last executing test programs: 10.274737852s ago: executing program 1 (id=2530): madvise$auto(0x0, 0x2000040080000003, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop4\x00', 0x0, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, 0x0, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000280)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\xc4\xe2q;KzH\n\xc4\x9b\xf0\xa0p\xa7fFn\xf8\xd18|\x1b\xb1cO\xaa\x14\xbf_5a\xcb\x97\x01)V\xa5\x1b\xa6Ug\x0e\x16\x1e\xd9\xa1\xa3\x1bi\x9a\x8a4\xf3\xfeX/$\xf5\x9c\xf8vp\x9b\xbe\xccE\x1d\x8e\xcc\xacJ\x7fQ3\xd2', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x10, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x24}, 0x68) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000014}, 0x400c810) syz_clone(0x0, 0x0, 0xfffffffffffffd85, 0x0, 0x0, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/dbroot\x00', 0x509000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x42801, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS64(r2, 0xc0385720, &(0x7f0000000040)={0x1, '\x00 \x00', 0xc5, 0xffffffff, 0xeda, 0xbb1b, "011586f1c8b112f0059652a7b9638fe9"}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x7aa8f4c7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 9.934043624s ago: executing program 0 (id=2531): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', 0x0}) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r1) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000300)={0x30, r3, 0x1, 0x70bd2a, 0x25dfdc00, {}, [@ETHTOOL_A_CHANNELS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x2}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x1}]}, 0x30}, 0x1, 0x60, 0x0, 0x8800}, 0x4) 9.555094728s ago: executing program 0 (id=2532): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = setfsuid$auto(0xee01) setresuid$auto(0x0, r1, 0x0) getsid$auto(0x0) write$auto(r0, &(0x7f0000000040)='-#/#]\x00', 0x0) sendmsg$auto_NCSI_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x20000010) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x40200, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f00000001c0)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) openat$nci(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x1f) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48442, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000016c0)='/sys/kernel/cpu_byteorder\x00', 0x80000, 0x0) execveat$auto(r5, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) writev$auto(r4, 0x0, 0x3) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) close_range$auto(0x2, 0x8, 0x0) msgctl$auto(0x0, 0x0, 0x0) 7.869411788s ago: executing program 1 (id=2534): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket(0x1e, 0x1, 0x0) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) r2 = getsockopt$auto(r1, 0x6, 0x9, 0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) (async) ioctl$auto_FS_IOC_SETFSLABEL2(r2, 0x41009432, &(0x7f0000000200)="b882422eb24ed3fb70ab327b8c980fbc8fef361c48dfa5569792b2d1d55a29b176f48af07d6c57389cf99e6ce29f9b3ad19bbe5ae4eb9cfaf44c0dc5c87d1a3519ceee25931f1bf8429c57afdb878fdd24c65f09bb9c0a7e670c8873cee91e9c03680240611a842c9a6807f366cf606096411d202a2174594a29e47959343e44c4bb1f3560bff9fbb998dfd706790c3e95a865481e714aab58c665ebe3e2e2aa3d2d016bd6d44c6df33aef3ba65f2b5907385fc1e90019e823ef423084719ee666d319b97f00db4a9b3a58e9233f2f481f17b800ab8aa9d54285a97c6eeb3df50eb02adc1faa136749e5af32eaff1ea3cd732b6e99b85a792dbc4433730beb73") (async) mmap$auto(0xffffffffffffffff, 0x101, 0x84, 0xebe, 0x200000401, 0x8000) (async) bpf$auto(0x400, &(0x7f0000000000)=@bpf_attr_3={0xfffffc01, 0x2, 0x6, 0x5, 0x1fe, 0x2, 0x1, 0x4, 0x4007, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x4, 0x89, 0xb03, 0xfffffffffffffffd, 0x3ff, 0x7, @attach_prog_fd, 0x40, 0x1, 0x57d, 0x1ff, 0x9}, 0xa3) (async) r4 = socket(0x11, 0x3, 0x400) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) (async) sendmmsg$auto(r4, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000040), 0x5e8}, 0x2, &(0x7f0000000140), 0x7, 0x1000}, 0x5}, 0x2, 0x101) (async) acct$auto(&(0x7f0000000000)='/dev/snd/controlC2\x00') (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xfffffffc, 0x0, 0x5f66, 0x0, 0x0, 0x6}, 0x81}, 0x0, 0x9) (async) close_range$auto(0x2, 0x8000, 0x0) (async) io_uring_setup$auto(0x1, 0x0) (async) close_range$auto(0x0, 0x5, 0x0) inotify_init1$auto(0x3000000000000) (async) poll$auto(&(0x7f0000000d40)={0xffffffffffffffff, 0x1, 0xa}, 0x5, 0x3) (async) io_uring_register$auto(0x2, 0x2, &(0x7f0000000040), 0x86) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = prctl$auto_PR_SYS_DISPATCH_OFF(0x2, 0x0, 0x0, 0x10001, 0x2) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/virtual/net/ifb1/queues/tx-0/byte_queue_limits/stall_max\x00', 0x1a1802, 0x0) read$auto(r7, &(0x7f0000000040)='{$][\x00', 0x401) (async) setsockopt$auto_SO_REUSEPORT(r6, 0x3, 0xf, &(0x7f0000000100)='%\x00', 0xfff) (async) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_MULTICAST_TO_UNICAST(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r3, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 7.296956634s ago: executing program 1 (id=2537): r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/fb0\x00', 0x8140, 0x0) read$auto(r0, 0x0, 0xb4d3) syz_clone3(&(0x7f0000001140)={0x882080, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), {0x28}, &(0x7f00000000c0)=""/4096, 0xffffffffffffff5e, &(0x7f00000010c0)=""/53, &(0x7f0000001100)=[0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff], 0x5}, 0x58) pread64$auto(r0, &(0x7f00000000c0)='\x9a\t\x00\x00\x00\x00\x00\x00\x011\x00\xa6\x83\xc02\xd4V\xadLq{\x04\x84lp\xbb\xff\x9f/\xf0\x1e\x8e\x9d\x80I\x1f\x9f\xb9\xc8d\xa7\xaa\xcd\xa5\x83\'\xf7\xc2\xe4\xff@:@\xc2o,I\x8f\x92d\\\xf7\xaa\xdd\xe5\xb4\x8f\xc3>RQ\a5Zx\xaf8f\xba\xd2>(\xfef7b\xb2+4-\v\xf6:\xefGr\xcav\xc2$\xfes\x06\xc2\x05\xd3\xf6', 0x10000000d, 0x5) 6.752266854s ago: executing program 1 (id=2539): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000240), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) io_uring_setup$auto(0x1, 0x0) r0 = socket(0x11, 0x80003, 0x300) r1 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000080), 0x2140, 0x0) pread64$auto(r1, &(0x7f0000000180)=']y\x00\xaf=\x1ct\xe8j\x02U\xb1\x1f\xcf\xb7pN\x8a\xe1\xed`l\x19\xb2\xe6\x88]>\\q\xc5Z%Lk\xe8\xb0Io\xab]\xe9y\x00\x00\x00\x00|\xce\x8cA\xfd\xf7\xd0i\a\x00\x9a\x16L\x816)\x83/he\b\xb1vG\xf7\xc5\xe5\xe7]LL\x17\x0f\xa0t7)\xbe<\x02\xa6\x12l\xc1a\x8b\xe2\xca\x05\xac\xb5\xce\xc2\x05\x98\xeeZP3T>\xa1\xfa\x96\xefe\xe6P*]\x1e\xce\x14\x8dnU\x16\r\xb13\x98\x02zt&\xc8R\x1b\xbc\x06#(G;\xbb\xab~D\xb5\xc7\xd9\x03hS=z\xb2\xb4}\x96H\xb1R\x87A@0\xe8|\xe5\x0e\x11\xb3\xc6\x1d\xec\xee\xfeB', 0x10, 0x8) setsockopt$auto(r0, 0x107, 0x1, 0x0, 0x8004) unshare$auto(0x40000080) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) write$auto_tty_fops_tty_io(r2, &(0x7f0000000140)="2a3f92", 0x3) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r3 = socket(0xa, 0x3, 0x73) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(r3, 0x29, 0x1, 0x0, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu0/hotplug/target\x00', 0x601, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x23) write$auto(r4, 0x0, 0x1) 6.310361147s ago: executing program 0 (id=2540): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x5) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0xa44) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = socket(0x3, 0x3, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) open(&(0x7f0000000340)='./file0\x00', 0x0, 0x43d) epoll_create$auto(0x5db) lseek$auto(r0, 0x5, 0x810) getdents$auto(r2, &(0x7f00000003c0)={0x100, 0x8000000000000003, 0x4, "374e12ef58b11c1d4bdad3b8d6b36dd93f5721a0223599ce9a04ac7c02a3bc726d20f0193d6cb1ff75530f5895b917a0271b6d905670af4c9bc94814df8406475e9f496ec36339bc8065a868aa833221c75c8d47b89f5229bb8d4716f2e2da76636c845ac312d4f7977fdc15b5486766d4ab9fd4db2aa9f5d9bcc98416d9abcbb48b83f0d116c88aaa3907b27ca2fbd449a3a848e513e25abcce85549ca14693a4f8048121b042f7a03b8ead4b36255fe45a751dca68e763f973443a355c71bf270d41c35bdae9d165"}, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r3, 0x1, &(0x7f0000000000)="1404000000000000") openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/037/001\x00', 0x630001, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_setup$auto(0xffff, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x4b4a, 0x9) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/misc/vmci/power/runtime_active_time\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/controlC1\x00', 0x60800, 0x0) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/hwdep\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r6, &(0x7f0000000280)=""/65, 0x41) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) 5.111424327s ago: executing program 3 (id=2542): madvise$auto(0x0, 0x2000040080000003, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop4\x00', 0x0, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, 0x0, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000280)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc\xc4\xe2q;KzH\n\xc4\x9b\xf0\xa0p\xa7fFn\xf8\xd18|\x1b\xb1cO\xaa\x14\xbf_5a\xcb\x97\x01)V\xa5\x1b\xa6Ug\x0e\x16\x1e\xd9\xa1\xa3\x1bi\x9a\x8a4\xf3\xfeX/$\xf5\x9c\xf8vp\x9b\xbe\xccE\x1d\x8e\xcc\xacJ\x7fQ3\xd2', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x10, 0x2, 0x0) setsockopt$auto(0xffffffffffffffff, 0x3, 0x10003, 0x0, 0x40114) bind$auto(0x3, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x24}, 0x68) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000014}, 0x400c810) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/config/target/dbroot\x00', 0x509000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x42801, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_STATUS64(r2, 0xc0385720, &(0x7f0000000040)={0x1, '\x00 \x00', 0xc5, 0xffffffff, 0xeda, 0xbb1b, "011586f1c8b112f0059652a7b9638fe9"}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x7aa8f4c7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 3.69332564s ago: executing program 3 (id=2543): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = inotify_init1$auto(0x9) keyctl$auto_KEYCTL_WATCH_KEY(0x20, 0x5, r0, 0x0, 0x1) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d842, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r3 = ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto(0x3, 0xae41, r4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyu3\x00', 0x1, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, &(0x7f0000000100)="f100c84b48f6bac0faeeedeb4b9c2fb7eea14f1687379443a56045fa2bd07adc0000265b9cadf6637bbac0d9594cb72900fd55ef2135d04c7ba06ebe924c321e337649daa2c2547354878d601f0a557495299d2f41075e10e5b5857546e193611993ac8f5bf9e438dbd798a6877fbe7b92b313a48c285331b3614b5b4d915dafa47b6bbad6447ced607e0f3b3adc0268a57ad2d533fc2e4100"/164) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) r5 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r5, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000480)={&(0x7f0000000240)="4c0c580000000000090000000000000007a4bac083077e", 0x49}, 0x4, &(0x7f0000000180), 0x5, 0x11}, 0x5}, 0x2, 0x100) unshare$auto(0x40000080) mmap$auto(0xfffffffffffffffe, 0x580f, 0x0, 0x8000000008011, 0x3, 0x0) getresgid$auto(0x0, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x180342, 0x0) msgget$auto(0x0, 0x5) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) write$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) 3.34478244s ago: executing program 2 (id=2544): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x2000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r2 = socket(0x2, 0x1, 0x100) getsockopt$auto(r2, 0x0, 0x42, 0x0, &(0x7f00000000c0)=0x1e) inotify_init1$auto(0xfff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)={0x1c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_TX_AGGR_MAX_FRAMES={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x48804) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) read$auto(r1, 0x0, 0x1f40) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x200401, 0x0) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) setsockopt$auto_SO_BSDCOMPAT(r0, 0x7, 0xe, 0x0, 0xfff) close_range$auto(0x2, 0x8, 0x0) 2.52013549s ago: executing program 0 (id=2545): mmap$auto(0x5, 0x4, 0x1d, 0x16, 0xffffffffffffffff, 0xc) mmap$auto(0xfffffffffffffffe, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) timer_create$auto(0x1, 0x0, 0x0) timer_settime$auto(0x0, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10007}, {0x9}}, 0x0) timer_gettime$auto(0x80000001, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x11, 0x3, 0x400) pwrite64$auto(0xc8, 0x0, 0xfdef, 0x500000000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp1\x00', 0x84740, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r1, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value=[0x1ff, 0x3, 0x7, 0x0, 0x5, 0x1, 0x0, 0x10001, 0x2, 0x7, 0x6, 0x4, 0x5, 0xb, 0x100000000, 0x3, 0x0, 0x10, 0x100000000, 0x4, 0x5, 0x10001, 0x2, 0x1, 0x7fffffff, 0x80000000, 0x2, 0x4, 0x10000, 0x8, 0x1e, 0x2, 0x54e, 0x0, 0x1, 0x7, 0x1, 0x7609, 0x7, 0x6, 0x5, 0x5, 0x5, 0x2, 0x8, 0x2, 0x100000001, 0x5, 0x3, 0x3, 0x2, 0x6, 0x7, 0x2, 0x2, 0x0, 0x1000, 0x5, 0x3, 0x5, 0x1, 0x1, 0x2, 0x5], "72ad000cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925a872857fd2f672f85343275f80200000000000000ab45f7259ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c200"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyxe\x00', 0x20181, 0x0) mmap$auto(0x0, 0x800, 0xdf, 0x9b72, 0x2, 0x8000) memfd_create$auto(0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) finit_module$auto(r0, 0xfffffffffffffffe, 0x3) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @broadcast}, 0x68) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) setrlimit$auto(0x9, &(0x7f0000000000)={0xf, 0x1}) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/query\x00', 0x20840, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/query\x00', 0x20840, 0x0) close_range$auto(0x2, 0x8, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000000040)='1\x00', 0x2) 2.514433277s ago: executing program 1 (id=2546): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) r1 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/pcmC0D0c\x00', 0x1, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_REWIND2(r1, 0x40084146, &(0x7f00000001c0)=0x6) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0) preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e) socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) write$auto_tty_fops_tty_io(r0, &(0x7f0000000280)="352c8efa618c0bcf83a4ebdb278754e15f", 0x11) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x5, 0x0, 0x102) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_SCAN(r3, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={&(0x7f0000000140)={0x14, r4, 0xd3ac6c422733a379, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x3f00, 0x0, 0x4004000}, 0x0) write$auto(0x3, 0x0, 0xffd8) 2.40235389s ago: executing program 2 (id=2547): bind$auto(0x3, 0x0, 0x6a) write$auto_console_fops_tty_io(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000) open(0x0, 0x261c2, 0x84) listen$auto(0x3, 0x81) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0xe8) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0xa, 0x2, 0x3a) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x1438bf, 0x0) madvise$auto(0x0, 0x5, 0x14) 2.390861629s ago: executing program 3 (id=2548): openat$auto_cgwb_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bdi/8:0/wb_stats\x00', 0x20000, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x5, 0x1, 0x9, 0x7, 0x5, 0x6, 0x8, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x7, 0x10000000000, 0x0, 0x3, 0x22000, 0x203, 0x9, 0x84, 0x0, 0x4, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x7, 0x6, 0x0, 0x8, 0xfffffffffffffffd, 0x0, 0x0, 0x10000, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x81, 0x968c) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x7ff, 0x400008, 0xdf, 0x9b72, 0x2, 0x5) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x101142, 0x0) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) futimesat$auto(0x2, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0x4040ae77, 0x38) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r2, 0x0, 0x9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{&(0x7f0000000280), 0x1, 0x0, 0x5, 0x0, 0x5, 0x1}, 0x8}, 0xfffffffe, 0x100) pivot_root$auto(0x0, 0x0) open(0x0, 0x7ffd, 0x12) read$auto(0xffffffffffffffff, &(0x7f0000000240)='/proc/scsi/sg\x00\x00\x00\x00ices\x00\r\xe2\xc9\x04\x986\xbc\xb0FI\xb9-E\xe3\x87j\xdes1\xa7\xdf\xc4\b\xb3\xeelc\x7f\xfdg\x18*\a:_\xb0\x92\xacwH\x9c\x9dF\xb1\xc47\x85\xc7\x13\xe1\x19UR\x96\xd8\x86\xd3\xe4\xa9R\x1c\xeb\xc8\xe5X\xfcR\xc7\vdU\x8b\xaa^\xfd\x83#\xc1o\x04\xeca\xbf\x8bYz\xd9\r\xcbk\xfd\x9e\x97\xcbOf\x80', 0x100000001) read$auto(0x3, 0x0, 0x80) madvise$auto(0x0, 0x2000040080000004, 0xe) madvise$auto(0x8001, 0x9, 0x138) connect$auto(0x3, 0x0, 0x10) 2.207228563s ago: executing program 2 (id=2549): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio1/power/wakeup_count\x00', 0x40, 0x0) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x1}, 0x10000000009, 0x3, 0x80000000, 0x3) (fail_nth: 1) 1.524979835s ago: executing program 2 (id=2550): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x5, 0xffffffffffffffee, 0x1b, 0x7, 0x28000) sysfs$auto(0x2, 0x10000000000002d, 0x0) fsopen$auto(0x0, 0x7) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/006/001\x00', 0x40940, 0x0) mmap$auto(0x2000, 0x9, 0x8, 0x8000000008011, r0, 0x0) mlock$auto(0xfbe8, 0x4) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x400053, 0x9) 1.252749563s ago: executing program 2 (id=2551): socket(0x1d, 0x1, 0x7fff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r1, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) socket(0x18, 0x5, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082cbd7000fedbdf250300000008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f00000008000400010000880a0011"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.031773392s ago: executing program 0 (id=2552): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000002bc0), r0) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000002c00)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfd, {}, [@NETDEV_A_PAGE_POOL_ID={0xc, 0x1, 0x5}]}, 0x20}, 0x1, 0xe000000, 0x0, 0x8000}, 0x24000000) 663.131563ms ago: executing program 3 (id=2553): socket(0x10, 0x4, 0xffffffc0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000680)=ANY=[@ANYBLOB="17000000", @ANYBLOB='h\x005'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) close_range$auto(0x2, 0x8, 0x0) mseal$auto(0x0, 0x7dda, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x8442, 0x0) read$auto(r1, 0x0, 0x7) statmount$auto(0x0, &(0x7f0000000180)={0xfffffffb, 0xd, 0x9, 0x3, 0x400026, 0x940, 0x1ffdb, 0x3, 0x6, 0x7ff, 0xfffffffa, 0x9, 0xfff, 0xfffffffffffffffc, 0xb0, 0x8, 0x9, 0x3, 0x5, 0x6, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x8000, 0x100002, 0x8001, 0x1, 0x0, 0x0, [0x0, 0x2, 0xf73, 0x0, 0x0, 0x2000003, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x7, 0x0, 0x4, 0xffffffffffffffff, 0x1, 0x4, 0x0, 0x0, 0x4]}, 0xfffff7fffffffffa, 0x8000081) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x9}, 0x3) io_setup$auto(0xffff, &(0x7f0000000580)) 581.429276ms ago: executing program 0 (id=2554): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x5) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0xa44) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = socket(0x3, 0x3, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) open(&(0x7f0000000340)='./file0\x00', 0x0, 0x43d) epoll_create$auto(0x5db) lseek$auto(r0, 0x5, 0x810) getdents$auto(r2, &(0x7f00000003c0)={0x100, 0x8000000000000003, 