last executing test programs: 11.293251923s ago: executing program 2 (id=897): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="030100c7b2000000000000000000008ab719e990d200000000faff0000000000000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x8000) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) msync$auto(0x7f, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r3 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r3, &(0x7f0000000000)='-\x00', 0x2fb) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x24, 0x0, 0x13, 0x70bd2c, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r4}, @NL80211_ATTR_TXQ_LIMIT={0x8, 0x10a, 0xa02}]}, 0x24}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894) sendmsg$auto_NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x1c, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20080000) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0009, 0x13) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) remap_file_pages$auto(0x8, 0xda, 0x5, 0x4, 0x4) 10.130389569s ago: executing program 1 (id=902): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) mlockall$auto(0x7) modify_ldt$auto(0x1, 0x0, 0x10) getrandom$auto(0x0, 0x5, 0x80003) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_TUNSETVNETBE(0xffffffffffffffff, 0x400454de, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x58c) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) sendmsg$auto_NL80211_CMD_STOP_AP(r1, 0x0, 0x14) open(0x0, 0x22240, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0x10000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 8.562252544s ago: executing program 2 (id=904): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) socket(0x8, 0x2, 0xfffffffd) r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) bind$auto(r1, 0x0, 0x67) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000640)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_DEL_PMK(r3, 0x0, 0x8000) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x1, 0x0) ioctl$auto_SOUND_MIXER_READ_DEVMASK2(r4, 0x80044dfe, &(0x7f0000000040)) unshare$auto(0x40000080) 8.554815322s ago: executing program 1 (id=912): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WOWLAN(0xffffffffffffffff, 0x0, 0x4004010) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf25040000000400100008000cf1edfba1d1e45aea61b8f7020700000002681af944a5465101930e1f4b991ef2f10f485ddf80e07251de39066555baed365ef3"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) brk$auto(0xffffffffffffff66) write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f0000000300)="352c8efa618c0bcf83a4ebdb278754e15f334a572cad539da201096bbbc2ce7db19c429be7137d848ef31b38b0b3c7da1c61fef8e0e24e400f96eb989b4f68220f90f3df243e352f17abbc44e0cfececd72dc611200c0fc4cb84d1fc175dc31b38e002c53627c31e0f3a31c079ae368fd33dfdfc97f40f7f", 0x78) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000200), 0x84200, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="01002dbd7000fcdbdf256f0000000500d5000500000008001f01060000009e00bd004c59080974edf6e2f7df838fc99571f987047ddd4500b8d4eb66ab1c3eb74de348f2527e80024987ed12f626e267080de8ea6039ac549cb1f5a877d62de0757e764a0231e7ef8647883e3bfb0b5297c36eb225267f0fb849f9fdbf50233dedcf85441d4fe6ca9de163d3a565f0c2ff599c0308af4a0f01a34a1961eba6aea679d7f16f3ad2cb9ebce2bd74e094fbaabec699f5e3aed9eb26075e00000500d20008000000b0acbec656a5a93455b224772ae945dd3fca78967e215b3f1e4dde2bffc3bfd9932d83d208d986a93e26982d51a8f2d2a59f0b83988b5ded03cdf59d85bb537f6707b099fda65a1fcbb36a905ceb5f9342014f96f1b2286ab5c2aebe607ce6911d71fdbe4e42e63c1d3ba59a7ee34cb71457c5174d491ce3a626887f2bd26d8456be36dfecd165e3fc98e5c5c6cf4ce56de5abf7d523aaff54273a366183abe1305627ab5a28cc1ecce217619e143ba1f977"], 0xcc}, 0x1, 0x0, 0x0, 0x4040}, 0xc000) mmap$auto(0x8, 0x2, 0xea2, 0x24f0c8f3, r1, 0xda3) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) fstatfs$auto(r5, 0x0) 6.695140887s ago: executing program 0 (id=906): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) mlockall$auto(0x7) modify_ldt$auto(0x1, 0x0, 0x10) getrandom$auto(0x0, 0x5, 0x80003) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_TUNSETVNETBE(0xffffffffffffffff, 0x400454de, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x58c) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) sendmsg$auto_NL80211_CMD_STOP_AP(r1, 0x0, 0x14) open(0x0, 0x22240, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0x10000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 6.599970111s ago: executing program 1 (id=907): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) mlockall$auto(0x7) modify_ldt$auto(0x1, 0x0, 0x10) getrandom$auto(0x0, 0x5, 0x80003) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_TUNSETVNETBE(0xffffffffffffffff, 0x400454de, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x58c) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) sendmsg$auto_NL80211_CMD_STOP_AP(r1, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, r2, 0x129, 0x70bd2c, 0x25dfdbfb, {}, [@NL80211_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x5a88314c8e109829}, 0x14) open(0x0, 0x22240, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0x10000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 5.76193469s ago: executing program 3 (id=908): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto(0xfff, 0x8, 0xab8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) socket(0x2, 0x801, 0x100) mmap$auto(0x1, 0x3, 0x3, 0x55, r0, 0x8001) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/node/has_memory\x00', 0x22100, 0x0) read$auto_check_wx_fops_(r1, 0x0, 0x0) mlockall$auto(0x5) mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv6/conf/sit0/ioam6_id\x00', 0x88800, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0) syz_genetlink_get_family_id$auto_nlbl_mgmt(0x0, 0xffffffffffffffff) io_uring_setup$auto(0x8, 0x0) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x28, 0x80000, 0x300) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0643, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r2, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 5.323973158s ago: executing program 2 (id=909): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/thread-self/net/dev_mcast\x00', 0x404080, 0x0) write$auto(r0, 0x0, 0x7ef) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/type\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000040)=""/116, 0x74) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) modify_ldt$auto(0x1, 0x0, 0x10) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x12, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f0000000440)='/Eev/audio1\x00VI\xa3\xaa\xb1\x05\x00\x00\x00\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\x89C:\xc3\xcbx*=\x12\xb4q\xeeC\x81\n\\_\x04D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\x9e\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x6, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x8cec, 0x6]}, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0) sendfile$auto(r3, r3, 0x0, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x80400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0xffffffffffffbfff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x200007, 0x19) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x2, 0x8, 0x0) 4.813650536s ago: executing program 0 (id=910): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x11a001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x100000001ff, 0x7, 0x3, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x5, 0x62, 0x80000001, 0x5, 0x5, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) pwrite64$auto(r2, 0x0, 0x6bc, 0x5) readahead$auto(r2, 0x4, 0x4) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0x4, 0x300000000000) r3 = io_uring_setup$auto(0x6, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) ioctl$auto(r4, 0xc1205531, r3) sysfs$auto(0x5, 0x100000074e, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) semget$auto(0x0, 0x13c, 0x1ff) 4.478425773s ago: executing program 1 (id=911): sendmsg$auto_SMC_NETLINK_REMOVE_UEID(0xffffffffffffffff, 0x0, 0x20000000) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/adsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETODELAY(r0, 0x80045017, &(0x7f0000000c00)) io_uring_setup$auto(0x6, 0x0) openat$auto_split_huge_pages_fops_huge_memory(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0x2404c800) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x800c000, 0x4800c000, 0x800c000}, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x105}) ioctl$auto(0x3, 0x80004509, 0x10000000000402) ioctl$auto(0x3, 0x800005411, 0x38) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 3.479317419s ago: executing program 3 (id=913): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2481, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x3ff, 0x0, 0x3, 0x5f, 0x0, 0x3}, 0x6f3) r0 = openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cpu/1/msr\x00', 0xf82, 0x0) readv$auto(r0, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) ioctl$auto_BTRFS_IOC_FORGET_DEV(0xffffffffffffffff, 0x50009405, &(0x7f00000001c0)={@raw=0xbe, "147f624b05a2b22a62eb108f57b62c1a128c0f4a188dab9dc484db51686adb5a70d52b7f2f66145c31facd1cbb574c587628bd4cd6107b246f8f98fc23c6a864a492955d4c9350848a1d376d48008c8245ef620306a514c0e2f4dccf4932b8161402a453d31f6a2849bd701d53c73b5c87638db257f5ee75b4b2f3050dcd85bdda18e5f6c8f07bcbafc93b528f48baacd00dff67c662817347d58f7e2540061f146deeeb8a8fbea98e59c0ed49ac5898827aaa13b42a504dc9de98747915c70a39df9e7ad1373109c541923589e6364976cd3168fe3d0f085186627bde1577bbf260387eb8ecb5ad8d705de9f1e9b3d50ce454db9cbecf236dffbd3b274b5a7a63d3be027f04c7111ed622df2830ad588ef1d8b6c480b0f0772b5e7f621f8afa59a92859c296e01a7fa3f30f0d0d4337652988adb2b9d680d2c4f9896e1139548670c3598f33ba0f43def8ca1044626e75ca4d2b886f6db26ebb438a587407e59cf70e6cedf804044a4ccbccdcdcfd3e18152f5ac92af75d4deb491679de72f1b13ad5478ed08bb7acfc503580dae5c23583d01fdfecc9207f9e276540cf2328ba7a585937fd6acbda9a3a770277729be4f41177789decd4e0854b9861c08504c89215d7e8ce3473a0ad98f25d1d9e5fe2054a4ba9d3e0a67718ac00f384b74f5c8b24097e30e63af0c374c78f21d0af94486933450a311f8194051592e9e37607542244627393d338575c5a0a51815a01bd5ecf313cadddbb3c6bd4941a5c636b0c884ea266740b25c397ff3ea626070602d43ffbbebc0bddfdc47602432ecedce3bb6b0aba196f0eb714251d210bc979b4518005e41b5b6b0fc0ba793a8e77edd81553ce3a99cf9e7f4a9a41858e1971ac4127fa9995c888259e3436b7366e1344955ec1dd8628581a07056ec537e8196f87ab570af4fb4744f874fb283f8a54cae01cb32f70543eb60b6f65cc5269171d7e5fff4cbe4cc0b76983aaba8d869d8848e496e2c5359251a39e5f9d1c0c6756456dcdd744e82594b2a6bfe3db7877c7fc123c259f8f70b36b3c48ae31875d5cf3eb6b00a32e107f419a079641e51c8233f4c304b4bf7942814ec1eb8166f0b168d76fb3c05cb1d0ccd66fd15cbb399f3730076246721f4d71f5bbcb63d2309c74878bb16ec592873f7514b66118673f808c2cb16b4a7b3be7b560b5183bb231be5829d9de866ecbf23c70779c6f9d37b7d185cdf53a328eeee8ea27931c68c68edad37f2a10fbfcffacbacb80e8c39a0504bddab3156c7c35ab417aee9c979bf14718975e59ec51a37516a71abd59ddc916de121937da400f09b85e96b554a1f5688b20e2df0f814163e46db2ef60268a6c57035008998b834560a7f9a69bcde2110f8d401321db671c7cd28fce473d9dd43d598ef1e576c93281a5a510fb48e7dbfe06451e2e9718ab0b6cd6ec02b6b62ae9d6cc7ec94af64311793125d92ef9ac91b0d99445c4dae30f46ef49f8068950a6a32661094ac22af30e313fc183ebe103e709be8bcb4e657a731ac05e55a5f3b772ec5f89074fce97e565f560d172c6975dd1edde80507a9e442b208fd57520cbbcac16ddcb26fc8ef1d19d2cfb07e80d32aab1769e628303478aff29f0143140478b50d392fb3e53e0d386ea97d901c27ae5911330f337ef7048cb7f5307fb0231066c100177c09722719372aa5dcffbfa6e84469bfa884446d5848d6af5c4a324f0805e5a1c82e97387239ba24e8406edccd92d37c0bafd97160cea312ba3ef96b6982d28e0d5e2b3bba83dcee9f5de3155d635deebc55bc030f9dadc659a0b6f5a84d539077e785ed5ed098115b576a7238c3532cea0fe9f00cfad2112908e57e66be5e86339812b5257a03e735727ea8c4cf5bcf0820dcf87a906bd962806a2767971f6079613acfb781d514111f35ba1fcdecaa15764d9ca817794c536cb4b1d4a2f60cf116520aa1cd2f7ade5d38c195ee6aaa196ceeaad0a3d642b0e4b54a5c9ffe8941e4f661aba9b9d77a0e2af0d1dd8120810f4b4f93bc56a2405b32ec460ccfae654ed07abfbfc3dab30d5e0b77538033ee73833910ecb297be29cf034a1133583e5afd7633e4a1b44c844cd34eb7d5e07d74e695b4abea1a70b5eb902385563e30134ec33ada8dc78433b4eefa2ead19df77dfc71148607e5c708f7692f1645e7a323f175849bd045f0bbed4f6a06169deceb2a4d361493ee6db8c7b0bd18b9782f48f7459c9d9033221dcf6a07464c04df0b11f99a943e12b1b0b6dc71c3bfef7128b2df83f1ee99952e4cc0a51189a21302e998fd2ed37b2ae8bfd96a47d50eb3d196fea3af714157e6a4e0630e0944de57556aa3225b485388faed23a9a9d595a5ff296e8e29452ef5541230954d4d0f916a27781041902f13cf0e962527e1a0f659a95a0c3831bb62841ba3e01c74859818283ad0725e76ed82f695405fffccd90ad1be0ad211891546a2ab3f75b9872c3ad68c2f5f4d8510cf1e087e789c5ab821ef46e197a36986434b1569499ad2717db7b200afd77b7542ba00a46192341aee8fe3bfe3d6e0c2767cafca11ce2beaf97602ef9095e815ab6eaec42399865f724ee9d96217f45a84a0def5d87375c65e0430cdc83422b8d367982f2722e793c6ba37687d34f0e2068c114fae854a3158abba5f5689a40488d095de19071a71d8d7a17f4389f2d20c4c0f9c16760d52d166acc5c201cfaecc0fc54b7143c60aaaac0ae196b36f3e1447e3e0992be2642ca8302b24514bd06cce84279ce361bb8ce245ca5152848ab4cced61c67e4579c0db21efd26efc0780cf4a04b02ddaa54335fa327d57320307e0dc3fe1f6cdb686150e2235e05ddeba10a193d49408ee47f57229a6ff30351dedf61b8789900eb15db5b0069c57984ba31710509d88da1d78b3eface0ad5b2cb7f303e248cb68abfd5a0c3ac672d1f6178fe54ef67e034d38c01e3458d9b64a97eb0cccfae7efbbbc0c8b806e75ae5dbdf641d8daa862f90cac0d460c6f70a7765169cd1e9fe305db403e4e453ce84c35a3573751a93ca7dd478ba547449254f3d7ac7b05f345bf0eec346db042b982c964c81545bf05986d033df8e41e9e19d3561250514ed703444048f44763261a860aa3cf0b539544af9a1fc4ba7f989111e00dcab0e64b538a1019467c3b43641e13c2707a4fdc78648b92302a54a0e7e3de53488e852f0fe658557ad1df2cf12a898515769bcde0f4a3386764d5b2f0eba5eee1e3257215c005b3bad612ff43b4121efc277fe9b80c69eee2c1ffdcb3ef843485d636a0025848254e22cd2f51c1f85202ae22d53969072c1ec4dbb973a157059ed523b8dad9671f6bba68a9d4521564a826b208df019ea32eeaf5b8f973263fdcab4c2519ac0d5ce4c181b12ba71bb3fc02388e72e89a24152e07b264fb00b425633ca2b2aaccd7208d5df00002b7fa4502656593a8e84e4b620bc65a60bf3d3c8b0c1d0ac93bcc711b9cf206b1037d3437e515913badbd7ce52a69b32cd5b828193dac41fe0ff1a869bf086927eff915e422be23f40a54a2384e478f74bb2a397ecd214224294d9300d921afad2f50960e9830dc1ac8ee08ea0ff474d40a23b1f7dbc7761120c889b3354281751342d2429eb2555a8a57063f61c6cb3115d99d41a040c4d9fb3c5ddec980abfef33562607b7ad6fc8ac67c8026d50f2e01d949d065a8ea488b3d0d7ba296c914352b99a6c36aad4c030d1f9bef8696cb6d9dee3835646695b2a43f8682405c118477dd6486699dcd9cb93d911dae691fabfdfcc76ae48bcdf5d5ea87fffdcaf4e14faaa36689da73c9012ff943a787ec0e83f52cf221219f3468bdc010698450a19717e4ed062ab7d682d9e18c4469581bd09cd31aeaf1d17afb02b9cd769f56830d0ad155e4898889b438edfb13fb40d46bfe082ae1cd0f287805e4f2d011f43cd070f883668f45612132b19ff2f406bf80a1e5e69c741c63bc366c102a7a7e78d92e058d1f771031e582094bc7536182ddf2b88ef13d6573d0d34183c5e4dff48654ec1d18a44f6b2c67b17eb06489523bc3e7908b612e5204985cad17ff99b41650e49e469d8d80f3a2e32e93826e02160fbf19d92ab300bee4319b333aa9e96ac46d22ed71cf8394663f62362fe145094d140588c2e6f3eadc0bc16f6f6172aeac1e9ca44d93fa1399c641729e21f97f25ce5b4163419235bb98a218fa9d50b7aaa835d122c0436352b27909dcab907e43630907b23713bb445b93b8ec840b17d3d4618dd38bf58f2a0a6c3272a00aa8704774078f565faa4195ddfc15b33b196e646ebd8ab55e74da11ab4c30d031785c7c168d30ca12d23dcfa4a5a4f883f3b887fb77d822dae0a161d6c3565037a1f36bb1cf1d8601d94e4111b4ee435a98c21577b1e647ba160921881339a00a2d04210e603dcd9dfe2c40d32e5d93d9e94a5c176ca6291d5befa75121ec0abd660e2bac1458bd5609a6d725af0895b0d559ad726f34b50a06fd45f86764508386ab65ade7c76d0ce07330bf0d342216a769c98edb854cad6f6b02e0d09e713bbb7e12c786edd9d1078f3c5d0a87d34d9326e938098d674fb2d1ab1e39e3683a3ef0e00d9b66d56582e9d5f2d61a60226ee2c9cda7d44ef0504d6109fcd7978207df3eb9ed5ac860e0172907362654efb54cd6d04f7a58578fa3853d65e9243730466085905cbf1e1b34ea7a2f9dd268495d49824045074debb4c9140dfdbfc81fc6d371ec49521ddd996fd8761ada5d427348503a57a73a3ac74a540df4c2af59a1ecf644c00ebfbffafbf2990776717a2687889da69fefd0b0cb33c8351d147bcf31f98c8909e554c7ffd2cc9f64e4eb6b9c4b232489a2d912f19f79108b73a38de79fafd4a885de47810bdc4658d6d773c97e523732997392f1e02396875eda8ff955ef0ad75145cc1819df6a53878b9f1c5964146dcd73eabed0df798aea5c533fc263bc8d2533e36cde59e2cdd2ffac12cd7e6bea69ccc14b0b22b7606a6f82e8528f8dc739cd5c0ed0795d49452f257be2068055dcfaa7589ca65820d31583a81834910d8d1327469e370339dce1d87c31a750a02270cdaef457da2d50abac6651357858c391464781009209d79cf4286045773fe247e705a14b162583cd89e850df91b7517bd0a4476ac02fdc1dbd0faa81fa1e829ad0a548236939efcdf63c15b868b8712ca05571d7c0b810cc02cba9d1ae63e987b59ec3281cd706d7571d6b69a92663f11a24a68dbc6b2436b8049986f78fbe8effcf94457d5085dbf8812abb1fd431c6b465203eb67070a936a665fb19273240ed1e3905ea27b996b74b31b1216a77734b106dd9752a5f430ac5aef718c6942379dbd342aa66537e655afa95ec78cadcfc80584045cd07d43911c4d7dc3a37a4cf3cdf6eea9904c441ec02cfe0515c6c360463237aa6b3fafebcb1a59be1bf5ebe4680819f3e78ccc1e517987db6220b45bf840fb8fc9b33757a0e258468a911f2504358981410b6daad15bb0ed81ff971ef3cc89f06dacfa45a37cb37e946f5010d0a308ff760227d439f07401839b7844bd4e5f5d1824c17797c5abfb5a326f6b4626f9789d8d7a074b7f223cc4183f68e14de037a197920a858c310e3602a3c6f319b506bc4c523af495a95b74eb88af2699cbbeecbab62811ed05a0ea5e292e72e565ccbeb3fda2f32ee05ff7bfa40bfead96ace132532026e553bc4438a65ea897d64e9cdec2baa75839f9ea4dba584b81a9b813dc648e3ac31c885ec5dcedda3efc7a3a7"}) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(0x2, 