last executing test programs: 6.268197459s ago: executing program 1 (id=284): r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @loopback}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioperm$auto(0x3, 0x8001, 0x2000000000000149) kexec_load$auto(0x6, 0x0, 0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) shmctl$auto(0xa0000000, 0x6, &(0x7f00000002c0)={{0x3, 0x0, 0x0, 0x0, 0x7, 0xd, 0xff}, 0x2, 0xffffffff80000001, 0x3ff, 0x800, @raw=0x61a, @inferred=0xffffffffffffffff, 0x7, 0x0, 0x0, &(0x7f00000001c0)}) sendmsg$auto_IPVS_CMD_GET_DAEMON(r0, 0x0, 0x20000000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/ram5/queue/discard_granularity\x00', 0x0, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, r1, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xc0c00, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)={0x28, r4, 0x301, 0x70b52c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x17}, @CTRL_ATTR_FAMILY_NAME={0x9, 0x2, '\xd7.&\'\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), r3) openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/buffer_percent\x00', 0xbc102, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x8000, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4810}, 0x800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r5, 0x0, 0x7ef) 6.105205299s ago: executing program 3 (id=286): r0 = socket(0x21, 0x2, 0x2) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/reboot/cpu\x00', 0x4, 0x0) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x20282, 0x0) ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x9, 0x80}, "6a034a07c7b8edb8fc3b39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x6}) ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0) ioctl$auto_UI_SET_SNDBIT(r2, 0x4004556a, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000003f00)=""/46, 0x2e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) swapon$auto(0x0, 0x8) sendfile$auto(r1, r1, &(0x7f0000000180), 0x6) setsockopt$auto_SO_PRIORITY(r1, 0x1, 0xc, &(0x7f0000000140)='+/$:/\x00', 0x1) shutdown$auto(0x200000003, 0x2) getsockopt$auto_SO_KEEPALIVE(r0, 0xfff, 0x9, &(0x7f0000000040)='!\x00', &(0x7f0000000080)) setsockopt$auto(0x3, 0x1000000110, 0x2, 0xffffffffffffffff, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r3 = socket(0xa, 0x3, 0xff) connect$auto(r3, &(0x7f00000018c0)=@generic={0xa}, 0x55) pwritev$auto(r3, &(0x7f00000000c0)={&(0x7f0000000000)="8963f725", 0xa4e3}, 0xff, 0x8000, 0x3) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/ip6_flowlabel\x00', 0x42000, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r6, 0x1002, 0x0, 0x0, 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000002100)=""/15, 0xf) 5.125495677s ago: executing program 1 (id=290): openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x101b00, 0x0) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x40001, 0x0) set_mempolicy$auto(0x7, &(0x7f0000000000)=0x7e, 0x4) bind$auto(0x3, &(0x7f0000000080)=@tipc=@name={0x1e, 0x2, 0x2, {{0x41, 0x3}}}, 0x6a) ioctl$auto_FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000080)) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) 5.076378149s ago: executing program 3 (id=291): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xca481, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7c9, 0x25, 0x4909b6f5, 0x1ffde, 0x7, 0x3, 0x20000009, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0xffffff28, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffd, 0x0, 0xffff, 0x10, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffffffe]}, 0x1fe, 0x9) r0 = open(&(0x7f0000000140)='./file0\x00', 0x220c0, 0x4) read$auto_proc_pid_numa_maps_operations_internal(r0, &(0x7f0000000080)=""/68, 0x44) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r0, 0x80083314, &(0x7f0000000040)=0xce) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x20040001) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x102, 0x0) ioctl$auto(r2, 0x900064b7, r2) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x1892, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0xb, 0xa505}, 0x800}, 0x7, 0x4008) 4.951235708s ago: executing program 1 (id=292): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0xd, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29b, 0x3, 0x7f, 0x104, 0x6, 0x3}, {0xfc, 0x1, 0x2052, 0x85, 0x2, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r0, 0x0, 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) ioperm$auto(0x7, 0x800, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = socket(0x2, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x0, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa, 0xd, 0x1, 0x948d, 0x6, 0x15f4da0a, 0x3, 0x3, 0x33c, 0x8000001d, 0x20000007, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) ioctl$auto(r1, 0x400454cb, 0x5) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0) unshare$auto(0x40000080) mmap$auto(0x7, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x200007, 0x19) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) socket(0x5, 0x5, 0xfe) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x3, @local}, 0x6a) mmap$auto(0x0, 0x400008, 0x49bc, 0x13, 0x2, 0x8000) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) fcntl$auto(0x3, 0x4, 0xa553) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x52) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) madvise$auto(0x0, 0x2003f0, 0x18) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 4.896110395s ago: executing program 0 (id=293): syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x61, 0x100001000000004, 0xfa31, 0x400, 0x8000) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x8000) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, r0, 0x7, 0x5) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0x15, 0x5, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/tty53\x00', 0x200, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0xfffffffffffffffd) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x0, 0x7, 0x25, 0x4909b6f5, 0x1ffde, 0x2007, 0x3, 0x9, 0x9, 0x3, 0x4, 0x1, 0xb4, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0xa, 0x22000, 0x200, 0x7ff, 0x84, 0x1, 0x0, 0x0, 0x0, 0x0, [0x90, 0x6, 0x0, 0x0, 0x8000000000000000, 0x0, 0x2, 0x2, 0x9, 0x0, 0x0, 0x100, 0x5, 0x0, 0x0, 0x0, 0x4000000000000, 0x0, 0x2, 0x20000000000, 0x0, 0x0, 0x0, 0x0, 0x800000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000, 0x0, 0xb, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200]}, 0x1fe, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8800) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(r1, 0x0, 0x1f40) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xc02, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace\x00', 0x2, 0x0) socket(0x2b, 0x1, 0x1) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000080)={0x6, 0x0}) close_range$auto(0x2, 0x8, 0x0) 4.40507048s ago: executing program 2 (id=295): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r1 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ustat$auto(0x801, 0x0) keyctl$auto(0xa, 0xfffffffffffffffd, 0x2, 0x628, 0xfffffffffffffffd) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="140000007ea4b46f01ec4bc7334208de26cbe38cb6db4940875c63f639625f09c4d820e7b46a995c8c341b9f31acbbdaf42a3923faf3bd5fb7d0fbd040e5ab4caed4106b99fdc9e96e145727b677bf982cd86575257bc5", @ANYRES16=r1], 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) connect$auto(0x3, 0x0, 0x55) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0) read$auto(0x3, 0x0, 0x80) sendmsg$auto_NL80211_CMD_DISASSOCIATE(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)={0xf8, r1, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_CIPHER_SUITE_GROUP={0x8, 0x4a, 0x8}, @NL80211_ATTR_KEY_DATA={0xc, 0x7, "b26112291adb5a00"}, @NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x100}, @NL80211_ATTR_VHT_CAPABILITY={0x9d, 0x9d, "2f2caad3199449792bd88cf37163618858a09c672ca95935dbd8f1ef9a958455e7b870eacd85692ccf6b559618771402e2216443acfae0fda8cb5668ee3114d45cb7b71016d71168f80be11ec57727105435b27a19cd83bdd563d05787b2ca962a9bd445281b68d9d69bc59e2877806f1a28556458bcf6e46985867b0def03944c1ae39b9f41ddd6d59028991667a9c4ec2a630bc573b02a7a"}, @NL80211_ATTR_COLOR_CHANGE_COLOR={0x5, 0x130, 0x68}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6, 0x12, 0xabf4}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0xffffd131}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5}, @NL80211_ATTR_STA_SUPPORT_P2P_PS={0x5, 0xe4, 0x64}]}, 0xf8}, 0x1, 0x0, 0x0, 0x4010}, 0x804) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000001f00)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000001ec0)={&(0x7f0000000900)={0x15a8, 0x0, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@OVS_PACKET_ATTR_PACKET={0x12, 0x1, "29f4f1ef08c456ee43133aa75259"}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "8f341a86367eda0b383b7d108177"}, @OVS_PACKET_ATTR_KEY={0x1526, 0x2, 0x0, 0x1, [@nested={0xc8, 0xa1, 0x0, 0x1, [@generic="b45f95c0c39d3e7257ee90dbae034c26563351bdcb091a6bc430c969435c8a8c4d9b8516bc7317d567850cf9de4ddbf853cd92427accfd6112d9a4d074e2f8ae45fa46f9c158702d5334a93e5e0f0956a9d281922f2bc1714cd2ecb069c1093855d1c0d686e89920633146d8d90e0cb27e9cce2480c4d92a997046fb4426591adaf9a9a29f7bb9d9", @nested={0x4, 0xbd}, @typed={0x8, 0x9, 0x0, 0x0, @ipv4=@local}, @typed={0x28, 0x4e, 0x0, 0x0, @binary="45e22cfb1465443068525ab95f196160b91f01c62fc62f130b018770df001da18b857c31"}, @typed={0x8, 0xeb, 0x0, 0x0, @uid}]}, @nested={0x6a, 0x150, 0x0, 0x1, [@typed={0x8, 0x72, 0x0, 0x0, @uid}, @generic="69b7da832fa8b68fe4dd80516639443e70389525ce53c1877b9dc86e8ca67cd9dde5dcd37c68e6a233cb5801f5ef98911ef268c0bdfb4b4472472ec7abbd978657eb342e610c9c64cf23041415fdb07e44eb598140cadda882b4fa58e0a1", @generic]}, @typed={0x4, 0x12d}, @nested={0x69, 0xa6, 0x0, 0x1, [@nested={0x4, 0x6f}, @generic="861c1e4a1c22b95511ef03f63255fa619d681d9d49fab2374e413bf8953fbbeffe5932b5bb449c019ecfa55a2780cbef420128f2f61dcb8eac895ddf95211de468dacb30c86e4f6db65a3a0a59", @nested={0x4, 0x2d}, @nested={0x4, 0x10e}, @typed={0xc, 0x114, 0x0, 0x0, @u64=0x1}]}, @nested={0x11aa, 0x8, 0x0, 0x1, [@nested={0x4, 0x22}, @generic="662b49f950dad974da8624e19c7d599a81009722f74a3715984086abd2c3425b7d28d06dd8b5e91428c9eb14e46c156c", @generic="0e1b2d9f0fe691bfb14570d8509b2191d5a4", @nested={0x4, 0x64}, @generic="2ba1280e90b99d7de0349cc0473e41b960804d4e7904a3fcad761d4a74a420784c3b82f0feafcbc2ed73111be40aa0e554e847be1db6f2db661bd9297db2cdcc46dd58b8c2aca3e990dbac19a4142f088e607439fe561d7de99b7128e5a6a5fa9dda1e49de13a4e04a81c7c4938578cd9e0121071d78478377b3374aff0aa3a4b849f4da3339a044a215de1f2b9e3646976ea5648ef566aa1e0660f67e7e2ad44482e219555985b22db3eb8ddb1b5ae5c4b7db1082319a14f4baa7301c79086e3d3e93efc5b5b6311f87d755e020107e4930e9c66930fb86c5222c146f41cc6d59d64a51884970a4e688635da63798273f636c85e57993153a7540294d58a1015bd614153f17198e76d39165ba5085b3e6a77a05f46d8d19e5c6d6d08ca04036a9f9126b41e2c460f7f8bb9091a36ccc36e3c1dadb32dd2dcf89d8e03fe81fb6e204678ca9773833a643c35bde770bad6df4fadca3fe526d27dde058c3f599bd0d1f0cb6b1b8c61520032ebafee151e95821cf937bf25452bca36fe9d9e5b6c654ba1f6c2440319c9467b62d7d54050541206792232decd892e350d7b56b5a2645f1a05a1fd2916849edabba1dfe4a191645aad50f7325145fb710ca22fd393f4e9e820bd8f18108cb4ef4b289bcd19c2177a17ee8ef83a0fe69880751acb2627c3d5a44441f9b67be785b7dcabac3065ec53f26ca57ac778d1bb08462a34d9785df93fd5fa3f59a741065d45ab384eafbabb0ee89199d3d6f1250eb003b501cd6def2b21b8dad13c4b889192b0ac810a381affb806aabb075db65d0fc78907eda521161e9c1c49dde14f9b130da0ab08c860be98069994a3d90604b7205b8364e95038b96407b32a2c49d289704aefa3e5a6d86bb54b5738c3e4ea25f1f5a9e24da11cd4347b542c6cdbf53f479ca0aaf9c793d22161c98b76e9033e04a204be39ad8293ec7177cb33efdf4ece574e887b92b9fb13d507b03ba169161c3f9e7f3358f88e8b4536f96267ba4509bcad74070a6a0842074f9bb0298f3bd2d6089e61652d4b7893325b5dd88b3a688f24ad021a2e83aabcaba6d1e6fd9fcf48f078941de947f500ad92a78a88ca0bc89124f60f0162ffab7e9541c40824e6222c1288e9b75a4404abcc54768310c10ba9a4dc0a45be316137236f0ccf95bf87721e7edd33745f00e9239d9390b07959fd0e246d7f6db7cd6fe121f3d4709d2db6686a09b4a0099f8101dcff61a9cf7b99fdec99bf7f8235a61f978952ac8d73a57f450c6ae687fb4ac6c47cedf46cbeb9081e6b4ec00217584cc9faefe3c132fad0f162823b45b4ac3db7ac96eabebf78e40dd767c2891353f599397c0e985a281089370dc577853707e32751573b2ac5108c3c90a7b3d071013050f548906611f9260dccae1b6bc096071301647c332a2a94da87602a461c60906b43e1e00af383b717cc1bbcc1314a819d98dd8460da54d3416ee08a46469903b43ca8adafcd7b1d16cc907b002823848cfca3e1fff4339ca0d846528e049264d4fbadebe7237d8a704e87b7e7ed2eb926e96b41efed6e726139e8ff1679badea5d9baf552c25af76443799d1164b0f78f497fb8dbcd712378f25639ed767236ebbf656ec13907dd07cb685a5371e1a8392c03491e7ded9a34c461813302988d118cb58d64ac5e392489eaec4be5398c650dfd847c3bb341affa88d4ea588543bc63b736322462344690cbca3c3d704f7bb2ec49880e0dc761a2b300dece0aeccd4d434cd50d12c1a900c523080cdded25903ce541111bb0c9efee1fe4e7477f0a41160680f153c8277e63d1a20140506faa02393e936f167102eff0b4717cebeab3a51d12e00dbdcbcffa35b13fb8f0cdf936555b23c485772f0e97ca9be85d13c8df89fa8e5598b9ec40d994d9626ae01f543d10843587b903e944538ebf15b6b6b8a43268817c6ba93ee9acb91145577fe5839677b869f8c733150bb6b6850fa42fa1d4fe565adad3465ae5b9daf8c9fc70710876150212b5fcc99186e0fe67ceeb8acb3ceccaddb913727a66a02c2dd1f60f7a62c0cba88231b84c3d172d60d5ab1b4ad4a5cd0650041855ec3574a5562332c02010fbf3b61301705bd5099228405fff07530a32483abe4b958287dac1ba01f5ed2b7e107912dc7b44c6d8cd09617fe022027e32f525a2bc129ee415f50fd57f64ff3b3fe9f77735a7aa89cc7e426c515f1ca624368a6537cc54944d31eedfd2337c3a4e7383caa6c27019f61699ac774459d242154a6a5850930b6e783502b4152330201a1696e5f579cdbed20f5f20944b4d53d4c0aa759e105cae844b298e974bc2db5c33753035bcd572001d95410194df268942334d3f3b3371a3961fa6088af7331125c46f781eafe467d857a486009550aa7dd4a6b04007e7d300cb7829bf4df4b