last executing test programs: 6m49.658198123s ago: executing program 3 (id=1366): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) ioctl$auto(r0, 0x5522, 0xf15) ioctl$auto(r0, 0x5523, r0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x81) connect$auto(0xffffffffffffffff, 0x0, 0x18) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) write$auto(0xffffffffffffffff, 0x0, 0x2b6) r1 = socket(0x2c, 0x3, 0x0) poll$auto(&(0x7f0000000d40)={r1, 0x1, 0xa}, 0x5, 0x3) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x104000, 0x0) statmount$auto(0x0, 0x0, 0x2, 0xd) 6m49.026260479s ago: executing program 3 (id=1368): close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x6) select$auto(0x6, 0x0, &(0x7f0000001200)={[0x9, 0x90f, 0x0, 0x10001, 0x0, 0x9, 0x9, 0x7000000000, 0x0, 0x10001, 0x7, 0x7, 0x9, 0x2, 0x5, 0x401]}, 0x0, 0x0) 6m48.770494747s ago: executing program 3 (id=1371): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = gettid() waitid$auto_P_PGID(0x2, r0, 0x0, 0x4, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/buddyinfo\x00', 0x1c9802, 0x0) pread64$auto(r2, &(0x7f0000000000)='/proc/scsi/sg/devices\x00', 0x4000b, 0x2) r3 = io_uring_setup$auto(0x6, 0x0) ioctl$auto(r1, 0x400c4d06, r3) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x400000000008000) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x280, 0x0) write$auto(r4, &(0x7f00000001c0)=')4:*{\'/\\}%)^]][!.\x00', 0x9) ioctl$auto_SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000100)="000004") pidfd_send_signal$auto(r3, 0x80, &(0x7f0000000840)={@_si_pad}, 0x50000) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyc9\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r5, 0x80045439, 0x0) sendmsg$auto_ETHTOOL_MSG_STATS_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000280)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x4000844}, 0x4) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000326bd7000fcdbdf2503000000790008805b4f2525b2dc3a73ec37e7122e6f0d55382854d419b883b7ed64bd3c7b9fb15273e787030718751e0a22cc6cabcae114aa6448d0356183e1ca7c01536c5c6f37915b26a3e75515ab02807fe932b8a415a581dcdc7800f91e231c001d800400d3800c002000f3000000002b3c0c7e9b"], 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x42) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="72012200d3852d6ec634a8b08a97c9", @ANYBLOB="1000"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x708e81, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r6, 0x5404, &(0x7f0000000040)="697d37cbf26e92f6363ee4bf") bind$auto(0x3, 0x0, 0x6a) 6m46.118076887s ago: executing program 3 (id=1380): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x14) socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022abd6c00fbdbdf250200000008000300000000000800010047c7e298"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) (async) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="10002cbd7000fddbdf251c"], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x10004010) (async, rerun: 64) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) (async, rerun: 64) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) socket(0xa, 0x801, 0x100) socket(0x2, 0x80002, 0x73) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) (async) sendfile$auto(r0, r0, &(0x7f0000000140)=0xffffffffffffffff, 0x1) (async, rerun: 64) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) (rerun: 64) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0xa, 0x2, 0x0) (async, rerun: 64) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/blkio.bfq.sectors\x00', 0x182, 0x0) (rerun: 64) sendfile$auto(r3, r3, 0x0, 0x88) (async) r4 = socket(0x25, 0x2, 0x15) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x8147}, 0x0) (async) syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000000180), 0xffffffffffffffff) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="72010000", @ANYRES8=r2, @ANYRES16=r1], 0x1ac}}, 0x28041040) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) (async, rerun: 64) ioctl$auto_TUNGETFILTER(0xffffffffffffffff, 0x801054db, &(0x7f0000000300)={0x3, &(0x7f0000000280)={0x9, 0x8, 0xff, @raw=0x10}}) (async, rerun: 64) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) 6m43.286528509s ago: executing program 3 (id=1390): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) ioctl$auto(r0, 0x5522, 0xf15) ioctl$auto(r0, 0x5521, r0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x81) connect$auto(0xffffffffffffffff, 0x0, 0x18) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) write$auto(0xffffffffffffffff, 0x0, 0x2b6) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x20881, 0x0) statmount$auto(0x0, 0x0, 0x2, 0xd) 6m39.312775522s ago: executing program 3 (id=1396): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810008, 0xffb, 0x8000000008011, 0x3, 0x8000) (async) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) rseq$auto(0x0, 0xfffffff4, 0x0, 0x2) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x13e, 0x1, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r2) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f0000000040)=ANY=[@ANYBLOB="05005906a666c1f935d5f0546b0995000000", @ANYRES16=r3, @ANYBLOB="2f212dbd7000fcdbdf252100000008001701", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x4000000) (async, rerun: 32) write$auto(r1, &(0x7f00000002c0)='/dev/audio1\x00\xc5\x000k\xe1I\x92\x8a\xfd\xbb\xe3\x1d}+%t\x86\x1dq-\x1fp\xdd\x10\xcd9\x9a\x12\xaa^\xd0,\xff\xa6\xe5\x8a\xf4\x83}\xddx\xd6\x1b+o\xc1\x00s\xe1\xa5\x86$p\xc2\xc2Yo\x86\xfaI\xcbK\x10\'b|J\xecP\xa9\xd9\xaf$.|\xad\xec*\xcb\xcf3\x11\\\xf0\xb0z \x8a\x85\xf3\xa9!n@\x86\x03\x051\xae=\x8d9\x93\xa5_\x13\x81F\x8e\x12E\xc1\xac\x12\xb9V\x1b\x95\x8f\xf3\xab\xa3$\xc9d\xd2P\xe9\x0e\x833\xbe\xf5\x12_J\x10\xd1\x80\xe3\xcb\xbcDf\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x0, 0x0, 0x0, 0x0, 0x0) (async) mmap$auto(0x10, 0x2000c, 0x2e1, 0x11, 0xffffffffffffffff, 0x100000001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) madvise$auto(0x0, 0x200007, 0x19) (async) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) (async) utimes$auto(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x4, 0xcccf}) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/cpu_dma_latency/power/runtime_active_time\x00', 0x200, 0x0) (async) write$auto(0x3, 0x0, 0xfdef) (async) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r3 = ioctl$auto_SW_SYNC_GET_DEADLINE(0xffffffffffffffff, 0xc0105702, &(0x7f0000000000)) (async) statx$auto(r0, &(0x7f0000000180)='./file0\x00', 0x9, 0x5, &(0x7f0000000540)={0x5, 0x101, 0x0, 0x8b, 0xee00, 0x0, 0x4, 0xbd49, 0x8, 0x2e, 0x100, 0x4, {0xffffffffffffffb1, 0xfffffffc}, {0x80000001, 0xfffffffe}, {0x100000000, 0x3}, {0xe}, 0x9, 0x4, 0xbf, 0x0, 0x9, 0x3, 0x2, 0x3, 0x7, 0xfffffffe, 0x3, 0x6, [0x1000000, 0x2, 0x91, 0xb, 0x3, 0x2, 0xcd1, 0x3d7d, 0x2]}) mmap$auto(0x80000004, 0x4, 0x3, 0x12, r3, 0x7fffffffffffffff) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) ioctl$auto(0x3, 0xc038563b, 0x38) close_range$auto(0x0, 0xfffffffffffff000, 0x0) (async) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x5, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6, 0xffffffffffffffff}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@prog_fd=r4, @target_ifindex, 0x8, 0x2, @tcx}, 0x92) 2m33.702544132s ago: executing program 4 (id=1939): r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000100)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x10001, 0x0) utimes$auto(&(0x7f0000000080)='}[,&*}\x00', 0x0) ioctl$auto_TUNGETIFF(r0, 0x800454d2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="cf0102009828d441c0e8814a10439e97229792da943343c17b80bb07e369ed7afe16229263dde3", @ANYRES16=r2, @ANYBLOB="1b0026bd7000fddbdf25030000002c00038028000180240006801d00748004004d800800ec0000080000040003002a9d272f66040033800000000400038004000280"], 0x48}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) bpf$auto_BPF_OBJ_PIN(0x6, &(0x7f0000000040)=@token_create={0x1, r0}, 0x0) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0xa302, 0x0) timerfd_gettime$auto(r3, &(0x7f0000000000)={{0x5, 0x4}, {0x3}}) readv$auto(0x3, &(0x7f0000000600)={0x0, 0x4}, 0x1da) 2m33.349719878s ago: executing program 4 (id=1941): bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=@bpf_attr_7={@map_id=0x3ff, 0x2, 0x10000}, 0xac) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) write$auto(r0, 0x0, 0x4000000000) socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(0x3, 0x4, 0xa553) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x48, 0x15, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x1]}, 0x0, 0x0) 2m17.925280307s ago: executing program 34 (id=1941): bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040)=@bpf_attr_7={@map_id=0x3ff, 0x2, 0x10000}, 0xac) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) write$auto(r0, 0x0, 0x4000000000) socket$nl_generic(0x10, 0x3, 0x10) fcntl$auto(0x3, 0x4, 0xa553) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x48, 0x15, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x0, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x1]}, 0x0, 0x0) 1m34.649383813s ago: executing program 0 (id=2079): openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = socket(0x2c, 0x3, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = socket(0x2b, 0xa, 0xfffffffe) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2) sendmsg$auto_TIPC_NL_NET_SET(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000001}, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121b01, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x202000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000600)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x80B\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xccxr\xc1\xf3@\xca\xbd\xb2\x18\x92\x85\xe9\xfdO\xa9?\xf6\xa0!\xd2%@}\xbc\x8a\x99\x81\x9d1\x89\xa9m\xd35\x9dl\xfanNm\xf3y\xc9\xe0\xdc\x86\v\x12\xcbsV\xa1\x88\x1c Y \x95 \x0fQDx\x05\xb0\x13\xdd\x05\xffA\xc5\x198\x18y\xdc\xf63?*\xc3e\xba\x19\xba\as\xf7\x8f\xc7\xdaI\xa2\r\xc5Htu\xc8\x8b\xb6\xac\a\xb4\x7f\xf4\xc1\x94\x1c\xa6#\x89z\n\x8a\xc4\xfe\x87\x9a\xb6~^2\xbd|1\\\xf0\xf3\x1e\x90\x13\xa9\x89\x88\xfa\x8e\xb3\xf9\t\xab\x8dP\xe0#\xb2\nzGF\xc8\xf5\xbf\x962\xa6=\x9dkT\xf4\xe0\xb4\x16[\n\xc91\xfa+~\xc7Q\x1dE~\x02`_-\x1d8\x95\'x\x9c|\x1a\x17n\xc7\xde\x00U\xbf\xd8L\x83\x03\x9a\xc9\x85\x04\x7f\xab\xec#\x7f\xda\x9a\x11tu\x1d\x9el\\2\x8e\x16{f\xd4\x88\t8\x96\x17\x14\xa5F\xee\'\xbfW\x88\x00'/399, 0x100000a3d8) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x8800) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x101082, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0) write$auto(r4, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4) unshare$auto(0x40000080) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0) r6 = socket(0x2, 0x1, 0x106) getsockopt$auto_SO_BUF_LOCK(r6, 0x6, 0x48, 0x0, 0x0) sendfile$auto(r5, 0xffffffffffffffff, 0x0, 0x84) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/loop6/queue/rq_affinity\x00', 0x121281, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/workqueue/nvme-delete-wq/affinity_strict\x00', 0x183042, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000200)='5', 0x1) 1m33.177432014s ago: executing program 0 (id=2081): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40001, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) fcntl$auto(0x3, 0x4, 0xa553) swapon$auto(&(0x7f0000000000)='/dev/loop7\x00', 0x4) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0x40000000000eb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) read$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000040), 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x1ff000, 0x8, 0x843, 0x3, 0xfffff000) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x129102, 0x0) read$auto(r2, 0x0, 0x18) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x8, 0xdc, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) 1m32.264070853s ago: executing program 0 (id=2082): unshare$auto(0x40000080) mmap$auto(0xfffffffffffffffd, 0x8, 0x4000000000d9, 0x11, 0x400, 0x8001) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001bc0)=ANY=[@ANYRESDEC=r0, @ANYBLOB="002800048008003900640101011c001c8004001d800400ac8008006c00ac1414aa0800ac00ac1414bb08001a0081000000080010007f000000c4131480a64ada9e57e1f12778bd2998a21e018c75b03fe573f676fada761d7c8ded712188e7fbac2d3b503b40c0acaf370b3cd19bbd5e05db6623fa185911fbdb097cb705e02440952fd91724634f7135fed7ebd330fc15b8c0f768d0f576235e07a5cdf2759311f411b669586b09b61efc0000b5b06eb72a7c2050b6796a02d6eab7b86534b3a1c2a0f5f135e11a54355fae843d8055916ef3d5dd7cfab9720a48bc1b39770a04a6ec218dd385df3869cf52a2d781bd28a53ce9962521a646ad17c453856e50832a1b8b5f00a8b70800b625ec33d60ea6b14366a9e69f78bb4852704d4789e585ddc4761d6992121d1ee1a4267e8f0add069c7171abbfcde5f7ee3410c301f06aa735bd8ee501261a19e1d732c3c0bc4789fae77625ffb55439f473024ce7581782d1331fc1e3c87cdb294df218994e9221b28c206e44140caa5d3ff3cbf5faabc187ce53ed7e0c494b83c6158405618c243b2b231d0be37c95606db6b71ab8165261f4e795c676cdd539a4a3b76f067f08e950fc46012b1d1be157794a13d19135e521faf7f5c68c9bb202d348f74a83e1fe8d600283ec6bd6022715ab86ced8cd01cbc4a2c4f89011c55d2ea98caee236a6ca7cc625f16aa7109a40b63a3177c1f6dabb3744d4572c007805884861813c0892d1d49ada377f78aa6d47b2f21ccbdca10c58622cf25f9dd2394ad7c2463922f597a74b13efce79c29bbba51cd966a498019f57be8779e851b6d52bc3a56bd3e14b23df300f188ba12942797d8012a5399151e3039e3ddf01fa7b407f096ef3de85c89f4b9df8645526ecbf9d597308d49d495fec8e3566742dea88b9c2d62b9be58627fd6e4d1a8b6d605fa4b96e1662a3e046a4859b97ede266f6ffcbfec95ccf5eb24304bb465b2c8ab31b34ba582590bdf3b0632857b2f237a819acf858df3a5309f1a296186907b36d38dfb3bb15b2c351f42169aeedfa45a79c8799c46a9bba19e75798b6934fa33c9ea3f3ec0f23e8d0dc1067e5a04ff024f25bf4e2469034a147aa41e4b9dd3a3be9242231fac7b2eeef10962efde7ed9c44610fa1ba1d0711d4373a1bb90cb154dc68335ab0c91d87847dbf211c991c78cdc2154f3bbe22469d6c9e3d3bd62425aeeec1f733e2f3dbe731c63e77d40050202ec3794e2030c99f4cf0ae2c498461c55dcee4104818dbbd6a7e9d8ad3b6f69ca4f6e47a805d1744e47d6977372fdbf261f793b980e6ad42164f244cf65fd84f2e1ca62db4558c88a3969bdd7a0e993acabf0e819c32e81db2262f1f2d083973c6d9453de7477993d5d1ff5ac0683c255d2eee0d15f95c1bdede32bea7ce8982d764a4149dafeee88eacff6231e7bd913d5a4abfaabba68c44e9562513edf7f1be5eea63c1b6274115dd3e86fa2ee25d44b702d584bfca22af92fc4a9e59c512bd43a86dbb741163da665de1ffa2e6fd974962985f37120efed776ee0ff12c8e5a61d3d44df08fb9ef0b7203f79dca6c1642c41f86a6ebf71367aa70abbe86f36dec0b6585a7825dbbfeeac2e8762147a7ff7fc37cb8942bcb8ce340384679d3cf03488ee61ad71c9ebdccce1f4c63f2815e34d9dedd6017bd5aa1f04d8ec9ab9db9d2ede7de6ba734d9bd7c09147a4ac87c757bb7b1bdfdc42883822f25336332b845bbe4c2f2c26034c134963506a1f42a06cfac32f4b5cea056b1ca8e4eb1ce67727e81bf79622c692070bacb9b1468aeb7445d0ab2a635a203ec6ae5fddadf76ffb1d5a649d577164ea4b196937d6eaf80204f3148789dc4fac74c6b6f0d6472863862564e3fc0c374ffb8885009430ed6cd762176c9573b9d90e7ed9f36022bff1e21bf47ca1f58112ea952f8c6a9e47200803f144aa2dfae26f47d00089a29f5abc81df11b7bf56cdeaa96a758995bcb547d8dc6828db95694f619a3ce99cbfdb0db5a2f8c993f18a98bad00da54bf4796e553844c096075883dfa07a4437112e1425668bcd2b94849849919c54ddfe9da6132210d18a70bf32487e9c68e7540a7976185c3cf8d7b6742c50e56e61cd008289dc03b41da37a6dd9e386cc511f903ecbdc05093e036cc1ec4a200f8abf4df82bdff062555143fa777baaa858aa99605e0a0620f31e2c563aa3d6030be4317c6bd7845aa774930377f98229ac8e757a2752cee08919bb4c22228b55980686a8050646a20fd1dc9439bd8a4cd25fff82b9c82ccd9525d86e879f7dba6985add8e6fe87546d334c1101770190d14afedeafa4f3f073a422cff236628ca02bfd3ce78afee66194e31f167d950c555d0ddb758f423648c5c3c928e630667f80210bed931a67ba8304537e50fd3aea2afd650d55ef64f00fd3ff5543dccc3ca18fed8961f6f39a0ccaff3f544d74b404cd5e6c6b8c990756309dee76f60e7d51d40275add3d57fb58074b83fe54cfb9ecd351b784db135e78f573abbd84d0b8925837c69c9db0ab9d916e0f1131c9a449adb270a5dd72cc8aedfd2381cf24cf53260b809852200df50a49e6d9639394f1fc5d81a23b376dd77df26c15ce293cbd115e71215ee2be603b0b74ecb7030b4fd0ddffd223e3832a86e9b356a43fe18eadb070f98d7f7f87008ad4e3ddd88177d1dc3f448ebe1c4a4b0fb4c906ac8a825e6e0b4981877fd70727c76fd198d867315906db053da5da12a5f12061a0cf98deb384ce159a2de397da227551a59efa2d0fddfaf1ed45c88956668f61cb754c934950559e0a9aa3ddee1b48bbcccc75e01bcab29a64a57f76459b4dde331794c963ac494583e60a5a2381b6082ce585f99a57e7777d70a5e3b54b5e53131650d127d5048d3b89e6b6f07b5001f6e399d5afa0826e57f8f4212a87d45f10b37eaae0d47ebd857dbfaf75e6e90f456577ea87904368df9b7538d0583cc07f639d1a9a1ebde4156e14b41b2ad9dbdf233fa9ce1ec2b43f198a7f00ae75e563f8ead18edd06f779f8c3d1fea45ddb2fe977938e50d209be6145ebaac834139c1c993d8f5484ef05074d81caa8d763cf93e224d39af9511223349a29507dc9520042e782be70fc035a6e1dad7e95ed87a0c8c47a3551a867f8b4cb11d1fe1ce9007b889cf75241c42207d8a0c77f9c757a63368d99905cd84dc6a300544412bd8ca04359cbb818b4b3d770de1fec133303f44b2157d0add1df239ce887871e012ef544d2ccfe6220adb5ddc9c51e0cf5c3eda0a685cc538d39c8db0a2d4714cb0ee2726bce0fbb0e23a8e8166f5f209f5c896570989d0e32e9879e97e447d1e562a59e4564ce9b6338a2c0bccead0c796b37eed11ef9d1428e648760d9afa993717c77706abc725fdcabf98e12df3e89aca69d4233bb78c304e6c0f47f7382ab820f831326a3f216b46c8fd1842bc8a88d18f7bf3190bc5cdd853feee07700a0"], 0x2bc4}, 0x1, 0x0, 0x0, 0x20008010}, 0x24000080) write$auto_console_fops_tty_io(r0, &(0x7f0000000440)="671d2647dd69b6440843b6e6688a2b5ad9df2669e6f9cd2365", 0xfdef) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) listmount$auto(0x0, 0x0, 0x7fffffffffffffff, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dmmidi2\x00', 0x200083, 0x0) r1 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) ioperm$auto(0x7, 0x5ad2, 0x8) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000200)={{@raw=0x4, 0x0, 0x1000004, 0x480808, "3112d58500a8b47148e22af9ffb683dbede3d0bf828bbf100000e5e2f96ee50484b0755015e48d00", @inferred=0xffffffffffffffff}, 0x2, 0xc, 0x4, @inferred, @reserved="196c056a347704def6f5c5636ed52c07609cee4319588cd9a11ad396065c1267314ab73ce54c205a43297cf5b6310383212fdbb93e51da48edd9350aa935db0d5d6e32e39d8f68ee55f32c5de7b40a4ceb3840920880cbb9fc246ea65af96a74482a52e660cfc6828ba8c9404d70b947a06c9927ba7f1beed137c48265c74c8d", "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090d70925450ece0bb32777702b07552d000000000000000000ebff0000000000000059a200"}) rt_sigqueueinfo$auto(0x0, 0xffff7b6f, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x1, @_sigpoll={0xd}}}) socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_SET(0xeb1b, 0x1, &(0x7f0000000340)={{0x1484, 0x0, 0x0, 0x6, 0xc8a, 0x2, 0xfff9}, &(0x7f00000002c0)=0x7, &(0x7f0000000300)=0x1, 0x3a3a, 0x1, 0x7, 0x0, 0xf6, 0x1, 0xe, 0xc6c, @raw=0x2, @raw=0x1}) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, r3, 0xfff, 0x5, 0x8, 0x1}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x20000000001, 0xfff, 0x4, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto_UI_DEV_CREATE(0xffffffffffffffff, 0x5501, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r4, 0x540a, 0x0) unshare$auto(0xffffffff80000001) close_range$auto(0x2, 0x8, 0x0) 1m30.20908488s ago: executing program 0 (id=2085): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_kbytes\x00', 0x202, 0x0) sendfile$auto(r1, r1, 0x0, 0x7fffe000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="24051c27c100dedbdf250307cc0008000200", @ANYRES32=r0, @ANYRESOCT=r0], 0x6c}, 0x1, 0x0, 0x0, 0x800}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4044040}, 0x24008890) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xffefffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) pread64$auto(r2, 0x0, 0x100000009, 0xa4000000000002) madvise$auto(0x0, 0x20499d, 0x9) statmount$auto(0x0, &(0x7f0000000180)={0xd, 0x1, 0x44b, 0x7, 0x5, 0x1007181, 0xd1, 0x7, 0x7, 0x7ff, 0x9, 0x80000001, 0x4, 0x200000000001, 0x384, 0xfffffffffffffffb, 0x8, 0x0, 0x2, 0x0, 0x864, 0xf, 0x22000, 0x200, 0x0, 0x82, 0x0, 0x0, 0x2, 0x0, 0x0, [0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff]}, 0xa, 0x4d) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) pkey_free$auto(0xfffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8001) shmdt$auto(&(0x7f0000000040)='/proc/sys/vm/overcommit_kbytes\x00') msgctl$auto(0x0, 0x3, 0x0) r3 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r3, 0x107, 0x12, 0x0, 0x4) ioperm$auto(0x6, 0x8000000000000000, 0x83e8) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r4 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f00000000c0), r0) sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="24004ecf", @ANYRES16=r4, @ANYBLOB="00022dbd7000fddbff2503000000060004006d030000080024000f000000"], 0x24}, 0x1, 0x0, 0x0, 0x44000}, 0x2400c000) 1m29.059911064s ago: executing program 0 (id=2090): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) prctl$auto(0x6, 0x1, 0x0, 0x0, 0x6) r0 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='nfs\x00\"p\x17\x9b\xdd\xb4\xed\xb9\xb0\xc7@\xd0_\xf9\xa1\x17tP\x86\xb1,\x93\x87\xae\x03\x8a\xc4\xb5q\xd4\x8c\xc3\xa2?