/0x170 [ 347.248098][ T8704] __debugfs_create_file+0xb3/0x4f0 [ 347.248150][ T8704] debugfs_create_file_full+0x41/0x60 [ 347.248201][ T8704] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 347.248245][ T8704] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 347.248275][ T8704] ? rcu_is_watching+0x12/0xc0 [ 347.248356][ T8704] ? lockdep_init_map_type+0x5c/0x250 [ 347.248405][ T8704] preinit_net.part.0+0x24e/0x8f0 [ 347.248445][ T8704] copy_net_ns+0x339/0x7c0 [ 347.248490][ T8704] create_new_namespaces+0x3ea/0xac0 [ 347.248541][ T8704] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 347.248579][ T8704] ksys_unshare+0x455/0xab0 [ 347.248620][ T8704] ? __pfx_ksys_unshare+0x10/0x10 [ 347.248659][ T8704] ? ksys_write+0x1ac/0x250 [ 347.248719][ T8704] __x64_sys_unshare+0x31/0x40 [ 347.248757][ T8704] do_syscall_64+0x106/0xf80 [ 347.248790][ T8704] ? clear_bhb_loop+0x40/0x90 [ 347.248831][ T8704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.248864][ T8704] RIP: 0033:0x7f99c039c629 [ 347.248890][ T8704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 347.248922][ T8704] RSP: 002b:00007f99c1262028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 347.248953][ T8704] RAX: ffffffffffffffda RBX: 00007f99c0615fa0 RCX: 00007f99c039c629 [ 347.248973][ T8704] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 347.248991][ T8704] RBP: 00007f99c1262090 R08: 0000000000000000 R09: 0000000000000000 [ 347.249010][ T8704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 347.249028][ T8704] R13: 00007f99c0616038 R14: 00007f99c0615fa0 R15: 00007fff3828ba98 [ 347.249072][ T8704] [ 347.532539][ T8703] tpg colorspace: 8 [ 347.536421][ T8703] tpg transfer function: 0/0 [ 347.541310][ T8703] tpg Y'CbCr encoding: 0/0 [ 347.545931][ T8703] tpg quantization: 0/0 [ 347.550281][ T8703] tpg RGB range: 0/2 [ 347.554241][ T8703] vivid-007: ================== END STATUS ================== [ 354.470755][ T8766] Setting dangerous option i915.mitigations - tainting kernel [ 355.954530][ T8783] FAULT_INJECTION: forcing a failure. [ 355.954530][ T8783] name failslab, interval 1, probability 0, space 0, times 0 [ 355.992392][ T8783] CPU: 1 UID: 0 PID: 8783 Comm: syz.2.612 Tainted: G U L syzkaller #0 PREEMPT(full) [ 355.992452][ T8783] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 355.992473][ T8783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 355.992494][ T8783] Call Trace: [ 355.992504][ T8783] [ 355.992516][ T8783] dump_stack_lvl+0x100/0x190 [ 355.992573][ T8783] should_fail_ex.cold+0x5/0xa [ 355.992611][ T8783] ? __register_sysctl_table+0xbe4/0x1650 [ 355.992661][ T8783] should_failslab+0xc2/0x120 [ 355.992715][ T8783] __kmalloc_noprof+0xe0/0x850 [ 355.992771][ T8783] __register_sysctl_table+0xbe4/0x1650 [ 355.992833][ T8783] ? __pfx___register_sysctl_table+0x10/0x10 [ 355.992883][ T8783] ? rcu_is_cpu_rrupt_from_idle+0x1b1/0x270 [ 355.992938][ T8783] ? __asan_memcpy+0x3c/0x60 [ 355.992985][ T8783] register_pidns_sysctls+0x11d/0x1c0 [ 355.993030][ T8783] ? __ns_common_init+0x299/0x4b0 [ 355.993070][ T8783] copy_pid_ns+0x680/0x10a0 [ 355.993109][ T8783] ? __pfx_copy_pid_ns+0x10/0x10 [ 355.993146][ T8783] ? rcu_is_watching+0x12/0xc0 [ 355.993197][ T8783] ? copy_mnt_ns+0x106/0xc30 [ 355.993232][ T8783] ? create_new_namespaces+0x30/0xac0 [ 355.993273][ T8783] create_new_namespaces+0x2aa/0xac0 [ 355.993315][ T8783] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 355.993354][ T8783] ksys_unshare+0x455/0xab0 [ 355.993403][ T8783] ? __pfx_ksys_unshare+0x10/0x10 [ 355.993469][ T8783] __x64_sys_unshare+0x31/0x40 [ 355.993510][ T8783] do_syscall_64+0x106/0xf80 [ 355.993547][ T8783] ? clear_bhb_loop+0x40/0x90 [ 355.993589][ T8783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.993623][ T8783] RIP: 0033:0x7f99c039c629 [ 355.993651][ T8783] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 355.993685][ T8783] RSP: 002b:00007f99c1262028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 355.993717][ T8783] RAX: ffffffffffffffda RBX: 00007f99c0615fa0 RCX: 00007f99c039c629 [ 355.993740][ T8783] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 355.993759][ T8783] RBP: 00007f99c0432b39 R08: 0000000000000000 R09: 0000000000000000 [ 355.993779][ T8783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 355.993797][ T8783] R13: 00007f99c0616038 R14: 00007f99c0615fa0 R15: 00007fff3828ba98 [ 355.993841][ T8783] [ 355.993892][ T8783] sysctl could not get directory: /kernel -12 [ 357.505207][ T8815] netlink: 12 bytes leftover after parsing attributes in process `syz.3.618'. [ 359.380974][ T8815] Process accounting resumed [ 359.417614][ T8815] syz.3.618 (8815) used greatest stack depth: 19672 bytes left [ 359.760842][ T8845] F-\ [ 361.062046][ T8860] netlink: 28 bytes leftover after parsing attributes in process `syz.3.627'. [ 361.360690][ T8841] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 361.379650][ T8841] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 361.416717][ T8841] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 361.476509][ T8841] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 361.496119][ T8841] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 361.977160][ T5830] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 362.086099][ T8869] block nbd0: NBD_DISCONNECT [ 362.109488][ T8869] FAULT_INJECTION: forcing a failure. [ 362.109488][ T8869] name failslab, interval 1, probability 0, space 0, times 0 [ 362.167062][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 362.177134][ T8869] CPU: 0 UID: 0 PID: 8869 Comm: syz.2.629 Tainted: G U L syzkaller #0 PREEMPT(full) [ 362.177189][ T8869] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 362.177202][ T8869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 362.177221][ T8869] Call Trace: [ 362.177232][ T8869] [ 362.177244][ T8869] dump_stack_lvl+0x100/0x190 [ 362.177299][ T8869] should_fail_ex.cold+0x5/0xa [ 362.177338][ T8869] should_failslab+0xc2/0x120 [ 362.177393][ T8869] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 362.177439][ T8869] ? alloc_uid+0x13d/0x4c0 [ 362.177475][ T8869] ? rcu_is_watching+0x12/0xc0 [ 362.177530][ T8869] alloc_uid+0x13d/0x4c0 [ 362.177568][ T8869] ? __pfx_alloc_uid+0x10/0x10 [ 362.177609][ T8869] ? bpf_lsm_capable+0x9/0x10 [ 362.177639][ T8869] ? security_capable+0x80/0x260 [ 362.177687][ T8869] __sys_setreuid+0x788/0xb00 [ 362.177747][ T8869] do_syscall_64+0x106/0xf80 [ 362.177783][ T8869] ? clear_bhb_loop+0x40/0x90 [ 362.177823][ T8869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.177858][ T8869] RIP: 0033:0x7f99c039c629 [ 362.177885][ T8869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 362.177917][ T8869] RSP: 002b:00007f99c1262028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 362.177949][ T8869] RAX: ffffffffffffffda RBX: 00007f99c0615fa0 RCX: 00007f99c039c629 [ 362.177971][ T8869] RDX: 0000000000000000 RSI: 7fffffffffffffff RDI: 0000000080000000 [ 362.177991][ T8869] RBP: 00007f99c0432b39 R08: 0000000000000000 R09: 0000000000000000 [ 362.178010][ T8869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 362.178029][ T8869] R13: 00007f99c0616038 R14: 00007f99c0615fa0 R15: 00007fff3828ba98 [ 362.178080][ T8869] [ 363.428606][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 363.434682][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 363.497282][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 363.498897][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 365.646445][ T8893] snd_aloop snd_aloop.0: Parsing timer source '.Ş#( 'cC:w [ 371.896516][ T8976] dump_stack_lvl+0x100/0x190 [ 371.896574][ T8976] should_fail_ex.cold+0x5/0xa [ 371.896613][ T8976] should_failslab+0xc2/0x120 [ 371.896667][ T8976] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 371.896725][ T8976] ? __proc_create+0x2cb/0x8c0 [ 371.896785][ T8976] __proc_create+0x2cb/0x8c0 [ 371.896836][ T8976] ? __pfx___proc_create+0x10/0x10 [ 371.896902][ T8976] _proc_mkdir+0xb9/0x210 [ 371.896968][ T8976] ? __pfx__proc_mkdir+0x10/0x10 [ 371.897016][ T8976] ? net_generic+0xea/0x2a0 [ 371.897061][ T8976] nfs_fs_proc_net_init+0x9b/0x1e0 [ 371.897104][ T8976] nfs_net_init+0x130/0x340 [ 371.897152][ T8976] ? __pfx_nfs_net_init+0x10/0x10 [ 371.897191][ T8976] ops_init+0x1e2/0x5f0 [ 371.897234][ T8976] setup_net+0x118/0x3a0 [ 371.897274][ T8976] ? __pfx_setup_net+0x10/0x10 [ 371.897318][ T8976] ? lockdep_init_map_type+0x5c/0x250 [ 371.897363][ T8976] ? mutex_init_lockep+0x110/0x150 [ 371.897415][ T8976] copy_net_ns+0x46f/0x7c0 [ 371.897461][ T8976] create_new_namespaces+0x3ea/0xac0 [ 371.897506][ T8976] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 371.897543][ T8976] ksys_unshare+0x455/0xab0 [ 371.897587][ T8976] ? __pfx_ksys_unshare+0x10/0x10 [ 371.897646][ T8976] __x64_sys_unshare+0x31/0x40 [ 371.897687][ T8976] do_syscall_64+0x106/0xf80 [ 371.897723][ T8976] ? clear_bhb_loop+0x40/0x90 [ 371.897765][ T8976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.897799][ T8976] RIP: 0033:0x7f3792b9c629 [ 371.897828][ T8976] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 371.897861][ T8976] RSP: 002b:00007f37939bb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 371.897893][ T8976] RAX: ffffffffffffffda RBX: 00007f3792e15fa0 RCX: 00007f3792b9c629 [ 371.897915][ T8976] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 371.897935][ T8976] RBP: 00007f3792c32b39 R08: 0000000000000000 R09: 0000000000000000 [ 371.897955][ T8976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 371.897974][ T8976] R13: 00007f3792e16038 R14: 00007f3792e15fa0 R15: 00007ffcd147a2a8 [ 371.898018][ T8976] [ 372.489380][ T8974] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 372.579755][ T8974] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 372.591430][ T8974] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 372.608481][ T8974] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 372.630736][ T8974] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 373.577102][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 374.627261][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 374.633396][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout [ 374.647093][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 374.708883][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 376.075289][ T9013] netlink: 338 bytes leftover after parsing attributes in process `syz.3.664'. [ 376.103192][ T9014] [U] ^\ [ 376.150058][ T9013] net veth1_virt_wifi virt_wifi0: entered promiscuous mode [ 376.537146][ T9018] FAULT_INJECTION: forcing a failure. [ 376.537146][ T9018] name failslab, interval 1, probability 0, space 0, times 0 [ 376.570637][ T9018] CPU: 1 UID: 0 PID: 9018 Comm: syz.2.666 Tainted: G U L syzkaller #0 PREEMPT(full) [ 376.570754][ T9018] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 376.570768][ T9018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 376.570789][ T9018] Call Trace: [ 376.570800][ T9018] [ 376.570813][ T9018] dump_stack_lvl+0x100/0x190 [ 376.570871][ T9018] should_fail_ex.cold+0x5/0xa [ 376.570912][ T9018] should_failslab+0xc2/0x120 [ 376.570968][ T9018] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 376.571014][ T9018] ? __proc_create+0x2cb/0x8c0 [ 376.571073][ T9018] __proc_create+0x2cb/0x8c0 [ 376.571125][ T9018] ? __pfx___proc_create+0x10/0x10 [ 376.571182][ T9018] ? _raw_write_unlock+0x28/0x50 [ 376.571215][ T9018] ? proc_register+0x559/0x8a0 [ 376.571271][ T9018] proc_create_reg+0x75/0x170 [ 376.571323][ T9018] ? __pfx_can_rcvlist_eff_proc_show+0x10/0x10 [ 376.571364][ T9018] proc_create_net_single+0x86/0x180 [ 376.571425][ T9018] ? __pfx_proc_create_net_single+0x10/0x10 [ 376.571482][ T9018] ? round_jiffies+0x10a/0x160 [ 376.571527][ T9018] can_init_proc+0x319/0x4b0 [ 376.571566][ T9018] can_pernet_init+0x1e4/0x370 [ 376.571601][ T9018] ? __pfx_can_pernet_init+0x10/0x10 [ 376.571633][ T9018] ops_init+0x1e2/0x5f0 [ 376.571678][ T9018] setup_net+0x118/0x3a0 [ 376.571719][ T9018] ? __pfx_setup_net+0x10/0x10 [ 376.571756][ T9018] ? lockdep_init_map_type+0x5c/0x250 [ 376.571802][ T9018] ? mutex_init_lockep+0x110/0x150 [ 376.571853][ T9018] copy_net_ns+0x46f/0x7c0 [ 376.571900][ T9018] create_new_namespaces+0x3ea/0xac0 [ 376.571946][ T9018] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 376.571985][ T9018] ksys_unshare+0x455/0xab0 [ 376.572029][ T9018] ? __pfx_ksys_unshare+0x10/0x10 [ 376.572088][ T9018] __x64_sys_unshare+0x31/0x40 [ 376.572131][ T9018] do_syscall_64+0x106/0xf80 [ 376.572167][ T9018] ? clear_bhb_loop+0x40/0x90 [ 376.572208][ T9018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 376.572245][ T9018] RIP: 0033:0x7f99c039c629 [ 376.572274][ T9018] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 376.572308][ T9018] RSP: 002b:00007f99c1262028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 376.572342][ T9018] RAX: ffffffffffffffda RBX: 00007f99c0615fa0 RCX: 00007f99c039c629 [ 376.572364][ T9018] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 376.572386][ T9018] RBP: 00007f99c0432b39 R08: 0000000000000000 R09: 0000000000000000 [ 376.572406][ T9018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 376.572437][ T9018] R13: 00007f99c0616038 R14: 00007f99c0615fa0 R15: 00007fff3828ba98 [ 376.572482][ T9018] [ 377.547339][ T9020] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 377.557633][ T9020] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 377.563801][ T9020] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 377.634212][ T9020] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 377.640816][ T9020] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 378.198090][ T9038] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1986356271.1885433135.796026224), cmd(15) [ 378.312455][ T9041] FAULT_INJECTION: forcing a failure. [ 378.312455][ T9041] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 378.398635][ T9041] CPU: 1 UID: 0 PID: 9041 Comm: syz.4.672 Tainted: G U L syzkaller #0 PREEMPT(full) [ 378.398675][ T9041] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 378.398684][ T9041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 378.398697][ T9041] Call Trace: [ 378.398704][ T9041] [ 378.398713][ T9041] dump_stack_lvl+0x100/0x190 [ 378.398752][ T9041] should_fail_ex.cold+0x5/0xa [ 378.398779][ T9041] strncpy_from_user+0x3b/0x2d0 [ 378.398817][ T9041] do_getname+0x78/0x390 [ 378.398847][ T9041] user_path_at+0x26/0x60 [ 378.398881][ T9041] __x64_sys_mount+0x1fb/0x310 [ 378.398907][ T9041] ? __pfx___x64_sys_mount+0x10/0x10 [ 378.398939][ T9041] do_syscall_64+0x106/0xf80 [ 378.398964][ T9041] ? clear_bhb_loop+0x40/0x90 [ 378.398992][ T9041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.399016][ T9041] RIP: 0033:0x7fd8cbb9c629 [ 378.399034][ T9041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 378.399056][ T9041] RSP: 002b:00007fd8ccb11028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 378.399077][ T9041] RAX: ffffffffffffffda RBX: 00007fd8cbe15fa0 RCX: 00007fd8cbb9c629 [ 378.399112][ T9041] RDX: 0000200000000180 RSI: 00002000000000c0 RDI: 0000000000000000 [ 378.399126][ T9041] RBP: 00007fd8ccb11090 R08: 00002000000001c0 R09: 0000000000000000 [ 378.399141][ T9041] R10: 0000000000000200 R11: 0000000000000246 R12: 0000000000000001 [ 378.399154][ T9041] R13: 00007fd8cbe16038 R14: 00007fd8cbe15fa0 R15: 00007fff9933db28 [ 378.399184][ T9041] [ 379.044851][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.052141][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.257915][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 379.577516][ T5830] Bluetooth: hci2: command 0x0c1a tx timeout [ 379.582132][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 379.657155][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 379.657188][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 380.246784][ T9062] futex_wake_op: syz.2.677 tries to shift op by -1; fix this program [ 382.526702][ T9069] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 382.553384][ T9069] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 382.585570][ T9069] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 382.667762][ T9069] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 382.673914][ T9069] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 383.737117][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 384.627190][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 384.634714][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 384.697162][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 384.697314][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 385.811557][ T9124] FAULT_INJECTION: forcing a failure. [ 385.811557][ T9124] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 385.827080][ T9124] CPU: 1 UID: 0 PID: 9124 Comm: syz.3.690 Tainted: G U L syzkaller #0 PREEMPT(full) [ 385.827130][ T9124] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 385.827139][ T9124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 385.827152][ T9124] Call Trace: [ 385.827160][ T9124] [ 385.827169][ T9124] dump_stack_lvl+0x100/0x190 [ 385.827207][ T9124] should_fail_ex.cold+0x5/0xa [ 385.827233][ T9124] _copy_to_user+0x32/0xd0 [ 385.827271][ T9124] rng_dev_read+0x223/0x910 [ 385.827301][ T9124] ? __pfx_virtio_read+0x10/0x10 [ 385.827333][ T9124] ? __pfx_rng_dev_read+0x10/0x10 [ 385.827367][ T9124] ? bpf_lsm_file_permission+0x9/0x10 [ 385.827401][ T9124] ? security_file_permission+0x76/0x210 [ 385.827439][ T9124] ? rw_verify_area+0xce/0x6d0 [ 385.827468][ T9124] ? __pfx_rng_dev_read+0x10/0x10 [ 385.827498][ T9124] vfs_read+0x1e4/0xb30 [ 385.827541][ T9124] ? __pfx_vfs_read+0x10/0x10 [ 385.827573][ T9124] ? find_held_lock+0x2b/0x80 [ 385.827608][ T9124] ? __fget_files+0x215/0x3d0 [ 385.827677][ T9124] ? __fget_files+0x215/0x3d0 [ 385.827725][ T9124] ? __fget_files+0x21f/0x3d0 [ 385.827772][ T9124] ksys_read+0x12a/0x250 [ 385.827811][ T9124] ? __pfx_ksys_read+0x10/0x10 [ 385.827862][ T9124] do_syscall_64+0x106/0xf80 [ 385.827889][ T9124] ? clear_bhb_loop+0x40/0x90 [ 385.827923][ T9124] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 385.827953][ T9124] RIP: 0033:0x7fee7d59c629 [ 385.827976][ T9124] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 385.828004][ T9124] RSP: 002b:00007fee7e486028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 385.828030][ T9124] RAX: ffffffffffffffda RBX: 00007fee7d815fa0 RCX: 00007fee7d59c629 [ 385.828047][ T9124] RDX: 00000000fffffe82 RSI: 0000200000000040 RDI: 0000000000000008 [ 385.828063][ T9124] RBP: 00007fee7e486090 R08: 0000000000000000 R09: 0000000000000000 [ 385.828077][ T9124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 385.828092][ T9124] R13: 00007fee7d816038 R14: 00007fee7d815fa0 R15: 00007ffcebf9e908 [ 385.828125][ T9124] [ 386.084141][ T9127] FAULT_INJECTION: forcing a failure. [ 386.084141][ T9127] name failslab, interval 1, probability 0, space 0, times 0 [ 386.096923][ T9127] CPU: 1 UID: 0 PID: 9127 Comm: syz.0.691 Tainted: G U L syzkaller #0 PREEMPT(full) [ 386.096995][ T9127] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 386.097007][ T9127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 386.097027][ T9127] Call Trace: [ 386.097041][ T9127] [ 386.097051][ T9127] dump_stack_lvl+0x100/0x190 [ 386.097090][ T9127] should_fail_ex.cold+0x5/0xa [ 386.097116][ T9127] should_failslab+0xc2/0x120 [ 386.097154][ T9127] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 386.097187][ T9127] ? skb_clone+0x190/0x400 [ 386.097216][ T9127] skb_clone+0x190/0x400 [ 386.097242][ T9127] netlink_deliver_tap+0xaed/0xcc0 [ 386.097275][ T9127] netlink_unicast+0x650/0x870 [ 386.097306][ T9127] ? __pfx_netlink_unicast+0x10/0x10 [ 386.097332][ T9127] ? __asan_memset+0x23/0x50 [ 386.097362][ T9127] ? __build_skb_around+0x278/0x390 [ 386.097398][ T9127] ? is_vmalloc_addr+0x86/0xa0 [ 386.097432][ T9127] netlink_sendmsg+0x8b0/0xda0 [ 386.097464][ T9127] ? __pfx_netlink_sendmsg+0x10/0x10 [ 386.097496][ T9127] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 386.097534][ T9127] ____sys_sendmsg+0xa54/0xc30 [ 386.097569][ T9127] ? __pfx_____sys_sendmsg+0x10/0x10 [ 386.097606][ T9127] ? __pfx__kstrtoull+0x10/0x10 [ 386.097639][ T9127] ___sys_sendmsg+0x190/0x1e0 [ 386.097674][ T9127] ? __pfx____sys_sendmsg+0x10/0x10 [ 386.097722][ T9127] ? find_held_lock+0x2b/0x80 [ 386.097793][ T9127] __sys_sendmmsg+0x205/0x430 [ 386.097822][ T9127] ? __pfx___sys_sendmmsg+0x10/0x10 [ 386.097857][ T9127] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 386.097897][ T9127] ? fput+0x79/0x100 [ 386.097921][ T9127] ? ksys_write+0x1ac/0x250 [ 386.097954][ T9127] ? __pfx_ksys_write+0x10/0x10 [ 386.097993][ T9127] __x64_sys_sendmmsg+0x9c/0x100 [ 386.098018][ T9127] ? lockdep_hardirqs_on+0x78/0x100 [ 386.098043][ T9127] do_syscall_64+0x106/0xf80 [ 386.098068][ T9127] ? clear_bhb_loop+0x40/0x90 [ 386.098097][ T9127] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 386.098120][ T9127] RIP: 0033:0x7f3792b9c629 [ 386.098140][ T9127] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 386.098162][ T9127] RSP: 002b:00007f37939bb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 386.098184][ T9127] RAX: ffffffffffffffda RBX: 00007f3792e15fa0 RCX: 00007f3792b9c629 [ 386.098200][ T9127] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003 [ 386.098214][ T9127] RBP: 00007f37939bb090 R08: 0000000000000000 R09: 0000000000000000 [ 386.098228][ T9127] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 386.098241][ T9127] R13: 00007f3792e16038 R14: 