6b839ec35354605d8d758d1c56a250f222f532d0d24a676e09e86e8bbf81ecf5c99f19ed81311240ab4f47bc80d18c75c00768351f40e35a5716edddc9187dea3d97db0d422a404904f2eae44165ff7fb556ec1b4d12bd6ca8dddab9363b278bbca1ffb31565b47dd2b4209e1a935dc0bb433b4b5e7264cb8c7da7a5f167e48d747592332a921e1808ec3ecf4f5154b03a68bd784af95aa32fbeacd92f513b230252f41afdfad5c847ec5f417ed5aae83fbc8983645d967b10b3de28faabc4033c5851bf289fb0053916e099c450792c581e4b4e9368aceb86568c915970c0e25210cdf359c4efc413d80adfba134e383eaca9dc1e30ecf48a4e8ebda1db9a939eec16365d5f6ce90874333f9a62af7339054e30d7a9cb5fb6c6dc09a2f62fc42372b09d382345a969263753f16d2f205b77fab69c0dd1da48bcd6a80da1fdeb425920d64506bcd11303cabcaa77f40e21653d4510040860a9fc9916f1fced239a3a1abd8e2420171d5c8b251606a028cd42ffc20b60ba17b0ffb721aed9cfbef1d249f99bf794e9d18b6d1cd6958c6738592feb5ba83f39b9274a10863059e6de011d09e5d6c9f1ba2dc0cc0012808e7d2e141d093f5925c59fe3af3431d34a60b216042b01257ba1d5c8cff35cef2ca98fd417086c73cff23739185d6838b169028b724f33c916854ecad12e7d921488f896d6230fac73153e195d12bc15efa1ad0b0078f91d0ce97c57d3717618e69e4646f73c2848b09ca05da7fcc71772ab8d09aafd2fcacc380bd7f556955fc3e85846a350703e7e0b6387c003649e417ca26f7ca19b544e60c20437b162aca4c98cc524d7c483eddeca8666b18ac25f91bf29909a706295d53619efb941ee1018cd0aec07f59329008be84ba602fc69c7e73081f41ea06666f7bc37f23a4f90c6590868397f51ebffbe693734537fcafe146771159cf1442ba30c8c7586b00e3ccb1c6b1ca24272cf95e7f708279e3d2f7ce12a83bebd2cd9e53dfd4392f28f8e9cfd747790ccb1f8487bba37d7ea63a13cc3ffaa26857bbb3006896ab219721a267ad56caad7f8d53227f9226aa095667d1294d1f8d7f360757f9832bda554ab2b30705e0f742dc0c8a5527e357a553ef0056f97ed2d81c77d3a22f875f46f91f6dc9c12aa1a5123c49d30661677b1d3b54ca06840355156154342d3519cddee257e8dac8d8fdf9dee7fa6124bf64b91e0c3228443ad8c62110a20c860fdfc65e0f0013a65cf195cb240bce6e8061283c86a43104d9efc5037dfd9b8d52358e1c29dcc8fc5f8e9233da0cad9f02591eae7304e6ef65064efca7a13ae2962a02f3c5977751efc9b40c4bafd8863aa4b485789aa8f3cba60cf5abbfefea8506c802f3fed8a3dd56d2c9006ecd71350e362d795996b0b799d3d6665524fc33f22bcd0271ea7e95f3fa306418dbac398f87437305fab359b922695fe280ca3f81dc37b9b1bd32a1d9d934325b4c906080606c22f5c72838b1603889799af6e6224e413080ddc0bbc20b90195978a31265e721c692cd0dbc1a09fed96ccadf82b00a96a8b6fb014b44a90707355fee9413d8af926f786c99a795cf5c1f11c2b329591d8d8ff4accf44a2dbfb907e8dfd3a8896e8aed300532072433a8965145abee6bc96cbbb34ecba960d7f7e23d57179ffa503e3f68e31458ab2774512c8595ee1db00b0712f2e42e2f76302b9d7088f46059ccf3e7d8b4d2d259b4733f7773c2185344919f2265baecb7a66101fb121753b0b0330b2ba43b65e8c7f92626a4173d6b3fcf19bdf7795ca69d9aa6cf8d3e3623423dbb992d8be2af92b6136ad1d5c391a24c02eea76a280d8d0650abe1279aa5a51ed99056f783d1416946bc9596a30436a6ec3e35845f7f43cf7099d10360a712b23462867850c08aff49a4a34084edf2d5d6a7d496d2c7e7b8364d8e927dbbfe5d68880814c01008a513a43ded68ba6a8506fbf75a41014740269780718597476fec784ebbc767e1b27cdd4f659f650b9c984b5655ccc2640eadc9f67fa3b769d4fbe89f22bfa319cb34da3506c579ddeaccf8c3b1472bcd879d23d026cfe1d3904bc07f46403a96f98c9a6deed4505a0759b7f1108412159a5c4589f68b829654de3e1fb6f2cb905f372453f3d9f17d3ff80414c77806b2a1ea4cb88efe6db9aec56922e743d7ba4cc30870bd7a909bb85bb8346e509dad1b1abdb51a2c4d3c3289bd4e77c5e30b8bafa0186256d9922f5baefe83888abd197c97a0f86d399ea2b265dc72eac4d19393b0bc8ed487c6ba9c94a12a7e914d44c3e19d1878b44d9d0b7239fa2cd1f0f45c2e6b510d18d6d28786259b57e5c4d2ab1baa44af9817dc099211fbe3d99bf7ae89bb65848da4237aa99807bc5cfe6ce3a33bc2820891db7859ebf643628e1107d9c99fea2f261ae9b0332f9333f918b47517c0ffec7063b467711fa6091ceab2cfb862fea7e11d5c3f0aac06fa417fd86043f65c5f3e8a0c8cbe16442da967df0733f5c0f73e4aa2a9e87f8de9aeceb74fc34e431730e6230c5dbfefed58df267f3bd63f0a75cba1a998515d740358bd4cfdd11647848290108a06c80410ec928d80ce6e70dedc54ef773a2e6b440c87c1b76b12070c9e5a00ea646b5083e43f20afdd63ad08b75faadf3918885e776220eef2b217c48253ca1f83d9114861af95b761a91a014f8cb3dc6108b9d8409f3e5605f7b236b062de7da86d984e0b8f41b24d49e53f031b3e16717a26a80b91808c1b0d9640d8850122e9c7475c481187e3c0af74de68834defbebd2b1bc55f956b465be88c8ea2f1c4f33f9cd80dbcf162807b6a71775facc1b221ee4a438132413df94616ce96aafbd113e7acbd5d28c5e25c68fbd6d563e28bd8a83c5730d687d7ac2acc3a3241cca823a7b5e2a8ec5589c82002fddee6bda4ebbd74f502f7a60ab7129ac08c20efd98cf46d8ff22a3ad122714fdd3982210f19dd9f6c321c840c5004c4bc1a74a56a06beca7c30dbb4915d8f4704a36ec7626a1ef16e30f8afad4b1c5ccd2182912210d3d42280d3de69834dcf203a87387020872d621f65afe3aee54c8a0cda2aa244134587e0b8a0adde8ae2925e616105322ab2caa32f392086e788f269f8b000364bb93bbc4e0f61a3d450dd6d262ba17a158c1f2aae9f5c75fc12eadabd471b8fae1f78f3cbe7785f32ba1414c78d1cd8046f84296636111992477a0971a7a48bbce6f9cc3c98c5cb9e6991772eb2b82e1254906098ea48eaed447430c15925ed67ba4330f9767106d344b5ea657160db1dbf6957c0ac55753984b6644f0664ae07a826c5ba59a5b1982ff7ff96cdf5d3cd7346f03620973160fb5b69f898653cc2457f74", @typed={0x8, 0xc3, 0x0, 0x0, @fd}, @generic="1a28dfefd800b92cc84456eca863075ab2c4ea9a8c37f96360b6df7570ad7bba614310f1ae48f3e1c60d64dc0fd580c73f488b15f8c30c2a85523ffe2d9c854f6fd3861ea95463a17e6860875e4bccf1bd5ec221e984350daca2cfa4fc32234e4f356b75e10a5fb444113a2ac69de8c89302c063ff0c332359553981e70bfe726517d3b3b0bda3ecfce6e733c9dc962620319c802c67e90775144f5ac9a706b03cc7bef5331ea7afc44552", @generic="daba59b27eafdb90ed142223a34d6060c77339fedca7867578f3aff2f773c119e3db8ca0fb02a0810fd32ee1b1ea2ad66ba24d6c914cd5c8e19c8c16814751d1254ece3e5167b21a5b2e184e077ba4cebcfcd9b13298ad52bbed3b31e77ab1c39ac5836ad9", @nested={0x4, 0x59}, @typed={0x3d, 0x1f, 0x0, 0x0, @binary="0a49b3500a2937ee39fed6c44e11a060f7f6c30cf0864fc293a0cfe267d0ffcf2dbb0a94acc988e4ea8a5ed2ee3cca9788c77e7f1ed9a9a1f5"}]}, @nested={0xc, 0x58, 0x0, 0x1, [@nested={0x4, 0x49}, @nested={0x4, 0xb4}]}, @generic="ff9c14ada1b32d6f36594cc6128c2b9d8c49b695ad7de4d3a16579053563274ee44484ef0e426a6c613ce25074a8f6f18c2cffb82e80bd212f1c2623a1082b66ae75d1a34027a88ff2b17b6fd0e2df9eb0e75b143a4cf51cdf8356a0c9a2c553a67b684b17810bf696f9f6d9dc6bfc0acc4a3681e0251f486c71ba3b870b6223e405bf9909bde7d36d9b7fab0e2086703fbc19334d3e21c58a2d6559df96d319b2bd4a731ab2df7e9f44a78385c4e973b601bedd05c85528021e748373d61eb0ac88a55154b9be79eb7af473497479a6fe8a8333fe136a4eaaeef6f660cd1d6a2782", @typed={0x4, 0x128}, @generic="afe413382ad855c0b84bc244784109e07ab3e3d1cb8b62a43a400f9c22641c743a4b188bbdee447becb3fbd816a8520b3f06bd259b86b1d732cb4a1668d23f44addf4e6b9b979585e321b72914c84b314021213b4f497cf642ac4eba74430957fb5b3faf55676bb6c912678c7d81356be97548466c5d16ddf1201d4d811887df400129b5a1a69e21bdb3f33124f1da92a4cf23fc5fcf5dabaeb08345cd33d307998e59e313725a0118f931589ff5c0ee3924650c3d3888c147be438928ecc087432b53682543109c4630c487", @typed={0x14, 0x2a, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, @OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_MRU={0x6, 0x9, 0xffc0}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "8d3c27fe916bd052cac85b389525"}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "b7376850de9b9b91fef5b39921cf"}, @OVS_PACKET_ATTR_HASH={0xc, 0xb, 0xb}, @OVS_PACKET_ATTR_PROBE={0x4}]}, 0x15a8}, 0x1, 0x0, 0x0, 0x40}, 0x48040) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x401, 0x8000) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) statfs$auto(&(0x7f0000000180)='}[,&*}\x00', 0x0) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) ioctl$auto_SNAPSHOT_SET_SWAP_AREA(r3, 0x400c330d, 0x0) 4.401032508s ago: executing program 3 (id=296): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) ioctl$auto(0xffffffffffffffff, 0x80004d00, 0xffffffffffffffff) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) madvise$auto(0x0, 0x200007, 0x8) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x169500, 0x0) shmctl$auto_SHM_LOCK(0x6, 0xb, &(0x7f0000000300)={{0x9, 0x0, 0xffffffffffffffff, 0xffffffbf, 0xfffffc01, 0x2, 0x7f}, 0x5, 0x5, 0x8000, 0x101, @inferred, @inferred=0xffffffffffffffff, 0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000240)="33dd20c44dfd0534435ebeaa343f2e479d893b7c4adc1a2577c17ddb10a931616fb75cc0461bfd8c"}) r2 = socket(0x2b, 0x1, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto(r2, 0x89a0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) 3.811210803s ago: executing program 1 (id=297): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/netdevsim/link_device\x00', 0xc0481, 0x0) write$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffffff, &(0x7f0000000000), 0x0) get_mempolicy$auto(0x0, &(0x7f00000004c0)=0xc, 0x202, 0x5, 0xd) syz_clone3(&(0x7f00000002c0)={0x20000000, 0x0, 0x0, 0x0, {0x5}, &(0x7f00000000c0)=""/21, 0x15, &(0x7f00000001c0)=""/131, &(0x7f0000000140)=[0x0], 0x1, {r0}}, 0x58) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/admmidi2\x00', 0x101000, 0x0) madvise$auto(0x192ad524, 0x1, 0x19) r1 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/statm\x00', 0x20, 0x0) read$auto_proc_single_file_operations_base(r1, &(0x7f0000000340)=""/165, 0xa5) madvise$auto(0x0, 0x200007, 0x8) epoll_wait$auto(0xffffffffffffffff, 0x0, 0x6d87, 0x67) madvise$auto(0x0, 0x2003f0, 0x15) 3.802060141s ago: executing program 3 (id=298): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) ioctl$auto_TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptya5\x00', 0x62c00, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000500)='/dev/tty34\x00', 0x2200, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x4, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mincore$auto(0x1000, 0x8001, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710}, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) munmap$auto(0x20001000, 0x7fb3) ptrace$auto(0x10, 0x10000000000001, 0xffffffffffffff56, 0x868f) capset$auto(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) clock_gettime$auto(0x1, 0x0) setresuid$auto(0x0, 0x8, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(0x4, 0x1, 0xc, 0x0, 0x6) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x5, 0x100000003, 0x9, 0x6, 0x1ff, 0x100000000, 0x3, 0x4, 0x401, 0x0, 0x8, 0x6, 0x9a8c, 0x9, 0x10001]}, &(0x7f0000000200)={[0x8, 0x8000000000000000, 0x2, 0xb, 0x1, 0x9, 0x0, 0x7fff, 0xa, 0x18f, 0xfffffffffffffff9, 0x3, 0x5a4, 0x1000, 0x80000001, 0x1]}, 0x0, &(0x7f0000000280)={0x10006, 0xcc}) 3.27519715s ago: executing program 0 (id=299): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r0, 0x5425, 0x0) mmap$auto(0xfffffffffffffffe, 0x20009, 0x4000000000df, 0xeb1, r0, 0x9ddb) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x147602, 0x0) r1 = fanotify_init$auto(0xba, 0x0) write$auto_ima_measure_policy_ops_ima_fs(r1, 0x0, 0x0) write$auto(0x3, 0x0, 0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) mbind$auto(0x8000, 0xfa9d, 0x2, 0x0, 0x3, 0x1) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x40009, 0x0) socket(0xf, 0x2, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x4, 0x4008) setgroups$auto(0xc00000000, 0xfffffffffffffffc) keyctl$auto(0x4, 0xfffff7ffffffffff, 0x0, 0x8, 0x8) r3 = io_uring_setup$auto(0x4, 0x0) read$auto_proc_iter_file_ops_compat_inode(r3, 0x0, 0x0) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/events/vmalloc/free_vmap_area_noflush/enable\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x109500, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) io_uring_setup$auto(0x85, 0x0) socket(0x1d, 0x2, 0x7) socketpair$auto(0x4004, 0x7, 0x4, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyud\x00', 0x0, 0x0) 2.657971402s ago: executing program 0 (id=300): r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x2c00, 0x0) r1 = socket(0x10, 0x2, 0xc) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f00000002c0)={0x0, 0xf5, &(0x7f0000000180)={&(0x7f0000000240)={0x14, r2, 0x1f5, 0x70bd28, 0x25dfdbfb, {0xa, 0x0, 0xa00}}, 0xfdef}, 0x1, 0x0, 0xf00, 0x20000000}, 0x2000000) ioctl$auto_MEMREADOOB(r0, 0xc0104d04, &(0x7f0000000080)={0x7761, 0x80, 0x0}) 2.480360281s ago: executing program 0 (id=301): openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000580)={0x39, r2, 0x301, 0x70bd2c, 0x25dfdbfb, {}, [@CTRL_ATTR_FAMILY_ID={0x6, 0x1, 0x11}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4818}, 0x44040) close_range$auto(0x2, 0xa, 0x0) 2.434893471s ago: executing program 1 (id=302): sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r0 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x101400, 0x0) mmap$auto(0x100000004, 0x98, 0x7, 0x54e6bc5d, r0, 0x8000) openat$auto_bm_entry_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x400, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x8, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) shutdown$auto(0x200000003, 0x2) unshare$auto(0x40000080) r1 = socket(0x10, 0x2, 0xc) r2 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) r3 = socket(0x10, 0xa, 0x3) r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0xd8, r4, 0x10, 0x70bd2c, 0x25dfdbfa, {0xa, 0x0, 0xa00}, [@CTRL_ATTR_FAMILY_NAME={0xb4, 0x2, '%/\x00\xe2\xa8\\A\xe7Z\x02q[\xcb\xc0\xb0N\\\xdc\xdf(\xff\xfee\xc3\x17py\x9f\xda\xb88\xaa\xf6q*\x82\xe6(\xc9\xe6B\x9aJ82\v-i(c\x92{\xd7D\xb4\xf7\xb4\t\xb2\x98b\xd3%vu\xd4\xfd\t\xd7J\x83\x19)\xb1\x00[\xdd(\xef?