last executing test programs: 1m5.754290855s ago: executing program 1 (id=259): landlock_restrict_self$auto(0xffffffffffffffff, 0x2) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x5, 0x9, 0x2) sysfs$auto(0x81, 0xfe, 0xba1) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sendfile$auto(0x1, r1, 0x0, 0x7ffff000) r2 = openat$auto_trace_time_stamp_mode_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/timestamp_mode\x00', 0x80040, 0x0) recvmmsg$auto(r2, 0x0, 0x3, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x403, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x1d9, 0x400, 0x4}]}) socket(0x23, 0x80805, 0x0) bpf$auto(0x8, &(0x7f00000000c0)=@raw_tracepoint={0xc0000, r0}, 0x1) ioctl$auto(0x8000000000000001, 0x89ef, 0x9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) 1m5.229719182s ago: executing program 1 (id=262): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) close_range$auto(0x2, 0x8, 0x0) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) memfd_secret$auto(0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0x0) memfd_create$auto(0x0, 0x4) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x8}) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/arch_status\x00', 0x200, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x0, 0x0) 1m4.855797316s ago: executing program 1 (id=264): r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000001200), 0x969c0, 0x0) mmap$auto(0x0, 0x7, 0x3, 0x9b72, 0x7, 0xf8ae) r1 = socket(0x23, 0x80805, 0x0) getsockopt$auto(r1, 0x40000000113, 0x2, 0xfffffffffffffffc, 0x0) ioctl$auto_VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000001240)={0x80, 0xffffffffffffffff}) ioctl$auto_BLKRRPART(r2, 0x125f, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/watchdog\x00', 0x800, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) 1m4.737988334s ago: executing program 1 (id=265): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r0, 0x8000) sysfs$auto(0x2, 0x10000000000002f, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x58, 0x0) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/usbmon8\x00', 0x640, 0x0) read$auto_mon_fops_binary_mon_bin(r1, 0x0, 0x2f) setitimer$auto(0x2, &(0x7f0000000040)={{0x0, 0x5}, {0x0, 0x8}}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='./cgroup.net/blkio.bfq.dequeue\x00', 0x8ad00, 0x0) ioctl$auto_TUNSETSNDBUF2(0xffffffffffffffff, 0x400454d4, &(0x7f0000001140)=0x6) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)=""/4096, 0x1000) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/fs/quota/writes\x00', 0x0, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card2/midi0\x00', 0x121040, 0x0) pread64$auto(r4, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\xcb\xec\x9e{o2?\x0f\x11\x90^\xdf/\x84\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6', 0x7ff, 0x5) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cpu/0/msr\x00', 0x800, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') r5 = open(&(0x7f0000000140)='}[,&*}\x00', 0x6ea200, 0x86f2cbedd114ef14) mmap$auto(0x8, 0x202000c, 0x3, 0xeb1, r5, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x5, 0x0) open(0x0, 0x261c2, 0x84) keyctl$auto(0xe, 0x2, 0x76f, 0x9, 0xf13) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010029bd4884d7e3d57769f500000500070005000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4008801}, 0x4000) 1m3.471935516s ago: executing program 1 (id=270): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video38\x00', 0x16b000, 0x0) (async) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video38\x00', 0x16b000, 0x0) ioctl$auto(r0, 0xc0445624, r0) (async) ioctl$auto(r0, 0xc0445624, r0) timerfd_create$auto(0x6, 0x81) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) mmap$auto(0x0, 0x3, 0x1000df, 0x9b72, 0x7, 0x28000) prctl$auto(0x37, 0x1, 0x4, 0x5, 0x7) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x88) (async) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptyx3\x00', 0x2200, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc81, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1000000000001, 0x948b, 0x3, 0x3ca6, 0xffffffffdfffffff, 0x3, 0x62, 0x84000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) setsockopt$auto_SO_DEBUG(r2, 0xe38, 0x1, &(0x7f0000000000)='/dev/audio1\x00', 0x5) (async) setsockopt$auto_SO_DEBUG(r2, 0xe38, 0x1, &(0x7f0000000000)='/dev/audio1\x00', 0x5) msync$auto(0x0, 0xe0, 0x6) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/enable\x00', 0x300, 0x0) (async) openat$auto_ftrace_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/enable\x00', 0x300, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/fib_triestat\x00', 0x0, 0x0) pread64$auto(r4, &(0x7f0000000040)='veth1\x00', 0x200000000006, 0x8) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000340)='/dev/snd/pcmC1D1p\x00', 0x40341, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x200000, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x200000, 0x0) 1m2.340399276s ago: executing program 1 (id=275): prctl$auto(0x1000000001c, 0x4, 0x0, 0x3, 0x3fffffffff) (async) setreuid$auto(0x0, 0x5) (async) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) (async) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x220100, 0x0) (async, rerun: 64) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) (async, rerun: 64) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0) read$auto(r1, &(0x7f0000000040)='/proc/self/net/icmp\x00', 0x80000001) (async) mmap$auto(0x7fff, 0x400008, 0xda, 0x9b72, 0x2, 0x480000000008001) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) getrandom$auto(0x0, 0x6000000, 0x3) (async) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async) mmap$auto(0x8, 0x810004, 0xff7, 0x11, 0x3, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/pagemap\x00', 0x181800, 0x0) read$auto(r2, 0x0, 0x39b8) (async) write$auto(0x3, 0x0, 0xfffffdef) (async) fstat$auto(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x1a0000000000, 0x7f, 0x77d508f7, 0xee01, 0xee01, 0x0, 0x8, 0xa6ee, 0x8, 0x100000000, 0x7, 0x7fffffff, 0x10, 0x9, 0x4, 0xd}) (async, rerun: 32) read$auto_clk_dump_fops_(0xffffffffffffffff, &(0x7f0000000040)=""/59, 0x3b) (async, rerun: 32) io_uring_setup$auto(0x6, 0x0) (async) ioctl$auto_BLKRRPART(r0, 0x125f, 0x0) (async) sendmsg$auto_NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, 0x0, 0x24008804) (async) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x734f, 0x36, 0x67f, 0x1ffde, 0x7, 0x3, 0x20000002, 0xd, 0x3, 0x1, 0x2091, 0xb4, 0x9, 0x6, 0x4, 0x80, 0x4, 0x1cd7, 0x1000, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0xd) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) (async) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8040) mmap$auto(0x4, 0x10000, 0x4000000000e3, 0x11, 0xffffffffffffffff, 0x10008001) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) 47.020254262s ago: executing program 32 (id=275): prctl$auto(0x1000000001c, 0x4, 0x0, 0x3, 0x3fffffffff) (async) setreuid$auto(0x0, 0x5) (async) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) (async) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x220100, 0x0) (async, rerun: 64) prctl$auto(0x23, 0x7, 0x7fffffffefff, 0x0, 0x0) (async, rerun: 64) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/icmp\x00', 0xc0880, 0x0) read$auto(r1, &(0x7f0000000040)='/proc/self/net/icmp\x00', 0x80000001) (async) mmap$auto(0x7fff, 0x400008, 0xda, 0x9b72, 0x2, 0x480000000008001) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) getrandom$auto(0x0, 0x6000000, 0x3) (async) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) (async) mmap$auto(0x8, 0x810004, 0xff7, 0x11, 0x3, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/pagemap\x00', 0x181800, 0x0) read$auto(r2, 0x0, 0x39b8) (async) write$auto(0x3, 0x0, 0xfffffdef) (async) fstat$auto(0xffffffffffffffff, &(0x7f0000000100)={0x4, 0x1a0000000000, 0x7f, 0x77d508f7, 0xee01, 0xee01, 0x0, 0x8, 0xa6ee, 0x8, 0x100000000, 0x7, 0x7fffffff, 0x10, 0x9, 0x4, 0xd}) (async, rerun: 32) read$auto_clk_dump_fops_(0xffffffffffffffff, &(0x7f0000000040)=""/59, 0x3b) (async, rerun: 32) io_uring_setup$auto(0x6, 0x0) (async) ioctl$auto_BLKRRPART(r0, 0x125f, 0x0) (async) sendmsg$auto_NL80211_CMD_SET_MESH_CONFIG(0xffffffffffffffff, 0x0, 0x24008804) (async) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x734f, 0x36, 0x67f, 0x1ffde, 0x7, 0x3, 0x20000002, 0xd, 0x3, 0x1, 0x2091, 0xb4, 0x9, 0x6, 0x4, 0x80, 0x4, 0x1cd7, 0x1000, 0x2000, 0x203, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0xd) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) (async) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8040) mmap$auto(0x4, 0x10000, 0x4000000000e3, 0x11, 0xffffffffffffffff, 0x10008001) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) 10.947825627s ago: executing program 4 (id=415): mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x400, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16, @ANYBLOB="1b0026bd740021dbdf250300000004400800100003800c00098008"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r1 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer2\x00', 0x410402, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00211459a600fbdbdf250200000008000300000000001b0004"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000200bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40000}, 0x40000) socket(0x10, 0x2, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a000000", @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) prctl$auto(0x3a, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=0x0], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) setresuid$auto(0x8, 0x8, 0x0) socket(0x25, 0x5, 0x0) r2 = socket(0x25, 0x1, 0x0) connect$auto(r2, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) fadvise64$auto(r3, 0x8, 0x400000000000006, 0x4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xfdef}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_XFS_IOC_SWAPEXT(0xffffffffffffffff, 0xc0c0586d, &(0x7f0000000300)={0x1, @inferred=r1, @raw=0x3873, 0xb, 0x0, '\x00', {0xffffffff, 0x9, 0x8, 0xee00, 0xee00, 0x8, 0x7, 0x1ff, {0x6, 0x101}, {0x8, 0x89}, {0x7ff, 0x3ff}, 0x1, 0x8, 0xf2cc, 0x3, 0x4, 0x2, 0x9, 0x2, 0x7fff, 0x0, '\x00', 0x8001, 0x6, 0xf3b6, 0x7f}}) msgctl$auto_MSG_STAT(0x80, 0xb, &(0x7f0000000480)={{0x0, r4, r5, 0xf, 0xb4f6, 0x4, 0x920}, &(0x7f0000000280)=0x9, &(0x7f0000000440)=0x8, 0x80000000, 0x5, 0x3, 0x100000000, 0x8000000000000001, 0x81, 0x7, 0x6, @raw=0x9, @inferred=0xffffffffffffffff}) msgctl$auto_IPC_RMID(0xfffffff9, 0x0, &(0x7f0000000580)={{0x7, r6, 0xffffffffffffffff, 0xffff2044, 0x1, 0x200, 0x8}, &(0x7f0000000500)=0x7f, &(0x7f0000000540)=0x1, 0x4af0539e, 0xfffffffffffffffe, 0x90ea, 0x0, 0x4, 0x7, 0x1, 0xdfd5, @raw=0x101, @raw=0x10001}) lstat$auto(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)={0x20000000000000, 0x0, 0x10000, 0x4, r8, r7, 0x0, 0x4, 0xecc3, 0x8, 0x7d4c, 0x5, 0x8000000000000000, 0xce72, 0x6, 0x100000000, 0x80}) r10 = setfsuid$auto(r9) setuid$auto(r10) msgctl$auto_IPC_STAT(0x5, 0x2, &(0x7f00000003c0)={{0x7, 0x0, 0xee01, 0x9, 0x80000, 0x6, 0x7b51}, &(0x7f0000000180)=0xff, &(0x7f00000001c0)=0x1, 0x3, 0x100, 0x1, 0x8001, 0x4, 0xffde, 0x2, 0x5, @raw=0xb, @inferred=0xffffffffffffffff}) setresuid$auto(r4, r10, r11) 10.330126689s ago: executing program 4 (id=416): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x2, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x2) writev$auto(0x3, 0x0, 0x8009) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) syz_clone(0x400011, 0x0, 0x0, 0x0, 0x0, 0x0) waitid$auto(0x2, 0x0, 0x0, 0x3, 0x0) sendmsg$auto_OVS_FLOW_CMD_DEL(r2, 0x0, 0x800) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48800}, 0x0) io_uring_setup$auto(0x5c9ab8db, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) unshare$auto(0x40000080) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) read$auto(0x3, 0x0, 0xf34) read$auto(r1, 0x0, 0x7) read$auto(0xffffffffffffffff, 0x0, 0x1) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, r3, 0x8000) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x10b000, 0x0) mmap$auto(0x0, 0x1, 0xdf, 0x14, r0, 0x8000) ioctl$auto_SG_GET_TIMEOUT2(0xffffffffffffffff, 0x2202, &(0x7f00000003c0)="37b6ca423babc4ba651c378eb6edd8e65aa9cc68b725e1") close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x10015) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) 9.138287534s ago: executing program 2 (id=420): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000000)=@in={0x2, 0xffff, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0xf}}, 0x54) mmap$auto(0x0, 0x2020007, 0xffffffffffffffff, 0x8000000000000eb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vkms/graphics/fb0/bits_per_pixel\x00', 0x82942, 0x0) sendfile$auto(r0, r0, 0x0, 0x200) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/traceSMB\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x9, 0x8000) r2 = socket(0x1d, 0x2, 0x6) r3 = socket(0x23, 0x80000, 0x4000002) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0xfa9a, 0x6, &(0x7f0000000280)=0xfb, 0x400, 0x3) set_mempolicy_home_node$auto(0x0, 0x10001, 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x5) ioctl$auto(0xffffffffffffffff, 0x4004af07, 0xffffffffffffffff) ioctl$auto_SNDRV_PCM_IOCTL_STATUS_EXT322(0xffffffffffffffff, 0xc06c4124, 0x0) bind$auto(r2, &(0x7f0000000040)=@can={0x1d, r4, 0xfd}, 0x6a) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[], 0x6c}, 0x1, 0x0, 0x0, 0x40084}, 0x40) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x202, 0x0) signalfd$auto(0xffffffff, 0x0, 0x8) 8.985379856s ago: executing program 3 (id=421): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) lsm_list_modules$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) r2 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy10/netdev:wlan0/stations/08:02:11:00:00:01/aid\x00', 0x20000, 0x0) read$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(r2, 0x0, 0x0) pwrite64$auto(0xc8, 0x0, 0x10, 0x6) ioctl$auto_TIOCSTI2(r1, 0x5412, &(0x7f0000000840)) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/usb/drivers/usbtouchscreen/new_id\x00', 0xbce02, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), r0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) r3 = socket(0x2, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x13}}, 0x54) getsockopt$auto(r3, 0x84, 0x66, 0x0, &(0x7f00000002c0)=0x8) ioctl$auto_MON_IOCQ_URB_LEN(0xffffffffffffffff, 0x9201, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r4, 0xffffffffffdffe00, &(0x7f0000000140)=';') 8.861893872s ago: executing program 0 (id=422): openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/pagemap\x00', 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) setgroups$auto(0xe32, 0x0) madvise$auto(0x0, 0x200007, 0x19) ioctl$auto_SG_GET_RESERVED_SIZE(0xffffffffffffffff, 0x4c04, 0x0) mmap$auto(0x0, 0x128009, 0xdf, 0x410, r0, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) madvise$auto(0xfffffffffffffffe, 0x6fffe, 0x12) read$auto_proc_pid_maps_operations_internal(r1, &(0x7f00000010c0)=""/4082, 0xff2) madvise$auto(0x8, 0xc89, 0xffffff33) r2 = socket(0x2b, 0x2, 0x0) bind$auto(r2, 0x0, 0x67) mmap$auto(0x1, 0x5, 0xfffffffffffffe01, 0x8011, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) socket(0x2, 0x1, 0xfffffff8) 7.86121274s ago: executing program 4 (id=423): futex$auto(&(0x7f0000000080)=0x2948, 0x9, 0x2948, 0x0, 0x0, 0x5) futex$auto(&(0x7f0000000000)=0xf0fe, 0x5, 0x4, 0x0, &(0x7f0000000080)=0x9, 0x4000000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00'}) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004080}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) open(0x0, 0x161342, 0x100) rseq$auto(&(0x7f0000000080)={0x9, 0x8, 0x0, 0x7, 0xffffffff, 0x2}, 0x7ffd, 0xfffffff6, 0x8) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x5, 0x4000000000df, 0xeb1, 0x401, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(0x0, 0x400000, 0x1cc) ioprio_set$auto(0x2, 0x0, 0x208) r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x104) write$auto(r0, &(0x7f0000000100)='\x00', 0x7) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) write$auto(r1, 0x0, 0x7fffffff) 7.788071856s ago: executing program 2 (id=424): io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) (async) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/midiC2D3\x00', 0x16b101, 0x0) (async) ioctl$auto_SNDRV_RAWMIDI_IOCTL_DROP(0xffffffffffffffff, 0x40045730, &(0x7f0000000000)) socket$nl_generic(0x10, 0x3, 0x10) (async) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) r1 = socket(0x2b, 0x1, 0x1) unshare$auto(0x50) (async) setsockopt$auto(r1, 0x0, 0x1, 0x0, 0x1e) (async, rerun: 32) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async, rerun: 32) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc45d, 0x80, 0x6, 0x3, 0x2, 0x3, 0x3, 0x62, 0x80000022, 0x7, 0x6d3e, 0x2000000004000009, 0x2, 0x6]}, 0x0) (async) mmap$auto(0x0, 0x8, 0xdf, 0xeb1, 0x0, 0x8000) (async) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r2, 0x5522, 0xf15) (async, rerun: 32) ioctl$auto(r2, 0x5523, r2) (async, rerun: 32) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x0, 0x0) (async) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socket(0xa, 