0x4, "374e12ef58b11c1d4bdad3b8d6b36dd93f5721a0223599ce9a04ac7c02a3bc726d20f0193d6cb1ff75530f5895b917a0271b6d905670af4c9bc94814df8406475e9f496ec36339bc8065a868aa833221c75c8d47b89f5229bb8d4716f2e2da76636c845ac312d4f7977fdc15b5486766d4ab9fd4db2aa9f5d9bcc98416d9abcbb48b83f0d116c88aaa3907b27ca2fbd449a3a848e513e25abcce85549ca14693a4f8048121b042f7a03b8ead4b36255fe45a751dca68e763f973443a355c71bf270d41c35bdae9d165"}, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sg0\x00', 0x40200, 0x0) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(r3, 0x1, &(0x7f0000000000)="1404000000000000") openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/037/001\x00', 0x630001, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x100242, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_setup$auto(0xffff, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x4b4a, 0x9) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/misc/vmci/power/runtime_active_time\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/controlC1\x00', 0x60800, 0x0) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/hwdep\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r6, &(0x7f0000000280)=""/65, 0x41) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) 247.751206ms ago: executing program 2 (id=2555): mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000600), 0x142, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/dummy0/stable_secret\x00', 0x100, 0x0) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xfffffffffffffc00, &(0x7f0000000100)="a2b36d0449473b7bcbcd6d7f6186e9de29e708c62b9db37658c96e1ed364c5d867daa7438de65e6d2aa369df7e32e2c897c4bd029f0845c6b5196ced8ef9b1a53b4011ed14a904f19072629f7cc6ed922acba72edc667e917861d1e7dc8a72ee61bc9cca") r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x10000000000048, 0x0) r2 = fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto(0x3, 0x4030ae7b, r2) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x400000f3, 0x400, 0x9}]}) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_JOIN_OCB(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40050c4}, 0x820) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 192.888116ms ago: executing program 3 (id=2556): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x2000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r2 = socket(0x2, 0x1, 0x100) getsockopt$auto(r2, 0x0, 0x42, 0x0, &(0x7f00000000c0)=0x1e) inotify_init1$auto(0xfff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r3, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000640)={0x1c, 0x0, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_TX_AGGR_MAX_FRAMES={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x48804) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) read$auto(r1, 0x0, 0x1f40) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x200401, 0x0) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r5, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) setsockopt$auto_SO_BSDCOMPAT(r0, 0x7, 0xe, 0x0, 0xfff) close_range$auto(0x2, 0x8, 0x0) 99.587207ms ago: executing program 1 (id=2557): bpf$auto(0x0, &(0x7f0000000580)=@task_fd_query={0x7, 0x4, 0x200, 0x1001, 0xe4ff, 0xf, 0xffffffffffffffff, 0x1400000, 0x5}, 0x6f4) 0s ago: executing program 3 (id=2558): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000440)="671d2647dd69b6440843b6e6688a2b5ad9df2669e6f9cd2365", 0xfdef) write$auto(r0, &(0x7f0000000040)='j\xc27\x00\\\xa1\xe9v*\xb6]a\xf8\x04', 0xb) mmap$auto(0x0, 0x20009, 0x100000000df, 0xeb1, 0x401, 0x8000) ioperm$auto(0x7, 0x5ad2, 0x8) ioctl$auto_USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, &(0x7f0000001240)="9ab50f4ecf847be05f351e6488b61b974daa95047bb74b315eed6dca52dbdae0242fcfb571a66c97616937dd93b97753a5af8eadde84d075a946b81cdc6c72bd40aad677442d78a9994343e93dbf7822b41297f10050e625de61812235419b61ca6e1cf512102bf572750799aa3964739a05ea21d618836df2cf96ebcc6d292f0545e1eb5e66f83ca5b02974f6e1cd2acedee5d3b4ffdafe41befaaf1e517f633ea0e3d67782d4189bdf2c6a65f72859659a9ab103b7813b1630bb6f2fb4863586abb50472130ea12c4b4aba1e6bc7bac83382aa3bba6fc507788cd0b19beec49ae5b89b5a91aa0048f0d058daad9b1f0a396c35595d66e0ca73bd85830896d61370d97956eed87e06c4199bb2afa4338793b007e67835158c000971ca880dc7ee66113cf14495b0f4339cef5ac32c775d7db142f0a63d7fe953177f2ef74fbe6791a0dbbeddb2060899962e8a45a9fa8f07c39e260873330d84b00875d18b79e1c773918de40b9d457e92aa8cb305e4d88c10e8e27e7452362269216617b6688155473a8ce9850ba6627d1dc13f6b12679cb1a2c292ec5f4179b5f3b3375ad86b07e9d0ce7b00aa9ed5ca064645dc63be31d980f23257e30f76da5b7c7b9288b1f9201526113dc5a1bb6868da8c4097911a19863753cab06714d88848a93cfb183d2fc04ef62292aca7030578e9deb86077d38502dffc31e5eba12846f302793061d70cd92f6e8dcea38a4d51e9d96e20e49b70fab676aa1e69ce4ad9350001eaa3dd7f9af5aedf664876fe6fdac17799b2046f62fe5052ed5f3408fe2f1c716e9e9a1f5ba039a39db432c6dab2ec3a720a0415baca171e6e611c14bb511444af9e559223a1e9d2692ce839be9168d82477cbef48d915698ab249e58667942914a841828f4e15d5bb6d00fddbdd6b5b170f0326be5d5e2f515e7e5a8933fcacbd3d14f5d03a3b85a28462f3b22c5a0fea03f8ea21b5a0de0b1ff8ff47e2a6a7d2da26ec901d27ca5816108494e1ee2d8e9c1af62daa7e2f9437a735d504bb46dd720578ed308f70609188ce6a15d30bd9fe10e4c028f46450a7572256f84d1d59444e4a08d6f79811115506206e4d6714cb12dac45a6a85be8913ba01d71e5f19d6e90d830958a3f56923edb5a0efc8346d4d193a0abbb658f219279a5d9f5c5d524e5f000cfe9943beb70eb5994e26aadbd3f47dc18003165b39b5cf718900ab4b845a0493481ee388fccfc460859bd85fa63c0b58b775d3729db3c1cc58573e36b3bd33dd890a9d26a2a3a8b2def1a7c6eb3129cdceff29d3ec2ff52b9bd2ecb7ebc103706366c9e88c089f332d8bb380dc3afe436e490a538cd8c43ea63bd65e9486ce2c52e55d9eca84b24cc77f33e2c3096a04705dedc238779c4a497082d6d6a7dfb3b5259112546874411622e28e15c70ad98fd1e916843b06c4ee3f13c3cfdf5fc0d393391bad9d68335c0b4e32c4407c60ba070eeb6dd282b2f7ff6134e039eb011f0b4026f2ed46426fb07a335c21614dbabfb7cef26b96f29b0805642e9b0f5d9c675d5cf89111791600d330d8503efd3ee384e5e7fe02b8137f8881e8ac23eb4f4fa6a1a88a9fa8dfa9e446bb7f117a3d6687b2d2d505c461703eb5df4032b9371ebe49710c8e8244f10943a516bb84307769d12ea0d2c5244d8f41e646d162706cb35b9ac6e2e1650eddf1cca58c1a8fd2c8e6fc485ab478dd2a0913ffdce715d775f38c4b692d16cab3a24edc5fe496dc98a68451eb4776db277465525780d92bcaeebf145408a6607f86fc94043ee30683106cde9c71edd460f783e602465f32554c09376860d3d9420badf095ff9fdfb3311af5800eda2ee5741e555ea42b121d1f7001b471df869b7b2b0de36a31b443e75bc8f101884c227fab4951f0bd1b503f9d5c816afe75061648eec404c1ed0eb57e4f8a5e966f45227be127369550f5daec076d5020274a9a5bac078e700dd9b95ba961be08f97fcd543f88691e32d0aa9f8776f58c96de8cce194aee6f9010d7710b692ddfa24457a3a623b91d743521dfe43a21ecce2863356308526687c7ed1169386be11059614cd138d439725ac4b5c0a9e04f503dd1461e57935de94a12a64d18c1845500665f81bae9ef33033a4a2d04ca381da212a68e1f267f03ffb71db53ff0da93176b47ff0568a5acee10190c12c9fda1543c318229708f6985e224ce750e9ca937d6927c1de7e5fd7e7db6cd42478e0d11a97e8959ce0118d556960d4cfde1625c72220ac1988fc3c69850d00a08246bda3846b623e0c1a731d47ba3216fa91139d5f5a8af9897fb08bc53e682e669e4a20962f841e13da43b62ad6eba654f815c2ad347ae279ab134cca6a1ebd06e822cdceeb58d4329d501c216357a12fd92fa0c27de77e756cdec09698284802eb2d21ca7e1a3619da2591c1fe29d4da0744f1110594f57a20c286f78b1111814c55715e05e4c753bc0242c9abb850b508e061c1179d88fb11b33bb1f34d05cb38e99a57d1a06ea61590431db1cf22817c85f885978f08f92335e997eff96a5feb784e410d41a953a6d92eb5973c08aa728ab673c0e693f47055c112d8efc8bd84f4c85b2f160b4c47da302cfa214b822b68276fbd50933facc06956aea16f35e61e859072749a49f13d33376ec41f7dc85625e1e48fc821317f43b0be304f448eb1de7c68ba84e774a2d22b1d3f55c144f59c15fc19c6df45ac3ac6461df9aebebfc8738b7b2e0dbdd99909498a3741d9101d82540a64b5e7a149e1f98a0788704a843faece338d465826b58f3e11aef73d44efdce1739b1927c45248d32be74ea0fabbe17e7c0657cc68419d96f19119493ab5569c86aa80b6bc4b410b011a12e1ad5365c674720c2f2a4c78962affef7e63c4ca0d4235f977ae416153edef6402b95ec61cb561759217002b66a78b65819d1b649a85308943148ac025410dbe4f9f18694a1c7289118035f454f81e1d9b6ab076ddb50e8c7b8ed2fd36d4dd6c5c928041afc8936fa83244aa9dbf08676cc30580d8fee518e24ed4089b63f9930c194e048b88cec98f9190a81f1a09e80c2af63e4738d4bf6c8e4eff41a846a25f8d74ab88f9d85c9b059bab15fc1fc485e1f92fa4f41a3a275e9609ea0c7dff7c9488f482067f38f4e8f424007498ac1da9eeba9857b34dc21d552dada4aff917d37463fb054ddedf52ab3def2813fd115e3f36c3f82719a486d2605aadd9c3e708261e2acf13fa9cd81fa2f23aea49b3a42b3ad43bd140ccb5c274c099062d1148d1def0171c5b8b49ac6b462de5246523cee3bb96d6340c8992114ce7f3d0d6ef92f02bfe3142dc1cc03310ea49fe1000b6a5e2353e25b4d373830a2030f7a7f33c60d583ca9ecf9930a22fb8415364d22a1f5aa8ebd95930123e04edaa80b5bdd0473a2c95be3797d6100145d674498fea24a87009149aa27a7060ccaf0ea0675a0c498370beff8978604ac3d3aec9cf3ad53ec8a698c5e1a44d0a4be22e5a16547db9eef5577d6ecd5a2967c4d4255e8908ccb347fe7cb5a7246345035a7a8a12993f8fdc661ffd3a84736ee9a5852dcf8e3aca4afa19a598c9379dd6d3c594e9aa54c1b5f0a2add05c979c76f9d1796c2072e0a6b5348ec199aa7abb34cde352f97e61823977723500867f803371f115c3528b30442fdd828f872d7c962f21053d6fb1fea2ac4e273902edf14d1b9c362f76c67ee7ff175ddb443afd3bab63767d2a64416d50015c09ae0a0faf5b6cbd39a31b7d324d110a84800f2c541cb39836c4cc2e7de0596b78e580533c1dc1126acc7aa5e8d2c2680b511ef4160351e924411b092a94c0a6df787eea3a6960ee27c1480ffc3dd286af35183020315a00ea9dc2384edb0a9c420c12a35ef16fa73d6caf07d796416768be12fad0fd636304918b7cc7901d5db64e6d3d1f7560b859c2044f38e46eec7c2cca01492309c948880326e60fb540bec547626cb5ceb48eae7f0bdd5f38b7ca69159bf39e5a6dee36f2199bae38a2d21e3316c8debcadfb4121af4446cc9fe2a536689816f66510d8906a1f96db1b71a7ab1a9de45e67d93586db93397eae71e6eca1e84531ba50ee9ab11bc01eba40063e74b0efd6ae4ab90bb50e2312861c92b43720e83d3bad50bf66f87be98c40b275339177dba753ddab002b07827ab860e9613a1bb0c13e690dbd71f5a30578e5ab1d1426ca07cb698f30cdfe1853a10fa976822da5c1b3ab8bd6df956e74a667867b94f26b696b9379ab818eed48a13fa6a3590cc1b6e159f25d3f7f7c5178ae84974460d7880b84aa90077a0a8dce82fd6bed76df7cf1dd42b33ec26cdf374ff068db186ddf08112eabfcd7b3f25afaa765bc831a3c7e7d93d6794c2c92d1223de9b15217632aa17ee09651556d0617219d9142f155dd8b1d87cf31715113519edbfdc5d6849feb239a73b53f94430f8e7ee022cdf8cc9aeb877e4109db461e6dd68351a1522d41854ff59a91b854cab163329442c01cbc3b352c8068131c8c22f7b9220e009e3890f396d5fe69137e2f0b52b27d190705cc4dac692ebb7d9662268cc641d03804d7f5bc99437e49a3e2e6b8879d37322faaec90df4a1201bb1f58d1eedadf74df18be13e0aff304b583da98589aa22e27b1f78beaea663e3182d2b12a2f3c835c0feb3001d787b297a2aaaaa649fbd9269dc534c810ea064d6d27d54e54f73e39ed4ef101491c144f7010aa2519587cda497d770763f60e6d9df6672c3a47991d757b7ccaa38550f42d0ed724b52c04a61e3670a3af1bab73543112f20b4b17e1ca567c2e2dfd8ded52e80ef79f2f0ca312099a2905ee699a61eb34aee75c974ba6c8e6b6f8d4346baa5164edbf9f892f5b20fe2e4d63d697e17a41ff323e114e5b8f8bf9204ac842e4cb0eaf872ed92e92a09a61e17010be88bcffa11a464e9dd15f772b17a0a26a384a6bbe80a2bed2c5f3c5db439384781893c68f35e7f04dd4b90fb35566b4b5e230410f2a88302436113a0d7ce0a589e9155273ffee7fc927dd0f1e5592c727a2bcfe61eb5d95811981d0d307406d5da4c6c164be156558675bc34d2bb1e9bfb3ff557b101892ba10bce45f85ff739acb1513058e74ebf675dafc64501525b510f70338d31ba19b7ab4eae92c2c33d59b616fbeacb0b0af4615a08b316d9ea8ef31b7e27f0d286aa4f918d8fd553d8e463df06cd6a7303b5f0ee14e2b60e910f02e7e4eeb55ca3b1210050359d9f662556ba38c50ea31080fe172438b438af83572cd33451fb92ec62ab10d4a439c571ee290d524270a0cc90665c9f6347f9f3d78efcda9e6e13a255f9080f66dbf0030cb9c1d10ade44412bb9e5783a86e35eb5b28095f52942b83013967d661e2e7bd9b525f1fb8b0d127dce73876805ed4954bd7cf9cf6f43c06c4463dc9d339394e2f83304223627d76d61b245140f440446d4e6eabe0450034f82b1d6f2d6d090895de305a84e7bb7824ad84429aa50775536dbda7bcacadfe01b5d6ca8e46b897c21122655677a176bab6b260deb3d6803607b9aa85d74e748aedc17537bb0bd0b4800cd9ad3705b9960a61f501a4bdaee05309c5537189a8d616554429de7717674aa88674733fb68eeab898aade23712c8058a855904f4e7085115f36b6df394864d88e6cf183753248eefad820ff3f1dda2ff430da2c16633f7bb86fced18a6217c71a412287f31c1699553ad9695195a95baca9cd3f6510d9dbcb5a404fb02d4a6a476090ffab0efa6") mmap$auto(0x0, 0x4, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x8000012, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x8001) process_madvise$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, &(0x7f0000000080)={&(0x7f0000000000), 0x8}, 0xf, 0x8, 0x0) r2 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r2, 0x0, 0xe) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty45\x00', 0x88702, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000080), r4) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f00000001c0), r4) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x14, r7, 0x1, 0x70bd25, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x41}, 0x4004040) sendmsg$auto_WG_CMD_GET_DEVICE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="030727bd7000ffdbdf2500000000e8da9a376d96bc32f774782c5ecf47173cab12c12ae693ecad290ea070cd5ec28d28335bb64d14957f05a2c5574d429e52c2c35d567cf3f2a992cf6021b1adc619fc962e999a0179968a7b52ab161fa035ffcc7db504c62dd1f0270f041d48d689772f34a56954b0388ac94873b817f8c87103d3"], 0x14}, 0x1, 0x0, 0x0, 0x985}, 0x4) write$auto_tty_fops_tty_io(r3, &(0x7f0000000580)="7fd0a917413f68eb6b28d5eea7d1553f6595c094f1f855eb8d8776e6bd8f81c440da3fe3433f8243402fc2752caac5da7a03bbb5adf685740635a6bc231c6cf093b7cf0e4dd07f10b2dc12791aa3ebded3cfe2e4befc0e02d2e064b1db3adc8b2ec1c0378efff268086d6cb998b8dedfb7f20d06b7b091e974de1c1a4ce3d378d91b7639d914ba86b1f18337bb06e3619af99e68dfac380ab153fc75a2159d8efbbf7436752c964490346cf1558249979fc61ee71509560d14bdd0922e50904f3a4b2ae1bfc4f6bb9e08f16afd6baa53cf87077be5bcca2829dd4133da071a6fd072ed5568670a5d171e3deee5576bf571a016c162ca369182f202dbe49839df8d4c438dacdd6cdd67c21e2ed9be20baeff5e5019313d5e6e5a0e93eab61be5dec2c7e144cf9d73fd945c25ff11d5d5aa26bf8ab2e06098b8aeb05c1f29c1a30d268d82768b3350c3efcdac39334de0f6406a1aed635e0c55412ff73b0222d67be6bdd185478d502b492c41696ce6f88609795409aa0841dbc7cb222f0cb239b19d9499fdc45988f0290af0666c37b93f047d45b17cbe7c9332c63ad46c6aa871e4b351efa4fbfb88cfa0281f465d1a970939c2d6c45c50ade06f0bb98ed66623b887de325c0f42ab530b649ea29757af9464c18dea186a0bbc62ce209a3be8e86e8f710323cb899d806caf575cb73a419c0804afd4c8a329a2afaebb87291e9fdfd2ca0edebfc4fb7b1e281fa3e6ac387aebfc92107f4251aa8c96a4c6d7599933c2c489a7696e8e42d88b572fa46bead2c96f619030ab70026f14f91bbf0a4c1b3ed74c564d6ae3eefeef94d37e19701513ff7713a52ebfd8f251dc303455de00d1ee3ed3e204bed2901a644056193fc7e00ce10aa6463892a7881a51893af629f7bd8801ce4c44c7ff2decdb6a69d9ed48ff79661ba9ec4a84dd222d3b40e4abf56222b97db9aa646a67e5031a57d570030f41b09529298f1acddbcd1f0ff6a30cb2a2d5eaecd774bbf897477cc1e55488f3493b6aa6908d24b032cbda24f956f7f262d992838923efde7e8ed0558872451d7bd6a4769ecd47c6d0a125a6e638df6f67793901a67071c506d010930b01ce541aa43f9110d874311d18a8ea50fb1907e8d17c3932e0c12c7d6f7c145209ab81105649fc0c5266063bd8c6a16319a82ff5d236122d53e15d6a7fcb16245d7754f3ffbf659a141cbd29286176fe445deebd5dd18baae1bbdfedbe4bd3453c50fb2f6c22505ecd768ad0703624ebf7b924dc7e8e93ea94c8a6a9f0372351b5a4aaadf89a86faf5241e47be7e6790676fbf8abcc6ef89b9f6ce10600e21815ec6d2c580b5c30ada6b956a07d9964e93419856df00b06245d0743ac2b595097007165cbb17c6a492a6eb0559712e5f89ee86b7a2c46acf9b8d8b2c7a85092966aca97f114635c64f6eb44ad927423a3bc434b267c23d364ee5671d3dcbcca02ffbb633b3c9e6f", 0xfdef) modify_ldt$auto(0x11, 0xfffffffffffffffc, 0x23b94) r8 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bus/usb/029/001\x00', 0xa002, 0x0) ioctl$auto_USBDEVFS_CLAIMINTERFACE(r8, 0x8004550f, &(0x7f0000000400)=0xfffff000) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x141000, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): x2a0 [ 616.636759][T14334] drm_release+0x2c4/0x360 [ 616.636794][T14334] ? __pfx_drm_release+0x10/0x10 [ 616.636818][T14334] __fput+0x3ff/0xb70 [ 616.636864][T14334] task_work_run+0x150/0x240 [ 616.636899][T14334] ? __pfx_task_work_run+0x10/0x10 [ 616.636934][T14334] ? __pfx___do_sys_close_range+0x10/0x10 [ 616.636969][T14334] exit_to_user_mode_loop+0xeb/0x110 [ 616.637005][T14334] do_syscall_64+0x3f6/0x490 [ 616.637039][T14334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 616.637064][T14334] RIP: 0033:0x7f26dd78ebe9 [ 616.637084][T14334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 616.637108][T14334] RSP: 002b:00007f26de602038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 616.637132][T14334] RAX: 0000000000000000 RBX: 00007f26dd9b6090 RCX: 00007f26dd78ebe9 [ 616.637147][T14334] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 616.637161][T14334] RBP: 00007f26dd811e19 R08: 0000000000000000 R09: 0000000000000000 [ 616.637176][T14334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 616.637191][T14334] R13: 00007f26dd9b6128 R14: 00007f26dd9b6090 R15: 00007ffe4920c9f8 [ 616.637228][T14334] [ 619.505623][T14367] blktrace: Concurrent blktraces are not allowed on ram7 [ 620.126382][T14380] qrtr: Invalid version 0 [ 620.133994][ T5865] Bluetooth: hci3: unexpected event 0x3e length: 728 > 260 [ 620.134031][ T5865] Bluetooth: hci3: unexpected subevent 0x03 length: 727 > 9 [ 620.616861][T14386] svc: failed to register nfsdv3 RPC service (errno 111). [ 620.680847][T14386] svc: failed to register nfsaclv3 RPC service (errno 111). [ 622.693846][T14400] program syz.3.2054 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 624.502633][T14425] blktrace: Concurrent blktraces are not allowed on ram7 [ 629.573496][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.581087][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.723630][T14484] FAULT_INJECTION: forcing a failure. [ 629.723630][T14484] name failslab, interval 1, probability 0, space 0, times 0 [ 629.834450][T14484] CPU: 1 UID: 0 PID: 14484 Comm: syz.2.2072 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 629.834484][T14484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 629.834493][T14484] Call Trace: [ 629.834499][T14484] [ 629.834504][T14484] dump_stack_lvl+0x16c/0x1f0 [ 629.834528][T14484] should_fail_ex+0x512/0x640 [ 629.834549][T14484] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 629.834567][T14484] should_failslab+0xc2/0x120 [ 629.834587][T14484] __kmalloc_cache_noprof+0x6a/0x3e0 [ 629.834600][T14484] ? ww_mutex_lock+0x37/0x160 [ 629.834617][T14484] ? vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 629.834637][T14484] vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 629.834653][T14484] drm_atomic_get_crtc_state+0x16e/0x450 [ 629.834678][T14484] drm_atomic_get_plane_state+0x436/0x590 [ 629.834702][T14484] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 629.834716][T14484] ? __pfx___might_resched+0x10/0x10 [ 629.834736][T14484] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 629.834751][T14484] ? __mutex_lock+0x1c4/0x10b0 [ 629.834767][T14484] ? rcu_is_watching+0x12/0xc0 [ 629.834801][T14484] drm_client_modeset_commit_locked+0x14d/0x580 [ 629.834819][T14484] drm_client_modeset_commit+0x4f/0x80 [ 629.834837][T14484] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 629.834874][T14484] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 629.834908][T14484] drm_fbdev_client_restore+0x2c/0x40 [ 629.834936][T14484] drm_client_dev_restore+0x1f3/0x2a0 [ 629.834965][T14484] drm_release+0x2c4/0x360 [ 629.834992][T14484] ? __pfx_drm_release+0x10/0x10 [ 629.835013][T14484] __fput+0x3ff/0xb70 [ 629.835055][T14484] task_work_run+0x150/0x240 [ 629.835090][T14484] ? __pfx_task_work_run+0x10/0x10 [ 629.835120][T14484] ? __pfx___do_sys_close_range+0x10/0x10 [ 629.835157][T14484] exit_to_user_mode_loop+0xeb/0x110 [ 629.835196][T14484] do_syscall_64+0x3f6/0x490 [ 629.835240][T14484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 629.835264][T14484] RIP: 0033:0x7f26dd78ebe9 [ 629.835282][T14484] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 629.835305][T14484] RSP: 002b:00007f26de623038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 629.835331][T14484] RAX: 0000000000000000 RBX: 00007f26dd9b5fa0 RCX: 00007f26dd78ebe9 [ 629.835346][T14484] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 629.835360][T14484] RBP: 00007f26dd811e19 R08: 0000000000000000 R09: 0000000000000000 [ 629.835376][T14484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 629.835390][T14484] R13: 00007f26dd9b6038 R14: 00007f26dd9b5fa0 R15: 