last executing test programs: 10.794027676s ago: executing program 0 (id=407): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) semget$auto(0xb, 0xe, 0xe0000) r1 = getpgid(0x0) io_pgetevents$auto(0x8, 0xfffffffffffffffb, 0x3ff, 0x0, 0x0, &(0x7f0000000080)={0xfffffffffffffffc}) process_vm_writev$auto(r1, 0x0, 0x200000000017, &(0x7f0000000040)={&(0x7f0000000080), 0x1}, 0x7, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(0xffffffffffffffff, 0x4008af25, 0x0) mmap$auto(0x0, 0x9, 0x8000, 0xe238, 0x602, 0x5) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x62040, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00', @ANYRES32, @ANYRES32, @ANYRES32], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) recvmmsg$auto(r3, 0x0, 0x5, 0x66a6, 0x0) msync$auto(0x1ffff000, 0x1800000ff000000, 0x400000004) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_proc_page_owner_threshold_(0xffffffffffffff9c, &(0x7f0000000000), 0x109280, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 8.488081305s ago: executing program 1 (id=414): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0xf92c, 0x4000000000df, 0xeb1, 0x401, 0x2000000000004000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/nr0/flags\x00', 0xb02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r2, 0x0, 0x1f40) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) sysfs$auto(0xd4, 0x3, 0x9) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000240)={{&(0x7f0000000040), 0x0, &(0x7f0000000140)={&(0x7f00000000c0)="cc76de47a7ed0dbe28818b69549f15fd0e9d0063d78c1eb222df60e602f42986eae8932d1ce74e99e36a11ff5f2c2c696c94ab30a90e", 0x4}, 0x1ff, &(0x7f0000000180)="15f8a725d4e9a63cbbcd198745dbe225919fac0ad9b764ef658c6b279e789b2fdd361501f7b903265615db5072b7eab1867bc9367bf064bc79de38045552afa22246c229a68a612eeba865ac6e52f3b169f678750f9d49ef63b5ca03e0c99118b1ec36425e2fbd1d981823a48c1235395e0b1ee232a75bf82f2e624162444c933975dd3206d5ac95bbfa2f4662236f704b08715d8eebf7b8c1b358a8b6bfbef090fe9763d1f334288953d2b5afae4982d5b53f9b3013", 0x0, 0x3}, 0x700000}, 0x5, 0x80) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000010c0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETPOLICY(r4, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)={0x20, r5, 0x301, 0x70bd29, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_NAME={0xc, 0x2, 'nl80211\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810) connect$auto(0x3, 0x0, 0x54) syz_genetlink_get_family_id$auto_nl80211(0x0, r0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r6 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x20020, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r6, 0xc4c85512, &(0x7f00000004c0)={{@raw=0x5, 0xffffff7d, 0xa, 0x105, "50ddcc2d0a7b79ca0e62e667b5000000000000000000000000000000000100ffffffffffffffe700", @raw=0x3}, 0x1, @integer=@value_ptr=0x0, "bee8fd3b16a97731269aff7312ae1a01006266a3bde1f332e1078696becfd044280e7fb7719d4362b09d9f6cb070bad3af7185ae1e691c585914c0b11dd65468fb68dfc32254d8ed55c8d806a2ef4bba7bc65cd90676ce6dec79ff2f44034ad55049ff128dd27f04ac14d8dbaffacc77596ca0dffa00"}) 7.579930328s ago: executing program 3 (id=415): openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000006900)='/sys/kernel/config/target/dbroot\x00', 0x0, 0x0) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) move_pages$auto(0x1, 0x400000000f54, 0x0, 0x0, 0x0, 0x100) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/v4l-subdev2\x00', 0x80000, 0x0) ioctl$auto(0x3, 0xc0585605, 0x38) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptywf\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x9) unshare$auto(0x40000080) fadvise64$auto(r0, 0x0, 0xffffffff80000001, 0x8) close_range$auto(0x2, 0x8, 0x0) msgget$auto(0x0, 0x5) write$auto(0x3, 0x0, 0x1) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) msgctl$auto(0x0, 0x0, 0x0) 7.556640125s ago: executing program 0 (id=423): socket(0x1b, 0x3, 0x1) madvise$auto(0x0, 0x2000040080000004, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000800084c01fbf50300932f473a42efe92d9570e80ea5de46f60fe532ff3f5bb746e9b6bdd25e7975346a71d840a59da2989e6ea0a883fc5e8894e043cea629f391d2a91da834b160a40b18fb8f01d87c8a944306b5e395b076e5106b031dbd5e61e78d63aeb2fb42905bffab583ccd8610196b28e8da7a11e7aea5efe1887a97d20253204370d578d36b1edaf47bc4ce23cc262fff2341b03844f301a7a222fa5b880e82a0caf2cbb7a4dfb6e1e91009346458f07c528682eb3cc5fba86b995491f1687e4b0ed15618728fe36a9966b3738a901c5ea8dd0f742081b30a", @ANYRES32=r4, @ANYBLOB="0500300008000000"], 0x24}, 0x1, 0x0, 0x0, 0x4004000}, 0x140000e4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0xf728, 0x8000000000000, 0xfffffffffffffffe, 0x11, r6, 0x1) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0xd551) 7.39592641s ago: executing program 1 (id=417): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x3, 0xc46c, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/vxcan1/forwarding\x00', 0x82002, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/virt_wifi0/ra_defrtr_metric\x00', 0x0, 0x0) sendfile$auto(r3, r4, 0x0, 0x1) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto_ecryptfs_miscdev_fops_miscdev(r6, &(0x7f0000000180)="26ef51514d2fd584cb9b1efeac43064a227743f894849c79d0911c2b49f6c703d6fcb1feb1c4f224838a0eb4d47745502dc6dafb7ea8d402ba2617b018bcb6b2f508aa23c4c467b486911918c8a6f0de9265c110b77bae583f7cc1", 0x5b) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r2, 0x300, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) setsockopt$auto(0xffffffffffffffff, 0x107, 0x5, 0x0, 0xce24) connect$auto(0x3, 0x0, 0x55) 6.677642255s ago: executing program 3 (id=418): r0 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) ioctl$auto_IOCTL_VM_SOCKETS_GET_LOCAL_CID(r0, 0x7b9, 0x700000000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(0xffffffffffffffff, 0xc1004111, 0x0) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0040, 0x0) pread64$auto(r1, 0x0, 0x7ff, 0x400) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xf, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xfffffffffffffffd, 0x2d, 0x400000000000948b, 0x3, 0x15f4da0a, 0x5, 0x3, 0x7, 0x3c, 0x100000000, 0x1, 0x9, 0x1, 0x8]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) read$auto_regulator_summary_fops_(0xffffffffffffffff, &(0x7f0000000400)=""/17, 0x11) gettimeofday$auto(&(0x7f0000000280)={0xd7db, 0x7}, &(0x7f0000000380)={0x9ed, 0xc}) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) utimes$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000240)={0xfffffffffffffff7, 0x4}) listen$auto(r4, 0x6) setresgid$auto(0xffffffffffffffff, 0x0, 0x7fffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyx3\x00', 