last executing test programs: 2m13.961084071s ago: executing program 0 (id=265): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) r0 = socket(0x6, 0x80000, 0x800) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x800, &(0x7f0000000500)={[0x7, 0x80000001, 0x8, 0x7, 0x2, 0x4, 0x155, 0x8, 0x6, 0x5, 0x7, 0x5, 0x9ad, 0x3, 0x8, 0x6]}, &(0x7f0000000580)={[0x3, 0x3ff, 0x101, 0x5, 0x8, 0x40, 0xb7, 0x6e6, 0x9, 0x3ff, 0x1ff, 0x4, 0x4, 0x7, 0x3, 0x7]}, &(0x7f0000000600)={[0x6, 0x0, 0x0, 0x4, 0x282, 0xb1, 0x8, 0x8, 0xfffffffffffffff9, 0x9, 0xfffffffffffffffc, 0x3, 0x3, 0x9f5, 0x0, 0x111]}, &(0x7f0000000340)={0x10000, 0x4}) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x3, 0x948b, 0x3, 0x7f, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xd, 0x2, 0x6]}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/nfc/nfc1/rfkill1/soft\x00', 0xa3182, 0x0) sendfile$auto(r3, r3, 0x0, 0xffffffff) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x0, 0x0) read$auto_tomoyo_operations_securityfs_if(r4, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x1d, 0x2, 0x7) sendto$auto(r5, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can={0x1d, 0x0, 0x3f}, 0x36) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="d47b1cab1fd31e0d040047f1", @ANYRES16=r1, @ANYBLOB="000426bd7000fddbdf25060000000c001100657468746f6f6c000800060002000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x440440d4) r6 = socket(0x10, 0x3, 0x6) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r7, @ANYBLOB="01002dbd7000fedbdf2505000000da02038008", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) 2m12.858529538s ago: executing program 0 (id=268): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090) mmap$auto(0x0, 0x80000002020009, 0x3, 0x410, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x8}, &(0x7f00000001c0)=0x6, 0x0, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) ioctl$auto_KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x8, r1, 0x800000000001, 0x33}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0xb, 0x0, 0x0, 0x6e2d, 0xfffffffb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) mincore$auto(0x1000, 0x8001, 0x0) madvise$auto(0x2, 0x5c61fa2c, 0xf) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x800) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) write$auto(0x3, 0x0, 0xffd8) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, 0x0, 0x24000044) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) 2m11.73913039s ago: executing program 0 (id=270): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000002e40), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r2, &(0x7f0000002f00)={0x0, 0x0, &(0x7f0000002ec0)={&(0x7f0000000140)=ANY=[@ANYBLOB="7fd92f996dc6fbeab173d21b40054bcf76fd9c1467e54aa92eff604f9301012a09d1d3f3245703f4f1f30d2363153173e37436209a09e967d5db4919b0d73bb9f49246986a6b1614394b0db5d365749fb60b6a1430437f04b6201c8a29e648ab27bb1a0b038baa33e1a4fa659a815552be838d84d1ca11301d00000000000000000000000000292ce477f2d8401aaf8812e6aeea0c946f902ede2f604fe8cbe19449c1", @ANYRES16=r3, @ANYBLOB="010028bd7000fcdbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x4048c40}, 0x4) readv$auto(r1, &(0x7f0000000680)={0x0, 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) openat$auto_usbfs_devices_fops_usb(0xffffffffffffff9c, 0x0, 0x28400, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r4 = socket(0x1e, 0x1, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20c000, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x801, 0x84) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video33\x00', 0x80382, 0x0) ioctl$auto(r5, 0xc0045627, r4) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x244502, 0x0) ppoll$auto(0x0, 0xf3, 0x0, 0x0, 0x8) unshare$auto(0x40000080) socket(0xa, 0x5, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x13, 0x202000a, 0x8000000000000003, 0x4000000019, r6, 0xffffffffffffffff) 2m10.864871333s ago: executing program 0 (id=273): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) ioctl$auto(0x3, 0x4020565a, 0x38) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r0 = socket(0x1e, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x101, 0x0) socket(0x21, 0x3, 0x9) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3739aae3, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xd, 0x1, 0x948b, 0x1, 0x15f4da0a, 0x1, 0xffffffffd09d8d67, 0x62, 0x80000023, 0x7, 0x6d3e, 0x9, 0x2, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_BLKBSZSET(0xffffffffffffffff, 0x40081271, 0x0) unshare$auto(0x40000080) ioctl$auto_ECCGETSTATS(r2, 0x80104d12, &(0x7f0000000440)={0x8, 0x0, 0x7, 0x5}) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000140)=""/103, 0x67) getpgid(0x0) mmap$auto(0x0, 0x2000d, 0x4080000200df, 0xeb1, 0x404, 0x8000) getsockopt$auto(0xffffffffffffffff, 0x107, 0xc, 0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x4c, r3, 0xa06, 0x70bd2d, 0x25dfdbfc, {}, [@IEEE802154_ATTR_CHANNEL={0x5, 0x7, 0x8}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0xe}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x5}, @IEEE802154_ATTR_CSMA_MIN_BE={0x5, 0x26, 0xbd}, @IEEE802154_ATTR_PHY_NAME={0xe, 0x1f, 'ovs_vport\x00'}, @IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x8}]}, 0x4c}}, 0x20004000) syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f00000001c0), 0xffffffffffffffff) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="1f91f2c388274610e18d5fc5e5bfd9800e9b4b", 0x13) bpf$auto_BPF_OBJ_GET(0x7, &(0x7f0000000000)=@bpf_attr_5={@target_ifindex, 0xffffffffffffffff, 0x0, 0x8, 0xffffffffffffffff, @relative_fd, 0x7}, 0xf) 2m9.281921764s ago: executing program 0 (id=279): mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x11}}, 0x54) socket(0x10, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000f80), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_DEL(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="c70b879c18ee3c255817032210f83c47c84592ebc3511a18d4a683c806393eb64af250dfe2e425c0810a9e8fdcb38da70c465badbcb6071bb52243ff858eaa25b04d531e0d13fc991fa5b2c041fd3745f7a21de85c6e332c7607fbedd329cee8d5e92d2901f632893292f98b4e0c6d087848b044c346f76ac2786f808cfe9cd7f61a23b14b2462bf20ed1b9cc40a70c897849cf36beb4591f46d29df88c66a5f5097f6131803cba903d13751"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0x44884) memfd_secret$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/ram8/dev\x00', 0x488981, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x800000000001, 0x0) fcntl$auto(0xffffffffffffffff, 0x80000000, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x600, 0x0) openat$auto_buffer_percent_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/buffer_percent\x00', 0x1, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x68, 0x0, 0x0, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF1_SEQ={0x6, 0x6, 0x81}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IF1_SEQ={0x6, 0x6, 0xe}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}}, @HSR_A_IF1_AGE={0x8, 0x3, 0x41}, @HSR_A_IFINDEX={0x8}, @HSR_A_IF2_AGE={0x8, 0x4, 0x80}]}, 0x68}, 0x1, 0x0, 0x0, 0x20040084}, 0x44098) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20401, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x400002, &(0x7f00000002c0)={0x0, 0xc7}, 0x6, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x40000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) 2m8.913158934s ago: executing program 0 (id=281): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) socket(0x8, 0x2, 0xfffffffd) r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) bind$auto(r1, 0x0, 0x67) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xb, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0d, 0x7, 0x2, 0x7ff, 0x89, 0x26, 0x4, 0x200004000001, 0x384, 0xfffffffffffffffa, 0x0, 0x0, 0x30, 0x1, 0x864, 0xb, 0x22000, 0x200, 0x0, 0x84, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, [0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe]}, 0xb, 0xd) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x9541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd08, &(0x7f00000001c0)) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) sendmsg$auto_NL80211_CMD_DEL_PMK(r3, 0x0, 0x8000) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x1, 0x0) unshare$auto(0x40000080) 1m53.75766919s ago: executing program 32 (id=281): socket$nl_generic(0x10, 0x3, 0x10) socket(0xf, 0x3, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x2, 0x0) socket(0x8, 0x2, 0xfffffffd) r1 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) bind$auto(r1, 0x0, 0x67) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xb, 0x1, 0x44f, 0x7, 0x5, 0x1007181, 0x8a0d, 0x7, 0x2, 0x7ff, 0x89, 0x26, 0x4, 0x200004000001, 0x384, 0xfffffffffffffffa, 0x0, 0x0, 0x30, 0x1, 0x864, 0xb, 0x22000, 0x200, 0x0, 0x84, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, [0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe]}, 0xb, 0xd) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000000), 0x9541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd08, &(0x7f00000001c0)) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3c, 0x9, 0x2, 0x6]}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) sendmsg$auto_NL80211_CMD_DEL_PMK(r3, 0x0, 0x8000) mmap$auto(0x0, 0x8, 0xdc, 0xeb1, 0x0, 0x8002) socket(0xa, 0x5, 0x8) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) socket(0xa, 0x1, 0x100) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x1, 0x0) unshare$auto(0x40000080) 55.732749781s ago: executing program 3 (id=480): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, 0x0, 0x7ff, 0x400) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x0, 0x27, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) read$auto_vcs_fops_vc_screen(r2, &(0x7f0000000080)=""/238, 0xffffffe9) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000080)=""/209, 0xd1) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) r4 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r4, &(0x7f0000001680)="a7", 0x80000) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) msync$auto(0x0, 0x5, 0xd35d) openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x80, 0x0) 54.563686429s ago: executing program 3 (id=484): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92\x90|l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00'/507, 0x1098c7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc7f16bff2a10ba01, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, 0x0, 0xa0042, 0x0) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) setsockopt$auto_SO_RESERVE_MEM(r1, 0x200, 0x49, 0x0, 0x5) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xcc03, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x309242, 0x0) getsockopt$auto_SO_PASSSEC(r2, 0x8, 0x22, &(0x7f0000000080)='\\%\x00', &(0x7f00000000c0)=0x2d2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000e3, 0x10000040eb2, 0x402, 0x300000000000) pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x1f5) ioctl$auto_TCSBRKP2(0xffffffffffffffff, 0x5425, 0x0) io_uring_setup$auto(0x7, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) 53.208901603s ago: executing program 3 (id=490): openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x81, 0x1, 0x44f, 0x807, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x7, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xd]}, 0x1fa, 0xd) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)="de91b83a075c", 0x6) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) setitimer$auto(0x2, &(0x7f0000000000)={{0x8000, 0x6}, {0xa4b, 0x6}}, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/cards\x00', 0x2, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000000c0)=""/163, 0xa3) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) io_uring_setup$auto(0x8000, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x5aa, 0x0, 0x2e, 0x0, 0x7, 0x1083}, 0x5}, 0x2, 0x100) unshare$auto(0x40000080) r1 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/media5\x00', 0x202, 0x0) getsockopt$auto_SO_ERROR(r1, 0x7ff, 0x4, 0x0, &(0x7f0000000180)=0xa7d) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) write$auto(r4, &(0x7f0000000180)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x5) 52.561940037s ago: executing program 3 (id=492): r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf25040000000400100008000cf1edfba1d1e45aea61b8f7020700000002681af944a5465101930e1f4b991ef2f10f485ddf80e07251de39066555baed365ef30714"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) close_range$auto(r0, 0x8, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0x24, r3, 0x400, 0x70bd26, 0x25dfdbfd, {}, [@NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x4}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x1be0}]}, 0x24}, 0x1, 0x0, 0x0, 0x20080040}, 0x24000810) brk$auto(0xffffffffffffff66) write$auto_tty_fops_tty_io(0xffffffffffffffff, &(0x7f0000000300)="352c8efa618c0bcf83a4ebdb278754e15f334a572cad539da201096bbbc2ce7db19c429be7137d848ef31b38b0b3c7da1c61fef8e0e24e400f96eb989b4f68220f90f3df243e352f17abbc44e0cfececd72dc611200c0fc4cb84d1fc175dc31b38e002c53627c31e0f3a31c079ae368fd33dfdfc97f40f7f", 0x78) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000200), 0x100000, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r1, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000500)={&(0x7f0000000400)={0xcc, r3, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_SMPS_MODE={0x5, 0xd5, 0x5}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x6}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x9e, 0xbd, "4c59080974edf6e2f7df838fc99571f987047ddd4500b8d4eb66ab1c3eb74de348f2527e80024987ed12f626e267080de8ea6039ac549cb1f5a877d62de0757e764a0231e7ef8647883e3bfb0b5297c36eb225267f0fb849f9fdbf50233dedcf85441d4fe6ca9de163d3a565f0c2ff599c0308af4a0f01a34a1961eba6aea679d7f16f3ad2cb9ebce2bd74e094fbaabec699f5e3aed9eb26075e"}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x8}]}, 0xcc}, 0x1, 0x0, 0x0, 0x4040}, 0xc000) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x8, 0x2, 0xea2, 0x24f0c8f3, r1, 0xda3) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x1e, 0x4, 0x0) fstatfs$auto(r5, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r5, 0x4020ae76, r6) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) 50.202568717s ago: executing program 3 (id=498): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = memfd_create$auto(0x0, 0x9) socket(0x10, 0x2, 0x6) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x51) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x9, 0x3, 0x16, 0x93f, 0x1ffe0, 0x3, 0x6, 0x2, 0x0, 0x5, 0xfff, 0xf, 0xb0, 0x1, 0x5, 0x7, 0x9, 0x7, 0x0, 0x0, 0x0, 0x200, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3043, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x11, 0x8000000000000001]}, 0x1fe, 0x10081) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa503}, 0x800}, 0x7, 0x4008) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0xffffffffffffffff, &(0x7f0000000040)='\xce*+#\x00', 0x80) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x10b042, 0x0) sendfile$auto(r2, r2, 0x0, 0x2) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x40009, 0xde, 0x9b72, 0x7, 0x28000) capset$auto(0x0, 0x0) socket(0xa, 0xa, 0x88) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'team0\x00'}) bpf$auto(0x0, 0x0, 0xf) r3 = syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="4000100000", @ANYRES16=r3], 0x240}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) 49.202442418s ago: executing program 3 (id=501): openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x81, 0x1, 0x44f, 0x807, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x7, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xd]}, 0x1fa, 0xd) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)="de91b83a075c", 0x6) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) setitimer$auto(0x2, &(0x7f0000000000)={{0x8000, 0x6}, {0xa4b, 0x6}}, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/cards\x00', 0x2, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000000c0)=""/163, 0xa3) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) io_uring_setup$auto(0x8000, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x5aa, 0x0, 0x2e, 0x0, 0x7, 0x1083}, 0x5}, 0x2, 0x100) unshare$auto(0x40000080) r1 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/media5\x00', 0x202, 0x0) getsockopt$auto_SO_ERROR(r1, 0x7ff, 0x4, &(0x7f0000000140)=':>()\x00', 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) write$auto(r4, &(0x7f0000000180)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x5) 33.650389744s ago: executing program 33 (id=501): openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x81, 0x1, 0x44f, 0x807, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x7, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xd]}, 0x1fa, 0xd) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)="de91b83a075c", 0x6) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) setitimer$auto(0x2, &(0x7f0000000000)={{0x8000, 0x6}, {0xa4b, 0x6}}, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/cards\x00', 0x2, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000000c0)=""/163, 0xa3) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) io_uring_setup$auto(0x8000, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x5aa, 0x0, 0x2e, 0x0, 0x7, 0x1083}, 0x5}, 0x2, 0x100) unshare$auto(0x40000080) r1 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/media5\x00', 0x202, 0x0) getsockopt$auto_SO_ERROR(r1, 0x7ff, 0x4, &(0x7f0000000140)=':>()\x00', 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) write$auto(r4, &(0x7f0000000180)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x5) 12.836589935s ago: executing program 2 (id=545): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x5, 0x1, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, 0x0, 0x20000001) madvise$auto(0x0, 0xffffffffffff0004, 0x19) kill$auto(0x0, 0x21) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x380, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_MPP(r0, 0x0, 0x880) munmap$auto(0x8000, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) sysfs$auto(0x2, 0x10000000000048, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_CTX_GET_CPT_STATE(r1, 0x7b1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) 8.830769288s ago: executing program 2 (id=554): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8009) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_DEL(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x18, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@OVS_FLOW_ATTR_KEY={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40}, 0x800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x100, 0x0) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000100)={0x3, 0x7, 0x2}) ioctl$auto_BLKTRACESETUP32(r2, 0xc0401273, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) r3 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/ping_group_range\x00', 0x202, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/cpu0/cache/index0/ways_of_associativity\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000003800)=""/168, 0xa8) unshare$auto(0x1000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) read$auto(0x3, 0x0, 0xf34) read$auto(r3, &(0x7f00000000c0)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0x5) write$auto(0x3, 0x0, 0xffd8) 7.680344443s ago: executing program 2 (id=558): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x3a}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event2\x00', 0x0, 0x0) ioperm$auto(0x7, 0x5ad2, 0x8) mmap$auto(0x80, 0x40009, 0x2, 0x100009b72, 0x7, 0x28406) name_to_handle_at$auto(0xffffffffffffffff, &(0x7f00000000c0)='/\x00R\xa6\x00\xc8\xda\xdc\xb1\xb4#\xe4\xeb\xe1c_\x1b/\xb9L\xc6P\x82\xba\x90@\xb8\xb5\xb1\xe8\"\x88s\xdf\x15\xaa\x18\xa9\x86\xc7\x87g>8\xae\x99\xd4~\xc6\xa7\\\xcc\xfeV\x83\f\xdc\xdc~\x8e\xd5\x18\x13\x16\xc5\x93E\x10\xcb\x1c\x02\x00\xd2\xa4_\xa3\xdcS\xe2\xe2\xc6\x85p\xfa\xc3/G\x86\xea\x9f\xb0\x9a\xcc6\x1a\x06\x91\x9f\xcfC\xedU\x00f`\x02\x04\xef\xfe\x10\xec\x17\x83%K\x04\xd5s\x86\xe4\x9d\x15\f\x8c\xd9wj\xe5t\x82o7\xc05ul\xacU\xbf\xc0\xee\xb4\xd7\t\xe0s]\xcd\xac\x87\xa5\xa6.t\xa9\xe8\xa6>\xf2\xd0\xb1\x83\x83\x91\a\xdc\xe9\xaa\x1dx\x06\xa77\xd6\xe1\xe9\x94\xb9Xi\xbbv_\x9a_bv%\xcb\xc7\xdd\xa3\xb4\tpr%\xdf\xc9\x06\xa2\xe7\xe1\xde\x16\xf7\x03x\xf8\v\v\x1a\xfcm\x87r\xc1\b\xca\x97\xb0\xeb\xd6F\x8f^\x94\xdf\x9ax\xf4\x03e[l\xa5', &(0x7f0000000200)={0x2c, 0x6}, 0x0, 0x1001) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty49\x00', 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1fe, 0x0) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x403c6f2b, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bond0\x00'}) rseq$auto(&(0x7f0000000080)={0x9, 0x8, 0x0, 0x7, 0xffffffff, 0x2}, 0x7ffd, 0xfffffff6, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r3, 0xc0045002, 0x0) write$auto(r3, 0x0, 0x7fffffff) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f0000000000)={0x2, 0x7f}) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_STATUS322(0xffffffffffffffff, 0x806c4120, &(0x7f0000000180)={0x0, 0x6, 0x95d7, 0x10000, 0x3, 0x1, 0x9, 0x9, 0x0, 0x7, 0xb, 0x8, 0x100, 0x2, 0x3, 0x3ff, 0x400, 0x4b, "0c1056e3480805f935e214e44f620fa9eba8238cacc3d9e6fc45cf541e509fc2457ae4ae"}) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x3b87, 0xa) 6.706710865s ago: executing program 5 (id=561): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x20000800) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002a00af00000000010100000008000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x4000023}, 0x4008098) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 6.23603075s ago: executing program 5 (id=564): openat$auto_stats_fops_2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x11, 0x3, 