last executing test programs: 7.410877985s ago: executing program 3 (id=153): mmap$auto(0xe, 0x20009, 0x4000000000df, 0x12, 0x401, 0x8000) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000100), 0x8040, 0x0) r1 = io_uring_setup$auto(0xc, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0) read$auto(0x3, 0x0, 0x80) readv$auto(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x9}, 0x5) r2 = socketcall$auto_SYS_ACCEPT4(0x12, &(0x7f00000000c0)=0x100000001) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001200)='/proc/sys/vm/nr_hugepages_mempolicy\x00', 0x202, 0x0) sendfile$auto(r3, r3, 0x0, 0x1) read$auto(0x3, 0x0, 0x80) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), r1) set_tid_address$auto(&(0x7f0000000180)=0x1) setfsuid$auto(0xee00) sendmsg$auto_OVS_VPORT_CMD_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=ANY=[@ANYRES64=r3, @ANYRES16, @ANYBLOB="25d7ed6282f61b362b010e69fff2ea6b9be8c452047412045e26abe39cef9f", @ANYBLOB="040018800000000000d000050045b4fc4d20e461a7cfa5a692e9acf2b3211425b1c77ecbbb4817d7e0b68da870a708c4fef613df8e2a3aa4f5bc3b401ba53f4d173f1490678a31f4b0f6f0449214088328691d7e50256cca2e6d3f13f71913920379252290dcbf4737db8cda9adf78cbf905c99c3437b3820e0bd7f03eefc4a8e38fcc95b6e2ea9ed3e3bfb6834b3186942569c4eacd7fd398f9bf37a5db3c4f24ae41b3e5ba97ce24b95425ed49d5cd5e614a03cc33f80d96b0e8bf0ac6b3b656ad590f443973a975e7ca80503e4956d91a36e7f80acca3aa9300050043aca57fe51e8b49ad6c1c3e3584d5007620c2b6d07c95f6c233c628db3ebd1843c6c64df444c00461f80fa5ed0588d3910d6ea4bdda3564833cc12edcd984abf7f6461df61f09c4170d184526f14511bf13a2fccf9d429fd23c6e4a512392c9bc6d3cb86fb7fb1e0f0602000000009a7725c43c2841205f4080000004c03229bf1001c97c83ded2934ce34ce05671f9c11ec24d859155c6ab8900e3040a80c2006d80a8b97cad4130ac1f72de145392e8023e329b4e2aea74ab1c14b238120fb69ea3a552bccacc2e7e844c806c545e69816edaeaccdee173d5bf1d4044b59c6565df086d66e3eb93d77d75d150e9f166c7830b2ef76b0617a034ba4fe190b0b556fc401629107efede989ea3c879173edefc5d9b9d4155469c0400268004007080894856b908e57944f1172b1b2988308a1fa5986b16", @ANYRESDEC=r3], 0x2550}, 0x1, 0x0, 0x0, 0x40000}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x7) memfd_create$auto(0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x8800, 0x0) socket(0x2a, 0x2, 0x6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(r4, &(0x7f0000000000)={{0x0, 0x6, 0x0, 0x106, 0x0, 0x1, 0x3}, 0x57177fc5}, 0x9, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) fsconfig$auto_HIDEPID_NO_ACCESS(r1, 0x2, &(0x7f0000000140)='\x00', &(0x7f0000000300)="abae78aa47e4700366325a13c7c24bb90a97a896427742800b8f9e21de1a3232801bd92f73e76b46cd4986d9e928f1dd48ce60dd87da04f8cf172d8d42f2cd3ff2e7be8ae7680f2cc58ca7a06c3403fa341091550cdc7e176e", 0x1) 7.305375212s ago: executing program 1 (id=154): r0 = openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000180), 0x48402, 0x0) socket(0x2, 0x5, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket(0x11, 0x80003, 0x300) getsockname$auto(r1, &(0x7f0000000000)=@ethernet={0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, &(0x7f00000000c0)=0x9) semtimedop$auto(0xfffffffa, &(0x7f0000001000)={0x8000, 0x2, 0x1}, 0x4, &(0x7f0000001080)={0xd, 0x6}) read$auto(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/pci/drivers/pata_sch/new_id\x00', 0x2, 0x0) r2 = socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x404c081}, 0x80) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000001040), 0x80, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r4, 0x0, 0x80, 0x0, 0x0) setsockopt$auto(0x3, 0x6, 0xc, 0x0, 0xfb3) prctl$auto(0x5, 0x6, 0x0, 0xb117, 0x9) mmap$auto(0x200000000000, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000) 7.220840572s ago: executing program 3 (id=155): select$auto(0x0, &(0x7f0000000740)={[0x7, 0x4, 0x5, 0x4, 0x2, 0x6, 0x6, 0xff, 0x6, 0xdf08100, 0x8, 0x3, 0x6, 0xf, 0x2, 0xffffffff]}, &(0x7f00000007c0)={[0x100, 0x6, 0xfffffffffffffffc, 0x2, 0x9, 0x400, 0x80000000, 0x1000, 0xef, 0x8, 0xbcdd, 0x1000000000000046, 0x80, 0xb9, 0xf39, 0x3]}, 0x0, &(0x7f00000008c0)={0x4, 0x7}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/vivid.0/media19/power/autosuspend_delay_ms\x00', 0x44a00, 0x0) semctl$auto(0xa07, 0x4, 0x0, 0x2) (async) semctl$auto(0xa07, 0x4, 0x0, 0x2) sendfile$auto(r0, r0, 0x0, 0x7) r1 = socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000000)=0x9) r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, r2, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@SEG6_ATTR_HMACINFO={0x15, 0x7, 0x0, 0x1, [@generic="b05e85008a53d89156c324f889e9b3a6d0"]}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xfa}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) (async) sendmsg$auto_SEG6_CMD_SETHMAC(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x34, r2, 0x100, 0x70bd2a, 0x25dfdbfb, {}, [@SEG6_ATTR_HMACINFO={0x15, 0x7, 0x0, 0x1, [@generic="b05e85008a53d89156c324f889e9b3a6d0"]}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xfa}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) 6.633001667s ago: executing program 2 (id=157): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x50b880, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3dd) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) recvfrom$auto(0x3, 0x0, 0x8000000012, 0x100, 0x0, 0xfffffffffffffffd) shutdown$auto(0x200000003, 0x2) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x2, 0x1, 0x0) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) sysfs$auto(0x2, 0x44, 0x0) bpf$auto(0x9, &(0x7f0000000100)=@task_fd_query={0x0, 0xffffffffffffffff, 0x5, 0x1, 0x1, 0x6, 0xffffffffffffffff, 0x4, 0x8000000000000000}, 0x9) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x0, 0x2, 0x8, 0xc, 0x66b, 0x4, 0x1}, 0x6f4) openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/cmdline\x00', 0x481, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x48140, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x100) syz_open_procfs$namespace(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, 0x0, 0xc800) socket(0xa, 0x5, 0x84) mmap$auto(0x0, 0x22000c, 0xdf, 0x14, r1, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x400053, 0x9) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000) 5.941024904s ago: executing program 3 (id=158): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x5, 0x2, 0x0, 0x0, 0x1ffffffd) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket(0x15, 0x5, 0x0) get_robust_list$auto(0x1, 0x0, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8006, 0x0) ioctl$auto_PPPIOCSFLAGS(r0, 0x40047459, 0x0) write$auto(0x3, 0x0, 0x29a) socket(0x2, 0x80002, 0x73) connect$auto(0x3, 0x0, 0x54) write$auto(0x3, 0x0, 0xfdef) sendmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x7}, 0x7}, 0xc, 0x0) 5.208893896s ago: executing program 0 (id=159): close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/devices/virtual/block/zram0/comp_algorithm\x00', 0x20b42, 0x0) sendfile$auto(r0, 0x3, 0x0, 0x7) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/pci0000:00/waiting_for_supplier\x00', 0x80800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/workqueue/nvme-delete-wq/affinity_strict\x00', 0x183042, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x401, 0x0) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000540), 0x20000, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000000580)={0x80000006, 0x0, 0xd12b, 0xfffffffd, 0x200a}) write$auto_tty_fops_tty_io(r1, &(0x7f0000000140)="976f09bd689a85535f593331280bb0b4ba0edd7932ab185cca064833fda24d0f81d1be0a3cca5b2611827c2f1ca88bb01e67312131ac62d346b5601f538ccf285e7a197166480ef899794cab4b61107cdae019c6139ce8761ba5c33015eb45fe71449e71d7f69f04f7b660fed9ea9c9c4a10094647d399574d13b04264f53e1f127714f926a7110be57cc1e89b376c955f01cc29ba74dad05a5b114f4a0f9212c2764bd7244755184575d88c948b038be1", 0xb1) 4.890118859s ago: executing program 2 (id=160): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r0, 0x0, 0x1f40) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/usbcore/parameters/quirks\x00', 0xc0202, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7114}, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/afs/sysname\x00', 0xaa102, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000040), 0xffffffffffffffff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/bdi/1:5/min_bytes\x00', 0x88282, 0x0) sendfile$auto(r3, r3, 0x0, 0x71) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x602, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9d\a\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6#,|\x14\x1d/\xf7\xf9~\xe7U\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959pg\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95\x00\x00\x00\x00\x00\x00\x00\x00', 0x100000a3d9) statmount$auto(0x0, 0x0, 0x1fe, 0xd) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) r5 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r7, 0x0, 0x24001094) sendmsg$auto_TCP_METRICS_CMD_GET(r6, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000040)={0x5c, r5, 0x89c1beb01534ff9b, 0x70bd29, 0x25dfd3f9, {}, [@TCP_METRICS_ATTR_SADDR_IPV4={0x8, 0xb, @local}, @TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @multicast2}, @TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @remote}, @TCP_METRICS_ATTR_ADDR_IPV6={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}, @TCP_METRICS_ATTR_ADDR_IPV6={0x14, 0x2, @loopback}, @TCP_METRICS_ATTR_ADDR_IPV4={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x4}, 0x0) mmap$auto(0x0, 0xffffffffffffffff, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) poll$auto(0x0, 0x7f, 0x9) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE_EXT(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x201, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4000810) openat$auto_udmabuf_fops_udmabuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x8080, 0x0) 4.728650652s ago: executing program 3 (id=161): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="01002abd7000fcdbdf25140000000c00018008000100", @ANYRES32=r4, @ANYBLOB="0500190040000000"], 0x28}, 0x1, 0x0, 0x0, 0x881}, 0x4000) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, 0x0, 