00007f3792e15fa0 R15: 00007ffcd147a2a8 [ 386.098271][ T9127] [ 388.931395][ T9160] vivid-011: ================= START STATUS ================= [ 388.948600][ T9160] vivid-011: Enable Output Cropping: true [ 388.955944][ T9160] vivid-011: Enable Output Composing: true [ 388.987122][ T9160] vivid-011: Enable Output Scaler: true [ 389.021065][ T9160] vivid-011: Tx RGB Quantization Range: Automatic [ 389.077314][ T9160] vivid-011: Transmit Mode: HDMI [ 389.157379][ T9160] vivid-011: Hotplug Present: 0x00000000 [ 389.163136][ T9160] vivid-011: RxSense Present: 0x00000000 [ 389.169691][ T9160] vivid-011: EDID Present: 0x00000000 [ 389.175403][ T9160] vivid-011: ================== END STATUS ================== [ 390.893816][ T9172] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 390.945796][ T9172] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 390.977829][ T9172] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 391.009563][ T9172] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 391.015758][ T9172] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 391.350222][ T9172] Process accounting paused [ 391.496305][ T9196] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 392.709730][ T9198] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 392.765425][ T9198] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 392.806455][ T9198] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 392.843816][ T9198] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 392.920639][ T9198] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 394.137672][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 394.794611][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 394.857076][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 394.863163][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 394.939299][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 395.025219][ T5830] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 395.143904][ T9227] net_ratelimit: 460 callbacks suppressed [ 395.143929][ T9227] openvswitch: netlink: Duplicate key (type 15). [ 396.942192][ T9244] vivid-000: ================= START STATUS ================= [ 396.971735][ T9244] vivid-000: Generate PTS: true [ 396.976685][ T9244] vivid-000: Generate SCR: true [ 397.019143][ T9244] tpg source WxH: 720x576 (Y'CbCr) [ 397.094516][ T9244] tpg field: 4 [ 397.119202][ T9244] tpg crop: (0,0)/720x576 [ 397.123705][ T9244] tpg compose: (0,0)/720x576 [ 397.190518][ T9246] sp0: Synchronizing with TNC [ 397.235170][ T9244] tpg colorspace: 1 [ 397.327815][ T9244] tpg transfer function: 0/0 [ 397.350998][ T9244] tpg Y'CbCr encoding: 0/0 [ 397.386129][ T9244] tpg quantization: 0/0 [ 397.396582][ T9244] tpg RGB range: 0/2 [ 397.400951][ T9244] vivid-000: ================== END STATUS ================== [ 397.718676][ T9232] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 397.735575][ T9232] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 397.760607][ T9232] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 397.766860][ T9232] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 397.808358][ T9232] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 398.377143][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 398.433888][ T9241] ima: policy update failed [ 398.503919][ T30] audit: type=1802 audit(2147483838.340:7): pid=9241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.715" res=0 errno=0 [ 399.737129][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 399.817135][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 399.823371][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 399.829783][ T5827] Bluetooth: hci2: command 0x0c1a tx timeout [ 401.580635][ T5830] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 406.092178][ T30] audit: type=1806 audit(2147483845.930:8): xattr=0D res=-22 [ 409.178642][ T9403] FAULT_INJECTION: forcing a failure. [ 409.178642][ T9403] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 409.217146][ T9403] CPU: 0 UID: 0 PID: 9403 Comm: syz.0.754 Tainted: G U L syzkaller #0 PREEMPT(full) [ 409.217197][ T9403] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 409.217209][ T9403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 409.217228][ T9403] Call Trace: [ 409.217238][ T9403] [ 409.217250][ T9403] dump_stack_lvl+0x100/0x190 [ 409.217303][ T9403] should_fail_ex.cold+0x5/0xa [ 409.217338][ T9403] _copy_from_user+0x2e/0xd0 [ 409.217398][ T9403] snd_rawmidi_kernel_write1+0x390/0x7c0 [ 409.217466][ T9403] snd_rawmidi_write+0x2dc/0xc60 [ 409.217526][ T9403] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 409.217581][ T9403] ? __pfx_default_wake_function+0x10/0x10 [ 409.217615][ T9403] ? bpf_lsm_file_permission+0x9/0x10 [ 409.217660][ T9403] ? security_file_permission+0x76/0x210 [ 409.217711][ T9403] ? rw_verify_area+0xce/0x6d0 [ 409.217757][ T9403] vfs_write+0x2aa/0x1070 [ 409.217802][ T9403] ? __pfx_snd_rawmidi_write+0x10/0x10 [ 409.217857][ T9403] ? __pfx_vfs_write+0x10/0x10 [ 409.217900][ T9403] ? find_held_lock+0x2b/0x80 [ 409.217950][ T9403] ? __fget_files+0x215/0x3d0 [ 409.217995][ T9403] ? __fget_files+0x215/0x3d0 [ 409.218049][ T9403] ? __fget_files+0x21f/0x3d0 [ 409.218108][ T9403] ksys_write+0x1f8/0x250 [ 409.218155][ T9403] ? __pfx_ksys_write+0x10/0x10 [ 409.218213][ T9403] do_syscall_64+0x106/0xf80 [ 409.218246][ T9403] ? clear_bhb_loop+0x40/0x90 [ 409.218284][ T9403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.218315][ T9403] RIP: 0033:0x7f3792b9c629 [ 409.218342][ T9403] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 409.218383][ T9403] RSP: 002b:00007f379399a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 409.218413][ T9403] RAX: ffffffffffffffda RBX: 00007f3792e16090 RCX: 00007f3792b9c629 [ 409.218434][ T9403] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000005 [ 409.218453][ T9403] RBP: 00007f379399a090 R08: 0000000000000000 R09: 0000000000000000 [ 409.218472][ T9403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 409.218490][ T9403] R13: 00007f3792e16128 R14: 00007f3792e16090 R15: 00007ffcd147a2a8 [ 409.218532][ T9403] [ 419.180792][ T5830] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 420.138012][ T51] Bluetooth: hci6: Opcode 0x0c03 failed: -110 [ 420.951685][ T5142] Bluetooth: hci7: Opcode 0x0c03 failed: -110 [ 422.247677][ T9541] Process accounting resumed [ 422.486798][ T9535] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 422.503855][ T9535] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 422.513728][ T9535] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 422.529940][ T9535] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 422.538584][ T9535] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 423.437204][ T9557] vivid-007: ================= START STATUS ================= [ 423.449955][ T9563] FAULT_INJECTION: forcing a failure. [ 423.449955][ T9563] name failslab, interval 1, probability 0, space 0, times 0 [ 423.462961][ T9557] vivid-007: Generate PTS: true [ 423.477150][ T9557] vivid-007: Generate SCR: true [ 423.482140][ T9557] tpg source WxH: 320x240 (Y'CbCr) [ 423.487563][ T9563] CPU: 1 UID: 0 PID: 9563 Comm: syz.0.789 Tainted: G U L syzkaller #0 PREEMPT(full) [ 423.487615][ T9563] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 423.487628][ T9563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 423.487646][ T9563] Call Trace: [ 423.487656][ T9563] [ 423.487668][ T9563] dump_stack_lvl+0x100/0x190 [ 423.487720][ T9563] should_fail_ex.cold+0x5/0xa [ 423.487758][ T9563] should_failslab+0xc2/0x120 [ 423.487811][ T9563] __kmalloc_cache_noprof+0x7a/0x6f0 [ 423.487850][ T9563] ? proc_thread_self_get_link+0x1a6/0x210 [ 423.487904][ T9563] proc_thread_self_get_link+0x1a6/0x210 [ 423.487960][ T9563] pick_link+0xac2/0x13c0 [ 423.488002][ T9563] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 423.488054][ T9563] step_into_slowpath+0x9ba/0xf90 [ 423.488107][ T9563] ? __pfx_step_into_slowpath+0x10/0x10 [ 423.488159][ T9563] ? lookup_fast+0x2da/0x600 [ 423.488198][ T9563] ? inode_permission+0x374/0x620 [ 423.488242][ T9563] link_path_walk+0xf28/0x1cc0 [ 423.488304][ T9563] path_openat+0x1be/0x31a0 [ 423.488331][ T9563] ? kasan_save_stack+0x3f/0x50 [ 423.488375][ T9563] ? kasan_save_stack+0x30/0x50 [ 423.488419][ T9563] ? kasan_save_track+0x14/0x30 [ 423.488464][ T9563] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 423.488526][ T9563] ? __pfx_path_openat+0x10/0x10 [ 423.488590][ T9563] do_file_open+0x20e/0x430 [ 423.488624][ T9563] ? __pfx_do_file_open+0x10/0x10 [ 423.488685][ T9563] ? alloc_fd+0x476/0x790 [ 423.488740][ T9563] ? do_getname+0x191/0x390 [ 423.488781][ T9563] do_sys_openat2+0x10d/0x1e0 [ 423.488820][ T9563] ? __pfx_do_sys_openat2+0x10/0x10 [ 423.488876][ T9563] __x64_sys_openat+0x12d/0x210 [ 423.488926][ T9563] ? __pfx___x64_sys_openat+0x10/0x10 [ 423.488983][ T9563] do_syscall_64+0x106/0xf80 [ 423.489018][ T9563] ? clear_bhb_loop+0x40/0x90 [ 423.489058][ T9563] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.489091][ T9563] RIP: 0033:0x7f3792b5cece [ 423.489116][ T9563] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 423.489147][ T9563] RSP: 002b:00007f37939baf98 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 423.489177][ T9563] RAX: ffffffffffffffda RBX: 00007f37939bb6c0 RCX: 00007f3792b5cece [ 423.489198][ T9563] RDX: 0000000000000002 RSI: 00007f3792c32440 RDI: ffffffffffffff9c [ 423.489226][ T9563] RBP: 00007f3792c32b39 R08: 0000000000000000 R09: 0000000000000000 [ 423.489246][ T9563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 423.489265][ T9563] R13: 00007f3792e16038 R14: 00007f3792e15fa0 R15: 00007ffcd147a2a8 [ 423.489308][ T9563] [ 423.759216][ T5142] Bluetooth: hci0: command 0x0c1a tx timeout [ 423.810350][ T9557] tpg field: 1 [ 423.813928][ T9557] tpg crop: (0,0)/320x240 [ 423.841760][ T9557] tpg compose: (0,0)/320x240 [ 423.925608][ T9563] FAULT_INJECTION: forcing a failure. [ 423.925608][ T9563] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 423.948482][ T9557] tpg colorspace: 8 [ 423.952567][ T9557] tpg transfer function: 0/0 [ 423.967309][ T9557] tpg Y'CbCr encoding: 0/0 [ 423.988208][ T9557] tpg quantization: 0/0 [ 423.992443][ T9557] tpg RGB range: 0/2 [ 423.996380][ T9557] vivid-007: ================== END STATUS ================== [ 424.079494][ T9563] CPU: 0 UID: 0 PID: 9563 Comm: syz.0.789 Tainted: G U L syzkaller #0 PREEMPT(full) [ 424.079543][ T9563] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 424.079555][ T9563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 424.079572][ T9563] Call Trace: [ 424.079583][ T9563] [ 424.079595][ T9563] dump_stack_lvl+0x100/0x190 [ 424.079646][ T9563] should_fail_ex.cold+0x5/0xa [ 424.079676][ T9563] ? prepare_alloc_pages+0x16d/0x5f0 [ 424.079713][ T9563] should_fail_alloc_page+0xeb/0x140 [ 424.079766][ T9563] prepare_alloc_pages+0x1f0/0x5f0 [ 424.079798][ T9563] ? arch_stack_walk+0xa6/0xf0 [ 424.079829][ T9563] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 424.079882][ T9563] ? stack_trace_save+0x8e/0xc0 [ 424.079931][ T9563] ? __pfx_stack_trace_save+0x10/0x10 [ 424.079991][ T9563] ? stack_depot_save_flags+0x27/0x9d0 [ 424.080050][ T9563] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 424.080095][ T9563] ? kasan_save_stack+0x3f/0x50 [ 424.080138][ T9563] ? kasan_save_stack+0x30/0x50 [ 424.080182][ T9563] ? kasan_save_track+0x14/0x30 [ 424.080227][ T9563] ? copy_time_ns+0xf6/0x800 [ 424.080256][ T9563] ? unshare_nsproxy_namespaces+0xc3/0x1f0 [ 424.080288][ T9563] ? ksys_unshare+0x455/0xab0 [ 424.080323][ T9563] ? __x64_sys_unshare+0x31/0x40 [ 424.080359][ T9563] ? do_syscall_64+0x106/0xf80 [ 424.080392][ T9563] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.080445][ T9563] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 424.080497][ T9563] ? policy_nodemask+0xed/0x4f0 [ 424.080546][ T9563] alloc_pages_mpol+0x1fb/0x550 [ 424.080599][ T9563] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 424.080658][ T9563] alloc_pages_noprof+0x131/0x390 [ 424.080712][ T9563] copy_time_ns+0x11a/0x800 [ 424.080740][ T9563] ? copy_cgroup_ns+0x71/0x970 [ 424.080778][ T9563] create_new_namespaces+0x48a/0xac0 [ 424.080818][ T9563] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 424.080854][ T9563] ksys_unshare+0x455/0xab0 [ 424.080895][ T9563] ? __pfx_ksys_unshare+0x10/0x10 [ 424.080933][ T9563] ? ksys_write+0x1ac/0x250 [ 424.080998][ T9563] __x64_sys_unshare+0x31/0x40 [ 424.081037][ T9563] do_syscall_64+0x106/0xf80 [ 424.081070][ T9563] ? clear_bhb_loop+0x40/0x90 [ 424.081107][ T9563] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 424.081141][ T9563] RIP: 0033:0x7f3792b9c629 [ 424.081168][ T9563] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 424.081200][ T9563] RSP: 002b:00007f37939bb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 424.081231][ T9563] RAX: ffffffffffffffda RBX: 00007f3792e15fa0 RCX: 00007f3792b9c629 [ 424.081252][ T9563] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 424.081271][ T9563] RBP: 00007f37939bb090 R08: 0000000000000000 R09: 0000000000000000 [ 424.081291][ T9563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 424.081310][ T9563] R13: 00007f3792e16038 R14: 00007f3792e15fa0 R15: 00007ffcd147a2a8 [ 424.081351][ T9563] [ 424.537359][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 424.577096][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 424.583443][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 424.617621][ T5142] Bluetooth: hci4: command 0x0c1a tx timeout [ 425.270227][ T9587] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes. [ 425.533193][ T9595] snd_aloop snd_aloop.0: Parsing timer source '.Ş#( 'cC:w [ 431.957345][ T9653] dump_stack_lvl+0x100/0x190 [ 431.957395][ T9653] should_fail_ex.cold+0x5/0xa [ 431.957429][ T9653] should_failslab+0xc2/0x120 [ 431.957476][ T9653] __kmalloc_cache_noprof+0x7a/0x6f0 [ 431.957512][ T9653] ? copy_time_ns+0xf6/0x800 [ 431.957547][ T9653] copy_time_ns+0xf6/0x800 [ 431.957571][ T9653] ? copy_cgroup_ns+0x71/0x970 [ 431.957605][ T9653] create_new_namespaces+0x48a/0xac0 [ 431.957642][ T9653] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 431.957675][ T9653] ksys_unshare+0x455/0xab0 [ 431.957711][ T9653] ? __pfx_ksys_unshare+0x10/0x10 [ 431.957758][ T9653] __x64_sys_unshare+0x31/0x40 [ 431.957792][ T9653] do_syscall_64+0x106/0xf80 [ 431.957823][ T9653] ? clear_bhb_loop+0x40/0x90 [ 431.957857][ T9653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.957886][ T9653] RIP: 0033:0x7fd8cbb9c629 [ 431.957910][ T9653] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 431.957938][ T9653] RSP: 002b:00007fd8ccb11028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 431.957965][ T9653] RAX: ffffffffffffffda RBX: 00007fd8cbe15fa0 RCX: 00007fd8cbb9c629 [ 431.957984][ T9653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 431.958001][ T9653] RBP: 00007fd8cbc32b39 R08: 0000000000000000 R09: 0000000000000000 [ 431.958018][ T9653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 431.958035][ T9653] R13: 00007fd8cbe16038 R14: 00007fd8cbe15fa0 R15: 00007fff9933db28 [ 431.958082][ T9653] [ 436.217900][ T5142] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 438.376768][ T9696] Setting dangerous option i915.mitigations - tainting kernel [ 440.463186][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.469807][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.797910][ T9707] Setting dangerous option i915.mitigations - tainting kernel [ 444.049554][ T9756] Setting dangerous option i915.mitigations - tainting kernel [ 447.462958][ T9784] Invalid ELF header magic: != ELF [ 451.950343][ T9831] Setting dangerous option i915.mitigations - tainting kernel [ 453.226499][ T9815] Process accounting paused [ 453.917688][ T5142] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 483.432346][T10430] Process accounting resumed [ 501.907689][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.914222][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 513.615903][T11181] Process accounting paused [ 527.201878][ T5830] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 527.219735][ T5830] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 527.240214][ T5830] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 527.261208][ T5830] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 527.269758][ T5830] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 528.491959][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.104882][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.418259][ T5142] Bluetooth: hci5: command tx timeout [ 529.522009][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 529.680376][T11512] chnl_net:caif_netlink_parms(): no params data found [ 530.027914][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 530.487004][T11512] bridge0: port 1(bridge_slave_0) entered blocking state [ 530.494464][T11512] bridge0: port 1(bridge_slave_0) entered disabled state [ 530.502125][T11512] bridge_slave_0: entered allmulticast mode [ 530.510380][T11512] bridge_slave_0: entered promiscuous mode [ 530.526225][T11512] bridge0: port 2(bridge_slave_1) entered blocking state [ 530.533531][T11512] bridge0: port 2(bridge_slave_1) entered disabled state [ 530.541700][T11512] bridge_slave_1: entered allmulticast mode [ 530.549987][T11512] bridge_slave_1: entered promiscuous mode [ 530.882581][T11512] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 530.922077][T11512] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 531.268103][T11512] team0: Port device team_slave_0 added [ 531.370420][T11512] team0: Port device team_slave_1 added [ 531.487842][ T12] bridge_slave_1: left allmulticast mode [ 531.498114][ T5142] Bluetooth: hci5: command tx timeout [ 531.513648][ T12] bridge_slave_1: left promiscuous mode [ 531.576717][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 531.698964][ T12] bridge_slave_0: left allmulticast mode [ 531.704703][ T12] bridge_slave_0: left promiscuous mode [ 531.776933][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 533.159114][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 533.287687][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 533.379879][ T12] bond0 (unregistering): Released all slaves [ 533.578354][ T5142] Bluetooth: hci5: command tx timeout [ 533.608964][T11512] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 533.615995][T11512] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 533.721705][T11512] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 533.819230][T11512] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 533.826423][T11512] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 533.977786][T11512] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 534.914347][T11512] hsr_slave_0: entered promiscuous mode [ 535.000428][T11512] hsr_slave_1: entered promiscuous mode [ 535.023569][T11512] debugfs: 'hsr0' already exists in 'hsr' [ 535.056961][T11512] Cannot create hsr debugfs directory [ 535.657982][ T5142] Bluetooth: hci5: command tx timeout [ 535.699899][ T12] hsr_slave_0: left promiscuous mode [ 535.717415][ T12] hsr_slave_1: left promiscuous mode [ 535.738683][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 535.752441][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 535.888048][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 535.895753][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 536.092740][ T12] veth1_macvtap: left promiscuous mode [ 536.129961][ T12] veth0_macvtap: left promiscuous mode [ 536.163117][ T12] veth1_vlan: left promiscuous mode [ 536.209373][ T12] veth0_vlan: left promiscuous mode [ 538.114358][ T12] team0 (unregistering): Port device team_slave_1 removed [ 538.281893][ T12] team0 (unregistering): Port device team_slave_0 removed [ 541.793184][T11512] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 541.907725][T11512] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 541.990934][T11512] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 542.265606][T11512] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 543.063935][T11512] 8021q: adding VLAN 0 to HW filter on device bond0 [ 543.243637][T11512] 8021q: adding VLAN 0 to HW filter on device team0 [ 543.351440][ T182] bridge0: port 1(bridge_slave_0) entered blocking state [ 543.358695][ T182] bridge0: port 1(bridge_slave_0) entered forwarding state [ 543.484454][ T182] bridge0: port 2(bridge_slave_1) entered blocking state [ 543.491752][ T182] bridge0: port 2(bridge_slave_1) entered forwarding state [ 545.055754][T11512] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 545.436344][T11512] veth0_vlan: entered promiscuous mode [ 545.543025][T11512] veth1_vlan: entered promiscuous mode [ 545.830071][T11512] veth0_macvtap: entered promiscuous mode [ 545.947778][T11512] veth1_macvtap: entered promiscuous mode [ 546.040400][T11512] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 546.099495][T11512] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 546.230015][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.280234][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.347777][ T1023] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.356592][ T1023] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 546.852200][ T9766] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 546.907715][ T9766] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 547.069508][ T163] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 547.108053][ T163] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 548.814348][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 548.829929][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 548.852434][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 548.884313][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 548.899954][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 550.680237][ T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 550.990691][ T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 551.018318][ T5142] Bluetooth: hci0: command tx timeout [ 551.389344][ T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 551.431723][T11975] chnl_net:caif_netlink_parms(): no params data found [ 551.724377][ T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 552.206234][T11975] bridge0: port 1(bridge_slave_0) entered blocking state [ 552.213652][T11975] bridge0: port 1(bridge_slave_0) entered disabled state [ 552.221438][T11975] bridge_slave_0: entered allmulticast mode [ 552.243773][T11975] bridge_slave_0: entered promiscuous mode [ 552.299944][T11975] bridge0: port 2(bridge_slave_1) entered blocking state [ 552.315434][T11975] bridge0: port 2(bridge_slave_1) entered disabled state [ 552.333446][T11975] bridge_slave_1: entered allmulticast mode [ 552.378832][T11975] bridge_slave_1: entered promiscuous mode [ 552.775977][T11975] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 552.861791][T11975] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 553.098268][ T5142] Bluetooth: hci0: command tx timeout [ 553.122467][T11975] team0: Port device team_slave_0 added [ 553.199150][T11975] team0: Port device team_slave_1 added [ 553.205174][ T36] bridge_slave_1: left allmulticast mode [ 553.229056][ T36] bridge_slave_1: left promiscuous mode [ 553.234911][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 553.315679][ T36] bridge_slave_0: left allmulticast mode [ 553.349924][ T36] bridge_slave_0: left promiscuous mode [ 553.355770][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 554.349751][ T36] tunl0 (unregistering): left allmulticast mode [ 554.701337][ T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 554.829641][ T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 554.906225][ T36] bond0 (unregistering): Released all slaves [ 555.177594][ T5830] Bluetooth: hci0: command tx timeout [ 555.218105][T11975] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 555.267006][T11975] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 555.399665][T11975] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 555.463127][T11975] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 555.501970][T11975] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 555.607103][T11975] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 556.005396][T11975] hsr_slave_0: entered promiscuous mode [ 556.068613][T11975] hsr_slave_1: entered promiscuous mode [ 556.125288][T11975] debugfs: 'hsr0' already exists in 'hsr' [ 556.164324][T11975] Cannot create hsr debugfs directory [ 556.537651][ T5142] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 557.257442][ T5142] Bluetooth: hci0: command tx timeout [ 557.277003][ T36] hsr_slave_0: left promiscuous mode [ 557.324713][ T36] hsr_slave_1: left promiscuous mode [ 557.335736][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 557.364900][ T36] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 557.458536][ T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 557.465999][ T36] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 557.579644][ T36] veth1_macvtap: left promiscuous mode [ 557.593864][ T36] veth0_macvtap: left promiscuous mode [ 557.620147][ T36] veth1_vlan: left promiscuous mode [ 557.648694][ T36] veth0_vlan: left promiscuous mode [ 559.331365][ T36] team0 (unregistering): Port device team_slave_1 removed [ 559.431443][ T36] team0 (unregistering): Port device team_slave_0 removed [ 562.729475][T11975] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 562.790094][T11975] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 562.947720][T11975] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 562.997934][T11975] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 563.342064][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.353166][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 563.782472][T11975] 8021q: adding VLAN 0 to HW filter on device bond0 [ 563.977674][T11975] 8021q: adding VLAN 0 to HW filter on device team0 [ 564.079980][T11928] bridge0: port 1(bridge_slave_0) entered blocking state [ 564.087301][T11928] bridge0: port 1(bridge_slave_0) entered forwarding state [ 564.206501][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 564.213728][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 564.466089][T11975] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 564.714693][T11975] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 565.979497][T11975] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 566.217292][ T5142] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 566.340073][T11975] veth0_vlan: entered promiscuous mode [ 566.394844][T11975] veth1_vlan: entered promiscuous mode [ 566.650367][T11975] veth0_macvtap: entered promiscuous mode [ 566.741375][T11975] veth1_macvtap: entered promiscuous mode [ 566.874089][T11975] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 566.971944][T11975] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 567.091172][ T182] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 567.147277][ T182] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 567.156162][ T182] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 567.249208][ T182] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 567.705558][ T163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 567.766103][ T163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 567.971208][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 568.037457][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 569.338086][ T5830] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 569.389319][ T5830] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 569.409946][ T5830] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 569.424930][ T5830] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 569.463233][ T5830] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 571.581607][ T5142] Bluetooth: hci3: command tx timeout [ 571.958355][T12364] chnl_net:caif_netlink_parms(): no params data found [ 572.656671][ T163] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 573.089409][ T163] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 573.327623][ T163] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 573.663600][ T5142] Bluetooth: hci3: command tx timeout [ 573.852652][ T163] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 573.958415][T12364] bridge0: port 1(bridge_slave_0) entered blocking state [ 573.967356][T12364] bridge0: port 1(bridge_slave_0) entered disabled state [ 573.991673][T12364] bridge_slave_0: entered allmulticast mode [ 574.027757][T12364] bridge_slave_0: entered promiscuous mode [ 574.072059][T12364] bridge0: port 2(bridge_slave_1) entered blocking state [ 574.102495][T12364] bridge0: port 2(bridge_slave_1) entered disabled state [ 574.157340][T12364] bridge_slave_1: entered allmulticast mode [ 574.174164][T12364] bridge_slave_1: entered promiscuous mode [ 574.361419][T12447] ptp ptp0: only physical clock in use now [ 574.387433][T12364] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 574.441737][T12364] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 574.622622][T12364] team0: Port device team_slave_0 added [ 574.745516][T12364] team0: Port device team_slave_1 added [ 574.928991][T12364] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 574.951571][T12364] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 575.027041][T12364] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 575.075640][T12364] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 575.127062][T12364] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 575.238237][T12364] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 575.736057][ T163] bridge_slave_1: left allmulticast mode [ 575.749228][ T5142] Bluetooth: hci3: command tx timeout [ 575.756974][ T163] bridge_slave_1: left promiscuous mode [ 575.762877][ T163] bridge0: port 2(bridge_slave_1) entered disabled state [ 575.799948][ T163] bridge_slave_0: left allmulticast mode [ 575.805787][ T163] bridge_slave_0: left promiscuous mode [ 575.813945][ T163] bridge0: port 1(bridge_slave_0) entered disabled state [ 576.586333][ T163] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 576.635368][ T163] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 576.675073][ T163] bond0 (unregistering): Released all slaves [ 577.087379][T12364] hsr_slave_0: entered promiscuous mode [ 577.108448][T12364] hsr_slave_1: entered promiscuous mode [ 577.133189][T12364] debugfs: 'hsr0' already exists in 'hsr' [ 577.153112][T12364] Cannot create hsr debugfs directory [ 577.321232][T12470] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 577.362682][T12470] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 577.401740][T12470] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 577.423022][T12470] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 577.492643][T12470] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 577.543922][T12470] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 577.579349][T12470] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 577.628498][T12470] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 577.724086][T12470] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 577.747098][T12470] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 577.821050][T12470] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 578.418868][T12519] [U] ^@ [ 578.880092][ T163] hsr_slave_0: left promiscuous mode [ 578.919392][ T163] hsr_slave_1: left promiscuous mode [ 578.925759][ T163] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 579.004141][ T163] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 579.049131][ T163] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 579.056680][ T163] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 579.161534][ T163] veth1_macvtap: left promiscuous mode [ 579.197228][ T163] veth0_macvtap: left promiscuous mode [ 579.202966][ T163] veth1_vlan: left promiscuous mode [ 579.232366][ T163] veth0_vlan: left promiscuous mode [ 579.338751][ T5142] Bluetooth: hci1: command 0x0c1a tx timeout [ 579.417218][ T5142] Bluetooth: hci5: command 0x0c1a tx timeout [ 579.418130][ T5830] Bluetooth: hci4: command 0x0c1a tx timeout [ 