\xe7\xf4\xb2\xd4\xe1\x93A+\xe9\x8d\xc9\xac9|\xc7\t\xff\'\xaa\xac|\xaa\x85\xa9\xd4j\x12\xca\xfe', 0x6, &(0x7f00000004c0)="77bec3605f85e082fbcf491e2b3b12fde18109d1f64859f820ba86bbb7abcf4c75f53e3ecb7fd57568812ae0e9433c2b0bb0f0c0db3d") ioctl$auto_FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000140)="58fcb282bcbc38bfaef257e019406ea6c445cd4f7f7662ac0f8834baa918d5b3cea133243c4f2b9a39e536b67f5a1a2bfdf589da2b1c980e1ce53883444996d1721d7f3ae627c6c604000000000000007910fbc02d899ab93d002d849884a5377ff11be2ed012110f2f520") write$auto(0xffffffffffffffff, &(0x7f0000000000)='-\x00', 0xfdef) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/ip6gre0/power/control\x00', 0x10b142, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0xc, 0x3, 0x0, 0x0, 0x2) socket(0x3, 0x3, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0xe) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004c18}, 0x810) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) r3 = socket(0x3, 0x5, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r3) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x80080) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) 1m27.700082482s ago: executing program 0 (id=2096): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x38b102, 0x0) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) write$auto(r0, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x2, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x4, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x40007, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r2, 0xc0b45545, 0x0) write$auto(r1, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={0x0, 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) settimeofday$auto(&(0x7f0000000040)={0x80000000, 0x8000000000000000}, &(0x7f00000000c0)={0x4}) select$auto(0x9, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x7, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x8000000000000001, 0x7, 0x100000000000007, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto_lockdown_ops_lockdown(0xffffffffffffffff, &(0x7f0000000080)="a3c72e71ed506a221381f0538fef", 0xe) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/config/nullb/features\x00', 0x80280, 0x0) close_range$auto(0x2, 0x8000, 0x0) 1m12.525555443s ago: executing program 35 (id=2096): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x38b102, 0x0) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) write$auto(r0, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x2, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x4, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x40007, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r2, 0xc0b45545, 0x0) write$auto(r1, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={0x0, 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) settimeofday$auto(&(0x7f0000000040)={0x80000000, 0x8000000000000000}, &(0x7f00000000c0)={0x4}) select$auto(0x9, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x7, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x8000000000000001, 0x7, 0x100000000000007, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto_lockdown_ops_lockdown(0xffffffffffffffff, &(0x7f0000000080)="a3c72e71ed506a221381f0538fef", 0xe) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/config/nullb/features\x00', 0x80280, 0x0) close_range$auto(0x2, 0x8000, 0x0) 8.900205059s ago: executing program 2 (id=2201): openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000140), 0x82, 0x0) r0 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000e40), 0x80001, 0x0) write$auto(r0, 0x0, 0x9) openat$auto_drm_connector_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Writeback-1/force\x00', 0x10b140, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) r1 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="88120000", @ANYRES16=0x0, @ANYBLOB="010025bd700002dcdf2503000000050009000500000004000600040006003d1202805000a500c667d9d0cca65d36490648637f04abd8489cc9506022c8fdacd8c22e41b7d2fa985dddd4b2a5bc76074abe9f0f7649f33e5d77a8ea4c3b443b183ae146e3f9ca235415abb72b1863c0166ebb22114580bbb94c93b312191f84de52174ef5b9d6d59c8cc74f0058dded57a7a541a3008eb7fd96705f9056abb12127a7a862b213720a9138cc5e515206c2c67d96a85f4ed00755cfe9337a385153519e144b6a1b58dac5d963d89bb2577d048c71bc80aac3c8f21168defd407d32a5321443eeff8e5942c2f43bc93e0a8cb1dd317a9e8b1666edf829be42389b40da3cdd62d74927de8a89201eddd9a799cacaf4d1f69a7427eed9b3e7fc5555965125c44ee35d835ee3e1c3db437900c59e9531f473c9a25420a693b5a0a4230bdd74b2a3d9958215efa47728727a4b736b4f44b20800", @ANYRES32=0x0, @ANYBLOB="04000e800400ca80a460d59f0efc3ec0a8f45a2dffef8a5cfae44d01fa055aa6d8cb6e80e241c7fdafa1507648930aa38ac11fc5dce5a5c212e08e90cd03dd2ba51fa1ba6de7d7923f6c5b1bb5df15bdbe08efb50a2a7cd8ca3a9f84a1fd14b82a54bd53d97adf75dc06592e771ff690f6cc86f47e322ccc2016ba8dc6a56d1779b8456135662ed3460767ac2c65f0f4acf3fb9e5f9b658e7d5e66d07b94cb5036ea9bd52f9bbf86f6fc799652339b54b5e3bf124439837d19096822f67cfce1269b3472d31d7e8dcb810dc6fc448e72910a4d44421f2909fba66402ddd7a6745511b5055ec23a9fe98772e61f8e66f7ecc87bd1bb336c666f02438ce4ec91522be8a9554ee7341badefdd75d4445131d0b5a711938f34b780512f24e6690aa76ea00980c2295936a008bcccd73d802abd50e99696e7e31c89c79ce4a9b8d52c3a1eb6ab7f2588f794695d921d3ebf5dd669e893ccd6c5d4d3bd9f014dca2303bc4d623178ff664517d4c65161d377b34341bbaa4b033922ad7847346a5581ceda1dab107e9f5109a5c8af8457ba7764b1eee0343be94d2b299b9eb8d1f0b4d4523051df7f2277a9087e230565ac893f19d83fbc7cc351602a1a08570b05d674ea37f9afb6bc62f5f7657dd3713a2ea6b58c32f8e7c57ca13a66f8f80e7e1fb0736a1d2342f7ccbbc86eecb0c8e5aa110b7f6808281b68d6f7b6ddf9a9b11507ff2b121cf75b79c32ad582b73e07721d1054c88776640acbdc38a7e7ea0df4159c1b2da3e686e024f16acb46b3eb03563e59c509542f67d4c5ff1b388eab4a8dec42786af1e3376181c3943981430de83802a44edf42f68a7d619960404f80bd08508b18382dab65e3cffc5fa942245102abd7be2c5d4c68401d2f6d2a2c42f8968509b95aec53af6a4082eabf2c7447aabfc36dc1da8163e934587d8835e61c8453a94e1b127b8d9784b75498e7ae73dc42e65b0afbfb41e3a802c5027a65b494d62b19365c382d66844880760196cd40712c78e2e288820cb2f34379df51a85ffbee675e1598c2a9a113255efe73cca36f087cbfa885491a2f3e68449436e0fca75598a4e8a15fd3704d302c4405cbeabe3d57567ad993cc92f879343be898b945c69ba5f5f1d64deaffa32c79808620e95f6fc31090dbca556da91d595f5867f45f23cc8fce505b38e63bc6f4a236556713339d5d4aa664c44f7826129538d0e157f336135ea4795bd66da491815172af611ea76ce42cb713f4e2c8b4ea92f10c2c99e78693ed70fce906aaab57ff48801c9fa03d09dc7706252ca29458af66616a42934ad215cc47c776bb4793bc856ce67524e1e74f4b3686051ebbeb6ac03e735e5a70411316aaf96499792da9f54f81761c707ee6a5adb8b3d5f8d070ebec81ab1733ec2e4abb364bfef0430396402f2950ab40c25e475ae51613d2c5fdf44e879f36528dc83d34a314ced34fb83b64d25bf548cc79dbc8583503b8ef03e36ef313b870d1f84a666ab362e29d25eb3dad6021972c3c45e30d224b29f3f03e0ca26790cb594ab705368fc76a6bd8d0fc883e3566c50739318feddcfca26268830b8f1621747ce77c8e809930a68d9969ce5741df3bdc2142c17b99a71d6da05348a58890d5978259a7cecc0a28ecb61681c84e5a59ed8c3478b2f4384342c1ea0d83d79f8aa00c40a66fb07d90b10ab049848ad54f7765a707c63c059b0d11841ea3d046cb1f47962f48420ced1697fda0bca7d9813045172391db71c42eff09db637020e927289877df4a3f7a2fae5a43859896d662a339bf80e50cc7563f8e4a3ccc39d846169bf2ccc486af07e35059829a783535ca03371e7a826825e4549a2e9422af50c25b3e5accd0f9602f5b50d69c3a7c83eb8ddf49050b429913539bc3f9e440cd506b410c9518cd62f9bacb4aecd9e588881f4acac5a867132e68a070e094393654695ed4f3a7e7619fbfd98668a9ee077460b0ca6832eaeb53340ec449172c25dcc56e3afb20c706cc0f175835635b2b052c77012e25721c4bdae210979eb691d3c8fb6d552b8eaa56f4876bce7e034ef08567b905e94e7209fee65de32e4faa4ed34c99478d784b6f302c8b87fdfdde132a5fe333d5fefa4231e4264f944a7d1a4cc1cee8dbba444b9ea9196d4c97f04d543b0c37f9a5dc9af0ee8e57ae631d291af40714a192343db5b32c241b840fcc1cb9aeb72e46ed7b42abcac4ad8edf2e2f9db14c2377b8a75b700bac7bc85d097530362b3cbce5e2da7384c2ca8538ba368cd08d09a182c83ca34704bb428828358155de5b15c2b1805a029c7aa123bd2c34189e1561a27700c495b9ad0e14fead9f618ce2abcbcf93d392f63aa2386dde1312ac0657d6280195305c75547208e9e7ba64ee1105136e76a7248ead12313bbc3f6c9afd4219d31917775da5efc363b5d76af78ef62e61849e8d43fbeaca7e0500e9ab76e7dcd855273c1e0b70ed0f4ee54064fa189eb7d5b41b5d948037bbf92bee5bc1b511c3fa3381a881d6b293feb6072b1e7c2e592281b8f7eda430f4c4eb89c8abb08ce3757863a726c8c531e0300cafafa3b85c588372ef3bcca6fc65fcbba544deea1cfe52a345ded4f752c07923105177c183bfe02b95a3f1f580547b76a56c6a3f26600c1b992d287179b771dc5560e11013787080dd0259231b0145db8e63f8130b03f47ad2af6c27f44aae9b063a45f6122e58b868fdd0703d086b328643db27206a6fcd73bd8dc64d28191eee9f6a29c3c48f149d43a4dd4af67cd232510ac0dfb963800a1736317c0582e7d3ad2babba44faacb094fa592237a87f51582eb608e7ed487b4a6f4a7a486e33d397ca1ceb9c9f3f6943e7355c4a4905086bc727b6100b18778999adafbc275060780c8ff3d491d2373a559fae0054e296d67471b6c5f100bc46dd2998adc9d5d73bb4ae734159a6b252749c11ca27be84fb1ed3e5e7e08170cd4ef705e098d1b99f870fcf434de7edc3f921b820a854de549d156b9c2c2dc385f045318d8c741b82065b2db4b7bb7eb657436680cb136e899e96c43f9c8b05edcf76ddc9b874227bde3abed5c7a209b2de9bc4a697d113bee2a0671ddad481c60646a07333a8ee6c26b59aa52d3a52ac78c4521db522bf7068a7cd0bc94b57256bd95f9fd5d7e8f5038b1ae156dd222ed5636695a4974875252c6f4ffea7bbc592a7f983c48b2a1d28c2899ade27eab4b84e5e8df5748aaabfcbb11bf81493db4bd11c17ae38160e7f369e5d349ac689bbd469ee29c14ea392e0a90b4bef7827feb854866a4b708c04d6f5555234fba6115b2e9997754bbf178c049b7d77b2223f83ebf60a8cb99c9ad6a999033e15f0050af031cef4926eb14b0902c4f668c4768c206f28d3725a83f638ec55241a67b6e50a1c16541fcc0eead0a6175ee1477c8823978d7bc21241faee47b18cc7d193cbdbd9855eb90066fb3810790d80dea9315c3dc9a7238a80655f4849707772bb879b1ce9d91458ac4c16a7c0c6677b1ef17bc4fa0a83a1817b1f3d8ba64db14986dba57a633ae0080e8e0f5c298d8f56caad1430abd28e6c375ac80867a58b35cfb064b64acf0544492cf86752e5787a067678abe314f4d38390402f955737b995c798eae18a20cf5eef02de3fb2fcbb38daebd6fc6f7a4e4c25a3b8fc83728020effd05bca49f420cbde29dcd7f6bf18ca49dcc6b0c15db0229a3dae6ba9a579cce34fb13f881c450e6b4b27ac8af9eb4c718812e6d9ffea41f9bd4fc31be63248d7451bea9e7cb39bb29ed116af7904e93d3f2ee8fd37a822b2a4dc9b055e38d534b561176e0e527e2cfc9225915c998ab73ab3efe400f363e86f866d079ff62520492a7fbc0a0eb028c760cf667b8ec142790055b1bb4d901ce623e7dbfbe847247d76993213745babcc990931c27275094199cdf191bc6e356b166dc6c2b1a7044e54369b42fd455359c892dabd2d643e30da4b6f5bbdfee5932baff5d3dcd242c9a6b547c9ca08e598c87bbc31119349c70d2d68dabea4046e0006d876021cd7f831f7295a6bd9c234a73c1161a79a4b48930d9cd61cca69c0a888138ba501a99125615cbe18c1d22b86dc2066b74b37c6d122177b763ad1b4f7804838408a3f0d9d0d1ff7fa7b06b8b4d232f76b8aaf8c0c24baebdc18e0d5ee9b87c53bfe82a483daea7607f1da9a1ffecf0d9ce845ed70fae10b78fc0e60dde135f20b9c979683dadaf8c1938027c602a47061fd27ad705017fb7d8d857b09173ac4dc2092b7cafd16a068580182d4385f948e11cffc2997cd51b268d6c49906227e70200d5f2d39d461454d75c643144869d87583aec09cdea198f1c9ea613fbe9336df22dbd21fd6242d186ae209a351d4eb9911f361e0dd6f8bcdd1a00d938044aecbeaf00abb3df9b3af99c6f6d90c3520d36fe2a55addecc0086a58aeffff6e6cade5afe58351d168dc40eeeef01fc3e31c8c67d264be94f71cd4db810a57b9c330d9d5ef732f0d6a7658b5a0175bfbb5ff479ec494a1f4ca44b68670ebfa35066b5b0b465618eba7ba32cdbde54a908f85cb496545389a98a23f78f5c99438da7038071cf9173609d447260d58eb114e7d14ba8d5dcac54abb50dffad1f8e6c9393233981eccdb87202c5681b8904fbe095fb1a0c834cec31afcde2de9969879c2c7211397a62fcfef5568fa2a62bbf9376ac14f014ad7c53dacfc334ab43e8f08bebe1e8c96dd51b1b93ab9c7bb4d547948232193db13c43a0e8ec9d5af4a2c1006888ca3f441bb378a6aa94f6602b9b80d84cdfc4cfa57f91ab034bdabbdec3521c429409dcb22236222eb79bd1cd29aeebffb54df1fd04e7f7c8ee4c3ec9635d6331d2a3e789ddcb59d573d3b694d1d07d703584deda17ed458cc889d5e189de77985edef0dde8c896db2924d91df41a3ee08e32c25a6117adb55d160ff922926e0aac203416c7acdb65526305b840247192934748d60db993eb645812b9b7d7ab1b79d45c530417415a22dd9546178b54e6842faa8e478061af2197ddc4e30bde39c8b3e4cb09da50cccece72370bfa0482c04931f1bde40235a201c6e5890cdee9c29fa0c6b4565730ee7cb163ba6a63f1e3678046ad73cc241f49c876df73113204834337bc5ccd2b7297a2d6bec1c30204a05b6ba91fc1370dbbde622c7072abe925d9237ddcf5dc47d1784337fd3f25107e236bcfc1dc352aa0cf3ebf576c0dfd1890c283b30892fe0b9bf75b8294813ea89ca367f7cc330e781ea25380d02923142019d4b45db31c8cdce3188809cc453dabf1648e5286da1f0aa4fb4f199616ac48501f70069db6595540c1e80f9556956fa5e31565ec0bcdff39c5de8268c5831ef03c98149561241472ad30c3f5659921019f6d7f4f1ac62dfcfcc740b94813ea2531745c3f03caa0d52097a1328d515c6eee016aad65125c1a3b8b6cd41333a9cf353045d8c35315adb7d5b4b3c66ef34c7cc255054f7ce845f6dea3e5ddb020f34973dce7ae2345a80cdb8d1db6507075e6893fabc5db1e3e0330d3fc7d669d596000ae64dd397b71d9d88562c096a12dfe4c9f2a888bba68cf23de27ef7e533f87636c78b1de7617d34289854aaf54d3626b9fa6ecf2ae5cf8c40a5ec083c44f1c0da260296ea4b9222bcdb0eef3baa0ab7fb7a98ed86a9f3634ca9dd622efcd2786bc0a22acec3453e74fcee407a94d381638f4e9f423b89d251ae2393d1e4d713dead8c0c162d009434eb8eda45e35dd8225dc1e36069e5024c922d355770ac93549a874f4e322163aa8ceeb0a6d4c3cdf29b95513c4c2678fa24e53c167241bca67bc106bca9c3eac1eff1c5b0ab789c81ba931d60dcd8463f02e8822c2f863bd1d77e3e5c300000400bd000800f300", @ANYRES32=0x0, @ANYBLOB="734a876aa29b0877d493e5227c137e1a990b8b782049218d349441c21f23170613015579f29ee902f9c2388c408b595db629b83e27d874bf6d7ae93f84828698fe30ba5d42734269e07bcceb6b7a47b83245f96d4790d73596a2b559ad7c85278728d8e1a55e9d0a3f312fb9463dc5b1d85846e7289b5988b761fb263925105db3684eaf210ce936eb0e61f2f853357b9b995bd909fc9f8e85a672bbc21d8e04c2dffd97b55818bc913196bf863ecaf0929215468edb307eb24a9dffb78b03d6a58927ff490700000008000a00070000000c00028008001000e600000008000a00c066ffff05"], 0x1288}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_macsec(0x0, r1) sendfile$auto(r1, r1, &(0x7f0000000340)=0x7, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x9, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r6, 0x0, 0x594c, 0x9fffffffd) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) fdatasync$auto(r3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000240)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\x00\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x84) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r7, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x14) sendmsg$auto_OVS_FLOW_CMD_GET(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010029bd700002dcdf25030000000400087918000180140010800c"], 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x800000000000005) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) 8.18678751s ago: executing program 5 (id=2202): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x20009, 0x6, 0xeb1, 0x7f, 0x8000) sysfs$auto(0x2, 0x100000000000030, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.4/usb5/power/level\x00', 0x129882, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec26\x00', 0x43cd00, 0x0) sysfs$auto(0x2, 0x23, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) madvise$auto(0x8, 0x80, 0x4) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto_MADV_DODUMP(0x8, 0x5, 0x11) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 8.100978222s ago: executing program 6 (id=2203): r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x80881, 0x0) r1 = ioctl$auto_TUNSETSNDBUF2(0xffffffffffffffff, 0x400454d4, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_TUNSETVNETLE(r0, 0x400454dc, 0x0) msgsnd$auto(0x0, 0x0, 0x1000, 0x20004) sendmsg$auto_NL80211_CMD_PROBE_CLIENT(r1, &(0x7f0000000ac0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000a80)={&(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="00082dbd7000fedbdf25540000000600fb0008000000740324800800b100", @ANYRES32=0x0, @ANYBLOB="98012d8004002c800f001b002f6465762f7461703633000004001b80e33ef2b85a5d83dac699ef246aebb81ee6c5370c2a916cdb2a14b17f4943c1c73552347ffc6d1265a7e2d154d8a3bf6d5757fbd604ad409fc1dd786c50ea2de441bfdb91a505903df097f556488be2a7e3d6aa5dd7d6e7d62f4a9c3d8f06371ae1b7aa4647bffff8ded63fa460d842f93d1f4a0f08000e00", @ANYRES32=0x0, @ANYBLOB="2700df009a98f3f42c80093491f132386365a9ce042c420a591c7924d108cbb8328869e0ebe4b8000400ed8004006e80ce00ef00d15f0f48809ce9bfe1026674f064be85ca3bffc0cbed5b855eba6cbff603d40c96e50aebe97cb1ecd9f88d29d036cd883600ecf14d02787c7d0875c6f804612bdd5306671ccdbef7a1f44cea6f20667c5845856963cbba7ea934023641661fe444b655acc233c3cdd0b8b0695794856d56dafec5bff1ceb975cd874df0bc71126913f5c7aceb02d391c481f5089ce83a25a3e23217314fdcbf656c1c706c45aed0431cc7b0aa8f45b45934cf67651ffeb6fdf2a8accc61f541c240361d62fe65956cf6d27d4ec689956600000c0099800800820004000000f9db6f6490525ea7c0e379512aae52670ce7b1e1124d0f84a2f6afcb454cd99042e28143929b3a18016eba8fed0f385443da55ab44d26561da4b61cb97e8a2e8d22366af42c529531729d3eefce45021b5fc193fdeaaa85ffc5743a165ea63f0194ac4193e74465f2bd3cc09fd69b86427448d97bae96039cde45017d38b190adf519b0e5082c7e0036d929628d5a87eb351979ad95664f75ef766647ca3384754ba4de9a02583c1e9aac00e1e3298a32055065b8d795ef14ed59d3bacc0d04587a70d6267d74da1d2f73a018f5bf38d25a447e3156f9dbfc691079306125bce1d0900bb005e7b2d2d0000000039929ffd3e9fe4c507f3e7d5ac574757de84f185ab699674b206a9e18bc7af6f2d786d1fafbbbed0f7d8823a194964384005104c171234c5d49d7eaa3cbfbc2f199270bdfe26b4108a97e9442b4cb050f7aa730814eefaee05d546d34937ce9c667fcf01d98d596148fe6d6eda01726f992ec179590c99da5d06402d3940f962283e2e63444d63a844e6988751100dd76025a0c45c86f7cd33b4bafcfabb675fa330b4b43e88e8dbcfe174676d2c5d81056425a7c0b5066de37b63ddf7aa7e3e9915fb090025002c3a2328000000000800ff00050000000800a50006000000"], 0x398}, 0x1, 0x0, 0x0, 0x40040}, 0x8000) r2 = socket(0x200000000000011, 0x2, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x3, 0x8, 0xe3, 0x9b72, 0x2, 0x8000) gettimeofday$auto(&(0x7f0000000080)={0x0, 0x100}, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x89b0, &(0x7f0000000140)={'bridge0\x00'}) mlockall$auto(0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0) clock_getres$auto(0xfffffffb, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC2\x00', 0x802, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000100)={{@raw=0x2, 0x86, 0x20e, 0x9, "669cbbd9e9756f22fdffa188e0f106000000000000000b2f4ab8633824f2d2252ca5f200"}, 0x0, @integer64=@value_ptr=&(0x7f0000000640)=0x1, "282f77b07e718ed4d99a34617774e3a82f982e0f05e516c299a28a585e87e0d908e2c8e50de5016f1de5d432da2cc20e951d8fcdc4f791a11996aad5af504c0d9927e62ef70b23a13735a4fe805c1ce1b6b1d83d21bb42794ec925b4547a3d52d4b5210392111e181719fef9d685b6534b171d76ad633f94a608b818600a6c85"}) mlock$auto(0xfbe8, 0x9) fcntl$getown(r3, 0x9) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) 7.660948024s ago: executing program 2 (id=2204): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x00\rs\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_5={@target_fd=0x5, 0x7f, 0x9c, 0x7b2, 0x1, @relative_id=0x81, 0x80}, 0x96) bpf$auto(0x18, &(0x7f0000000040)=@raw_tracepoint={0x0, 0xffffffffffffffff, 0x0, 0x800}, 0x92) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x1) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x1) socketpair$auto(0x3, 0x5, 0x7, 0x0) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0x2000000}, 0x68) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3f83, 0xfffffffb) openat$dir(0xffffffffffffff9c, 0x0, 0xc0100, 0x100) connect$auto(0x3, 0x0, 0x54) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) 7.590024299s ago: executing program 7 (id=2205): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r0 = socket(0x11, 0x80003, 0x300) socket(0x2, 0x80002, 0x73) fadvise64$auto_POSIX_FADV_SEQUENTIAL(r0, 0x1, 0x1, 0x2) r1 = socket(0x2, 0x1, 0x84) r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), r1) sendmsg$auto_NFC_CMD_ENABLE_SE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="04002abd7000fd000a0000000000060011000200"/30], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x4) openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bdi/1:7/wb_stats\x00', 0x2080, 0x0) socket$nl_generic(0x10, 0x3, 0x10) memfd_secret$auto(0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x1a, 0x1, 0x0) epoll_create$auto(0x9) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) listmount$auto(&(0x7f0000000100)={0x401f, @inferred=r4, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/i8042/serio1/resetafter\x00', 0x129102, 0x0) write$auto(r8, &(0x7f0000000000)='y\x8c', 0x2) fadvise64$auto(r7, 0x8, 0x400000000000006, 0x4) socket(0x29, 0xa, 0x6) r9 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r9, 0xae01, 0x0) 6.470083613s ago: executing program 2 (id=2206): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r0, &(0x7f0000000080)={&(0x7f0000000040), 0xd2bf}, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(0x0, 0x6041, 0x0) socket(0x30, 0x2, 0xb) semctl$auto_SETVAL(0x4, 0xfffffff7, 0x10, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/ad_actor_system\x00', 0x0, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xfffffeff, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x2, 0x83, 0x101, 0x17f, 0x2}, {0xff, 0x1, 0x52, 0x5, 0x1, 0x40, 0x4, 0x8, 0x100000004}}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/lockd/nlm_end_grace\x00', 0x8282, 0x0) write$auto(0x3, 0x0, 0x7) 6.187979766s ago: executing program 6 (id=2207): setxattr$auto(0x0, &(0x7f0000000200)='*\x00', 0x0, 0x800000, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x109c01, 0x0) ioctl$auto(r0, 0x92106411, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop7\x00', 0x0, 0x0) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000300), 0xffffffffffffffff) timerfd_create$auto_CLOCK_BOOTTIME(0x7, 0x6) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_DISCONNECT(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000013c0)={0x0}, 0x1, 0x0, 0x0, 0xc000}, 0x801) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x8000b) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0xfffffffffffc0040, 0x8000000000000000, 0x8) syslog$auto(0x3, 0x0, 0x5) poll$auto(0x0, 0x7f, 0x9) socket(0x25, 0x5, 0x6) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) setsockopt$auto_SO_OOBINLINE(r3, 0x80000001, 0xa, &(0x7f0000000080)=',\x00', 0xfffffffc) r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000001c0), 0x82200, 0x0) pread64$auto(r4, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace\x00', 0x600, 0x0) 6.148773786s ago: executing program 7 (id=2208): r0 = socket(0x23, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4001, @loopback}, 0x6b) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x80802, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/ext4/sda1/mb_groups\x00', 0x40102, 0x0) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f0000000080)=@nl=@kern={0x10, 0x0, 0x0, 0x800000}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000180), 0xffffffffffffffff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) keyctl$auto(0x1e, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) prctl$auto(0x44, 0x7, 0x0, 0x6fffffffffffffff, 0x83) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000000), r4) sendmsg$auto_NL802154_CMD_GET_INTERFACE(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000840)=ANY=[@ANYBLOB="140bedc4", @ANYRES16=r5, @ANYBLOB="05032cbd7000fbdbdf2505000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4040008) mmap$auto(0x0, 0x40009, 0xb3, 0x9b72, 0x7, 0x81d8) write$auto(0x3, 0x0, 0x400000000000fdf3) close_range$auto(0x2, 0xa, 0x0) socket(0x5, 0xa, 0x1) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x4) kexec_load$auto(0x200000000007, 0x1, &(0x7f0000000040)={@buf=0x0, 0x2aaa, 0x6c0000c000, 0xc000}, 0x4) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f00000000c0), r0) setsockopt$auto(0x3, 0x1, 0x3f, 0x0, 0x9) 5.56834972s ago: executing program 5 (id=2209): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x20, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE={0x4}, @HWSIM_ATTR_REG_CUSTOM_REG={0x8, 0xc, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), 0xffffffffffffffff) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x8300, 0x0) ioctl$auto_RTC_PIE_ON(r2, 0x7005, 0x0) readv$auto(r2, &(0x7f00000004c0)={0x0, 0x4}, 0x5) close_range$auto(0x0, r2, 0x0) 5.05947414s ago: executing program 7 (id=2210): ioprio_set$auto(0x1, 0xee01, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0x89e0, 0x91) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) r0 = socket(0x8, 0x1, 0x5f8252e5) getsockopt$auto(r0, 0x0, 0xd, 0x0, 0x0) ioctl$auto(0x3, 0x89e1, 0x91) socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = open(0x0, 0x22240, 0x155) socket(0xa, 0x2, 0x73) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r2, 0x802c550a, &(0x7f0000000300)=ANY=[@ANYBLOB="020000060000e6ff040000000100400008"]) ioctl$auto(r2, 0x4004550c, r2) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r3, 0x4b47, 0x1) ioctl$auto_XFS_IOC_FREESP(r1, 0x4030580b, &(0x7f00000000c0)={0x5, 0x399, 0x0, 0x1, 0x7fffffff}) accept$auto(0x3, 0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x18, r5, 0x1, 0x60bd27, 0x25dfdbfa}, 0x18}, 0x1, 0x0, 0x0, 0x4800}, 0x240440a0) 4.91185775s ago: executing program 2 (id=2211): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto(r0, 0x89f0, r0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb4, r2, 