last executing test programs: 3m23.396044482s ago: executing program 0 (id=330): mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x7, 0x9, 0x2, 0x4000]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) socket(0xa, 0x2, 0x3a) read$auto(r0, 0x0, 0x2000000000007) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000000)=""/65, 0x41) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x2, 0x3, 0x1) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffffa474, &(0x7f00000002c0)={0x0, 0xc4}, 0x9, 0x0, 0x0, 0xa}, 0x9}, 0x2, 0x800) prctl$auto_PR_GET_TSC(0x19, 0xa, 0x0, 0x0, 0xd) 3m21.589749547s ago: executing program 0 (id=335): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/graphics/fb0/rotate\x00', 0xb02, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/011/001\x00', 0x40, 0x0) ioctl$auto_USBDEVFS_GET_CAPABILITIES(r0, 0x8004551a, &(0x7f0000000100)=0x7) socket(0x11, 0x3, 0x9) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_SOCK_GET(r2, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000300)={0x14, r3, 0xe77c815741d6438d, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x42010}, 0x8cc) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r1, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x2000c082) write$auto(r4, &(0x7f0000000000)='-\x00', 0xfdef) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0) read$auto(0x3, 0x0, 0x280) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.2/usb13/13-0:1.0/usb13-port2/power/control\x00', 0x212040, 0x0) 3m20.880073402s ago: executing program 0 (id=338): openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/blkio.throttle.read_bps_device\x00', 0x2002, 0x0) mount$auto(0x0, &(0x7f0000000080)='}[,&*}\x00', 0x0, 0x80000, 0x0) write$auto_tty_fops_tty_io(0xffffffffffffffff, 0x0, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x183d02, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(0x0, 0x6) shmctl$auto_SHM_UNLOCK(0x200, 0xc, 0x0) sendmsg$auto_OVS_METER_CMD_SET(r2, 0x0, 0x40) r3 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execveat$auto(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)='./file0\x00') openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci1/rfkill6/power\x00', 0x280400, 0x0) rename$auto(&(0x7f0000000000)='./file0\x00', 0x0) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff) unshare$auto(0x40000080) 3m19.187827613s ago: executing program 0 (id=341): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) sendmsg$auto_OVS_FLOW_CMD_GET(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0], 0x1288}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_macsec(0x0, r0) sendfile$auto(r0, r0, &(0x7f0000000340)=0x7, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x88002, 0x0) pread64$auto(r2, 0x0, 0x594c, 0x9fffffffd) r3 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/tty51\x00', 0x80, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0xf3, 0x4, 0x8000000000000000, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyp6\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) read$auto(r5, 0x0, 0x2) ioctl$auto_TIOCVHANGUP2(r4, 0x5437, 0x0) fdatasync$auto(r2) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0) write$auto(r6, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r3, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 3m17.889270025s ago: executing program 0 (id=345): close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) select$auto(0x3, &(0x7f0000000440)={[0x5, 0x3, 0x1000, 0xdf, 0x8, 0x7, 0x10001, 0x8, 0x438c82bf, 0x4, 0x0, 0x4, 0x788, 0x6, 0x5, 0x8]}, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/vidtv.0/i2c-0/delete_device\x00', 0x1, 0x0) ioperm$auto(0x7, 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/input/input0/capabilities/ff\x00', 0x300, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) socket(0x2, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffffb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x10, 0x2000c, 0x2e1, 0x11, 0xffffffffffffffff, 0x100000001) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x5, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_fd, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 3m16.085359946s ago: executing program 0 (id=349): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000000)=""/192, 0xc0) select$auto(0x5, &(0x7f0000000080)={[0x400020000008, 0xfffffffffffffffc, 0x7, 0x6, 0xc, 0x3, 0x3, 0x1ffe000, 0xcad, 0x2, 0x9, 0xf, 0xa657, 0x202, 0xd3, 0x1]}, 0x0, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x1, 0x0, 0x80000000) socketpair$auto(0x3, 0x5, 0x7, 0x0) write$auto(0xca, 0x0, 0x2d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x5400, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) statmount$auto(&(0x7f0000000000)={0x7e, @raw=0x400, 0x80000024, 0x7fff, 0x4}, 0x0, 0x7feffffff001, 0x4) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0xc805) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x189002, 0x0) io_uring_setup$auto(0xa, 0x0) io_uring_register$auto(0x2, 0x0, 0x0, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/usb/drivers/usbtouchscreen/new_id\x00', 0xbce02, 0x0) 3m0.685366409s ago: executing program 32 (id=349): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000000)=""/192, 0xc0) select$auto(0x5, &(0x7f0000000080)={[0x400020000008, 0xfffffffffffffffc, 0x7, 0x6, 0xc, 0x3, 0x3, 0x1ffe000, 0xcad, 0x2, 0x9, 0xf, 0xa657, 0x202, 0xd3, 0x1]}, 0x0, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x1, 0x0, 0x80000000) socketpair$auto(0x3, 0x5, 0x7, 0x0) write$auto(0xca, 0x0, 0x2d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x5400, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) statmount$auto(&(0x7f0000000000)={0x7e, @raw=0x400, 0x80000024, 0x7fff, 0x4}, 0x0, 0x7feffffff001, 0x4) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0xc805) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x189002, 0x0) io_uring_setup$auto(0xa, 0x0) io_uring_register$auto(0x2, 0x0, 0x0, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/usb/drivers/usbtouchscreen/new_id\x00', 0xbce02, 0x0) 17.41372909s ago: executing program 1 (id=737): r0 = openat$auto_safesetid_uid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000b00), 0x40042, 0x0) write$auto_safesetid_uid_file_fops_securityfs(r0, &(0x7f0000000b40)="33e06908f7cef2ef9652d5e3d0f91cdb9aa7fcd4f56b3ae50e2e7a3fce17ad39061182af048f047adfa552adf5a64941ae9a2564ce32560a", 0x38) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) socket(0x10, 0x4, 0xffffffc0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r2, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(r2, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) r3 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20881, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x10003c, 0x1, 0x1ffde, 0x7, 0x3, 0xfffffffffffffffe, 0x9, 0x3, 0x6, 0x4, 0xb4, 0x9, 0x9, 0x10005, 0x80, 0x4, 0xffefffff, 0x7, 0x2000, 0x203, 0x0, 0x20e9d17d, 0x400300000000000, 0xdb, 0x0, 0x80000000, 0xf04, [0xfffffffffffffffe, 0x0, 0x2, 0xfffffffffffffffd, 0x2, 0xfffffffffffffffe, 0x0, 0x20000000000007, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff5b, 0xc72, 0x0, 0x9, 0x0, 0x66, 0x2, 0x1, 0x0, 0x0, 0x80000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x8c]}, 0x2, 0xd) ioctl$auto_EVIOCGRAB(r3, 0x40044590, &(0x7f0000000000)=0x2) write$auto(r3, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x4, 0x15) madvise$auto(0xffdffffffffffffc, 0x200006, 0x0) setresuid$auto(0x2, 0x7, 0x8080) socket(0x2b, 0x2, 0x20a) write$auto_tomoyo_operations_securityfs_if(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty51\x00', 0x200300, 0x0) 17.232581378s ago: executing program 4 (id=738): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) pwrite64$auto(0xc8, &(0x7f0000000000)='\xfc\xff\xff\xff\xff\xff\xff\xffRN8\x99\x88\xf5s\x1cJ\x99\x00:c\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\xae\x18\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2\xdac$w\x883\xac\xcd\x96\xc2\x93\x0e\x12/v0\x90\x915?', 0x4c, 0x9) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f00000001c0)="2c380a70ac791ee7af33b5df209b8e5935732802de7ee57fbba413c1e505ea8e23cb370d02e2e811537be5676cd1f432551b18fb6da6e0db758c86e652812057f45fda5d18de0e356ecff0fa2f7bedcaefaecef248daf8029e89a5aa09ca906251bd36163a3bfedb5e17c698fdb7cbdac32a049f29214e91be7bda0b00071ff0637700e9a7482c0e2dbefb17263bc8ca897287bb999ad06a30325ab8b0ae75c84ec7495942c028226cbf3b0b1a01e20c9cea1910a6848c9bcdc092b9a687b26b8063f91e15e462b9e0f3abd8d7bcdcb2632be2ee6ae0f88abac538cb") landlock_create_ruleset$auto(&(0x7f0000000000)={0x9, 0x402, 0x101}, 0x6, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000000)) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000100)="15") getpid() r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r3 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r3, &(0x7f0000000680)={0x0, 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000000)={r2, 0x40}, 0x2, 0x0, 0x0, 0x8) modify_ldt$auto(0x1, 0x0, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) io_uring_register$auto_IORING_REGISTER_FILES_UPDATE2(r4, 0xe, &(0x7f0000000340)="a8bfb76df65d2a4d5c6aee3aac7a134db2fb9f1c0e5730cba6d3a57050b020c2b05b25d4bb1cf8d2e66dcabc5c1878dfb4407ad13783e91caab4582691c74fa3834ae16ec5682993dafbbac7dff695a47fadb92124c44885a42095844c52a2b97ee406e99d6d194fa87dd5163e53ee8545e9d363436c1755a69fdeebb44b2f31b8b71cb2e14d05037b43d217548c28f5ac7c501efe5fe5f7771b5fee0b834a685df5a1c1da2d3855ae746725e78e63fa92af38d1d905112ff0366c8e78b860cf27d74e5e01882f3f48543446c5cd88f07104d03af1d9ab", 0x7fff) pread64$auto(0xffffffffffffffff, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{W\xed>\xe7l\xcb\x90\\/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x400) inotify_rm_watch$auto(r3, 0x8001) mbind$auto(0xf000, 0x8000000000000001, 0x100000000, 0x0, 0x6, 0x2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x2, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x6, 0x7, 0x5, 0xd, 0x2, 0x6]}, 0x0) write$auto(0x3, 0x0, 0xffd8) 16.259558028s ago: executing program 4 (id=740): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x15, 0x5, 0x0) socket(0x2, 0x1, 0x106) semctl$auto_GETPID(0x0, 0x4, 0xb, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) clock_getres$auto(0x10, &(0x7f0000000080)={0x5, 0x200}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r0, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) write$auto(0x3, 0x0, 0x80000003) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000013c0)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYBLOB, @ANYRES32], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000200), 0x400, 0x0) r3 = getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) ioctl$auto_VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000100)=0x9) preadv2$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x6}, 0x6, 0x7fff, 0xd01f, 0x4) 16.12144361s ago: executing program 1 (id=741): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) socket(0x8, 0x1, 0x6) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/kexec_loaded\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002100)=""/4110, 0x100e) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x101c82, 0x0) write$auto(r1, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) io_uring_setup$auto(0x1, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r4) sendmsg$auto_TIPC_NL_NET_SET(r4, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000380)={0x20, r5, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @uid}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40010}, 0x4002) write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r6 = ioctl$auto_SIOCGIFHWADDR2(r2, 0x8927, &(0x7f0000000340)="8c51b39b85323efe29004d199aa249c4903575459c39fff4e5335988eaf426ae9700b085d011f3823379f5e1adc179bcb7042be1f87fe6d78d6fbc347baa6addd9680bc9d26d0d538f609a62b8d9bbd6d40445b922bdb44ed8ab81d078a8a2f8d974a4057b824fe11563ab6326ee6d27d23708b8d15f0dd07acb5d3a9a62a5f8b21a974e3b360587b1cae4741cbd9271e485cb8116a5816648fa3407f2f7f48e11887554b19b300f3022fcc0682661cfc7a8833d3076") ioctl$auto(0x3, 0x400454ca, r6) select$auto(0x9, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x7, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x8000000000000001, 0x7, 0x100000000000007, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto_lockdown_ops_lockdown(0xffffffffffffffff, &(0x7f0000000080)="a3c72e71ed506a221381f0538fef", 0xe) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/config/nullb/features\x00', 0x80280, 0x0) close_range$auto(0x2, 0x8000, 0x0) 15.813160186s ago: executing program 2 (id=743): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) ioctl$auto(0x3, 0xc038563c, 0x38) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x6, 0x2, 0x80000000) sendmmsg$auto(0x3, 0x0, 0x2000004, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) set_mempolicy$auto(0x4006, &(0x7f0000000000)=0xa, 0x7) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) io_uring_setup$auto(0xfff, 0x0) kexec_load$auto(0x5, 0x2, &(0x7f0000000040)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x4) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x2002, 0x6, 0x7, 0x4, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c4b, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xfd, 0x1, 0x52, 0x5, 0x1, 0x40, 0x2, 0x8, 0x100000000}}) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000002480)='/dev/midi2\x00', 0x2841, 0x0) writev$auto(0x4, &(0x7f0000000080)={&(0x7f0000000040), 0x8}, 0x5) ioctl$auto(r1, 0x5, r1) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), r0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x801}, 0x0) ioctl$auto(r1, 0x4004af07, 0xffffffffffffffff) 6.877007781s ago: executing program 4 (id=744): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x184) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) syz_clone3(&(0x7f0000000440)={0x20900, &(0x7f00000000c0), &(0x7f00000001c0), &(0x7f0000000200), {0x1e}, &(0x7f0000000280), 0x0, &(0x7f0000000340)=""/175, 0x0}, 0x58) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) ioctl$auto_SNDCTL_DSP_MAPOUTBUF(0xffffffffffffffff, 0x80105014, &(0x7f0000000240)="56d2a31415a192ee779dea7567d602a61d6d6ba276224c1928c76b3f00034e5ab9dcd4fbab40111ab2132faaf5b8e3c45f83417d5e5e9e6e74719fa7489e27afa7c8f9a503682fab9c41eedb14c5ec7b0edf2f195684f1f4ed79486f75ecb4a478fda881360669f86d57590ddee1a20900a160f2d3b6aaa1fb76c52efca466215b95222b5ab57e6b2ac6deddc5558b4162dbd6bb3f6be2ea2e0642d71d9f26e245779672") rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) rseq$auto(0x0, 0x2000aa7, 0x3, 0x2020401) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) 6.860278304s ago: executing program 1 (id=745): socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x9ae, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) set_mempolicy$auto(0x8, 0x0, 0x3) openat$auto_dfs_cpu_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/x86/topo/cpus/0\x00', 0x800, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) adjtimex$auto(&(0x7f0000000300)={0x3, 0x0, 0x7fffffff, 0x55d, 0x12, 0xf2, 0x9, 0x0, 0x5, 0x0, 0xfffffffffffffffb, {0x9, 0xa7}, 0x9, 0x7, 0x1, 0x8, 0x0, 0x8, 0xce34, 0x6, 0x3, 0xfff, 0x3}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/conf/default/proxy_arp\x00', 0x282, 0x0) sendfile$auto(r2, r1, 0x0, 0x48) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x1000000) recvmmsg$auto(0x3, 0x0, 0x3, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x40006, 0xe2, 0x20009b72, 0x7, 0x28000) socket(0x18, 0xa, 0x1) 6.828824348s ago: executing program 2 (id=746): r0 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bluetooth/hci5/force_devcoredump\x00', 0x0, 0x0) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000140)={{0x0, 0x2, 0x200800, 0x1, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e1ca6300ea"}) ioctl$auto_SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_PAUSE(r1, 0x54a3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x13, r0, 0x8000) get_mempolicy$auto(0x0, 0x0, 0x400, 0x0, 0x0) ioperm$auto(0x7, 0x6, 0x2) mmap$auto(0x0, 0x400008, 0xdd, 0x38, 0x1, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) rseq$auto(0x0, 0xfffffff5, 0x0, 0x5) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000500)='/dev/bus/usb/023/001\x00', 0x201, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyx3\x00', 0x42880, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r2, 0x0, 0x1ff) write$auto(0x3, 0x0, 0x7) add_key$auto(0x0, 0x0, 0x0, 0x6, 0x100) mmap$auto(0x0, 0x88b, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) semctl$auto(0x7, 0x2, 0x13, 0x5) r3 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC0D0p\x00', 0x40, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE_OLD(r3, 0xc1004110, 0x0) syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000240), 0xffffffffffffffff) 6.417048464s ago: executing program 2 (id=748): openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0xc0802, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001240)={0x1c, r5, 0xb01, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_PEER_MEASUREMENTS={0x8, 0x117, 0x0, 0x1, [@NL80211_PMSR_ATTR_PEERS={0x4}]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000084) close_range$auto(0x2, 0x8, 0x0) r6 = socket(0x2b, 0x1, 0x0) ioctl$auto_TCSBRK2(r3, 0x5409, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) sendmmsg$auto(r6, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x800009}, 0x7, 0x20000000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) socket(0x2, 0x5, 0x0) 5.395018744s ago: executing program 1 (id=749): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0) preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e) write$auto_tty_fops_tty_io(r0, &(0x7f0000000200)="352c8efa610c0bcf83a4ebdb040000000000000021cb244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296ebe6f598901d632a206d9bb056d8c8d9a5b4cf165c931477ba53f3a80c522fc11555ea", 0x51) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x5, 0x0, 0x102) getpid() r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_SCAN(r3, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={&(0x7f0000000140)={0x14, r4, 0xd3ac6c422733a379, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) ioprio_get$auto_IOPRIO_WHO_PGRP(0x2, 0x0) 5.39337148s ago: executing program 3 (id=750): pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYBLOB], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x880) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = socket(0x2, 0x801, 0x106) setsockopt$auto(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x4) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) readv$auto(0xffffffffffffffff, 0x0, 0x8) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe4643, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/reboot/mode\x00', 0x501, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000200)="34ae", 0x2) r5 = openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000100), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000140), r1) sendmsg$auto_NFC_CMD_VENDOR(r6, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) ioctl$auto_LOOP_CTL_ADD(r5, 0x4c80, 0xfffffffffffffffd) 5.343519085s ago: executing program 4 (id=751): ioctl$auto(0xc8, 0x400454d0, 0xffffffffffffffff) r0 = socket(0x2000000000000021, 0x2, 0x10000000000002) r1 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000080), r0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x134, r1, 0x20, 0x70bd2a, 0x25dfdbfb, {}, [@THERMAL_GENL_ATTR_CPU_CAPABILITY_PERFORMANCE={0x8, 0x16, 0x42ab}, @THERMAL_GENL_ATTR_TZ_TEMP={0x8}, @THERMAL_GENL_ATTR_TZ_GOV={0x106, 0xc, 0x0, 0x1, [@generic="4ba42c029618894000d64e155490c0514283c825e6c4e3afe32e7fe7599b37a9959048357de3162cb07f53787cc2aff2fa430cd307cfef724ec27dc66cd6d273beb3fa718274e305679894f951aa87f5e5f7a4ac3778ebd0938ec104fce644f029a711afb13e80a298f752e0132560b607e00fb10b6121c1e26d7b", @generic="1e03b807563310d414a805b06ca9aa81ebf1e3d8e8f102bd6fbaadd3f7f76c38e81d2bdf4fe2a8cbec29200edd9d8bdf433001a6982412f4e40c552ee75b64c85b71c844ca8e676cca15f5352088d8c32083da3fab79e115bf8de512506fe0fe92ac59cf81ea9bbcb933980f1d07523da923398a0c0f1cdb72f7d007d2135d", @typed={0x8, 0xe1, 0x0, 0x0, @ipv4=@broadcast}]}, @THERMAL_GENL_ATTR_TZ_TRIP_TEMP={0x8, 0x7, 0x8}]}, 0x134}, 0x1, 0x0, 0x0, 0x4}, 0x20040000) mmap$auto(0x0, 0x400404, 0xe3, 0x9b72, 0x2, 0x0) r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto(r2, 0x0, 0x80000000006) signalfd$auto(r2, 0x0, 0x8) read$auto(0x3, 0x0, 0x7) madvise$auto(0x0, 0x200008, 0x19) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x20b42, 0x0) write$auto(r3, 0x0, 0x40000001) ioctl$auto_SNDCTL_DSP_GETOSPACE(r3, 0x8010500c, &(0x7f0000000040)) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_udc.2/driver_override\x00', 