\xc5\xae(\x84\xefjx\xfe\xdb\xeb\xbceaAw\x1eW\x12Bh\xc3y2\xc9\x0e\xc9\x99#\x92j\x97\xbbDOi\x03\xa4\x11\x02Ff\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) setsockopt$auto(0xffffffffffffffff, 0x9, 0x69ce, &(0x7f0000000040)='(%}[\x00', 0x3) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0x70) write$auto(0x3, 0x0, 0xfdef) 1.842265821s ago: executing program 0 (id=304): open(&(0x7f0000000000)='./cgroup\x00', 0x80000, 0x61) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r0, &(0x7f0000000c80)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625d173c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba4291bae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d7b519a855da7ac6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc000cd84061c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1", 0x300) fchdir$auto(r0) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/cgroup.type\x00', 0x103042, 0x0) rmdir$auto(&(0x7f0000000300)='./cgroup\x00') close_range$auto(0x2, 0x8, 0x0) 1.473891507s ago: executing program 0 (id=305): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0x24, 0x1, 0xffffffffffffffff, 0x0, 0x5}, 0x4f4) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) ioctl$auto_VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x6}) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) socket(0xf, 0x3, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = socket(0x2, 0x2, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, 0x0, 0x20c01, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3d, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x800001ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x15f4da0a, 0x69a, 0x6, 0x3, 0x208000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002b80)='/dev/snd/pcmC1D1p\x00', 0x2205, 0x0) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(0xffffffffffffffff, 0x80044dfe, &(0x7f0000000040)) unshare$auto(0x40000080) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ec0), 0xffffffffffffffff) 1.309455641s ago: executing program 2 (id=306): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x240009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x100, 0x0) ioctl$auto(0xffffffffffffffff, 0x80004d00, 0xffffffffffffffff) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) madvise$auto(0x0, 0x200007, 0x8) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000000c0), 0x169500, 0x0) shmctl$auto_SHM_LOCK(0x6, 0xb, &(0x7f0000000300)={{0x9, 0x0, 0xffffffffffffffff, 0xffffffbf, 0xfffffc01, 0x2, 0x7f}, 0x5, 0x5, 0x8000, 0x101, @inferred, @inferred=0xffffffffffffffff, 0x200, 0x0, &(0x7f00000001c0), &(0x7f0000000240)="33dd20c44dfd0534435ebeaa343f2e479d893b7c4adc1a2577c17ddb10a931616fb75cc0461bfd8c"}) r2 = socket(0x2b, 0x1, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) ioctl$auto(r2, 0x89a0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) 977.408921ms ago: executing program 3 (id=307): mmap$auto(0x0, 0x400005, 0xdb, 0x13, 0x2, 0x8000) mmap$auto(0x800, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x800, 0xffffffffffff0001, 0x4) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x8, 0x2, 0xdc, 0x115, 0x2, 0x108004) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd6\x00', 0x3a3c02, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x21, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @rand_addr=0x64010102}, 0x8) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = socket(0x2, 0x801, 0x106) io_uring_setup$auto(0x6, 0x0) clone$auto(0x8, 0x7, 0x0, 0xffffffffffffffff, 0x80000001) getsockopt$auto(r0, 0x11c, 0x1, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @remote}, 0x54) capset$auto(0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x8, 0x0, 0xd) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xc) mmap$auto(0x0, 0x1, 0x7fffffff, 0x44eb1, 0x3, 0x300000000000) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x860, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) socket(0xa, 0x2, 0x3a) mmap$auto(0xfffffffffffffffe, 0x10000, 0x12, 0x72, 0xffffffffffffffff, 0x6af02c40) r1 = openat$auto_null_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x12000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) fsconfig$auto(r2, 0x5, &(0x7f0000000300)='+\x00\x82\xaf\xd2\xe8* \xb3]\xcb\xfd\bwM\xcfg\x92\x98\xa1\xe1d\xa7N\xcaC\xa66\xe5N\x91\v\x17u\xab\x1cK\xcdK|\xfb\x06\x1f\x01\x17\x97\n8s\x1b\xdd\xf1\x17\n#R\xaf\x0e\xd26\xdbx\xc7\x86\xb9\xb7\xfd@L\xaaj\\\xf3T\xb9\x01\xfa|/\x0f@\xa4\x86#\xc3\'\xfaXj\a\xc9\xaf\xc1\t\xf93\x18t/\xb2\x95[\x9d\xdbx\x1f\xdfKd$\x11B2\xbd\x974\xce&\xd01\xba\x87\xb3=+m\vz\x8a\xe2\xd0\xef\x11&\xdc\xca\xdaQ\xee\xc4\x14\xf4\x19\x03nH \xb0\xeb/\x91\xf2\x1eo;\x80\xf8\x8c-\xe9\xc0\xee\x87\xfb\xa0\x01\xc9\xa6\x1ep\xef\xa8p\x17\x8c\xe5\xde@9\x1c\xb8\xf6n\xd8\x1a\xe3\xc1\xe4\x7f7\xac\x94\x01\x8e\x1c\x86\xdbJm4*K\xf0e\xd6\x0f1\x95\x8b\x19\xa1\xa0h\xc4\x84\xd3\'\\#\xee\xa9DV3\xd0$\r\xfc\xd4z\xbd\xe4\xd1x\xa1\xa7$\x15e\xcec]pp(\x8a\xc2\xccd\x94&K\x84\xb6', &(0x7f0000000280), 0x0) close_range$auto(r1, r2, 0x6) 750.30568ms ago: executing program 2 (id=308): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vivid.0/video4linux/radio1/name\x00', 0xa2500, 0x0) (async) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vivid.0/video4linux/radio1/name\x00', 0xa2500, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000002c0)=""/106, 0x6a) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffd, 0x401bf, 0x7352, 0x31, 0x8000, 0x1ffde, 0x1, 0x2, 0x1, 0x9, 0x3, 0x5, 0x8, 0x3002, 0x9, 0xb, 0x80012002, 0x80, 0xd8f9, 0x0, 0x7, 0x2, 0x203, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8667, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x1fe, 0xd) (async) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffd, 0x401bf, 0x7352, 0x31, 0x8000, 0x1ffde, 0x1, 0x2, 0x1, 0x9, 0x3, 0x5, 0x8, 0x3002, 0x9, 0xb, 0x80012002, 0x80, 0xd8f9, 0x0, 0x7, 0x2, 0x203, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8667, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) (async) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0xa, 0x2, 0x0) setsockopt$auto(0x3, 0x1, 0x3c, 0x0, 0x9) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) (async) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0xfc, &(0x7f0000000100)={0x0, 0xfc6}, 0x2, 0x0, 0x7, 0x3}, 0x800}, 0x7, 0x4008) 590.649531ms ago: executing program 3 (id=309): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) (async) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x21) open_tree$auto(r1, 0x0, 0x1001) ioctl$auto_SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000080)='[') (async) mmap$auto(0x0, 0x88f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) (async, rerun: 32) r2 = socket(0x11, 0x3, 0x9) (async, rerun: 32) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x40}, 0x6a) r3 = socket(0xa, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000180)={{&(0x7f0000000040), 0xb8, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x9}, 0x1, 0x8008) (async) r4 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x11, r4, 0x0) (async, rerun: 64) munmap$auto(0x200000008000, 0xffffffff) (rerun: 64) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) fsmount$auto(0xffffffffffffffff, 0x1, 0x25) (async, rerun: 64) r7 = getpgid(0x0) sendmsg$auto_TIPC_NL_MON_PEER_GET(r6, &(0x7f0000006140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x20, r5, 0x711, 0x70b52c, 0x25dfdbfe, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid=r7}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x4405}, 0x4c848) (async, rerun: 32) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) (async, rerun: 32) sendmmsg$auto(r2, &(0x7f0000000640)={{&(0x7f0000000000), 0x5ae, &(0x7f0000000100)={&(0x7f0000000780)="4c1200030000000000a3677337f9ecba075f6bba441b1011", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x1}, 0x1a000, 0x100) (async) r8 = open(0x0, 0x261c2, 0x84) semtimedop$auto(0x7, &(0x7f0000000180)={0xffff, 0x7}, 0x1, &(0x7f00000001c0)={0x7, 0x80000000}) symlink$auto(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='./file0\x00') (async) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r8, 0x0, 0x3}, 0xc) (async) ioctl$auto_BTRFS_IOC_DEFAULT_SUBVOL(r8, 0x40089413, &(0x7f0000000000)=0x9) 421.329583ms ago: executing program 2 (id=310): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/cpu/cpu0/topology/physical_package_id\x00', 0x8c00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000100)=""/4096, 0x1000) (async) mbind$auto(0xb, 0xc0, 0x100000000, 0x0, 0x9, 0x3) (async) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) (async) ioctl$auto(0xffffffffffffffff, 0x4b72, 0xffffffffffffffff) (async, rerun: 64) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) (rerun: 64) read$auto(r1, 0x0, 0x20) (async) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x0, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async, rerun: 64) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0xe0180, 0x0) (async, rerun: 64) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)=""/168, 0xa8) (async, rerun: 64) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x800, 0x0) (rerun: 64) ioctl$auto(0x3, 0xc08c5114, 0x10000000000402) getsockopt$auto_SO_TIMESTAMPING_OLD(r1, 0x6, 0x25, &(0x7f0000000040)='.\x00', &(0x7f0000000200)=0x7) (async, rerun: 32) writev$auto(r2, &(0x7f00000001c0)={0x0, 0x7}, 0x3) (rerun: 32) socket(0x1e, 0x1, 0x0) (async) readlink$auto(0x0, 0x0, 0x800) (async, rerun: 32) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, 0x0, 0x48002, 0x0) (async, rerun: 32) openat$auto_clk_dump_fops_(0xffffffffffffff9c, 0x0, 0x80, 0x0) (async) r4 = openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000001100)='/sys/kernel/debug/dri/0000:00:02.0/framebuffer\x00', 0x400000, 0x0) read$auto_drm_debugfs_entry_fops_drm_debugfs(r4, &(0x7f0000001140)=""/78, 0x4e) (async) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000480), 0xffffffffffffffff) (async) bpf$auto(0x0, &(0x7f0000000100)=@batch={0x7, 0x444, 0x3, 0x10001, 0x10000000, 0xffffffffffffffff, 0x400, 0x1ff}, 0x96) (async) openat$nci(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) 1.131161ms ago: executing program 1 (id=311): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/addr_prefs\x00', 0x102, 0x0) writev$auto(r0, &(0x7f0000000080)={&(0x7f0000000180)="dc3527873028a77c9a9b14e33849f968153766294190f3525e2ae8d6abfcb1330ab72440d727347f569dac45accd6be4091e1f348fccdf65464b3e9d757fed421cebe213146bf17bb84545a275b79c1c6b5c911c11d12ac1e3f342c79b90226e63035df195da89e8326f2d2917e852d13602e2618cba13d5033a2560769d668d8e7b547130ddf7a1ef63a6ab25202d0083739a5da937cb1de9e1457245d7", 0x7}, 0x3) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) mmap$auto(0xfffffffffffffff8, 0xef3f, 0x0, 0x17, r1, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r2, 0x4b47, 0x1) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/usbmon6\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000000)=@in={0x2, 0x0, @rand_addr=0xfffffffe}, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8008) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlockall$auto(0x7) madvise$auto(0x1, 0x400000, 0x2) socket(0x10, 0x4, 0xffffffc0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x406, 0x0, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x4000000000005, 0x6, 0x62, 0x8, 0x7, 0x1, 0xb, 0x100, 0x18]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r4, 0x0, 0x81) write$auto(r4, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0xb53, 0xdf, 0x9b72, 0x2, 0x8000) r5 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r5) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) bpf$auto(0x0, 0x0, 0x6f3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) 0s ago: executing program 2 (id=312): close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto(0x3, 0x541b, 0x7f) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0xffffffffffffffff, 0x8000) setresuid$auto(0x2, 0x7, 0x0) setresuid$auto(0x0, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f0000000040), 0x18000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) prctl$auto(0x1000000003b, 0x4, 0x0, 0x9, 0x7) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) msgrcv$auto(0x0, 0x0, 0x3, 0x1, 0x6) fcntl$auto(0xffffffffffffffff, 0x400, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x5609, r1) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.153' (ED25519) to the list of known hosts. [ 89.038223][ T5836] cgroup: Unknown subsys name 'net' [ 89.190113][ T5836] cgroup: Unknown subsys name 'cpuset' [ 89.199088][ T5836] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 91.145996][ T5836] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 93.591245][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 93.616566][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 93.624477][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 93.632787][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 93.647577][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 93.682581][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 93.692925][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 93.712170][ T5853] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 93.722003][ T5857] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 93.736903][ T5857] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 93.744806][ T5857] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 93.766483][ T5858] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 93.773834][ T5858] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 93.778787][ T5853] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 93.791073][ T5853] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 93.802244][ T5853] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 93.810479][ T5853] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 93.818460][ T5853] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 93.827778][ T5853] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 93.849518][ T5853] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.377912][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 94.514956][ T5854] chnl_net:caif_netlink_parms(): no params data found [ 94.544118][ T5849] chnl_net:caif_netlink_parms(): no params data found [ 94.629935][ T5850] chnl_net:caif_netlink_parms(): no params data found [ 94.649475][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.657320][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.664919][ T5845] bridge_slave_0: entered allmulticast mode [ 94.672388][ T5845] bridge_slave_0: entered promiscuous mode [ 