last executing test programs: 14.986148771s ago: executing program 2 (id=488): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0xfffffffffffffffe, 0x2020009, 0x1, 0x16, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0) write$auto(r1, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0xa003, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r2, 0x1, &(0x7f0000000140)="f29648d3fcf35b8881a319ad98662624ae17cd10c6e965119c749039c2a662cd6f66e728c546b0c3ba9a9470f4e36dc6d0361c5d14196baeac754395530997397ee4285342cc09f7c7c85491f50da6a894821ab36612c0949b02cb47df05c7720557a8d14706718493db98af5ab8bc5cd82931131ce4f5f2339466c02953d23e6156f68f7533f512426e2f10551961548273c9560fd882c965374fd3473a97e7c257fae01f450478f49f643de30aa10f7a8db576842eefc3371e46a4827e37fdd9a0cc75d83133ed1483d906ba78b50add5a147cab81f16e2603d8f7bcf9ed") syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid$auto(r0, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) r3 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/snd/pcmC0D0c\x00', 0x80900, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r4 = gettid() process_vm_writev$auto(r4, 0x0, 0x3, 0x0, 0x4, 0x0) clone$auto(0x6, 0x9, 0x0, 0x0, 0xe08) socket(0x23, 0x80805, 0x0) bpf$auto(0x10001, &(0x7f0000000140)=@bpf_attr_1={0xffffffffffffffff, 0x4, @value=0x8, 0x2}, 0x800) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS2(r3, 0xc2604111, &(0x7f0000000600)={0x10001, [{[0x4, 0x9, 0x1, 0x80000001, 0x1, 0x1, 0x3, 0x5]}, {[0xffffffff, 0x8, 0xffffffff, 0x200, 0xfffffffa, 0xffff8000, 0x3, 0x2]}, {[0x1334000, 0x1, 0x7, 0x1, 0xcb0, 0x4, 0x5, 0x8]}], [{[0x63, 0x8, 0x8, 0x3, 0x3, 0x2, 0x781, 0x6]}, {[0x3, 0x200, 0x514be123, 0x1, 0x1, 0x7, 0x4, 0x81]}, {[0x5, 0x8001, 0x4, 0x7, 0x5, 0x80, 0x1, 0x9]}, {[0x6124, 0x8, 0x0, 0x800, 0x10001, 0x7, 0x3, 0x7fffffff]}, {[0x6, 0x5, 0x5, 0x104, 0x4, 0x0, 0x3]}], [{0x7f, 0x315e, 0x1, 0x0, 0x1}, {0x35b22e9c, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x2, 0x79e2, 0x1, 0x0, 0x0, 0x1}, {0x400, 0x18, 0x1, 0x0, 0x0, 0x1}, {0x2, 0x3, 0x0, 0x0, 0x1}, {0x9, 0x6, 0x0, 0x0, 0x1, 0x1}, {0xa, 0x0, 0x0, 0x1, 0x0, 0x1}, {0xffffffff, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x3, 0x8, 0x0, 0x1}, {0x1, 0x3, 0x0, 0x1, 0x1, 0x1}, {0x9, 0xfcfa, 0x0, 0x1, 0x1, 0x1}, {0x401, 0x401, 0x0, 0x1, 0x0, 0x1}], [{0x0, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x3}, {0x0, 0x81, 0x0, 0x1, 0x1, 0x1}, {0x1df, 0x3, 0x0, 0x1, 0x1, 0x1}, {0x2, 0x5, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, {0xffff0001, 0x8, 0x1, 0x1, 0x1}, {0x2, 0xdad4, 0x1, 0x0, 0x1}, {0x0, 0x7, 0x0, 0x1, 0x0, 0x1}], 0x101, 0x9, 0x7, 0x2, 0x6, 0x7, 0x1000, "4053c497e8da8420f7601310f6ca3464", "ebd82fd2742103b4779e2c8334ab7ecfd1c4fc6197b76b5cf37ed3776f42a82b829c87af8c19d402cbf98aa045e1f364"}) wait4$auto(0x0, 0x0, 0x8, 0x0) 13.216591956s ago: executing program 2 (id=492): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0x8, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x200007, 0x19) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), 0xffffffffffffffff) 12.28854258s ago: executing program 1 (id=496): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x1c, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xb2c7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4008000}, 0x8000) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r3, 0x0, 0xfff) msync$auto(0x7f, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r5 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/default/drop_gratuitous_arp\x00', 0x141241, 0x0) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x40, 0xe, 0xd59, 0x101, 0xff, 0x2, 0x80080001]}, 0x0, 0x0) write$auto(r5, &(0x7f0000000000)='-\x00', 0x2fb) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) remap_file_pages$auto(0x8, 0xda, 0x5, 0x4, 0x4) 8.750306445s ago: executing program 0 (id=499): r0 = socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x6c}, 0x1, 0x0, 0x0, 0x40084}, 0x40) sendmsg$auto_L2TP_CMD_SESSION_GET(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x24000004) syz_open_procfs$namespace(0x0, &(0x7f0000000040)) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) socket(0x11, 0x2, 0x73) io_uring_setup$auto(0x7e1b, 0x0) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x14) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptya7\x00', 0x101e81, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto(0x3, 0x5411, 0x38) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'ip6tnl0\x00', 0x0}) sendmsg$auto_OVS_VPORT_CMD_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000e7", @ANYRES16=0x0, @ANYBLOB="25052abd7000fddbdf2503000000080001000c00000008000800", @ANYRES32=r4, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x4000050}, 0x20000090) statmount$auto(0x0, &(0x7f0000000180)={0x770, 0x1, 0x201, 0x1, 0x5, 0x3, 0x3ffde, 0x400, 0x3, 0x9, 0x6, 0x80004, 0x4, 0x11ffffffffffd, 0xb2, 0x2, 0x9, 0x10, 0x80, 0x80000002a0, 0x0, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x4, 0x0, 0x0, 0x0, 0x0, [0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x2, 0x0, 0x0, 0x0, 0x7fffffff, 0xffffffffffffffff, 0x0, 0x9, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000, 0x0, 0x200, 0x0, 0x10000, 0x0, 0x9, 0x4, 0xe17, 0x0, 0x6]}, 0x1fe, 0x1) r5 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r5, 0xfffffffffffffd03, &(0x7f00000001c0)) 8.750058674s ago: executing program 3 (id=500): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/pvrusb2/parameters/vbi_nr\x00', 0x200, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1) read$auto(r1, 0x0, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0xf53, 0xffffffffffff0008, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) fsconfig$auto_FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000000)='\x00', &(0x7f0000000140)="487af514af7c58791fcc1ec20a4de4e64ab7797a15a16994ee759007aba46b65b8d35332957a32453fa9687cd8283356041f771f1fa221ec6a29e7915dd8ddcc47594951ca5d73933a3d6cda00dc819268f15bd73327e2762a59355288aef2a0aeff1ced9acddf1b316f1b7a5b307ec70ce4a0c47220b5e8bb807d", 0x3) close_range$auto(0x2, 0xa, 0x0) 8.362201507s ago: executing program 1 (id=501): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) r1 = ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)=';') openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) write$auto_evm_xattr_ops_evm_secfs(r1, &(0x7f0000000240)="dc4246ea636b0381c1b3a7f023dd17fd3a52338712ffe933ec81a3dfb8cd68c2e642f46fd6d97f431a7c735cb51d9654a600628299cd063c5abb79895d87a86ed84186d31422f012d2f3ed86beaee0da3f90c31c53ce9430e0f88572f4", 0x5d) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = open$dir(&(0x7f0000000000)='./file0\x00', 0x240, 0x13) statx$auto(r2, &(0x7f0000004b00)='\x00', 0xbf02, 0x3, 0x0) socket(0xa, 0x1, 0x100) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) socket(0x23, 0x6, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/auth.rpcsec.context/channel\x00', 0x101002, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x100000001ff, 0x7, 0x3, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x5, 0x62, 0x80000001, 0x5, 0x5, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) readahead$auto(0xffffffffffffffff, 0x4, 0x4) mmap$auto(0x0, 0x4, 0x2, 0x78, 0x4, 0x300000000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video19\x00', 0x0, 0x0) ioctl$auto(0xffffffffffffffff, 0x4, 0xffffffffffffffff) init_module$auto(0x0, 0xffff9, 0x0) futex_wait$auto(0x0, 0x6, 0x2, 0x6, 0x0, 0xc3a) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) 8.308976989s ago: executing program 2 (id=502): mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) fcntl$auto(0x3, 0x4, 0xa553) open(0x0, 0x22240, 0x154) mmap$auto(0xfffffffffffffffd, 0x4, 0x1, 0xeb2, 0xfffffffffffffffa, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x38, r1, 0x1b, 0x70bd26, 0x25dfdbfe, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x19}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590822ad9"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) madvise$auto(0x0, 0x2003f0, 0x15) r2 = open(0x0, 0x5db443, 0x180) fcntl$auto(r2, 0x5, 0x40003f) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8182, 0x0) mmap$auto(0x0, 0xe983, 0x7, 0xeb1, r3, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, 0xfffffffffffffffb, 0x8000) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) ioctl$auto_MON_IOCG_STATS(r4, 0x80089203, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0xdcf01, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0x100082) setsockopt$auto(0xffffffffffffffff, 0x7, 0xc, 0x0, 0x567) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x103002, 0x0) 7.992563087s ago: executing program 0 (id=503): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0xfffffffffffffffe, 0x2020009, 0x1, 0x16, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0) write$auto(r1, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0xa003, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r2, 0x1, &(0x7f0000000140)="f29648d3fcf35b8881a319ad98662624ae17cd10c6e965119c749039c2a662cd6f66e728c546b0c3ba9a9470f4e36dc6d0361c5d14196baeac754395530997397ee4285342cc09f7c7c85491f50da6a894821ab36612c0949b02cb47df05c7720557a8d14706718493db98af5ab8bc5cd82931131ce4f5f2339466c02953d23e6156f68f7533f512426e2f10551961548273c9560fd882c965374fd3473a97e7c257fae01f450478f49f643de30aa10f7a8db576842eefc3371e46a4827e37fdd9a0cc75d83133ed1483d906ba78b50add5a147cab81f16e2603d8f7bcf9ed") syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid$auto(r0, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/snd/pcmC0D0c\x00', 0x80900, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) wait4$auto(0x0, 0x0, 0x8, 0x0) 7.441936601s ago: executing program 3 (id=504): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r0, 0x0, 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82140, 0x0) socket(0xa, 0x1, 0x100) vmsplice$auto(r0, &(0x7f0000000080)={&(0x7f0000000340)="6184494649504c6647e0bd7ab144975569055db0331f4ce50bf4399fd19446c045456623cacaeac05d63898b60ce883de61d5c33e8c35513ec9920957bd81efabc89914667ff8beaf43cc13bda4baad46fff498a02322bb13147b66ee886d99c38ae23fa67666137b886457d3454c7ffb77bcecc4381292701783824f897569aced6a55358f1101694990fd3ac3539308fe9fbbf6fa70462848ef85ee9299ac4425e1f71485887a707f4db1295aecb02f78f217fafb6aa1d3b1e7272eef2489da21d72ca48552fa36d284fc716058166e725466c", 0x5}, 0x8, 0x101) ioperm$auto(0x7, 0x5ad2, 0xc) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/fscreate\x00', 0x1, 0x0) exit$auto(0x7) write$auto_proc_pid_attr_operations_base(r2, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mq_open$auto(&(0x7f0000000000)='.\xf1e4\xdf\x16\x95kxE\xd9x\x15\xb0\xf6V\x93\xb4E\x06\xc5}l', 0x400056a, 0x9, 0x0) ftruncate$auto(0x3, 0x700) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/user/max_time_namespaces\x00', 0x202, 0x0) setuid$auto(0x800000000008) read$auto(0x3, 0x0, 0xf34) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/bond0/bonding/ad_actor_sys_prio\x00', 0x942, 0x0) write$auto(r3, &(0x7f0000000640)='0\x00\xa6\xcc\r\x91Q\x00\x00\x00\x00\x00\x00\x00\x04\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:\x00\x00@\x00\xeb\xf0\xc4\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfh\xf4\v\xf3C\x00\x00\x00\x00\x00\x00\x00\x000\xdc\xc8\xd5\'Y\xbe\xf3%\x88j9\x969R\x06\xfe\xf8\x90\xa62\bp!