0x6) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x7fff7fff, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mknod$auto(0x0, 0x20e9, 0x103) r4 = open(0x0, 0x20102, 0x100) write$auto(r4, 0x0, 0xaf0) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) fcntl$auto(0x3, 0x4, 0xa553) read$auto(r5, 0x0, 0xb4d3) setsockopt$auto(0xffffffffffffffff, 0x6, 0x2, 0x0, 0xfb3) r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/timer_list\x00', 0x0, 0x0) pread64$auto(r6, 0x0, 0x10, 0x101000000003) 4.772224117s ago: executing program 5 (id=2212): mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x6, 0x1, 0x0) socket(0x11, 0x2, 0x0) socketpair$auto(0x8, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x54) io_uring_setup$auto(0x6, 0x0) socket(0x11, 0x80003, 0x300) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) connect$auto(0x3, 0x0, 0x55) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000001040)={0x2, 0x29, 0x403, 0x1, 0x103, 0x0, 0x0}) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/pci/drivers/vmwgfx/new_id\x00', 0xa001, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r2 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000080), 0x41180, 0x0) read$auto(r2, 0x0, 0x58b22256) write$auto(0x3, 0x0, 0xfdef) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi0\x00', 0x80382, 0x0) ppoll$auto(0x0, 0xf3, 0x0, 0x0, 0x8) 3.662024729s ago: executing program 6 (id=2213): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000280)={0x4c, r1, 0x403, 0x70bd26, 0x25dbdbf9, {}, [@HWSIM_ATTR_FRAME={0x1c, 0x3, "afcc6f65fdd72aaaf6232ed2dd183765b06bef62cb03c346"}, @HWSIM_ATTR_ADDR_RECEIVER={0xa, 0x1, "196f88149b0c"}, @HWSIM_ATTR_RX_RATE={0x8, 0x5, 0x5}, @HWSIM_ATTR_SIGNAL={0x8, 0x6, 0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0xffffffffffffffff, 0x7fffffffffffffff, 0x2) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0xae64, 0x38) readv$auto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x7}, 0x8) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x4821c0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12bc00, 0x0) faccessat2$auto(0xffffffffffffffff, 0x0, 0x0, 0x7) read$auto(r3, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/pci0000:00/0000:00:03.0/resource1\x00', 0x0, 0x0) mmap$auto(0xff0f0000, 0x1, 0x1000000000002, 0x8000000008011, 0x3, 0x0) r4 = openat$dir(0xffffffffffffff9c, 0x0, 0x2d2802, 0x48) faccessat$auto(r4, 0x0, 0x2) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0x10, 0x2, 0x0) r6 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)=':,\x00', 0x52200, 0x10) unlinkat$auto(r7, &(0x7f00000000c0)=':,\x00', 0x1) write$auto(r6, 0x0, 0x1ff) 3.34604981s ago: executing program 2 (id=2214): mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae80, 0x0) mmap$auto(0x0, 0x7fff, 0x3, 0xeb0, 0xfffffffffffffffa, 0x208000) unshare$auto(0x40000080) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x200000000002d57, 0xeb1, 0xffffffffffffffff, 0x8000) mknod$auto(&(0x7f0000000080)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x1081, 0x8) socket(0x18, 0x1, 0x5) io_uring_setup$auto(0x1, 0x0) uname$auto(0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0) write$auto(r2, 0x0, 0x3) prctl$auto_PR_SME_SET_VL(0x3f, 0x9, 0x0, 0x5, 0x8b00) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYRES8], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff) 3.243508208s ago: executing program 5 (id=2215): socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x8, 0x5, 0x7, 0x0) socket(0x2, 0x5, 0x0) getsockopt$auto(0x6, 0x84, 0x7d, 0x0, &(0x7f00000000c0)=0x10000) 3.120511741s ago: executing program 6 (id=2216): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket(0xa, 0x2, 0x3a) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) ptrace$auto(0x10, r2, 0x4, 0x8000040006) ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000) setsockopt$auto(r1, 0x29, 0x39, 0x0, 0x110) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x101080, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 2.82866416s ago: executing program 5 (id=2217): socket(0xf, 0xa, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82000, 0x0) socket(0xa, 0x1, 0x100) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r0, 0xc1004111, 0x0) ioctl$auto_CEC_S_MODE(0xffffffffffffffff, 0x40046109, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyve\x00', 0x102, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x835b, 0x200000000001, 0x4, 0x5, 0x7) mq_timedreceive$auto(0xffffffffffffffff, 0x0, 0x5, 0x0, 0xffffffffffffffff) migrate_pages$auto(0x0, 0x3, 0x0, &(0x7f0000000140)=0x2) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x1, 0x37eb, 0x40eb2, 0x4, 0x300000000000) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) write$auto(0xca, &(0x7f0000000080)='\x04 \xa1M\x11=.!\xd3\'\x8a\x00\x00\x00\x00\x00\xbd\x90q\xd0\xff\xea\xe9\x04B\x1c\x9a\x02y(\x83\xdf-g\xd7.\x83\xb2\xe4x\xdb\xfb\x18#&\x83\x17\x18\x05\x12|\x83$\xd0\x9a?\xf2W\xdd\xd3Z*\xa5\x81V\x98+q\xef(]\x81\x1c\x98B]\x9c\xd7\x05\x11\xcc\x1d\xc5\t\xe1A\fA\x8b\xd8\x8b\xb5\xa0\x9c\xab\xb6:\x18\xeaz\xc2!x0\f\xaa\xbd\xbeGh\x0f\v2\x83\x12>\xe7\x9e\xdb\xb5yO\xa3*\xb8\x9fH\xc0K0\x87\xc3N~2\xb1\xc4\xc7y9u\xa6\x89\xa9@\xf1\x92M(\x9e\xf9\x8e\xbf\x86\xfav7t\x14\xde\xd9Wd1G\x97\x13\x84\xff\x99\xdf\xd2\xa2\xf5l\xd6\xcf\x04\f^@r\xe9!\xb1X\xf19$\xf0h\v\r\xd0\xd9\xefm[l\xa4\xc7\x0e+H\xed\xf8\x82Wh%\x1f\x99\xaa\xf2\xb3\xb3Nr\xb0\x9a\xd2\xb67\xca\xdar\xa6\xe07\x061\xb7\xa6\xa9\x1b?>\x03\xad^\xd7\xbb-\'}\xc7\x82\xaa\n\xac\xa3\x15\x82\xc0\x02\x18\x1f\xb1cX\xc9\xcaGf((p<\x17|\x03\x00\x00\x00Qop^Y\xf4\xeccl\xa0$\xe0\'\xf8\x83\x8c\x7fW!p^=\x12\xbf$\xae7\xa2,\xce\xd1\xb0\xbd\x01\xf0z\x97\x0f\x94\xb5\x10&@\xaeF\xb8\x92\xd5\x15E\xf8\\ =SMH6\xd6\xd2\xa2~\x0e\x87\f\x0e\xe2\xd7\xfc\xed9\xaa\x81Qdw\xa0\xe7;D\xfa\xd3+\x93<\xce\xf16%\xc1s\b\xb0\xfe\xcd\xaf\x1a\xed\xf9\xd3HD\x82\xb5d\x9e\x91\xa1\x04\xe0\x86\xd94\x06O2\xc4O\xffm\xc3O\xe89\xbe\x03B\x0f6\xbe\xaf\xaa=[7\xd9\xca\xd2\xa0&\xc4(=%\xda\rM(&\xe4\x12S\nm\xd8\xb4\x8a\x1f\x00', 0x7e) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) getdents64$auto(0x2, 0xfffffffffffffffe, 0x1) close_range$auto(0x2, r1, 0x100) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x3, 0x8000000000000000, 0xeb1, r2, 0x808000) get_mempolicy$auto(0x0, 0x0, 0x3, 0x1ff, 0x3) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) 2.763641782s ago: executing program 7 (id=2218): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r2, 0x0, 0x4) readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3) migrate_pages$auto(0x0, 0x99, 0x0, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000140)="3318cb3319931a44e65544d1088ccb0c05e782e43eaa4777c1a19fdb0000000000004b0b1cef1fe8073e55ddc691f22d52da9ef45dad05d0e51997a4aaf87ca04bc8cd6c4d04a3f02669b73af6f0d414770ae5e35df11afe6c1129057f30dfc9933881d1d35871d74b59ebd0f40000000000000003404905a341d5cc360cbb575880c9a73b2795c3d9f86f39a0bb690eadcc2fba068b0d0d69907c50") ioctl$auto_SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0) socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x41, 0x3, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/controlC0\x00', 0x8600, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x3, 0xe988, 0x4, 0x17, 0x401, 0x4008000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty39\x00', 0x802, 0x0) r5 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r4, 0x80085610, r5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) pread64$auto(r6, 0x0, 0x40000000f42c, 0x80002) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40007, 0x1000000005, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0xc018aa3f, 0xf0b) 2.106130196s ago: executing program 2 (id=2219): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) socket(0x2, 0x1, 0x106) sysfs$auto(0x2, 0x100000000000030, 0x0) fsopen$auto(0x0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.4/usb5/power/level\x00', 0x129882, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec26\x00', 0x43cd00, 0x0) sysfs$auto(0x2, 0x23, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) madvise$auto(0x8, 0x80, 0x4) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto_MADV_DODUMP(0x8, 0x5, 0x11) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 1.564902256s ago: executing program 6 (id=2220): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket(0xa, 0x2, 0x3a) r1 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) ptrace$auto(0x10, r1, 0x4, 0x8000040006) ptrace$auto(0xf, r1, 0xfffffffffffffffe, 0x8000000000000000) setsockopt$auto(r0, 0x29, 0x39, 0x0, 0x110) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x101080, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 1.472681254s ago: executing program 7 (id=2221): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_VHOST_SET_VRING_CALL2(0xffffffffffffffff, 0x4008af21, &(0x7f0000000380)={0x2, r1}) ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000480)={{0x2, 0xf2cf, 0x200, 0x4}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef93688603000000000000d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x8}) r3 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0xb213, 0x2c, 0x800}) sendmmsg$auto(r3, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000080)='L', 0x49}, 0x2, &(0x7f0000000700), 0x5, 0x1}, 0x5}, 0x2, 0x100) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x3, 0x1ff, 0x1001, 0x5, 0x717e, 0x0, 0x7, 0x200000000000003, 0xd, 0x2, 0x80003, 0x4, 0x1ffffffffffd, 0xb4, 0xfffffffffffffffe, 0x7, 0x4, 0x7f, 0x2a2, 0x5, 0xa, 0x22000, 0x200, 0x4, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x56, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8acc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0xffffffffffffffff, 0x100000000000]}, 0x1fe, 0xd) r5 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r5, 0xfffffffffffffd03, &(0x7f00000001c0)) ioctl$auto_TUNSETTXFILTER(0xffffffffffffffff, 0x400454d1, &(0x7f0000000040)=0x1) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r6, 0x5608, 0x7) keyctl$auto(0x3, 0xfffffffffffffffd, 0x0, 0xee01, 0xa00002) r7 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r7, r7, 0x0) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) r8 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x80000000, 0x5f, 0x80000001, 0x7, 0x6d3f, 0x7, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r8, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) 287.1773ms ago: executing program 6 (id=2222): set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/nbd14/sched/write1_fifo_list\x00', 0x189e42, 0x0) close_range$auto(0x2, 0xa, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) ioctl$auto(r1, 0x540a, 0x0) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0x9, 0x0, 0xfffffffffffffffd, 0x6, 0x80008) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) madvise$auto(0x2, 0x5c61fa2c, 0xf) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x800) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 27.725197ms ago: executing program 5 (id=2223): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) socket(0x2, 0x1, 0x106) sysfs$auto(0x2, 0x100000000000030, 0x0) fsopen$auto(0x0, 0x1) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.4/usb5/power/level\x00', 0x129882, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec26\x00', 0x43cd00, 0x0) sysfs$auto(0x2, 0x23, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) madvise$auto(0x8, 0x80, 0x4) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto_MADV_DODUMP(0x8, 0x5, 0x11) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 0s ago: executing program 7 (id=2224): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x81, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x3c41, 0x0) r0 = getpid() r1 = gettid() r2 = open(0x0, 0x80400, 0xb5d1af1605322dd2) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) read$auto_lowpan_enable_fops_(r2, &(0x7f00000002c0)=""/120, 0x78) rt_tgsigqueueinfo$auto(r0, r1, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}}) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) timer_settime$auto(0x0, 0x801, &(0x7f0000000000)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f0000000180)={0x9, &(0x7f0000000000)={0x50, 0xf4, 0xb0, @inferred=r3}}) close_range$auto(0x2, 0x8, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f00000000c0)='}[,&*}\x00', &(0x7f0000000140)='nfsd\x00', 0x1000005, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(r4, r5, 0x40000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) kernel console output (not intermixed with test programs): z.0.1950'. [ 707.521312][T16227] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1951'. [ 708.528001][T16250] usbip-vudc usbip-vudc.0: gadget not bound [ 708.645579][T16253] FAULT_INJECTION: forcing a failure. [ 708.645579][T16253] name failslab, interval 1, probability 0, space 0, times 0 [ 708.659436][T16253] CPU: 0 UID: 0 PID: 16253 Comm: syz.2.1959 Not tainted syzkaller #0 PREEMPT(full) [ 708.659474][T16253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 708.659492][T16253] Call Trace: [ 708.659501][T16253] [ 708.659511][T16253] dump_stack_lvl+0x16c/0x1f0 [ 708.659539][T16253] should_fail_ex+0x512/0x640 [ 708.659562][T16253] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 708.659580][T16253] should_failslab+0xc2/0x120 [ 708.659600][T16253] __kmalloc_cache_noprof+0x6a/0x3e0 [ 708.659615][T16253] ? loopback_open+0xa04/0x13a0 [ 708.659639][T16253] ? kasan_save_track+0x14/0x30 [ 708.659659][T16253] loopback_open+0xa04/0x13a0 [ 708.659686][T16253] snd_pcm_open_substream+0xa60/0x17f0 [ 708.659708][T16253] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 708.659728][T16253] ? rcu_is_watching+0x12/0xc0 [ 708.659747][T16253] snd_pcm_open+0x29e/0x730 [ 708.659767][T16253] ? __pfx_snd_pcm_open+0x10/0x10 [ 708.659788][T16253] ? __pfx_default_wake_function+0x10/0x10 [ 708.659810][T16253] ? __pfx_snd_pcm_playback_open+0x10/0x10 [ 708.659828][T16253] snd_pcm_playback_open+0x86/0xe0 [ 708.659847][T16253] snd_open+0x22a/0x4c0 [ 708.659862][T16253] ? __pfx_snd_open+0x10/0x10 [ 708.659883][T16253] chrdev_open+0x234/0x6a0 [ 708.659903][T16253] ? __pfx_apparmor_file_open+0x10/0x10 [ 708.659920][T16253] ? __pfx_chrdev_open+0x10/0x10 [ 708.659940][T16253] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 708.659961][T16253] do_dentry_open+0x982/0x1530 [ 708.659979][T16253] ? __pfx_chrdev_open+0x10/0x10 [ 708.660001][T16253] vfs_open+0x82/0x3f0 [ 708.660025][T16253] path_openat+0x1de4/0x2cb0 [ 708.660048][T16253] ? __pfx_path_openat+0x10/0x10 [ 708.660070][T16253] do_filp_open+0x20b/0x470 [ 708.660087][T16253] ? __pfx_do_filp_open+0x10/0x10 [ 708.660121][T16253] ? alloc_fd+0x471/0x7d0 [ 708.660142][T16253] do_sys_openat2+0x11b/0x1d0 [ 708.660163][T16253] ? __pfx_do_sys_openat2+0x10/0x10 [ 708.660213][T16253] __x64_sys_openat+0x174/0x210 [ 708.660236][T16253] ? __pfx___x64_sys_openat+0x10/0x10 [ 708.660272][T16253] do_syscall_64+0xcd/0x4c0 [ 708.660299][T16253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.660326][T16253] RIP: 0033:0x7fe3b078eec9 [ 708.660348][T16253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 708.660374][T16253] RSP: 002b:00007fe3b157c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 708.660399][T16253] RAX: ffffffffffffffda RBX: 00007fe3b09e5fa0 RCX: 00007fe3b078eec9 [ 708.660417][T16253] RDX: 0000000000001906 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 708.660432][T16253] RBP: 00007fe3b0811f91 R08: 0000000000000000 R09: 0000000000000000 [ 708.660447][T16253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 708.660461][T16253] R13: 00007fe3b09e6038 R14: 00007fe3b09e5fa0 R15: 00007ffcc4f4ee58 [ 708.660494][T16253] [ 709.065492][T16257] FAULT_INJECTION: forcing a failure. [ 709.065492][T16257] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 709.079098][T16257] CPU: 1 UID: 0 PID: 16257 Comm: syz.0.1960 Not tainted syzkaller #0 PREEMPT(full) [ 709.079134][T16257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 709.079149][T16257] Call Trace: [ 709.079159][T16257] [ 709.079170][T16257] dump_stack_lvl+0x16c/0x1f0 [ 709.079213][T16257] should_fail_ex+0x512/0x640 [ 709.079255][T16257] should_fail_alloc_page+0xe7/0x130 [ 709.079292][T16257] prepare_alloc_pages+0x3c2/0x610 [ 709.079335][T16257] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 709.079366][T16257] ? stack_trace_save+0x8e/0xc0 [ 709.079395][T16257] ? __pfx_stack_trace_save+0x10/0x10 [ 709.079423][T16257] ? rcu_is_watching+0x12/0xc0 [ 709.079450][T16257] ? stack_depot_save_flags+0x29/0x9c0 [ 709.079495][T16257] ? kasan_save_stack+0x42/0x60 [ 709.079523][T16257] ? kasan_save_stack+0x33/0x60 [ 709.079550][T16257] ? kasan_save_track+0x14/0x30 [ 709.079580][T16257] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 709.079610][T16257] ? walk_pgd_range+0x88b/0x1f50 [ 709.079639][T16257] ? walk_page_range_mm+0x461/0xb40 [ 709.079670][T16257] ? madvise_walk_vmas+0x31f/0x9c0 [ 709.079704][T16257] ? madvise_do_behavior+0x1e2/0x530 [ 709.079737][T16257] ? do_madvise+0x176/0x240 [ 709.079769][T16257] ? __x64_sys_madvise+0xa9/0x110 [ 709.079804][T16257] ? do_syscall_64+0xcd/0x4c0 [ 709.079826][T16257] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.079868][T16257] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 709.079919][T16257] ? policy_nodemask+0xea/0x4e0 [ 709.079958][T16257] alloc_pages_mpol+0x1fb/0x550 [ 709.079999][T16257] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 709.080044][T16257] alloc_pages_noprof+0x131/0x390 [ 709.080079][T16257] pte_alloc_one+0x1c/0x3a0 [ 709.080109][T16257] __pte_alloc+0x6d/0x3c0 [ 709.080143][T16257] ? __pfx___pte_alloc+0x10/0x10 [ 709.080176][T16257] ? _raw_spin_unlock+0x28/0x50 [ 709.080206][T16257] ? __pmd_alloc+0x3fb/0x930 [ 709.080243][T16257] walk_pgd_range+0xb84/0x1f50 [ 709.080278][T16257] ? __pfx_guard_install_set_pte+0x10/0x10 [ 709.080311][T16257] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 709.080347][T16257] ? __pfx_guard_install_set_pte+0x10/0x10 [ 709.080382][T16257] ? __pfx_guard_install_set_pte+0x10/0x10 [ 709.080414][T16257] ? __pfx_guard_install_set_pte+0x10/0x10 [ 709.080447][T16257] ? __pfx_walk_pgd_range+0x10/0x10 [ 709.080487][T16257] __walk_page_range+0x163/0x820 [ 709.080522][T16257] ? find_vma+0xbf/0x140 [ 709.080552][T16257] ? __pfx_find_vma+0x10/0x10 [ 709.080585][T16257] ? walk_page_test+0x9b/0x180 [ 709.080619][T16257] walk_page_range_mm+0x461/0xb40 [ 709.080654][T16257] ? __pfx_walk_page_range_mm+0x10/0x10 [ 709.080693][T16257] ? __anon_vma_prepare+0x2e2/0x5e0 [ 709.080722][T16257] madvise_vma_behavior+0xa62/0x2d60 [ 709.080760][T16257] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 709.080798][T16257] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 709.080837][T16257] ? __pfx_mas_prev+0x10/0x10 [ 709.080880][T16257] ? find_vma_prev+0xda/0x160 [ 709.080924][T16257] ? find_held_lock+0x2b/0x80 [ 709.080950][T16257] ? __pfx_find_vma_prev+0x10/0x10 [ 709.080986][T16257] ? futex_unqueue+0x133/0x2c0 [ 709.081028][T16257] ? __futex_wait+0x24c/0x2f0 [ 709.081066][T16257] madvise_walk_vmas+0x31f/0x9c0 [ 709.081107][T16257] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 709.081153][T16257] madvise_do_behavior+0x1e2/0x530 [ 709.081189][T16257] ? futex_private_hash_put+0x18a/0x300 [ 709.081219][T16257] ? __pfx_madvise_do_behavior+0x10/0x10 [ 709.081256][T16257] ? down_read+0x13d/0x480 [ 709.081299][T16257] do_madvise+0x176/0x240 [ 709.081335][T16257] ? __pfx_do_madvise+0x10/0x10 [ 709.081369][T16257] ? do_futex+0x122/0x350 [ 709.081423][T16257] ? xfd_validate_state+0x61/0x180 [ 709.081455][T16257] ? __pfx_ksys_write+0x10/0x10 [ 709.081492][T16257] __x64_sys_madvise+0xa9/0x110 [ 709.081534][T16257] ? lockdep_hardirqs_on+0x7c/0x110 [ 709.081570][T16257] do_syscall_64+0xcd/0x4c0 [ 709.081596][T16257] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 709.081626][T16257] RIP: 0033:0x7f4fbe78eec9 [ 709.081646][T16257] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 709.081673][T16257] RSP: 002b:00007f4fbf562038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 709.081699][T16257] RAX: ffffffffffffffda RBX: 00007f4fbe9e5fa0 RCX: 00007f4fbe78eec9 [ 709.081718][T16257] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 709.081734][T16257] RBP: 00007f4fbe811f91 R08: 0000000000000000 R09: 0000000000000000 [ 709.081751][T16257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 709.081767][T16257] R13: 00007f4fbe9e6038 R14: 00007f4fbe9e5fa0 R15: 00007ffec34fd9b8 [ 709.081804][T16257] [ 709.686145][T16258] sd 0:0:1:0: PR command failed: 1026 [ 709.692851][T16258] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 709.700022][T16258] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 709.918699][ T30] audit: type=1800 audit(4294968044.618:74): pid=16264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1960" name="features" dev="configfs" ino=54821 res=0 errno=0 [ 710.610759][T16283] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1967'. [ 715.035147][T16355] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1983'. [ 715.434049][T16367] FAULT_INJECTION: forcing a failure. [ 715.434049][T16367] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 715.452310][T16367] CPU: 0 UID: 0 PID: 16367 Comm: syz.5.1986 Not tainted syzkaller #0 PREEMPT(full) [ 715.452343][T16367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 715.452358][T16367] Call Trace: [ 715.452367][T16367] [ 715.452376][T16367] dump_stack_lvl+0x16c/0x1f0 [ 715.452419][T16367] should_fail_ex+0x512/0x640 [ 715.452460][T16367] _copy_to_iter+0x29f/0x1710 [ 715.452490][T16367] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 715.452527][T16367] ? __pfx_autoremove_wake_function+0x10/0x10 [ 715.452557][T16367] ? __pfx__copy_to_iter+0x10/0x10 [ 715.452582][T16367] ? find_held_lock+0x2b/0x80 [ 715.452610][T16367] ? mark_held_locks+0x49/0x80 [ 715.452640][T16367] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 715.452674][T16367] ? lockdep_hardirqs_on+0x7c/0x110 [ 715.452715][T16367] simple_copy_to_iter+0x46/0x90 [ 715.452746][T16367] __skb_datagram_iter+0x5af/0x900 [ 715.452775][T16367] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 715.452818][T16367] skb_copy_datagram_iter+0x40/0x50 [ 715.452850][T16367] mptcp_recvmsg+0x5ac/0x2230 [ 715.452904][T16367] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 715.452938][T16367] ? __pfx___might_resched+0x10/0x10 [ 715.452985][T16367] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 715.453015][T16367] inet_recvmsg+0x472/0x6a0 [ 715.453042][T16367] ? __fget_files+0x204/0x3c0 [ 715.453070][T16367] ? __pfx_inet_recvmsg+0x10/0x10 [ 715.453099][T16367] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 715.453134][T16367] sock_recvmsg+0x1b2/0x250 [ 715.453163][T16367] __sys_recvfrom+0x203/0x310 [ 715.453202][T16367] ? 