579.576959][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 579.746534][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 580.412901][ T163] team0 (unregistering): Port device team_slave_1 removed [ 580.463835][ T163] team0 (unregistering): Port device team_slave_0 removed [ 581.497103][ T5830] Bluetooth: hci5: command 0x0c1a tx timeout [ 581.657665][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 581.817794][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 582.748937][T12364] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 582.835367][T12364] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 582.923944][T12364] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 583.016074][T12364] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 583.579676][ T5830] Bluetooth: hci5: command 0x0c1a tx timeout [ 583.744713][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 583.906986][ T5830] Bluetooth: hci3: command 0x0c1a tx timeout [ 583.963463][T12364] 8021q: adding VLAN 0 to HW filter on device bond0 [ 584.661810][T12364] 8021q: adding VLAN 0 to HW filter on device team0 [ 585.092716][ T1157] bridge0: port 1(bridge_slave_0) entered blocking state [ 585.100032][ T1157] bridge0: port 1(bridge_slave_0) entered forwarding state [ 585.157685][ T1157] bridge0: port 2(bridge_slave_1) entered blocking state [ 585.165130][ T1157] bridge0: port 2(bridge_slave_1) entered forwarding state [ 586.651907][T12662] random: crng reseeded on system resumption [ 586.916602][T12364] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 587.249034][T12678] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 587.575226][T12364] veth0_vlan: entered promiscuous mode [ 587.680467][T12364] veth1_vlan: entered promiscuous mode [ 588.071545][T12364] veth0_macvtap: entered promiscuous mode [ 588.131042][T12364] veth1_macvtap: entered promiscuous mode [ 588.477891][T12364] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 588.575303][T12364] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 588.631714][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.741439][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.857072][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 588.865872][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 589.798916][T12727] random: crng reseeded on system resumption [ 590.111962][ T163] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 590.168245][ T163] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 590.376464][ T9766] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 590.444046][ T9766] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 592.296170][ T51] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 592.341823][ T51] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 592.350519][ T51] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 592.379618][ T51] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 592.387686][ T51] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 593.657505][ T5830] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 594.140299][ T49] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 594.459862][ T5830] Bluetooth: hci6: command tx timeout [ 594.555443][ T49] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 594.749026][T12769] chnl_net:caif_netlink_parms(): no params data found [ 595.034348][ T49] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 595.251170][ T49] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 596.097272][T12769] bridge0: port 1(bridge_slave_0) entered blocking state [ 596.109235][T12769] bridge0: port 1(bridge_slave_0) entered disabled state [ 596.166671][T12769] bridge_slave_0: entered allmulticast mode [ 596.215434][T12769] bridge_slave_0: entered promiscuous mode [ 596.251230][T12769] bridge0: port 2(bridge_slave_1) entered blocking state [ 596.268492][T12769] bridge0: port 2(bridge_slave_1) entered disabled state [ 596.293717][T12769] bridge_slave_1: entered allmulticast mode [ 596.317933][T12813] [U]  [ 596.320836][T12813] [U] [ 596.323599][T12813] [U] [ 596.326364][T12813] [U] [ 596.339737][T12769] bridge_slave_1: entered promiscuous mode [ 596.368853][T12813] [U] [ 596.371747][T12813] [U] [ 596.374521][T12813] [U] [ 596.377557][T12813] [U] [ 596.500103][T12812] [U] [ 596.537308][ T5830] Bluetooth: hci6: command tx timeout [ 597.116386][T12769] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 597.279950][T12769] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 597.424302][ T49] bridge_slave_1: left allmulticast mode [ 597.451380][ T49] bridge_slave_1: left promiscuous mode [ 597.482191][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 597.532011][ T49] bridge_slave_0: left allmulticast mode [ 597.542893][ T49] bridge_slave_0: left promiscuous mode [ 597.564069][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 598.235833][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 598.299489][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 598.351757][ T49] bond0 (unregistering): Released all slaves [ 598.627062][ T5830] Bluetooth: hci6: command tx timeout [ 598.652296][T12817] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 598.703089][T12817] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 598.750405][T12769] team0: Port device team_slave_0 added [ 598.776197][T12817] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 598.796124][T12817] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 598.827845][T12817] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 598.854018][T12817] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 598.925873][T12817] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 598.990759][T12769] team0: Port device team_slave_1 added [ 599.268238][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 599.778270][ T49] hsr_slave_0: left promiscuous mode [ 599.857165][ T49] hsr_slave_1: left promiscuous mode [ 599.874247][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 599.916407][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 599.976380][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 600.014632][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 600.165089][ T49] veth1_macvtap: left promiscuous mode [ 600.208626][ T49] veth0_macvtap: left promiscuous mode [ 600.247141][ T49] veth1_vlan: left promiscuous mode [ 600.269908][ T49] veth0_vlan: left promiscuous mode [ 600.781590][ T5142] Bluetooth: hci5: command 0x0c1a tx timeout [ 600.857015][ T5142] Bluetooth: hci6: command 0x0c1a tx timeout [ 600.863167][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 600.869810][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 601.913971][T12769] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 601.924213][T12769] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 601.996978][T12769] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 602.088078][T12769] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 602.106479][T12769] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 602.141960][T12769] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 602.147605][ T5830] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 602.932755][T12769] hsr_slave_0: entered promiscuous mode [ 602.950633][ T5830] Bluetooth: hci6: command 0x0c1a tx timeout [ 602.968228][T12769] hsr_slave_1: entered promiscuous mode [ 602.974805][T12769] debugfs: 'hsr0' already exists in 'hsr' [ 603.011128][T12769] Cannot create hsr debugfs directory [ 605.017208][ T5830] Bluetooth: hci6: command 0x0c1a tx timeout [ 605.886147][T12769] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 605.938567][T12898] random: crng reseeded on system resumption [ 605.947699][T12769] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 606.547473][T12769] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 606.596110][T12769] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 607.714173][T12769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 607.878617][T12769] 8021q: adding VLAN 0 to HW filter on device team0 [ 607.974002][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 607.981251][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 608.123287][T11928] bridge0: port 2(bridge_slave_1) entered blocking state [ 608.130534][T11928] bridge0: port 2(bridge_slave_1) entered forwarding state [ 608.355163][T12924] FAULT_INJECTION: forcing a failure. [ 608.355163][T12924] name failslab, interval 1, probability 0, space 0, times 0 [ 608.435341][T12924] CPU: 0 UID: 0 PID: 12924 Comm: syz.0.3264 Tainted: G U L syzkaller #0 PREEMPT(full) [ 608.435401][T12924] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 608.435416][T12924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 608.435437][T12924] Call Trace: [ 608.435448][T12924] [ 608.435460][T12924] dump_stack_lvl+0x100/0x190 [ 608.435517][T12924] should_fail_ex.cold+0x5/0xa [ 608.435558][T12924] should_failslab+0xc2/0x120 [ 608.435629][T12924] __kmalloc_cache_noprof+0x7a/0x6f0 [ 608.435670][T12924] ? copy_time_ns+0xf6/0x800 [ 608.435712][T12924] copy_time_ns+0xf6/0x800 [ 608.435741][T12924] ? copy_cgroup_ns+0x71/0x970 [ 608.435781][T12924] create_new_namespaces+0x48a/0xac0 [ 608.435826][T12924] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 608.435865][T12924] ksys_unshare+0x455/0xab0 [ 608.435909][T12924] ? __pfx_ksys_unshare+0x10/0x10 [ 608.435966][T12924] __x64_sys_unshare+0x31/0x40 [ 608.436006][T12924] do_syscall_64+0x106/0xf80 [ 608.436042][T12924] ? clear_bhb_loop+0x40/0x90 [ 608.436083][T12924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.436117][T12924] RIP: 0033:0x7f42df19c629 [ 608.436145][T12924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 608.436179][T12924] RSP: 002b:00007f42dff95028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 608.436211][T12924] RAX: ffffffffffffffda RBX: 00007f42df415fa0 RCX: 00007f42df19c629 [ 608.436233][T12924] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 608.436252][T12924] RBP: 00007f42df232b39 R08: 0000000000000000 R09: 0000000000000000 [ 608.436272][T12924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 608.436290][T12924] R13: 00007f42df416038 R14: 00007f42df415fa0 R15: 00007fff9b6d9848 [ 608.436333][T12924] [ 609.995683][T12769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 612.510623][T12769] veth0_vlan: entered promiscuous mode [ 612.774135][T12769] veth1_vlan: entered promiscuous mode [ 613.106671][T12769] veth0_macvtap: entered promiscuous mode [ 613.190278][T12769] veth1_macvtap: entered promiscuous mode [ 613.543244][T12769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 613.625524][T12769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 613.744290][ T5830] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 613.932343][ T1157] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.117239][ T1157] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.168001][ T1157] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 614.215475][ T1157] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 615.185715][T13002] random: crng reseeded on system resumption [ 615.762827][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 615.853164][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 616.371571][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 616.396187][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 621.423422][T13064] random: crng reseeded on system resumption [ 621.937675][T13071] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 624.783567][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.816976][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.098311][T13083] Setting dangerous option i915.mitigations - tainting kernel [ 627.434823][T13114] random: crng reseeded on system resumption [ 628.177168][T13129] snd_aloop snd_aloop.0: Parsing timer source '.