00007ffe4920c9f8 [ 629.835428][T14484] [ 630.956373][ T5865] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 633.753116][T14533] blktrace: Concurrent blktraces are not allowed on ram7 [ 634.937463][T14547] blktrace: Concurrent blktraces are not allowed on ram7 [ 636.027408][T14557] svc: failed to register nfsdv3 RPC service (errno 101). [ 636.102855][T14557] svc: failed to register nfsaclv3 RPC service (errno 101). [ 637.738077][T14592] program syz.3.2093 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 639.378211][T14614] blktrace: Concurrent blktraces are not allowed on ram7 [ 641.412822][T14637] random: crng reseeded on system resumption [ 643.432342][T14664] random: crng reseeded on system resumption [ 646.019628][T14699] random: crng reseeded on system resumption [ 646.312706][T14708] FAULT_INJECTION: forcing a failure. [ 646.312706][T14708] name failslab, interval 1, probability 0, space 0, times 0 [ 646.435530][T14708] CPU: 1 UID: 0 PID: 14708 Comm: syz.2.2116 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 646.435562][T14708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 646.435572][T14708] Call Trace: [ 646.435577][T14708] [ 646.435584][T14708] dump_stack_lvl+0x16c/0x1f0 [ 646.435607][T14708] should_fail_ex+0x512/0x640 [ 646.435629][T14708] ? __kmalloc_noprof+0xbf/0x510 [ 646.435648][T14708] ? drm_atomic_state_init+0x17b/0x320 [ 646.435663][T14708] should_failslab+0xc2/0x120 [ 646.435683][T14708] __kmalloc_noprof+0xd2/0x510 [ 646.435704][T14708] drm_atomic_state_init+0x17b/0x320 [ 646.435718][T14708] ? __kasan_kmalloc+0xaa/0xb0 [ 646.435735][T14708] drm_atomic_state_alloc+0xd3/0x120 [ 646.435750][T14708] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 646.435766][T14708] ? __pfx___might_resched+0x10/0x10 [ 646.435786][T14708] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 646.435801][T14708] ? __mutex_lock+0x1c4/0x10b0 [ 646.435821][T14708] ? rcu_is_watching+0x12/0xc0 [ 646.435855][T14708] drm_client_modeset_commit_locked+0x14d/0x580 [ 646.435873][T14708] drm_client_modeset_commit+0x4f/0x80 [ 646.435889][T14708] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 646.435914][T14708] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 646.435934][T14708] drm_fbdev_client_restore+0x2c/0x40 [ 646.435954][T14708] drm_client_dev_restore+0x1f3/0x2a0 [ 646.435972][T14708] drm_release+0x2c4/0x360 [ 646.435987][T14708] ? __pfx_drm_release+0x10/0x10 [ 646.435999][T14708] __fput+0x3ff/0xb70 [ 646.436025][T14708] task_work_run+0x150/0x240 [ 646.436047][T14708] ? __pfx_task_work_run+0x10/0x10 [ 646.436069][T14708] ? __pfx___do_sys_close_range+0x10/0x10 [ 646.436091][T14708] exit_to_user_mode_loop+0xeb/0x110 [ 646.436113][T14708] do_syscall_64+0x3f6/0x490 [ 646.436132][T14708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 646.436148][T14708] RIP: 0033:0x7f26dd78ebe9 [ 646.436160][T14708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 646.436176][T14708] RSP: 002b:00007f26de602038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 646.436196][T14708] RAX: 0000000000000000 RBX: 00007f26dd9b6090 RCX: 00007f26dd78ebe9 [ 646.436212][T14708] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 646.436227][T14708] RBP: 00007f26dd811e19 R08: 0000000000000000 R09: 0000000000000000 [ 646.436242][T14708] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 646.436257][T14708] R13: 00007f26dd9b6128 R14: 00007f26dd9b6090 R15: 00007ffe4920c9f8 [ 646.436279][T14708] [ 647.930510][T14713] random: crng reseeded on system resumption [ 649.050442][T14729] blktrace: Concurrent blktraces are not allowed on ram7 [ 652.486314][T14774] random: crng reseeded on system resumption [ 654.156682][T14800] blktrace: Concurrent blktraces are not allowed on ram7 [ 654.732787][T14798] program syz.3.2137 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 657.291632][T14830] blktrace: Concurrent blktraces are not allowed on ram7 [ 658.523440][T14848] blktrace: Concurrent blktraces are not allowed on ram7 [ 660.869922][T14881] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2157'. [ 660.901604][T14885] random: crng reseeded on system resumption [ 660.921113][T14885] FAULT_INJECTION: forcing a failure. [ 660.921113][T14885] name failslab, interval 1, probability 0, space 0, times 0 [ 660.936492][T14885] CPU: 1 UID: 0 PID: 14885 Comm: syz.0.2158 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 660.936528][T14885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 660.936544][T14885] Call Trace: [ 660.936553][T14885] [ 660.936563][T14885] dump_stack_lvl+0x16c/0x1f0 [ 660.936600][T14885] should_fail_ex+0x512/0x640 [ 660.936635][T14885] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 660.936668][T14885] should_failslab+0xc2/0x120 [ 660.936702][T14885] __kmalloc_cache_noprof+0x6a/0x3e0 [ 660.936731][T14885] ? memory_bm_create+0x154/0x810 [ 660.936761][T14885] memory_bm_create+0x154/0x810 [ 660.936804][T14885] create_basic_memory_bitmaps+0x10b/0x320 [ 660.936841][T14885] snapshot_open+0x235/0x2b0 [ 660.936870][T14885] ? __pfx_snapshot_open+0x10/0x10 [ 660.936901][T14885] misc_open+0x35a/0x420 [ 660.936928][T14885] ? __pfx_misc_open+0x10/0x10 [ 660.936954][T14885] chrdev_open+0x231/0x6a0 [ 660.936983][T14885] ? __pfx_apparmor_file_open+0x10/0x10 [ 660.937012][T14885] ? __pfx_chrdev_open+0x10/0x10 [ 660.937045][T14885] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 660.937082][T14885] do_dentry_open+0x97f/0x1530 [ 660.937113][T14885] ? __pfx_chrdev_open+0x10/0x10 [ 660.937153][T14885] vfs_open+0x82/0x3f0 [ 660.937193][T14885] path_openat+0x1de4/0x2cb0 [ 660.937246][T14885] ? __pfx_path_openat+0x10/0x10 [ 660.937285][T14885] do_filp_open+0x20b/0x470 [ 660.937315][T14885] ? __pfx_do_filp_open+0x10/0x10 [ 660.937372][T14885] ? alloc_fd+0x471/0x7d0 [ 660.937410][T14885] do_sys_openat2+0x11b/0x1d0 [ 660.937446][T14885] ? __pfx_do_sys_openat2+0x10/0x10 [ 660.937497][T14885] __x64_sys_openat+0x174/0x210 [ 660.937533][T14885] ? __pfx___x64_sys_openat+0x10/0x10 [ 660.937584][T14885] do_syscall_64+0xcd/0x490 [ 660.937618][T14885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 660.937645][T14885] RIP: 0033:0x7f342e58ebe9 [ 660.937667][T14885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 660.937694][T14885] RSP: 002b:00007f342f3eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 660.937720][T14885] RAX: ffffffffffffffda RBX: 00007f342e7b5fa0 RCX: 00007f342e58ebe9 [ 660.937738][T14885] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 660.937757][T14885] RBP: 00007f342e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 660.937774][T14885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 660.937791][T14885] R13: 00007f342e7b6038 R14: 00007f342e7b5fa0 R15: 00007ffcd4eb07d8 [ 660.937829][T14885] [ 662.327651][T14896] __vm_enough_memory: pid: 14896, comm: syz.3.2161, bytes: 4398046511104 not enough memory for the allocation [ 662.525363][T14896] bcachefs: bch2_ioctl_fsck_offline() ret EFAULT [ 662.869086][T14912] blktrace: Concurrent blktraces are not allowed on ram7 [ 666.191215][T14968] blktrace: Concurrent blktraces are not allowed on ram7 [ 667.128100][T14982] program syz.0.2184 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 667.222713][T14983] i2c i2c-0: delete_device: Extra parameters [ 667.439816][T14995] netlink: 'syz.2.2185': attribute type 17 has an invalid length. [ 667.447987][T14995] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2185'. [ 668.391754][T15002] random: crng reseeded on system resumption [ 668.427500][T15002] FAULT_INJECTION: forcing a failure. [ 668.427500][T15002] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 668.470248][T15002] CPU: 0 UID: 0 PID: 15002 Comm: syz.3.2187 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 668.470274][T15002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 668.470283][T15002] Call Trace: [ 668.470290][T15002] [ 668.470296][T15002] dump_stack_lvl+0x16c/0x1f0 [ 668.470320][T15002] should_fail_ex+0x512/0x640 [ 668.470344][T15002] should_fail_alloc_page+0xe7/0x130 [ 668.470366][T15002] prepare_alloc_pages+0x3c2/0x610 [ 668.470390][T15002] ? __kernel_text_address+0xd/0x40 [ 668.470406][T15002] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 668.470430][T15002] ? stack_trace_save+0x8e/0xc0 [ 668.470446][T15002] ? __pfx_stack_trace_save+0x10/0x10 [ 668.470463][T15002] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 668.470483][T15002] ? kasan_save_stack+0x42/0x60 [ 668.470499][T15002] ? kasan_save_stack+0x33/0x60 [ 668.470515][T15002] ? misc_open+0x35a/0x420 [ 668.470529][T15002] ? chrdev_open+0x231/0x6a0 [ 668.470545][T15002] ? do_dentry_open+0x97f/0x1530 [ 668.470561][T15002] ? vfs_open+0x82/0x3f0 [ 668.470579][T15002] ? path_openat+0x1de4/0x2cb0 [ 668.470594][T15002] ? do_filp_open+0x20b/0x470 [ 668.470608][T15002] ? do_sys_openat2+0x11b/0x1d0 [ 668.470634][T15002] ? __x64_sys_openat+0x174/0x210 [ 668.470655][T15002] ? do_syscall_64+0xcd/0x490 [ 668.470672][T15002] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 668.470688][T15002] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 668.470710][T15002] ? policy_nodemask+0xea/0x4e0 [ 668.470731][T15002] alloc_pages_mpol+0x1fb/0x550 [ 668.470750][T15002] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 668.470773][T15002] alloc_pages_noprof+0x131/0x390 [ 668.470792][T15002] get_zeroed_page_noprof+0x18/0xb0 [ 668.470813][T15002] get_image_page+0x18/0x190 [ 668.470827][T15002] chain_alloc+0x8c/0xd0 [ 668.470842][T15002] memory_bm_create+0x30f/0x810 [ 668.470864][T15002] create_basic_memory_bitmaps+0x10b/0x320 [ 668.470883][T15002] snapshot_open+0x235/0x2b0 [ 668.470899][T15002] ? __pfx_snapshot_open+0x10/0x10 [ 668.470928][T15002] misc_open+0x35a/0x420 [ 668.470950][T15002] ? __pfx_misc_open+0x10/0x10 [ 668.470965][T15002] chrdev_open+0x231/0x6a0 [ 668.470983][T15002] ? __pfx_apparmor_file_open+0x10/0x10 [ 668.471000][T15002] ? __pfx_chrdev_open+0x10/0x10 [ 668.471019][T15002] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 668.471039][T15002] do_dentry_open+0x97f/0x1530 [ 668.471056][T15002] ? __pfx_chrdev_open+0x10/0x10 [ 668.471078][T15002] vfs_open+0x82/0x3f0 [ 668.471101][T15002] path_openat+0x1de4/0x2cb0 [ 668.471124][T15002] ? __pfx_path_openat+0x10/0x10 [ 668.471146][T15002] do_filp_open+0x20b/0x470 [ 668.471163][T15002] ? __pfx_do_filp_open+0x10/0x10 [ 668.471193][T15002] ? alloc_fd+0x471/0x7d0 [ 668.471214][T15002] do_sys_openat2+0x11b/0x1d0 [ 668.471235][T15002] ? __pfx_do_sys_openat2+0x10/0x10 [ 668.471263][T15002] __x64_sys_openat+0x174/0x210 [ 668.471284][T15002] ? __pfx___x64_sys_openat+0x10/0x10 [ 668.471313][T15002] do_syscall_64+0xcd/0x490 [ 668.471333][T15002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 668.471353][T15002] RIP: 0033:0x7f74aed8ebe9 [ 668.471374][T15002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 668.471399][T15002] RSP: 002b:00007f74afbd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 668.471423][T15002] RAX: ffffffffffffffda RBX: 00007f74aefb5fa0 RCX: 00007f74aed8ebe9 [ 668.471433][T15002] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 668.471443][T15002] RBP: 00007f74aee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 668.471451][T15002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 668.471460][T15002] R13: 00007f74aefb6038 R14: 00007f74aefb5fa0 R15: 00007fff680c2838 [ 668.471479][T15002] [ 669.628673][T15011] random: crng reseeded on system resumption [ 670.264613][T15029] blktrace: Concurrent blktraces are not allowed on ram7 [ 671.216974][T15045] netlink: 'syz.2.2197': attribute type 17 has an invalid length. [ 671.243221][T15045] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2197'. [ 671.339917][T15049] blktrace: Concurrent blktraces are not allowed on ram7 [ 673.020231][T15069] blktrace: Concurrent blktraces are not allowed on ram7 [ 673.057740][T15065] netlink: 'syz.2.2201': attribute type 17 has an invalid length. [ 673.093219][T15065] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2201'. [ 675.726648][T15102] blktrace: Concurrent blktraces are not allowed on ram7 [ 675.833004][T15101] netlink: 'syz.3.2210': attribute type 17 has an invalid length. [ 675.841054][T15101] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2210'. [ 677.776919][T15117] blktrace: Concurrent blktraces are not allowed on ram7 [ 678.870645][T15130] random: crng reseeded on system resumption [ 679.127017][T15133] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2222'. [ 680.263263][T15148] blktrace: Concurrent blktraces are not allowed on ram7 [ 680.957834][T15153] netlink: 'syz.0.2224': attribute type 17 has an invalid length. [ 680.965661][T15153] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2224'. [ 681.530211][T15170] random: crng reseeded on system resumption [ 681.539438][T15170] FAULT_INJECTION: forcing a failure. [ 681.539438][T15170] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 681.635946][T15170] CPU: 0 UID: 0 PID: 15170 Comm: syz.0.2229 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 681.635990][T15170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 681.636006][T15170] Call Trace: [ 681.636017][T15170] [ 681.636028][T15170] dump_stack_lvl+0x16c/0x1f0 [ 681.636067][T15170] should_fail_ex+0x512/0x640 [ 681.636108][T15170] should_fail_alloc_page+0xe7/0x130 [ 681.636144][T15170] prepare_alloc_pages+0x3c2/0x610 [ 681.636185][T15170] ? __kernel_text_address+0xd/0x40 [ 681.636214][T15170] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 681.636256][T15170] ? stack_trace_save+0x8e/0xc0 [ 681.636285][T15170] ? __pfx_stack_trace_save+0x10/0x10 [ 681.636316][T15170] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 681.636362][T15170] ? kasan_save_stack+0x42/0x60 [ 681.636391][T15170] ? kasan_save_stack+0x33/0x60 [ 681.636424][T15170] ? misc_open+0x35a/0x420 [ 681.636449][T15170] ? chrdev_open+0x231/0x6a0 [ 681.636479][T15170] ? do_dentry_open+0x97f/0x1530 [ 681.636508][T15170] ? vfs_open+0x82/0x3f0 [ 681.636540][T15170] ? path_openat+0x1de4/0x2cb0 [ 681.636568][T15170] ? do_filp_open+0x20b/0x470 [ 681.636594][T15170] ? do_sys_openat2+0x11b/0x1d0 [ 681.636628][T15170] ? __x64_sys_openat+0x174/0x210 [ 681.636664][T15170] ? do_syscall_64+0xcd/0x490 [ 681.636694][T15170] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.636723][T15170] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 681.636762][T15170] ? policy_nodemask+0xea/0x4e0 [ 681.636798][T15170] alloc_pages_mpol+0x1fb/0x550 [ 681.636832][T15170] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 681.636877][T15170] alloc_pages_noprof+0x131/0x390 [ 681.636912][T15170] get_zeroed_page_noprof+0x18/0xb0 [ 681.636948][T15170] get_image_page+0x18/0x190 [ 681.636976][T15170] chain_alloc+0x8c/0xd0 [ 681.637004][T15170] memory_bm_create+0x30f/0x810 [ 681.637045][T15170] create_basic_memory_bitmaps+0x10b/0x320 [ 681.637081][T15170] snapshot_open+0x235/0x2b0 [ 681.637111][T15170] ? __pfx_snapshot_open+0x10/0x10 [ 681.637142][T15170] misc_open+0x35a/0x420 [ 681.637169][T15170] ? __pfx_misc_open+0x10/0x10 [ 681.637196][T15170] chrdev_open+0x231/0x6a0 [ 681.637228][T15170] ? __pfx_apparmor_file_open+0x10/0x10 [ 681.637257][T15170] ? __pfx_chrdev_open+0x10/0x10 [ 681.637292][T15170] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 681.637329][T15170] do_dentry_open+0x97f/0x1530 [ 681.637370][T15170] ? __pfx_chrdev_open+0x10/0x10 [ 681.637411][T15170] vfs_open+0x82/0x3f0 [ 681.637453][T15170] path_openat+0x1de4/0x2cb0 [ 681.637497][T15170] ? __pfx_path_openat+0x10/0x10 [ 681.637539][T15170] do_filp_open+0x20b/0x470 [ 681.637570][T15170] ? __pfx_do_filp_open+0x10/0x10 [ 681.637627][T15170] ? alloc_fd+0x471/0x7d0 [ 681.637666][T15170] do_sys_openat2+0x11b/0x1d0 [ 681.637703][T15170] ? __pfx_do_sys_openat2+0x10/0x10 [ 681.637756][T15170] __x64_sys_openat+0x174/0x210 [ 681.637795][T15170] ? __pfx___x64_sys_openat+0x10/0x10 [ 681.637847][T15170] do_syscall_64+0xcd/0x490 [ 681.637882][T15170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.637909][T15170] RIP: 0033:0x7f342e58ebe9 [ 681.637931][T15170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 681.637957][T15170] RSP: 002b:00007f342f3eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 681.637983][T15170] RAX: ffffffffffffffda RBX: 00007f342e7b5fa0 RCX: 00007f342e58ebe9 [ 681.638002][T15170] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 681.638020][T15170] RBP: 00007f342e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 681.638037][T15170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 681.638054][T15170] R13: 00007f342e7b6038 R14: 00007f342e7b5fa0 R15: 00007ffcd4eb07d8 [ 681.638092][T15170] [ 683.439636][T15205] blktrace: Concurrent blktraces are not allowed on ram7 [ 683.762077][T15207] FAULT_INJECTION: forcing a failure. [ 683.762077][T15207] name failslab, interval 1, probability 0, space 0, times 0 [ 683.839944][T15207] CPU: 0 UID: 0 PID: 15207 Comm: syz.2.2235 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 683.839984][T15207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 683.840001][T15207] Call Trace: [ 683.840011][T15207] [ 683.840021][T15207] dump_stack_lvl+0x16c/0x1f0 [ 683.840060][T15207] should_fail_ex+0x512/0x640 [ 683.840097][T15207] ? __kmalloc_noprof+0xbf/0x510 [ 683.840131][T15207] ? drm_atomic_state_init+0x17b/0x320 [ 683.840164][T15207] should_failslab+0xc2/0x120 [ 683.840195][T15207] __kmalloc_noprof+0xd2/0x510 [ 683.840231][T15207] drm_atomic_state_init+0x17b/0x320 [ 683.840255][T15207] ? __kasan_kmalloc+0xaa/0xb0 [ 683.840284][T15207] drm_atomic_state_alloc+0xd3/0x120 [ 683.840310][T15207] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 683.840337][T15207] ? __pfx___might_resched+0x10/0x10 [ 683.840372][T15207] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 683.840400][T15207] ? __mutex_lock+0x1c4/0x10b0 [ 683.840429][T15207] ? rcu_is_watching+0x12/0xc0 [ 683.840488][T15207] drm_client_modeset_commit_locked+0x14d/0x580 [ 683.840520][T15207] drm_client_modeset_commit+0x4f/0x80 [ 683.840548][T15207] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 683.840589][T15207] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 683.840625][T15207] drm_fbdev_client_restore+0x2c/0x40 [ 683.840657][T15207] drm_client_dev_restore+0x1f3/0x2a0 [ 683.840690][T15207] drm_release+0x2c4/0x360 [ 683.840718][T15207] ? __pfx_drm_release+0x10/0x10 [ 683.840741][T15207] __fput+0x3ff/0xb70 [ 683.840786][T15207] task_work_run+0x150/0x240 [ 683.840824][T15207] ? __pfx_task_work_run+0x10/0x10 [ 683.840863][T15207] ? __pfx___do_sys_close_range+0x10/0x10 [ 683.840908][T15207] exit_to_user_mode_loop+0xeb/0x110 [ 683.840946][T15207] do_syscall_64+0x3f6/0x490 [ 683.840980][T15207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.841006][T15207] RIP: 0033:0x7f26dd78ebe9 [ 683.841029][T15207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.841054][T15207] RSP: 002b:00007f26de623038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 683.841080][T15207] RAX: 0000000000000000 RBX: 00007f26dd9b5fa0 RCX: 00007f26dd78ebe9 [ 683.841099][T15207] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 683.841114][T15207] RBP: 00007f26dd811e19 R08: 0000000000000000 R09: 0000000000000000 [ 683.841130][T15207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 683.841153][T15207] R13: 00007f26dd9b6038 R14: 00007f26dd9b5fa0 R15: 00007ffe4920c9f8 [ 683.841191][T15207] [ 684.449425][T15191] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 684.710762][T15218] netlink: 'syz.3.2238': attribute type 17 has an invalid length. [ 684.718830][T15218] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2238'. [ 686.082845][T15236] random: crng reseeded on system resumption [ 686.140482][T15236] FAULT_INJECTION: forcing a failure. [ 686.140482][T15236] name failslab, interval 1, probability 0, space 0, times 0 [ 686.201495][T15236] CPU: 1 UID: 0 PID: 15236 Comm: syz.2.2241 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 