0x10) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x2c, 0x4, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0x80040, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r1 = socket(0xa, 0x801, 0x84) semctl$auto(0x8, 0x6, 0x36, 0x100004) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/block/ram3/queue/iostats_passthrough\x00', 0x80202, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) r3 = syz_genetlink_get_family_id$auto_nfc(&(0x7f00000000c0), r1) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000429bd70660500fddbdf25050000000f0002002f70726f632f000000000000000002000d000000d55a363a459d3b9462f15fd8ae6b689586fe99c5a8c7a960d52e8c5ad684f3e3"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) close_range$auto(0x2, 0x8, 0x0) write$auto(0x800000000000c8, 0x0, 0x1a) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/gre0/flags\x00', 0x1, 0x0) setfsuid$auto(0xee01) r5 = setfsuid$auto(0xee01) setresuid$auto(0x0, r5, 0x0) write$auto(r4, &(0x7f0000000100)='9\x00d1L\xff\x15\xba\xa17=w\xc1\xf8\xff\xff\v\xb5^\xa1/\xfb\xaf\xc8\xfc\\\xa9@\xc0\xee\xa2[', 0x4) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, r4, 0x1) mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x2, 0x8000) setrlimit$auto(0x1000000007, 0x0) bind$auto(0x3, &(0x7f0000000040)=@ethernet={0x1, @multicast}, 0x6a) ioctl$auto(0x3, 0x89e0, 0x38) remap_file_pages$auto(0x70ae5b04, 0x100000000, 0x1, 0x71, 0xd1) 6.008464748s ago: executing program 5 (id=565): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92\x90|l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00'/507, 0x1098c7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc7f16bff2a10ba01, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, 0x0, 0xa0042, 0x0) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) setsockopt$auto_SO_RESERVE_MEM(r1, 0x200, 0x49, 0x0, 0x5) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xcc03, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x309242, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000e3, 0x10000040eb2, 0x402, 0x300000000000) pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x1f5) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r2, 0x5425, 0x0) io_uring_setup$auto(0x7, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) 5.385178086s ago: executing program 1 (id=566): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, 0x0, 0x7ff, 0x400) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x0, 0x27, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) read$auto_vcs_fops_vc_screen(r2, &(0x7f0000000080)=""/238, 0xffffffe9) read$auto_nvram_misc_fops_nvram(0xffffffffffffffff, &(0x7f0000000080)=""/209, 0xd1) ioctl$auto_NVRAM_INIT(0xffffffffffffffff, 0x7040, 0x0) membarrier$auto(0x2, 0x0, 0x9) r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r3, &(0x7f0000001680)="a7", 0x80000) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) msync$auto(0x0, 0x5, 0xd35d) openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x80, 0x0) 5.335033333s ago: executing program 4 (id=567): openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x7, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd6\x00', 0x14f602, 0x0) mmap$auto(0x1ff, 0x9, 0x1000000004, 0x9b72, 0x2, 0x8000) r0 = socket(0x18, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x40047459, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) semctl$auto_SETVAL(0x0, 0x10000, 0x10, 0xc2c) remap_file_pages$auto(0x6a27, 0xffc, 0x0, 0x3, 0x4) mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) arch_prctl$auto_ARCH_SHSTK_UNLOCK(0x5004, 0x9) writev$auto(r1, &(0x7f0000000200)={0x0, 0x10}, 0x3) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0) ioctl$auto(r2, 0x800064b9, 0x1e6) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0x800, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0xa, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x141241, 0x0) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) 4.779837918s ago: executing program 5 (id=568): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa102, 0x0) write$auto(r3, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) ioperm$auto(0x7, 0x5ad2, 0xc) r4 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r4, 0x0, 0x7ff, 0x400) socket(0x2, 0x1, 0x0) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x20000003, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/kernel/kexec_load_disabled\x00', 0x202, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) close_range$auto(0x2, 0x8, 0x0) 4.526464898s ago: executing program 2 (id=569): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x48a22, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x8, 0x20009, 0xf, 0x800000000000ebf, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x6a) socket(0x2, 0x80802, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000005c40)='/dev/nbd9\x00', 0x2000, 0x0) fadvise64$auto_POSIX_FADV_SEQUENTIAL(r0, 0x86, 0x8, 0x2) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) mmap$auto(0x0, 0x8, 0xdf, 0x9b70, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r1 = socket(0x2, 0x801, 0x106) getsockopt$auto(r1, 0x11c, 0x3, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4e32, @rand_addr=0x64010101}, 0x51) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg1\x00', 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptye6\x00', 0x400600, 0x0) r3 = open(&(0x7f0000000800)='./file0\x00', 0x62240, 0x154) unshare$auto(0x20000) unlink$auto(&(0x7f0000000040)='./file0\x00') execveat$auto(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x11000) ioctl$auto(r2, 0x100, r2) 4.293173071s ago: executing program 4 (id=570): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8400) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r0, 0x0, 0x7ff, 0x400) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x0, 0x27, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/conf/ip6tnl0/bootp_relay\x00', 0x5014c0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x8800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) socket(0x23, 0x80805, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) r2 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r2, &(0x7f0000000080)=""/209, 0xd1) ioctl$auto_NVRAM_INIT(r2, 0x7040, 0x0) membarrier$auto(0x2, 0x0, 0x9) r3 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r3, &(0x7f0000001680)="a7", 0x80000) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) msync$auto(0x0, 0x5, 0xd35d) openat$auto_minstrel_ht_stat_csv_fops_rc80211_minstrel_ht_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy3/netdev:wlan0/stations/08:02:11:00:00:01/rc_stats_csv\x00', 0x80, 0x0) 4.166382623s ago: executing program 1 (id=571): sendmsg$auto_MACSEC_CMD_ADD_RXSC(0xffffffffffffffff, 0x0, 0x4000081) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/framebuffer\x00', 0x0, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) ioperm$auto(0xe4, 0x82f0, 0x942) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xc01) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x34d802, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(0xffffffffffffffff, &(0x7f0000000540)='/k!\'\x00', 0x5) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x171e02, 0x0) mmap$auto(0x0, 0x10000000020009, 0xdf, 0x19, 0x401, 0x8004) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r2, r2, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video24\x00', 0xa240, 0x0) ioctl$auto(r3, 0xc0585611, r3) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0) sysfs$auto(0x2, 0x11, 0x0) r4 = syz_genetlink_get_family_id$auto_tipcv2(0x0, r2) sendmsg$auto_TIPC_NL_MEDIA_GET(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xc808}, 0xc, &(0x7f0000000140)={&(0x7f0000000900)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="00042cbd7000fedbdf250b0000005a03058095b80bc9fbfce3618374160cd97be0ac595fae9a115cc3d7d63313ce35f2f49ab9c8b84dffaacffa1ec7922f991d2e83c999c098c41280b2c6026c67d266c3048213e09d5d5519cb6154ab498e94e9a32e525572a86c06d742ba36048499de63de873c7c4701a58182fa197422a76c87911c423b34ec1fbb398cd6ffbfa48e0d97023d9d04d4a05db83327e3dbaa7cccd83f1bc2b893ec9d096dd39d4f3ffb0a32059a9804c2c90772ecd1966f2285a0802a6819779fa05692dd13f28020e7169aaf472873d37dcc9309802366a4d1238e636d4a3a7b43daab4632a43e2a671f1e8d00538004003b002ca62aab49f85c612d649594af8700bb9ca0e0a3df264b6e16f1a3c90ce217c071c203d97473454b09062efc8f10f48df7e1818f139932084550e8a34dd903959abea69d9810e723037f4357c21f7f31cf462893cf4c62972e71189d32f05834a652b07ea5aadd3985608f95acad7f3a00e3dd2026961256b9951956b4b445851e375f653500000008004c800400ff800280e71a0c0f3b5d385e55fb9ecdb2ddc96e6a63a8bdd2aac0826005a9f06404978ed27ffd81856019bc1b451906888d42df5c936674054e8164d76ffdaa0b57000474a495566ec94e4f9065be33ee654cb1cdd84a044362a8fba8d1d89e2db513b01508fa41036f86273f2a85660d7b4faf37316228041832254979c92e020e3006fd0b1a780433c29de6a48bb39570163a800d2b7b976b9aaa094ef6c676987b22d61f888cae33153ed26ab2618cf728d1e0a06ea54dbae686f3158ab83c2253d0ce360c7dfde6ed39509257b6662695e222c6c9f47e8d6e818c7da53ba517bf7b010400328008009a00e000000191ea046afad8d9f6149f101005f25b1b1a9a1889862a25092a1a9009f4c77ecf6d29a2d4d0f50e0238ae6c565150889b031fc08762c0737da336048c174e0bf02bf6a8784920fa658f38f8c961ee7c46eb73ad346fee63c8755f5c3b542f3cda7207de9c4b8b1750bfc137aba626a35a7f9d788ffcb950352078fe161dcfd18256ff0f033654a6d9c0099ec3545199505c43ca9664abf2cad50228b5d7be47b2ff3fa8a033617826205bf760acd541e462c7c6d951b331987d076cbaf896116da7da6e79826ce277f6af0a60dd09d15ffcf217378560684932825e61b3b3efc898d5631765dcf4dbb1d7bc4873990000040005800598148d988efa3443830535e4dc48a4340378e22ca352e8f6c6e4c9f6b8d2e3807f3ee3b0a68afe7c85f6cadd1d325759dea4f557ddf7e15d8e9d14b94b7f5172102bb0640d744ff9493843d97ea8bdd77b48f50fb2"], 0x374}, 0x1, 0x0, 0x0, 0x81}, 0x40040) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0) 3.923900602s ago: executing program 2 (id=572): mmap$auto(0x0, 0x20009, 0xdf, 0x18, 0x200000000000404, 0x0) sendmsg$auto_IOAM6_CMD_ADD_NAMESPACE(0xffffffffffffffff, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8040}, 0x24004054) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/unix\x00', 0x121040, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000040)=""/153, 0x99) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mlockall$auto(0x7) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) gettid() r1 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x7fff, 0x4}, 0x80000b}, 0x5, 0x20000000) r2 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sg0\x00', 0x141000, 0x0) bpf$auto(0x40, &(0x7f00000000c0)=@bpf_attr_0={0x0, 0x6, 0x8, 0x4, 0x800, 0xffffffffffffffff, 0x13, "f0f59673e700", 0x0, r2, 0xfffff588, 0x9, 0x2, 0x100000000000200}, 0x7f) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r2, 0x1, &(0x7f00000000c0)) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) write$auto_sg_fops_sg(r3, &(0x7f00000001c0)="bf5b1a8c24000000dbcbc7a996eea7f3804ca6c7591afff6578d2f5f520f687f316ba7327b581cd8d58309037c0ae2c71a", 0x31) ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(0xffffffffffffffff, 0x80085502, &(0x7f00000001c0)={0x10, 0x1000}) ioctl$auto(r1, 0xffff, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) 3.234179488s ago: executing program 1 (id=573): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, &(0x7f0000000000)="b19954b0f03772040252b0f74914332bda914abb959de8ceac7cf2419e2fe4f4c0139256ea6b0a0ede542032aec74e3587e245c5e6cc5e81575b8b68a7a1a85e1d25cd83") r1 = epoll_create$auto(0x4) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video48\x00', 0x18a041, 0x0) epoll_ctl$auto(r1, 0x1, r2, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001cc0), 0x101440, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000140)={{0x0, 0x2, 0x200800, 0x3, 0xfffffffb}, "0dd7fd004929347eeeccdf0732f77b1f6de0d6d51768a257a97ca5e9ca6310ea"}) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, 0x0) r4 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000001000)='/dev/sg0\x00', 0x294480, 0x0) mmap$auto(0x0, 0x2020006, 0x8004, 0xeb1, r4, 0x1007ffd) r5 = prctl$auto_PR_SET_MM_ARG_START(0x1ff, 0x8, 0x0, 0x4, 0xffffffffffffff94) ioctl$auto_BTRFS_IOC_RESIZE(r5, 0x50009403, &(0x7f0000000000)={@raw=0xfffffffffffffffc, "471e44d42a37f434d0405f36f8487962808fb1abb41aa21954d788c7c0313ad8e05d833e69339b817eeebdd89e74aedb43fd7a2e2379b8e9c8f141c73c6f57b10fb6f3d05d8fe13d6bdc818a8b6f66bda011bcb04cf1e118c0aceaa8805b684957990da484463b82cab002c2246def987ff7b5ce6b3d47bbbb7442f5bb3eb74ed4c3278924dcd9c489fd26bd5e83d4c961f9c9c124c7215c9bdf521a949add25f6ba2b672f37f0354902d0cfe708c906ee8327f4ae8fe77cf55034e6314ba1958c85e71cb1d1c2c27f7469c242f800adfd579f611337b633552db1780ee745595e5bf4dd700d91707bdd5d603c036525fe36eaced191ceec562d3fe05370005535917d4a391b7e97909ec4923d7e65098bf283e5af46387558fe1eb0f528ca34131af566aedb3d6a873d4619385789791dc9734f790bad76e240f26f1d70fe5c3b7badb5efa1782c0df5fefd912676b227c221973f4ab590e3a87816dd6777dfb12f9b7eab7122ffdbb6b01d852385289a5918990ef52f6079d8d01f87b506818ba3c0da715dac27f877998658aa309819c392d808ee49bd2d1380d428067b4e1339dce5f0bc2b98ba3551dd06479902e6616c365ea0a69d1224590f85b216f86b91b59aaf234e08dacd38d1f8811149d6b7fbbfb08f888b1d100d54fa549656c2c34403631198e1090538825524faf5a76031d38223bfc731cd0e9c8c6a056a277f0c6b65c7a09d7e2b10fc552107185081bf8dca76d76bed0bf53b05c0f937bb089630570d30871561a1ab9bf898755c7665e9046f32d8ce72f8a49f7e93d0e9257e61b2f1774a6a598310f3faa4103b9be53463327936b2ea607e26b062bdd06b964cce337f86d043df705e56c9f76f62db50994e8b77d6647e704ebffc65851e9881cda977ae4e36b06e9336904a7e06d2e45329477418393ed5f5af5b3f4e0d93f067ea2bb599ae9e0b448fc31b5fd0e929d7d2d4ec44a4ded2396f90f19cf405f17d9a22704d15e77d7d754a96f0215f20d7f6df097d1cc3f410afcfe50cfd40209b8953128844ce6cd8cf1ef74f8b8568ca856d33c15c20cc1c324af0b0d2c7610a725909c9019df5a45670f3ee4e74bbfa4d4495eeb3114247f7b6939e389d715f8c3956e056cd3834066df78e5b6aa9670e4185b4c6d9b092e151f6d15154d6f796e0adb62bd334a804a49207d3f350f380dece77aa3ad780f44fd9a1b8e61e50e2ca09d5767d9dfd8cb9eeaf5351459307a8d884eff4d499298adc1165c98a2cd6b912b41d7eb7c8d739192ef96e118d7a1f59ee41a6cedf9292ccc52cbbc186cb55556a1737d0fc6b61820170a4d33b1d7a0f5e11c57b73bb6f754bfb4e959af9d2b0a3f5c163f5be972b4ab48e14e6adfa9c491e356e3383f6d639b0fbd17e841ed78117a21b9e4047e9a89fd5490ee54780260918f672531e31302c717624f61d276913392714b63531511d092601b10f6c2e231122a7bb4fdc85a3e823df49561f6327840ac358408d4b9af74d00e7175767eeaac88dca5d30bbd35ecdbafff04b8bed492fd58dd7f8570225d6f9b75d117bc4c8609fad6fcb12133f5918931e5cf988a68ff8880ca05b6145b095274eb714cab2825ef7c375f64584a953c48ebd39259b90cd319fe752774fcef95eae8784adc11d355ca8223fad5b200304c48ab3725299c883a2cd68aa601ff3ff020840ca955d805f2832ee98bd7206baa34b523d8223d13cb2ded7264be7e32670a81421661023f2231d49e3355bbe5e5b49d2f98cc9a4c4cd75dd0b944efac5f93711bfec97cafa8096f73c8f3d333a9ae02fc4155d85366f7d021a554848f9e262cc47e57296a4a7d125570e86c024225d8115a18e97f2523ffde5c4c019be53d33b261b95b9933e4d8a8cba93d754f9a09b355a8398abc2acbb403b29522833b1a7acba65621f7e87cb1f632f4853c1271318b96db610a05d1a86ce39a65d290d0f0bcaee86af1cabd8f9d2a43cce7e2f0de203e689ccee52d061efebb8954a438412d52e711f287039a64d4664d90c64b358e26a22daeeaff633fe4ea1e2d33c34ed49d38e185d43854ec9b101bd08d77fbd6893e9394dd78640dd507aae92273b47121b4d5c18c444a1b078bd9c3825c593d92fe75d0c5217b8f5c3d5deb74a8a78c76b5b379093a198cc1b1a501a634e488fe8032c7d81079b0fcb5aae4af8f2f4408818f5abbb7850aff0421ba985588eabdb312ecff285b36cf533bbc06b7bb684d4128ec98bf0f9b642453895d4eade41bad5017de7ec60d5c9781ed420aab32ccdd6b6dcf3d92cb6602070509dc4e1d3ce1c9750d0a4d44565e057bfef4b243a612806ec250103a9ad83fc7c8d3494158e47c73c6745d047d38c5425e61db8ab90b1e6fca9252f2faaeba8e0d530cd42aabb48187f725e7c47fdc2ea87287bb8811791a500c2358c16e2c03fccc4db7d425b9bb9b8a5cbfe5fd850741da2313fc68aadaf441d0aea3115086ccb4dd6d7df4dec446b3b936faad76c24bdd287b00f8b90804b0072d8f8c89a686bbcdc1290eefd04f83e02b7c01a1c585b2ee4a50f472b5e6b19c40e1585fdfa9c35741812c4cad383e1c4389316b2c3bea7bf9ecfcd554b19d6bb0e2a538f049364087f2898e003a6978547b0083f6fa693d7760cb5569774237c9e080413ff03e4bf11b2044633df0d2f75ff5902d31ce4aa546a73c3687627b35b068903b54004ecb3d2547a45ea0ac5c4c36bd6d0b8b3502acf228515c7f300631e2786f4c11b783b443b7493b8e9615881d21f5a8781ea32a4ca39d0e39ed68ec59abeeafe9fe2e86f91b7eebf86916f32730ccd4fd78fc904f1774691b177703b2d577f8200a518c99378ff7fa50cf6a2c65f4bf0de230448fe755c7d1289d9d483e3d0d715b4f1d2e9793f767efec07ada9bd69c5806b0a0a84c418a4607b3b97d23f4d71897778f499503e4abf71588c4172535e44890656fdd8f1824923cf62f4fd8895181ee862cd9a762d1cb7ee4080bd98f0b2c73da602873a43f64a0620023a3beee23c0793832d79e103347f8b64e0cf1f8254829a7b001ac30bd20b71a02882caa9085859843b6ed2993a88ec14a6e31f788c0c5601e0635e3c10809fc01aabb96f50b00d0a06c0227c8c9dc3dfba69f74484612fa18676de4a0c178f223bc1f6955b94f3b1b0974b8e33c6f1d59ad3522da4311757eddf0c3303ff22ff09902e3ed1d11cb2dde8b62f84afc8f533d9c3aab35caaf8f2125afd4b6e24ba6357cbd20cec09117f5cfdb8fd0d7966e6bf853ce3609648e7a02ac0a15a33b19689b78d6480b3b6104e65645668c09f2409709585e013df9d920ee95292a9030e3730cbb27de51b349caab943c1362540daa1101907916ac25a8d5aac3477e7076966c1ebc62d86421b2a6f724ba7f587ed1a2943307a5979df1631e49cdf6b1eb426610370df47b34e37068503769dec130eb495f53dae35c8ca838befc1ec6ddd33977b159a563c59eba2b7110486ba73e920d02c0566815907ec6d1ceef3cff8a5e85fa4a582ef7759c5aa01b7bc63fa1c9bdbf2c12a491312713eac672d29ab222d5ac988cba69e8b587f4abc8ffa84d520ebc4096e0f4d28cc51772828414591576ef703e43470b8607568901a52eb667f0c598fa61fa93a56a546b96806c0bdb3c3dc8c0534e01931c3d89af0969402a41da3a8282f3b65ec68094e38874413c2121f1793d797f2de538ef8adc21c29610032654ae315b538568c0f7322c235f03d479f35523a3a796259ee2540dcf9d1cbf65ae1aef67b95ab0a1dd7330966919247d9da97c49e879a60de51ce6cf8af675a7ea83935875ad5f8086416812b1d9cf8b2d82462e57271cc608f756e9ffac521182190704025a8e7234eb29966152863af22e0725c4c6be881cfc2df7b0a7afa1fb5ada2733bd11ba1e04f2ea314f43576fc991bac5d0a2ac10e003923be29b0db693ef4da9be90f0ac73ba3f425e0e8de003e21c9a56a1546e282389a15b88ea89a6b02cab488049acbec5980c203f01b303d6b377e1d972c544b68fe51f4db2479e431131d30e6c79480b4c2d4852a568610e55afa8c30fe82125afec72ebd1819b622854e3c78396bf59dee364d1953d497d0ceb245dfe2e622b7ff1950c38086d58d0aebc3960b84bf085a5e628fac7b30045ad20e6b9941e0a39efc71b617676c96bdf12a4373ec88ff28ab2d5c75a344e3eecb2c0c1d594ec79144253e538522b1bd81a6e9b377e8dc207bc0f2a76a3cbaefb26150dcab2bdcc2b945a2cd2901f6a430d94b539073e9308e8b4a31c2f3d4b9084f47b99df35dd3490a31e3bcc553af383cdc172eeb33c09ec3c40707c31aa791bcfd95b54b14d4c441e64f5f59461e26c2491906db3820f9ba6e119801c4d864c63fc0fec5f8f56cb4c52a54535fec761a74b4460f6d86492b7da6cb087f999267ed76c21955e5bea88e9865c339a1bc61b4594fd7a3a25dce32a14c8a7e930aa6dc929c576c0cfa8fdcbf738dc22763f8ff37f9b6e07bb2e5ecd8c576febecec45e86a218b1bc78020ab7dba695e0c2db5ca42085f475b10b9959feff6f65017012e135f8b26038ed829758b90a2c45472b8f401b74c7de8bc463b5cf6d2b2feb951f0444e2adec621be44650b8508acc8f281fb4926e55012f7d54eda08e4e91b79d120d7c98a7d8f9f27af88b2f8ef057bbd01f1e7b7031cd0a182faac62104ad5b8c8d7b3e95cfebe5978803305078d03c585eb139fd37f1192fc1a5828a1f4418ebe656329bf3da13bf3a74f0a9807820102d791de9923bc1b37fffacf6a0db82c48f231bb00a06e6d5cfe31b72a162b4b2761d8bc697769ed6879cef0bc1b896eb7871b96aec76cd0c4f55231b0f41987ee5d82e10ea9b1cecdec540450b25537362a542609e0a56ccf69a1bffb59be31766eb8631a25880c8b101907cf3d9eeb68b74cb946e13a3001174ada179b98ed6d3e6e8bd4231672f2987bc72153a11b2080a8e18921c5b4932ca48eeb5f719ce0caf41107c1e87145aab8a6ee665c118b3439ee01b1886e9fb9b91a88205a426112617b6045e9d375ee7565b9b1da0faa7b05290ae95522cc9ed3c7d1ab8154468bdf6ff986746225277c5a1a1458b6835116a7faff52a2b2675e66bc562e49cc526d4bdd6359d0793f37d4ff13a06136df0b2281b85e887071f37e9c2b80a6df85fc1ef84010ea9e07774c86037280fd74ad1ddbce6c5f81ca5c3a154eacf6223997b73c8fe0eced127b9f95ad0306e77eb34d2e604ff604cbb3b5ac9bf7b52e0f8fe6dde44d55f3c802c73ed3c5e0c7d4c9a2ec04ace540262bdf2215d19c65a3dd299c71f602d7ea48f548e0c55d632d0d16889f1a4e4f150fbb5614d33d89273cd73f56ad1c237f1891d3d4c99227fb927431b23ea3dba3b6e55bb9a86571d29049a7965178649609d11cb734bacd8716f05389ba756318b3cad771a5dbc7f6f8eee65025b1189e50d180229cc6a3716aa590b7cbd96daa2f28220d955300a93766baf1d5a07dbb4b478135284e2095ddebda7c8a09592c3826d97bd1a2531d970f3f5259e1821dd404c871e3497e926f581cb69a896bd20c7ed98ac9f86b1013809ded61697adaf2fe2f56dc6b5c856356f4decbd4943d1d14a617ae05dd785c4d71ea7c86f6fe9a1dc365c73fa75fca8f864c52aa5324802cdd691eec419f91331a55f1155f0f16e8fbab83882381398bf00942bbf82a1cf8e96168b3bbe60e1bc03a6ee83aa31a5f6dac4c0967dd4e"}) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/ext4/sda1/es_shrinker_info\x00', 0x8880, 0x0) close_range$auto(0x2, 0x8, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r6 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0xbf) futex$auto(0x0, 0x6, 0x47, 0x0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000001040)={'veth1_to_bridge\x00'}) setsockopt$auto(0x3, 0x0, 0x12, 0x0, 0x28) read$auto(0x3, 0x0, 0x80) connect$auto(0x3, &(0x7f0000001080)=@isdn={0x22, 0x34, 0x5, 0x2, 0x5}, 0x1ff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.785408901s ago: executing program 1 (id=574): r0 = openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000640), 0x401, 0x0) write$auto(r0, 0x0, 0xff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x1f, 0x2, 0x200000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x0, 0x0, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) socketpair$auto(0x20004, 0x1, 0x1, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) userfaultfd$auto(0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x2, 0x801, 0x106) socketpair$auto(0x1, 0x1, 0x1, 0x0) socket(0xa, 0x2, 0x3a) io_uring_setup$auto(0x6, 0x0) r4 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r4, @new_prog_fd=r3, 0x4, @old_prog_fd=r4}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) 2.764949878s ago: executing program 4 (id=582): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) r0 = socket(0x6, 0x80000, 