Ş#( 'cC:w rejected, media not registered [ 638.637195][T13238] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input7 [ 640.528973][T13242] No such timeout policy "" [ 640.742909][T13251] random: crng reseeded on system resumption [ 640.863715][T13242] netlink: Failed to associated timeout policy '' [ 640.980541][T13258] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 644.948898][T13300] random: crng reseeded on system resumption [ 647.296497][T13320] random: crng reseeded on system resumption [ 649.853710][T13340] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 649.987298][T13341] loop6: detected capacity change from 0 to 4194304 [ 651.477127][T13347] random: crng reseeded on system resumption [ 655.385335][T13371] random: crng reseeded on system resumption [ 657.737058][ T5830] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 666.912341][T13496] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input8 [ 669.784463][T13509] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 669.797899][T13509] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 669.822956][T13509] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 669.907502][T13509] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 669.917436][T13509] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 671.141656][T13542] random: crng reseeded on system resumption [ 671.279323][ T5830] Bluetooth: hci1: command 0x0c1a tx timeout [ 671.818733][ T5830] Bluetooth: hci5: command 0x0c1a tx timeout [ 671.896975][ T5830] Bluetooth: hci0: command 0x0c1a tx timeout [ 671.976984][ T5142] Bluetooth: hci3: command 0x0c1a tx timeout [ 671.987324][ T5830] Bluetooth: hci6: command 0x0c1a tx timeout [ 673.498391][T13557] random: crng reseeded on system resumption [ 676.740911][T13580] vivid-007: ================= START STATUS ================= [ 676.748969][T13580] vivid-007: Generate PTS: true [ 676.753918][T13580] vivid-007: Generate SCR: true [ 676.770493][T13580] tpg source WxH: 320x240 (Y'CbCr) [ 676.775685][T13580] tpg field: 1 [ 676.842369][T13580] tpg crop: (0,0)/320x240 [ 676.846798][T13580] tpg compose: (0,0)/320x240 [ 676.932653][T13580] tpg colorspace: 8 [ 676.957116][T13580] tpg transfer function: 0/0 [ 677.052681][T13580] tpg Y'CbCr encoding: 0/0 [ 677.075874][T13580] tpg quantization: 0/0 [ 677.112010][T13580] tpg RGB range: 0/2 [ 677.172795][T13580] vivid-007: ================== END STATUS ================== [ 679.063463][T13610] random: crng reseeded on system resumption [ 683.196729][T13645] random: crng reseeded on system resumption [ 684.474547][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3380'. [ 685.035326][T13665] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 686.234544][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.241280][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.290930][T13686] random: crng reseeded on system resumption [ 689.167269][T13704] vivid-007: ================= START STATUS ================= [ 689.216651][T13704] vivid-007: Generate PTS: true [ 689.257560][T13704] vivid-007: Generate SCR: true [ 689.289912][T13704] tpg source WxH: 320x240 (Y'CbCr) [ 689.295215][T13704] tpg field: 1 [ 689.415574][T13704] tpg crop: (0,0)/320x240 [ 689.468210][T13704] tpg compose: (0,0)/320x240 [ 689.472924][T13704] tpg colorspace: 8 [ 689.476785][T13704] tpg transfer function: 0/0 [ 689.631008][T13704] tpg Y'CbCr encoding: 0/0 [ 689.636542][T13704] tpg quantization: 0/0 [ 689.818511][T13704] tpg RGB range: 0/2 [ 689.822659][T13704] vivid-007: ================== END STATUS ================== [ 689.950085][T13704] netlink: 354 bytes leftover after parsing attributes in process `syz.2.3389'. [ 692.009872][T13727] random: crng reseeded on system resumption [ 693.497167][T13742] random: crng reseeded on system resumption [ 693.927029][ T5830] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 696.377004][ T5830] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 702.817561][T13785] Setting dangerous option i915.mitigations - tainting kernel [ 703.827451][ T5830] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 704.622269][T13828] smpboot: CPU 1 is now offline [ 705.282007][T13830] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 705.335904][ T19] ------------[ cut here ]------------ [ 705.336670][ T19] [ 705.336678][ T19] ====================================================== [ 705.336687][ T19] WARNING: possible circular locking dependency detected [ 705.336699][ T19] syzkaller #0 Tainted: G U L [ 705.336712][ T19] ------------------------------------------------------ [ 705.336720][ T19] migration/0/19 is trying to acquire lock: [ 705.336733][ T19] ffffffff8e6f53c0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80 [ 705.336811][ T19] [ 705.336811][ T19] but task is already holding lock: [ 705.336818][ T19] ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 705.336887][ T19] [ 705.336887][ T19] which lock already depends on the new lock. [ 705.336887][ T19] [ 705.336895][ T19] [ 705.336895][ T19] the existing dependency chain (in reverse order) is: [ 705.336903][ T19] [ 705.336903][ T19] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 705.336937][ T19] _raw_spin_lock_nested+0x31/0x40 [ 705.336978][ T19] raw_spin_rq_lock_nested+0x2c/0x140 [ 705.337017][ T19] _task_rq_lock+0xcf/0x490 [ 705.337037][ T19] cgroup_move_task+0x81/0x2b0 [ 705.337062][ T19] css_set_move_task+0x285/0x600 [ 705.337083][ T19] cgroup_post_fork+0x202/0x9b0 [ 705.337111][ T19] copy_process+0x5f26/0x7a10 [ 705.337137][ T19] kernel_clone+0xfc/0x9a0 [ 705.337161][ T19] user_mode_thread+0xcc/0x110 [ 705.337187][ T19] rest_init+0x21/0x260 [ 705.337218][ T19] start_kernel+0x47f/0x480 [ 705.337247][ T19] x86_64_start_reservations+0x24/0x30 [ 705.337279][ T19] x86_64_start_kernel+0x12b/0x130 [ 705.337309][ T19] common_startup_64+0x13e/0x148 [ 705.337332][ T19] [ 705.337332][ T19] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 705.337365][ T19] _raw_spin_lock_irqsave+0x3a/0x60 [ 705.337405][ T19] try_to_wake_up+0xb2/0x1a80 [ 705.337444][ T19] __wake_up_common+0x135/0x1f0 [ 705.337475][ T19] __wake_up+0x31/0x60 [ 705.337498][ T19] tty_port_default_wakeup+0x47/0x60 [ 705.337529][ T19] serial8250_tx_chars+0x68f/0x860 [ 705.337559][ T19] serial8250_handle_irq+0x73e/0xcb0 [ 705.337591][ T19] serial8250_default_handle_irq+0x9e/0x270 [ 705.337625][ T19] serial8250_interrupt+0xf8/0x1d0 [ 705.337661][ T19] __handle_irq_event_percpu+0x232/0x8e0 [ 705.337703][ T19] handle_irq_event+0xab/0x1e0 [ 705.337746][ T19] handle_edge_irq+0x375/0x970 [ 705.337776][ T19] __common_interrupt+0xd8/0x2f0 [ 705.337803][ T19] common_interrupt+0xb9/0xe0 [ 705.337832][ T19] asm_common_interrupt+0x26/0x40 [ 705.337854][ T19] __read_once_word_nocheck+0x3/0x10 [ 705.337874][ T19] unwind_next_frame+0xb1d/0x1ea0 [ 705.337894][ T19] arch_stack_walk+0x94/0xf0 [ 705.337912][ T19] stack_trace_save+0x8e/0xc0 [ 705.337946][ T19] kasan_save_stack+0x30/0x50 [ 705.337977][ T19] kasan_save_track+0x14/0x30 [ 705.338007][ T19] kasan_save_free_info+0x3b/0x70 [ 705.338031][ T19] __kasan_slab_free+0x5f/0x80 [ 705.338063][ T19] kfree+0x1f6/0x6b0 [ 705.338086][ T19] tomoyo_realpath_from_path+0x19c/0x690 [ 705.338114][ T19] tomoyo_check_open_permission+0x2af/0x3c0 [ 705.338146][ T19] tomoyo_file_open+0x6b/0x90 [ 705.338170][ T19] security_file_open+0xb5/0x1e0 [ 705.338189][ T19] do_dentry_open+0x5aa/0x1660 [ 705.338222][ T19] vfs_open+0x82/0x3f0 [ 705.338243][ T19] path_openat+0x208c/0x31a0 [ 705.338260][ T19] do_file_open+0x20e/0x430 [ 705.338278][ T19] do_sys_openat2+0x10d/0x1e0 [ 705.338301][ T19] __x64_sys_openat+0x12d/0x210 [ 705.338325][ T19] do_syscall_64+0x106/0xf80 [ 705.338347][ T19] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.338370][ T19] [ 705.338370][ T19] -> #2 (&tty->write_wait){-.-.}-{3:3}: [ 705.338399][ T19] _raw_spin_lock_irqsave+0x3a/0x60 [ 705.338434][ T19] __wake_up+0x1c/0x60 [ 705.338454][ T19] tty_port_default_wakeup+0x47/0x60 [ 705.338480][ T19] serial8250_tx_chars+0x68f/0x860 [ 705.338505][ T19] serial8250_handle_irq+0x73e/0xcb0 [ 705.338533][ T19] serial8250_default_handle_irq+0x9e/0x270 [ 705.338562][ T19] serial8250_interrupt+0xf8/0x1d0 [ 705.338593][ T19] __handle_irq_event_percpu+0x232/0x8e0 [ 705.338627][ T19] handle_irq_event+0xab/0x1e0 [ 705.338659][ T19] handle_edge_irq+0x375/0x970 [ 705.338690][ T19] __common_interrupt+0xd8/0x2f0 [ 705.338716][ T19] common_interrupt+0xb9/0xe0 [ 705.338745][ T19] asm_common_interrupt+0x26/0x40 [ 705.338766][ T19] _raw_spin_unlock_irqrestore+0x31/0x80 [ 705.338786][ T19] uart_write+0x29d/0xb20 [ 705.338809][ T19] n_tty_write+0x44f/0x12d0 [ 705.338838][ T19] file_tty_write.isra.0+0x4d2/0x890 [ 705.338861][ T19] redirected_tty_write+0xd4/0x120 [ 705.338884][ T19] vfs_write+0x6ac/0x1070 [ 705.338914][ T19] ksys_write+0x12a/0x250 [ 705.338945][ T19] do_syscall_64+0x106/0xf80 [ 705.338966][ T19] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.338988][ T19] [ 705.338988][ T19] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 705.339015][ T19] _raw_spin_lock_irqsave+0x3a/0x60 [ 705.339050][ T19] serial8250_console_write+0x17e/0x1900 [ 705.339079][ T19] console_flush_one_record+0x790/0xe50 [ 705.339117][ T19] console_unlock+0x103/0x260 [ 705.339149][ T19] vprintk_emit+0x407/0x6b0 [ 705.339181][ T19] _printk+0xcf/0x110 [ 705.339200][ T19] register_console.cold+0xc0/0x248 [ 705.339222][ T19] univ8250_console_init+0x6f/0x80 [ 705.339256][ T19] console_init+0x423/0x620 [ 705.339286][ T19] start_kernel+0x305/0x480 [ 705.339309][ T19] x86_64_start_reservations+0x24/0x30 [ 705.339336][ T19] x86_64_start_kernel+0x12b/0x130 [ 705.339363][ T19] common_startup_64+0x13e/0x148 [ 705.339384][ T19] [ 705.339384][ T19] -> #0 (console_owner){-.