\xd16\x8b\x95\xdaN\x87\xba\xf3\xac\xeeDj\xc8\x8a\xa8 \x1e\xa5\xaa\xc0f\xfaK\xe1\x85\xd8\xeb\xf4C3\x02\x1bG\'\xd8\xfd\x05n}\xe12X\x98\x8f\x18\x9e\xf6\xb2\x9a\x00\xb4\xe0Ub\xa5\bk\x95\xd9\xb8\x8a\xc0\xf2\b\r\xdf\xa6\xfd\xed%w\xde8\x8aR\xc0/\xe7a\xd5\x9c~\xc1\x13\xf9\xfb\x11h\xf9\xb1C\xb1\xb5$\x97d\xbc{ZI\xc6\x10/=z\x03\xf6\xa4\x1e\vay:\xf10\x10Nr4\x8eq[\x9eQ3\v\x16\x0fu\x99l\xd8>|\xc6jm\x1c\bR\x86Z\x9c\x83\x8e\xcdZU\r\xb6\xc4\x95\xe1\xfeT\xbda\x99\x19?\xbe\x87zy\xdb\x1a\x05\xe8\xd2\xc8*|\b\xb7 \xe1', 0xffff) 7.053908257s ago: executing program 0 (id=505): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/pcm0p/oss\x00', 0xaa102, 0x0) write$auto(r0, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0xc) modify_ldt$auto(0x1, 0x0, 0x10) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r1, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0) sendfile$auto(r3, r3, 0x0, 0x0) mmap$auto(0xc, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0x200007, 0x19) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) setsockopt$auto_SO_INCOMING_CPU(r1, 0x72, 0x31, &(0x7f0000000040)='\x00', 0x81) close_range$auto(0x2, 0x8, 0x0) 5.581051179s ago: executing program 1 (id=506): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) madvise$auto(0xfff, 0x8, 0xab8) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x6, 0x100000000, 0xfffffffffffffffc, 0xa) socket(0x2, 0x801, 0x100) mmap$auto(0x1, 0x3, 0x3, 0x55, r0, 0x8001) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/node/has_memory\x00', 0x22100, 0x0) read$auto_check_wx_fops_(r1, 0x0, 0x0) mlockall$auto(0x5) mmap$auto(0x2, 0x40000a, 0x2bb, 0x14, 0x2, 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv6/conf/sit0/ioam6_id\x00', 0x88800, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000280), 0x40000, 0x0) syz_genetlink_get_family_id$auto_nlbl_mgmt(0x0, 0xffffffffffffffff) io_uring_setup$auto(0x8, 0x0) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x28, 0x80000, 0x300) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0643, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r2, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) 5.280883328s ago: executing program 3 (id=507): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0xfffffffffffffffe, 0x2020009, 0x1, 0x16, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0) write$auto(r1, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0xa003, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r2, 0x1, &(0x7f0000000140)="f29648d3fcf35b8881a319ad98662624ae17cd10c6e965119c749039c2a662cd6f66e728c546b0c3ba9a9470f4e36dc6d0361c5d14196baeac754395530997397ee4285342cc09f7c7c85491f50da6a894821ab36612c0949b02cb47df05c7720557a8d14706718493db98af5ab8bc5cd82931131ce4f5f2339466c02953d23e6156f68f7533f512426e2f10551961548273c9560fd882c965374fd3473a97e7c257fae01f450478f49f643de30aa10f7a8db576842eefc3371e46a4827e37fdd9a0cc75d83133ed1483d906ba78b50add5a147cab81f16e2603d8f7bcf9ed") syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid$auto(r0, 0x0) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/snd/pcmC0D0c\x00', 0x80900, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r4 = gettid() process_vm_writev$auto(r4, 0x0, 0x3, 0x0, 0x4, 0x0) clone$auto(0x6, 0x9, 0x0, 0x0, 0xe08) socket(0x23, 0x80805, 0x0) bpf$auto(0x10001, &(0x7f0000000140)=@bpf_attr_1={0xffffffffffffffff, 0x4, @value=0x8, 0x2}, 0x800) writev$auto(0x3, &(0x7f0000000100)={&(0x7f0000000340), 0x7111}, 0x8) accept$auto(r3, &(0x7f0000000040)=@ax25={0x3, @default, 0x3}, &(0x7f00000000c0)=0xfff) wait4$auto(0x0, 0x0, 0x8, 0x0) 4.551508662s ago: executing program 2 (id=508): r0 = fcntl$auto(0xffffffffffffffff, 0x7, 0xa553) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0x8) modify_ldt$auto(0xc, 0x0, 0x100000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyd1\x00', 0x40, 0x0) mmap$auto(0xffffffff, 0x20009, 0x5, 0xeb1, 0x405, 0x8000) openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) socket(0x10, 0x2, 0x0) process_mrelease$auto(0xffffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mincore$auto(0x1000, 0x8001, 0x0) arch_prctl$auto(0x5001, 0x2) fcntl$auto(0x8000000000000001, 0x7, 0x8) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) fcntl$auto(0x8000000000000001, 0x26, 0x8) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x8800, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f00000000c0), r0) r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000040), r0) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0x6c, r1, 0x8, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_TT_TTVN={0x5, 0x11, 0x8e}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x180}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5, 0x37, 0x1}, @BATADV_ATTR_BLA_VID={0x6, 0x20, 0x2}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_BLA_ADDRESS={0xa, 0x1f, @random="b059f9498c50"}, @BATADV_ATTR_HARD_IFNAME={0x14, 0x7, 'syz_tun\x00'}, @BATADV_ATTR_MESH_ADDRESS={0xa, 0x5, @multicast}, @BATADV_ATTR_ACTIVE={0x4}]}, 0x6c}, 0x1, 0x0, 0x0, 0x804}, 0x4) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0xb00, 0x0) close_range$auto(0x2, 0x8, 0x0) 4.244181799s ago: executing program 0 (id=509): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x5810, 0xffb, 0x8000000008011, 0x3, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x100, 0x0) read$auto(0x3, 0x0, 0x80) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r1, 0x4c02, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = socket(0x2b, 0x1, 0x1) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x8001, 0x0) ioctl$auto(r3, 0x2282, r3) ioctl$auto(r2, 0x89a0, 0x4) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20080, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x801, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 3.580698675s ago: executing program 3 (id=510): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) init_module$auto(0x0, 0xfffff, 0x0) mkdir$auto(0x0, 0x8001) getpriority$auto_PRIO_USER(0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x568) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x101142, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0) move_pages$auto(0xffffffffffffffff, 0xf54, 0x0, 0x0, 0x0, 0x2) execve$auto(0x0, 0x0, 0x0) capget$auto(0x0, 0x0) symlink$auto(0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) getsockopt$auto(0xffffffffffffffff, 0xff, 0x7, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x280, 0x0) pread64$auto(r2, 0x0, 0x8, 0x8) mmap$auto(0x0, 0x44, 0x3, 0x11, r0, 0xc) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto(0x3, 0x4b71, 0x38) 3.28341139s ago: executing program 1 (id=511): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, &(0x7f0000000040)={0x6, [{[0x2, 0xf5e, 0x1ff, 0xd, 0x7f, 0x8, 0x4, 0x663d349e]}, {[0x2, 0xa6, 0x5c915993, 0xfffffffd, 0x6, 0xe, 0x80000001, 0x3]}, {[0x2, 0xe, 0x2, 0x579c8feb, 0x9, 0x6, 0x7, 0xa53]}], [{[0x75d, 0x9, 0x6, 0x17f29ee4, 0x400, 0x7, 0xc, 0x44]}, {[0x1, 0xeade, 0x1, 0x3, 0xf0, 0x5, 0x101, 0x1]}, {[0x7e61, 0x6, 0x7, 0x0, 0x5, 0x5, 0x100, 0x9]}, {[0x4, 0x5, 0x1, 0xfffffff7, 0x5, 0x0, 0xfffffffb, 0x1]}, {[0x3, 0x1000, 0x8, 0x8, 0x2, 0xe8c, 0xf, 0xd403]}], [{0xfffffffa, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x7f, 0x6, 0x1, 0x0, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x61, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x49c5fc8b, 0x0, 0x0, 0x0, 0x1}, {0x7ff, 0x7, 0x0, 0x1, 0x1, 0x1}, {0x6, 0x9, 0x0, 0x1, 0x1}, {0x9, 0x6, 0x0, 0x1}, {0x7fd, 0x7, 0x0, 0x1, 0x0, 0x1}, {0x7, 0xfffffffd, 0x1, 0x1, 0x1}, {0x8, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x5, 0x1, 0x1, 0x0, 0x1}], [{0xbe, 0xd5, 0x0, 0x1, 0x0, 0x1}, {0xc2, 0x7fffffff, 0x1, 0x1, 0x1}, {0xbc, 0xbb5e, 0x1, 0x0, 0x0, 0x1}, {0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x100, 0x12e800, 0x1, 0x1, 0x1, 0x1}, {0x2, 0xf, 0x0, 0x1, 0x1}, {0xffff, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x3, 0x1, 0x1, 0x0, 0x1}, {0x80000000, 0x6, 0x0, 0x1}], 0x100, 0x2, 0x4, 0x9, 0x5, 0x1, 0x8, "938f570ba48ab1df6ea169301a0f4b75", "16fef137d6f6aa1d93e7fd319170d04be4063eb16bddc7a41e5782dfff02104539c9b5e571a002e14933724526d0c013"}) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dri/card2\x00', 0x200100, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r1) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, r2, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@ETHTOOL_A_TSINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040840}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x1b, 0x7, 0x5, 0x7, 0x1, 0xdd34, 0x7, 0x8, @raw=0xffff}) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vkms/drm/card1/card1-Virtual-1/modes\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)=""/44, 0x2c) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0) read$auto(0x3, 0x0, 0xfdef) madvise$auto(0x0, 0xffffffffffff0004, 0x19) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) 2.595774998s ago: executing program 2 (id=512): mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) r0 = socket(0x15, 0x5, 0x0) read$auto(0x3, 0x0, 0xfffffffffffffdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) r1 = creat$auto(&(0x7f0000000000)='./file0\x00', 0x9) ioctl$auto_PPPIOCSDEBUG(r1, 0x40047440, &(0x7f0000000080)=0xffffffff) ustat$auto(0x801, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/sockstat\x00', 0xc0880, 0x0) read$auto(r2, &(0x7f0000000040)='/proc/self/net/icmp\x00', 0x80000001) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x12, 0x940, 0x1fee0, 0x3, 0x6, 0xfffffffffffffffe, 0x3, 0x5, 0x5, 0xff, 0xb0, 0x9, 0x5, 0x3, 0x5, 0x1000000000800, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x23c, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000, 0x0, 0xfffffffffffffffd]}, 0x1fe, 0x82) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) pread64$auto(r3, 0x0, 0x3, 0x5) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0) write$auto(r4, 0x0, 0x3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r5 = socket(0x1d, 0x2, 0x7) getsockopt$auto(r5, 0x6b, 0xdc5a, 0xfffffffffffffffe, 0x0) mmap$auto(0x8, 0x20009, 0xf, 0x800000000000ebf, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCVHANGUP2(r6, 0x5437, 0x0) fcntl$auto(0x3, 0x4, 0xa553) 1.853835253s ago: executing program 2 (id=513): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) init_module$auto(0x0, 0xfffff, 0x0) mkdir$auto(0x0, 0x8001) getpriority$auto_PRIO_USER(0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x568) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x101142, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, 0x0) move_pages$auto(0xffffffffffffffff, 0xf54, 0x0, 0x0, 0x0, 0x2) execve$auto(0x0, 