0x8, 0x0) 3.211120987s ago: executing program 2 (id=914): r0 = socket(0x1a, 0x2, 0x0) fcntl$auto_F_SETOWN_EX(r0, 0xf, 0x5a5) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/all/addr_gen_mode\x00', 0xa0202, 0x0) sendfile$auto(r1, r1, 0x0, 0x7fffe000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) getdents64$auto(r2, &(0x7f0000000040)={0x986e0000000, 0x6d7f, 0x200, 0x8, "87bfdb33844068b462241bfed9b689fc70fe8a31ffe577a1f137e57819a4b8aff52c9ab2ef5ff1e25d4e3d65d3a3cdffc41a5e8bc4907e76ad215211cc7350a159206f09fc670e6edfe9286b63e1367c837de8551acbd56ee3859b4758a71b5c76ef350365291bd2a99f1dbe4631ee68b4eab8ee357145cae39d8083918d0cdf99ea3d4bdbaf11fb0e78cc64fb63"}, 0x101) madvise$auto(0x0, 0xffffffffffff0005, 0x19) lstat$auto(0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mseal$auto(0x0, 0x7dda, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) setsockopt$auto_SO_NO_CHECK(r2, 0x7, 0xb, &(0x7f0000000100)='/sys/devices/virtual/block/loop12/queue/wbt_lat_usec\x00', 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x0, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/loop12/queue/wbt_lat_usec\x00', 0x102, 0x0) sendfile$auto(r3, r3, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3a) socketpair$auto(0x1, 0x7, 0x8000000000000000, 0x0) 2.160277469s ago: executing program 0 (id=915): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WOWLAN(0xffffffffffffffff, 0x0, 0x4004010) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf25040000000400100008000cf1edfba1d1e45aea61b8f7020700000002681af944a5465101930e1f4b991ef2f10f485ddf80e07251de39066555baed365ef3"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) brk$auto(0xffffffffffffff66) write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f0000000300)="352c8efa618c0bcf83a4ebdb278754e15f334a572cad539da201096bbbc2ce7db19c429be7137d848ef31b38b0b3c7da1c61fef8e0e24e400f96eb989b4f68220f90f3df243e352f17abbc44e0cfececd72dc611200c0fc4cb84d1fc175dc31b38e002c53627c31e0f3a31c079ae368fd33dfdfc97f40f7f", 0x78) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000200), 0x84200, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fcdbdf256f0000000500d5000500000008001f01060000009e00bd004c59080974edf6e2f7df838fc99571f987047ddd4500b8d4eb66ab1c3eb74de348f2527e80024987ed12f626e267080de8ea6039ac549cb1f5a877d62de0757e764a0231e7ef8647883e3bfb0b5297c36eb225267f0fb849f9fdbf50233dedcf85441d4fe6ca9de163d3a565f0c2ff599c0308af4a0f01a34a1961eba6aea679d7f16f3ad2cb9ebce2bd74e094fbaabec699f5e3aed9eb26075e00000500d20008000000b0acbec656a5a93455b224772ae945dd3fca78967e215b3f1e4dde2bffc3bfd9932d83d208d986a93e26982d51a8f2d2a59f0b83988b5ded03cdf59d85bb537f6707b099fda65a1fcbb36a905ceb5f9342014f96f1b2286ab5c2aebe607ce6911d71fdbe4e42e63c1d3ba59a7ee34cb71457c5174d491ce3a626887f2bd26d8456be36dfecd165e3fc98e5c5c6cf4ce56de5abf7d523aaff54273a366183abe1305627ab5a28cc1ecce217619e143ba1f9"], 0xcc}, 0x1, 0x0, 0x0, 0x4040}, 0xc000) mmap$auto(0x8, 0x2, 0xea2, 0x24f0c8f3, r1, 0xda3) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) fstatfs$auto(r5, 0x0) 1.892680318s ago: executing program 3 (id=916): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x9) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r0, 0x5403, 0x3) close_range$auto(0x2, 0x8, 0x0) openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f0000000000), 0x2100, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'caif0\x00'}) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x2c, r1, 0x400, 0x70bd2c, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@nested={0x6, 0x8, 0x0, 0x1, [@generic="1a32"]}]}]}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24040071}, 0x800) socket(0x15, 0x5, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x2a, 0x2, 0x1) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sg0\x00', 0x418000, 0x0) getitimer$auto(0x2, &(0x7f0000000040)={{0x8, 0x8001}, {0x0, 0x5}}) ioctl$auto_SCSI_IOCTL_TEST_UNIT_READY(r4, 0x2, &(0x7f00000002c0)="a3ed6f6f68d0c6c50a5921fd30c0b1cb4b65ce2686bb4643fa0b8441b754d8b0de895b6c72af8de1d04b9a139ae0b7cda50f529086d05128e263d381abbd39dec8432e216e901d2baa9372b416c7d0b10d979cd5e5e3b604f974999cb41bd6812310a9075b20953e0b09fd660aa22a7d208618340957ae8a334456ee5a96a2f7ad8e1286cb610f1c6d2e1f4d") connect$auto(r3, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) r5 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000008040), 0x2, 0x0) ioctl$auto_I2C_SMBUS(r5, 0x720, 0x0) socket(0xa, 0x3, 0x3a) sendmsg$auto_NL80211_CMD_GET_MPATH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x20000000) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x566) 1.70771348s ago: executing program 1 (id=917): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) mlockall$auto(0x7) modify_ldt$auto(0x1, 0x0, 0x10) getrandom$auto(0x0, 0x5, 0x80003) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_TUNSETVNETBE(0xffffffffffffffff, 0x400454de, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x58c) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r1) sendmsg$auto_NL80211_CMD_STOP_AP(r1, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x5a88314c8e109829}, 0x14) open(0x0, 0x22240, 0x55) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0x10000) mremap$auto(0x1fc000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 1.369697591s ago: executing program 3 (id=918): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = io_uring_setup$auto(0x6, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x28641, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r2, 0x0, 0x800003, 0x270) socket(0xf, 0x3, 0x2) madvise$auto_MADV_PAGEOUT(0xd, 0x8000, 0x15) r3 = open(&(0x7f0000000000)='./cgroup\x00', 0x400, 0x64) fchdir$auto(r3) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000000)='.\x00', 0x4) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000100)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) symlinkat$auto(0x0, r4, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, 0x0, 0x125200, 0x0) close_range$auto(0x2, 0x8, 0x0) gettimeofday$auto(&(0x7f0000000080), &(0x7f00000000c0)={0x9, 0x6}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd, 0xffffffffffffffff, 0x4, 0x1ff, 0xffffffffffffffff, @relative_fd, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0xc) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r0) 1.118042477s ago: executing program 0 (id=919): r0 = socket(0xa, 0x2, 0x73) syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) mmap$auto(0xfffffffffffffffd, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x100082) get_robust_list$auto(0x0, 0x0, 0x0) r1 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto(r1, 0x0, 0x9) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/conf/bridge_slave_0/mldv2_unsolicited_report_interval\x00', 0x40001, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r2, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_MPP(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[@ANYBLOB="2400727f8dd2e6a15e59c27213340a990000", @ANYRES16=0x0, @ANYBLOB="000428bd7000005000006b0000000d00180061680c6789a6fb56dd000000"], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x24004000) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0xd0}, 0x2404c084) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) pwrite64$auto(r2, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\b\x05s\x1cJ\x99\x8a>c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x10000003) r3 = gettid() timer_create$auto(0x0, &(0x7f0000000040)={@sival_ptr=0x0, @raw=0x4, 0x6, @_tid=r3}, 0x0) capget$auto(&(0x7f0000000200)={0xdc, r3}, &(0x7f0000000240)={0x4, 0xfffffffc, 0xfff}) r4 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/ieee80211/phy9/netdev:wlan0/state\x00', 0x80000, 0x0) write$auto(r4, &(0x7f0000000300)='/proc/sys/net/ipv6/conf/bridge_slave_0/mldv2_unsolicited_report_interval\x00', 0x3) sendmmsg$auto(r0, &(0x7f00000005c0)={{&(0x7f0000000380)="4e03c7ff89712afb06da612d101bfda890e625a3121e271b70d277fabd317878363e216b5ec6d0ee73387af04393f5cf81f72a2e6131111e0ab695c3345d14509ae3dade5b744d0b2bff8f0aa2631de53ab5613a1be08986f844b2113e870a42f103325603e924264014521880db1d939ad7055a75b28cf8", 0x7f, &(0x7f0000000480)={&(0x7f0000000400)="975df2b5ddfc7d64ad302f501851fa0efcd4de7f0f73315aabfaa3e87499209d0140dd21f4937ccbc4dea6672afe3bec4378ff1f92e972a70d3291929f79366634fa10ab9f0b7354ba254a6c2f19afe76ad5841fef0578d872bac51bd818c94234bc71602d4820f0859a59b2a168cfdfa7f966", 0x7f}, 0x5, &(0x7f00000004c0)="f0c4270b0810dcdfbb5a6ffdbde706a5c11ea5e3b6c714efe676db9341824da532ae86ab67b077c20627cdb6ccafd783e3e4846ee7abdd98f3af6049d8876f84419ec5cfd19cffc9a0ef868b9272e7a810fc9e01fa601bb86ad6ef413f5ea48a13a4b50c80a5044f0c707ab5a184bb5a8795a1d77bce5ac2faaee3d6f946b63d94af567b338138261a590fb072061ce676bb2629386f4bcb3a9901fc443146cadb7e5793336f42699cabe1d0e2802e6374a23acba79af59fc59f0347439f9bf8a214", 0x40, 0x5}, 0x4}, 0xffffffc2, 0xffff) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r5 = socket(0xa, 0x3, 0xff) connect$auto(r5, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 947.857091ms ago: executing program 0 (id=920): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WOWLAN(0xffffffffffffffff, 0x0, 0x4004010) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf25040000000400100008000cf1edfba1d1e45aea61b8f7020700000002681af944a5465101930e1f4b991ef2f10f485ddf80e07251de39066555baed365ef3"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) brk$auto(0xffffffffffffff66) write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f0000000300)="352c8efa618c0bcf83a4ebdb278754e15f334a572cad539da201096bbbc2ce7db19c429be7137d848ef31b38b0b3c7da1c61fef8e0e24e400f96eb989b4f68220f90f3df243e352f17abbc44e0cfececd72dc611200c0fc4cb84d1fc175dc31b38e002c53627c31e0f3a31c079ae368fd33dfdfc97f40f7f", 0x78) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000200), 0x84200, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="cc000000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fcdbdf256f0000000500d5000500000008001f01060000009e00bd004c59080974edf6e2f7df838fc99571f987047ddd4500b8d4eb66ab1c3eb74de348f2527e80024987ed12f626e267080de8ea6039ac549cb1f5a877d62de0757e764a0231e7ef8647883e3bfb0b5297c36eb225267f0fb849f9fdbf50233dedcf85441d4fe6ca9de163d3a565f0c2ff599c0308af4a0f01a34a1961eba6aea679d7f16f3ad2cb9ebce2bd74e094fbaabec699f5e3aed9eb26075e00000500d20008000000b0acbec656a5a93455b224772ae945dd3fca78967e215b3f1e4dde2bffc3bfd9932d83d208d986a93e26982d51a8f2d2a59f0b83988b5ded03cdf59d85bb537f6707b099fda65a1fcbb36a905ceb5f9342014f96f1b2286ab5c2aebe607ce6911d71fdbe4e42e63c1d3ba59a7ee34cb71457c5174d491ce3a626887f2bd26d8456be36dfecd165e3fc98e5c5c6cf4ce56de5abf7d523aaff54273a366183abe1305627ab5a28cc1ecce217619e143ba1f977"], 0xcc}, 0x1, 0x0, 0x0, 0x4040}, 0xc000) mmap$auto(0x8, 0x2, 0xea2, 0x24f0c8f3, r1, 0xda3) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0180, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) fstatfs$auto(r5, 0x0) 868.309086ms ago: executing program 1 (id=921): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="3ae90f7c", @ANYRES16=0x0, @ANYBLOB="01002bbd7000ffdbdf2502"], 0x14}, 0x1, 0x0, 0x0, 0x8044}, 0x4001090) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto(0xfff, 0x7, 0xab8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r1 = socket(0x1e, 0x1, 0x0) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) socket(0x1a, 0xa, 0xfe) mmap$auto(0x1, 0x3, 0x3, 0x55, r0, 0x8001) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/node/has_memory\x00', 0x22100, 0x0) read$auto_check_wx_fops_(r2, &(0x7f0000000080)=""/228, 0xe4) mlockall$auto(0x5) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x2, 0x0, [{0x48f, 0x7, 0xe08}]}) mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x3) syz_genetlink_get_family_id$auto_nlbl_mgmt(0x0, r1) io_uring_setup$auto(0x400, 0x0) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x28, 0x80000, 0x300) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 744.701112ms ago: executing program 2 (id=922): unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x1, 0x100) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYRES16=r0, @ANYBLOB="13002cbd7000dddbdf250200000008000300", @ANYRES32=r2, @ANYBLOB="480040000300000005000300020b0000"], 0x2c}, 0x1, 0x0, 0x0, 0x2400c884}, 0x20040894) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) r3 = socket(0x11, 0x80003, 0x300) r4 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x1a1000, 0x0) ioctl$auto_PROCMAP_QUERY(r4, 0xc0686611, &(0x7f0000000080)={0x67, 0x0, 0x7fff, 0x5, 0x80000000003, 0xfffbffffffffff80, 0x80000001, 0xff, 0x6, 0x7, 0xfbfffffe, 0x5, 0x0, 0x7, 0x80000005}) setsockopt$auto(r3, 0x107, 0x5, 0x0, 0x8004) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/pts/ptmx\x00', 0x0, 0x0) write$auto(0x3, 0x0, 0x7ffffffa) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) r5 = syz_clone3(&(0x7f0000000240)={0x8000000, &(0x7f0000000000), &(0x7f0000000040), 0x0, {0x3b}, 0x0, 0x0, 0x0, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x58) setregid$auto(0x0, 0x3) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r6 = getpgid(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/dummy_udc.6/modalias\x00', 0x20a000, 0x0) shmctl$auto_IPC_SET(0x0, 0x1, &(0x7f00000003c0)={{0x6, 0xee00, 0x0, 0x0, 0x4, 0x6}, 0x1, 0x3, 0x5, 0xef1d, @inferred=r5, @inferred=r5, 0x5, 0x0, &(0x7f00000002c0)="c1759b947b0f00d1", &(0x7f0000000300)}) msgctl$auto_IPC_SET(0x0, 