94.711708][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.719071][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.726181][ T5845] bridge_slave_1: entered allmulticast mode [ 94.734488][ T5845] bridge_slave_1: entered promiscuous mode [ 94.833491][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 94.862273][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.869726][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.877298][ T5854] bridge_slave_0: entered allmulticast mode [ 94.884439][ T5854] bridge_slave_0: entered promiscuous mode [ 94.896621][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.925000][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.932231][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state [ 94.939703][ T5854] bridge_slave_1: entered allmulticast mode [ 94.948403][ T5854] bridge_slave_1: entered promiscuous mode [ 94.973081][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.980284][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state [ 94.987985][ T5849] bridge_slave_0: entered allmulticast mode [ 94.995046][ T5849] bridge_slave_0: entered promiscuous mode [ 95.051131][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.058418][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.065533][ T5849] bridge_slave_1: entered allmulticast mode [ 95.073564][ T5849] bridge_slave_1: entered promiscuous mode [ 95.099835][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.112131][ T5845] team0: Port device team_slave_0 added [ 95.121738][ T5845] team0: Port device team_slave_1 added [ 95.155141][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.191286][ T5850] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.198582][ T5850] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.205713][ T5850] bridge_slave_0: entered allmulticast mode [ 95.213445][ T5850] bridge_slave_0: entered promiscuous mode [ 95.223658][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.261055][ T5850] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.268663][ T5850] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.275926][ T5850] bridge_slave_1: entered allmulticast mode [ 95.284196][ T5850] bridge_slave_1: entered promiscuous mode [ 95.292876][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.324897][ T5854] team0: Port device team_slave_0 added [ 95.331986][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.340752][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.367653][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.406828][ T5854] team0: Port device team_slave_1 added [ 95.413383][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.420638][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.446770][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.474112][ T5849] team0: Port device team_slave_0 added [ 95.502852][ T5850] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.516929][ T5850] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.529618][ T5849] team0: Port device team_slave_1 added [ 95.549555][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.558314][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.585075][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.623836][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.630903][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.657184][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.717530][ T5848] Bluetooth: hci0: command tx timeout [ 95.720253][ T5850] team0: Port device team_slave_0 added [ 95.730012][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.737033][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.763499][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.794298][ T5845] hsr_slave_0: entered promiscuous mode [ 95.800888][ T5845] hsr_slave_1: entered promiscuous mode [ 95.811381][ T5850] team0: Port device team_slave_1 added [ 95.829766][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.836828][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.863541][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.876405][ T5848] Bluetooth: hci3: command tx timeout [ 95.876576][ T5857] Bluetooth: hci1: command tx timeout [ 95.938039][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.945037][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.971433][ T5857] Bluetooth: hci2: command tx timeout [ 95.977577][ T5850] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.994715][ T5854] hsr_slave_0: entered promiscuous mode [ 96.001370][ T5854] hsr_slave_1: entered promiscuous mode [ 96.008255][ T5854] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.015995][ T5854] Cannot create hsr debugfs directory [ 96.044366][ T5850] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.051427][ T5850] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.077417][ T5850] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.207508][ T5849] hsr_slave_0: entered promiscuous mode [ 96.214008][ T5849] hsr_slave_1: entered promiscuous mode [ 96.221195][ T5849] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.229144][ T5849] Cannot create hsr debugfs directory [ 96.292995][ T5850] hsr_slave_0: entered promiscuous mode [ 96.300018][ T5850] hsr_slave_1: entered promiscuous mode [ 96.306800][ T5850] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.314383][ T5850] Cannot create hsr debugfs directory [ 96.642679][ T5845] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 96.668853][ T5845] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 96.680560][ T5845] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 96.719745][ T5845] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 96.793129][ T5854] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 96.831015][ T5854] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 96.849572][ T5854] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 96.873558][ T5854] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 96.943746][ T5849] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 96.963764][ T5849] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.010808][ T5849] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.052212][ T5849] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 97.124006][ T5850] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 97.144997][ T5850] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 97.165490][ T5850] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 97.176093][ T5850] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 97.248119][ T55] cfg80211: failed to load regulatory.db [ 97.277922][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.338855][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.374871][ T1156] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.382428][ T1156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.410239][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.417439][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.470948][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.485691][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.555943][ T5854] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.591924][ T5849] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.618561][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.625677][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.641911][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.649119][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.668303][ T5850] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.684104][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.691261][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.721881][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.729112][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 97.797180][ T5857] Bluetooth: hci0: command tx timeout [ 97.847990][ T5850] 8021q: adding VLAN 0 to HW filter on device team0 [ 97.891838][ T1156] bridge0: port 1(bridge_slave_0) entered blocking state [ 97.899055][ T1156] bridge0: port 1(bridge_slave_0) entered forwarding state [ 97.958865][ T5857] Bluetooth: hci3: command tx timeout [ 97.964357][ T5857] Bluetooth: hci1: command tx timeout [ 97.973955][ T1156] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.981227][ T1156] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.037138][ T5857] Bluetooth: hci2: command tx timeout [ 98.238150][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.381110][ T5845] veth0_vlan: entered promiscuous mode [ 98.447163][ T5845] veth1_vlan: entered promiscuous mode [ 98.535055][ T5845] veth0_macvtap: entered promiscuous mode [ 98.561405][ T5845] veth1_macvtap: entered promiscuous mode [ 98.644636][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 98.678974][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.691238][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 98.702850][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.728050][ T5845] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.738751][ T5845] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.748371][ T5845] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.757961][ T5845] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 98.845625][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 98.911158][ T5854] veth0_vlan: entered promiscuous mode [ 98.940899][ T5849] veth0_vlan: entered promiscuous mode [ 98.958437][ T5854] veth1_vlan: entered promiscuous mode [ 98.983297][ T1156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 98.998230][ T1156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.019945][ T5849] veth1_vlan: entered promiscuous mode [ 99.070101][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.080586][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.132256][ T5854] veth0_macvtap: entered promiscuous mode [ 99.149817][ T5850] veth0_vlan: entered promiscuous mode [ 99.179847][ T5849] veth0_macvtap: entered promiscuous mode [ 99.190451][ T5854] veth1_macvtap: entered promiscuous mode [ 99.192651][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 99.218887][ T5850] veth1_vlan: entered promiscuous mode [ 99.225813][ T5849] veth1_macvtap: entered promiscuous mode [ 99.291806][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.322208][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.351166][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.368116][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.394971][ T5854] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.405961][ T5854] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.415343][ T5854] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.426455][ T5854] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.441614][ T5850] veth0_macvtap: entered promiscuous mode [ 99.461187][ T5849] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.474389][ T5849] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.484999][ T5849] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.501635][ T5849] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.515968][ T5850] veth1_macvtap: entered promiscuous mode [ 99.781353][ T5940] zswap: compressor 000 not available [ 99.831287][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.872686][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.885396][ T5857] Bluetooth: hci0: command tx timeout [ 99.934672][ T5940] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 99.958977][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.972770][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.982156][ T5850] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.993630][ T5850] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.007096][ T5850] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.030595][ T5850] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.041558][ T5857] Bluetooth: hci3: command tx timeout [ 100.041604][ T5848] Bluetooth: hci1: command tx timeout [ 100.117567][ T5848] Bluetooth: hci2: command tx timeout [ 100.153565][ T1156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.172319][ T1156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.235525][ T1156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.299654][ T1156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.460037][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.482667][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.638794][ T1156] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.682284][ T1156] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.793049][ T3449] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.821528][ T3449] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.131019][ T5961] netlink: zone id is out of range [ 101.177482][ T5961] netlink: zone id is out of range [ 101.182654][ T5961] netlink: zone id is out of range [ 101.246989][ T5961] netlink: zone id is out of range [ 101.252212][ T5961] netlink: zone id is out of range [ 101.296503][ T5961] netlink: zone id is out of range [ 101.326748][ T5961] netlink: zone id is out of range [ 101.331943][ T5961] netlink: zone id is out of range [ 101.410095][ T5961] netlink: zone id is out of range [ 101.415304][ T5961] netlink: zone id is out of range [ 101.785619][ T5973] Format for linking two devices is "netnsfd_a:ifidx_a netnsfd_b:ifidx_b" (int uint int uint). [ 101.796695][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 101.823831][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 101.957166][ T5848] Bluetooth: hci0: command tx timeout [ 102.110796][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.126384][ T5848] Bluetooth: hci3: command tx timeout [ 102.133455][ T5857] Bluetooth: hci1: command tx timeout [ 102.199019][ T5848] Bluetooth: hci2: command tx