0x0, 0x0) capget$auto(0x0, 0x0) symlink$auto(0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) getsockopt$auto(0xffffffffffffffff, 0xff, 0x7, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x280, 0x0) pread64$auto(r2, 0x0, 0x8, 0x8) mmap$auto(0x0, 0x44, 0x3, 0x11, r0, 0xc) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty0\x00', 0x102, 0x0) ioctl$auto(0x3, 0x4b71, 0x38) 1.737897322s ago: executing program 1 (id=514): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000000180), 0xffffffffffffffff) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/pvrusb2/parameters/vbi_nr\x00', 0x200, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r2, &(0x7f0000003900)='\t', 0x1) read$auto(r1, 0x0, 0x1) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x801, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0xf53, 0xffffffffffff0008, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) fsconfig$auto_FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000000)='\x00', &(0x7f0000000140)="487af514af7c58791fcc1ec20a4de4e64ab7797a15a16994ee759007aba46b65b8d35332957a32453fa9687cd8283356041f771f1fa221ec6a29e7915dd8ddcc47594951ca5d73933a3d6cda00dc819268f15bd73327e2762a59355288aef2a0aeff1ced9acddf1b316f1b7a5b307ec70ce4a0c47220b5e8bb807d", 0x3) close_range$auto(0x2, 0xa, 0x0) 1.672500611s ago: executing program 0 (id=515): r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0xfffffffffffffffe, 0x2020009, 0x1, 0x16, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0) write$auto(r1, &(0x7f0000000240)='802.15.4 MAC\x00', 0x3) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0xa003, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r2, 0x1, &(0x7f0000000140)="f29648d3fcf35b8881a319ad98662624ae17cd10c6e965119c749039c2a662cd6f66e728c546b0c3ba9a9470f4e36dc6d0361c5d14196baeac754395530997397ee4285342cc09f7c7c85491f50da6a894821ab36612c0949b02cb47df05c7720557a8d14706718493db98af5ab8bc5cd82931131ce4f5f2339466c02953d23e6156f68f7533f512426e2f10551961548273c9560fd882c965374fd3473a97e7c257fae01f450478f49f643de30aa10f7a8db576842eefc3371e46a4827e37fdd9a0cc75d83133ed1483d906ba78b50add5a147cab81f16e2603d8f7bcf9ed") syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid$auto(r0, 0x0) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) r4 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/snd/pcmC0D0c\x00', 0x80900, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r5 = gettid() process_vm_writev$auto(r5, 0x0, 0x3, 0x0, 0x4, 0x0) clone$auto(0x6, 0x9, 0x0, 0x0, 0xe08) socket(0x23, 0x80805, 0x0) bpf$auto(0x10001, &(0x7f0000000140)=@bpf_attr_1={0xffffffffffffffff, 0x4, @value=0x8, 0x2}, 0x800) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS2(r4, 0xc2604111, &(0x7f0000000600)={0x10001, [{[0x4, 0x9, 0x1, 0x80000001, 0x1, 0x1, 0x3, 0x5]}, {[0xffffffff, 0x8, 0xffffffff, 0x200, 0xfffffffa, 0xffff8000, 0x3, 0x2]}, {[0x1334000, 0x1, 0x7, 0x1, 0xcb0, 0x4, 0x5, 0x8]}], [{[0x63, 0x8, 0x8, 0x3, 0x3, 0x2, 0x781, 0x6]}, {[0x3, 0x200, 0x514be123, 0x1, 0x1, 0x7, 0x4, 0x81]}, {[0x5, 0x8001, 0x4, 0x7, 0x5, 0x80, 0x1, 0x9]}, {[0x6124, 0x8, 0x0, 0x800, 0x10001, 0x7, 0x3, 0x7fffffff]}, {[0x6, 0x5, 0x5, 0x104, 0x4, 0x0, 0x3]}], [{0x7f, 0x315e, 0x1, 0x0, 0x1}, {0x35b22e9c, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x2, 0x79e2, 0x1, 0x0, 0x0, 0x1}, {0x400, 0x18, 0x1, 0x0, 0x0, 0x1}, {0x2, 0x3, 0x0, 0x0, 0x1}, {0x9, 0x6, 0x0, 0x0, 0x1, 0x1}, {0xa, 0x0, 0x0, 0x1, 0x0, 0x1}, {0xffffffff, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x3, 0x8, 0x0, 0x1}, {0x1, 0x3, 0x0, 0x1, 0x1, 0x1}, {0x9, 0xfcfa, 0x0, 0x1, 0x1, 0x1}, {0x401, 0x401, 0x0, 0x1, 0x0, 0x1}], [{0x0, 0x4, 0x1, 0x1, 0x1, 0x1}, {0x3}, {0x0, 0x81, 0x0, 0x1, 0x1, 0x1}, {0x1df, 0x3, 0x0, 0x1, 0x1, 0x1}, {0x2, 0x5, 0x0, 0x1, 0x1}, {0x0, 0x0, 0x1, 0x1, 0x1, 0x1}, {0xffff0001, 0x8, 0x1, 0x1, 0x1}, {0x2, 0xdad4, 0x1, 0x0, 0x1}, {0x0, 0x7, 0x0, 0x1, 0x0, 0x1}], 0x101, 0x9, 0x7, 0x2, 0x6, 0x7, 0x1000, "4053c497e8da8420f7601310f6ca3464", "ebd82fd2742103b4779e2c8334ab7ecfd1c4fc6197b76b5cf37ed3776f42a82b829c87af8c19d402cbf98aa045e1f364"}) accept$auto(r3, &(0x7f0000000040)=@ax25={0x3, @default, 0x3}, &(0x7f00000000c0)=0xfff) wait4$auto(0x0, 0x0, 0x8, 0x0) 770.678905ms ago: executing program 3 (id=516): r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) clock_gettime$auto(0x2, &(0x7f0000000000)={0x7, 0x7}) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) io_uring_register$auto(0xffffffffffffffff, 0xffff5594, 0x0, 0x1) prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x40000000000c, 0x3fffffffff) r2 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r2, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_OWNER(r3, 0xaf01, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram3\x00', 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x38, 0x6, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_GET_BLA_CLAIM(r4, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000002000)={&(0x7f0000000340)=ANY=[@ANYBLOB="6714bf7f", @ANYBLOB="7d3f2dbd7000fddbdf250b0000009a186fa3009c378575480d377bec17864aaab310d1f023c2a5cb12fdffb0bd4163942b191301bf33e2937efbe29aa7361d3097d3896ad0467eb3002aeda72c84aae892abafeee433c70514752c7ca49580b5075e72ada90a09f94f42dd8d6a8cb4cf2524e80d75c0a00a60c9e8b4f645ea8f87531f22811b6d7e41ef3c3432b3891fce3f71c25ad7bb1e6cc04afe5d75f8789199b6"], 0x14}, 0x1, 0x0, 0x0, 0x48018}, 0x400c880) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0xffffffffffffffc3, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x8805}, 0x2400c804) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) r5 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r5, 0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mlock2$auto(0x1, 0x8001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 450.609669ms ago: executing program 0 (id=517): openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, 0x0, 0x90203, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0x800, 0x8) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, &(0x7f0000000040)='nbd\x00', 0x4) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x87, 0x0) clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9) exit$auto(0x7) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, 0x0, 0x800) getsockopt$auto(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, 0x0, 0xa2741, 0x0) adjtimex$auto(&(0x7f00000004c0)={0x23, 0x0, 0x0, 0xfffffffffffffffd, 0x3, 0x3, 0x2, 0x0, 0x3, 0x8, 0x2, {0x2100000000, 0x1000010000}, 0xfffffffffffffffc, 0x73d, 0xffffffffffffffdd, 0x1008001, 0x0, 0x6, 0x21b, 0xffffffff, 0xa745, 0x6, 0x1000}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0xa2100, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS0\x00', 0x101c81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x3) gettid() kexec_load$auto(0x7, 0x2, &(0x7f0000000040)={@buf=&(0x7f0000000140)="5bafd56c2c122bc0003f91ad0e2963b1259c512c75114cd1bf833777c5f1aa905ac6eaa258e2aca172f1b2fb7932baaa9e6bdd5d4c193da127fe2ae6116f2ad909a5ee204ca4094f82cb444aed85374298875fd1e2c861610242a6b8c01c0e2bb8d7896b6d6286d95dcd06fbd7120d0e562fe7fb9f334d7067ea429bd6914891fa48b2bea45968c3fe24052221cec0fd646ebea2baa46ac5f8e8af6bdfaa451cd4e6da", 0x2aa7, 0x6c0000c000, 0xc000}, 0x4) write$auto_console_fops_tty_io(r1, &(0x7f0000000440)="671d264add69b6440843b6e6688a2b5ad9df2669e6f9cd236532b20ed763ac8caf4bde4c30b530ac6ebbff950e1a647d6a08a1b55dde5a409b4d", 0x3a) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 428.50099ms ago: executing program 1 (id=518): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x10, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x120e2, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010325bd7040000c0002006e6c38303231310008000a00ef0100003e88f07c51eb9ca656ff0e3c86f65d1e3365ad2258eddd139949e4e9699a81d9094cf905dbd25467c33391bcf5542d19a4cc9445d8ea4dc87392f0e120db5cc3323ba91473571a6329311d95c633a42bc8d2defecb9c87059533748bf05ab2c045f8e3bbcac7da47a87941496a6bf5250c6f8d93d90e1bc8aa3e4d946dc126b52ad9b881a2e4dd5ec7d30357ba2c4e243eafc1cb9d89352f67534cff40b07e9db129fe8334fadf27629f8173042efed54baa17c51e2e7d325d325713c76c44d5979622b7e5f8796129346675d4cb26d5586577722eeaf7541601718cfda18ffe9c0d5443446cf37b35cc3cc7c002a8945f5d72b88a11"], 0x28}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810) write$auto(r1, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0004, 0x1a) setgroups$auto(0xe32, 0x0) r4 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) read$auto_proc_pid_maps_operations_internal(r4, &(0x7f00000010c0)=""/4082, 0xff2) madvise$auto(0x8, 0xc89, 0xffffff33) r5 = socket(0x10, 0x3, 0xc) setsockopt$auto(r5, 0x104000000000010e, 0x1, 0x0, 0x16) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 3 (id=519): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x80800, 0x0) shmctl$auto_SHM_STAT_ANY(0xc, 0xf, &(0x7f0000000340)={{0x4, 0xee01, 0xee01, 0x80, 0x80, 0xfffffff8, 0x7fff}, 0x6, 0x6, 0x9, 0xcd, @raw=0x1000, @inferred=0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000140)="7aafdb967c337cd9e9ad6dc9b1d4a08f07095c53e01359e1c4dc0d8252120cdc7079cdce7a5297ebbe740e39bd2773faec461345b31ee2e2e99c5d1fa9eed001b3e6684fdb1ba0219922157b5a27f020cc5276d049e985dc1cc19c50aa79a5c9e3f25f", &(0x7f00000001c0)="87206c8b1b7fb37ea771ea589f1cc62e50c829c4f476b9a871da5fa138fc6a8e9d3abf7923207febe7156f057d500ce28e1d6e85afd5dda59cc211366f02e34e48cb0cc453875ba6170dcf5fac74747d7abd0c42e078a66dc862672efa45dc431117ee473f0585befeab640e2f4a7db114db9e89b97d108c4383224ddf6bbdd1c82514adb8cb4aa44816f5e329c18b343c2658172e"}) fstat$auto(r0, &(0x7f0000000440)={0x2, 0x7, 0xffffffffffff2073, 0x4, 0xee01, r1, 0x0, 0x401, 0x2, 0x10000, 0x5a5b, 0x10000, 0x1, 0x5, 0x6, 0x800, 0xffffffff}) socket(0xa, 0x3, 0x3b) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) clone$auto(0x1ff00, 0x0, &(0x7f0000002040)=0x7, 0x0, 0x9) connect$auto(r0, &(0x7f0000000000)=@qipcrtr={0x2a, 0x1, 0x7fff}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/hugepages/hugepages-2048kB/resv_hugepages\x00', 0x40200, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)=""/65, 0x41) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x9, 0x6, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) madvise$auto_MADV_PAGEOUT(0xff, 0x3cbe1076, 0x15) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) set_mempolicy$auto(0x5, &(0x7f00000000c0)=0x8, 0x9) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x3, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1) shutdown$auto(0x200000003, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.125' (ED25519) to the list of known hosts. [ 98.223345][ T5817] cgroup: Unknown subsys name 'net' [ 98.373439][ T5817] cgroup: Unknown subsys name 'cpuset' [ 98.383508][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 100.268374][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.339576][ T1225] cfg80211: failed to load regulatory.db [ 102.549745][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 102.557778][ T5843] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 