0x1, &(0x7f0000000480)={{0x3, 0x0, r7, 0x5, 0x0, 0x5, 0x7}, &(0x7f0000000340)=0x7, &(0x7f0000000440)=0x9, 0x4, 0x7fffffff, 0x4, 0x8, 0xfffffffffffffff9, 0x2, 0x3, 0x5, @raw=0x3, @raw=0xffff}) rt_tgsigqueueinfo$auto(0xffffffffffffffff, r6, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x85, @_sigchld={r6, 0x0, 0x401, 0x5, 0x3}}}) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000040)='\x89\xcf\xc3b\xd0\xfb\r\\9\xc8\xb4\x95\xdbO\xb4\xeb\xf1W\x89\xf0\xdf\xd8\x8d%v\xd1\xcc4D\x7f\xe7\x9b\xd1{\xcf]l6\x10\xef\xa1\x95@l.v\xd0\xa4\x03\x00\x00\x00\x00\x00\x00\x00*w \xa1\x14`}*r\x1e\xb1\x88r\x19\x86\xcc\x00Zh\xf4\x98\xca\xad+\xb9\xf0\xfc\xa2rm\xb5\x15\xc8\xaf\x86\xb1\xa2F\'\x93\x9c\xe0\x04\xa4\xad>\xc8\x9c\xd8\xd9G\xe9K\x89\x15\x8e\xfct\x11\xa3a\xc8\x90[\x81x\xde\xb0\x1f\x80O\n\xbe\x80\xfb\xbdXO6\xf9\xd8bH\xc9f^\x94\xda]\xb7dW\x88\xd8\xa6d\xad\x92\xb7*i\a\x00\xf2\x93 \x1b\xca\x01\xc5\x00'/178, &(0x7f0000000000)=&(0x7f00000001c0)=' ') 327.245921ms ago: executing program 3 (id=923): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x24048804}, 0x800) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x4) newfstatat$auto(r0, 0x0, &(0x7f0000000480)={0x9, 0x101, 0x40, 0x7, 0x0, 0x0, 0x0, 0x6, 0x0, 0x1724974c, 0x6, 0x1, 0x5, 0x3b, 0x800, 0x5, 0x100}, 0x9) socket(0x10, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x10, 0x2, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x48, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x6) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x88) r2 = socket(0x10, 0x3, 0x6) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r1, @ANYBLOB="0800fb00", @ANYRES32=r2], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x3, 0x0, 0x0, 0x8}, 0x7}, 0x3, 0x0) 94.119167ms ago: executing program 0 (id=924): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000026d00)='/dev/dri/card1\x00', 0x2000, 0x0) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) ioctl$auto_USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522, 0x0) pread64$auto(0xffffffffffffffff, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x21, 0x3, 0x9) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/015/001\x00', 0x80000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd2, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x2, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) process_mrelease$auto(0xffffffffffffffff, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f00000001c0)='ci\x80,\xc9\xfes\x00', 0x8001, 0x0) prctl$auto(0x23, 0x8, 0x2008, 0x0, 0x0) process_vm_writev$auto(0x1, &(0x7f0000002980)={0x0, 0x4}, 0x3, &(0x7f0000002a40)={0x0, 0x7}, 0x4, 0x0) fcntl$auto(0x8000000000000001, 0x26, 0x8) close_range$auto(0x2, 0x8, 0x0) 73.671296ms ago: executing program 2 (id=925): mmap$auto(0x0, 0x22, 0xdf, 0x9b72, 0x2, 0x5) sendto$auto(0xffffffffffffffff, 0x0, 0x403, 0xfffffffe, &(0x7f0000000000)=@generic={0xa, "787a01000000000500"}, 0x1c) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = prctl$auto(0x1000000003b, 0xfffffffffffffffd, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/dynamic_debug/control\x00', 0x482, 0x0) read$auto(0x3, 0x0, 0x1f40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r1 = socket(0xa, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20) io_submit$auto(0x6, 0x7f, 0x0) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$auto_TCFLSH2(r0, 0x540b, 0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) connect$auto(r1, &(0x7f00000000c0)=@sco={0x1f, @none}, 0x60) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000040)=0x5) read$auto_snd_ctl_f_ops_control(r2, &(0x7f0000000140)=""/155, 0x9b) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0f1, 0x20009, 0x1, "790eaa833e6fc65b6b3cf70500000078ad8eac3cdafc1f64010043eeb030530300", @raw=0x81}, 0x4, 0x866, 0xf, @raw=0x20, @integer={0x8000000000000011, 0x2000000b752, 0x548}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) 0s ago: executing program 3 (id=926): sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2004c040}, 0x20000001) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x6d, 0x1, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r1 = getsockopt$auto(r0, 0x84, 0x85, 0x0, &(0x7f00000000c0)=0x646b) getpid() r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/block/loop15/state\x00', 0x40, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r2, &(0x7f0000000080)=""/249, 0xf9) read$auto_ctl_device_fops_user(r1, &(0x7f0000000140)=""/118, 0x76) ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) r3 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) r4 = openat$auto_lsm_ops_inode(0xffffffffffffff9c, &(0x7f0000000000), 0x183800, 0x0) read$auto_lsm_ops_inode(r4, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) setsockopt$auto(0x3, 0x0, 0x1, 0x0, 0x2) memfd_create$auto(&(0x7f0000000240)='/dev/tty0\x00', 0x9) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) readv$auto(r3, &(0x7f0000000680)={0x0, 0x40200}, 0x3) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) inotify_rm_watch$auto(r3, 0x8001) write$auto(0x3, 0x0, 0x4000cfc) modify_ldt$auto(0x0, &(0x7f00000001c0)="7f5afd7c1aab27c58b50a046b1e90fb0f69294d898a845462895ad459b0b9a90c7f1ff57ecfac26f70207e2873aa0d0ecf09feb01c512b8fbbf726519f06d90c1a58ea1c4b7c45bab3ba25b5afe7b0e8f5dfc9785b8825f4733c76eee5c06a9b619482ea7d48fa911cd411ac4055d289505ed2fa009eef8457ef", 0x85) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.52' (ED25519) to the list of known hosts. [ 80.271609][ T5818] cgroup: Unknown subsys name 'net' [ 80.348942][ T5818] cgroup: Unknown subsys name 'cpuset' [ 80.357454][ T5818] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 81.831234][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 83.901694][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 83.910019][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 83.918969][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 83.927050][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 83.930989][ T5839] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 83.935696][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 83.950081][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 83.954925][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 83.966764][ T5843] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 83.974603][ T5845] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 83.985005][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 83.992894][ T5150] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 83.993016][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.013945][ T5843] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.014361][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.033267][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.043511][ T5843] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.051500][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.059919][ T5844] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 84.067310][ T5844] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.568677][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 84.640562][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 84.718547][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 84.802817][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 84.847973][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.856313][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.863639][ T5827] bridge_slave_0: entered allmulticast mode [ 84.871757][ T5827] bridge_slave_0: entered promiscuous mode [ 84.880320][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 84.888339][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 84.895990][ T5827] bridge_slave_1: entered allmulticast mode [ 84.902942][ T5827] bridge_slave_1: entered promiscuous mode [ 84.952941][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 84.960956][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 84.968273][ T5829] bridge_slave_0: entered allmulticast mode [ 84.976124][ T5829] bridge_slave_0: entered promiscuous mode [ 85.025753][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.033303][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.040682][ T5829] bridge_slave_1: entered allmulticast mode [ 85.048661][ T5829] bridge_slave_1: entered promiscuous mode [ 85.062035][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.100198][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.109545][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.116803][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.124067][ T5830] bridge_slave_0: entered allmulticast mode [ 85.130965][ T5830] bridge_slave_0: entered promiscuous mode [ 85.191668][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.199230][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.206487][ T5830] bridge_slave_1: entered allmulticast mode [ 85.213503][ T5830] bridge_slave_1: entered promiscuous mode [ 85.223136][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.236484][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.261057][ T5827] team0: Port device team_slave_0 added [ 85.289628][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.296929][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.304942][ T5828] bridge_slave_0: entered allmulticast mode [ 85.311908][ T5828] bridge_slave_0: entered promiscuous mode [ 85.321562][ T5827] team0: Port device team_slave_1 added [ 85.367012][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.374270][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.381407][ T5828] bridge_slave_1: entered allmulticast mode [ 85.389805][ T5828] bridge_slave_1: entered promiscuous mode [ 85.421698][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.433368][ T5829] team0: Port device team_slave_0 added [ 85.443253][ T5829] team0: Port device team_slave_1 added [ 85.459372][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.466692][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.492741][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.506302][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.513278][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.539277][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.553102][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.575267][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.634669][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.661375][ T5830] team0: Port device team_slave_0 added [ 85.668008][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.675192][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.701469][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.713363][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.720398][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.746439][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.771264][ T5828] team0: Port device team_slave_0 added [ 85.780121][ T5830] team0: Port device team_slave_1 added [ 85.808492][ T5828] team0: Port device team_slave_1 added [ 85.868702][ T5827] hsr_slave_0: entered promiscuous mode [ 85.875470][ T5827] hsr_slave_1: entered promiscuous mode [ 85.882332][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.889802][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.916458][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.928964][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.935988][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.962516][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.987279][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.994474][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.020489][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.031861][ T5840] Bluetooth: hci1: command tx timeout [ 86.075063][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.082042][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.105269][ T5840] Bluetooth: hci3: command tx timeout [ 86.108642][ T51] Bluetooth: hci2: command tx timeout [ 86.114654][ T5843] Bluetooth: hci0: command tx timeout [ 86.121863][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.181932][ T5829] hsr_slave_0: entered promiscuous mode [ 86.188357][ T5829] hsr_slave_1: entered promiscuous mode [ 86.195096][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.202845][ T5829] Cannot create hsr debugfs directory [ 86.276553][ T5830] hsr_slave_0: entered promiscuous mode [ 86.282731][ T5830] hsr_slave_1: entered promiscuous mode [ 86.288967][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.296589][ T5830] Cannot create hsr debugfs directory [ 86.340108][ T5828] hsr_slave_0: entered promiscuous mode [ 86.347072][ T5828] hsr_slave_1: entered promiscuous mode [ 86.353633][ T5828] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 86.361408][ T5828] Cannot create hsr debugfs directory [ 86.716069][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.739818][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.765147][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.784556][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.906760][ T5829] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 86.923291][ T5829] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 86.969340][ T5829] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 86.999395][ T5829] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.073548][ T5828] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.086503][ T5828] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.122579][ T5828] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.134760][ T5828] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.250779][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.268292][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.278794][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.289642][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.381743][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.393360][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.459943][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.479311][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.489853][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.497258][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.516066][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.523221][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.552013][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.561635][ T993] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.568806][ T993] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.581360][ T993] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.588595][ T993] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.729680][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.767543][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.774754][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.790222][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.813717][ T993] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.820906][ T993] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.893597][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.955905][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.963103][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.999716][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.006944][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.108078][ T5840] Bluetooth: hci1: command tx timeout [ 88.172523][ T5830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.184956][ T5840] Bluetooth: hci3: command tx timeout [ 88.190437][ T5840] Bluetooth: hci0: command tx timeout [ 88.198299][ T51] Bluetooth: hci2: command tx timeout [ 88.242595][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.370652][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.413573][ T5827] veth0_vlan: entered promiscuous mode [ 88.439644][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.479164][ T5827] veth1_vlan: entered promiscuous mode [ 88.575264][ T5827] veth0_macvtap: entered promiscuous mode [ 88.598246][ T5827] veth1_macvtap: entered promiscuous mode [ 88.610665][ T5829] veth0_vlan: entered promiscuous mode [ 88.647715][ T5828] veth0_vlan: entered promiscuous mode [ 88.661167][ T5829] veth1_vlan: entered promiscuous mode [ 88.680274][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.698136][ T5828] veth1_vlan: entered promiscuous mode [ 88.719699][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.731503][ T5827] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.740814][ T5827] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.752305][ T5827] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.761553][ T5827] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.828997][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.854558][ T5828] veth0_macvtap: entered promiscuous mode [ 88.872366][ T5828] veth1_macvtap: entered promiscuous mode [ 88.905284][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.921647][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.959369][ T5829] veth0_macvtap: entered promiscuous mode [ 88.986157][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.999217][ T5829] veth1_macvtap: entered promiscuous mode [ 89.019770][ T5830] veth0_vlan: entered promiscuous mode [ 89.030894][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.034943][ T5830] veth1_vlan: entered promiscuous mode [ 89.046028][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.057093][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.077172][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.091833][ T5828] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.100703][ T5828] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.110233][ T5828] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.119414][ T5828] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.142859][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.173534][ T5829] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.187535][ T5829] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.196707][ T5829] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.206612][ T5829] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.236396][ T5827] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.311149][ T5830] veth0_macvtap: entered promiscuous mode [ 89.360795][ T5830] veth1_macvtap: entered promiscuous mode [ 89.424834][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.432668][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.481627][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.558026][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.588097][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.597081][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.599216][ T5830] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.613239][ T5830] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.622554][ T5830] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.634302][ T5830] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.825435][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.834213][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.865503][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.873011][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.006978][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.035975][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.132587][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.155813][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.186105][ T51] Bluetooth: hci1: command tx timeout [ 90.273655][ T51] Bluetooth: hci2: command tx timeout [ 90.273809][ T5840] Bluetooth: hci0: command tx timeout [ 90.273849][ T5840] Bluetooth: hci3: command tx timeout [ 90.314858][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.324423][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.333616][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 90.343836][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 90.414600][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.606427][ T5936] process 'syz.3.4' launched '/dev/fd/4' with NULL argv: empty string added [ 91.454219][ T5948] syz.1.5 uses obsolete (PF_INET,SOCK_PACKET) [ 91.480464][ T5948] netlink: 354 bytes leftover after parsing attributes in process `syz.1.5'. [ 91.861791][ T5936] mmap: syz.3.4 (5936) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 91.875710][ T920] cfg80211: failed to load regulatory.db [ 92.264418][ T51] Bluetooth: hci1: command tx timeout [ 92.377047][ T51] Bluetooth: hci2: command tx timeout [ 92.377084][ T5843] Bluetooth: hci3: command tx timeout [ 92.383351][ T51] Bluetooth: hci0: command tx timeout [ 93.274463][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.474288][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 93.635628][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.697551][ T5972] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 94.135911][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.147244][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.298513][ T5986] random: crng reseeded on system resumption [ 96.448149][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 96.454962][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 96.493807][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 96.500769][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 96.514397][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 96.520668][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 96.539414][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 96.554743][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 97.917626][ T6027] ptrace attach of "./syz-executor exec"[5827] was attempted by "./syz-executor exec"[6027] [ 98.574135][ T6033] capability: warning: `syz.3.19' uses 32-bit capabilities (legacy support in use) [ 99.823313][ T6045] zswap: compressor 000 not available [ 101.207765][ T6068] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 101.927792][ T6072] Zero length message leads to an empty skb [ 101.963427][ T6076] ptrace attach of "./syz-executor exec"[6078] was attempted by "./syz-executor exec"[6076] [ 104.278885][ T6110] FAULT_INJECTION: forcing a failure. [ 104.278885][ T6110] name failslab, interval 1, probability 0, space 0, times 1 [ 104.302530][ T6110] CPU: 1 UID: 0 PID: 6110 Comm: syz.2.33 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 104.302554][ T6110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 104.302565][ T6110] Call Trace: [ 104.302571][ T6110] [ 104.302579][ T6110] dump_stack_lvl+0x16c/0x1f0 [ 104.302609][ T6110] should_fail_ex+0x512/0x640 [ 104.302629][ T6110] ? fs_reclaim_acquire+0xae/0x150 [ 104.302648][ T6110] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 104.302668][ T6110] should_failslab+0xc2/0x120 [ 104.302681][ T6110] __kmalloc_noprof+0xd2/0x510 [ 104.302704][ T6110] ? __lock_acquire+0x622/0x1c90 [ 104.302727][ T6110] tomoyo_realpath_from_path+0xc2/0x6e0 [ 104.302748][ T6110] ? tomoyo_profile+0x47/0x60 [ 104.302771][ T6110] tomoyo_path_perm+0x274/0x460 [ 104.302786][ T6110] ? tomoyo_path_perm+0x260/0x460 [ 104.302803][ T6110] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 104.302828][ T6110] ? d_add+0x47a/0x780 [ 104.302850][ T6110] ? __pfx_current_check_access_path+0x10/0x10 [ 104.302869][ T6110] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 104.302884][ T6110] ? lookup_dcache+0x66/0x170 [ 104.302902][ T6110] tomoyo_path_symlink+0x97/0xe0 [ 104.302924][ T6110] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 104.302943][ T6110] ? find_held_lock+0x2b/0x80 [ 104.302956][ T6110] ? __might_fault+0xe3/0x190 [ 104.302980][ T6110] security_path_symlink+0x152/0x2e0 [ 104.302997][ T6110] do_symlinkat+0x10d/0x310 [ 104.303019][ T6110] ? __pfx_do_symlinkat+0x10/0x10 [ 104.303040][ T6110] ? getname_flags.part.0+0x1c5/0x550 [ 104.303059][ T6110] __x64_sys_symlink+0x75/0x90 [ 104.303081][ T6110] do_syscall_64+0xcd/0x490 [ 104.303103][ T6110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.303118][ T6110] RIP: 0033:0x7f5fcd98e929 [ 104.303133][ T6110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.303150][ T6110] RSP: 002b:00007f5fce867038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 104.303164][ T6110] RAX: ffffffffffffffda RBX: 00007f5fcdbb5fa0 RCX: 00007f5fcd98e929 [ 104.303174][ T6110] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 104.303184][ T6110] RBP: 00007f5fcda10b39 R08: 0000000000000000 R09: 0000000000000000 [ 104.303192][ T6110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 104.303201][ T6110] R13: 0000000000000000 R14: 00007f5fcdbb5fa0 R15: 00007ffe4a0d1cc8 [ 104.303220][ T6110] [ 104.303227][ T6110] ERROR: Out of memory at tomoyo_realpath_from_path. [ 105.615180][ T6128] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 108.867248][ T6176] vhci_hcd: invalid port number 16 [ 108.883884][ T6176] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 111.499301][ T6225] netlink: 330 bytes leftover after parsing attributes in process `syz.0.54'. [ 119.048606][ T6330] vhci_hcd: invalid port number 16 [ 119.077291][ T6330] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 119.999065][ T6347] HfR: entered promiscuous mode [ 120.012932][ T6347] netlink: 12 bytes leftover after parsing attributes in process `syz.2.76'. [ 120.022459][ T6347] HfR: left promiscuous mode [ 125.128823][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.135287][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 125.177370][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.189098][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 125.242400][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.248806][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 125.266254][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.272585][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 125.847132][ T51] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 126.627754][ T6428] FAULT_INJECTION: forcing a failure. [ 126.627754][ T6428] name failslab, interval 1, probability 0, space 0, times 0 [ 126.709714][ T6428] CPU: 0 UID: 0 PID: 6428 Comm: syz.3.91 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 126.709754][ T6428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 126.709770][ T6428] Call Trace: [ 126.709779][ T6428] [ 126.709789][ T6428] dump_stack_lvl+0x16c/0x1f0 [ 126.709834][ T6428] should_fail_ex+0x512/0x640 [ 126.709869][ T6428] ? fs_reclaim_acquire+0xae/0x150 [ 126.709903][ T6428] ? tomoyo_encode2+0x100/0x3e0 [ 126.709934][ T6428] should_failslab+0xc2/0x120 [ 126.709960][ T6428] __kmalloc_noprof+0xd2/0x510 [ 126.709994][ T6428] ? d_absolute_path+0x136/0x1a0 [ 126.710026][ T6428] tomoyo_encode2+0x100/0x3e0 [ 126.710063][ T6428] tomoyo_encode+0x29/0x50 [ 126.710093][ T6428] tomoyo_realpath_from_path+0x18f/0x6e0 [ 126.710128][ T6428] tomoyo_path_number_perm+0x245/0x580 [ 126.710155][ T6428] ? tomoyo_path_number_perm+0x237/0x580 [ 126.710187][ T6428] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 126.710253][ T6428] ? find_held_lock+0x2b/0x80 [ 126.710278][ T6428] ? hook_file_ioctl_common+0x145/0x410 [ 126.710313][ T6428] ? __fget_files+0x20e/0x3c0 [ 126.710361][ T6428] security_file_ioctl+0x9b/0x240 [ 126.710394][ T6428] __x64_sys_ioctl+0xb7/0x210 [ 126.710429][ T6428] do_syscall_64+0xcd/0x490 [ 126.710469][ T6428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.710494][ T6428] RIP: 0033:0x7fdfa4f8e929 [ 126.710516][ T6428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.710540][ T6428] RSP: 002b:00007fdfa5df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 126.710571][ T6428] RAX: ffffffffffffffda RBX: 00007fdfa51b5fa0 RCX: 00007fdfa4f8e929 [ 126.710587][ T6428] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003 [ 126.710602][ T6428] RBP: 00007fdfa5010b39 R08: 0000000000000000 R09: 0000000000000000 [ 126.710618][ T6428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.710633][ T6428] R13: 0000000000000000 R14: 00007fdfa51b5fa0 R15: 00007ffe17bee858 [ 126.710667][ T6428] [ 126.710700][ T6428] ERROR: Out of memory at tomoyo_realpath_from_path. [ 131.484222][ T6507] FAULT_INJECTION: forcing a failure. [ 131.484222][ T6507] name failslab, interval 1, probability 0, space 0, times 0 [ 131.500567][ T6507] CPU: 1 UID: 0 PID: 6507 Comm: syz.3.107 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 131.500589][ T6507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 131.500598][ T6507] Call Trace: [ 131.500603][ T6507] [ 131.500610][ T6507] dump_stack_lvl+0x16c/0x1f0 [ 131.500637][ T6507] should_fail_ex+0x512/0x640 [ 131.500657][ T6507] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 131.500683][ T6507] should_failslab+0xc2/0x120 [ 131.500697][ T6507] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 131.500719][ T6507] ? vmap_small_pages_range_noflush+0x88d/0xca0 [ 131.500738][ T6507] ? kasprintf+0xc7/0x100 [ 131.500754][ T6507] kvasprintf+0xbc/0x160 [ 131.500766][ T6507] ? __pfx_kvasprintf+0x10/0x10 [ 131.500782][ T6507] ? __pfx_vmap_small_pages_range_noflush+0x10/0x10 [ 131.500801][ T6507] kasprintf+0xc7/0x100 [ 131.500813][ T6507] ? __pfx_kasprintf+0x10/0x10 [ 131.500828][ T6507] ? __pfx_vmap+0x10/0x10 [ 131.500842][ T6507] ? trace_kmalloc+0x2b/0xd0 [ 131.500856][ T6507] ? relay_open_buf.part.0+0x194/0xc80 [ 131.500883][ T6507] relay_open_buf.part.0+0x76a/0xc80 [ 131.500908][ T6507] relay_open+0x653/0xad0 [ 131.500925][ T6507] ? debugfs_create_file_full+0x41/0x60 [ 131.500947][ T6507] do_blk_trace_setup+0x503/0xb50 [ 131.500966][ T6507] blk_trace_setup+0xed/0x1b0 [ 131.500981][ T6507] ? __pfx_blk_trace_setup+0x10/0x10 [ 131.500996][ T6507] ? __pfx_snprintf+0x10/0x10 [ 131.501025][ T6507] blk_trace_ioctl+0x146/0x280 [ 131.501041][ T6507] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 131.501059][ T6507] ? find_held_lock+0x2b/0x80 [ 131.501072][ T6507] ? hook_file_ioctl_common+0x145/0x410 [ 131.501090][ T6507] blkdev_ioctl+0x108/0x6d0 [ 131.501107][ T6507] ? __pfx_blkdev_ioctl+0x10/0x10 [ 131.501125][ T6507] ? __pfx_blkdev_ioctl+0x10/0x10 [ 131.501141][ T6507] __x64_sys_ioctl+0x18b/0x210 [ 131.501159][ T6507] do_syscall_64+0xcd/0x490 [ 131.501182][ T6507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.501197][ T6507] RIP: 0033:0x7fdfa4f8e929 [ 131.501209][ T6507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.501222][ T6507] RSP: 002b:00007fdfa5df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 131.501235][ T6507] RAX: ffffffffffffffda RBX: 00007fdfa51b5fa0 RCX: 00007fdfa4f8e929 [ 131.501244][ T6507] RDX: 00002000000000c0 RSI: 00000000c0481273 RDI: 0000000000000006 [ 131.501253][ T6507] RBP: 00007fdfa5010b39 R08: 0000000000000000 R09: 0000000000000000 [ 131.501262][ T6507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.501270][ T6507] R13: 0000000000000000 R14: 00007fdfa51b5fa0 R15: 00007ffe17bee858 [ 131.501289][ T6507] [ 132.828204][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.834806][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.806578][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.099185][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.445728][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.621159][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 136.960256][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 136.980270][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 136.988388][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 136.998567][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 137.007193][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 137.567723][ T13] bridge_slave_1: left allmulticast mode [ 137.614064][ T13] bridge_slave_1: left promiscuous mode [ 137.620379][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.667685][ T13] bridge_slave_0: left allmulticast mode [ 137.673414][ T13] bridge_slave_0: left promiscuous mode [ 137.683857][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 138.269640][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 138.282304][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 138.293190][ T13] bond0 (unregistering): Released all slaves [ 138.633425][ T6576] chnl_net:caif_netlink_parms(): no params data found [ 138.755842][ T13] hsr_slave_0: left promiscuous mode [ 138.761981][ T13] hsr_slave_1: left promiscuous mode [ 138.775126][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 138.782675][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 138.792809][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 138.800747][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 138.821863][ T13] veth1_macvtap: left promiscuous mode [ 138.831066][ T13] veth0_macvtap: left promiscuous mode [ 138.836917][ T13] veth1_vlan: left promiscuous mode [ 138.843927][ T13] veth0_vlan: left promiscuous mode [ 139.063845][ T5843] Bluetooth: hci3: command tx timeout [ 139.315580][ T13] team0 (unregistering): Port device team_slave_1 removed [ 139.347195][ T13] team0 (unregistering): Port device team_slave_0 removed [ 139.650372][ T6576] bridge0: port 1(bridge_slave_0) entered blocking state [ 139.670124][ T6576] bridge0: port 1(bridge_slave_0) entered disabled state [ 139.679457][ T6576] bridge_slave_0: entered allmulticast mode [ 139.686633][ T6576] bridge_slave_0: entered promiscuous mode [ 139.697116][ T6576] bridge0: port 2(bridge_slave_1) entered blocking state [ 139.706851][ T6576] bridge0: port 2(bridge_slave_1) entered disabled state [ 139.714964][ T6576] bridge_slave_1: entered allmulticast mode [ 139.722765][ T6576] bridge_slave_1: entered promiscuous mode [ 139.766350][ T6576] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 139.778816][ T6576] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 139.897594][ T6576] team0: Port device team_slave_0 added [ 139.907130][ T6576] team0: Port device team_slave_1 added [ 139.950049][ T6576] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 139.957519][ T6576] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 139.984010][ T6576] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 139.998540][ T6576] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 140.006341][ T6576] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 140.038775][ T6576] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 140.120635][ T6576] hsr_slave_0: entered promiscuous mode [ 140.128045][ T6576] hsr_slave_1: entered promiscuous mode [ 140.137157][ T6576] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 140.144910][ T6576] Cannot create hsr debugfs directory [ 140.757205][ T6576] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 140.776247][ T6576] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 140.787599][ T6576] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 140.799957][ T6576] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 140.907324][ T6576] 8021q: adding VLAN 0 to HW filter on device bond0 [ 140.931237][ T6576] 8021q: adding VLAN 0 to HW filter on device team0 [ 140.961775][ T4604] bridge0: port 1(bridge_slave_0) entered blocking state [ 140.968990][ T4604] bridge0: port 1(bridge_slave_0) entered forwarding state [ 140.989727][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 140.997512][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 141.144710][ T5843] Bluetooth: hci3: command tx timeout [ 141.320767][ T6576] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 141.389568][ T6576] veth0_vlan: entered promiscuous mode [ 141.411953][ T6576] veth1_vlan: entered promiscuous mode [ 141.479206][ T6576] veth0_macvtap: entered promiscuous mode [ 141.491775][ T6576] veth1_macvtap: entered promiscuous mode [ 141.527568][ T6576] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 141.553100][ T6576] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 141.571139][ T6576] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.584841][ T6576] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.593579][ T6576] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.606414][ T6576] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 141.718767][ T3480] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.743177][ T3480] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 141.789297][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 141.798012][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 143.185922][ T6715] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 143.212332][ T6715] CIFS mount error: No usable UNC path provided in device string! [ 143.212332][ T6715] [ 143.222626][ T6715] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 143.223940][ T5843] Bluetooth: hci3: command tx timeout [ 145.304690][ T5843] Bluetooth: hci3: command tx timeout [ 146.852016][ T6749] FAULT_INJECTION: forcing a failure. [ 146.852016][ T6749] name fail_futex, interval 1, probability 0, space 0, times 1 [ 146.925778][ T6749] CPU: 1 UID: 0 PID: 6749 Comm: syz.2.130 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 146.925801][ T6749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 146.925810][ T6749] Call Trace: [ 146.925815][ T6749] [ 146.925820][ T6749] dump_stack_lvl+0x16c/0x1f0 [ 146.925847][ T6749] should_fail_ex+0x512/0x640 [ 146.925871][ T6749] get_futex_key+0xf36/0x1540 [ 146.925889][ T6749] ? find_held_lock+0x2b/0x80 [ 146.925903][ T6749] ? __pfx_get_futex_key+0x10/0x10 [ 146.925920][ T6749] ? __mutex_trylock_common+0xe9/0x250 [ 146.925943][ T6749] futex_wake+0xea/0x530 [ 146.925965][ T6749] ? __pfx_futex_wake+0x10/0x10 [ 146.925983][ T6749] ? __lock_acquire+0xb8a/0x1c90 [ 146.926020][ T6749] do_futex+0x1e3/0x350 [ 146.926037][ T6749] ? __pfx_do_futex+0x10/0x10 [ 146.926053][ T6749] ? __might_fault+0xe3/0x190 [ 146.926079][ T6749] mm_release+0x24e/0x300 [ 146.926095][ T6749] do_exit+0x68b/0x2bd0 [ 146.926118][ T6749] ? __pfx_do_exit+0x10/0x10 [ 146.926136][ T6749] ? do_raw_spin_lock+0x12c/0x2b0 [ 146.926156][ T6749] ? find_held_lock+0x2b/0x80 [ 146.926173][ T6749] do_group_exit+0xd3/0x2a0 [ 146.926192][ T6749] get_signal+0x2673/0x26d0 [ 146.926210][ T6749] ? kmem_cache_free+0x2d1/0x4d0 [ 146.926229][ T6749] ? fd_install+0x225/0x750 [ 146.926253][ T6749] ? __pfx_get_signal+0x10/0x10 [ 146.926268][ T6749] ? do_futex+0x122/0x350 [ 146.926285][ T6749] ? __pfx_do_futex+0x10/0x10 [ 146.926303][ T6749] arch_do_signal_or_restart+0x8f/0x790 [ 146.926321][ T6749] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 146.926347][ T6749] exit_to_user_mode_loop+0x84/0x110 [ 146.926370][ T6749] do_syscall_64+0x3f6/0x490 [ 146.926393][ T6749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.926408][ T6749] RIP: 0033:0x7f5fcd98e929 [ 146.926420][ T6749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.926433][ T6749] RSP: 002b:00007f5fce8460e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 146.926447][ T6749] RAX: fffffffffffffe00 RBX: 00007f5fcdbb6088 RCX: 00007f5fcd98e929 [ 146.926456][ T6749] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5fcdbb6088 [ 146.926465][ T6749] RBP: 00007f5fcdbb6080 R08: 0000000000000000 R09: 0000000000000000 [ 146.926473][ T6749] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5fcdbb608c [ 146.926481][ T6749] R13: 0000000000000000 R14: 00007ffe4a0d1be0 R15: 00007ffe4a0d1cc8 [ 146.926498][ T6749] [ 147.360907][ T6784] netlink: 330 bytes leftover after parsing attributes in process `syz.3.134'. [ 147.807800][ T6792] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input7 [ 147.818348][ T6795] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 151.302181][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 151.308603][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 151.316651][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 151.322922][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 151.336244][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 151.343968][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 151.351772][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 151.358842][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 151.383244][ T6832] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 153.619235][ T6862] FAULT_INJECTION: forcing a failure. [ 153.619235][ T6862] name failslab, interval 1, probability 0, space 0, times 0 [ 153.635649][ T6862] CPU: 1 UID: 0 PID: 6862 Comm: syz.0.150 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 153.635683][ T6862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 153.635697][ T6862] Call Trace: [ 153.635706][ T6862] [ 153.635716][ T6862] dump_stack_lvl+0x16c/0x1f0 [ 153.635757][ T6862] should_fail_ex+0x512/0x640 [ 153.635788][ T6862] ? __kmalloc_noprof+0xbf/0x510 [ 153.635825][ T6862] ? devlink_fmsg_put_value+0xaa/0x2d0 [ 153.635851][ T6862] should_failslab+0xc2/0x120 [ 153.635875][ T6862] __kmalloc_noprof+0xd2/0x510 [ 153.635915][ T6862] devlink_fmsg_put_value+0xaa/0x2d0 [ 153.635945][ T6862] devlink_fmsg_bool_pair_put+0x19c/0x2f0 [ 153.635974][ T6862] ? __pfx_devlink_fmsg_bool_pair_put+0x10/0x10 [ 153.636002][ T6862] ? __pfx_kasan_disable_current+0x10/0x10 [ 153.636037][ T6862] ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0 [ 153.636068][ T6862] nsim_dev_dummy_fmsg_put+0xe7/0x1e0 [ 153.636096][ T6862] devlink_health_do_dump+0x240/0x620 [ 153.636128][ T6862] devlink_health_report+0x3c9/0x9c0 [ 153.636162][ T6862] ? __pfx_devlink_health_report+0x10/0x10 [ 153.636193][ T6862] ? _copy_from_user+0x59/0xd0 [ 153.636231][ T6862] nsim_dev_health_break_write+0x166/0x210 [ 153.636257][ T6862] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 153.636293][ T6862] full_proxy_write+0x13c/0x200 [ 153.636318][ T6862] ? __pfx_full_proxy_write+0x10/0x10 [ 153.636341][ T6862] vfs_write+0x29d/0x1150 [ 153.636379][ T6862] ? __pfx___mutex_lock+0x10/0x10 [ 153.636414][ T6862] ? __pfx_vfs_write+0x10/0x10 [ 153.636453][ T6862] ? __rcu_read_unlock+0x2b4/0x580 [ 153.636487][ T6862] ? __fget_files+0x20e/0x3c0 [ 153.636527][ T6862] ksys_write+0x12a/0x250 [ 153.636568][ T6862] ? __pfx_ksys_write+0x10/0x10 [ 153.636612][ T6862] do_syscall_64+0xcd/0x490 [ 153.636662][ T6862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.636686][ T6862] RIP: 0033:0x7f748918e929 [ 153.636706][ T6862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.636729][ T6862] RSP: 002b:00007f7489fee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 153.636752][ T6862] RAX: ffffffffffffffda RBX: 00007f74893b5fa0 RCX: 00007f748918e929 [ 153.636767][ T6862] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000005 [ 153.636787][ T6862] RBP: 00007f7489210b39 R08: 0000000000000000 R09: 0000000000000000 [ 153.636802][ T6862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.636818][ T6862] R13: 0000000000000000 R14: 00007f74893b5fa0 R15: 00007fff3d7eb048 [ 153.636855][ T6862] [ 156.168727][ T6908] warning: `syz.3.160' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 157.904518][ T6932] sd 0:0:1:0: PR command failed: 1026 [ 157.924041][ T6932] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 157.957466][ T6932] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 158.889820][ T6938] FAULT_INJECTION: forcing a failure. [ 158.889820][ T6938] name failslab, interval 1, probability 0, space 0, times 0 [ 159.027624][ T6938] CPU: 0 UID: 0 PID: 6938 Comm: syz.0.164 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 159.027662][ T6938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 159.027677][ T6938] Call Trace: [ 159.027686][ T6938] [ 159.027695][ T6938] dump_stack_lvl+0x16c/0x1f0 [ 159.027724][ T6938] should_fail_ex+0x512/0x640 [ 159.027745][ T6938] ? fs_reclaim_acquire+0xae/0x150 [ 159.027764][ T6938] ? tomoyo_encode2+0x100/0x3e0 [ 159.027783][ T6938] should_failslab+0xc2/0x120 [ 159.027797][ T6938] __kmalloc_noprof+0xd2/0x510 [ 159.027818][ T6938] ? d_absolute_path+0x136/0x1a0 [ 159.027837][ T6938] tomoyo_encode2+0x100/0x3e0 [ 159.027858][ T6938] tomoyo_encode+0x29/0x50 [ 159.027875][ T6938] tomoyo_realpath_from_path+0x18f/0x6e0 [ 159.027899][ T6938] tomoyo_path_number_perm+0x245/0x580 [ 159.027915][ T6938] ? tomoyo_path_number_perm+0x237/0x580 [ 159.027932][ T6938] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 159.027967][ T6938] ? find_held_lock+0x2b/0x80 [ 159.027980][ T6938] ? hook_file_ioctl_common+0x145/0x410 [ 159.027999][ T6938] ? __fget_files+0x20e/0x3c0 [ 159.028021][ T6938] security_file_ioctl+0x9b/0x240 [ 159.028039][ T6938] __x64_sys_ioctl+0xb7/0x210 [ 159.028057][ T6938] do_syscall_64+0xcd/0x490 [ 159.028086][ T6938] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.028101][ T6938] RIP: 0033:0x7f748918e929 [ 159.028113][ T6938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.028126][ T6938] RSP: 002b:00007f7489fac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 159.028140][ T6938] RAX: ffffffffffffffda RBX: 00007f74893b6160 RCX: 00007f748918e929 [ 159.028149][ T6938] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003 [ 159.028157][ T6938] RBP: 00007f7489210b39 R08: 0000000000000000 R09: 0000000000000000 [ 159.028166][ T6938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.028174][ T6938] R13: 0000000000000000 R14: 00007f74893b6160 R15: 00007fff3d7eb048 [ 159.028192][ T6938] [ 159.028354][ T6938] ERROR: Out of memory at tomoyo_realpath_from_path. [ 164.820438][ T7014] FAULT_INJECTION: forcing a failure. [ 164.820438][ T7014] name failslab, interval 1, probability 0, space 0, times 0 [ 165.035238][ T7014] CPU: 1 UID: 0 PID: 7014 Comm: syz.2.179 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 165.035276][ T7014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 165.035290][ T7014] Call Trace: [ 165.035299][ T7014] [ 165.035310][ T7014] dump_stack_lvl+0x16c/0x1f0 [ 165.035354][ T7014] should_fail_ex+0x512/0x640 [ 165.035387][ T7014] ? fs_reclaim_acquire+0xae/0x150 [ 165.035419][ T7014] ? tomoyo_encode2+0x100/0x3e0 [ 165.035450][ T7014] should_failslab+0xc2/0x120 [ 165.035475][ T7014] __kmalloc_noprof+0xd2/0x510 [ 165.035509][ T7014] ? d_absolute_path+0x136/0x1a0 [ 