0x5, 0x94) io_uring_setup$auto(0x6, 0x0) gettimeofday$auto(&(0x7f0000000080)={0x3, 0x780}, &(0x7f00000000c0)={0x9, 0x1}) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 7.364286921s ago: executing program 0 (id=425): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TIOCGWINSZ2(r0, 0x5413, &(0x7f0000000000)) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r1 = socket(0x10, 0x2, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/block/nbd4/sched/read0_next_rq\x00', 0x169000, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r1, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty12\x00', 0x800, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="180027"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00) r2 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) write$auto_snd_seq_f_ops_seq_clientmgr(r2, &(0x7f00000000c0)="632d1bfe595046ab5c40bd6163307acb6d16baef6176e669a216aae1324ccafdd80500ffffffffdfff1a0e00"/56, 0x38) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/thermal/cooling_device1/type\x00', 0x101000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000b40)=""/99, 0x63) mmap$auto(0x0, 0x202000f, 0x2000000000000000, 0x80001000000eb1, 0xfffffffffffffffa, 0x7fff) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x40802, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(r2, &(0x7f0000000080)={&(0x7f0000000100)="74e518fa41f4f3be8521a777c6e13c9f115d6a5332cbee7629997f744d6fd6079b93ec0f5a30a7a768bd80675461d857dc52faab3675a63b3d7c52d0854611370a542d88610a03b94eecfef9bf59edff97bfe70f57e942813b50f0752b5ea76944efcd65bdbd18df7eb6e3cbfc3f429547fa6df776c37273e9b5593d4cedb508bfbda1ab90306b2419a73b1dd8467a0930bbeb9a7dbee035774da9", 0x8000000000000001}, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40001}, 0x400c091) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) pwrite64$auto(0xc8, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\x88\xa8\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) 7.339707328s ago: executing program 3 (id=426): r0 = socket(0x8, 0x801, 0x100) bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f0000000140)=@bpf_attr_0={0xfffffffc, 0x0, 0x29, 0xfff, 0x1, r0, 0x7, "736f4a08c6a28d1c09d6dfc2c876d21c", 0x0, r0, 0x1ff, 0x7ff, 0x4, 0x0, r0, r0}, 0x8) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x1, @multicast2}, 0x6a) mmap$auto(0x0, 0x400008, 0xb23, 0x9b72, 0x2, 0x8000) clone3$auto(&(0x7f00000000c0)={0x9, 0x2, 0x5, 0x5, 0x7542, 0xa3c2, 0x3ff, 0x4, 0x8, 0x10000, 0x4}, 0x10001) socket(0x25, 0x1, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x800, 0x0) fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x1, 0x3}, 0xed7138c}, 0x7, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x3, 0x8000001f, 0x2, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) fsopen$auto(0x0, 0x1) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) socket(0xa, 0x5, 0x94) mmap$auto(0x0, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x84) unshare$auto(0x40000080) 5.500022253s ago: executing program 0 (id=427): mmap$auto(0x0, 0x2020009, 0x10001, 0x5add, 0xfffffffffffffffa, 0x100000001) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x3) open(0x0, 0x22040, 0x75) socket(0x10, 0x2, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) bind$auto(0x3, 0x0, 0x6a) listen$auto(0x3, 0x0) socket(0x29, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x28341, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x101040, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xe2400, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x1, 0x84) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x8000, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) getsockopt$auto(0x3, 0x200000000001, 0x19, 0x0, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) ioctl$auto_RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) recvfrom$auto(0x3, 0x0, 0x7fffffff, 0xfd, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) 4.866665518s ago: executing program 0 (id=428): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f0, 0x24) (fail_nth: 1) 4.602830313s ago: executing program 4 (id=429): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x1, &(0x7f0000000100)={0x0, 0x400000000000fdef}, 0x1) openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy12/short_retry_limit\x00', 0x600000, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) mmap$auto(0xfffffffffff7ffff, 0x400008, 0xdf, 0x9b73, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x2) socket(0x1d, 0x2, 0x7) mmap$auto(0x0, 0x10008, 0xdf, 0xeb1, 0xffffffffffffffff, 0x808000) mbind$auto(0x0, 0x100000004, 0xfffffffd, 0x0, 0x6, 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x88980, 0x0) r4 = openat$auto_ima_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) pread64$auto(r4, 0x0, 0x101, 0x800005c2b) r5 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x3, 0x2020009, 0x5, 0x19, r5, 0x8) memfd_create$auto(0x0, 0x4) bpf$auto(0x0, &(0x7f0000001080)=@bpf_attr_0={0x1, 0xb4f, 0x1, 0xfffffffd, 0x8000, r1, 0x2, "ee85761c68fdd2f45f651c907a0bdc2a", 0x0, r2, 0x5, 0x1, 0x10000, 0xb, 0xffffffffffffffff, r0}, 0x10a) sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, 0x0, 0x80) r6 = syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r6, 0x4, 0x7ff) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/softnet_stat\x00', 0x40102, 0x0) socket(0x11, 0x3, 0x6) 3.578451013s ago: executing program 0 (id=430): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/vmallocinfo\x00', 0x0, 0x0) pread64$auto(r0, &(0x7f0000000400)='/proc/Nes\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x88<\xf7\xc2\xed}\xd2kM\x1f\x15\x03ZN$\'\xf4\"\x13g|\x8f\xe1Svo\xfe\xb1\xf8#]\x85\xc2\x82e\xc6#z\xeb\x14\xd3\x96\xff\xb4\xa2\xac\xc5\xd8\x8d\xce\x01B\xd4\xea\x85\xa5', 0x100000001, 0x100) 3.577268303s ago: executing program 2 (id=431): openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x1e, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000480)='/dev/admmidi2\x00', 0x1, 0x0) r1 = socket(0x11, 0x3, 0x9) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'hsr0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r3, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r3, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r1, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="28062cbd7000fedbdf25100000000800090009000000080006000900000005000d006f000000"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x40080c4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x18, 0x0, 0x1b, 0x70bd25, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='N'], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket(0x2b, 0x1, 0x1) 3.2796585s ago: executing program 3 (id=432): openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/trace_pipe\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x40802, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x29, 0x5, 0x9) r0 = socket(0xa, 0x2, 0x3a) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket(0x11, 0x80003, 0x300) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/swradio12\x00', 0xc0400, 0x0) mmap$auto(0x0, 0x8, 0xe3, 0x9b72, 0x2, 0x8000) ioctl$auto(0x3, 0xc0405665, 0x34) socket(0xa, 0x801, 0x106) setsockopt$auto(r0, 0x29, 0x4e, 0x0, 0x10000110) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/006/001\x00', 0x40940, 0x0) mmap$auto(0x2000, 0x9, 0x8, 0x8000000008011, r1, 0x0) read$auto(0x3, 0x0, 0x4) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/trace_pipe\x00', 0x0, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x40802, 0x0) (async) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x20000000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) socket(0x29, 0x5, 0x9) (async) socket(0xa, 0x2, 0x3a) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0xa, 0x2, 0x0) (async) socket(0x11, 0x80003, 0x300) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/swradio12\x00', 0xc0400, 0x0) (async) mmap$auto(0x0, 0x8, 0xe3, 0x9b72, 0x2, 0x8000) (async) ioctl$auto(0x3, 0xc0405665, 0x34) (async) socket(0xa, 0x801, 0x106) (async) setsockopt$auto(r0, 0x29, 0x4e, 0x0, 0x10000110) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/006/001\x00', 0x40940, 0x0) (async) mmap$auto(0x2000, 0x9, 0x8, 0x8000000008011, r1, 0x0) (async) read$auto(0x3, 0x0, 0x4) (async) 2.463488773s ago: executing program 3 (id=433): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) ioctl$auto(r0, 0x400454d0, r0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mbind$auto(0x3, 0x800605, 0x8003, &(0x7f0000000100)=0x1ff, 0x3, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_LLC_SET_PARAMS(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0xb8, r2, 0x2, 0x70bd25, 0x25dfdbfb, {}, [@NFC_ATTR_LLC_PARAM_LTO={0x5, 0xf, 0x1}, @NFC_ATTR_PROTOCOLS={0x8, 0x3, 0x2}, @NFC_ATTR_VENDOR_DATA={0x94, 0x1f, "23e15f1212ae9eb372515c5e2bb5e2b21d7e4280af892f693bdde1d1377ca7508e35081c66162af4a2c1210fd7b97d7188b2c773a5a4f8a9b1cf8e2dc06a45dcdc416e0b999ddf671a8ea19995d6709088bb59a9dbbe01da27fa42e74a9769f4722840e5ea75106e285c7e7c7d295c7fc266895c6fac2838c07678454197cdb3d93b00ef1ec951aced24dfd04acdbfd4"}]}, 0xb8}, 0x1, 0x0, 0x0, 0x2000804}, 0x20000040) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg0\x00', 0x8001, 0x0) io_uring_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/midiC2D3\x00', 0x16b101, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000040)) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptyab\x00', 0x84902, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x0, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0x1, 0x2, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x1) 2.379568574s ago: executing program 2 (id=434): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) move_pages$auto(0x0, 0x91, 0x0, 0x0, 0x0, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0xc, 0x0, 0x4) memfd_secret$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x8, 0xfffffffffffffffa, 0x13, 0x3, 0x0) write$auto(r0, 0x0, 0x100000a3d9) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r3 = gettid() syz_open_procfs$namespace(r3, &(0x7f0000000080)='ns/net\x00') r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card2\x00', 0x4001, 0x0) ioctl$auto(r4, 0x921064aa, 0x20000a) 2.302462698s ago: executing program 4 (id=435): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/cifs/Stats\x00', 0x28102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x2dc08f24db163610, 0x0) adjtimex$auto(&(0x7f00000004c0)={0x2000006, 0x0, 0x3, 0x9, 0x20000000000000d3, 0x0, 0x16, 0x0, 0x2, 0x8, 0x2, {0x10001, 0x10000}, 0x5, 0x5, 0x2, 0x1007fff, 0x0, 0x7, 0x81, 0x0, 0x4, 0xdeb1, 0x808}) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0xa3db) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = prctl$auto(0x1000000003b, 0x4, 0x0, 0x94, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio1\x00', 0x20b42, 0x0) mmap$auto(0x0, 0x9, 0xa, 0xeb3, 0xfffefffffffffffa, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0x0, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x149443, 0x14) fcntl$auto(r3, 0x409, 0x40003f) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001100)=""/192, 0xc0) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x8, 0xc, 0x0, 0x567) unshare$auto(0x20000040000082) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x8080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x4008) acct$auto(0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/asound/card1/pcm0p/sub6/info\x00', 0x0, 0x0) write$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000040)="5ced", 0x2) close_range$auto(0x2, r1, 0x3) 2.115843433s ago: executing program 0 (id=436): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x2000a, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x500008, 0xdf, 0x17, r0, 0x8002) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b74, 0x2, 0x8000) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, 0x0, 0x40840) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) r2 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x840, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0xa, 0x1, 0x84) setsockopt$auto(r3, 0x10000000084, 0xb, 0x0, 0x4007) mmap$auto(0x0, 0xe983, 0xdf, 0x800eb1, r2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x4b71, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x48041, 0x0) r5 = epoll_create$auto(0x4) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044850}, 0x40000) sendmsg$auto_GTP_CMD_GETPDP(r5, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB='\a\x00', @ANYRESHEX=r1, @ANYBLOB="00032abd7000fbdbdf25020000"], 0x14}, 0x1, 0x0, 0x0, 0x4044800}, 0x4) fcntl$auto(0x3, 0x4, 0xa553) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) 1.358095248s ago: executing program 2 (id=437): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, 0x0, 0xc0) r0 = socket(0x23, 0x805, 0x0) accept$auto(r0, 0x0, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x9}, 0xfffffffffffffffd, 0x0, 0xffffffffffffffff, 0x9}, 0x7}, 0x3, 0x8) getrandom$auto(0x0, 0x6000000, 0x3) r1 = socket(0x29, 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(r2, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r1, 0x89f0, 0x24) 332.822877ms ago: executing program 3 (id=438): r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000240), 0xa002, 0x0) writev$auto(r0, &(0x7f0000000300)={0x0, 0x1}, 0x100) mmap$auto(0x8, 0x0, 0x0, 0x14, 0x401, 0x7ffe) (async) getpid() (async) ioctl$auto_UBI_IOCDET(0xffffffffffffffff, 0x40046f41, 0x0) (async) unshare$auto(0x2) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x103002, 0x0) r2 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cpu/0/cpuid\x00', 0x40001, 0x0) readv$auto(r2, &(0x7f0000000680)={&(0x7f00000001c0), 0x40200}, 0x3) (async) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) (async) ppoll$auto(&(0x7f0000000000)={r1, 0x40}, 0x2, 0x0, 0x0, 0x8) (async) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc) (async) modify_ldt$auto(0x1, 0x0, 0x10) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/keys\x00', 0x8af00, 0x0) pread64$auto(r3, 0x0, 0x8100000041, 0x413e) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x478440, 0x0) (async) r4 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x84002, 0x0) pread64$auto(r4, &(0x7f0000000040)='\x00\x00\x00\x88\xde\x90\a\'\x9bM\xa0\x848\xbbz(\xe9\x05<\x82\xfe\xe2\xf6 \x0f8\xfb\xa7\xb4\xa0\x9e\x99!*\xe3\x99}x\xd4\xa5D\xfa\xe5\xf9od^\xa6\x00'/62, 0x5, 0x8000400) (async) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) (async) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x6) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x4c3a, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x20000000007, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) mmap$auto(0x3fc, 0x20009, 0x1000, 0x1ff, r6, 0xffff) (async) write$auto(r3, 0x0, 0x40000ffd8) (async) unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x404020009, 0xdb, 0xf1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0xffffffffffffffff, r7, 0x0) 226.296806ms ago: executing program 4 (id=439): socket(0x1d, 0x3, 0x4) ioperm$auto(0x7, 0x5ad2, 0x8) mknod$auto(&(0x7f00000048c0)='./file0\x00', 0xc46e, 0x9) open(&(0x7f0000000000)='./file0\x00', 0x4000, 0x101) modify_ldt$auto(0x1, 0x0, 0x10) ioctl$auto_USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522, 0x0) socket(0xb497b5eebe3a9fc, 0x80000, 0x7) r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121902, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000380)='/dev/midi2\x00', 0x4080, 0x0) socket(0x21, 0x3, 0x6) prctl$auto(0x3e, 0x1, 0x0, 0x2001, 0x6) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1f7, 0x100000000000007, 0xd, 0x8fd6, 0x400000000000948b, 0x7, 0x15f4da0a, 0x3, 0x803, 0x65, 0x80000001, 0x3, 0x401, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x101, 0x0, 0x0, &(0x7f00000002c0)={[0x2, 0xa, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x7, 0xffffffffffffffff, 0x62, 0x8000201f, 0x7, 0x7, 0x9, 0x2, 0x8000006]}, 0x0) recvfrom$auto(r0, &(0x7f0000000180)="7c85620f4a263773c8393b9112e834be2372fe4a054f27a66f40f019f571de850e8fdeed6313e42b8b368bae70d418481bac6b420be85d13b6244295e474775d550f281e2febc4a9a6086a43af1bf2fc77c810526c10e9c6e8a6f89c46486ef24c6b9021de5c5449f378", 0x3ff, 0x73, &(0x7f0000000200)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x15}, 0xfffffffe}, &(0x7f0000000240)=0xd0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0xffffffffffffffff, r1, 0x1) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x60800, 0x0) read$auto_vmwgfx_driver_fops_vmwgfx_drv(r2, &(0x7f0000000280)=""/49, 0x31) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x802, 0x4) socket(0x2a, 0x5, 0x0) socketpair$auto(0x6, 0xc, 0xcca, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0xa200, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto_TCFLSH2(r3, 0x8924, 0x0) unshare$auto(0xfffffffffffffff8) process_mrelease$auto(0xffffffffffffffff, 0x80000001) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) 70.208815ms ago: executing program 3 (id=440): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async) read$auto_fake_panic_fops_(0xffffffffffffffff, 0x0, 0x0) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D0c\x00', 