timeout [ 102.411004][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.419683][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.456618][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.702835][ T5984] Format for linking two devices is "netnsfd_a:ifidx_a netnsfd_b:ifidx_b" (int uint int uint). [ 102.866824][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.875886][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.886302][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 102.895310][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.272106][ T6005] process 'syz.0.13' launched ':,' with NULL argv: empty string added [ 104.539015][ T6005] FAULT_INJECTION: forcing a failure. [ 104.539015][ T6005] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 104.666658][ T6005] CPU: 0 UID: 0 PID: 6005 Comm: syz.0.13 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 104.666685][ T6005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 104.666695][ T6005] Call Trace: [ 104.666702][ T6005] [ 104.666709][ T6005] dump_stack_lvl+0x16c/0x1f0 [ 104.666732][ T6005] should_fail_ex+0x512/0x640 [ 104.666752][ T6005] should_fail_alloc_page+0xe7/0x130 [ 104.666775][ T6005] prepare_alloc_pages+0x3c2/0x610 [ 104.666798][ T6005] ? rcu_is_watching+0x12/0xc0 [ 104.666818][ T6005] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 104.666836][ T6005] ? psi_task_switch+0x201/0x8e0 [ 104.666861][ T6005] ? __lock_acquire+0x622/0x1c90 [ 104.666885][ T6005] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 104.666901][ T6005] ? __lock_acquire+0x622/0x1c90 [ 104.666925][ T6005] ? __asan_memcpy+0x3c/0x60 [ 104.666953][ T6005] ? __pfx_interleave_nid+0x10/0x10 [ 104.666971][ T6005] ? __lock_acquire+0x622/0x1c90 [ 104.666995][ T6005] ? policy_nodemask+0xea/0x4e0 [ 104.667016][ T6005] alloc_pages_mpol+0x1fb/0x550 [ 104.667036][ T6005] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 104.667061][ T6005] folio_alloc_mpol_noprof+0x36/0x2f0 [ 104.667084][ T6005] vma_alloc_folio_noprof+0xed/0x1e0 [ 104.667106][ T6005] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 104.667126][ T6005] ? find_held_lock+0x2b/0x80 [ 104.667143][ T6005] ? __handle_mm_fault+0x1092/0x5490 [ 104.667171][ T6005] __handle_mm_fault+0x2f21/0x5490 [ 104.667202][ T6005] ? __pfx___handle_mm_fault+0x10/0x10 [ 104.667227][ T6005] ? __pte_offset_map_lock+0x174/0x310 [ 104.667247][ T6005] ? find_held_lock+0x2b/0x80 [ 104.667263][ T6005] ? find_held_lock+0x2b/0x80 [ 104.667288][ T6005] ? follow_page_pte+0x3af/0x14c0 [ 104.667315][ T6005] handle_mm_fault+0x589/0xd10 [ 104.667344][ T6005] __get_user_pages+0x589/0x3b80 [ 104.667372][ T6005] ? __pfx_mt_find+0x10/0x10 [ 104.667391][ T6005] ? __pfx___get_user_pages+0x10/0x10 [ 104.667420][ T6005] populate_vma_page_range+0x278/0x3a0 [ 104.667445][ T6005] ? __pfx_populate_vma_page_range+0x10/0x10 [ 104.667467][ T6005] ? __pfx_find_vma_intersection+0x10/0x10 [ 104.667490][ T6005] ? do_mmap+0x69c/0x1210 [ 104.667513][ T6005] __mm_populate+0x1d8/0x380 [ 104.667546][ T6005] ? __pfx___mm_populate+0x10/0x10 [ 104.667570][ T6005] ? up_write+0x1b2/0x520 [ 104.667596][ T6005] vm_mmap_pgoff+0x362/0x450 [ 104.667620][ T6005] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 104.667639][ T6005] ? do_set_mempolicy+0x220/0x480 [ 104.667661][ T6005] ? __x64_sys_futex+0x1e0/0x4c0 [ 104.667681][ T6005] ? __x64_sys_futex+0x1e9/0x4c0 [ 104.667704][ T6005] ksys_mmap_pgoff+0x7d/0x5c0 [ 104.667724][ T6005] ? xfd_validate_state+0x61/0x180 [ 104.667745][ T6005] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 104.667766][ T6005] __x64_sys_mmap+0x125/0x190 [ 104.667791][ T6005] do_syscall_64+0xcd/0x490 [ 104.667810][ T6005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.667826][ T6005] RIP: 0033:0x7f2c7178e9a9 [ 104.667840][ T6005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.667856][ T6005] RSP: 002b:00007f2c72549038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 104.667873][ T6005] RAX: ffffffffffffffda RBX: 00007f2c719b5fa0 RCX: 00007f2c7178e9a9 [ 104.667883][ T6005] RDX: 00000000000000df RSI: 000000000040000b RDI: 0000000000000000 [ 104.667893][ T6005] RBP: 00007f2c71810d69 R08: 0000000000000002 R09: 0000000000008000 [ 104.667903][ T6005] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 104.667912][ T6005] R13: 0000000000000000 R14: 00007f2c719b5fa0 R15: 00007ffe84f268f8 [ 104.667933][ T6005] [ 105.771417][ T6005] HfR: entered promiscuous mode [ 106.605795][ T6023] net_ratelimit: 20 callbacks suppressed [ 106.605813][ T6023] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 107.443893][ T6017] syz.3.16 (6017) used greatest stack depth: 17800 bytes left [ 109.909816][ T6068] netlink: 206 bytes leftover after parsing attributes in process `syz.1.23'. [ 110.937592][ T6084] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 111.938263][ T6086] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 112.375884][ T6084] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 112.913680][ T6102] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 114.133669][ T6121] netlink: 4 bytes leftover after parsing attributes in process `syz.1.32'. [ 114.254474][ T6110] __vm_enough_memory: pid: 6110, comm: syz.0.33, bytes: 4398046511104 not enough memory for the allocation [ 114.537560][ T6120] Zero length message leads to an empty skb [ 114.816366][ T6127] sp0: Synchronizing with TNC [ 117.162205][ T6167] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 117.213698][ T6167] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 117.285631][ T6167] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 117.309440][ T6167] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 117.328401][ T6167] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 117.349507][ T6167] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 117.444025][ T6167] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 117.450911][ T6167] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 117.474850][ T6167] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 117.559345][ T6167] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 117.595492][ T6167] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 117.645220][ T6167] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 118.407503][ T6192] netlink: 146 bytes leftover after parsing attributes in process `syz.0.49'. [ 119.251786][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 119.327608][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout [ 119.486441][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 119.639883][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout [ 121.196835][ T6229] syz.0.56 uses obsolete (PF_INET,SOCK_PACKET) [ 121.317322][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 121.396966][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout [ 121.556369][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 121.738618][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout [ 121.784056][ T6239] netlink: 24 bytes leftover after parsing attributes in process `syz.0.58'. [ 121.999973][ T6242] warning: `syz.2.59' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 123.396553][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.476727][ T5848] Bluetooth: hci1: command 0x0c1a tx timeout [ 123.639796][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 123.808769][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout [ 127.107989][ T6312] ima: policy update failed [ 127.131932][ T30] audit: type=1802 audit(6048146400.654:2): pid=6312 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.74" res=0 errno=0 [ 127.149017][ T6312] netlink: 25 bytes leftover after parsing attributes in process `syz.0.74'. [ 127.476829][ T6322] netlink: zone id is out of range [ 127.482112][ T6322] netlink: zone id is out of range [ 127.546382][ T6322] netlink: zone id is out of range [ 127.551673][ T6322] netlink: zone id is out of range [ 127.557038][ T6322] netlink: zone id is out of range [ 127.562281][ T6322] netlink: zone id is out of range [ 127.575850][ T6322] netlink: zone id is out of range [ 127.791598][ T6322] netlink: zone id is out of range [ 127.802985][ T6322] netlink: zone id is out of range [ 127.815756][ T6322] netlink: zone id is out of range [ 127.963426][ T6331] tc_dump_action: action bad kind [ 129.126592][ T6344] random: crng reseeded on system resumption [ 131.953803][ T5848] Bluetooth: hci0: unexpected event 0x14 length: 16 > 6 [ 132.554768][ T6398] random: crng reseeded on system resumption [ 133.012959][ T6400] net_ratelimit: 20 callbacks suppressed [ 133.012982][ T6400] netlink: zone id is out of range [ 133.065320][ T6400] netlink: zone id is out of range [ 133.074511][ T6400] netlink: zone id is out of range [ 133.082208][ T6400] netlink: zone id is out of range [ 133.089015][ T6400] netlink: zone id is out of range [ 133.097571][ T6400] netlink: zone id is out of range [ 133.127765][ T6400] netlink: zone id is out of range [ 133.132981][ T6400] netlink: zone id is out of range [ 133.138511][ T6400] netlink: zone id is out of range [ 133.144064][ T6400] netlink: zone id is out of range [ 133.726928][ T6412] vivid-009: ================= START STATUS ================= [ 133.735003][ T6412] vivid-009: Enable Output Cropping: true [ 133.745078][ T6412] vivid-009: Enable Output Composing: true [ 133.755232][ T6412] vivid-009: Enable Output Scaler: true [ 133.767081][ T6412] vivid-009: Tx RGB Quantization Range: Automatic [ 133.773548][ T6412] vivid-009: Transmit Mode: HDMI [ 133.821447][ T6412] vivid-009: Hotplug Present: 0x00000000 [ 133.841652][ T6412] vivid-009: RxSense Present: 0x00000000 [ 133.858981][ T6412] vivid-009: EDID Present: 0x00000000 [ 133.864537][ T6412] vivid-009: ================== END STATUS ================== [ 134.951851][ T6438] netlink: 'syz.0.100': attribute type 22 has an invalid length. [ 134.960632][ T6438] netlink: 252 bytes leftover after parsing attributes in process `syz.0.100'. [ 135.036191][ T6443] netlink: 'syz.0.100': attribute type 22 has an invalid length. [ 135.072261][ T6443] netlink: 252 bytes leftover after parsing attributes in process `syz.0.100'. [ 135.505911][ T6456] FAULT_INJECTION: forcing a failure. [ 135.505911][ T6456] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 135.548521][ T6456] CPU: 0 UID: 0 PID: 6456 Comm: syz.0.104 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 135.548562][ T6456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 135.548579][ T6456] Call Trace: [ 135.548589][ T6456] [ 135.548601][ T6456] dump_stack_lvl+0x16c/0x1f0 [ 135.548637][ T6456] should_fail_ex+0x512/0x640 [ 135.548674][ T6456] should_fail_alloc_page+0xe7/0x130 [ 135.548713][ T6456] prepare_alloc_pages+0x3c2/0x610 [ 135.548756][ T6456] ? rcu_is_watching+0x12/0xc0 [ 135.548793][ T6456] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 135.548826][ T6456] ? find_held_lock+0x2b/0x80 [ 135.548857][ T6456] ? css_rstat_updated+0x9d/0xd30 [ 135.548901][ T6456] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 135.548932][ T6456] ? __lock_acquire+0x622/0x1c90 [ 135.548974][ T6456] ? __asan_memcpy+0x3c/0x60 [ 135.549025][ T6456] ? __pfx_interleave_nid+0x10/0x10 [ 135.549059][ T6456] ? __lock_acquire+0x622/0x1c90 [ 135.549104][ T6456] ? policy_nodemask+0xea/0x4e0 [ 135.549141][ T6456] alloc_pages_mpol+0x1fb/0x550 [ 135.549178][ T6456] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 135.549233][ T6456] folio_alloc_mpol_noprof+0x36/0x2f0 [ 135.549278][ T6456] vma_alloc_folio_noprof+0xed/0x1e0 [ 135.549316][ T6456] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 135.549352][ T6456] ? find_held_lock+0x2b/0x80 [ 135.549382][ T6456] ? __handle_mm_fault+0x1092/0x5490 [ 135.549432][ T6456] __handle_mm_fault+0x2f21/0x5490 [ 135.549488][ T6456] ? __pfx___handle_mm_fault+0x10/0x10 [ 135.549533][ T6456] ? __pte_offset_map_lock+0x174/0x310 [ 135.549570][ T6456] ? find_held_lock+0x2b/0x80 [ 135.549599][ T6456] ? find_held_lock+0x2b/0x80 [ 135.549639][ T6456] ? follow_page_pte+0x3af/0x14c0 [ 135.549687][ T6456] handle_mm_fault+0x589/0xd10 [ 135.549741][ T6456] __get_user_pages+0x589/0x3b80 [ 135.549792][ T6456] ? __pfx_mt_find+0x10/0x10 [ 135.549826][ T6456] ? __pfx___get_user_pages+0x10/0x10 [ 135.549880][ T6456] populate_vma_page_range+0x278/0x3a0 [ 135.549921][ T6456] ? __pfx_populate_vma_page_range+0x10/0x10 [ 135.549960][ T6456] ? __pfx_find_vma_intersection+0x10/0x10 [ 135.549997][ T6456] ? do_mmap+0x69c/0x1210 [ 135.550040][ T6456] __mm_populate+0x1d8/0x380 [ 135.550084][ T6456] ? __pfx___mm_populate+0x10/0x10 [ 135.550128][ T6456] ? up_write+0x1b2/0x520 [ 135.550176][ T6456] vm_mmap_pgoff+0x362/0x450 [ 135.550226][ T6456] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 135.550262][ T6456] ? do_set_mempolicy+0x220/0x480 [ 135.550302][ T6456] ? __x64_sys_futex+0x1e0/0x4c0 [ 135.550335][ T6456] ? __x64_sys_futex+0x1e9/0x4c0 [ 135.550378][ T6456] ksys_mmap_pgoff+0x7d/0x5c0 [ 135.550416][ T6456] ? xfd_validate_state+0x61/0x180 [ 135.550454][ T6456] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 135.550494][ T6456] __x64_sys_mmap+0x125/0x190 [ 135.550542][ T6456] do_syscall_64+0xcd/0x490 [ 135.550577][ T6456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.550606][ T6456] RIP: 0033:0x7f2c7178e9a9 [ 135.550631][ T6456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.550658][ T6456] RSP: 002b:00007f2c72549038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 135.550686][ T6456] RAX: ffffffffffffffda RBX: 00007f2c719b5fa0 RCX: 00007f2c7178e9a9 [ 135.550704][ T6456] RDX: 00000000000000df RSI: 000000000040000b RDI: 0000000000000000 [ 135.550721][ T6456] RBP: 00007f2c71810d69 R08: 0000000000000002 R09: 0000000000008000 [ 135.550738][ T6456] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 