102.566983][ T5843] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 102.575317][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 102.583634][ T5843] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 102.592045][ T5843] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 102.618654][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 102.619909][ T5846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 102.634989][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 102.642661][ T5845] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 102.643842][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 102.651818][ T5846] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 102.663823][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 102.673655][ T5845] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 102.682102][ T5845] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 102.689345][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 102.697945][ T5845] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 102.705417][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 102.716338][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 102.735269][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.178209][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 103.460334][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 103.491926][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 103.511375][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.518774][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.526293][ T5833] bridge_slave_0: entered allmulticast mode [ 103.534983][ T5833] bridge_slave_0: entered promiscuous mode [ 103.578948][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.586151][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.593518][ T5833] bridge_slave_1: entered allmulticast mode [ 103.601196][ T5833] bridge_slave_1: entered promiscuous mode [ 103.632314][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 103.709432][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.730531][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.835632][ T5833] team0: Port device team_slave_0 added [ 103.845575][ T5833] team0: Port device team_slave_1 added [ 103.852642][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.859859][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.867041][ T5831] bridge_slave_0: entered allmulticast mode [ 103.875036][ T5831] bridge_slave_0: entered promiscuous mode [ 103.931239][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.941024][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.948642][ T5831] bridge_slave_1: entered allmulticast mode [ 103.956069][ T5831] bridge_slave_1: entered promiscuous mode [ 103.963829][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.971017][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.978701][ T5832] bridge_slave_0: entered allmulticast mode [ 103.986232][ T5832] bridge_slave_0: entered promiscuous mode [ 104.043999][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.051442][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.059616][ T5832] bridge_slave_1: entered allmulticast mode [ 104.067086][ T5832] bridge_slave_1: entered promiscuous mode [ 104.092622][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.099803][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.126286][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.167793][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.175140][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.182834][ T5834] bridge_slave_0: entered allmulticast mode [ 104.191026][ T5834] bridge_slave_0: entered promiscuous mode [ 104.199792][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.206973][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.214635][ T5834] bridge_slave_1: entered allmulticast mode [ 104.222874][ T5834] bridge_slave_1: entered promiscuous mode [ 104.230459][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.237456][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.263722][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.286714][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.343639][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.356066][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.369423][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.382796][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.410861][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.509804][ T5831] team0: Port device team_slave_0 added [ 104.536453][ T5833] hsr_slave_0: entered promiscuous mode [ 104.543866][ T5833] hsr_slave_1: entered promiscuous mode [ 104.554730][ T5834] team0: Port device team_slave_0 added [ 104.564433][ T5834] team0: Port device team_slave_1 added [ 104.574125][ T5831] team0: Port device team_slave_1 added [ 104.597356][ T5832] team0: Port device team_slave_0 added [ 104.606439][ T5832] team0: Port device team_slave_1 added [ 104.648713][ T51] Bluetooth: hci2: command tx timeout [ 104.705307][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.712655][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.739585][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.739676][ T51] Bluetooth: hci0: command tx timeout [ 104.753334][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.763264][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.789768][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.808046][ T51] Bluetooth: hci1: command tx timeout [ 104.808080][ T5837] Bluetooth: hci3: command tx timeout [ 104.819204][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.819226][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.819274][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.865295][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.872537][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.899465][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.911525][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.918737][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.945098][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.986037][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.993417][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.019662][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.145190][ T5831] hsr_slave_0: entered promiscuous mode [ 105.153482][ T5831] hsr_slave_1: entered promiscuous mode [ 105.160343][ T5831] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 105.168572][ T5831] Cannot create hsr debugfs directory [ 105.199005][ T5832] hsr_slave_0: entered promiscuous mode [ 105.205533][ T5832] hsr_slave_1: entered promiscuous mode [ 105.212703][ T5832] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 105.220449][ T5832] Cannot create hsr debugfs directory [ 105.240417][ T5834] hsr_slave_0: entered promiscuous mode [ 105.246779][ T5834] hsr_slave_1: entered promiscuous mode [ 105.253210][ T5834] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 105.260961][ T5834] Cannot create hsr debugfs directory [ 105.706684][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 105.721132][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 105.759578][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 105.782942][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 105.840832][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 105.863638][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 105.875853][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 105.904885][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 105.982005][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.995726][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.014526][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.027476][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.161799][ T5832] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 106.184962][ T5832] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 106.196810][ T5832] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 106.210842][ T5832] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 106.345730][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.394203][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.412004][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.433264][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.463646][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.471058][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.494424][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.510917][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.518244][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.542997][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.550224][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.582328][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.589633][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.622744][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.667281][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.674478][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.703315][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.722240][ T3514] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.729457][ T3514] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.737639][ T5837] Bluetooth: hci2: command tx timeout [ 106.752981][ T5833] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 106.809189][ T5837] Bluetooth: hci0: command tx timeout [ 106.852970][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.889255][ T5837] Bluetooth: hci1: command tx timeout [ 106.889519][ T51] Bluetooth: hci3: command tx timeout [ 106.911257][ T3514] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.918528][ T3514] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.943221][ T3514] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.950496][ T3514] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.413200][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.506690][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.595330][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.639608][ T5833] veth0_vlan: entered promiscuous mode [ 107.658679][ T5833] veth1_vlan: entered promiscuous mode [ 107.725721][ T5831] veth0_vlan: entered promiscuous mode [ 107.751854][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.775206][ T5833] veth0_macvtap: entered promiscuous mode [ 107.783782][ T5831] veth1_vlan: entered promiscuous mode [ 107.815465][ T5833] veth1_macvtap: entered promiscuous mode [ 107.857184][ T5834] veth0_vlan: entered promiscuous mode [ 107.890734][ T5834] veth1_vlan: entered promiscuous mode [ 107.900302][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.913895][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.941969][ T5833] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.951212][ T5833] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.963156][ T5833] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.972678][ T5833] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.022106][ T5832] veth0_vlan: entered promiscuous mode [ 108.034122][ T5831] veth0_macvtap: entered promiscuous mode [ 108.074654][ T5832] veth1_vlan: entered promiscuous mode [ 108.086895][ T5831] veth1_macvtap: entered promiscuous mode [ 108.145833][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.200540][ T5834] veth0_macvtap: entered promiscuous mode [ 108.213223][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.222764][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.239591][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.254947][ T5834] veth1_macvtap: entered promiscuous mode [ 108.272120][ T5831] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.281635][ T5831] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.291141][ T5831] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.300363][ T5831] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.347060][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.351434][ T5832] veth0_macvtap: entered promiscuous mode [ 108.364396][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.405009][ T5832] veth1_macvtap: entered promiscuous mode [ 108.423097][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.483064][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.495984][ T5833] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 108.504604][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.553324][ T5834] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.564784][ T5834] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.605532][ T5834] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.628592][ T5834] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.664595][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.692158][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.710963][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.721915][ T5832] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.729935][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 108.734718][ T5832] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.748299][ T5832] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.757324][ T5832] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.818057][ T51] Bluetooth: hci2: command tx timeout [ 108.889989][ T51] Bluetooth: hci0: command tx timeout [ 108.919498][ T1149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.958742][ T1149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.968862][ T51] Bluetooth: hci1: command tx timeout [ 108.968900][ T5837] Bluetooth: hci3: command tx timeout [ 109.133371][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.151987][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.232357][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.261113][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.468426][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.595918][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 109.698043][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 109.723987][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.744895][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.074684][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.094291][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.248057][ T5935] random: crng reseeded on system resumption [ 110.719371][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.729088][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 110.893137][ T5837] Bluetooth: hci2: command tx timeout [ 110.969304][ T5837] Bluetooth: hci0: command tx timeout [ 111.049192][ T5837] Bluetooth: hci3: command tx timeout [ 111.055265][ T51] Bluetooth: hci1: command tx timeout [ 111.439744][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 111.643141][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 111.848586][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!! [ 111.856969][ T0] NOHZ tick-stop error: local softirq work is pending, handler #1c0!!! [ 114.741764][ T5982] random: crng reseeded on system resumption [ 119.257513][ T6054] random: crng reseeded on system resumption [ 124.280783][ T6118] random: crng reseeded on system resumption [ 125.685038][ T6131] random: crng reseeded on system resumption [ 127.252406][ T6140] Invalid ELF header magic: != ELF [ 129.674329][ T6177] binder: 6154:6177 ioctl c00c620f 200000000340 returned -22 [ 132.624793][ T6221] random: crng reseeded on system resumption [ 133.901185][ T6230] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x78001 [ 133.933984][ T6230] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 133.988633][ T6230] page_type: f2(table) [ 134.038746][ T6230] raw: 00fff00000000000 0000000000000000 0000000000000000 0000000000000000 [ 134.254315][ T6230] raw: ffff888000000000 ffff8880787f9840 00000001f2000000 0000000000000000 [ 134.316933][ T6230] page dumped because: unmovable page [ 134.322833][ T6230] page_owner tracks the page as allocated [ 134.353414][ T6230] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 5494, tgid 5494 (dhcpcd), ts 73707481649, free_ts 73569771546 [ 134.382163][ T6230] post_alloc_hook+0x1c0/0x230 [ 134.397396][ T6230] get_page_from_freelist+0x1321/0x3890 [ 134.447684][ T6230] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 134.463991][ T6230] alloc_pages_mpol+0x1fb/0x550 [ 134.487525][ T6230] alloc_pages_noprof+0x131/0x390 [ 134.523151][ T6230] __pmd_alloc+0x3b/0x930 [ 134.531597][ T6230] copy_page_range+0x2419/0x5740 [ 134.686160][ T6230] dup_mmap+0xe88/0x21d0 [ 134.953504][ T6234] could not allocate digest TFM handle binfmt_misc [ 134.964296][ T6230] copy_process+0x4081/0x76a0 [ 134.981434][ T6230] kernel_clone+0xfc/0x960 [ 135.043347][ T6230] __do_sys_clone+0xce/0x120 [ 135.054590][ T6230] do_syscall_64+0xcd/0x490 [ 135.097091][ T6230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.161667][ T6230] page last free pid 0 tgid 0 stack trace: [ 135.232238][ T6253] random: crng reseeded on system resumption [ 135.252304][ T6230] __free_frozen_pages+0x7fe/0x1180 [ 135.461378][ T6230] rcu_core+0x799/0x14e0 [ 135.465767][ T6230] handle_softirqs+0x219/0x8e0 [ 135.536844][ T6230] __irq_exit_rcu+0x109/0x170 [ 135.558669][ T6230] irq_exit_rcu+0x9/0x30 [ 135.563025][ T6230] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 135.612909][ T6230] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 137.487522][ T6276] random: crng reseeded on system resumption [ 142.651872][ T6336] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 143.300744][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.307398][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 145.381917][ T6378] random: crng reseeded on system resumption [ 149.696670][ T6438] random: crng reseeded on system resumption [ 149.967418][ T6445] syz.1.82 uses obsolete (PF_INET,SOCK_PACKET) [ 150.199031][ T5837] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 156.750916][ T6526] random: crng reseeded on system resumption [ 160.351733][ T6569] random: crng reseeded on system resumption [ 161.677689][ T6585] FAULT_INJECTION: forcing a failure. [ 161.677689][ T6585] name failslab, interval 1, probability 0, space 0, times 1 [ 161.724339][ T6585] CPU: 0 UID: 0 PID: 6585 Comm: syz.1.107 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 161.724388][ T6585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 161.724411][ T6585] Call Trace: [ 161.724422][ T6585] [ 161.724438][ T6585] dump_stack_lvl+0x16c/0x1f0 [ 161.724502][ T6585] should_fail_ex+0x512/0x640 [ 161.724551][ T6585] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 161.724611][ T6585] should_failslab+0xc2/0x120 [ 161.724651][ T6585] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 161.724707][ T6585] ? devinet_init_net+0xeb/0x910 [ 161.724748][ T6585] kmemdup_noprof+0x29/0x60 [ 161.724798][ T6585] devinet_init_net+0xeb/0x910 [ 161.724839][ T6585] ? __pfx_devinet_init_net+0x10/0x10 [ 161.724880][ T6585] ops_init+0x1df/0x5f0 [ 161.724915][ T6585] setup_net+0x1ff/0x510 [ 161.724943][ T6585] ? lockdep_init_map_type+0x5c/0x280 [ 161.724991][ T6585] ? __pfx_setup_net+0x10/0x10 [ 161.725025][ T6585] ? debug_mutex_init+0x37/0x70 [ 161.725062][ T6585] copy_net_ns+0x2a6/0x5f0 [ 161.725101][ T6585] create_new_namespaces+0x3ea/0xa90 [ 161.725149][ T6585] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 161.725190][ T6585] ksys_unshare+0x45b/0xa40 [ 161.725235][ T6585] ? __pfx_ksys_unshare+0x10/0x10 [ 161.725286][ T6585] ? xfd_validate_state+0x61/0x180 [ 161.725342][ T6585] __x64_sys_unshare+0x31/0x40 [ 161.725385][ T6585] do_syscall_64+0xcd/0x490 [ 161.725441][ T6585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.725476][ T6585] RIP: 0033:0x7f8f8998e929 [ 161.725514][ T6585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 161.725546][ T6585] RSP: 002b:00007f8f8a781038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 161.725582][ T6585] RAX: ffffffffffffffda RBX: 00007f8f89bb5fa0 RCX: 00007f8f8998e929 [ 161.725604][ T6585] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 161.725628][ T6585] RBP: 00007f8f89a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 161.725648][ T6585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 161.725666][ T6585] R13: 0000000000000000 R14: 00007f8f89bb5fa0 R15: 00007fff49c89898 [ 161.725707][ T6585] [ 163.294135][ T6605] random: crng reseeded on system resumption [ 165.216200][ T6634] random: crng reseeded on system resumption [ 170.390202][ T6695] random: crng reseeded on system resumption [ 172.905013][ T6723] random: crng reseeded on system resumption [ 174.129808][ T6739] random: crng reseeded on system resumption [ 176.762872][ T6758] zram: Removed device: zram0 [ 177.445310][ T6769] Invalid ELF header magic: != ELF [ 178.040418][ T6778] random: crng reseeded on system resumption [ 188.830166][ T6903] syz.2.164 (6903) used greatest stack depth: 19800 bytes left [ 192.918135][ T6965] input: f¬ as /devices/virtual/input/input5 [ 196.812375][ T7020] FAULT_INJECTION: forcing a failure. [ 196.812375][ T7020] name failslab, interval 1, probability 0, space 0, times 0 [ 196.868295][ T7020] CPU: 1 UID: 0 PID: 7020 Comm: syz.1.185 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 196.868336][ T7020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 196.868353][ T7020] Call Trace: [ 196.868363][ T7020] [ 196.868373][ T7020] dump_stack_lvl+0x16c/0x1f0 [ 196.868423][ T7020] should_fail_ex+0x512/0x640 [ 196.868474][ T7020] ? fs_reclaim_acquire+0xae/0x150 [ 196.868510][ T7020] should_failslab+0xc2/0x120 [ 196.868534][ T7020] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 196.868574][ T7020] ? security_inode_alloc+0x3b/0x2b0 [ 196.868608][ T7020] security_inode_alloc+0x3b/0x2b0 [ 196.868637][ T7020] inode_init_always_gfp+0xce4/0x1030 [ 196.868679][ T7020] alloc_inode+0x86/0x240 [ 196.868706][ T7020] new_inode+0x22/0x1c0 [ 196.868736][ T7020] __debugfs_create_file+0x11c/0x6b0 [ 196.868775][ T7020] debugfs_create_file_full+0x41/0x60 [ 196.868813][ T7020] kvm_dev_ioctl+0x14ff/0x1ad0 [ 196.868878][ T7020] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 196.868934][ T7020] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 196.868979][ T7020] __x64_sys_ioctl+0x18b/0x210 [ 196.869014][ T7020] do_syscall_64+0xcd/0x490 [ 196.869057][ T7020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.869084][ T7020] RIP: 0033:0x7f8f8998e929 [ 196.869106][ T7020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.869133][ T7020] RSP: 002b:00007f8f8a781038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 196.869159][ T7020] RAX: ffffffffffffffda RBX: 00007f8f89bb5fa0 RCX: 00007f8f8998e929 [ 196.869177][ T7020] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002 [ 196.869194][ T7020] RBP: 00007f8f89a10b39 R08: 0000000000000000 R09: 0000000000000000 [ 196.869211][ T7020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.869227][ T7020] R13: 0000000000000000 R14: 00007f8f89bb5fa0 R15: 00007fff49c89898 [ 196.869262][ T7020] [ 196.869299][ T7020] debugfs: out of free dentries, can not create file 'pages_4k' [ 201.924004][ T7121] Zero length message leads to an empty skb [ 202.880199][ T7142] process 'syz.3.207' launched './file0' with NULL argv: empty string added [ 203.693835][ T7129] netlink: 330 bytes leftover after parsing attributes in process `syz.0.205'. [ 204.743044][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.751313][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.848415][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 206.617594][ T7175] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 207.188312][ T7191] FAULT_INJECTION: forcing a failure. [ 207.188312][ T7191] name failslab, interval 1, probability 0, space 0, times 0 [ 207.228306][ T7191] CPU: 0 UID: 0 PID: 7191 Comm: syz.0.215 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 207.228355][ T7191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 207.228374][ T7191] Call Trace: [ 207.228384][ T7191] [ 207.228396][ T7191] dump_stack_lvl+0x16c/0x1f0 [ 207.228451][ T7191] should_fail_ex+0x512/0x640 [ 207.228498][ T7191] ? fs_reclaim_acquire+0xae/0x150 [ 207.228539][ T7191] ? tomoyo_encode2+0x100/0x3e0 [ 207.228581][ T7191] should_failslab+0xc2/0x120 [ 207.228613][ T7191] __kmalloc_noprof+0xd2/0x510 [ 207.228659][ T7191] ? d_absolute_path+0x136/0x1a0 [ 207.228698][ T7191] tomoyo_encode2+0x100/0x3e0 [ 207.228747][ T7191] tomoyo_encode+0x29/0x50 [ 207.228789][ T7191] tomoyo_realpath_from_path+0x18f/0x6e0 [ 207.228847][ T7191] tomoyo_check_open_permission+0x2ab/0x3c0 [ 207.228888][ T7191] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 207.228969][ T7191] ? do_raw_spin_lock+0x12c/0x2b0 [ 207.229030][ T7191] tomoyo_file_open+0x6b/0x90 [ 207.229084][ T7191] security_file_open+0x84/0x1e0 [ 207.229128][ T7191] do_dentry_open+0x596/0x1c10 [ 207.229189][ T7191] vfs_open+0x82/0x3f0 [ 207.229229][ T7191] path_openat+0x1de4/0x2cb0 [ 207.229299][ T7191] ? __pfx_path_openat+0x10/0x10 [ 207.229350][ T7191] ? __lock_acquire+0xb8a/0x1c90 [ 207.229397][ T7191] do_filp_open+0x20b/0x470 [ 207.229445][ T7191] ? __pfx_do_filp_open+0x10/0x10 [ 207.229523][ T7191] ? alloc_fd+0x471/0x7d0 [ 207.229578][ T7191] do_sys_openat2+0x11b/0x1d0 [ 207.229613][ T7191] ? __pfx_do_sys_openat2+0x10/0x10 [ 207.229666][ T7191] __x64_sys_openat+0x174/0x210 [ 207.229703][ T7191] ? __pfx___x64_sys_openat+0x10/0x10 [ 207.229757][ T7191] do_syscall_64+0xcd/0x490 [ 207.229811][ T7191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.229843][ T7191] RIP: 0033:0x7fcae458e929 [ 207.229887][ T7191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.229919][ T7191] RSP: 002b:00007fcae23f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 207.229951][ T7191] RAX: ffffffffffffffda RBX: 00007fcae47b5fa0 RCX: 00007fcae458e929 [ 207.229973][ T7191] RDX: 0000000000000000 RSI: 0000200000000300 RDI: ffffffffffffff9c [ 207.229994][ T7191] RBP: 00007fcae4610b39 R08: 0000000000000000 R09: 0000000000000000 [ 207.230014][ T7191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 207.230033][ T7191] R13: 0000000000000000 R14: 00007fcae47b5fa0 R15: 00007ffe8d8d7f58 [ 207.230075][ T7191] [ 207.230107][ T7191] ERROR: Out of memory at tomoyo_realpath_from_path. [ 207.840857][ T7195] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 212.905649][ T7291] netlink: 342 bytes leftover after parsing attributes in process `syz.0.231'. [ 213.101678][ T7291] capability: warning: `syz.0.231' uses 32-bit capabilities (legacy support in use) [ 213.500239][ T7302] Invalid ELF header magic: != ELF [ 216.155932][ T7338] netlink: 28 bytes leftover after parsing attributes in process `syz.3.239'. [ 218.009951][ T7368] warning: `syz.3.246' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 218.269143][ T7374] netlink: 8 bytes leftover after parsing attributes in process `syz.2.247'. [ 218.394037][ T7374] netlink: 8 bytes leftover after parsing attributes in process `syz.2.247'. [ 222.021895][ T7405] Invalid ELF header magic: != ELF [ 223.339823][ T7436] mmap: syz.2.259 (7436) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 225.480187][ T7477] zram: Added device: zram0 [ 226.996942][ T7496] Invalid ELF header magic: != ELF [ 227.296870][ T5846] Bluetooth: hci0: command 0x0406 tx timeout [ 227.296868][ T5848] Bluetooth: hci1: command 0x0406 tx timeout [ 227.296938][ T5848] Bluetooth: hci2: command 0x0406 tx timeout [ 227.308636][ T5847] Bluetooth: hci3: command 0x0406 tx timeout [ 227.823640][ T7506] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 227.905227][ T7506] CIFS mount error: No usable UNC path provided in device string! [ 227.905227][ T7506] [ 227.929841][ T7506] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 228.006160][ T7512] Invalid ELF header magic: != ELF syzkaller syzkaller login: [ 232.034445][ T7546] [U]  [ 232.037454][ T7546] [U] [ 232.040181][ T7546] [U] [ 232.042901][ T7546] [U] [ 232.111258][ T7546] [U] [ 232.114041][ T7546] [U] [ 232.116795][ T7546] [U] [ 232.119559][ T7546] [U] [ 232.136144][ T7546] [U] [ 232.138947][ T7546] [U] [ 232.141707][ T7546] [U] [ 232.144464][ T7546] [U] [ 232.158707][ T7546] [U] [ 232.161494][ T7546] [U] [ 232.164218][ T7546] [U] [ 232.166945][ T7546] [U] [ 232.195067][ T7546] [U] [ 232.197896][ T7546] [U] [ 232.200633][ T7546] [U] [ 232.203391][ T7546] [U] [ 232.214127][ T7546] [U] [ 232.216900][ T7546] [U] [ 232.219660][ T7546] [U] [ 232.222426][ T7546] [U] [ 232.311693][ T7546] [U] [ 232.314575][ T7546] [U] [ 232.317303][ T7546] [U] [ 232.320024][ T7546] [U] [ 232.542644][ T7546] [U] [ 232.545453][ T7546] [U] [ 232.548204][ T7546] [U] [ 232.550993][ T7546] [U] [ 232.556902][ T7546] [U] [ 232.559681][ T7546] [U] [ 232.562423][ T7546] [U] [ 232.565171][ T7546] [U] [ 232.571363][ T7546] [U] [ 232.574168][ T7546] [U] [ 232.576937][ T7546] [U] [ 232.579711][ T7546] [U] [ 232.588239][ T7546] [U] [ 232.591039][ T7546] [U] [ 232.593826][ T7546] [U] [ 232.596601][ T7546] [U] [ 232.727984][ T7546] [U] [ 233.405682][ T7578] Invalid ELF header magic: != ELF [ 237.784756][ T7645] netlink: 4 bytes leftover after parsing attributes in process `syz.2.300'. [ 237.837288][ T7645] netlink: 354 bytes leftover after parsing attributes in process `syz.2.300'. [ 238.753121][ T7663] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 238.836325][ T7654] zswap: compressor not available [ 242.394509][ T7714] Invalid ELF header magic: != ELF [ 246.007006][ T7753] random: crng reseeded on system resumption [ 247.593520][ T7783] netlink: 'syz.0.324': attribute type 11 has an invalid length. [ 247.635249][ T7783] netlink: 'syz.0.324': attribute type 11 has an invalid length. [ 247.647424][ T7783] netlink: 'syz.0.324': attribute type 11 has an invalid length. [ 248.045019][ T7788] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x78001 [ 248.068121][ T7788] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 248.075347][ T7788] page_type: f2(table) [ 248.099630][ T7788] raw: 00fff00000000000 0000000000000000 0000000000000000 0000000000000000 [ 248.113355][ T7788] raw: ffff888000000000 ffff8880787f9840 00000001f2000000 0000000000000000 [ 248.133550][ T7788] page dumped because: unmovable page [ 248.157421][ T7788] page_owner tracks the page as allocated [ 248.230215][ T7788] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x440dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO|__GFP_COMP), pid 5494, tgid 5494 (dhcpcd), ts 73707481649, free_ts 73569771546 [ 248.267249][ T7788] post_alloc_hook+0x1c0/0x230 [ 248.272625][ T7788] get_page_from_freelist+0x1321/0x3890 [ 248.288081][ T7788] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 248.309512][ T7788] alloc_pages_mpol+0x1fb/0x550 [ 248.321611][ T7788] alloc_pages_noprof+0x131/0x390 [ 248.364109][ T7788] __pmd_alloc+0x3b/0x930 [ 248.374567][ T7788] copy_page_range+0x2419/0x5740 [ 248.389188][ T7788] dup_mmap+0xe88/0x21d0 [ 248.401108][ T7788] copy_process+0x4081/0x76a0 [ 248.412862][ T7788] kernel_clone+0xfc/0x960 [ 248.424229][ T7788] __do_sys_clone+0xce/0x120 [ 248.437960][ T7788] do_syscall_64+0xcd/0x490 [ 248.442648][ T7788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 248.459702][ T7788] page last free pid 0 tgid 0 stack trace: [ 248.470450][ T7788] __free_frozen_pages+0x7fe/0x1180 [ 248.475881][ T7788] rcu_core+0x799/0x14e0 [ 248.481330][ T7788] handle_softirqs+0x219/0x8e0 [ 248.486361][ T7788] __irq_exit_rcu+0x109/0x170 [ 248.493711][ T7788] irq_exit_rcu+0x9/0x30 [ 248.499027][ T7788] sysvec_apic_timer_interrupt+0xa4/0xc0 [ 248.511469][ T7788] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 257.749334][ T7927] unchecked MSR access error: WRMSR to 0x418 (tried to write 0x0000000000000322) at rIP: 0xffffffff8163eaa9 (__mcheck_cpu_init_clear_banks+0x109/0x1f0) [ 257.764984][ T7927] Call Trace: [ 257.768299][ T7927] [ 257.771282][ T7927] ? __pfx_mce_cpu_restart+0x10/0x10 [ 257.776617][ T7927] mce_cpu_restart+0x98/0xb0 [ 257.781344][ T7927] smp_call_function_many_cond+0xef9/0x1510 [ 257.787280][ T7927] ? __pfx_mce_cpu_restart+0x10/0x10 [ 257.792616][ T7927] ? lockdep_hardirqs_on+0x7c/0x110 [ 257.797867][ T7927] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 257.803729][ T7927] ? __pfx_smp_call_function_many_cond+0x10/0x10 [ 257.810094][ T7927] ? __pfx___try_to_del_timer_sync+0x10/0x10 [ 257.816142][ T7927] ? __pfx_mce_cpu_restart+0x10/0x10 [ 257.821480][ T7927] on_each_cpu_cond_mask+0x40/0x90 [ 257.826639][ T7927] set_bank+0x240/0x3a0 [ 257.830839][ T7927] ? __pfx_set_bank+0x10/0x10 [ 257.835553][ T7927] ? find_held_lock+0x2b/0x80 [ 257.840269][ T7927] ? __pfx_set_bank+0x10/0x10 [ 257.844986][ T7927] dev_attr_store+0x55/0x80 [ 257.849535][ T7927] ? __pfx_dev_attr_store+0x10/0x10 [ 257.854766][ T7927] sysfs_kf_write+0xf2/0x150 [ 257.859402][ T7927] kernfs_fop_write_iter+0x351/0x510 [ 257.864718][ T7927] ? __pfx_sysfs_kf_write+0x10/0x10 [ 257.869962][ T7927] vfs_write+0x6c4/0x1150 [ 257.874351][ T7927] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 257.880197][ T7927] ? __pfx___mutex_lock+0x10/0x10 [ 257.885276][ T7927] ? __pfx_vfs_write+0x10/0x10 [ 257.890125][ T7927] ksys_write+0x12a/0x250 [ 257.894502][ T7927] ? __pfx_ksys_write+0x10/0x10 [ 257.899409][ T7927] do_syscall_64+0xcd/0x490 [ 257.903962][ T7927] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.909886][ T7927] RIP: 0033:0x7ff03318e929 [ 257.914329][ T7927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.933992][ T7927] RSP: 002b:00007ff033fa6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 257.942459][ T7927] RAX: ffffffffffffffda RBX: 00007ff0333b6080 RCX: 00007ff03318e929 [ 257.950469][ T7927] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003 [ 257.958479][ T7927] RBP: 00007ff033210b39 R08: 0000000000000000 R09: 0000000000000000 [ 257.966478][ T7927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.974492][ T7927] R13: 0000000000000000 R14: 00007ff0333b6080 R15: 00007ffc661d5b18 [ 257.982517][ T7927] [ 258.301309][ T7923] mkiss: ax0: crc mode is auto. [ 258.350931][ T7921] program syz.3.349 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 258.533308][ T7928] zswap: compressor not available [ 258.796971][ T7921] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 258.806622][ T7921] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 259.135029][ T7921] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 259.148518][ T7921] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 259.349356][ T7921] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 259.416419][ T7921] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 259.516275][ T7921] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 259.526406][ T7921] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 259.641086][ T7921] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 260.821992][ T5837] Bluetooth: hci0: command 0x0406 tx timeout [ 261.220302][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 261.367930][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 261.527908][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 262.890042][ T5837] Bluetooth: hci0: command 0x0406 tx timeout [ 263.299071][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 263.450215][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 263.608361][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 265.687889][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 266.183048][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.190175][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 268.112755][ T8046] netlink: 28 bytes leftover after parsing attributes in process `syz.0.367'. [ 268.256923][ T8049] hub 8-0:1.0: USB hub found [ 268.294025][ T8049] hub 8-0:1.0: 1 port detected [ 274.742608][ T8147] random: crng reseeded on system resumption [ 275.151968][ T8146] mkiss: ax0: crc mode is auto. [ 275.524952][ T5837] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 276.242557][ T8163] sysfs_service_op_show: Client not running :-5: [ 279.332235][ T8208] netlink: 'syz.2.392': attribute type 11 has an invalid length. [ 279.375723][ T8208] netlink: 'syz.2.392': attribute type 11 has an invalid length. [ 279.427342][ T8208] netlink: 'syz.2.392': attribute type 11 has an invalid length. [ 280.076337][ T8230] program syz.0.398 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 280.573419][ T8230] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 280.589482][ T8230] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 280.601063][ T8230] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 280.730158][ T8230] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 280.783100][ T8230] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 282.324838][ T5845] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 282.633942][ T8265] random: crng reseeded on system resumption [ 282.652702][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 282.660442][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 282.818094][ T5845] Bluetooth: hci2: command 0x0406 tx timeout [ 282.824180][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 284.728053][ T5845] Bluetooth: hci1: command 0x0406 tx timeout [ 289.520715][ T8330] random: crng reseeded on system resumption [ 299.494795][ T8418] program syz.0.425 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 300.549651][ T8427] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 300.555738][ T8427] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 300.778530][ T8427] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 300.790357][ T8427] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 300.798209][ T8427] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 301.380578][ T8446] program syz.1.429 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 301.640654][ T8446] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 301.699109][ T8446] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 301.787666][ T8446] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 301.848231][ T8446] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 303.697858][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 303.767921][ T5845] Bluetooth: hci3: command 0x0406 tx timeout [ 303.774012][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 303.927858][ T5845] Bluetooth: hci2: command 0x0406 tx timeout [ 305.767895][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 310.189848][ T8548] program syz.3.448 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 310.829896][ T8548] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 310.836167][ T8548] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 310.918094][ T8548] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 310.965224][ T8548] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 311.340266][ T8556] netlink: 28 bytes leftover after parsing attributes in process `syz.2.449'. [ 311.978002][ T8576] FAULT_INJECTION: forcing a failure. [ 311.978002][ T8576] name failslab, interval 1, probability 0, space 0, times 0 [ 311.998103][ T8576] CPU: 0 UID: 0 PID: 8576 Comm: syz.3.450 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 311.998151][ T8576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 311.998184][ T8576] Call Trace: [ 311.998196][ T8576] [ 311.998210][ T8576] dump_stack_lvl+0x16c/0x1f0 [ 311.998267][ T8576] should_fail_ex+0x512/0x640 [ 311.998311][ T8576] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 311.998352][ T8576] should_failslab+0xc2/0x120 [ 311.998374][ T8576] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 311.998411][ T8576] ? __d_alloc+0x31/0xaa0 [ 311.998450][ T8576] __d_alloc+0x31/0xaa0 [ 311.998490][ T8576] d_alloc+0x4a/0x1e0 [ 311.998527][ T8576] d_alloc_parallel+0xe3/0x12e0 [ 311.998553][ T8576] ? __x64_sys_ioctl+0x18b/0x210 [ 311.998579][ T8576] ? __kernel_text_address+0xd/0x40 [ 311.998617][ T8576] ? arch_stack_walk+0xa6/0x100 [ 311.998660][ T8576] ? __pfx_d_alloc_parallel+0x10/0x10 [ 311.998690][ T8576] ? lockdep_init_map_type+0x5c/0x280 [ 311.998724][ T8576] ? lockdep_init_map_type+0x5c/0x280 [ 311.998761][ T8576] __lookup_slow+0x193/0x460 [ 311.998788][ T8576] ? __pfx___lookup_slow+0x10/0x10 [ 311.998818][ T8576] ? __pcpu_chunk_move+0x380/0x440 [ 311.998856][ T8576] ? __pcpu_chunk_move+0x380/0x440 [ 311.998888][ T8576] ? d_lookup+0xe7/0x190 [ 311.998918][ T8576] lookup_noperm+0xe1/0x110 [ 311.998945][ T8576] start_creating.part.0+0x15a/0x3e0 [ 311.998980][ T8576] __debugfs_create_file+0xa7/0x6b0 [ 311.999014][ T8576] debugfs_create_file_full+0x41/0x60 [ 311.999047][ T8576] kvm_dev_ioctl+0x14ff/0x1ad0 [ 311.999095][ T8576] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 311.999143][ T8576] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 311.999191][ T8576] __x64_sys_ioctl+0x18b/0x210 [ 311.999221][ T8576] do_syscall_64+0xcd/0x490 [ 311.999261][ T8576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.999285][ T8576] RIP: 0033:0x7ff03318e929 [ 311.999304][ T8576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.999326][ T8576] RSP: 002b:00007ff033fc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 311.999348][ T8576] RAX: ffffffffffffffda RBX: 00007ff0333b5fa0 RCX: 00007ff03318e929 [ 311.999363][ T8576] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002 [ 311.999377][ T8576] RBP: 00007ff033210b39 R08: 0000000000000000 R09: 0000000000000000 [ 311.999391][ T8576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 311.999405][ T8576] R13: 0000000000000000 R14: 00007ff0333b5fa0 R15: 00007ffc661d5b18 [ 311.999434][ T8576] [ 312.808920][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 312.889120][ T5845] Bluetooth: hci1: command 0x0406 tx timeout [ 312.968408][ T5845] Bluetooth: hci2: command 0x0406 tx timeout [ 312.974607][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 313.910483][ T8574] sysfs_service_op_show: Client not running :-5: [ 316.382313][ T8622] program syz.0.460 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 321.642948][ T8674] netlink: 330 bytes leftover after parsing attributes in process `syz.3.468'. [ 323.051635][ T8708] program syz.3.472 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 324.237810][ T8711] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 324.258704][ T8711] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 324.264947][ T8711] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 324.336841][ T8711] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 325.727853][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 326.252477][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 326.377426][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 326.407864][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 327.613089][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.619783][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 330.203372][ T8810] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 330.820903][ T5837] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 332.211415][ T8826] zswap: compressor not available [ 332.238022][ T8836] program syz.3.490 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 332.484073][ T8836] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 332.499624][ T8836] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 332.526676][ T8836] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 332.559418][ T8843] FAULT_INJECTION: forcing a failure. [ 332.559418][ T8843] name fail_futex, interval 1, probability 0, space 0, times 1 [ 332.564245][ T8836] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 332.643623][ T8843] CPU: 0 UID: 0 PID: 8843 Comm: syz.1.491 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 332.643672][ T8843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 