0x9003, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_REFINE2(r0, 0xc2604110, &(0x7f0000000040)={0x6, [{[0x2, 0xf5e, 0x1ff, 0xd, 0x7f, 0x8, 0x4, 0x663d349e]}, {[0x2, 0xa6, 0x5c915993, 0xfffffffd, 0x6, 0xe, 0x80000001, 0x3]}, {[0x2, 0xe, 0x2, 0x579c8feb, 0x9, 0x6, 0x7, 0xa53]}], [{[0x75d, 0x9, 0x6, 0x17f29ee4, 0x400, 0x7, 0xc, 0x44]}, {[0x1, 0xeade, 0x1, 0x3, 0xf0, 0x5, 0x101, 0x1]}, {[0x7e61, 0x6, 0x7, 0x0, 0x5, 0x5, 0x100, 0x9]}, {[0x4, 0x5, 0x1, 0xfffffff7, 0x5, 0x0, 0xfffffffb, 0x1]}, {[0x3, 0x1000, 0x8, 0x8, 0x2, 0xe8c, 0xf, 0xd403]}], [{0xfffffffa, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x7f, 0x6, 0x1, 0x0, 0x0, 0x1}, {0x3, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x61, 0x1, 0x0, 0x0, 0x0, 0x1}, {0x5, 0x49c5fc8b, 0x0, 0x0, 0x0, 0x1}, {0x7ff, 0x7, 0x0, 0x1, 0x1, 0x1}, {0x6, 0x9, 0x0, 0x1, 0x1}, {0x9, 0x6, 0x0, 0x1}, {0x7fd, 0x7, 0x0, 0x1, 0x0, 0x1}, {0x7, 0xfffffffd, 0x1, 0x1, 0x1}, {0x8, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x3, 0x5, 0x1, 0x1, 0x0, 0x1}], [{0xbe, 0xd5, 0x0, 0x1, 0x0, 0x1}, {0xc2, 0x7fffffff, 0x1, 0x1, 0x1}, {0xbc, 0xbb5e, 0x1, 0x0, 0x0, 0x1}, {0x8, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x100, 0x12e800, 0x1, 0x1, 0x1, 0x1}, {0x2, 0xf, 0x0, 0x1, 0x1}, {0xffff, 0x8, 0x0, 0x0, 0x0, 0x1}, {0x9, 0x3, 0x1, 0x1, 0x0, 0x1}, {0x80000000, 0x6, 0x0, 0x1}], 0x100, 0x2, 0x4, 0x9, 0x5, 0x1, 0x8, "938f570ba48ab1df6ea169301a0f4b75", "16fef137d6f6aa1d93e7fd319170d04be4063eb16bddc7a41e5782dfff02104539c9b5e571a002e14933724526d0c013"}) (async, rerun: 32) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dri/card2\x00', 0x200100, 0x0) (async, rerun: 32) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf25190000001800098014000200776c616e3000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x20040840}, 0x40000) close_range$auto(0x2, 0x8, 0x0) (async) r2 = socket(0xa, 0x5, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/ib_srp/parameters/reconnect_delay\x00', 0x20681, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)='-7', 0x2) socket(0xa, 0x801, 0x84) (async, rerun: 64) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) (async, rerun: 64) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) msgctl$auto_IPC_INFO(0x100, 0x3, &(0x7f00000012c0)={{0x632, 0xffffffffffffffff, 0xee00, 0x1, 0x5, 0x1, 0x80}, 0x0, 0x0, 0x2, 0x6, 0x5, 0x7, 0x4, 0xdd34, 0x7, 0x8}) (async) r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x40400, 0x48) listxattrat$auto(r5, &(0x7f0000000000)='./cgroup\x00', 0x0, 0x0, 0x6) (async) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0xa3d9) sendmsg$auto_NL802154_CMD_NEW_SEC_KEY(r2, 0x0, 0x8004080) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x40}}, 0x54) (async) get_robust_list$auto(0x0, 0x0, 0x0) (async) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x1102, 0x0) (async) rseq$auto(&(0x7f0000000300)={0x8, 0xfffffff7, 0x3, 0x6, 0x1, 0x401, "6a8edaacc8253b806efb3854f79cd6442d9209a2fcf3472062c2279a77b11f44b6d2d3e0a8088ecb7262"}, 0x2, 0x101, 0x6) read$auto(0x3, 0x0, 0xfdef) (async) madvise$auto(0x0, 0xffffffffffff0004, 0x19) 0s ago: executing program 2 (id=441): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0x19ca, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000180), 0xa240, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/devices/virtual/block/loop1/queue/wbt_lat_usec\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x9) ioctl$auto(r0, 0x400454ca, 0x38) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x3, 0x1) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) bind$auto(0x3, &(0x7f0000000040)=@nl=@kern={0x10, 0x0, 0x0, 0x100000}, 0xd) sendmsg$auto_CTRL_CMD_GETPOLICY(r2, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000841) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x20282, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x80900, 0x0) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20a01, 0x0) ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0) mmap$auto(0xb2, 0x14, 0xffb, 0x8000000008015, 0xffffffffffffffff, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/nbd14/queue/max_segments\x00', 0x80, 0x0) read$auto(r5, &(0x7f0000000300)='\x06\x93an\x83\xe7s?\x1c\xad\xe9\v\xf5F\xbc\xaa&\xa0\xc9xH\xab\xc9\xe2\'w\x82\x8b\xc7b\xc6\x91eC\x1e\xda\x81\xaf/\xc6\"\x850S\xcaL\xe7-\xa9H\xffu\r\xbbL\x01\xff?\xba\f\xac\xabe\xc705\xd4\xb6\xed\x89L\x85\v\xe3m\xf1u8t&P%p\x8a\xca7B\x1f\x82P!;\xf9d&3\x9f\"\xe0\xf0\x92\xf2\xb8\xb2\x9ct\xdc\xfe\xdc\x91L\xccZ\xe1F{\x1a\xc4]m\xdb\xc2\xfc\xed\x00'/143, 0x2) write$auto(0x3, 0x0, 0xfffffdef) io_uring_setup$auto(0x3501, &(0x7f0000000080)={0x80, 0x1000, 0x8, 0x5, 0x3, 0xfffffff1, 0xffffffffffffffff, [0xbc, 0xffff, 0x40], {0x81, 0x9, 0x0, 0x80000000, 0x3, 0x101, 0xffff, 0x0, 0x6}, {0x7, 0xa, 0xf, 0x7fff, 0x3, 0x0, 0x0, 0xfffffffa, 0xc}}) ioctl$auto_BLKTRACETEARDOWN(r4, 0x1276, 0x0) mmap$auto(0x8000000000002001, 0x20009, 0xdf, 0x15, r6, 0x8000) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r2, 0x11, 0x0, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.73' (ED25519) to the list of known hosts. [ 99.482169][ T5826] cgroup: Unknown subsys name 'net' [ 99.614840][ T5826] cgroup: Unknown subsys name 'cpuset' [ 99.624571][ T5826] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 101.509571][ T5826] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.302321][ T890] cfg80211: failed to load regulatory.db [ 103.723688][ T5840] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.750444][ T5840] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.758566][ T5840] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.767140][ T5840] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.775272][ T5840] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 103.842227][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.863122][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.871269][ T5845] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.883631][ T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.892259][ T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.902033][ T51] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.910223][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.950461][ T5850] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.959265][ T5850] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.962999][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.968617][ T5850] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.982329][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.991498][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.999509][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 104.048519][ T5158] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 104.368802][ T5839] chnl_net:caif_netlink_parms(): no params data found [ 104.539610][ T5839] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.546955][ T5839] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.554809][ T5839] bridge_slave_0: entered allmulticast mode [ 104.562392][ T5839] bridge_slave_0: entered promiscuous mode [ 104.608949][ T5839] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.616302][ T5839] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.623956][ T5839] bridge_slave_1: entered allmulticast mode [ 104.631880][ T5839] bridge_slave_1: entered promiscuous mode [ 104.711827][ T5839] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.738353][ T5839] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.826955][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 104.857999][ T5839] team0: Port device team_slave_0 added [ 104.867975][ T5839] team0: Port device team_slave_1 added [ 104.965221][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.972297][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.998395][ T5839] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.045172][ T5839] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.052372][ T5839] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.078878][ T5839] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.103314][ T5842] chnl_net:caif_netlink_parms(): no params data found [ 105.145056][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 105.195993][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.203546][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.211233][ T5843] bridge_slave_0: entered allmulticast mode [ 105.219550][ T5843] bridge_slave_0: entered promiscuous mode [ 105.278959][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.286282][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.293713][ T5843] bridge_slave_1: entered allmulticast mode [ 105.301237][ T5843] bridge_slave_1: entered promiscuous mode [ 105.370942][ T5839] hsr_slave_0: entered promiscuous mode [ 105.377498][ T5839] hsr_slave_1: entered promiscuous mode [ 105.446570][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.461827][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.533917][ T5842] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.541677][ T5842] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.549203][ T5842] bridge_slave_0: entered allmulticast mode [ 105.558213][ T5842] bridge_slave_0: entered promiscuous mode [ 105.625719][ T5843] team0: Port device team_slave_0 added [ 105.633852][ T5842] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.641257][ T5842] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.648514][ T5842] bridge_slave_1: entered allmulticast mode [ 105.656103][ T5842] bridge_slave_1: entered promiscuous mode [ 105.663186][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.670652][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.677968][ T5846] bridge_slave_0: entered allmulticast mode [ 105.686055][ T5846] bridge_slave_0: entered promiscuous mode [ 105.711286][ T5843] team0: Port device team_slave_1 added [ 105.732031][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.739663][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.748144][ T5846] bridge_slave_1: entered allmulticast mode [ 105.755650][ T5846] bridge_slave_1: entered promiscuous mode [ 105.821212][ T5845] Bluetooth: hci0: command tx timeout [ 105.855472][ T5842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.869495][ T5842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.900572][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.907573][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.934275][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.948076][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.955217][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 105.981778][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.010465][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 106.056328][ T5842] team0: Port device team_slave_0 added [ 106.062191][ T5845] Bluetooth: hci1: command tx timeout [ 106.071933][ T5845] Bluetooth: hci2: command tx timeout [ 106.078435][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 106.115204][ T5842] team0: Port device team_slave_1 added [ 106.145079][ T5845] Bluetooth: hci3: command tx timeout [ 106.220055][ T5846] team0: Port device team_slave_0 added [ 106.235440][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.242961][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.269536][ T5842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.286718][ T5843] hsr_slave_0: entered promiscuous mode [ 106.293634][ T5843] hsr_slave_1: entered promiscuous mode [ 106.300373][ T5843] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.308178][ T5843] Cannot create hsr debugfs directory [ 106.317327][ T5846] team0: Port device team_slave_1 added [ 106.330642][ T5842] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.342530][ T5842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.368791][ T5842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.446153][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.454049][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.480367][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.543293][ T5842] hsr_slave_0: entered promiscuous mode [ 106.550529][ T5842] hsr_slave_1: entered promiscuous mode [ 106.556712][ T5842] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.565494][ T5842] Cannot create hsr debugfs directory [ 106.574648][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.581747][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 106.607886][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.792780][ T5839] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 106.814202][ T5846] hsr_slave_0: entered promiscuous mode [ 106.820927][ T5846] hsr_slave_1: entered promiscuous mode [ 106.827091][ T5846] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 106.835232][ T5846] Cannot create hsr debugfs directory [ 106.853781][ T5839] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.887432][ T5839] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.898677][ T5839] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.183333][ T5843] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 107.196431][ T5843] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 107.207291][ T5843] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 107.229489][ T5843] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.359251][ T5842] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 107.371940][ T5842] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 107.405198][ T5842] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 107.433658][ T5842] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 107.496772][ T5846] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 107.519032][ T5846] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 107.532302][ T5846] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 107.544927][ T5846] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 107.583735][ T5839] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.694967][ T5839] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.745994][ T3512] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.753436][ T3512] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.775717][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.794618][ T1113] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.801845][ T1113] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.879469][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.896838][ T5842] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.904063][ T5845] Bluetooth: hci0: command tx timeout [ 107.935117][ T1113] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.942342][ T1113] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.972764][ T1113] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.979941][ T1113] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.017344][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.038681][ T5842] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.088973][ T3512] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.096789][ T3512] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.141211][ T5845] Bluetooth: hci2: command tx timeout [ 108.146691][ T5845] Bluetooth: hci1: command tx timeout [ 108.175426][ T3512] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.182689][ T3512] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.207589][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.223250][ T5845] Bluetooth: hci3: command tx timeout [ 108.285954][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.293156][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.359091][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.366323][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.518715][ T5839] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.543832][ T5846] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 108.725202][ T5839] veth0_vlan: entered promiscuous mode [ 108.791562][ T5839] veth1_vlan: entered promiscuous mode [ 108.930953][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.940066][ T5839] veth0_macvtap: entered promiscuous mode [ 108.958828][ T5839] veth1_macvtap: entered promiscuous mode [ 109.026995][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.077352][ T5839] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.098072][ T5839] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.113682][ T5839] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.122982][ T5839] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.132342][ T5839] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.219814][ T5843] veth0_vlan: entered promiscuous mode [ 109.228924][ T5842] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.293788][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.312377][ T5843] veth1_vlan: entered promiscuous mode [ 109.366105][ T1113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.377067][ T1113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.451607][ T1113] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.459847][ T1113] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.487794][ T5842] veth0_vlan: entered promiscuous