135.550755][ T6456] R13: 0000000000000000 R14: 00007f2c719b5fa0 R15: 00007ffe84f268f8 [ 135.550794][ T6456] [ 136.246926][ T6460] FAULT_INJECTION: forcing a failure. [ 136.246926][ T6460] name failslab, interval 1, probability 0, space 0, times 1 [ 136.259749][ T6460] CPU: 0 UID: 0 PID: 6460 Comm: syz.3.103 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 136.259787][ T6460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 136.259803][ T6460] Call Trace: [ 136.259813][ T6460] [ 136.259824][ T6460] dump_stack_lvl+0x16c/0x1f0 [ 136.259858][ T6460] should_fail_ex+0x512/0x640 [ 136.259886][ T6460] ? fs_reclaim_acquire+0xae/0x150 [ 136.259925][ T6460] ? tomoyo_encode2+0x100/0x3e0 [ 136.259950][ T6460] should_failslab+0xc2/0x120 [ 136.259980][ T6460] __kmalloc_noprof+0xd2/0x510 [ 136.260006][ T6460] ? d_absolute_path+0x136/0x1a0 [ 136.260060][ T6460] tomoyo_encode2+0x100/0x3e0 [ 136.260096][ T6460] tomoyo_encode+0x29/0x50 [ 136.260121][ T6460] tomoyo_realpath_from_path+0x18f/0x6e0 [ 136.260161][ T6460] tomoyo_check_open_permission+0x2ab/0x3c0 [ 136.260204][ T6460] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 136.260297][ T6460] ? do_raw_spin_lock+0x12c/0x2b0 [ 136.260350][ T6460] tomoyo_file_open+0x6b/0x90 [ 136.260385][ T6460] security_file_open+0x84/0x1e0 [ 136.260426][ T6460] do_dentry_open+0x596/0x1c10 [ 136.260467][ T6460] vfs_open+0x82/0x3f0 [ 136.260508][ T6460] path_openat+0x1de4/0x2cb0 [ 136.260550][ T6460] ? __pfx_path_openat+0x10/0x10 [ 136.260580][ T6460] ? __lock_acquire+0xb8a/0x1c90 [ 136.260629][ T6460] do_filp_open+0x20b/0x470 [ 136.260657][ T6460] ? __pfx_do_filp_open+0x10/0x10 [ 136.260714][ T6460] ? alloc_fd+0x471/0x7d0 [ 136.260772][ T6460] do_sys_openat2+0x11b/0x1d0 [ 136.260810][ T6460] ? __pfx_do_sys_openat2+0x10/0x10 [ 136.260862][ T6460] __x64_sys_openat+0x174/0x210 [ 136.260901][ T6460] ? __pfx___x64_sys_openat+0x10/0x10 [ 136.260955][ T6460] do_syscall_64+0xcd/0x490 [ 136.260990][ T6460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.261035][ T6460] RIP: 0033:0x7ffa71d8e9a9 [ 136.261060][ T6460] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.261088][ T6460] RSP: 002b:00007ffa72bed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 136.261116][ T6460] RAX: ffffffffffffffda RBX: 00007ffa71fb6080 RCX: 00007ffa71d8e9a9 [ 136.261136][ T6460] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 136.261153][ T6460] RBP: 00007ffa71e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 136.261170][ T6460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.261186][ T6460] R13: 0000000000000000 R14: 00007ffa71fb6080 R15: 00007ffe3d7c96d8 [ 136.261225][ T6460] [ 136.261254][ T6460] ERROR: Out of memory at tomoyo_realpath_from_path. [ 138.215772][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.234709][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 syzkaller syzkaller login: [ 138.733227][ T6510] mmap: syz.1.114 (6510) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 138.897947][ T6499] Unable to find swap-space signature [ 139.380419][ T6514] netlink: 'syz.3.116': attribute type 1 has an invalid length. [ 139.963754][ T6525] random: crng reseeded on system resumption [ 140.574943][ T6531] net_ratelimit: 24 callbacks suppressed [ 140.574969][ T6531] netlink: zone id is out of range [ 140.594731][ T6531] netlink: zone id is out of range [ 140.618502][ T6531] netlink: zone id is out of range [ 140.633870][ T6531] netlink: zone id is out of range [ 140.653911][ T6531] netlink: zone id is out of range [ 140.659201][ T6531] netlink: zone id is out of range [ 140.664362][ T6531] netlink: zone id is out of range [ 140.682909][ T6531] netlink: zone id is out of range [ 140.692999][ T6531] netlink: zone id is out of range [ 140.701631][ T6531] netlink: zone id is out of range [ 141.572569][ T6557] ALSA: mixer_oss: invalid OSS volume '0' [ 141.619114][ T6557] ALSA: mixer_oss: invalid OSS volume '' [ 143.225924][ T6582] vivid-009: ================= START STATUS ================= [ 143.274378][ T6582] vivid-009: Enable Output Cropping: true grabbed [ 143.376657][ T6582] vivid-009: Enable Output Composing: true grabbed [ 143.451281][ T6582] vivid-009: Enable Output Scaler: true grabbed [ 143.460474][ T6582] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 143.470224][ T6582] vivid-009: Transmit Mode: HDMI grabbed [ 143.551671][ T6582] vivid-009: Hotplug Present: 0x00000000 [ 143.558280][ T6582] vivid-009: RxSense Present: 0x00000000 [ 143.564131][ T6582] vivid-009: EDID Present: 0x00000000 [ 143.569742][ T6582] vivid-009: ================== END STATUS ================== [ 144.057732][ T6596] FAULT_INJECTION: forcing a failure. [ 144.057732][ T6596] name failslab, interval 1, probability 0, space 0, times 0 [ 144.074370][ T6596] CPU: 0 UID: 0 PID: 6596 Comm: syz.0.133 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 144.074411][ T6596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 144.074428][ T6596] Call Trace: [ 144.074441][ T6596] [ 144.074453][ T6596] dump_stack_lvl+0x16c/0x1f0 [ 144.074489][ T6596] should_fail_ex+0x512/0x640 [ 144.074519][ T6596] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 144.074555][ T6596] should_failslab+0xc2/0x120 [ 144.074591][ T6596] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 144.074621][ T6596] ? d_instantiate+0x77/0x90 [ 144.074654][ T6596] ? alloc_empty_file+0x55/0x1e0 [ 144.074697][ T6596] alloc_empty_file+0x55/0x1e0 [ 144.074736][ T6596] alloc_file_pseudo+0x13a/0x230 [ 144.074777][ T6596] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 144.074816][ T6596] ? alloc_fd+0x471/0x7d0 [ 144.074869][ T6596] sock_alloc_file+0x50/0x210 [ 144.074903][ T6596] __sys_socket+0x1c0/0x260 [ 144.074945][ T6596] ? __pfx___sys_socket+0x10/0x10 [ 144.074986][ T6596] ? xfd_validate_state+0x61/0x180 [ 144.075024][ T6596] ? __pfx___do_sys_close_range+0x10/0x10 [ 144.075062][ T6596] __x64_sys_socket+0x72/0xb0 [ 144.075101][ T6596] ? lockdep_hardirqs_on+0x7c/0x110 [ 144.075129][ T6596] do_syscall_64+0xcd/0x490 [ 144.075172][ T6596] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.075202][ T6596] RIP: 0033:0x7f2c7178e9a9 [ 144.075226][ T6596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.075253][ T6596] RSP: 002b:00007f2c72549038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 144.075281][ T6596] RAX: ffffffffffffffda RBX: 00007f2c719b5fa0 RCX: 00007f2c7178e9a9 [ 144.075300][ T6596] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 000000000000002b [ 144.075318][ T6596] RBP: 00007f2c71810d69 R08: 0000000000000000 R09: 0000000000000000 [ 144.075335][ T6596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.075352][ T6596] R13: 0000000000000000 R14: 00007f2c719b5fa0 R15: 00007ffe84f268f8 [ 144.075391][ T6596] [ 144.358201][ T6584] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 144.457741][ T6599] FAULT_INJECTION: forcing a failure. [ 144.457741][ T6599] name fail_futex, interval 1, probability 0, space 0, times 1 [ 144.470663][ T6599] CPU: 0 UID: 0 PID: 6599 Comm: syz.1.134 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 144.470686][ T6599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 144.470696][ T6599] Call Trace: [ 144.470704][ T6599] [ 144.470712][ T6599] dump_stack_lvl+0x16c/0x1f0 [ 144.470735][ T6599] should_fail_ex+0x512/0x640 [ 144.470756][ T6599] get_futex_key+0x1d0/0x1540 [ 144.470779][ T6599] ? __pfx_get_futex_key+0x10/0x10 [ 144.470799][ T6599] ? pick_eevdf+0x3be/0x5b0 [ 144.470818][ T6599] ? update_curr_se+0x8b/0x270 [ 144.470839][ T6599] ? update_curr+0x74/0x800 [ 144.470866][ T6599] futex_wait_setup+0x84/0x510 [ 144.470895][ T6599] __futex_wait+0x194/0x2f0 [ 144.470919][ T6599] ? __pfx___futex_wait+0x10/0x10 [ 144.470941][ T6599] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 144.470977][ T6599] ? __pfx_futex_wake_mark+0x10/0x10 [ 144.471004][ T6599] ? plist_check_head+0xa3/0x150 [ 144.471025][ T6599] ? find_held_lock+0x2b/0x80 [ 144.471048][ T6599] futex_wait+0xe8/0x380 [ 144.471071][ T6599] ? __pfx_futex_wait+0x10/0x10 [ 144.471098][ T6599] ? kmem_cache_free+0x2d1/0x4d0 [ 144.471114][ T6599] ? fd_install+0x225/0x750 [ 144.471138][ T6599] ? putname+0x154/0x1a0 [ 144.471160][ T6599] do_futex+0x229/0x350 [ 144.471180][ T6599] ? __pfx_do_futex+0x10/0x10 [ 144.471202][ T6599] ? __sys_sendmsg+0x18c/0x220 [ 144.471222][ T6599] __x64_sys_futex+0x1e0/0x4c0 [ 144.471243][ T6599] ? __x64_sys_openat+0x174/0x210 [ 144.471266][ T6599] ? __pfx___x64_sys_futex+0x10/0x10 [ 144.471294][ T6599] do_syscall_64+0xcd/0x490 [ 144.471312][ T6599] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.471329][ T6599] RIP: 0033:0x7fa6f5b8e9a9 [ 144.471344][ T6599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.471360][ T6599] RSP: 002b:00007fa6f69100e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 144.471376][ T6599] RAX: ffffffffffffffda RBX: 00007fa6f5db5fa8 RCX: 00007fa6f5b8e9a9 [ 144.471386][ T6599] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa6f5db5fa8 [ 144.471396][ T6599] RBP: 00007fa6f5db5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 144.471406][ T6599] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa6f5db5fac [ 144.471415][ T6599] R13: 0000000000000000 R14: 00007ffdec2d58b0 R15: 00007ffdec2d5998 [ 144.471435][ T6599] [ 145.116991][ T6598] ima: policy update failed [ 145.121791][ T30] audit: type=1802 audit(6048146418.654:3): pid=6598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.134" res=0 errno=0 [ 145.791562][ T6626] FAULT_INJECTION: forcing a failure. [ 145.791562][ T6626] name failslab, interval 1, probability 0, space 0, times 0 [ 145.814178][ T6626] CPU: 0 UID: 0 PID: 6626 Comm: syz.3.137 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 145.814220][ T6626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 145.814238][ T6626] Call Trace: [ 145.814247][ T6626] [ 145.814258][ T6626] dump_stack_lvl+0x16c/0x1f0 [ 145.814294][ T6626] should_fail_ex+0x512/0x640 [ 145.814322][ T6626] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 145.814370][ T6626] should_failslab+0xc2/0x120 [ 145.814405][ T6626] __kmalloc_cache_noprof+0x6a/0x3e0 [ 145.814451][ T6626] ? lockdep_init_map_type+0x5c/0x280 [ 145.814491][ T6626] ? snd_seq_prioq_new+0x3f/0x110 [ 145.814543][ T6626] snd_seq_prioq_new+0x3f/0x110 [ 145.814587][ T6626] snd_seq_queue_alloc+0x153/0x550 [ 145.814635][ T6626] snd_seq_ioctl_create_queue+0xa9/0x380 [ 145.814669][ T6626] snd_seq_kernel_client_ctl+0x107/0x1c0 [ 145.814714][ T6626] alloc_seq_queue+0xda/0x180 [ 145.814750][ T6626] ? __pfx_alloc_seq_queue+0x10/0x10 [ 145.814811][ T6626] ? mark_held_locks+0x49/0x80 [ 145.814849][ T6626] ? _raw_spin_unlock_irq+0x23/0x50 [ 145.814899][ T6626] snd_seq_oss_open+0x38c/0xa20 [ 145.814952][ T6626] odev_open+0x6f/0x90 [ 145.814981][ T6626] ? __pfx_odev_open+0x10/0x10 [ 145.815013][ T6626] soundcore_open+0x409/0x580 [ 145.815049][ T6626] ? __pfx_soundcore_open+0x10/0x10 [ 145.815080][ T6626] chrdev_open+0x231/0x6a0 [ 145.815111][ T6626] ? __pfx_apparmor_file_open+0x10/0x10 [ 145.815156][ T6626] ? __pfx_chrdev_open+0x10/0x10 [ 145.815188][ T6626] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 145.815242][ T6626] do_dentry_open+0x744/0x1c10 [ 145.815273][ T6626] ? __pfx_chrdev_open+0x10/0x10 [ 145.815312][ T6626] vfs_open+0x82/0x3f0 [ 145.815355][ T6626] path_openat+0x1de4/0x2cb0 [ 145.815398][ T6626] ? __pfx_path_openat+0x10/0x10 [ 145.815429][ T6626] ? __lock_acquire+0xb8a/0x1c90 [ 145.815474][ T6626] do_filp_open+0x20b/0x470 [ 145.815504][ T6626] ? __pfx_do_filp_open+0x10/0x10 [ 145.815565][ T6626] ? alloc_fd+0x471/0x7d0 [ 145.815634][ T6626] do_sys_openat2+0x11b/0x1d0 [ 145.815674][ T6626] ? __pfx_do_sys_openat2+0x10/0x10 [ 145.815730][ T6626] __x64_sys_openat+0x174/0x210 [ 145.815772][ T6626] ? __pfx___x64_sys_openat+0x10/0x10 [ 145.815826][ T6626] do_syscall_64+0xcd/0x490 [ 145.815860][ T6626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.815889][ T6626] RIP: 0033:0x7ffa71d8e9a9 [ 145.815912][ T6626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.815947][ T6626] RSP: 002b:00007ffa72bed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 145.815975][ T6626] RAX: ffffffffffffffda RBX: 00007ffa71fb6080 RCX: 00007ffa71d8e9a9 [ 145.815994][ T6626] RDX: 0000000000000000 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 145.816012][ T6626] RBP: 00007ffa71e10d69 R08: 0000000000000000 R09: 0000000000000000 [ 145.816029][ T6626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 145.816045][ T6626] R13: 0000000000000000 R14: 00007ffa71fb6080 R15: 00007ffe3d7c96d8 [ 145.816089][ T6626] [ 146.140226][ T6629] net_ratelimit: 51 callbacks suppressed [ 146.140249][ T6629] netlink: zone id is out of range [ 146.161390][ T6629] netlink: zone id is out of range [ 146.176400][ T6629] netlink: zone id is out of range [ 146.190371][ T6629] netlink: zone id is out of range [ 146.224114][ T6629] netlink: zone id is out of range [ 146.233100][ T6629] netlink: zone id is out of range [ 146.324162][ T6629] netlink: zone id is out of range [ 146.330106][ T6629] netlink: zone id is out of range [ 146.335655][ T6629] netlink: zone id is out of range [ 146.341032][ T6629] netlink: zone id is out of range [ 146.874488][ T6645] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 147.506471][ T6653] vivid-009: ================= START STATUS ================= [ 147.535544][ T6653] vivid-009: Enable Output Cropping: true grabbed [ 147.546365][ T6653] vivid-009: Enable Output Composing: true grabbed [ 147.588216][ T6653] vivid-009: Enable Output Scaler: true grabbed [ 147.594593][ T6653] vivid-009: Tx RGB Quantization Range: Automatic grabbed [ 147.717045][ T6653] vivid-009: Transmit Mode: HDMI grabbed [ 147.766329][ T6653] vivid-009: Hotplug Present: 