686.201536][T15236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 686.201553][T15236] Call Trace: [ 686.201563][T15236] [ 686.201574][T15236] dump_stack_lvl+0x16c/0x1f0 [ 686.201614][T15236] should_fail_ex+0x512/0x640 [ 686.201648][T15236] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 686.201680][T15236] should_failslab+0xc2/0x120 [ 686.201714][T15236] __kmalloc_cache_noprof+0x6a/0x3e0 [ 686.201742][T15236] ? create_basic_memory_bitmaps+0xeb/0x320 [ 686.201779][T15236] create_basic_memory_bitmaps+0xeb/0x320 [ 686.201814][T15236] snapshot_open+0x235/0x2b0 [ 686.201844][T15236] ? __pfx_snapshot_open+0x10/0x10 [ 686.201877][T15236] misc_open+0x35a/0x420 [ 686.201913][T15236] ? __pfx_misc_open+0x10/0x10 [ 686.201941][T15236] chrdev_open+0x231/0x6a0 [ 686.201974][T15236] ? __pfx_apparmor_file_open+0x10/0x10 [ 686.202004][T15236] ? __pfx_chrdev_open+0x10/0x10 [ 686.202038][T15236] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 686.202074][T15236] do_dentry_open+0x97f/0x1530 [ 686.202106][T15236] ? __pfx_chrdev_open+0x10/0x10 [ 686.202145][T15236] vfs_open+0x82/0x3f0 [ 686.202187][T15236] path_openat+0x1de4/0x2cb0 [ 686.202230][T15236] ? __pfx_path_openat+0x10/0x10 [ 686.202271][T15236] do_filp_open+0x20b/0x470 [ 686.202303][T15236] ? __pfx_do_filp_open+0x10/0x10 [ 686.202360][T15236] ? alloc_fd+0x471/0x7d0 [ 686.202398][T15236] do_sys_openat2+0x11b/0x1d0 [ 686.202436][T15236] ? __pfx_do_sys_openat2+0x10/0x10 [ 686.202488][T15236] __x64_sys_openat+0x174/0x210 [ 686.202526][T15236] ? __pfx___x64_sys_openat+0x10/0x10 [ 686.202580][T15236] do_syscall_64+0xcd/0x490 [ 686.202616][T15236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 686.202643][T15236] RIP: 0033:0x7f26dd78ebe9 [ 686.202662][T15236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 686.202690][T15236] RSP: 002b:00007f26de623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 686.202715][T15236] RAX: ffffffffffffffda RBX: 00007f26dd9b5fa0 RCX: 00007f26dd78ebe9 [ 686.202735][T15236] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 686.202752][T15236] RBP: 00007f26dd811e19 R08: 0000000000000000 R09: 0000000000000000 [ 686.202769][T15236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 686.202785][T15236] R13: 00007f26dd9b6038 R14: 00007f26dd9b5fa0 R15: 00007ffe4920c9f8 [ 686.202821][T15236] [ 687.762899][T15260] blktrace: Concurrent blktraces are not allowed on ram7 [ 688.045469][T15267] FAULT_INJECTION: forcing a failure. [ 688.045469][T15267] name failslab, interval 1, probability 0, space 0, times 0 [ 688.077334][T15267] CPU: 1 UID: 0 PID: 15267 Comm: syz.3.2246 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 688.077360][T15267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 688.077370][T15267] Call Trace: [ 688.077375][T15267] [ 688.077381][T15267] dump_stack_lvl+0x16c/0x1f0 [ 688.077404][T15267] should_fail_ex+0x512/0x640 [ 688.077426][T15267] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 688.077443][T15267] should_failslab+0xc2/0x120 [ 688.077464][T15267] __kmalloc_cache_noprof+0x6a/0x3e0 [ 688.077478][T15267] ? ww_mutex_lock+0x37/0x160 [ 688.077495][T15267] ? vkms_plane_duplicate_state+0x45/0x130 [ 688.077518][T15267] ? modeset_lock+0x114/0x6e0 [ 688.077550][T15267] vkms_plane_duplicate_state+0x45/0x130 [ 688.077573][T15267] drm_atomic_get_plane_state+0x20b/0x590 [ 688.077600][T15267] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 688.077617][T15267] ? __pfx___might_resched+0x10/0x10 [ 688.077638][T15267] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 688.077653][T15267] ? __mutex_lock+0x1c4/0x10b0 [ 688.077670][T15267] ? rcu_is_watching+0x12/0xc0 [ 688.077703][T15267] drm_client_modeset_commit_locked+0x14d/0x580 [ 688.077722][T15267] drm_client_modeset_commit+0x4f/0x80 [ 688.077739][T15267] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 688.077764][T15267] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 688.077785][T15267] drm_fbdev_client_restore+0x2c/0x40 [ 688.077803][T15267] drm_client_dev_restore+0x1f3/0x2a0 [ 688.077822][T15267] drm_release+0x2c4/0x360 [ 688.077837][T15267] ? __pfx_drm_release+0x10/0x10 [ 688.077849][T15267] __fput+0x3ff/0xb70 [ 688.077874][T15267] task_work_run+0x150/0x240 [ 688.077897][T15267] ? __pfx_task_work_run+0x10/0x10 [ 688.077918][T15267] ? __pfx___do_sys_close_range+0x10/0x10 [ 688.077940][T15267] exit_to_user_mode_loop+0xeb/0x110 [ 688.077962][T15267] do_syscall_64+0x3f6/0x490 [ 688.077981][T15267] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.077997][T15267] RIP: 0033:0x7f74aed8ebe9 [ 688.078009][T15267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 688.078023][T15267] RSP: 002b:00007f74afbd0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 688.078038][T15267] RAX: 0000000000000000 RBX: 00007f74aefb5fa0 RCX: 00007f74aed8ebe9 [ 688.078048][T15267] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 688.078056][T15267] RBP: 00007f74aee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 688.078065][T15267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 688.078074][T15267] R13: 00007f74aefb6038 R14: 00007f74aefb5fa0 R15: 00007fff680c2838 [ 688.078095][T15267] [ 689.169385][T15283] program syz.2.2248 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 691.001192][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.007632][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 693.133478][T15344] Invalid ELF header magic: != ELF [ 693.551674][T15353] netlink: 'syz.3.2260': attribute type 17 has an invalid length. [ 693.562241][T15353] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2260'. [ 695.103094][T15380] FAULT_INJECTION: forcing a failure. [ 695.103094][T15380] name failslab, interval 1, probability 0, space 0, times 0 [ 695.186426][T15380] CPU: 0 UID: 0 PID: 15380 Comm: syz.0.2267 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 695.186465][T15380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 695.186481][T15380] Call Trace: [ 695.186491][T15380] [ 695.186502][T15380] dump_stack_lvl+0x16c/0x1f0 [ 695.186541][T15380] should_fail_ex+0x512/0x640 [ 695.186574][T15380] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 695.186604][T15380] should_failslab+0xc2/0x120 [ 695.186635][T15380] __kmalloc_cache_noprof+0x6a/0x3e0 [ 695.186662][T15380] ? vkms_plane_duplicate_state+0x87/0x130 [ 695.186699][T15380] ? kasan_save_track+0x14/0x30 [ 695.186732][T15380] vkms_plane_duplicate_state+0x87/0x130 [ 695.186769][T15380] drm_atomic_get_plane_state+0x20b/0x590 [ 695.186832][T15380] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 695.186875][T15380] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 695.186904][T15380] ? __mutex_lock+0x1c4/0x10b0 [ 695.186932][T15380] ? rcu_is_watching+0x12/0xc0 [ 695.186993][T15380] drm_client_modeset_commit_locked+0x14d/0x580 [ 695.187025][T15380] drm_client_modeset_commit+0x4f/0x80 [ 695.187051][T15380] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 695.187093][T15380] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 695.187126][T15380] drm_fbdev_client_restore+0x2c/0x40 [ 695.187155][T15380] drm_client_dev_restore+0x1f3/0x2a0 [ 695.187186][T15380] drm_release+0x2c4/0x360 [ 695.187214][T15380] ? __pfx_drm_release+0x10/0x10 [ 695.187236][T15380] __fput+0x3ff/0xb70 [ 695.187279][T15380] task_work_run+0x150/0x240 [ 695.187317][T15380] ? __pfx_task_work_run+0x10/0x10 [ 695.187354][T15380] ? __pfx___do_sys_close_range+0x10/0x10 [ 695.187393][T15380] exit_to_user_mode_loop+0xeb/0x110 [ 695.187430][T15380] do_syscall_64+0x3f6/0x490 [ 695.187463][T15380] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.187486][T15380] RIP: 0033:0x7f342e58ebe9 [ 695.187508][T15380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 695.187533][T15380] RSP: 002b:00007f342f3eb038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 695.187559][T15380] RAX: 0000000000000000 RBX: 00007f342e7b5fa0 RCX: 00007f342e58ebe9 [ 695.187575][T15380] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 695.187590][T15380] RBP: 00007f342e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 695.187606][T15380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 695.187621][T15380] R13: 00007f342e7b6038 R14: 00007f342e7b5fa0 R15: 00007ffcd4eb07d8 [ 695.187659][T15380] [ 696.186573][T15383] program syz.2.2268 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 696.944119][T15403] zswap: compressor not available [ 697.368910][T15414] netlink: 'syz.3.2273': attribute type 17 has an invalid length. [ 697.377111][T15414] netlink: 326 bytes leftover after parsing attributes in process `syz.3.2273'. [ 698.263357][T15424] random: crng reseeded on system resumption [ 698.284480][T15424] FAULT_INJECTION: forcing a failure. [ 698.284480][T15424] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 698.335520][T15424] CPU: 0 UID: 0 PID: 15424 Comm: syz.3.2276 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 698.335561][T15424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 698.335577][T15424] Call Trace: [ 698.335586][T15424] [ 698.335598][T15424] dump_stack_lvl+0x16c/0x1f0 [ 698.335636][T15424] should_fail_ex+0x512/0x640 [ 698.335674][T15424] should_fail_alloc_page+0xe7/0x130 [ 698.335707][T15424] prepare_alloc_pages+0x3c2/0x610 [ 698.335734][T15424] ? __kernel_text_address+0xd/0x40 [ 698.335757][T15424] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 698.335790][T15424] ? stack_trace_save+0x8e/0xc0 [ 698.335811][T15424] ? __pfx_stack_trace_save+0x10/0x10 [ 698.335834][T15424] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 698.335862][T15424] ? kasan_save_stack+0x42/0x60 [ 698.335882][T15424] ? kasan_save_stack+0x33/0x60 [ 698.335905][T15424] ? misc_open+0x35a/0x420 [ 698.335924][T15424] ? chrdev_open+0x231/0x6a0 [ 698.335946][T15424] ? do_dentry_open+0x97f/0x1530 [ 698.335966][T15424] ? vfs_open+0x82/0x3f0 [ 698.335990][T15424] ? path_openat+0x1de4/0x2cb0 [ 698.336011][T15424] ? do_filp_open+0x20b/0x470 [ 698.336030][T15424] ? do_sys_openat2+0x11b/0x1d0 [ 698.336056][T15424] ? __x64_sys_openat+0x174/0x210 [ 698.336082][T15424] ? do_syscall_64+0xcd/0x490 [ 698.336105][T15424] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 698.336126][T15424] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 698.336156][T15424] ? policy_nodemask+0xea/0x4e0 [ 698.336191][T15424] alloc_pages_mpol+0x1fb/0x550 [ 698.336223][T15424] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 698.336258][T15424] alloc_pages_noprof+0x131/0x390 [ 698.336287][T15424] get_zeroed_page_noprof+0x18/0xb0 [ 698.336315][T15424] get_image_page+0x18/0x190 [ 698.336336][T15424] chain_alloc+0x8c/0xd0 [ 698.336357][T15424] memory_bm_create+0x30f/0x810 [ 698.336388][T15424] create_basic_memory_bitmaps+0x10b/0x320 [ 698.336414][T15424] snapshot_open+0x235/0x2b0 [ 698.336446][T15424] ? __pfx_snapshot_open+0x10/0x10 [ 698.336471][T15424] misc_open+0x35a/0x420 [ 698.336494][T15424] ? __pfx_misc_open+0x10/0x10 [ 698.336515][T15424] chrdev_open+0x231/0x6a0 [ 698.336539][T15424] ? __pfx_apparmor_file_open+0x10/0x10 [ 698.336563][T15424] ? __pfx_chrdev_open+0x10/0x10 [ 698.336591][T15424] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 698.336618][T15424] do_dentry_open+0x97f/0x1530 [ 698.336644][T15424] ? __pfx_chrdev_open+0x10/0x10 [ 698.336675][T15424] vfs_open+0x82/0x3f0 [ 698.336707][T15424] path_openat+0x1de4/0x2cb0 [ 698.336739][T15424] ? __pfx_path_openat+0x10/0x10 [ 698.336769][T15424] do_filp_open+0x20b/0x470 [ 698.336792][T15424] ? __pfx_do_filp_open+0x10/0x10 [ 698.336839][T15424] ? alloc_fd+0x471/0x7d0 [ 698.336867][T15424] do_sys_openat2+0x11b/0x1d0 [ 698.336894][T15424] ? __pfx_do_sys_openat2+0x10/0x10 [ 698.336935][T15424] __x64_sys_openat+0x174/0x210 [ 698.336966][T15424] ? __pfx___x64_sys_openat+0x10/0x10 [ 698.337007][T15424] do_syscall_64+0xcd/0x490 [ 698.337034][T15424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 698.337054][T15424] RIP: 0033:0x7f74aed8ebe9 [ 698.337071][T15424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 698.337091][T15424] RSP: 002b:00007f74afbd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 698.337112][T15424] RAX: ffffffffffffffda RBX: 00007f74aefb5fa0 RCX: 00007f74aed8ebe9 [ 698.337127][T15424] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 698.337140][T15424] RBP: 00007f74aee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 698.337154][T15424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 698.337166][T15424] R13: 00007f74aefb6038 R14: 00007f74aefb5fa0 R15: 00007fff680c2838 [ 698.337193][T15424] [ 699.404252][T15437] FAULT_INJECTION: forcing a failure. [ 699.404252][T15437] name failslab, interval 1, probability 0, space 0, times 0 [ 699.488993][T15437] CPU: 0 UID: 0 PID: 15437 Comm: syz.2.2281 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 699.489034][T15437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 699.489051][T15437] Call Trace: [ 699.489061][T15437] [ 699.489073][T15437] dump_stack_lvl+0x16c/0x1f0 [ 699.489111][T15437] should_fail_ex+0x512/0x640 [ 699.489146][T15437] ? __kmalloc_noprof+0xbf/0x510 [ 699.489180][T15437] ? drm_atomic_state_init+0x17b/0x320 [ 699.489207][T15437] should_failslab+0xc2/0x120 [ 699.489241][T15437] __kmalloc_noprof+0xd2/0x510 [ 699.489281][T15437] drm_atomic_state_init+0x17b/0x320 [ 699.489306][T15437] ? __kasan_kmalloc+0xaa/0xb0 [ 699.489335][T15437] drm_atomic_state_alloc+0xd3/0x120 [ 699.489365][T15437] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 699.489395][T15437] ? __pfx___might_resched+0x10/0x10 [ 699.489435][T15437] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 699.489465][T15437] ? __mutex_lock+0x1c4/0x10b0 [ 699.489495][T15437] ? rcu_is_watching+0x12/0xc0 [ 699.489571][T15437] drm_client_modeset_commit_locked+0x14d/0x580 [ 699.489608][T15437] drm_client_modeset_commit+0x4f/0x80 [ 699.489638][T15437] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 699.489682][T15437] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 699.489718][T15437] drm_fbdev_client_restore+0x2c/0x40 [ 699.489752][T15437] drm_client_dev_restore+0x1f3/0x2a0 [ 699.489786][T15437] drm_release+0x2c4/0x360 [ 699.489813][T15437] ? __pfx_drm_release+0x10/0x10 [ 699.489837][T15437] __fput+0x3ff/0xb70 [ 699.489885][T15437] task_work_run+0x150/0x240 [ 699.489928][T15437] ? __pfx_task_work_run+0x10/0x10 [ 699.489966][T15437] ? __pfx___do_sys_close_range+0x10/0x10 [ 699.490010][T15437] exit_to_user_mode_loop+0xeb/0x110 [ 699.490052][T15437] do_syscall_64+0x3f6/0x490 [ 699.490090][T15437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 699.490118][T15437] RIP: 0033:0x7f26dd78ebe9 [ 699.490141][T15437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 699.490167][T15437] RSP: 002b:00007f26de623038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 699.490194][T15437] RAX: 0000000000000000 RBX: 00007f26dd9b5fa0 RCX: 00007f26dd78ebe9 [ 699.490212][T15437] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 699.490227][T15437] RBP: 00007f26dd811e19 R08: 0000000000000000 R09: 0000000000000000 [ 699.490243][T15437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 699.490260][T15437] R13: 00007f26dd9b6038 R14: 00007f26dd9b5fa0 R15: 00007ffe4920c9f8 [ 699.490299][T15437] [ 701.531814][T15478] Invalid ELF header magic: != ELF [ 701.561633][T15477] blktrace: Concurrent blktraces are not allowed on ram7 [ 702.857631][T15510] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 703.307780][T15513] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 704.064621][T15526] netlink: 'syz.2.2303': attribute type 17 has an invalid length. [ 704.156572][T15526] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2303'. [ 705.596831][T15550] random: crng reseeded on system resumption [ 705.626803][T15550] FAULT_INJECTION: forcing a failure. [ 705.626803][T15550] name failslab, interval 1, probability 0, space 0, times 0 [ 705.649886][T15550] CPU: 0 UID: 0 PID: 15550 Comm: syz.2.2311 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 705.649928][T15550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 705.649943][T15550] Call Trace: [ 705.649953][T15550] [ 705.649963][T15550] dump_stack_lvl+0x16c/0x1f0 [ 705.650011][T15550] should_fail_ex+0x512/0x640 [ 705.650044][T15550] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 705.650072][T15550] should_failslab+0xc2/0x120 [ 705.650111][T15550] __kmalloc_cache_noprof+0x6a/0x3e0 [ 705.650137][T15550] ? create_basic_memory_bitmaps+0xeb/0x320 [ 705.650171][T15550] create_basic_memory_bitmaps+0xeb/0x320 [ 705.650206][T15550] snapshot_open+0x235/0x2b0 [ 705.650233][T15550] ? __pfx_snapshot_open+0x10/0x10 [ 705.650260][T15550] misc_open+0x35a/0x420 [ 705.650285][T15550] ? __pfx_misc_open+0x10/0x10 [ 705.650309][T15550] chrdev_open+0x231/0x6a0 [ 705.650337][T15550] ? __pfx_apparmor_file_open+0x10/0x10 [ 705.650364][T15550] ? __pfx_chrdev_open+0x10/0x10 [ 705.650398][T15550] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 705.650430][T15550] do_dentry_open+0x97f/0x1530 [ 705.650462][T15550] ? __pfx_chrdev_open+0x10/0x10 [ 705.650500][T15550] vfs_open+0x82/0x3f0 [ 705.650540][T15550] path_openat+0x1de4/0x2cb0 [ 705.650582][T15550] ? __pfx_path_openat+0x10/0x10 [ 705.650620][T15550] do_filp_open+0x20b/0x470 [ 705.650650][T15550] ? __pfx_do_filp_open+0x10/0x10 [ 705.650700][T15550] ? alloc_fd+0x471/0x7d0 [ 705.650731][T15550] do_sys_openat2+0x11b/0x1d0 [ 705.650766][T15550] ? __pfx_do_sys_openat2+0x10/0x10 [ 705.650812][T15550] __x64_sys_openat+0x174/0x210 [ 705.650847][T15550] ? __pfx___x64_sys_openat+0x10/0x10 [ 705.650901][T15550] do_syscall_64+0xcd/0x490 [ 705.650935][T15550] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.650962][T15550] RIP: 0033:0x7f26dd78ebe9 [ 705.650990][T15550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 705.651016][T15550] RSP: 002b:00007f26de623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 705.651043][T15550] RAX: ffffffffffffffda RBX: 00007f26dd9b5fa0 RCX: 00007f26dd78ebe9 [ 705.651061][T15550] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 705.651077][T15550] RBP: 00007f26dd811e19 R08: 0000000000000000 R09: 0000000000000000 [ 705.651093][T15550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 705.651106][T15550] R13: 00007f26dd9b6038 R14: 00007f26dd9b5fa0 R15: 00007ffe4920c9f8 [ 705.651139][T15550] [ 706.669718][T15559] random: crng reseeded on system resumption [ 709.042050][T15609] random: crng reseeded on system resumption [ 709.299604][T15620] blktrace: Concurrent blktraces are not allowed on ram7 [ 710.260918][T15636] FAULT_INJECTION: forcing a failure. [ 710.260918][T15636] name failslab, interval 1, probability 0, space 0, times 0 [ 710.274326][T15636] CPU: 0 UID: 0 PID: 15636 Comm: syz.3.2332 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 710.274366][T15636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 710.274381][T15636] Call Trace: [ 710.274391][T15636] [ 710.274402][T15636] dump_stack_lvl+0x16c/0x1f0 [ 710.274443][T15636] should_fail_ex+0x512/0x640 [ 710.274473][T15636] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 710.274502][T15636] should_failslab+0xc2/0x120 [ 710.274535][T15636] __kmalloc_cache_noprof+0x6a/0x3e0 [ 710.274560][T15636] ? vkms_plane_duplicate_state+0x87/0x130 [ 710.274598][T15636] ? kasan_save_track+0x14/0x30 [ 710.274632][T15636] vkms_plane_duplicate_state+0x87/0x130 [ 710.274672][T15636] drm_atomic_get_plane_state+0x20b/0x590 [ 710.274715][T15636] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 710.274742][T15636] ? __pfx___might_resched+0x10/0x10 [ 710.274780][T15636] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 710.274808][T15636] ? __mutex_lock+0x1c4/0x10b0 [ 710.274840][T15636] ? rcu_is_watching+0x12/0xc0 [ 710.274903][T15636] drm_client_modeset_commit_locked+0x14d/0x580 [ 710.274938][T15636] drm_client_modeset_commit+0x4f/0x80 [ 710.274967][T15636] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 710.275011][T15636] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 