0x41c100, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, 0x0, 0x100000e3d9) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) ioctl$auto(r6, 0x5608, 0x0) r7 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000a80), r1) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000ac0)={'vcan0\x00', 0x0}) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000b00)={0x1c, r7, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000040) 4.70200038s ago: executing program 1 (id=162): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) r1 = openat$auto_proc_timens_offsets_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0x400980, 0x0) r2 = socket(0x2d, 0x2, 0x0) ioctl$auto(r2, 0x89e5, 0x91) bpf$auto_BPF_ITER_CREATE(0x21, &(0x7f0000000080)=@test={r1, 0x7fff, 0x6e0407ac, 0x8, 0xffffffffffffff95, 0x7ff, 0x1, 0x9, 0x804d, 0x5, 0x3, 0x64, 0x9, 0x3}, 0x44) writev$auto(r0, &(0x7f0000000300)={&(0x7f0000000200), 0x200}, 0x3) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000003fc0)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20a03, 0x0) 3.851932588s ago: executing program 0 (id=163): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/dynamic_debug/control\x00', 0x0, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async, rerun: 32) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40000, 0x0) init_module$auto(&(0x7f00000001c0), 0x1ff, &(0x7f00000002c0)='\x94\x19\xac\x80/der/S\x1auenc9\xf6a\x1b`\b\xab\xfaf\x94;\xc9\xc2,x1y\xd4\x1e\xba\xe4\x84\xcbWW\x8eK`lT\x9c\xc1\x98G \xad\v\x82U\x80w\xac\xe4OW?\xd6\x1e]\xac\x19\xf2\xc2\x98\x9d\xe3-\x95\xc1\x90\x99J\xccB\xd2,\x99R\x85\xd6h\xc8\xe4Ex\x18\x19\x8b\x9e\x05\a\x94l\xde\xc1x/lB\xf6\xe6\x00\xef6\xd6wJ') (async) ioctl$auto_SNDCTL_SYNTH_MEMAVL(r1, 0xc004510e, 0x0) (async) openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, 0x0, 0x82c00, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdd, 0x9b72, 0x2, 0x8000) init_module$auto(&(0x7f0000000100)="c2e87a67b43dc3035033e44e5fc3b0600ef7de5dfc312fb76b42ffd9e5c66e1d7943", 0x3, &(0x7f0000000200)='\\)') openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) (async) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) getpid() (async) socket$nl_generic(0x10, 0x3, 0x10) (async) read$auto_proc_timers_operations_base(r2, &(0x7f0000000180)=""/71, 0x47) (async) ioctl$auto(0x3, 0x400454ca, 0x38) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) (async) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) (async) mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000) (async, rerun: 64) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async, rerun: 64) madvise$auto(0x0, 0x600009, 0x19) (async) ioctl$auto_TIOCGICOUNT2(r0, 0x545d, &(0x7f0000000680)) (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd11/queue/read_ahead_kb\x00', 0x22b42, 0x0) r4 = openat$auto_ftrace_formats_fops_trace_printk(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/printk_formats\x00', 0x100000, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x7fff, 0x3}, 0x18, 0x0) (async) pread64$auto(r4, &(0x7f0000000040)='],{(@&&\x00', 0xa1fb, 0x1) sendfile$auto(r3, r3, 0x0, 0x4f64a1d2) (async, rerun: 64) sendto$auto(r3, &(0x7f0000000000)="c58cb997ab8f31f56ebb8528c3599b80f3751f296d795661fc10fb42a3e0e340", 0x10000, 0x8, &(0x7f0000000080)=@nl=@unspec, 0x1) (rerun: 64) 3.832886804s ago: executing program 1 (id=164): sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.729566281s ago: executing program 2 (id=165): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_fault_inject_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/make-it-fail\x00', 0x381080, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv0\x00'}) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) madvise$auto(0x0, 0x0, 0x5) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) open(&(0x7f0000000000)='./cgroup\x00', 0x4201, 0x64) madvise$auto_MADV_DODUMP(0x8, 0x5, 0x11) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = prctl$auto(0x3e, 0x0, 0x4, 0x8, 0x7fe) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/igmp\x00', 0x100, 0x0) pread64$auto(r4, 0x0, 0x40000000f42c, 0x80002) r5 = io_uring_setup$auto(0x7, 0x0) epoll_ctl$auto(0xffffffffffffffff, 0x80000000, r5, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) ioctl$auto_BTRFS_IOC_SEND_32(r2, 0x40449426, &(0x7f00000005c0)={@inferred=r3, 0x4, 0x3, 0x7, 0x7fff, 0xfffffffe, "fd64ab47b98fa2408fa518c6aeeb26534e24eab2a94d69169092f351"}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r6 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r6, 0x0, 0x80, 0x0, 0x0) 3.658411365s ago: executing program 3 (id=166): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) socket(0xa, 0x801, 0x84) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyuf\x00', 0x8002, 0x0) pread64$auto(r0, &(0x7f0000000040)='*\'\x00', 0xef1, 0x2) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000040)='//\xf2\x02', 0x80000002) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x86f3, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = socket(0x2, 0x1, 0x0) setsockopt$auto(r2, 0x6, 0x13, 0x0, 0x40) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x2a}}, 0x54) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/block/zram0/mm_stat\x00', 0x8900, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000000)=""/233, 0xe9) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) unshare$auto(0x40000080) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x42800, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0xfffffffb) ioctl$auto_USBDEVFS_DROP_PRIVILEGES(0xffffffffffffffff, 0x4004551e, &(0x7f00000000c0)=0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000380), 0x10b240, 0x0) ioctl$auto_UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d190eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eaf240963110d61771552c03de65800", 0x2}) ioctl$auto_UI_DEV_CREATE(r4, 0x5501, 0x0) mmap$auto(0x81, 0x800, 0x800000000003, 0x6dc4b6fc, r0, 0x9) 3.576824891s ago: executing program 1 (id=167): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r2 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x541c, r2) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000000), r0) 3.369420223s ago: executing program 0 (id=168): select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0x80000e9e, 0x1, 0xd, 0xfffffffffffffffb, 0x100000000, 0x2c2, 0x800002017d, 0x4, 0x40, 0xd, 0xd59, 0xfb, 0xff, 0x21, 0x100000005]}, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) settimeofday$auto(&(0x7f0000000180)={0x863, 0x40}, &(0x7f00000001c0)={0xd, 0x93}) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000180), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.825017105s ago: executing program 0 (id=169): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x5, 0x2, 0x0, 0x0, 0x1ffffffd) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket(0x15, 0x5, 0x0) get_robust_list$auto(0x1, 0x0, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8006, 0x0) ioctl$auto_PPPIOCSFLAGS(r0, 0x40047459, 0x0) write$auto(0x3, 0x0, 0x29a) socket(0x2, 0x80002, 0x73) connect$auto(0x3, 0x0, 0x54) write$auto(0x3, 0x0, 0xfdef) sendmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x7}, 0x7}, 0xc, 0x0) 2.49557766s ago: executing program 1 (id=170): r0 = openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, &(0x7f0000000180), 0x48402, 0x0) socket(0x2, 0x5, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket(0x11, 0x80003, 0x300) getsockname$auto(r1, &(0x7f0000000000)=@ethernet={0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, &(0x7f00000000c0)=0x9) semtimedop$auto(0xfffffffa, &(0x7f0000001000)={0x8000, 0x2, 0x1}, 0x4, &(0x7f0000001080)={0xd, 0x6}) read$auto(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/pci/drivers/pata_sch/new_id\x00', 0x2, 0x0) r2 = socket(0x2, 0x80002, 0x73) io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x404c081}, 0x80) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000001040), 0x80, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) memfd_create$auto(0x0, 0xe) r4 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r4, 0x0, 0x80, 0x0, 0x0) setsockopt$auto(0x3, 0x6, 0xc, 0x0, 0xfb3) prctl$auto(0x5, 0x6, 0x0, 0xb117, 0x9) mmap$auto(0x200000000000, 0x810004, 0x40000000000ffb, 0x8000000008011, 0x3, 0x8000) 1.726188678s ago: executing program 0 (id=171): semctl$auto(0x8, 0x1, 0x6, 0xff) openat$auto_safesetid_gid_file_fops_securityfs(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) socket(0x11, 0x4, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/fail-nth\x00', 0x422042, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000b00)=""/141, 0x8d) mmap$auto(0x100000000000000, 0xe986, 0xdf, 0x13, 0x401, 0x8004) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\b\x00\x00\x00\x00\x00\x00\x00\x01\x88\v\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\b\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfded, 0x3) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/vhci_hcd.9/usb28/power/wakeup_last_time_ms\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)='\t', 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/damon_reclaim/parameters/quota_mem_pressure_us\x00', 0x80302, 0x0) sendfile$auto(r2, r2, 0x0, 0x7) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a) mmap$auto(0x800100000, 0x9, 0x4000000000e2, 0x40eb1, r2, 0xffff) r3 = open(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x101840, 0x33903f3ada88772b) read$auto(r3, 0x0, 0x1) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0xc800) openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/inject\x00', 0x50482, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x4}, 0x81) close_range$auto(0x2, 0x8, 0x0) 1.482199039s ago: executing program 3 (id=172): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0xffffffffffffffff, &(0x7f0000000000)='/sys/devices/virtual/sound/ctl-led/speaker/card2/detach\x00', 0x7fffffff) mmap$auto(0x1, 0x9, 0x1ff, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) socket(0x29, 0x800, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r3 = getpid() setsockopt$auto_SO_TYPE(r0, 0x53, 0x3, &(0x7f0000000040)='\x00', 0x9) mremap$auto(0x0, 0x4000007, 0x3fd7, 0x0, 0x20000020000000) process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x7) ioctl$auto(0x3, 0x400454ca, 0x38) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2) write$auto(r4, &(0x7f0000000000)='//\xf2\x00', 0x80000000) prctl$auto(0x1, 0xfffffffffffff8a9, r3, 0x4, 0x2) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) read$auto_fragmentation_threshold_ops_(r2, &(0x7f00000000c0)=""/118, 0x76) msync$auto(0x0, 0xe0, 0x6) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x401, 0x15) r5 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f00000002c0), 0x480, 0x0) pread64$auto(r5, &(0x7f0000000000)='\x00\x80_\x93gX\x90\x8cA;O0\x03\xcab\xa6\x8bU/t\xc5', 0xd56c, 0xa84) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.100677553s ago: executing program 2 (id=173): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/netlink\x00', 0x121040, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000002f80), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_vlan\x00', 0x0}) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r1, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)={0x2c, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NETDEV_A_QUEUE_TYPE={0x8, 0x3, 0x1}, @NETDEV_A_QUEUE_ID={0x8}, @NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r3}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) pread64$auto(r0, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{o2?