-.}-{0:0}: [ 705.339411][ T19] __lock_acquire+0x14b8/0x2630 [ 705.339436][ T19] lock_acquire+0x1cf/0x380 [ 705.339460][ T19] console_lock_spinning_enable+0x72/0x80 [ 705.339492][ T19] console_flush_one_record+0x739/0xe50 [ 705.339525][ T19] console_unlock+0x103/0x260 [ 705.339556][ T19] vprintk_emit+0x407/0x6b0 [ 705.339589][ T19] _printk+0xcf/0x110 [ 705.339607][ T19] __report_bug.cold+0x15/0x137 [ 705.339636][ T19] report_bug+0xb2/0x220 [ 705.339654][ T19] handle_bug+0x166/0x2a0 [ 705.339678][ T19] exc_invalid_op+0x17/0x50 [ 705.339704][ T19] asm_exc_invalid_op+0x1a/0x20 [ 705.339724][ T19] update_rq_clock+0x40a/0xd20 [ 705.339743][ T19] __schedule+0x1b7d/0x60e0 [ 705.339762][ T19] schedule+0xdd/0x390 [ 705.339779][ T19] smpboot_thread_fn+0x893/0xaa0 [ 705.339802][ T19] kthread+0x370/0x450 [ 705.339828][ T19] ret_from_fork+0x754/0xd80 [ 705.339857][ T19] ret_from_fork_asm+0x1a/0x30 [ 705.339878][ T19] [ 705.339878][ T19] other info that might help us debug this: [ 705.339878][ T19] [ 705.339885][ T19] Chain exists of: [ 705.339885][ T19] console_owner --> &p->pi_lock --> &rq->__lock [ 705.339885][ T19] [ 705.339915][ T19] Possible unsafe locking scenario: [ 705.339915][ T19] [ 705.339921][ T19] CPU0 CPU1 [ 705.339927][ T19] ---- ---- [ 705.339933][ T19] lock(&rq->__lock); [ 705.339945][ T19] lock(&p->pi_lock); [ 705.339959][ T19] lock(&rq->__lock); [ 705.339973][ T19] lock(console_owner); [ 705.339986][ T19] [ 705.339986][ T19] *** DEADLOCK *** [ 705.339986][ T19] [ 705.339991][ T19] 3 locks held by migration/0/19: [ 705.340003][ T19] #0: ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 705.340066][ T19] #1: ffffffff8e7d5800 (console_lock){+.+.}-{0:0}, at: _printk+0xcf/0x110 [ 705.340118][ T19] #2: ffffffff8e7d5878 (console_srcu){....}-{0:0}, at: console_flush_one_record+0xfd/0xe50 [ 705.340181][ T19] [ 705.340181][ T19] stack backtrace: [ 705.340194][ T19] CPU: 0 UID: 0 PID: 19 Comm: migration/0 Tainted: G U L syzkaller #0 PREEMPT(full) [ 705.340228][ T19] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 705.340236][ T19] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 705.340250][ T19] Stopper: 0x0 <- 0x0 [ 705.340269][ T19] Call Trace: [ 705.340276][ T19] [ 705.340284][ T19] dump_stack_lvl+0x100/0x190 [ 705.340315][ T19] print_circular_bug.cold+0x178/0x1c7 [ 705.340351][ T19] check_noncircular+0x146/0x160 [ 705.340382][ T19] __lock_acquire+0x14b8/0x2630 [ 705.340414][ T19] lock_acquire+0x1cf/0x380 [ 705.340439][ T19] ? console_lock_spinning_enable+0x61/0x80 [ 705.340474][ T19] ? console_lock_spinning_enable+0x4a/0x80 [ 705.340511][ T19] console_lock_spinning_enable+0x72/0x80 [ 705.340545][ T19] ? console_lock_spinning_enable+0x61/0x80 [ 705.340578][ T19] console_flush_one_record+0x739/0xe50 [ 705.340616][ T19] ? __pfx_console_flush_one_record+0x10/0x10 [ 705.340655][ T19] ? is_printk_cpu_sync_owner+0x32/0x40 [ 705.340680][ T19] console_unlock+0x103/0x260 [ 705.340713][ T19] ? __pfx_console_unlock+0x10/0x10 [ 705.340749][ T19] ? do_raw_spin_unlock+0x145/0x1e0 [ 705.340781][ T19] ? _printk+0xcf/0x110 [ 705.340803][ T19] vprintk_emit+0x407/0x6b0 [ 705.340838][ T19] ? __pfx_vprintk_emit+0x10/0x10 [ 705.340872][ T19] ? rcu_is_watching+0x12/0xc0 [ 705.340908][ T19] _printk+0xcf/0x110 [ 705.340928][ T19] ? __pfx__printk+0x10/0x10 [ 705.340950][ T19] ? update_cfs_rq_load_avg+0x51/0x550 [ 705.340974][ T19] ? __report_bug.cold+0x5/0x137 [ 705.341003][ T19] ? __report_bug+0x377/0x3d0 [ 705.341023][ T19] __report_bug.cold+0x15/0x137 [ 705.341052][ T19] ? update_rq_clock+0x40a/0xd20 [ 705.341074][ T19] ? __pfx___report_bug+0x10/0x10 [ 705.341101][ T19] ? update_rq_clock+0x40a/0xd20 [ 705.341129][ T19] report_bug+0xb2/0x220 [ 705.341148][ T19] ? update_rq_clock+0x40a/0xd20 [ 705.341169][ T19] handle_bug+0x166/0x2a0 [ 705.341196][ T19] exc_invalid_op+0x17/0x50 [ 705.341224][ T19] asm_exc_invalid_op+0x1a/0x20 [ 705.341246][ T19] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 705.341269][ T19] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 c8 3c ba 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 705.341292][ T19] RSP: 0018:ffffc90000187c28 EFLAGS: 00010046 [ 705.341309][ T19] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001 [ 705.341323][ T19] RDX: 0000000000000046 RSI: ffffffff8de5475f RDI: ffffffff8c1aee20 [ 705.341337][ T19] RBP: ffffc90000187dd0 R08: 0000000000000001 R09: 0000000000000001 [ 705.341351][ T19] R10: ffff888062667007 R11: 0000000000000000 R12: ffffffff90d9c3e4 [ 705.341367][ T19] R13: ffff8880b853c0c0 R14: ffff888034483c80 R15: ffff8880b853b280 [ 705.341389][ T19] ? update_rq_clock+0x9c/0xd20 [ 705.341410][ T19] ? pick_task_fair+0x85/0x350 [ 705.341446][ T19] __schedule+0x1b7d/0x60e0 [ 705.341466][ T19] ? __lock_acquire+0x4a5/0x2630 [ 705.341498][ T19] ? __pfx___schedule+0x10/0x10 [ 705.341517][ T19] ? find_held_lock+0x2b/0x80 [ 705.341552][ T19] ? schedule+0x2bf/0x390 [ 705.341573][ T19] schedule+0xdd/0x390 [ 705.341592][ T19] smpboot_thread_fn+0x893/0xaa0 [ 705.341619][ T19] ? kthread+0x13a/0x450 [ 705.341645][ T19] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 705.341669][ T19] kthread+0x370/0x450 [ 705.341695][ T19] ? __pfx_kthread+0x10/0x10 [ 705.341724][ T19] ret_from_fork+0x754/0xd80 [ 705.341755][ T19] ? __pfx_ret_from_fork+0x10/0x10 [ 705.341787][ T19] ? __switch_to+0x7b4/0x1120 [ 705.341810][ T19] ? __pfx_kthread+0x10/0x10 [ 705.341838][ T19] ret_from_fork_asm+0x1a/0x30 [ 705.341867][ T19] [ 706.505816][ T19] debug_locks && !(lock_is_held(&(__rq_lockp(rq))->dep_map) != 0) [ 706.505834][ T19] WARNING: kernel/sched/sched.h:1600 at update_rq_clock+0x40a/0xd20, CPU#0: migration/0/19 [ 706.523856][ T19] Modules linked in: [ 706.527825][ T19] CPU: 0 UID: 0 PID: 19 Comm: migration/0 Tainted: G U L syzkaller #0 PREEMPT(full) [ 706.538620][ T19] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 706.543829][ T19] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 706.553907][ T19] Stopper: 0x0 <- 0x0 [ 706.558214][ T19] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 706.563798][ T19] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 c8 3c ba 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 706.583874][ T19] RSP: 0018:ffffc90000187c28 EFLAGS: 00010046 [ 706.590063][ T19] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001 [ 706.598067][ T19] RDX: 0000000000000046 RSI: ffffffff8de5475f RDI: ffffffff8c1aee20 [ 706.606094][ T19] RBP: ffffc90000187dd0 R08: 0000000000000001 R09: 0000000000000001 [ 706.614268][ T19] R10: ffff888062667007 R11: 0000000000000000 R12: ffffffff90d9c3e4 [ 706.622352][ T19] R13: ffff8880b853c0c0 R14: ffff888034483c80 R15: ffff8880b853b280 [ 706.630344][ T19] FS: 0000000000000000(0000) GS:ffff888124351000(0000) knlGS:0000000000000000 [ 706.639399][ T19] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 706.646098][ T19] CR2: 0000001b339cfff8 CR3: 0000000036d28000 CR4: 00000000003526f0 [ 706.654291][ T19] Call Trace: [ 706.657741][ T19] [ 706.660688][ T19] ? pick_task_fair+0x85/0x350 [ 706.665524][ T19] __schedule+0x1b7d/0x60e0 [ 706.670048][ T19] ? __lock_acquire+0x4a5/0x2630 [ 706.675114][ T19] ? __pfx___schedule+0x10/0x10 [ 706.679992][ T19] ? find_held_lock+0x2b/0x80 [ 706.684797][ T19] ? schedule+0x2bf/0x390 [ 706.689146][ T19] schedule+0xdd/0x390 [ 706.693227][ T19] smpboot_thread_fn+0x893/0xaa0 [ 706.698185][ T19] ? kthread+0x13a/0x450 [ 706.702558][ T19] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 706.708078][ T19] kthread+0x370/0x450 [ 706.712161][ T19] ? __pfx_kthread+0x10/0x10 [ 706.716772][ T19] ret_from_fork+0x754/0xd80 [ 706.721404][ T19] ? __pfx_ret_from_fork+0x10/0x10 [ 706.726547][ T19] ? __switch_to+0x7b4/0x1120 [ 706.731250][ T19] ? __pfx_kthread+0x10/0x10 [ 706.735887][ T19] ret_from_fork_asm+0x1a/0x30 [ 706.740681][ T19] [ 706.743742][ T19] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 706.751030][ T19] CPU: 0 UID: 0 PID: 19 Comm: migration/0 Tainted: G U L syzkaller #0 PREEMPT(full) [ 706.761817][ T19] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 706.767102][ T19] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 706.777175][ T19] Stopper: 0x0 <- 0x0 [ 706.781173][ T19] Call Trace: [ 706.784548][ T19] [ 706.787488][ T19] dump_stack_lvl+0x100/0x190 [ 706.792186][ T19] vpanic+0x552/0x970 [ 706.796179][ T19] ? __pfx_vpanic+0x10/0x10 [ 706.800779][ T19] ? lock_release+0x263/0x320 [ 706.805475][ T19] panic+0xd1/0xe0 [ 706.809211][ T19] ? __pfx_panic+0x10/0x10 [ 706.813654][ T19] ? check_panic_on_warn+0x1f/0x90 [ 706.818788][ T19] check_panic_on_warn.cold+0x19/0x34 [ 706.824177][ T19] ? update_rq_clock+0x40a/0xd20 [ 706.829124][ T19] __warn.cold+0x191/0x348 [ 706.833824][ T19] __report_bug+0x296/0x3d0 [ 706.838337][ T19] ? update_rq_clock+0x40a/0xd20 [ 706.843280][ T19] ? __pfx___report_bug+0x10/0x10 [ 706.848419][ T19] ? update_rq_clock+0x40a/0xd20 [ 706.853389][ T19] report_bug+0xb2/0x220 [ 706.857727][ T19] ? update_rq_clock+0x40a/0xd20 [ 706.862673][ T19] handle_bug+0x166/0x2a0 [ 706.867018][ T19] exc_invalid_op+0x17/0x50 [ 706.871542][ T19] asm_exc_invalid_op+0x1a/0x20 [ 706.876410][ T19] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 706.882015][ T19] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 c8 3c ba 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 706.901727][ T19] RSP: 0018:ffffc90000187c28 EFLAGS: 00010046 [ 706.907816][ T19] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001 [ 706.915795][ T19] RDX: 0000000000000046 RSI: ffffffff8de5475f RDI: ffffffff8c1aee20 [ 706.923780][ T19] RBP: ffffc90000187dd0 R08: 0000000000000001 R09: 0000000000000001 [ 706.931930][ T19] R10: ffff888062667007 R11: 0000000000000000 R12: ffffffff90d9c3e4 [ 706.939932][ T19] R13: ffff8880b853c0c0 R14: ffff888034483c80 R15: ffff8880b853b280 [ 706.947916][ T19] ? update_rq_clock+0x9c/0xd20 [ 706.952794][ T19] ? pick_task_fair+0x85/0x350 [ 706.957689][ T19] __schedule+0x1b7d/0x60e0 [ 706.962323][ T19] ? __lock_acquire+0x4a5/0x2630 [ 706.967495][ T19] ? __pfx___schedule+0x10/0x10 [ 706.973139][ T19] ? find_held_lock+0x2b/0x80 [ 706.977935][ T19] ? schedule+0x2bf/0x390 [ 706.982400][ T19] schedule+0xdd/0x390 [ 706.986515][ T19] smpboot_thread_fn+0x893/0xaa0 [ 706.991601][ T19] ? kthread+0x13a/0x450 [ 706.996014][ T19] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 707.001514][ T19] kthread+0x370/0x450 [ 707.005609][ T19] ? __pfx_kthread+0x10/0x10 [ 707.010236][ T19] ret_from_fork+0x754/0xd80 [ 707.014949][ T19] ? __pfx_ret_from_fork+0x10/0x10 [ 707.020128][ T19] ? __switch_to+0x7b4/0x1120 [ 707.024824][ T19] ? __pfx_kthread+0x10/0x10 [ 707.030032][ T19] ret_from_fork_asm+0x1a/0x30 [ 707.034817][ T19] [ 707.038137][ T19] Kernel Offset: disabled [ 707.042471][ T19] Rebooting in 86400 seconds..