710.275055][T15636] drm_fbdev_client_restore+0x2c/0x40 [ 710.275090][T15636] drm_client_dev_restore+0x1f3/0x2a0 [ 710.275126][T15636] drm_release+0x2c4/0x360 [ 710.275154][T15636] ? __pfx_drm_release+0x10/0x10 [ 710.275177][T15636] __fput+0x3ff/0xb70 [ 710.275222][T15636] task_work_run+0x150/0x240 [ 710.275270][T15636] ? __pfx_task_work_run+0x10/0x10 [ 710.275309][T15636] ? __pfx___do_sys_close_range+0x10/0x10 [ 710.275349][T15636] exit_to_user_mode_loop+0xeb/0x110 [ 710.275387][T15636] do_syscall_64+0x3f6/0x490 [ 710.275421][T15636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.275449][T15636] RIP: 0033:0x7f74aed8ebe9 [ 710.275471][T15636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 710.275496][T15636] RSP: 002b:00007f74afbd0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 710.275521][T15636] RAX: 0000000000000000 RBX: 00007f74aefb5fa0 RCX: 00007f74aed8ebe9 [ 710.275539][T15636] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 710.275555][T15636] RBP: 00007f74aee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 710.275571][T15636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 710.275587][T15636] R13: 00007f74aefb6038 R14: 00007f74aefb5fa0 R15: 00007fff680c2838 [ 710.275625][T15636] [ 712.344618][T15674] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 712.522117][T15669] random: crng reseeded on system resumption [ 712.665222][T15679] blktrace: Concurrent blktraces are not allowed on ram7 [ 713.815647][ T30] audit: type=1800 audit(6050052073.748:19): pid=15704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2347" name="features" dev="configfs" ino=53542 res=0 errno=0 [ 715.518910][T15722] FAULT_INJECTION: forcing a failure. [ 715.518910][T15722] name failslab, interval 1, probability 0, space 0, times 0 [ 715.571295][T15722] CPU: 1 UID: 0 PID: 15722 Comm: syz.0.2353 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 715.571320][T15722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 715.571329][T15722] Call Trace: [ 715.571335][T15722] [ 715.571342][T15722] dump_stack_lvl+0x16c/0x1f0 [ 715.571365][T15722] should_fail_ex+0x512/0x640 [ 715.571386][T15722] ? __kmalloc_noprof+0xbf/0x510 [ 715.571406][T15722] ? drm_atomic_state_init+0x17b/0x320 [ 715.571421][T15722] should_failslab+0xc2/0x120 [ 715.571439][T15722] __kmalloc_noprof+0xd2/0x510 [ 715.571460][T15722] drm_atomic_state_init+0x17b/0x320 [ 715.571474][T15722] ? __kasan_kmalloc+0xaa/0xb0 [ 715.571491][T15722] drm_atomic_state_alloc+0xd3/0x120 [ 715.571507][T15722] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 715.571522][T15722] ? __pfx___might_resched+0x10/0x10 [ 715.571543][T15722] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 715.571558][T15722] ? __mutex_lock+0x1c4/0x10b0 [ 715.571575][T15722] ? rcu_is_watching+0x12/0xc0 [ 715.571609][T15722] drm_client_modeset_commit_locked+0x14d/0x580 [ 715.571628][T15722] drm_client_modeset_commit+0x4f/0x80 [ 715.571644][T15722] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 715.571669][T15722] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 715.571689][T15722] drm_fbdev_client_restore+0x2c/0x40 [ 715.571708][T15722] drm_client_dev_restore+0x1f3/0x2a0 [ 715.571727][T15722] drm_release+0x2c4/0x360 [ 715.571742][T15722] ? __pfx_drm_release+0x10/0x10 [ 715.571755][T15722] __fput+0x3ff/0xb70 [ 715.571780][T15722] task_work_run+0x150/0x240 [ 715.571803][T15722] ? __pfx_task_work_run+0x10/0x10 [ 715.571832][T15722] ? __pfx___do_sys_close_range+0x10/0x10 [ 715.571856][T15722] exit_to_user_mode_loop+0xeb/0x110 [ 715.571878][T15722] do_syscall_64+0x3f6/0x490 [ 715.571900][T15722] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.571914][T15722] RIP: 0033:0x7f342e58ebe9 [ 715.571927][T15722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 715.571942][T15722] RSP: 002b:00007f342f3eb038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 715.571958][T15722] RAX: 0000000000000000 RBX: 00007f342e7b5fa0 RCX: 00007f342e58ebe9 [ 715.571967][T15722] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 715.571975][T15722] RBP: 00007f342e611e19 R08: 0000000000000000 R09: 0000000000000000 [ 715.571984][T15722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 715.571992][T15722] R13: 00007f342e7b6038 R14: 00007f342e7b5fa0 R15: 00007ffcd4eb07d8 [ 715.572012][T15722] [ 715.831602][ C1] vkms_vblank_simulate: vblank timer overrun [ 716.717132][T15735] blktrace: Concurrent blktraces are not allowed on ram7 [ 717.713352][T15751] netlink: 62 bytes leftover after parsing attributes in process `syz.2.2358'. [ 717.955436][T15748] netlink: 'syz.1.2360': attribute type 17 has an invalid length. [ 717.996678][T15748] netlink: 326 bytes leftover after parsing attributes in process `syz.1.2360'. [ 718.074165][T15755] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 718.083220][T15755] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 718.091808][T15755] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 718.101151][T15755] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 718.110187][T15755] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 718.594485][T15754] chnl_net:caif_netlink_parms(): no params data found [ 719.205338][T15778] blktrace: Concurrent blktraces are not allowed on ram7 [ 719.230722][T15754] bridge0: port 1(bridge_slave_0) entered blocking state [ 719.252694][T15754] bridge0: port 1(bridge_slave_0) entered disabled state [ 719.262992][T15754] bridge_slave_0: entered allmulticast mode [ 719.275300][T15754] bridge_slave_0: entered promiscuous mode [ 719.286037][T15754] bridge0: port 2(bridge_slave_1) entered blocking state [ 719.294013][T15754] bridge0: port 2(bridge_slave_1) entered disabled state [ 719.313715][T15754] bridge_slave_1: entered allmulticast mode [ 719.361123][T15754] bridge_slave_1: entered promiscuous mode [ 719.754447][T15754] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 719.810242][T15754] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 719.964320][T15754] team0: Port device team_slave_0 added [ 720.010684][T15754] team0: Port device team_slave_1 added [ 720.102368][T15754] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 720.116475][T15754] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 720.147925][T15754] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 720.168278][T15754] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 720.175271][T15754] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 720.201412][ C1] vkms_vblank_simulate: vblank timer overrun [ 720.201703][T15755] Bluetooth: hci4: command tx timeout [ 720.291088][T15754] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 720.354660][T15789] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2369'. [ 720.366270][ T30] audit: type=1800 audit(6050052080.308:20): pid=15789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2369" name="dummy_udc" dev="gadgetfs" ino=6042 res=0 errno=0 [ 720.536832][ T49] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 720.839333][ T49] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 720.912121][T15754] hsr_slave_0: entered promiscuous mode [ 720.984801][T15754] hsr_slave_1: entered promiscuous mode [ 721.015318][T15754] debugfs: 'hsr0' already exists in 'hsr' [ 721.042205][T15799] vhci_hcd: invalid port number 16 [ 721.049325][T15754] Cannot create hsr debugfs directory [ 721.098373][T15799] vhci_hcd: invalid port number 16 [ 721.181439][ T49] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 722.031383][ T49] bridge_slave_1: left allmulticast mode [ 722.046347][ T49] bridge_slave_1: left promiscuous mode [ 722.053314][ T49] bridge0: port 2(bridge_slave_1) entered disabled state [ 722.111311][ T49] bridge_slave_0: left allmulticast mode [ 722.144119][ T49] bridge_slave_0: left promiscuous mode [ 722.171320][ T49] bridge0: port 1(bridge_slave_0) entered disabled state [ 722.276374][T15755] Bluetooth: hci4: command tx timeout [ 722.724511][T15826] blktrace: Concurrent blktraces are not allowed on ram7 [ 723.735023][ T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 723.796414][ T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 723.852558][ T49] bond0 (unregistering): Released all slaves [ 723.901072][T15848] FAULT_INJECTION: forcing a failure. [ 723.901072][T15848] name failslab, interval 1, probability 0, space 0, times 0 [ 723.958390][T15848] CPU: 1 UID: 0 PID: 15848 Comm: syz.3.2378 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 723.958428][T15848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 723.958444][T15848] Call Trace: [ 723.958453][T15848] [ 723.958463][T15848] dump_stack_lvl+0x16c/0x1f0 [ 723.958501][T15848] should_fail_ex+0x512/0x640 [ 723.958533][T15848] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 723.958564][T15848] should_failslab+0xc2/0x120 [ 723.958596][T15848] __kmalloc_cache_noprof+0x6a/0x3e0 [ 723.958623][T15848] ? vkms_plane_duplicate_state+0x87/0x130 [ 723.958661][T15848] ? kasan_save_track+0x14/0x30 [ 723.958694][T15848] vkms_plane_duplicate_state+0x87/0x130 [ 723.958732][T15848] drm_atomic_get_plane_state+0x20b/0x590 [ 723.958788][T15848] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 723.958817][T15848] ? __pfx___might_resched+0x10/0x10 [ 723.958853][T15848] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 723.958879][T15848] ? __mutex_lock+0x1c4/0x10b0 [ 723.958918][T15848] ? rcu_is_watching+0x12/0xc0 [ 723.958978][T15848] drm_client_modeset_commit_locked+0x14d/0x580 [ 723.959011][T15848] drm_client_modeset_commit+0x4f/0x80 [ 723.959040][T15848] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 723.959083][T15848] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 723.959118][T15848] drm_fbdev_client_restore+0x2c/0x40 [ 723.959151][T15848] drm_client_dev_restore+0x1f3/0x2a0 [ 723.959183][T15848] drm_release+0x2c4/0x360 [ 723.959212][T15848] ? __pfx_drm_release+0x10/0x10 [ 723.959235][T15848] __fput+0x3ff/0xb70 [ 723.959279][T15848] task_work_run+0x150/0x240 [ 723.959318][T15848] ? __pfx_task_work_run+0x10/0x10 [ 723.959354][T15848] ? __pfx___do_sys_close_range+0x10/0x10 [ 723.959392][T15848] exit_to_user_mode_loop+0xeb/0x110 [ 723.959434][T15848] do_syscall_64+0x3f6/0x490 [ 723.959467][T15848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 723.959492][T15848] RIP: 0033:0x7f74aed8ebe9 [ 723.959513][T15848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 723.959539][T15848] RSP: 002b:00007f74afbaf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 723.959562][T15848] RAX: 0000000000000000 RBX: 00007f74aefb6090 RCX: 00007f74aed8ebe9 [ 723.959577][T15848] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 723.959592][T15848] RBP: 00007f74aee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 723.959608][T15848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 723.959623][T15848] R13: 00007f74aefb6128 R14: 00007f74aefb6090 R15: 00007fff680c2838 [ 723.959661][T15848] [ 724.224364][ C1] vkms_vblank_simulate: vblank timer overrun [ 724.356590][T15755] Bluetooth: hci4: command tx timeout [ 724.829635][T15855] Process accounting resumed [ 725.887253][T15754] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 726.112408][T15754] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 726.232150][T15754] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 726.307049][T15754] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 726.446322][T15755] Bluetooth: hci4: command tx timeout [ 727.001804][ T49] hsr_slave_0: left promiscuous mode [ 727.008438][ T49] hsr_slave_1: left promiscuous mode [ 727.019192][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 727.036326][ T49] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 727.068378][ T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 727.093886][ T49] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 727.263975][ T49] veth1_macvtap: left promiscuous mode [ 727.578868][ T49] veth0_macvtap: left promiscuous mode [ 727.609887][ T49] veth1_vlan: left promiscuous mode [ 727.615376][ T49] veth0_vlan: left promiscuous mode [ 727.812477][T15901] vhci_hcd: invalid port number 16 [ 727.848489][T15901] vhci_hcd: invalid port number 16 [ 728.071842][T15908] FAULT_INJECTION: forcing a failure. [ 728.071842][T15908] name failslab, interval 1, probability 0, space 0, times 0 [ 728.096058][T15908] CPU: 1 UID: 0 PID: 15908 Comm: syz.2.2388 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 728.096099][T15908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 728.096116][T15908] Call Trace: [ 728.096126][T15908] [ 728.096137][T15908] dump_stack_lvl+0x16c/0x1f0 [ 728.096176][T15908] should_fail_ex+0x512/0x640 [ 728.096211][T15908] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 728.096242][T15908] should_failslab+0xc2/0x120 [ 728.096278][T15908] __kmalloc_cache_noprof+0x6a/0x3e0 [ 728.096306][T15908] ? vkms_plane_duplicate_state+0x87/0x130 [ 728.096344][T15908] ? kasan_save_track+0x14/0x30 [ 728.096377][T15908] vkms_plane_duplicate_state+0x87/0x130 [ 728.096418][T15908] drm_atomic_get_plane_state+0x20b/0x590 [ 728.096462][T15908] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 728.096501][T15908] ? __pfx___might_resched+0x10/0x10 [ 728.096541][T15908] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 728.096571][T15908] ? __mutex_lock+0x1c4/0x10b0 [ 728.096600][T15908] ? rcu_is_watching+0x12/0xc0 [ 728.096662][T15908] drm_client_modeset_commit_locked+0x14d/0x580 [ 728.096697][T15908] drm_client_modeset_commit+0x4f/0x80 [ 728.096725][T15908] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 728.096769][T15908] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 728.096805][T15908] drm_fbdev_client_restore+0x2c/0x40 [ 728.096844][T15908] drm_client_dev_restore+0x1f3/0x2a0 [ 728.096877][T15908] drm_release+0x2c4/0x360 [ 728.096907][T15908] ? __pfx_drm_release+0x10/0x10 [ 728.096930][T15908] __fput+0x3ff/0xb70 [ 728.096975][T15908] task_work_run+0x150/0x240 [ 728.097015][T15908] ? __pfx_task_work_run+0x10/0x10 [ 728.097053][T15908] ? __pfx___do_sys_close_range+0x10/0x10 [ 728.097092][T15908] exit_to_user_mode_loop+0xeb/0x110 [ 728.097130][T15908] do_syscall_64+0x3f6/0x490 [ 728.097166][T15908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.097193][T15908] RIP: 0033:0x7f26dd78ebe9 [ 728.097215][T15908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 728.097240][T15908] RSP: 002b:00007f26de602038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 728.097266][T15908] RAX: 0000000000000000 RBX: 00007f26dd9b6090 RCX: 00007f26dd78ebe9 [ 728.097283][T15908] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 728.097299][T15908] RBP: 00007f26dd811e19 R08: 0000000000000000 R09: 0000000000000000 [ 728.097315][T15908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 728.097331][T15908] R13: 00007f26dd9b6128 R14: 00007f26dd9b6090 R15: 00007ffe4920c9f8 [ 728.097369][T15908] [ 729.461022][ T49] team0 (unregistering): Port device team_slave_1 removed [ 729.606021][ T49] team0 (unregistering): Port device team_slave_0 removed [ 731.511662][T15754] 8021q: adding VLAN 0 to HW filter on device bond0 [ 731.548747][T15754] 8021q: adding VLAN 0 to HW filter on device team0 [ 731.580942][T10626] bridge0: port 1(bridge_slave_0) entered blocking state [ 731.588133][T10626] bridge0: port 1(bridge_slave_0) entered forwarding state [ 731.667378][T10625] bridge0: port 2(bridge_slave_1) entered blocking state [ 731.674493][T10625] bridge0: port 2(bridge_slave_1) entered forwarding state [ 731.770501][T15754] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 732.412442][T15754] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 732.591516][T15754] veth0_vlan: entered promiscuous mode [ 732.676004][T15754] veth1_vlan: entered promiscuous mode [ 732.845289][T15754] veth0_macvtap: entered promiscuous mode [ 732.983558][T15950] random: crng reseeded on system resumption [ 733.017825][T15950] FAULT_INJECTION: forcing a failure. [ 733.017825][T15950] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 733.060377][T15754] veth1_macvtap: entered promiscuous mode [ 733.118543][T15950] CPU: 0 UID: 0 PID: 15950 Comm: syz.3.2393 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 733.118582][T15950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 733.118603][T15950] Call Trace: [ 733.118613][T15950] [ 733.118624][T15950] dump_stack_lvl+0x16c/0x1f0 [ 733.118660][T15950] should_fail_ex+0x512/0x640 [ 733.118699][T15950] should_fail_alloc_page+0xe7/0x130 [ 733.118736][T15950] prepare_alloc_pages+0x3c2/0x610 [ 733.118774][T15950] ? rcu_is_watching+0x12/0xc0 [ 733.118806][T15950] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 733.118849][T15950] ? stack_trace_save+0x8e/0xc0 [ 733.118875][T15950] ? __pfx_stack_trace_save+0x10/0x10 [ 733.118904][T15950] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 733.118937][T15950] ? kasan_save_stack+0x42/0x60 [ 733.118962][T15950] ? kasan_save_stack+0x33/0x60 [ 733.118993][T15950] ? do_dentry_open+0x97f/0x1530 [ 733.119021][T15950] ? vfs_open+0x82/0x3f0 [ 733.119051][T15950] ? path_openat+0x1de4/0x2cb0 [ 733.119078][T15950] ? do_filp_open+0x20b/0x470 [ 733.119099][T15950] ? do_sys_openat2+0x11b/0x1d0 [ 733.119130][T15950] ? __x64_sys_openat+0x174/0x210 [ 733.119160][T15950] ? do_syscall_64+0xcd/0x490 [ 733.119188][T15950] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.119217][T15950] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 733.119259][T15950] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 733.119295][T15950] ? policy_nodemask+0xea/0x4e0 [ 733.119327][T15950] alloc_pages_mpol+0x1fb/0x550 [ 733.119361][T15950] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 733.119401][T15950] alloc_pages_noprof+0x131/0x390 [ 733.119432][T15950] get_zeroed_page_noprof+0x18/0xb0 [ 733.119466][T15950] get_image_page+0x18/0x190 [ 733.119491][T15950] alloc_rtree_node+0x3c/0xb0 [ 733.119518][T15950] memory_bm_create+0x519/0x810 [ 733.119558][T15950] create_basic_memory_bitmaps+0xbd/0x320 [ 733.119592][T15950] snapshot_open+0x235/0x2b0 [ 733.119620][T15950] ? __pfx_snapshot_open+0x10/0x10 [ 733.119651][T15950] misc_open+0x35a/0x420 [ 733.119679][T15950] ? __pfx_misc_open+0x10/0x10 [ 733.119705][T15950] chrdev_open+0x231/0x6a0 [ 733.119736][T15950] ? __pfx_apparmor_file_open+0x10/0x10 [ 733.119765][T15950] ? __pfx_chrdev_open+0x10/0x10 [ 733.119799][T15950] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 733.119833][T15950] do_dentry_open+0x97f/0x1530 [ 733.119890][T15950] ? __pfx_chrdev_open+0x10/0x10 [ 733.119932][T15950] vfs_open+0x82/0x3f0 [ 733.119974][T15950] path_openat+0x1de4/0x2cb0 [ 733.120018][T15950] ? __pfx_path_openat+0x10/0x10 [ 733.120058][T15950] do_filp_open+0x20b/0x470 [ 733.120089][T15950] ? __pfx_do_filp_open+0x10/0x10 [ 733.120148][T15950] ? alloc_fd+0x471/0x7d0 [ 733.120184][T15950] do_sys_openat2+0x11b/0x1d0 [ 733.120220][T15950] ? __pfx_do_sys_openat2+0x10/0x10 [ 733.120283][T15950] __x64_sys_openat+0x174/0x210 [ 733.120322][T15950] ? __pfx___x64_sys_openat+0x10/0x10 [ 733.120377][T15950] do_syscall_64+0xcd/0x490 [ 733.120412][T15950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 733.120438][T15950] RIP: 0033:0x7f74aed8ebe9 [ 733.120461][T15950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 733.120487][T15950] RSP: 002b:00007f74afbd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 733.120513][T15950] RAX: ffffffffffffffda RBX: 00007f74aefb5fa0 RCX: 00007f74aed8ebe9 [ 733.120531][T15950] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 733.120549][T15950] RBP: 00007f74aee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 733.120566][T15950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 733.120582][T15950] R13: 00007f74aefb6038 R14: 00007f74aefb5fa0 R15: 00007fff680c2838 [ 733.120616][T15950] [ 734.333544][T15754] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 734.359580][T15754] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 734.435008][ T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 734.465538][ T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 734.494940][ T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 734.523504][ T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 735.571249][T15923] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 735.580412][T10626] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 735.635072][T15923] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 735.645403][T10626] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 736.410563][T15997] netlink: 'syz.0.2359': attribute type 17 has an invalid length. [ 736.420254][T15997] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2359'. [ 737.403213][T16009] FAULT_INJECTION: forcing a failure. [ 737.403213][T16009] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 737.483579][T16009] CPU: 1 UID: 0 PID: 16009 Comm: syz.0.2401 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 737.483617][T16009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 737.483632][T16009] Call Trace: [ 737.483640][T16009] [ 737.483650][T16009] dump_stack_lvl+0x16c/0x1f0 [ 737.483685][T16009] should_fail_ex+0x512/0x640 [ 737.483722][T16009] _copy_from_user+0x2e/0xd0 [ 737.483759][T16009] udp_lib_setsockopt+0x48c/0xcf0 [ 737.483792][T16009] ? __pfx_udp_v6_push_pending_frames+0x10/0x10 [ 737.483828][T16009] ? __pfx_udp_lib_setsockopt+0x10/0x10 [ 737.483860][T16009] ? __pfx_aa_sk_perm+0x10/0x10 [ 737.483893][T16009] ? find_held_lock+0x2b/0x80 [ 737.483923][T16009] udpv6_setsockopt+0xbc/0xd0 [ 737.483952][T16009] ? __pfx_udp_v6_push_pending_frames+0x10/0x10 [ 737.483985][T16009] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 737.484024][T16009] do_sock_setsockopt+0xf3/0x1d0 [ 737.484062][T16009] __sys_setsockopt+0x120/0x1a0 [ 737.484097][T16009] __x64_sys_setsockopt+0xbd/0x160 [ 737.484124][T16009] ? do_syscall_64+0x91/0x490 [ 737.484153][T16009] ? lockdep_hardirqs_on+0x7c/0x110 [ 737.484182][T16009] do_syscall_64+0xcd/0x490 [ 737.484214][T16009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.484239][T16009] RIP: 0033:0x7f68b278ebe9 [ 737.484259][T16009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 737.484282][T16009] RSP: 002b:00007f68b3562038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 737.484308][T16009] RAX: ffffffffffffffda RBX: 00007f68b29b5fa0 RCX: 00007f68b278ebe9 [ 737.484325][T16009] RDX: 0000000000000068 RSI: 0000000000000088 RDI: 0000000000000004 [ 737.484340][T16009] RBP: 00007f68b3562090 R08: 0000000000000101 R09: 0000000000000000 [ 737.484356][T16009] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 737.484371][T16009] R13: 00007f68b29b6038 R14: 00007f68b29b5fa0 R15: 00007ffec80bda88 [ 737.484405][T16009] [ 738.310309][ T5865] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 738.320820][ T5865] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 738.329091][ T5865] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 738.348069][ T5865] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 738.355920][ T5865] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 738.784786][ T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 739.452810][ T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 740.447373][ T5865] Bluetooth: hci3: command tx timeout [ 740.610585][ T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 740.972858][ T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 741.235766][T16055] program syz.2.2405 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 741.732454][T16015] chnl_net:caif_netlink_parms(): no params data found [ 742.156040][ T13] bridge_slave_1: left allmulticast mode [ 742.166353][ T13] bridge_slave_1: left promiscuous mode [ 742.172169][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 742.408676][ T13] bridge_slave_0: left allmulticast mode [ 742.431780][ T13] bridge_slave_0: left promiscuous mode [ 742.450602][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 742.518503][ T5865] Bluetooth: hci3: command tx timeout [ 744.596372][ T5865] Bluetooth: hci3: command tx timeout [ 744.609633][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 744.699290][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 744.789846][ T13] bond0 (unregistering): Released all slaves [ 744.990943][ T121] smpboot: CPU 1 is now offline [ 745.138278][ T13] HfR: left promiscuous mode [ 745.267269][T16015] bridge0: port 1(bridge_slave_0) entered blocking state [ 745.274359][T16015] bridge0: port 1(bridge_slave_0) entered disabled state [ 745.349766][T16015] bridge_slave_0: entered allmulticast mode [ 745.387123][T16015] bridge_slave_0: entered promiscuous mode [ 745.466666][T16015] bridge0: port 2(bridge_slave_1) entered blocking state [ 745.473776][T16015] bridge0: port 2(bridge_slave_1) entered disabled state [ 745.545211][T16015] bridge_slave_1: entered allmulticast mode [ 745.567442][T16015] bridge_slave_1: entered promiscuous mode [ 745.930563][T16015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 745.989595][T16015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 746.579577][T16015] team0: Port device team_slave_0 added [ 746.682324][ T5865] Bluetooth: hci3: command tx timeout [ 746.780833][T16015] team0: Port device team_slave_1 added [ 746.930066][T16103] blktrace: Concurrent blktraces are not allowed on ram7 [ 747.302241][T16015] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 747.339528][T16015] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 747.457857][T16015] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 747.803850][T16015] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 747.847791][T16015] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 747.873716][ C0] vkms_vblank_simulate: vblank timer overrun [ 747.961768][T16110] FAULT_INJECTION: forcing a failure. [ 747.961768][T16110] name failslab, interval 1, probability 0, space 0, times 0 [ 747.998055][T16015] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 748.094937][T16110] CPU: 0 UID: 0 PID: 16110 Comm: syz.3.2413 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 748.094963][T16110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 748.094973][T16110] Call Trace: [ 748.094979][T16110] [ 748.094985][T16110] dump_stack_lvl+0x16c/0x1f0 [ 748.095010][T16110] should_fail_ex+0x512/0x640 [ 748.095030][T16110] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 748.095049][T16110] should_failslab+0xc2/0x120 [ 748.095069][T16110] __kmalloc_cache_noprof+0x6a/0x3e0 [ 748.095083][T16110] ? ww_mutex_lock+0x37/0x160 [ 748.095100][T16110] ? vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 748.095121][T16110] vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 748.095137][T16110] drm_atomic_get_crtc_state+0x16e/0x450 [ 748.095162][T16110] drm_atomic_get_plane_state+0x436/0x590 [ 748.095186][T16110] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 748.095202][T16110] ? __pfx___might_resched+0x10/0x10 [ 748.095223][T16110] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 748.095239][T16110] ? __mutex_lock+0x1c4/0x10b0 [ 748.095255][T16110] ? rcu_is_watching+0x12/0xc0 [ 748.095288][T16110] drm_client_modeset_commit_locked+0x14d/0x580 [ 748.095307][T16110] drm_client_modeset_commit+0x4f/0x80 [ 748.095323][T16110] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 748.095349][T16110] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 748.095369][T16110] drm_fbdev_client_restore+0x2c/0x40 [ 748.095388][T16110] drm_client_dev_restore+0x1f3/0x2a0 [ 748.095406][T16110] drm_release+0x2c4/0x360 [ 748.095421][T16110] ? __pfx_drm_release+0x10/0x10 [ 748.095434][T16110] __fput+0x3ff/0xb70 [ 748.095459][T16110] task_work_run+0x150/0x240 [ 748.095481][T16110] ? __pfx_task_work_run+0x10/0x10 [ 748.095503][T16110] ? __pfx___do_sys_close_range+0x10/0x10 [ 748.095525][T16110] exit_to_user_mode_loop+0xeb/0x110 [ 748.095546][T16110] do_syscall_64+0x3f6/0x490 [ 748.095566][T16110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.095581][T16110] RIP: 0033:0x7f74aed8ebe9 [ 748.095593][T16110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 748.095607][T16110] RSP: 002b:00007f74afbaf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 748.095622][T16110] RAX: 0000000000000000 RBX: 00007f74aefb6090 RCX: 00007f74aed8ebe9 [ 748.095631][T16110] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 748.095639][T16110] RBP: 00007f74aee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 748.095648][T16110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 748.095656][T16110] R13: 00007f74aefb6128 R14: 00007f74aefb6090 R15: 00007fff680c2838 [ 748.095676][T16110] [ 748.361107][ C0] vkms_vblank_simulate: vblank timer overrun [ 749.372945][T16015] hsr_slave_0: entered promiscuous mode [ 749.419970][T16015] hsr_slave_1: entered promiscuous mode [ 749.514321][ T13] hsr_slave_0: left promiscuous mode [ 749.561596][ T13] hsr_slave_1: left promiscuous mode [ 749.582392][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 749.627742][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 749.683835][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 749.741583][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 749.849210][T16135] random: crng reseeded on system resumption [ 749.856833][ T13] veth0_macvtap: left promiscuous mode [ 749.890368][ T13] veth1_vlan: left promiscuous mode [ 749.936930][ T13] veth0_vlan: left promiscuous mode [ 749.989826][T16135] FAULT_INJECTION: forcing a failure. [ 749.989826][T16135] name failslab, interval 1, probability 0, space 0, times 0 [ 750.124757][T16135] CPU: 0 UID: 0 PID: 16135 Comm: syz.0.2418 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 750.124784][T16135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 750.124795][T16135] Call Trace: [ 750.124801][T16135] [ 750.124807][T16135] dump_stack_lvl+0x16c/0x1f0 [ 750.124831][T16135] should_fail_ex+0x512/0x640 [ 750.124851][T16135] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 750.124869][T16135] should_failslab+0xc2/0x120 [ 750.124898][T16135] __kmalloc_cache_noprof+0x6a/0x3e0 [ 750.124915][T16135] ? create_basic_memory_bitmaps+0xeb/0x320 [ 750.124935][T16135] create_basic_memory_bitmaps+0xeb/0x320 [ 750.124956][T16135] snapshot_open+0x235/0x2b0 [ 750.124973][T16135] ? __pfx_snapshot_open+0x10/0x10 [ 750.124991][T16135] misc_open+0x35a/0x420 [ 750.125007][T16135] ? __pfx_misc_open+0x10/0x10 [ 750.125021][T16135] chrdev_open+0x231/0x6a0 [ 750.125040][T16135] ? __pfx_apparmor_file_open+0x10/0x10 [ 750.125056][T16135] ? __pfx_chrdev_open+0x10/0x10 [ 750.125075][T16135] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 750.125094][T16135] do_dentry_open+0x97f/0x1530 [ 750.125113][T16135] ? __pfx_chrdev_open+0x10/0x10 [ 750.125135][T16135] vfs_open+0x82/0x3f0 [ 750.125158][T16135] path_openat+0x1de4/0x2cb0 [ 750.125182][T16135] ? __pfx_path_openat+0x10/0x10 [ 750.125203][T16135] do_filp_open+0x20b/0x470 [ 750.125220][T16135] ? __pfx_do_filp_open+0x10/0x10 [ 750.125251][T16135] ? alloc_fd+0x471/0x7d0 [ 750.125271][T16135] do_sys_openat2+0x11b/0x1d0 [ 750.125292][T16135] ? __pfx_do_sys_openat2+0x10/0x10 [ 750.125320][T16135] __x64_sys_openat+0x174/0x210 [ 750.125342][T16135] ? __pfx___x64_sys_openat+0x10/0x10 [ 750.125371][T16135] do_syscall_64+0xcd/0x490 [ 750.125391][T16135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 750.125406][T16135] RIP: 0033:0x7f68b278ebe9 [ 750.125419][T16135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 750.125432][T16135] RSP: 002b:00007f68b3562038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 750.125447][T16135] RAX: ffffffffffffffda RBX: 00007f68b29b5fa0 RCX: 00007f68b278ebe9 [ 750.125457][T16135] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 750.125467][T16135] RBP: 00007f68b2811e19 R08: 0000000000000000 R09: 0000000000000000 [ 750.125476][T16135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 750.125485][T16135] R13: 00007f68b29b6038 R14: 00007f68b29b5fa0 R15: 00007ffec80bda88 [ 750.125504][T16135] [ 750.372930][ C0] vkms_vblank_simulate: vblank timer overrun [ 751.644666][ T13] team0 (unregistering): Port device team_slave_1 removed [ 751.730201][ T13] team0 (unregistering): Port device team_slave_0 removed [ 752.189864][T16156] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 752.443201][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.451161][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.761537][T16185] blktrace: Concurrent blktraces are not allowed on ram7 [ 754.415353][T16015] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 754.439868][T16015] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 754.455557][T16015] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 754.471974][T16015] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 754.805998][T16015] 8021q: adding VLAN 0 to HW filter on device bond0 [ 754.870698][T16015] 8021q: adding VLAN 0 to HW filter on device team0 [ 754.941311][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 754.941408][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 754.942566][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 754.942632][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 754.963872][T16015] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 754.963893][T16015] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 754.978758][T16210] FAULT_INJECTION: forcing a failure. [ 754.978758][T16210] name failslab, interval 1, probability 0, space 0, times 0 [ 754.978809][T16210] CPU: 0 UID: 0 PID: 16210 Comm: syz.3.2432 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 754.978829][T16210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 754.978838][T16210] Call Trace: [ 754.978844][T16210] [ 754.978850][T16210] dump_stack_lvl+0x16c/0x1f0 [ 754.978874][T16210] should_fail_ex+0x512/0x640 [ 754.978894][T16210] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 754.978912][T16210] should_failslab+0xc2/0x120 [ 754.978946][T16210] __kmalloc_cache_noprof+0x6a/0x3e0 [ 754.978962][T16210] ? ww_mutex_lock+0x37/0x160 [ 754.978988][T16210] ? vkms_plane_duplicate_state+0x45/0x130 [ 754.979012][T16210] ? modeset_lock+0x114/0x6e0 [ 754.979034][T16210] vkms_plane_duplicate_state+0x45/0x130 [ 754.979057][T16210] drm_atomic_get_plane_state+0x20b/0x590 [ 754.979084][T16210] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 754.979099][T16210] ? __pfx___might_resched+0x10/0x10 [ 754.979120][T16210] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 754.979136][T16210] ? __mutex_lock+0x1c4/0x10b0 [ 754.979152][T16210] ? rcu_is_watching+0x12/0xc0 [ 754.979186][T16210] drm_client_modeset_commit_locked+0x14d/0x580 [ 754.979204][T16210] drm_client_modeset_commit+0x4f/0x80 [ 754.979220][T16210] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 754.979246][T16210] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 754.979266][T16210] drm_fbdev_client_restore+0x2c/0x40 [ 754.979285][T16210] drm_client_dev_restore+0x1f3/0x2a0 [ 754.979303][T16210] drm_release+0x2c4/0x360 [ 754.979319][T16210] ? __pfx_drm_release+0x10/0x10 [ 754.979331][T16210] __fput+0x3ff/0xb70 [ 754.979356][T16210] task_work_run+0x150/0x240 [ 754.979379][T16210] ? __pfx_task_work_run+0x10/0x10 [ 754.979400][T16210] ? __pfx___do_sys_close_range+0x10/0x10 [ 754.979422][T16210] exit_to_user_mode_loop+0xeb/0x110 [ 754.979444][T16210] do_syscall_64+0x3f6/0x490 [ 754.979464][T16210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.979479][T16210] RIP: 0033:0x7f74aed8ebe9 [ 754.979492][T16210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 754.979507][T16210] RSP: 002b:00007f74afbd0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 754.979521][T16210] RAX: 0000000000000000 RBX: 00007f74aefb5fa0 RCX: 00007f74aed8ebe9 [ 754.979530][T16210] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 754.979538][T16210] RBP: 00007f74aee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 754.979546][T16210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.979555][T16210] R13: 00007f74aefb6038 R14: 00007f74aefb5fa0 R15: 00007fff680c2838 [ 754.979575][T16210] [ 755.201435][T16216] FAULT_INJECTION: forcing a failure. [ 755.201435][T16216] name failslab, interval 1, probability 0, space 0, times 0 [ 755.201463][T16216] CPU: 0 UID: 0 PID: 16216 Comm: syz.3.2434 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 755.201483][T16216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 755.201492][T16216] Call Trace: [ 755.201498][T16216] [ 755.201505][T16216] dump_stack_lvl+0x16c/0x1f0 [ 755.201528][T16216] should_fail_ex+0x512/0x640 [ 755.201549][T16216] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 755.201567][T16216] should_failslab+0xc2/0x120 [ 755.201586][T16216] __kmalloc_cache_noprof+0x6a/0x3e0 [ 755.201601][T16216] ? ww_mutex_lock+0x37/0x160 [ 755.201619][T16216] ? vkms_plane_duplicate_state+0x45/0x130 [ 755.201641][T16216] ? modeset_lock+0x114/0x6e0 [ 755.201663][T16216] vkms_plane_duplicate_state+0x45/0x130 [ 755.201684][T16216] drm_atomic_get_plane_state+0x20b/0x590 [ 755.201710][T16216] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 755.201725][T16216] ? __pfx___might_resched+0x10/0x10 [ 755.201746][T16216] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 755.201761][T16216] ? __mutex_lock+0x1c4/0x10b0 [ 755.201778][T16216] ? rcu_is_watching+0x12/0xc0 [ 755.201812][T16216] drm_client_modeset_commit_locked+0x14d/0x580 [ 755.201830][T16216] drm_client_modeset_commit+0x4f/0x80 [ 755.201845][T16216] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 755.201870][T16216] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 755.201890][T16216] drm_fbdev_client_restore+0x2c/0x40 [ 755.201918][T16216] drm_client_dev_restore+0x1f3/0x2a0 [ 755.201937][T16216] drm_release+0x2c4/0x360 [ 755.201953][T16216] ? __pfx_drm_release+0x10/0x10 [ 755.201966][T16216] __fput+0x3ff/0xb70 [ 755.201992][T16216] task_work_run+0x150/0x240 [ 755.202015][T16216] ? __pfx_task_work_run+0x10/0x10 [ 755.202036][T16216] ? __pfx___do_sys_close_range+0x10/0x10 [ 755.202058][T16216] exit_to_user_mode_loop+0xeb/0x110 [ 755.202079][T16216] do_syscall_64+0x3f6/0x490 [ 755.202099][T16216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.202114][T16216] RIP: 0033:0x7f74aed8ebe9 [ 755.202127][T16216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 755.202141][T16216] RSP: 002b:00007f74afbd0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 755.202155][T16216] RAX: 0000000000000000 RBX: 00007f74aefb5fa0 RCX: 00007f74aed8ebe9 [ 755.202165][T16216] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 755.202173][T16216] RBP: 00007f74aee11e19 R08: 0000000000000000 R09: 0000000000000000 [ 755.202182][T16216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.202191][T16216] R13: 00007f74aefb6038 R14: 00007f74aefb5fa0 R15: 00007fff680c2838 [ 755.202211][T16216] [ 755.407656][T16224] netlink: 'syz.0.2433': attribute type 17 has an invalid length. [ 755.407676][T16224] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2433'. [ 755.703285][T16015] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 755.859333][T16015] veth0_vlan: entered promiscuous mode [ 755.888272][T16015] veth1_vlan: entered promiscuous mode [ 756.000510][T16015] veth0_macvtap: entered promiscuous mode [ 756.019317][T16015] veth1_macvtap: entered promiscuous mode [ 756.098820][T16015] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 756.102355][T16015] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 756.110646][T10625] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 756.111342][T10625] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 756.111923][T10625] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 756.112019][T10625] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 756.378213][T10625] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 756.378233][T10625] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 756.481469][T15923] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 