0x48801, 0x0) write$auto(r4, 0x0, 0x1) 4.481729969s ago: executing program 3 (id=752): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/apparmor/parameters/path_max\x00', 0x80000, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0) sigaltstack$auto(0x0, &(0x7f00000003c0)={&(0x7f0000000180)="69cc8d0de6b41511259c289f8eba5cd9efe7b46018e5bfce1b542499858929869392667f4a67831f37b948cef0c793b831f0", 0x9, 0x8}) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x5}, 0x8) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs\x00\x00', 0x200, &(0x7f00000001c0)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x1a, 0x1, 0x5) socket(0x2, 0x1, 0x0) r1 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(r1, &(0x7f00000001c0)=@in={0x2, 0x3}, 0x55) setsockopt$auto(r1, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) syz_genetlink_get_family_id$auto_nfc(0x0, r1) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), r1) close_range$auto(0x2, 0x8, 0x0) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 4.250285754s ago: executing program 4 (id=753): socket(0x11, 0x80003, 0x300) openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x20800, 0x0) unshare$auto(0x40000080) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x20c8c2, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x9, 0x24de, 0x16, 0x401, 0xd5be) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x2381, 0x0) ioctl$auto(0x3, 0xc0585605, 0x38) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) shmctl$auto(0x0, 0xd, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0) 3.834773805s ago: executing program 2 (id=754): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000000)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x23}}, 0x54) write$auto(0x3, 0x0, 0xfffffdef) syz_genetlink_get_family_id$auto_ovs_vport(0x0, r0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) socket(0x1d, 0x2, 0x2) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = creat$auto(&(0x7f0000000040)='./file0\x00', 0x200) write$auto_proc_coredump_filter_operations_base(r1, &(0x7f00000000c0)="840f0db4", 0x4) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) io_uring_setup$auto(0x6, 0x0) r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) move_pages$auto(r2, 0x1002, 0x0, 0x0, 0x0, 0x0) r3 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x541c, r3) ioctl$auto_XFS_IOC_READLINK_BY_HANDLE(0xffffffffffffffff, 0xc038586c, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sg0\x00', 0x82802, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_PHY_GET(r4, &(0x7f0000003200)={0x0, 0x0, &(0x7f00000031c0)={&(0x7f0000003580)={0x20, r5, 0x301, 0x70bd26, 0x25dfdbff, {}, [@ETHTOOL_A_PHY_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0xc050}, 0x80) 3.259792966s ago: executing program 1 (id=755): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) socket(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.4/usb5/power/level\x00', 0x129882, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec29\x00', 0x900, 0x0) sysfs$auto(0x2, 0x23, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) 3.235939521s ago: executing program 3 (id=756): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x20038045) bpf$auto_BPF_TASK_FD_QUERY(0x14, &(0x7f0000001400)=@bpf_attr_3={0x9, 0x3980, 0x9, 0xfffffffffffffffc, 0x9a2d, 0xba0, 0x5, 0x7, 0xffffffff, "931bcb8d96de85c087a1d2590dc12815", 0x0, 0xdf7f, 0xffffffffffffffff, 0xf8, 0x10001, 0xd9, 0x198f, 0x1, 0x486f, 0x6, @attach_btf_obj_fd, 0x0, 0x238ce248, 0xab9, 0x2, 0xfffffff8}, 0x204) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(r0, 0x8, 0x0) open(0x0, 0x6242, 0x0) clone3$auto(0x0, 0x7) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = getpgrp(0xffffffffffffffff) getpriority$auto_PRIO_PROCESS(0x0, r4) ptrace$auto(0x10, r3, 0x4, 0x7ff) ptrace$auto(0xf, r3, 0x1, 0x4053) syslog$auto(0x3, 0x0, 0xda) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r5, 0x1, 0x7ff) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x4, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2) sendmsg$auto_NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, 0x0, 0x51) openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bluetooth/hci7/hci7:201\x00', 0x80800, 0x0) mlockall$auto(0x7) close_range$auto(r1, 0x8, 0x0) 2.779629467s ago: executing program 2 (id=757): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0x1d, 0x3000, 0x6, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x9, 0x8c48, 0x29b, 0x3, 0x7f, 0x0, 0x6}, {0x100, 0x1, 0x52, 0x85, 0x4, 0x1a7b870a, 0x76c5, 0x8, 0x100000000}}) r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) ioctl$auto_tracing_buffers_fops_trace(r2, 0x5220, 0x0) poll$auto(&(0x7f0000000040)={r1, 0x1, 0x40}, 0x8, 0x8000) socket(0xa, 0x1, 0x100) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_OTPSELECT(0xffffffffffffffff, 0x80044d0d, &(0x7f00000000c0)=0x10009) socket(0x2, 0x1, 0x0) shutdown$auto(0x200000003, 0x2) read$auto(0xffffffffffffffff, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy15/netdev:wlan1/stations/08:02:11:00:00:00/driver_buffered_tids\x00', 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@nl=@kern={0x10, 0x0, 0x0, 0x4000}, 0x6) mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa0c82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) socketpair$auto(0x1e, 0x5, 0x6, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000001bc0)='/dev/sequencer2\x00', 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.106332832s ago: executing program 3 (id=758): socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) mmap$auto(0x3ff, 0x3, 0xffffffff, 0x100000eb1, 0x40000000000a1, 0x4000008000) r0 = socket(0x11, 0x80003, 0x300) sendfile$auto(0x1, r0, 0x0, 0x8fb5) fcntl$auto(0x0, 0x408, 0x100000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) 1.605012671s ago: executing program 2 (id=759): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948f, 0x803, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r2, 0x80045010, &(0x7f0000004440)) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0)=0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r3, 0x8000) r4 = open_by_handle_at$auto(r1, &(0x7f00000002c0)={0x1a, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b"}, 0x7d) setsockopt$auto(r4, 0x1, 0x1021, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) geteuid() sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, &(0x7f0000001ac0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001a80)={&(0x7f0000000500)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4040840}, 0x200000c0) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r5 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000001b00)=ANY=[@ANYBLOB="20010000", @ANYRES16=r6, @ANYBLOB="010025bd7000fedbdf257e000000000066004e21000000002680000002000400000000000200000000000000010009000000000001000400000000000200070000000000980006000000000014010f000000000007001f5198dea666bad033b7aea5d7529adf1ae5607ef3d022c60a57cd1649952c00000080004dec6ee46088e64587adba9ba7537f79f056fbd60490f11a3498560bfa783badf6fa39e3aa9815705e629beb9573271a53f5c4ee3859bf0313d7dad665a019c4e908768bb5b896533bbd3b39e4768150289646864a302e8ded90a5b83ada85575e6657023fb727d3723ff97af53540e2fbc15e85a0c6a5644432b997ba3bdc423b0be181bf0d501cf098551e7b2ce99ac721bf9145ebc91fe7c9230b30f9b88ac5b2c404ddfac531ea9fcaf6d514daf8c13a9f382059488c3280a13754303b49d3eddff53520086a38cbb1075e09f556c208c26f727717e52ad91b929b37df820ffca5a077087bc540d3c30fa84b5986b17605e72c7af63bd4264355ec1e043e6ae397fd5b925bc6ee277f7e42b305fbe861e8e9974efb062206bd7fef4b13f19f926c090b1367e4599ea549d1e97c1c2b214d06c5de3e7dc0bae99b9030f72ae011f303fa7ea798a612fd252f9e9c238f07ccc755d8c4aff22798a08e567e0b8f3975fc1b30522f1b82ed37fecc8927a2f8265cb2423f4272359a5b097f54bdb65f51f0911ca880641493cce6f3f00edfefe3d7f007bc5c57214dde959740b9e0a70b28d191e10eb5c3eccfdf045407c80e026f4e9fe766eca822b77df002210db69f60480ae2e21fced2bf22dde077e0ccbe2e05f58ba0db3d9f6469382574a23009202a928c2e7a67623eeeb3976036936871d6056bca11541ed5d795853e233149c9ea3e3d478b5e35cf5e551002a79ac8a33d81b60fde70ccbf125c4b4243160db218068b7a2db851b3dfad23f584b6db1b9ec1428635f27d4bb08cb9b0d4d9c725595fbd59622038dc6cb2f70282ae273c9927dfc884b8e99578c897e90ffeec2c4f3b1e4c5cadc23ff40dd06e618b0f798c0d4a87c7728de7b03a7a8021dcdbd1f4c8b29ea50d2130cf3099a8b37a4d894a5020bc583feaf86c00b8d917567b988f875af819935a325517e76850262d5558ff1fcf9f5b7b26a9645bb26d20104227757359a6e52317edbdd2fde26c3b3f26ee6e2714d9668cfafe1f1c83c24d7e3b55127b38315b1b9053d3ed9561c14e0cf3b173f89e739337a63e5d13fb97466b9b36556adb4af4e9b18d4778c369692333cb70c72d968aff999fe3f08690fdc345eceedb90782bc907b20d4a06867f2930ebb553494aeceabf2f33f1295753241986835af90226970a126a27d9c1f3a04f9b917fa57524fb70f161e619ab83cff4edceef04362c497dc4804af7e7837a4b4241521a2cb28a08fe7001ce941a8cf3f2a4266dbc5fd02c56a5a16fe2a0af334673588ea9b161c65b7ab9a67e4808f1e8c6cf55641a97082348e1e31ed07154364d1fb134e988d32277a2c5224985ab2e3b518c927af3338cfeab947dc38466b8e58f40402d97417a895d335dcd5ccf6ed33ba8a54c80ea0cfe0c66993e86f8b2699d860ff1b2d00db394a18a92e0ed026737e46d52978bae076c156be5e6530222fe8c93c8e4ecd29bfd1823b2730515eb3e99ecb867e0117fafafb495f34fe5c82c7af4e163ef7c543d5327b011b65e661db58838a0821f66c65a9b2d598fe497d778ced9bb1c48369c70a3ab32dd9626f0b575d47a0b7398fcaebce8048504cc3ebcc4498894bf079758aa008906c570f9a4ce0c5faefd8326dde933dccf7a2896a3b86ceb8add2b7f69943b006c8ca893916b156458c9dd28e1e21770e7ba6d7fb8ebdde22ff23346cd0f6d0c90a093fae2f128f759418402b13fae56d033f6adde7442b46db3aedb8665718b37055df3b0710f5e31ea2e04abbca71d7c8cc71325a1124d38c4245587ff29c5e0f1cbfdf7b865099a395dd9c2f7e29200bda2c2b20b17b7f33e1c277c57925b59aca80821a48085b7eab507385849a0e22c2ac4a526e7b786fd9442fd2df0eb05cb1df98795853536dc12b6fea234a4c32a57059049c0dedee032615da106c88fe54e73226cb88b4863c1f905dac6dffd4e5e53873f746e19ee631e8cab802ef174df5cb6e88e513aa10a0e1dd7d43075bc19b94491b9cb8fe1efac7d300e4c6253d42198c94f76fef50405405c348b9bfe0c4e09b6668655baaff6d464b20c5db5aa72b6e5345aa6af3c2b2e508ab94ed2f3ae27947c30f6c9435396cccca249745963693d456f0b13551ebd2714a5d2aa5eec9d61d2d6b9aba3d482f4c49906435b1d783f381a7180a5077358717dfc2e117d31e141382b11db23fb0c7d8ec13b0e2e542cfe4b44f2e9b0a440dcf9143f3be9494f3bc2004047e86405b4190fb667d269f2a7d1c48509fbdc3bb3e99d6f68a309ffff000006007347b9c70c7a48913b05957bbb9826fc681df1b98ace4a88eebe405b8400e41aa87a86c1aca27323448d0dfed2b28ecfa7d65c7264311080712e8fa3874f7ee38b02120b885602b84d954479702f51ac45a331dfe2ef76c45014c84415189885b9c9613c2acb7a41c6ace876ee5af4fc50407fc3361a128a2e59e60f11b47277c9a5f3cbe0424d3886a3a3a0f40c5ef46d2b331ca3d83f2f444bc6998d06926c6a1cb162ef14fb7ab2ee731fdc7f0fc553a3c07226a2160d350ed7f30000360103e17d2b53cce133a6674f5b8600a49a8403c6bdfd3e0c464ed8a2fe254a5939fb09cb1dc350c9230c189febda65557207893e11deb595e622008d945c914692afa24b99bf04b003881b9fc35a628e8a1f7dd36490920c7ce2dbffcf61124f39b5329db3d8f56f48af0b3b31b588771b14d045e0ea69404cf54596db22abd3d35b4f3d484faa4ac1eca1bbbe82ed861aee4715f465c010e98899929b521dea88b03c97f8d005000000987004d3b262d91b7e4b6d005ebb201517953c89225c186080b4836ccb358d624f4b134a11c7ec39e49d80d2c40312c250508a0e8c0969f1fe6830e50c3f2623b31882a5409300737b3fe096e8da90fa050194db696c605c6f82e18f9fc334aa232483df49ed13478a9b"], 0x120}, 0x1, 0x68, 0x0, 0x24000000}, 0x140) sendmsg$auto_NL80211_CMD_GET_KEY(r3, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRESDEC=r2, @ANYRESOCT=r5], 0x1c}, 0x1, 0x0, 0x0, 0x21}, 0x51) read$auto(r5, 0x0, 0xb4d3) 1.102007675s ago: executing program 4 (id=760): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon7\x00', 0x0, 0x0) clock_settime$auto(0xfffffffe, &(0x7f0000000000)={0x100000004, 0x8}) r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) msync$auto(0x1ffff000, 0xffffffffffffbffb, 0x3) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) socket(0x22, 0x1, 0x100) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) ioctl$auto_SW_SYNC_GET_DEADLINE(r1, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r1}) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/008/001\x00', 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x2001ff, 0x5, 0xa, 0x8fd6, 0x948b, 0x3, 0x7, 0x3, 0x3, 0x62, 0x80002001, 0x7, 0x1, 0x9, 0x3fb, 0xfb7ffdfffffffffe]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) syz_genetlink_get_family_id$auto_psample(0x0, 0xffffffffffffffff) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r3, 0x0, 0x801) mmap$auto(0x7, 0x20009, 0x5, 0xffffffff, 0x405, 0x8000) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r4 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) close_range$auto(r2, r4, 0x10001) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r5, 0x8000) 971.670069ms ago: executing program 1 (id=761): mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_hsr(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x4008804) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x73) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) write$auto(0x3, 0x0, 0x100082) read$auto(0xffffffffffffffff, 0x0, 0x9) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, 0x0) io_uring_setup$auto(0xfa3, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r2, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) keyctl$auto(0x2, 0xffffeffffffffffe, 0x107, 0x803, 0x800000000000c) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WOWLAN(0xffffffffffffffff, 0x0, 0x4004010) socket(0x1e, 0x805, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) r3 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x88c00, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_PAUSE2(r3, 0x40044145, &(0x7f0000000000)=0x3) socket$nl_generic(0x10, 0x3, 0x10) 461.768723ms ago: executing program 3 (id=762): ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x6, 0x50b301a, 0x0, 0x2c, 0x0, 0x2}) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_psample(&(0x7f0000007a40), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2082, 0x0) readv$auto(0x3, &(0x7f0000003080)={0x0, 0x4}, 0x9) sendmsg$auto_PSAMPLE_CMD_GET_GROUP(r0, &(0x7f0000007b00)={0x0, 0x0, &(0x7f0000007ac0)={&(0x7f0000007a80)={0x14, r1, 0x311, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0xf0}, 0x0) open(&(0x7f0000000000)='./bus\x00', 0xa23c2, 0x13e) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd11/queue/iostats_passthrough\x00', 0x2a001, 0x0) write$auto(r2, &(0x7f0000000180)='#\x00T\x8e\xf2\xd3U\x1c\vAZ\x84\xd8\x1ds{\xeaS3{\bC1\xff\xb8mw{\x00\x8d\xa2\x04R\xa47\x00\xaa\xe98\x92E&\x93\xe0%\xd4Xx\x10\xc6S<\xc7\xce\xbc8X\xebm\x15\x95I\xf1C\xc6\xf8\xb9\xc7_\x80\xbe', 0x81) r3 = socket(0x10, 0x2, 0xc) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r4 = bpf$auto(0x6, &(0x7f00000001c0)=@bpf_attr_0={0x7, 0xb5, 0xc, 0x4, 0x53400000, 0xffffffffffffffff, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0x10) r5 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000100), r3) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_GOV(r4, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000140)={0x1c, r5, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@THERMAL_GENL_ATTR_TZ_ID={0x8, 0x2, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24044000}, 0x20000000) r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/023/001\x00', 0xa821, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/irq/3/smp_affinity_list\x00', 0x2000, 0x0) r7 = getpid() process_vm_readv$auto(r7, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xf}, 0x5b, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r6, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="028006000000000085"]) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) sendmsg$auto_CTRL_CMD_GETPOLICY(r3, &(0x7f00000002c0)={0x0, 0xf5, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="14100004", @ANYRES16, @ANYBLOB="f50128bd7000fbdbdf250a00000a"], 0xfdef}, 0x1, 0x0, 0x0, 0x20000000}, 0x2000000) r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x100, 0x2) getdents64$auto(r8, &(0x7f0000000f40)={0x309, 0x7, 0xffff, 0x7}, 0x200c8) 0s ago: executing program 3 (id=763): mmap$auto(0xc, 0x4, 0x4000000000df, 0x40eb1, 0xffffffffffffffff, 0x300000000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x14, r1, 0x1, 0x70bd2d, 0x25dfdbf9, {0x1, 0x0, 0xff0f}}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x8000) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(0xffffffffffffffff, 0x541c, r2) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) clock_nanosleep$auto(0x8000a, 0x0, 0x0, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x0, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0) read$auto_check_wx_fops_(0xffffffffffffffff, &(0x7f0000000140)=""/154, 0x9a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0xf663, 0x15) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) kernel console output (not intermixed with test programs): s extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 155.136593][ T6934] netlink: zone id is out of range [ 155.141726][ T6934] netlink: zone id is out of range [ 155.147328][ T6934] netlink: zone id is out of range [ 155.153640][ T6934] netlink: zone id is out of range [ 155.158768][ T6934] netlink: zone id is out of range [ 155.163857][ T6934] netlink: zone id is out of range [ 155.313238][ T6935] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 155.428952][ T6941] netlink: 8 bytes leftover after parsing attributes in process `syz.3.204'. [ 155.991231][ T6950] netlink: 338 bytes leftover after parsing attributes in process `syz.1.206'. [ 156.057398][ T6955] netlink: 338 bytes leftover after parsing attributes in process `syz.1.206'. [ 157.636639][ T30] audit: type=1804 audit(1757797252.822:3): pid=6980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.210" name="/newroot/60/file0" dev="tmpfs" ino=339 res=1 errno=0 [ 160.060484][ T7005] zswap: compressor not available [ 161.669838][ T7035] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 161.937646][ T7041] netlink: 8 bytes leftover after parsing attributes in process `syz.3.221'. [ 162.175214][ T7036] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 162.786933][ T7051] netlink: 28 bytes leftover after parsing attributes in process `syz.3.225'. [ 162.850923][ T7051] geneve1: entered promiscuous mode [ 162.869156][ T7051] geneve1: entered allmulticast mode [ 162.890059][ T7051] netlink: 28 bytes leftover after parsing attributes in process `syz.3.225'. [ 164.072603][ T7061] vivid-003: ================= START STATUS ================= [ 164.080320][ T7061] vivid-003: Radio HW Seek Mode: Bounded [ 164.086170][ T7061] vivid-003: Radio Programmable HW Seek: false [ 164.092441][ T7061] vivid-003: RDS Rx I/O Mode: Block I/O [ 164.098019][ T7061] vivid-003: Generate RBDS Instead of RDS: false [ 164.104447][ T7061] vivid-003: RDS Reception: true [ 164.109445][ T7061] vivid-003: RDS Program Type: 0 inactive [ 164.115210][ T7061] vivid-003: RDS PS Name: inactive [ 164.120691][ T7061] vivid-003: RDS Radio Text: inactive [ 164.126378][ T7061] vivid-003: RDS Traffic Announcement: false inactive [ 164.133244][ T7061] vivid-003: RDS Traffic Program: false inactive [ 164.139639][ T7061] vivid-003: RDS Music: false inactive [ 164.145149][ T7061] vivid-003: ================== END STATUS ================== [ 164.693156][ T7070] ubi0: attaching mtd0 [ 164.712866][ T7070] ubi0: scanning is finished [ 164.721595][ T7070] ubi0: empty MTD device detected [ 165.126617][ T7070] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 165.134296][ T7070] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 165.141908][ T7070] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 165.155490][ T7070] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 165.163051][ T7070] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 165.169977][ T7070] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 165.178591][ T7070] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1661474006 [ 165.189093][ T7070] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 165.207737][ T7077] ubi0: background thread "ubi_bgt0d" started, PID 7077 [ 165.239568][ T7072] FAULT_INJECTION: forcing a failure. [ 165.239568][ T7072] name failslab, interval 1, probability 0, space 0, times 0 [ 165.263092][ T7072] CPU: 1 UID: 0 PID: 7072 Comm: syz.0.231 Not tainted syzkaller #0 PREEMPT(full) [ 165.263121][ T7072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 165.263131][ T7072] Call Trace: [ 165.263136][ T7072] [ 165.263142][ T7072] dump_stack_lvl+0x16c/0x1f0 [ 165.263169][ T7072] should_fail_ex+0x512/0x640 [ 165.263191][ T7072] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 165.263215][ T7072] should_failslab+0xc2/0x120 [ 165.263233][ T7072] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 165.263249][ T7072] ? __proc_create+0xc3/0x8e0 [ 165.263269][ T7072] ? __proc_create+0x2ce/0x8e0 [ 165.263291][ T7072] __proc_create+0x2ce/0x8e0 [ 165.263312][ T7072] ? __pfx___proc_create+0x10/0x10 [ 165.263339][ T7072] proc_mkdir+0x81/0x170 [ 165.263359][ T7072] ? __pfx_proc_mkdir+0x10/0x10 [ 165.263380][ T7072] ? cache_register_net+0x137/0x5e0 [ 165.263404][ T7072] cache_register_net+0x18f/0x5e0 [ 165.263425][ T7072] nfsd_idmap_init+0x16e/0x250 [ 165.263446][ T7072] ? __pfx_nfsd_net_init+0x10/0x10 [ 165.263461][ T7072] nfsd_net_init+0x69/0x3d0 [ 165.263477][ T7072] ? __pfx_nfsd_net_init+0x10/0x10 [ 165.263493][ T7072] ops_init+0x1e2/0x5f0 [ 165.263517][ T7072] setup_net+0x10f/0x380 [ 165.263528][ T7072] ? lockdep_init_map_type+0x5c/0x280 [ 165.263548][ T7072] ? __pfx_setup_net+0x10/0x10 [ 165.263570][ T7072] ? debug_mutex_init+0x37/0x70 [ 165.263586][ T7072] copy_net_ns+0x2a6/0x5f0 [ 165.263603][ T7072] create_new_namespaces+0x3ea/0xa90 [ 165.263623][ T7072] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 165.263641][ T7072] ksys_unshare+0x45b/0xa40 [ 165.263660][ T7072] ? __pfx_ksys_unshare+0x10/0x10 [ 165.263680][ T7072] ? xfd_validate_state+0x61/0x180 [ 165.263706][ T7072] __x64_sys_unshare+0x31/0x40 [ 165.263724][ T7072] do_syscall_64+0xcd/0x4c0 [ 165.263747][ T7072] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.263761][ T7072] RIP: 0033:0x7fd0f518eba9 [ 165.263774][ T7072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 165.263795][ T7072] RSP: 002b:00007fd0f5fb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 165.263809][ T7072] RAX: ffffffffffffffda RBX: 00007fd0f53d5fa0 RCX: 00007fd0f518eba9 [ 165.263819][ T7072] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 165.263827][ T7072] RBP: 00007fd0f5211e19 R08: 0000000000000000 R09: 0000000000000000 [ 165.263835][ T7072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.263843][ T7072] R13: 00007fd0f53d6038 R14: 00007fd0f53d5fa0 R15: 00007fffaaac5478 [ 165.263863][ T7072] [ 166.471339][ T5864] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 166.471374][ T5864] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 166.487123][ T5864] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 166.487201][ T5864] Bluetooth: hci0: Malformed LE Event: 0x0d [ 166.637478][ T7093] ima: policy update failed [ 166.642632][ T30] audit: type=1802 audit(1757797261.889:4): pid=7093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.236" res=0 errno=0 [ 166.694877][ T5864] Bluetooth: hci1: ISO packet for unknown connection handle 0 [ 166.979445][ T7105] Invalid ELF header magic: != ELF [ 169.788964][ T7157] netlink: 28 bytes leftover after parsing attributes in process `syz.2.248'. [ 169.833892][ T7157] veth0_macvtap: left promiscuous mode [ 169.928827][ T7157] macvtap0: entered promiscuous mode [ 169.934247][ T7157] macvtap0: entered allmulticast mode [ 170.328825][ T7167] netlink: 25 bytes leftover after parsing attributes in process `syz.3.249'. [ 170.800332][ T7173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.253'. [ 171.158133][ T7184] netlink: 28 bytes leftover after parsing attributes in process `syz.2.252'. [ 171.607603][ T7191] net_ratelimit: 1 callbacks suppressed [ 171.607641][ T7191] netlink: zone id is out of range [ 171.618498][ T7191] netlink: zone id is out of range [ 171.623769][ T7191] netlink: zone id is out of range [ 171.628894][ T7191] netlink: zone id is out of range [ 171.634712][ T7191] netlink: zone id is out of range [ 171.640325][ T7191] netlink: zone id is out of range [ 171.646264][ T7191] netlink: zone id is out of range [ 171.651858][ T7191] netlink: zone id is out of range [ 171.658355][ T7191] netlink: zone id is out of range [ 171.664309][ T7191] netlink: zone id is out of range [ 171.912570][ T7194] netlink: 326 bytes leftover after parsing attributes in process `syz.3.257'. [ 172.721782][ T7208] netlink: 266 bytes leftover after parsing attributes in process `syz.3.261'. [ 172.764394][ T7208] IPv6: NLM_F_CREATE should be specified when creating new route [ 173.733679][ T7198] syz.2.258 (7198) used greatest stack depth: 18392 bytes left [ 174.485836][ T7235] binder: 7233:7235 ioctl c018620c 0 returned -22 [ 176.813081][ T5864] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 178.867317][ T5875] Bluetooth: hci1: command tx timeout [ 179.545672][ T7319] FAULT_INJECTION: forcing a failure. [ 179.545672][ T7319] name failslab, interval 1, probability 0, space 0, times 0 [ 179.595219][ T7319] CPU: 1 UID: 0 PID: 7319 Comm: syz.3.286 Not tainted syzkaller #0 PREEMPT(full) [ 179.595254][ T7319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 179.595269][ T7319] Call Trace: [ 179.595278][ T7319] [ 179.595298][ T7319] dump_stack_lvl+0x16c/0x1f0 [ 179.595341][ T7319] should_fail_ex+0x512/0x640 [ 179.595380][ T7319] ? __kmalloc_noprof+0xbf/0x510 [ 179.595413][ T7319] ? devlink_fmsg_put_value+0xaa/0x2d0 [ 179.595451][ T7319] should_failslab+0xc2/0x120 [ 179.595486][ T7319] __kmalloc_noprof+0xd2/0x510 [ 179.595525][ T7319] devlink_fmsg_put_value+0xaa/0x2d0 [ 179.595568][ T7319] devlink_fmsg_u64_pair_put+0x19c/0x2f0 [ 179.595594][ T7319] ? __pfx_devlink_fmsg_u64_pair_put+0x10/0x10 [ 179.595622][ T7319] ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0 [ 179.595668][ T7319] nsim_dev_dummy_fmsg_put+0x61/0x1e0 [ 179.595707][ T7319] devlink_health_do_dump+0x243/0x620 [ 179.595738][ T7319] devlink_health_report+0x3c9/0x9c0 [ 179.595770][ T7319] ? __pfx_devlink_health_report+0x10/0x10 [ 179.595796][ T7319] ? _copy_from_user+0x59/0xd0 [ 179.595828][ T7319] nsim_dev_health_break_write+0x166/0x210 [ 179.595865][ T7319] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 179.595926][ T7319] full_proxy_write+0x131/0x1a0 [ 179.595969][ T7319] ? __pfx_full_proxy_write+0x10/0x10 [ 179.596004][ T7319] vfs_write+0x2a0/0x11d0 [ 179.596038][ T7319] ? __pfx___mutex_lock+0x10/0x10 [ 179.596075][ T7319] ? __pfx_vfs_write+0x10/0x10 [ 179.596115][ T7319] ? __fget_files+0x20e/0x3c0 [ 179.596154][ T7319] ksys_write+0x12a/0x250 [ 179.596183][ T7319] ? __pfx_ksys_write+0x10/0x10 [ 179.596224][ T7319] do_syscall_64+0xcd/0x4c0 [ 179.596263][ T7319] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.596298][ T7319] RIP: 0033:0x7fe39918eba9 [ 179.596319][ T7319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.596343][ T7319] RSP: 002b:00007fe399ffc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 179.596368][ T7319] RAX: ffffffffffffffda RBX: 00007fe3993d5fa0 RCX: 00007fe39918eba9 [ 179.596385][ T7319] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000008 [ 179.596401][ T7319] RBP: 00007fe399211e19 R08: 0000000000000000 R09: 0000000000000000 [ 179.596417][ T7319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.596431][ T7319] R13: 00007fe3993d6038 R14: 00007fe3993d5fa0 R15: 00007ffef7d6f968 [ 179.596468][ T7319] [ 182.176384][ T7365] vivid-007: ================= START STATUS ================= [ 182.193403][ T7365] vivid-007: Generate PTS: true [ 182.199241][ T7365] vivid-007: Generate SCR: true [ 182.204228][ T7365] tpg source WxH: 320x240 (Y'CbCr) [ 182.210938][ T7365] tpg field: 1 [ 182.214407][ T7365] tpg crop: (0,0)/320x240 [ 182.251426][ T7365] tpg compose: (0,0)/320x240 [ 182.261602][ T7365] tpg colorspace: 8 [ 182.295194][ T7365] tpg transfer function: 0/0 [ 182.313742][ T7365] tpg Y'CbCr encoding: 0/0 [ 182.328040][ T7365] tpg quantization: 0/0 [ 182.333410][ T7365] tpg RGB range: 0/2 [ 182.342601][ T7365] vivid-007: ================== END STATUS ================== [ 183.518276][ T7378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffffffffffffffff pfn:0x78001 [ 183.534043][ T7378] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 183.542042][ T7378] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 183.557267][ T7378] raw: ffffffffffffffff 0000000000000000 00000001ffffffff 0000000000000000 [ 183.669611][ T7378] page dumped because: unmovable page [ 183.707042][ T7378] page_owner tracks the page as allocated [ 183.713494][ T7378] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 7072, tgid 7071 (syz.0.231), ts 164749628447, free_ts 163650914138 [ 183.772702][ T7378] post_alloc_hook+0x1c0/0x230 [ 183.935889][ T7378] get_page_from_freelist+0x132b/0x38e0 [ 183.941490][ T7378] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 184.075229][ T7378] alloc_pages_bulk_noprof+0x71c/0x1410 [ 184.136127][ T7378] kasan_populate_vmalloc+0x112/0x2d0 [ 184.141775][ T7378] alloc_vmap_area+0x960/0x29c0 [ 184.150805][ T7378] __get_vm_area_node+0x1ca/0x330 [ 184.156198][ T7378] __vmalloc_node_range_noprof+0x271/0x14b0 [ 184.162164][ T7378] __vmalloc_node_noprof+0xad/0xf0 [ 184.167600][ T7378] __snd_dma_alloc_pages+0x50/0x90 [ 184.173780][ T7378] snd_dma_alloc_dir_pages+0x151/0x240 [ 184.179695][ T7378] do_alloc_pages+0x136/0x2d0 [ 184.184440][ T7378] snd_pcm_lib_malloc_pages+0x3df/0x980 [ 184.192477][ T7378] snd_pcm_hw_params+0x1656/0x1ba0 [ 184.199350][ T7378] snd_pcm_kernel_ioctl+0x147/0x2e0 [ 184.215248][ T7378] snd_pcm_oss_change_params_locked+0x1432/0x3a30 [ 184.228958][ T7378] page last free pid 7056 tgid 7054 stack trace: [ 184.266006][ T7378] __free_frozen_pages+0x7d5/0x10f0 [ 184.320153][ T7378] vfree+0x1fd/0xb50 [ 184.369535][ T7378] snd_dma_free_pages+0x51/0x70 [ 184.379565][ T7378] snd_pcm_lib_free_pages+0x172/0x390 [ 184.405555][ T7378] snd_pcm_release_substream.part.0+0x2a8/0x340 [ 184.464257][ T7378] snd_pcm_release_substream+0x5b/0x70 [ 184.672223][ T7378] snd_pcm_oss_release+0x16f/0x310 [ 184.677436][ T7378] __fput+0x402/0xb70 [ 184.681416][ T7378] task_work_run+0x14d/0x240 [ 184.737367][ T7378] exit_to_user_mode_loop+0xeb/0x110 [ 184.760639][ T7378] do_syscall_64+0x41c/0x4c0 [ 184.776031][ T7378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.069050][ T7438] FAULT_INJECTION: forcing a failure. [ 188.069050][ T7438] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 188.144047][ T7438] CPU: 0 UID: 0 PID: 7438 Comm: syz.0.311 Not tainted syzkaller #0 PREEMPT(full) [ 188.144079][ T7438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 188.144088][ T7438] Call Trace: [ 188.144094][ T7438] [ 188.144100][ T7438] dump_stack_lvl+0x16c/0x1f0 [ 188.144126][ T7438] should_fail_ex+0x512/0x640 [ 188.144159][ T7438] should_fail_alloc_page+0xe7/0x130 [ 188.144181][ T7438] prepare_alloc_pages+0x3c2/0x610 [ 188.144205][ T7438] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 188.144227][ T7438] ? rcu_is_watching+0x12/0xc0 [ 188.144241][ T7438] ? trace_mm_page_alloc+0x11f/0x1a0 [ 188.144263][ T7438] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 188.144280][ T7438] ? stack_trace_save+0x8e/0xc0 [ 188.144296][ T7438] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 188.144320][ T7438] ? kasan_save_track+0x14/0x30 [ 188.144335][ T7438] ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 188.144352][ T7438] ? __get_vm_area_node+0x1ca/0x330 [ 188.144372][ T7438] ? __vmalloc_node_range_noprof+0x271/0x14b0 [ 188.144385][ T7438] ? __vmalloc_node_noprof+0xad/0xf0 [ 188.144396][ T7438] ? n_tty_open+0x1a/0x170 [ 188.144409][ T7438] ? tty_ldisc_open+0x9f/0x120 [ 188.144425][ T7438] ? tty_ldisc_setup+0x40/0x100 [ 188.144443][ T7438] ? tty_init_dev.part.0+0x1ec/0x500 [ 188.144456][ T7438] ? path_openat+0x1de4/0x2cb0 [ 188.144472][ T7438] ? do_filp_open+0x20b/0x470 [ 188.144486][ T7438] ? do_sys_openat2+0x11b/0x1d0 [ 188.144506][ T7438] ? __x64_sys_openat+0x174/0x210 [ 188.144521][ T7438] alloc_pages_bulk_noprof+0x71c/0x1410 [ 188.144537][ T7438] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 188.144559][ T7438] ? policy_nodemask+0xea/0x4e0 [ 188.144580][ T7438] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 188.144597][ T7438] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 188.144624][ T7438] kasan_populate_vmalloc+0x112/0x2d0 [ 188.144640][ T7438] ? alloc_vmap_area+0x8b5/0x29c0 [ 188.144663][ T7438] alloc_vmap_area+0x960/0x29c0 [ 188.144691][ T7438] ? __pfx_alloc_vmap_area+0x10/0x10 [ 188.144717][ T7438] __get_vm_area_node+0x1ca/0x330 [ 188.144742][ T7438] __vmalloc_node_range_noprof+0x271/0x14b0 [ 188.144756][ T7438] ? n_tty_open+0x1a/0x170 [ 188.144769][ T7438] ? look_up_lock_class+0x6b/0x150 [ 188.144794][ T7438] ? n_tty_open+0x1a/0x170 [ 188.144812][ T7438] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 188.144825][ T7438] ? look_up_lock_class+0x59/0x150 [ 188.144848][ T7438] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 188.144865][ T7438] ? n_tty_open+0x1a/0x170 [ 188.144877][ T7438] __vmalloc_node_noprof+0xad/0xf0 [ 188.144890][ T7438] ? n_tty_open+0x1a/0x170 [ 188.144903][ T7438] ? __pfx_n_tty_open+0x10/0x10 [ 188.144918][ T7438] n_tty_open+0x1a/0x170 [ 188.144931][ T7438] ? __pfx_n_tty_open+0x10/0x10 [ 188.144944][ T7438] tty_ldisc_open+0x9f/0x120 [ 188.144962][ T7438] tty_ldisc_setup+0x40/0x100 [ 188.144982][ T7438] tty_init_dev.part.0+0x1ec/0x500 [ 188.144996][ T7438] tty_init_dev+0x60/0x80 [ 188.145009][ T7438] ? __pfx_ptmx_open+0x10/0x10 [ 188.145025][ T7438] ptmx_open+0x10d/0x360 [ 188.145042][ T7438] ? __pfx_ptmx_open+0x10/0x10 [ 188.145063][ T7438] chrdev_open+0x234/0x6a0 [ 188.145081][ T7438] ? __pfx_apparmor_file_open+0x10/0x10 [ 188.145098][ T7438] ? __pfx_chrdev_open+0x10/0x10 [ 188.145117][ T7438] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 188.145143][ T7438] do_dentry_open+0x982/0x1530 [ 188.145162][ T7438] ? __pfx_chrdev_open+0x10/0x10 [ 188.145185][ T7438] vfs_open+0x82/0x3f0 [ 188.145208][ T7438] path_openat+0x1de4/0x2cb0 [ 188.145232][ T7438] ? __pfx_path_openat+0x10/0x10 [ 188.145254][ T7438] do_filp_open+0x20b/0x470 [ 188.145271][ T7438] ? __pfx_do_filp_open+0x10/0x10 [ 188.145302][ T7438] ? alloc_fd+0x471/0x7d0 [ 188.145322][ T7438] do_sys_openat2+0x11b/0x1d0 [ 188.145343][ T7438] ? __pfx_do_sys_openat2+0x10/0x10 [ 188.145365][ T7438] ? __sys_sendmsg+0x18c/0x220 [ 188.145391][ T7438] __x64_sys_openat+0x174/0x210 [ 188.145407][ T7438] ? __pfx___x64_sys_openat+0x10/0x10 [ 188.145427][ T7438] do_syscall_64+0xcd/0x4c0 [ 188.145450][ T7438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.145464][ T7438] RIP: 0033:0x7fd0f518eba9 [ 188.145477][ T7438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.145490][ T7438] RSP: 002b:00007fd0f5fb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 188.145504][ T7438] RAX: ffffffffffffffda RBX: 00007fd0f53d5fa0 RCX: 00007fd0f518eba9 [ 188.145513][ T7438] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 188.145522][ T7438] RBP: 00007fd0f5211e19 R08: 0000000000000000 R09: 0000000000000000 [ 188.145531][ T7438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 188.145539][ T7438] R13: 00007fd0f53d6038 R14: 00007fd0f53d5fa0 R15: 00007fffaaac5478 [ 188.145558][ T7438] [ 188.150785][ T7438] syz.0.311: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 188.682790][ T7438] CPU: 0 UID: 0 PID: 7438 Comm: syz.0.311 Not tainted syzkaller #0 PREEMPT(full) [ 188.682810][ T7438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 188.682818][ T7438] Call Trace: [ 188.682824][ T7438] [ 188.682829][ T7438] dump_stack_lvl+0x16c/0x1f0 [ 188.682855][ T7438] warn_alloc+0x248/0x3a0 [ 188.682875][ T7438] ? __pfx_warn_alloc+0x10/0x10 [ 188.682893][ T7438] ? kfree+0x2b4/0x4d0 [ 188.682911][ T7438] ? __get_vm_area_node+0x208/0x330 [ 188.682938][ T7438] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 188.682953][ T7438] ? look_up_lock_class+0x6b/0x150 [ 188.682979][ T7438] ? n_tty_open+0x1a/0x170 [ 188.682999][ T7438] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 188.683012][ T7438] ? look_up_lock_class+0x59/0x150 [ 188.683036][ T7438] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 188.683054][ T7438] ? n_tty_open+0x1a/0x170 [ 188.683067][ T7438] __vmalloc_node_noprof+0xad/0xf0 [ 188.683081][ T7438] ? n_tty_open+0x1a/0x170 [ 188.683100][ T7438] ? __pfx_n_tty_open+0x10/0x10 [ 188.683116][ T7438] n_tty_open+0x1a/0x170 [ 188.683129][ T7438] ? __pfx_n_tty_open+0x10/0x10 [ 188.683143][ T7438] tty_ldisc_open+0x9f/0x120 [ 188.683163][ T7438] tty_ldisc_setup+0x40/0x100 [ 188.683183][ T7438] tty_init_dev.part.0+0x1ec/0x500 [ 188.683199][ T7438] tty_init_dev+0x60/0x80 [ 188.683212][ T7438] ? __pfx_ptmx_open+0x10/0x10 [ 188.683229][ T7438] ptmx_open+0x10d/0x360 [ 188.683247][ T7438] ? __pfx_ptmx_open+0x10/0x10 [ 188.683264][ T7438] chrdev_open+0x234/0x6a0 [ 188.683283][ T7438] ? __pfx_apparmor_file_open+0x10/0x10 [ 188.683300][ T7438] ? __pfx_chrdev_open+0x10/0x10 [ 188.683320][ T7438] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 188.683341][ T7438] do_dentry_open+0x982/0x1530 [ 188.683359][ T7438] ? __pfx_chrdev_open+0x10/0x10 [ 188.683382][ T7438] vfs_open+0x82/0x3f0 [ 188.683406][ T7438] path_openat+0x1de4/0x2cb0 [ 188.683430][ T7438] ? __pfx_path_openat+0x10/0x10 [ 188.683453][ T7438] do_filp_open+0x20b/0x470 [ 188.683470][ T7438] ? __pfx_do_filp_open+0x10/0x10 [ 188.683502][ T7438] ? alloc_fd+0x471/0x7d0 [ 188.683523][ T7438] do_sys_openat2+0x11b/0x1d0 [ 188.683545][ T7438] ? __pfx_do_sys_openat2+0x10/0x10 [ 188.683569][ T7438] ? __sys_sendmsg+0x18c/0x220 [ 188.683596][ T7438] __x64_sys_openat+0x174/0x210 [ 188.683609][ T7438] ? __pfx___x64_sys_openat+0x10/0x10 [ 188.683630][ T7438] do_syscall_64+0xcd/0x4c0 [ 188.683655][ T7438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.683670][ T7438] RIP: 0033:0x7fd0f518eba9 [ 188.683682][ T7438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.683695][ T7438] RSP: 002b:00007fd0f5fb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 188.683709][ T7438] RAX: ffffffffffffffda RBX: 00007fd0f53d5fa0 RCX: 00007fd0f518eba9 [ 188.683719][ T7438] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 188.683728][ T7438] RBP: 00007fd0f5211e19 R08: 0000000000000000 R09: 0000000000000000 [ 188.683736][ T7438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 188.683744][ T7438] R13: 00007fd0f53d6038 R14: 00007fd0f53d5fa0 R15: 00007fffaaac5478 [ 188.683763][ T7438] [ 188.683768][ T7438] Mem-Info: [ 189.011487][ T5923] usb usb38-port5: attempt power cycle [ 189.059505][ T7438] active_anon:10560 inactive_anon:2195 isolated_anon:0 [ 189.059505][ T7438] active_file:11413 inactive_file:40943 isolated_file:0 [ 189.059505][ T7438] unevictable:768 dirty:1059 writeback:0 [ 189.059505][ T7438] slab_reclaimable:11793 slab_unreclaimable:92920 [ 189.059505][ T7438] mapped:24917 shmem:1356 pagetables:1054 [ 189.059505][ T7438] sec_pagetables:0 bounce:0 [ 189.059505][ T7438] kernel_misc_reclaimable:0 [ 189.059505][ T7438] free:1317034 free_pcp:19180 free_cma:0 [ 189.217273][ T7438] Node 0 active_anon:42240kB inactive_anon:8880kB active_file:45652kB inactive_file:163568kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:103068kB dirty:4228kB writeback:0kB shmem:3988kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11424kB pagetables:4096kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 189.249368][ C1] vkms_vblank_simulate: vblank timer overrun [ 189.297080][ T7438] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:120kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 189.508789][ T7438] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 189.628991][ T7438] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 189.634875][ T7438] Node 0 DMA32 free:1394504kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:42168kB inactive_anon:6556kB active_file:45396kB inactive_file:162444kB unevictable:1536kB writepending:4240kB present:3129332kB managed:2539540kB mlocked:0kB bounce:0kB free_pcp:24428kB local_pcp:5564kB free_cma:0kB [ 189.669279][ T7438] lowmem_reserve[]: 0 0 1 1 1 [ 189.674043][ T7438] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:264kB inactive_file:1052kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 189.706969][ T5923] usb usb38-port5: unable to enumerate USB device [ 189.803488][ T7438] lowmem_reserve[]: 0 0 0 0 0 [ 189.828069][ T7438] Node 1 Normal free:3859520kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:8kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:52608kB local_pcp:30272kB free_cma:0kB [ 189.964630][ T7438] lowmem_reserve[]: 0 0 0 0 0 [ 189.969402][ T7438] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 189.994862][ T7438] Node 0 DMA32: 63*4kB (UME) 242*8kB (UME) 116*16kB (UME) 804*32kB (UME) 481*64kB (UME) 295*128kB (UME) 127*256kB (UME) 58*512kB (UME) 31*1024kB (UME) 7*2048kB (UM) 290*4096kB (UM) = 1394444kB [ 190.014014][ C1] vkms_vblank_simulate: vblank timer overrun [ 190.049935][ T7438] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 190.064616][ T7438] Node 1 Normal: 5*4kB (UME) 6*8kB (UE) 11*16kB (UE) 10*32kB (UME) 7*64kB (UE) 7*128kB (UE) 7*256kB (UME) 3*512kB (U) 4*1024kB (UE) 8*2048kB (UME) 936*4096kB (UM) = 3859572kB [ 190.083897][ T7438] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 190.095149][ T7438] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 190.104751][ T7438] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 190.114363][ T7438] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 190.123965][ T7438] 53738 total pagecache pages [ 190.128654][ T7438] 15 pages in swap cache [ 190.132905][ T7438] Free swap = 124936kB [ 190.137136][ T7438] Total swap = 124996kB [ 190.141349][ T7438] 2097051 pages RAM [ 190.145455][ T7438] 0 pages HighMem/MovableOnly [ 190.150309][ T7438] 430204 pages reserved [ 190.154665][ T7438] 0 pages cma reserved [ 190.158867][ T7438] ptm ptm1: ldisc open failed (-12), clearing slot 1 [ 193.414395][ T7499] ubi: mtd0 is already attached to ubi0 [ 193.971799][ T7508] Invalid ELF header magic: != ELF [ 193.999440][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.023948][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.321091][ T7503] Invalid ELF header magic: != ELF [ 195.172446][ T7527] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 197.562694][ T7573] vivid-007: ================= START STATUS ================= [ 197.600965][ T7573] vivid-007: Generate PTS: true [ 197.612471][ T7573] vivid-007: Generate SCR: true [ 197.657126][ T7575] netlink: 25 bytes leftover after parsing attributes in process `syz.0.335'. [ 197.673694][ T7573] tpg source WxH: 320x240 (Y'CbCr) [ 197.719465][ T7573] tpg field: 1 [ 197.768422][ T7573] tpg crop: (0,0)/320x240 [ 197.787335][ T7573] tpg compose: (0,0)/320x240 [ 197.798534][ T7573] tpg colorspace: 8 [ 197.802352][ T7573] tpg transfer function: 0/0 [ 197.844973][ T7573] tpg Y'CbCr encoding: 0/0 [ 197.872567][ T7573] tpg quantization: 0/0 [ 197.876856][ T7573] tpg RGB range: 0/2 [ 197.880820][ T7573] vivid-007: ================== END STATUS ================== [ 198.676031][ T7588] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 198.752636][ T7586] FAULT_INJECTION: forcing a failure. [ 198.752636][ T7586] name failslab, interval 1, probability 0, space 0, times 0 [ 198.838532][ T7586] CPU: 0 UID: 0 PID: 7586 Comm: syz.0.338 Not tainted syzkaller #0 PREEMPT(full) [ 198.838567][ T7586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 198.838581][ T7586] Call Trace: [ 198.838589][ T7586] [ 198.838599][ T7586] dump_stack_lvl+0x16c/0x1f0 [ 198.838641][ T7586] should_fail_ex+0x512/0x640 [ 198.838677][ T7586] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 198.838713][ T7586] should_failslab+0xc2/0x120 [ 198.838746][ T7586] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 198.838778][ T7586] ? lockdep_init_map_type+0x5c/0x280 [ 198.838811][ T7586] ? __ip_vs_lblc_init+0x77/0x340 [ 198.838843][ T7586] ? __pfx___ip_vs_lblc_init+0x10/0x10 [ 198.838876][ T7586] kmemdup_noprof+0x29/0x60 [ 198.838907][ T7586] __ip_vs_lblc_init+0x77/0x340 [ 198.838940][ T7586] ? __pfx___ip_vs_lblc_init+0x10/0x10 [ 198.838970][ T7586] ops_init+0x1e2/0x5f0 [ 198.839012][ T7586] setup_net+0x10f/0x380 [ 198.839042][ T7586] ? lockdep_init_map_type+0x5c/0x280 [ 198.839079][ T7586] ? __pfx_setup_net+0x10/0x10 [ 198.839119][ T7586] ? debug_mutex_init+0x37/0x70 [ 198.839150][ T7586] copy_net_ns+0x2a6/0x5f0 [ 198.839179][ T7586] create_new_namespaces+0x3ea/0xa90 [ 198.839218][ T7586] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 198.839251][ T7586] ksys_unshare+0x45b/0xa40 [ 198.839284][ T7586] ? __pfx_ksys_unshare+0x10/0x10 [ 198.839319][ T7586] ? xfd_validate_state+0x61/0x180 [ 198.839366][ T7586] __x64_sys_unshare+0x31/0x40 [ 198.839399][ T7586] do_syscall_64+0xcd/0x4c0 [ 198.839439][ T7586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.839465][ T7586] RIP: 0033:0x7fd0f518eba9 [ 198.839486][ T7586] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.839510][ T7586] RSP: 002b:00007fd0f5fb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 198.839536][ T7586] RAX: ffffffffffffffda RBX: 00007fd0f53d5fa0 RCX: 00007fd0f518eba9 [ 198.839553][ T7586] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 198.839568][ T7586] RBP: 00007fd0f5211e19 R08: 0000000000000000 R09: 0000000000000000 [ 198.839584][ T7586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.839600][ T7586] R13: 00007fd0f53d6038 R14: 00007fd0f53d5fa0 R15: 00007fffaaac5478 [ 198.839636][ T7586] [ 198.861258][ T7588] FAULT_INJECTION: forcing a failure. [ 198.861258][ T7588] name failslab, interval 1, probability 0, space 0, times 0 [ 199.147047][ T7588] CPU: 0 UID: 0 PID: 7588 Comm: syz.2.337 Not tainted syzkaller #0 PREEMPT(full) [ 199.147081][ T7588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 199.147096][ T7588] Call Trace: [ 199.147104][ T7588] [ 199.147113][ T7588] dump_stack_lvl+0x16c/0x1f0 [ 199.147154][ T7588] should_fail_ex+0x512/0x640 [ 199.147191][ T7588] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 199.147225][ T7588] should_failslab+0xc2/0x120 [ 199.147258][ T7588] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 199.147290][ T7588] ? proc_alloc_inode+0x25/0x200 [ 199.147327][ T7588] ? __pfx_proc_alloc_inode+0x10/0x10 [ 199.147357][ T7588] proc_alloc_inode+0x25/0x200 [ 199.147387][ T7588] alloc_inode+0x64/0x240 [ 199.147423][ T7588] new_inode+0x22/0x1c0 [ 199.147460][ T7588] proc_pid_make_inode+0x22/0x160 [ 199.147493][ T7588] proc_pident_instantiate+0x85/0x310 [ 199.147530][ T7588] proc_fill_cache+0x35e/0x470 [ 199.147561][ T7588] ? __pfx_proc_pident_instantiate+0x10/0x10 [ 199.147598][ T7588] ? __pfx_proc_fill_cache+0x10/0x10 [ 199.147670][ T7588] proc_pident_readdir+0x1bc/0x530 [ 199.147711][ T7588] iterate_dir+0x296/0xaf0 [ 199.147743][ T7588] __x64_sys_getdents+0x13c/0x2b0 [ 199.147769][ T7588] ? __pfx___x64_sys_getdents+0x10/0x10 [ 199.147795][ T7588] ? __pfx_filldir+0x10/0x10 [ 199.147833][ T7588] do_syscall_64+0xcd/0x4c0 [ 199.147873][ T7588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.147899][ T7588] RIP: 0033:0x7ff8fdf8eba9 [ 199.147919][ T7588] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.147943][ T7588] RSP: 002b:00007ff8fed9a038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 199.147967][ T7588] RAX: ffffffffffffffda RBX: 00007ff8fe1d5fa0 RCX: 00007ff8fdf8eba9 [ 199.147984][ T7588] RDX: 00000000000003f1 RSI: 0000000000000000 RDI: 0000000000000007 [ 199.148005][ T7588] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 199.148020][ T7588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 199.148035][ T7588] R13: 00007ff8fe1d6038 R14: 00007ff8fe1d5fa0 R15: 00007ffdc2195fb8 [ 199.148072][ T7588] [ 201.156731][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 201.166407][ T5185] Bluetooth: hci2: command 0x0406 tx timeout [ 201.176309][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 201.182356][ T5870] Bluetooth: hci0: command 0x0406 tx timeout [ 201.745997][ T7647] __vm_enough_memory: pid: 7647, comm: syz.3.346, bytes: 4398046511104 not enough memory for the allocation [ 203.419517][ T7660] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 204.715154][ T7697] netlink: 25 bytes leftover after parsing attributes in process `syz.1.355'. [ 206.609572][ T7733] ubi: mtd0 is already attached to ubi0 [ 207.199820][ T7738] netlink: 338 bytes leftover after parsing attributes in process `syz.2.364'. [ 207.945282][ T882] smpboot: CPU 1 is now offline [ 209.189206][ T7781] FAULT_INJECTION: forcing a failure. [ 209.189206][ T7781] name failslab, interval 1, probability 0, space 0, times 0 [ 209.224133][ T7781] CPU: 0 UID: 0 PID: 7781 Comm: syz.3.375 Not tainted syzkaller #0 PREEMPT(full) [ 209.224155][ T7781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 209.224163][ T7781] Call Trace: [ 209.224169][ T7781] [ 209.224174][ T7781] dump_stack_lvl+0x16c/0x1f0 [ 209.224201][ T7781] should_fail_ex+0x512/0x640 [ 209.224224][ T7781] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 209.224241][ T7781] should_failslab+0xc2/0x120 [ 209.224264][ T7781] __kmalloc_cache_noprof+0x6a/0x3e0 [ 209.224279][ T7781] ? nfs_init_fs_context+0x4f/0x11f0 [ 209.224298][ T7781] nfs_init_fs_context+0x4f/0x11f0 [ 209.224315][ T7781] ? __pfx_nfs_init_fs_context+0x10/0x10 [ 209.224331][ T7781] alloc_fs_context+0x54d/0x9c0 [ 209.224352][ T7781] path_mount+0xbdd/0x2000 [ 209.224373][ T7781] ? __pfx_path_mount+0x10/0x10 [ 209.224391][ T7781] ? kmem_cache_free+0x2d1/0x4d0 [ 209.224406][ T7781] ? putname+0x154/0x1a0 [ 209.224427][ T7781] ? putname+0x154/0x1a0 [ 209.224447][ T7781] ? __x64_sys_mount+0x28d/0x310 [ 209.224464][ T7781] __x64_sys_mount+0x28d/0x310 [ 209.224482][ T7781] ? __pfx___x64_sys_mount+0x10/0x10 [ 209.224505][ T7781] do_syscall_64+0xcd/0x4c0 [ 209.224527][ T7781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.224542][ T7781] RIP: 0033:0x7fe39918eba9 [ 209.224553][ T7781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.224567][ T7781] RSP: 002b:00007fe399ffc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 209.224580][ T7781] RAX: ffffffffffffffda RBX: 00007fe3993d5fa0 RCX: 00007fe39918eba9 [ 209.224589][ T7781] RDX: 0000200000000140 RSI: 0000200000000080 RDI: 0000000000000000 [ 209.224598][ T7781] RBP: 00007fe399211e19 R08: 00002000000001c0 R09: 0000000000000000 [ 209.224606][ T7781] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 209.224614][ T7781] R13: 00007fe3993d6038 R14: 00007fe3993d5fa0 R15: 00007ffef7d6f968 [ 209.224631][ T7781] [ 209.418138][ C0] vkms_vblank_simulate: vblank timer overrun [ 211.777892][ T7819] netlink: 186 bytes leftover after parsing attributes in process `syz.3.387'. [ 213.897611][ T7858] binder: 7854:7858 ioctl 400c620e 0 returned -22 [ 219.048676][ T7887] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 219.058340][ T7887] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 219.066404][ T7887] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 219.075238][ T7887] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 219.082699][ T7887] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 219.485135][ T7886] chnl_net:caif_netlink_parms(): no params data found [ 219.557972][ T7886] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.580983][ T7886] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.593492][ T7886] bridge_slave_0: entered allmulticast mode [ 219.612741][ T7886] bridge_slave_0: entered promiscuous mode [ 219.623938][ T7886] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.642413][ T7886] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.649512][ T7886] bridge_slave_1: entered allmulticast mode [ 219.661137][ T7886] bridge_slave_1: entered promiscuous mode [ 219.692294][ T7886] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.704091][ T7886] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.740953][ T7886] team0: Port device team_slave_0 added [ 219.748444][ T7886] team0: Port device team_slave_1 added [ 219.778959][ T7886] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 219.785996][ T7886] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.815253][ T7886] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.827308][ T7886] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.836425][ T7886] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.868393][ T7886] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.910749][ T7886] hsr_slave_0: entered promiscuous mode [ 219.916912][ T7886] hsr_slave_1: entered promiscuous mode [ 219.925813][ T7886] debugfs: 'hsr0' already exists in 'hsr' [ 219.932021][ T7886] Cannot create hsr debugfs directory [ 220.086450][ T7886] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 220.097433][ T7886] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 220.110262][ T7886] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 220.121867][ T7886] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 220.154784][ T7886] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.162005][ T7886] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.169381][ T7886] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.176446][ T7886] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.234295][ T7886] 8021q: adding VLAN 0 to HW filter on device bond0 [ 220.253429][ T7672] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.264321][ T7672] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.280157][ T7886] 8021q: adding VLAN 0 to HW filter on device team0 [ 220.292729][ T7639] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.299825][ T7639] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.325731][ T7639] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.332826][ T7639] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.506565][ T7886] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 220.718427][ T7886] veth0_vlan: entered promiscuous mode [ 220.731422][ T7886] veth1_vlan: entered promiscuous mode [ 220.763760][ T7886] veth0_macvtap: entered promiscuous mode [ 220.773646][ T7886] veth1_macvtap: entered promiscuous mode [ 220.792340][ T7886] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 220.809521][ T7886] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 220.826296][ T7639] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.842312][ T7639] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.875362][ T7639] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.906277][ T7639] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 220.940286][ T7639] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 220.959159][ T7639] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 220.989095][ T7676] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 221.000280][ T7676] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 221.125078][ T7887] Bluetooth: hci4: command tx timeout [ 221.374343][ T7921] syz.2.409 uses obsolete (PF_INET,SOCK_PACKET) [ 223.192895][ T7887] Bluetooth: hci4: command tx timeout [ 224.552102][ T7981] ima: policy update failed [ 224.583047][ T30] audit: type=1802 audit(1757805120.136:5): pid=7981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.414" res=0 errno=0 [ 224.607603][ T7981] netlink: 25 bytes leftover after parsing attributes in process `syz.2.414'. [ 225.263074][ T7887] Bluetooth: hci4: command tx timeout [ 225.351213][ T30] audit: type=1326 audit(1757805120.910:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7996 comm="syz.4.419" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f94f0d8eba9 code=0x0 [ 225.425387][ T8000] FAULT_INJECTION: forcing a failure. [ 225.425387][ T8000] name failslab, interval 1, probability 0, space 0, times 0 [ 225.514115][ T8000] CPU: 0 UID: 0 PID: 8000 Comm: syz.4.419 Not tainted syzkaller #0 PREEMPT(full) [ 225.514136][ T8000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 225.514144][ T8000] Call Trace: [ 225.514150][ T8000] [ 225.514155][ T8000] dump_stack_lvl+0x16c/0x1f0 [ 225.514181][ T8000] should_fail_ex+0x512/0x640 [ 225.514203][ T8000] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 225.514221][ T8000] should_failslab+0xc2/0x120 [ 225.514249][ T8000] __kmalloc_cache_noprof+0x6a/0x3e0 [ 225.514264][ T8000] ? snd_pcm_oss_change_params_locked+0x211/0x3a30 [ 225.514283][ T8000] ? kasan_save_track+0x14/0x30 [ 225.514301][ T8000] snd_pcm_oss_change_params_locked+0x211/0x3a30 [ 225.514322][ T8000] ? __mutex_lock+0x1c5/0x1060 [ 225.514347][ T8000] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 225.514365][ T8000] ? __pfx___mutex_lock+0x10/0x10 [ 225.514390][ T8000] ? __fsnotify_parent+0x24b/0xc40 [ 225.514411][ T8000] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 225.514428][ T8000] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 225.514443][ T8000] snd_pcm_oss_sync+0x1de/0x840 [ 225.514461][ T8000] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 225.514477][ T8000] snd_pcm_oss_release+0x28b/0x310 [ 225.514494][ T8000] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 225.514509][ T8000] __fput+0x402/0xb70 [ 225.514533][ T8000] task_work_run+0x14d/0x240 [ 225.514547][ T8000] ? __pfx_task_work_run+0x10/0x10 [ 225.514569][ T8000] ? __pfx___do_sys_close_range+0x10/0x10 [ 225.514590][ T8000] exit_to_user_mode_loop+0xeb/0x110 [ 225.514613][ T8000] do_syscall_64+0x41c/0x4c0 [ 225.514636][ T8000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.514650][ T8000] RIP: 0033:0x7f94f0d8eba9 [ 225.514661][ T8000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.514674][ T8000] RSP: 002b:00007f94f1b34038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 225.514688][ T8000] RAX: 0000000000000000 RBX: 00007f94f0fd6090 RCX: 00007f94f0d8eba9 [ 225.514696][ T8000] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 225.514705][ T8000] RBP: 00007f94f0e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 225.514712][ T8000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.514720][ T8000] R13: 00007f94f0fd6128 R14: 00007f94f0fd6090 R15: 00007ffdb9b50498 [ 225.514738][ T8000] [ 227.231603][ T8021] ICMPv6: process `syz.4.425' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 227.301845][ T8023] netlink: 'syz.3.426': attribute type 1 has an invalid length. [ 227.330406][ T7887] Bluetooth: hci4: command tx timeout [ 227.350111][ T8021] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 229.252541][ T8069] FAULT_INJECTION: forcing a failure. [ 229.252541][ T8069] name failslab, interval 1, probability 0, space 0, times 0 [ 229.327771][ T8069] CPU: 0 UID: 0 PID: 8069 Comm: syz.2.443 Not tainted syzkaller #0 PREEMPT(full) [ 229.327791][ T8069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 229.327800][ T8069] Call Trace: [ 229.327806][ T8069] [ 229.327811][ T8069] dump_stack_lvl+0x16c/0x1f0 [ 229.327837][ T8069] should_fail_ex+0x512/0x640 [ 229.327868][ T8069] ? __kmalloc_noprof+0xbf/0x510 [ 229.327886][ T8069] ? ops_init+0x77/0x5f0 [ 229.327906][ T8069] should_failslab+0xc2/0x120 [ 229.327928][ T8069] __kmalloc_noprof+0xd2/0x510 [ 229.327945][ T8069] ? __pfx_recent_net_init+0x10/0x10 [ 229.327970][ T8069] ops_init+0x77/0x5f0 [ 229.327993][ T8069] setup_net+0x10f/0x380 [ 229.328003][ T8069] ? lockdep_init_map_type+0x5c/0x280 [ 229.328023][ T8069] ? __pfx_setup_net+0x10/0x10 [ 229.328045][ T8069] ? debug_mutex_init+0x37/0x70 [ 229.328061][ T8069] copy_net_ns+0x2a6/0x5f0 [ 229.328077][ T8069] create_new_namespaces+0x3ea/0xa90 [ 229.328098][ T8069] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 229.328116][ T8069] ksys_unshare+0x45b/0xa40 [ 229.328136][ T8069] ? __pfx_ksys_unshare+0x10/0x10 [ 229.328155][ T8069] ? xfd_validate_state+0x61/0x180 [ 229.328181][ T8069] __x64_sys_unshare+0x31/0x40 [ 229.328200][ T8069] do_syscall_64+0xcd/0x4c0 [ 229.328223][ T8069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.328237][ T8069] RIP: 0033:0x7ff8fdf8eba9 [ 229.328249][ T8069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.328262][ T8069] RSP: 002b:00007ff8fed9a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 229.328275][ T8069] RAX: ffffffffffffffda RBX: 00007ff8fe1d5fa0 RCX: 00007ff8fdf8eba9 [ 229.328284][ T8069] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 229.328292][ T8069] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 229.328300][ T8069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.328308][ T8069] R13: 00007ff8fe1d6038 R14: 00007ff8fe1d5fa0 R15: 00007ffdc2195fb8 [ 229.328327][ T8069] [ 231.006402][ T8090] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 231.999821][ T8125] blktrace: Concurrent blktraces are not allowed on ram7 [ 232.274916][ T8129] FAULT_INJECTION: forcing a failure. [ 232.274916][ T8129] name failslab, interval 1, probability 0, space 0, times 0 [ 232.349915][ T8129] CPU: 0 UID: 0 PID: 8129 Comm: syz.2.450 Not tainted syzkaller #0 PREEMPT(full) [ 232.349937][ T8129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 232.349947][ T8129] Call Trace: [ 232.349952][ T8129] [ 232.349958][ T8129] dump_stack_lvl+0x16c/0x1f0 [ 232.349985][ T8129] should_fail_ex+0x512/0x640 [ 232.350008][ T8129] ? __kvmalloc_node_noprof+0x124/0x620 [ 232.350027][ T8129] should_failslab+0xc2/0x120 [ 232.350046][ T8129] __kvmalloc_node_noprof+0x137/0x620 [ 232.350062][ T8129] ? net_generic+0xea/0x2a0 [ 232.350078][ T8129] ? ip_set_net_init+0x89/0x1f0 [ 232.350095][ T8129] ? __pfx_ip_set_net_init+0x10/0x10 [ 232.350111][ T8129] ? ip_set_net_init+0x89/0x1f0 [ 232.350127][ T8129] ip_set_net_init+0x89/0x1f0 [ 232.350143][ T8129] ops_init+0x1e2/0x5f0 [ 232.350167][ T8129] setup_net+0x10f/0x380 [ 232.350177][ T8129] ? lockdep_init_map_type+0x5c/0x280 [ 232.350197][ T8129] ? __pfx_setup_net+0x10/0x10 [ 232.350219][ T8129] ? debug_mutex_init+0x37/0x70 [ 232.350235][ T8129] copy_net_ns+0x2a6/0x5f0 [ 232.350251][ T8129] create_new_namespaces+0x3ea/0xa90 [ 232.350272][ T8129] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 232.350289][ T8129] ksys_unshare+0x45b/0xa40 [ 232.350309][ T8129] ? __pfx_ksys_unshare+0x10/0x10 [ 232.350329][ T8129] ? xfd_validate_state+0x61/0x180 [ 232.350355][ T8129] __x64_sys_unshare+0x31/0x40 [ 232.350373][ T8129] do_syscall_64+0xcd/0x4c0 [ 232.350412][ T8129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.350427][ T8129] RIP: 0033:0x7ff8fdf8eba9 [ 232.350440][ T8129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.350453][ T8129] RSP: 002b:00007ff8fed9a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 232.350467][ T8129] RAX: ffffffffffffffda RBX: 00007ff8fe1d5fa0 RCX: 00007ff8fdf8eba9 [ 232.350476][ T8129] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 232.350484][ T8129] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 232.350492][ T8129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.350500][ T8129] R13: 00007ff8fe1d6038 R14: 00007ff8fe1d5fa0 R15: 00007ffdc2195fb8 [ 232.350524][ T8129] [ 232.570557][ C0] vkms_vblank_simulate: vblank timer overrun [ 233.114752][ T8137] netlink: 16 bytes leftover after parsing attributes in process `syz.3.451'. [ 233.222329][ T8138] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 233.742451][ T30] audit: type=1804 audit(1757805129.345:7): pid=8148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.454" name="/newroot/104/file0" dev="tmpfs" ino=572 res=1 errno=0 [ 234.130675][ T8148] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 234.219555][ T8148] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 235.020300][ T9] usb usb38-port5: attempt power cycle [ 235.087523][ T30] audit: type=1804 audit(1757805130.692:8): pid=8170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.460" name="/newroot/118/file0" dev="tmpfs" ino=645 res=1 errno=0 [ 235.154793][ T8172] FAULT_INJECTION: forcing a failure. [ 235.154793][ T8172] name failslab, interval 1, probability 0, space 0, times 0 [ 235.197845][ T8172] CPU: 0 UID: 0 PID: 8172 Comm: syz.2.461 Not tainted syzkaller #0 PREEMPT(full) [ 235.197866][ T8172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 235.197874][ T8172] Call Trace: [ 235.197880][ T8172] [ 235.197886][ T8172] dump_stack_lvl+0x16c/0x1f0 [ 235.197912][ T8172] should_fail_ex+0x512/0x640 [ 235.197934][ T8172] ? __kmalloc_noprof+0xbf/0x510 [ 235.197953][ T8172] ? devlink_fmsg_put_value+0xaa/0x2d0 [ 235.197974][ T8172] should_failslab+0xc2/0x120 [ 235.197993][ T8172] __kmalloc_noprof+0xd2/0x510 [ 235.198013][ T8172] devlink_fmsg_put_value+0xaa/0x2d0 [ 235.198037][ T8172] devlink_fmsg_u8_pair_put+0x19c/0x2f0 [ 235.198050][ T8172] ? __pfx_devlink_fmsg_u8_pair_put+0x10/0x10 [ 235.198064][ T8172] ? __kasan_kmalloc+0x81/0xb0 [ 235.198080][ T8172] ? devlink_fmsg_nest_common.part.0+0xcd/0x1e0 [ 235.198104][ T8172] nsim_dev_dummy_fmsg_put+0x192/0x1e0 [ 235.198130][ T8172] devlink_health_do_dump+0x243/0x620 [ 235.198146][ T8172] devlink_health_report+0x3c9/0x9c0 [ 235.198164][ T8172] ? __pfx_devlink_health_report+0x10/0x10 [ 235.198178][ T8172] ? _copy_from_user+0x59/0xd0 [ 235.198196][ T8172] nsim_dev_health_break_write+0x166/0x210 [ 235.198223][ T8172] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 235.198251][ T8172] full_proxy_write+0x131/0x1a0 [ 235.198276][ T8172] ? __pfx_full_proxy_write+0x10/0x10 [ 235.198297][ T8172] vfs_write+0x2a0/0x11d0 [ 235.198317][ T8172] ? __pfx___mutex_lock+0x10/0x10 [ 235.198338][ T8172] ? __pfx_vfs_write+0x10/0x10 [ 235.198359][ T8172] ? __fget_files+0x20e/0x3c0 [ 235.198380][ T8172] ksys_write+0x12a/0x250 [ 235.198396][ T8172] ? __pfx_ksys_write+0x10/0x10 [ 235.198418][ T8172] do_syscall_64+0xcd/0x4c0 [ 235.198441][ T8172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.198455][ T8172] RIP: 0033:0x7ff8fdf8eba9 [ 235.198467][ T8172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.198480][ T8172] RSP: 002b:00007ff8fed9a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 235.198494][ T8172] RAX: ffffffffffffffda RBX: 00007ff8fe1d5fa0 RCX: 00007ff8fdf8eba9 [ 235.198503][ T8172] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000006 [ 235.198511][ T8172] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 235.198519][ T8172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.198527][ T8172] R13: 00007ff8fe1d6038 R14: 00007ff8fe1d5fa0 R15: 00007ffdc2195fb8 [ 235.198545][ T8172] [ 235.442418][ C0] vkms_vblank_simulate: vblank timer overrun [ 236.213756][ T9] usb usb38-port5: unable to enumerate USB device [ 236.428302][ T8180] FAULT_INJECTION: forcing a failure. [ 236.428302][ T8180] name failslab, interval 1, probability 0, space 0, times 0 [ 236.499216][ T8180] CPU: 0 UID: 0 PID: 8180 Comm: syz.2.463 Not tainted syzkaller #0 PREEMPT(full) [ 236.499239][ T8180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 236.499247][ T8180] Call Trace: [ 236.499253][ T8180] [ 236.499258][ T8180] dump_stack_lvl+0x16c/0x1f0 [ 236.499286][ T8180] should_fail_ex+0x512/0x640 [ 236.499308][ T8180] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 236.499329][ T8180] should_failslab+0xc2/0x120 [ 236.499349][ T8180] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 236.499365][ T8180] ? sk_prot_alloc+0x60/0x2a0 [ 236.499382][ T8180] sk_prot_alloc+0x60/0x2a0 [ 236.499397][ T8180] sk_alloc+0x36/0xc20 [ 236.499417][ T8180] __vsock_create.constprop.0+0x3c/0xbb0 [ 236.499436][ T8180] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 236.499458][ T8180] vsock_create+0x139/0x500 [ 236.499479][ T8180] __sock_create+0x338/0x8d0 [ 236.499499][ T8180] __sys_socket+0x14d/0x260 [ 236.499515][ T8180] ? __pfx___sys_socket+0x10/0x10 [ 236.499532][ T8180] ? xfd_validate_state+0x61/0x180 [ 236.499553][ T8180] ? __task_pid_nr_ns+0x17c/0x500 [ 236.499575][ T8180] __x64_sys_socket+0x72/0xb0 [ 236.499591][ T8180] ? lockdep_hardirqs_on+0x7c/0x110 [ 236.499610][ T8180] do_syscall_64+0xcd/0x4c0 [ 236.499632][ T8180] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.499646][ T8180] RIP: 0033:0x7ff8fdf8eba9 [ 236.499657][ T8180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.499670][ T8180] RSP: 002b:00007ff8fed9a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 236.499684][ T8180] RAX: ffffffffffffffda RBX: 00007ff8fe1d5fa0 RCX: 00007ff8fdf8eba9 [ 236.499693][ T8180] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000028 [ 236.499701][ T8180] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 236.499712][ T8180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.499720][ T8180] R13: 00007ff8fe1d6038 R14: 00007ff8fe1d5fa0 R15: 00007ffdc2195fb8 [ 236.499737][ T8180] [ 239.905885][ T30] audit: type=1804 audit(1757805135.548:9): pid=8229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.471" name="/newroot/17/file0" dev="tmpfs" ino=105 res=1 errno=0 [ 239.929316][ T8226] FAULT_INJECTION: forcing a failure. [ 239.929316][ T8226] name failslab, interval 1, probability 0, space 0, times 0 [ 239.992776][ T8226] CPU: 0 UID: 0 PID: 8226 Comm: syz.2.472 Not tainted syzkaller #0 PREEMPT(full) [ 239.992797][ T8226] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 239.992806][ T8226] Call Trace: [ 239.992811][ T8226] [ 239.992817][ T8226] dump_stack_lvl+0x16c/0x1f0 [ 239.992844][ T8226] should_fail_ex+0x512/0x640 [ 239.992867][ T8226] ? __kmalloc_noprof+0xbf/0x510 [ 239.992886][ T8226] ? snd_pcm_plugin_build+0x434/0x650 [ 239.992903][ T8226] should_failslab+0xc2/0x120 [ 239.992922][ T8226] __kmalloc_noprof+0xd2/0x510 [ 239.992945][ T8226] snd_pcm_plugin_build+0x434/0x650 [ 239.992965][ T8226] snd_pcm_plugin_build_io+0x207/0x5f0 [ 239.992984][ T8226] ? __pfx_snd_pcm_plugin_build_io+0x10/0x10 [ 239.993003][ T8226] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 239.993026][ T8226] snd_pcm_oss_change_params_locked+0x2e62/0x3a30 [ 239.993052][ T8226] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 239.993084][ T8226] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 239.993104][ T8226] snd_pcm_oss_ioctl+0x21e9/0x37a0 [ 239.993122][ T8226] ? hook_file_ioctl_common+0x145/0x410 [ 239.993141][ T8226] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 239.993159][ T8226] ? __fget_files+0x20e/0x3c0 [ 239.993177][ T8226] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 239.993195][ T8226] __x64_sys_ioctl+0x18b/0x210 [ 239.993218][ T8226] do_syscall_64+0xcd/0x4c0 [ 239.993240][ T8226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.993255][ T8226] RIP: 0033:0x7ff8fdf8eba9 [ 239.993266][ T8226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.993279][ T8226] RSP: 002b:00007ff8fed9a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 239.993293][ T8226] RAX: ffffffffffffffda RBX: 00007ff8fe1d5fa0 RCX: 00007ff8fdf8eba9 [ 239.993303][ T8226] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000006 [ 239.993311][ T8226] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 239.993320][ T8226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.993327][ T8226] R13: 00007ff8fe1d6038 R14: 00007ff8fe1d5fa0 R15: 00007ffdc2195fb8 [ 239.993346][ T8226] [ 241.114306][ T8244] ubi: mtd0 is already attached to ubi0 [ 242.180342][ T7887] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 242.180364][ T7887] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 242.195483][ T7887] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 242.195535][ T7887] Bluetooth: hci2: Malformed LE Event: 0x0d [ 242.300325][ T8252] ima: policy update failed [ 242.357580][ T30] audit: type=1802 audit(1757805138.001:10): pid=8252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.477" res=0 errno=0 [ 244.071559][ T8274] Invalid ELF header magic: != ELF [ 245.636384][ T8304] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffffffff00000000 pfn:0x78001 [ 245.684580][ T8304] memcg:ffff88814c76ad82 [ 245.688829][ T8304] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 245.743423][ T8304] page_type: f2(table) [ 245.747496][ T8304] raw: 00fff00000000000 0000000000000000 0000000000000000 0000000000000000 [ 245.852032][ T8304] raw: ffffffff00000000 ffff888075b51c60 00000001f2000000 ffff88814c76ad82 [ 245.959309][ T8304] page dumped because: unmovable page [ 245.998343][ T8304] page_owner tracks the page as allocated [ 246.082403][ T8304] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 7663, tgid 7663 (syz.0.349), ts 202999254317, free_ts 193442621666 [ 246.293634][ T8304] post_alloc_hook+0x1c0/0x230 [ 246.372298][ T8304] get_page_from_freelist+0x132b/0x38e0 [ 246.456011][ T8304] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 246.541701][ T8304] alloc_pages_mpol+0x1fb/0x550 [ 246.574805][ T8304] alloc_pages_noprof+0x131/0x390 [ 246.619381][ T8304] __pmd_alloc+0x3b/0x930 [ 246.661285][ T8304] __handle_mm_fault+0xa06/0x2a50 [ 246.689750][ T8308] netlink: 4 bytes leftover after parsing attributes in process `syz.3.488'. [ 246.723747][ T8304] handle_mm_fault+0x589/0xd10 [ 246.800294][ T8304] do_user_addr_fault+0x60c/0x1370 [ 246.873589][ T8304] exc_page_fault+0x5c/0xb0 [ 246.927703][ T8304] asm_exc_page_fault+0x26/0x30 [ 246.965672][ T8304] page last free pid 7484 tgid 7484 stack trace: [ 247.016542][ T8314] syz.3.488 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 247.087114][ T8304] __free_frozen_pages+0x7d5/0x10f0 [ 247.092326][ T8304] vfree+0x1fd/0xb50 [ 247.146676][ T8304] snd_dma_free_pages+0x51/0x70 [ 247.182632][ T8304] snd_pcm_lib_free_pages+0x172/0x390 [ 247.229486][ T8304] snd_pcm_release_substream.part.0+0x2a8/0x340 [ 247.229545][ T8304] snd_pcm_release_substream+0x5b/0x70 [ 247.229564][ T8304] snd_pcm_oss_release+0x16f/0x310 [ 247.229582][ T8304] __fput+0x402/0xb70 [ 247.229601][ T8304] task_work_run+0x14d/0x240 [ 247.229614][ T8304] do_exit+0x86f/0x2bf0 [ 247.229633][ T8304] do_group_exit+0xd3/0x2a0 [ 247.229652][ T8304] __x64_sys_exit_group+0x3e/0x50 [ 247.229673][ T8304] x64_sys_call+0x14fa/0x1720 [ 247.229690][ T8304] do_syscall_64+0xcd/0x4c0 [ 247.229711][ T8304] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.299312][ T8323] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 247.722110][ T8341] __vm_enough_memory: pid: 8341, comm: syz.2.502, bytes: 4398046511104 not enough memory for the allocation [ 249.039786][ T8354] netlink: 4 bytes leftover after parsing attributes in process `syz.4.497'. [ 249.407848][ T8357] FAULT_INJECTION: forcing a failure. [ 249.407848][ T8357] name failslab, interval 1, probability 0, space 0, times 0 [ 249.480202][ T8357] CPU: 0 UID: 0 PID: 8357 Comm: syz.4.498 Not tainted syzkaller #0 PREEMPT(full) [ 249.480226][ T8357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 249.480246][ T8357] Call Trace: [ 249.480254][ T8357] [ 249.480260][ T8357] dump_stack_lvl+0x16c/0x1f0 [ 249.480286][ T8357] should_fail_ex+0x512/0x640 [ 249.480309][ T8357] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 249.480331][ T8357] should_failslab+0xc2/0x120 [ 249.480350][ T8357] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 249.480369][ T8357] ? __ip_vs_sctp_init+0x37/0x80 [ 249.480389][ T8357] kmemdup_noprof+0x29/0x60 [ 249.480406][ T8357] ? __pfx___ip_vs_sctp_init+0x10/0x10 [ 249.480422][ T8357] __ip_vs_sctp_init+0x37/0x80 [ 249.480440][ T8357] ip_vs_protocol_net_init+0x191/0x300 [ 249.480457][ T8357] __ip_vs_init+0x239/0x520 [ 249.480476][ T8357] ? __pfx___ip_vs_init+0x10/0x10 [ 249.480493][ T8357] ops_init+0x1e2/0x5f0 [ 249.480517][ T8357] setup_net+0x10f/0x380 [ 249.480528][ T8357] ? lockdep_init_map_type+0x5c/0x280 [ 249.480548][ T8357] ? __pfx_setup_net+0x10/0x10 [ 249.480571][ T8357] ? debug_mutex_init+0x37/0x70 [ 249.480587][ T8357] copy_net_ns+0x2a6/0x5f0 [ 249.480603][ T8357] create_new_namespaces+0x3ea/0xa90 [ 249.480624][ T8357] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 249.480645][ T8357] ksys_unshare+0x45b/0xa40 [ 249.480665][ T8357] ? __pfx_ksys_unshare+0x10/0x10 [ 249.480685][ T8357] ? xfd_validate_state+0x61/0x180 [ 249.480712][ T8357] __x64_sys_unshare+0x31/0x40 [ 249.480739][ T8357] do_syscall_64+0xcd/0x4c0 [ 249.480763][ T8357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.480779][ T8357] RIP: 0033:0x7f94f0d8eba9 [ 249.480791][ T8357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 249.480805][ T8357] RSP: 002b:00007f94f1b55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 249.480819][ T8357] RAX: ffffffffffffffda RBX: 00007f94f0fd5fa0 RCX: 00007f94f0d8eba9 [ 249.480828][ T8357] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 249.480836][ T8357] RBP: 00007f94f0e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 249.480845][ T8357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 249.480854][ T8357] R13: 00007f94f0fd6038 R14: 00007f94f0fd5fa0 R15: 00007ffdb9b50498 [ 249.480873][ T8357] [ 249.711566][ C0] vkms_vblank_simulate: vblank timer overrun [ 250.899460][ T8371] random: crng reseeded on system resumption [ 254.233751][ T8419] FAULT_INJECTION: forcing a failure. [ 254.233751][ T8419] name failslab, interval 1, probability 0, space 0, times 0 [ 254.317312][ T8419] CPU: 0 UID: 0 PID: 8419 Comm: syz.3.513 Not tainted syzkaller #0 PREEMPT(full) [ 254.317333][ T8419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 254.317342][ T8419] Call Trace: [ 254.317347][ T8419] [ 254.317353][ T8419] dump_stack_lvl+0x16c/0x1f0 [ 254.317378][ T8419] should_fail_ex+0x512/0x640 [ 254.317401][ T8419] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 254.317418][ T8419] should_failslab+0xc2/0x120 [ 254.317438][ T8419] __kmalloc_cache_noprof+0x6a/0x3e0 [ 254.317453][ T8419] ? ip_vs_stats_alloc+0x3c/0xa0 [ 254.317472][ T8419] ip_vs_stats_alloc+0x3c/0xa0 [ 254.317488][ T8419] ip_vs_est_add_kthread+0x687/0x850 [ 254.317513][ T8419] ip_vs_start_estimator+0x250/0x430 [ 254.317539][ T8419] ip_vs_control_net_init+0x158c/0x1d20 [ 254.317560][ T8419] __ip_vs_init+0x217/0x520 [ 254.317579][ T8419] ? __pfx___ip_vs_init+0x10/0x10 [ 254.317596][ T8419] ops_init+0x1e2/0x5f0 [ 254.317620][ T8419] setup_net+0x10f/0x380 [ 254.317630][ T8419] ? lockdep_init_map_type+0x5c/0x280 [ 254.317651][ T8419] ? __pfx_setup_net+0x10/0x10 [ 254.317673][ T8419] ? debug_mutex_init+0x37/0x70 [ 254.317689][ T8419] copy_net_ns+0x2a6/0x5f0 [ 254.317705][ T8419] create_new_namespaces+0x3ea/0xa90 [ 254.317726][ T8419] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 254.317743][ T8419] ksys_unshare+0x45b/0xa40 [ 254.317763][ T8419] ? __pfx_ksys_unshare+0x10/0x10 [ 254.317783][ T8419] ? xfd_validate_state+0x61/0x180 [ 254.317809][ T8419] __x64_sys_unshare+0x31/0x40 [ 254.317828][ T8419] do_syscall_64+0xcd/0x4c0 [ 254.317851][ T8419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.317864][ T8419] RIP: 0033:0x7fe39918eba9 [ 254.317877][ T8419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 254.317891][ T8419] RSP: 002b:00007fe399ffc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 254.317906][ T8419] RAX: ffffffffffffffda RBX: 00007fe3993d5fa0 RCX: 00007fe39918eba9 [ 254.317915][ T8419] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 254.317924][ T8419] RBP: 00007fe399211e19 R08: 0000000000000000 R09: 0000000000000000 [ 254.317932][ T8419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 254.317940][ T8419] R13: 00007fe3993d6038 R14: 00007fe3993d5fa0 R15: 00007ffef7d6f968 [ 254.317958][ T8419] [ 254.554466][ C0] vkms_vblank_simulate: vblank timer overrun [ 254.994132][ T8434] random: crng reseeded on system resumption [ 255.112779][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.122481][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.005569][ T8451] binder: 8448:8451 ioctl c018620c 0 returned -22 [ 259.502683][ T8478] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input14 [ 259.654687][ T8479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.524'. [ 260.753028][ T8499] netlink: 28 bytes leftover after parsing attributes in process `syz.1.531'. [ 260.851503][ T8499] veth0_macvtap: left promiscuous mode [ 260.904290][ T8499] macvtap0: entered promiscuous mode [ 260.909586][ T8499] macvtap0: entered allmulticast mode [ 263.060510][ T8533] vivid-007: ================= START STATUS ================= [ 263.133694][ T8533] vivid-007: Enable Output Cropping: true [ 263.182202][ T8533] vivid-007: Enable Output Composing: true [ 263.247227][ T8533] vivid-007: Enable Output Scaler: true [ 263.308697][ T8533] vivid-007: Tx RGB Quantization Range: Automatic [ 263.356793][ T8533] vivid-007: Transmit Mode: HDMI [ 263.394867][ T8533] vivid-007: Hotplug Present: 0x00000000 [ 263.422612][ T8533] vivid-007: RxSense Present: 0x00000000 [ 263.444345][ T8533] vivid-007: EDID Present: 0x00000000 [ 263.467359][ T8533] vivid-007: ================== END STATUS ================== [ 268.359505][ T8595] netlink: 8 bytes leftover after parsing attributes in process `syz.2.547'. [ 268.545906][ T7887] Bluetooth: hci2: unexpected event 0x16 length: 440 > 6 [ 268.768864][ T7676] Trying to write to read-only block-device sda1 [ 270.854945][ T8623] Invalid ELF header magic: != ELF [ 271.934651][ T8632] vivid-007: ================= START STATUS ================= [ 271.970039][ T8632] vivid-007: Enable Output Cropping: true [ 272.020449][ T8632] vivid-007: Enable Output Composing: true [ 272.071349][ T8632] vivid-007: Enable Output Scaler: true [ 272.123796][ T8632] vivid-007: Tx RGB Quantization Range: Automatic [ 272.130268][ T8632] vivid-007: Transmit Mode: HDMI [ 272.204780][ T8632] vivid-007: Hotplug Present: 0x00000000 [ 272.301245][ T8632] vivid-007: RxSense Present: 0x00000000 [ 272.306933][ T8632] vivid-007: EDID Present: 0x00000000 [ 272.369894][ T8632] vivid-007: ================== END STATUS ================== [ 272.407840][ T8641] netlink: 338 bytes leftover after parsing attributes in process `syz.2.557'. [ 272.618243][ T8642] netlink: 338 bytes leftover after parsing attributes in process `syz.2.557'. [ 272.659949][ T30] audit: type=1800 audit(1757805168.462:11): pid=8647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.565" name="features" dev="configfs" ino=49329 res=0 errno=0 [ 274.664065][ T8667] Console: switching to colour VGA+ 80x25 [ 276.267398][ T8667] Console: switching to colour frame buffer device 128x48 [ 278.068143][ T8676] netlink: 28 bytes leftover after parsing attributes in process `syz.4.564'. [ 282.842042][ T8721] vivid-003: ================= START STATUS ================= [ 282.884570][ T8721] vivid-003: Radio HW Seek Mode: Bounded [ 283.104580][ T8724] vivid-007: ================= START STATUS ================= [ 283.163527][ T8721] vivid-003: Radio Programmable HW Seek: false [ 283.169729][ T8721] vivid-003: RDS Rx I/O Mode: Block I/O [ 283.339377][ T8724] vivid-007: Generate PTS: true [ 283.437062][ T8724] vivid-007: Generate SCR: true [ 283.471349][ T8721] vivid-003: Generate RBDS Instead of RDS: false [ 283.528972][ T8724] tpg source WxH: 320x240 (Y'CbCr) [ 283.603001][ T8721] vivid-003: RDS Reception: true [ 283.808793][ T8724] tpg field: 1 [ 283.836187][ T8721] vivid-003: RDS Program Type: 0 inactive [ 283.932869][ T8724] tpg crop: (0,0)/320x240 [ 283.937249][ T8724] tpg compose: (0,0)/320x240 [ 283.986834][ T8721] vivid-003: RDS PS Name: inactive [ 284.029344][ T8724] tpg colorspace: 8 [ 284.040520][ T8721] vivid-003: RDS Radio Text: inactive [ 284.046027][ T8721] vivid-003: RDS Traffic Announcement: false inactive [ 284.107945][ T8724] tpg transfer function: 0/0 [ 284.128939][ T8724] tpg Y'CbCr encoding: 0/0 [ 284.148275][ T8724] tpg quantization: 0/0 [ 284.167652][ T8721] vivid-003: RDS Traffic Program: false inactive [ 284.399420][ T8724] tpg RGB range: 0/2 [ 284.403345][ T8724] vivid-007: ================== END STATUS ================== [ 284.692641][ T8721] vivid-003: RDS Music: false inactive [ 284.881357][ T8721] vivid-003: ================== END STATUS ================== [ 286.850931][ T7676] Trying to write to read-only block-device sda [ 288.422311][ T8746] FAULT_INJECTION: forcing a failure. [ 288.422311][ T8746] name fail_futex, interval 1, probability 0, space 0, times 1 [ 289.109006][ T8746] CPU: 0 UID: 0 PID: 8746 Comm: syz.4.578 Not tainted syzkaller #0 PREEMPT(full) [ 289.109029][ T8746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 289.109038][ T8746] Call Trace: [ 289.109043][ T8746] [ 289.109049][ T8746] dump_stack_lvl+0x16c/0x1f0 [ 289.109073][ T8746] should_fail_ex+0x512/0x640 [ 289.109097][ T8746] get_futex_key+0x1d0/0x1560 [ 289.109117][ T8746] ? __pfx_get_futex_key+0x10/0x10 [ 289.109136][ T8746] ? do_raw_spin_lock+0x12c/0x2b0 [ 289.109161][ T8746] futex_wake+0xea/0x530 [ 289.109181][ T8746] ? find_held_lock+0x2b/0x80 [ 289.109196][ T8746] ? __pfx_futex_wake+0x10/0x10 [ 289.109214][ T8746] ? rcu_is_watching+0x12/0xc0 [ 289.109229][ T8746] ? lockdep_hardirqs_on+0x7c/0x110 [ 289.109250][ T8746] ? posix_timer_unhash_and_free+0x375/0x400 [ 289.109269][ T8746] ? posix_cpu_timer_create+0x257/0x4a0 [ 289.109287][ T8746] do_futex+0x1e3/0x350 [ 289.109305][ T8746] ? __pfx_do_futex+0x10/0x10 [ 289.109328][ T8746] __x64_sys_futex+0x1e0/0x4c0 [ 289.109346][ T8746] ? __pfx___x64_sys_timer_create+0x10/0x10 [ 289.109367][ T8746] ? __pfx___x64_sys_futex+0x10/0x10 [ 289.109385][ T8746] ? xfd_validate_state+0x61/0x180 [ 289.109405][ T8746] ? __task_pid_nr_ns+0x17c/0x500 [ 289.109430][ T8746] do_syscall_64+0xcd/0x4c0 [ 289.109452][ T8746] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.109466][ T8746] RIP: 0033:0x7f94f0d8eba9 [ 289.109478][ T8746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 289.109492][ T8746] RSP: 002b:00007f94f1b340e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 289.109505][ T8746] RAX: ffffffffffffffda RBX: 00007f94f0fd6098 RCX: 00007f94f0d8eba9 [ 289.109515][ T8746] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f94f0fd609c [ 289.109523][ T8746] RBP: 00007f94f0fd6090 R08: 00007f94f1b56000 R09: 0000000000000000 [ 289.109532][ T8746] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 289.109540][ T8746] R13: 00007f94f0fd6128 R14: 00007ffdb9b503b0 R15: 00007ffdb9b50498 [ 289.109559][ T8746] [ 289.315643][ C0] vkms_vblank_simulate: vblank timer overrun [ 292.227191][ T8772] netlink: 4 bytes leftover after parsing attributes in process `syz.3.583'. [ 292.593658][ T8777] netlink: 354 bytes leftover after parsing attributes in process `syz.3.583'. [ 295.217617][ T8780] FAULT_INJECTION: forcing a failure. [ 295.217617][ T8780] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 295.328784][ T8780] CPU: 0 UID: 0 PID: 8780 Comm: syz.2.585 Not tainted syzkaller #0 PREEMPT(full) [ 295.328807][ T8780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 295.328816][ T8780] Call Trace: [ 295.328822][ T8780] [ 295.328828][ T8780] dump_stack_lvl+0x16c/0x1f0 [ 295.328855][ T8780] should_fail_ex+0x512/0x640 [ 295.328881][ T8780] should_fail_alloc_page+0xe7/0x130 [ 295.328902][ T8780] prepare_alloc_pages+0x3c2/0x610 [ 295.328927][ T8780] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 295.328951][ T8780] ? stack_trace_save+0x8e/0xc0 [ 295.328968][ T8780] ? __pfx_stack_trace_save+0x10/0x10 [ 295.328985][ T8780] ? stack_depot_save_flags+0x29/0x9c0 [ 295.329012][ T8780] ? kasan_save_stack+0x42/0x60 [ 295.329027][ T8780] ? kasan_save_stack+0x33/0x60 [ 295.329042][ T8780] ? kasan_save_track+0x14/0x30 [ 295.329059][ T8780] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 295.329076][ T8780] ? walk_pgd_range+0x88b/0x1f50 [ 295.329092][ T8780] ? walk_page_range_mm+0x461/0xb40 [ 295.329109][ T8780] ? madvise_walk_vmas+0x31f/0x9c0 [ 295.329127][ T8780] ? madvise_do_behavior+0x1e2/0x530 [ 295.329146][ T8780] ? do_madvise+0x176/0x240 [ 295.329164][ T8780] ? __x64_sys_madvise+0xa9/0x110 [ 295.329182][ T8780] ? do_syscall_64+0xcd/0x4c0 [ 295.329202][ T8780] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.329224][ T8780] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 295.329246][ T8780] ? policy_nodemask+0xea/0x4e0 [ 295.329266][ T8780] alloc_pages_mpol+0x1fb/0x550 [ 295.329285][ T8780] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 295.329309][ T8780] alloc_pages_noprof+0x131/0x390 [ 295.329328][ T8780] pte_alloc_one+0x1c/0x3a0 [ 295.329343][ T8780] __pte_alloc+0x6d/0x3c0 [ 295.329362][ T8780] ? __pfx___pte_alloc+0x10/0x10 [ 295.329381][ T8780] ? _raw_spin_unlock+0x28/0x50 [ 295.329399][ T8780] ? __pmd_alloc+0x3fb/0x930 [ 295.329421][ T8780] walk_pgd_range+0xb84/0x1f50 [ 295.329440][ T8780] ? __pfx_guard_install_set_pte+0x10/0x10 [ 295.329462][ T8780] ? __pfx_guard_install_pte_entry+0x10/0x10 [ 295.329482][ T8780] ? __pfx_guard_install_set_pte+0x10/0x10 [ 295.329503][ T8780] ? __pfx_guard_install_set_pte+0x10/0x10 [ 295.329522][ T8780] ? __pfx_guard_install_set_pte+0x10/0x10 [ 295.329541][ T8780] ? __pfx_walk_pgd_range+0x10/0x10 [ 295.329564][ T8780] __walk_page_range+0x163/0x820 [ 295.329583][ T8780] ? find_vma+0xbf/0x140 [ 295.329602][ T8780] ? __pfx_find_vma+0x10/0x10 [ 295.329622][ T8780] ? walk_page_test+0x9b/0x180 [ 295.329639][ T8780] walk_page_range_mm+0x461/0xb40 [ 295.329660][ T8780] ? __pfx_walk_page_range_mm+0x10/0x10 [ 295.329682][ T8780] ? __anon_vma_prepare+0x2e2/0x5e0 [ 295.329700][ T8780] madvise_vma_behavior+0xa62/0x2d60 [ 295.329722][ T8780] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 295.329743][ T8780] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 295.329765][ T8780] ? __pfx_mas_prev+0x10/0x10 [ 295.329789][ T8780] ? find_vma_prev+0xda/0x160 [ 295.329808][ T8780] ? find_held_lock+0x2b/0x80 [ 295.329822][ T8780] ? __pfx_find_vma_prev+0x10/0x10 [ 295.329842][ T8780] ? futex_unqueue+0x133/0x2c0 [ 295.329864][ T8780] ? __futex_wait+0x24c/0x2f0 [ 295.329887][ T8780] madvise_walk_vmas+0x31f/0x9c0 [ 295.329910][ T8780] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 295.329941][ T8780] madvise_do_behavior+0x1e2/0x530 [ 295.329962][ T8780] ? futex_private_hash_put+0x18a/0x300 [ 295.329980][ T8780] ? __pfx_madvise_do_behavior+0x10/0x10 [ 295.330002][ T8780] ? down_read+0x13d/0x480 [ 295.330025][ T8780] do_madvise+0x176/0x240 [ 295.330045][ T8780] ? __pfx_do_madvise+0x10/0x10 [ 295.330064][ T8780] ? do_futex+0x122/0x350 [ 295.330094][ T8780] ? xfd_validate_state+0x61/0x180 [ 295.330114][ T8780] ? __pfx_ksys_write+0x10/0x10 [ 295.330134][ T8780] __x64_sys_madvise+0xa9/0x110 [ 295.330154][ T8780] ? lockdep_hardirqs_on+0x7c/0x110 [ 295.330174][ T8780] do_syscall_64+0xcd/0x4c0 [ 295.330197][ T8780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.330211][ T8780] RIP: 0033:0x7ff8fdf8eba9 [ 295.330223][ T8780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.330237][ T8780] RSP: 002b:00007ff8fed9a038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 295.330251][ T8780] RAX: ffffffffffffffda RBX: 00007ff8fe1d5fa0 RCX: 00007ff8fdf8eba9 [ 295.330261][ T8780] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 295.330270][ T8780] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 295.330278][ T8780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.330286][ T8780] R13: 00007ff8fe1d6038 R14: 00007ff8fe1d5fa0 R15: 00007ffdc2195fb8 [ 295.330305][ T8780] [ 296.582170][ T8789] netlink: 'syz.4.587': attribute type 1 has an invalid length. [ 296.642676][ T8789] netlink: 93 bytes leftover after parsing attributes in process `syz.4.587'. [ 296.787361][ T30] audit: type=1800 audit(1757805192.710:12): pid=8794 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.585" name="features" dev="configfs" ino=50176 res=0 errno=0 [ 297.110739][ T7887] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 297.221978][ T8803] netlink: 28 bytes leftover after parsing attributes in process `syz.3.589'. [ 298.171246][ T8809] random: crng reseeded on system resumption [ 298.324878][ T7639] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:0: iget: checksum invalid [ 298.394085][ T7672] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:5: iget: checksum invalid [ 298.407098][ T7639] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 298.467798][ T7672] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 298.505605][ T7639] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:0: iget: checksum invalid [ 298.583941][ T7639] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 298.594315][ T7672] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:5: iget: checksum invalid [ 298.682145][ T7672] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 298.694540][ T7639] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:0: iget: checksum invalid [ 298.760092][ T7639] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 298.769809][ T7672] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:5: iget: checksum invalid [ 298.849760][ T7672] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 298.860050][ T7639] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:0: iget: checksum invalid [ 298.948768][ T7639] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 298.963289][ T7672] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:5: iget: checksum invalid [ 299.006288][ T7639] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 299.027593][ T7672] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 299.078380][ T7639] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 299.099483][ T7672] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 299.139399][ T7672] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 299.190816][ T7660] Bluetooth: hci0: command 0x0406 tx timeout [ 309.457349][ T8837] FAULT_INJECTION: forcing a failure. [ 309.457349][ T8837] name failslab, interval 1, probability 0, space 0, times 0 [ 309.517830][ T8837] CPU: 0 UID: 0 PID: 8837 Comm: syz.3.594 Not tainted syzkaller #0 PREEMPT(full) [ 309.517853][ T8837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 309.517861][ T8837] Call Trace: [ 309.517868][ T8837] [ 309.517874][ T8837] dump_stack_lvl+0x16c/0x1f0 [ 309.517901][ T8837] should_fail_ex+0x512/0x640 [ 309.517925][ T8837] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 309.517943][ T8837] should_failslab+0xc2/0x120 [ 309.517962][ T8837] __kmalloc_cache_noprof+0x6a/0x3e0 [ 309.517977][ T8837] ? drm_atomic_helper_check+0x10f/0x190 [ 309.517991][ T8837] ? drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 309.518010][ T8837] drm_atomic_helper_setup_commit+0x63a/0x15d0 [ 309.518035][ T8837] drm_atomic_helper_commit+0xa9/0x380 [ 309.518052][ T8837] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 309.518069][ T8837] drm_atomic_commit+0x231/0x300 [ 309.518086][ T8837] ? __pfx_drm_atomic_commit+0x10/0x10 [ 309.518102][ T8837] ? __pfx___drm_printfn_info+0x10/0x10 [ 309.518126][ T8837] ? drm_client_rotation+0x4da/0x6a0 [ 309.518145][ T8837] drm_client_modeset_commit_atomic+0x69d/0x7e0 [ 309.518169][ T8837] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 309.518187][ T8837] ? rcu_is_watching+0x12/0xc0 [ 309.518221][ T8837] drm_client_modeset_commit_locked+0x14d/0x580 [ 309.518242][ T8837] drm_client_modeset_commit+0x4f/0x80 [ 309.518260][ T8837] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 309.518278][ T8837] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 309.518300][ T8837] drm_fbdev_client_restore+0x2c/0x40 [ 309.518321][ T8837] drm_client_dev_restore+0x1f3/0x2a0 [ 309.518342][ T8837] drm_release+0x2c4/0x360 [ 309.518359][ T8837] ? __pfx_drm_release+0x10/0x10 [ 309.518373][ T8837] __fput+0x402/0xb70 [ 309.518399][ T8837] task_work_run+0x14d/0x240 [ 309.518412][ T8837] ? __pfx_task_work_run+0x10/0x10 [ 309.518434][ T8837] ? __pfx___do_sys_close_range+0x10/0x10 [ 309.518464][ T8837] exit_to_user_mode_loop+0xeb/0x110 [ 309.518488][ T8837] do_syscall_64+0x41c/0x4c0 [ 309.518513][ T8837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.518527][ T8837] RIP: 0033:0x7fe39918eba9 [ 309.518540][ T8837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.518554][ T8837] RSP: 002b:00007fe399ffc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 309.518568][ T8837] RAX: 0000000000000000 RBX: 00007fe3993d5fa0 RCX: 00007fe39918eba9 [ 309.518578][ T8837] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 309.518586][ T8837] RBP: 00007fe399211e19 R08: 0000000000000000 R09: 0000000000000000 [ 309.518595][ T8837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 309.518604][ T8837] R13: 00007fe3993d6038 R14: 00007fe3993d5fa0 R15: 00007ffef7d6f968 [ 309.518624][ T8837] [ 312.841505][ T8889] net_ratelimit: 62 callbacks suppressed [ 312.841520][ T8889] netlink: zone id is out of range [ 312.859369][ T8890] Invalid ELF header magic: != ELF [ 312.899720][ T8889] netlink: zone id is out of range [ 312.921050][ T8889] netlink: zone id is out of range [ 312.971718][ T8889] netlink: zone id is out of range [ 313.001860][ T8889] netlink: zone id is out of range [ 313.020776][ T8889] netlink: zone id is out of range [ 313.055245][ T8889] netlink: zone id is out of range [ 313.085780][ T8889] netlink: zone id is out of range [ 313.108840][ T8889] netlink: zone id is out of range [ 313.137649][ T8889] netlink: zone id is out of range [ 313.609808][ T8899] Invalid ELF header magic: != ELF [ 313.911288][ T8905] FAULT_INJECTION: forcing a failure. [ 313.911288][ T8905] name failslab, interval 1, probability 0, space 0, times 0 [ 313.995883][ T8906] netlink: 326 bytes leftover after parsing attributes in process `syz.3.609'. [ 314.045593][ T8905] CPU: 0 UID: 0 PID: 8905 Comm: syz.3.609 Not tainted syzkaller #0 PREEMPT(full) [ 314.045616][ T8905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 314.045626][ T8905] Call Trace: [ 314.045632][ T8905] [ 314.045638][ T8905] dump_stack_lvl+0x16c/0x1f0 [ 314.045664][ T8905] should_fail_ex+0x512/0x640 [ 314.045687][ T8905] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 314.045707][ T8905] should_failslab+0xc2/0x120 [ 314.045726][ T8905] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 314.045743][ T8905] ? __memcg_slab_post_alloc_hook+0x4a0/0x960 [ 314.045762][ T8905] ? ep_ptable_queue_proc+0x5b/0x280 [ 314.045778][ T8905] ep_ptable_queue_proc+0x5b/0x280 [ 314.045793][ T8905] pipe_poll+0x239/0x660 [ 314.045809][ T8905] ? __pfx_ep_ptable_queue_proc+0x10/0x10 [ 314.045823][ T8905] ? __pfx_pipe_poll+0x10/0x10 [ 314.045839][ T8905] ep_item_poll+0x141/0x1f0 [ 314.045855][ T8905] do_epoll_ctl+0x1fae/0x3790 [ 314.045878][ T8905] ? __pfx_do_epoll_ctl+0x10/0x10 [ 314.045892][ T8905] ? find_held_lock+0x2b/0x80 [ 314.045906][ T8905] ? __might_fault+0xe3/0x190 [ 314.045921][ T8905] ? __might_fault+0xe3/0x190 [ 314.045935][ T8905] ? __pfx_ep_ptable_queue_proc+0x10/0x10 [ 314.045956][ T8905] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 314.045971][ T8905] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 314.045987][ T8905] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 314.046016][ T8905] do_syscall_64+0xcd/0x4c0 [ 314.046040][ T8905] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.046056][ T8905] RIP: 0033:0x7fe39918eba9 [ 314.046068][ T8905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 314.046082][ T8905] RSP: 002b:00007fe399ffc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 314.046096][ T8905] RAX: ffffffffffffffda RBX: 00007fe3993d5fa0 RCX: 00007fe39918eba9 [ 314.046105][ T8905] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000006 [ 314.046114][ T8905] RBP: 00007fe399211e19 R08: 0000000000000000 R09: 0000000000000000 [ 314.046123][ T8905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 314.046131][ T8905] R13: 00007fe3993d6038 R14: 00007fe3993d5fa0 R15: 00007ffef7d6f968 [ 314.046150][ T8905] [ 314.892814][ T30] audit: type=1800 audit(1757805210.927:13): pid=8912 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.611" name="dbroot" dev="configfs" ino=50698 res=0 errno=0 [ 316.186385][ T8936] netlink: 'syz.1.616': attribute type 5 has an invalid length. [ 316.223100][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.230611][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 320.311369][ T8999] netlink: 4 bytes leftover after parsing attributes in process `syz.1.627'. [ 321.255233][ T9028] netlink: 4 bytes leftover after parsing attributes in process `syz.1.633'. [ 322.050304][ T9041] FAULT_INJECTION: forcing a failure. [ 322.050304][ T9041] name failslab, interval 1, probability 0, space 0, times 0 [ 322.117083][ T9041] CPU: 0 UID: 0 PID: 9041 Comm: syz.4.635 Not tainted syzkaller #0 PREEMPT(full) [ 322.117103][ T9041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 322.117112][ T9041] Call Trace: [ 322.117118][ T9041] [ 322.117123][ T9041] dump_stack_lvl+0x16c/0x1f0 [ 322.117149][ T9041] should_fail_ex+0x512/0x640 [ 322.117179][ T9041] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 322.117200][ T9041] should_failslab+0xc2/0x120 [ 322.117219][ T9041] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 322.117237][ T9041] ? sock_alloc_inode+0x25/0x1c0 [ 322.117254][ T9041] ? __pfx_sock_alloc_inode+0x10/0x10 [ 322.117267][ T9041] sock_alloc_inode+0x25/0x1c0 [ 322.117281][ T9041] alloc_inode+0x64/0x240 [ 322.117301][ T9041] sock_alloc+0x40/0x280 [ 322.117314][ T9041] __sock_create+0xc1/0x8d0 [ 322.117331][ T9041] ? _raw_write_unlock+0x28/0x50 [ 322.117352][ T9041] inet_ctl_sock_create+0x94/0x230 [ 322.117369][ T9041] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 322.117386][ T9041] ? proc_create_net_data+0x155/0x1c0 [ 322.117410][ T9041] ndisc_net_init+0x89/0x250 [ 322.117429][ T9041] ? __pfx_ndisc_net_init+0x10/0x10 [ 322.117448][ T9041] ? __pfx_ip6mr_net_init+0x10/0x10 [ 322.117470][ T9041] ? ip6mr_net_init+0x2d8/0x4e0 [ 322.117492][ T9041] ? __pfx_ndisc_net_init+0x10/0x10 [ 322.117510][ T9041] ops_init+0x1e2/0x5f0 [ 322.117533][ T9041] setup_net+0x10f/0x380 [ 322.117544][ T9041] ? lockdep_init_map_type+0x5c/0x280 [ 322.117564][ T9041] ? __pfx_setup_net+0x10/0x10 [ 322.117586][ T9041] ? debug_mutex_init+0x37/0x70 [ 322.117602][ T9041] copy_net_ns+0x2a6/0x5f0 [ 322.117618][ T9041] create_new_namespaces+0x3ea/0xa90 [ 322.117639][ T9041] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 322.117657][ T9041] ksys_unshare+0x45b/0xa40 [ 322.117679][ T9041] ? __pfx_ksys_unshare+0x10/0x10 [ 322.117699][ T9041] ? xfd_validate_state+0x61/0x180 [ 322.117727][ T9041] __x64_sys_unshare+0x31/0x40 [ 322.117747][ T9041] do_syscall_64+0xcd/0x4c0 [ 322.117770][ T9041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.117784][ T9041] RIP: 0033:0x7f94f0d8eba9 [ 322.117796][ T9041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.117810][ T9041] RSP: 002b:00007f94f1b55038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 322.117824][ T9041] RAX: ffffffffffffffda RBX: 00007f94f0fd5fa0 RCX: 00007f94f0d8eba9 [ 322.117834][ T9041] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 322.117842][ T9041] RBP: 00007f94f0e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 322.117851][ T9041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.117860][ T9041] R13: 00007f94f0fd6038 R14: 00007f94f0fd5fa0 R15: 00007ffdb9b50498 [ 322.117878][ T9041] [ 322.117902][ T9041] net_ratelimit: 19 callbacks suppressed [ 322.117910][ T9041] socket: no more sockets [ 323.270999][ T9041] ICMPv6: NDISC: Failed to initialize the control socket (err -23) [ 323.651606][ T9060] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 325.045658][ T9079] ima: policy update failed [ 325.077258][ T30] audit: type=1802 audit(1757805221.161:14): pid=9079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.643" res=0 errno=0 [ 325.102918][ T9079] netlink: 25 bytes leftover after parsing attributes in process `syz.2.643'. [ 326.114850][ T9095] zram: Removed device: zram0 [ 327.209553][ T9125] netlink: 146 bytes leftover after parsing attributes in process `syz.1.652'. [ 328.118457][ T9125] netlink: 186 bytes leftover after parsing attributes in process `syz.1.652'. [ 328.146600][ T9148] netlink: 8 bytes leftover after parsing attributes in process `syz.4.654'. [ 328.189361][ T9125] netlink: 146 bytes leftover after parsing attributes in process `syz.1.652'. [ 330.160532][ T9184] mkiss: ax0: crc mode is auto. [ 330.447904][ T9193] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input16 [ 330.588608][ T9197] Process accounting resumed [ 330.677695][ T9196] netlink: 28 bytes leftover after parsing attributes in process `syz.1.660'. [ 330.826972][ T9196] ipvlan0: entered promiscuous mode [ 330.901422][ T9196] ipvlan0: entered allmulticast mode [ 330.906720][ T9196] veth0_vlan: entered allmulticast mode [ 331.577416][ T9208] netlink: 12 bytes leftover after parsing attributes in process `syz.3.663'. [ 331.621106][ T9210] netlink: 'syz.1.664': attribute type 28 has an invalid length. [ 331.681653][ T9210] netlink: 334 bytes leftover after parsing attributes in process `syz.1.664'. [ 332.374515][ T9226] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 333.136556][ T7660] Bluetooth: hci1: unexpected event 0x0f length: 440 > 4 [ 333.304104][ T30] audit: type=1800 audit(1757805229.434:15): pid=9208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.663" name="dbroot" dev="configfs" ino=52092 res=0 errno=0 [ 333.897938][ T9245] netlink: 'syz.2.670': attribute type 1 has an invalid length. [ 334.262285][ T9253] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 335.018297][ T9267] random: crng reseeded on system resumption [ 335.084856][ T7672] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:5: iget: checksum invalid [ 335.142687][ T7672] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 335.166511][ T7639] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:0: iget: checksum invalid [ 335.221911][ T7639] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 335.233400][ T7672] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:5: iget: checksum invalid [ 335.292962][ T9273] FAULT_INJECTION: forcing a failure. [ 335.292962][ T9273] name failslab, interval 1, probability 0, space 0, times 0 [ 335.308073][ T7672] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 335.318207][ T7639] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:0: iget: checksum invalid [ 335.363482][ T7639] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 335.373463][ T7672] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:5: iget: checksum invalid [ 335.409116][ T9273] CPU: 0 UID: 0 PID: 9273 Comm: syz.3.677 Not tainted syzkaller #0 PREEMPT(full) [ 335.409136][ T9273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 335.409145][ T9273] Call Trace: [ 335.409151][ T9273] [ 335.409156][ T9273] dump_stack_lvl+0x16c/0x1f0 [ 335.409183][ T9273] should_fail_ex+0x512/0x640 [ 335.409206][ T9273] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 335.409225][ T9273] should_failslab+0xc2/0x120 [ 335.409245][ T9273] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 335.409260][ T9273] ? __proc_create+0xc3/0x8e0 [ 335.409281][ T9273] ? __proc_create+0x2ce/0x8e0 [ 335.409302][ T9273] __proc_create+0x2ce/0x8e0 [ 335.409323][ T9273] ? __pfx___proc_create+0x10/0x10 [ 335.409346][ T9273] ? _raw_write_unlock+0x28/0x50 [ 335.409365][ T9273] ? proc_register+0x559/0x8b0 [ 335.409387][ T9273] proc_create_reg+0x7d/0x180 [ 335.409408][ T9273] ? __pfx_sockstat6_seq_show+0x10/0x10 [ 335.409428][ T9273] proc_create_net_single+0x86/0x180 [ 335.409449][ T9273] ? __pfx_proc_create_net_single+0x10/0x10 [ 335.409471][ T9273] ? __pfx_ndisc_net_init+0x10/0x10 [ 335.409492][ T9273] ? __pfx_ipv6_proc_init_net+0x10/0x10 [ 335.409510][ T9273] ipv6_proc_init_net+0x56/0x1e0 [ 335.409529][ T9273] ops_init+0x1e2/0x5f0 [ 335.409553][ T9273] setup_net+0x10f/0x380 [ 335.409564][ T9273] ? lockdep_init_map_type+0x5c/0x280 [ 335.409584][ T9273] ? __pfx_setup_net+0x10/0x10 [ 335.409608][ T9273] ? debug_mutex_init+0x37/0x70 [ 335.409624][ T9273] copy_net_ns+0x2a6/0x5f0 [ 335.409640][ T9273] create_new_namespaces+0x3ea/0xa90 [ 335.409662][ T9273] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 335.409680][ T9273] ksys_unshare+0x45b/0xa40 [ 335.409700][ T9273] ? __pfx_ksys_unshare+0x10/0x10 [ 335.409719][ T9273] ? xfd_validate_state+0x61/0x180 [ 335.409745][ T9273] __x64_sys_unshare+0x31/0x40 [ 335.409771][ T9273] do_syscall_64+0xcd/0x4c0 [ 335.409795][ T9273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 335.409809][ T9273] RIP: 0033:0x7fe39918eba9 [ 335.409821][ T9273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 335.409835][ T9273] RSP: 002b:00007fe399ffc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 335.409850][ T9273] RAX: ffffffffffffffda RBX: 00007fe3993d5fa0 RCX: 00007fe39918eba9 [ 335.409859][ T9273] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 335.409868][ T9273] RBP: 00007fe399211e19 R08: 0000000000000000 R09: 0000000000000000 [ 335.409876][ T9273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.409885][ T9273] R13: 00007fe3993d6038 R14: 00007fe3993d5fa0 R15: 00007ffef7d6f968 [ 335.409904][ T9273] [ 335.982212][ T7672] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 336.002159][ T7672] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:5: iget: checksum invalid [ 336.022026][ T7672] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 336.041260][ T7672] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 336.061424][ T7672] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 336.100520][ T7639] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:0: iget: checksum invalid [ 336.141523][ T7639] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 336.171332][ T7639] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:0: iget: checksum invalid [ 336.202789][ T7639] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 336.211594][ T7639] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 336.220609][ T7639] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 337.148717][ T7660] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 337.157237][ T7660] Bluetooth: hci1: Injecting HCI hardware error event [ 337.164992][ T7887] Bluetooth: hci1: hardware error 0x00 [ 339.215622][ T7887] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 343.760611][ T7660] Bluetooth: hci4: command 0x0406 tx timeout [ 347.048890][ T7660] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 347.087985][ T9285] netlink: set zone limit has 8 unknown bytes [ 349.024698][ T9316] FAULT_INJECTION: forcing a failure. [ 349.024698][ T9316] name failslab, interval 1, probability 0, space 0, times 0 [ 349.086282][ T7887] Bluetooth: hci4: command 0x0406 tx timeout [ 349.100989][ T9316] CPU: 0 UID: 0 PID: 9316 Comm: syz.4.685 Not tainted syzkaller #0 PREEMPT(full) [ 349.101009][ T9316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 349.101019][ T9316] Call Trace: [ 349.101024][ T9316] [ 349.101030][ T9316] dump_stack_lvl+0x16c/0x1f0 [ 349.101055][ T9316] should_fail_ex+0x512/0x640 [ 349.101078][ T9316] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 349.101097][ T9316] should_failslab+0xc2/0x120 [ 349.101117][ T9316] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 349.101134][ T9316] ? alloc_empty_file+0x55/0x1e0 [ 349.101157][ T9316] alloc_empty_file+0x55/0x1e0 [ 349.101178][ T9316] path_openat+0xda/0x2cb0 [ 349.101193][ T9316] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.101214][ T9316] ? __pfx_path_openat+0x10/0x10 [ 349.101235][ T9316] do_filp_open+0x20b/0x470 [ 349.101252][ T9316] ? __pfx_do_filp_open+0x10/0x10 [ 349.101281][ T9316] ? alloc_fd+0x471/0x7d0 [ 349.101301][ T9316] do_sys_openat2+0x11b/0x1d0 [ 349.101322][ T9316] ? __pfx_do_sys_openat2+0x10/0x10 [ 349.101349][ T9316] ? find_held_lock+0x2b/0x80 [ 349.101365][ T9316] ? handle_mm_fault+0x2ab/0xd10 [ 349.101384][ T9316] __x64_sys_openat+0x174/0x210 [ 349.101397][ T9316] ? __pfx___x64_sys_openat+0x10/0x10 [ 349.101411][ T9316] ? do_user_addr_fault+0x843/0x1370 [ 349.101438][ T9316] do_syscall_64+0xcd/0x4c0 [ 349.101460][ T9316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 349.101474][ T9316] RIP: 0033:0x7f94f0d8d510 [ 349.101486][ T9316] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 349.101499][ T9316] RSP: 002b:00007f94f1b54f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 349.101513][ T9316] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f94f0d8d510 [ 349.101522][ T9316] RDX: 0000000000000000 RSI: 00007f94f1b54fa0 RDI: 00000000ffffff9c [ 349.101530][ T9316] RBP: 00007f94f1b54fa0 R08: 0000000000000000 R09: 0000000000000000 [ 349.101538][ T9316] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 349.101547][ T9316] R13: 00007f94f0fd6038 R14: 00007f94f0fd5fa0 R15: 00007ffdb9b50498 [ 349.101565][ T9316] [ 350.035617][ T7644] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:2: iget: checksum invalid [ 350.077328][ T7644] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 350.088548][ T7650] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 350.138722][ T7650] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 350.157298][ T7644] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:2: iget: checksum invalid [ 350.250211][ T7644] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 350.267971][ T7650] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid syzkaller syzkaller login: [ 350.335334][ T7650] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 350.345312][ T7644] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:2: iget: checksum invalid [ 350.415425][ T7644] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 350.431071][ T7650] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 350.484737][ T7650] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 350.496784][ T7644] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:2: iget: checksum invalid [ 350.579363][ T7650] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:4: iget: checksum invalid [ 350.596655][ T7644] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 350.641664][ T7644] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 350.653558][ T7650] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 350.694222][ T7644] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 350.715557][ T7650] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 350.747504][ T9340] FAULT_INJECTION: forcing a failure. [ 350.747504][ T9340] name failslab, interval 1, probability 0, space 0, times 0 [ 350.785772][ T7650] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 350.818780][ T9340] CPU: 0 UID: 0 PID: 9340 Comm: syz.2.690 Not tainted syzkaller #0 PREEMPT(full) [ 350.818800][ T9340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 350.818808][ T9340] Call Trace: [ 350.818814][ T9340] [ 350.818819][ T9340] dump_stack_lvl+0x16c/0x1f0 [ 350.818846][ T9340] should_fail_ex+0x512/0x640 [ 350.818868][ T9340] ? current_time+0x11d/0x1a0 [ 350.818888][ T9340] should_failslab+0xc2/0x120 [ 350.818908][ T9340] __kmalloc_cache_noprof+0x6a/0x3e0 [ 350.818924][ T9340] ? nd_alloc_stack+0x85/0x110 [ 350.818949][ T9340] nd_alloc_stack+0x85/0x110 [ 350.818969][ T9340] step_into+0x1ac7/0x2270 [ 350.818988][ T9340] ? __pfx_step_into+0x10/0x10 [ 350.819004][ T9340] ? lookup_fast+0x156/0x610 [ 350.819021][ T9340] walk_component+0xfc/0x5b0 [ 350.819036][ T9340] link_path_walk+0x627/0xe20 [ 350.819057][ T9340] path_lookupat+0x15a/0x6d0 [ 350.819071][ T9340] ? __lock_acquire+0xb97/0x1ce0 [ 350.819093][ T9340] filename_lookup+0x224/0x5f0 [ 350.819110][ T9340] ? __pfx_filename_lookup+0x10/0x10 [ 350.819142][ T9340] ? getname_flags.part.0+0x1c5/0x550 [ 350.819176][ T9340] user_path_at+0x3a/0x60 [ 350.819193][ T9340] vfs_open_tree+0x2ca/0x910 [ 350.819212][ T9340] ? __pfx_vfs_open_tree+0x10/0x10 [ 350.819230][ T9340] ? xfd_validate_state+0x61/0x180 [ 350.819254][ T9340] __x64_sys_open_tree+0x84/0x130 [ 350.819274][ T9340] do_syscall_64+0xcd/0x4c0 [ 350.819296][ T9340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.819311][ T9340] RIP: 0033:0x7ff8fdf8eba9 [ 350.819323][ T9340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 350.819336][ T9340] RSP: 002b:00007ff8fed9a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac [ 350.819350][ T9340] RAX: ffffffffffffffda RBX: 00007ff8fe1d5fa0 RCX: 00007ff8fdf8eba9 [ 350.819360][ T9340] RDX: 0000000000000101 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 350.819368][ T9340] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 350.819376][ T9340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 350.819384][ T9340] R13: 00007ff8fe1d6038 R14: 00007ff8fe1d5fa0 R15: 00007ffdc2195fb8 [ 350.819402][ T9340] [ 352.390943][ T9360] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163fc29 (__mcheck_cpu_init_clear_banks+0x109/0x1f0) [ 352.406400][ T9360] Call Trace: [ 352.409671][ T9360] [ 352.412589][ T9360] mce_cpu_restart+0x98/0xb0 [ 352.417163][ T9360] ? __pfx_mce_cpu_restart+0x10/0x10 [ 352.422430][ T9360] smp_call_function_many_cond+0x122a/0x1600 [ 352.428396][ T9360] ? __pfx_mce_cpu_restart+0x10/0x10 [ 352.433661][ T9360] ? mark_held_locks+0x49/0x80 [ 352.438414][ T9360] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 352.444215][ T9360] ? lockdep_hardirqs_on+0x7c/0x110 [ 352.449405][ T9360] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 352.455199][ T9360] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 352.461511][ T9360] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 352.467485][ T9360] ? __pfx_mce_cpu_restart+0x10/0x10 [ 352.472751][ T9360] on_each_cpu_cond_mask+0x40/0x90 [ 352.477857][ T9360] set_bank+0x240/0x3a0 [ 352.482004][ T9360] ? __pfx_set_bank+0x10/0x10 [ 352.486688][ T9360] ? find_held_lock+0x2b/0x80 [ 352.491356][ T9360] ? __pfx_set_bank+0x10/0x10 [ 352.496021][ T9360] dev_attr_store+0x58/0x80 [ 352.500512][ T9360] ? __pfx_dev_attr_store+0x10/0x10 [ 352.505711][ T9360] sysfs_kf_write+0xf2/0x150 [ 352.510290][ T9360] kernfs_fop_write_iter+0x3af/0x570 [ 352.515569][ T9360] ? __pfx_sysfs_kf_write+0x10/0x10 [ 352.520753][ T9360] vfs_write+0x7d3/0x11d0 [ 352.525067][ T9360] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 352.530873][ T9360] ? __pfx___mutex_lock+0x10/0x10 [ 352.535890][ T9360] ? __pfx_vfs_write+0x10/0x10 [ 352.540650][ T9360] ksys_write+0x12a/0x250 [ 352.544966][ T9360] ? __pfx_ksys_write+0x10/0x10 [ 352.549810][ T9360] do_syscall_64+0xcd/0x4c0 [ 352.554308][ T9360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 352.560182][ T9360] RIP: 0033:0x7ff8fdf8eba9 [ 352.564578][ T9360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 352.584168][ T9360] RSP: 002b:00007ff8fed58038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 352.592565][ T9360] RAX: ffffffffffffffda RBX: 00007ff8fe1d6180 RCX: 00007ff8fdf8eba9 [ 352.600519][ T9360] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000004 [ 352.608468][ T9360] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 352.616419][ T9360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 352.624371][ T9360] R13: 00007ff8fe1d6218 R14: 00007ff8fe1d6180 R15: 00007ffdc2195fb8 [ 352.632336][ T9360] [ 353.156970][ T30] audit: type=1326 audit(4294967315.204:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9363 comm="syz.3.695" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe39918eba9 code=0x0 [ 354.228461][ T9358] zswap: compressor not available [ 360.824281][ T9327] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 360.831321][ T9327] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 360.845470][ T9327] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 360.855618][ T9327] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 360.861601][ T9327] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 360.871360][ T9327] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 360.879667][ T9327] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 360.888170][ T9327] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 360.898343][ T9327] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 360.907165][ T9327] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 360.916412][ T9349] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 361.892181][ T9439] openvswitch: netlink: IPv4 tunnel dst address is zero [ 362.809906][ T9463] kAFS: Invalid Command on /proc/fs/afs/cells file [ 362.853560][ T7887] Bluetooth: hci2: command 0x0406 tx timeout [ 362.859817][ T7887] Bluetooth: hci0: command 0x0406 tx timeout [ 362.933796][ T7887] Bluetooth: hci4: command 0x0406 tx timeout [ 362.939806][ T7660] Bluetooth: hci3: command 0x0406 tx timeout [ 364.924544][ T7887] Bluetooth: hci0: command 0x0406 tx timeout [ 364.930601][ T7660] Bluetooth: hci2: command 0x0406 tx timeout [ 365.001494][ T7887] Bluetooth: hci4: command 0x0406 tx timeout [ 365.007846][ T7660] Bluetooth: hci3: command 0x0406 tx timeout [ 366.721145][ T9526] FAULT_INJECTION: forcing a failure. [ 366.721145][ T9526] name failslab, interval 1, probability 0, space 0, times 0 [ 366.734002][ T9526] CPU: 0 UID: 0 PID: 9526 Comm: syz.3.719 Not tainted syzkaller #0 PREEMPT(full) [ 366.734021][ T9526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 366.734031][ T9526] Call Trace: [ 366.734036][ T9526] [ 366.734042][ T9526] dump_stack_lvl+0x16c/0x1f0 [ 366.734068][ T9526] should_fail_ex+0x512/0x640 [ 366.734093][ T9526] should_failslab+0xc2/0x120 [ 366.734114][ T9526] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 366.734131][ T9526] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 366.734152][ T9526] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 366.734174][ T9526] idr_get_free+0x528/0xa30 [ 366.734200][ T9526] idr_alloc_u32+0x190/0x2f0 [ 366.734220][ T9526] ? __pfx_idr_alloc_u32+0x10/0x10 [ 366.734241][ T9526] ? lock_acquire+0x179/0x350 [ 366.734263][ T9526] idr_alloc_cyclic+0x10b/0x230 [ 366.734283][ T9526] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 366.734301][ T9526] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 366.734327][ T9526] map_create+0xae3/0x1f80 [ 366.734353][ T9526] ? __pfx_map_create+0x10/0x10 [ 366.734371][ T9526] ? __might_fault+0xe3/0x190 [ 366.734387][ T9526] ? __might_fault+0xe3/0x190 [ 366.734402][ T9526] ? __might_fault+0x13b/0x190 [ 366.734424][ T9526] __sys_bpf+0x44d2/0x4de0 [ 366.734447][ T9526] ? __pfx___sys_bpf+0x10/0x10 [ 366.734468][ T9526] ? ksys_write+0x190/0x250 [ 366.734495][ T9526] ? do_futex+0x122/0x350 [ 366.734514][ T9526] ? __pfx_do_futex+0x10/0x10 [ 366.734539][ T9526] ? fput+0x9b/0xd0 [ 366.734559][ T9526] ? xfd_validate_state+0x61/0x180 [ 366.734580][ T9526] ? __pfx_ksys_write+0x10/0x10 [ 366.734599][ T9526] __x64_sys_bpf+0x78/0xc0 [ 366.734610][ T9526] ? lockdep_hardirqs_on+0x7c/0x110 [ 366.734631][ T9526] do_syscall_64+0xcd/0x4c0 [ 366.734653][ T9526] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.734667][ T9526] RIP: 0033:0x7fe39918eba9 [ 366.734679][ T9526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 366.734693][ T9526] RSP: 002b:00007fe399ffc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 366.734708][ T9526] RAX: ffffffffffffffda RBX: 00007fe3993d5fa0 RCX: 00007fe39918eba9 [ 366.734718][ T9526] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 366.734726][ T9526] RBP: 00007fe399211e19 R08: 0000000000000000 R09: 0000000000000000 [ 366.734736][ T9526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.734744][ T9526] R13: 00007fe3993d6038 R14: 00007fe3993d5fa0 R15: 00007ffef7d6f968 [ 366.734763][ T9526] [ 367.251082][ T7660] Bluetooth: hci0: command 0x0406 tx timeout [ 367.257170][ T7660] Bluetooth: hci4: command 0x0406 tx timeout [ 367.785274][ T7644] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:2: iget: checksum invalid [ 367.809584][ T7644] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 367.824604][ T7648] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:3: iget: checksum invalid [ 367.848898][ T7648] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 367.881647][ T7644] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:2: iget: checksum invalid [ 367.940057][ T7644] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 367.951710][ T7648] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:3: iget: checksum invalid [ 368.005072][ T7648] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 368.023193][ T7644] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:2: iget: checksum invalid [ 368.099769][ T7644] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 368.109661][ T7648] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:3: iget: checksum invalid [ 368.197815][ T7648] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 368.211863][ T7644] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:2: iget: checksum invalid [ 368.291812][ T7644] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 368.301803][ T7648] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:3: iget: checksum invalid [ 368.368410][ T7644] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 368.393693][ T7648] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 