332.643692][ T8843] Call Trace: [ 332.643702][ T8843] [ 332.643714][ T8843] dump_stack_lvl+0x16c/0x1f0 [ 332.643771][ T8843] should_fail_ex+0x512/0x640 [ 332.643824][ T8843] get_futex_key+0x1d0/0x1540 [ 332.643866][ T8843] ? __pfx_get_futex_key+0x10/0x10 [ 332.643919][ T8843] futex_wake+0xea/0x530 [ 332.643965][ T8843] ? rcu_is_watching+0x12/0xc0 [ 332.643999][ T8843] ? __pfx_futex_wake+0x10/0x10 [ 332.644049][ T8843] ? kmem_cache_free+0x2d1/0x4d0 [ 332.644096][ T8843] ? fd_install+0x225/0x750 [ 332.644137][ T8843] ? putname+0x154/0x1a0 [ 332.644173][ T8843] do_futex+0x1e3/0x350 [ 332.644211][ T8843] ? __pfx_do_futex+0x10/0x10 [ 332.644264][ T8843] __x64_sys_futex+0x1e0/0x4c0 [ 332.644305][ T8843] ? __x64_sys_openat+0x174/0x210 [ 332.644340][ T8843] ? __pfx___x64_sys_futex+0x10/0x10 [ 332.644395][ T8843] do_syscall_64+0xcd/0x490 [ 332.644450][ T8843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.644485][ T8843] RIP: 0033:0x7f8f8998e929 [ 332.644510][ T8843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.644540][ T8843] RSP: 002b:00007f8f8a7600e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 332.644584][ T8843] RAX: ffffffffffffffda RBX: 00007f8f89bb6088 RCX: 00007f8f8998e929 [ 332.644605][ T8843] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8f89bb608c [ 332.644625][ T8843] RBP: 00007f8f89bb6080 R08: 00007f8f8a782000 R09: 0000000000000000 [ 332.644645][ T8843] R10: 0000000000000006 R11: 0000000000000246 R12: 00007f8f89bb608c [ 332.644664][ T8843] R13: 0000000000000000 R14: 00007fff49c897b0 R15: 00007fff49c89898 [ 332.644705][ T8843] [ 332.950009][ T8852] netlink: 252 bytes leftover after parsing attributes in process `syz.0.493'. [ 333.033885][ T8852] netlink: 252 bytes leftover after parsing attributes in process `syz.0.493'. [ 333.687955][ T8864] program syz.0.495 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 334.217853][ T8864] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 334.224083][ T8864] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 334.325969][ T8864] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 334.332502][ T8864] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 336.175626][ T5837] Bluetooth: hci0: command 0x0406 tx timeout [ 336.257840][ T5837] Bluetooth: hci1: command 0x0406 tx timeout [ 336.335209][ T5837] Bluetooth: hci3: command 0x0406 tx timeout [ 336.458025][ T5837] Bluetooth: hci2: command 0x0406 tx timeout [ 337.677367][ T8893] zswap: compressor not available [ 338.121921][ T8912] program syz.0.503 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 338.497246][ T8901] Invalid ELF header magic: != ELF [ 340.762585][ T8940] program syz.3.507 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 341.809337][ T8940] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 341.815592][ T8940] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 341.858908][ T8940] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 341.866367][ T8940] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 343.451037][ T5845] Bluetooth: hci0: command 0x0406 tx timeout [ 343.848031][ T5845] Bluetooth: hci1: command 0x0406 tx timeout [ 343.928024][ T5845] Bluetooth: hci2: command 0x0406 tx timeout [ 343.934135][ T5845] Bluetooth: hci3: command 0x0406 tx timeout [ 344.152910][ T8973] program syz.0.515 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 344.634906][ T8973] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 344.691156][ T8973] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 344.721028][ T8976] zswap: compressor not available [ 344.866171][ T8973] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 344.953610][ T8973] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 345.741092][ T9001] ================================================================== [ 345.741117][ T9001] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x15d4/0x17b0 [ 345.741169][ T9001] Write of size 8 at addr ffffc90003919000 by task syz.0.517/9001 [ 345.741199][ T9001] [ 345.741214][ T9001] CPU: 0 UID: 0 PID: 9001 Comm: syz.0.517 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 345.741256][ T9001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 345.741276][ T9001] Call Trace: [ 345.741288][ T9001] [ 345.741301][ T9001] dump_stack_lvl+0x116/0x1f0 [ 345.741355][ T9001] print_report+0xcd/0x680 [ 345.741410][ T9001] ? __virt_addr_valid+0x81/0x610 [ 345.741449][ T9001] ? sys_fillrect+0x15d4/0x17b0 [ 345.741494][ T9001] kasan_report+0xe0/0x110 [ 345.741525][ T9001] ? sys_fillrect+0x15d4/0x17b0 [ 345.741570][ T9001] sys_fillrect+0x15d4/0x17b0 [ 345.741613][ T9001] ? __pfx_sys_fillrect+0x10/0x10 [ 345.741656][ T9001] ? __pfx_bit_putcs+0x10/0x10 [ 345.741713][ T9001] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 345.741759][ T9001] bit_clear+0x17d/0x220 [ 345.741820][ T9001] ? __pfx_bit_clear+0x10/0x10 [ 345.741873][ T9001] ? __pfx___might_resched+0x10/0x10 [ 345.741909][ T9001] ? fb_get_color_depth+0x120/0x250 [ 345.741960][ T9001] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.742015][ T9001] ? __pfx_bit_clear+0x10/0x10 [ 345.742067][ T9001] __fbcon_clear+0x603/0x780 [ 345.742122][ T9001] fbcon_scroll+0x48b/0x690 [ 345.742174][ T9001] con_scroll+0x45f/0x690 [ 345.742238][ T9001] do_con_write+0x5560/0x8280 [ 345.742304][ T9001] ? __pfx_do_con_write+0x10/0x10 [ 345.742366][ T9001] con_write+0x23/0xb0 [ 345.742393][ T9001] n_tty_write+0x412/0x1160 [ 345.742438][ T9001] ? __pfx_n_tty_write+0x10/0x10 [ 345.742479][ T9001] ? rcu_is_watching+0x12/0xc0 [ 345.742512][ T9001] ? __pfx_woken_wake_function+0x10/0x10 [ 345.742567][ T9001] ? kfree+0x24f/0x4d0 [ 345.742604][ T9001] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 345.742660][ T9001] ? __pfx_n_tty_write+0x10/0x10 [ 345.742697][ T9001] file_tty_write.constprop.0+0x501/0x9b0 [ 345.742756][ T9001] redirected_tty_write+0xd4/0x150 [ 345.742807][ T9001] vfs_write+0x6c4/0x1150 [ 345.742853][ T9001] ? __pfx_redirected_tty_write+0x10/0x10 [ 345.742908][ T9001] ? __pfx_vfs_write+0x10/0x10 [ 345.742951][ T9001] ? find_held_lock+0x2b/0x80 [ 345.742996][ T9001] ksys_write+0x12a/0x250 [ 345.743041][ T9001] ? __pfx_ksys_write+0x10/0x10 [ 345.743094][ T9001] do_syscall_64+0xcd/0x490 [ 345.743147][ T9001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.743181][ T9001] RIP: 0033:0x7fcae458e929 [ 345.743207][ T9001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 345.743239][ T9001] RSP: 002b:00007fcae23b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 345.743270][ T9001] RAX: ffffffffffffffda RBX: 00007fcae47b6160 RCX: 00007fcae458e929 [ 345.743292][ T9001] RDX: 000000000000003a RSI: 0000200000000440 RDI: 0000000000000005 [ 345.743311][ T9001] RBP: 00007fcae4610b39 R08: 0000000000000000 R09: 0000000000000000 [ 345.743330][ T9001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 345.743348][ T9001] R13: 0000000000000001 R14: 00007fcae47b6160 R15: 00007ffe8d8d7f58 [ 345.743379][ T9001] [ 345.743390][ T9001] [ 345.743406][ T9001] The buggy address ffffc90003919000 belongs to a vmalloc virtual mapping [ 345.743423][ T9001] Memory state around the buggy address: [ 345.743440][ T9001] ffffc90003918f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 345.743463][ T9001] ffffc90003918f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 345.743496][ T9001] >ffffc90003919000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 345.743514][ T9001] ^ [ 345.743531][ T9001] ffffc90003919080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 345.743554][ T9001] ffffc90003919100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 345.743572][ T9001] ================================================================== [ 345.743590][ T9001] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 345.743610][ T9001] CPU: 0 UID: 0 PID: 9001 Comm: syz.0.517 Not tainted 6.16.0-rc4-syzkaller-00013-g66701750d556 #0 PREEMPT(full) [ 345.743651][ T9001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 345.743671][ T9001] Call Trace: [ 345.743681][ T9001] [ 345.743693][ T9001] dump_stack_lvl+0x3d/0x1f0 [ 345.743744][ T9001] panic+0x71c/0x800 [ 345.743789][ T9001] ? __pfx_panic+0x10/0x10 [ 345.743837][ T9001] ? __pfx__printk+0x10/0x10 [ 345.743880][ T9001] ? rcu_is_watching+0x12/0xc0 [ 345.743919][ T9001] ? sys_fillrect+0x15d4/0x17b0 [ 345.743956][ T9001] check_panic_on_warn+0xab/0xb0 [ 345.744004][ T9001] end_report+0x107/0x170 [ 345.744056][ T9001] kasan_report+0xee/0x110 [ 345.744086][ T9001] ? sys_fillrect+0x15d4/0x17b0 [ 345.744128][ T9001] sys_fillrect+0x15d4/0x17b0 [ 345.744171][ T9001] ? __pfx_sys_fillrect+0x10/0x10 [ 345.744212][ T9001] ? __pfx_bit_putcs+0x10/0x10 [ 345.744267][ T9001] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 345.744309][ T9001] bit_clear+0x17d/0x220 [ 345.744354][ T9001] ? __pfx_bit_clear+0x10/0x10 [ 345.744398][ T9001] ? __pfx___might_resched+0x10/0x10 [ 345.744430][ T9001] ? fb_get_color_depth+0x120/0x250 [ 345.744485][ T9001] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.744539][ T9001] ? __pfx_bit_clear+0x10/0x10 [ 345.744588][ T9001] __fbcon_clear+0x603/0x780 [ 345.744643][ T9001] fbcon_scroll+0x48b/0x690 [ 345.744694][ T9001] con_scroll+0x45f/0x690 [ 345.744747][ T9001] do_con_write+0x5560/0x8280 [ 345.744833][ T9001] ? __pfx_do_con_write+0x10/0x10 [ 345.744898][ T9001] con_write+0x23/0xb0 [ 345.744927][ T9001] n_tty_write+0x412/0x1160 [ 345.744973][ T9001] ? __pfx_n_tty_write+0x10/0x10 [ 345.745010][ T9001] ? rcu_is_watching+0x12/0xc0 [ 345.745043][ T9001] ? __pfx_woken_wake_function+0x10/0x10 [ 345.745099][ T9001] ? kfree+0x24f/0x4d0 [ 345.745138][ T9001] ? file_tty_write.constprop.0+0x6ef/0x9b0 [ 345.745193][ T9001] ? __pfx_n_tty_write+0x10/0x10 [ 345.745233][ T9001] file_tty_write.constprop.0+0x501/0x9b0 [ 345.745294][ T9001] redirected_tty_write+0xd4/0x150 [ 345.745347][ T9001] vfs_write+0x6c4/0x1150 [ 345.745396][ T9001] ? __pfx_redirected_tty_write+0x10/0x10 [ 345.745453][ T9001] ? __pfx_vfs_write+0x10/0x10 [ 345.745504][ T9001] ? find_held_lock+0x2b/0x80 [ 345.745550][ T9001] ksys_write+0x12a/0x250 [ 345.745598][ T9001] ? __pfx_ksys_write+0x10/0x10 [ 345.745653][ T9001] do_syscall_64+0xcd/0x490 [ 345.745708][ T9001] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 345.745744][ T9001] RIP: 0033:0x7fcae458e929 [ 345.745769][ T9001] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 345.745802][ T9001] RSP: 002b:00007fcae23b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 345.745834][ T9001] RAX: ffffffffffffffda RBX: 00007fcae47b6160 RCX: 00007fcae458e929 [ 345.745858][ T9001] RDX: 000000000000003a RSI: 0000200000000440 RDI: 0000000000000005 [ 345.745879][ T9001] RBP: 00007fcae4610b39 R08: 0000000000000000 R09: 0000000000000000 [ 345.745901][ T9001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 345.745922][ T9001] R13: 0000000000000001 R14: 00007fcae47b6160 R15: 00007ffe8d8d7f58 [ 345.745956][ T9001] [ 345.746307][ T9001] Kernel Offset: disabled