\x0f\x11\x90^\xdf/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x3) r4 = socket(0xa, 0x801, 0x84) fcntl$auto_F_GETOWNER_UIDS(r4, 0x40f, 0xffa) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/query\x00', 0x80080, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000440)='/dev/v4l-subdev1\x00', 0x0, 0x0) clock_getres$auto(0x3, 0x0) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r5, &(0x7f0000000440)="352c8efa618c0bcf83ebce41e7af7710f5fc2273b6a4e97929e0eb89851b5b", 0x1f) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'veth1_vlan\x00'}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x40090) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) socket(0x1e, 0x80a, 0x400) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 948.275276ms ago: executing program 1 (id=174): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) brk$auto(0xffffffffffffff66) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r3, 0x0, 0x800003, 0x270) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x202, 0x0) personality$auto(0xfffff032) ppoll$auto(&(0x7f0000001ac0)={0xffffffffffffffff, 0x9, 0x7}, 0x8, &(0x7f0000001b00)={0xf2, 0x9}, &(0x7f00000002c0)={0x10000}, 0x8) mprotect$auto(0x110c230000, 0xa588, 0x6) mremap$auto(0x110c231000, 0x0, 0x101, 0x3, 0x0) r4 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2201, 0x0) write$auto_uhid_fops_uhid(r4, 0x0, 0xfccd) move_pages$auto(0x0, 0x9, 0x0, 0x0, 0x0, 0x2) msgctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000001600)={{0x7b0, 0x0, 0x0, 0xd, 0x3ff, 0x7, 0xb}, &(0x7f0000000400)=0x9, &(0x7f0000000440)=0x10, 0x1, 0xd80, 0x9, 0x0, 0x8000000000000000, 0x6, 0xa, 0xfff9, @raw=0x80, @raw=0x9}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004c18}, 0x8894) 341.357086ms ago: executing program 2 (id=175): sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 192.117948ms ago: executing program 0 (id=176): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r1 = socket(0x2c, 0x80802, 0x0) setsockopt$auto(r1, 0x11, 0x67, 0x0, 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000140), 0x55) socket(0x10, 0x2, 0x0) socket(0x10, 0x2, 0x4) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmsg$auto_BATADV_CMD_GET_HARDIF(r0, 0x0, 0x4008000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001040)='/sys/fs/ocfs2/dlm_recover_callback_support\x00', 0x880080, 0x0) r2 = socket(0xa, 0x2, 0x3a) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) bpf$auto(0x5, &(0x7f0000001080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) setsockopt$auto(r2, 0x29, 0x4e, &(0x7f0000000040)='!\x00', 0x1ff) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x25, 0x1, 0x0) mmap$auto(0x0, 0x2000c, 0xde, 0x20eb1, 0x40000000000a5, 0x8000) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x4000804) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x9a6, 0xe000) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001f80)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="2f212cbd7000c9edd8fa6574a16208000300", @ANYRES32=r5], 0x2c}}, 0x4000000) 0s ago: executing program 2 (id=177): r0 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) unlink$auto(&(0x7f0000000040)='./file0\x00') execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x11000) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000180), 0xffffffffffffffff) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x22a02, 0x0) write$auto(r1, &(0x7f0000000140)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7\xe6\x04\x8c\x83k', 0x1000000007e) unshare$auto(0xffffffffffffffff) socket(0x18, 0x5, 0x2) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r4 = socket(0x2, 0x1, 0x0) setsockopt$auto(r4, 0x6, 0x24, 0x0, 0x40) shutdown$auto(0x200000003, 0x2) preadv2$auto(r3, &(0x7f0000000080)={0x0, 0x2080000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) write$auto(r2, &(0x7f0000000280)='S\x00\x00\x00\xfe\xff\xff\xff\xdf\x9e\xf4\x14\xd2d2\xc4\x97\xde0\xb1\x85\xc6vHI\x8bMJ}\x8d\xc1\x94D\xdbSt/\xdd\xb5\fnW{\xb0^:\x80\xb5\xdd\x8d\x1e\x96\xdf\xcb\xac\xbfB\xb3\xba\x9a\x02\xeaZ\xb9Rg\"\x87\x9e\x9c\xb3\xac\x16\xa3g\xad\xf7<\xc5c\xfa2\x97,O\xb2\xe3\xad\xe0v\x13\x1dc\xf6\xa8\xce*\xee\xcdX\x1dM\xe3\x8cT\xc6\x1dj\xe8\xc1\xc0\x85cp\xad\v,O\xb8\x9b\xd8\xe0\x964/\x8fQ\xaf\x13\xd7\xf14\x85\xe8\x0f\'\xc4\xe3\x1c\x92\x85\x88\\\xb0', 0x808587) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x4, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x84, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f00000000c0), r5) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.156' (ED25519) to the list of known hosts. [ 99.417036][ T5818] cgroup: Unknown subsys name 'net' [ 99.577197][ T5818] cgroup: Unknown subsys name 'cpuset' [ 99.586525][ T5818] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 101.513750][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.375178][ T24] cfg80211: failed to load regulatory.db [ 104.137202][ T5844] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 104.146914][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 104.155149][ T5847] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 104.164307][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 104.173299][ T5847] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 104.180830][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 104.192867][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 104.200733][ T5847] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 104.221401][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 104.237841][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 104.246204][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 104.254828][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 104.263231][ T5842] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 104.266963][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 104.271095][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 104.282210][ T5848] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 104.285513][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.299535][ T5848] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.299854][ T5842] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 104.316922][ T5842] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 104.921983][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 104.989635][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 105.004908][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 105.121276][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 105.247267][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.255819][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.263415][ T5834] bridge_slave_0: entered allmulticast mode [ 105.270905][ T5834] bridge_slave_0: entered promiscuous mode [ 105.309318][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.316621][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.323902][ T5834] bridge_slave_1: entered allmulticast mode [ 105.331445][ T5834] bridge_slave_1: entered promiscuous mode [ 105.367938][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.375159][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.382591][ T5836] bridge_slave_0: entered allmulticast mode [ 105.391143][ T5836] bridge_slave_0: entered promiscuous mode [ 105.410236][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.418262][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.425677][ T5835] bridge_slave_0: entered allmulticast mode [ 105.433169][ T5835] bridge_slave_0: entered promiscuous mode [ 105.448344][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.456282][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.463845][ T5836] bridge_slave_1: entered allmulticast mode [ 105.471181][ T5836] bridge_slave_1: entered promiscuous mode [ 105.490805][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.498244][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.505605][ T5835] bridge_slave_1: entered allmulticast mode [ 105.513194][ T5835] bridge_slave_1: entered promiscuous mode [ 105.545777][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.594799][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.629019][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.636364][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.643915][ T5841] bridge_slave_0: entered allmulticast mode [ 105.651254][ T5841] bridge_slave_0: entered promiscuous mode [ 105.662275][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.688532][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.698209][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.705673][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.712996][ T5841] bridge_slave_1: entered allmulticast mode [ 105.720333][ T5841] bridge_slave_1: entered promiscuous mode [ 105.730040][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.741543][ T5834] team0: Port device team_slave_0 added [ 105.749980][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.783148][ T5834] team0: Port device team_slave_1 added [ 105.849432][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.866681][ T5836] team0: Port device team_slave_0 added [ 105.886171][ T5835] team0: Port device team_slave_0 added [ 105.895985][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.907243][ T5836] team0: Port device team_slave_1 added [ 105.914225][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.921185][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.947403][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.961666][ T5835] team0: Port device team_slave_1 added [ 105.990593][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.997780][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.023835][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.093533][ T5841] team0: Port device team_slave_0 added [ 106.099981][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.107030][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.133311][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.146188][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.153466][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.180160][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.201109][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.208367][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.234610][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.249581][ T5841] team0: Port device team_slave_1 added [ 106.268974][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.275998][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.301997][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.304086][ T5151] Bluetooth: hci2: command tx timeout [ 106.348285][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.355338][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.381377][ T5151] Bluetooth: hci0: command tx timeout [ 106.381620][ T5151] Bluetooth: hci1: command tx timeout [ 106.387131][ T5846] Bluetooth: hci3: command tx timeout [ 106.398208][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.447526][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.454662][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.480832][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.498146][ T5834] hsr_slave_0: entered promiscuous mode [ 106.504829][ T5834] hsr_slave_1: entered promiscuous mode [ 106.517445][ T5836] hsr_slave_0: entered promiscuous mode [ 106.523968][ T5836] hsr_slave_1: entered promiscuous mode [ 106.530849][ T5836] debugfs: 'hsr0' already exists in 'hsr' [ 106.536968][ T5836] Cannot create hsr debugfs directory [ 106.597268][ T5835] hsr_slave_0: entered promiscuous mode [ 106.603907][ T5835] hsr_slave_1: entered promiscuous mode [ 106.610158][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 106.616058][ T5835] Cannot create hsr debugfs directory [ 106.711693][ T5841] hsr_slave_0: entered promiscuous mode [ 106.718423][ T5841] hsr_slave_1: entered promiscuous mode [ 106.725131][ T5841] debugfs: 'hsr0' already exists in 'hsr' [ 106.730914][ T5841] Cannot create hsr debugfs directory [ 107.189933][ T5834] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 107.207295][ T5834] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 107.218741][ T5834] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 107.240639][ T5834] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.314112][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 107.326406][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 107.339993][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 107.354259][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 107.457932][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 107.469831][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 107.481522][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 107.503795][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 107.610728][ T5841] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 107.625800][ T5841] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 107.640761][ T5841] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 107.655724][ T5841] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.752321][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.821421][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.834328][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.860362][ T583] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.867697][ T583] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.896768][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.903978][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.926114][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.941149][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.970210][ T583] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.977398][ T583] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.002044][ T583] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.009252][ T583] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.052013][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.086905][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.102287][ T583] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.109509][ T583] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.157458][ T583] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.164651][ T583] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.225058][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.290595][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.297768][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.316764][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.324026][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.383324][ T5846] Bluetooth: hci2: command tx timeout [ 108.455623][ T5846] Bluetooth: hci1: command tx timeout [ 108.455646][ T5151] Bluetooth: hci3: command tx timeout [ 108.456202][ T5842] Bluetooth: hci0: command tx timeout [ 108.716348][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.885320][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.899050][ T5834] veth0_vlan: entered promiscuous mode [ 108.957000][ T5834] veth1_vlan: entered promiscuous mode [ 109.014143][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.055525][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.086862][ T5835] veth0_vlan: entered promiscuous mode [ 109.105055][ T5834] veth0_macvtap: entered promiscuous mode [ 109.131165][ T5834] veth1_macvtap: entered promiscuous mode [ 109.144754][ T5835] veth1_vlan: entered promiscuous mode [ 109.193328][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.211073][ T5836] veth0_vlan: entered promiscuous mode [ 109.230837][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.252517][ T5841] veth0_vlan: entered promiscuous mode [ 109.279185][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.289006][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.299966][ T5836] veth1_vlan: entered promiscuous mode [ 109.309617][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.319977][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.352294][ T5841] veth1_vlan: entered promiscuous mode [ 109.371270][ T5835] veth0_macvtap: entered promiscuous mode [ 109.402030][ T5835] veth1_macvtap: entered promiscuous mode [ 109.474855][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.514696][ T5836] veth0_macvtap: entered promiscuous mode [ 109.526442][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.539297][ T5841] veth0_macvtap: entered promiscuous mode [ 109.549810][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.563207][ T5836] veth1_macvtap: entered promiscuous mode [ 109.583250][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.598062][ T1098] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.607986][ T1098] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.630548][ T1098] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.642057][ T5841] veth1_macvtap: entered promiscuous mode [ 109.660504][ T1098] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.678022][ T1098] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.686864][ T1098] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.737671][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.765637][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.784888][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.784996][ T5834] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 109.798437][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.851744][ T1098] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.904070][ T1098] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.917967][ T1098] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.952277][ T1098] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.965675][ T1098] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.993482][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.013738][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.037990][ T1098] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.038844][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.059298][ T1098] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.064748][ T5921] binder: 5920:5921 ioctl c0306201 0 returned -14 [ 110.183939][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.191796][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.331104][ T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.371480][ T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.428101][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.455155][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.462825][ T5842] Bluetooth: hci2: command tx timeout [ 110.523810][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.531703][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.534430][ T5846] Bluetooth: hci1: command tx timeout [ 110.542816][ T5151] Bluetooth: hci3: command tx timeout [ 110.544574][ T5842] Bluetooth: hci0: command tx timeout [ 110.571500][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.587483][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.859284][ T5927] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3'. [ 110.885075][ T5927] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 112.533336][ T5842] Bluetooth: hci2: command tx timeout [ 112.613209][ T5842] Bluetooth: hci0: command tx timeout [ 112.613234][ T5846] Bluetooth: hci1: command tx timeout [ 112.613246][ T5151] Bluetooth: hci3: command tx timeout [ 112.757159][ T5956] netlink: 36 bytes leftover after parsing attributes in process `syz.2.7'. [ 112.774204][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 113.855110][ T5964] syz.0.9 (5964) used greatest stack depth: 19720 bytes left [ 114.294117][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 114.888267][ T5979] random: crng reseeded on system resumption [ 115.124987][ T5983] Console: switching to colour VGA+ 80x25 [ 115.280152][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 115.587224][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 115.777432][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.871381][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.880279][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.930610][ T5842] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 116.200735][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 116.253082][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.261678][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.726178][ T5997] random: crng reseeded on system resumption [ 117.387673][ T6003] binder: 5998:6003 unknown command 256 [ 117.393841][ T6003] binder: 5998:6003 ioctl c0306201 2000000000c0 returned -22 [ 117.693104][ T5842] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 117.746455][ T5999] __vm_enough_memory: pid: 5999, comm: syz.1.16, bytes: 4398046511104 not enough memory for the allocation syzkaller syzkaller login: [ 117.832165][ T6008] zswap: compressor not available [ 117.915356][ T6013] phram: not enough arguments [ 119.404980][ T6027] netlink: zone id is out of range [ 120.282760][ T6021] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 120.524232][ T6021] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 121.025161][ T6021] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 121.215441][ T6021] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 121.236621][ T6021] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 121.284234][ T6042] syz.0.23 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 121.315734][ T6021] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 121.386013][ T6021] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 121.413127][ T6021] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 121.466775][ T6021] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 121.550667][ T6021] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 121.572825][ T6021] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 121.590858][ T5842] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 121.599789][ T6021] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 121.717152][ T6042] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 122.025330][ T6054] random: crng reseeded on system resumption [ 122.292852][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 122.739597][ T5842] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5 [ 123.263272][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 123.412748][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 123.574503][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 123.862577][ T6079] random: crng reseeded on system resumption [ 123.898162][ T6078] netlink: 330 bytes leftover after parsing attributes in process `syz.3.29'. [ 123.936428][ T6078] : renamed from veth1_vlan (while UP) [ 123.965145][ T6078] : entered allmulticast mode [ 124.065699][ T5842] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5 [ 124.372768][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 125.333148][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 125.492828][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 125.663232][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 125.714078][ T6104] Zero length message leads to an empty skb [ 125.770709][ T5842] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 125.959923][ T6089] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 125.990552][ T6089] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 126.092375][ T6089] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 126.115863][ T6089] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 126.137818][ T6089] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 126.624574][ T6126] netlink: 330 bytes leftover after parsing attributes in process `syz.0.39'. [ 126.759893][ T6126] : renamed from veth1_vlan (while UP) [ 126.826450][ T6126] : entered allmulticast mode [ 127.180646][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 127.895764][ T6137] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 127.896009][ T6137] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 127.896179][ T6137] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 127.896359][ T6137] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 127.958224][ T6145] bond0: invalid ARP target specified [ 129.065799][ T6165] random: crng reseeded on system resumption [ 129.492735][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 129.640135][ T5846] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 129.972893][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 129.990496][ T5151] Bluetooth: hci1: command 0x0c1a tx timeout [ 129.996986][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 130.735201][ T6192] syz.2.50 uses obsolete (PF_INET,SOCK_PACKET) [ 130.772276][ T6197] netlink: 330 bytes leftover after parsing attributes in process `syz.1.52'. [ 130.816945][ T6197] : renamed from veth1_vlan (while UP) [ 130.867020][ T6197] : entered allmulticast mode [ 132.294203][ T6215] netlink: 330 bytes leftover after parsing attributes in process `syz.2.56'. [ 132.315261][ T6207] netlink: 330 bytes leftover after parsing attributes in process `syz.0.54'. [ 132.401990][ T6215] : renamed from veth1_vlan (while UP) [ 132.413211][ T6215] : entered allmulticast mode [ 133.510746][ T6221] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 133.524683][ T6221] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 133.544052][ T6221] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 133.627777][ T6221] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 134.562109][ T5846] Bluetooth: hci1: unexpected event 0x1c length: 725 > 5 [ 134.933145][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 135.527183][ T6272] ptrace attach of "./syz-executor exec"[5841] was attempted by ""[6272] [ 135.572846][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 135.582919][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 135.655102][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 136.440550][ T6281] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 137.388254][ T6287] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 137.396263][ T6287] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 137.453275][ T6287] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 137.459732][ T6287] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 137.657438][ T6301] netlink: 342 bytes leftover after parsing attributes in process `syz.1.75'. [ 137.997898][ T6312] netlink: 4 bytes leftover after parsing attributes in process `syz.2.76'. [ 138.008948][ T6312] netlink: 25 bytes leftover after parsing attributes in process `syz.2.76'. [ 138.266817][ T6320] netlink: 330 bytes leftover after parsing attributes in process `syz.1.79'. [ 138.788498][ T6329] FAULT_INJECTION: forcing a failure. [ 138.788498][ T6329] name failslab, interval 1, probability 0, space 0, times 1 [ 138.802378][ T6329] CPU: 0 UID: 0 PID: 6329 Comm: syz.2.82 Not tainted syzkaller #0 PREEMPT(full) [ 138.802427][ T6329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 138.802445][ T6329] Call Trace: [ 138.802454][ T6329] [ 138.802463][ T6329] dump_stack_lvl+0x16c/0x1f0 [ 138.802497][ T6329] should_fail_ex+0x512/0x640 [ 138.802523][ T6329] ? __kmalloc_cache_node_noprof+0x62/0x820 [ 138.802567][ T6329] should_failslab+0xc2/0x120 [ 138.802594][ T6329] __kmalloc_cache_node_noprof+0x75/0x820 [ 138.802633][ T6329] ? stack_depot_save_flags+0x29/0x9b0 [ 138.802664][ T6329] ? __get_vm_area_node+0x101/0x330 [ 138.802695][ T6329] ? __get_vm_area_node+0x101/0x330 [ 138.802727][ T6329] __get_vm_area_node+0x101/0x330 [ 138.802753][ T6329] ? __vb2_init_fileio+0x3f1/0x1100 [ 138.802782][ T6329] __vmalloc_node_range_noprof+0x271/0x1480 [ 138.802812][ T6329] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 138.802847][ T6329] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 138.802880][ T6329] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 138.802919][ T6329] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 138.802945][ T6329] vmalloc_user_noprof+0x9e/0xe0 [ 138.802973][ T6329] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 138.803000][ T6329] vb2_vmalloc_alloc+0x135/0x3f0 [ 138.803028][ T6329] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 138.803055][ T6329] __vb2_queue_alloc+0x8c9/0x1280 [ 138.803093][ T6329] vb2_core_reqbufs+0xa90/0xfe0 [ 138.803136][ T6329] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 138.803195][ T6329] __vb2_init_fileio+0x3f1/0x1100 [ 138.803231][ T6329] ? lockdep_hardirqs_on+0x7c/0x110 [ 138.803269][ T6329] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 138.803325][ T6329] ? __pollwait+0x271/0x460 [ 138.803362][ T6329] vb2_core_poll+0x5ec/0x700 [ 138.803400][ T6329] vb2_poll+0x4b/0xe0 [ 138.803452][ T6329] vb2_fop_poll+0x10f/0x2c0 [ 138.803487][ T6329] ? __pfx_vb2_fop_poll+0x10/0x10 [ 138.803518][ T6329] v4l2_poll+0x163/0x320 [ 138.803563][ T6329] ? __pfx_v4l2_poll+0x10/0x10 [ 138.803604][ T6329] do_sys_poll+0x55c/0xdf0 [ 138.803652][ T6329] ? __pfx_do_sys_poll+0x10/0x10 [ 138.803681][ T6329] ? __lock_acquire+0x433/0x22f0 [ 138.803768][ T6329] ? __futex_wait+0x24b/0x2f0 [ 138.803798][ T6329] ? __pfx___pollwait+0x10/0x10 [ 138.803835][ T6329] ? __pfx_pollwake+0x10/0x10 [ 138.803930][ T6329] ? __pfx_timespec64_add_safe+0x10/0x10 [ 138.803989][ T6329] ? ktime_get_ts64+0x2d2/0x400 [ 138.804031][ T6329] ? read_tsc+0x9/0x20 [ 138.804073][ T6329] ? ktime_get_ts64+0x256/0x400 [ 138.804125][ T6329] __x64_sys_poll+0x1a6/0x450 [ 138.804159][ T6329] ? __pfx___x64_sys_poll+0x10/0x10 [ 138.804204][ T6329] do_syscall_64+0xcd/0xf80 [ 138.804239][ T6329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.804272][ T6329] RIP: 0033:0x7f6c46f8f7c9 [ 138.804306][ T6329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.804338][ T6329] RSP: 002b:00007f6c47da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 138.804369][ T6329] RAX: ffffffffffffffda RBX: 00007f6c471e5fa0 RCX: 00007f6c46f8f7c9 [ 138.804389][ T6329] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 138.804406][ T6329] RBP: 00007f6c47013f91 R08: 0000000000000000 R09: 0000000000000000 [ 138.804422][ T6329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.804437][ T6329] R13: 00007f6c471e6038 R14: 00007f6c471e5fa0 R15: 00007ffcf82cd798 [ 138.804477][ T6329] [ 138.872557][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 139.101574][ T6329] syz.2.82: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 139.251325][ T6329] CPU: 1 UID: 0 PID: 6329 Comm: syz.2.82 Not tainted syzkaller #0 PREEMPT(full) [ 139.251366][ T6329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 139.251385][ T6329] Call Trace: [ 139.251395][ T6329] [ 139.251407][ T6329] dump_stack_lvl+0x16c/0x1f0 [ 139.251450][ T6329] warn_alloc+0x248/0x3a0 [ 139.251500][ T6329] ? __pfx_warn_alloc+0x10/0x10 [ 139.251547][ T6329] ? trace_kmalloc+0x2b/0xb0 [ 139.251583][ T6329] ? __get_vm_area_node+0x101/0x330 [ 139.251626][ T6329] ? __kasan_kmalloc+0x8a/0xb0 [ 139.251659][ T6329] ? __get_vm_area_node+0x208/0x330 [ 139.251714][ T6329] __vmalloc_node_range_noprof+0xaf5/0x1480 [ 139.251769][ T6329] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 139.251821][ T6329] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 139.251877][ T6329] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 139.251916][ T6329] vmalloc_user_noprof+0x9e/0xe0 [ 139.251955][ T6329] ? vb2_vmalloc_alloc+0x135/0x3f0 [ 139.251995][ T6329] vb2_vmalloc_alloc+0x135/0x3f0 [ 139.252034][ T6329] ? __pfx_vb2_vmalloc_alloc+0x10/0x10 [ 139.252077][ T6329] __vb2_queue_alloc+0x8c9/0x1280 [ 139.252134][ T6329] vb2_core_reqbufs+0xa90/0xfe0 [ 139.252179][ T6329] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 139.252237][ T6329] __vb2_init_fileio+0x3f1/0x1100 [ 139.252271][ T6329] ? lockdep_hardirqs_on+0x7c/0x110 [ 139.252305][ T6329] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 139.252361][ T6329] ? __pollwait+0x271/0x460 [ 139.252395][ T6329] vb2_core_poll+0x5ec/0x700 [ 139.252434][ T6329] vb2_poll+0x4b/0xe0 [ 139.252487][ T6329] vb2_fop_poll+0x10f/0x2c0 [ 139.252523][ T6329] ? __pfx_vb2_fop_poll+0x10/0x10 [ 139.252554][ T6329] v4l2_poll+0x163/0x320 [ 139.252600][ T6329] ? __pfx_v4l2_poll+0x10/0x10 [ 139.252641][ T6329] do_sys_poll+0x55c/0xdf0 [ 139.252698][ T6329] ? __pfx_do_sys_poll+0x10/0x10 [ 139.252728][ T6329] ? __lock_acquire+0x433/0x22f0 [ 139.252807][ T6329] ? __futex_wait+0x24b/0x2f0 [ 139.252837][ T6329] ? __pfx___pollwait+0x10/0x10 [ 139.252874][ T6329] ? __pfx_pollwake+0x10/0x10 [ 139.252962][ T6329] ? __pfx_timespec64_add_safe+0x10/0x10 [ 139.253009][ T6329] ? ktime_get_ts64+0x2d2/0x400 [ 139.253052][ T6329] ? read_tsc+0x9/0x20 [ 139.253095][ T6329] ? ktime_get_ts64+0x256/0x400 [ 139.253149][ T6329] __x64_sys_poll+0x1a6/0x450 [ 139.253184][ T6329] ? __pfx___x64_sys_poll+0x10/0x10 [ 139.253232][ T6329] do_syscall_64+0xcd/0xf80 [ 139.253268][ T6329] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.253310][ T6329] RIP: 0033:0x7f6c46f8f7c9 [ 139.253336][ T6329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.253369][ T6329] RSP: 002b:00007f6c47da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 139.253400][ T6329] RAX: ffffffffffffffda RBX: 00007f6c471e5fa0 RCX: 00007f6c46f8f7c9 [ 139.253421][ T6329] RDX: 0000000000000008 RSI: 0000000000000003 RDI: 0000200000000480 [ 139.253437][ T6329] RBP: 00007f6c47013f91 R08: 0000000000000000 R09: 0000000000000000 [ 139.253458][ T6329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.253477][ T6329] R13: 00007f6c471e6038 R14: 00007f6c471e5fa0 R15: 00007ffcf82cd798 [ 139.253520][ T6329] [ 139.602934][ T6329] Mem-Info: [ 139.606132][ T6329] active_anon:6376 inactive_anon:0 isolated_anon:0 [ 139.606132][ T6329] active_file:2620 inactive_file:48751 isolated_file:0 [ 139.606132][ T6329] unevictable:768 dirty:149 writeback:0 [ 139.606132][ T6329] slab_reclaimable:10367 slab_unreclaimable:91531 [ 139.606132][ T6329] mapped:24329 shmem:1359 pagetables:1036 [ 139.606132][ T6329] sec_pagetables:0 bounce:0 [ 139.606132][ T6329] kernel_misc_reclaimable:0 [ 139.606132][ T6329] free:1330252 free_pcp:13702 free_cma:0 [ 139.653987][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 139.660103][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 139.679641][ T5151] Bluetooth: hci3: command 0x0c1a tx timeout [ 139.763132][ T6329] Node 0 active_anon:28404kB inactive_anon:0kB active_file:10480kB inactive_file:194860kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:97316kB dirty:596kB writeback:0kB shmem:3900kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11708kB pagetables:4016kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 139.883018][ T6329] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:144kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 140.053636][ T6329] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 140.106862][ T6331] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 140.113265][ T6331] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 140.122944][ T6331] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 140.148969][ T6331] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 140.203041][ T6329] lowmem_reserve[]: 0 2482 2483 2483 2483 [ 140.253695][ T6329] Node 0 DMA32 free:1406812kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB free_highatomic:0KB active_anon:25344kB inactive_anon:0kB active_file:10480kB inactive_file:194860kB unevictable:1536kB writepending:616kB zspages:0kB present:3129332kB managed:2541952kB mlocked:0kB bounce:0kB free_pcp:42392kB local_pcp:21988kB free_cma:0kB [ 140.322807][ T6329] lowmem_reserve[]: 0 0 1 1 1 [ 140.352975][ T6329] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 140.470113][ T6329] lowmem_reserve[]: 0 0 0 0 0 [ 140.491269][ T6329] Node 1 Normal free:3897412kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:144kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:12792kB local_pcp:7640kB free_cma:0kB [ 140.641663][ T6329] lowmem_reserve[]: 0 0 0 0 0 [ 140.656032][ T6329] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 140.698929][ T6329] Node 0 DMA32: 295*4kB (UME) 290*8kB (UME) 151*16kB (UM) 253*32kB (UME) 173*64kB (UME) 61*128kB (UM) 60*256kB (UM) 25*512kB (UM) 7*1024kB (UM) 4*2048kB (UE) 326*4096kB (UM) = 1411708kB [ 140.760398][ T6329] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 140.840768][ T6329] Node 1 Normal: 113*4kB (UME) 54*8kB (UME) 45*16kB (UME) 102*32kB (UME) 25*64kB (UME) 8*128kB (UME) 3*256kB (UM) 4*512kB (UME) 2*1024kB (UM) 1*2048kB (E) 948*4096kB (M) = 3897412kB [ 140.862486][ T6361] netlink: 330 bytes leftover after parsing attributes in process `syz.0.88'. [ 140.943034][ T6329] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 141.014323][ T6329] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 141.040841][ T6329] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 141.069177][ T6329] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 141.105525][ T6329] 52729 total pagecache pages [ 141.125092][ T6329] 2 pages in swap cache [ 141.143241][ T6329] Free swap = 124996kB [ 141.157669][ T6329] Total swap = 124996kB [ 141.178622][ T6329] 2097051 pages RAM [ 141.198306][ T6329] 0 pages HighMem/MovableOnly [ 141.215329][ T6329] 429537 pages reserved [ 141.232447][ T6365] ptrace attach of "./syz-executor exec"[5834] was attempted by ""[6365] [ 141.241174][ T6329] 0 pages cma reserved [ 141.265226][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 141.422024][ T6368] random: crng reseeded on system resumption [ 142.074562][ T5846] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 142.214364][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 142.214376][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 142.228512][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 143.077746][ T6394] netlink: 330 bytes leftover after parsing attributes in process `syz.3.95'. [ 143.348642][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.364354][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.477601][ T6405] netlink: 330 bytes leftover after parsing attributes in process `syz.2.97'. [ 143.797607][ T6418] netlink: 342 bytes leftover after parsing attributes in process `syz.2.99'. [ 144.021763][ T6399] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 144.041642][ T6399] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 144.074286][ T6399] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 144.081565][ T6399] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 144.184971][ T6420] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 144.556356][ T6428] FAULT_INJECTION: forcing a failure. [ 144.556356][ T6428] name failslab, interval 1, probability 0, space 0, times 0 [ 144.572360][ T6428] CPU: 0 UID: 0 PID: 6428 Comm: syz.3.104 