mode [ 109.532523][ T5846] veth0_vlan: entered promiscuous mode [ 109.557728][ T5842] veth1_vlan: entered promiscuous mode [ 109.571824][ T5843] veth0_macvtap: entered promiscuous mode [ 109.592991][ T5839] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 109.605377][ T5843] veth1_macvtap: entered promiscuous mode [ 109.621410][ T5846] veth1_vlan: entered promiscuous mode [ 109.743965][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.764465][ T5842] veth0_macvtap: entered promiscuous mode [ 109.776527][ T5846] veth0_macvtap: entered promiscuous mode [ 109.828208][ T5842] veth1_macvtap: entered promiscuous mode [ 109.853409][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.866449][ T5846] veth1_macvtap: entered promiscuous mode [ 109.934464][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.951154][ T5843] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.960613][ T5843] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.976504][ T5843] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.990717][ T5845] Bluetooth: hci0: command tx timeout [ 109.996332][ T5843] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.046403][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.060062][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 110.099079][ T5846] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.118830][ T5846] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.150401][ T5846] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.165739][ T5846] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.221481][ T5845] Bluetooth: hci1: command tx timeout [ 110.221520][ T5850] Bluetooth: hci2: command tx timeout [ 110.242783][ T5842] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 110.301513][ T5850] Bluetooth: hci3: command tx timeout [ 110.344003][ T5842] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.372875][ T5842] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.391005][ T5842] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.399820][ T5842] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.585335][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.617783][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.707254][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.738928][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.849137][ T1113] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.880476][ T1113] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.035874][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.045720][ T5928] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.065597][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.241495][ T3000] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.249402][ T3000] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.308206][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 111.336357][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.581185][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.690237][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 111.733450][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 111.860825][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.062582][ T5850] Bluetooth: hci0: command tx timeout [ 112.099866][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 112.217420][ T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!! [ 112.300575][ T5850] Bluetooth: hci1: command tx timeout [ 112.310965][ T5850] Bluetooth: hci2: command tx timeout [ 112.390394][ T5850] Bluetooth: hci3: command tx timeout [ 112.680529][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.800728][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.950474][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.100475][ T5948] writes to the poll attribute are ignored. [ 113.129517][ T5948] please use driver specific parameters instead. [ 113.166544][ T5950] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 113.610826][ T5961] nvme_fabrics: missing parameter 'transport=%s' [ 113.617757][ T5961] nvme_fabrics: missing parameter 'nqn=%s' [ 113.765038][ T5967] random: crng reseeded on system resumption [ 113.845816][ T5963] nvme_fabrics: missing parameter 'transport=%s' [ 113.870409][ T5963] nvme_fabrics: missing parameter 'nqn=%s' [ 114.188300][ T30] audit: type=1800 audit(1749326745.575:2): pid=5948 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.9" name="regulatory.db.p7s" dev="sda1" ino=449 res=0 errno=0 [ 114.212984][ T5948] platform regulatory.0: loading /lib/firmware/regulatory.db.p7s failed with error -4 [ 114.256595][ T5948] platform regulatory.0: Direct firmware load for regulatory.db.p7s failed with error -4 [ 114.298244][ T5948] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db.p7s [ 114.338256][ T5948] syz.2.9 (5948) used greatest stack depth: 19992 bytes left [ 114.386015][ T5971] capability: warning: `' uses 32-bit capabilities (legacy support in use) [ 114.505041][ T5969] Zero length message leads to an empty skb [ 114.924857][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.355576][ T5995] .SR: entered promiscuous mode [ 116.501709][ T5978] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 116.519533][ T5993] Invalid ELF header magic: != ELF [ 116.575768][ T30] audit: type=1800 audit(1749326748.015:3): pid=5981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.15" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 117.397567][ T6012] FAULT_INJECTION: forcing a failure. [ 117.397567][ T6012] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 117.422111][ T6012] CPU: 1 UID: 0 PID: 6012 Comm: syz.3.21 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 117.422160][ T6012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 117.422185][ T6012] Call Trace: [ 117.422199][ T6012] [ 117.422216][ T6012] dump_stack_lvl+0x16c/0x1f0 [ 117.422258][ T6012] should_fail_ex+0x512/0x640 [ 117.422318][ T6012] should_fail_alloc_page+0xe7/0x130 [ 117.422357][ T6012] prepare_alloc_pages+0x3c2/0x610 [ 117.422398][ T6012] ? rcu_is_watching+0x12/0xc0 [ 117.422437][ T6012] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 117.422501][ T6012] ? __lock_acquire+0x622/0x1c90 [ 117.422555][ T6012] ? xas_create+0x1d7/0x1460 [ 117.422594][ T6012] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 117.422653][ T6012] ? lock_acquire+0x179/0x350 [ 117.422696][ T6012] ? rcu_is_watching+0x12/0xc0 [ 117.422743][ T6012] ? __lock_acquire+0x622/0x1c90 [ 117.422788][ T6012] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 117.422839][ T6012] ? policy_nodemask+0xea/0x4e0 [ 117.422874][ T6012] alloc_pages_mpol+0x1fb/0x550 [ 117.422908][ T6012] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 117.422944][ T6012] ? filemap_get_entry+0x1a7/0x3b0 [ 117.422982][ T6012] folio_alloc_noprof+0x20/0x2d0 [ 117.423021][ T6012] filemap_alloc_folio_noprof+0x3a1/0x470 [ 117.423069][ T6012] ? __pfx_filemap_alloc_folio_noprof+0x10/0x10 [ 117.423125][ T6012] __filemap_get_folio+0x5e1/0xc30 [ 117.423168][ T6012] ioctx_alloc+0x761/0x2120 [ 117.423232][ T6012] ? __pfx_ioctx_alloc+0x10/0x10 [ 117.423275][ T6012] ? __might_fault+0x13b/0x190 [ 117.423337][ T6012] __x64_sys_io_setup+0xc9/0x210 [ 117.423388][ T6012] do_syscall_64+0xcd/0x490 [ 117.423425][ T6012] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.423458][ T6012] RIP: 0033:0x7f949018e929 [ 117.423494][ T6012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.423534][ T6012] RSP: 002b:00007f9490fcd038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 117.423570][ T6012] RAX: ffffffffffffffda RBX: 00007f94903b5fa0 RCX: 00007f949018e929 [ 117.423590][ T6012] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000007ffe [ 117.423609][ T6012] RBP: 00007f9490210b39 R08: 0000000000000000 R09: 0000000000000000 [ 117.423628][ T6012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 117.423644][ T6012] R13: 0000000000000000 R14: 00007f94903b5fa0 R15: 00007ffe96376d58 [ 117.423682][ T6012] [ 117.781079][ T6020] netlink: 4 bytes leftover after parsing attributes in process `syz.2.23'. [ 118.000625][ T6020] netlink: 354 bytes leftover after parsing attributes in process `syz.2.23'. [ 119.913867][ T6055] FAULT_INJECTION: forcing a failure. [ 119.913867][ T6055] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 119.960329][ T6055] CPU: 0 UID: 0 PID: 6055 Comm: syz.3.33 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 119.960368][ T6055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.960383][ T6055] Call Trace: [ 119.960392][ T6055] [ 119.960402][ T6055] dump_stack_lvl+0x16c/0x1f0 [ 119.960434][ T6055] should_fail_ex+0x512/0x640 [ 119.960485][ T6055] should_fail_alloc_page+0xe7/0x130 [ 119.960519][ T6055] prepare_alloc_pages+0x3c2/0x610 [ 119.960563][ T6055] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 119.960615][ T6055] ? kasan_save_stack+0x42/0x60 [ 119.960660][ T6055] ? kasan_save_stack+0x33/0x60 [ 119.960703][ T6055] ? kasan_save_track+0x14/0x30 [ 119.960746][ T6055] ? __kasan_slab_alloc+0x89/0x90 [ 119.960771][ T6055] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 119.960817][ T6055] ? __pmd_alloc+0xbf/0x930 [ 119.960850][ T6055] ? __handle_mm_fault+0xaac/0x5490 [ 119.960892][ T6055] ? handle_mm_fault+0x589/0xd10 [ 119.960933][ T6055] ? do_user_addr_fault+0x7a6/0x1370 [ 119.960976][ T6055] ? exc_page_fault+0x5c/0xb0 [ 119.961022][ T6055] ? asm_exc_page_fault+0x26/0x30 [ 119.961052][ T6055] ? rep_movs_alternative+0xf/0x90 [ 119.961092][ T6055] ? _copy_from_user+0x98/0xd0 [ 119.961120][ T6055] ? copy_from_sockptr_offset.constprop.0+0x136/0x170 [ 119.961167][ T6055] ? sk_setsockopt+0x170/0x3e40 [ 119.961200][ T6055] ? do_sock_setsockopt+0x3f2/0x470 [ 119.961235][ T6055] ? __sys_setsockopt+0x120/0x1a0 [ 119.961293][ T6055] ? __x64_sys_setsockopt+0xbd/0x160 [ 119.961343][ T6055] ? do_syscall_64+0xcd/0x490 [ 119.961375][ T6055] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 119.961450][ T6055] ? __lock_acquire+0xb8a/0x1c90 [ 119.961503][ T6055] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 119.961557][ T6055] ? policy_nodemask+0xea/0x4e0 [ 119.961593][ T6055] alloc_pages_mpol+0x1fb/0x550 [ 119.961628][ T6055] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 119.961664][ T6055] ? __thp_vma_allowable_orders+0x1c5/0xb10 [ 119.961708][ T6055] alloc_pages_noprof+0x131/0x390 [ 119.961743][ T6055] pte_alloc_one+0x1c/0x3a0 [ 119.961795][ T6055] __handle_mm_fault+0x3a68/0x5490 [ 119.961851][ T6055] ? __pfx___handle_mm_fault+0x10/0x10 [ 119.961893][ T6055] ? __pfx_mt_find+0x10/0x10 [ 119.961952][ T6055] ? find_vma+0xbf/0x140 [ 119.961986][ T6055] ? __pfx_find_vma+0x10/0x10 [ 119.962026][ T6055] handle_mm_fault+0x589/0xd10 [ 119.962071][ T6055] ? __pkru_allows_pkey+0x21/0xb0 [ 119.962116][ T6055] do_user_addr_fault+0x7a6/0x1370 [ 119.962167][ T6055] ? rcu_is_watching+0x12/0xc0 [ 119.962205][ T6055] exc_page_fault+0x5c/0xb0 [ 119.962262][ T6055] asm_exc_page_fault+0x26/0x30 [ 119.962293][ T6055] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 119.962337][ T6055] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 [ 119.962365][ T6055] RSP: 0018:ffffc9000b3b7b38 EFLAGS: 00050202 [ 119.962399][ T6055] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 119.962418][ T6055] RDX: fffff52001676f8c RSI: 0000000000000000 RDI: ffffc9000b3b7c60 [ 119.962437][ T6055] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff52001676f8c [ 119.962455][ T6055] R10: 0000000000000003 R11: 0000000000000001 R12: 0000000000000000 [ 119.962472][ T6055] R13: ffffc9000b3b7c60 R14: ffffc9000b3b7c60 R15: 0000000000000000 [ 119.962513][ T6055] _copy_from_user+0x98/0xd0 [ 119.962545][ T6055] copy_from_sockptr_offset.constprop.0+0x136/0x170 [ 119.962595][ T6055] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10 [ 119.962657][ T6055] sk_setsockopt+0x170/0x3e40 [ 119.962702][ T6055] ? __pfx_sk_setsockopt+0x10/0x10 [ 119.962747][ T6055] ? aa_sk_perm+0x2f4/0xb10 [ 119.962792][ T6055] ? __pfx_aa_sk_perm+0x10/0x10 [ 119.962848][ T6055] do_sock_setsockopt+0x3f2/0x470 [ 119.962888][ T6055] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 119.962954][ T6055] __sys_setsockopt+0x120/0x1a0 [ 119.963015][ T6055] __x64_sys_setsockopt+0xbd/0x160 [ 119.963065][ T6055] ? do_syscall_64+0x91/0x490 [ 119.963096][ T6055] ? lockdep_hardirqs_on+0x7c/0x110 [ 119.963146][ T6055] do_syscall_64+0xcd/0x490 [ 119.963182][ T6055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.963214][ T6055] RIP: 0033:0x7f949018e929 [ 119.963239][ T6055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.963442][ T6055] RSP: 002b:00007f9490fcd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 119.963472][ T6055] RAX: ffffffffffffffda RBX: 00007f94903b5fa0 RCX: 00007f949018e929 [ 119.963499][ T6055] RDX: 000000000000000d RSI: 0000000000000001 RDI: 0000000000000003 [ 119.963529][ T6055] RBP: 00007f9490fcd090 R08: 0000000000000005 R09: 0000000000000000 [ 119.963557][ T6055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 119.963576][ T6055] R13: 0000000000000000 R14: 00007f94903b5fa0 R15: 00007ffe96376d58 [ 119.963625][ T6055] [ 123.237415][ T30] audit: type=1800 audit(1749326754.675:4): pid=6061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.34" name="SYSV00000400" dev="tmpfs" ino=0 res=0 errno=0 [ 123.425581][ T6082] FAULT_INJECTION: forcing a failure. [ 123.425581][ T6082] name failslab, interval 1, probability 0, space 0, times 1 [ 123.501730][ T6082] CPU: 0 UID: 0 PID: 6082 Comm: syz.2.38 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 123.501776][ T6082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 123.501796][ T6082] Call Trace: [ 123.501806][ T6082] [ 123.501818][ T6082] dump_stack_lvl+0x16c/0x1f0 [ 123.501854][ T6082] should_fail_ex+0x512/0x640 [ 123.501907][ T6082] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 123.501959][ T6082] should_failslab+0xc2/0x120 [ 123.501992][ T6082] __kmalloc_cache_noprof+0x6a/0x3e0 [ 123.502038][ T6082] ? seq_create_client1+0x4d/0x5e0 [ 123.502075][ T6082] ? __pfx_snd_seq_open+0x10/0x10 [ 123.502109][ T6082] seq_create_client1+0x4d/0x5e0 [ 123.502148][ T6082] ? __pfx_snd_seq_open+0x10/0x10 [ 123.502191][ T6082] snd_seq_open+0x59/0x550 [ 123.502227][ T6082] ? __pfx_snd_seq_open+0x10/0x10 [ 123.502259][ T6082] snd_open+0x201/0x450 [ 123.502296][ T6082] ? __pfx_snd_open+0x10/0x10 [ 123.502329][ T6082] chrdev_open+0x231/0x6a0 [ 123.502361][ T6082] ? __pfx_chrdev_open+0x10/0x10 [ 123.502395][ T6082] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 123.502451][ T6082] do_dentry_open+0x744/0x1c10 [ 123.502503][ T6082] ? __pfx_chrdev_open+0x10/0x10 [ 123.502539][ T6082] vfs_open+0x82/0x3f0 [ 123.502577][ T6082] path_openat+0x1de4/0x2cb0 [ 123.502637][ T6082] ? __pfx_path_openat+0x10/0x10 [ 123.502689][ T6082] ? __lock_acquire+0xb8a/0x1c90 [ 123.502735][ T6082] do_filp_open+0x20b/0x470 [ 123.502791][ T6082] ? __pfx_do_filp_open+0x10/0x10 [ 123.502886][ T6082] ? alloc_fd+0x471/0x7d0 [ 123.502946][ T6082] do_sys_openat2+0x11b/0x1d0 [ 123.502985][ T6082] ? __pfx_do_sys_openat2+0x10/0x10 [ 123.503039][ T6082] __x64_sys_openat+0x174/0x210 [ 123.503078][ T6082] ? __pfx___x64_sys_openat+0x10/0x10 [ 123.503137][ T6082] do_syscall_64+0xcd/0x490 [ 123.503173][ T6082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.503215][ T6082] RIP: 0033:0x7f3149f8e929 [ 123.503241][ T6082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.503273][ T6082] RSP: 002b:00007f314ada4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 123.503303][ T6082] RAX: ffffffffffffffda RBX: 00007f314a1b6160 RCX: 00007f3149f8e929 [ 123.503325][ T6082] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 123.503346][ T6082] RBP: 00007f314a010b39 R08: 0000000000000000 R09: 0000000000000000 [ 123.503366][ T6082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.503385][ T6082] R13: 0000000000000000 R14: 00007f314a1b6160 R15: 00007fff8d0b34c8 [ 123.503428][ T6082] [ 124.496529][ T6092] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 125.750002][ T6110] warning: `syz.1.44' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 127.758311][ T6133] syz.3.47 (6133): attempted to duplicate a private mapping with mremap. This is not supported. [ 127.878848][ T6136] FAULT_INJECTION: forcing a failure. [ 127.878848][ T6136] name failslab, interval 1, probability 0, space 0, times 0 [ 127.948299][ T6136] CPU: 1 UID: 0 PID: 6136 Comm: syz.1.49 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 127.948346][ T6136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 127.948365][ T6136] Call Trace: [ 127.948375][ T6136] [ 127.948386][ T6136] dump_stack_lvl+0x16c/0x1f0 [ 127.948427][ T6136] should_fail_ex+0x512/0x640 [ 127.948480][ T6136] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 127.948532][ T6136] should_failslab+0xc2/0x120 [ 127.948565][ T6136] __kmalloc_cache_noprof+0x6a/0x3e0 [ 127.948611][ T6136] ? snd_seq_pool_new+0x44/0x230 [ 127.948656][ T6136] ? __pfx_snd_seq_open+0x10/0x10 [ 127.948690][ T6136] snd_seq_pool_new+0x44/0x230 [ 127.948744][ T6136] seq_create_client1+0x66/0x5e0 [ 127.948784][ T6136] ? __pfx_snd_seq_open+0x10/0x10 [ 127.948819][ T6136] snd_seq_open+0x59/0x550 [ 127.948854][ T6136] ? __pfx_snd_seq_open+0x10/0x10 [ 127.948886][ T6136] snd_open+0x201/0x450 [ 127.948922][ T6136] ? __pfx_snd_open+0x10/0x10 [ 127.948955][ T6136] chrdev_open+0x231/0x6a0 [ 127.948985][ T6136] ? __pfx_apparmor_file_open+0x10/0x10 [ 127.949031][ T6136] ? __pfx_chrdev_open+0x10/0x10 [ 127.949064][ T6136] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 127.949115][ T6136] do_dentry_open+0x744/0x1c10 [ 127.949166][ T6136] ? __pfx_chrdev_open+0x10/0x10 [ 127.949203][ T6136] vfs_open+0x82/0x3f0 [ 127.949241][ T6136] path_openat+0x1de4/0x2cb0 [ 127.949296][ T6136] ? __pfx_path_openat+0x10/0x10 [ 127.949343][ T6136] ? __lock_acquire+0xb8a/0x1c90 [ 127.949391][ T6136] do_filp_open+0x20b/0x470 [ 127.949440][ T6136] ? __pfx_do_filp_open+0x10/0x10 [ 127.949518][ T6136] ? alloc_fd+0x471/0x7d0 [ 127.949577][ T6136] do_sys_openat2+0x11b/0x1d0 [ 127.949615][ T6136] ? __pfx_do_sys_openat2+0x10/0x10 [ 127.949672][ T6136] __x64_sys_openat+0x174/0x210 [ 127.949712][ T6136] ? __pfx___x64_sys_openat+0x10/0x10 [ 127.949780][ T6136] do_syscall_64+0xcd/0x490 [ 127.949817][ T6136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.949851][ T6136] RIP: 0033:0x7f9c8fd8e929 [ 127.949876][ T6136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.949907][ T6136] RSP: 002b:00007f9c90b43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 127.949936][ T6136] RAX: ffffffffffffffda RBX: 00007f9c8ffb6160 RCX: 00007f9c8fd8e929 [ 127.949958][ T6136] RDX: 0000000000040a40 RSI: 0000200000001d40 RDI: ffffffffffffff9c [ 127.949978][ T6136] RBP: 00007f9c8fe10b39 R08: 0000000000000000 R09: 0000000000000000 [ 127.949996][ T6136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 127.950014][ T6136] R13: 0000000000000000 R14: 00007f9c8ffb6160 R15: 00007ffc48cf9488 [ 127.950054][ T6136] [ 129.692830][ T6167] netlink: 'syz.1.56': attribute type 1 has an invalid length. [ 129.751622][ T6167] nbd: error processing sock list [ 130.162245][ T6155] Invalid ELF header magic: != ELF [ 130.728787][ T6176] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input7 [ 130.876538][ T6171] Invalid ELF header magic: != ELF [ 131.664148][ T6212] netlink: 20 bytes leftover after parsing attributes in process `syz.1.66'. [ 133.591540][ T6242] ======================================================= [ 133.591540][ T6242] WARNING: The mand mount option has been deprecated and [ 133.591540][ T6242] and is ignored by this kernel. Remove the mand [ 133.591540][ T6242] option from the mount to silence this warning. [ 133.591540][ T6242] ======================================================= [ 133.929524][ T6254] netlink: 'syz.0.76': attribute type 11 has an invalid length. [ 133.937968][ T6254] netlink: 'syz.0.76': attribute type 11 has an invalid length. [ 133.945827][ T6254] netlink: 'syz.0.76': attribute type 11 has an invalid length. [ 134.361719][ T6257] hub 8-0:1.0: USB hub found [ 134.415928][ T6257] hub 8-0:1.0: 1 port detected [ 134.522130][ T6254] WARNING! power/level is deprecated; use power/control instead [ 139.304520][ T6354] netlink: 8 bytes leftover after parsing attributes in process `syz.2.99'. [ 139.339667][ T6358] FAULT_INJECTION: forcing a failure. [ 139.339667][ T6358] name failslab, interval 1, probability 0, space 0, times 0 [ 139.375870][ T6358] CPU: 1 UID: 0 PID: 6358 Comm: syz.1.100 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 139.375912][ T6358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 139.375929][ T6358] Call Trace: [ 139.375939][ T6358] [ 139.375951][ T6358] dump_stack_lvl+0x16c/0x1f0 [ 139.375987][ T6358] should_fail_ex+0x512/0x640 [ 139.376034][ T6358] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 139.376085][ T6358] should_failslab+0xc2/0x120 [ 139.376116][ T6358] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 139.376165][ T6358] ? __pmd_alloc+0xbf/0x930 [ 139.376206][ T6358] __pmd_alloc+0xbf/0x930 [ 139.376239][ T6358] ? find_held_lock+0x2b/0x80 [ 139.376268][ T6358] __handle_mm_fault+0xaac/0x5490 [ 139.376314][ T6358] ? __pfx___handle_mm_fault+0x10/0x10 [ 139.376349][ T6358] ? __pfx_mt_find+0x10/0x10 [ 139.376396][ T6358] ? find_vma+0xbf/0x140 [ 139.376423][ T6358] ? __pfx_find_vma+0x10/0x10 [ 139.376453][ T6358] handle_mm_fault+0x589/0xd10 [ 139.376491][ T6358] ? __pkru_allows_pkey+0x21/0xb0 [ 139.376529][ T6358] do_user_addr_fault+0x7a6/0x1370 [ 139.376578][ T6358] ? rcu_is_watching+0x12/0xc0 [ 139.376608][ T6358] exc_page_fault+0x5c/0xb0 [ 139.376651][ T6358] asm_exc_page_fault+0x26/0x30 [ 139.376676][ T6358] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 139.376722][ T6358] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 139.376748][ T6358] RSP: 0018:ffffc90003d7fca0 EFLAGS: 00050206 [ 139.376769][ T6358] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000e [ 139.376785][ T6358] RDX: fffff520007affba RSI: 0000000000000000 RDI: ffffc90003d7fdc0 [ 139.376801][ T6358] RBP: 000000000000000e R08: 0000000000000001 R09: fffff520007affb9 [ 139.376818][ T6358] R10: ffffc90003d7fdcd R11: 0000000000000001 R12: 0000000000000000 [ 139.376833][ T6358] R13: ffffc90003d7fdc0 R14: 1ffff920007affa0 R15: ffffc90003d7fdc0 [ 139.376867][ T6358] _copy_from_user+0x98/0xd0 [ 139.376899][ T6358] __sys_bpf+0x21d/0x4d80 [ 139.376930][ T6358] ? __pfx___sys_bpf+0x10/0x10 [ 139.376953][ T6358] ? vfs_write+0x15d/0x1150 [ 139.376999][ T6358] ? __pfx_vfs_write+0x10/0x10 [ 139.377039][ T6358] ? do_sys_openat2+0x157/0x1d0 [ 139.377093][ T6358] ? ksys_write+0x1ac/0x250 [ 139.377131][ T6358] ? __pfx_ksys_write+0x10/0x10 [ 139.377176][ T6358] __x64_sys_bpf+0x78/0xc0 [ 139.377202][ T6358] ? lockdep_hardirqs_on+0x7c/0x110 [ 139.377244][ T6358] do_syscall_64+0xcd/0x490 [ 139.377272][ T6358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.377303][ T6358] RIP: 0033:0x7f9c8fd8e929 [ 139.377323][ T6358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.377348][ T6358] RSP: 002b:00007f9c90b85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 139.377371][ T6358] RAX: ffffffffffffffda RBX: 00007f9c8ffb5fa0 RCX: 00007f9c8fd8e929 [ 139.377387][ T6358] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 139.377402][ T6358] RBP: 00007f9c90b85090 R08: 0000000000000000 R09: 0000000000000000 [ 139.377418][ T6358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.377433][ T6358] R13: 0000000000000000 R14: 00007f9c8ffb5fa0 R15: 00007ffc48cf9488 [ 139.377466][ T6358] [ 140.397093][ T6363] zram: Removed device: zram0 [ 141.396859][ T6394] bridge0: port 3(team0) entered blocking state [ 141.501129][ T6394] bridge0: port 3(team0) entered disabled state [ 141.596072][ T6394] team0: entered allmulticast mode [ 141.613688][ T6394] team_slave_0: entered allmulticast mode [ 141.620375][ T6394] team_slave_1: entered allmulticast mode [ 141.629301][ T6394] team0: entered promiscuous mode [ 141.634462][ T6394] team_slave_0: entered promiscuous mode [ 141.640363][ T6394] team_slave_1: entered promiscuous mode [ 141.653692][ T6394] bridge0: port 3(team0) entered blocking state [ 141.660432][ T6394] bridge0: port 3(team0) entered forwarding state [ 142.669353][ T6404] FAULT_INJECTION: forcing a failure. [ 142.669353][ T6404] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 142.724504][ T6404] CPU: 1 UID: 0 PID: 6404 Comm: syz.3.112 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 142.724546][ T6404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 142.724564][ T6404] Call Trace: [ 142.724574][ T6404] [ 142.724586][ T6404] dump_stack_lvl+0x16c/0x1f0 [ 142.724621][ T6404] should_fail_ex+0x512/0x640 [ 142.724677][ T6404] should_fail_alloc_page+0xe7/0x130 [ 142.724712][ T6404] prepare_alloc_pages+0x3c2/0x610 [ 142.724758][ T6404] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 142.724810][ T6404] ? kasan_save_stack+0x42/0x60 [ 142.724857][ T6404] ? kasan_save_stack+0x33/0x60 [ 142.724902][ T6404] ? kasan_save_track+0x14/0x30 [ 142.724947][ T6404] ? __kasan_slab_alloc+0x89/0x90 [ 142.724974][ T6404] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 142.725021][ T6404] ? __pmd_alloc+0xbf/0x930 [ 142.725055][ T6404] ? __handle_mm_fault+0xaac/0x5490 [ 142.725097][ T6404] ? handle_mm_fault+0x589/0xd10 [ 142.725138][ T6404] ? do_user_addr_fault+0x7a6/0x1370 [ 142.725180][ T6404] ? exc_page_fault+0x5c/0xb0 [ 142.725225][ T6404] ? asm_exc_page_fault+0x26/0x30 [ 142.725256][ T6404] ? rep_movs_alternative+0x30/0x90 [ 142.725295][ T6404] ? _copy_from_user+0x98/0xd0 [ 142.725323][ T6404] ? __sys_bpf+0x21d/0x4d80 [ 142.725349][ T6404] ? __x64_sys_bpf+0x78/0xc0 [ 142.725377][ T6404] ? do_syscall_64+0xcd/0x490 [ 142.725406][ T6404] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.725452][ T6404] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 142.725528][ T6404] ? __lock_acquire+0xb8a/0x1c90 [ 142.725570][ T6404] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 142.725622][ T6404] ? policy_nodemask+0xea/0x4e0 [ 142.725657][ T6404] alloc_pages_mpol+0x1fb/0x550 [ 142.725691][ T6404] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 142.725727][ T6404] ? __thp_vma_allowable_orders+0x1c5/0xb10 [ 142.725771][ T6404] alloc_pages_noprof+0x131/0x390 [ 142.725805][ T6404] pte_alloc_one+0x1c/0x3a0 [ 142.725855][ T6404] __handle_mm_fault+0x3a68/0x5490 [ 142.725910][ T6404] ? __pfx___handle_mm_fault+0x10/0x10 [ 142.725951][ T6404] ? __pfx_mt_find+0x10/0x10 [ 142.726010][ T6404] ? find_vma+0xbf/0x140 [ 142.726044][ T6404] ? __pfx_find_vma+0x10/0x10 [ 142.726083][ T6404] handle_mm_fault+0x589/0xd10 [ 142.726130][ T6404] ? __pkru_allows_pkey+0x21/0xb0 [ 142.726175][ T6404] do_user_addr_fault+0x7a6/0x1370 [ 142.726222][ T6404] ? rcu_is_watching+0x12/0xc0 [ 142.726261][ T6404] exc_page_fault+0x5c/0xb0 [ 142.726311][ T6404] asm_exc_page_fault+0x26/0x30 [ 142.726340][ T6404] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 142.726382][ T6404] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 142.726416][ T6404] RSP: 0018:ffffc90003c9fca0 EFLAGS: 00050206 [ 142.726441][ T6404] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000e [ 142.726459][ T6404] RDX: fffff52000793fba RSI: 0000000000000000 RDI: ffffc90003c9fdc0 [ 142.726478][ T6404] RBP: 000000000000000e R08: 0000000000000001 R09: fffff52000793fb9 [ 142.726495][ T6404] R10: ffffc90003c9fdcd R11: 0000000000000001 R12: 0000000000000000 [ 142.726513][ T6404] R13: ffffc90003c9fdc0 R14: 1ffff92000793fa0 R15: ffffc90003c9fdc0 [ 142.726554][ T6404] _copy_from_user+0x98/0xd0 [ 142.726587][ T6404] __sys_bpf+0x21d/0x4d80 [ 142.726622][ T6404] ? __pfx___sys_bpf+0x10/0x10 [ 142.726651][ T6404] ? vfs_write+0x15d/0x1150 [ 142.726708][ T6404] ? __pfx_vfs_write+0x10/0x10 [ 142.726758][ T6404] ? do_sys_openat2+0x157/0x1d0 [ 142.726819][ T6404] ? ksys_write+0x1ac/0x250 [ 142.726865][ T6404] ? __pfx_ksys_write+0x10/0x10 [ 142.726919][ T6404] __x64_sys_bpf+0x78/0xc0 [ 142.726947][ T6404] ? lockdep_hardirqs_on+0x7c/0x110 [ 142.726995][ T6404] do_syscall_64+0xcd/0x490 [ 142.727029][ T6404] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.727060][ T6404] RIP: 0033:0x7f949018e929 [ 142.727083][ T6404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.727110][ T6404] RSP: 002b:00007f9490fcd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 142.727136][ T6404] RAX: ffffffffffffffda RBX: 00007f94903b5fa0 RCX: 00007f949018e929 [ 142.727154][ T6404] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 142.727171][ T6404] RBP: 00007f9490fcd090 R08: 0000000000000000 R09: 0000000000000000 [ 142.727188][ T6404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.727205][ T6404] R13: 0000000000000000 R14: 00007f94903b5fa0 R15: 00007ffe96376d58 [ 142.727245][ T6404] [ 143.260852][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.267617][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.447033][ T6420] block nbd7: not configured, cannot reconfigure [ 143.454238][ T6420] mmap: syz.1.117 (6420) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 144.844765][ T6443] syz.1.122 (6443) used greatest stack depth: 19800 bytes left [ 145.520162][ T6456] FAULT_INJECTION: forcing a failure. [ 145.520162][ T6456] name failslab, interval 1, probability 0, space 0, times 0 [ 145.571827][ T6456] CPU: 1 UID: 0 PID: 6456 Comm: syz.0.126 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 145.571870][ T6456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 145.571887][ T6456] Call Trace: [ 145.571897][ T6456] [ 145.571910][ T6456] dump_stack_lvl+0x16c/0x1f0 [ 145.571954][ T6456] should_fail_ex+0x512/0x640 [ 145.572004][ T6456] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 145.572057][ T6456] should_failslab+0xc2/0x120 [ 145.572091][ T6456] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 145.572140][ T6456] ? __thp_vma_allowable_orders+0x1c5/0xb10 [ 145.572175][ T6456] ? ptlock_alloc+0x1f/0x70 [ 145.572215][ T6456] ptlock_alloc+0x1f/0x70 [ 145.572259][ T6456] pte_alloc_one+0x82/0x3a0 [ 145.572309][ T6456] __handle_mm_fault+0x3a68/0x5490 [ 145.572364][ T6456] ? __pfx___handle_mm_fault+0x10/0x10 [ 145.572406][ T6456] ? __pfx_mt_find+0x10/0x10 [ 145.572464][ T6456] ? find_vma+0xbf/0x140 [ 145.572497][ T6456] ? __pfx_find_vma+0x10/0x10 [ 145.572535][ T6456] handle_mm_fault+0x589/0xd10 [ 145.572582][ T6456] ? __pkru_allows_pkey+0x21/0xb0 [ 145.572627][ T6456] do_user_addr_fault+0x7a6/0x1370 [ 145.572676][ T6456] ? rcu_is_watching+0x12/0xc0 [ 145.572714][ T6456] exc_page_fault+0x5c/0xb0 [ 145.572764][ T6456] asm_exc_page_fault+0x26/0x30 [ 145.572795][ T6456] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 145.572838][ T6456] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 145.572867][ T6456] RSP: 0018:ffffc90003adfca0 EFLAGS: 00050206 [ 145.572891][ T6456] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000e [ 145.572910][ T6456] RDX: fffff5200075bfba RSI: 0000000000000000 RDI: ffffc90003adfdc0 [ 145.572938][ T6456] RBP: 000000000000000e R08: 0000000000000001 R09: fffff5200075bfb9 [ 145.572957][ T6456] R10: ffffc90003adfdcd R11: 0000000000000001 R12: 0000000000000000 [ 145.572976][ T6456] R13: ffffc90003adfdc0 R14: 1ffff9200075bfa0 R15: ffffc90003adfdc0 [ 145.573019][ T6456] _copy_from_user+0x98/0xd0 [ 145.573053][ T6456] __sys_bpf+0x21d/0x4d80 [ 145.573089][ T6456] ? __pfx___sys_bpf+0x10/0x10 [ 145.573117][ T6456] ? vfs_write+0x15d/0x1150 [ 145.573173][ T6456] ? __pfx_vfs_write+0x10/0x10 [ 145.573221][ T6456] ? do_sys_openat2+0x157/0x1d0 [ 145.573282][ T6456] ? ksys_write+0x1ac/0x250 [ 145.573328][ T6456] ? __pfx_ksys_write+0x10/0x10 [ 145.573383][ T6456] __x64_sys_bpf+0x78/0xc0 [ 145.573414][ T6456] ? lockdep_hardirqs_on+0x7c/0x110 [ 145.573461][ T6456] do_syscall_64+0xcd/0x490 [ 145.573496][ T6456] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.573526][ T6456] RIP: 0033:0x7fef87b8e929 [ 145.573550][ T6456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.573579][ T6456] RSP: 002b:00007fef88934038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 145.573605][ T6456] RAX: ffffffffffffffda RBX: 00007fef87db5fa0 RCX: 00007fef87b8e929 [ 145.573624][ T6456] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 145.573641][ T6456] RBP: 00007fef88934090 R08: 0000000000000000 R09: 0000000000000000 [ 145.573659][ T6456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.573676][ T6456] R13: 0000000000000000 R14: 00007fef87db5fa0 R15: 00007ffe5e0b3fa8 [ 145.573716][ T6456] [ 145.916892][ C1] vkms_vblank_simulate: vblank timer overrun [ 147.167505][ T6498] FAULT_INJECTION: forcing a failure. [ 147.167505][ T6498] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 147.187723][ T6498] CPU: 1 UID: 0 PID: 6498 Comm: syz.1.137 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 147.187765][ T6498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 147.187792][ T6498] Call Trace: [ 147.187802][ T6498] [ 147.187813][ T6498] dump_stack_lvl+0x16c/0x1f0 [ 147.187848][ T6498] should_fail_ex+0x512/0x640 [ 147.187903][ T6498] should_fail_alloc_page+0xe7/0x130 [ 147.187935][ T6498] prepare_alloc_pages+0x3c2/0x610 [ 147.187980][ T6498] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 147.188040][ T6498] ? __lock_acquire+0x622/0x1c90 [ 147.188102][ T6498] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 147.188173][ T6498] ? find_held_lock+0x2b/0x80 [ 147.188204][ T6498] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 147.188255][ T6498] ? policy_nodemask+0xea/0x4e0 [ 147.188288][ T6498] alloc_pages_mpol+0x1fb/0x550 [ 147.188322][ T6498] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 147.188367][ T6498] folio_alloc_mpol_noprof+0x36/0x2f0 [ 147.188408][ T6498] shmem_alloc_folio+0x135/0x160 [ 147.188450][ T6498] shmem_alloc_and_add_folio+0x499/0xc20 [ 147.188508][ T6498] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 147.188558][ T6498] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 147.188612][ T6498] shmem_get_folio_gfp+0x67f/0x1600 [ 147.188669][ T6498] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 147.188720][ T6498] ? filemap_map_pages+0xf6f/0x1680 [ 147.188775][ T6498] shmem_fault+0x1fe/0xa30 [ 147.188821][ T6498] ? __lock_acquire+0x622/0x1c90 [ 147.188870][ T6498] ? __pfx_shmem_fault+0x10/0x10 [ 147.188919][ T6498] ? rcu_is_watching+0x12/0xc0 [ 147.188954][ T6498] ? __pfx_filemap_map_pages+0x10/0x10 [ 147.189018][ T6498] __do_fault+0x10d/0x490 [ 147.189074][ T6498] __handle_mm_fault+0x3c2a/0x5490 [ 147.189137][ T6498] ? __pfx___handle_mm_fault+0x10/0x10 [ 147.189178][ T6498] ? __pfx_mt_find+0x10/0x10 [ 147.189237][ T6498] ? find_vma+0xbf/0x140 [ 147.189269][ T6498] ? __pfx_find_vma+0x10/0x10 [ 147.189309][ T6498] handle_mm_fault+0x589/0xd10 [ 147.189354][ T6498] ? __pkru_allows_pkey+0x21/0xb0 [ 147.189401][ T6498] do_user_addr_fault+0x7a6/0x1370 [ 147.189450][ T6498] ? rcu_is_watching+0x12/0xc0 [ 147.189487][ T6498] exc_page_fault+0x5c/0xb0 [ 147.189541][ T6498] asm_exc_page_fault+0x26/0x30 [ 147.189573][ T6498] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 147.189616][ T6498] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 10 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 147.189644][ T6498] RSP: 0018:ffffc90003a6fca0 EFLAGS: 00050206 [ 147.189668][ T6498] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 000000000000000e [ 147.189686][ T6498] RDX: fffff5200074dfba RSI: 0000000000000000 RDI: ffffc90003a6fdc0 [ 147.189705][ T6498] RBP: 000000000000000e R08: 0000000000000001 R09: fffff5200074dfb9 [ 147.189723][ T6498] R10: ffffc90003a6fdcd R11: 0000000000000001 R12: 0000000000000000 [ 147.189741][ T6498] R13: ffffc90003a6fdc0 R14: 1ffff9200074dfa0 R15: ffffc90003a6fdc0 [ 147.189782][ T6498] _copy_from_user+0x98/0xd0 [ 147.189816][ T6498] __sys_bpf+0x21d/0x4d80 [ 147.189849][ T6498] ? __pfx___sys_bpf+0x10/0x10 [ 147.189872][ T6498] ? vfs_write+0x15d/0x1150 [ 147.189922][ T6498] ? __pfx_vfs_write+0x10/0x10 [ 147.189971][ T6498] ? do_sys_openat2+0x157/0x1d0 [ 147.190033][ T6498] ? ksys_write+0x1ac/0x250 [ 147.190080][ T6498] ? __pfx_ksys_write+0x10/0x10 [ 147.190177][ T6498] __x64_sys_bpf+0x78/0xc0 [ 147.190208][ T6498] ? lockdep_hardirqs_on+0x7c/0x110 [ 147.190258][ T6498] do_syscall_64+0xcd/0x490 [ 147.190293][ T6498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.190324][ T6498] RIP: 0033:0x7f9c8fd8e929 [ 147.190353][ T6498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.190379][ T6498] RSP: 002b:00007f9c90b85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 147.190405][ T6498] RAX: ffffffffffffffda RBX: 00007f9c8ffb5fa0 RCX: 00007f9c8fd8e929 [ 147.190431][ T6498] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 147.190449][ T6498] RBP: 00007f9c90b85090 R08: 0000000000000000 R09: 0000000000000000 [ 147.190469][ T6498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 147.190487][ T6498] R13: 0000000000000000 R14: 00007f9c8ffb5fa0 R15: 00007ffc48cf9488 [ 147.190530][ T6498] [ 147.615338][ C1] vkms_vblank_simulate: vblank timer overrun [ 149.415710][ T6538] process 'syz.2.148' launched './file0' with NULL argv: empty string added [ 149.994113][ T6547] FAULT_INJECTION: forcing a failure. [ 149.994113][ T6547] name failslab, interval 1, probability 0, space 0, times 0 [ 150.023064][ T6547] CPU: 0 UID: 0 PID: 6547 Comm: syz.0.150 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 150.023112][ T6547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 150.023133][ T6547] Call Trace: [ 150.023144][ T6547] [ 150.023157][ T6547] dump_stack_lvl+0x16c/0x1f0 [ 150.023197][ T6547] should_fail_ex+0x512/0x640 [ 150.023251][ T6547] ? __kvmalloc_node_noprof+0x124/0x620 [ 150.023309][ T6547] should_failslab+0xc2/0x120 [ 150.023345][ T6547] __kvmalloc_node_noprof+0x137/0x620 [ 150.023401][ T6547] ? __sys_bpf+0x269a/0x4d80 [ 150.023440][ T6547] ? __sys_bpf+0x269a/0x4d80 [ 150.023469][ T6547] __sys_bpf+0x269a/0x4d80 [ 150.023509][ T6547] ? __pfx___sys_bpf+0x10/0x10 [ 150.023546][ T6547] ? vfs_write+0x15d/0x1150 [ 150.023609][ T6547] ? __pfx_vfs_write+0x10/0x10 [ 150.023661][ T6547] ? do_sys_openat2+0x157/0x1d0 [ 150.023728][ T6547] ? ksys_write+0x1ac/0x250 [ 150.023780][ T6547] ? __pfx_ksys_write+0x10/0x10 [ 150.023851][ T6547] __x64_sys_bpf+0x78/0xc0 [ 150.023884][ T6547] ? lockdep_hardirqs_on+0x7c/0x110 [ 150.023934][ T6547] do_syscall_64+0xcd/0x490 [ 150.023971][ T6547] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.024006][ T6547] RIP: 0033:0x7fef87b8e929 [ 150.024034][ T6547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.024066][ T6547] RSP: 002b:00007fef88934038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 150.024097][ T6547] RAX: ffffffffffffffda RBX: 00007fef87db5fa0 RCX: 00007fef87b8e929 [ 150.024119][ T6547] RDX: 000000000000000e RSI: 0000000000000000 RDI: 0000000000000004 [ 150.024138][ T6547] RBP: 00007fef88934090 R08: 0000000000000000 R09: 0000000000000000 [ 150.024157][ T6547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 150.024176][ T6547] R13: 0000000000000000 R14: 00007fef87db5fa0 R15: 00007ffe5e0b3fa8 [ 150.024218][ T6547] [ 150.672737][ T6566] netlink: 'syz.1.154': attribute type 1 has an invalid length. [ 153.391853][ T6597] tipc: Started in network mode [ 153.403986][ T6597] tipc: Node identity ee00, cluster identity 4711 [ 153.411168][ T6597] tipc: Node number set to 60928 [ 155.291049][ T6639] FAULT_INJECTION: forcing a failure. [ 155.291049][ T6639] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 155.323075][ T6639] CPU: 0 UID: 0 PID: 6639 Comm: syz.2.171 Not tainted 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 155.323117][ T6639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 155.323136][ T6639] Call Trace: [ 155.323146][ T6639] [ 155.323157][ T6639] dump_stack_lvl+0x16c/0x1f0 [ 155.323194][ T6639] should_fail_ex+0x512/0x640 [ 155.323251][ T6639] _copy_to_user+0x32/0xd0 [ 155.323285][ T6639] simple_read_from_buffer+0xcb/0x170 [ 155.323341][ T6639] proc_fail_nth_read+0x197/0x270 [ 155.323381][ T6639] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 155.323424][ T6639] ? rw_verify_area+0xcf/0x680 [ 155.323465][ T6639] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 155.323505][ T6639] vfs_read+0x1e4/0xc60 [ 155.323558][ T6639] ? __pfx_vfs_read+0x10/0x10 [ 155.323605][ T6639] ? do_sys_openat2+0x157/0x1d0 [ 155.323663][ T6639] ksys_read+0x12a/0x250 [ 155.323708][ T6639] ? __pfx_ksys_read+0x10/0x10 [ 155.323766][ T6639] do_syscall_64+0xcd/0x490 [ 155.323799][ T6639] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.323829][ T6639] RIP: 0033:0x7f3149f8d33c [ 155.323852][ T6639] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 155.323882][ T6639] RSP: 002b:00007f314ade6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 155.323909][ T6639] RAX: ffffffffffffffda RBX: 00007f314a1b5fa0 RCX: 00007f3149f8d33c [ 155.323928][ T6639] RDX: 000000000000000f RSI: 00007f314ade60a0 RDI: 0000000000000001 [ 155.323945][ T6639] RBP: 00007f314ade6090 R08: 0000000000000000 R09: 0000000000000000 [ 155.323962][ T6639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 155.323978][ T6639] R13: 0000000000000000 R14: 00007f314a1b5fa0 R15: 00007fff8d0b34c8 [ 155.324016][ T6639] [ 155.836291][ T6655] block2mtd: too many arguments [ 156.573985][ T6671] Invalid ELF header magic: != ELF [ 157.552509][ T6686] netlink: 28 bytes leftover after parsing attributes in process `syz.0.180'. [ 157.566164][ T6686] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 157.683020][ T6686] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 157.712492][ T6686] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 157.720160][ T6686] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 159.831308][ T6719] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 160.546639][ T6738] netlink: 146 bytes leftover after parsing attributes in process `syz.0.195'. [ 160.649388][ T6742] netlink: 28 bytes leftover after parsing attributes in process `syz.0.195'. [ 161.679085][ T6757] netlink: 'syz.0.199': attribute type 1 has an invalid length. [ 162.407808][ T6768] binder: 6767:6768 ioctl c018620c 0 returned -1 [ 163.896031][ T6785] Ignoring unsupported numa_zonelist_order value: [ 163.896031][ T6785] [ 166.335222][ T6848] netlink: 4 bytes leftover after parsing attributes in process `syz.1.219'. [ 166.354974][ T6848] netlink: 354 bytes leftover after parsing attributes in process `syz.1.219'. [ 166.383127][ T6846] virtio-pci 0000:00:04.0: [Firmware Bug]: Overriding NUMA node to 0. Contact your vendor for updates. [ 167.540455][ T6871] sctp: [Deprecated]: syz.3.223 (pid 6871) Use of int in max_burst socket option deprecated. [ 167.540455][ T6871] Use struct sctp_assoc_value instead [ 168.781586][ T6897] FAULT_INJECTION: forcing a failure. [ 168.781586][ T6897] name failslab, interval 1, probability 0, space 0, times 0 [ 168.795137][ T6897] CPU: 0 UID: 0 PID: 6897 Comm: syz.2.229 Tainted: G I 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 168.795200][ T6897] Tainted: [I]=FIRMWARE_WORKAROUND [ 168.795213][ T6897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 168.795232][ T6897] Call Trace: [ 168.795244][ T6897] [ 168.795256][ T6897] dump_stack_lvl+0x16c/0x1f0 [ 168.795293][ T6897] should_fail_ex+0x512/0x640 [ 168.795354][ T6897] ? __kmalloc_noprof+0xbf/0x510 [ 168.795409][ T6897] ? __register_sysctl_table+0xb3/0x1900 [ 168.795441][ T6897] should_failslab+0xc2/0x120 [ 168.795474][ T6897] __kmalloc_noprof+0xd2/0x510 [ 168.795535][ T6897] __register_sysctl_table+0xb3/0x1900 [ 168.795569][ T6897] ? is_module_address+0x5f/0xf0 [ 168.795621][ T6897] ? __pfx___register_sysctl_table+0x10/0x10 [ 168.795654][ T6897] ? is_module_address+0x69/0xf0 [ 168.795707][ T6897] ? register_net_sysctl_sz+0x228/0x3e0 [ 168.795749][ T6897] ? __asan_memcpy+0x3c/0x60 [ 168.795802][ T6897] nf_log_net_init+0x109/0x450 [ 168.795852][ T6897] ? __pfx_nf_log_net_init+0x10/0x10 [ 168.795890][ T6897] ops_init+0x1df/0x5f0 [ 168.795932][ T6897] setup_net+0x1ff/0x510 [ 168.795965][ T6897] ? lockdep_init_map_type+0x5c/0x280 [ 168.796013][ T6897] ? __pfx_setup_net+0x10/0x10 [ 168.796052][ T6897] ? debug_mutex_init+0x37/0x70 [ 168.796089][ T6897] copy_net_ns+0x2a6/0x5f0 [ 168.796133][ T6897] create_new_namespaces+0x3ea/0xa90 [ 168.796180][ T6897] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 168.796222][ T6897] ksys_unshare+0x45b/0xa40 [ 168.796265][ T6897] ? __pfx_ksys_unshare+0x10/0x10 [ 168.796311][ T6897] ? xfd_validate_state+0x61/0x180 [ 168.796368][ T6897] __x64_sys_unshare+0x31/0x40 [ 168.796411][ T6897] do_syscall_64+0xcd/0x490 [ 168.796447][ T6897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.796481][ T6897] RIP: 0033:0x7f3149f8e929 [ 168.796508][ T6897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.796540][ T6897] RSP: 002b:00007f314ade6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 168.796572][ T6897] RAX: ffffffffffffffda RBX: 00007f314a1b5fa0 RCX: 00007f3149f8e929 [ 168.796594][ T6897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 168.796613][ T6897] RBP: 00007f314a010b39 R08: 0000000000000000 R09: 0000000000000000 [ 168.796632][ T6897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.796651][ T6897] R13: 0000000000000000 R14: 00007f314a1b5fa0 R15: 00007fff8d0b34c8 [ 168.796693][ T6897] [ 171.841295][ T6947] random: crng reseeded on system resumption [ 172.446904][ T6947] Restarting kernel threads ... [ 172.455022][ T6947] Done restarting kernel threads. [ 172.916032][ T6962] netlink: zone id is out of range [ 174.281247][ T6996] QAT: failed to copy from user. [ 174.297013][ T6995] QAT: failed to copy from user. syzkaller syzkaller login: [ 177.532797][ T7075] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 177.532797][ T7075] The task syz.2.267 (7075) triggered the difference, watch for misbehavior. [ 177.885159][ T5850] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 178.276005][ T7089] FAULT_INJECTION: forcing a failure. [ 178.276005][ T7089] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 178.299289][ T7089] CPU: 1 UID: 0 PID: 7089 Comm: syz.0.271 Tainted: G I 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 178.299338][ T7089] Tainted: [I]=FIRMWARE_WORKAROUND [ 178.299350][ T7089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 178.299367][ T7089] Call Trace: [ 178.299377][ T7089] [ 178.299387][ T7089] dump_stack_lvl+0x16c/0x1f0 [ 178.299421][ T7089] should_fail_ex+0x512/0x640 [ 178.299478][ T7089] _copy_from_user+0x2e/0xd0 [ 178.299511][ T7089] snd_seq_write+0x3ed/0x6d0 [ 178.299560][ T7089] ? __pfx_snd_seq_write+0x10/0x10 [ 178.299600][ T7089] ? bpf_lsm_file_permission+0x9/0x10 [ 178.299637][ T7089] ? security_file_permission+0x71/0x210 [ 178.299684][ T7089] ? rw_verify_area+0xcf/0x680 [ 178.299727][ T7089] ? __pfx_snd_seq_write+0x10/0x10 [ 178.299762][ T7089] vfs_write+0x29d/0x1150 [ 178.299817][ T7089] ? __pfx_vfs_write+0x10/0x10 [ 178.299861][ T7089] ? find_held_lock+0x2b/0x80 [ 178.299894][ T7089] ? __fget_files+0x204/0x3c0 [ 178.299947][ T7089] ? __fget_files+0x20e/0x3c0 [ 178.300002][ T7089] ksys_write+0x1f8/0x250 [ 178.300047][ T7089] ? __pfx_ksys_write+0x10/0x10 [ 178.300113][ T7089] do_syscall_64+0xcd/0x490 [ 178.300147][ T7089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.300176][ T7089] RIP: 0033:0x7fef87b8e929 [ 178.300195][ T7089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 178.300223][ T7089] RSP: 002b:00007fef88934038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 178.300250][ T7089] RAX: ffffffffffffffda RBX: 00007fef87db5fa0 RCX: 00007fef87b8e929 [ 178.300270][ T7089] RDX: 0000000000000038 RSI: 00002000000000c0 RDI: 0000000000000003 [ 178.300288][ T7089] RBP: 00007fef88934090 R08: 0000000000000000 R09: 0000000000000000 [ 178.300305][ T7089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 178.300321][ T7089] R13: 0000000000000000 R14: 00007fef87db5fa0 R15: 00007ffe5e0b3fa8 [ 178.300362][ T7089] [ 179.721471][ T30] audit: type=1326 audit(4294967316.458:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7115 comm="syz.2.276" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3149f8e929 code=0x0 [ 179.785889][ T30] audit: type=1800 audit(4294967316.528:6): pid=7128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.276" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 179.843454][ T7125] netlink: 16 bytes leftover after parsing attributes in process `syz.0.277'. [ 180.232943][ T7126] zswap: compressor Á}:Þ1mÞ38¬ÁÛv³4. BZQ²T¤¹=²×PùèÄ‘./ not available [ 183.919552][ T7200] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 184.664462][ T7201] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 185.143704][ T7215] program syz.0.293 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 191.116208][ T7286] syz.3.312 uses obsolete (PF_INET,SOCK_PACKET) [ 192.057659][ T7303] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 193.684200][ T7305] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 195.373320][ T5845] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 195.383057][ T5845] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 195.394398][ T5845] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 195.444875][ T5845] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 195.459239][ T5845] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 197.063383][ T7331] chnl_net:caif_netlink_parms(): no params data found [ 197.298050][ T7357] could not allocate digest TFM handle [ 197.555825][ T5845] Bluetooth: hci4: command tx timeout [ 197.931212][ T7373] zswap: compressor not available [ 198.081756][ T7331] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.097898][ T7331] bridge0: port 1(bridge_slave_0) entered disabled state [ 198.113425][ T7331] bridge_slave_0: entered allmulticast mode [ 198.125505][ T7331] bridge_slave_0: entered promiscuous mode [ 198.263180][ T7331] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.277596][ T7331] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.307520][ T7331] bridge_slave_1: entered allmulticast mode [ 198.328761][ T7331] bridge_slave_1: entered promiscuous mode [ 198.807515][ T7331] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 198.919683][ T7331] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 199.186692][ T7331] team0: Port device team_slave_0 added [ 199.216962][ T7331] team0: Port device team_slave_1 added [ 199.633764][ T5845] Bluetooth: hci4: command tx timeout [ 199.769911][ T7331] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 199.787326][ T7331] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.842393][ T7331] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 199.913272][ T7331] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 199.930941][ T7331] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 199.982499][ T7331] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 200.209433][ T7331] hsr_slave_0: entered promiscuous mode [ 200.228660][ T7331] hsr_slave_1: entered promiscuous mode [ 200.252983][ T7331] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 200.296222][ T7331] Cannot create hsr debugfs directory [ 201.360894][ T7331] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 201.495450][ T7331] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 201.646686][ T7331] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 201.711279][ T5845] Bluetooth: hci4: command tx timeout [ 201.759243][ T7331] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 202.291629][ T7331] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.428186][ T7331] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.630784][ T7420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 202.691844][ T7420] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 202.700286][ T7043] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.707601][ T7043] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.716086][ T7420] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 202.738002][ T7420] page_type: f5(slab) [ 202.855779][ T7420] raw: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000 [ 202.868106][ T7420] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 202.880198][ T7420] head: 00fff00000000040 ffff88801b442140 dead000000000122 0000000000000000 [ 202.943882][ T7043] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.951161][ T7043] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.969638][ T7420] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 203.077601][ T7420] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 203.092510][ T7420] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 203.102415][ T7420] page dumped because: unmovable page [ 203.108635][ T7420] page_owner tracks the page as allocated [ 203.118188][ T7420] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevd), ts 197359896310, free_ts 197234996539 [ 203.219454][ T7420] post_alloc_hook+0x1c0/0x230 [ 203.228416][ T7432] HfR: entered promiscuous mode [ 203.228946][ T7420] get_page_from_freelist+0x1321/0x3890 [ 203.259753][ T7420] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 203.267914][ T7420] alloc_pages_mpol+0x1fb/0x550 [ 203.277416][ T7420] new_slab+0x23b/0x330 [ 203.284946][ T7420] ___slab_alloc+0xd9c/0x1940 [ 203.289716][ T7420] __slab_alloc.constprop.0+0x56/0xb0 [ 203.313231][ T7420] __kmalloc_noprof+0x2f2/0x510 [ 203.328074][ T7420] tomoyo_realpath_from_path+0xc2/0x6e0 [ 203.338309][ T7420] tomoyo_path_perm+0x274/0x460 [ 203.348333][ T7420] security_inode_getattr+0x116/0x290 [ 203.360568][ T7420] vfs_fstat+0x4b/0xe0 [ 203.370773][ T7420] __do_sys_newfstat+0x87/0x100 [ 203.386326][ T7420] do_syscall_64+0xcd/0x490 [ 203.406618][ T7420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.425114][ T7420] page last free pid 7365 tgid 7365 stack trace: [ 203.443830][ T7420] __free_frozen_pages+0x7fe/0x1180 [ 203.460456][ T7420] __put_partials+0x16d/0x1c0 [ 203.465214][ T7420] qlist_free_all+0x4d/0x120 [ 203.469835][ T7420] kasan_quarantine_reduce+0x195/0x1e0 [ 203.501499][ T7420] __kasan_slab_alloc+0x69/0x90 [ 203.506433][ T7420] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 203.558371][ T7420] vm_area_dup+0x27/0x8d0 [ 203.579984][ T7420] __split_vma+0x18e/0x1070 [ 203.606119][ T7420] vma_modify+0xee1/0x20a0 [ 203.627197][ T7420] vma_modify_flags+0x212/0x2d0 [ 203.654510][ T7420] mprotect_fixup+0x2b3/0xb10 [ 203.659384][ T7420] do_mprotect_pkey+0x9ca/0xd50 [ 203.694822][ T7420] __x64_sys_mprotect+0x78/0xc0 [ 203.718687][ T7420] do_syscall_64+0xcd/0x490 [ 203.740444][ T7420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.800382][ T5845] Bluetooth: hci4: command tx timeout [ 204.297230][ T7452] kvm: kvm [7450]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x40000025) = 0x2 [ 204.673124][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.679452][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 204.832507][ T7331] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.900715][ T7331] veth0_vlan: entered promiscuous mode [ 205.944782][ T7331] veth1_vlan: entered promiscuous mode [ 206.103012][ T7331] veth0_macvtap: entered promiscuous mode [ 206.141099][ T7331] veth1_macvtap: entered promiscuous mode [ 206.224927][ T7331] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.241167][ T7476] ima: policy update failed [ 206.270984][ T30] audit: type=1802 audit(4294967343.011:7): pid=7476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.348" res=0 errno=0 [ 206.301626][ T7476] netlink: 25 bytes leftover after parsing attributes in process `syz.2.348'. [ 206.314769][ T7331] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.347799][ T7331] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.367560][ T7331] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.388904][ T7331] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.408071][ T7331] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.616833][ T7043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.650460][ T7043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 206.738406][ T7044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 206.762532][ T7465] Process accounting resumed [ 206.781703][ T7044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 207.511632][ T7501] ecryptfs_parse_packet_length: Error parsing packet length [ 207.548283][ T7501] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 207.612580][ T7505] ecryptfs_miscdev_write: Invalid packet size [32] [ 207.638313][ T7505] ecryptfs_miscdev_write: Invalid packet size [110] [ 209.735981][ T7549] Invalid ELF header magic: != ELF [ 210.294888][ T7044] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.663580][ T7044] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.935389][ T7044] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.171109][ T7044] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 211.721519][ T7044] team0: left allmulticast mode [ 211.738140][ T7044] team_slave_0: left allmulticast mode [ 211.778125][ T7044] team_slave_1: left allmulticast mode [ 211.783864][ T7044] team0: left promiscuous mode [ 211.829049][ T7044] team_slave_0: left promiscuous mode [ 211.834945][ T7044] team_slave_1: left promiscuous mode [ 211.907891][ T7044] bridge0: port 3(team0) entered disabled state [ 211.971949][ T7044] bridge_slave_1: left allmulticast mode [ 211.985336][ T7044] bridge_slave_1: left promiscuous mode [ 212.016414][ T7044] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.089153][ T7044] bridge_slave_0: left allmulticast mode [ 212.094878][ T7044] bridge_slave_0: left promiscuous mode [ 212.129022][ T7044] bridge0: port 1(bridge_slave_0) entered disabled state [ 213.201327][ T7044] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 213.242070][ T7044] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 213.271032][ T7044] bond0 (unregistering): Released all slaves [ 213.988603][ T7044] hsr_slave_0: left promiscuous mode [ 214.019286][ T7044] hsr_slave_1: left promiscuous mode [ 214.037747][ T7044] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 214.075180][ T7044] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 214.121712][ T7044] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 214.131633][ T7044] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 214.292810][ T7044] veth1_macvtap: left promiscuous mode [ 214.313299][ T7044] veth0_macvtap: left promiscuous mode [ 214.323482][ T7044] veth1_vlan: left promiscuous mode [ 214.343809][ T7044] veth0_vlan: left promiscuous mode [ 214.434141][ T7625] FAULT_INJECTION: forcing a failure. [ 214.434141][ T7625] name failslab, interval 1, probability 0, space 0, times 0 [ 214.471652][ T7625] CPU: 1 UID: 0 PID: 7625 Comm: syz.2.372 Tainted: G I 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 214.471708][ T7625] Tainted: [I]=FIRMWARE_WORKAROUND [ 214.471720][ T7625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 214.471738][ T7625] Call Trace: [ 214.471748][ T7625] [ 214.471761][ T7625] dump_stack_lvl+0x16c/0x1f0 [ 214.471798][ T7625] should_fail_ex+0x512/0x640 [ 214.471858][ T7625] ? __kmalloc_noprof+0xbf/0x510 [ 214.471913][ T7625] ? lsm_blob_alloc+0x68/0x90 [ 214.471940][ T7625] should_failslab+0xc2/0x120 [ 214.471974][ T7625] __kmalloc_noprof+0xd2/0x510 [ 214.472035][ T7625] lsm_blob_alloc+0x68/0x90 [ 214.472064][ T7625] security_sk_alloc+0x30/0x270 [ 214.472104][ T7625] sk_prot_alloc+0xfb/0x2a0 [ 214.472147][ T7625] sk_alloc+0x36/0xc20 [ 214.472201][ T7625] __vsock_create.constprop.0+0x3c/0xbb0 [ 214.472253][ T7625] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 214.472308][ T7625] vsock_create+0x139/0x500 [ 214.472343][ T7625] __sock_create+0x335/0x8d0 [ 214.472394][ T7625] __sys_socket+0x14d/0x260 [ 214.472438][ T7625] ? __pfx___sys_socket+0x10/0x10 [ 214.472483][ T7625] ? xfd_validate_state+0x61/0x180 [ 214.472525][ T7625] ? __pfx___do_sys_close_range+0x10/0x10 [ 214.472589][ T7625] __x64_sys_socket+0x72/0xb0 [ 214.472630][ T7625] ? lockdep_hardirqs_on+0x7c/0x110 [ 214.472683][ T7625] do_syscall_64+0xcd/0x490 [ 214.472719][ T7625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.472752][ T7625] RIP: 0033:0x7f3149f8e929 [ 214.472779][ T7625] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.472820][ T7625] RSP: 002b:00007f314ade6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 214.472851][ T7625] RAX: ffffffffffffffda RBX: 00007f314a1b5fa0 RCX: 00007f3149f8e929 [ 214.472872][ T7625] RDX: 0000000000000000 RSI: 0000000000000801 RDI: 0000000000000028 [ 214.472891][ T7625] RBP: 00007f314a010b39 R08: 0000000000000000 R09: 0000000000000000 [ 214.472910][ T7625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 214.472926][ T7625] R13: 0000000000000000 R14: 00007f314a1b5fa0 R15: 00007fff8d0b34c8 [ 214.472964][ T7625] syzkaller syzkaller login: [ 215.276679][ T7641] netlink: 338 bytes leftover after parsing attributes in process `syz.0.374'. [ 215.663328][ T7638] could not allocate digest TFM handle [ 216.360959][ T7044] team0 (unregistering): Port device team_slave_1 removed [ 216.418164][ T7044] team0 (unregistering): Port device team_slave_0 removed [ 216.942198][ T7641] macsec0: entered promiscuous mode [ 216.950376][ T7641] macsec0: entered allmulticast mode [ 216.959009][ T7641] veth1_macvtap: entered allmulticast mode [ 217.592027][ T7667] FAULT_INJECTION: forcing a failure. [ 217.592027][ T7667] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 217.626974][ T7667] CPU: 0 UID: 0 PID: 7667 Comm: syz.4.379 Tainted: G I 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 217.627033][ T7667] Tainted: [I]=FIRMWARE_WORKAROUND [ 217.627045][ T7667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 217.627063][ T7667] Call Trace: [ 217.627074][ T7667] [ 217.627087][ T7667] dump_stack_lvl+0x16c/0x1f0 [ 217.627124][ T7667] should_fail_ex+0x512/0x640 [ 217.627184][ T7667] _copy_from_user+0x2e/0xd0 [ 217.627218][ T7667] do_sys_poll+0x1d5/0xdf0 [ 217.627267][ T7667] ? __schedule+0x1181/0x5de0 [ 217.627327][ T7667] ? __pfx_do_sys_poll+0x10/0x10 [ 217.627371][ T7667] ? find_held_lock+0x2b/0x80 [ 217.627441][ T7667] ? preempt_schedule_common+0x44/0xc0 [ 217.627575][ T7667] ? __pfx_timespec64_add_safe+0x10/0x10 [ 217.627639][ T7667] ? ktime_get_ts64+0x2d2/0x400 [ 217.627682][ T7667] ? read_tsc+0x9/0x20 [ 217.627712][ T7667] ? ktime_get_ts64+0x256/0x400 [ 217.627764][ T7667] __x64_sys_poll+0x1a6/0x450 [ 217.627816][ T7667] ? __pfx___x64_sys_poll+0x10/0x10 [ 217.627877][ T7667] do_syscall_64+0xcd/0x490 [ 217.627912][ T7667] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.627946][ T7667] RIP: 0033:0x7f0da8f8e929 [ 217.627972][ T7667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.628003][ T7667] RSP: 002b:00007f0da9e11038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 217.628032][ T7667] RAX: ffffffffffffffda RBX: 00007f0da91b5fa0 RCX: 00007f0da8f8e929 [ 217.628053][ T7667] RDX: 0000000000000009 RSI: 000000000000007f RDI: 0000200000000180 [ 217.628072][ T7667] RBP: 00007f0da9010b39 R08: 0000000000000000 R09: 0000000000000000 [ 217.628091][ T7667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.628110][ T7667] R13: 0000000000000000 R14: 00007f0da91b5fa0 R15: 00007fffd54bfbd8 [ 217.628151][ T7667] [ 218.454025][ T7680] snd_aloop snd_aloop.0: control 1:32774:2147483646:¢¸è_ÅheºRŸª:388 is already present [ 227.218816][ T5848] Bluetooth: hci2: command 0x0406 tx timeout [ 227.224962][ T5848] Bluetooth: hci0: command 0x0406 tx timeout [ 227.231520][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 236.287919][ T7989] FAULT_INJECTION: forcing a failure. [ 236.287919][ T7989] name fail_futex, interval 1, probability 0, space 0, times 1 [ 236.419284][ T7989] CPU: 1 UID: 0 PID: 7989 Comm: syz.0.427 Tainted: G I 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 236.419323][ T7989] Tainted: [I]=FIRMWARE_WORKAROUND [ 236.419331][ T7989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 236.419344][ T7989] Call Trace: [ 236.419352][ T7989] [ 236.419361][ T7989] dump_stack_lvl+0x16c/0x1f0 [ 236.419388][ T7989] should_fail_ex+0x512/0x640 [ 236.419429][ T7989] get_futex_key+0x293/0x1540 [ 236.419460][ T7989] ? __pfx_get_futex_key+0x10/0x10 [ 236.419487][ T7989] ? __mutex_trylock_common+0xe9/0x250 [ 236.419526][ T7989] futex_wake+0xea/0x530 [ 236.419568][ T7989] ? __pfx_futex_wake+0x10/0x10 [ 236.419599][ T7989] ? __lock_acquire+0xb8a/0x1c90 [ 236.419646][ T7989] do_futex+0x1e3/0x350 [ 236.419675][ T7989] ? __pfx_do_futex+0x10/0x10 [ 236.419700][ T7989] ? __might_fault+0xe3/0x190 [ 236.419742][ T7989] mm_release+0x24e/0x300 [ 236.419768][ T7989] do_exit+0x683/0x2bd0 [ 236.419814][ T7989] ? __pfx_do_exit+0x10/0x10 [ 236.419844][ T7989] ? do_raw_spin_lock+0x12c/0x2b0 [ 236.419878][ T7989] ? find_held_lock+0x2b/0x80 [ 236.419905][ T7989] do_group_exit+0xd3/0x2a0 [ 236.419938][ T7989] get_signal+0x2673/0x26d0 [ 236.419974][ T7989] ? __pfx_get_signal+0x10/0x10 [ 236.419998][ T7989] ? do_futex+0x122/0x350 [ 236.420026][ T7989] ? __pfx_do_futex+0x10/0x10 [ 236.420057][ T7989] arch_do_signal_or_restart+0x8f/0x790 [ 236.420085][ T7989] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 236.420118][ T7989] ? xfd_validate_state+0x61/0x180 [ 236.420147][ T7989] ? __pfx_do_writev+0x10/0x10 [ 236.420192][ T7989] exit_to_user_mode_loop+0x84/0x110 [ 236.420229][ T7989] do_syscall_64+0x3f6/0x490 [ 236.420255][ T7989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.420278][ T7989] RIP: 0033:0x7fef87b8e929 [ 236.420296][ T7989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 236.420318][ T7989] RSP: 002b:00007fef889340e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 236.420339][ T7989] RAX: 0000000000000001 RBX: 00007fef87db5fa8 RCX: 00007fef87b8e929 [ 236.420354][ T7989] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fef87db5fac [ 236.420367][ T7989] RBP: 00007fef87db5fa0 R08: 00007fef88935000 R09: 0000000000000000 [ 236.420381][ T7989] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fef87db5fac [ 236.420395][ T7989] R13: 0000000000000000 R14: 00007ffe5e0b3ec0 R15: 00007ffe5e0b3fa8 [ 236.420423][ T7989] [ 237.225168][ T7997] FAULT_INJECTION: forcing a failure. [ 237.225168][ T7997] name failslab, interval 1, probability 0, space 0, times 0 [ 237.310908][ T7997] CPU: 1 UID: 0 PID: 7997 Comm: syz.0.428 Tainted: G I 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 237.310961][ T7997] Tainted: [I]=FIRMWARE_WORKAROUND [ 237.310973][ T7997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 237.310991][ T7997] Call Trace: [ 237.311001][ T7997] [ 237.311013][ T7997] dump_stack_lvl+0x16c/0x1f0 [ 237.311049][ T7997] should_fail_ex+0x512/0x640 [ 237.311100][ T7997] ? fs_reclaim_acquire+0xae/0x150 [ 237.311142][ T7997] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 237.311188][ T7997] should_failslab+0xc2/0x120 [ 237.311222][ T7997] __kmalloc_noprof+0xd2/0x510 [ 237.311280][ T7997] tomoyo_realpath_from_path+0xc2/0x6e0 [ 237.311331][ T7997] ? tomoyo_profile+0x47/0x60 [ 237.311364][ T7997] tomoyo_path_number_perm+0x245/0x580 [ 237.311403][ T7997] ? tomoyo_path_number_perm+0x237/0x580 [ 237.311446][ T7997] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 237.311489][ T7997] ? find_held_lock+0x2b/0x80 [ 237.311559][ T7997] ? find_held_lock+0x2b/0x80 [ 237.311589][ T7997] ? hook_file_ioctl_common+0x145/0x410 [ 237.311636][ T7997] ? __fget_files+0x20e/0x3c0 [ 237.311689][ T7997] security_file_ioctl+0x9b/0x240 [ 237.311741][ T7997] __x64_sys_ioctl+0xb7/0x210 [ 237.311785][ T7997] do_syscall_64+0xcd/0x490 [ 237.311820][ T7997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.311852][ T7997] RIP: 0033:0x7fef87b8e929 [ 237.311877][ T7997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.311907][ T7997] RSP: 002b:00007fef859f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 237.311935][ T7997] RAX: ffffffffffffffda RBX: 00007fef87db6160 RCX: 00007fef87b8e929 [ 237.311955][ T7997] RDX: 0000000000000024 RSI: 00000000000089f0 RDI: 0000000000000003 [ 237.311973][ T7997] RBP: 00007fef859f6090 R08: 0000000000000000 R09: 0000000000000000 [ 237.311991][ T7997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 237.312009][ T7997] R13: 0000000000000001 R14: 00007fef87db6160 R15: 00007ffe5e0b3fa8 [ 237.312050][ T7997] [ 237.312063][ T7997] ERROR: Out of memory at tomoyo_realpath_from_path. [ 238.252354][ T7972] Process accounting paused [ 238.648699][ T8020] netlink: 330 bytes leftover after parsing attributes in process `syz.2.431'. [ 238.713888][ T8020] ›: renamed from hsr0 (while UP) [ 239.487579][ T8042] FAULT_INJECTION: forcing a failure. [ 239.487579][ T8042] name failslab, interval 1, probability 0, space 0, times 0 [ 239.501131][ T8042] CPU: 1 UID: 0 PID: 8042 Comm: syz.2.434 Tainted: G I 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 