368.433063][ T7644] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 368.457691][ T7648] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 368.518201][ T7648] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 369.302194][ T9557] ALSA: mixer_oss: invalid OSS volume '' [ 377.341148][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.351591][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 378.651587][ T9537] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 378.658279][ T9537] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 378.666515][ T9537] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 378.674424][ T9537] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 380.681760][ T7660] Bluetooth: hci3: command 0x0406 tx timeout [ 380.688786][ T7660] Bluetooth: hci2: command 0x0406 tx timeout [ 380.695026][ T7887] Bluetooth: hci4: command 0x0406 tx timeout [ 380.701256][ T7660] Bluetooth: hci0: command 0x0406 tx timeout [ 380.808134][ T8825] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 380.882290][ T7648] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:3: iget: checksum invalid [ 380.897610][ T8825] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 380.944782][ T7648] (NULL device *): loading /lib/firmware/updates/syzkaller/regulatory.db.p7s failed with error -74 [ 380.987485][ T8825] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 381.047025][ T7648] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:3: iget: checksum invalid [ 381.058392][ T8825] (NULL device *): loading /lib/firmware/updates/regulatory.db failed with error -74 [ 381.128676][ T7648] (NULL device *): loading /lib/firmware/updates/regulatory.db.p7s failed with error -74 [ 381.138702][ T8825] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 381.207447][ T8825] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 381.226953][ T7648] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:3: iget: checksum invalid [ 381.272328][ T8825] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:8: iget: checksum invalid [ 381.288932][ T7648] (NULL device *): loading /lib/firmware/syzkaller/regulatory.db.p7s failed with error -74 [ 381.338375][ T8825] (NULL device *): loading /lib/firmware/regulatory.db failed with error -74 [ 381.356646][ T7648] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm kworker/u10:3: iget: checksum invalid [ 381.404642][ T8825] (NULL device *): Direct firmware load for regulatory.db failed with error -74 [ 381.424528][ T7648] (NULL device *): loading /lib/firmware/regulatory.db.p7s failed with error -74 [ 381.455738][ T8825] (NULL device *): Falling back to sysfs fallback for: regulatory.db [ 381.479756][ T7648] (NULL device *): Direct firmware load for regulatory.db.p7s failed with error -74 [ 381.526302][ T7648] (NULL device *): Falling back to sysfs fallback for: regulatory.db.p7s [ 381.722574][ T9634] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 381.764807][ T9630] nbd: nbd7 already in use [ 382.097504][ T9635] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 383.031940][ T9656] binder: 9655:9656 ioctl c018620c 0 returned -1 [ 383.047136][ T9656] netlink: 28 bytes leftover after parsing attributes in process `syz.2.742'. [ 383.163139][ T30] audit: type=1800 audit(4294967313.922:17): pid=9659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.741" name="features" dev="configfs" ino=53955 res=0 errno=0 [ 384.476607][ T9662] kexec: Could not allocate control_code_buffer [ 392.011579][ T9619] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 392.018158][ T9619] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 392.028070][ T9619] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 392.034328][ T9619] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 392.746556][ T9684] FAULT_INJECTION: forcing a failure. [ 392.746556][ T9684] name failslab, interval 1, probability 0, space 0, times 0 [ 392.832827][ T9684] CPU: 0 UID: 0 PID: 9684 Comm: syz.2.748 Not tainted syzkaller #0 PREEMPT(full) [ 392.832850][ T9684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 392.832859][ T9684] Call Trace: [ 392.832865][ T9684] [ 392.832871][ T9684] dump_stack_lvl+0x16c/0x1f0 [ 392.832897][ T9684] should_fail_ex+0x512/0x640 [ 392.832920][ T9684] ? fs_reclaim_acquire+0xae/0x150 [ 392.832943][ T9684] ? tomoyo_open_control+0x51f/0xa30 [ 392.832956][ T9684] should_failslab+0xc2/0x120 [ 392.832975][ T9684] __kmalloc_noprof+0xd2/0x510 [ 392.832996][ T9684] tomoyo_open_control+0x51f/0xa30 [ 392.833012][ T9684] do_dentry_open+0x982/0x1530 [ 392.833030][ T9684] ? __pfx_tomoyo_open+0x10/0x10 [ 392.833053][ T9684] vfs_open+0x82/0x3f0 [ 392.833076][ T9684] path_openat+0x1de4/0x2cb0 [ 392.833099][ T9684] ? __pfx_path_openat+0x10/0x10 [ 392.833120][ T9684] do_filp_open+0x20b/0x470 [ 392.833137][ T9684] ? __pfx_do_filp_open+0x10/0x10 [ 392.833166][ T9684] ? alloc_fd+0x471/0x7d0 [ 392.833186][ T9684] do_sys_openat2+0x11b/0x1d0 [ 392.833207][ T9684] ? __pfx_do_sys_openat2+0x10/0x10 [ 392.833235][ T9684] __x64_sys_openat+0x174/0x210 [ 392.833248][ T9684] ? __pfx___x64_sys_openat+0x10/0x10 [ 392.833267][ T9684] do_syscall_64+0xcd/0x4c0 [ 392.833290][ T9684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.833304][ T9684] RIP: 0033:0x7ff8fdf8eba9 [ 392.833316][ T9684] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.833329][ T9684] RSP: 002b:00007ff8fed9a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 392.833344][ T9684] RAX: ffffffffffffffda RBX: 00007ff8fe1d5fa0 RCX: 00007ff8fdf8eba9 [ 392.833353][ T9684] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 392.833361][ T9684] RBP: 00007ff8fe011e19 R08: 0000000000000000 R09: 0000000000000000 [ 392.833370][ T9684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 392.833378][ T9684] R13: 00007ff8fe1d6038 R14: 00007ff8fe1d5fa0 R15: 00007ffdc2195fb8 [ 392.833396][ T9684] [ 393.038318][ C0] vkms_vblank_simulate: vblank timer overrun [ 393.796351][ T9690] FAULT_INJECTION: forcing a failure. [ 393.796351][ T9690] name failslab, interval 1, probability 0, space 0, times 0 [ 393.841521][ T9690] CPU: 0 UID: 0 PID: 9690 Comm: syz.3.750 Not tainted syzkaller #0 PREEMPT(full) [ 393.841542][ T9690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 393.841552][ T9690] Call Trace: [ 393.841557][ T9690] [ 393.841563][ T9690] dump_stack_lvl+0x16c/0x1f0 [ 393.841589][ T9690] should_fail_ex+0x512/0x640 [ 393.841612][ T9690] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 393.841631][ T9690] should_failslab+0xc2/0x120 [ 393.841650][ T9690] __kmalloc_cache_node_noprof+0x6d/0x420 [ 393.841675][ T9690] ? kfree+0x2b4/0x4d0 [ 393.841687][ T9690] ? blk_mq_init_tags+0x87/0x2b0 [ 393.841714][ T9690] blk_mq_init_tags+0x87/0x2b0 [ 393.841738][ T9690] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 393.841762][ T9690] ? rcu_is_watching+0x12/0xc0 [ 393.841779][ T9690] __blk_mq_alloc_map_and_rqs+0x128/0x1f0 [ 393.841802][ T9690] blk_mq_alloc_tag_set+0x778/0x1260 [ 393.841828][ T9690] loop_add+0x3b2/0xb70 [ 393.841848][ T9690] ? __pfx_loop_add+0x10/0x10 [ 393.841877][ T9690] ? find_held_lock+0x2b/0x80 [ 393.841893][ T9690] loop_control_ioctl+0x13e/0x630 [ 393.841912][ T9690] ? __pfx_loop_control_ioctl+0x10/0x10 [ 393.841933][ T9690] ? __pfx_loop_control_ioctl+0x10/0x10 [ 393.841952][ T9690] __x64_sys_ioctl+0x18b/0x210 [ 393.841976][ T9690] do_syscall_64+0xcd/0x4c0 [ 393.841999][ T9690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.842013][ T9690] RIP: 0033:0x7fe39918eba9 [ 393.842025][ T9690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.842039][ T9690] RSP: 002b:00007fe399ffc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 393.842053][ T9690] RAX: ffffffffffffffda RBX: 00007fe3993d5fa0 RCX: 00007fe39918eba9 [ 393.842062][ T9690] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 000000000000000b [ 393.842071][ T9690] RBP: 00007fe399211e19 R08: 0000000000000000 R09: 0000000000000000 [ 393.842080][ T9690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 393.842088][ T9690] R13: 00007fe3993d6038 R14: 00007fe3993d5fa0 R15: 00007ffef7d6f968 [ 393.842106][ T9690] [ 393.842201][ T9690] blk-mq: reduced tag depth (128 -> 64) [ 394.107200][ T7640] Bluetooth: hci4: command 0x0406 tx timeout [ 394.115123][ T7640] Bluetooth: hci3: command 0x0406 tx timeout [ 394.127916][ T7640] Bluetooth: hci2: command 0x0406 tx timeout [ 394.136039][ T7640] Bluetooth: hci0: command 0x0406 tx timeout [ 394.655994][ T9688] ima: policy update failed [ 394.680724][ T30] audit: type=1802 audit(4294967325.491:18): pid=9688 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.751" res=0 errno=0 [ 398.586170][ T9741] netlink: 268 bytes leftover after parsing attributes in process `syz.2.759'. [ 398.677546][ T9741] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.759: iget: checksum invalid [ 398.853028][ T9756] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 398.861077][ T9741] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 398.984953][ T31] INFO: task kworker/u10:1:7643 blocked for more than 184 seconds. [ 398.993700][ T31] Not tainted syzkaller #0 [ 399.018883][ T9741] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.759: iget: checksum invalid SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 399.040230][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 399.086441][ T31] task:kworker/u10:1 state:D stack:26952 pid:7643 tgid:7643 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 399.165682][ T31] Workqueue: netns cleanup_net [ 399.200256][ T31] Call Trace: [ 399.219374][ T9741] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 399.243182][ T31] [ 399.246140][ T31] __schedule+0x1190/0x5de0 [ 399.250647][ T31] ? __pfx___schedule+0x10/0x10 [ 399.309241][ T31] ? find_held_lock+0x2b/0x80 [ 399.345797][ T31] ? schedule+0x2d7/0x3a0 [ 399.378746][ T31] schedule+0xe7/0x3a0 [ 399.419689][ T31] schedule_timeout+0x257/0x290 [ 399.455161][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 399.460546][ T31] ? mark_held_locks+0x49/0x80 [ 399.465991][ T9741] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.759: iget: checksum invalid [ 399.540886][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 399.579969][ T31] __wait_for_common+0x2fc/0x4e0 [ 399.618192][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 399.629919][ T9741] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 399.668497][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 399.676434][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 399.685244][ T9741] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.759: iget: checksum invalid [ 399.716262][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 399.736384][ T31] __flush_workqueue+0x3e2/0x1230 [ 399.746621][ T9741] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 399.766322][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 399.780070][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 399.840162][ T9741] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 399.873353][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 399.878822][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 399.920447][ T9741] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 399.969652][ T31] rds_tcp_listen_stop+0x104/0x150 [ 399.974776][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 400.019705][ T31] rds_tcp_exit_net+0xcb/0x810 [ 400.024482][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 400.069029][ T31] ? __pfx___might_resched+0x10/0x10 [ 400.074321][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 400.119863][ T31] ops_undo_list+0x2ee/0xab0 [ 400.124471][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 400.160859][ T31] ? cleanup_net+0x334/0x890 [ 400.165447][ T31] ? idr_destroy+0x62/0x2e0 [ 400.208157][ T31] cleanup_net+0x408/0x890 [ 400.212575][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 400.217495][ T31] ? rcu_is_watching+0x12/0xc0 [ 400.241863][ T31] process_one_work+0x9cf/0x1b70 [ 400.246835][ T31] ? __pfx_nsim_dev_trap_report_work+0x10/0x10 [ 400.279635][ T31] ? __pfx_process_one_work+0x10/0x10 [ 400.285019][ T31] ? assign_work+0x1a0/0x250 [ 400.301601][ T31] worker_thread+0x6c8/0xf10 [ 400.306195][ T31] ? __pfx_worker_thread+0x10/0x10 [ 400.320016][ T31] kthread+0x3c5/0x780 [ 400.324090][ T31] ? __pfx_kthread+0x10/0x10 [ 400.337144][ T31] ? rcu_is_watching+0x12/0xc0 [ 400.345835][ T31] ? __pfx_kthread+0x10/0x10 [ 400.350844][ T31] ret_from_fork+0x56d/0x730 [ 400.359313][ T31] ? __pfx_kthread+0x10/0x10 [ 400.363915][ T31] ret_from_fork_asm+0x1a/0x30 [ 400.371241][ T31] [ 400.468209][ T31] INFO: task syz.0.349:7664 blocked for more than 185 seconds. [ 400.475750][ T31] Not tainted syzkaller #0 [ 400.546070][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 400.587932][ T31] task:syz.0.349 state:D stack:25512 pid:7664 tgid:7663 ppid:5874 task_flags:0x400140 flags:0x00004006 [ 400.629885][ T31] Call Trace: [ 400.633163][ T31] [ 400.659345][ T31] __schedule+0x1190/0x5de0 [ 400.663854][ T31] ? __pfx___schedule+0x10/0x10 [ 400.694352][ T31] ? find_held_lock+0x2b/0x80 [ 400.705535][ T31] ? schedule+0x2d7/0x3a0 [ 400.709866][ T31] schedule+0xe7/0x3a0 [ 400.713921][ T31] schedule_timeout+0x257/0x290 [ 400.767632][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 400.773015][ T31] ? mark_held_locks+0x49/0x80 [ 400.805115][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 400.810342][ T31] __wait_for_common+0x2fc/0x4e0 [ 400.854817][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 400.860192][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 400.882843][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 400.890123][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 400.896162][ T31] __flush_workqueue+0x3e2/0x1230 [ 400.901190][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 400.908687][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 400.915886][ T31] ? release_sock+0x21/0x220 [ 400.920486][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 400.927969][ T31] ? __local_bh_enable_ip+0xa4/0x120 [ 400.933249][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 400.938959][ T31] rds_tcp_listen_stop+0x104/0x150 [ 400.944062][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 400.952717][ T31] rds_tcp_exit_net+0xcb/0x810 [ 400.958342][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 400.963717][ T31] ? __pfx___might_resched+0x10/0x10 [ 400.971551][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 400.979849][ T31] ops_undo_list+0x2ee/0xab0 [ 400.986853][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 400.991962][ T31] ? ops_init+0x2fa/0x5f0 [ 400.996616][ T31] setup_net+0x1f1/0x380 [ 401.000844][ T31] ? lockdep_set_lock_cmp_fn+0xc1/0xe0 [ 401.008323][ T31] ? __pfx_setup_net+0x10/0x10 [ 401.013082][ T31] ? debug_mutex_init+0x37/0x70 [ 401.018180][ T31] copy_net_ns+0x2a6/0x5f0 [ 401.022583][ T31] create_new_namespaces+0x3ea/0xa90 [ 401.029905][ T31] copy_namespaces+0x468/0x560 [ 401.034832][ T31] copy_process+0x2822/0x7690 [ 401.039509][ T31] ? __pfx_copy_process+0x10/0x10 [ 401.046680][ T31] ? futex_private_hash_put+0x176/0x300 [ 401.052219][ T31] ? futex_private_hash_put+0x18a/0x300 [ 401.060352][ T31] kernel_clone+0xfc/0x930 [ 401.067257][ T31] ? __pfx_kernel_clone+0x10/0x10 [ 401.072296][ T31] __do_sys_clone+0xce/0x120 [ 401.077122][ T31] ? __pfx___do_sys_clone+0x10/0x10 [ 401.082319][ T31] ? xfd_validate_state+0x61/0x180 [ 401.092000][ T31] ? __pfx_ksys_write+0x10/0x10 [ 401.097425][ T31] do_syscall_64+0xcd/0x4c0 [ 401.101926][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.109925][ T31] RIP: 0033:0x7fd0f518eba9 [ 401.114494][ T31] RSP: 002b:00007fd0f5fb3fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 401.122892][ T31] RAX: ffffffffffffffda RBX: 00007fd0f53d5fa0 RCX: 00007fd0f518eba9 [ 401.132975][ T31] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040100000 [ 401.141163][ T31] RBP: 00007fd0f5211e19 R08: 0000000000000000 R09: 0000000000000000 [ 401.151094][ T31] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 401.161023][ T31] R13: 00007fd0f53d6038 R14: 00007fd0f53d5fa0 R15: 00007fffaaac5478 [ 401.171464][ T31] [ 401.199396][ T31] [ 401.199396][ T31] Showing all locks held in the system: [ 401.234859][ T31] 1 lock held by pool_workqueue_/3: [ 401.240052][ T31] 1 lock held by khungtaskd/31: [ 401.259101][ T31] #0: ffffffff8e5c1420 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 401.284435][ T31] 1 lock held by syz-executor/5860: [ 401.289620][ T31] #0: ffffffff903888c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 401.324386][ T31] 3 locks held by kworker/u10:1/7643: [ 401.329743][ T31] #0: ffff88801c6fe948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 401.352365][ T31] #1: ffffc9000f82fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 401.393823][ T31] #2: ffffffff903725d0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 401.412526][ T31] 1 lock held by syz.0.349/7664: [ 401.417450][ T31] #0: ffffffff903725d0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 401.443576][ T31] 3 locks held by kworker/u10:7/8824: [ 401.448931][ T31] #0: ffff88801b889148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 401.470085][ T31] #1: ffffc90004fefd10 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 401.481115][ T31] #2: ffffffff903888c8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0 [ 401.492335][ T31] 2 locks held by getty/9333: [ 401.497013][ T31] #0: ffff88814e0bb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 401.507737][ T31] #1: ffffc900033142f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 401.519073][ T31] 1 lock held by syz.2.759/9741: [ 401.524896][ T31] #0: ffffffff903888c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 401.538618][ T31] 1 lock held by syz.4.760/9743: [ 401.544454][ T31] #0: ffffffff903888c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 401.554884][ T31] 1 lock held by syz.3.763/9758: [ 401.559800][ T31] #0: ffffffff903888c8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 401.580400][ T31] [ 401.594791][ T31] ============================================= [ 401.594791][ T31] [ 401.624344][ T31] NMI backtrace for cpu 0 [ 401.624356][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 401.624373][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 401.624381][ T31] Call Trace: [ 401.624386][ T31] [ 401.624392][ T31] dump_stack_lvl+0x116/0x1f0 [ 401.624416][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 401.624431][ T31] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 401.624451][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 401.624473][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 401.624491][ T31] watchdog+0xf0e/0x1260 [ 401.624514][ T31] ? __pfx_watchdog+0x10/0x10 [ 401.624533][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 401.624554][ T31] ? __kthread_parkme+0x19e/0x250 [ 401.624573][ T31] ? __pfx_watchdog+0x10/0x10 [ 401.624592][ T31] kthread+0x3c5/0x780 [ 401.624612][ T31] ? __pfx_kthread+0x10/0x10 [ 401.624634][ T31] ? rcu_is_watching+0x12/0xc0 [ 401.624648][ T31] ? __pfx_kthread+0x10/0x10 [ 401.624668][ T31] ret_from_fork+0x56d/0x730 [ 401.624689][ T31] ? __pfx_kthread+0x10/0x10 [ 401.624709][ T31] ret_from_fork_asm+0x1a/0x30 [ 401.624733][ T31] [ 401.624744][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 401.746577][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 401.755664][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 401.765691][ T31] Call Trace: [ 401.768948][ T31] [ 401.771857][ T31] dump_stack_lvl+0x3d/0x1f0 [ 401.776432][ T31] vpanic+0x6e8/0x7a0 [ 401.780398][ T31] ? __pfx_vpanic+0x10/0x10 [ 401.784889][ T31] panic+0xca/0xd0 [ 401.788591][ T31] ? __pfx_panic+0x10/0x10 [ 401.792989][ T31] ? nmi_backtrace_stall_check+0x6e/0x540 [ 401.798687][ T31] ? irq_work_queue+0xce/0x100 [ 401.803435][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 401.809399][ T31] ? __wake_up_klogd.part.0+0x99/0xf0 [ 401.814755][ T31] ? watchdog+0xd78/0x1260 [ 401.819165][ T31] ? watchdog+0xd6b/0x1260 [ 401.823576][ T31] watchdog+0xd89/0x1260 [ 401.827810][ T31] ? __pfx_watchdog+0x10/0x10 [ 401.832476][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 401.837662][ T31] ? __kthread_parkme+0x19e/0x250 [ 401.842672][ T31] ? __pfx_watchdog+0x10/0x10 [ 401.847340][ T31] kthread+0x3c5/0x780 [ 401.851398][ T31] ? __pfx_kthread+0x10/0x10 [ 401.855976][ T31] ? rcu_is_watching+0x12/0xc0 [ 401.860721][ T31] ? __pfx_kthread+0x10/0x10 [ 401.865296][ T31] ret_from_fork+0x56d/0x730 [ 401.869871][ T31] ? __pfx_kthread+0x10/0x10 [ 401.874447][ T31] ret_from_fork_asm+0x1a/0x30 [ 401.879202][ T31] [ 401.882250][ T31] Kernel Offset: disabled [ 401.886556][ T31] Rebooting in 86400 seconds..