756.481488][T15923] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 756.553027][T16246] FAULT_INJECTION: forcing a failure. [ 756.553027][T16246] name fail_futex, interval 1, probability 0, space 0, times 0 [ 756.553055][T16246] CPU: 0 UID: 0 PID: 16246 Comm: syz.0.2438 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 756.553075][T16246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 756.553084][T16246] Call Trace: [ 756.553089][T16246] [ 756.553095][T16246] dump_stack_lvl+0x16c/0x1f0 [ 756.553118][T16246] should_fail_ex+0x512/0x640 [ 756.553141][T16246] get_futex_key+0x1d0/0x1560 [ 756.553161][T16246] ? __pfx_get_futex_key+0x10/0x10 [ 756.553180][T16246] ? __pfx____sys_sendmsg+0x10/0x10 [ 756.553202][T16246] futex_wake+0xea/0x530 [ 756.553224][T16246] ? __pfx_futex_wake+0x10/0x10 [ 756.553252][T16246] do_futex+0x1e3/0x350 [ 756.553270][T16246] ? __pfx_do_futex+0x10/0x10 [ 756.553287][T16246] ? fput+0x9b/0xd0 [ 756.553307][T16246] ? __sys_sendmsg+0x18c/0x220 [ 756.553326][T16246] __x64_sys_futex+0x1e0/0x4c0 [ 756.553347][T16246] ? __pfx___x64_sys_futex+0x10/0x10 [ 756.553372][T16246] do_syscall_64+0xcd/0x490 [ 756.553392][T16246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 756.553407][T16246] RIP: 0033:0x7f68b278ebe9 [ 756.553419][T16246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 756.553442][T16246] RSP: 002b:00007f68b35620e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 756.553456][T16246] RAX: ffffffffffffffda RBX: 00007f68b29b5fa8 RCX: 00007f68b278ebe9 [ 756.553467][T16246] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f68b29b5fac [ 756.553476][T16246] RBP: 00007f68b29b5fa0 R08: 00007f68b3563000 R09: 0000000000000000 [ 756.553486][T16246] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 756.553495][T16246] R13: 00007f68b29b6038 R14: 00007ffec80bd9a0 R15: 00007ffec80bda88 [ 756.553513][T16246] [ 757.314774][T16267] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2440'. [ 758.882108][T15755] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 758.883577][T15755] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 758.884128][T15755] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 758.885483][T15755] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 758.885888][T15755] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 759.622416][T16296] chnl_net:caif_netlink_parms(): no params data found [ 760.159611][T16296] bridge0: port 1(bridge_slave_0) entered blocking state [ 760.159677][T16296] bridge0: port 1(bridge_slave_0) entered disabled state [ 760.159789][T16296] bridge_slave_0: entered allmulticast mode [ 760.163139][T16296] bridge_slave_0: entered promiscuous mode [ 760.173891][T16296] bridge0: port 2(bridge_slave_1) entered blocking state [ 760.183401][T16296] bridge0: port 2(bridge_slave_1) entered disabled state [ 760.183560][T16296] bridge_slave_1: entered allmulticast mode [ 760.184623][T16296] bridge_slave_1: entered promiscuous mode [ 760.381503][T16296] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 760.398354][T16296] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 760.704617][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 760.744338][T16296] team0: Port device team_slave_0 added [ 760.746077][T16296] team0: Port device team_slave_1 added [ 760.922666][ T5865] Bluetooth: hci5: command tx timeout [ 760.944159][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 760.958456][T16296] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 760.958471][T16296] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 760.958492][T16296] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 760.959713][T16296] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 760.959725][T16296] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 760.959744][T16296] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 761.121043][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.169573][T16296] hsr_slave_0: entered promiscuous mode [ 761.170165][T16296] hsr_slave_1: entered promiscuous mode [ 761.170563][T16296] debugfs: 'hsr0' already exists in 'hsr' [ 761.170578][T16296] Cannot create hsr debugfs directory [ 761.385604][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 762.110176][ C0] vkms_vblank_simulate: vblank timer overrun [ 762.163418][ T13] bridge_slave_1: left allmulticast mode [ 762.163455][ T13] bridge_slave_1: left promiscuous mode [ 762.163594][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 762.206400][ T13] bridge_slave_0: left allmulticast mode [ 762.206420][ T13] bridge_slave_0: left promiscuous mode [ 762.206553][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 762.933242][T16280] tty tty1: ldisc open failed (-12), clearing slot 0 [ 762.945187][T16281] tty tty21: ldisc open failed (-12), clearing slot 20 [ 762.996784][ T5865] Bluetooth: hci5: command tx timeout [ 763.102173][T16180] Process accounting paused [ 763.423675][T16368] blktrace: Concurrent blktraces are not allowed on ram7 [ 763.850906][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 763.896556][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 763.959743][ T13] bond0 (unregistering): Released all slaves [ 764.838530][T16386] random: crng reseeded on system resumption [ 765.076251][ T5865] Bluetooth: hci5: command tx timeout [ 765.664015][ T13] hsr_slave_0: left promiscuous mode [ 765.706532][ T13] hsr_slave_1: left promiscuous mode [ 765.722891][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 765.776352][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 765.843706][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 765.927890][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 766.096954][ T13] veth1_macvtap: left promiscuous mode [ 766.141722][ T13] veth0_macvtap: left promiscuous mode [ 766.178109][ T13] veth1_vlan: left promiscuous mode [ 766.200843][ T13] veth0_vlan: left promiscuous mode [ 767.157462][ T5865] Bluetooth: hci5: command tx timeout [ 767.771374][T16431] blktrace: Concurrent blktraces are not allowed on ram7 [ 768.467110][ T13] team0 (unregistering): Port device team_slave_1 removed [ 768.669268][ T13] team0 (unregistering): Port device team_slave_0 removed [ 769.189528][T16439] blktrace: Concurrent blktraces are not allowed on ram7 [ 770.809544][T16296] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 771.033858][T16296] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 771.084495][T16296] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 771.154187][T16296] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 771.730512][T16458] random: crng reseeded on system resumption [ 771.904489][T16296] 8021q: adding VLAN 0 to HW filter on device bond0 [ 772.071036][T16296] 8021q: adding VLAN 0 to HW filter on device team0 [ 772.182956][T10625] bridge0: port 1(bridge_slave_0) entered blocking state [ 772.190902][T10625] bridge0: port 1(bridge_slave_0) entered forwarding state [ 772.281750][T10625] bridge0: port 2(bridge_slave_1) entered blocking state [ 772.288901][T10625] bridge0: port 2(bridge_slave_1) entered forwarding state [ 772.540240][T16296] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 773.242341][T16499] lo: entered allmulticast mode [ 773.400917][T16296] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 773.521798][T16499] lo: left allmulticast mode [ 773.807554][T16499] blktrace: Concurrent blktraces are not allowed on loop2 [ 774.088637][T16296] veth0_vlan: entered promiscuous mode [ 774.187610][T16296] veth1_vlan: entered promiscuous mode [ 774.342910][T16296] veth0_macvtap: entered promiscuous mode [ 774.437840][T16296] veth1_macvtap: entered promiscuous mode [ 774.678903][T16296] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 774.739153][T16296] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 774.918584][T15923] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 774.965476][T15923] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 775.027168][T15923] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 775.114401][T15923] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 775.599901][T16536] bond0: no command found in slaves file - use +ifname or -ifname [ 775.857231][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 775.897701][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 776.011121][T10626] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 776.053779][T10626] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 777.809085][T15755] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 777.822346][T15755] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 777.830460][T15755] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 777.839947][T15755] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 777.847555][T15755] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 778.221128][T16570] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2480'. [ 778.980011][T16578] blktrace: Concurrent blktraces are not allowed on ram7 [ 779.515152][T16585] FAULT_INJECTION: forcing a failure. [ 779.515152][T16585] name failslab, interval 1, probability 0, space 0, times 0 [ 779.657112][T16585] CPU: 0 UID: 0 PID: 16585 Comm: syz.0.2483 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 779.657137][T16585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 779.657147][T16585] Call Trace: [ 779.657153][T16585] [ 779.657160][T16585] dump_stack_lvl+0x16c/0x1f0 [ 779.657184][T16585] should_fail_ex+0x512/0x640 [ 779.657205][T16585] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 779.657224][T16585] should_failslab+0xc2/0x120 [ 779.657243][T16585] __kmalloc_cache_noprof+0x6a/0x3e0 [ 779.657257][T16585] ? ww_mutex_lock+0x37/0x160 [ 779.657275][T16585] ? vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 779.657295][T16585] vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 779.657312][T16585] drm_atomic_get_crtc_state+0x16e/0x450 [ 779.657338][T16585] drm_atomic_get_plane_state+0x436/0x590 [ 779.657363][T16585] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 779.657379][T16585] ? __pfx___might_resched+0x10/0x10 [ 779.657399][T16585] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 779.657420][T16585] ? __mutex_lock+0x1c4/0x10b0 [ 779.657436][T16585] ? rcu_is_watching+0x12/0xc0 [ 779.657471][T16585] drm_client_modeset_commit_locked+0x14d/0x580 [ 779.657490][T16585] drm_client_modeset_commit+0x4f/0x80 [ 779.657507][T16585] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 779.657533][T16585] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 779.657554][T16585] drm_fbdev_client_restore+0x2c/0x40 [ 779.657573][T16585] drm_client_dev_restore+0x1f3/0x2a0 [ 779.657592][T16585] drm_release+0x2c4/0x360 [ 779.657607][T16585] ? __pfx_drm_release+0x10/0x10 [ 779.657620][T16585] __fput+0x3ff/0xb70 [ 779.657645][T16585] task_work_run+0x150/0x240 [ 779.657668][T16585] ? __pfx_task_work_run+0x10/0x10 [ 779.657689][T16585] ? __pfx___do_sys_close_range+0x10/0x10 [ 779.657712][T16585] exit_to_user_mode_loop+0xeb/0x110 [ 779.657733][T16585] do_syscall_64+0x3f6/0x490 [ 779.657753][T16585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.657768][T16585] RIP: 0033:0x7f68b278ebe9 [ 779.657781][T16585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 779.657795][T16585] RSP: 002b:00007f68b3520038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 779.657810][T16585] RAX: 0000000000000000 RBX: 00007f68b29b6180 RCX: 00007f68b278ebe9 [ 779.657819][T16585] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 779.657828][T16585] RBP: 00007f68b2811e19 R08: 0000000000000000 R09: 0000000000000000 [ 779.657836][T16585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 779.657844][T16585] R13: 00007f68b29b6218 R14: 00007f68b29b6180 R15: 00007ffec80bda88 [ 779.657867][T16585] [ 779.931894][ C0] vkms_vblank_simulate: vblank timer overrun [ 780.366988][T15755] Bluetooth: hci2: command tx timeout [ 780.474575][T16564] chnl_net:caif_netlink_parms(): no params data found [ 781.948391][T16603] netlink: 'syz.0.2487': attribute type 17 has an invalid length. [ 782.062303][T16603] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2487'. [ 782.439769][T15755] Bluetooth: hci2: command tx timeout [ 782.533788][T16611] program syz.1.2488 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 782.561568][T10626] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 782.656754][T16564] bridge0: port 1(bridge_slave_0) entered blocking state [ 782.696340][T16564] bridge0: port 1(bridge_slave_0) entered disabled state [ 782.733842][T16564] bridge_slave_0: entered allmulticast mode [ 782.767298][T16564] bridge_slave_0: entered promiscuous mode [ 782.831432][T16564] bridge0: port 2(bridge_slave_1) entered blocking state [ 782.868640][T16564] bridge0: port 2(bridge_slave_1) entered disabled state [ 782.875909][T16564] bridge_slave_1: entered allmulticast mode [ 782.954256][T16564] bridge_slave_1: entered promiscuous mode [ 783.261204][T16624] blktrace: Concurrent blktraces are not allowed on ram7 [ 783.394049][T10626] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.560206][T16564] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 783.715946][T10626] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.795508][T16564] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 784.131344][T10626] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.317314][T16564] team0: Port device team_slave_0 added [ 784.347844][T16564] team0: Port device team_slave_1 added [ 784.520746][T15755] Bluetooth: hci2: command tx timeout [ 784.544442][T16564] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 784.583587][T16564] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 784.703273][T16564] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 784.874025][T16564] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 784.923618][T16564] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 785.067902][T16564] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 785.380108][ T30] audit: type=1800 audit(6050052145.298:21): pid=16651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2497" name="discovery_nqn" dev="configfs" ino=59864 res=0 errno=0 [ 785.641470][T16564] hsr_slave_0: entered promiscuous mode [ 785.678763][T16564] hsr_slave_1: entered promiscuous mode [ 785.715941][T16564] debugfs: 'hsr0' already exists in 'hsr' [ 785.780151][T16564] Cannot create hsr debugfs directory [ 785.962535][T10626] bridge_slave_1: left allmulticast mode [ 785.981057][T10626] bridge_slave_1: left promiscuous mode [ 786.010899][T10626] bridge0: port 2(bridge_slave_1) entered disabled state [ 786.111372][T10626] bridge_slave_0: left allmulticast mode [ 786.151421][T10626] bridge_slave_0: left promiscuous mode [ 786.176417][T10626] bridge0: port 1(bridge_slave_0) entered disabled state [ 786.258389][T16665] nbd: socks must be embedded in a SOCK_ITEM attr [ 786.293019][T16665] block nbd0: shutting down sockets [ 786.597224][T15755] Bluetooth: hci2: command tx timeout [ 787.269396][T16675] program syz.1.2500 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 787.661899][T10626] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 787.703348][T10626] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 787.744769][T10626] bond0 (unregistering): Released all slaves [ 788.491380][T10626] hsr_slave_0: left promiscuous mode [ 788.526894][T10626] hsr_slave_1: left promiscuous mode [ 788.575588][T10626] veth1_vlan: left promiscuous mode [ 788.620894][T10626] veth0_vlan: left promiscuous mode [ 790.339194][T10626] team_slave_1 (unregistering): left promiscuous mode [ 790.346006][T10626] team_slave_1 (unregistering): left allmulticast mode [ 790.393444][T10626] team0 (unregistering): Port device team_slave_1 removed [ 790.526667][T10626] team_slave_0 (unregistering): left promiscuous mode [ 790.548057][T10626] team_slave_0 (unregistering): left allmulticast mode [ 790.597259][T10626] team0 (unregistering): Port device team_slave_0 removed [ 791.683815][T16707] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 791.812929][T16711] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2503'. [ 791.938813][T16711] veth0_macvtap: left promiscuous mode [ 792.761031][T16564] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 792.829980][T16564] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 792.871347][T16564] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 792.922852][T16564] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 793.283355][T16564] 8021q: adding VLAN 0 to HW filter on device bond0 [ 793.385725][T16564] 8021q: adding VLAN 0 to HW filter on device team0 [ 793.478493][ T60] bridge0: port 1(bridge_slave_0) entered blocking state [ 793.485675][ T60] bridge0: port 1(bridge_slave_0) entered forwarding state [ 793.570528][ T60] bridge0: port 2(bridge_slave_1) entered blocking state [ 793.577731][ T60] bridge0: port 2(bridge_slave_1) entered forwarding state [ 793.659960][T16757] lo: entered allmulticast mode [ 793.759503][T16564] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 793.824343][T16757] lo: left allmulticast mode [ 794.479775][T16773] netlink: 'syz.0.2508': attribute type 17 has an invalid length. [ 794.505297][T16564] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 794.627902][T16773] netlink: 326 bytes leftover after parsing attributes in process `syz.0.2508'. [ 794.783294][T16564] veth0_vlan: entered promiscuous mode [ 794.849358][T16564] veth1_vlan: entered promiscuous mode [ 795.025823][T16564] veth0_macvtap: entered promiscuous mode [ 795.086781][T16564] veth1_macvtap: entered promiscuous mode [ 795.270377][T16786] svc: failed to register nfsdv3 RPC service (errno 111). [ 795.324943][T16564] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 795.385407][T16786] svc: failed to register nfsaclv3 RPC service (errno 111). [ 795.407763][T16564] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 795.541951][ T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.585058][ T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.695007][ T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 795.750694][ T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 796.227703][T16808] serio: Serial port pty6 [ 796.439836][T10625] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 796.499636][T10625] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 796.643116][T16816] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 796.762564][T15923] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 796.824673][T15923] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 797.097995][T16812] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 797.226393][T16812] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 797.384175][T16826] FAULT_INJECTION: forcing a failure. [ 797.384175][T16826] name failslab, interval 1, probability 0, space 0, times 0 [ 797.423519][T16812] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 797.486555][T16826] CPU: 0 UID: 0 PID: 16826 Comm: syz.0.2516 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 797.486581][T16826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 797.486591][T16826] Call Trace: [ 797.486597][T16826] [ 797.486603][T16826] dump_stack_lvl+0x16c/0x1f0 [ 797.486635][T16826] should_fail_ex+0x512/0x640 [ 797.486658][T16826] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 797.486676][T16826] should_failslab+0xc2/0x120 [ 797.486704][T16826] __kmalloc_cache_noprof+0x6a/0x3e0 [ 797.486719][T16826] ? ww_mutex_lock+0x37/0x160 [ 797.486737][T16826] ? vkms_plane_duplicate_state+0x45/0x130 [ 797.486760][T16826] ? modeset_lock+0x114/0x6e0 [ 797.486782][T16826] vkms_plane_duplicate_state+0x45/0x130 [ 797.486804][T16826] drm_atomic_get_plane_state+0x20b/0x590 [ 797.486834][T16826] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 797.486850][T16826] ? __pfx___might_resched+0x10/0x10 [ 797.486872][T16826] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 