239.501186][ T8042] Tainted: [I]=FIRMWARE_WORKAROUND [ 239.501199][ T8042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 239.501218][ T8042] Call Trace: [ 239.501230][ T8042] [ 239.501242][ T8042] dump_stack_lvl+0x16c/0x1f0 [ 239.501281][ T8042] should_fail_ex+0x512/0x640 [ 239.501339][ T8042] should_failslab+0xc2/0x120 [ 239.501374][ T8042] __kmalloc_cache_noprof+0x6a/0x3e0 [ 239.501423][ T8042] ? proc_self_get_link+0x1a9/0x230 [ 239.501478][ T8042] proc_self_get_link+0x1a9/0x230 [ 239.501527][ T8042] ? __pfx_proc_self_get_link+0x10/0x10 [ 239.501572][ T8042] step_into+0x195e/0x2270 [ 239.501625][ T8042] ? __pfx_step_into+0x10/0x10 [ 239.501678][ T8042] ? lookup_fast+0x156/0x610 [ 239.501728][ T8042] walk_component+0xfc/0x5b0 [ 239.501777][ T8042] link_path_walk+0x627/0xe20 [ 239.501847][ T8042] path_openat+0x1b0/0x2cb0 [ 239.501896][ T8042] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.501947][ T8042] ? __pfx_path_openat+0x10/0x10 [ 239.502001][ T8042] ? __lock_acquire+0xb8a/0x1c90 [ 239.502050][ T8042] do_filp_open+0x20b/0x470 [ 239.502102][ T8042] ? __pfx_do_filp_open+0x10/0x10 [ 239.502190][ T8042] ? alloc_fd+0x471/0x7d0 [ 239.502247][ T8042] do_sys_openat2+0x11b/0x1d0 [ 239.502287][ T8042] ? __pfx_do_sys_openat2+0x10/0x10 [ 239.502341][ T8042] __x64_sys_openat+0x174/0x210 [ 239.502380][ T8042] ? __pfx___x64_sys_openat+0x10/0x10 [ 239.502438][ T8042] do_syscall_64+0xcd/0x490 [ 239.502472][ T8042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.502505][ T8042] RIP: 0033:0x7f3149f8d290 [ 239.502532][ T8042] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 239.502561][ T8042] RSP: 002b:00007f314ade5f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 239.502590][ T8042] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f3149f8d290 [ 239.502611][ T8042] RDX: 0000000000000002 RSI: 00007f314ade5fa0 RDI: 00000000ffffff9c [ 239.502630][ T8042] RBP: 00007f314ade5fa0 R08: 0000000000000000 R09: 00007f314ade5cd5 [ 239.502649][ T8042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 239.502668][ T8042] R13: 0000000000000000 R14: 00007f314a1b5fa0 R15: 00007fff8d0b34c8 [ 239.502710][ T8042] [ 241.801571][ T8074] can: request_module (can-proto-4) failed. [ 242.310602][ T8081] [ 242.313004][ T8081] ====================================================== [ 242.320076][ T8081] WARNING: possible circular locking dependency detected [ 242.327143][ T8081] 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 Tainted: G I [ 242.335688][ T8081] ------------------------------------------------------ [ 242.342751][ T8081] syz.2.441/8081 is trying to acquire lock: [ 242.349046][ T8081] ffffffff8e52f5c8 (pcpu_alloc_mutex){+.+.}-{4:4}, at: pcpu_alloc_noprof+0xb4c/0x1470 [ 242.358746][ T8081] [ 242.358746][ T8081] but task is already holding lock: [ 242.366202][ T8081] ffff888025d8a7c8 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 242.377506][ T8081] [ 242.377506][ T8081] which lock already depends on the new lock. [ 242.377506][ T8081] [ 242.387930][ T8081] [ 242.387930][ T8081] the existing dependency chain (in reverse order) is: [ 242.396960][ T8081] [ 242.396960][ T8081] -> #2 (&q->q_usage_counter(io)#18){++++}-{0:0}: [ 242.405624][ T8081] blk_alloc_queue+0x619/0x760 [ 242.410945][ T8081] blk_mq_alloc_queue+0x175/0x290 [ 242.416526][ T8081] __blk_mq_alloc_disk+0x29/0x120 [ 242.422107][ T8081] loop_add+0x49e/0xb70 [ 242.426811][ T8081] loop_init+0x164/0x270 [ 242.431612][ T8081] do_one_initcall+0x120/0x6e0 [ 242.436926][ T8081] kernel_init_freeable+0x5c2/0x900 [ 242.442682][ T8081] kernel_init+0x1c/0x2b0 [ 242.447558][ T8081] ret_from_fork+0x5d7/0x6f0 [ 242.452707][ T8081] ret_from_fork_asm+0x1a/0x30 [ 242.458022][ T8081] [ 242.458022][ T8081] -> #1 (fs_reclaim){+.+.}-{0:0}: [ 242.465267][ T8081] fs_reclaim_acquire+0x102/0x150 [ 242.470844][ T8081] prepare_alloc_pages+0x162/0x610 [ 242.476510][ T8081] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 242.483000][ T8081] __alloc_pages_noprof+0xb/0x1b0 [ 242.488587][ T8081] pcpu_populate_chunk+0x110/0xb00 [ 242.494256][ T8081] pcpu_alloc_noprof+0x86a/0x1470 [ 242.499837][ T8081] xt_percpu_counter_alloc+0x13e/0x1b0 [ 242.505898][ T8081] find_check_entry.constprop.0+0xbc/0x9b0 [ 242.512272][ T8081] translate_table+0xc98/0x1720 [ 242.517689][ T8081] ipt_register_table+0x102/0x430 [ 242.523278][ T8081] iptable_raw_table_init+0x63/0x90 [ 242.529083][ T8081] xt_find_table_lock+0x2e4/0x520 [ 242.534749][ T8081] xt_request_find_table_lock+0x28/0xf0 [ 242.540856][ T8081] get_info+0x190/0x610 [ 242.545586][ T8081] do_ipt_get_ctl+0x169/0xa10 [ 242.550993][ T8081] nf_getsockopt+0x79/0xe0 [ 242.555960][ T8081] ip_getsockopt+0x18c/0x1e0 [ 242.561106][ T8081] tcp_getsockopt+0xa1/0x100 [ 242.566240][ T8081] do_sock_getsockopt+0x3fc/0x800 [ 242.571901][ T8081] __sys_getsockopt+0x123/0x1b0 [ 242.577305][ T8081] __x64_sys_getsockopt+0xbd/0x160 [ 242.583052][ T8081] do_syscall_64+0xcd/0x490 [ 242.588099][ T8081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.594534][ T8081] [ 242.594534][ T8081] -> #0 (pcpu_alloc_mutex){+.+.}-{4:4}: [ 242.603913][ T8081] __lock_acquire+0x126f/0x1c90 [ 242.609505][ T8081] lock_acquire+0x179/0x350 [ 242.614566][ T8081] __mutex_lock+0x199/0xb90 [ 242.619614][ T8081] pcpu_alloc_noprof+0xb4c/0x1470 [ 242.625198][ T8081] blk_stat_alloc_callback+0xc8/0x280 [ 242.631130][ T8081] wbt_init+0xac/0x540 [ 242.635743][ T8081] queue_wb_lat_store+0x354/0x3d0 [ 242.641313][ T8081] queue_attr_store+0x279/0x320 [ 242.646876][ T8081] sysfs_kf_write+0xf2/0x150 [ 242.652105][ T8081] kernfs_fop_write_iter+0x351/0x510 [ 242.657938][ T8081] vfs_write+0x6c7/0x1150 [ 242.662821][ T8081] ksys_write+0x12a/0x250 [ 242.667702][ T8081] do_syscall_64+0xcd/0x490 [ 242.672746][ T8081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.679703][ T8081] [ 242.679703][ T8081] other info that might help us debug this: [ 242.679703][ T8081] [ 242.689941][ T8081] Chain exists of: [ 242.689941][ T8081] pcpu_alloc_mutex --> fs_reclaim --> &q->q_usage_counter(io)#18 [ 242.689941][ T8081] [ 242.703727][ T8081] Possible unsafe locking scenario: [ 242.703727][ T8081] [ 242.711209][ T8081] CPU0 CPU1 [ 242.716593][ T8081] ---- ---- [ 242.721975][ T8081] lock(&q->q_usage_counter(io)#18); [ 242.727387][ T8081] lock(fs_reclaim); [ 242.733913][ T8081] lock(&q->q_usage_counter(io)#18); [ 242.741837][ T8081] lock(pcpu_alloc_mutex); [ 242.746363][ T8081] [ 242.746363][ T8081] *** DEADLOCK *** [ 242.746363][ T8081] [ 242.754518][ T8081] 6 locks held by syz.2.441/8081: [ 242.759553][ T8081] #0: ffff88802a895278 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 242.768688][ T8081] #1: ffff88807cdfc428 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 242.777767][ T8081] #2: ffff88805a0e2888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x510 [ 242.787596][ T8081] #3: ffff8881427bc0f8 (kn->active#141){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2b2/0x510 [ 242.797769][ T8081] #4: ffff888025d8a7c8 (&q->q_usage_counter(io)#18){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 242.809593][ T8081] #5: ffff888025d8a800 (&q->q_usage_counter(queue)#22){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20 [ 242.821696][ T8081] [ 242.821696][ T8081] stack backtrace: [ 242.827624][ T8081] CPU: 0 UID: 0 PID: 8081 Comm: syz.2.441 Tainted: G I 6.15.0-syzkaller-13655-gbdc7f8c5adad #0 PREEMPT(full) [ 242.827667][ T8081] Tainted: [I]=FIRMWARE_WORKAROUND [ 242.827677][ T8081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 242.827697][ T8081] Call Trace: [ 242.827711][ T8081] [ 242.827725][ T8081] dump_stack_lvl+0x116/0x1f0 [ 242.827754][ T8081] print_circular_bug+0x275/0x350 [ 242.827791][ T8081] check_noncircular+0x14c/0x170 [ 242.827829][ T8081] __lock_acquire+0x126f/0x1c90 [ 242.827870][ T8081] lock_acquire+0x179/0x350 [ 242.827903][ T8081] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 242.827942][ T8081] ? __pfx___might_resched+0x10/0x10 [ 242.827970][ T8081] ? ksys_write+0x12a/0x250 [ 242.828009][ T8081] ? do_syscall_64+0xcd/0x490 [ 242.828033][ T8081] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.828062][ T8081] __mutex_lock+0x199/0xb90 [ 242.828087][ T8081] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 242.828126][ T8081] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 242.828165][ T8081] ? __pfx___mutex_lock+0x10/0x10 [ 242.828200][ T8081] ? pcpu_alloc_noprof+0xb4c/0x1470 [ 242.828243][ T8081] pcpu_alloc_noprof+0xb4c/0x1470 [ 242.828289][ T8081] ? __pfx_wbt_data_dir+0x10/0x10 [ 242.828330][ T8081] ? __pfx_wb_timer_fn+0x10/0x10 [ 242.828357][ T8081] blk_stat_alloc_callback+0xc8/0x280 [ 242.828385][ T8081] ? kasan_save_track+0x14/0x30 [ 242.828427][ T8081] wbt_init+0xac/0x540 [ 242.828459][ T8081] queue_wb_lat_store+0x354/0x3d0 [ 242.828485][ T8081] ? __pfx_queue_wb_lat_store+0x10/0x10 [ 242.828511][ T8081] ? __mutex_trylock_common+0xe9/0x250 [ 242.828548][ T8081] ? __pfx_queue_wb_lat_store+0x10/0x10 [ 242.828573][ T8081] queue_attr_store+0x279/0x320 [ 242.828598][ T8081] ? __pfx_queue_attr_store+0x10/0x10 [ 242.828621][ T8081] ? __lock_acquire+0x622/0x1c90 [ 242.828662][ T8081] ? find_held_lock+0x2b/0x80 [ 242.828687][ T8081] ? sysfs_file_kobj+0xe4/0x290 [ 242.828722][ T8081] ? __pfx_queue_attr_store+0x10/0x10 [ 242.828747][ T8081] sysfs_kf_write+0xf2/0x150 [ 242.828779][ T8081] kernfs_fop_write_iter+0x351/0x510 [ 242.828807][ T8081] ? __pfx_sysfs_kf_write+0x10/0x10 [ 242.828842][ T8081] vfs_write+0x6c7/0x1150 [ 242.828880][ T8081] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 242.828910][ T8081] ? __pfx___mutex_lock+0x10/0x10 [ 242.828935][ T8081] ? __pfx_vfs_write+0x10/0x10 [ 242.828992][ T8081] ksys_write+0x12a/0x250 [ 242.829030][ T8081] ? __pfx_ksys_write+0x10/0x10 [ 242.829074][ T8081] do_syscall_64+0xcd/0x490 [ 242.829100][ T8081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.829131][ T8081] RIP: 0033:0x7f3149f8e929 [ 242.829158][ T8081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.829184][ T8081] RSP: 002b:00007f314adc5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 242.829209][ T8081] RAX: ffffffffffffffda RBX: 00007f314a1b6080 RCX: 00007f3149f8e929 [ 242.829237][ T8081] RDX: 0000000000000009 RSI: 00002000000001c0 RDI: 0000000000000004 [ 242.829253][ T8081] RBP: 00007f314a010b39 R08: 0000000000000000 R09: 0000000000000000 [ 242.829269][ T8081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 242.829284][ T8081] R13: 0000000000000000 R14: 00007f314a1b6080 R15: 00007fff8d0b34c8 [ 242.829309][ T8081] [ 243.186978][ T8074] sp0: Synchronizing with TNC [ 244.440888][ T7043] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.599003][ T7043] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.687950][ T7043] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 244.848376][ T7043] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 245.073427][ T7043] bridge_slave_1: left allmulticast mode [ 245.080466][ T7043] bridge_slave_1: left promiscuous mode [ 245.095913][ T7043] bridge0: port 2(bridge_slave_1) entered disabled state [ 245.123039][ T7043] bridge_slave_0: left allmulticast mode [ 245.128756][ T7043] bridge_slave_0: left promiscuous mode [ 245.142598][ T7043] bridge0: port 1(bridge_slave_0) entered disabled state [ 245.389798][ T7043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 245.400411][ T7043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 245.410444][ T7043] bond0 (unregistering): Released all slaves [ 245.469419][ T7043] .SR: left promiscuous mode [ 245.676209][ T7043] hsr_slave_0: left promiscuous mode [ 245.682204][ T7043] hsr_slave_1: left promiscuous mode [ 245.703622][ T7043] veth1_macvtap: left allmulticast mode [ 245.709495][ T7043] veth1_macvtap: left promiscuous mode [ 245.732159][ T7043] veth0_macvtap: left promiscuous mode [ 245.737858][ T7043] veth1_vlan: left promiscuous mode [ 245.752462][ T7043] veth0_vlan: left promiscuous mode [ 245.999391][ T7043] team0 (unregistering): Port device team_slave_1 removed [ 246.025731][ T7043] team0 (unregistering): Port device team_slave_0 removed [ 246.418382][ T7043] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.468958][ T7043] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.510034][ T7043] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.600387][ T7043] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.734590][ T7043] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.763807][ T7043] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.837847][ T7043] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.878201][ T7043] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 246.981846][ T7043] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.028521][ T7043] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.090309][ T7043] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.171021][ T7043] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 247.308441][ T7043] bridge_slave_1: left allmulticast mode [ 247.321743][ T7043] bridge_slave_1: left promiscuous mode [ 247.328857][ T7043] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.338479][ T7043] bridge_slave_0: left allmulticast mode [ 247.344886][ T7043] bridge_slave_0: left promiscuous mode [ 247.350739][ T7043] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.361018][ T7043] bridge_slave_1: left allmulticast mode [ 247.367041][ T7043] bridge_slave_1: left promiscuous mode [ 247.373801][ T7043] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.384000][ T7043] bridge_slave_0: left allmulticast mode [ 247.389661][ T7043] bridge_slave_0: left promiscuous mode [ 247.395743][ T7043] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.404960][ T7043] bridge_slave_1: left allmulticast mode [ 247.410659][ T7043] bridge_slave_1: left promiscuous mode [ 247.416679][ T7043] bridge0: port 2(bridge_slave_1) entered disabled state [ 247.425921][ T7043] bridge_slave_0: left allmulticast mode [ 247.431609][ T7043] bridge_slave_0: left promiscuous mode [ 247.437676][ T7043] bridge0: port 1(bridge_slave_0) entered disabled state [ 247.577162][ T7043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 247.589068][ T7043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 247.599121][ T7043] bond0 (unregistering): Released all slaves [ 247.697711][ T7043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 247.708596][ T7043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 247.719862][ T7043] bond0 (unregistering): Released all slaves [ 247.788677][ T7043] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 247.799584][ T7043] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 247.809586][ T7043] bond0 (unregistering): Released all slaves [ 247.919186][ T7043] HfR: left promiscuous mode [ 247.974433][ T7043] tipc: Left network mode [ 248.306782][ T7043] hsr_slave_0: left promiscuous mode [ 248.317403][ T7043] hsr_slave_1: left promiscuous mode [ 248.324685][ T7043] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 248.334417][ T7043] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 248.342697][ T7043] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 248.350310][ T7043] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 248.361883][ T7043] hsr_slave_0: left promiscuous mode [ 248.369139][ T7043] hsr_slave_1: left promiscuous mode [ 248.375265][ T7043] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 248.384289][ T7043] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 248.395731][ T7043] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 248.404368][ T7043] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 248.416716][ T7043] hsr_slave_0: left promiscuous mode [ 248.422722][ T7043] hsr_slave_1: left promiscuous mode [ 248.428656][ T7043] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 248.436649][ T7043] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 248.444827][ T7043] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 248.454408][ T7043] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 248.476344][ T7043] veth1_macvtap: left promiscuous mode [ 248.481919][ T7043] veth0_macvtap: left promiscuous mode [ 248.489369][ T7043] veth1_vlan: left promiscuous mode [ 248.495902][ T7043] veth0_vlan: left promiscuous mode [ 248.505233][ T7043] veth1_macvtap: left promiscuous mode [ 248.510863][ T7043] veth0_macvtap: left promiscuous mode [ 248.517947][ T7043] veth1_vlan: left promiscuous mode [ 248.523325][ T7043] veth0_vlan: left promiscuous mode [ 248.529653][ T7043] veth1_macvtap: left promiscuous mode [ 248.536744][ T7043] veth0_macvtap: left promiscuous mode [ 248.542464][ T7043] veth1_vlan: left promiscuous mode [ 248.547805][ T7043] veth0_vlan: left promiscuous mode [ 248.836247][ T7043] team0 (unregistering): Port device team_slave_1 removed [ 248.852120][ T7043] team0 (unregistering): Port device team_slave_0 removed [ 249.063701][ T7043] team0 (unregistering): Port device team_slave_1 removed [ 249.089140][ T7043] team0 (unregistering): Port device team_slave_0 removed [ 249.270651][ T7043] team0 (unregistering): Port device team_slave_1 removed [ 249.294034][ T7043] team0 (unregistering): Port device team_slave_0 removed