0x42880, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x40, 0x0, 0x300, 0x70bd26, 0x25dfdbfb, {}, [@HSR_A_IFINDEX={0x8}, @HSR_A_IF2_AGE={0x8, 0x4, 0xcb6c}, @HSR_A_IF2_AGE={0x8, 0x4, 0xa}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IF1_SEQ={0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x40800) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r5, 0x0, 0x1ff) write$auto(0x3, 0x0, 0x7) 6.327580479s ago: executing program 2 (id=419): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/apparmor/parameters/path_max\x00', 0x80000, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0) sigaltstack$auto(0x0, &(0x7f00000003c0)={&(0x7f0000000180)="69cc8d0de6b41511259c289f8eba5cd9efe7b46018e5bfce1b542499858929869392667f4a67831f37b948cef0c793b831f0", 0x9, 0x8}) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x5}, 0x8) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs\x00\x00', 0x200, &(0x7f00000001c0)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x1a, 0x1, 0x5) socket(0x2, 0x1, 0x0) r1 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(r1, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) syz_genetlink_get_family_id$auto_nfc(0x0, r1) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), r1) close_range$auto(0x2, 0x8, 0x0) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 6.108103745s ago: executing program 1 (id=420): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x80001, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001080)='/proc/thread-self/net/rxrpc/locals\x00', 0x40080, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/modalias\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000001c00)=""/4111, 0x100f) mmap$auto(0x0, 0x2020009, 0x20000000000003, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x23, 0x0) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r2, 0x0, 0x4) sysfs$auto(0x2, 0x16, 0x0) r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000001040), 0x880, 0x0) close_range$auto(0xffffffffffffffff, r3, 0x80000001) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) 5.298486894s ago: executing program 2 (id=421): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0xfffffffffffffffd, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010025bd7000ffdbdf25040000"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x24004840) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) close_range$auto(r0, 0xfffffffffffff001, 0x6) socket(0x11, 0x80003, 0x300) r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) open_by_handle_at$auto(r3, &(0x7f0000000000)={0x8, 0x2, 'u\x00\x00\x00\x00\x00\x00\x00'}, 0x2) read$auto(0xffffffffffffffff, 0x0, 0x20) recvmsg$auto(r2, &(0x7f00000005c0)={0x0, 0x8, &(0x7f00000004c0)={&(0x7f00000003c0)="444debcb5d4827b41b873d646e2663fb2d4aa24da78f4b3472bd8daf8c57304fe5302fe1869cfca458a5a39bd4006710640f6032088c509f0c082c1b04896afe04d524b8b80ce2949dae1a1d2bec705c343bc92a41212ae3ed0a036e67d0c6d7b35e6cb8956ef9b289a7e42615af9f0470dc70d3deea952a1d85a1a845530a190757f55d6e53993d1e8f22b49f44b8a5b9b989d8ed44e1a1f0002bb9f9c8813bee34cfb9b329b8b45794054ee04fdb17a945013b532f53854704c99cc8f02c1582b9c91704e2ed3d57e019cf620547", 0x3}, 0xd3, &(0x7f0000000500)="6bfee52cc6d76e1c2f8b714f9ce8de29c2b8c6a36fd1081b8f6753c4db3a957fc9f3c8ce5a1f6aae5db64bc4b8383dea96682820b78f0fdf870dba5430e851305d4713df7f1124096ace834632a497cc07ffb3b6254aa69082434244066c46fe36fd6a587c8d1a8b40662762a5e48ddb2c86fa27c693a26df7fa2dd4f5762a1616bbbc094ba84c2f033b83814b8572c7bb08c224a9b33f1ac650d8c51cff0960141e613531d3f03e45860d2c2f7110f12d60c0b21f6a1556472a2f918584", 0xc, 0xffffffff}, 0xfffffff7) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x41000, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) poll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0xfff7, 0x9816}, 0x7f, 0x9) 5.266245151s ago: executing program 3 (id=422): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x400008000) socket(0x2, 0x2, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000c40)='gthtool\x00', 0x5) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0xc, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x4003) socket(0x15, 0x2, 0x3a) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000340)="0800b8e7c69c10e0c15742274204589e770aa7bd9d154e2363b0a92cdbd7e1885256c7756ed772fccd69cc41139b9f49703273217b1e2a030229337f3a304580cdede355c5ece4a729acee9debbc3a43646fa0fad699a1d078e159824acc83f03942968a879c334f1c7d2614a17b53f2b83d8b019f910d0f126e640828b27bdf06a634f84df5eb051358cc117b776f471c8587d3c228884700f14079691331c943ca3e26f07a9fe6d939b52bdae2cc6a93d220ae17abf9c131c5", 0x3}, 0x7) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x9, 0x21005, 0x1fe, 0xeb1, 0x8000000000000024, 0x48000) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) poll$auto(0x0, 0x1, 0x2) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x2000009) 5.038627088s ago: executing program 0 (id=424): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x3, 0xc46c, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/vxcan1/forwarding\x00', 0x82002, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/virt_wifi0/ra_defrtr_metric\x00', 0x0, 0x0) sendfile$auto(r3, r4, 0x0, 0x1) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto_ecryptfs_miscdev_fops_miscdev(r6, &(0x7f0000000180)="26ef51514d2fd584cb9b1efeac43064a227743f894849c79d0911c2b49f6c703d6fcb1feb1c4f224838a0eb4d47745502dc6dafb7ea8d402ba2617b018bcb6b2f508aa23c4c467b486911918c8a6f0de9265c110b77bae583f7cc1", 0x5b) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r2, 0x300, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) setsockopt$auto(0xffffffffffffffff, 0x107, 0x5, 0x0, 0xce24) connect$auto(0x3, 0x0, 0x55) 4.320344209s ago: executing program 3 (id=425): socket(0x11, 0x80003, 0x300) openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x20800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181842, 0x0) unshare$auto(0x40000080) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x20c8c2, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x44, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) mmap$auto(0x0, 0x9, 0x24de, 0x16, 0x401, 0xd5be) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev6\x00', 0x2381, 0x0) ioctl$auto(0x3, 0xc0585605, 0x38) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/\x98@dio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r1 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) sendto$auto(0x3, 0x0, 0x2000f, 0x101, 0x0, 0x1c) shmctl$auto(0x0, 0xd, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0) 3.878646018s ago: executing program 0 (id=426): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80800, 