0xffffffff81000000 [ 715.453223][T16367] ? __pfx___sys_recvfrom+0x10/0x10 [ 715.453287][T16367] ? ksys_write+0x1ac/0x250 [ 715.453316][T16367] ? __pfx_ksys_write+0x10/0x10 [ 715.453349][T16367] __x64_sys_recvfrom+0xe0/0x1c0 [ 715.453381][T16367] ? do_syscall_64+0x91/0x4c0 [ 715.453403][T16367] ? lockdep_hardirqs_on+0x7c/0x110 [ 715.453436][T16367] do_syscall_64+0xcd/0x4c0 [ 715.453460][T16367] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.453484][T16367] RIP: 0033:0x7f3d0338eec9 [ 715.453503][T16367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 715.453526][T16367] RSP: 002b:00007f3d04210038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 715.453549][T16367] RAX: ffffffffffffffda RBX: 00007f3d035e6090 RCX: 00007f3d0338eec9 [ 715.453566][T16367] RDX: 000000800020000e RSI: 0000000000000000 RDI: 0000000000000003 [ 715.453582][T16367] RBP: 00007f3d04210090 R08: 0000000000000000 R09: ffffffff81000000 [ 715.453598][T16367] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 715.453613][T16367] R13: 00007f3d035e6128 R14: 00007f3d035e6090 R15: 00007fff98a243c8 [ 715.453638][T16367] ? 0xffffffff81000000 [ 715.453666][T16367] [ 715.966759][T16374] netlink: 334 bytes leftover after parsing attributes in process `syz.5.1988'. [ 715.985009][T16378] netlink: 338 bytes leftover after parsing attributes in process `syz.5.1988'. [ 716.175550][T16381] random: crng reseeded on system resumption [ 716.184020][T15216] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 716.195614][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 716.207077][T14711] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 716.217905][T15216] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 716.230631][T15216] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 716.251850][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 716.264909][T15216] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 716.276753][T14711] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 716.299908][T15216] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 716.331462][T15216] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 716.341362][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 716.359493][T15216] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 716.373854][T14711] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 716.397801][T15216] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 716.406759][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 716.418101][T15216] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 716.427331][T14711] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 716.436670][T15216] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 716.444856][T14711] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 716.480376][T14711] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 716.954394][ T5869] usb usb38-port5: attempt power cycle [ 717.521721][ T5869] usb usb38-port5: unable to enumerate USB device [ 718.501976][T14741] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 718.502009][T14741] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 718.521905][T14741] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 718.522063][T14741] Bluetooth: hci1: Malformed LE Event: 0x0d [ 719.186371][T16431] FAULT_INJECTION: forcing a failure. [ 719.186371][T16431] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 719.199561][T16431] CPU: 0 UID: 0 PID: 16431 Comm: syz.2.1997 Not tainted syzkaller #0 PREEMPT(full) [ 719.199583][T16431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 719.199592][T16431] Call Trace: [ 719.199598][T16431] [ 719.199604][T16431] dump_stack_lvl+0x16c/0x1f0 [ 719.199630][T16431] should_fail_ex+0x512/0x640 [ 719.199654][T16431] _copy_to_iter+0x29f/0x1710 [ 719.199673][T16431] ? irqentry_exit+0x3b/0x90 [ 719.199694][T16431] ? __pfx__copy_to_iter+0x10/0x10 [ 719.199717][T16431] ? simple_copy_to_iter+0x23/0x90 [ 719.199751][T16431] simple_copy_to_iter+0x46/0x90 [ 719.199780][T16431] __skb_datagram_iter+0x5af/0x900 [ 719.199809][T16431] ? __pfx_simple_copy_to_iter+0x10/0x10 [ 719.199840][T16431] skb_copy_datagram_iter+0x40/0x50 [ 719.199859][T16431] mptcp_recvmsg+0x5ac/0x2230 [ 719.199890][T16431] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 719.199910][T16431] ? __pfx___might_resched+0x10/0x10 [ 719.199935][T16431] ? __pfx_mptcp_recvmsg+0x10/0x10 [ 719.199953][T16431] inet_recvmsg+0x472/0x6a0 [ 719.199968][T16431] ? __fget_files+0x204/0x3c0 [ 719.199985][T16431] ? __pfx_inet_recvmsg+0x10/0x10 [ 719.200001][T16431] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 719.200021][T16431] sock_recvmsg+0x1b2/0x250 [ 719.200037][T16431] __sys_recvfrom+0x203/0x310 [ 719.200056][T16431] ? 0xffffffff81000000 [ 719.200067][T16431] ? __pfx___sys_recvfrom+0x10/0x10 [ 719.200102][T16431] ? ksys_write+0x1ac/0x250 [ 719.200119][T16431] ? __pfx_ksys_write+0x10/0x10 [ 719.200143][T16431] __x64_sys_recvfrom+0xe0/0x1c0 [ 719.200168][T16431] ? do_syscall_64+0x91/0x4c0 [ 719.200188][T16431] ? lockdep_hardirqs_on+0x7c/0x110 [ 719.200220][T16431] do_syscall_64+0xcd/0x4c0 [ 719.200234][T16431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 719.200249][T16431] RIP: 0033:0x7fe3b078eec9 [ 719.200261][T16431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 719.200275][T16431] RSP: 002b:00007fe3b157c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002d [ 719.200289][T16431] RAX: ffffffffffffffda RBX: 00007fe3b09e5fa0 RCX: 00007fe3b078eec9 [ 719.200298][T16431] RDX: 000000800020000e RSI: 0000000000000000 RDI: 0000000000000003 [ 719.200307][T16431] RBP: 00007fe3b157c090 R08: 0000000000000000 R09: ffffffff81000000 [ 719.200316][T16431] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 719.200324][T16431] R13: 00007fe3b09e6038 R14: 00007fe3b09e5fa0 R15: 00007ffcc4f4ee58 [ 719.200337][T16431] ? 0xffffffff81000000 [ 719.200351][T16431] [ 726.789026][T14677] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 726.802101][T14677] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 726.817610][T14677] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 726.834336][T14677] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 726.845055][T14677] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 727.023638][T16445] FAULT_INJECTION: forcing a failure. [ 727.023638][T16445] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 727.053381][T16445] CPU: 0 UID: 0 PID: 16445 Comm: syz.2.2001 Not tainted syzkaller #0 PREEMPT(full) [ 727.053418][T16445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 727.053435][T16445] Call Trace: [ 727.053445][T16445] [ 727.053456][T16445] dump_stack_lvl+0x16c/0x1f0 [ 727.053500][T16445] should_fail_ex+0x512/0x640 [ 727.053544][T16445] should_fail_alloc_page+0xe7/0x130 [ 727.053581][T16445] prepare_alloc_pages+0x3c2/0x610 [ 727.053624][T16445] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 727.053655][T16445] ? stack_trace_save+0x8e/0xc0 [ 727.053684][T16445] ? __pfx_stack_trace_save+0x10/0x10 [ 727.053712][T16445] ? rcu_is_watching+0x12/0xc0 [ 727.053738][T16445] ? stack_depot_save_flags+0x29/0x9c0 [ 727.053784][T16445] ? kasan_save_stack+0x42/0x60 [ 727.053811][T16445] ? kasan_save_stack+0x33/0x60 [ 727.053835][T16445] ? kasan_save_track+0x14/0x30 [ 727.053858][T16445] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 727.053882][T16445] ? walk_pgd_range+0x88b/0x1f50 [ 727.053904][T16445] ? walk_page_range_mm+0x461/0xb40 [ 727.053926][T16445] ? madvise_walk_vmas+0x31f/0x9c0 [ 727.053957][T16445] ? madvise_do_behavior+0x1e2/0x530 [ 727.053987][T16445] ? do_madvise+0x176/0x240 [ 727.054018][T16445] ? __x64_sys_madvise+0xa9/0x110 [ 727.054050][T16445] ? do_syscall_64+0xcd/0x4c0 [ 727.054070][T16445] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.054112][T16445] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 727.054153][T16445] ? policy_nodemask+0xea/0x4e0 [ 727.054189][T16445] alloc_pages_mpol+0x1fb/0x550 [ 727.054226][T16445] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 727.054271][T16445] alloc_pages_noprof+0x131/0x390 [ 727.054315][T16445] pte_alloc_one+0x1c/0x3a0 [ 727.054346][T16445] __pte_alloc+0x6d/0x3c0 [ 727.054381][T16445] ? __pfx___pte_alloc+0x10/0x10 [ 727.054416][T16445] ? _raw_spin_unlock+0x28/0x50 [ 727.054449][T16445] ? __pmd_alloc+0x3fb/0x930 [ 727.054490][T16445] walk_pgd_range+0xb84/0x1f50 [ 727.054527][T16445] ? __pfx_guard_install_set_pte+0x10/0x10 [ 727.054561][T16445] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 727.054598][T16445] ? __pfx_guard_install_set_pte+0x10/0x10 [ 727.054638][T16445] ? __pfx_guard_install_set_pte+0x10/0x10 [ 727.054673][T16445] ? __pfx_guard_install_set_pte+0x10/0x10 [ 727.054709][T16445] ? __pfx_walk_pgd_range+0x10/0x10 [ 727.054751][T16445] __walk_page_range+0x163/0x820 [ 727.054784][T16445] ? find_vma+0xbf/0x140 [ 727.054811][T16445] ? __pfx_find_vma+0x10/0x10 [ 727.054844][T16445] ? walk_page_test+0x9b/0x180 [ 727.054871][T16445] walk_page_range_mm+0x461/0xb40 [ 727.054902][T16445] ? __pfx_walk_page_range_mm+0x10/0x10 [ 727.054939][T16445] ? __anon_vma_prepare+0x2e2/0x5e0 [ 727.054969][T16445] madvise_vma_behavior+0xa62/0x2d60 [ 727.055006][T16445] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 727.055039][T16445] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 727.055076][T16445] ? __pfx_mas_prev+0x10/0x10 [ 727.055118][T16445] ? find_vma_prev+0xda/0x160 [ 727.055152][T16445] ? __pfx___schedule+0x10/0x10 [ 727.055183][T16445] ? __pfx_find_vma_prev+0x10/0x10 [ 727.055216][T16445] ? futex_unqueue+0x133/0x2c0 [ 727.055264][T16445] madvise_walk_vmas+0x31f/0x9c0 [ 727.055322][T16445] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 727.055363][T16445] ? lock_acquire+0x62/0x350 [ 727.055401][T16445] madvise_do_behavior+0x1e2/0x530 [ 727.055435][T16445] ? futex_private_hash_put+0x18a/0x300 [ 727.055468][T16445] ? __pfx_madvise_do_behavior+0x10/0x10 [ 727.055505][T16445] ? down_read+0x13d/0x480 [ 727.055545][T16445] do_madvise+0x176/0x240 [ 727.055580][T16445] ? __pfx_do_madvise+0x10/0x10 [ 727.055613][T16445] ? do_futex+0x122/0x350 [ 727.055665][T16445] ? xfd_validate_state+0x61/0x180 [ 727.055699][T16445] ? __pfx_ksys_write+0x10/0x10 [ 727.055736][T16445] __x64_sys_madvise+0xa9/0x110 [ 727.055771][T16445] ? lockdep_hardirqs_on+0x7c/0x110 [ 727.055806][T16445] do_syscall_64+0xcd/0x4c0 [ 727.055832][T16445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.055859][T16445] RIP: 0033:0x7fe3b078eec9 [ 727.055880][T16445] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.055905][T16445] RSP: 002b:00007fe3b157c038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 727.055929][T16445] RAX: ffffffffffffffda RBX: 00007fe3b09e5fa0 RCX: 00007fe3b078eec9 [ 727.055949][T16445] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 727.055966][T16445] RBP: 00007fe3b0811f91 R08: 0000000000000000 R09: 0000000000000000 [ 727.055983][T16445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 727.055998][T16445] R13: 00007fe3b09e6038 R14: 00007fe3b09e5fa0 R15: 00007ffcc4f4ee58 [ 727.056032][T16445] [ 727.654460][T16444] FAULT_INJECTION: forcing a failure. [ 727.654460][T16444] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 727.667753][T16444] CPU: 0 UID: 0 PID: 16444 Comm: syz.0.2008 Not tainted syzkaller #0 PREEMPT(full) [ 727.667775][T16444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 727.667785][T16444] Call Trace: [ 727.667791][T16444] [ 727.667797][T16444] dump_stack_lvl+0x16c/0x1f0 [ 727.667824][T16444] should_fail_ex+0x512/0x640 [ 727.667848][T16444] _copy_from_user+0x2e/0xd0 [ 727.667864][T16444] ctl_ioctl+0xeb/0xd60 [ 727.667882][T16444] ? __pfx_ctl_ioctl+0x10/0x10 [ 727.667915][T16444] ? __fget_files+0x20e/0x3c0 [ 727.667935][T16444] dm_ctl_ioctl+0x22/0x30 [ 727.667948][T16444] ? __pfx_dm_ctl_ioctl+0x10/0x10 [ 727.667963][T16444] __x64_sys_ioctl+0x18e/0x210 [ 727.667986][T16444] do_syscall_64+0xcd/0x4c0 [ 727.668000][T16444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.668015][T16444] RIP: 0033:0x7f4fbe78eec9 [ 727.668027][T16444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.668041][T16444] RSP: 002b:00007f4fbf562038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 727.668056][T16444] RAX: ffffffffffffffda RBX: 00007f4fbe9e5fa0 RCX: 00007f4fbe78eec9 [ 727.668066][T16444] RDX: 00002000000001c0 RSI: fffffffffffffd03 RDI: 0000000000000004 [ 727.668075][T16444] RBP: 00007f4fbe811f91 R08: 0000000000000000 R09: 0000000000000000 [ 727.668084][T16444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 727.668093][T16444] R13: 00007f4fbe9e6038 R14: 00007f4fbe9e5fa0 R15: 00007ffec34fd9b8 [ 727.668111][T16444] [ 728.113655][T16436] chnl_net:caif_netlink_parms(): no params data found [ 728.187550][T16459] FAULT_INJECTION: forcing a failure. [ 728.187550][T16459] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 728.200990][T16459] CPU: 0 UID: 0 PID: 16459 Comm: syz.0.2002 Not tainted syzkaller #0 PREEMPT(full) [ 728.201011][T16459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 728.201021][T16459] Call Trace: [ 728.201028][T16459] [ 728.201035][T16459] dump_stack_lvl+0x16c/0x1f0 [ 728.201064][T16459] should_fail_ex+0x512/0x640 [ 728.201090][T16459] should_fail_alloc_page+0xe7/0x130 [ 728.201112][T16459] prepare_alloc_pages+0x3c2/0x610 [ 728.201137][T16459] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 728.201154][T16459] ? stack_trace_save+0x8e/0xc0 [ 728.201171][T16459] ? __pfx_stack_trace_save+0x10/0x10 [ 728.201185][T16459] ? rcu_is_watching+0x12/0xc0 [ 728.201200][T16459] ? stack_depot_save_flags+0x29/0x9c0 [ 728.201225][T16459] ? kasan_save_stack+0x42/0x60 [ 728.201242][T16459] ? kasan_save_stack+0x33/0x60 [ 728.201266][T16459] ? kasan_save_track+0x14/0x30 [ 728.201283][T16459] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 728.201306][T16459] ? walk_pgd_range+0x88b/0x1f50 [ 728.201323][T16459] ? walk_page_range_mm+0x461/0xb40 [ 728.201339][T16459] ? madvise_walk_vmas+0x31f/0x9c0 [ 728.201358][T16459] ? madvise_do_behavior+0x1e2/0x530 [ 728.201377][T16459] ? do_madvise+0x176/0x240 [ 728.201394][T16459] ? __x64_sys_madvise+0xa9/0x110 [ 728.201413][T16459] ? do_syscall_64+0xcd/0x4c0 [ 728.201424][T16459] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.201447][T16459] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 728.201476][T16459] ? policy_nodemask+0xea/0x4e0 [ 728.201497][T16459] alloc_pages_mpol+0x1fb/0x550 [ 728.201517][T16459] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 728.201542][T16459] alloc_pages_noprof+0x131/0x390 [ 728.201562][T16459] pte_alloc_one+0x1c/0x3a0 [ 728.201577][T16459] __pte_alloc+0x6d/0x3c0 [ 728.201596][T16459] ? __pfx___pte_alloc+0x10/0x10 [ 728.201615][T16459] ? _raw_spin_unlock+0x28/0x50 [ 728.201633][T16459] ? __pmd_alloc+0x3fb/0x930 [ 728.201654][T16459] walk_pgd_range+0xb84/0x1f50 [ 728.201674][T16459] ? __pfx_guard_install_set_pte+0x10/0x10 [ 728.201692][T16459] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 728.201713][T16459] ? __pfx_guard_install_set_pte+0x10/0x10 [ 728.201734][T16459] ? __pfx_guard_install_set_pte+0x10/0x10 [ 728.201753][T16459] ? __pfx_guard_install_set_pte+0x10/0x10 [ 728.201772][T16459] ? __pfx_walk_pgd_range+0x10/0x10 [ 728.201794][T16459] __walk_page_range+0x163/0x820 [ 728.201814][T16459] ? find_vma+0xbf/0x140 [ 728.201831][T16459] ? __pfx_find_vma+0x10/0x10 [ 728.201851][T16459] ? walk_page_test+0x9b/0x180 [ 728.201869][T16459] walk_page_range_mm+0x461/0xb40 [ 728.201890][T16459] ? __pfx_walk_page_range_mm+0x10/0x10 [ 728.201912][T16459] ? __anon_vma_prepare+0x2e2/0x5e0 [ 728.201930][T16459] madvise_vma_behavior+0xa62/0x2d60 [ 728.201953][T16459] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 728.201974][T16459] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 728.201996][T16459] ? __pfx_mas_prev+0x10/0x10 [ 728.202021][T16459] ? find_vma_prev+0xda/0x160 [ 728.202040][T16459] ? find_held_lock+0x2b/0x80 [ 728.202054][T16459] ? __pfx_find_vma_prev+0x10/0x10 [ 728.202073][T16459] ? futex_unqueue+0x133/0x2c0 [ 728.202095][T16459] ? __futex_wait+0x24c/0x2f0 [ 728.202117][T16459] madvise_walk_vmas+0x31f/0x9c0 [ 728.202140][T16459] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 728.202166][T16459] madvise_do_behavior+0x1e2/0x530 [ 728.202185][T16459] ? futex_private_hash_put+0x18a/0x300 [ 728.202203][T16459] ? __pfx_madvise_do_behavior+0x10/0x10 [ 728.202224][T16459] ? down_read+0x13d/0x480 [ 728.202247][T16459] do_madvise+0x176/0x240 [ 728.202266][T16459] ? __pfx_do_madvise+0x10/0x10 [ 728.202285][T16459] ? do_futex+0x122/0x350 [ 728.202315][T16459] ? xfd_validate_state+0x61/0x180 [ 728.202334][T16459] ? __pfx_ksys_write+0x10/0x10 [ 728.202355][T16459] __x64_sys_madvise+0xa9/0x110 [ 728.202375][T16459] ? lockdep_hardirqs_on+0x7c/0x110 [ 728.202394][T16459] do_syscall_64+0xcd/0x4c0 [ 728.202409][T16459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.202424][T16459] RIP: 0033:0x7f4fbe78eec9 [ 728.202437][T16459] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 728.202452][T16459] RSP: 002b:00007f4fbf562038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 728.202472][T16459] RAX: ffffffffffffffda RBX: 00007f4fbe9e5fa0 RCX: 00007f4fbe78eec9 [ 728.202483][T16459] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 728.202492][T16459] RBP: 00007f4fbe811f91 R08: 0000000000000000 R09: 0000000000000000 [ 728.202502][T16459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 728.202511][T16459] R13: 00007f4fbe9e6038 R14: 00007f4fbe9e5fa0 R15: 00007ffec34fd9b8 [ 728.202530][T16459] [ 728.233535][ T30] audit: type=1800 audit(4294968062.938:75): pid=16454 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2001" name="features" dev="configfs" ino=56385 res=0 errno=0 [ 728.910554][T14677] Bluetooth: hci5: command tx timeout [ 728.954798][ T30] audit: type=1800 audit(4294968063.638:76): pid=16466 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2002" name="features" dev="configfs" ino=56393 res=0 errno=0 [ 728.988001][T16468] FAULT_INJECTION: forcing a failure. [ 728.988001][T16468] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 729.012672][T16468] CPU: 0 UID: 0 PID: 16468 Comm: syz.2.2003 Not tainted syzkaller #0 PREEMPT(full) [ 729.012710][T16468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 729.012727][T16468] Call Trace: [ 729.012737][T16468] [ 729.012748][T16468] dump_stack_lvl+0x16c/0x1f0 [ 729.012792][T16468] should_fail_ex+0x512/0x640 [ 729.012837][T16468] should_fail_alloc_page+0xe7/0x130 [ 729.012875][T16468] prepare_alloc_pages+0x3c2/0x610 [ 729.012920][T16468] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 729.012953][T16468] ? stack_trace_save+0x8e/0xc0 [ 729.012984][T16468] ? __pfx_stack_trace_save+0x10/0x10 [ 729.013011][T16468] ? rcu_is_watching+0x12/0xc0 [ 729.013039][T16468] ? stack_depot_save_flags+0x29/0x9c0 [ 729.013086][T16468] ? kasan_save_stack+0x42/0x60 [ 729.013114][T16468] ? kasan_save_stack+0x33/0x60 [ 729.013143][T16468] ? kasan_save_track+0x14/0x30 [ 729.013173][T16468] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 729.013203][T16468] ? walk_pgd_range+0x88b/0x1f50 [ 729.013233][T16468] ? walk_page_range_mm+0x461/0xb40 [ 729.013265][T16468] ? madvise_walk_vmas+0x31f/0x9c0 [ 729.013300][T16468] ? madvise_do_behavior+0x1e2/0x530 [ 729.013335][T16468] ? do_madvise+0x176/0x240 [ 729.013368][T16468] ? __x64_sys_madvise+0xa9/0x110 [ 729.013403][T16468] ? do_syscall_64+0xcd/0x4c0 [ 729.013432][T16468] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.013477][T16468] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 729.013520][T16468] ? policy_nodemask+0xea/0x4e0 [ 729.013562][T16468] alloc_pages_mpol+0x1fb/0x550 [ 729.013599][T16468] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 729.013644][T16468] alloc_pages_noprof+0x131/0x390 [ 729.013681][T16468] pte_alloc_one+0x1c/0x3a0 [ 729.013711][T16468] __pte_alloc+0x6d/0x3c0 [ 729.013746][T16468] ? __pfx___pte_alloc+0x10/0x10 [ 729.013782][T16468] ? _raw_spin_unlock+0x28/0x50 [ 729.013816][T16468] ? __pmd_alloc+0x3fb/0x930 [ 729.013858][T16468] walk_pgd_range+0xb84/0x1f50 [ 729.013895][T16468] ? __pfx_guard_install_set_pte+0x10/0x10 [ 729.013930][T16468] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 729.013967][T16468] ? __pfx_guard_install_set_pte+0x10/0x10 [ 729.014007][T16468] ? __pfx_guard_install_set_pte+0x10/0x10 [ 729.014043][T16468] ? __pfx_guard_install_set_pte+0x10/0x10 [ 729.014079][T16468] ? __pfx_walk_pgd_range+0x10/0x10 [ 729.014123][T16468] __walk_page_range+0x163/0x820 [ 729.014158][T16468] ? find_vma+0xbf/0x140 [ 729.014190][T16468] ? __pfx_find_vma+0x10/0x10 [ 729.014227][T16468] ? walk_page_test+0x9b/0x180 [ 729.014261][T16468] walk_page_range_mm+0x461/0xb40 [ 729.014301][T16468] ? __pfx_walk_page_range_mm+0x10/0x10 [ 729.014356][T16468] ? __anon_vma_prepare+0x2e2/0x5e0 [ 729.014391][T16468] madvise_vma_behavior+0xa62/0x2d60 [ 729.014441][T16468] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 729.014487][T16468] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 729.014530][T16468] ? __pfx_mas_prev+0x10/0x10 [ 729.014578][T16468] ? find_vma_prev+0xda/0x160 [ 729.014613][T16468] ? find_held_lock+0x2b/0x80 [ 729.014639][T16468] ? __pfx_find_vma_prev+0x10/0x10 [ 729.014675][T16468] ? futex_unqueue+0x133/0x2c0 [ 729.014716][T16468] ? __futex_wait+0x24c/0x2f0 [ 729.014759][T16468] madvise_walk_vmas+0x31f/0x9c0 [ 729.014804][T16468] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 729.014853][T16468] madvise_do_behavior+0x1e2/0x530 [ 729.014889][T16468] ? futex_private_hash_put+0x18a/0x300 [ 729.014922][T16468] ? __pfx_madvise_do_behavior+0x10/0x10 [ 729.014961][T16468] ? down_read+0x13d/0x480 [ 729.015005][T16468] do_madvise+0x176/0x240 [ 729.015042][T16468] ? __pfx_do_madvise+0x10/0x10 [ 729.015077][T16468] ? do_futex+0x122/0x350 [ 729.015135][T16468] ? xfd_validate_state+0x61/0x180 [ 729.015171][T16468] ? __pfx_ksys_write+0x10/0x10 [ 729.015208][T16468] __x64_sys_madvise+0xa9/0x110 [ 729.015244][T16468] ? lockdep_hardirqs_on+0x7c/0x110 [ 729.015282][T16468] do_syscall_64+0xcd/0x4c0 [ 729.015309][T16468] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.015336][T16468] RIP: 0033:0x7fe3b078eec9 [ 729.015359][T16468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 729.015385][T16468] RSP: 002b:00007fe3b157c038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 729.015410][T16468] RAX: ffffffffffffffda RBX: 00007fe3b09e5fa0 RCX: 00007fe3b078eec9 [ 729.015435][T16468] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 729.015452][T16468] RBP: 00007fe3b0811f91 R08: 0000000000000000 R09: 0000000000000000 [ 729.015469][T16468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 729.015486][T16468] R13: 00007fe3b09e6038 R14: 00007fe3b09e5fa0 R15: 00007ffcc4f4ee58 [ 729.015524][T16468] [ 729.523722][T16436] bridge0: port 1(bridge_slave_0) entered blocking state [ 729.531870][T16436] bridge0: port 1(bridge_slave_0) entered disabled state [ 729.539104][T16436] bridge_slave_0: entered allmulticast mode [ 729.546166][T16436] bridge_slave_0: entered promiscuous mode [ 729.557073][T16436] bridge0: port 2(bridge_slave_1) entered blocking state [ 729.564582][T16436] bridge0: port 2(bridge_slave_1) entered disabled state [ 729.574809][T16436] bridge_slave_1: entered allmulticast mode [ 729.586849][T16436] bridge_slave_1: entered promiscuous mode [ 729.639497][T16436] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 729.779047][ T30] audit: type=1800 audit(4294968064.478:77): pid=16470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2003" name="features" dev="configfs" ino=56421 res=0 errno=0 [ 729.779919][T16436] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 730.233977][T16436] team0: Port device team_slave_0 added [ 730.243672][T16436] team0: Port device team_slave_1 added [ 730.498976][T16436] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 730.508626][T16436] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 730.576559][T16436] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 730.608646][T16436] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 730.630539][T16436] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 730.718676][T16436] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 730.884117][T16486] netlink: 146 bytes leftover after parsing attributes in process `syz.0.2009'. [ 730.980795][T14677] Bluetooth: hci5: command tx timeout [ 730.986326][T16436] hsr_slave_0: entered promiscuous mode [ 731.028118][T16436] hsr_slave_1: entered promiscuous mode [ 731.058573][T16436] debugfs: 'hsr0' already exists in 'hsr' [ 731.072567][T16488] random: crng reseeded on system resumption [ 731.079278][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 731.082162][T16436] Cannot create hsr debugfs directory [ 731.127016][T14832] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:7: iget: checksum invalid [ 731.138682][T14711] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 731.168047][T14832] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 731.183733][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 731.235834][T14832] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:7: iget: checksum invalid [ 731.247755][T14711] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 731.266399][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 731.281644][T14832] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 731.292145][T14832] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:7: iget: checksum invalid [ 731.303594][T14711] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 731.323139][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 731.334640][T14832] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 731.352274][T14832] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:7: iget: checksum invalid [ 731.363721][T14711] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 731.372806][T14711] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 731.388672][T14832] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 731.398281][T14711] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 731.420100][T14832] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 731.435616][T14832] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 731.668147][T16436] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 731.685626][T16436] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 731.731082][T16436] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 731.965032][T16436] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 732.114467][T16436] 8021q: adding VLAN 0 to HW filter on device bond0 [ 732.140129][T16436] 8021q: adding VLAN 0 to HW filter on device team0 [ 732.153240][T14680] bridge0: port 1(bridge_slave_0) entered blocking state [ 732.160379][T14680] bridge0: port 1(bridge_slave_0) entered forwarding state [ 732.174792][T14680] bridge0: port 2(bridge_slave_1) entered blocking state [ 732.181939][T14680] bridge0: port 2(bridge_slave_1) entered forwarding state [ 732.363624][T16509] FAULT_INJECTION: forcing a failure. [ 732.363624][T16509] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 732.377052][T16509] CPU: 1 UID: 0 PID: 16509 Comm: syz.5.2011 Not tainted syzkaller #0 PREEMPT(full) [ 732.377088][T16509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 732.377105][T16509] Call Trace: [ 732.377115][T16509] [ 732.377125][T16509] dump_stack_lvl+0x16c/0x1f0 [ 732.377170][T16509] should_fail_ex+0x512/0x640 [ 732.377215][T16509] _copy_from_user+0x2e/0xd0 [ 732.377253][T16509] do_pages_stat+0x24c/0x820 [ 732.377305][T16509] ? __pfx_do_pages_stat+0x10/0x10 [ 732.377373][T16509] ? do_raw_spin_unlock+0x172/0x230 [ 732.377419][T16509] kernel_move_pages+0xfa8/0x1380 [ 732.377462][T16509] ? do_futex+0x122/0x350 [ 732.377496][T16509] ? __pfx_do_futex+0x10/0x10 [ 732.377530][T16509] ? __pfx_kernel_move_pages+0x10/0x10 [ 732.377574][T16509] ? __x64_sys_futex+0x1e0/0x4c0 [ 732.377605][T16509] ? __x64_sys_futex+0x1e9/0x4c0 [ 732.377644][T16509] ? xfd_validate_state+0x61/0x180 [ 732.377680][T16509] ? __pfx_do_writev+0x10/0x10 [ 732.377713][T16509] __x64_sys_move_pages+0xe0/0x1c0 [ 732.377751][T16509] ? do_syscall_64+0x91/0x4c0 [ 732.377773][T16509] ? lockdep_hardirqs_on+0x7c/0x110 [ 732.377810][T16509] do_syscall_64+0xcd/0x4c0 [ 732.377836][T16509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.377863][T16509] RIP: 0033:0x7f3d0338eec9 [ 732.377885][T16509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 732.377911][T16509] RSP: 002b:00007f3d04210038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 732.377936][T16509] RAX: ffffffffffffffda RBX: 00007f3d035e6090 RCX: 00007f3d0338eec9 [ 732.377954][T16509] RDX: 0000000000000000 RSI: 0002000000000003 RDI: 0000000000000001 [ 732.377969][T16509] RBP: 00007f3d03411f91 R08: 0000000000000000 R09: 8000400000000000 [ 732.377986][T16509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 732.378002][T16509] R13: 00007f3d035e6128 R14: 00007f3d035e6090 R15: 00007fff98a243c8 [ 732.378038][T16509] [ 732.586065][T16436] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 732.963796][T16436] veth0_vlan: entered promiscuous mode [ 732.978330][T16436] veth1_vlan: entered promiscuous mode [ 733.032239][T16436] veth0_macvtap: entered promiscuous mode [ 733.043328][T16436] veth1_macvtap: entered promiscuous mode [ 733.066817][T14677] Bluetooth: hci5: command tx timeout [ 733.084808][T16436] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 733.104249][T16436] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 733.128204][T15216] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 733.160812][T15216] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 733.182250][T15216] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 733.224577][T14811] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.140904][T14677] Bluetooth: hci5: command tx timeout [ 741.550396][T14832] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 741.559170][T14832] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 741.707932][T14832] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 741.737084][T16525] sd 0:0:1:0: PR command failed: 1026 [ 741.742862][T16525] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 741.750322][T16525] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 741.780591][T14832] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 742.613757][T16541] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 745.291738][ C0] vcan0: j1939_tp_rxtimer: 0xffff88814738fc00: rx timeout, send abort [ 745.304512][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88814738fc00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 745.623059][T16605] FAULT_INJECTION: forcing a failure. [ 745.623059][T16605] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 745.692261][T16605] CPU: 1 UID: 0 PID: 16605 Comm: syz.2.2023 Not tainted syzkaller #0 PREEMPT(full) [ 745.692297][T16605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 745.692312][T16605] Call Trace: [ 745.692322][T16605] [ 745.692333][T16605] dump_stack_lvl+0x16c/0x1f0 [ 745.692378][T16605] should_fail_ex+0x512/0x640 [ 745.692422][T16605] should_fail_alloc_page+0xe7/0x130 [ 745.692458][T16605] prepare_alloc_pages+0x3c2/0x610 [ 745.692502][T16605] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 745.692533][T16605] ? stack_trace_save+0x8e/0xc0 [ 745.692562][T16605] ? __pfx_stack_trace_save+0x10/0x10 [ 745.692589][T16605] ? rcu_is_watching+0x12/0xc0 [ 745.692616][T16605] ? stack_depot_save_flags+0x29/0x9c0 [ 745.692663][T16605] ? kasan_save_stack+0x42/0x60 [ 745.692691][T16605] ? kasan_save_stack+0x33/0x60 [ 745.692718][T16605] ? kasan_save_track+0x14/0x30 [ 745.692748][T16605] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 745.692778][T16605] ? walk_pgd_range+0x88b/0x1f50 [ 745.692808][T16605] ? walk_page_range_mm+0x461/0xb40 [ 745.692838][T16605] ? madvise_walk_vmas+0x31f/0x9c0 [ 745.692872][T16605] ? madvise_do_behavior+0x1e2/0x530 [ 745.692905][T16605] ? do_madvise+0x176/0x240 [ 745.692937][T16605] ? __x64_sys_madvise+0xa9/0x110 [ 745.692968][T16605] ? do_syscall_64+0xcd/0x4c0 [ 745.692987][T16605] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.693027][T16605] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 745.693066][T16605] ? policy_nodemask+0xea/0x4e0 [ 745.693099][T16605] alloc_pages_mpol+0x1fb/0x550 [ 745.693130][T16605] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 745.693196][T16605] alloc_pages_noprof+0x131/0x390 [ 745.693230][T16605] pte_alloc_one+0x1c/0x3a0 [ 745.693256][T16605] __pte_alloc+0x6d/0x3c0 [ 745.693290][T16605] ? __pfx___pte_alloc+0x10/0x10 [ 745.693323][T16605] ? _raw_spin_unlock+0x28/0x50 [ 745.693356][T16605] ? __pmd_alloc+0x3fb/0x930 [ 745.693393][T16605] walk_pgd_range+0xb84/0x1f50 [ 745.693428][T16605] ? __pfx_guard_install_set_pte+0x10/0x10 [ 745.693457][T16605] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 745.693490][T16605] ? __pfx_guard_install_set_pte+0x10/0x10 [ 745.693525][T16605] ? __pfx_guard_install_set_pte+0x10/0x10 [ 745.693555][T16605] ? __pfx_guard_install_set_pte+0x10/0x10 [ 745.693586][T16605] ? __pfx_walk_pgd_range+0x10/0x10 [ 745.693624][T16605] __walk_page_range+0x163/0x820 [ 745.693655][T16605] ? find_vma+0xbf/0x140 [ 745.693685][T16605] ? __pfx_find_vma+0x10/0x10 [ 745.693717][T16605] ? walk_page_test+0x9b/0x180 [ 745.693746][T16605] walk_page_range_mm+0x461/0xb40 [ 745.693780][T16605] ? __pfx_walk_page_range_mm+0x10/0x10 [ 745.693821][T16605] ? __anon_vma_prepare+0x2e2/0x5e0 [ 745.693853][T16605] madvise_vma_behavior+0xa62/0x2d60 [ 745.693892][T16605] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 745.693934][T16605] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 745.693975][T16605] ? __pfx_mas_prev+0x10/0x10 [ 745.694019][T16605] ? find_vma_prev+0xda/0x160 [ 745.694049][T16605] ? find_held_lock+0x2b/0x80 [ 745.694074][T16605] ? __pfx_find_vma_prev+0x10/0x10 [ 745.694110][T16605] ? futex_unqueue+0x133/0x2c0 [ 745.694156][T16605] ? __futex_wait+0x24c/0x2f0 [ 745.694200][T16605] madvise_walk_vmas+0x31f/0x9c0 [ 745.694240][T16605] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 745.694285][T16605] madvise_do_behavior+0x1e2/0x530 [ 745.694321][T16605] ? futex_private_hash_put+0x18a/0x300 [ 745.694351][T16605] ? __pfx_madvise_do_behavior+0x10/0x10 [ 745.694388][T16605] ? down_read+0x13d/0x480 [ 745.694429][T16605] do_madvise+0x176/0x240 [ 745.694466][T16605] ? __pfx_do_madvise+0x10/0x10 [ 745.694501][T16605] ? do_futex+0x122/0x350 [ 745.694555][T16605] ? xfd_validate_state+0x61/0x180 [ 745.694591][T16605] ? __pfx_ksys_write+0x10/0x10 [ 745.694630][T16605] __x64_sys_madvise+0xa9/0x110 [ 745.694665][T16605] ? lockdep_hardirqs_on+0x7c/0x110 [ 745.694700][T16605] do_syscall_64+0xcd/0x4c0 [ 745.694725][T16605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.694752][T16605] RIP: 0033:0x7fe3b078eec9 [ 745.694776][T16605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 745.694803][T16605] RSP: 002b:00007fe3b157c038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 745.694828][T16605] RAX: ffffffffffffffda RBX: 00007fe3b09e5fa0 RCX: 00007fe3b078eec9 [ 745.694847][T16605] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 745.694865][T16605] RBP: 00007fe3b0811f91 R08: 0000000000000000 R09: 0000000000000000 [ 745.694882][T16605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.694900][T16605] R13: 00007fe3b09e6038 R14: 00007fe3b09e5fa0 R15: 00007ffcc4f4ee58 [ 745.694939][T16605] [ 746.592772][ C0] vcan0: j1939_tp_rxtimer: 0xffff88814e7a2c00: rx timeout, send abort [ 746.601301][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88814e7a2c00: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 746.757751][ T30] audit: type=1800 audit(4294968081.458:78): pid=16617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2023" name="features" dev="configfs" ino=56140 res=0 errno=0 [ 747.237226][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.243739][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 747.377535][T14428] svc: failed to register nfsdv3 RPC service (errno 512). [ 747.507353][T14428] svc: failed to register nfsaclv3 RPC service (errno 512). [ 747.656127][T16625] zswap: compressor not available [ 748.228636][T16616] kexec: Could not allocate control_code_buffer [ 750.489058][T16682] ptrace attach of "./syz-executor exec"[16685] was attempted by "./syz-executor exec"[16682] [ 751.645897][T16691] FAULT_INJECTION: forcing a failure. [ 751.645897][T16691] name failslab, interval 1, probability 0, space 0, times 0 [ 751.658952][T16691] CPU: 0 UID: 0 PID: 16691 Comm: syz.6.2043 Not tainted syzkaller #0 PREEMPT(full) [ 751.658975][T16691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 751.658984][T16691] Call Trace: [ 751.658990][T16691] [ 751.658996][T16691] dump_stack_lvl+0x16c/0x1f0 [ 751.659023][T16691] should_fail_ex+0x512/0x640 [ 751.659044][T16691] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 751.659062][T16691] should_failslab+0xc2/0x120 [ 751.659082][T16691] __kmalloc_cache_noprof+0x6a/0x3e0 [ 751.659097][T16691] ? sctp_auth_init+0x30d/0x570 [ 751.659122][T16691] sctp_auth_init+0x30d/0x570 [ 751.659144][T16691] sctp_setsockopt+0xa371/0xb870 [ 751.659163][T16691] ? __pfx_sctp_setsockopt+0x10/0x10 [ 751.659177][T16691] ? find_held_lock+0x2b/0x80 [ 751.659194][T16691] ? aa_sock_opt_perm+0xfd/0x1c0 [ 751.659209][T16691] ? sock_common_setsockopt+0x2e/0xf0 [ 751.659224][T16691] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 751.659240][T16691] do_sock_setsockopt+0xf3/0x1d0 [ 751.659258][T16691] __sys_setsockopt+0x120/0x1a0 [ 751.659281][T16691] __x64_sys_setsockopt+0xbd/0x160 [ 751.659299][T16691] ? do_syscall_64+0x91/0x4c0 [ 751.659312][T16691] ? lockdep_hardirqs_on+0x7c/0x110 [ 751.659332][T16691] do_syscall_64+0xcd/0x4c0 [ 751.659346][T16691] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.659361][T16691] RIP: 0033:0x7f24c3f8eec9 [ 751.659374][T16691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 751.659388][T16691] RSP: 002b:00007f24c4d60038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 751.659402][T16691] RAX: ffffffffffffffda RBX: 00007f24c41e5fa0 RCX: 00007f24c3f8eec9 [ 751.659412][T16691] RDX: 0000000000000081 RSI: 0000010000000084 RDI: 0000000000000003 [ 751.659421][T16691] RBP: 00007f24c4011f91 R08: 0000000000000008 R09: 0000000000000000 [ 751.659430][T16691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 751.659439][T16691] R13: 00007f24c41e6038 R14: 00007f24c41e5fa0 R15: 00007fffebabb038 [ 751.659458][T16691] [ 751.861458][ C0] vkms_vblank_simulate: vblank timer overrun [ 752.066846][T16709] netlink: 'syz.2.2047': attribute type 19 has an invalid length. [ 752.093112][T16709] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2047'. [ 752.222355][T16712] FAULT_INJECTION: forcing a failure. [ 752.222355][T16712] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 752.256448][T16712] CPU: 1 UID: 0 PID: 16712 Comm: syz.5.2048 Not tainted syzkaller #0 PREEMPT(full) [ 752.256487][T16712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 752.256505][T16712] Call Trace: [ 752.256515][T16712] [ 752.256525][T16712] dump_stack_lvl+0x16c/0x1f0 [ 752.256570][T16712] should_fail_ex+0x512/0x640 [ 752.256613][T16712] should_fail_alloc_page+0xe7/0x130 [ 752.256651][T16712] prepare_alloc_pages+0x3c2/0x610 [ 752.256695][T16712] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 752.256722][T16712] ? stack_trace_save+0x8e/0xc0 [ 752.256759][T16712] ? __pfx_stack_trace_save+0x10/0x10 [ 752.256788][T16712] ? rcu_is_watching+0x12/0xc0 [ 752.256816][T16712] ? stack_depot_save_flags+0x29/0x9c0 [ 752.256859][T16712] ? kasan_save_stack+0x42/0x60 [ 752.256890][T16712] ? kasan_save_stack+0x33/0x60 [ 752.256917][T16712] ? kasan_save_track+0x14/0x30 [ 752.256946][T16712] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 752.256978][T16712] ? walk_pgd_range+0x88b/0x1f50 [ 752.257008][T16712] ? walk_page_range_mm+0x461/0xb40 [ 752.257039][T16712] ? madvise_walk_vmas+0x31f/0x9c0 [ 752.257072][T16712] ? madvise_do_behavior+0x1e2/0x530 [ 752.257104][T16712] ? do_madvise+0x176/0x240 [ 752.257137][T16712] ? __x64_sys_madvise+0xa9/0x110 [ 752.257172][T16712] ? do_syscall_64+0xcd/0x4c0 [ 752.257195][T16712] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.257238][T16712] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 752.257277][T16712] ? policy_nodemask+0xea/0x4e0 [ 752.257314][T16712] alloc_pages_mpol+0x1fb/0x550 [ 752.257351][T16712] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 752.257397][T16712] alloc_pages_noprof+0x131/0x390 [ 752.257431][T16712] pte_alloc_one+0x1c/0x3a0 [ 752.257460][T16712] __pte_alloc+0x6d/0x3c0 [ 752.257493][T16712] ? __pfx___pte_alloc+0x10/0x10 [ 752.257529][T16712] ? _raw_spin_unlock+0x28/0x50 [ 752.257562][T16712] ? __pmd_alloc+0x3fb/0x930 [ 752.257603][T16712] walk_pgd_range+0xb84/0x1f50 [ 752.257638][T16712] ? __pfx_guard_install_set_pte+0x10/0x10 [ 752.257672][T16712] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 752.257706][T16712] ? __pfx_guard_install_set_pte+0x10/0x10 [ 752.257754][T16712] ? __pfx_guard_install_set_pte+0x10/0x10 [ 752.257789][T16712] ? __pfx_guard_install_set_pte+0x10/0x10 [ 752.257824][T16712] ? __pfx_walk_pgd_range+0x10/0x10 [ 752.257868][T16712] __walk_page_range+0x163/0x820 [ 752.257905][T16712] ? find_vma+0xbf/0x140 [ 752.257937][T16712] ? __pfx_find_vma+0x10/0x10 [ 752.257974][T16712] ? walk_page_test+0x9b/0x180 [ 752.258008][T16712] walk_page_range_mm+0x461/0xb40 [ 752.258047][T16712] ? __pfx_walk_page_range_mm+0x10/0x10 [ 752.258090][T16712] ? __anon_vma_prepare+0x2e2/0x5e0 [ 752.258124][T16712] madvise_vma_behavior+0xa62/0x2d60 [ 752.258165][T16712] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 752.258204][T16712] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 752.258244][T16712] ? __pfx_mas_prev+0x10/0x10 [ 752.258284][T16712] ? find_vma_prev+0xda/0x160 [ 752.258316][T16712] ? find_held_lock+0x2b/0x80 [ 752.258342][T16712] ? __pfx_find_vma_prev+0x10/0x10 [ 752.258378][T16712] ? futex_unqueue+0x133/0x2c0 [ 752.258420][T16712] ? __futex_wait+0x24c/0x2f0 [ 752.258457][T16712] madvise_walk_vmas+0x31f/0x9c0 [ 752.258498][T16712] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 752.258543][T16712] madvise_do_behavior+0x1e2/0x530 [ 752.258578][T16712] ? futex_private_hash_put+0x18a/0x300 [ 752.258611][T16712] ? __pfx_madvise_do_behavior+0x10/0x10 [ 752.258649][T16712] ? down_read+0x13d/0x480 [ 752.258691][T16712] do_madvise+0x176/0x240 [ 752.258740][T16712] ? __pfx_do_madvise+0x10/0x10 [ 752.258777][T16712] ? do_futex+0x122/0x350 [ 752.258836][T16712] ? xfd_validate_state+0x61/0x180 [ 752.258870][T16712] ? __pfx_ksys_write+0x10/0x10 [ 752.258906][T16712] __x64_sys_madvise+0xa9/0x110 [ 752.258939][T16712] ? lockdep_hardirqs_on+0x7c/0x110 [ 752.258975][T16712] do_syscall_64+0xcd/0x4c0 [ 752.259001][T16712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.259027][T16712] RIP: 0033:0x7f3d0338eec9 [ 752.259048][T16712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.259074][T16712] RSP: 002b:00007f3d04231038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 752.259099][T16712] RAX: ffffffffffffffda RBX: 00007f3d035e5fa0 RCX: 00007f3d0338eec9 [ 752.259117][T16712] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 752.259133][T16712] RBP: 00007f3d03411f91 R08: 0000000000000000 R09: 0000000000000000 [ 752.259149][T16712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 752.259166][T16712] R13: 00007f3d035e6038 R14: 00007f3d035e5fa0 R15: 00007fff98a243c8 [ 752.259202][T16712] [ 752.878057][T16719] FAULT_INJECTION: forcing a failure. [ 752.878057][T16719] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 752.891660][T16719] CPU: 1 UID: 0 PID: 16719 Comm: syz.6.2049 Not tainted syzkaller #0 PREEMPT(full) [ 752.891697][T16719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 752.891714][T16719] Call Trace: [ 752.891725][T16719] [ 752.891736][T16719] dump_stack_lvl+0x16c/0x1f0 [ 752.891782][T16719] should_fail_ex+0x512/0x640 [ 752.891827][T16719] should_fail_alloc_page+0xe7/0x130 [ 752.891863][T16719] prepare_alloc_pages+0x3c2/0x610 [ 752.891908][T16719] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 752.891941][T16719] ? stack_trace_save+0x8e/0xc0 [ 752.891970][T16719] ? __pfx_stack_trace_save+0x10/0x10 [ 752.891998][T16719] ? rcu_is_watching+0x12/0xc0 [ 752.892025][T16719] ? stack_depot_save_flags+0x29/0x9c0 [ 752.892071][T16719] ? kasan_save_stack+0x42/0x60 [ 752.892099][T16719] ? kasan_save_stack+0x33/0x60 [ 752.892127][T16719] ? kasan_save_track+0x14/0x30 [ 752.892156][T16719] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 752.892186][T16719] ? walk_pgd_range+0x88b/0x1f50 [ 752.892216][T16719] ? walk_page_range_mm+0x461/0xb40 [ 752.892247][T16719] ? madvise_walk_vmas+0x31f/0x9c0 [ 752.892281][T16719] ? madvise_do_behavior+0x1e2/0x530 [ 752.892315][T16719] ? do_madvise+0x176/0x240 [ 752.892347][T16719] ? __x64_sys_madvise+0xa9/0x110 [ 752.892381][T16719] ? do_syscall_64+0xcd/0x4c0 [ 752.892402][T16719] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.892455][T16719] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 752.892496][T16719] ? policy_nodemask+0xea/0x4e0 [ 752.892531][T16719] alloc_pages_mpol+0x1fb/0x550 [ 752.892568][T16719] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 752.892612][T16719] alloc_pages_noprof+0x131/0x390 [ 752.892648][T16719] pte_alloc_one+0x1c/0x3a0 [ 752.892677][T16719] __pte_alloc+0x6d/0x3c0 [ 752.892710][T16719] ? __pfx___pte_alloc+0x10/0x10 [ 752.892745][T16719] ? _raw_spin_unlock+0x28/0x50 [ 752.892777][T16719] ? __pmd_alloc+0x3fb/0x930 [ 752.892817][T16719] walk_pgd_range+0xb84/0x1f50 [ 752.892854][T16719] ? __pfx_guard_install_set_pte+0x10/0x10 [ 752.892888][T16719] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 