0x800) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x800, &(0x7f0000000500)={[0x7, 0x80000001, 0x8, 0x7, 0x2, 0x4, 0x155, 0x8, 0x6, 0x5, 0x7, 0x5, 0x9ad, 0x3, 0x8, 0x6]}, &(0x7f0000000580)={[0x3, 0x3ff, 0x101, 0x5, 0x8, 0x40, 0xb7, 0x6e6, 0x9, 0x3ff, 0x1ff, 0x4, 0x4, 0x7, 0x3, 0x7]}, &(0x7f0000000600)={[0x6, 0x0, 0x0, 0x4, 0x282, 0xb1, 0x8, 0x8, 0xfffffffffffffff9, 0x9, 0xfffffffffffffffc, 0x3, 0x3, 0x9f5, 0x0, 0x111]}, &(0x7f0000000340)={0x10000, 0x4}) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x3, 0x948b, 0x3, 0x7f, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xd, 0x2, 0x6]}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/nfc/nfc1/rfkill1/soft\x00', 0xa3182, 0x0) sendfile$auto(r3, r3, 0x0, 0xffffffff) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x0, 0x0) read$auto_tomoyo_operations_securityfs_if(r4, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x1d, 0x2, 0x7) sendto$auto(r5, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can={0x1d, 0x0, 0x3f}, 0x36) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="d47b1cab1fd31e0d040047f1", @ANYRES16=r1, @ANYBLOB="000426bd7000fddbdf25060000000c001100657468746f6f6c000800060002000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x440440d4) r6 = socket(0x10, 0x3, 0x6) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f00200", @ANYRES16=r7, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) 2.740940684s ago: executing program 2 (id=575): socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0xfff, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_proc_pid_set_comm_operations_base(0xffffffffffffff9c, 0x0, 0x10500, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x0) io_uring_setup$auto(0x2, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "abe6de3d6468fe8000"}, 0x1b) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x3, 0xff) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) r2 = fsopen$auto(0x0, 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mlockall$auto(0x7) write$auto_sg_fops_sg(r2, 0x0, 0x0) 2.076506813s ago: executing program 1 (id=576): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x6a) connect$auto(0x3, 0x0, 0x54) socket(0xa, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xa02, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="770e0000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf250300000008000600020000000c0014"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) ioctl$auto(r1, 0xab07, r1) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) semctl$auto(0x8, 0x806, 0x13, 0x46) getsockopt$auto(r0, 0xff, 0x90, 0x0, &(0x7f0000000140)=0x3) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xf, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x8000000003, 0x62, 0x8000001f, 0x40007, 0x4, 0x9, 0x2, 0x8]}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) getsockopt$auto_SO_BROADCAST(0xffffffffffffffff, 0xf7f, 0x6, 0x0, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/net/rose12/queues/rx-0/rps_cpus\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)='\t', 0x1) connect$auto(0x3, &(0x7f00000000c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 2.069506194s ago: executing program 5 (id=577): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92\x90|l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00'/507, 0x1098c7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc7f16bff2a10ba01, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, 0x0, 0xa0042, 0x0) write$auto(0x3, 0x0, 0xfffffdef) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x400, 0x7fff, 0x0, 0x10000, 0x100000000000007) madvise$auto(0x0, 0xffffffffffff0005, 0x19) setsockopt$auto_SO_RESERVE_MEM(r1, 0x200, 0x49, 0x0, 0x5) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xcc03, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x309242, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000e3, 0x10000040eb2, 0x402, 0x300000000000) pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x1f5) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r2, 0x5425, 0x0) io_uring_setup$auto(0x7, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) 1.601212532s ago: executing program 4 (id=578): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00'}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4000023}, 0x4008098) 993.267224ms ago: executing program 1 (id=579): r0 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x10000002020009, 0x3, 0xeb1, r0, 0x6) capset$auto(0x0, &(0x7f0000000080)={0x5, 0xffff3155, 0x3}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) ioctl$auto_BINDER_WRITE_READ(r1, 0xc0306201, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x280303, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x1}, 0x8) connect$auto(0x4, 0x0, 0x10) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x602, 0x1) r3 = open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98) fanotify_mark$auto(0x400000000000, 0x105, 0xf2b, r3, 0x0) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) fanotify_mark$auto(r2, 0x9, 0xa, r3, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0) mkdir$auto(0x0, 0x8001) mount$auto(0x0, 0x0, &(0x7f0000000140)='nfsd\x00', 0xf, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) mount$auto(0x0, 0x0, 0x0, 0x339, 0x0) socket(0x6, 0x1, 0x106) pipe$auto(0x0) flock$auto(0xffffffffffffffff, 0x9) 992.293041ms ago: executing program 4 (id=588): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) r0 = socket(0x6, 0x80000, 0x800) getsockopt$auto_SO_RCVPRIORITY(r0, 0x2, 0x52, 0x0, &(0x7f0000000240)=0x7) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) r1 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x800, &(0x7f0000000500)={[0x7, 0x80000001, 0x8, 0x7, 0x2, 0x4, 0x155, 0x8, 0x6, 0x5, 0x7, 0x5, 0x9ad, 0x3, 0x8, 0x6]}, &(0x7f0000000580)={[0x3, 0x3ff, 0x101, 0x5, 0x8, 0x40, 0xb7, 0x6e6, 0x9, 0x3ff, 0x1ff, 0x4, 0x4, 0x7, 0x3, 0x7]}, &(0x7f0000000600)={[0x6, 0x0, 0x0, 0x4, 0x282, 0xb1, 0x8, 0x8, 0xfffffffffffffff9, 0x9, 0xfffffffffffffffc, 0x3, 0x3, 0x9f5, 0x0, 0x111]}, &(0x7f0000000340)={0x10000, 0x4}) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x3, 0x948b, 0x3, 0x7f, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xd, 0x2, 0x6]}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/devices/virtual/nfc/nfc1/rfkill1/soft\x00', 0xa3182, 0x0) sendfile$auto(r3, r3, 0x0, 0xffffffff) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x0, 0x0) read$auto_tomoyo_operations_securityfs_if(r4, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x1d, 0x2, 0x7) sendto$auto(r5, 0x0, 0x6fffff9, 0xfffffff8, &(0x7f0000000440)=@can={0x1d, 0x0, 0x3f}, 0x36) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="d47b1cab1fd31e0d040047f1", @ANYRES16=r1, @ANYBLOB="000426bd7000fddbdf25060000000c001100657468746f6f6c000800060002000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x440440d4) r6 = socket(0x10, 0x3, 0x6) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f00200", @ANYRES16=r7, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32"], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) 569.659446ms ago: executing program 5 (id=580): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x100, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket(0x27, 0x80000, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) r1 = getpid() mremap$auto(0x0, 0x4000007, 0x3fd7, 0x0, 0x20000020000000) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) socket(0xa, 0x3, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0xfff, 0x8000000000df, 0x9b72, 0x400, 0x28000) r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x183941, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x100082) read$auto_l2cap_debugfs_fops_(r2, &(0x7f0000000240)=""/177, 0xb1) timer_create$auto(0x8, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x7fff, 0x30d}, {0x5, 0x4}}, 0x0) rt_sigaction$auto(0xe, &(0x7f0000000580)={&(0x7f00000004c0)=0x0, 0x100000001, 0x0, {0x7}}, 0x0, 0x8) io_uring_setup$auto(0x6, 0x0) clock_gettime$auto(0x3, &(0x7f0000000100)={0x9, 0x10002}) 0s ago: executing program 4 (id=581): openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000540), 0xa0100, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x81, 0x1, 0x44f, 0x807, 0x5, 0x7181, 0x1ffde, 0x7, 0x3, 0x8, 0x9, 0x80003, 0x4, 0x200000000001, 0x384, 0x9, 0x8, 0x10006, 0x400007f, 0x7, 0x0, 0xe, 0x22000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xd]}, 0x1fa, 0xd) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000040)="de91b83a075c", 0x6) setitimer$auto(0x2, &(0x7f0000000080)={{0x2, 0x5}, {0x0, 0x8}}, 0x0) setitimer$auto(0x2, &(0x7f0000000000)={{0x8000, 0x6}, {0xa4b, 0x6}}, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000000c0), 0x2802, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x28102, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/cards\x00', 0x2, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000000c0)=""/163, 0xa3) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, 0xfffefffffffffffa, 0x8000) fcntl$auto(0xffffffffffffffff, 0x409, 0x40003f) io_uring_setup$auto(0x8000, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x5aa, 0x0, 0x2e, 0x0, 0x7, 0x1083}, 0x5}, 0x2, 0x100) unshare$auto(0x40000080) r1 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, 0x0, 0x202, 0x0) getsockopt$auto_SO_ERROR(r1, 0x7ff, 0x4, &(0x7f0000000140)=':>()\x00', &(0x7f0000000180)=0xa7d) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/workqueue/cpumask\x00', 0x2, 0x0) write$auto(r4, &(0x7f0000000180)='1\x00\\\xa0\x04|\x9d$\xdcM)\xb9\xdd\xd6', 0x5) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.18' (ED25519) to the list of known hosts. [ 90.113544][ T5818] cgroup: Unknown subsys name 'net' [ 90.258963][ T5818] cgroup: Unknown subsys name 'cpuset' [ 90.268176][ T5818] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 92.255290][ T5818] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 94.520770][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.555451][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 94.559758][ T5835] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.563382][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.577884][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.586235][ T5835] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.586527][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 94.600565][ T5835] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.601522][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.614956][ T5835] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.615936][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 94.633649][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.635571][ T5835] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.642131][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 94.656143][ T5835] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.664396][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 94.678660][ T5835] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 94.686547][ T5835] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 94.715969][ T5835] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 94.723937][ T5835] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 95.253323][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 95.313342][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 95.447049][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 95.495926][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 95.561559][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.568950][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.576811][ T5828] bridge_slave_0: entered allmulticast mode [ 95.583965][ T5828] bridge_slave_0: entered promiscuous mode [ 95.601448][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.609007][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.616708][ T5828] bridge_slave_1: entered allmulticast mode [ 95.623791][ T5828] bridge_slave_1: entered promiscuous mode [ 95.706746][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.713885][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.721196][ T5827] bridge_slave_0: entered allmulticast mode [ 95.728371][ T5827] bridge_slave_0: entered promiscuous mode [ 95.737324][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.744482][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.753044][ T5827] bridge_slave_1: entered allmulticast mode [ 95.761448][ T5827] bridge_slave_1: entered promiscuous mode [ 95.782883][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.828280][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.863733][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.907410][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.928799][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.936112][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.943237][ T5829] bridge_slave_0: entered allmulticast mode [ 95.951273][ T5829] bridge_slave_0: entered promiscuous mode [ 95.977142][ T5828] team0: Port device team_slave_0 added [ 95.994380][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.002808][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.010266][ T5829] bridge_slave_1: entered allmulticast mode [ 96.018262][ T5829] bridge_slave_1: entered promiscuous mode [ 96.055249][ T5828] team0: Port device team_slave_1 added [ 96.064129][ T5827] team0: Port device team_slave_0 added [ 96.083700][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.091611][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.100277][ T5830] bridge_slave_0: entered allmulticast mode [ 96.108010][ T5830] bridge_slave_0: entered promiscuous mode [ 96.130273][ T5827] team0: Port device team_slave_1 added [ 96.155789][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.165960][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.173116][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.180394][ T5830] bridge_slave_1: entered allmulticast mode [ 96.188708][ T5830] bridge_slave_1: entered promiscuous mode [ 96.229877][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.253738][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.260773][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.287023][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.299257][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.308601][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.335206][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.348430][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.355618][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.381957][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.419844][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.426975][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.453153][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.498131][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.511056][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.542037][ T5829] team0: Port device team_slave_0 added [ 96.553017][ T5829] team0: Port device team_slave_1 added [ 96.645983][ T5828] hsr_slave_0: entered promiscuous mode [ 96.652323][ T5828] hsr_slave_1: entered promiscuous mode [ 96.675681][ T5830] team0: Port device team_slave_0 added [ 96.686746][ T5827] hsr_slave_0: entered promiscuous mode [ 96.693021][ T5827] hsr_slave_1: entered promiscuous mode [ 96.698765][ T5832] Bluetooth: hci0: command tx timeout [ 96.698940][ T5832] Bluetooth: hci1: command tx timeout [ 96.711113][ T5827] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 96.718962][ T5827] Cannot create hsr debugfs directory [ 96.741793][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.748814][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.775038][ T5835] Bluetooth: hci3: command tx timeout [ 96.775155][ T5832] Bluetooth: hci2: command tx timeout [ 96.780754][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.799485][ T5830] team0: Port device team_slave_1 added [ 96.830528][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.837679][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.864200][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.926552][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.934090][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 96.960420][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.999212][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.008040][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 97.034517][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.099462][ T5829] hsr_slave_0: entered promiscuous mode [ 97.106449][ T5829] hsr_slave_1: entered promiscuous mode [ 97.112486][ T5829] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.120117][ T5829] Cannot create hsr debugfs directory [ 97.178386][ T10] cfg80211: failed to load regulatory.db [ 97.275749][ T5830] hsr_slave_0: entered promiscuous mode [ 97.282081][ T5830] hsr_slave_1: entered promiscuous mode [ 97.288789][ T5830] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 97.296620][ T5830] Cannot create hsr debugfs directory [ 97.583939][ T5828] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.599136][ T5828] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.643176][ T5828] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 97.662031][ T5828] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 97.719619][ T5827] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 97.752798][ T5827] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 97.768210][ T5827] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 97.780420][ T5827] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.869752][ T5829] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 97.889043][ T5829] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 97.900160][ T5829] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 97.941810][ T5829] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.059135][ T5830] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 98.073582][ T5830] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 98.101334][ T5830] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 98.118503][ T5830] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.132871][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.221769][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.251534][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.284255][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.291787][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.340182][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.347387][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.377314][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.411254][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.432047][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.439192][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.468042][ T3463] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.475276][ T3463] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.495844][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.530865][ T5828] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 98.558603][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.565769][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.588980][ T3463] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.596433][ T3463] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.709389][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.776282][ T5832] Bluetooth: hci1: command tx timeout [ 98.776291][ T5835] Bluetooth: hci0: command tx timeout [ 98.781727][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.824255][ T3422] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.831468][ T3422] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.855567][ T5832] Bluetooth: hci2: command tx timeout [ 98.861049][ T5832] Bluetooth: hci3: command tx timeout [ 98.941130][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.948412][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.290473][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.401784][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.441522][ T5828] veth0_vlan: entered promiscuous mode [ 99.491424][ T5828] veth1_vlan: entered promiscuous mode [ 99.505505][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.598166][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.652276][ T5827] veth0_vlan: entered promiscuous mode [ 99.666263][ T5828] veth0_macvtap: entered promiscuous mode [ 99.707410][ T5828] veth1_macvtap: entered promiscuous mode [ 99.714579][ T5827] veth1_vlan: entered promiscuous mode [ 99.757404][ T5829] veth0_vlan: entered promiscuous mode [ 99.778108][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.798748][ T5830] veth0_vlan: entered promiscuous mode [ 99.820490][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.835868][ T5828] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.846165][ T5828] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.856056][ T5828] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.865166][ T5828] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.883355][ T5830] veth1_vlan: entered promiscuous mode [ 99.892191][ T5829] veth1_vlan: entered promiscuous mode [ 99.990042][ T5827] veth0_macvtap: entered promiscuous mode [ 100.009012][ T5830] veth0_macvtap: entered promiscuous mode [ 100.038431][ T5830] veth1_macvtap: entered promiscuous mode [ 100.048455][ T5827] veth1_macvtap: entered promiscuous mode [ 100.079357][ T5829] veth0_macvtap: entered promiscuous mode [ 100.117741][ T398] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.120899][ T5829] veth1_macvtap: entered promiscuous mode [ 100.131850][ T398] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.157292][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.189461][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.212756][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.235862][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.259491][ T398] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.260378][ T5827] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.275022][ T398] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.276787][ T5827] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.292708][ T5827] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.301854][ T5827] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.314236][ T5830] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.323725][ T5830] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.332835][ T5830] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.341976][ T5830] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.358489][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.374463][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.437018][ T5829] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.442321][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 100.446854][ T5829] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.478296][ T5829] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.488219][ T5829] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.682920][ T3422] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.693662][ T3422] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.824155][ T398] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.840225][ T398] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.854993][ T5835] Bluetooth: hci0: command tx timeout [ 100.860639][ T5832] Bluetooth: hci1: command tx timeout [ 100.935032][ T5835] Bluetooth: hci2: command tx timeout [ 100.940588][ T5832] Bluetooth: hci3: command tx timeout [ 100.942097][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.956382][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.042433][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.052408][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.159043][ T3422] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.212055][ T3422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.288989][ T5926] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 101.297148][ T3422] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.340014][ T3422] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.326443][ T5933] ip_vti0: entered allmulticast mode [ 102.935889][ T5832] Bluetooth: hci1: command tx timeout [ 102.943041][ T5832] Bluetooth: hci0: command tx timeout [ 103.029032][ T5835] Bluetooth: hci2: command tx timeout [ 103.034547][ T5832] Bluetooth: hci3: command tx timeout [ 103.284871][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 103.475768][ T5938] kexec: Could not allocate control_code_buffer [ 103.532169][ T5953] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 103.555199][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 103.769332][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.825105][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.875053][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.035419][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.046405][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.375853][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 105.166445][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.575907][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 107.608585][ T6013] netlink: 330 bytes leftover after parsing attributes in process `syz.3.16'. [ 107.751635][ T6013] : renamed from hsr0 (while UP) [ 107.987652][ T6010] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 108.057566][ T6015] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 110.775360][ T6035] Invalid ELF header magic: != ELF [ 111.614641][ T6052] process 'syz.0.21' launched ':,' with NULL argv: empty string added [ 111.928124][ T6052] FAULT_INJECTION: forcing a failure. [ 111.928124][ T6052] name fail_futex, interval 1, probability 0, space 0, times 1 [ 112.010006][ T6052] CPU: 1 UID: 0 PID: 6052 Comm: syz.0.21 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 112.010048][ T6052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 112.010064][ T6052] Call Trace: [ 112.010074][ T6052] [ 112.010086][ T6052] dump_stack_lvl+0x16c/0x1f0 [ 112.010136][ T6052] should_fail_ex+0x512/0x640 [ 112.010184][ T6052] get_futex_key+0x1d0/0x1540 [ 112.010225][ T6052] ? __pfx_get_futex_key+0x10/0x10 [ 112.010260][ T6052] ? __page_table_check_zero+0x346/0x5d0 [ 112.010322][ T6052] futex_wait_setup+0x9d/0x550 [ 112.010388][ T6052] __futex_wait+0x194/0x2f0 [ 112.010433][ T6052] ? __pfx___futex_wait+0x10/0x10 [ 112.010482][ T6052] ? __pfx_futex_wake_mark+0x10/0x10 [ 112.010545][ T6052] futex_wait+0xe8/0x380 [ 112.010587][ T6052] ? __pfx_futex_wait+0x10/0x10 [ 112.010638][ T6052] ? fd_install+0x225/0x750 [ 112.010672][ T6052] ? putname+0x154/0x1a0 [ 112.010705][ T6052] do_futex+0x229/0x350 [ 112.010748][ T6052] ? __pfx_do_futex+0x10/0x10 [ 112.010782][ T6052] ? rcu_read_unlock+0x17/0x60 [ 112.010809][ T6052] ? __pfx_aa_get_newest_label+0x10/0x10 [ 112.010849][ T6052] __x64_sys_futex+0x1e0/0x4c0 [ 112.010893][ T6052] ? __pfx___x64_sys_futex+0x10/0x10 [ 112.010948][ T6052] do_syscall_64+0xcd/0x490 [ 112.010994][ T6052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.011024][ T6052] RIP: 0033:0x7f51e3d8e929 [ 112.011049][ T6052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.011076][ T6052] RSP: 002b:00007f51e4be90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 112.011103][ T6052] RAX: ffffffffffffffda RBX: 00007f51e3fb5fa8 RCX: 00007f51e3d8e929 [ 112.011123][ T6052] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f51e3fb5fa8 [ 112.011140][ T6052] RBP: 00007f51e3fb5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 112.011157][ T6052] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f51e3fb5fac [ 112.011173][ T6052] R13: 0000000000000000 R14: 00007ffef042dc00 R15: 00007ffef042dce8 [ 112.011210][ T6052] [ 114.131441][ T6055] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 114.214590][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 114.815284][ T6055] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 114.925995][ T6055] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 115.014908][ T6055] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 115.051123][ T6055] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 115.171629][ T6055] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 115.212751][ T6055] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 115.218803][ T6055] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 115.348772][ T6055] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 115.408252][ T6055] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 115.428843][ T6055] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 115.504367][ T6055] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 116.232717][ T6089] FAULT_INJECTION: forcing a failure. [ 116.232717][ T6089] name failslab, interval 1, probability 0, space 0, times 1 [ 116.281642][ T6089] CPU: 1 UID: 0 PID: 6089 Comm: syz.1.28 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 116.281685][ T6089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 116.281700][ T6089] Call Trace: [ 116.281710][ T6089] [ 116.281732][ T6089] dump_stack_lvl+0x16c/0x1f0 [ 116.281785][ T6089] should_fail_ex+0x512/0x640 [ 116.281826][ T6089] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 116.281872][ T6089] should_failslab+0xc2/0x120 [ 116.281899][ T6089] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 116.281938][ T6089] ? __proc_create+0xc3/0x8c0 [ 116.281981][ T6089] ? __proc_create+0x2ce/0x8c0 [ 116.282026][ T6089] __proc_create+0x2ce/0x8c0 [ 116.282068][ T6089] ? __pfx___proc_create+0x10/0x10 [ 116.282106][ T6089] ? copy_net_ns+0x2a6/0x5f0 [ 116.282136][ T6089] ? unshare_nsproxy_namespaces+0xc0/0x1f0 [ 116.282163][ T6089] ? ksys_unshare+0x45b/0xa40 [ 116.282196][ T6089] ? __x64_sys_unshare+0x31/0x40 [ 116.282245][ T6089] proc_create_reg+0x7d/0x180 [ 116.282275][ T6089] proc_create_net_data+0x8e/0x1b0 [ 116.282317][ T6089] ? __pfx_proc_create_net_data+0x10/0x10 [ 116.282374][ T6089] xt_proto_init+0x24e/0xc10 [ 116.282413][ T6089] ? __pfx_xt_proto_init+0x10/0x10 [ 116.282447][ T6089] ? kasan_save_track+0x14/0x30 [ 116.282483][ T6089] ? __kasan_kmalloc+0xaa/0xb0 [ 116.282525][ T6089] ? __pfx_ip_tables_net_init+0x10/0x10 [ 116.282561][ T6089] ops_init+0x1df/0x5f0 [ 116.282590][ T6089] setup_net+0x1ff/0x510 [ 116.282613][ T6089] ? lockdep_init_map_type+0x5c/0x280 [ 116.282660][ T6089] ? __pfx_setup_net+0x10/0x10 [ 116.282692][ T6089] ? debug_mutex_init+0x37/0x70 [ 116.282726][ T6089] copy_net_ns+0x2a6/0x5f0 [ 116.282762][ T6089] create_new_namespaces+0x3ea/0xa90 [ 116.282803][ T6089] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 116.282838][ T6089] ksys_unshare+0x45b/0xa40 [ 116.282877][ T6089] ? __pfx_ksys_unshare+0x10/0x10 [ 116.282919][ T6089] ? syscall_user_dispatch+0x78/0x140 [ 116.282976][ T6089] __x64_sys_unshare+0x31/0x40 [ 116.283014][ T6089] do_syscall_64+0xcd/0x490 [ 116.283063][ T6089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.283094][ T6089] RIP: 0033:0x7f724418e929 [ 116.283119][ T6089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.283147][ T6089] RSP: 002b:00007f72450db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 116.283176][ T6089] RAX: ffffffffffffffda RBX: 00007f72443b5fa0 RCX: 00007f724418e929 [ 116.283195][ T6089] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 116.283211][ T6089] RBP: 00007f7244210b39 R08: 0000000000000000 R09: 0000000000000000 [ 116.283228][ T6089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 116.283245][ T6089] R13: 0000000000000000 R14: 00007f72443b5fa0 R15: 00007ffcf98b5758 [ 116.283285][ T6089] [ 116.299611][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 117.127731][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 117.250232][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 117.409726][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 118.699014][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 119.168958][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 119.329216][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 119.488904][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 120.450611][ T6127] nbd: socks must be embedded in a SOCK_ITEM attr [ 120.458506][ T6127] block nbd0: shutting down sockets [ 121.249519][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 121.409217][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 121.578968][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 122.127518][ T6124] mmap: syz.3.33 (6124) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 123.519115][ T6169] capability: warning: `syz.2.40' uses 32-bit capabilities (legacy support in use) [ 123.597070][ T6168] netlink: 12 bytes leftover after parsing attributes in process `syz.2.40'. [ 123.703931][ T6169] HfR: entered promiscuous mode [ 123.833408][ T6168] openvswitch: HfR: Dropping previously announced user features [ 124.140567][ T6168] device-mapper: ioctl: Unable to rename non-existent device,  to [ 124.993020][ T6181] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 126.829922][ T6197] vivid-003: ================= START STATUS ================= [ 127.009985][ T6197] vivid-003: Radio HW Seek Mode: Bounded [ 127.219687][ T6197] vivid-003: Radio Programmable HW Seek: false [ 127.225961][ T6197] vivid-003: RDS Rx I/O Mode: Block I/O [ 127.342581][ T6197] vivid-003: Generate RBDS Instead of RDS: false [ 127.491727][ T6197] vivid-003: RDS Reception: true [ 127.496823][ T6197] vivid-003: RDS Program Type: 0 inactive [ 127.707098][ T6197] vivid-003: RDS PS Name: inactive [ 127.758625][ T6197] vivid-003: RDS Radio Text: inactive [ 127.913669][ T6197] vivid-003: RDS Traffic Announcement: false inactive [ 127.963542][ T6211] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 128.150027][ T6197] vivid-003: RDS Traffic Program: false inactive [ 128.156441][ T6197] vivid-003: RDS Music: false inactive [ 128.189880][ T6197] vivid-003: ================== END STATUS ================== [ 138.137152][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.148853][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.512781][ T6338] FAULT_INJECTION: forcing a failure. [ 140.512781][ T6338] name failslab, interval 1, probability 0, space 0, times 0 [ 140.535385][ T6338] CPU: 1 UID: 0 PID: 6338 Comm: syz.1.61 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 140.535432][ T6338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 140.535450][ T6338] Call Trace: [ 140.535459][ T6338] [ 140.535469][ T6338] dump_stack_lvl+0x16c/0x1f0 [ 140.535518][ T6338] should_fail_ex+0x512/0x640 [ 140.535554][ T6338] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 140.535596][ T6338] should_failslab+0xc2/0x120 [ 140.535622][ T6338] __kmalloc_cache_node_noprof+0x6d/0x420 [ 140.535660][ T6338] ? __pfx_idr_alloc_u32+0x10/0x10 [ 140.535700][ T6338] ? create_worker+0x10f/0x7e0 [ 140.535743][ T6338] create_worker+0x10f/0x7e0 [ 140.535783][ T6338] ? __pfx_create_worker+0x10/0x10 [ 140.535821][ T6338] ? idr_alloc+0xdd/0x130 [ 140.535859][ T6338] ? __pfx_idr_alloc+0x10/0x10 [ 140.535915][ T6338] alloc_unbound_pwq+0xb94/0xe10 [ 140.535951][ T6338] ? kasan_save_track+0x14/0x30 [ 140.535998][ T6338] apply_wqattrs_prepare+0x3af/0xbd0 [ 140.536047][ T6338] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 140.536085][ T6338] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 140.536118][ T6338] ? bitmap_parse+0x327/0x410 [ 140.536158][ T6338] cpumask_store+0x1ad/0x220 [ 140.536200][ T6338] ? __pfx_cpumask_store+0x10/0x10 [ 140.536232][ T6338] ? find_held_lock+0x2b/0x80 [ 140.536264][ T6338] ? sysfs_file_kobj+0xe4/0x290 [ 140.536303][ T6338] ? __pfx_cpumask_store+0x10/0x10 [ 140.536329][ T6338] dev_attr_store+0x58/0x80 [ 140.536356][ T6338] ? __pfx_dev_attr_store+0x10/0x10 [ 140.536380][ T6338] sysfs_kf_write+0xef/0x150 [ 140.536418][ T6338] kernfs_fop_write_iter+0x354/0x510 [ 140.536455][ T6338] ? __pfx_sysfs_kf_write+0x10/0x10 [ 140.536493][ T6338] vfs_write+0x6c7/0x1150 [ 140.536535][ T6338] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 140.536567][ T6338] ? __pfx___mutex_lock+0x10/0x10 [ 140.536610][ T6338] ? __pfx_vfs_write+0x10/0x10 [ 140.536681][ T6338] ksys_write+0x12a/0x250 [ 140.536720][ T6338] ? __pfx_ksys_write+0x10/0x10 [ 140.536774][ T6338] do_syscall_64+0xcd/0x490 [ 140.536821][ T6338] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.536846][ T6338] RIP: 0033:0x7f724418e929 [ 140.536867][ T6338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.536892][ T6338] RSP: 002b:00007f72450ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 140.536918][ T6338] RAX: ffffffffffffffda RBX: 00007f72443b6080 RCX: 00007f724418e929 [ 140.536936][ T6338] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 140.536952][ T6338] RBP: 00007f7244210b39 R08: 0000000000000000 R09: 0000000000000000 [ 140.536967][ T6338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 140.536983][ T6338] R13: 0000000000000000 R14: 00007f72443b6080 R15: 00007ffcf98b5758 [ 140.537021][ T6338] [ 140.537032][ T6338] workqueue: Failed to allocate a worker [ 141.072071][ T6352] ptrace attach of "./syz-executor exec"[5829] was attempted by ""[6352] [ 145.255153][ T6378] FAULT_INJECTION: forcing a failure. [ 145.255153][ T6378] name failslab, interval 1, probability 0, space 0, times 0 [ 145.407894][ T6378] CPU: 1 UID: 0 PID: 6378 Comm: syz.3.68 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 145.407936][ T6378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 145.407953][ T6378] Call Trace: [ 145.407964][ T6378] [ 145.407975][ T6378] dump_stack_lvl+0x16c/0x1f0 [ 145.408024][ T6378] should_fail_ex+0x512/0x640 [ 145.408068][ T6378] should_failslab+0xc2/0x120 [ 145.408098][ T6378] __kmalloc_cache_noprof+0x6a/0x3e0 [ 145.408136][ T6378] ? __hw_addr_add_ex+0x3c9/0x7c0 [ 145.408175][ T6378] __hw_addr_add_ex+0x3c9/0x7c0 [ 145.408212][ T6378] ? __pfx___hw_addr_add_ex+0x10/0x10 [ 145.408242][ T6378] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 145.408294][ T6378] ? __pfx_sl_setup+0x10/0x10 [ 145.408323][ T6378] dev_addr_init+0x161/0x250 [ 145.408370][ T6378] ? __pfx_dev_addr_init+0x10/0x10 [ 145.408415][ T6378] alloc_netdev_mqs+0x3d2/0x1570 [ 145.408458][ T6378] slip_open+0x35c/0x1150 [ 145.408489][ T6378] ? __pfx___might_resched+0x10/0x10 [ 145.408516][ T6378] ? __pfx_n_tty_close+0x10/0x10 [ 145.408546][ T6378] ? find_held_lock+0x2b/0x80 [ 145.408570][ T6378] ? __pfx_slip_open+0x10/0x10 [ 145.408600][ T6378] ? down_write+0x14d/0x200 [ 145.408626][ T6378] ? __pfx_slip_open+0x10/0x10 [ 145.408657][ T6378] tty_ldisc_open+0x9c/0x120 [ 145.408692][ T6378] tty_set_ldisc+0x32b/0x780 [ 145.408741][ T6378] tty_ioctl+0xc2e/0x1640 [ 145.408778][ T6378] ? __pfx_tty_ioctl+0x10/0x10 [ 145.408829][ T6378] ? find_held_lock+0x2b/0x80 [ 145.408854][ T6378] ? hook_file_ioctl_common+0x145/0x410 [ 145.408892][ T6378] ? __fget_files+0x20e/0x3c0 [ 145.408934][ T6378] ? __pfx_tty_ioctl+0x10/0x10 [ 145.408976][ T6378] __x64_sys_ioctl+0x18e/0x210 [ 145.409010][ T6378] do_syscall_64+0xcd/0x490 [ 145.409050][ T6378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.409077][ T6378] RIP: 0033:0x7f7b6458e929 [ 145.409100][ T6378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.409125][ T6378] RSP: 002b:00007f7b6539b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 145.409152][ T6378] RAX: ffffffffffffffda RBX: 00007f7b647b5fa0 RCX: 00007f7b6458e929 [ 145.409170][ T6378] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000009 [ 145.409185][ T6378] RBP: 00007f7b64610b39 R08: 0000000000000000 R09: 0000000000000000 [ 145.409202][ T6378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 145.409218][ T6378] R13: 0000000000000000 R14: 00007f7b647b5fa0 R15: 00007ffffed82ed8 [ 145.409257][ T6378] [ 146.204878][ T6393] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 148.882431][ T6411] can: request_module (can-proto-0) failed. [ 150.410250][ T6426] FAULT_INJECTION: forcing a failure. [ 150.410250][ T6426] name failslab, interval 1, probability 0, space 0, times 0 [ 150.455330][ T6426] CPU: 1 UID: 0 PID: 6426 Comm: syz.1.74 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 150.455383][ T6426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 150.455401][ T6426] Call Trace: [ 150.455411][ T6426] [ 150.455424][ T6426] dump_stack_lvl+0x16c/0x1f0 [ 150.455476][ T6426] should_fail_ex+0x512/0x640 [ 150.455519][ T6426] ? __kmalloc_noprof+0xbf/0x510 [ 150.455565][ T6426] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 150.455595][ T6426] should_failslab+0xc2/0x120 [ 150.455622][ T6426] __kmalloc_noprof+0xd2/0x510 [ 150.455676][ T6426] apply_wqattrs_prepare+0xf8/0xbd0 [ 150.455724][ T6426] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 150.455761][ T6426] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 150.455792][ T6426] ? bitmap_parse+0x327/0x410 [ 150.455833][ T6426] cpumask_store+0x1ad/0x220 [ 150.455863][ T6426] ? __pfx_cpumask_store+0x10/0x10 [ 150.455894][ T6426] ? find_held_lock+0x2b/0x80 [ 150.455925][ T6426] ? sysfs_file_kobj+0xe4/0x290 [ 150.455964][ T6426] ? __pfx_cpumask_store+0x10/0x10 [ 150.455992][ T6426] dev_attr_store+0x58/0x80 [ 150.456021][ T6426] ? __pfx_dev_attr_store+0x10/0x10 [ 150.456048][ T6426] sysfs_kf_write+0xef/0x150 [ 150.456087][ T6426] kernfs_fop_write_iter+0x354/0x510 [ 150.456114][ T6426] ? __pfx_sysfs_kf_write+0x10/0x10 [ 150.456155][ T6426] vfs_write+0x6c7/0x1150 [ 150.456207][ T6426] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 150.456241][ T6426] ? __pfx___mutex_lock+0x10/0x10 [ 150.456305][ T6426] ? __pfx_vfs_write+0x10/0x10 [ 150.456398][ T6426] ksys_write+0x12a/0x250 [ 150.456439][ T6426] ? __pfx_ksys_write+0x10/0x10 [ 150.456524][ T6426] do_syscall_64+0xcd/0x490 [ 150.456581][ T6426] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.456619][ T6426] RIP: 0033:0x7f724418e929 [ 150.456644][ T6426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.456686][ T6426] RSP: 002b:00007f72450ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 150.456715][ T6426] RAX: ffffffffffffffda RBX: 00007f72443b6080 RCX: 00007f724418e929 [ 150.456742][ T6426] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 150.456759][ T6426] RBP: 00007f7244210b39 R08: 0000000000000000 R09: 0000000000000000 [ 150.456776][ T6426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.456793][ T6426] R13: 0000000000000000 R14: 00007f72443b6080 R15: 00007ffcf98b5758 [ 150.456834][ T6426] [ 151.401992][ T6433] netlink: 504 bytes leftover after parsing attributes in process `syz.0.73'. [ 153.399858][ T6446] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 153.438838][ T6446] CIFS mount error: No usable UNC path provided in device string! [ 153.438838][ T6446] [ 153.479755][ T6446] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 154.729578][ T6475] netlink: 504 bytes leftover after parsing attributes in process `syz.2.88'. [ 155.855198][ T6488] netlink: 504 bytes leftover after parsing attributes in process `syz.2.81'. [ 156.871136][ T6508] Zero length message leads to an empty skb [ 156.982283][ T6508] hub 8-0:1.0: USB hub found [ 157.196130][ T6508] hub 8-0:1.0: 1 port detected [ 157.681150][ T6532] netlink: 504 bytes leftover after parsing attributes in process `syz.0.85'. [ 158.075256][ T6543] FAULT_INJECTION: forcing a failure. [ 158.075256][ T6543] name failslab, interval 1, probability 0, space 0, times 0 [ 158.099448][ T6543] CPU: 1 UID: 0 PID: 6543 Comm: syz.2.86 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 