797.486888][T16826] ? __mutex_lock+0x1c4/0x10b0 [ 797.486904][T16826] ? rcu_is_watching+0x12/0xc0 [ 797.486938][T16826] drm_client_modeset_commit_locked+0x14d/0x580 [ 797.486957][T16826] drm_client_modeset_commit+0x4f/0x80 [ 797.486972][T16826] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 797.486997][T16826] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 797.487018][T16826] drm_fbdev_client_restore+0x2c/0x40 [ 797.487037][T16826] drm_client_dev_restore+0x1f3/0x2a0 [ 797.487055][T16826] drm_release+0x2c4/0x360 [ 797.487071][T16826] ? __pfx_drm_release+0x10/0x10 [ 797.487084][T16826] __fput+0x3ff/0xb70 [ 797.487109][T16826] task_work_run+0x150/0x240 [ 797.487131][T16826] ? __pfx_task_work_run+0x10/0x10 [ 797.487153][T16826] ? __pfx___do_sys_close_range+0x10/0x10 [ 797.487175][T16826] exit_to_user_mode_loop+0xeb/0x110 [ 797.487197][T16826] do_syscall_64+0x3f6/0x490 [ 797.487218][T16826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 797.487233][T16826] RIP: 0033:0x7f68b278ebe9 [ 797.487247][T16826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 797.487263][T16826] RSP: 002b:00007f68b3562038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 797.487278][T16826] RAX: 0000000000000000 RBX: 00007f68b29b5fa0 RCX: 00007f68b278ebe9 [ 797.487287][T16826] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 797.487296][T16826] RBP: 00007f68b2811e19 R08: 0000000000000000 R09: 0000000000000000 [ 797.487305][T16826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 797.487313][T16826] R13: 00007f68b29b6038 R14: 00007f68b29b5fa0 R15: 00007ffec80bda88 [ 797.487333][T16826] [ 797.760661][ C0] vkms_vblank_simulate: vblank timer overrun [ 798.219672][T16812] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 798.271965][T16812] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 798.435926][T16812] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 798.597353][T16812] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 798.699152][T16812] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 798.836685][T15755] Bluetooth: hci4: command 0x0c1a tx timeout [ 798.848006][T16812] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 799.005969][T16812] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 799.052393][T16812] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 799.242646][T16812] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 800.280618][T15755] Bluetooth: hci3: command 0x0c1a tx timeout [ 800.677870][T15755] Bluetooth: hci5: command 0x0c1a tx timeout [ 800.916847][T15755] Bluetooth: hci4: command 0x0c1a tx timeout [ 801.078258][T15755] Bluetooth: hci2: command 0x0c1a tx timeout [ 802.044337][T16902] Invalid ELF header magic: != ELF [ 802.361010][T15755] Bluetooth: hci3: command 0x0c1a tx timeout [ 802.762670][T15755] Bluetooth: hci5: command 0x0c1a tx timeout [ 802.999029][T15755] Bluetooth: hci4: command 0x0c1a tx timeout [ 803.157753][T15755] Bluetooth: hci2: command 0x0c1a tx timeout [ 803.561921][T16916] random: crng reseeded on system resumption [ 803.655527][T16919] blktrace: Concurrent blktraces are not allowed on ram7 [ 804.436506][T15755] Bluetooth: hci3: command 0x0c1a tx timeout [ 804.814367][T16936] FAULT_INJECTION: forcing a failure. [ 804.814367][T16936] name failslab, interval 1, probability 0, space 0, times 0 [ 804.838108][T15755] Bluetooth: hci5: command 0x0c1a tx timeout [ 805.081592][T16936] CPU: 0 UID: 0 PID: 16936 Comm: syz.0.2532 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 805.081618][T16936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 805.081628][T16936] Call Trace: [ 805.081635][T16936] [ 805.081641][T16936] dump_stack_lvl+0x16c/0x1f0 [ 805.081665][T16936] should_fail_ex+0x512/0x640 [ 805.081686][T16936] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 805.081707][T16936] should_failslab+0xc2/0x120 [ 805.081726][T16936] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 805.081743][T16936] ? __kernfs_new_node+0xd2/0x8e0 [ 805.081765][T16936] __kernfs_new_node+0xd2/0x8e0 [ 805.081785][T16936] ? __pfx___kernfs_new_node+0x10/0x10 [ 805.081808][T16936] ? find_held_lock+0x2b/0x80 [ 805.081823][T16936] ? kernfs_root+0xee/0x2a0 [ 805.081844][T16936] kernfs_new_node+0x13c/0x1e0 [ 805.081868][T16936] __kernfs_create_file+0x53/0x350 [ 805.081885][T16936] sysfs_add_file_mode_ns+0x207/0x3c0 [ 805.081907][T16936] sysfs_merge_group+0x1aa/0x340 [ 805.081937][T16936] ? __pfx_sysfs_merge_group+0x10/0x10 [ 805.081960][T16936] ? __pfx_dev_add_physical_location+0x10/0x10 [ 805.081984][T16936] ? bus_to_subsys+0x131/0x160 [ 805.082002][T16936] dpm_sysfs_add+0x237/0x280 [ 805.082024][T16936] device_add+0x9a6/0x1aa0 [ 805.082048][T16936] ? __pfx_device_add+0x10/0x10 [ 805.082076][T16936] nfc_register_device+0x41/0x3c0 [ 805.082097][T16936] nci_register_device+0x7f1/0xb80 [ 805.082113][T16936] ? __pfx_nci_register_device+0x10/0x10 [ 805.082131][T16936] ? lockdep_init_map_type+0x5c/0x280 [ 805.082154][T16936] virtual_ncidev_open+0x141/0x220 [ 805.082170][T16936] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 805.082185][T16936] misc_open+0x35a/0x420 [ 805.082201][T16936] ? __pfx_misc_open+0x10/0x10 [ 805.082215][T16936] chrdev_open+0x231/0x6a0 [ 805.082233][T16936] ? __pfx_apparmor_file_open+0x10/0x10 [ 805.082249][T16936] ? __pfx_chrdev_open+0x10/0x10 [ 805.082268][T16936] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 805.082288][T16936] do_dentry_open+0x97f/0x1530 [ 805.082306][T16936] ? __pfx_chrdev_open+0x10/0x10 [ 805.082328][T16936] vfs_open+0x82/0x3f0 [ 805.082350][T16936] path_openat+0x1de4/0x2cb0 [ 805.082374][T16936] ? __pfx_path_openat+0x10/0x10 [ 805.082395][T16936] do_filp_open+0x20b/0x470 [ 805.082412][T16936] ? __pfx_do_filp_open+0x10/0x10 [ 805.082443][T16936] ? alloc_fd+0x471/0x7d0 [ 805.082464][T16936] do_sys_openat2+0x11b/0x1d0 [ 805.082484][T16936] ? __pfx_do_sys_openat2+0x10/0x10 [ 805.082512][T16936] __x64_sys_openat+0x174/0x210 [ 805.082534][T16936] ? __pfx___x64_sys_openat+0x10/0x10 [ 805.082563][T16936] do_syscall_64+0xcd/0x490 [ 805.082583][T16936] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 805.082598][T16936] RIP: 0033:0x7f68b278ebe9 [ 805.082610][T16936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 805.082625][T16936] RSP: 002b:00007f68b3541038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 805.082640][T16936] RAX: ffffffffffffffda RBX: 00007f68b29b6090 RCX: 00007f68b278ebe9 [ 805.082651][T16936] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 805.082660][T16936] RBP: 00007f68b2811e19 R08: 0000000000000000 R09: 0000000000000000 [ 805.082669][T16936] R10: 000000000000001f R11: 0000000000000246 R12: 0000000000000000 [ 805.082678][T16936] R13: 00007f68b29b6128 R14: 00007f68b29b6090 R15: 00007ffec80bda88 [ 805.082698][T16936] [ 806.029777][T15755] Bluetooth: hci2: command 0x0c1a tx timeout [ 806.537895][T16953] random: crng reseeded on system resumption [ 807.425920][T16962] lo: entered allmulticast mode [ 807.556259][T16962] lo: left allmulticast mode [ 807.941009][T16971] blktrace: Concurrent blktraces are not allowed on ram7 [ 808.403980][T16972] program syz.0.2540 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 810.639906][T16989] FAULT_INJECTION: forcing a failure. [ 810.639906][T16989] name failslab, interval 1, probability 0, space 0, times 0 [ 810.707122][T16989] CPU: 0 UID: 0 PID: 16989 Comm: syz.2.2544 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 810.707148][T16989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 810.707158][T16989] Call Trace: [ 810.707164][T16989] [ 810.707171][T16989] dump_stack_lvl+0x16c/0x1f0 [ 810.707195][T16989] should_fail_ex+0x512/0x640 [ 810.707216][T16989] ? __kmalloc_noprof+0xbf/0x510 [ 810.707234][T16989] ? drm_atomic_state_init+0xe4/0x320 [ 810.707249][T16989] should_failslab+0xc2/0x120 [ 810.707267][T16989] __kmalloc_noprof+0xd2/0x510 [ 810.707289][T16989] drm_atomic_state_init+0xe4/0x320 [ 810.707303][T16989] ? __kasan_kmalloc+0xaa/0xb0 [ 810.707321][T16989] drm_atomic_state_alloc+0xd3/0x120 [ 810.707342][T16989] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 810.707357][T16989] ? __pfx___might_resched+0x10/0x10 [ 810.707379][T16989] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 810.707395][T16989] ? __mutex_lock+0x1c4/0x10b0 [ 810.707412][T16989] ? rcu_is_watching+0x12/0xc0 [ 810.707447][T16989] drm_client_modeset_commit_locked+0x14d/0x580 [ 810.707465][T16989] drm_client_modeset_commit+0x4f/0x80 [ 810.707481][T16989] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 810.707506][T16989] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 810.707526][T16989] drm_fbdev_client_restore+0x2c/0x40 [ 810.707546][T16989] drm_client_dev_restore+0x1f3/0x2a0 [ 810.707564][T16989] drm_release+0x2c4/0x360 [ 810.707580][T16989] ? __pfx_drm_release+0x10/0x10 [ 810.707592][T16989] __fput+0x3ff/0xb70 [ 810.707617][T16989] task_work_run+0x150/0x240 [ 810.707639][T16989] ? __pfx_task_work_run+0x10/0x10 [ 810.707661][T16989] ? __pfx___do_sys_close_range+0x10/0x10 [ 810.707682][T16989] exit_to_user_mode_loop+0xeb/0x110 [ 810.707704][T16989] do_syscall_64+0x3f6/0x490 [ 810.707725][T16989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 810.707740][T16989] RIP: 0033:0x7fae5d78ebe9 [ 810.707752][T16989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 810.707768][T16989] RSP: 002b:00007fae5e586038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 810.707783][T16989] RAX: 0000000000000000 RBX: 00007fae5d9b5fa0 RCX: 00007fae5d78ebe9 [ 810.707792][T16989] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 810.707800][T16989] RBP: 00007fae5d811e19 R08: 0000000000000000 R09: 0000000000000000 [ 810.707809][T16989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 810.707817][T16989] R13: 00007fae5d9b6038 R14: 00007fae5d9b5fa0 R15: 00007ffdccf124c8 [ 810.707837][T16989] [ 811.770335][T17003] FAULT_INJECTION: forcing a failure. [ 811.770335][T17003] name failslab, interval 1, probability 0, space 0, times 0 [ 811.846339][T17003] CPU: 0 UID: 0 PID: 17003 Comm: syz.2.2549 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 811.846363][T17003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 811.846372][T17003] Call Trace: [ 811.846378][T17003] [ 811.846384][T17003] dump_stack_lvl+0x16c/0x1f0 [ 811.846408][T17003] should_fail_ex+0x512/0x640 [ 811.846429][T17003] ? __kmalloc_noprof+0xbf/0x510 [ 811.846447][T17003] ? iovec_from_user+0x108/0x140 [ 811.846460][T17003] should_failslab+0xc2/0x120 [ 811.846479][T17003] __kmalloc_noprof+0xd2/0x510 [ 811.846494][T17003] ? find_held_lock+0x2b/0x80 [ 811.846512][T17003] iovec_from_user+0x108/0x140 [ 811.846527][T17003] __import_iovec+0x88/0x650 [ 811.846545][T17003] import_iovec+0x86/0xb0 [ 811.846560][T17003] vfs_readv+0x19a/0x8b0 [ 811.846579][T17003] ? __pfx_vfs_readv+0x10/0x10 [ 811.846606][T17003] ? __fget_files+0x20e/0x3c0 [ 811.846620][T17003] ? _mutex_trylock_nest_lock+0x90/0x140 [ 811.846644][T17003] ? do_preadv+0x1a6/0x270 [ 811.846657][T17003] do_preadv+0x1a6/0x270 [ 811.846672][T17003] ? __pfx_do_preadv+0x10/0x10 [ 811.846686][T17003] ? ksys_write+0x1ac/0x250 [ 811.846702][T17003] ? __pfx_ksys_write+0x10/0x10 [ 811.846720][T17003] __x64_sys_preadv2+0xef/0x160 [ 811.846740][T17003] do_syscall_64+0xcd/0x490 [ 811.846760][T17003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.846775][T17003] RIP: 0033:0x7fae5d78ebe9 [ 811.846787][T17003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 811.846801][T17003] RSP: 002b:00007fae5e586038 EFLAGS: 00000246 ORIG_RAX: 0000000000000147 [ 811.846818][T17003] RAX: ffffffffffffffda RBX: 00007fae5d9b5fa0 RCX: 00007fae5d78ebe9 [ 811.846827][T17003] RDX: 0000010000000009 RSI: 0000200000000280 RDI: 0000000000000003 [ 811.846837][T17003] RBP: 00007fae5e586090 R08: 0000000080000000 R09: 0000000000000003 [ 811.846845][T17003] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 811.846854][T17003] R13: 00007fae5d9b6038 R14: 00007fae5d9b5fa0 R15: 00007ffdccf124c8 [ 811.846872][T17003] [ 812.939236][T17019] netlink: 'syz.2.2551': attribute type 17 has an invalid length. [ 813.050591][T17019] netlink: 326 bytes leftover after parsing attributes in process `syz.2.2551'. [ 813.891106][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.899920][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 814.161084][T17033] program syz.0.2554 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 814.187060][T17040] ------------[ cut here ]------------ [ 814.187072][T17040] DEBUG_LOCKS_WARN_ON(lock->magic != lock) [ 814.187154][T17040] WARNING: CPU: 0 PID: 17040 at kernel/locking/mutex.c:577 __mutex_lock+0x39f/0x10b0 [ 814.187185][T17040] Modules linked in: [ 814.187198][T17040] CPU: 0 UID: 0 PID: 17040 Comm: syz.3.2558 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 814.187217][T17040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 814.187227][T17040] RIP: 0010:__mutex_lock+0x39f/0x10b0 [ 814.187247][T17040] Code: d0 7c 08 84 d2 0f 85 40 0c 00 00 8b 3d 5a cb 19 05 85 ff 75 19 90 48 c7 c6 40 55 ad 8b 48 c7 c7 80 54 ad 8b e8 32 2e e8 f5 90 <0f> 0b 90 90 90 e9 b8 fd ff ff 48 8d 85 60 ff ff ff 48 89 df 48 89 [ 814.187263][T17040] RSP: 0018:ffffc90004977a70 EFLAGS: 00010282 [ 814.187276][T17040] RAX: 0000000000000000 RBX: ffff888062872050 RCX: ffffc9000ffb6000 [ 814.187286][T17040] RDX: 0000000000080000 RSI: ffffffff817a02d5 RDI: 0000000000000001 [ 814.187296][T17040] RBP: ffffc90004977bc0 R08: 0000000000000001 R09: 0000000000000000 [ 814.187305][T17040] R10: 0000000000000000 R11: 284e4f5f4e524157 R12: dffffc0000000000 [ 814.187314][T17040] R13: 0000000000000000 R14: 1ffff9200092ef5a R15: ffffffff8a99e7b7 [ 814.187324][T17040] FS: 00007f23fca8e6c0(0000) GS:ffff8881246c6000(0000) knlGS:0000000000000000 [ 814.187339][T17040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 814.187349][T17040] CR2: 0000000000000000 CR3: 00000000523fa000 CR4: 00000000003526f0 [ 814.187358][T17040] Call Trace: [ 814.187363][T17040] [ 814.187370][T17040] ? rcu_is_watching+0x12/0xc0 [ 814.187386][T17040] ? trace_kmem_cache_alloc+0x28/0xc0 [ 814.187407][T17040] ? kmem_cache_alloc_node_noprof+0x225/0x3b0 [ 814.187425][T17040] ? kmalloc_reserve+0x18b/0x2c0 [ 814.187448][T17040] ? __pfx___mutex_lock+0x10/0x10 [ 814.187466][T17040] ? __asan_memset+0x23/0x50 [ 814.187480][T17040] ? __build_skb_around+0x278/0x3b0 [ 814.187494][T17040] ? __alloc_skb+0x200/0x380 [ 814.187510][T17040] ? __pfx___alloc_skb+0x10/0x10 [ 814.187526][T17040] ? __pfx_vhci_coredump_hdr+0x10/0x10 [ 814.187545][T17040] ? __pfx_vhci_coredump+0x10/0x10 [ 814.187561][T17040] ? hci_devcd_register+0x47/0x170 [ 814.187582][T17040] hci_devcd_register+0x47/0x170 [ 814.187603][T17040] force_devcd_write+0x16c/0x340 [ 814.187621][T17040] ? __pfx_force_devcd_write+0x10/0x10 [ 814.187643][T17040] full_proxy_write+0x131/0x1a0 [ 814.187665][T17040] ? __pfx_full_proxy_write+0x10/0x10 [ 814.187685][T17040] vfs_write+0x29d/0x11d0 [ 814.187710][T17040] ? __pfx___mutex_lock+0x10/0x10 [ 814.187729][T17040] ? __pfx_vfs_write+0x10/0x10 [ 814.187747][T17040] ? __fget_files+0x20e/0x3c0 [ 814.187766][T17040] ksys_write+0x12a/0x250 [ 814.187782][T17040] ? __pfx_ksys_write+0x10/0x10 [ 814.187802][T17040] do_syscall_64+0xcd/0x490 [ 814.187820][T17040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 814.187835][T17040] RIP: 0033:0x7f23fbb8ebe9 [ 814.187847][T17040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 814.187861][T17040] RSP: 002b:00007f23fca8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 814.187875][T17040] RAX: ffffffffffffffda RBX: 00007f23fbdb6180 RCX: 00007f23fbb8ebe9 [ 814.187885][T17040] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000007 [ 814.187894][T17040] RBP: 00007f23fbc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 814.187904][T17040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 814.187913][T17040] R13: 00007f23fbdb6218 R14: 00007f23fbdb6180 R15: 00007ffc4456d828 [ 814.187947][T17040] [ 814.187955][T17040] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 814.187967][T17040] CPU: 0 UID: 0 PID: 17040 Comm: syz.3.2558 Not tainted 6.17.0-rc1-syzkaller-00016-g8742b2d8935f #0 PREEMPT(full) [ 814.187996][T17040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 814.188005][T17040] Call Trace: [ 814.188011][T17040] [ 814.188017][T17040] dump_stack_lvl+0x3d/0x1f0 [ 814.188035][T17040] vpanic+0x6e8/0x7a0 [ 814.188057][T17040] ? __pfx_vpanic+0x10/0x10 [ 814.188078][T17040] ? __mutex_lock+0x39f/0x10b0 [ 814.188096][T17040] panic+0xca/0xd0 [ 814.188115][T17040] ? __pfx_panic+0x10/0x10 [ 814.188138][T17040] check_panic_on_warn+0xab/0xb0 [ 814.188158][T17040] __warn+0xf6/0x3c0 [ 814.188177][T17040] ? __pfx_vprintk_emit+0x10/0x10 [ 814.188192][T17040] ? __mutex_lock+0x39f/0x10b0 [ 814.188209][T17040] report_bug+0x3c3/0x580 [ 814.188224][T17040] ? __mutex_lock+0x39f/0x10b0 [ 814.188241][T17040] handle_bug+0x184/0x210 [ 814.188260][T17040] exc_invalid_op+0x17/0x50 [ 814.188278][T17040] asm_exc_invalid_op+0x1a/0x20 [ 814.188292][T17040] RIP: 0010:__mutex_lock+0x39f/0x10b0 [ 814.188309][T17040] Code: d0 7c 08 84 d2 0f 85 40 0c 00 00 8b 3d 5a cb 19 05 85 ff 75 19 90 48 c7 c6 40 55 ad 8b 48 c7 c7 80 54 ad 8b e8 32 2e e8 f5 90 <0f> 0b 90 90 90 e9 b8 fd ff ff 48 8d 85 60 ff ff ff 48 89 df 48 89 [ 814.188323][T17040] RSP: 0018:ffffc90004977a70 EFLAGS: 00010282 [ 814.188334][T17040] RAX: 0000000000000000 RBX: ffff888062872050 RCX: ffffc9000ffb6000 [ 814.188344][T17040] RDX: 0000000000080000 RSI: ffffffff817a02d5 RDI: 0000000000000001 [ 814.188353][T17040] RBP: ffffc90004977bc0 R08: 0000000000000001 R09: 0000000000000000 [ 814.188362][T17040] R10: 0000000000000000 R11: 284e4f5f4e524157 R12: dffffc0000000000 [ 814.188372][T17040] R13: 0000000000000000 R14: 1ffff9200092ef5a R15: ffffffff8a99e7b7 [ 814.188381][T17040] ? hci_devcd_register+0x47/0x170 [ 814.188403][T17040] ? __warn_printk+0x1a5/0x350 [ 814.188423][T17040] ? rcu_is_watching+0x12/0xc0 [ 814.188438][T17040] ? trace_kmem_cache_alloc+0x28/0xc0 [ 814.188458][T17040] ? kmem_cache_alloc_node_noprof+0x225/0x3b0 [ 814.188474][T17040] ? kmalloc_reserve+0x18b/0x2c0 [ 814.188495][T17040] ? __pfx___mutex_lock+0x10/0x10 [ 814.188513][T17040] ? __asan_memset+0x23/0x50 [ 814.188527][T17040] ? __build_skb_around+0x278/0x3b0 [ 814.188540][T17040] ? __alloc_skb+0x200/0x380 [ 814.188556][T17040] ? __pfx___alloc_skb+0x10/0x10 [ 814.188573][T17040] ? __pfx_vhci_coredump_hdr+0x10/0x10 [ 814.188592][T17040] ? __pfx_vhci_coredump+0x10/0x10 [ 814.188608][T17040] ? hci_devcd_register+0x47/0x170 [ 814.188627][T17040] hci_devcd_register+0x47/0x170 [ 814.188647][T17040] force_devcd_write+0x16c/0x340 [ 814.188665][T17040] ? __pfx_force_devcd_write+0x10/0x10 [ 814.188687][T17040] full_proxy_write+0x131/0x1a0 [ 814.188709][T17040] ? __pfx_full_proxy_write+0x10/0x10 [ 814.188729][T17040] vfs_write+0x29d/0x11d0 [ 814.188746][T17040] ? __pfx___mutex_lock+0x10/0x10 [ 814.188763][T17040] ? __pfx_vfs_write+0x10/0x10 [ 814.188781][T17040] ? __fget_files+0x20e/0x3c0 [ 814.188802][T17040] ksys_write+0x12a/0x250 [ 814.188818][T17040] ? __pfx_ksys_write+0x10/0x10 [ 814.188836][T17040] do_syscall_64+0xcd/0x490 [ 814.188862][T17040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 814.188878][T17040] RIP: 0033:0x7f23fbb8ebe9 [ 814.188889][T17040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 814.188902][T17040] RSP: 002b:00007f23fca8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 814.188916][T17040] RAX: ffffffffffffffda RBX: 00007f23fbdb6180 RCX: 00007f23fbb8ebe9 [ 814.188925][T17040] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000007 [ 814.188934][T17040] RBP: 00007f23fbc11e19 R08: 0000000000000000 R09: 0000000000000000 [ 814.188943][T17040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 814.188952][T17040] R13: 00007f23fbdb6218 R14: 00007f23fbdb6180 R15: 00007ffc4456d828 [ 814.188966][T17040] [ 814.189106][T17040] Kernel Offset: disabled