752.892924][T16719] ? __pfx_guard_install_set_pte+0x10/0x10 [ 752.892963][T16719] ? __pfx_guard_install_set_pte+0x10/0x10 [ 752.892998][T16719] ? __pfx_guard_install_set_pte+0x10/0x10 [ 752.893033][T16719] ? __pfx_walk_pgd_range+0x10/0x10 [ 752.893076][T16719] __walk_page_range+0x163/0x820 [ 752.893112][T16719] ? find_vma+0xbf/0x140 [ 752.893143][T16719] ? __pfx_find_vma+0x10/0x10 [ 752.893180][T16719] ? walk_page_test+0x9b/0x180 [ 752.893213][T16719] walk_page_range_mm+0x461/0xb40 [ 752.893251][T16719] ? __pfx_walk_page_range_mm+0x10/0x10 [ 752.893294][T16719] ? __anon_vma_prepare+0x2e2/0x5e0 [ 752.893328][T16719] madvise_vma_behavior+0xa62/0x2d60 [ 752.893368][T16719] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 752.893407][T16719] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 752.893454][T16719] ? __pfx_mas_prev+0x10/0x10 [ 752.893503][T16719] ? find_vma_prev+0xda/0x160 [ 752.893538][T16719] ? find_held_lock+0x2b/0x80 [ 752.893565][T16719] ? __pfx_find_vma_prev+0x10/0x10 [ 752.893601][T16719] ? futex_unqueue+0x133/0x2c0 [ 752.893643][T16719] ? __futex_wait+0x24c/0x2f0 [ 752.893684][T16719] madvise_walk_vmas+0x31f/0x9c0 [ 752.893728][T16719] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 752.893776][T16719] madvise_do_behavior+0x1e2/0x530 [ 752.893811][T16719] ? futex_private_hash_put+0x18a/0x300 [ 752.893844][T16719] ? __pfx_madvise_do_behavior+0x10/0x10 [ 752.893883][T16719] ? down_read+0x13d/0x480 [ 752.893926][T16719] do_madvise+0x176/0x240 [ 752.893961][T16719] ? __pfx_do_madvise+0x10/0x10 [ 752.893995][T16719] ? do_futex+0x122/0x350 [ 752.894052][T16719] ? xfd_validate_state+0x61/0x180 [ 752.894088][T16719] ? __pfx_ksys_write+0x10/0x10 [ 752.894125][T16719] __x64_sys_madvise+0xa9/0x110 [ 752.894161][T16719] ? lockdep_hardirqs_on+0x7c/0x110 [ 752.894197][T16719] do_syscall_64+0xcd/0x4c0 [ 752.894224][T16719] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.894251][T16719] RIP: 0033:0x7f24c3f8eec9 [ 752.894273][T16719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.894300][T16719] RSP: 002b:00007f24c4d60038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 752.894326][T16719] RAX: ffffffffffffffda RBX: 00007f24c41e5fa0 RCX: 00007f24c3f8eec9 [ 752.894345][T16719] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 752.894362][T16719] RBP: 00007f24c4011f91 R08: 0000000000000000 R09: 0000000000000000 [ 752.894379][T16719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 752.894396][T16719] R13: 00007f24c41e6038 R14: 00007f24c41e5fa0 R15: 00007fffebabb038 [ 752.894439][T16719] [ 753.564942][ T30] audit: type=1800 audit(4294968088.188:79): pid=16722 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2048" name="features" dev="configfs" ino=57421 res=0 errno=0 [ 753.789804][T16733] FAULT_INJECTION: forcing a failure. [ 753.789804][T16733] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 753.803223][T16733] CPU: 1 UID: 0 PID: 16733 Comm: syz.5.2052 Not tainted syzkaller #0 PREEMPT(full) [ 753.803245][T16733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 753.803255][T16733] Call Trace: [ 753.803262][T16733] [ 753.803269][T16733] dump_stack_lvl+0x16c/0x1f0 [ 753.803296][T16733] should_fail_ex+0x512/0x640 [ 753.803345][T16733] should_fail_alloc_page+0xe7/0x130 [ 753.803367][T16733] prepare_alloc_pages+0x3c2/0x610 [ 753.803391][T16733] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 753.803409][T16733] ? stack_trace_save+0x8e/0xc0 [ 753.803425][T16733] ? __pfx_stack_trace_save+0x10/0x10 [ 753.803441][T16733] ? rcu_is_watching+0x12/0xc0 [ 753.803455][T16733] ? stack_depot_save_flags+0x29/0x9c0 [ 753.803480][T16733] ? kasan_save_stack+0x42/0x60 [ 753.803495][T16733] ? kasan_save_stack+0x33/0x60 [ 753.803510][T16733] ? kasan_save_track+0x14/0x30 [ 753.803525][T16733] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 753.803542][T16733] ? walk_pgd_range+0x88b/0x1f50 [ 753.803558][T16733] ? walk_page_range_mm+0x461/0xb40 [ 753.803575][T16733] ? madvise_walk_vmas+0x31f/0x9c0 [ 753.803593][T16733] ? madvise_do_behavior+0x1e2/0x530 [ 753.803612][T16733] ? do_madvise+0x176/0x240 [ 753.803629][T16733] ? __x64_sys_madvise+0xa9/0x110 [ 753.803648][T16733] ? do_syscall_64+0xcd/0x4c0 [ 753.803660][T16733] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.803682][T16733] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 753.803704][T16733] ? policy_nodemask+0xea/0x4e0 [ 753.803724][T16733] alloc_pages_mpol+0x1fb/0x550 [ 753.803744][T16733] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 753.803768][T16733] alloc_pages_noprof+0x131/0x390 [ 753.803787][T16733] pte_alloc_one+0x1c/0x3a0 [ 753.803803][T16733] __pte_alloc+0x6d/0x3c0 [ 753.803822][T16733] ? __pfx___pte_alloc+0x10/0x10 [ 753.803847][T16733] ? _raw_spin_unlock+0x28/0x50 [ 753.803867][T16733] ? __pmd_alloc+0x3fb/0x930 [ 753.803890][T16733] walk_pgd_range+0xb84/0x1f50 [ 753.803910][T16733] ? __pfx_guard_install_set_pte+0x10/0x10 [ 753.803930][T16733] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 753.803951][T16733] ? __pfx_guard_install_set_pte+0x10/0x10 [ 753.803973][T16733] ? __pfx_guard_install_set_pte+0x10/0x10 [ 753.803992][T16733] ? __pfx_guard_install_set_pte+0x10/0x10 [ 753.804011][T16733] ? __pfx_walk_pgd_range+0x10/0x10 [ 753.804034][T16733] __walk_page_range+0x163/0x820 [ 753.804053][T16733] ? find_vma+0xbf/0x140 [ 753.804071][T16733] ? __pfx_find_vma+0x10/0x10 [ 753.804090][T16733] ? walk_page_test+0x9b/0x180 [ 753.804108][T16733] walk_page_range_mm+0x461/0xb40 [ 753.804130][T16733] ? __pfx_walk_page_range_mm+0x10/0x10 [ 753.804153][T16733] ? __anon_vma_prepare+0x2e2/0x5e0 [ 753.804170][T16733] madvise_vma_behavior+0xa62/0x2d60 [ 753.804193][T16733] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 753.804214][T16733] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 753.804236][T16733] ? __pfx_mas_prev+0x10/0x10 [ 753.804261][T16733] ? find_vma_prev+0xda/0x160 [ 753.804294][T16733] ? find_held_lock+0x2b/0x80 [ 753.804310][T16733] ? __pfx_find_vma_prev+0x10/0x10 [ 753.804337][T16733] ? futex_unqueue+0x133/0x2c0 [ 753.804360][T16733] ? __futex_wait+0x24c/0x2f0 [ 753.804389][T16733] madvise_walk_vmas+0x31f/0x9c0 [ 753.804412][T16733] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 753.804437][T16733] madvise_do_behavior+0x1e2/0x530 [ 753.804457][T16733] ? futex_private_hash_put+0x18a/0x300 [ 753.804474][T16733] ? __pfx_madvise_do_behavior+0x10/0x10 [ 753.804495][T16733] ? down_read+0x13d/0x480 [ 753.804518][T16733] do_madvise+0x176/0x240 [ 753.804538][T16733] ? __pfx_do_madvise+0x10/0x10 [ 753.804557][T16733] ? do_futex+0x122/0x350 [ 753.804586][T16733] ? xfd_validate_state+0x61/0x180 [ 753.804606][T16733] ? __pfx_ksys_write+0x10/0x10 [ 753.804627][T16733] __x64_sys_madvise+0xa9/0x110 [ 753.804646][T16733] ? lockdep_hardirqs_on+0x7c/0x110 [ 753.804666][T16733] do_syscall_64+0xcd/0x4c0 [ 753.804681][T16733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 753.804696][T16733] RIP: 0033:0x7f3d0338eec9 [ 753.804709][T16733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 753.804723][T16733] RSP: 002b:00007f3d04231038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 753.804738][T16733] RAX: ffffffffffffffda RBX: 00007f3d035e5fa0 RCX: 00007f3d0338eec9 [ 753.804749][T16733] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 753.804758][T16733] RBP: 00007f3d03411f91 R08: 0000000000000000 R09: 0000000000000000 [ 753.804767][T16733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 753.804776][T16733] R13: 00007f3d035e6038 R14: 00007f3d035e5fa0 R15: 00007fff98a243c8 [ 753.804796][T16733] [ 754.308286][ T30] audit: type=1800 audit(4294968089.008:80): pid=16730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2049" name="features" dev="configfs" ino=58444 res=0 errno=0 [ 754.652985][ T30] audit: type=1800 audit(4294968089.358:81): pid=16737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2052" name="features" dev="configfs" ino=57438 res=0 errno=0 [ 755.265463][T16754] ICMPv6: process `syz.5.2057' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 755.795666][T16764] FAULT_INJECTION: forcing a failure. [ 755.795666][T16764] name failslab, interval 1, probability 0, space 0, times 0 [ 755.808684][T16764] CPU: 1 UID: 0 PID: 16764 Comm: syz.2.2060 Not tainted syzkaller #0 PREEMPT(full) [ 755.808722][T16764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 755.808740][T16764] Call Trace: [ 755.808750][T16764] [ 755.808761][T16764] dump_stack_lvl+0x16c/0x1f0 [ 755.808806][T16764] should_fail_ex+0x512/0x640 [ 755.808845][T16764] ? __kmalloc_node_noprof+0xc5/0x500 [ 755.808883][T16764] should_failslab+0xc2/0x120 [ 755.808917][T16764] __kmalloc_node_noprof+0xd8/0x500 [ 755.808947][T16764] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 755.808981][T16764] ? alloc_slab_obj_exts+0x41/0xa0 [ 755.809014][T16764] alloc_slab_obj_exts+0x41/0xa0 [ 755.809040][T16764] new_slab+0x27d/0x330 [ 755.809068][T16764] ___slab_alloc+0xcf2/0x1750 [ 755.809096][T16764] ? __anon_vma_prepare+0x344/0x5e0 [ 755.809143][T16764] ? __anon_vma_prepare+0x344/0x5e0 [ 755.809172][T16764] ? __slab_alloc.constprop.0+0x56/0xb0 [ 755.809198][T16764] __slab_alloc.constprop.0+0x56/0xb0 [ 755.809229][T16764] kmem_cache_alloc_noprof+0xef/0x3b0 [ 755.809259][T16764] ? __pfx___might_resched+0x10/0x10 [ 755.809285][T16764] ? __anon_vma_prepare+0x344/0x5e0 [ 755.809319][T16764] __anon_vma_prepare+0x344/0x5e0 [ 755.809353][T16764] madvise_vma_behavior+0x225c/0x2d60 [ 755.809398][T16764] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 755.809436][T16764] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 755.809486][T16764] ? __pfx_mas_prev+0x10/0x10 [ 755.809534][T16764] ? find_vma_prev+0xda/0x160 [ 755.809571][T16764] ? find_held_lock+0x2b/0x80 [ 755.809597][T16764] ? __pfx_find_vma_prev+0x10/0x10 [ 755.809633][T16764] ? futex_unqueue+0x133/0x2c0 [ 755.809675][T16764] ? __futex_wait+0x24c/0x2f0 [ 755.809718][T16764] madvise_walk_vmas+0x31f/0x9c0 [ 755.809762][T16764] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 755.809810][T16764] madvise_do_behavior+0x1e2/0x530 [ 755.809846][T16764] ? futex_private_hash_put+0x18a/0x300 [ 755.809879][T16764] ? __pfx_madvise_do_behavior+0x10/0x10 [ 755.809918][T16764] ? down_read+0x13d/0x480 [ 755.809963][T16764] do_madvise+0x176/0x240 [ 755.809998][T16764] ? __pfx_do_madvise+0x10/0x10 [ 755.810032][T16764] ? do_futex+0x122/0x350 [ 755.810091][T16764] ? xfd_validate_state+0x61/0x180 [ 755.810127][T16764] ? __pfx_ksys_write+0x10/0x10 [ 755.810166][T16764] __x64_sys_madvise+0xa9/0x110 [ 755.810199][T16764] ? lockdep_hardirqs_on+0x7c/0x110 [ 755.810233][T16764] do_syscall_64+0xcd/0x4c0 [ 755.810257][T16764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.810283][T16764] RIP: 0033:0x7fe3b078eec9 [ 755.810305][T16764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 755.810331][T16764] RSP: 002b:00007fe3b157c038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 755.810357][T16764] RAX: ffffffffffffffda RBX: 00007fe3b09e5fa0 RCX: 00007fe3b078eec9 [ 755.810375][T16764] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 755.810392][T16764] RBP: 00007fe3b0811f91 R08: 0000000000000000 R09: 0000000000000000 [ 755.810414][T16764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.810431][T16764] R13: 00007fe3b09e6038 R14: 00007fe3b09e5fa0 R15: 00007ffcc4f4ee58 [ 755.810476][T16764] [ 756.347667][ T30] audit: type=1800 audit(4294968091.048:82): pid=16775 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2060" name="features" dev="configfs" ino=58583 res=0 errno=0 [ 756.517156][T14678] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 756.671224][T14678] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 756.822697][T16782] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2063'. [ 756.864438][T14678] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 757.054157][T14678] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 757.287215][T14741] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 757.297870][T14741] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 757.309220][T14741] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 757.319517][T14741] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 757.328868][T14741] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 758.473982][T14678] bridge_slave_1: left allmulticast mode [ 758.527581][T14678] bridge_slave_1: left promiscuous mode [ 758.576429][T14678] bridge0: port 2(bridge_slave_1) entered disabled state [ 758.592491][T14678] bridge_slave_0: left allmulticast mode [ 758.598306][T14678] bridge_slave_0: left promiscuous mode [ 758.629285][T14678] bridge0: port 1(bridge_slave_0) entered disabled state [ 758.987438][T16815] vhci_hcd: invalid port number 16 [ 759.006249][T16815] vhci_hcd: invalid port number 16 [ 759.278095][T14678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 759.290955][T14678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 759.302717][T14678] bond0 (unregistering): Released all slaves [ 759.381368][T14741] Bluetooth: hci5: command tx timeout [ 759.587624][T16786] chnl_net:caif_netlink_parms(): no params data found [ 760.203175][T14678] hsr_slave_0: left promiscuous mode [ 760.302933][T14678] hsr_slave_1: left promiscuous mode [ 760.309992][T14678] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 760.359382][T14678] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 760.460739][T14678] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 760.528920][T14678] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 760.719107][T14678] veth1_macvtap: left promiscuous mode [ 760.760298][T16823] netlink: 268 bytes leftover after parsing attributes in process `syz.5.2069'. [ 760.770105][T14678] veth0_macvtap: left promiscuous mode [ 760.800551][T14678] veth1_vlan: left promiscuous mode [ 760.810845][T14678] veth0_vlan: left promiscuous mode [ 761.460655][T14741] Bluetooth: hci5: command tx timeout [ 762.116137][T14678] team0 (unregistering): Port device team_slave_1 removed [ 762.164586][T14678] team0 (unregistering): Port device team_slave_0 removed [ 762.794078][T16864] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2075'. [ 763.073105][T16823] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2069: iget: checksum invalid [ 763.094540][T16786] bridge0: port 1(bridge_slave_0) entered blocking state [ 763.120734][T16823] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 763.148205][T16823] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2069: iget: checksum invalid [ 763.148726][T16786] bridge0: port 1(bridge_slave_0) entered disabled state [ 763.206826][T16786] bridge_slave_0: entered allmulticast mode [ 763.210688][T16823] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 763.224697][T16786] bridge_slave_0: entered promiscuous mode [ 763.252943][T16786] bridge0: port 2(bridge_slave_1) entered blocking state [ 763.265858][T16823] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2069: iget: checksum invalid [ 763.297960][T16786] bridge0: port 2(bridge_slave_1) entered disabled state [ 763.306094][T16823] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 763.327561][T16786] bridge_slave_1: entered allmulticast mode [ 763.343300][T16823] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.5.2069: iget: checksum invalid [ 763.359999][T16786] bridge_slave_1: entered promiscuous mode [ 763.393411][T16823] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 763.414886][T16823] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 763.462844][T16823] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 763.542536][T14741] Bluetooth: hci5: command tx timeout [ 763.794324][T16786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 763.829704][T16786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 763.941667][T16786] team0: Port device team_slave_0 added [ 763.962212][T16786] team0: Port device team_slave_1 added [ 764.303682][T16786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 764.367324][T16786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 764.499167][T16786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 764.843734][T16786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 764.864970][T16786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 764.966799][T16786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 765.147601][T16786] hsr_slave_0: entered promiscuous mode [ 765.169507][T16786] hsr_slave_1: entered promiscuous mode [ 765.187334][T16786] debugfs: 'hsr0' already exists in 'hsr' [ 765.196644][T16786] Cannot create hsr debugfs directory [ 765.667191][T14741] Bluetooth: hci5: command tx timeout [ 766.969714][T16786] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 767.007908][T16786] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 767.033736][T16786] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 767.222477][T16786] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 767.924176][T16786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 768.051545][T16786] 8021q: adding VLAN 0 to HW filter on device team0 [ 768.084799][T14687] bridge0: port 1(bridge_slave_0) entered blocking state [ 768.092013][T14687] bridge0: port 1(bridge_slave_0) entered forwarding state [ 768.236418][T15216] bridge0: port 2(bridge_slave_1) entered blocking state [ 768.243645][T15216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 768.391434][T16950] sysfs_service_op_show: Client not running :-5: [ 768.641211][T16974] FAULT_INJECTION: forcing a failure. [ 768.641211][T16974] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 768.690669][T16974] CPU: 1 UID: 0 PID: 16974 Comm: syz.2.2087 Not tainted syzkaller #0 PREEMPT(full) [ 768.690708][T16974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 768.690724][T16974] Call Trace: [ 768.690734][T16974] [ 768.690746][T16974] dump_stack_lvl+0x16c/0x1f0 [ 768.690790][T16974] should_fail_ex+0x512/0x640 [ 768.690835][T16974] should_fail_alloc_page+0xe7/0x130 [ 768.690872][T16974] prepare_alloc_pages+0x3c2/0x610 [ 768.690915][T16974] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 768.690945][T16974] ? stack_trace_save+0x8e/0xc0 [ 768.690974][T16974] ? __pfx_stack_trace_save+0x10/0x10 [ 768.691001][T16974] ? rcu_is_watching+0x12/0xc0 [ 768.691028][T16974] ? stack_depot_save_flags+0x29/0x9c0 [ 768.691072][T16974] ? kasan_save_stack+0x42/0x60 [ 768.691098][T16974] ? kasan_save_stack+0x33/0x60 [ 768.691125][T16974] ? kasan_save_track+0x14/0x30 [ 768.691154][T16974] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 768.691185][T16974] ? walk_pgd_range+0x88b/0x1f50 [ 768.691213][T16974] ? walk_page_range_mm+0x461/0xb40 [ 768.691243][T16974] ? madvise_walk_vmas+0x31f/0x9c0 [ 768.691286][T16974] ? madvise_do_behavior+0x1e2/0x530 [ 768.691321][T16974] ? do_madvise+0x176/0x240 [ 768.691355][T16974] ? __x64_sys_madvise+0xa9/0x110 [ 768.691388][T16974] ? do_syscall_64+0xcd/0x4c0 [ 768.691409][T16974] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.691450][T16974] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 768.691487][T16974] ? policy_nodemask+0xea/0x4e0 [ 768.691520][T16974] alloc_pages_mpol+0x1fb/0x550 [ 768.691556][T16974] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 768.691599][T16974] alloc_pages_noprof+0x131/0x390 [ 768.691630][T16974] pte_alloc_one+0x1c/0x3a0 [ 768.691657][T16974] __pte_alloc+0x6d/0x3c0 [ 768.691687][T16974] ? __pfx___pte_alloc+0x10/0x10 [ 768.691721][T16974] ? _raw_spin_unlock+0x28/0x50 [ 768.691750][T16974] ? __pmd_alloc+0x3fb/0x930 [ 768.691789][T16974] walk_pgd_range+0xb84/0x1f50 [ 768.691822][T16974] ? __pfx_guard_install_set_pte+0x10/0x10 [ 768.691851][T16974] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 768.691882][T16974] ? __pfx_guard_install_set_pte+0x10/0x10 [ 768.691918][T16974] ? __pfx_guard_install_set_pte+0x10/0x10 [ 768.691950][T16974] ? __pfx_guard_install_set_pte+0x10/0x10 [ 768.691985][T16974] ? __pfx_walk_pgd_range+0x10/0x10 [ 768.692024][T16974] __walk_page_range+0x163/0x820 [ 768.692058][T16974] ? find_vma+0xbf/0x140 [ 768.692089][T16974] ? __pfx_find_vma+0x10/0x10 [ 768.692125][T16974] ? walk_page_test+0x9b/0x180 [ 768.692158][T16974] walk_page_range_mm+0x461/0xb40 [ 768.692196][T16974] ? __pfx_walk_page_range_mm+0x10/0x10 [ 768.692237][T16974] ? __anon_vma_prepare+0x2e2/0x5e0 [ 768.692300][T16974] madvise_vma_behavior+0xa62/0x2d60 [ 768.692344][T16974] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 768.692382][T16974] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 768.692422][T16974] ? __pfx_mas_prev+0x10/0x10 [ 768.692468][T16974] ? find_vma_prev+0xda/0x160 [ 768.692501][T16974] ? find_held_lock+0x2b/0x80 [ 768.692527][T16974] ? __pfx_find_vma_prev+0x10/0x10 [ 768.692561][T16974] ? futex_unqueue+0x133/0x2c0 [ 768.692602][T16974] ? __futex_wait+0x24c/0x2f0 [ 768.692643][T16974] madvise_walk_vmas+0x31f/0x9c0 [ 768.692687][T16974] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 768.692740][T16974] madvise_do_behavior+0x1e2/0x530 [ 768.692777][T16974] ? futex_private_hash_put+0x18a/0x300 [ 768.692810][T16974] ? __pfx_madvise_do_behavior+0x10/0x10 [ 768.692852][T16974] ? down_read+0x13d/0x480 [ 768.692899][T16974] do_madvise+0x176/0x240 [ 768.692935][T16974] ? __pfx_do_madvise+0x10/0x10 [ 768.692970][T16974] ? do_futex+0x122/0x350 [ 768.693027][T16974] ? xfd_validate_state+0x61/0x180 [ 768.693063][T16974] ? __pfx_ksys_write+0x10/0x10 [ 768.693100][T16974] __x64_sys_madvise+0xa9/0x110 [ 768.693135][T16974] ? lockdep_hardirqs_on+0x7c/0x110 [ 768.693172][T16974] do_syscall_64+0xcd/0x4c0 [ 768.693198][T16974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 768.693231][T16974] RIP: 0033:0x7fe3b078eec9 [ 768.693254][T16974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 768.693295][T16974] RSP: 002b:00007fe3b157c038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 768.693324][T16974] RAX: ffffffffffffffda RBX: 00007fe3b09e5fa0 RCX: 00007fe3b078eec9 [ 768.693347][T16974] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 768.693363][T16974] RBP: 00007fe3b0811f91 R08: 0000000000000000 R09: 0000000000000000 [ 768.693380][T16974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 768.693396][T16974] R13: 00007fe3b09e6038 R14: 00007fe3b09e5fa0 R15: 00007ffcc4f4ee58 [ 768.693432][T16974] [ 769.451619][T16990] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 769.648206][ T30] audit: type=1800 audit(4294968104.258:83): pid=16992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2087" name="features" dev="configfs" ino=58278 res=0 errno=0 [ 770.113798][T16786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 771.007318][T16786] veth0_vlan: entered promiscuous mode [ 771.048068][T16786] veth1_vlan: entered promiscuous mode [ 771.090392][T17008] netlink: 186 bytes leftover after parsing attributes in process `syz.5.2093'. [ 