158.099491][ T6543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 158.099509][ T6543] Call Trace: [ 158.099518][ T6543] [ 158.099530][ T6543] dump_stack_lvl+0x16c/0x1f0 [ 158.099569][ T6543] should_fail_ex+0x512/0x640 [ 158.099593][ T6543] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 158.099621][ T6543] should_failslab+0xc2/0x120 [ 158.099637][ T6543] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 158.099661][ T6543] ? alloc_unbound_pwq+0x3ff/0xe10 [ 158.099682][ T6543] alloc_unbound_pwq+0x3ff/0xe10 [ 158.099707][ T6543] apply_wqattrs_prepare+0x3af/0xbd0 [ 158.099733][ T6543] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 158.099753][ T6543] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 158.099771][ T6543] ? bitmap_parse+0x327/0x410 [ 158.099792][ T6543] cpumask_store+0x1ad/0x220 [ 158.099809][ T6543] ? __pfx_cpumask_store+0x10/0x10 [ 158.099825][ T6543] ? find_held_lock+0x2b/0x80 [ 158.099843][ T6543] ? sysfs_file_kobj+0xe4/0x290 [ 158.099864][ T6543] ? __pfx_cpumask_store+0x10/0x10 [ 158.099879][ T6543] dev_attr_store+0x58/0x80 [ 158.099894][ T6543] ? __pfx_dev_attr_store+0x10/0x10 [ 158.099909][ T6543] sysfs_kf_write+0xef/0x150 [ 158.099942][ T6543] kernfs_fop_write_iter+0x354/0x510 [ 158.099959][ T6543] ? __pfx_sysfs_kf_write+0x10/0x10 [ 158.099982][ T6543] vfs_write+0x6c7/0x1150 [ 158.100005][ T6543] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 158.100025][ T6543] ? __pfx___mutex_lock+0x10/0x10 [ 158.100058][ T6543] ? __pfx_vfs_write+0x10/0x10 [ 158.100096][ T6543] ksys_write+0x12a/0x250 [ 158.100119][ T6543] ? __pfx_ksys_write+0x10/0x10 [ 158.100148][ T6543] do_syscall_64+0xcd/0x490 [ 158.100175][ T6543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.100192][ T6543] RIP: 0033:0x7fc3d178e929 [ 158.100206][ T6543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 158.100222][ T6543] RSP: 002b:00007fc3cf5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 158.100239][ T6543] RAX: ffffffffffffffda RBX: 00007fc3d19b6080 RCX: 00007fc3d178e929 [ 158.100249][ T6543] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 158.100264][ T6543] RBP: 00007fc3d1810b39 R08: 0000000000000000 R09: 0000000000000000 [ 158.100273][ T6543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.100282][ T6543] R13: 0000000000000000 R14: 00007fc3d19b6080 R15: 00007fffadba63e8 [ 158.100308][ T6543] [ 159.219804][ T6553] netlink: 504 bytes leftover after parsing attributes in process `syz.1.90'. [ 160.273069][ T6563] CIFS mount error: No usable UNC path provided in device string! [ 160.273069][ T6563] [ 160.283932][ T6563] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 163.728860][ T6578] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 163.735001][ T6578] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 163.809873][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 163.839987][ T6578] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 163.846034][ T6578] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 165.554878][ T6617] netlink: 504 bytes leftover after parsing attributes in process `syz.1.99'. [ 165.809910][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout [ 165.888958][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout [ 165.903073][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 166.090355][ T6630] FAULT_INJECTION: forcing a failure. [ 166.090355][ T6630] name failslab, interval 1, probability 0, space 0, times 0 [ 166.117374][ T6630] CPU: 1 UID: 0 PID: 6630 Comm: syz.0.100 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 166.117419][ T6630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 166.117435][ T6630] Call Trace: [ 166.117445][ T6630] [ 166.117455][ T6630] dump_stack_lvl+0x16c/0x1f0 [ 166.117505][ T6630] should_fail_ex+0x512/0x640 [ 166.117546][ T6630] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 166.117593][ T6630] should_failslab+0xc2/0x120 [ 166.117619][ T6630] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 166.117661][ T6630] ? alloc_unbound_pwq+0x3ff/0xe10 [ 166.117697][ T6630] alloc_unbound_pwq+0x3ff/0xe10 [ 166.117739][ T6630] apply_wqattrs_prepare+0x3af/0xbd0 [ 166.117786][ T6630] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 166.117821][ T6630] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 166.117852][ T6630] ? bitmap_parse+0x327/0x410 [ 166.117891][ T6630] cpumask_store+0x1ad/0x220 [ 166.117919][ T6630] ? __pfx_cpumask_store+0x10/0x10 [ 166.117947][ T6630] ? find_held_lock+0x2b/0x80 [ 166.117977][ T6630] ? sysfs_file_kobj+0xe4/0x290 [ 166.118021][ T6630] ? __pfx_cpumask_store+0x10/0x10 [ 166.118047][ T6630] dev_attr_store+0x58/0x80 [ 166.118074][ T6630] ? __pfx_dev_attr_store+0x10/0x10 [ 166.118099][ T6630] sysfs_kf_write+0xef/0x150 [ 166.118136][ T6630] kernfs_fop_write_iter+0x354/0x510 [ 166.118164][ T6630] ? __pfx_sysfs_kf_write+0x10/0x10 [ 166.118201][ T6630] vfs_write+0x6c7/0x1150 [ 166.118240][ T6630] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 166.118272][ T6630] ? __pfx___mutex_lock+0x10/0x10 [ 166.118315][ T6630] ? __pfx_vfs_write+0x10/0x10 [ 166.118382][ T6630] ksys_write+0x12a/0x250 [ 166.118421][ T6630] ? __pfx_ksys_write+0x10/0x10 [ 166.118472][ T6630] do_syscall_64+0xcd/0x490 [ 166.118519][ T6630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.118547][ T6630] RIP: 0033:0x7f51e3d8e929 [ 166.118570][ T6630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.118596][ T6630] RSP: 002b:00007f51e4bc8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 166.118622][ T6630] RAX: ffffffffffffffda RBX: 00007f51e3fb6080 RCX: 00007f51e3d8e929 [ 166.118640][ T6630] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 166.118657][ T6630] RBP: 00007f51e3e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 166.118673][ T6630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.118688][ T6630] R13: 0000000000000000 R14: 00007f51e3fb6080 R15: 00007ffef042dce8 [ 166.118730][ T6630] [ 168.008042][ T6654] : Can't lookup blockdev [ 172.511270][ T6683] netlink: 504 bytes leftover after parsing attributes in process `syz.3.112'. [ 174.412696][ T6708] FAULT_INJECTION: forcing a failure. [ 174.412696][ T6708] name failslab, interval 1, probability 0, space 0, times 0 [ 174.438935][ T6708] CPU: 0 UID: 0 PID: 6708 Comm: syz.0.115 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 174.438980][ T6708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 174.438997][ T6708] Call Trace: [ 174.439007][ T6708] [ 174.439019][ T6708] dump_stack_lvl+0x16c/0x1f0 [ 174.439072][ T6708] should_fail_ex+0x512/0x640 [ 174.439114][ T6708] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 174.439160][ T6708] should_failslab+0xc2/0x120 [ 174.439200][ T6708] __kmalloc_cache_noprof+0x6a/0x3e0 [ 174.439241][ T6708] ? apply_wqattrs_prepare+0x130/0xbd0 [ 174.439284][ T6708] apply_wqattrs_prepare+0x130/0xbd0 [ 174.439337][ T6708] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 174.439378][ T6708] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 174.439412][ T6708] ? bitmap_parse+0x327/0x410 [ 174.439457][ T6708] cpumask_store+0x1ad/0x220 [ 174.439488][ T6708] ? __pfx_cpumask_store+0x10/0x10 [ 174.439521][ T6708] ? find_held_lock+0x2b/0x80 [ 174.439554][ T6708] ? sysfs_file_kobj+0xe4/0x290 [ 174.439594][ T6708] ? __pfx_cpumask_store+0x10/0x10 [ 174.439622][ T6708] dev_attr_store+0x58/0x80 [ 174.439651][ T6708] ? __pfx_dev_attr_store+0x10/0x10 [ 174.439680][ T6708] sysfs_kf_write+0xef/0x150 [ 174.439720][ T6708] kernfs_fop_write_iter+0x354/0x510 [ 174.439750][ T6708] ? __pfx_sysfs_kf_write+0x10/0x10 [ 174.439791][ T6708] vfs_write+0x6c7/0x1150 [ 174.439837][ T6708] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 174.439872][ T6708] ? __pfx___mutex_lock+0x10/0x10 [ 174.439924][ T6708] ? __pfx_vfs_write+0x10/0x10 [ 174.440002][ T6708] ksys_write+0x12a/0x250 [ 174.440044][ T6708] ? __pfx_ksys_write+0x10/0x10 [ 174.440103][ T6708] do_syscall_64+0xcd/0x490 [ 174.440154][ T6708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.440191][ T6708] RIP: 0033:0x7f51e3d8e929 [ 174.440217][ T6708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.440244][ T6708] RSP: 002b:00007f51e4bc8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 174.440272][ T6708] RAX: ffffffffffffffda RBX: 00007f51e3fb6080 RCX: 00007f51e3d8e929 [ 174.440291][ T6708] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 174.440308][ T6708] RBP: 00007f51e3e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 174.440325][ T6708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.440342][ T6708] R13: 0000000000000000 R14: 00007f51e3fb6080 R15: 00007ffef042dce8 [ 174.440384][ T6708] [ 175.850613][ T6727] FAULT_INJECTION: forcing a failure. [ 175.850613][ T6727] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 175.895028][ T6714] zswap: compressor not available [ 175.934226][ T5835] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 175.935686][ T6727] CPU: 1 UID: 0 PID: 6727 Comm: syz.3.116 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 175.935728][ T6727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 175.935742][ T6727] Call Trace: [ 175.935752][ T6727] [ 175.935763][ T6727] dump_stack_lvl+0x16c/0x1f0 [ 175.935810][ T6727] should_fail_ex+0x512/0x640 [ 175.935853][ T6727] should_fail_alloc_page+0xe7/0x130 [ 175.935885][ T6727] prepare_alloc_pages+0x3c2/0x610 [ 175.935937][ T6727] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 175.935983][ T6727] ? mas_next_slot+0x12d3/0x21b0 [ 175.936014][ T6727] ? __up_read+0x1f8/0x750 [ 175.936065][ T6727] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 175.936113][ T6727] ? validate_mm+0x40a/0x570 [ 175.936157][ T6727] ? __pfx_validate_mm+0x10/0x10 [ 175.936189][ T6727] ? lockdep_hardirqs_on+0x7c/0x110 [ 175.936240][ T6727] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 175.936286][ T6727] ? policy_nodemask+0xea/0x4e0 [ 175.936334][ T6727] alloc_pages_mpol+0x1fb/0x550 [ 175.936365][ T6727] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 175.936409][ T6727] alloc_pages_noprof+0x131/0x390 [ 175.936438][ T6727] __pmd_alloc+0x3b/0x930 [ 175.936475][ T6727] __handle_mm_fault+0xaac/0x5490 [ 175.936528][ T6727] ? __pfx___handle_mm_fault+0x10/0x10 [ 175.936609][ T6727] handle_mm_fault+0x589/0xd10 [ 175.936660][ T6727] __get_user_pages+0x589/0x3b80 [ 175.936710][ T6727] ? __pfx_mt_find+0x10/0x10 [ 175.936739][ T6727] ? __pfx___get_user_pages+0x10/0x10 [ 175.936791][ T6727] populate_vma_page_range+0x278/0x3a0 [ 175.936830][ T6727] ? __pfx_populate_vma_page_range+0x10/0x10 [ 175.936862][ T6727] ? __pfx_find_vma_intersection+0x10/0x10 [ 175.936895][ T6727] ? do_mmap+0x69c/0x1210 [ 175.936941][ T6727] __mm_populate+0x1d8/0x380 [ 175.936979][ T6727] ? __pfx___mm_populate+0x10/0x10 [ 175.937017][ T6727] ? up_write+0x1b2/0x520 [ 175.937064][ T6727] vm_mmap_pgoff+0x362/0x450 [ 175.937102][ T6727] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 175.937143][ T6727] ? __x64_sys_futex+0x1e0/0x4c0 [ 175.937176][ T6727] ? __x64_sys_futex+0x1e9/0x4c0 [ 175.937218][ T6727] ksys_mmap_pgoff+0x7d/0x5c0 [ 175.937248][ T6727] ? xfd_validate_state+0x61/0x180 [ 175.937282][ T6727] ? __pfx_ksys_write+0x10/0x10 [ 175.937328][ T6727] __x64_sys_mmap+0x125/0x190 [ 175.937374][ T6727] do_syscall_64+0xcd/0x490 [ 175.937422][ T6727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.937452][ T6727] RIP: 0033:0x7f7b6458e929 [ 175.937476][ T6727] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.937503][ T6727] RSP: 002b:00007f7b65317038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 175.937531][ T6727] RAX: ffffffffffffffda RBX: 00007f7b647b6320 RCX: 00007f7b6458e929 [ 175.937550][ T6727] RDX: 0000001000000004 RSI: 0000000000000008 RDI: 0000000000000000 [ 175.937566][ T6727] RBP: 00007f7b64610b39 R08: 0000000000000002 R09: 0000000000008000 [ 175.937583][ T6727] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 175.937600][ T6727] R13: 0000000000000000 R14: 00007f7b647b6320 R15: 00007ffffed82ed8 [ 175.937638][ T6727] [ 177.395837][ T6736] netlink: 504 bytes leftover after parsing attributes in process `syz.3.119'. [ 179.663163][ T6765] netlink: 504 bytes leftover after parsing attributes in process `syz.2.123'. [ 180.409049][ T6772] FAULT_INJECTION: forcing a failure. [ 180.409049][ T6772] name failslab, interval 1, probability 0, space 0, times 0 [ 180.458950][ T6772] CPU: 0 UID: 0 PID: 6772 Comm: syz.1.124 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 180.458993][ T6772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 180.459010][ T6772] Call Trace: [ 180.459020][ T6772] [ 180.459032][ T6772] dump_stack_lvl+0x16c/0x1f0 [ 180.459082][ T6772] should_fail_ex+0x512/0x640 [ 180.459131][ T6772] ? __kmalloc_noprof+0xbf/0x510 [ 180.459178][ T6772] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 180.459213][ T6772] should_failslab+0xc2/0x120 [ 180.459241][ T6772] __kmalloc_noprof+0xd2/0x510 [ 180.459293][ T6772] apply_wqattrs_prepare+0xf8/0xbd0 [ 180.459341][ T6772] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 180.459379][ T6772] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 180.459411][ T6772] ? bitmap_parse+0x327/0x410 [ 180.459450][ T6772] cpumask_store+0x1ad/0x220 [ 180.459479][ T6772] ? __pfx_cpumask_store+0x10/0x10 [ 180.459508][ T6772] ? find_held_lock+0x2b/0x80 [ 180.459538][ T6772] ? sysfs_file_kobj+0xe4/0x290 [ 180.459574][ T6772] ? __pfx_cpumask_store+0x10/0x10 [ 180.459602][ T6772] dev_attr_store+0x58/0x80 [ 180.459629][ T6772] ? __pfx_dev_attr_store+0x10/0x10 [ 180.459655][ T6772] sysfs_kf_write+0xef/0x150 [ 180.459694][ T6772] kernfs_fop_write_iter+0x354/0x510 [ 180.459722][ T6772] ? __pfx_sysfs_kf_write+0x10/0x10 [ 180.459761][ T6772] vfs_write+0x6c7/0x1150 [ 180.459804][ T6772] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 180.459836][ T6772] ? __pfx___mutex_lock+0x10/0x10 [ 180.459879][ T6772] ? __pfx_vfs_write+0x10/0x10 [ 180.459950][ T6772] ksys_write+0x12a/0x250 [ 180.459990][ T6772] ? __pfx_ksys_write+0x10/0x10 [ 180.460045][ T6772] do_syscall_64+0xcd/0x490 [ 180.460102][ T6772] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.460131][ T6772] RIP: 0033:0x7f724418e929 [ 180.460155][ T6772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.460182][ T6772] RSP: 002b:00007f72450ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 180.460210][ T6772] RAX: ffffffffffffffda RBX: 00007f72443b6080 RCX: 00007f724418e929 [ 180.460229][ T6772] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 180.460246][ T6772] RBP: 00007f7244210b39 R08: 0000000000000000 R09: 0000000000000000 [ 180.460263][ T6772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.460279][ T6772] R13: 0000000000000000 R14: 00007f72443b6080 R15: 00007ffcf98b5758 [ 180.460320][ T6772] [ 180.712986][ C0] vkms_vblank_simulate: vblank timer overrun [ 183.052154][ T6799] netlink: 504 bytes leftover after parsing attributes in process `syz.3.129'. [ 183.961749][ T6816] usb usb8: usbfs: interface 0 claimed by hub while 'syz.0.131' sets config #0 [ 184.135409][ T6818] FAULT_INJECTION: forcing a failure. [ 184.135409][ T6818] name failslab, interval 1, probability 0, space 0, times 0 [ 184.188962][ T6818] CPU: 0 UID: 0 PID: 6818 Comm: syz.3.132 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 184.188996][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 184.189006][ T6818] Call Trace: [ 184.189012][ T6818] [ 184.189019][ T6818] dump_stack_lvl+0x16c/0x1f0 [ 184.189049][ T6818] should_fail_ex+0x512/0x640 [ 184.189079][ T6818] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 184.189105][ T6818] should_failslab+0xc2/0x120 [ 184.189121][ T6818] __kmalloc_cache_noprof+0x6a/0x3e0 [ 184.189143][ T6818] ? apply_wqattrs_prepare+0x130/0xbd0 [ 184.189166][ T6818] apply_wqattrs_prepare+0x130/0xbd0 [ 184.189193][ T6818] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 184.189215][ T6818] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 184.189233][ T6818] ? bitmap_parse+0x327/0x410 [ 184.189256][ T6818] cpumask_store+0x1ad/0x220 [ 184.189272][ T6818] ? __pfx_cpumask_store+0x10/0x10 [ 184.189289][ T6818] ? find_held_lock+0x2b/0x80 [ 184.189306][ T6818] ? sysfs_file_kobj+0xe4/0x290 [ 184.189327][ T6818] ? __pfx_cpumask_store+0x10/0x10 [ 184.189343][ T6818] dev_attr_store+0x58/0x80 [ 184.189359][ T6818] ? __pfx_dev_attr_store+0x10/0x10 [ 184.189374][ T6818] sysfs_kf_write+0xef/0x150 [ 184.189395][ T6818] kernfs_fop_write_iter+0x354/0x510 [ 184.189411][ T6818] ? __pfx_sysfs_kf_write+0x10/0x10 [ 184.189433][ T6818] vfs_write+0x6c7/0x1150 [ 184.189457][ T6818] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 184.189475][ T6818] ? __pfx___mutex_lock+0x10/0x10 [ 184.189500][ T6818] ? __pfx_vfs_write+0x10/0x10 [ 184.189538][ T6818] ksys_write+0x12a/0x250 [ 184.189560][ T6818] ? __pfx_ksys_write+0x10/0x10 [ 184.189589][ T6818] do_syscall_64+0xcd/0x490 [ 184.189616][ T6818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.189633][ T6818] RIP: 0033:0x7f7b6458e929 [ 184.189648][ T6818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.189663][ T6818] RSP: 002b:00007f7b6537a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 184.189679][ T6818] RAX: ffffffffffffffda RBX: 00007f7b647b6080 RCX: 00007f7b6458e929 [ 184.189689][ T6818] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 184.189698][ T6818] RBP: 00007f7b64610b39 R08: 0000000000000000 R09: 0000000000000000 [ 184.189707][ T6818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.189717][ T6818] R13: 0000000000000000 R14: 00007f7b647b6080 R15: 00007ffffed82ed8 [ 184.189738][ T6818] [ 184.443689][ C0] vkms_vblank_simulate: vblank timer overrun [ 185.116907][ T6828] netlink: 504 bytes leftover after parsing attributes in process `syz.0.134'. [ 185.169920][ T6837] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.242653][ T6837] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 186.512721][ T6848] FAULT_INJECTION: forcing a failure. [ 186.512721][ T6848] name failslab, interval 1, probability 0, space 0, times 0 [ 186.598145][ T6848] CPU: 1 UID: 0 PID: 6848 Comm: syz.3.138 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 186.598190][ T6848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 186.598207][ T6848] Call Trace: [ 186.598217][ T6848] [ 186.598228][ T6848] dump_stack_lvl+0x16c/0x1f0 [ 186.598278][ T6848] should_fail_ex+0x512/0x640 [ 186.598317][ T6848] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 186.598369][ T6848] should_failslab+0xc2/0x120 [ 186.598397][ T6848] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 186.598443][ T6848] ? alloc_unbound_pwq+0x3ff/0xe10 [ 186.598481][ T6848] alloc_unbound_pwq+0x3ff/0xe10 [ 186.598513][ T6848] ? kasan_save_track+0x14/0x30 [ 186.598561][ T6848] apply_wqattrs_prepare+0x3af/0xbd0 [ 186.598610][ T6848] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 186.598649][ T6848] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 186.598682][ T6848] ? bitmap_parse+0x327/0x410 [ 186.598727][ T6848] cpumask_store+0x1ad/0x220 [ 186.598756][ T6848] ? __pfx_cpumask_store+0x10/0x10 [ 186.598786][ T6848] ? find_held_lock+0x2b/0x80 [ 186.598814][ T6848] ? sysfs_file_kobj+0xe4/0x290 [ 186.598852][ T6848] ? __pfx_cpumask_store+0x10/0x10 [ 186.598879][ T6848] dev_attr_store+0x58/0x80 [ 186.598906][ T6848] ? __pfx_dev_attr_store+0x10/0x10 [ 186.598931][ T6848] sysfs_kf_write+0xef/0x150 [ 186.598966][ T6848] kernfs_fop_write_iter+0x354/0x510 [ 186.598995][ T6848] ? __pfx_sysfs_kf_write+0x10/0x10 [ 186.599033][ T6848] vfs_write+0x6c7/0x1150 [ 186.599084][ T6848] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 186.599119][ T6848] ? __pfx___mutex_lock+0x10/0x10 [ 186.599160][ T6848] ? __pfx_vfs_write+0x10/0x10 [ 186.599215][ T6848] ksys_write+0x12a/0x250 [ 186.599245][ T6848] ? __pfx_ksys_write+0x10/0x10 [ 186.599287][ T6848] do_syscall_64+0xcd/0x490 [ 186.599324][ T6848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.599347][ T6848] RIP: 0033:0x7f7b6458e929 [ 186.599367][ T6848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.599390][ T6848] RSP: 002b:00007f7b6537a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 186.599413][ T6848] RAX: ffffffffffffffda RBX: 00007f7b647b6080 RCX: 00007f7b6458e929 [ 186.599428][ T6848] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 186.599441][ T6848] RBP: 00007f7b64610b39 R08: 0000000000000000 R09: 0000000000000000 [ 186.599454][ T6848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.599467][ T6848] R13: 0000000000000000 R14: 00007f7b647b6080 R15: 00007ffffed82ed8 [ 186.599498][ T6848] [ 188.842153][ T6865] netlink: 504 bytes leftover after parsing attributes in process `syz.0.140'. [ 190.163365][ T6883] FAULT_INJECTION: forcing a failure. [ 190.163365][ T6883] name failslab, interval 1, probability 0, space 0, times 0 [ 190.227599][ T6883] CPU: 0 UID: 0 PID: 6883 Comm: syz.0.144 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 190.227644][ T6883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 190.227660][ T6883] Call Trace: [ 190.227670][ T6883] [ 190.227682][ T6883] dump_stack_lvl+0x16c/0x1f0 [ 190.227734][ T6883] should_fail_ex+0x512/0x640 [ 190.227774][ T6883] ? __kmalloc_noprof+0xbf/0x510 [ 190.227820][ T6883] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 190.227849][ T6883] should_failslab+0xc2/0x120 [ 190.227877][ T6883] __kmalloc_noprof+0xd2/0x510 [ 190.227931][ T6883] apply_wqattrs_prepare+0xf8/0xbd0 [ 190.227979][ T6883] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 190.228016][ T6883] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 190.228058][ T6883] ? bitmap_parse+0x327/0x410 [ 190.228099][ T6883] cpumask_store+0x1ad/0x220 [ 190.228129][ T6883] ? __pfx_cpumask_store+0x10/0x10 [ 190.228159][ T6883] ? find_held_lock+0x2b/0x80 [ 190.228189][ T6883] ? sysfs_file_kobj+0xe4/0x290 [ 190.228227][ T6883] ? __pfx_cpumask_store+0x10/0x10 [ 190.228255][ T6883] dev_attr_store+0x58/0x80 [ 190.228282][ T6883] ? __pfx_dev_attr_store+0x10/0x10 [ 190.228310][ T6883] sysfs_kf_write+0xef/0x150 [ 190.228349][ T6883] kernfs_fop_write_iter+0x354/0x510 [ 190.228378][ T6883] ? __pfx_sysfs_kf_write+0x10/0x10 [ 190.228418][ T6883] vfs_write+0x6c7/0x1150 [ 190.228461][ T6883] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 190.228495][ T6883] ? __pfx___mutex_lock+0x10/0x10 [ 190.228540][ T6883] ? __pfx_vfs_write+0x10/0x10 [ 190.228618][ T6883] ksys_write+0x12a/0x250 [ 190.228658][ T6883] ? __pfx_ksys_write+0x10/0x10 [ 190.228712][ T6883] do_syscall_64+0xcd/0x490 [ 190.228754][ T6883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.228781][ T6883] RIP: 0033:0x7f51e3d8e929 [ 190.228805][ T6883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 190.228829][ T6883] RSP: 002b:00007f51e4bc8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 190.228856][ T6883] RAX: ffffffffffffffda RBX: 00007f51e3fb6080 RCX: 00007f51e3d8e929 [ 190.228875][ T6883] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 190.228891][ T6883] RBP: 00007f51e3e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 190.228906][ T6883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.228921][ T6883] R13: 0000000000000000 R14: 00007f51e3fb6080 R15: 00007ffef042dce8 [ 190.228962][ T6883] [ 192.946658][ T6913] FAULT_INJECTION: forcing a failure. [ 192.946658][ T6913] name failslab, interval 1, probability 0, space 0, times 0 [ 193.149079][ T6913] CPU: 1 UID: 0 PID: 6913 Comm: syz.2.149 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 193.149123][ T6913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 193.149140][ T6913] Call Trace: [ 193.149150][ T6913] [ 193.149162][ T6913] dump_stack_lvl+0x16c/0x1f0 [ 193.149215][ T6913] should_fail_ex+0x512/0x640 [ 193.149256][ T6913] ? __kmalloc_noprof+0xbf/0x510 [ 193.149303][ T6913] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 193.149333][ T6913] should_failslab+0xc2/0x120 [ 193.149362][ T6913] __kmalloc_noprof+0xd2/0x510 [ 193.149420][ T6913] apply_wqattrs_prepare+0xf8/0xbd0 [ 193.149473][ T6913] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 193.149509][ T6913] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 193.149541][ T6913] ? bitmap_parse+0x327/0x410 [ 193.149582][ T6913] cpumask_store+0x1ad/0x220 [ 193.149609][ T6913] ? __pfx_cpumask_store+0x10/0x10 [ 193.149638][ T6913] ? find_held_lock+0x2b/0x80 [ 193.149667][ T6913] ? sysfs_file_kobj+0xe4/0x290 [ 193.149704][ T6913] ? __pfx_cpumask_store+0x10/0x10 [ 193.149731][ T6913] dev_attr_store+0x58/0x80 [ 193.149775][ T6913] ? __pfx_dev_attr_store+0x10/0x10 [ 193.149802][ T6913] sysfs_kf_write+0xef/0x150 [ 193.149841][ T6913] kernfs_fop_write_iter+0x354/0x510 [ 193.149872][ T6913] ? __pfx_sysfs_kf_write+0x10/0x10 [ 193.149911][ T6913] vfs_write+0x6c7/0x1150 [ 193.149955][ T6913] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 193.149989][ T6913] ? __pfx___mutex_lock+0x10/0x10 [ 193.150056][ T6913] ? __pfx_vfs_write+0x10/0x10 [ 193.150136][ T6913] ksys_write+0x12a/0x250 [ 193.150178][ T6913] ? __pfx_ksys_write+0x10/0x10 [ 193.150231][ T6913] do_syscall_64+0xcd/0x490 [ 193.150291][ T6913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.150320][ T6913] RIP: 0033:0x7fc3d178e929 [ 193.150343][ T6913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 193.150367][ T6913] RSP: 002b:00007fc3cf5b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 193.150403][ T6913] RAX: ffffffffffffffda RBX: 00007fc3d19b6160 RCX: 00007fc3d178e929 [ 193.150422][ T6913] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000005 [ 193.150438][ T6913] RBP: 00007fc3d1810b39 R08: 0000000000000000 R09: 0000000000000000 [ 193.150455][ T6913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.150470][ T6913] R13: 0000000000000000 R14: 00007fc3d19b6160 R15: 00007fffadba63e8 [ 193.150512][ T6913] [ 193.492917][ T6896] Invalid ELF header magic: != ELF [ 194.369163][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout [ 194.419476][ T6899] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 194.972878][ T6899] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 194.980833][ T6899] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 194.989420][ T6899] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 195.446996][ T6933] netlink: 504 bytes leftover after parsing attributes in process `syz.2.152'. [ 195.886315][ T5835] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260 [ 196.554271][ T5835] Bluetooth: hci2: command 0x0c1a tx timeout [ 196.585989][ T5835] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 197.009081][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 197.009105][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 198.783103][ T6963] FAULT_INJECTION: forcing a failure. [ 198.783103][ T6963] name failslab, interval 1, probability 0, space 0, times 0 [ 198.796158][ T6963] CPU: 1 UID: 0 PID: 6963 Comm: syz.0.158 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 198.796198][ T6963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 198.796215][ T6963] Call Trace: [ 198.796224][ T6963] [ 198.796236][ T6963] dump_stack_lvl+0x16c/0x1f0 [ 198.796288][ T6963] should_fail_ex+0x512/0x640 [ 198.796328][ T6963] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 198.796372][ T6963] should_failslab+0xc2/0x120 [ 198.796401][ T6963] __kmalloc_cache_noprof+0x6a/0x3e0 [ 198.796441][ T6963] ? apply_wqattrs_prepare+0x130/0xbd0 [ 198.796482][ T6963] apply_wqattrs_prepare+0x130/0xbd0 [ 198.796534][ T6963] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 198.796573][ T6963] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 198.796606][ T6963] ? bitmap_parse+0x327/0x410 [ 198.796648][ T6963] cpumask_store+0x1ad/0x220 [ 198.796678][ T6963] ? __pfx_cpumask_store+0x10/0x10 [ 198.796708][ T6963] ? find_held_lock+0x2b/0x80 [ 198.796736][ T6963] ? sysfs_file_kobj+0xe4/0x290 [ 198.796774][ T6963] ? __pfx_cpumask_store+0x10/0x10 [ 198.796801][ T6963] dev_attr_store+0x58/0x80 [ 198.796828][ T6963] ? __pfx_dev_attr_store+0x10/0x10 [ 198.796855][ T6963] sysfs_kf_write+0xef/0x150 [ 198.796893][ T6963] kernfs_fop_write_iter+0x354/0x510 [ 198.796922][ T6963] ? __pfx_sysfs_kf_write+0x10/0x10 [ 198.796961][ T6963] vfs_write+0x6c7/0x1150 [ 198.797011][ T6963] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 198.797045][ T6963] ? __pfx___mutex_lock+0x10/0x10 [ 198.797091][ T6963] ? __pfx_vfs_write+0x10/0x10 [ 198.797169][ T6963] ksys_write+0x12a/0x250 [ 198.797210][ T6963] ? __pfx_ksys_write+0x10/0x10 [ 198.797268][ T6963] do_syscall_64+0xcd/0x490 [ 198.797318][ T6963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.797348][ T6963] RIP: 0033:0x7f51e3d8e929 [ 198.797372][ T6963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.797399][ T6963] RSP: 002b:00007f51e4bc8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 198.797425][ T6963] RAX: ffffffffffffffda RBX: 00007f51e3fb6080 RCX: 00007f51e3d8e929 [ 198.797444][ T6963] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 198.797461][ T6963] RBP: 00007f51e3e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 198.797477][ T6963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.797493][ T6963] R13: 0000000000000000 R14: 00007f51e3fb6080 R15: 00007ffef042dce8 [ 198.797534][ T6963] [ 199.141913][ T843] smpboot: CPU 1 is now offline [ 199.590469][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.596796][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 202.422318][ T5835] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 203.302878][ T7029] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 206.636817][ T5835] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260 [ 206.708066][ T7057] FAULT_INJECTION: forcing a failure. [ 206.708066][ T7057] name failslab, interval 1, probability 0, space 0, times 0 [ 206.851654][ T7057] CPU: 0 UID: 0 PID: 7057 Comm: syz.3.174 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 206.851681][ T7057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 206.851691][ T7057] Call Trace: [ 206.851697][ T7057] [ 206.851704][ T7057] dump_stack_lvl+0x16c/0x1f0 [ 206.851741][ T7057] should_fail_ex+0x512/0x640 [ 206.851765][ T7057] ? __kmalloc_noprof+0xbf/0x510 [ 206.851792][ T7057] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 206.851809][ T7057] should_failslab+0xc2/0x120 [ 206.851826][ T7057] __kmalloc_noprof+0xd2/0x510 [ 206.851856][ T7057] apply_wqattrs_prepare+0xf8/0xbd0 [ 206.851881][ T7057] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 206.851902][ T7057] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 206.851921][ T7057] ? bitmap_parse+0x327/0x410 [ 206.851944][ T7057] cpumask_store+0x1ad/0x220 [ 206.851961][ T7057] ? __pfx_cpumask_store+0x10/0x10 [ 206.851977][ T7057] ? find_held_lock+0x2b/0x80 [ 206.851994][ T7057] ? sysfs_file_kobj+0xe4/0x290 [ 206.852015][ T7057] ? __pfx_cpumask_store+0x10/0x10 [ 206.852030][ T7057] dev_attr_store+0x58/0x80 [ 206.852046][ T7057] ? __pfx_dev_attr_store+0x10/0x10 [ 206.852061][ T7057] sysfs_kf_write+0xef/0x150 [ 206.852082][ T7057] kernfs_fop_write_iter+0x354/0x510 [ 206.852098][ T7057] ? __pfx_sysfs_kf_write+0x10/0x10 [ 206.852120][ T7057] vfs_write+0x6c7/0x1150 [ 206.852143][ T7057] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 206.852162][ T7057] ? __pfx___mutex_lock+0x10/0x10 [ 206.852186][ T7057] ? __pfx_vfs_write+0x10/0x10 [ 206.852230][ T7057] ksys_write+0x12a/0x250 [ 206.852253][ T7057] ? __pfx_ksys_write+0x10/0x10 [ 206.852283][ T7057] do_syscall_64+0xcd/0x490 [ 206.852310][ T7057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 206.852327][ T7057] RIP: 0033:0x7f7b6458e929 [ 206.852341][ T7057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 206.852356][ T7057] RSP: 002b:00007f7b6537a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 206.852372][ T7057] RAX: ffffffffffffffda RBX: 00007f7b647b6080 RCX: 00007f7b6458e929 [ 206.852383][ T7057] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 206.852392][ T7057] RBP: 00007f7b64610b39 R08: 0000000000000000 R09: 0000000000000000 [ 206.852401][ T7057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 206.852410][ T7057] R13: 0000000000000000 R14: 00007f7b647b6080 R15: 00007ffffed82ed8 [ 206.852432][ T7057] [ 209.463506][ T5835] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260 [ 210.110378][ T7071] Invalid ELF header magic: != ELF [ 213.103464][ T5835] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 213.179971][ T7127] syz.0.185 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 213.289686][ T7117] netlink: 504 bytes leftover after parsing attributes in process `syz.2.183'. [ 213.334924][ T7131] FAULT_INJECTION: forcing a failure. [ 213.334924][ T7131] name failslab, interval 1, probability 0, space 0, times 0 [ 213.449048][ T7131] CPU: 0 UID: 0 PID: 7131 Comm: syz.1.186 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 213.449075][ T7131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 213.449086][ T7131] Call Trace: [ 213.449092][ T7131] [ 213.449099][ T7131] dump_stack_lvl+0x16c/0x1f0 [ 213.449129][ T7131] should_fail_ex+0x512/0x640 [ 213.449152][ T7131] ? __kmalloc_noprof+0xbf/0x510 [ 213.449178][ T7131] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 213.449194][ T7131] should_failslab+0xc2/0x120 [ 213.449211][ T7131] __kmalloc_noprof+0xd2/0x510 [ 213.449240][ T7131] apply_wqattrs_prepare+0xf8/0xbd0 [ 213.449266][ T7131] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 213.449286][ T7131] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 213.449305][ T7131] ? bitmap_parse+0x327/0x410 [ 213.449327][ T7131] cpumask_store+0x1ad/0x220 [ 213.449344][ T7131] ? __pfx_cpumask_store+0x10/0x10 [ 213.449360][ T7131] ? find_held_lock+0x2b/0x80 [ 213.449377][ T7131] ? sysfs_file_kobj+0xe4/0x290 [ 213.449398][ T7131] ? __pfx_cpumask_store+0x10/0x10 [ 213.449413][ T7131] dev_attr_store+0x58/0x80 [ 213.449429][ T7131] ? __pfx_dev_attr_store+0x10/0x10 [ 213.449444][ T7131] sysfs_kf_write+0xef/0x150 [ 213.449465][ T7131] kernfs_fop_write_iter+0x354/0x510 [ 213.449481][ T7131] ? __pfx_sysfs_kf_write+0x10/0x10 [ 213.449503][ T7131] vfs_write+0x6c7/0x1150 [ 213.449526][ T7131] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 213.449545][ T7131] ? __pfx___mutex_lock+0x10/0x10 [ 213.449569][ T7131] ? __pfx_vfs_write+0x10/0x10 [ 213.449608][ T7131] ksys_write+0x12a/0x250 [ 213.449637][ T7131] ? __pfx_ksys_write+0x10/0x10 [ 213.449666][ T7131] do_syscall_64+0xcd/0x490 [ 213.449692][ T7131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.449709][ T7131] RIP: 0033:0x7f724418e929 [ 213.449723][ T7131] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.449739][ T7131] RSP: 002b:00007f72450ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 213.449755][ T7131] RAX: ffffffffffffffda RBX: 00007f72443b6080 RCX: 00007f724418e929 [ 213.449767][ T7131] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 213.449777][ T7131] RBP: 00007f7244210b39 R08: 0000000000000000 R09: 0000000000000000 [ 213.449786][ T7131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.449796][ T7131] R13: 0000000000000000 R14: 00007f72443b6080 R15: 00007ffcf98b5758 [ 213.449818][ T7131] [ 213.780975][ T7136] FAULT_INJECTION: forcing a failure. [ 213.780975][ T7136] name failslab, interval 1, probability 0, space 0, times 0 [ 213.793742][ T7136] CPU: 0 UID: 0 PID: 7136 Comm: syz.0.185 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 213.793767][ T7136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 213.793777][ T7136] Call Trace: [ 213.793783][ T7136] [ 213.793790][ T7136] dump_stack_lvl+0x16c/0x1f0 [ 213.793821][ T7136] should_fail_ex+0x512/0x640 [ 213.793844][ T7136] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 213.793869][ T7136] should_failslab+0xc2/0x120 [ 213.793885][ T7136] __kmalloc_cache_noprof+0x6a/0x3e0 [ 213.793908][ T7136] ? apply_wqattrs_prepare+0x130/0xbd0 [ 213.793930][ T7136] apply_wqattrs_prepare+0x130/0xbd0 [ 213.793956][ T7136] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 213.793976][ T7136] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 213.793994][ T7136] ? bitmap_parse+0x327/0x410 [ 213.794017][ T7136] cpumask_store+0x1ad/0x220 [ 213.794034][ T7136] ? __pfx_cpumask_store+0x10/0x10 [ 213.794051][ T7136] ? find_held_lock+0x2b/0x80 [ 213.794068][ T7136] ? sysfs_file_kobj+0xe4/0x290 [ 213.794089][ T7136] ? __pfx_cpumask_store+0x10/0x10 [ 213.794104][ T7136] dev_attr_store+0x58/0x80 [ 213.794119][ T7136] ? __pfx_dev_attr_store+0x10/0x10 [ 213.794134][ T7136] sysfs_kf_write+0xef/0x150 [ 213.794155][ T7136] kernfs_fop_write_iter+0x354/0x510 [ 213.794171][ T7136] ? __pfx_sysfs_kf_write+0x10/0x10 [ 213.794193][ T7136] vfs_write+0x6c7/0x1150 [ 213.794216][ T7136] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 213.794235][ T7136] ? __pfx___mutex_lock+0x10/0x10 [ 213.794260][ T7136] ? __pfx_vfs_write+0x10/0x10 [ 213.794297][ T7136] ksys_write+0x12a/0x250 [ 213.794319][ T7136] ? __pfx_ksys_write+0x10/0x10 [ 213.794348][ T7136] do_syscall_64+0xcd/0x490 [ 213.794374][ T7136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.794391][ T7136] RIP: 0033:0x7f51e3d8e929 [ 213.794406][ T7136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.794421][ T7136] RSP: 002b:00007f51e4bc8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 213.794437][ T7136] RAX: ffffffffffffffda RBX: 00007f51e3fb6080 RCX: 00007f51e3d8e929 [ 213.794447][ T7136] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 213.794457][ T7136] RBP: 00007f51e3e10b39 R08: 0000000000000000 R09: 0000000000000000 [ 213.794466][ T7136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 213.794475][ T7136] R13: 0000000000000000 R14: 00007f51e3fb6080 R15: 00007ffef042dce8 [ 213.794497][ T7136] [ 216.579702][ T5835] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 219.406579][ T7215] netlink: 504 bytes leftover after parsing attributes in process `syz.3.195'. [ 219.497552][ T7170] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260 [ 220.171725][ T7170] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 220.918931][ T7250] netlink: 24 bytes leftover after parsing attributes in process `syz.2.201'. [ 222.432115][ T7277] netlink: 28 bytes leftover after parsing attributes in process `syz.1.207'. [ 222.489019][ T7277] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 222.523163][ T7277] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 222.626799][ T7277] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 222.715966][ T7277] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 223.234944][ T7170] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 223.259166][ T7286] netlink: 504 bytes leftover after parsing attributes in process `syz.0.208'. [ 223.797602][ T7170] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 224.870029][ T7322] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 226.988103][ T7356] netlink: 504 bytes leftover after parsing attributes in process `syz.3.221'. [ 228.262600][ T7380] hub 8-0:1.0: USB hub found [ 228.313775][ T7380] hub 8-0:1.0: 1 port detected [ 229.450387][ T7398] netlink: 504 bytes leftover after parsing attributes in process `syz.2.228'. [ 230.016791][ T7410] netlink: 8 bytes leftover after parsing attributes in process `syz.1.230'. [ 230.100348][ T7409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.230'. [ 230.377649][ T7419] Invalid ELF header magic: != ELF [ 230.897428][ T7427] netlink: 504 bytes leftover after parsing attributes in process `syz.0.233'. [ 233.515644][ T7170] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260 [ 234.121792][ T7483] kAFS: No cell specified [ 234.156872][ T7492] sysfs_service_op_show: Client not running :-5: [ 234.262239][ T7492] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 235.003076][ T7499] Invalid ELF header magic: != ELF [ 235.389251][ T7505] Invalid ELF header magic: != ELF [ 236.788664][ T30] audit: type=1800 audit(4294968767.967:2): pid=7519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.250" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 238.741834][ T7545] netlink: 504 bytes leftover after parsing attributes in process `syz.3.253'. [ 243.094976][ T7617] netlink: 504 bytes leftover after parsing attributes in process `syz.0.265'. [ 243.623436][ T7591] syz.2.261 (7591) used greatest stack depth: 19800 bytes left [ 245.242051][ T7652] netdevsim netdevsim15 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 247.581668][ T7705] netlink: 330 bytes leftover after parsing attributes in process `syz.0.279'. [ 247.885659][ T7713] device-mapper: ioctl: Invalid ioctl structure: name , dev 3000000000 [ 250.218176][ T7753] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 250.624959][ T7754] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 252.964947][ T7796] netlink: 504 bytes leftover after parsing attributes in process `syz.2.293'. [ 254.777143][ T7823] netlink: 504 bytes leftover after parsing attributes in process `syz.1.296'. [ 254.831434][ T7824] hub 8-0:1.0: USB hub found [ 254.869722][ T7824] hub 8-0:1.0: 1 port detected [ 255.562744][ T30] audit: type=1804 audit(4294968786.747:3): pid=7840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.299" name="/newroot/80/file0" dev="tmpfs" ino=434 res=1 errno=0 [ 255.586070][ T7840] FAULT_INJECTION: forcing a failure. [ 255.586070][ T7840] name failslab, interval 1, probability 0, space 0, times 0 [ 255.637816][ T7840] CPU: 0 UID: 0 PID: 7840 Comm: syz.1.299 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 255.637843][ T7840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 255.637853][ T7840] Call Trace: [ 255.637859][ T7840] [ 255.637866][ T7840] dump_stack_lvl+0x16c/0x1f0 [ 255.637895][ T7840] should_fail_ex+0x512/0x640 [ 255.637919][ T7840] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 255.637947][ T7840] should_failslab+0xc2/0x120 [ 255.637963][ T7840] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 255.637987][ T7840] ? audit_log_start+0x2c5/0x7f0 [ 255.638011][ T7840] audit_log_start+0x2c5/0x7f0 [ 255.638033][ T7840] ? __pfx_audit_log_start+0x10/0x10 [ 255.638053][ T7840] ? __lock_acquire+0xb8a/0x1c90 [ 255.638086][ T7840] integrity_audit_message+0x10c/0x580 [ 255.638109][ T7840] ? take_dentry_name_snapshot+0x314/0x7d0 [ 255.638126][ T7840] ? __pfx_integrity_audit_message+0x10/0x10 [ 255.638149][ T7840] ? take_dentry_name_snapshot+0x319/0x7d0 [ 255.638170][ T7840] integrity_audit_msg+0x41/0x60 [ 255.638193][ T7840] ima_collect_measurement+0x784/0xa40 [ 255.638216][ T7840] ? __pfx_ima_collect_measurement+0x10/0x10 [ 255.638247][ T7840] ? do_raw_read_unlock+0x44/0xe0 [ 255.638276][ T7840] ? vfs_getxattr_alloc+0xec/0x340 [ 255.638302][ T7840] ? ima_get_hash_algo+0x27c/0x400 [ 255.638324][ T7840] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 255.638358][ T7840] ? process_measurement+0x11fa/0x23e0 [ 255.638381][ T7840] process_measurement+0x11fa/0x23e0 [ 255.638411][ T7840] ? __pfx_process_measurement+0x10/0x10 [ 255.638465][ T7840] ? futex_private_hash_put+0xc7/0x240 [ 255.638484][ T7840] ? futex_hash_put+0x3e/0x50 [ 255.638504][ T7840] ima_file_mmap+0x1b1/0x1d0 [ 255.638529][ T7840] ? __pfx_ima_file_mmap+0x10/0x10 [ 255.638551][ T7840] ? __lock_acquire+0x622/0x1c90 [ 255.638577][ T7840] security_mmap_file+0x88c/0x990 [ 255.638599][ T7840] vm_mmap_pgoff+0xec/0x450 [ 255.638616][ T7840] ? find_held_lock+0x2b/0x80 [ 255.638631][ T7840] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 255.638651][ T7840] ? __fget_files+0x20e/0x3c0 [ 255.638677][ T7840] ksys_mmap_pgoff+0x32c/0x5c0 [ 255.638704][ T7840] __x64_sys_mmap+0x125/0x190 [ 255.638729][ T7840] do_syscall_64+0xcd/0x490 [ 255.638756][ T7840] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.638773][ T7840] RIP: 