0x00000000 [ 147.799859][ T6653] vivid-009: RxSense Present: 0x00000000 [ 147.842776][ T6653] vivid-009: EDID Present: 0x00000000 [ 147.877916][ T6653] vivid-009: ================== END STATUS ================== [ 148.593495][ T6671] can: request_module (can-proto-3) failed. [ 154.426440][ T6757] net_ratelimit: 20 callbacks suppressed [ 154.426540][ T6757] netlink: zone id is out of range [ 154.450819][ T6757] netlink: zone id is out of range [ 154.469660][ T6757] netlink: zone id is out of range [ 154.504416][ T6757] netlink: zone id is out of range [ 154.531135][ T6757] netlink: zone id is out of range [ 154.551872][ T6757] netlink: zone id is out of range [ 154.600457][ T6757] netlink: zone id is out of range [ 154.722263][ T6757] netlink: zone id is out of range [ 154.742392][ T6757] netlink: zone id is out of range [ 154.748957][ T6757] netlink: zone id is out of range [ 157.283950][ T6800] FAULT_INJECTION: forcing a failure. [ 157.283950][ T6800] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 157.316372][ T6800] CPU: 1 UID: 0 PID: 6800 Comm: syz.2.166 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 157.316413][ T6800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 157.316427][ T6800] Call Trace: [ 157.316437][ T6800] [ 157.316448][ T6800] dump_stack_lvl+0x16c/0x1f0 [ 157.316493][ T6800] should_fail_ex+0x512/0x640 [ 157.316525][ T6800] _copy_from_user+0x2e/0xd0 [ 157.316555][ T6800] ____sys_sendmsg+0x607/0xc70 [ 157.316598][ T6800] ? __pfx_____sys_sendmsg+0x10/0x10 [ 157.316642][ T6800] ? __pfx__kstrtoull+0x10/0x10 [ 157.316689][ T6800] ___sys_sendmsg+0x134/0x1d0 [ 157.316729][ T6800] ? __pfx____sys_sendmsg+0x10/0x10 [ 157.316778][ T6800] ? find_held_lock+0x2b/0x80 [ 157.316832][ T6800] __sys_sendmmsg+0x200/0x420 [ 157.316867][ T6800] ? __pfx___sys_sendmmsg+0x10/0x10 [ 157.316909][ T6800] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 157.316955][ T6800] ? fput+0x70/0xf0 [ 157.316987][ T6800] ? ksys_write+0x1ac/0x250 [ 157.317012][ T6800] ? __pfx_ksys_write+0x10/0x10 [ 157.317051][ T6800] __x64_sys_sendmmsg+0x9c/0x100 [ 157.317080][ T6800] ? lockdep_hardirqs_on+0x7c/0x110 [ 157.317107][ T6800] do_syscall_64+0xcd/0x490 [ 157.317138][ T6800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.317166][ T6800] RIP: 0033:0x7f0e5a18e9a9 [ 157.317189][ T6800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.317215][ T6800] RSP: 002b:00007f0e5aff8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 157.317242][ T6800] RAX: ffffffffffffffda RBX: 00007f0e5a3b5fa0 RCX: 00007f0e5a18e9a9 [ 157.317260][ T6800] RDX: 0000000000000002 RSI: 00002000000006c0 RDI: 0000000000000003 [ 157.317275][ T6800] RBP: 00007f0e5aff8090 R08: 0000000000000000 R09: 0000000000000000 [ 157.317291][ T6800] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 157.317306][ T6800] R13: 0000000000000000 R14: 00007f0e5a3b5fa0 R15: 00007ffc98274738 [ 157.317343][ T6800] [ 158.809443][ T6816] FAULT_INJECTION: forcing a failure. [ 158.809443][ T6816] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 158.832585][ T6813] netlink: 28 bytes leftover after parsing attributes in process `syz.3.168'. [ 158.846467][ T6816] CPU: 0 UID: 0 PID: 6816 Comm: syz.1.169 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 158.846507][ T6816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 158.846524][ T6816] Call Trace: [ 158.846534][ T6816] [ 158.846546][ T6816] dump_stack_lvl+0x16c/0x1f0 [ 158.846579][ T6816] should_fail_ex+0x512/0x640 [ 158.846614][ T6816] should_fail_alloc_page+0xe7/0x130 [ 158.846649][ T6816] prepare_alloc_pages+0x3c2/0x610 [ 158.846685][ T6816] ? rcu_is_watching+0x12/0xc0 [ 158.846718][ T6816] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 158.846757][ T6816] ? css_rstat_updated+0x9d/0xd30 [ 158.846808][ T6816] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 158.846836][ T6816] ? __lock_acquire+0x622/0x1c90 [ 158.846866][ T6816] ? __asan_memcpy+0x3c/0x60 [ 158.846895][ T6816] ? __pfx_interleave_nid+0x10/0x10 [ 158.846914][ T6816] ? __lock_acquire+0x622/0x1c90 [ 158.846939][ T6816] ? policy_nodemask+0xea/0x4e0 [ 158.846961][ T6816] alloc_pages_mpol+0x1fb/0x550 [ 158.846981][ T6816] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 158.847008][ T6816] folio_alloc_mpol_noprof+0x36/0x2f0 [ 158.847040][ T6816] vma_alloc_folio_noprof+0xed/0x1e0 [ 158.847063][ T6816] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 158.847083][ T6816] ? find_held_lock+0x2b/0x80 [ 158.847101][ T6816] ? __handle_mm_fault+0x1092/0x5490 [ 158.847129][ T6816] __handle_mm_fault+0x2f21/0x5490 [ 158.847159][ T6816] ? __pfx___handle_mm_fault+0x10/0x10 [ 158.847184][ T6816] ? __pte_offset_map_lock+0x174/0x310 [ 158.847205][ T6816] ? find_held_lock+0x2b/0x80 [ 158.847220][ T6816] ? find_held_lock+0x2b/0x80 [ 158.847242][ T6816] ? follow_page_pte+0x3af/0x14c0 [ 158.847277][ T6816] handle_mm_fault+0x589/0xd10 [ 158.847306][ T6816] __get_user_pages+0x589/0x3b80 [ 158.847334][ T6816] ? __pfx_mt_find+0x10/0x10 [ 158.847353][ T6816] ? __pfx___get_user_pages+0x10/0x10 [ 158.847384][ T6816] populate_vma_page_range+0x278/0x3a0 [ 158.847408][ T6816] ? __pfx_populate_vma_page_range+0x10/0x10 [ 158.847430][ T6816] ? __pfx_find_vma_intersection+0x10/0x10 [ 158.847454][ T6816] ? do_mmap+0x69c/0x1210 [ 158.847478][ T6816] __mm_populate+0x1d8/0x380 [ 158.847502][ T6816] ? __pfx___mm_populate+0x10/0x10 [ 158.847527][ T6816] ? up_write+0x1b2/0x520 [ 158.847553][ T6816] vm_mmap_pgoff+0x362/0x450 [ 158.847575][ T6816] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 158.847595][ T6816] ? do_set_mempolicy+0x220/0x480 [ 158.847617][ T6816] ? __x64_sys_futex+0x1e0/0x4c0 [ 158.847636][ T6816] ? __x64_sys_futex+0x1e9/0x4c0 [ 158.847658][ T6816] ksys_mmap_pgoff+0x7d/0x5c0 [ 158.847678][ T6816] ? xfd_validate_state+0x61/0x180 [ 158.847699][ T6816] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 158.847721][ T6816] __x64_sys_mmap+0x125/0x190 [ 158.847746][ T6816] do_syscall_64+0xcd/0x490 [ 158.847765][ T6816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.847788][ T6816] RIP: 0033:0x7fa6f5b8e9a9 [ 158.847804][ T6816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.847819][ T6816] RSP: 002b:00007fa6f6910038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 158.847836][ T6816] RAX: ffffffffffffffda RBX: 00007fa6f5db5fa0 RCX: 00007fa6f5b8e9a9 [ 158.847847][ T6816] RDX: 00000000000000df RSI: 000000000040000b RDI: 0000000000000000 [ 158.847857][ T6816] RBP: 00007fa6f5c10d69 R08: 0000000000000002 R09: 0000000000008000 [ 158.847867][ T6816] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 158.847878][ T6816] R13: 0000000000000000 R14: 00007fa6f5db5fa0 R15: 00007ffdec2d5998 [ 158.847900][ T6816] [ 159.212045][ T6813] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 159.229776][ T6813] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 159.290523][ T6813] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 159.315713][ T6813] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 160.137677][ T6836] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 161.206616][ T6851] random: crng reseeded on system resumption                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            [ 172.715904][ T7024] ref_tracker: memory allocation failure, unreliable refcount tracker. syzkaller syzkaller login: [ 172.953030][ T30] audit: type=1804 audit(6048146446.484:4): pid=7022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.207" name="/newroot/49/file0" dev="tmpfs" ino=280 res=1 errno=0 [ 175.327052][ T7060] net_ratelimit: 50 callbacks suppressed [ 175.327077][ T7060] netlink: zone id is out of range [ 175.553592][ T7060] netlink: zone id is out of range [ 175.582685][ T7060] netlink: zone id is out of range [ 175.627290][ T7060] netlink: zone id is out of range [ 175.637211][ T7060] netlink: zone id is out of range [ 175.652059][ T7060] netlink: zone id is out of range [ 175.665442][ T7060] netlink: zone id is out of range [ 175.679451][ T7060] netlink: zone id is out of range [ 175.721171][ T7060] netlink: zone id is out of range [ 175.818700][ T7060] netlink: zone id is out of range [ 178.538199][ T7110] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 178.607313][ T7110] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 178.634457][ T7110] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 178.686567][ T7110] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 180.183606][ T30] audit: type=1804 audit(6048146453.714:5): pid=7160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.235" name="/newroot/62/file0" dev="tmpfs" ino=338 res=1 errno=0 [ 180.261662][ T30] audit: type=1800 audit(6048146453.714:6): pid=7160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.235" name="file0" dev="tmpfs" ino=338 res=0 errno=0 [ 180.516675][ T5848] Bluetooth: hci0: command 0x0c1a tx timeout [ 180.686462][ T5848] Bluetooth: hci2: command 0x0c1a tx timeout [ 180.692616][ T5857] Bluetooth: hci1: command 0x0c1a tx timeout [ 180.756478][ T5848] Bluetooth: hci3: command 0x0c1a tx timeout [ 181.488384][ T7201] FAULT_INJECTION: forcing a failure. [ 181.488384][ T7201] name failslab, interval 1, probability 0, space 0, times 0 [ 181.536797][ T7201] CPU: 0 UID: 0 PID: 7201 Comm: syz.2.242 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 181.536838][ T7201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 181.536855][ T7201] Call Trace: [ 181.536865][ T7201] [ 181.536876][ T7201] dump_stack_lvl+0x16c/0x1f0 [ 181.536911][ T7201] should_fail_ex+0x512/0x640 [ 181.536939][ T7201] ? __kmalloc_noprof+0xbf/0x510 [ 181.536972][ T7201] ? sk_prot_alloc+0x1a8/0x2a0 [ 181.537007][ T7201] should_failslab+0xc2/0x120 [ 181.537041][ T7201] __kmalloc_noprof+0xd2/0x510 [ 181.537080][ T7201] sk_prot_alloc+0x1a8/0x2a0 [ 181.537120][ T7201] sk_alloc+0x36/0xc20 [ 181.537150][ T7201] pppol2tp_create+0x32/0x250 [ 181.537192][ T7201] pppox_create+0x159/0x2c0 [ 181.537231][ T7201] __sock_create+0x335/0x8d0 [ 181.537278][ T7201] __sys_socket+0x14d/0x260 [ 181.537319][ T7201] ? __pfx___sys_socket+0x10/0x10 [ 181.537359][ T7201] ? xfd_validate_state+0x61/0x180 [ 181.537396][ T7201] ? __pfx_do_pwritev+0x10/0x10 [ 181.537449][ T7201] __x64_sys_socket+0x72/0xb0 [ 181.537486][ T7201] ? lockdep_hardirqs_on+0x7c/0x110 [ 181.537514][ T7201] do_syscall_64+0xcd/0x490 [ 181.537547][ T7201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.537577][ T7201] RIP: 0033:0x7f0e5a18e9a9 [ 181.537600][ T7201] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.537627][ T7201] RSP: 002b:00007f0e5aff8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 181.537656][ T7201] RAX: ffffffffffffffda RBX: 00007f0e5a3b5fa0 RCX: 00007f0e5a18e9a9 [ 181.537675][ T7201] RDX: 0000000000000001 RSI: 0000000000000005 RDI: 0000000000000018 [ 181.537692][ T7201] RBP: 00007f0e5a210d69 R08: 0000000000000000 R09: 0000000000000000 [ 181.537718][ T7201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 181.537735][ T7201] R13: 0000000000000000 R14: 00007f0e5a3b5fa0 R15: 00007ffc98274738 [ 181.537774][ T7201] [ 181.889819][ T7204] net_ratelimit: 50 callbacks suppressed [ 181.889844][ T7204] netlink: zone id is out of range [ 181.945716][ T7204] netlink: zone id is out of range [ 181.968196][ T7204] netlink: zone id is out of range [ 181.996406][ T7204] netlink: zone id is out of range [ 182.001977][ T7204] netlink: zone id is out of range [ 182.013336][ T7204] netlink: zone id is out of range [ 182.019986][ T7204] netlink: zone id is out of range [ 182.030299][ T7204] netlink: zone id is out of range [ 182.045130][ T7204] netlink: zone id is out of range [ 182.055288][ T7204] netlink: zone id is out of range [ 184.208799][ T7243] netlink: 44 bytes leftover after parsing attributes in process `syz.0.251'. [ 187.955520][ T7307] netlink: 'syz.1.263': attribute type 2 has an invalid length. [ 191.129357][ T7383] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input10 [ 191.976676][ T30] audit: type=1804 audit(6048146465.504:7): pid=7398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.290" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 192.182978][ T7400] netlink: 28 bytes leftover after parsing attributes in process `syz.3.291'. [ 192.299735][ T7400] team0: Port device team_slave_0 removed [ 192.468637][ T7411] net_ratelimit: 20 callbacks suppressed [ 192.468663][ T7411] openvswitch: netlink: IP tunnel TTL not specified. [ 193.322436][ T7414] FAULT_INJECTION: forcing a failure. [ 193.322436][ T7414] name failslab, interval 1, probability 0, space 0, times 0 [ 193.376957][ T7414] CPU: 1 UID: 0 PID: 7414 Comm: syz.0.293 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 193.377001][ T7414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 193.377016][ T7414] Call Trace: [ 193.377026][ T7414] [ 193.377037][ T7414] dump_stack_lvl+0x16c/0x1f0 [ 193.377074][ T7414] should_fail_ex+0x512/0x640 [ 193.377102][ T7414] ? fs_reclaim_acquire+0xae/0x150 [ 193.377141][ T7414] should_failslab+0xc2/0x120 [ 193.377173][ T7414] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 193.377204][ T7414] ? ima_inode_get+0x120/0x580 [ 193.377240][ T7414] ima_inode_get+0x120/0x580 [ 193.377275][ T7414] process_measurement+0x585/0x23e0 [ 193.377313][ T7414] ? do_raw_spin_lock+0x12c/0x2b0 [ 193.377367][ T7414] ? __pfx_process_measurement+0x10/0x10 [ 193.377405][ T7414] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 193.377449][ T7414] ? lockdep_hardirqs_on+0x7c/0x110 [ 193.377482][ T7414] ? tracing_open+0xc71/0xf90 [ 193.377556][ T7414] ? tracing_open+0x1d6/0xf90 [ 193.377585][ T7414] ? inode_to_bdi+0x9e/0x160 [ 193.377623][ T7414] ima_file_check+0xc5/0x110 [ 193.377655][ T7414] ? __pfx_ima_file_check+0x10/0x10 [ 193.377697][ T7414] security_file_post_open+0x8e/0x210 [ 193.377743][ T7414] path_openat+0x1404/0x2cb0 [ 193.377783][ T7414] ? __pfx_path_openat+0x10/0x10 [ 193.377814][ T7414] ? __lock_acquire+0xb8a/0x1c90 [ 193.377860][ T7414] do_filp_open+0x20b/0x470 [ 193.377888][ T7414] ? __pfx_do_filp_open+0x10/0x10 [ 193.377948][ T7414] ? alloc_fd+0x471/0x7d0 [ 193.378004][ T7414] do_sys_openat2+0x11b/0x1d0 [ 193.378042][ T7414] ? __pfx_do_sys_openat2+0x10/0x10 [ 193.378093][ T7414] __x64_sys_openat+0x174/0x210 [ 193.378132][ T7414] ? __pfx___x64_sys_openat+0x10/0x10 [ 193.378188][ T7414] do_syscall_64+0xcd/0x490 [ 193.378220][ T7414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.378248][ T7414] RIP: 0033:0x7f2c7178e9a9 [ 193.378273][ T7414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 193.378297][ T7414] RSP: 002b:00007f2c72528038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 193.378324][ T7414] RAX: ffffffffffffffda RBX: 00007f2c719b6080 RCX: 00007f2c7178e9a9 [ 193.378343][ T7414] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 193.378370][ T7414] RBP: 00007f2c71810d69 R08: 0000000000000000 R09: 0000000000000000 [ 193.378387][ T7414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.378404][ T7414] R13: 0000000000000000 R14: 00007f2c719b6080 R15: 00007ffe84f268f8 [ 193.378442][ T7414] [ 193.637860][ C1] vkms_vblank_simulate: vblank timer overrun [ 193.994099][ T7433] random: crng reseeded on system resumption [ 194.754271][ T7455] FAULT_INJECTION: forcing a failure. [ 194.754271][ T7455] name failslab, interval 1, probability 0, space 0, times 0 [ 194.767433][ T7455] CPU: 1 UID: 0 PID: 7455 Comm: syz.0.301 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 194.767473][ T7455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 194.767491][ T7455] Call Trace: [ 194.767501][ T7455] [ 194.767512][ T7455] dump_stack_lvl+0x16c/0x1f0 [ 194.767548][ T7455] should_fail_ex+0x512/0x640 [ 194.767577][ T7455] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 194.767613][ T7455] should_failslab+0xc2/0x120 [ 194.767655][ T7455] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 194.767687][ T7455] ? lockdep_init_map_type+0x5c/0x280 [ 194.767729][ T7455] ? __d_alloc+0x31/0xaa0 [ 194.767765][ T7455] __d_alloc+0x31/0xaa0 [ 194.767800][ T7455] d_alloc_pseudo+0x1c/0xc0 [ 194.767838][ T7455] alloc_file_pseudo+0xcf/0x230 [ 194.767877][ T7455] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 194.767916][ T7455] ? alloc_fd+0x471/0x7d0 [ 194.767967][ T7455] sock_alloc_file+0x50/0x210 [ 194.768003][ T7455] __sys_socket+0x1c0/0x260 [ 194.768041][ T7455] ? fput+0x70/0xf0 [ 194.768073][ T7455] ? __pfx___sys_socket+0x10/0x10 [ 194.768113][ T7455] ? xfd_validate_state+0x61/0x180 [ 194.768152][ T7455] ? __pfx_ksys_write+0x10/0x10 [ 194.768187][ T7455] __x64_sys_socket+0x72/0xb0 [ 194.768226][ T7455] ? lockdep_hardirqs_on+0x7c/0x110 [ 194.768254][ T7455] do_syscall_64+0xcd/0x490 [ 194.768287][ T7455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.768316][ T7455] RIP: 0033:0x7f2c7178e9a9 [ 194.768340][ T7455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.768367][ T7455] RSP: 002b:00007f2c72549038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 194.768394][ T7455] RAX: ffffffffffffffda RBX: 00007f2c719b5fa0 RCX: 00007f2c7178e9a9 [ 194.768412][ T7455] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 194.768429][ T7455] RBP: 00007f2c71810d69 R08: 0000000000000000 R09: 0000000000000000 [ 194.768446][ T7455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 194.768462][ T7455] R13: 0000000000000000 R14: 00007f2c719b5fa0 R15: 00007ffe84f268f8 [ 194.768501][ T7455] [ 194.984879][ C1] vkms_vblank_simulate: vblank timer overrun [ 195.289146][ T7459] netlink: 93 bytes leftover after parsing attributes in process `syz.1.302'. [ 195.674481][ T7447] ptrace attach of "./syz-executor exec"[5849] was attempted by "./syz-executor exec"[7447] [ 197.181889][ T7506] ================================================================== [ 197.190129][ T7506] BUG: KASAN: slab-out-of-bounds in afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 197.198877][ T7506] Read of size 1 at addr ffff8881436f15a8 by task syz.1.311/7506 [ 197.206649][ T7506] [ 197.209018][ T7506] CPU: 0 UID: 0 PID: 7506 Comm: syz.1.311 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 197.209056][ T7506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 197.209075][ T7506] Call Trace: [ 197.209084][ T7506] [ 197.209096][ T7506] dump_stack_lvl+0x116/0x1f0 [ 197.209131][ T7506] print_report+0xcd/0x610 [ 197.209165][ T7506] ? __virt_addr_valid+0x81/0x610 [ 197.209197][ T7506] ? __phys_addr+0xe8/0x180 [ 197.209230][ T7506] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 197.209270][ T7506] kasan_report+0xe0/0x110 [ 197.209304][ T7506] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 197.209349][ T7506] afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 197.209403][ T7506] ? __lock_acquire+0xb8a/0x1c90 [ 197.209450][ T7506] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10 [ 197.209505][ T7506] ? find_held_lock+0x2b/0x80 [ 197.209534][ T7506] ? __might_fault+0xe3/0x190 [ 197.209562][ T7506] ? __might_fault+0xe3/0x190 [ 197.209589][ T7506] ? __might_fault+0x13b/0x190 [ 197.209643][ T7506] ? proc_simple_write+0x117/0x1b0 [ 197.209682][ T7506] proc_simple_write+0x117/0x1b0 [ 197.209719][ T7506] ? __pfx_proc_simple_write+0x10/0x10 [ 197.209756][ T7506] proc_reg_write+0x23d/0x330 [ 197.209788][ T7506] ? __pfx_proc_reg_write+0x10/0x10 [ 197.209816][ T7506] vfs_writev+0x5dc/0xde0 [ 197.209859][ T7506] ? __pfx___mutex_trylock_common+0x10/0x10 [ 197.209910][ T7506] ? __pfx_vfs_writev+0x10/0x10 [ 197.209954][ T7506] ? __mutex_lock+0x1ca/0xb90 [ 197.209983][ T7506] ? kmem_cache_free+0x2d1/0x4d0 [ 197.210015][ T7506] ? __pfx___mutex_lock+0x10/0x10 [ 197.210054][ T7506] ? __fget_files+0x20e/0x3c0 [ 197.210108][ T7506] ? do_writev+0x132/0x340 [ 197.210150][ T7506] do_writev+0x132/0x340 [ 197.210195][ T7506] ? __pfx_do_writev+0x10/0x10 [ 197.210245][ T7506] do_syscall_64+0xcd/0x490 [ 197.210278][ T7506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.210308][ T7506] RIP: 0033:0x7fa6f5b8e9a9 [ 197.210332][ T7506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 197.210361][ T7506] RSP: 002b:00007fa6f6910038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 197.210390][ T7506] RAX: ffffffffffffffda RBX: 00007fa6f5db5fa0 RCX: 00007fa6f5b8e9a9 [ 197.210411][ T7506] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 197.210429][ T7506] RBP: 00007fa6f5c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 197.210447][ T7506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 197.210465][ T7506] R13: 0000000000000000 R14: 00007fa6f5db5fa0 R15: 00007ffdec2d5998 [ 197.210492][ T7506] [ 197.210502][ T7506] [ 197.469278][ T7506] Allocated by task 7506: [ 197.473622][ T7506] kasan_save_stack+0x33/0x60 [ 197.478326][ T7506] kasan_save_track+0x14/0x30 [ 197.483026][ T7506] __kasan_kmalloc+0xaa/0xb0 [ 197.487634][ T7506] __kmalloc_node_track_caller_noprof+0x221/0x510 [ 197.494072][ T7506] memdup_user_nul+0x2b/0x120 [ 197.498769][ T7506] proc_simple_write+0xc7/0x1b0 [ 197.503640][ T7506] proc_reg_write+0x23d/0x330 [ 197.508335][ T7506] vfs_writev+0x5dc/0xde0 [ 197.512687][ T7506] do_writev+0x132/0x340 [ 197.516974][ T7506] do_syscall_64+0xcd/0x490 [ 197.521521][ T7506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.527449][ T7506] [ 197.529786][ T7506] The buggy address belongs to the object at ffff8881436f15a0 [ 197.529786][ T7506] which belongs to the cache kmalloc-8 of size 8 [ 197.543511][ T7506] The buggy address is located 0 bytes to the right of [ 197.543511][ T7506] allocated 8-byte region [ffff8881436f15a0, ffff8881436f15a8) [ 197.557843][ T7506] [ 197.560177][ T7506] The buggy address belongs to the physical page: [ 197.566592][ T7506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8881436f1300 pfn:0x1436f1 [ 197.576765][ T7506] anon flags: 0x57ff00000000000(node=1|zone=2|lastcpupid=0x7ff) [ 197.584499][ T7506] page_type: f5(slab) [ 197.588503][ T7506] raw: 057ff00000000000 ffff88801b841500 0000000000000000 dead000000000001 [ 197.597103][ T7506] raw: ffff8881436f1300 000000008080007f 00000000f5000000 0000000000000000 [ 197.605696][ T7506] page dumped because: kasan: bad access detected [ 197.612122][ T7506] page_owner tracks the page as allocated [ 197.617845][ T7506] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 1, tgid 1 (swapper/0), ts 3537867815, free_ts 3224172097 [ 197.636279][ T7506] post_alloc_hook+0x1c0/0x230 [ 197.641091][ T7506] get_page_from_freelist+0x1321/0x3890 [ 197.646676][ T7506] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 197.652600][ T7506] alloc_pages_mpol+0x1fb/0x550 [ 197.657479][ T7506] new_slab+0x23b/0x330 [ 197.661655][ T7506] ___slab_alloc+0xd9c/0x1940 [ 197.666357][ T7506] __slab_alloc.constprop.0+0x56/0xb0 [ 197.671757][ T7506] __kmalloc_noprof+0x2f2/0x510 [ 197.676632][ T7506] acpi_ns_internalize_name+0x144/0x220 [ 197.682210][ T7506] acpi_ns_get_node_unlocked+0x163/0x310 [ 197.687874][ T7506] acpi_ns_get_node+0x4c/0x70 [ 197.692668][ T7506] acpi_get_handle+0x105/0x270 [ 197.697451][ T7506] acpi_has_method+0x7a/0xc0 [ 197.702076][ T7506] acpi_is_video_device+0x15b/0x210 [ 197.707294][ T7506] acpi_init_device_object+0x115d/0x1970 [ 197.712955][ T7506] acpi_add_single_object+0xea/0x1b80 [ 197.718347][ T7506] page last free pid 1 tgid 1 stack trace: [ 197.724162][ T7506] __free_frozen_pages+0x7fe/0x1180 [ 197.729387][ T7506] __put_partials+0x16d/0x1c0 [ 197.734087][ T7506] qlist_free_all+0x4d/0x120 [ 197.738688][ T7506] kasan_quarantine_remove_cache+0xe7/0x180 [ 197.744596][ T7506] kmem_cache_shrink+0xd/0x20 [ 197.749296][ T7506] acpi_os_purge_cache+0x15/0x20 [ 197.754257][ T7506] acpi_purge_cached_objects+0x34/0x100 [ 197.759819][ T7506] acpi_initialize_objects+0x47/0xa0 [ 197.765129][ T7506] acpi_init+0x168/0xb60 [ 197.769398][ T7506] do_one_initcall+0x120/0x6e0 [ 197.774531][ T7506] kernel_init_freeable+0x5c2/0x900 [ 197.779758][ T7506] kernel_init+0x1c/0x2b0 [ 197.784113][ T7506] ret_from_fork+0x5d7/0x6f0 [ 197.788734][ T7506] ret_from_fork_asm+0x1a/0x30 [ 197.793518][ T7506] [ 197.795850][ T7506] Memory state around the buggy address: [ 197.801486][ T7506] ffff8881436f1480: 05 fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 197.809560][ T7506] ffff8881436f1500: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 197.817635][ T7506] >ffff8881436f1580: fa fc fc fc 00 fc fc fc fa fc fc fc fa fc fc fc [ 197.825707][ T7506] ^ [ 197.831081][ T7506] ffff8881436f1600: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 197.839157][ T7506] ffff8881436f1680: fa fc fc fc fa fc fc fc fa fc fc fc fa fc fc fc [ 197.847226][ T7506] ================================================================== [ 197.886677][ T7506] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 197.893961][ T7506] CPU: 1 UID: 0 PID: 7506 Comm: syz.1.311 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) [ 197.904172][ T7506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 197.914278][ T7506] Call Trace: [ 197.917603][ T7506] [ 197.920581][ T7506] dump_stack_lvl+0x3d/0x1f0 [ 197.925230][ T7506] panic+0x71c/0x800 [ 197.929192][ T7506] ? __pfx_panic+0x10/0x10 [ 197.933664][ T7506] ? mark_held_locks+0x49/0x80 [ 197.938492][ T7506] ? preempt_schedule_thunk+0x16/0x30 [ 197.943924][ T7506] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 197.949938][ T7506] ? preempt_schedule_common+0x44/0xc0 [ 197.955440][ T7506] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 197.961446][ T7506] check_panic_on_warn+0xab/0xb0 [ 197.966421][ T7506] end_report+0x107/0x170 [ 197.970775][ T7506] kasan_report+0xee/0x110 [ 197.975215][ T7506] ? afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 197.981227][ T7506] afs_proc_addr_prefs_write+0x13a9/0x15f0 [ 197.987153][ T7506] ? __lock_acquire+0xb8a/0x1c90 [ 197.992121][ T7506] ? __pfx_afs_proc_addr_prefs_write+0x10/0x10 [ 197.998307][ T7506] ? find_held_lock+0x2b/0x80 [ 198.003000][ T7506] ? __might_fault+0xe3/0x190 [ 198.007696][ T7506] ? __might_fault+0xe3/0x190 [ 198.012385][ T7506] ? __might_fault+0x13b/0x190 [ 198.017168][ T7506] ? proc_simple_write+0x117/0x1b0 [ 198.022300][ T7506] proc_simple_write+0x117/0x1b0 [ 198.027261][ T7506] ? __pfx_proc_simple_write+0x10/0x10 [ 198.032744][ T7506] proc_reg_write+0x23d/0x330 [ 198.037526][ T7506] ? __pfx_proc_reg_write+0x10/0x10 [ 198.042752][ T7506] vfs_writev+0x5dc/0xde0 [ 198.047110][ T7506] ? __pfx___mutex_trylock_common+0x10/0x10 [ 198.053118][ T7506] ? __pfx_vfs_writev+0x10/0x10 [ 198.058171][ T7506] ? __mutex_lock+0x1ca/0xb90 [ 198.062865][ T7506] ? kmem_cache_free+0x2d1/0x4d0 [ 198.067834][ T7506] ? __pfx___mutex_lock+0x10/0x10 [ 198.072882][ T7506] ? __fget_files+0x20e/0x3c0 [ 198.077686][ T7506] ? do_writev+0x132/0x340 [ 198.082128][ T7506] do_writev+0x132/0x340 [ 198.086429][ T7506] ? __pfx_do_writev+0x10/0x10 [ 198.091253][ T7506] do_syscall_64+0xcd/0x490 [ 198.095780][ T7506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.101692][ T7506] RIP: 0033:0x7fa6f5b8e9a9 [ 198.106124][ T7506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.125839][ T7506] RSP: 002b:00007fa6f6910038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 198.134272][ T7506] RAX: ffffffffffffffda RBX: 00007fa6f5db5fa0 RCX: 00007fa6f5b8e9a9 [ 198.142257][ T7506] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 198.150246][ T7506] RBP: 00007fa6f5c10d69 R08: 0000000000000000 R09: 0000000000000000 [ 198.158230][ T7506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.166222][ T7506] R13: 0000000000000000 R14: 00007fa6f5db5fa0 R15: 00007ffdec2d5998 [ 198.174219][ T7506] [ 198.177402][ T7506] Kernel Offset: disabled [ 198.181732][ T7506] Rebooting in 86400 seconds..