165.035541][ T7014] tomoyo_encode2+0x100/0x3e0 [ 165.035577][ T7014] tomoyo_encode+0x29/0x50 [ 165.035607][ T7014] tomoyo_realpath_from_path+0x18f/0x6e0 [ 165.035651][ T7014] tomoyo_path_number_perm+0x245/0x580 [ 165.035679][ T7014] ? tomoyo_path_number_perm+0x237/0x580 [ 165.035711][ T7014] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 165.035778][ T7014] ? find_held_lock+0x2b/0x80 [ 165.035802][ T7014] ? hook_file_ioctl_common+0x145/0x410 [ 165.035837][ T7014] ? __fget_files+0x20e/0x3c0 [ 165.035876][ T7014] security_file_ioctl+0x9b/0x240 [ 165.035907][ T7014] __x64_sys_ioctl+0xb7/0x210 [ 165.035939][ T7014] do_syscall_64+0xcd/0x490 [ 165.035977][ T7014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.036002][ T7014] RIP: 0033:0x7f5fcd98e929 [ 165.036023][ T7014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.036046][ T7014] RSP: 002b:00007f5fce825038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 165.036071][ T7014] RAX: ffffffffffffffda RBX: 00007f5fcdbb6160 RCX: 00007f5fcd98e929 [ 165.036088][ T7014] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003 [ 165.036102][ T7014] RBP: 00007f5fcda10b39 R08: 0000000000000000 R09: 0000000000000000 [ 165.036117][ T7014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.036132][ T7014] R13: 0000000000000000 R14: 00007f5fcdbb6160 R15: 00007ffe4a0d1cc8 [ 165.036168][ T7014] [ 165.036198][ T7014] ERROR: Out of memory at tomoyo_realpath_from_path. [ 171.936680][ T7121] ptrace attach of ""[7123] was attempted by "./syz-executor exec"[7121] [ 172.620848][ T5843] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 173.609726][ T7148] HfR: entered promiscuous mode [ 173.684409][ T7148] netlink: 12 bytes leftover after parsing attributes in process `syz.3.202'. [ 174.209406][ T7148] HfR: left promiscuous mode [ 179.800832][ T7186] kexec: Could not allocate control_code_buffer [ 181.000066][ T7234] FAULT_INJECTION: forcing a failure. [ 181.000066][ T7234] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 181.000123][ T7234] CPU: 1 UID: 0 PID: 7234 Comm: syz.3.220 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 181.000141][ T7234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 181.000150][ T7234] Call Trace: [ 181.000156][ T7234] [ 181.000161][ T7234] dump_stack_lvl+0x16c/0x1f0 [ 181.000186][ T7234] should_fail_ex+0x512/0x640 [ 181.000210][ T7234] should_fail_alloc_page+0xe7/0x130 [ 181.000226][ T7234] prepare_alloc_pages+0x3c2/0x610 [ 181.000246][ T7234] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 181.000271][ T7234] ? stack_trace_save+0x8e/0xc0 [ 181.000293][ T7234] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 181.000316][ T7234] ? fb_var_to_videomode+0x4c9/0x690 [ 181.000343][ T7234] ? __pfx_fb_match_mode+0x10/0x10 [ 181.000360][ T7234] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 181.000382][ T7234] ? vc_allocate+0x489/0x880 [ 181.000402][ T7234] __alloc_pages_noprof+0xb/0x1b0 [ 181.000422][ T7234] ___kmalloc_large_node+0x84/0x1e0 [ 181.000441][ T7234] ? vc_allocate+0x489/0x880 [ 181.000459][ T7234] __kmalloc_large_node_noprof+0x1c/0x70 [ 181.000478][ T7234] __kmalloc_noprof.cold+0xc/0x61 [ 181.000513][ T7234] vc_allocate+0x489/0x880 [ 181.000534][ T7234] ? __pfx_vc_allocate+0x10/0x10 [ 181.000561][ T7234] con_install+0xa1/0x600 [ 181.000584][ T7234] ? __pfx_con_install+0x10/0x10 [ 181.000609][ T7234] ? __pfx_con_install+0x10/0x10 [ 181.000631][ T7234] tty_init_dev.part.0+0x99/0x500 [ 181.000647][ T7234] tty_open+0xa50/0xf90 [ 181.000663][ T7234] ? __pfx_tty_open+0x10/0x10 [ 181.000676][ T7234] ? chrdev_open+0x58c/0x6a0 [ 181.000700][ T7234] ? __pfx_tty_open+0x10/0x10 [ 181.000713][ T7234] chrdev_open+0x231/0x6a0 [ 181.000738][ T7234] ? __pfx_chrdev_open+0x10/0x10 [ 181.000761][ T7234] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 181.000783][ T7234] do_dentry_open+0x744/0x1c10 [ 181.000804][ T7234] ? __pfx_chrdev_open+0x10/0x10 [ 181.000829][ T7234] vfs_open+0x82/0x3f0 [ 181.000847][ T7234] path_openat+0x1de4/0x2cb0 [ 181.000873][ T7234] ? __pfx_path_openat+0x10/0x10 [ 181.000894][ T7234] ? __lock_acquire+0xb8a/0x1c90 [ 181.000915][ T7234] do_filp_open+0x20b/0x470 [ 181.000935][ T7234] ? __pfx_do_filp_open+0x10/0x10 [ 181.000969][ T7234] ? alloc_fd+0x471/0x7d0 [ 181.000993][ T7234] do_sys_openat2+0x11b/0x1d0 [ 181.001008][ T7234] ? __pfx_do_sys_openat2+0x10/0x10 [ 181.001030][ T7234] __x64_sys_openat+0x174/0x210 [ 181.001046][ T7234] ? __pfx___x64_sys_openat+0x10/0x10 [ 181.001070][ T7234] do_syscall_64+0xcd/0x490 [ 181.001093][ T7234] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.001107][ T7234] RIP: 0033:0x7fdfa4f8e929 [ 181.001119][ T7234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.001133][ T7234] RSP: 002b:00007fdfa5df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 181.001146][ T7234] RAX: ffffffffffffffda RBX: 00007fdfa51b5fa0 RCX: 00007fdfa4f8e929 [ 181.001156][ T7234] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 181.001164][ T7234] RBP: 00007fdfa5010b39 R08: 0000000000000000 R09: 0000000000000000 [ 181.001173][ T7234] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 181.001182][ T7234] R13: 0000000000000000 R14: 00007fdfa51b5fa0 R15: 00007ffe17bee858 [ 181.001201][ T7234] [ 194.268313][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.274736][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.291880][ T7509] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 203.237399][ T7546] FAULT_INJECTION: forcing a failure. [ 203.237399][ T7546] name failslab, interval 1, probability 0, space 0, times 0 [ 203.300499][ T7546] CPU: 0 UID: 0 PID: 7546 Comm: syz.3.273 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 203.300541][ T7546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 203.300556][ T7546] Call Trace: [ 203.300565][ T7546] [ 203.300575][ T7546] dump_stack_lvl+0x16c/0x1f0 [ 203.300619][ T7546] should_fail_ex+0x512/0x640 [ 203.300654][ T7546] ? fs_reclaim_acquire+0xae/0x150 [ 203.300688][ T7546] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 203.300722][ T7546] should_failslab+0xc2/0x120 [ 203.300748][ T7546] __kmalloc_noprof+0xd2/0x510 [ 203.300781][ T7546] ? __lock_acquire+0x622/0x1c90 [ 203.300822][ T7546] tomoyo_realpath_from_path+0xc2/0x6e0 [ 203.300859][ T7546] ? tomoyo_profile+0x47/0x60 [ 203.300900][ T7546] tomoyo_path_perm+0x274/0x460 [ 203.300926][ T7546] ? tomoyo_path_perm+0x260/0x460 [ 203.300957][ T7546] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 203.301003][ T7546] ? d_add+0x47a/0x780 [ 203.301048][ T7546] ? __pfx_current_check_access_path+0x10/0x10 [ 203.301080][ T7546] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 203.301108][ T7546] ? lookup_dcache+0x66/0x170 [ 203.301145][ T7546] tomoyo_path_symlink+0x97/0xe0 [ 203.301182][ T7546] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 203.301216][ T7546] ? find_held_lock+0x2b/0x80 [ 203.301240][ T7546] ? __might_fault+0xe3/0x190 [ 203.301277][ T7546] security_path_symlink+0x152/0x2e0 [ 203.301295][ T7546] do_symlinkat+0x10d/0x310 [ 203.301318][ T7546] ? __pfx_do_symlinkat+0x10/0x10 [ 203.301340][ T7546] ? getname_flags.part.0+0x1c5/0x550 [ 203.301359][ T7546] __x64_sys_symlink+0x75/0x90 [ 203.301381][ T7546] do_syscall_64+0xcd/0x490 [ 203.301404][ T7546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.301418][ T7546] RIP: 0033:0x7fdfa4f8e929 [ 203.301443][ T7546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.301457][ T7546] RSP: 002b:00007fdfa5df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 203.301479][ T7546] RAX: ffffffffffffffda RBX: 00007fdfa51b5fa0 RCX: 00007fdfa4f8e929 [ 203.301488][ T7546] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 203.301497][ T7546] RBP: 00007fdfa5010b39 R08: 0000000000000000 R09: 0000000000000000 [ 203.301505][ T7546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 203.301514][ T7546] R13: 0000000000000000 R14: 00007fdfa51b5fa0 R15: 00007ffe17bee858 [ 203.301533][ T7546] [ 203.616523][ T7546] ERROR: Out of memory at tomoyo_realpath_from_path. [ 203.637904][ T7553] netlink: 48 bytes leftover after parsing attributes in process `syz.2.274'. [ 206.587156][ T5150] Bluetooth: hci2: command 0x0406 tx timeout [ 206.593263][ T5150] Bluetooth: hci0: command 0x0406 tx timeout [ 206.599427][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 206.671236][ T7593] FAULT_INJECTION: forcing a failure. [ 206.671236][ T7593] name failslab, interval 1, probability 0, space 0, times 0 [ 206.763006][ T7593] CPU: 1 UID: 0 PID: 7593 Comm: syz.3.281 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 206.763045][ T7593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 206.763060][ T7593] Call Trace: [ 206.763068][ T7593] [ 206.763079][ T7593] dump_stack_lvl+0x16c/0x1f0 [ 206.763143][ T7593] should_fail_ex+0x512/0x640 [ 206.763176][ T7593] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 206.763216][ T7593] should_failslab+0xc2/0x120 [ 206.763242][ T7593] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 206.763277][ T7593] ? __proc_create+0xc3/0x8c0 [ 206.763312][ T7593] ? __proc_create+0x2ce/0x8c0 [ 206.763352][ T7593] __proc_create+0x2ce/0x8c0 [ 206.763390][ T7593] ? __pfx___proc_create+0x10/0x10 [ 206.763423][ T7593] ? proc_register+0x30f/0x5f0 [ 206.763465][ T7593] ? _raw_write_unlock+0x28/0x50 [ 206.763504][ T7593] proc_create_reg+0x7d/0x180 [ 206.763531][ T7593] proc_create_net_data+0x8e/0x1b0 [ 206.763569][ T7593] ? __pfx_proc_create_net_data+0x10/0x10 [ 206.763620][ T7593] ? __pfx_kcm_proc_init_net+0x10/0x10 [ 206.763657][ T7593] kcm_proc_init_net+0xa3/0x120 [ 206.763692][ T7593] ops_init+0x1df/0x5f0 [ 206.763733][ T7593] setup_net+0x1ff/0x510 [ 206.763754][ T7593] ? lockdep_init_map_type+0x5c/0x280 [ 206.763787][ T7593] ? __pfx_setup_net+0x10/0x10 [ 206.763812][ T7593] ? debug_mutex_init+0x37/0x70 [ 206.763839][ T7593] copy_net_ns+0x2a6/0x5f0 [ 206.763868][ T7593] create_new_namespaces+0x3ea/0xa90 [ 206.763904][ T7593] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 206.763934][ T7593] ksys_unshare+0x45b/0xa40 [ 206.763965][ T7593] ? __pfx_ksys_unshare+0x10/0x10 [ 206.763997][ T7593] ? xfd_validate_state+0x61/0x180 [ 206.764038][ T7593] __x64_sys_unshare+0x31/0x40 [ 206.764074][ T7593] do_syscall_64+0xcd/0x490 [ 206.764121][ T7593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.764147][ T7593] RIP: 0033:0x7fdfa4f8e929 [ 206.764170][ T7593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.764193][ T7593] RSP: 002b:00007fdfa5df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 206.764217][ T7593] RAX: ffffffffffffffda RBX: 00007fdfa51b5fa0 RCX: 00007fdfa4f8e929 [ 206.764234][ T7593] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 206.764248][ T7593] RBP: 00007fdfa5010b39 R08: 0000000000000000 R09: 0000000000000000 [ 206.764263][ T7593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 206.764278][ T7593] R13: 0000000000000000 R14: 00007fdfa51b5fa0 R15: 00007ffe17bee858 [ 206.764312][ T7593] [ 209.713772][ T7634] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4294967293.4294967295.4294967293), cmd(2) [ 222.096150][ T7802] FAULT_INJECTION: forcing a failure. [ 222.096150][ T7802] name failslab, interval 1, probability 0, space 0, times 0 [ 222.112502][ T7802] CPU: 1 UID: 0 PID: 7802 Comm: syz.0.317 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 222.112550][ T7802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 222.112565][ T7802] Call Trace: [ 222.112573][ T7802] [ 222.112582][ T7802] dump_stack_lvl+0x16c/0x1f0 [ 222.112624][ T7802] should_fail_ex+0x512/0x640 [ 222.112655][ T7802] ? fs_reclaim_acquire+0xae/0x150 [ 222.112686][ T7802] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 222.112717][ T7802] should_failslab+0xc2/0x120 [ 222.112743][ T7802] __kmalloc_noprof+0xd2/0x510 [ 222.112776][ T7802] ? __lock_acquire+0x622/0x1c90 [ 222.112814][ T7802] tomoyo_realpath_from_path+0xc2/0x6e0 [ 222.112847][ T7802] ? tomoyo_profile+0x47/0x60 [ 222.112884][ T7802] tomoyo_path_perm+0x274/0x460 [ 222.112910][ T7802] ? tomoyo_path_perm+0x260/0x460 [ 222.112939][ T7802] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 222.112980][ T7802] ? d_add+0x47a/0x780 [ 222.113019][ T7802] ? __pfx_current_check_access_path+0x10/0x10 [ 222.113050][ T7802] ? lookup_one_qstr_excl_raw.part.0+0xf9/0x160 [ 222.113074][ T7802] ? lookup_dcache+0x66/0x170 [ 222.113108][ T7802] tomoyo_path_symlink+0x97/0xe0 [ 222.113143][ T7802] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 222.113175][ T7802] ? find_held_lock+0x2b/0x80 [ 222.113199][ T7802] ? __might_fault+0xe3/0x190 [ 222.113239][ T7802] security_path_symlink+0x152/0x2e0 [ 222.113267][ T7802] do_symlinkat+0x10d/0x310 [ 222.113302][ T7802] ? __pfx_do_symlinkat+0x10/0x10 [ 222.113338][ T7802] ? getname_flags.part.0+0x1c5/0x550 [ 222.113374][ T7802] __x64_sys_symlink+0x75/0x90 [ 222.113410][ T7802] do_syscall_64+0xcd/0x490 [ 222.113449][ T7802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.113473][ T7802] RIP: 0033:0x7f748918e929 [ 222.113494][ T7802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.113526][ T7802] RSP: 002b:00007f7489fee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 222.113551][ T7802] RAX: ffffffffffffffda RBX: 00007f74893b5fa0 RCX: 00007f748918e929 [ 222.113568][ T7802] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000 [ 222.113584][ T7802] RBP: 00007f7489210b39 R08: 0000000000000000 R09: 0000000000000000 [ 222.113599][ T7802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.113614][ T7802] R13: 0000000000000000 R14: 00007f74893b5fa0 R15: 00007fff3d7eb048 [ 222.113650][ T7802] [ 222.406621][ T7802] ERROR: Out of memory at tomoyo_realpath_from_path. [ 235.088501][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.095989][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 235.105668][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.112584][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 235.131151][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.137514][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 235.173365][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.179887][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 243.860698][ T8100] random: crng reseeded on system resumption                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     syzkaller syzkaller login: [ 334.001164][ T9411] : Can't lookup blockdev [ 337.500298][ T9466] FAULT_INJECTION: forcing a failure. [ 337.500298][ T9466] name failslab, interval 1, probability 0, space 0, times 0 [ 337.513400][ T9466] CPU: 0 UID: 0 PID: 9466 Comm: syz.3.606 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 337.513436][ T9466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 337.513451][ T9466] Call Trace: [ 337.513460][ T9466] [ 337.513470][ T9466] dump_stack_lvl+0x16c/0x1f0 [ 337.513514][ T9466] should_fail_ex+0x512/0x640 [ 337.513543][ T9466] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 337.513573][ T9466] should_failslab+0xc2/0x120 [ 337.513597][ T9466] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 337.513629][ T9466] ? __proc_create+0xc3/0x8c0 [ 337.513682][ T9466] ? __proc_create+0x2ce/0x8c0 [ 337.513723][ T9466] __proc_create+0x2ce/0x8c0 [ 337.513762][ T9466] ? __pfx___proc_create+0x10/0x10 [ 337.513818][ T9466] proc_mkdir+0x81/0x170 [ 337.513842][ T9466] ? __pfx_proc_mkdir+0x10/0x10 [ 337.513865][ T9466] ? cache_register_net+0x137/0x5e0 [ 337.513888][ T9466] cache_register_net+0x18f/0x5e0 [ 337.513904][ T9466] unix_gid_cache_create+0x8b/0x130 [ 337.513927][ T9466] ? __pfx_sunrpc_init_net+0x10/0x10 [ 337.513945][ T9466] sunrpc_init_net+0x71/0x190 [ 337.513965][ T9466] ops_init+0x1df/0x5f0 [ 337.513989][ T9466] setup_net+0x1ff/0x510 [ 337.514001][ T9466] ? lockdep_init_map_type+0x5c/0x280 [ 337.514020][ T9466] ? __pfx_setup_net+0x10/0x10 [ 337.514034][ T9466] ? debug_mutex_init+0x37/0x70 [ 337.514054][ T9466] copy_net_ns+0x2a6/0x5f0 [ 337.514070][ T9466] create_new_namespaces+0x3ea/0xa90 [ 337.514090][ T9466] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 337.514107][ T9466] ksys_unshare+0x45b/0xa40 [ 337.514126][ T9466] ? __pfx_ksys_unshare+0x10/0x10 [ 337.514145][ T9466] ? syscall_user_dispatch+0x78/0x140 [ 337.514171][ T9466] __x64_sys_unshare+0x31/0x40 [ 337.514189][ T9466] do_syscall_64+0xcd/0x490 [ 337.514215][ T9466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.514230][ T9466] RIP: 0033:0x7fdfa4f8e929 [ 337.514242][ T9466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 337.514256][ T9466] RSP: 002b:00007fdfa5df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 337.514270][ T9466] RAX: ffffffffffffffda RBX: 00007fdfa51b5fa0 RCX: 00007fdfa4f8e929 [ 337.514279][ T9466] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 337.514288][ T9466] RBP: 00007fdfa5010b39 R08: 0000000000000000 R09: 0000000000000000 [ 337.514296][ T9466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 337.514305][ T9466] R13: 0000000000000000 R14: 00007fdfa51b5fa0 R15: 00007ffe17bee858 [ 337.514324][ T9466] [ 339.535853][ T9509] netlink: 48 bytes leftover after parsing attributes in process `syz.3.614'. [ 341.493470][ C0] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163eaa9 (__mcheck_cpu_init_clear_banks+0x109/0x1f0) [ 341.508846][ C0] Call Trace: [ 341.512143][ C0] [ 341.515089][ C0] ? __pfx_mce_cpu_restart+0x10/0x10 [ 341.520395][ C0] mce_cpu_restart+0x98/0xb0 [ 341.525004][ C0] __flush_smp_call_function_queue+0x27d/0x8c0 [ 341.531188][ C0] __sysvec_call_function_single+0x87/0x400 [ 341.537108][ C0] sysvec_call_function_single+0x52/0xc0 [ 341.542778][ C0] asm_sysvec_call_function_single+0x1a/0x20 [ 341.548772][ C0] RIP: 0033:0x7f748906f489 [ 341.553190][ C0] Code: 00 e9 c7 fe ff ff 4d 8d a7 80 00 00 00 4c 89 ff 4c 89 e6 e8 f9 89 ff ff 49 39 ec 0f 84 04 fd ff ff 49 8b 0c 24 49 8b 54 24 f8 <49> 8d 44 24 f8 48 39 d1 73 5f 0f 1f 44 00 00 48 89 50 08 48 89 c6 [ 341.572807][ C0] RSP: 002b:00007fff3d7eb0a0 EFLAGS: 00000283 [ 341.578879][ C0] RAX: 00007f74885fc1c0 RBX: 00007f7489ee5720 RCX: ffffffff8208fefa [ 341.586860][ C0] RDX: ffffffff8208fefa RSI: 00007f74885fc1c8 RDI: 00007f74883fd008 [ 341.594842][ C0] RBP: 00007f74887fd000 R08: 00007f74883fd068 R09: 00007f74893a2000 [ 341.602813][ C0] R10: 00007f74883fd008 R11: 0000000000000003 R12: 00007f74885fc1d0 [ 341.610786][ C0] R13: 00007f74893b6118 R14: 00007fff3d7eb168 R15: 00007f74883fd008 [ 341.618788][ C0] ? __handle_mm_fault+0x7ba/0x5490 [ 341.624020][ C0] ? __handle_mm_fault+0x7ba/0x5490 [ 341.629268][ C0] [ 341.914726][ T9534] program syz.3.619 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 342.974466][ T9534] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 343.011602][ T9534] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 343.108942][ T9534] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 343.152997][ T9534] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 343.184365][ T9534] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 343.205312][ T9534] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 343.235145][ T9534] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 343.268971][ T9534] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 343.749699][ T9569] FAULT_INJECTION: forcing a failure. [ 343.749699][ T9569] name failslab, interval 1, probability 0, space 0, times 0 [ 343.787513][ T9569] CPU: 1 UID: 0 PID: 9569 Comm: syz.1.626 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 343.787556][ T9569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 343.787572][ T9569] Call Trace: [ 343.787582][ T9569] [ 343.787592][ T9569] dump_stack_lvl+0x16c/0x1f0 [ 343.787637][ T9569] should_fail_ex+0x512/0x640 [ 343.787671][ T9569] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 343.787713][ T9569] should_failslab+0xc2/0x120 [ 343.787739][ T9569] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 343.787776][ T9569] ? mas_alloc_nodes+0x18b/0x8b0 [ 343.787818][ T9569] mas_alloc_nodes+0x18b/0x8b0 [ 343.787858][ T9569] mas_node_count_gfp+0x105/0x130 [ 343.787894][ T9569] mas_preallocate+0x7e0/0xde0 [ 343.787930][ T9569] ? __pfx_mas_preallocate+0x10/0x10 [ 343.787969][ T9569] ? __pfx_mt_find+0x10/0x10 [ 343.787998][ T9569] vma_link+0x135/0x6a0 [ 343.788046][ T9569] ? __pfx_vma_link+0x10/0x10 [ 343.788105][ T9569] insert_vm_struct+0xf4/0x2d0 [ 343.788155][ T9569] create_init_stack_vma+0x2da/0x700 [ 343.788198][ T9569] alloc_bprm+0x420/0x6f0 [ 343.788233][ T9569] do_execveat_common.isra.0+0x1ce/0x610 [ 343.788278][ T9569] __x64_sys_execve+0x8e/0xb0 [ 343.788313][ T9569] do_syscall_64+0xcd/0x490 [ 343.788352][ T9569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 343.788379][ T9569] RIP: 0033:0x7f4b4698e929 [ 343.788405][ T9569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 343.788429][ T9569] RSP: 002b:00007f4b47850038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 343.788452][ T9569] RAX: ffffffffffffffda RBX: 00007f4b46bb6080 RCX: 00007f4b4698e929 [ 343.788470][ T9569] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 343.788485][ T9569] RBP: 00007f4b46a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 343.788500][ T9569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 343.788518][ T9569] R13: 0000000000000000 R14: 00007f4b46bb6080 R15: 00007fff42ece868 [ 343.788557][ T9569] [ 344.266477][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 345.143870][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 345.223753][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 345.303754][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 346.156640][ T9606] Invalid ELF header magic: != ELF [ 346.343707][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 347.227693][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 347.303847][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 347.383768][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 348.690464][ T9636] FAULT_INJECTION: forcing a failure. [ 348.690464][ T9636] name failslab, interval 1, probability 0, space 0, times 0 [ 348.783992][ T9636] CPU: 0 UID: 0 PID: 9636 Comm: syz.1.637 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 348.784030][ T9636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 348.784044][ T9636] Call Trace: [ 348.784053][ T9636] [ 348.784062][ T9636] dump_stack_lvl+0x16c/0x1f0 [ 348.784106][ T9636] should_fail_ex+0x512/0x640 [ 348.784140][ T9636] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 348.784178][ T9636] should_failslab+0xc2/0x120 [ 348.784203][ T9636] __kmalloc_cache_noprof+0x6a/0x3e0 [ 348.784248][ T9636] ? init_worker_pool+0x4d6/0x740 [ 348.784292][ T9636] init_worker_pool+0x4d6/0x740 [ 348.784333][ T9636] alloc_unbound_pwq+0x615/0xe10 [ 348.784363][ T9636] ? kasan_save_track+0x14/0x30 [ 348.784402][ T9636] apply_wqattrs_prepare+0x3af/0xbd0 [ 348.784445][ T9636] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 348.784478][ T9636] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 348.784504][ T9636] ? bitmap_parse+0x327/0x410 [ 348.784538][ T9636] cpumask_store+0x1ad/0x220 [ 348.784564][ T9636] ? __pfx_cpumask_store+0x10/0x10 [ 348.784590][ T9636] ? find_held_lock+0x2b/0x80 [ 348.784616][ T9636] ? sysfs_file_kobj+0xe4/0x290 [ 348.784647][ T9636] ? __pfx_cpumask_store+0x10/0x10 [ 348.784671][ T9636] dev_attr_store+0x55/0x80 [ 348.784695][ T9636] ? __pfx_dev_attr_store+0x10/0x10 [ 348.784719][ T9636] sysfs_kf_write+0xef/0x150 [ 348.784751][ T9636] kernfs_fop_write_iter+0x351/0x510 [ 348.784776][ T9636] ? __pfx_sysfs_kf_write+0x10/0x10 [ 348.784810][ T9636] vfs_write+0x6c4/0x1150 [ 348.784844][ T9636] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 348.784873][ T9636] ? __pfx___mutex_lock+0x10/0x10 [ 348.784909][ T9636] ? __pfx_vfs_write+0x10/0x10 [ 348.784968][ T9636] ksys_write+0x12a/0x250 [ 348.785002][ T9636] ? __pfx_ksys_write+0x10/0x10 [ 348.785047][ T9636] do_syscall_64+0xcd/0x490 [ 348.785087][ T9636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 348.785112][ T9636] RIP: 0033:0x7f4b4698e929 [ 348.785132][ T9636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 348.785156][ T9636] RSP: 002b:00007f4b47850038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 348.785179][ T9636] RAX: ffffffffffffffda RBX: 00007f4b46bb6080 RCX: 00007f4b4698e929 [ 348.785195][ T9636] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 348.785210][ T9636] RBP: 00007f4b46a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 348.785225][ T9636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 348.785248][ T9636] R13: 0000000000000000 R14: 00007f4b46bb6080 R15: 00007fff42ece868 [ 348.785285][ T9636] [ 350.288741][ T9664] phram: not enough arguments [ 352.365159][ T9681] binder: 9674:9681 ioctl c00c620f 200000000340 returned -22 [ 362.820228][ T9843] : Can't lookup blockdev [ 365.213898][ T9881] ubi: mtd0 is already attached to ubi0 [ 369.649839][ T9926] sysfs_service_op_show: Client not running :-5: [ 369.840385][ T9938] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 370.438062][ T9961] : Can't lookup blockdev syzkaller syzkaller login: [ 371.739997][ T9966] FAULT_INJECTION: forcing a failure. [ 371.739997][ T9966] name failslab, interval 1, probability 0, space 0, times 0 [ 371.892018][ T9966] CPU: 0 UID: 0 PID: 9966 Comm: syz.1.701 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 371.892094][ T9966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 371.892103][ T9966] Call Trace: [ 371.892109][ T9966] [ 371.892115][ T9966] dump_stack_lvl+0x16c/0x1f0 [ 371.892142][ T9966] should_fail_ex+0x512/0x640 [ 371.892162][ T9966] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 371.892187][ T9966] should_failslab+0xc2/0x120 [ 371.892201][ T9966] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 371.892221][ T9966] ? __proc_create+0xc3/0x8c0 [ 371.892243][ T9966] ? __proc_create+0x2ce/0x8c0 [ 371.892266][ T9966] __proc_create+0x2ce/0x8c0 [ 371.892288][ T9966] ? __pfx___proc_create+0x10/0x10 [ 371.892312][ T9966] ? _raw_write_unlock+0x28/0x50 [ 371.892331][ T9966] ? proc_register+0x314/0x5f0 [ 371.892354][ T9966] proc_create_reg+0x7d/0x180 [ 371.892369][ T9966] proc_create_data+0x86/0x110 [ 371.892382][ T9966] ? __pfx_proc_create_data+0x10/0x10 [ 371.892397][ T9966] ? cache_register_net+0x137/0x5e0 [ 371.892415][ T9966] cache_register_net+0x2d6/0x5e0 [ 371.892430][ T9966] ip_map_cache_create+0x8b/0x130 [ 371.892454][ T9966] ? __pfx_sunrpc_init_net+0x10/0x10 [ 371.892472][ T9966] sunrpc_init_net+0x55/0x190 [ 371.892492][ T9966] ops_init+0x1df/0x5f0 [ 371.892518][ T9966] setup_net+0x1ff/0x510 [ 371.892529][ T9966] ? lockdep_init_map_type+0x5c/0x280 [ 371.892549][ T9966] ? __pfx_setup_net+0x10/0x10 [ 371.892563][ T9966] ? debug_mutex_init+0x37/0x70 [ 371.892578][ T9966] copy_net_ns+0x2a6/0x5f0 [ 371.892594][ T9966] create_new_namespaces+0x3ea/0xa90 [ 371.892614][ T9966] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 371.892640][ T9966] ksys_unshare+0x45b/0xa40 [ 371.892659][ T9966] ? __pfx_ksys_unshare+0x10/0x10 [ 371.892679][ T9966] ? syscall_user_dispatch+0x78/0x140 [ 371.892706][ T9966] __x64_sys_unshare+0x31/0x40 [ 371.892725][ T9966] do_syscall_64+0xcd/0x490 [ 371.892747][ T9966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.892769][ T9966] RIP: 0033:0x7f4b4698e929 [ 371.892783][ T9966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 371.892796][ T9966] RSP: 002b:00007f4b47871038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 371.892810][ T9966] RAX: ffffffffffffffda RBX: 00007f4b46bb5fa0 RCX: 00007f4b4698e929 [ 371.892819][ T9966] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 371.892828][ T9966] RBP: 00007f4b46a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 371.892836][ T9966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 371.892845][ T9966] R13: 0000000000000000 R14: 00007f4b46bb5fa0 R15: 00007fff42ece868 [ 371.892863][ T9966] [ 374.867594][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 374.874029][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 374.888426][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 374.895001][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 374.912235][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 374.925227][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 374.936497][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 374.942833][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 375.370971][T10021] ubi: mtd0 is already attached to ubi0 [ 377.082835][T10039] ptp ptp0: guarantee physical clock free running [ 378.625176][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.631530][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.094892][T10089] ubi: mtd0 is already attached to ubi0 [ 382.417337][T10113] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 386.100762][T10175] ubi: mtd0 is already attached to ubi0 [ 391.161109][T10231] ptrace attach of "./syz-executor exec"[5828] was attempted by "./syz-executor exec"[10231] [ 392.931939][T10279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.761'. [ 398.575457][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 398.581859][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 398.603239][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 398.622298][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 398.649064][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 398.655908][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 398.686661][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 398.693151][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 403.886186][T10455] snd_aloop snd_aloop.0: control 4:65539:6:'x?F/zF˷fC:7 is already present [ 410.063111][T10537] FAULT_INJECTION: forcing a failure. [ 410.063111][T10537] name failslab, interval 1, probability 0, space 0, times 0 [ 410.097078][T10537] CPU: 1 UID: 0 PID: 10537 Comm: syz.0.803 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 410.097118][T10537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 410.097133][T10537] Call Trace: [ 410.097142][T10537] [ 410.097153][T10537] dump_stack_lvl+0x16c/0x1f0 [ 410.097197][T10537] should_fail_ex+0x512/0x640 [ 410.097233][T10537] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 410.097276][T10537] should_failslab+0xc2/0x120 [ 410.097299][T10537] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 410.097335][T10537] ? __proc_create+0xc3/0x8c0 [ 410.097373][T10537] ? __proc_create+0x2ce/0x8c0 [ 410.097461][T10537] __proc_create+0x2ce/0x8c0 [ 410.097505][T10537] ? __pfx___proc_create+0x10/0x10 [ 410.097553][T10537] ? _raw_write_unlock+0x28/0x50 [ 410.097599][T10537] proc_create_reg+0x7d/0x180 [ 410.097628][T10537] proc_create_data+0x86/0x110 [ 410.097657][T10537] ? __pfx_proc_create_data+0x10/0x10 [ 410.097686][T10537] ? cache_register_net+0x137/0x5e0 [ 410.097721][T10537] cache_register_net+0x1e0/0x5e0 [ 410.097750][T10537] ip_map_cache_create+0x8b/0x130 [ 410.097791][T10537] ? __pfx_sunrpc_init_net+0x10/0x10 [ 410.097832][T10537] sunrpc_init_net+0x55/0x190 [ 410.097869][T10537] ops_init+0x1df/0x5f0 [ 410.097912][T10537] setup_net+0x1ff/0x510 [ 410.097934][T10537] ? lockdep_init_map_type+0x5c/0x280 [ 410.097973][T10537] ? __pfx_setup_net+0x10/0x10 [ 410.097999][T10537] ? debug_mutex_init+0x37/0x70 [ 410.098028][T10537] copy_net_ns+0x2a6/0x5f0 [ 410.098059][T10537] create_new_namespaces+0x3ea/0xa90 [ 410.098098][T10537] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 410.098129][T10537] ksys_unshare+0x45b/0xa40 [ 410.098163][T10537] ? __pfx_ksys_unshare+0x10/0x10 [ 410.098200][T10537] ? syscall_user_dispatch+0x78/0x140 [ 410.098249][T10537] __x64_sys_unshare+0x31/0x40 [ 410.098282][T10537] do_syscall_64+0xcd/0x490 [ 410.098324][T10537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.098351][T10537] RIP: 0033:0x7f748918e929 [ 410.098373][T10537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 410.098397][T10537] RSP: 002b:00007f7489fee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 410.098423][T10537] RAX: ffffffffffffffda RBX: 00007f74893b5fa0 RCX: 00007f748918e929 [ 410.098440][T10537] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 410.098457][T10537] RBP: 00007f7489210b39 R08: 0000000000000000 R09: 0000000000000000 [ 410.098472][T10537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 410.098488][T10537] R13: 0000000000000000 R14: 00007f74893b5fa0 R15: 00007fff3d7eb048 [ 410.098524][T10537] [ 413.339780][T10587] netlink: 48 bytes leftover after parsing attributes in process `syz.1.814'. [ 415.187444][T10602] program syz.2.817 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 416.349808][T10602] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 416.371157][T10602] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 416.403928][T10602] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 416.410204][T10602] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 417.464187][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 418.423631][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 418.434015][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 418.434279][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 419.143899][T10665] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 420.412281][T10671] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 421.755210][T10688] FAULT_INJECTION: forcing a failure. [ 421.755210][T10688] name failslab, interval 1, probability 0, space 0, times 0 [ 421.771316][T10688] CPU: 0 UID: 0 PID: 10688 Comm: syz.2.832 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 421.771350][T10688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 421.771365][T10688] Call Trace: [ 421.771373][T10688] [ 421.771383][T10688] dump_stack_lvl+0x16c/0x1f0 [ 421.771424][T10688] should_fail_ex+0x512/0x640 [ 421.771457][T10688] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 421.771496][T10688] should_failslab+0xc2/0x120 [ 421.771519][T10688] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 421.771552][T10688] ? __proc_create+0xc3/0x8c0 [ 421.771586][T10688] ? __proc_create+0x2ce/0x8c0 [ 421.771626][T10688] __proc_create+0x2ce/0x8c0 [ 421.771661][T10688] ? __pfx___proc_create+0x10/0x10 [ 421.771704][T10688] ? _raw_write_unlock+0x28/0x50 [ 421.771742][T10688] proc_create_reg+0x7d/0x180 [ 421.771768][T10688] proc_create_data+0x86/0x110 [ 421.771791][T10688] ? __pfx_proc_create_data+0x10/0x10 [ 421.771816][T10688] ? cache_register_net+0x137/0x5e0 [ 421.771848][T10688] cache_register_net+0x1e0/0x5e0 [ 421.771875][T10688] ip_map_cache_create+0x8b/0x130 [ 421.771921][T10688] ? __pfx_sunrpc_init_net+0x10/0x10 [ 421.771953][T10688] sunrpc_init_net+0x55/0x190 [ 421.771986][T10688] ops_init+0x1df/0x5f0 [ 421.772027][T10688] setup_net+0x1ff/0x510 [ 421.772047][T10688] ? lockdep_init_map_type+0x5c/0x280 [ 421.772078][T10688] ? __pfx_setup_net+0x10/0x10 [ 421.772103][T10688] ? debug_mutex_init+0x37/0x70 [ 421.772131][T10688] copy_net_ns+0x2a6/0x5f0 [ 421.772161][T10688] create_new_namespaces+0x3ea/0xa90 [ 421.772197][T10688] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 421.772227][T10688] ksys_unshare+0x45b/0xa40 [ 421.772259][T10688] ? __pfx_ksys_unshare+0x10/0x10 [ 421.772293][T10688] ? syscall_user_dispatch+0x78/0x140 [ 421.772336][T10688] __x64_sys_unshare+0x31/0x40 [ 421.772364][T10688] do_syscall_64+0xcd/0x490 [ 421.772400][T10688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.772426][T10688] RIP: 0033:0x7f5fcd98e929 [ 421.772446][T10688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.772470][T10688] RSP: 002b:00007f5fce867038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 421.772495][T10688] RAX: ffffffffffffffda RBX: 00007f5fcdbb5fa0 RCX: 00007f5fcd98e929 [ 421.772512][T10688] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 421.772526][T10688] RBP: 00007f5fcda10b39 R08: 0000000000000000 R09: 0000000000000000 [ 421.772540][T10688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.772554][T10688] R13: 0000000000000000 R14: 00007f5fcdbb5fa0 R15: 00007ffe4a0d1cc8 [ 421.772587][T10688] [ 424.882923][T10734] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 427.747740][T10783] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 433.264765][T10864] snd_aloop snd_aloop.0: control 16781581:65533:6:'x?F/zF˷fC:0 is already present [ 434.492404][T10883] program syz.1.861 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 434.882937][T10883] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 434.943075][T10883] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 434.960764][T10883] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 435.075410][T10883] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 436.903818][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 436.997240][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 437.006830][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 437.155928][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 439.007567][T10920] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 440.044166][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.050529][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.690483][T10968] snd_aloop snd_aloop.0: control 4:65539:6:'x?F/zF˷fC:7 is already present [ 445.292030][T11029] Invalid ELF header magic: != ELF [ 447.158512][T11065] ptrace attach of "./syz-executor exec"[5829] was attempted by "./syz-executor exec"[11065] [ 448.887126][T11076] program syz.0.892 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 450.039669][T11087] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 450.046311][T11087] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 450.052433][T11087] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 450.078813][T11087] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 451.153791][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 452.103765][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 452.109795][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 452.116434][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 454.568848][T11170] snd_aloop snd_aloop.0: control 4:65539:6:'x?F/zF˷fC:7 is already present [ 457.848726][T11206] Invalid ELF header magic: != ELF [ 459.391363][T11217] ip_vti0: entered allmulticast mode [ 461.411598][T11258] ================================================================== [ 461.411611][T11258] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 461.411636][T11258] Write of size 8 at addr ffffc90003859000 by task syz.3.926/11258 [ 461.411649][T11258] [ 461.411657][T11258] CPU: 1 UID: 0 PID: 11258 Comm: syz.3.926 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 461.411675][T11258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 461.411684][T11258] Call Trace: [ 461.411688][T11258] [ 461.411694][T11258] dump_stack_lvl+0x116/0x1f0 [ 461.411718][T11258] print_report+0xcd/0x680 [ 461.411731][T11258] ? __virt_addr_valid+0x81/0x610 [ 461.411747][T11258] ? sys_imageblit+0x1a6f/0x1e60 [ 461.411762][T11258] kasan_report+0xe0/0x110 [ 461.411775][T11258] ? sys_imageblit+0x1a6f/0x1e60 [ 461.411795][T11258] sys_imageblit+0x1a6f/0x1e60 [ 461.411814][T11258] ? __pfx_sys_imageblit+0x10/0x10 [ 461.411831][T11258] ? do_raw_spin_lock+0x12c/0x2b0 [ 461.411853][T11258] ? find_held_lock+0x2b/0x80 [ 461.411868][T11258] ? queue_work_on+0x12a/0x1f0 [ 461.411890][T11258] ? lockdep_hardirqs_on+0x7c/0x110 [ 461.411910][T11258] ? queue_work_on+0x8b/0x1f0 [ 461.411932][T11258] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 461.411953][T11258] bit_putcs+0x90f/0xde0 [ 461.411979][T11258] ? __pfx_bit_putcs+0x10/0x10 [ 461.412000][T11258] ? find_held_lock+0x2b/0x80 [ 461.412014][T11258] ? fb_get_color_depth+0x120/0x250 [ 461.412034][T11258] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 461.412057][T11258] ? __pfx_bit_putcs+0x10/0x10 [ 461.412078][T11258] fbcon_putcs+0x383/0x4a0 [ 461.412098][T11258] ? __pfx_fbcon_putcs+0x10/0x10 [ 461.412117][T11258] do_con_write+0xff0/0x8280 [ 461.412139][T11258] ? io_schedule_timeout+0xc1/0x150 [ 461.412163][T11258] ? __pfx_do_con_write+0x10/0x10 [ 461.412185][T11258] ? lockdep_hardirqs_on+0x7c/0x110 [ 461.412208][T11258] con_write+0x23/0xb0 [ 461.412229][T11258] n_tty_write+0x40f/0x1160 [ 461.412248][T11258] ? __pfx_n_tty_write+0x10/0x10 [ 461.412264][T11258] ? __pfx_woken_wake_function+0x10/0x10 [ 461.412287][T11258] ? __pfx___might_resched+0x10/0x10 [ 461.412302][T11258] ? __pfx_n_tty_write+0x10/0x10 [ 461.412318][T11258] file_tty_write.constprop.0+0x504/0x9b0 [ 461.412345][T11258] redirected_tty_write+0xd4/0x150 [ 461.412367][T11258] vfs_write+0x6c4/0x1150 [ 461.412387][T11258] ? __pfx_redirected_tty_write+0x10/0x10 [ 461.412410][T11258] ? __pfx_vfs_write+0x10/0x10 [ 461.412428][T11258] ? find_held_lock+0x2b/0x80 [ 461.412446][T11258] ksys_write+0x12a/0x250 [ 461.412465][T11258] ? __pfx_ksys_write+0x10/0x10 [ 461.412487][T11258] do_syscall_64+0xcd/0x490 [ 461.412509][T11258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.412523][T11258] RIP: 0033:0x7fdfa4f8e929 [ 461.412542][T11258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 461.412556][T11258] RSP: 002b:00007fdfa5df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 461.412570][T11258] RAX: ffffffffffffffda RBX: 00007fdfa51b5fa0 RCX: 00007fdfa4f8e929 [ 461.412579][T11258] RDX: 0000000004000cfc RSI: 0000000000000000 RDI: 0000000000000003 [ 461.412588][T11258] RBP: 00007fdfa5010b39 R08: 0000000000000000 R09: 0000000000000000 [ 461.412596][T11258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 461.412605][T11258] R13: 0000000000000000 R14: 00007fdfa51b5fa0 R15: 00007ffe17bee858 [ 461.412618][T11258] [ 461.412622][T11258] [ 461.412629][T11258] The buggy address belongs to the virtual mapping at [ 461.412629][T11258] [ffffc90003559000, ffffc9000385a000) created by: [ 461.412629][T11258] drm_gem_shmem_vmap_locked+0x4bc/0x720 [ 461.412650][T11258] [ 461.412654][T11258] Memory state around the buggy address: [ 461.412662][T11258] ffffc90003858f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 461.412672][T11258] ffffc90003858f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 461.412681][T11258] >ffffc90003859000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 461.412688][T11258] ^ [ 461.412695][T11258] ffffc90003859080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 461.412705][T11258] ffffc90003859100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 461.412712][T11258] ================================================================== [ 461.412786][T11258] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 461.412801][T11258] CPU: 1 UID: 0 PID: 11258 Comm: syz.3.926 Not tainted 6.16.0-rc3-syzkaller-00042-g78f4e737a53e #0 PREEMPT(full) [ 461.412829][T11258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 461.412837][T11258] Call Trace: [ 461.412841][T11258] [ 461.412847][T11258] dump_stack_lvl+0x3d/0x1f0 [ 461.412868][T11258] panic+0x71c/0x800 [ 461.412888][T11258] ? __pfx_panic+0x10/0x10 [ 461.412907][T11258] ? irqentry_exit+0x3b/0x90 [ 461.412927][T11258] ? lockdep_hardirqs_on+0x7c/0x110 [ 461.412947][T11258] ? preempt_schedule_thunk+0x16/0x30 [ 461.412965][T11258] ? sys_imageblit+0x1a6f/0x1e60 [ 461.412981][T11258] ? preempt_schedule_common+0x44/0xc0 [ 461.413002][T11258] ? sys_imageblit+0x1a6f/0x1e60 [ 461.413018][T11258] check_panic_on_warn+0xab/0xb0 [ 461.413038][T11258] end_report+0x107/0x170 [ 461.413062][T11258] kasan_report+0xee/0x110 [ 461.413074][T11258] ? sys_imageblit+0x1a6f/0x1e60 [ 461.413092][T11258] sys_imageblit+0x1a6f/0x1e60 [ 461.413111][T11258] ? __pfx_sys_imageblit+0x10/0x10 [ 461.413128][T11258] ? do_raw_spin_lock+0x12c/0x2b0 [ 461.413150][T11258] ? find_held_lock+0x2b/0x80 [ 461.413165][T11258] ? queue_work_on+0x12a/0x1f0 [ 461.413185][T11258] ? lockdep_hardirqs_on+0x7c/0x110 [ 461.413206][T11258] ? queue_work_on+0x8b/0x1f0 [ 461.413227][T11258] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 461.413246][T11258] bit_putcs+0x90f/0xde0 [ 461.413272][T11258] ? __pfx_bit_putcs+0x10/0x10 [ 461.413293][T11258] ? find_held_lock+0x2b/0x80 [ 461.413308][T11258] ? fb_get_color_depth+0x120/0x250 [ 461.413328][T11258] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 461.413350][T11258] ? __pfx_bit_putcs+0x10/0x10 [ 461.413371][T11258] fbcon_putcs+0x383/0x4a0 [ 461.413391][T11258] ? __pfx_fbcon_putcs+0x10/0x10 [ 461.413410][T11258] do_con_write+0xff0/0x8280 [ 461.413432][T11258] ? io_schedule_timeout+0xc1/0x150 [ 461.413456][T11258] ? __pfx_do_con_write+0x10/0x10 [ 461.413477][T11258] ? lockdep_hardirqs_on+0x7c/0x110 [ 461.413501][T11258] con_write+0x23/0xb0 [ 461.413572][T11258] n_tty_write+0x40f/0x1160 [ 461.413594][T11258] ? __pfx_n_tty_write+0x10/0x10 [ 461.413609][T11258] ? __pfx_woken_wake_function+0x10/0x10 [ 461.413633][T11258] ? __pfx___might_resched+0x10/0x10 [ 461.413648][T11258] ? __pfx_n_tty_write+0x10/0x10 [ 461.413663][T11258] file_tty_write.constprop.0+0x504/0x9b0 [ 461.413688][T11258] redirected_tty_write+0xd4/0x150 [ 461.413710][T11258] vfs_write+0x6c4/0x1150 [ 461.413730][T11258] ? __pfx_redirected_tty_write+0x10/0x10 [ 461.413753][T11258] ? __pfx_vfs_write+0x10/0x10 [ 461.413772][T11258] ? find_held_lock+0x2b/0x80 [ 461.413790][T11258] ksys_write+0x12a/0x250 [ 461.413810][T11258] ? __pfx_ksys_write+0x10/0x10 [ 461.413832][T11258] do_syscall_64+0xcd/0x490 [ 461.413854][T11258] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.413868][T11258] RIP: 0033:0x7fdfa4f8e929 [ 461.413879][T11258] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 461.413892][T11258] RSP: 002b:00007fdfa5df5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 461.413906][T11258] RAX: ffffffffffffffda RBX: 00007fdfa51b5fa0 RCX: 00007fdfa4f8e929 [ 461.413915][T11258] RDX: 0000000004000cfc RSI: 0000000000000000 RDI: 0000000000000003 [ 461.413924][T11258] RBP: 00007fdfa5010b39 R08: 0000000000000000 R09: 0000000000000000 [ 461.413933][T11258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 461.413941][T11258] R13: 0000000000000000 R14: 00007fdfa51b5fa0 R15: 00007ffe17bee858 [ 461.413954][T11258] [ 461.414196][T11258] Kernel Offset: disabled