0033:0x7f724418e929 [ 255.638787][ T7840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.638802][ T7840] RSP: 002b:00007f72450db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 255.638819][ T7840] RAX: ffffffffffffffda RBX: 00007f72443b5fa0 RCX: 00007f724418e929 [ 255.638830][ T7840] RDX: 00000000000003ff RSI: 0000000000000001 RDI: 000000000000f000 [ 255.638839][ T7840] RBP: 00007f7244210b39 R08: 0000000000000003 R09: 0000000000000000 [ 255.638849][ T7840] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000 [ 255.638858][ T7840] R13: 0000000000000000 R14: 00007f72443b5fa0 R15: 00007ffcf98b5758 [ 255.638879][ T7840] [ 256.149121][ T7170] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 256.339835][ T30] audit: type=1800 audit(4294968787.507:4): pid=7856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.303" name="dbroot" dev="configfs" ino=34710 res=0 errno=0 [ 256.530017][ T7840] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 256.561644][ T7840] audit: out of memory in audit_log_start [ 259.120439][ T7170] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 260.194442][ T7925] vcan0: tx drop: invalid da for name 0x000000000000003f [ 260.310153][ T7934] netlink: 504 bytes leftover after parsing attributes in process `syz.1.315'. [ 260.671761][ T30] audit: type=1800 audit(4294968791.857:5): pid=7921 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.314" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 260.947659][ T7943] FAULT_INJECTION: forcing a failure. [ 260.947659][ T7943] name failslab, interval 1, probability 0, space 0, times 0 [ 260.994149][ T7943] CPU: 0 UID: 0 PID: 7943 Comm: syz.3.318 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 260.994176][ T7943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 260.994185][ T7943] Call Trace: [ 260.994192][ T7943] [ 260.994198][ T7943] dump_stack_lvl+0x16c/0x1f0 [ 260.994229][ T7943] should_fail_ex+0x512/0x640 [ 260.994258][ T7943] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 260.994283][ T7943] should_failslab+0xc2/0x120 [ 260.994299][ T7943] __kmalloc_cache_noprof+0x6a/0x3e0 [ 260.994320][ T7943] ? ktime_get_coarse_real_ts64_mg+0x240/0x300 [ 260.994342][ T7943] ? hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 260.994369][ T7943] hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 260.994392][ T7943] hugetlb_reserve_pages+0x149/0xe10 [ 260.994416][ T7943] ? __pfx_hugetlb_reserve_pages+0x10/0x10 [ 260.994436][ T7943] ? atime_needs_update+0x8b/0x710 [ 260.994460][ T7943] hugetlbfs_file_mmap+0x4a1/0x730 [ 260.994491][ T7943] __mmap_region+0x128b/0x25e0 [ 260.994518][ T7943] ? __pfx___mmap_region+0x10/0x10 [ 260.994548][ T7943] ? is_bpf_text_address+0x94/0x1a0 [ 260.994570][ T7943] ? kernel_text_address+0x8d/0x100 [ 260.994595][ T7943] ? __kernel_text_address+0xd/0x40 [ 260.994619][ T7943] ? unwind_get_return_address+0x59/0xa0 [ 260.994643][ T7943] ? arch_stack_walk+0xa6/0x100 [ 260.994678][ T7943] ? __pfx_stack_trace_save+0x10/0x10 [ 260.994695][ T7943] ? stack_depot_save_flags+0x28/0xa40 [ 260.994744][ T7943] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 260.994769][ T7943] mmap_region+0x32b/0x3f0 [ 260.994797][ T7943] do_mmap+0xa3e/0x1210 [ 260.994819][ T7943] ? __pfx_do_mmap+0x10/0x10 [ 260.994837][ T7943] ? __pfx_down_write_killable+0x10/0x10 [ 260.994858][ T7943] vm_mmap_pgoff+0x281/0x450 [ 260.994879][ T7943] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 260.994894][ T7943] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 260.994912][ T7943] ? hugetlbfs_get_inode+0x31f/0x730 [ 260.994935][ T7943] ksys_mmap_pgoff+0x1c8/0x5c0 [ 260.994956][ T7943] __x64_sys_mmap+0x125/0x190 [ 260.994981][ T7943] do_syscall_64+0xcd/0x490 [ 260.995008][ T7943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.995025][ T7943] RIP: 0033:0x7f7b6458e929 [ 260.995038][ T7943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.995054][ T7943] RSP: 002b:00007f7b6539b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 260.995070][ T7943] RAX: ffffffffffffffda RBX: 00007f7b647b5fa0 RCX: 00007f7b6458e929 [ 260.995081][ T7943] RDX: 0000000000000401 RSI: 0000000000a00006 RDI: 0000000000c00000 [ 260.995090][ T7943] RBP: 00007f7b64610b39 R08: 0000000000000602 R09: 0000300000000000 [ 260.995100][ T7943] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 260.995109][ T7943] R13: 0000000000000000 R14: 00007f7b647b5fa0 R15: 00007ffffed82ed8 [ 260.995130][ T7943] [ 260.995620][ T7943] HugeTLB: unable to allocate vma specific lock [ 261.299240][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.308824][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.873707][ T7950] netlink: 4 bytes leftover after parsing attributes in process `syz.1.319'. [ 261.899130][ T7950] netlink: 354 bytes leftover after parsing attributes in process `syz.1.319'. [ 262.365686][ T7956] kAFS: No cell specified [ 263.111129][ T7962] Invalid ELF header magic: != ELF [ 263.854882][ T7981] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 263.863571][ T7160] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 263.872779][ T7160] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 263.881353][ T7160] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 263.890479][ T7160] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 264.312931][ T7985] netlink: 504 bytes leftover after parsing attributes in process `syz.3.326'. [ 264.676899][ T7979] chnl_net:caif_netlink_parms(): no params data found [ 265.270402][ T7979] bridge0: port 1(bridge_slave_0) entered blocking state [ 265.300292][ T7979] bridge0: port 1(bridge_slave_0) entered disabled state [ 265.333198][ T7979] bridge_slave_0: entered allmulticast mode [ 265.373438][ T7979] bridge_slave_0: entered promiscuous mode [ 265.406749][ T7979] bridge0: port 2(bridge_slave_1) entered blocking state [ 265.466260][ T7979] bridge0: port 2(bridge_slave_1) entered disabled state [ 265.509539][ T7979] bridge_slave_1: entered allmulticast mode [ 265.550065][ T7979] bridge_slave_1: entered promiscuous mode [ 265.851986][ T7979] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 265.907398][ T7979] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 265.971574][ T7160] Bluetooth: hci4: command tx timeout [ 266.187485][ T7979] team0: Port device team_slave_0 added [ 266.221224][ T7979] team0: Port device team_slave_1 added [ 266.278991][ T8027] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 266.451240][ T7979] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 266.458224][ T7979] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.603955][ T7979] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 266.677162][ T7979] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 266.706584][ T7979] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 266.789282][ T7160] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260 [ 266.797495][ T7979] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 267.710358][ T7979] hsr_slave_0: entered promiscuous mode [ 267.716744][ T7979] hsr_slave_1: entered promiscuous mode [ 267.745051][ T7979] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 267.773814][ T7979] Cannot create hsr debugfs directory [ 268.050978][ T7160] Bluetooth: hci4: command tx timeout [ 269.584728][ T7979] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 269.637303][ T7979] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 269.833002][ T7979] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 270.044343][ T7979] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 270.129212][ T7170] Bluetooth: hci4: command tx timeout [ 270.653856][ T7979] 8021q: adding VLAN 0 to HW filter on device bond0 [ 270.763939][ T7979] 8021q: adding VLAN 0 to HW filter on device team0 [ 270.844356][ T7159] bridge0: port 1(bridge_slave_0) entered blocking state [ 270.851557][ T7159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 270.937059][ T7159] bridge0: port 2(bridge_slave_1) entered blocking state [ 270.944235][ T7159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 271.106068][ T7979] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 271.180846][ T7979] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 271.867453][ T7979] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 272.209244][ T7170] Bluetooth: hci4: command tx timeout [ 272.844462][ T7979] veth0_vlan: entered promiscuous mode [ 272.912498][ T7979] veth1_vlan: entered promiscuous mode [ 273.032311][ T7979] veth0_macvtap: entered promiscuous mode [ 273.074536][ T7979] veth1_macvtap: entered promiscuous mode [ 273.157939][ T7979] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 273.220816][ T7979] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 273.263916][ T7979] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.312536][ T7979] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.352589][ T7979] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.391850][ T7979] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 273.764574][ T7178] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 273.805041][ T7178] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 273.964375][ T7178] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 274.005850][ T7178] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 274.366901][ T8091] netlink: 504 bytes leftover after parsing attributes in process `syz.2.339'. [ 275.773371][ T7170] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 277.169957][ T8139] FAULT_INJECTION: forcing a failure. [ 277.169957][ T8139] name failslab, interval 1, probability 0, space 0, times 0 [ 277.334303][ T8139] CPU: 0 UID: 0 PID: 8139 Comm: syz.4.346 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 277.334331][ T8139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 277.334341][ T8139] Call Trace: [ 277.334348][ T8139] [ 277.334363][ T8139] dump_stack_lvl+0x16c/0x1f0 [ 277.334393][ T8139] should_fail_ex+0x512/0x640 [ 277.334417][ T8139] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 277.334445][ T8139] should_failslab+0xc2/0x120 [ 277.334462][ T8139] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 277.334486][ T8139] ? __skb_ext_alloc+0x1a/0x80 [ 277.334510][ T8139] __skb_ext_alloc+0x1a/0x80 [ 277.334528][ T8139] mptcp_sendmsg_frag+0x4f0/0x2de0 [ 277.334559][ T8139] ? __pfx_mptcp_sendmsg_frag+0x10/0x10 [ 277.334582][ T8139] __subflow_push_pending+0x345/0xac0 [ 277.334614][ T8139] __mptcp_push_pending+0x2ce/0x550 [ 277.334641][ T8139] ? __pfx___mptcp_push_pending+0x10/0x10 [ 277.334666][ T8139] ? alloc_pages_noprof+0x23c/0x390 [ 277.334683][ T8139] ? skb_page_frag_refill+0x11d/0x5a0 [ 277.334704][ T8139] mptcp_sendmsg+0x17a4/0x1eb0 [ 277.334738][ T8139] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 277.334762][ T8139] ? __pfx_aa_sk_perm+0x10/0x10 [ 277.334780][ T8139] ? lockdep_hardirqs_on+0x7c/0x110 [ 277.334806][ T8139] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 277.334830][ T8139] inet_sendmsg+0x119/0x140 [ 277.334854][ T8139] sock_write_iter+0x4aa/0x5b0 [ 277.334873][ T8139] ? __pfx_sock_write_iter+0x10/0x10 [ 277.334899][ T8139] ? bpf_lsm_file_permission+0x9/0x10 [ 277.334917][ T8139] ? security_file_permission+0x71/0x210 [ 277.334938][ T8139] ? rw_verify_area+0xcf/0x680 [ 277.334960][ T8139] vfs_write+0x6c7/0x1150 [ 277.334984][ T8139] ? __pfx_sock_write_iter+0x10/0x10 [ 277.335004][ T8139] ? __pfx_vfs_write+0x10/0x10 [ 277.335025][ T8139] ? find_held_lock+0x2b/0x80 [ 277.335054][ T8139] ksys_write+0x1f8/0x250 [ 277.335077][ T8139] ? __pfx_ksys_write+0x10/0x10 [ 277.335106][ T8139] do_syscall_64+0xcd/0x490 [ 277.335132][ T8139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.335149][ T8139] RIP: 0033:0x7fbff178e929 [ 277.335163][ T8139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 277.335178][ T8139] RSP: 002b:00007fbfef5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 277.335194][ T8139] RAX: ffffffffffffffda RBX: 00007fbff19b6080 RCX: 00007fbff178e929 [ 277.335205][ T8139] RDX: 000000000000fdef RSI: 0000000000000000 RDI: 0000000000000003 [ 277.335214][ T8139] RBP: 00007fbff1810b39 R08: 0000000000000000 R09: 0000000000000000 [ 277.335223][ T8139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.335232][ T8139] R13: 0000000000000000 R14: 00007fbff19b6080 R15: 00007fff075b1ba8 [ 277.335253][ T8139] [ 277.613391][ T8148] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 278.258337][ T8166] FAULT_INJECTION: forcing a failure. [ 278.258337][ T8166] name failslab, interval 1, probability 0, space 0, times 0 [ 278.350876][ T8166] CPU: 0 UID: 0 PID: 8166 Comm: syz.2.351 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 278.350904][ T8166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 278.350914][ T8166] Call Trace: [ 278.350920][ T8166] [ 278.350927][ T8166] dump_stack_lvl+0x16c/0x1f0 [ 278.350957][ T8166] should_fail_ex+0x512/0x640 [ 278.350981][ T8166] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 278.351005][ T8166] should_failslab+0xc2/0x120 [ 278.351022][ T8166] __kmalloc_cache_noprof+0x6a/0x3e0 [ 278.351043][ T8166] ? ktime_get_coarse_real_ts64_mg+0x240/0x300 [ 278.351065][ T8166] ? hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 278.351091][ T8166] hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 278.351122][ T8166] hugetlb_reserve_pages+0x149/0xe10 [ 278.351145][ T8166] ? __pfx_hugetlb_reserve_pages+0x10/0x10 [ 278.351165][ T8166] ? atime_needs_update+0x8b/0x710 [ 278.351189][ T8166] hugetlbfs_file_mmap+0x4a1/0x730 [ 278.351220][ T8166] __mmap_region+0x128b/0x25e0 [ 278.351248][ T8166] ? __pfx___mmap_region+0x10/0x10 [ 278.351277][ T8166] ? is_bpf_text_address+0x94/0x1a0 [ 278.351300][ T8166] ? kernel_text_address+0x8d/0x100 [ 278.351325][ T8166] ? __kernel_text_address+0xd/0x40 [ 278.351349][ T8166] ? unwind_get_return_address+0x59/0xa0 [ 278.351374][ T8166] ? arch_stack_walk+0xa6/0x100 [ 278.351410][ T8166] ? __pfx_stack_trace_save+0x10/0x10 [ 278.351427][ T8166] ? stack_depot_save_flags+0x28/0xa40 [ 278.351478][ T8166] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 278.351504][ T8166] mmap_region+0x32b/0x3f0 [ 278.351533][ T8166] do_mmap+0xa3e/0x1210 [ 278.351555][ T8166] ? __pfx_do_mmap+0x10/0x10 [ 278.351574][ T8166] ? __pfx_down_write_killable+0x10/0x10 [ 278.351596][ T8166] vm_mmap_pgoff+0x281/0x450 [ 278.351617][ T8166] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 278.351632][ T8166] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 278.351651][ T8166] ? hugetlbfs_get_inode+0x31f/0x730 [ 278.351675][ T8166] ksys_mmap_pgoff+0x1c8/0x5c0 [ 278.351696][ T8166] __x64_sys_mmap+0x125/0x190 [ 278.351721][ T8166] do_syscall_64+0xcd/0x490 [ 278.351749][ T8166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.351766][ T8166] RIP: 0033:0x7fc3d178e929 [ 278.351780][ T8166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.351795][ T8166] RSP: 002b:00007fc3cf5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 278.351812][ T8166] RAX: ffffffffffffffda RBX: 00007fc3d19b5fa0 RCX: 00007fc3d178e929 [ 278.351823][ T8166] RDX: 0000000000000401 RSI: 0000000000a00006 RDI: 0000000000c00000 [ 278.351833][ T8166] RBP: 00007fc3d1810b39 R08: 0000000000000602 R09: 0000300000000000 [ 278.351842][ T8166] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 278.351852][ T8166] R13: 0000000000000000 R14: 00007fc3d19b5fa0 R15: 00007fffadba63e8 [ 278.351873][ T8166] [ 279.623427][ T8149] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 282.919321][ T8246] [U]  [ 282.922308][ T8246] [U] [ 282.924999][ T8246] [U] [ 282.927687][ T8246] [U] [ 282.979762][ T8249] [U] [ 283.120002][ T8246] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– [ 283.795031][ T8260] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 287.033785][ T7170] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 287.074270][ T8337] Console: switching to colour VGA+ 80x25 [ 288.456435][ T8366] netlink: 504 bytes leftover after parsing attributes in process `syz.2.382'. [ 290.631314][ T8375] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 290.640807][ T8375] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 290.646948][ T8375] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 290.655699][ T8375] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 290.662372][ T8375] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 290.671423][ T8375] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 290.682683][ T8375] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 290.689588][ T7170] Bluetooth: hci0: command 0x0c1a tx timeout [ 290.703609][ T8384] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 291.056354][ T8408] netlink: 326 bytes leftover after parsing attributes in process `syz.4.389'. [ 291.190638][ T8410] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 291.486325][ T8416] syz.3.391 uses obsolete (PF_INET,SOCK_PACKET) [ 291.575402][ T7170] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 291.575430][ T7170] Bluetooth: hci0: unexpected subevent 0x0a length: 725 > 30 [ 292.689844][ T7160] Bluetooth: hci4: command 0x0c1a tx timeout [ 292.696680][ T7170] Bluetooth: hci3: command 0x0c1a tx timeout [ 292.704371][ T7170] Bluetooth: hci1: command 0x0c1a tx timeout [ 292.711471][ T7160] Bluetooth: hci2: command 0x0c1a tx timeout [ 294.773123][ T8446] Bluetooth: hci4: command 0x0c1a tx timeout [ 294.885276][ T8446] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 294.885304][ T8446] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 294.903159][ T8446] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 294.903196][ T8446] Bluetooth: hci0: adv larger than maximum supported [ 294.910424][ T8446] Bluetooth: hci0: adv larger than maximum supported [ 294.917151][ T8446] Bluetooth: hci0: Unknown advertising packet type: 0x72 [ 294.924588][ T8446] Bluetooth: hci0: adv larger than maximum supported [ 294.932453][ T8446] Bluetooth: hci0: Malformed LE Event: 0x0d [ 295.652737][ T8446] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 296.226282][ T8446] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 296.571438][ T8523] program syz.3.407 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 296.852938][ T8446] Bluetooth: hci4: command 0x0c1a tx timeout [ 297.383790][ T8536] netlink: 504 bytes leftover after parsing attributes in process `syz.4.412'. [ 299.196435][ T8446] Bluetooth: hci3: unexpected event 0x02 length: 726 > 260 [ 299.753244][ T8446] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 301.309295][ T8614] program syz.3.425 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 302.870336][ T8446] Bluetooth: hci0: unexpected event 0x02 length: 726 > 260 [ 304.845499][ T8669] netlink: 504 bytes leftover after parsing attributes in process `syz.3.436'. [ 306.805579][ T8712] netlink: 504 bytes leftover after parsing attributes in process `syz.2.439'. [ 308.060499][ T8737] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input18 [ 310.597029][ T8788] netlink: 504 bytes leftover after parsing attributes in process `syz.4.452'. [ 311.555638][ T8771] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 311.580489][ T8771] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 311.597776][ T8771] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 311.607449][ T8771] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 311.616950][ T8771] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 312.129259][ T8446] Bluetooth: hci0: command 0x0c1a tx timeout [ 313.649630][ T7981] Bluetooth: hci3: command 0x0c1a tx timeout [ 313.655716][ T7170] Bluetooth: hci1: command 0x0c1a tx timeout [ 313.663468][ T7170] Bluetooth: hci2: command 0x0c1a tx timeout [ 313.669650][ T8446] Bluetooth: hci4: command 0x0c1a tx timeout [ 315.923739][ T8870] netlink: 504 bytes leftover after parsing attributes in process `syz.4.465'. [ 322.454540][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.463150][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.216841][ T9003] can: request_module (can-proto-3) failed. [ 326.848398][ T9066] netlink: 28 bytes leftover after parsing attributes in process `syz.2.499'. [ 326.895017][ T9066] ipvlan1: entered allmulticast mode [ 326.939234][ T9066] veth0_vlan: entered allmulticast mode [ 327.018285][ T9071] netlink: 330 bytes leftover after parsing attributes in process `syz.2.499'. [ 327.206343][ T9066] netlink: 20 bytes leftover after parsing attributes in process `syz.2.499'. [ 330.394921][ T9092] mkiss: ax0: crc mode is auto. [ 335.338409][ T9123] random: crng reseeded on system resumption [ 342.404483][ T9164] usb usb28: usbfs: process 9164 (syz.2.516) did not claim interface 0 before use [ 344.283496][ T9170] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.887119][ T7160] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 344.896834][ T7160] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 344.907279][ T7160] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 344.916976][ T7160] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 344.925305][ T7160] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 347.013264][ T8843] Bluetooth: hci5: command tx timeout [ 348.004762][ T9177] chnl_net:caif_netlink_parms(): no params data found [ 348.810502][ T9177] bridge0: port 1(bridge_slave_0) entered blocking state [ 348.841822][ T9177] bridge0: port 1(bridge_slave_0) entered disabled state [ 348.869102][ T9177] bridge_slave_0: entered allmulticast mode [ 348.876307][ T9177] bridge_slave_0: entered promiscuous mode [ 348.940959][ T9177] bridge0: port 2(bridge_slave_1) entered blocking state [ 348.979239][ T9177] bridge0: port 2(bridge_slave_1) entered disabled state [ 349.029698][ T9177] bridge_slave_1: entered allmulticast mode [ 349.037541][ T9177] bridge_slave_1: entered promiscuous mode [ 349.090812][ T8843] Bluetooth: hci5: command tx timeout [ 349.471373][ T9177] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 349.551040][ T9177] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 349.771622][ T9177] team0: Port device team_slave_0 added [ 350.007594][ T9177] team0: Port device team_slave_1 added [ 351.165811][ T9177] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 351.174759][ T8843] Bluetooth: hci5: command tx timeout [ 351.232990][ T9177] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 351.645767][ T9177] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 351.745005][ T9177] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 351.790181][ T9177] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 351.816104][ C0] vkms_vblank_simulate: vblank timer overrun [ 352.109229][ T9177] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 353.026798][ T9177] hsr_slave_0: entered promiscuous mode [ 353.119913][ T9177] hsr_slave_1: entered promiscuous mode [ 353.126116][ T9177] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 353.250310][ T8843] Bluetooth: hci5: command tx timeout [ 353.370333][ T9177] Cannot create hsr debugfs directory [ 355.187310][ T9177] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 355.300455][ T9177] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 355.453650][ T9177] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 355.534388][ T9177] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 355.887912][ T9177] 8021q: adding VLAN 0 to HW filter on device bond0 [ 355.962037][ T9177] 8021q: adding VLAN 0 to HW filter on device team0 [ 356.041964][ T7159] bridge0: port 1(bridge_slave_0) entered blocking state [ 356.049179][ T7159] bridge0: port 1(bridge_slave_0) entered forwarding state [ 356.120765][ T7159] bridge0: port 2(bridge_slave_1) entered blocking state [ 356.128888][ T7159] bridge0: port 2(bridge_slave_1) entered forwarding state [ 356.416001][ T9177] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 356.511559][ T9177] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 356.583044][ T9255] binder: 9254:9255 unknown command 3 [ 356.612733][ T9255] binder: 9254:9255 ioctl c0306201 0 returned -22 [ 357.303723][ T9177] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 358.498639][ T9177] veth0_vlan: entered promiscuous mode [ 358.597750][ T9177] veth1_vlan: entered promiscuous mode [ 358.706832][ T9177] veth0_macvtap: entered promiscuous mode [ 358.823534][ T9177] veth1_macvtap: entered promiscuous mode [ 359.003348][ T9177] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 359.149618][ T9177] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 359.325828][ T9177] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.375778][ T9177] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.417469][ T9177] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.451459][ T9177] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 359.972137][ T8685] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 360.039029][ T8685] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 360.157661][ T8087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 360.197967][ T8087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 362.213410][ T9321] netlink: 28 bytes leftover after parsing attributes in process `syz.1.542'. [ 362.937372][ T9336] netlink: 504 bytes leftover after parsing attributes in process `syz.1.543'. [ 362.951720][ T9316] FAULT_INJECTION: forcing a failure. [ 362.951720][ T9316] name failslab, interval 1, probability 0, space 0, times 0 [ 363.144638][ T9316] CPU: 0 UID: 0 PID: 9316 Comm: syz.4.539 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 363.144665][ T9316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 363.144674][ T9316] Call Trace: [ 363.144680][ T9316] [ 363.144687][ T9316] dump_stack_lvl+0x16c/0x1f0 [ 363.144719][ T9316] should_fail_ex+0x512/0x640 [ 363.144742][ T9316] ? fs_reclaim_acquire+0xae/0x150 [ 363.144763][ T9316] ? tomoyo_encode2+0x100/0x3e0 [ 363.144785][ T9316] should_failslab+0xc2/0x120 [ 363.144801][ T9316] __kmalloc_noprof+0xd2/0x510 [ 363.144824][ T9316] ? d_absolute_path+0x136/0x1a0 [ 363.144845][ T9316] tomoyo_encode2+0x100/0x3e0 [ 363.144870][ T9316] tomoyo_encode+0x29/0x50 [ 363.144895][ T9316] tomoyo_realpath_from_path+0x18f/0x6e0 [ 363.144924][ T9316] tomoyo_check_open_permission+0x2ab/0x3c0 [ 363.144944][ T9316] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 363.144987][ T9316] ? do_raw_spin_lock+0x12c/0x2b0 [ 363.145018][ T9316] tomoyo_file_open+0x6b/0x90 [ 363.145043][ T9316] security_file_open+0x84/0x1e0 [ 363.145065][ T9316] do_dentry_open+0x596/0x1c10 [ 363.145095][ T9316] vfs_open+0x82/0x3f0 [ 363.145116][ T9316] path_openat+0x1de4/0x2cb0 [ 363.145147][ T9316] ? __pfx_path_openat+0x10/0x10 [ 363.145171][ T9316] ? __lock_acquire+0xb8a/0x1c90 [ 363.145195][ T9316] do_filp_open+0x20b/0x470 [ 363.145218][ T9316] ? __pfx_do_filp_open+0x10/0x10 [ 363.145257][ T9316] ? alloc_fd+0x471/0x7d0 [ 363.145286][ T9316] do_sys_openat2+0x11b/0x1d0 [ 363.145303][ T9316] ? __pfx_do_sys_openat2+0x10/0x10 [ 363.145330][ T9316] __x64_sys_openat+0x174/0x210 [ 363.145348][ T9316] ? __pfx___x64_sys_openat+0x10/0x10 [ 363.145376][ T9316] do_syscall_64+0xcd/0x490 [ 363.145403][ T9316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.145419][ T9316] RIP: 0033:0x7fbff178e929 [ 363.145434][ T9316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 363.145449][ T9316] RSP: 002b:00007fbfef5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 363.145465][ T9316] RAX: ffffffffffffffda RBX: 00007fbff19b6080 RCX: 00007fbff178e929 [ 363.145476][ T9316] RDX: 0000000000000802 RSI: 0000200000000480 RDI: ffffffffffffff9c [ 363.145486][ T9316] RBP: 00007fbff1810b39 R08: 0000000000000000 R09: 0000000000000000 [ 363.145503][ T9316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 363.145512][ T9316] R13: 0000000000000000 R14: 00007fbff19b6080 R15: 00007fff075b1ba8 [ 363.145534][ T9316] [ 363.145570][ T9316] ERROR: Out of memory at tomoyo_realpath_from_path. [ 364.392022][ T9353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.546'. [ 364.496245][ T9353] netlink: 4 bytes leftover after parsing attributes in process `syz.1.546'. [ 367.389724][ T9387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.551'. [ 367.439982][ T9387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.551'. [ 368.419660][ T9405] i2c i2c-0: new_device: Instantiated device card: at 0x01 [ 368.562339][ T9405] FAULT_INJECTION: forcing a failure. [ 368.562339][ T9405] name failslab, interval 1, probability 0, space 0, times 0 [ 368.648388][ T9405] CPU: 0 UID: 0 PID: 9405 Comm: syz.5.555 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 368.648417][ T9405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 368.648427][ T9405] Call Trace: [ 368.648433][ T9405] [ 368.648440][ T9405] dump_stack_lvl+0x16c/0x1f0 [ 368.648470][ T9405] should_fail_ex+0x512/0x640 [ 368.648499][ T9405] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 368.648526][ T9405] should_failslab+0xc2/0x120 [ 368.648542][ T9405] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 368.648567][ T9405] ? proc_alloc_inode+0x25/0x200 [ 368.648593][ T9405] ? __pfx_proc_alloc_inode+0x10/0x10 [ 368.648615][ T9405] proc_alloc_inode+0x25/0x200 [ 368.648641][ T9405] alloc_inode+0x61/0x240 [ 368.648658][ T9405] new_inode+0x22/0x1c0 [ 368.648677][ T9405] proc_pid_make_inode+0x22/0x160 [ 368.648700][ T9405] proc_pident_instantiate+0x85/0x320 [ 368.648725][ T9405] proc_fill_cache+0x361/0x470 [ 368.648747][ T9405] ? __pfx_proc_pident_instantiate+0x10/0x10 [ 368.648771][ T9405] ? __pfx_proc_fill_cache+0x10/0x10 [ 368.648817][ T9405] proc_pident_readdir+0x1bc/0x560 [ 368.648845][ T9405] iterate_dir+0x296/0xb40 [ 368.648868][ T9405] __x64_sys_getdents+0x13c/0x2b0 [ 368.648888][ T9405] ? __pfx___x64_sys_getdents+0x10/0x10 [ 368.648909][ T9405] ? __pfx_filldir+0x10/0x10 [ 368.648936][ T9405] do_syscall_64+0xcd/0x490 [ 368.648963][ T9405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.648979][ T9405] RIP: 0033:0x7f6860f8e929 [ 368.648993][ T9405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 368.649008][ T9405] RSP: 002b:00007f6861e73038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 368.649025][ T9405] RAX: ffffffffffffffda RBX: 00007f68611b5fa0 RCX: 00007f6860f8e929 [ 368.649035][ T9405] RDX: 00000000000003f1 RSI: 0000000000000000 RDI: 0000000000000008 [ 368.649044][ T9405] RBP: 00007f6861010b39 R08: 0000000000000000 R09: 0000000000000000 [ 368.649054][ T9405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 368.649063][ T9405] R13: 0000000000000000 R14: 00007f68611b5fa0 R15: 00007fff21188878 [ 368.649084][ T9405] [ 369.333491][ T9413] FAULT_INJECTION: forcing a failure. [ 369.333491][ T9413] name failslab, interval 1, probability 0, space 0, times 0 [ 369.368962][ T9413] CPU: 0 UID: 0 PID: 9413 Comm: syz.4.556 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 369.368989][ T9413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 369.368999][ T9413] Call Trace: [ 369.369005][ T9413] [ 369.369012][ T9413] dump_stack_lvl+0x16c/0x1f0 [ 369.369042][ T9413] should_fail_ex+0x512/0x640 [ 369.369066][ T9413] ? __kmalloc_noprof+0xbf/0x510 [ 369.369092][ T9413] ? lsm_blob_alloc+0x68/0x90 [ 369.369116][ T9413] should_failslab+0xc2/0x120 [ 369.369131][ T9413] __kmalloc_noprof+0xd2/0x510 [ 369.369158][ T9413] ? __pfx_test_keyed_super+0x10/0x10 [ 369.369177][ T9413] lsm_blob_alloc+0x68/0x90 [ 369.369201][ T9413] security_sb_alloc+0x28/0x230 [ 369.369218][ T9413] alloc_super+0x23d/0xbd0 [ 369.369238][ T9413] ? sget_fc+0xd3/0xc20 [ 369.369261][ T9413] ? __pfx_test_keyed_super+0x10/0x10 [ 369.369278][ T9413] sget_fc+0x116/0xc20 [ 369.369300][ T9413] ? __pfx_set_anon_super_fc+0x10/0x10 [ 369.369320][ T9413] ? __pfx_rpc_fill_super+0x10/0x10 [ 369.369343][ T9413] get_tree_keyed+0x59/0x1d0 [ 369.369366][ T9413] vfs_get_tree+0x8b/0x340 [ 369.369384][ T9413] vfs_cmd_create+0xd7/0x2a0 [ 369.369411][ T9413] __do_sys_fsconfig+0x7b8/0xbe0 [ 369.369428][ T9413] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 369.369461][ T9413] do_syscall_64+0xcd/0x490 [ 369.369487][ T9413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.369505][ T9413] RIP: 0033:0x7fbff178e929 [ 369.369519][ T9413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.369534][ T9413] RSP: 002b:00007fbfef5d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 369.369550][ T9413] RAX: ffffffffffffffda RBX: 00007fbff19b6080 RCX: 00007fbff178e929 [ 369.369560][ T9413] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000004 [ 369.369569][ T9413] RBP: 00007fbff1810b39 R08: 0000000000000000 R09: 0000000000000000 [ 369.369579][ T9413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 369.369588][ T9413] R13: 0000000000000000 R14: 00007fbff19b6080 R15: 00007fff075b1ba8 [ 369.369609][ T9413] [ 370.266688][ T9425] netlink: 8 bytes leftover after parsing attributes in process `syz.5.561'. [ 370.307283][ T9425] netlink: 8 bytes leftover after parsing attributes in process `syz.5.561'. [ 370.585322][ T9432] program syz.4.562 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 373.254738][ T9474] program syz.2.572 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 374.085715][ T9486] FAULT_INJECTION: forcing a failure. [ 374.085715][ T9486] name failslab, interval 1, probability 0, space 0, times 0 [ 374.160875][ T9486] CPU: 0 UID: 0 PID: 9486 Comm: syz.2.575 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 374.160903][ T9486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 374.160913][ T9486] Call Trace: [ 374.160919][ T9486] [ 374.160926][ T9486] dump_stack_lvl+0x16c/0x1f0 [ 374.160956][ T9486] should_fail_ex+0x512/0x640 [ 374.160984][ T9486] should_failslab+0xc2/0x120 [ 374.161001][ T9486] __kmalloc_cache_noprof+0x6a/0x3e0 [ 374.161024][ T9486] ? once_disable_jump+0x46/0x200 [ 374.161050][ T9486] once_disable_jump+0x46/0x200 [ 374.161075][ T9486] inet6_ehashfn+0x420/0x4f0 [ 374.161093][ T9486] ? __pfx_inet6_ehashfn+0x10/0x10 [ 374.161111][ T9486] ? find_held_lock+0x2b/0x80 [ 374.161131][ T9486] inet6_hash_connect+0xe2/0x180 [ 374.161151][ T9486] tcp_v6_connect+0x1301/0x2170 [ 374.161174][ T9486] ? __pfx_tcp_v6_connect+0x10/0x10 [ 374.161190][ T9486] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 374.161222][ T9486] ? __lock_acquire+0xb8a/0x1c90 [ 374.161246][ T9486] ? __inet_stream_connect+0x3c8/0x1020 [ 374.161268][ T9486] __inet_stream_connect+0x3c8/0x1020 [ 374.161295][ T9486] ? __pfx___inet_stream_connect+0x10/0x10 [ 374.161317][ T9486] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 374.161343][ T9486] ? __pfx_inet_stream_connect+0x10/0x10 [ 374.161366][ T9486] ? __local_bh_enable_ip+0xa4/0x120 [ 374.161392][ T9486] ? __pfx_inet_stream_connect+0x10/0x10 [ 374.161413][ T9486] inet_stream_connect+0x57/0xa0 [ 374.161436][ T9486] __sys_connect_file+0x13e/0x1a0 [ 374.161461][ T9486] __sys_connect+0x13b/0x160 [ 374.161482][ T9486] ? __pfx___sys_connect+0x10/0x10 [ 374.161510][ T9486] ? xfd_validate_state+0x61/0x180 [ 374.161531][ T9486] ? __sys_setsockopt+0x140/0x1a0 [ 374.161559][ T9486] __x64_sys_connect+0x72/0xb0 [ 374.161579][ T9486] ? lockdep_hardirqs_on+0x7c/0x110 [ 374.161602][ T9486] do_syscall_64+0xcd/0x490 [ 374.161628][ T9486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 374.161645][ T9486] RIP: 0033:0x7fc3d178e929 [ 374.161659][ T9486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 374.161674][ T9486] RSP: 002b:00007fc3cf5f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 374.161690][ T9486] RAX: ffffffffffffffda RBX: 00007fc3d19b5fa0 RCX: 00007fc3d178e929 [ 374.161701][ T9486] RDX: 000000000000001b RSI: 00002000000018c0 RDI: 0000000000000003 [ 374.161710][ T9486] RBP: 00007fc3d1810b39 R08: 0000000000000000 R09: 0000000000000000 [ 374.161719][ T9486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 374.161728][ T9486] R13: 0000000000000000 R14: 00007fc3d19b5fa0 R15: 00007fffadba63e8 [ 374.161749][ T9486] [ 374.429521][ C0] vkms_vblank_simulate: vblank timer overrun [ 376.006749][ T9517] binder: 9511:9517 unknown command 3 [ 376.034322][ T9517] binder: 9511:9517 ioctl c0306201 0 returned -22 [ 376.851087][ T31] INFO: task kworker/u10:2:7164 blocked for more than 143 seconds. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 376.895299][ T31] Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 [ 376.964861][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 377.030143][ T31] task:kworker/u10:2 state:D stack:26952 pid:7164 tgid:7164 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 377.124681][ T31] Workqueue: netns cleanup_net [ 377.155067][ T31] Call Trace: [ 377.158413][ T31] [ 377.244803][ T31] __schedule+0x116a/0x5de0 [ 377.282849][ T31] ? __lock_acquire+0x622/0x1c90 [ 377.287931][ T31] ? __pfx___schedule+0x10/0x10 [ 377.358714][ T31] ? find_held_lock+0x2b/0x80 [ 377.363452][ T31] ? schedule+0x2d7/0x3a0 [ 377.406317][ T31] schedule+0xe7/0x3a0 [ 377.448835][ T31] schedule_timeout+0x257/0x290 [ 377.453740][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 377.498825][ T31] ? mark_held_locks+0x49/0x80 [ 377.504673][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 377.530788][ T31] __wait_for_common+0x2ff/0x4e0 [ 377.535782][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 377.545333][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 377.558943][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 377.564171][ T31] ? flush_workqueue_prep_pwqs+0x2e9/0x510 [ 377.601017][ T31] __flush_workqueue+0x3e2/0x1230 [ 377.620843][ T31] ? __pfx___flush_workqueue+0x10/0x10 [ 377.626360][ T31] ? reacquire_held_locks+0xcd/0x1f0 [ 377.645503][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 377.651337][ T31] ? __pfx_sock_def_readable+0x10/0x10 [ 377.656818][ T31] rds_tcp_listen_stop+0x104/0x150 [ 377.668891][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 377.688699][ T31] rds_tcp_exit_net+0xcb/0x810 [ 377.693512][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 377.718821][ T31] ? __pfx___might_resched+0x10/0x10 [ 377.724157][ T31] ? __pfx_rds_tcp_exit_net+0x10/0x10 [ 377.742966][ T31] ops_undo_list+0x2eb/0xab0 [ 377.747632][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 377.771012][ T31] ? __local_bh_enable_ip+0xa4/0x120 [ 377.795118][ T31] cleanup_net+0x408/0x890 [ 377.800228][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 377.805186][ T31] ? rcu_is_watching+0x12/0xc0 [ 377.830849][ T31] process_one_work+0x9cc/0x1b70 [ 377.835845][ T31] ? __pfx_toggle_allocation_gate+0x10/0x10 [ 377.851581][ T31] ? __pfx_process_one_work+0x10/0x10 [ 377.857007][ T31] ? assign_work+0x1a0/0x250 [ 377.875299][ T31] worker_thread+0x6c8/0xf10 [ 377.893385][ T31] ? __kthread_parkme+0x19e/0x250 [ 377.903543][ T31] ? __pfx_worker_thread+0x10/0x10 [ 377.911062][ T31] kthread+0x3c5/0x780 [ 377.916468][ T31] ? __pfx_kthread+0x10/0x10 [ 377.921352][ T31] ? rcu_is_watching+0x12/0xc0 [ 377.926129][ T31] ? __pfx_kthread+0x10/0x10 [ 377.933116][ T31] ret_from_fork+0x5d4/0x6f0 [ 377.938509][ T31] ? __pfx_kthread+0x10/0x10 [ 377.943476][ T31] ret_from_fork_asm+0x1a/0x30 [ 377.948388][ T31] [ 378.026415][ T31] [ 378.026415][ T31] Showing all locks held in the system: [ 378.105001][ T31] 1 lock held by khungtaskd/31: [ 378.132869][ T31] #0: ffffffff8e5c47c0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 378.201464][ T31] 2 locks held by getty/5593: [ 378.206184][ T31] #0: ffff88814c9340a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 378.292563][ T31] #1: ffffc90002fee2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 378.350775][ T31] 1 lock held by udevd/5839: [ 378.355425][ T31] 1 lock held by syz.1.28/6090: [ 378.418722][ T31] #0: ffffffff8e5cfdb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0 [ 378.487427][ T31] 3 locks held by kworker/u10:2/7164: [ 378.518689][ T31] #0: ffff88801c6fe148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 378.572033][ T31] #1: ffffc9000412fd10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 378.638794][ T31] #2: ffffffff90337c90 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x890 [ 378.648185][ T31] 1 lock held by syz.0.281/7722: [ 378.715999][ T31] #0: ffffffff90337c90 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 378.747357][ T31] 1 lock held by syz.3.501/9077: [ 378.754652][ T31] #0: ffffffff90337c90 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x286/0x5f0 [ 378.764290][ T31] 1 lock held by syz.2.575/9485: [ 378.783028][ T31] #0: ffffffff9034dce8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 378.798831][ T31] 5 locks held by syz.5.580/9522: [ 378.805714][ T31] #0: ffff8880425b0dc0 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90 [ 378.817752][ T31] #1: ffff8880425b00b8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ae/0x11d0 [ 378.827622][ T31] #2: ffffffff905bf3c8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xbb/0x260 [ 378.841257][ T31] #3: ffff88814cb21338 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x80/0x730 [ 378.850821][ T31] #4: ffffffff8e5cfdb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a3/0x3c0 [ 378.863066][ T31] 1 lock held by syz.4.581/9528: [ 378.868005][ T31] #0: ffffffff9034dce8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230 [ 378.952770][ T31] [ 378.955156][ T31] ============================================= [ 378.955156][ T31] [ 379.017754][ T31] NMI backtrace for cpu 0 [ 379.017773][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 379.017795][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 379.017805][ T31] Call Trace: [ 379.017811][ T31] [ 379.017818][ T31] dump_stack_lvl+0x116/0x1f0 [ 379.017848][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 379.017867][ T31] ? _raw_spin_unlock_irqrestore+0x61/0x80 [ 379.017892][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 379.017914][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 379.017937][ T31] watchdog+0xf70/0x12c0 [ 379.017965][ T31] ? __pfx_watchdog+0x10/0x10 [ 379.017988][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 379.018014][ T31] ? __kthread_parkme+0x19e/0x250 [ 379.018035][ T31] ? __pfx_watchdog+0x10/0x10 [ 379.018058][ T31] kthread+0x3c5/0x780 [ 379.018081][ T31] ? __pfx_kthread+0x10/0x10 [ 379.018105][ T31] ? rcu_is_watching+0x12/0xc0 [ 379.018122][ T31] ? __pfx_kthread+0x10/0x10 [ 379.018145][ T31] ret_from_fork+0x5d4/0x6f0 [ 379.018166][ T31] ? __pfx_kthread+0x10/0x10 [ 379.018189][ T31] ret_from_fork_asm+0x1a/0x30 [ 379.018215][ T31] [ 379.018224][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 379.143292][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(full) [ 379.155100][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 379.165151][ T31] Call Trace: [ 379.168430][ T31] [ 379.171361][ T31] dump_stack_lvl+0x3d/0x1f0 [ 379.175962][ T31] panic+0x71c/0x800 [ 379.179864][ T31] ? __pfx_panic+0x10/0x10 [ 379.184374][ T31] ? ret_from_fork_asm+0x1a/0x30 [ 379.189323][ T31] ? nmi_backtrace_stall_check+0x6e/0x540 [ 379.195065][ T31] ? irq_work_queue+0xce/0x100 [ 379.199843][ T31] ? watchdog+0xdda/0x12c0 [ 379.204275][ T31] ? watchdog+0xdcd/0x12c0 [ 379.208720][ T31] watchdog+0xdeb/0x12c0 [ 379.212978][ T31] ? __pfx_watchdog+0x10/0x10 [ 379.217663][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 379.222872][ T31] ? __kthread_parkme+0x19e/0x250 [ 379.227904][ T31] ? __pfx_watchdog+0x10/0x10 [ 379.232609][ T31] kthread+0x3c5/0x780 [ 379.236702][ T31] ? __pfx_kthread+0x10/0x10 [ 379.241317][ T31] ? rcu_is_watching+0x12/0xc0 [ 379.246104][ T31] ? __pfx_kthread+0x10/0x10 [ 379.250704][ T31] ret_from_fork+0x5d4/0x6f0 [ 379.255304][ T31] ? __pfx_kthread+0x10/0x10 [ 379.259909][ T31] ret_from_fork_asm+0x1a/0x30 [ 379.264684][ T31] [ 379.267773][ T31] Kernel Offset: disabled [ 379.272099][ T31] Rebooting in 86400 seconds..