0x0) bpf$auto(0x2, &(0x7f0000000380)=@token_create={0x5315, r2}, 0x1) read$auto(0x3, 0x0, 0x80) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/rpc/use-gss-proxy\x00', 0x48041, 0x0) write$auto(r3, 0x0, 0x6) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_XFS_IOC_FSBULKSTAT(r1, 0xc0205865, &(0x7f00000002c0)={0x0, 0x10001, 0x0, &(0x7f0000000280)=0x2}) r4 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r4, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) 3.186190588s ago: executing program 2 (id=427): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) socket(0x10, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x1eb343, 0x100) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, 0x0, 0xfffffe36) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000000040)=""/9, 0x9) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000140)={"2252f65ca1b92f72a92538725b0694521629e8c3e6ba91c62e2e9d42cf4aef15", 0x4, 0x3, 0x8004, 0x6, 0xff}) ioctl$auto_EVIOCGEFFECTS(r0, 0x80044584, 0x0) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x7fff, 0xad3, 0x0, 0x0, 0x8000004) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0) sendfile$auto(r5, r5, 0x0, 0x7) 2.217748082s ago: executing program 3 (id=428): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/netdevsim2/hop_limit\x00', 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/sockstat\x00', 0xc0880, 0x0) read$auto(r4, &(0x7f0000000040)='/proc/self/net/icmp\x00', 0x80000001) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) prctl$auto(0x43, 0x0, 0xffffffffffffffff, 0x0, 0x0) getsockopt$auto_SO_PEERPIDFD(0xffffffffffffffff, 0x1, 0x4d, &(0x7f0000000180)='\x00\x10\\.\x87\xf8Bw\x9bJx\amt\n\xfe\x9c', &(0x7f0000000040)=0xf7) setgroups$auto(0xe32, 0x0) futex$auto(0x0, 0x5, 0x9, 0x0, 0x0, 0xffff7fff) 2.21687789s ago: executing program 1 (id=436): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x400008000) socket(0x2, 0x2, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000c40)='gthtool\x00', 0x5) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0xc, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x4003) socket(0x15, 0x2, 0x3a) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000340)="0800b8e7c69c10e0c15742274204589e770aa7bd9d154e2363b0a92cdbd7e1885256c7756ed772fccd69cc41139b9f49703273217b1e2a030229337f3a304580cdede355c5ece4a729acee9debbc3a43646fa0fad699a1d078e159824acc83f03942968a879c334f1c7d2614a17b53f2b83d8b019f910d0f126e640828b27bdf06a634f84df5eb051358cc117b776f471c8587d3c228884700f14079691331c943ca3e26f07a9fe6d939b52bdae2cc6a93d220ae17abf9c131c5", 0x3}, 0x7) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x9, 0x21005, 0x1fe, 0xeb1, 0x8000000000000024, 0x48000) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) poll$auto(0x0, 0x1, 0x2) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003140), 0xffffffffffffffff) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x2000009) 1.789781326s ago: executing program 0 (id=429): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r1 = socketcall$auto(0x8000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) bpf$auto(0x14, &(0x7f0000000240)=@raw_tracepoint={0x1, 0xffffffffffffffff, 0x0, 0x1005}, 0x4) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0xae80, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000100)='\x00\x00\x00\x00\x00\x00\x00x \xec(\x1d\x98\xe9\xc4\xe8\xfc@6=\xab\xf4\x89\x01\x93\xdc\x19\xffv\'\xa1\xd5\x14\x06S\xae\xadB}\xdf]\x99\xc9\x9f4\xbb\xc5\x81\x9d\x8ak\xdeB\xcbd\xd3\x05\xe4P\x84\xcb\xb8#\x13\nYU\'\x95R\xc8\x9d\xb7*\xe0.\xd2\xdf\x1b\x88D\x8c{k\xcec\xe1\xa2j\xec\xc9\xd2\x98\x94I\x102h\x06\x8c\xa2\xc8\x8a7\xb7t', 0x7ef) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) clock_gettime$auto(0x7, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82040, 0x0) socket(0xa, 0x1, 0x100) r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r3, 0x0, 0x7ff, 0x400) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETIPTR(r1, 0x800c5011, &(0x7f0000000040)="bd8c50474ff2537ac861c2e96f76f4883210e4b3b634eac636685523b360c9674d3fda1a592941c79e69bda1f88da83366") select$auto(0x12, 0x0, 0x0, &(0x7f0000000240)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948f, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1]}, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) 1.78849594s ago: executing program 2 (id=430): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/apparmor/parameters/path_max\x00', 0x80000, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0) sigaltstack$auto(0x0, &(0x7f00000003c0)={&(0x7f0000000180)="69cc8d0de6b41511259c289f8eba5cd9efe7b46018e5bfce1b542499858929869392667f4a67831f37b948cef0c793b831f0", 0x9, 0x8}) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x5}, 0x8) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs\x00\x00', 0x200, &(0x7f00000001c0)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x1a, 0x1, 0x5) socket(0x2, 0x1, 0x0) r1 = socket(0x2, 0x1, 0x106) connect$auto(r1, &(0x7f00000001c0)=@in={0x2, 0x3}, 0x55) setsockopt$auto(r1, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) syz_genetlink_get_family_id$auto_nfc(0x0, r1) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), r1) close_range$auto(0x2, 0x8, 0x0) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 1.263527042s ago: executing program 1 (id=431): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/apparmor/parameters/path_max\x00', 0x80000, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0) sigaltstack$auto(0x0, &(0x7f00000003c0)={&(0x7f0000000180)="69cc8d0de6b41511259c289f8eba5cd9efe7b46018e5bfce1b542499858929869392667f4a67831f37b948cef0c793b831f0", 0x9, 0x8}) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x5}, 0x8) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs\x00\x00', 0x200, &(0x7f00000001c0)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x1a, 0x1, 0x5) socket(0x2, 0x1, 0x0) r1 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(r1, 0x6, 0xd, &(0x7f0000000280)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00', 0x4) syz_genetlink_get_family_id$auto_nfc(0x0, r1) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), r1) close_range$auto(0x2, 0x8, 0x0) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 997.148914ms ago: executing program 3 (id=432): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x147602, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, 0x0, 0x4000080) sendmmsg$auto(0x3, 0x0, 0x3, 0x894) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x302, 0x0) timer_create$auto(0xfffffffa, &(0x7f0000000100)={@sival_ptr=0x0, @inferred, 