771.119513][T16786] veth0_macvtap: entered promiscuous mode [ 771.154813][T16786] veth1_macvtap: entered promiscuous mode [ 771.207774][T16786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 771.236021][T16786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 771.307807][T15216] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.333841][T15216] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.374037][T15216] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.404530][T15216] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 771.493007][T15216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 771.539999][T15216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 771.686090][T17039] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 771.744736][T14711] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 771.753111][T14711] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 772.281816][T17062] FAULT_INJECTION: forcing a failure. [ 772.281816][T17062] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 772.316109][T17062] CPU: 1 UID: 0 PID: 17062 Comm: syz.6.2101 Not tainted syzkaller #0 PREEMPT(full) [ 772.316148][T17062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 772.316165][T17062] Call Trace: [ 772.316175][T17062] [ 772.316187][T17062] dump_stack_lvl+0x16c/0x1f0 [ 772.316233][T17062] should_fail_ex+0x512/0x640 [ 772.316295][T17062] should_fail_alloc_page+0xe7/0x130 [ 772.316333][T17062] prepare_alloc_pages+0x3c2/0x610 [ 772.316378][T17062] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 772.316411][T17062] ? stack_trace_save+0x8e/0xc0 [ 772.316441][T17062] ? __pfx_stack_trace_save+0x10/0x10 [ 772.316469][T17062] ? rcu_is_watching+0x12/0xc0 [ 772.316497][T17062] ? stack_depot_save_flags+0x29/0x9c0 [ 772.316543][T17062] ? kasan_save_stack+0x42/0x60 [ 772.316571][T17062] ? kasan_save_stack+0x33/0x60 [ 772.316599][T17062] ? kasan_save_track+0x14/0x30 [ 772.316629][T17062] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 772.316660][T17062] ? walk_pgd_range+0x88b/0x1f50 [ 772.316690][T17062] ? walk_page_range_mm+0x461/0xb40 [ 772.316721][T17062] ? madvise_walk_vmas+0x31f/0x9c0 [ 772.316754][T17062] ? madvise_do_behavior+0x1e2/0x530 [ 772.316788][T17062] ? do_madvise+0x176/0x240 [ 772.316821][T17062] ? __x64_sys_madvise+0xa9/0x110 [ 772.316855][T17062] ? do_syscall_64+0xcd/0x4c0 [ 772.316877][T17062] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 772.316920][T17062] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 772.316959][T17062] ? policy_nodemask+0xea/0x4e0 [ 772.316996][T17062] alloc_pages_mpol+0x1fb/0x550 [ 772.317032][T17062] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 772.317077][T17062] alloc_pages_noprof+0x131/0x390 [ 772.317113][T17062] pte_alloc_one+0x1c/0x3a0 [ 772.317143][T17062] __pte_alloc+0x6d/0x3c0 [ 772.317179][T17062] ? __pfx___pte_alloc+0x10/0x10 [ 772.317213][T17062] ? _raw_spin_unlock+0x28/0x50 [ 772.317252][T17062] ? __pmd_alloc+0x3fb/0x930 [ 772.317296][T17062] walk_pgd_range+0xb84/0x1f50 [ 772.317334][T17062] ? __pfx_guard_install_set_pte+0x10/0x10 [ 772.317369][T17062] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 772.317408][T17062] ? __pfx_guard_install_set_pte+0x10/0x10 [ 772.317448][T17062] ? __pfx_guard_install_set_pte+0x10/0x10 [ 772.317483][T17062] ? __pfx_guard_install_set_pte+0x10/0x10 [ 772.317520][T17062] ? __pfx_walk_pgd_range+0x10/0x10 [ 772.317563][T17062] __walk_page_range+0x163/0x820 [ 772.317599][T17062] ? find_vma+0xbf/0x140 [ 772.317631][T17062] ? __pfx_find_vma+0x10/0x10 [ 772.317669][T17062] ? walk_page_test+0x9b/0x180 [ 772.317704][T17062] walk_page_range_mm+0x461/0xb40 [ 772.317742][T17062] ? __pfx_walk_page_range_mm+0x10/0x10 [ 772.317786][T17062] ? __anon_vma_prepare+0x2e2/0x5e0 [ 772.317820][T17062] madvise_vma_behavior+0xa62/0x2d60 [ 772.317862][T17062] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 772.317900][T17062] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 772.317941][T17062] ? __pfx_mas_prev+0x10/0x10 [ 772.317988][T17062] ? find_vma_prev+0xda/0x160 [ 772.318021][T17062] ? find_held_lock+0x2b/0x80 [ 772.318046][T17062] ? __pfx_find_vma_prev+0x10/0x10 [ 772.318081][T17062] ? futex_unqueue+0x133/0x2c0 [ 772.318129][T17062] ? __futex_wait+0x24c/0x2f0 [ 772.318173][T17062] madvise_walk_vmas+0x31f/0x9c0 [ 772.318219][T17062] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 772.318271][T17062] madvise_do_behavior+0x1e2/0x530 [ 772.318307][T17062] ? futex_private_hash_put+0x18a/0x300 [ 772.318341][T17062] ? __pfx_madvise_do_behavior+0x10/0x10 [ 772.318381][T17062] ? down_read+0x13d/0x480 [ 772.318426][T17062] do_madvise+0x176/0x240 [ 772.318461][T17062] ? __pfx_do_madvise+0x10/0x10 [ 772.318497][T17062] ? do_futex+0x122/0x350 [ 772.318555][T17062] ? xfd_validate_state+0x61/0x180 [ 772.318591][T17062] ? __pfx_ksys_write+0x10/0x10 [ 772.318630][T17062] __x64_sys_madvise+0xa9/0x110 [ 772.318666][T17062] ? lockdep_hardirqs_on+0x7c/0x110 [ 772.318711][T17062] do_syscall_64+0xcd/0x4c0 [ 772.318746][T17062] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 772.318784][T17062] RIP: 0033:0x7f300198eec9 [ 772.318807][T17062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 772.318836][T17062] RSP: 002b:00007f30028e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 772.318863][T17062] RAX: ffffffffffffffda RBX: 00007f3001be5fa0 RCX: 00007f300198eec9 [ 772.318882][T17062] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 772.318900][T17062] RBP: 00007f3001a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 772.318917][T17062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 772.318935][T17062] R13: 00007f3001be6038 R14: 00007f3001be5fa0 R15: 00007ffc9a8f7488 [ 772.318973][T17062] [ 773.333553][ T30] audit: type=1800 audit(4294968108.038:84): pid=17071 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2101" name="features" dev="configfs" ino=59561 res=0 errno=0 [ 773.914438][T17084] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 776.739150][T17132] XFS: Clearing xfsstats [ 776.742432][T17130] usb usb36: usbfs: process 17130 (syz.2.2121) did not claim interface 0 before use [ 776.930519][T17138] sd 0:0:1:0: PR command failed: 1026 [ 777.010445][T17138] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 777.039672][T17138] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 777.127771][T17141] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 777.623532][T17152] ptrace attach of "./syz-executor exec"[16786] was attempted by ""[17152] [ 777.721031][T17152] sd 0:0:1:0: PR command failed: 1026 [ 777.747451][T17152] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 777.757568][T17152] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 777.870378][T17152] input: jJ-9%vlQ J86 as /devices/virtual/input/input55 [ 779.125994][T17194] random: crng reseeded on system resumption [ 779.142374][T17196] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2130'. [ 779.152516][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 779.179516][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 779.191023][T14711] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 779.211992][T14678] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 779.231323][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 779.252237][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 779.265629][T14711] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 779.292033][T14678] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 779.302208][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 779.321032][T14711] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 779.331463][T14741] Bluetooth: hci1: unexpected event 0x3d length: 726 > 14 [ 779.331639][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 779.367835][T14711] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 779.384977][T14678] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 779.410642][T14711] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 779.419495][T14711] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 779.429373][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 779.457695][T14678] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 779.469710][T14711] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 779.488970][T14678] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 779.532304][T14678] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 780.371832][T17212] netlink: 'syz.6.2132': attribute type 1 has an invalid length. [ 790.157845][T14677] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 790.175047][T14677] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 790.185119][T14677] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 790.197273][T14677] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 790.206306][T14677] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 790.376152][T17263] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 790.464701][T17257] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 791.068358][T17249] chnl_net:caif_netlink_parms(): no params data found [ 791.371645][T17249] bridge0: port 1(bridge_slave_0) entered blocking state [ 791.379129][T17249] bridge0: port 1(bridge_slave_0) entered disabled state [ 791.406978][T17249] bridge_slave_0: entered allmulticast mode [ 791.421274][T17249] bridge_slave_0: entered promiscuous mode [ 791.436221][T17249] bridge0: port 2(bridge_slave_1) entered blocking state [ 791.459962][T17249] bridge0: port 2(bridge_slave_1) entered disabled state [ 791.477545][T17249] bridge_slave_1: entered allmulticast mode [ 791.494900][T17249] bridge_slave_1: entered promiscuous mode [ 791.661419][T17249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 791.685387][T17249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 791.804863][T17249] team0: Port device team_slave_0 added [ 791.833982][T17249] team0: Port device team_slave_1 added [ 791.914959][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 791.955858][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 791.956102][T17249] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 791.968602][T15255] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 791.985605][T14678] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 792.007373][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 792.018368][T17249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 792.061403][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 792.076470][T14678] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 792.086416][T17249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 792.101826][T15255] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 792.103508][T17249] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 792.123032][T17249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 792.125948][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 792.171206][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 792.183110][T17249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 792.218701][T15255] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 792.247291][T14678] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 792.258169][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 792.271069][T14677] Bluetooth: hci6: command tx timeout [ 792.311564][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 792.323376][T15255] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 792.332367][T15255] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 792.349991][T14678] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 792.383829][T17249] hsr_slave_0: entered promiscuous mode [ 792.389596][T15255] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 792.398005][T14678] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 792.409974][T14678] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 792.423330][T17249] hsr_slave_1: entered promiscuous mode [ 792.429691][T17249] debugfs: 'hsr0' already exists in 'hsr' [ 792.451181][T17249] Cannot create hsr debugfs directory [ 792.800050][T17249] netdevsim netdevsim7 netdevsim0: renamed from eth0 [ 792.814347][T17249] netdevsim netdevsim7 netdevsim1: renamed from eth1 [ 792.836869][T17249] netdevsim netdevsim7 netdevsim2: renamed from eth2 [ 792.851336][T17249] netdevsim netdevsim7 netdevsim3: renamed from eth3 [ 793.090964][T17249] 8021q: adding VLAN 0 to HW filter on device bond0 [ 793.112651][T17249] 8021q: adding VLAN 0 to HW filter on device team0 [ 793.126031][T14711] bridge0: port 1(bridge_slave_0) entered blocking state [ 793.133166][T14711] bridge0: port 1(bridge_slave_0) entered forwarding state [ 793.148727][T15216] bridge0: port 2(bridge_slave_1) entered blocking state [ 793.155876][T15216] bridge0: port 2(bridge_slave_1) entered forwarding state [ 793.388824][T17249] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 793.822517][T17249] veth0_vlan: entered promiscuous mode [ 793.836421][T17249] veth1_vlan: entered promiscuous mode [ 793.877377][T17249] veth0_macvtap: entered promiscuous mode [ 793.891824][T17249] veth1_macvtap: entered promiscuous mode [ 793.922120][T17249] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 793.942375][T17249] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 793.966730][T14687] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.979468][T14687] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 793.992937][T14687] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.005417][T14687] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 794.340317][T14677] Bluetooth: hci6: command tx timeout [ 796.420362][T14677] Bluetooth: hci6: command tx timeout [ 798.500554][T14677] Bluetooth: hci6: command tx timeout [ 802.950898][T17298] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 802.957065][T17298] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 802.963249][T17298] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 802.969667][T17298] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 802.976108][T17298] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 802.988279][T17298] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 802.998078][T17298] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 803.004541][T17298] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 803.014471][T17298] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 803.025352][T17298] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 803.032776][T17298] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 803.043174][T17298] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 803.193535][T15216] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 803.228027][T15216] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 803.251161][T17334] random: crng reseeded on system resumption [ 803.262652][T14811] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:6: iget: checksum invalid [ 803.278051][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 803.292048][T14811] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 803.306820][T15255] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 803.318127][T14811] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:6: iget: checksum invalid [ 803.332059][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 803.346588][T14811] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 803.356499][T15216] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 803.452302][T15216] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 803.510787][T15255] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 803.525881][T14811] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:6: iget: checksum invalid [ 803.542817][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 803.554759][T14811] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 803.564660][T15255] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 803.584077][T14811] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:6: iget: checksum invalid [ 803.596097][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 803.609885][T14811] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 803.629776][T15255] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 803.646544][T14811] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 803.662590][T15255] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 803.672347][T14811] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 803.683529][T17343] vivid-003: ================= START STATUS ================= [ 803.692185][T17343] vivid-003: Radio HW Seek Mode: Bounded [ 803.697883][T15255] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 803.707008][T17343] vivid-003: Radio Programmable HW Seek: false [ 803.714431][T17343] vivid-003: RDS Rx I/O Mode: Block I/O [ 803.720438][T17343] vivid-003: Generate RBDS Instead of RDS: false [ 803.729075][T17343] vivid-003: RDS Reception: true [ 803.737082][T17343] vivid-003: RDS Program Type: 0 inactive [ 803.743071][T17343] vivid-003: RDS PS Name: inactive [ 803.748343][T17343] vivid-003: RDS Radio Text: inactive [ 803.754282][T17343] vivid-003: RDS Traffic Announcement: false inactive [ 803.761195][T17343] vivid-003: RDS Traffic Program: false inactive [ 803.767976][T17343] vivid-003: RDS Music: false inactive [ 803.773659][T17343] vivid-003: ================== END STATUS ================== [ 804.158031][T17365] netlink: 342 bytes leftover after parsing attributes in process `syz.7.2157'. [ 804.219655][T17367] netlink: 342 bytes leftover after parsing attributes in process `syz.7.2157'. [ 804.291162][T17368] netlink: 342 bytes leftover after parsing attributes in process `syz.7.2157'. [ 804.326157][T17370] netlink: 342 bytes leftover after parsing attributes in process `syz.7.2157'. [ 804.339243][T17367] netlink: 342 bytes leftover after parsing attributes in process `syz.7.2157'. [ 804.980426][T14677] Bluetooth: hci3: command 0x0c1a tx timeout [ 804.986515][T14677] Bluetooth: hci4: command 0x0c1a tx timeout [ 804.992725][T14741] Bluetooth: hci1: command 0x0406 tx timeout [ 804.998770][T16789] Bluetooth: hci2: command 0x0406 tx timeout [ 805.005273][T16789] Bluetooth: hci0: command 0x0406 tx timeout [ 805.060669][T17400] Bluetooth: hci6: command 0x0c1a tx timeout [ 805.068982][T14681] Bluetooth: hci5: command 0x0c1a tx timeout [ 807.060274][T17400] Bluetooth: hci3: command 0x0c1a tx timeout [ 807.140553][T14681] Bluetooth: hci5: command 0x0c1a tx timeout [ 807.146866][T17400] Bluetooth: hci6: command 0x0c1a tx timeout [ 808.672584][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 808.678872][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.220365][T14681] Bluetooth: hci5: command 0x0c1a tx timeout [ 809.226527][T17400] Bluetooth: hci6: command 0x0c1a tx timeout [ 813.810568][T17414] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 814.289673][T17444] ptrace attach of ""[17453] was attempted by "./syz-executor exec"[17444] [ 815.649093][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 815.723644][T14678] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 815.734603][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 815.788680][T15255] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 815.802245][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 815.825756][T14678] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 815.836073][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 815.848256][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 815.860882][T15255] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 815.871604][T14678] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 815.905484][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 815.966390][T14678] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:1: iget: checksum invalid [ 815.978432][T15255] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 816.053394][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 816.065234][T14678] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 816.074149][T14678] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 816.084658][T15255] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 816.109028][T14678] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 816.123229][T15255] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 816.139081][T15255] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 816.287928][T17475] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input56 [ 826.631664][T17472] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 826.637827][T17472] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 826.645310][T17472] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 826.652509][T17472] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 826.658566][T17472] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 826.667653][T17472] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 826.676828][T17472] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 826.904875][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 826.972703][T17493] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:10: iget: checksum invalid [ 826.984860][T15255] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 827.034979][T17493] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 827.047222][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 827.096867][T15255] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 827.109475][T17493] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:10: iget: checksum invalid [ 827.170388][T17493] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 827.185691][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 827.244218][T17493] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:10: iget: checksum invalid [ 827.256938][T15255] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 827.273518][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 827.284995][T17493] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 827.334327][T15255] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 827.346987][T17493] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:10: iget: checksum invalid [ 827.364572][T15255] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 827.377597][T17493] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 827.422202][T15255] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 827.469312][T17493] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 827.549756][T17493] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 828.092447][T17546] netlink: 13 bytes leftover after parsing attributes in process `syz.6.2185'. [ 828.445888][T17549] ptrace attach of "./syz-executor exec"[17551] was attempted by "./syz-executor exec"[17549] [ 828.662966][T17400] Bluetooth: hci3: command 0x0c1a tx timeout [ 828.669228][T14681] Bluetooth: hci4: command 0x0c1a tx