Not tainted syzkaller #0 PREEMPT(full) [ 144.572402][ T6428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 144.572421][ T6428] Call Trace: [ 144.572432][ T6428] [ 144.572445][ T6428] dump_stack_lvl+0x16c/0x1f0 [ 144.572483][ T6428] should_fail_ex+0x512/0x640 [ 144.572518][ T6428] ? fs_reclaim_acquire+0xae/0x150 [ 144.572558][ T6428] should_failslab+0xc2/0x120 [ 144.572596][ T6428] __kmalloc_node_track_caller_noprof+0xde/0x910 [ 144.572658][ T6428] ? ima_collect_measurement+0x4c2/0xa50 [ 144.572702][ T6428] ? krealloc_node_align_noprof+0x2ea/0x3d0 [ 144.572755][ T6428] krealloc_node_align_noprof+0x2ea/0x3d0 [ 144.572817][ T6428] ? ima_calc_file_hash+0x1e2/0x490 [ 144.572850][ T6428] ima_collect_measurement+0x4c2/0xa50 [ 144.572891][ T6428] ? __pfx_ima_collect_measurement+0x10/0x10 [ 144.572923][ T6428] ? lock_acquire+0x179/0x330 [ 144.572977][ T6428] ? process_measurement+0x7f8/0x22d0 [ 144.573020][ T6428] ? is_bad_inode+0xd/0x40 [ 144.573043][ T6428] ? xattr_resolve_name+0x27b/0x3f0 [ 144.573083][ T6428] ? vfs_getxattr_alloc+0xec/0x350 [ 144.573126][ T6428] ? ima_get_hash_algo+0x27c/0x400 [ 144.573173][ T6428] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 144.573232][ T6428] ? process_measurement+0x11b9/0x22d0 [ 144.573279][ T6428] process_measurement+0x11b9/0x22d0 [ 144.573341][ T6428] ? __lock_acquire+0x433/0x22f0 [ 144.573378][ T6428] ? __pfx_process_measurement+0x10/0x10 [ 144.573428][ T6428] ? kasan_save_stack+0x42/0x60 [ 144.573458][ T6428] ? kasan_save_track+0x14/0x30 [ 144.573486][ T6428] ? kmem_cache_alloc_noprof+0x250/0x760 [ 144.573542][ T6428] ? find_held_lock+0x2b/0x80 [ 144.573593][ T6428] ? aa_file_perm+0x29e/0x1560 [ 144.573684][ T6428] ima_file_mmap+0x1b6/0x1e0 [ 144.573734][ T6428] ? __pfx_ima_file_mmap+0x10/0x10 [ 144.573796][ T6428] security_mmap_file+0x88c/0x990 [ 144.573841][ T6428] vm_mmap_pgoff+0xec/0x470 [ 144.573873][ T6428] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 144.573917][ T6428] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 144.573959][ T6428] ? hugetlbfs_get_inode+0x31f/0x700 [ 144.574008][ T6428] ksys_mmap_pgoff+0x1c8/0x5c0 [ 144.574041][ T6428] __x64_sys_mmap+0x125/0x190 [ 144.574079][ T6428] do_syscall_64+0xcd/0xf80 [ 144.574119][ T6428] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.574153][ T6428] RIP: 0033:0x7f5afe98f7c9 [ 144.574179][ T6428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.574210][ T6428] RSP: 002b:00007f5aff906038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 144.574242][ T6428] RAX: ffffffffffffffda RBX: 00007f5afebe5fa0 RCX: 00007f5afe98f7c9 [ 144.574265][ T6428] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 144.574285][ T6428] RBP: 00007f5afea13f91 R08: 0000000000000004 R09: 0000300000000000 [ 144.574306][ T6428] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 144.574325][ T6428] R13: 00007f5afebe6038 R14: 00007f5afebe5fa0 R15: 00007ffe45b35478 [ 144.574366][ T6428] [ 144.892258][ T30] audit: type=1800 audit(1764962786.925:2): pid=6428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.104" name="anon_hugepage" dev="hugetlbfs" ino=10157 res=0 errno=0 [ 144.906530][ T6432] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 145.425242][ T6441] random: crng reseeded on system resumption [ 145.654406][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 145.753196][ T6451] netlink: 330 bytes leftover after parsing attributes in process `syz.2.107'. [ 146.052834][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 146.076054][ T5846] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 146.133210][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 146.133220][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 146.266587][ T6466] program syz.2.110 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 148.465050][ T6478] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 148.533186][ T6478] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 148.539308][ T6478] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 148.561535][ T6478] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 149.603857][ T6511] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 149.765564][ T6518] netlink: 330 bytes leftover after parsing attributes in process `syz.3.118'. [ 150.053822][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 150.652970][ T5842] Bluetooth: hci2: command 0x0c1a tx timeout [ 150.663122][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 150.663421][ T5151] Bluetooth: hci1: command 0x0c1a tx timeout [ 150.692365][ T6523] vidtv vidtv.0: No streaming. Skipping. [ 152.282610][ T6537] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 152.289263][ T6537] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 152.340187][ T6537] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 152.413048][ T6537] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 152.621836][ T6558] FAULT_INJECTION: forcing a failure. [ 152.621836][ T6558] name failslab, interval 1, probability 0, space 0, times 0 [ 152.676333][ T6558] CPU: 1 UID: 0 PID: 6558 Comm: syz.2.128 Not tainted syzkaller #0 PREEMPT(full) [ 152.676380][ T6558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 152.676400][ T6558] Call Trace: [ 152.676412][ T6558] [ 152.676425][ T6558] dump_stack_lvl+0x16c/0x1f0 [ 152.676466][ T6558] should_fail_ex+0x512/0x640 [ 152.676506][ T6558] ? __kmalloc_cache_noprof+0x5f/0x800 [ 152.676560][ T6558] should_failslab+0xc2/0x120 [ 152.676600][ T6558] __kmalloc_cache_noprof+0x72/0x800 [ 152.676646][ T6558] ? __lock_acquire+0x433/0x22f0 [ 152.676686][ T6558] ? ima_calc_file_hash_tfm+0x234/0x350 [ 152.676727][ T6558] ? ima_calc_file_hash_tfm+0x234/0x350 [ 152.676759][ T6558] ima_calc_file_hash_tfm+0x234/0x350 [ 152.676793][ T6558] ? __pfx_ima_calc_file_hash_tfm+0x10/0x10 [ 152.676875][ T6558] ? stack_trace_snprint+0xc0/0xd0 [ 152.676915][ T6558] ? __pfx_stack_trace_save+0x10/0x10 [ 152.676957][ T6558] ? ima_alloc_tfm+0x21a/0x2e0 [ 152.676986][ T6558] ? generic_fillattr+0x6bf/0x940 [ 152.677034][ T6558] ima_calc_file_hash+0x1ba/0x490 [ 152.677073][ T6558] ima_collect_measurement+0x8a6/0xa50 [ 152.677123][ T6558] ? __pfx_ima_collect_measurement+0x10/0x10 [ 152.677170][ T6558] ? lock_acquire+0x179/0x330 [ 152.677234][ T6558] ? process_measurement+0x7f8/0x22d0 [ 152.677286][ T6558] ? is_bad_inode+0xd/0x40 [ 152.677315][ T6558] ? xattr_resolve_name+0x27b/0x3f0 [ 152.677357][ T6558] ? vfs_getxattr_alloc+0xec/0x350 [ 152.677402][ T6558] ? ima_get_hash_algo+0x27c/0x400 [ 152.677449][ T6558] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 152.677508][ T6558] ? process_measurement+0x11b9/0x22d0 [ 152.677559][ T6558] process_measurement+0x11b9/0x22d0 [ 152.677623][ T6558] ? __lock_acquire+0x433/0x22f0 [ 152.677664][ T6558] ? __pfx_process_measurement+0x10/0x10 [ 152.677716][ T6558] ? kasan_save_stack+0x42/0x60 [ 152.677748][ T6558] ? kasan_save_track+0x14/0x30 [ 152.677779][ T6558] ? kmem_cache_alloc_noprof+0x250/0x760 [ 152.677840][ T6558] ? find_held_lock+0x2b/0x80 [ 152.677894][ T6558] ? aa_file_perm+0x29e/0x1560 [ 152.677989][ T6558] ima_file_mmap+0x1b6/0x1e0 [ 152.678044][ T6558] ? __pfx_ima_file_mmap+0x10/0x10 [ 152.678110][ T6558] security_mmap_file+0x88c/0x990 [ 152.678163][ T6558] vm_mmap_pgoff+0xec/0x470 [ 152.678200][ T6558] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 152.678253][ T6558] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 152.678303][ T6558] ? hugetlbfs_get_inode+0x31f/0x700 [ 152.678362][ T6558] ksys_mmap_pgoff+0x1c8/0x5c0 [ 152.678402][ T6558] __x64_sys_mmap+0x125/0x190 [ 152.678443][ T6558] do_syscall_64+0xcd/0xf80 [ 152.678482][ T6558] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.678516][ T6558] RIP: 0033:0x7f6c46f8f7c9 [ 152.678543][ T6558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.678576][ T6558] RSP: 002b:00007f6c47da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 152.678608][ T6558] RAX: ffffffffffffffda RBX: 00007f6c471e5fa0 RCX: 00007f6c46f8f7c9 [ 152.678631][ T6558] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 152.678651][ T6558] RBP: 00007f6c47013f91 R08: 0000000000000004 R09: 0000300000000000 [ 152.678672][ T6558] R10: 0000000000040eb2 R11: 0000000000000246 R12: 0000000000000000 [ 152.678693][ T6558] R13: 00007f6c471e6038 R14: 00007f6c471e5fa0 R15: 00007ffcf82cd798 [ 152.678738][ T6558] [ 152.678967][ T30] audit: type=1800 audit(1764962794.715:3): pid=6558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.128" name="anon_hugepage" dev="hugetlbfs" ino=10672 res=0 errno=0 [ 152.718868][ T6556] netlink: 338 bytes leftover after parsing attributes in process `syz.3.129'. [ 153.047171][ T6556] macvlan1: entered allmulticast mode [ 153.332926][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.511977][ T6561] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 154.374276][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 154.380438][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 154.453357][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 156.714700][ T6606] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 158.043349][ T6604] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 158.097502][ T6604] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 158.187752][ T6604] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 158.309568][ T6604] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 158.932887][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 159.406353][ T6645] FAULT_INJECTION: forcing a failure. [ 159.406353][ T6645] name failslab, interval 1, probability 0, space 0, times 0 [ 159.472008][ T6648] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 159.490946][ T6645] CPU: 1 UID: 0 PID: 6645 Comm: syz.2.146 Not tainted syzkaller #0 PREEMPT(full) [ 159.490990][ T6645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 159.491010][ T6645] Call Trace: [ 159.491021][ T6645] [ 159.491033][ T6645] dump_stack_lvl+0x16c/0x1f0 [ 159.491072][ T6645] should_fail_ex+0x512/0x640 [ 159.491110][ T6645] ? fs_reclaim_acquire+0xae/0x150 [ 159.491151][ T6645] should_failslab+0xc2/0x120 [ 159.491190][ T6645] __kmalloc_cache_noprof+0x72/0x800 [ 159.491237][ T6645] ? fsnotify_add_mark_locked+0x507/0xfd0 [ 159.491292][ T6645] ? fsnotify_add_mark_locked+0x507/0xfd0 [ 159.491340][ T6645] fsnotify_add_mark_locked+0x507/0xfd0 [ 159.491400][ T6645] do_fanotify_mark+0x301d/0x39e0 [ 159.491454][ T6645] ? __pfx_do_fanotify_mark+0x10/0x10 [ 159.491500][ T6645] ? __x64_sys_futex+0x1e9/0x4c0 [ 159.491556][ T6645] ? xfd_validate_state+0x61/0x180 [ 159.491589][ T6645] ? __pfx_ksys_write+0x10/0x10 [ 159.491630][ T6645] __x64_sys_fanotify_mark+0xbd/0x160 [ 159.491663][ T6645] ? do_syscall_64+0x91/0xf80 [ 159.491696][ T6645] ? lockdep_hardirqs_on+0x7c/0x110 [ 159.491730][ T6645] do_syscall_64+0xcd/0xf80 [ 159.491767][ T6645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.491801][ T6645] RIP: 0033:0x7f6c46f8f7c9 [ 159.491827][ T6645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.491859][ T6645] RSP: 002b:00007f6c47da5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012d [ 159.491895][ T6645] RAX: ffffffffffffffda RBX: 00007f6c471e5fa0 RCX: 00007f6c46f8f7c9 [ 159.491918][ T6645] RDX: 0000000000008009 RSI: 0000000000000105 RDI: 0000000000000000 [ 159.491938][ T6645] RBP: 00007f6c47013f91 R08: 0000000000000000 R09: 0000000000000000 [ 159.491958][ T6645] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 159.491977][ T6645] R13: 00007f6c471e6038 R14: 00007f6c471e5fa0 R15: 00007ffcf82cd798 [ 159.492023][ T6645] [ 159.994012][ T6632] netlink: 16 bytes leftover after parsing attributes in process `syz.1.141'. [ 160.137451][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 160.212758][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 160.372769][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 160.504730][ T6658] netlink: 338 bytes leftover after parsing attributes in process `syz.2.149'. [ 160.529359][ T6659] netlink: 338 bytes leftover after parsing attributes in process `syz.3.150'. [ 160.572879][ T6658] macvlan1: entered allmulticast mode [ 161.117535][ T6669] openvswitch: netlink: Flow key attribute not present in set flow. [ 162.401523][ T6674] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 162.589832][ T6674] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 162.729848][ T6674] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 162.885096][ T6674] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 163.412782][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 163.760422][ T6704] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 164.041253][ T6711] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 164.117438][ T30] audit: type=1800 audit(1764962806.155:4): pid=6711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.162" name="trace_pipe" dev="tracefs" ino=1264 res=0 errno=0 [ 164.612877][ T5846] Bluetooth: hci1: command 0x0c1a tx timeout [ 164.691258][ T6728] input: f¬ as /devices/virtual/input/input5 [ 164.773279][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 164.933186][ T5846] Bluetooth: hci3: command 0x0c1a tx timeout [ 166.485943][ T6740] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 166.503128][ T6740] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 166.514098][ T6740] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 166.558671][ T6740] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 167.515781][ T6760] netlink: 8 bytes leftover after parsing attributes in process `syz.1.174'. [ 168.241515][ T6772] process 'syz.2.177' launched '/dev/fd/3' with NULL argv: empty string added [ 168.298930][ T5846] Bluetooth: hci0: command 0x0c1a tx timeout [ 168.314288][ T6772] FAULT_INJECTION: forcing a failure. [ 168.314288][ T6772] name failslab, interval 1, probability 0, space 0, times 0 [ 168.332883][ T6772] CPU: 1 UID: 0 PID: 6772 Comm: syz.2.177 Not tainted syzkaller #0 PREEMPT(full) [ 168.332925][ T6772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 168.332944][ T6772] Call Trace: [ 168.332955][ T6772] [ 168.332968][ T6772] dump_stack_lvl+0x16c/0x1f0 [ 168.333008][ T6772] should_fail_ex+0x512/0x640 [ 168.333045][ T6772] ? kmem_cache_alloc_lru_noprof+0x66/0x760 [ 168.333097][ T6772] should_failslab+0xc2/0x120 [ 168.333146][ T6772] kmem_cache_alloc_lru_noprof+0x79/0x760 [ 168.333199][ T6772] ? __d_alloc+0x35/0xa80 [ 168.333245][ T6772] ? __d_alloc+0x35/0xa80 [ 168.333283][ T6772] __d_alloc+0x35/0xa80 [ 168.333327][ T6772] d_alloc_pseudo+0x1c/0xc0 [ 168.333377][ T6772] alloc_file_pseudo+0xcf/0x230 [ 168.333427][ T6772] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 168.333474][ T6772] ? alloc_fd+0x471/0x7d0 [ 168.333516][ T6772] sock_alloc_file+0x50/0x210 [ 168.333565][ T6772] __sys_socket+0x1c6/0x2d0 [ 168.333596][ T6772] ? __pfx___sys_socket+0x10/0x10 [ 168.333627][ T6772] ? xfd_validate_state+0x61/0x180 [ 168.333671][ T6772] __x64_sys_socket+0x72/0xb0 [ 168.333699][ T6772] ? lockdep_hardirqs_on+0x7c/0x110 [ 168.333734][ T6772] do_syscall_64+0xcd/0xf80 [ 168.333768][ T6772] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.333796][ T6772] RIP: 0033:0x7f6c46f8f7c9 [ 168.333817][ T6772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.333843][ T6772] RSP: 002b:00007f6c47da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 168.333868][ T6772] RAX: ffffffffffffffda RBX: 00007f6c471e5fa0 RCX: 00007f6c46f8f7c9 [ 168.333886][ T6772] RDX: 0000000000000002 RSI: 0000000000000005 RDI: 0000000000000018 [ 168.333902][ T6772] RBP: 00007f6c47013f91 R08: 0000000000000000 R09: 0000000000000000 [ 168.333918][ T6772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.333934][ T6772] R13: 00007f6c471e6038 R14: 00007f6c471e5fa0 R15: 00007ffcf82cd798 [ 168.333969][ T6772] [ 168.567650][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 168.573750][ T5846] Bluetooth: hci2: command 0x0c1a tx timeout [ 168.617593][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 168.714359][ T6772] VFS_BUG_ON_INODE(inode_state_read_once(inode) & I_CLEAR) encountered for inode ffff88805b934000 [ 168.714359][ T6772] fs sockfs mode 140777 opflags 0x8 flags 0x0 state 0x300 count 0 [ 168.774930][ T6772] ------------[ cut here ]------------ [ 168.780495][ T6772] kernel BUG at fs/inode.c:1971! [ 168.850643][ T6772] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI [ 168.856946][ T6772] CPU: 0 UID: 0 PID: 6772 Comm: syz.2.177 Not tainted syzkaller #0 PREEMPT(full) [ 168.866171][ T6772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 168.876250][ T6772] RIP: 0010:iput.part.0+0xb3b/0x1190 [ 168.881571][ T6772] Code: 4b 68 ff ff 90 0f 0b e8 73 fa 7c ff 90 0f 0b 90 e9 d3 f8 ff ff e8 65 fa 7c ff 48 c7 c6 a0 79 a0 8b 48 89 df e8 26 68 ff ff 90 <0f> 0b e8 4e fa 7c ff 48 c7 c6 00 7a a0 8b 48 89 df e8 0f 68 ff ff [ 168.901218][ T6772] RSP: 0018:ffffc9000c377dc8 EFLAGS: 00010296 [ 168.907338][ T6772] RAX: 000000000000009f RBX: ffff88805b934000 RCX: ffffc9000cc7a000 [ 168.915358][ T6772] RDX: 0000000000000000 RSI: ffffffff819bf739 RDI: 0000000000000005 [ 168.923375][ T6772] RBP: 0000000000000200 R08: 0000000000000005 R09: 0000000000000000 [ 168.931391][ T6772] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000000 [ 168.939408][ T6772] R13: ffffffff90878234 R14: ffff88805b9340d0 R15: dffffc0000000000 [ 168.947428][ T6772] FS: 00007f6c47da56c0(0000) GS:ffff888124967000(0000) knlGS:0000000000000000 [ 168.956408][ T6772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.963010][ T6772] CR2: 0000001b31ae3ff8 CR3: 000000005df06000 CR4: 00000000003526f0 [ 168.971007][ T6772] Call Trace: [ 168.974290][ T6772] [ 168.977226][ T6772] iput+0x35/0x40 [ 168.980879][ T6772] __sock_release+0x20b/0x270 [ 168.985585][ T6772] __sys_socket+0x23a/0x2d0 [ 168.990120][ T6772] ? __pfx___sys_socket+0x10/0x10 [ 168.995192][ T6772] ? xfd_validate_state+0x61/0x180 [ 169.000331][ T6772] __x64_sys_socket+0x72/0xb0 [ 169.005027][ T6772] ? lockdep_hardirqs_on+0x7c/0x110 [ 169.010239][ T6772] do_syscall_64+0xcd/0xf80 [ 169.014753][ T6772] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.020654][ T6772] RIP: 0033:0x7f6c46f8f7c9 [ 169.025076][ T6772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.044704][ T6772] RSP: 002b:00007f6c47da5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 169.053133][ T6772] RAX: ffffffffffffffda RBX: 00007f6c471e5fa0 RCX: 00007f6c46f8f7c9 [ 169.061109][ T6772] RDX: 0000000000000002 RSI: 0000000000000005 RDI: 0000000000000018 [ 169.069083][ T6772] RBP: 00007f6c47013f91 R08: 0000000000000000 R09: 0000000000000000 [ 169.077068][ T6772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.085047][ T6772] R13: 00007f6c471e6038 R14: 00007f6c471e5fa0 R15: 00007ffcf82cd798 [ 169.093050][ T6772] [ 169.096095][ T6772] Modules linked in: [ 169.101743][ T6772] ---[ end trace 0000000000000000 ]--- [ 169.309570][ T6772] RIP: 0010:iput.part.0+0xb3b/0x1190 [ 169.332101][ T6772] Code: 4b 68 ff ff 90 0f 0b e8 73 fa 7c ff 90 0f 0b 90 e9 d3 f8 ff ff e8 65 fa 7c ff 48 c7 c6 a0 79 a0 8b 48 89 df e8 26 68 ff ff 90 <0f> 0b e8 4e fa 7c ff 48 c7 c6 00 7a a0 8b 48 89 df e8 0f 68 ff ff [ 169.394290][ T6772] RSP: 0018:ffffc9000c377dc8 EFLAGS: 00010296 [ 169.398113][ T6768] netlink: 16 bytes leftover after parsing attributes in process `syz.0.176'. [ 169.400526][ T6772] RAX: 000000000000009f RBX: ffff88805b934000 RCX: ffffc9000cc7a000 [ 169.431370][ T6767] caif:caif_disconnect_client(): nothing to disconnect [ 169.433800][ T6772] RDX: 0000000000000000 RSI: ffffffff819bf739 RDI: 0000000000000005 [ 169.482741][ T6772] RBP: 0000000000000200 R08: 0000000000000005 R09: 0000000000000000 [ 169.510996][ T6772] R10: 0000000080000000 R11: 0000000000000001 R12: 0000000000000000 [ 169.520371][ T6772] R13: ffffffff90878234 R14: ffff88805b9340d0 R15: dffffc0000000000 [ 169.528762][ T6772] FS: 00007f6c47da56c0(0000) GS:ffff888124a67000(0000) knlGS:0000000000000000 [ 169.538246][ T6772] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 169.545356][ T6772] CR2: 0000001b317f8ff8 CR3: 000000005df06000 CR4: 00000000003526f0 [ 169.558577][ T6772] Kernel panic - not syncing: Fatal exception [ 169.565202][ T6772] Kernel Offset: disabled [ 169.569572][ T6772] Rebooting in 86400 seconds..