timeout [ 828.675283][T16789] Bluetooth: hci1: command 0x0406 tx timeout [ 828.681369][T14741] Bluetooth: hci2: command 0x0406 tx timeout [ 828.691587][T16789] Bluetooth: hci0: command 0x0406 tx timeout [ 828.742642][T16789] Bluetooth: hci6: command 0x0c1a tx timeout [ 828.750991][T14681] Bluetooth: hci5: command 0x0c1a tx timeout [ 829.004416][T17556] FAULT_INJECTION: forcing a failure. [ 829.004416][T17556] name failslab, interval 1, probability 0, space 0, times 0 [ 829.022201][T17556] CPU: 0 UID: 0 PID: 17556 Comm: syz.7.2187 Not tainted syzkaller #0 PREEMPT(full) [ 829.022228][T17556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 829.022238][T17556] Call Trace: [ 829.022244][T17556] [ 829.022250][T17556] dump_stack_lvl+0x16c/0x1f0 [ 829.022282][T17556] should_fail_ex+0x512/0x640 [ 829.022304][T17556] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 829.022327][T17556] should_failslab+0xc2/0x120 [ 829.022346][T17556] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 829.022365][T17556] ? lockdep_hardirqs_on+0x7c/0x110 [ 829.022386][T17556] ? fib_notifier_ops_register+0x32/0x270 [ 829.022412][T17556] kmemdup_noprof+0x29/0x60 [ 829.022430][T17556] fib_notifier_ops_register+0x32/0x270 [ 829.022455][T17556] fib4_notifier_init+0x4f/0xd0 [ 829.022477][T17556] fib_net_init+0xbf/0x3f0 [ 829.022490][T17556] ? __pfx___register_sysctl_table+0x10/0x10 [ 829.022511][T17556] ? __pfx_fib_net_init+0x10/0x10 [ 829.022524][T17556] ? lockdep_init_map_type+0x5c/0x280 [ 829.022545][T17556] ? do_init_timer+0xc9/0x110 [ 829.022562][T17556] ? devinet_init_net+0x5c2/0x910 [ 829.022579][T17556] ? __pfx_fib_net_init+0x10/0x10 [ 829.022591][T17556] ops_init+0x1e2/0x5f0 [ 829.022614][T17556] setup_net+0x10f/0x380 [ 829.022626][T17556] ? lockdep_init_map_type+0x5c/0x280 [ 829.022645][T17556] ? __pfx_setup_net+0x10/0x10 [ 829.022659][T17556] ? debug_mutex_init+0x37/0x70 [ 829.022675][T17556] copy_net_ns+0x2a6/0x5f0 [ 829.022692][T17556] create_new_namespaces+0x3ea/0xa90 [ 829.022713][T17556] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 829.022731][T17556] ksys_unshare+0x45b/0xa40 [ 829.022751][T17556] ? __pfx_ksys_unshare+0x10/0x10 [ 829.022777][T17556] __x64_sys_unshare+0x31/0x40 [ 829.022795][T17556] do_syscall_64+0xcd/0x4c0 [ 829.022818][T17556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 829.022833][T17556] RIP: 0033:0x7f89e8d8eec9 [ 829.022846][T17556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 829.022862][T17556] RSP: 002b:00007f89e9bf9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 829.022876][T17556] RAX: ffffffffffffffda RBX: 00007f89e8fe5fa0 RCX: 00007f89e8d8eec9 [ 829.022886][T17556] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 829.022895][T17556] RBP: 00007f89e8e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 829.022905][T17556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 829.022914][T17556] R13: 00007f89e8fe6038 R14: 00007f89e8fe5fa0 R15: 00007ffee6818178 [ 829.022934][T17556] [ 829.544281][T17559] FAULT_INJECTION: forcing a failure. [ 829.544281][T17559] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 829.557676][T17559] CPU: 1 UID: 0 PID: 17559 Comm: syz.6.2188 Not tainted syzkaller #0 PREEMPT(full) [ 829.557698][T17559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 829.557709][T17559] Call Trace: [ 829.557716][T17559] [ 829.557729][T17559] dump_stack_lvl+0x16c/0x1f0 [ 829.557757][T17559] should_fail_ex+0x512/0x640 [ 829.557782][T17559] should_fail_alloc_page+0xe7/0x130 [ 829.557804][T17559] prepare_alloc_pages+0x3c2/0x610 [ 829.557828][T17559] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 829.557846][T17559] ? stack_trace_save+0x8e/0xc0 [ 829.557863][T17559] ? __pfx_stack_trace_save+0x10/0x10 [ 829.557878][T17559] ? rcu_is_watching+0x12/0xc0 [ 829.557893][T17559] ? stack_depot_save_flags+0x29/0x9c0 [ 829.557919][T17559] ? kasan_save_stack+0x42/0x60 [ 829.557936][T17559] ? kasan_save_stack+0x33/0x60 [ 829.557951][T17559] ? kasan_save_track+0x14/0x30 [ 829.557967][T17559] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 829.557983][T17559] ? walk_pgd_range+0x88b/0x1f50 [ 829.558000][T17559] ? walk_page_range_mm+0x461/0xb40 [ 829.558017][T17559] ? madvise_walk_vmas+0x31f/0x9c0 [ 829.558035][T17559] ? madvise_do_behavior+0x1e2/0x530 [ 829.558054][T17559] ? do_madvise+0x176/0x240 [ 829.558072][T17559] ? __x64_sys_madvise+0xa9/0x110 [ 829.558090][T17559] ? do_syscall_64+0xcd/0x4c0 [ 829.558102][T17559] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 829.558125][T17559] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 829.558147][T17559] ? policy_nodemask+0xea/0x4e0 [ 829.558167][T17559] alloc_pages_mpol+0x1fb/0x550 [ 829.558187][T17559] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 829.558211][T17559] alloc_pages_noprof+0x131/0x390 [ 829.558230][T17559] pte_alloc_one+0x1c/0x3a0 [ 829.558247][T17559] __pte_alloc+0x6d/0x3c0 [ 829.558266][T17559] ? __pfx___pte_alloc+0x10/0x10 [ 829.558285][T17559] ? _raw_spin_unlock+0x28/0x50 [ 829.558304][T17559] ? __pmd_alloc+0x3fb/0x930 [ 829.558326][T17559] walk_pgd_range+0xb84/0x1f50 [ 829.558345][T17559] ? __pfx_guard_install_set_pte+0x10/0x10 [ 829.558364][T17559] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 829.558384][T17559] ? __pfx_guard_install_set_pte+0x10/0x10 [ 829.558405][T17559] ? __pfx_guard_install_set_pte+0x10/0x10 [ 829.558424][T17559] ? __pfx_guard_install_set_pte+0x10/0x10 [ 829.558444][T17559] ? __pfx_walk_pgd_range+0x10/0x10 [ 829.558467][T17559] __walk_page_range+0x163/0x820 [ 829.558486][T17559] ? find_vma+0xbf/0x140 [ 829.558504][T17559] ? __pfx_find_vma+0x10/0x10 [ 829.558524][T17559] ? walk_page_test+0x9b/0x180 [ 829.558542][T17559] walk_page_range_mm+0x461/0xb40 [ 829.558562][T17559] ? __pfx_walk_page_range_mm+0x10/0x10 [ 829.558585][T17559] ? __anon_vma_prepare+0x2e2/0x5e0 [ 829.558604][T17559] madvise_vma_behavior+0xa62/0x2d60 [ 829.558626][T17559] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 829.558648][T17559] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 829.558688][T17559] ? __pfx_mas_prev+0x10/0x10 [ 829.558716][T17559] ? find_vma_prev+0xda/0x160 [ 829.558741][T17559] ? find_held_lock+0x2b/0x80 [ 829.558756][T17559] ? __pfx_find_vma_prev+0x10/0x10 [ 829.558776][T17559] ? futex_unqueue+0x133/0x2c0 [ 829.558799][T17559] ? __futex_wait+0x24c/0x2f0 [ 829.558822][T17559] madvise_walk_vmas+0x31f/0x9c0 [ 829.558845][T17559] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 829.558870][T17559] madvise_do_behavior+0x1e2/0x530 [ 829.558889][T17559] ? futex_private_hash_put+0x18a/0x300 [ 829.558907][T17559] ? __pfx_madvise_do_behavior+0x10/0x10 [ 829.558928][T17559] ? down_read+0x13d/0x480 [ 829.558951][T17559] do_madvise+0x176/0x240 [ 829.558970][T17559] ? __pfx_do_madvise+0x10/0x10 [ 829.558989][T17559] ? do_futex+0x122/0x350 [ 829.559019][T17559] ? xfd_validate_state+0x61/0x180 [ 829.559039][T17559] ? __pfx_ksys_write+0x10/0x10 [ 829.559059][T17559] __x64_sys_madvise+0xa9/0x110 [ 829.559079][T17559] ? lockdep_hardirqs_on+0x7c/0x110 [ 829.559098][T17559] do_syscall_64+0xcd/0x4c0 [ 829.559113][T17559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 829.559128][T17559] RIP: 0033:0x7f300198eec9 [ 829.559141][T17559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 829.559156][T17559] RSP: 002b:00007f30028e2038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 829.559171][T17559] RAX: ffffffffffffffda RBX: 00007f3001be5fa0 RCX: 00007f300198eec9 [ 829.559181][T17559] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 829.559190][T17559] RBP: 00007f3001a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 829.559199][T17559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 829.559207][T17559] R13: 00007f3001be6038 R14: 00007f3001be5fa0 R15: 00007ffc9a8f7488 [ 829.559228][T17559] [ 830.134633][T17561] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2189'. [ 830.271695][T17564] i2c i2c-0: new_device: Missing parameters [ 830.499365][ T30] audit: type=1800 audit(4294968165.148:85): pid=17567 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.2188" name="features" dev="configfs" ino=62973 res=0 errno=0 [ 838.141968][T17525] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 838.148049][T17525] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 838.154500][T17525] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 838.160591][T17525] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 838.166670][T17525] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 838.172840][T17525] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 838.178901][T17525] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 838.401611][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 838.444261][T15255] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 838.455167][T15216] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 838.469817][T15216] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 838.481224][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 838.493473][T15216] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 838.506259][T15255] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 838.522703][T15216] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 838.538486][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 838.572862][T15255] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 838.583050][T15216] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 838.595357][T15216] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 838.613910][T15255] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:9: iget: checksum invalid [ 838.627920][T15216] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 838.639783][T15255] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 838.648830][T15255] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 838.659885][T15216] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 838.684757][T15255] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 838.693798][T15216] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 838.720424][T15216] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 840.182304][T14677] Bluetooth: hci5: command 0x0c1a tx timeout [ 840.189796][T14681] Bluetooth: hci3: command 0x0c1a tx timeout [ 840.195961][T16789] Bluetooth: hci4: command 0x0c1a tx timeout [ 840.202135][T14681] Bluetooth: hci1: command 0x0406 tx timeout [ 840.208163][T14681] Bluetooth: hci2: command 0x0406 tx timeout [ 840.215736][T14741] Bluetooth: hci0: command 0x0406 tx timeout [ 840.226564][T17554] Bluetooth: hci6: command 0x0c1a tx timeout [ 849.021358][T17577] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 849.027506][T17577] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 849.035065][T17577] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 849.042784][T17577] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 849.049375][T17577] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 849.055628][T17577] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 849.061884][T17577] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 849.237797][T17603] CIFS mount error: No usable UNC path provided in device string! [ 849.237797][T17603] [ 849.237823][T17603] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 849.670703][T17601] block nbd9: NBD_DISCONNECT [ 849.790075][T17618] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.2201: iget: checksum invalid [ 849.845747][T17618] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 849.895409][T17622] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 849.967026][T17618] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.2201: iget: checksum invalid [ 849.981662][T17618] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 849.995605][T17618] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.2201: iget: checksum invalid [ 850.148541][T17618] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 850.173455][T17618] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.2201: iget: checksum invalid [ 850.197340][T17618] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 850.273494][T17618] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 850.307322][T17618] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 851.070380][T14681] Bluetooth: hci3: command 0x0c1a tx timeout [ 851.076431][T17593] Bluetooth: hci4: command 0x0c1a tx timeout [ 851.082518][T17400] Bluetooth: hci1: command 0x0406 tx timeout [ 851.088514][T17400] Bluetooth: hci2: command 0x0406 tx timeout [ 851.094678][T14677] Bluetooth: hci0: command 0x0406 tx timeout [ 851.100743][T17554] Bluetooth: hci5: command 0x0c1a tx timeout [ 851.142440][T17554] Bluetooth: hci6: command 0x0c1a tx timeout [ 853.763848][T17668] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2210'. [ 854.269003][T17674] usb usb24: check_ctrlrecip: process 17674 (syz.5.2212) requesting ep 01 but needs 81 [ 854.338989][T17674] usb usb24: usbfs: process 17674 (syz.5.2212) did not claim interface 0 before use [ 855.760564][T17698] ptrace attach of ""[17702] was attempted by "./syz-executor exec"[17698] [ 857.035095][T17554] Bluetooth: hci3: unexpected event 0x20 length: 123 > 7 [ 857.390713][T17729] ptrace attach of ""[17731] was attempted by "./syz-executor exec"[17729] [ 858.580821][ T31] INFO: task syz-executor:13311 blocked for more than 143 seconds. [ 858.593120][ T31] Not tainted syzkaller #0 [ 858.598443][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 858.628388][ T31] task:syz-executor state:D stack:23656 pid:13311 tgid:13311 ppid:1 task_flags:0x400140 flags:0x00004004 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 858.714145][ T31] Call Trace: [ 858.717449][ T31] [ 858.743089][ T31] __schedule+0x1190/0x5de0 [ 858.757880][ T31] ? __pfx___schedule+0x10/0x10 [ 858.796137][ T31] ? find_held_lock+0x2b/0x80 [ 858.826663][ T31] ? schedule+0x2d7/0x3a0 [ 858.855211][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 858.896558][ T31] schedule+0xe7/0x3a0 [ 858.939038][ T31] schedule_preempt_disabled+0x13/0x30 [ 858.950432][ T31] __mutex_lock+0x81b/0x1060 [ 858.955076][ T31] ? __lock_acquire+0x62e/0x1ce0 [ 858.960204][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 858.965648][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 858.975755][ T31] ? net_generic+0xea/0x2a0 [ 858.980435][ T31] ? nfsd_shutdown_threads+0x5b/0xf0 [ 858.985831][ T31] nfsd_shutdown_threads+0x5b/0xf0 [ 858.991905][ T31] nfsd_umount+0x48/0xe0 [ 859.000947][ T31] deactivate_locked_super+0xbe/0x1a0 [ 859.006887][ T31] deactivate_super+0xde/0x100 [ 859.016860][ T31] cleanup_mnt+0x225/0x450 [ 859.038156][ T31] task_work_run+0x14d/0x240 [ 859.043146][ T31] ? __pfx_task_work_run+0x10/0x10 [ 859.048467][ T31] ? __pfx___x64_sys_umount+0x10/0x10 [ 859.061010][ T31] exit_to_user_mode_loop+0xeb/0x110 [ 859.066464][ T31] do_syscall_64+0x41c/0x4c0 [ 859.196380][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 859.216349][ T31] RIP: 0033:0x7f99c65901f7 [ 859.250240][ T31] RSP: 002b:00007ffd2651a358 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 859.375923][ T31] RAX: 0000000000000000 RBX: 00007f99c6611d7d RCX: 00007f99c65901f7 [ 859.400257][ T31] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd2651a410 [ 859.409957][ T31] RBP: 00007ffd2651a410 R08: 0000000000000000 R09: 0000000000000000 [ 859.420496][ T31] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd2651b4a0 [ 859.429177][ T31] R13: 00007f99c6611d7d R14: 00000000000ac1d9 R15: 00007ffd2651b4e0 [ 859.437825][ T31] [ 859.450281][ T31] [ 859.450281][ T31] Showing all locks held in the system: [ 859.480244][ T31] 1 lock held by khungtaskd/31: [ 859.485136][ T31] #0: ffffffff8e5c1420 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 859.540413][ T31] 3 locks held by sshd-session/5850: [ 859.610377][ T31] #0: ffff8880b843a458 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 859.634921][ T31] #1: ffff8880b8424088 (psi_seq){-.-.}-{0:0}, at: __schedule+0x1861/0x5de0 [ 859.645804][ T31] #2: ffff88802d086c38 (&sig->wait_chldexit){....}-{3:3}, at: __wake_up_sync_key+0x1c/0x50 [ 859.656518][ T31] 2 locks held by syz-executor/5862: [ 859.662117][ T31] #0: ffff88804357e0e0 (&type->s_umount_key#50){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 859.673306][ T31] #1: ffffffff8e9d9f48 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 859.683278][ T31] 2 locks held by kworker/u9:2/5865: [ 859.688570][ T31] #0: ffff88802632f948 ((wq_completion)nbd0-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 859.704838][ T31] #1: ffffc9000411fd10 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 859.717196][ T31] 2 locks held by kworker/u9:5/5876: [ 859.730427][ T31] #0: ffff888026415148 ((wq_completion)nbd1-recv){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 859.742813][ T31] #1: ffffc900041cfd10 ((work_completion)(&args->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 859.767602][ T31] 2 locks held by syz-executor/13311: [ 859.773369][ T31] #0: ffff888077d600e0 (&type->s_umount_key#50){++++}-{4:4}, at: deactivate_super+0xd6/0x100 [ 859.813910][ T31] #1: ffffffff8e9d9f48 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_shutdown_threads+0x5b/0xf0 [ 859.840201][ T31] 2 locks held by syz.1.1616/14428: [ 859.851103][ T31] #0: ffffffff9042c250 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 859.859301][ T31] #1: ffffffff8e9d9f48 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_threads_set_doit+0x687/0xbc0 [ 859.897193][ T31] 4 locks held by kworker/u10:1/14678: [ 859.910168][ T31] #0: ffff88801c6fe948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 859.930320][ T31] #1: ffffc9000462fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 859.950367][ T31] #2: ffffffff90372a90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 859.970177][ T31] #3: ffffffff90388d88 (rtnl_mutex){+.+.}-{4:4}, at: wg_netns_pre_exit+0x1b/0x230 [ 859.979568][ T31] 2 locks held by getty/16465: [ 859.990176][ T31] #0: ffff88814e8780a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 859.999989][ T31] #1: ffffc900032002f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 860.010389][ T31] 2 locks held by syz.5.2212/17687: [ 860.015604][ T31] 1 lock held by syz.5.2223/17755: [ 860.020886][ T31] 2 locks held by syz.7.2224/17756: [ 860.027649][ T31] #0: ffffffff90388d88 (rtnl_mutex){+.+.}-{4:4}, at: ppp_release+0x167/0x230 [ 860.044812][ T31] #1: ffffffff8e5cc9b8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 860.056900][ T31] [ 860.059289][ T31] ============================================= [ 860.059289][ T31] [ 860.083570][ T31] NMI backtrace for cpu 0 [ 860.083592][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 860.083621][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 860.083635][ T31] Call Trace: [ 860.083644][ T31] [ 860.083655][ T31] dump_stack_lvl+0x116/0x1f0 [ 860.083695][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 860.083722][ T31] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 860.083756][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 860.083791][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 860.083825][ T31] watchdog+0xf0e/0x1260 [ 860.083866][ T31] ? __pfx_watchdog+0x10/0x10 [ 860.083898][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 860.083936][ T31] ? __kthread_parkme+0x19e/0x250 [ 860.083967][ T31] ? __pfx_watchdog+0x10/0x10 [ 860.084000][ T31] kthread+0x3c5/0x780 [ 860.084035][ T31] ? __pfx_kthread+0x10/0x10 [ 860.084071][ T31] ? rcu_is_watching+0x12/0xc0 [ 860.084097][ T31] ? __pfx_kthread+0x10/0x10 [ 860.084132][ T31] ret_from_fork+0x56d/0x730 [ 860.084164][ T31] ? __pfx_kthread+0x10/0x10 [ 860.084196][ T31] ret_from_fork_asm+0x1a/0x30 [ 860.084241][ T31] [ 860.084250][ T31] Sending NMI from CPU 0 to CPUs 1: [ 860.208181][ C1] NMI backtrace for cpu 1 [ 860.208200][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) [ 860.208229][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 860.208244][ C1] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 860.208285][ C1] Code: fd 63 02 e9 13 0a 03 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 53 35 18 00 fb f4 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 860.208310][ C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c6 [ 860.208330][ C1] RAX: 00000000006d6101 RBX: 0000000000000001 RCX: ffffffff8b91db29 [ 860.208347][ C1] RDX: 0000000000000000 RSI: ffffffff8de4f73a RDI: ffffffff8c163800 [ 860.208364][ C1] RBP: ffffed1003cddb40 R08: 0000000000000001 R09: ffffed10170a6655 [ 860.208380][ C1] R10: ffff8880b85332ab R11: 0000000000000000 R12: 0000000000000001 [ 860.208396][ C1] R13: ffff88801e6eda00 R14: ffffffff90abad90 R15: 0000000000000000 [ 860.208413][ C1] FS: 0000000000000000(0000) GS:ffff8881247b9000(0000) knlGS:0000000000000000 [ 860.208437][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 860.208454][ C1] CR2: 0000001b2dde9ff8 CR3: 0000000025528000 CR4: 00000000003526f0 [ 860.208470][ C1] Call Trace: [ 860.208480][ C1] [ 860.208488][ C1] default_idle+0x13/0x20 [ 860.208512][ C1] default_idle_call+0x6d/0xb0 [ 860.208537][ C1] do_idle+0x391/0x510 [ 860.208563][ C1] ? __pfx_do_idle+0x10/0x10 [ 860.208588][ C1] ? trace_sched_exit_tp+0x2f/0x120 [ 860.208630][ C1] cpu_startup_entry+0x4f/0x60 [ 860.208655][ C1] start_secondary+0x21d/0x2b0 [ 860.208691][ C1] ? __pfx_start_secondary+0x10/0x10 [ 860.208737][ C1] common_startup_64+0x13e/0x148 [ 860.208773][ C1] [ 860.387202][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 860.394097][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 860.403242][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 860.413317][ T31] Call Trace: [ 860.416695][ T31] [ 860.419712][ T31] dump_stack_lvl+0x3d/0x1f0 [ 860.424327][ T31] vpanic+0x6e8/0x7a0 [ 860.428324][ T31] ? __pfx_vpanic+0x10/0x10 [ 860.432841][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 860.438849][ T31] panic+0xca/0xd0 [ 860.442585][ T31] ? __pfx_panic+0x10/0x10 [ 860.447016][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 860.452398][ T31] ? nmi_trigger_cpumask_backtrace+0x1b1/0x300 [ 860.458590][ T31] ? watchdog+0xd78/0x1260 [ 860.463010][ T31] ? watchdog+0xd6b/0x1260 [ 860.467433][ T31] watchdog+0xd89/0x1260 [ 860.471693][ T31] ? __pfx_watchdog+0x10/0x10 [ 860.476367][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 860.481615][ T31] ? __kthread_parkme+0x19e/0x250 [ 860.486640][ T31] ? __pfx_watchdog+0x10/0x10 [ 860.491316][ T31] kthread+0x3c5/0x780 [ 860.495386][ T31] ? __pfx_kthread+0x10/0x10 [ 860.499995][ T31] ? rcu_is_watching+0x12/0xc0 [ 860.504753][ T31] ? __pfx_kthread+0x10/0x10 [ 860.509346][ T31] ret_from_fork+0x56d/0x730 [ 860.513938][ T31] ? __pfx_kthread+0x10/0x10 [ 860.518529][ T31] ret_from_fork_asm+0x1a/0x30 [ 860.523302][ T31] [ 860.526596][ T31] Kernel Offset: disabled [ 860.530927][ T31] Rebooting in 86400 seconds..