0x1, @_tid=0xffffffffffffffff}, &(0x7f0000000140)=0x6) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xb) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) socket(0xa, 0x5, 0x84) madvise$auto(0x0, 0x200007, 0x19) inotify_rm_watch$auto(0xffffffffffffffff, 0x3) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/compaction_proactiveness\x00', 0xc0781, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) socket(0x10, 0x2, 0x4) r2 = socket(0x11, 0x80003, 0x300) ustat$auto(0x801, 0x0) setsockopt$auto(r2, 0x107, 0xc, 0x0, 0x6) vmsplice$auto(0x1, 0x0, 0xa, 0x6) 710.324813ms ago: executing program 2 (id=433): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) mmap$auto(0x2, 0x400007, 0xe895, 0x16, r0, 0x401) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000300), 0x80, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x3, 0xc46c, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/vxcan1/forwarding\x00', 0x82002, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/virt_wifi0/ra_defrtr_metric\x00', 0x0, 0x0) sendfile$auto(r3, r4, 0x0, 0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r5 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto_ecryptfs_miscdev_fops_miscdev(r5, &(0x7f0000000180)="26ef51514d2fd584cb9b1efeac43064a227743f894849c79d0911c2b49f6c703d6fcb1feb1c4f224838a0eb4d47745502dc6dafb7ea8d402ba2617b018bcb6b2f508aa23c4c467b486911918c8a6f0de9265c110b77bae583f7cc1", 0x5b) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, r2, 0x300, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) setsockopt$auto(0xffffffffffffffff, 0x107, 0x5, 0x0, 0xce24) connect$auto(0x3, 0x0, 0x55) 342.013651ms ago: executing program 0 (id=434): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/apparmor/parameters/path_max\x00', 0x80000, 0x0) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0) sigaltstack$auto(0x0, &(0x7f00000003c0)={&(0x7f0000000180)="69cc8d0de6b41511259c289f8eba5cd9efe7b46018e5bfce1b542499858929869392667f4a67831f37b948cef0c793b831f0", 0x9, 0x8}) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) ppoll$auto(0x0, 0x7f, 0x0, &(0x7f00000001c0)={0x5}, 0x8) mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='nfs\x00\x00', 0x200, &(0x7f00000001c0)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) socket(0x1a, 0x1, 0x5) socket(0x2, 0x1, 0x0) r1 = socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(r1, &(0x7f00000001c0)=@in={0x2, 0x3}, 0x55) syz_genetlink_get_family_id$auto_nfc(0x0, r1) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), r1) close_range$auto(0x2, 0x8, 0x0) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 217.080736ms ago: executing program 1 (id=435): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x2000000008000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0xfc) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}, 0x3}, 0x55) lsm_list_modules$auto(0x0, 0x0, 0x0) write$auto(0x3, 0x0, 0xe9) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x1438bf, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xffffffffffff0001, 0x14) connect$auto(0xffffffffffffffff, 0x0, 0x54) ioctl$auto(0x3, 0x80000541b, 0x38) connect$auto(0x3, 0x0, 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000081) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) 0s ago: executing program 2 (id=437): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x400008000) socket(0x2, 0x2, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000c40)='gthtool\x00', 0x5) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0xc, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2c, 0x1, 0x4003) socket(0x15, 0x2, 0x3a) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000340)="0800b8e7c69c10e0c15742274204589e770aa7bd9d154e2363b0a92cdbd7e1885256c7756ed772fccd69cc41139b9f49703273217b1e2a030229337f3a304580cdede355c5ece4a729acee9debbc3a43646fa0fad699a1d078e159824acc83f03942968a879c334f1c7d2614a17b53f2b83d8b019f910d0f126e640828b27bdf06a634f84df5eb051358cc117b776f471c8587d3c228884700f14079691331c943ca3e26f07a9fe6d939b52bdae2cc6a93d220ae17abf9c131c5", 0x3}, 0x7) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x9, 0x21005, 0x1fe, 0xeb1, 0x8000000000000024, 0x48000) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) poll$auto(0x0, 0x1, 0x2) pipe$auto(&(0x7f0000000080)) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x2000009) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.197' (ED25519) to the list of known hosts. [ 82.484851][ T5854] cgroup: Unknown subsys name 'net' [ 82.598089][ T5854] cgroup: Unknown subsys name 'cpuset' [ 82.606944][ T5854] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 84.060555][ T5854] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 86.905438][ T5876] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 86.913835][ T5876] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 86.921622][ T5876] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 86.930052][ T5876] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 86.934237][ T5877] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 86.937910][ T5876] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 86.953803][ T5876] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 86.962008][ T5877] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 86.963593][ T5187] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 86.978072][ T5877] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 86.978083][ T5187] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.993183][ T5877] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 87.000540][ T5877] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 87.009362][ T5877] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 87.017138][ T5187] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 87.017288][ T5877] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.034153][ T5875] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 87.042883][ T5876] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 87.061734][ T5875] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 87.069575][ T5875] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 87.671225][ T5865] chnl_net:caif_netlink_parms(): no params data found [ 87.801932][ T5867] chnl_net:caif_netlink_parms(): no params data found [ 87.892711][ T5864] chnl_net:caif_netlink_parms(): no params data found [ 87.982715][ T5865] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.990897][ T5865] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.998415][ T5865] bridge_slave_0: entered allmulticast mode [ 88.006058][ T5865] bridge_slave_0: entered promiscuous mode [ 88.015746][ T5865] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.022890][ T5865] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.031149][ T5865] bridge_slave_1: entered allmulticast mode [ 88.038899][ T5865] bridge_slave_1: entered promiscuous mode [ 88.046409][ T5866] chnl_net:caif_netlink_parms(): no params data found [ 88.139098][ T5865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.159574][ T5867] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.168417][ T5867] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.175975][ T5867] bridge_slave_0: entered allmulticast mode [ 88.182894][ T5867] bridge_slave_0: entered promiscuous mode [ 88.191594][ T5867] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.198790][ T5867] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.206017][ T5867] bridge_slave_1: entered allmulticast mode [ 88.213205][ T5867] bridge_slave_1: entered promiscuous mode [ 88.232996][ T5865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.301290][ T5864] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.308977][ T5864] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.316658][ T5864] bridge_slave_0: entered allmulticast mode [ 88.324599][ T5864] bridge_slave_0: entered promiscuous mode [ 88.348370][ T5865] team0: Port device team_slave_0 added [ 88.354761][ T5864] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.361906][ T5864] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.370240][ T5864] bridge_slave_1: entered allmulticast mode [ 88.377288][ T5864] bridge_slave_1: entered promiscuous mode [ 88.396849][ T5867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.409726][ T5867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.426078][ T5865] team0: Port device team_slave_1 added [ 88.504409][ T5864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.515807][ T5867] team0: Port device team_slave_0 added [ 88.524496][ T5864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.547959][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.555019][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.581178][ T5865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.611039][ T5867] team0: Port device team_slave_1 added [ 88.618752][ T5866] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.625960][ T5866] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.633706][ T5866] bridge_slave_0: entered allmulticast mode [ 88.640741][ T5866] bridge_slave_0: entered promiscuous mode [ 88.648389][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.655782][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.682000][ T5865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.724818][ T5866] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.731976][ T5866] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.739636][ T5866] bridge_slave_1: entered allmulticast mode [ 88.748631][ T5866] bridge_slave_1: entered promiscuous mode [ 88.765064][ T5864] team0: Port device team_slave_0 added [ 88.783015][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.790043][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.816124][ T5867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.857444][ T5864] team0: Port device team_slave_1 added [ 88.878233][ T5867] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.885670][ T5867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 88.912598][ T5867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.933765][ T5866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.967318][ T5866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.995216][ T5865] hsr_slave_0: entered promiscuous mode [ 89.001806][ T5865] hsr_slave_1: entered promiscuous mode [ 89.009115][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.016908][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.042904][ T5864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.055982][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.062956][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.088956][ T5864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.124205][ T5868] Bluetooth: hci0: command tx timeout [ 89.124209][ T51] Bluetooth: hci1: command tx timeout [ 89.124484][ T5868] Bluetooth: hci3: command tx timeout [ 89.130059][ T5875] Bluetooth: hci2: command tx timeout [ 89.156960][ T5867] hsr_slave_0: entered promiscuous mode [ 89.164244][ T5867] hsr_slave_1: entered promiscuous mode [ 89.170262][ T5867] debugfs: 'hsr0' already exists in 'hsr' [ 89.176322][ T5867] Cannot create hsr debugfs directory [ 89.202102][ T5866] team0: Port device team_slave_0 added [ 89.223336][ T5866] team0: Port device team_slave_1 added [ 89.312284][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 89.319478][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.345995][ T5866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 89.374608][ T5864] hsr_slave_0: entered promiscuous mode [ 89.380876][ T5864] hsr_slave_1: entered promiscuous mode [ 89.387148][ T5864] debugfs: 'hsr0' already exists in 'hsr' [ 89.393158][ T5864] Cannot create hsr debugfs directory [ 89.412389][ T5866] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 89.420292][ T5866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 89.446570][ T5866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 89.621592][ T5866] hsr_slave_0: entered promiscuous mode [ 89.628336][ T5866] hsr_slave_1: entered promiscuous mode [ 89.634642][ T5866] debugfs: 'hsr0' already exists in 'hsr' [ 89.640365][ T5866] Cannot create hsr debugfs directory [ 89.883911][ T5865] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 89.898289][ T5865] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 89.929472][ T5865] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 89.956605][ T5865] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.015723][ T5867] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.039482][ T5867] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.059880][ T5867] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.080708][ T5867] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.131412][ T5864] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.167227][ T5864] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.179076][ T5864] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.211762][ T5864] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.281740][ T5866] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.293020][ T5866] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.320480][ T5866] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.338737][ T5866] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.421621][ T5865] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.481827][ T5867] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.497378][ T5865] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.518171][ T3037] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.525629][ T3037] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.558823][ T3037] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.565945][ T3037] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.588696][ T5867] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.644718][ T3037] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.651815][ T3037] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.677840][ T5864] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.693993][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.706264][ T3037] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.713434][ T3037] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.768177][ T5864] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.817229][ T5866] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.832046][ T3020] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.839253][ T3020] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.852882][ T3020] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.860206][ T3020] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.889385][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.896597][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.940385][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.947600][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.091631][ T5864] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 91.160156][ T5865] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.209138][ T5875] Bluetooth: hci2: command tx timeout [ 91.209155][ T5868] Bluetooth: hci1: command tx timeout [ 91.217602][ T5875] Bluetooth: hci0: command tx timeout [ 91.223401][ T5876] Bluetooth: hci3: command tx timeout [ 91.351340][ T5865] veth0_vlan: entered promiscuous mode [ 91.386605][ T5865] veth1_vlan: entered promiscuous mode [ 91.521158][ T5865] veth0_macvtap: entered promiscuous mode [ 91.567986][ T5867] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.578920][ T5865] veth1_macvtap: entered promiscuous mode [ 91.599659][ T5864] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.643895][ T5866] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.668272][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.695244][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.752559][ T5867] veth0_vlan: entered promiscuous mode [ 91.761421][ T3037] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.772197][ T3037] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.804484][ T3037] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.817482][ T3037] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.847594][ T5867] veth1_vlan: entered promiscuous mode [ 91.874215][ T5864] veth0_vlan: entered promiscuous mode [ 91.896295][ T5866] veth0_vlan: entered promiscuous mode [ 91.927047][ T5864] veth1_vlan: entered promiscuous mode [ 91.981990][ T5867] veth0_macvtap: entered promiscuous mode [ 91.988498][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.994681][ T5867] veth1_macvtap: entered promiscuous mode [ 92.008311][ T916] cfg80211: failed to load regulatory.db [ 92.010830][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.014989][ T5866] veth1_vlan: entered promiscuous mode [ 92.078207][ T5864] veth0_macvtap: entered promiscuous mode [ 92.106980][ T5864] veth1_macvtap: entered promiscuous mode [ 92.120701][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.139529][ T1326] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.147930][ T5867] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.156120][ T1326] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.171238][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.202830][ T3020] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.219688][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.239620][ T3020] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.249971][ T3020] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.267807][ T3020] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.276027][ T5865] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 92.320312][ T1326] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.336500][ T1326] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.372629][ T1326] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.382468][ T1326] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.408751][ T5866] veth0_macvtap: entered promiscuous mode [ 92.431833][ T5866] veth1_macvtap: entered promiscuous mode [ 92.485436][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.532287][ T5866] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.576966][ T3020] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.605427][ T3020] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.621111][ T3020] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.642798][ T3020] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.686441][ T3020] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.704695][ T1326] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.704913][ T3020] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.712555][ T1326] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.792559][ T5963] random: crng reseeded on system resumption [ 92.956999][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.971583][ T3020] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.975236][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.988553][ T3020] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.085060][ T1326] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.143129][ T1326] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.274347][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.284636][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.286002][ T5868] Bluetooth: hci1: command tx timeout [ 93.294831][ T5876] Bluetooth: hci3: command tx timeout [ 93.299310][ T5868] Bluetooth: hci0: command tx timeout [ 93.309834][ T5868] Bluetooth: hci2: command tx timeout [ 93.725708][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.929679][ T5970] random: crng reseeded on system resumption [ 94.116625][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 94.781857][ T5997] nbd: must specify a device to reconfigure [ 94.826727][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.833458][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 94.914351][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.923108][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.974893][ T6002] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 95.046758][ T6001] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 95.183655][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.191981][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.213881][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.303796][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.365127][ T5868] Bluetooth: hci2: command tx timeout [ 95.365135][ T5876] Bluetooth: hci3: command tx timeout [ 95.365172][ T5876] Bluetooth: hci0: command tx timeout [ 95.370551][ T5868] Bluetooth: hci1: command tx timeout [ 95.661612][ T6004] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 97.470442][ T6035] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 98.540230][ T6058] Zero length message leads to an empty skb [ 98.902080][ T6066] Invalid ELF header magic: != ELF [ 99.304505][ T6072] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 101.303682][ T6102] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 107.145555][ T6213] syz.0.40 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 107.358342][ T6215] random: crng reseeded on system resumption [ 109.621858][ T6244] Invalid ELF header magic: != ELF [ 111.154280][ T6258] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 111.968616][ T6260] syz.2.52 uses obsolete (PF_INET,SOCK_PACKET) [ 112.649393][ T6276] : Can't lookup blockdev [ 113.750854][ T6288] sctp: failed to load transform for md5: -2 [ 116.066746][ T6326] netlink: 12 bytes leftover after parsing attributes in process `syz.2.61'. [ 116.959962][ T30] audit: type=1800 audit(4294967312.170:2): pid=6326 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.61" name="dbroot" dev="configfs" ino=10286 res=0 errno=0 [ 125.744208][ T6473] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 126.369365][ T6474] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 128.343477][ T6499] FAULT_INJECTION: forcing a failure. [ 128.343477][ T6499] name failslab, interval 1, probability 0, space 0, times 0 [ 128.363481][ T6499] CPU: 1 UID: 0 PID: 6499 Comm: syz.1.96 Not tainted syzkaller #0 PREEMPT(full) [ 128.363502][ T6499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 128.363513][ T6499] Call Trace: [ 128.363521][ T6499] [ 128.363527][ T6499] dump_stack_lvl+0x16c/0x1f0 [ 128.363555][ T6499] should_fail_ex+0x512/0x640 [ 128.363578][ T6499] ? fs_reclaim_acquire+0xae/0x150 [ 128.363608][ T6499] ? tomoyo_open_control+0x51f/0xa30 [ 128.363621][ T6499] should_failslab+0xc2/0x120 [ 128.363640][ T6499] __kmalloc_noprof+0xd2/0x510 [ 128.363662][ T6499] tomoyo_open_control+0x51f/0xa30 [ 128.363678][ T6499] do_dentry_open+0x982/0x1530 [ 128.363696][ T6499] ? __pfx_tomoyo_open+0x10/0x10 [ 128.363719][ T6499] vfs_open+0x82/0x3f0 [ 128.363741][ T6499] path_openat+0x1de4/0x2cb0 [ 128.363764][ T6499] ? __pfx_path_openat+0x10/0x10 [ 128.363785][ T6499] do_filp_open+0x20b/0x470 [ 128.363801][ T6499] ? __pfx_do_filp_open+0x10/0x10 [ 128.363831][ T6499] ? alloc_fd+0x471/0x7d0 [ 128.363850][ T6499] do_sys_openat2+0x11b/0x1d0 [ 128.363871][ T6499] ? __pfx_do_sys_openat2+0x10/0x10 [ 128.363899][ T6499] __x64_sys_openat+0x174/0x210 [ 128.363911][ T6499] ? __pfx___x64_sys_openat+0x10/0x10 [ 128.363930][ T6499] do_syscall_64+0xcd/0x4c0 [ 128.363953][ T6499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.363967][ T6499] RIP: 0033:0x7fb206b8eba9 [ 128.363982][ T6499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.363999][ T6499] RSP: 002b:00007fb207a3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 128.364015][ T6499] RAX: ffffffffffffffda RBX: 00007fb206dd5fa0 RCX: 00007fb206b8eba9 [ 128.364025][ T6499] RDX: 00000000000c0802 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 128.364034][ T6499] RBP: 00007fb206c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 128.364043][ T6499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.364051][ T6499] R13: 00007fb206dd6038 R14: 00007fb206dd5fa0 R15: 00007ffd34b4e8b8 [ 128.364070][ T6499] [ 129.795699][ T6515] netlink: 12 bytes leftover after parsing attributes in process `syz.1.97'. [ 130.514428][ T30] audit: type=1800 audit(4294967325.700:3): pid=6518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.97" name="dbroot" dev="configfs" ino=10753 res=0 errno=0 [ 131.695532][ T6541] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 132.187121][ T6532] hugetlbfs: syz.3.101 (6532): Using mlock ulimits for SHM_HUGETLB is obsolete [ 132.251036][ T6544] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 132.971022][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.981555][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.609958][ T6573] FAULT_INJECTION: forcing a failure. [ 133.609958][ T6573] name failslab, interval 1, probability 0, space 0, times 0 [ 133.623038][ T6573] CPU: 1 UID: 0 PID: 6573 Comm: syz.2.106 Not tainted syzkaller #0 PREEMPT(full) [ 133.623074][ T6573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 133.623089][ T6573] Call Trace: [ 133.623098][ T6573] [ 133.623107][ T6573] dump_stack_lvl+0x16c/0x1f0 [ 133.623159][ T6573] should_fail_ex+0x512/0x640 [ 133.623202][ T6573] ? memcg_list_lru_alloc+0x4e9/0x740 [ 133.623237][ T6573] should_failslab+0xc2/0x120 [ 133.623271][ T6573] __kmalloc_noprof+0xd2/0x510 [ 133.623310][ T6573] memcg_list_lru_alloc+0x4e9/0x740 [ 133.623351][ T6573] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 133.623390][ T6573] ? get_mem_cgroup_from_objcg+0x149/0x620 [ 133.623434][ T6573] ? zswap_store+0x61d/0x25a0 [ 133.623471][ T6573] zswap_store+0x6a9/0x25a0 [ 133.623523][ T6573] ? __pfx_zswap_store+0x10/0x10 [ 133.623560][ T6573] ? do_raw_spin_lock+0x12c/0x2b0 [ 133.623602][ T6573] ? find_held_lock+0x2b/0x80 [ 133.623629][ T6573] ? folio_free_swap+0x171/0x580 [ 133.623663][ T6573] ? do_raw_spin_unlock+0x172/0x230 [ 133.623699][ T6573] ? swp_swap_info+0xce/0x130 [ 133.623733][ T6573] ? __pfx_swp_swap_info+0x10/0x10 [ 133.623770][ T6573] ? mod_memcg_lruvec_state+0x389/0x5f0 [ 133.623813][ T6573] swap_writeout+0x3b2/0xfe0 [ 133.623852][ T6573] ? mark_held_locks+0x49/0x80 [ 133.623883][ T6573] ? _raw_spin_unlock_irq+0x23/0x50 [ 133.623920][ T6573] shmem_writeout+0xc29/0x1140 [ 133.623955][ T6573] ? __pfx_shmem_writeout+0x10/0x10 [ 133.623988][ T6573] ? inode_to_bdi+0x9e/0x160 [ 133.624020][ T6573] ? folio_clear_dirty_for_io+0x112/0x810 [ 133.624065][ T6573] shrink_folio_list+0x2f4c/0x4880 [ 133.624104][ T6573] ? __pfx_shrink_folio_list+0x10/0x10 [ 133.624139][ T6573] ? __lock_acquire+0xb00/0x1ce0 [ 133.624230][ T6573] ? mark_held_locks+0x49/0x80 [ 133.624263][ T6573] ? finish_task_switch.isra.0+0x221/0xc10 [ 133.624294][ T6573] ? finish_task_switch.isra.0+0x2fa/0xc10 [ 133.624325][ T6573] reclaim_folio_list+0xda/0x5d0 [ 133.624358][ T6573] ? __pfx_reclaim_folio_list+0x10/0x10 [ 133.624409][ T6573] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 133.624455][ T6573] reclaim_pages+0x47b/0x650 [ 133.624486][ T6573] ? __pfx_reclaim_pages+0x10/0x10 [ 133.624512][ T6573] ? find_held_lock+0x2b/0x80 [ 133.624538][ T6573] ? madvise_cold_or_pageout_pte_range+0x749/0x2120 [ 133.624582][ T6573] madvise_cold_or_pageout_pte_range+0x1546/0x2120 [ 133.624635][ T6573] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 133.624683][ T6573] ? css_rstat_updated+0x1c2/0x510 [ 133.624712][ T6573] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 133.624750][ T6573] walk_pgd_range+0xc05/0x1f50 [ 133.624807][ T6573] ? __pfx_walk_pgd_range+0x10/0x10 [ 133.624849][ T6573] __walk_page_range+0x163/0x820 [ 133.624886][ T6573] ? __lock_acquire+0xb97/0x1ce0 [ 133.624927][ T6573] walk_page_range_vma+0x2c7/0xa20 [ 133.624964][ T6573] ? __pfx_walk_page_range_vma+0x10/0x10 [ 133.624996][ T6573] ? find_held_lock+0x2b/0x80 [ 133.625036][ T6573] madvise_pageout+0x257/0x540 [ 133.625071][ T6573] ? __pfx_madvise_pageout+0x10/0x10 [ 133.625102][ T6573] ? finish_task_switch.isra.0+0x21c/0xc10 [ 133.625164][ T6573] madvise_vma_behavior+0xb22/0x2d60 [ 133.625207][ T6573] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 133.625245][ T6573] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 133.625284][ T6573] ? __pfx_mas_prev+0x10/0x10 [ 133.625328][ T6573] ? find_vma_prev+0xda/0x160 [ 133.625361][ T6573] ? find_held_lock+0x2b/0x80 [ 133.625386][ T6573] ? __pfx_find_vma_prev+0x10/0x10 [ 133.625420][ T6573] ? futex_unqueue+0x133/0x2c0 [ 133.625460][ T6573] ? __futex_wait+0x24c/0x2f0 [ 133.625502][ T6573] madvise_walk_vmas+0x31f/0x9c0 [ 133.625544][ T6573] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 133.625591][ T6573] madvise_do_behavior+0x1e2/0x530 [ 133.625625][ T6573] ? futex_private_hash_put+0x18a/0x300 [ 133.625657][ T6573] ? __pfx_madvise_do_behavior+0x10/0x10 [ 133.625694][ T6573] ? down_read+0x13d/0x480 [ 133.625736][ T6573] do_madvise+0x176/0x240 [ 133.625771][ T6573] ? __pfx_do_madvise+0x10/0x10 [ 133.625804][ T6573] ? do_futex+0x122/0x350 [ 133.625861][ T6573] ? syscall_user_dispatch+0x78/0x140 [ 133.625907][ T6573] __x64_sys_madvise+0xa9/0x110 [ 133.625944][ T6573] do_syscall_64+0xcd/0x4c0 [ 133.625983][ T6573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.626009][ T6573] RIP: 0033:0x7f678fd8eba9 [ 133.626030][ T6573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.626054][ T6573] RSP: 002b:00007f6790b61038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 133.626092][ T6573] RAX: ffffffffffffffda RBX: 00007f678ffd6270 RCX: 00007f678fd8eba9 [ 133.626111][ T6573] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000 [ 133.626133][ T6573] RBP: 00007f678fe11e19 R08: 0000000000000000 R09: 0000000000000000 [ 133.626149][ T6573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 133.626164][ T6573] R13: 00007f678ffd6308 R14: 00007f678ffd6270 R15: 00007ffc11fa3268 [ 133.626200][ T6573] [ 134.106158][ C1] vkms_vblank_simulate: vblank timer overrun [ 134.606450][ T6578] netlink: 12 bytes leftover after parsing attributes in process `syz.0.109'. [ 135.659097][ T30] audit: type=1800 audit(4294967330.870:4): pid=6578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.109" name="dbroot" dev="configfs" ino=11568 res=0 errno=0 [ 136.250030][ T6586] ima: policy update failed [ 136.310831][ T30] audit: type=1802 audit(4294967331.470:5): pid=6586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.111" res=0 errno=0 [ 138.679857][ T6630] netlink: 354 bytes leftover after parsing attributes in process `syz.3.119'. [ 138.696755][ T6626] futex_wake_op: syz.1.118 tries to shift op by -9; fix this program [ 139.063917][ T6634] netlink: 28 bytes leftover after parsing attributes in process `syz.3.120'. [ 139.391578][ T30] audit: type=1800 audit(4294967334.600:6): pid=6641 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.123" name="dbroot" dev="configfs" ino=11101 res=0 errno=0 [ 139.504994][ T6643] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 139.858316][ T6648] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 140.590885][ T6663] FAULT_INJECTION: forcing a failure. [ 140.590885][ T6663] name failslab, interval 1, probability 0, space 0, times 0 [ 140.590932][ T6663] CPU: 0 UID: 0 PID: 6663 Comm: syz.3.127 Not tainted syzkaller #0 PREEMPT(full) [ 140.590949][ T6663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 140.590958][ T6663] Call Trace: [ 140.590962][ T6663] [ 140.590968][ T6663] dump_stack_lvl+0x16c/0x1f0 [ 140.590992][ T6663] should_fail_ex+0x512/0x640 [ 140.591014][ T6663] ? fs_reclaim_acquire+0xae/0x150 [ 140.591037][ T6663] should_failslab+0xc2/0x120 [ 140.591057][ T6663] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 140.591075][ T6663] ? __kernfs_new_node+0xd2/0x8e0 [ 140.591096][ T6663] __kernfs_new_node+0xd2/0x8e0 [ 140.591115][ T6663] ? __pfx___kernfs_new_node+0x10/0x10 [ 140.591138][ T6663] ? find_held_lock+0x2b/0x80 [ 140.591153][ T6663] ? kernfs_root+0xee/0x2a0 [ 140.591174][ T6663] kernfs_new_node+0x13c/0x1e0 [ 140.591197][ T6663] __kernfs_create_file+0x53/0x350 [ 140.591213][ T6663] sysfs_add_file_mode_ns+0x207/0x3c0 [ 140.591235][ T6663] internal_create_group+0x578/0xf30 [ 140.591258][ T6663] ? __pfx_internal_create_group+0x10/0x10 [ 140.591280][ T6663] ? kernfs_create_link+0x1bd/0x240 [ 140.591297][ T6663] internal_create_groups+0x9d/0x150 [ 140.591317][ T6663] device_add+0x731/0x1aa0 [ 140.591335][ T6663] ? __pfx_device_add+0x10/0x10 [ 140.591348][ T6663] ? __pfx___might_resched+0x10/0x10 [ 140.591362][ T6663] ? is_dynamic_key+0xb4/0x160 [ 140.591387][ T6663] __add_disk+0x457/0xf00 [ 140.591415][ T6663] add_disk_fwnode+0x13f/0x5d0 [ 140.591441][ T6663] nbd_dev_add+0x783/0xbb0 [ 140.591465][ T6663] ? __pfx_nbd_dev_add+0x10/0x10 [ 140.591497][ T6663] ? bpf_lsm_capable+0x9/0x10 [ 140.591511][ T6663] ? __radix_tree_lookup+0x21f/0x2c0 [ 140.591535][ T6663] nbd_genl_connect+0x8b0/0x1c60 [ 140.591553][ T6663] ? __pfx_nbd_genl_connect+0x10/0x10 [ 140.591568][ T6663] ? __nla_parse+0x40/0x60 [ 140.591586][ T6663] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 140.591602][ T6663] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 140.591622][ T6663] genl_family_rcv_msg_doit+0x209/0x2f0 [ 140.591638][ T6663] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 140.591653][ T6663] ? genl_get_cmd+0x194/0x580 [ 140.591672][ T6663] ? __radix_tree_lookup+0x21f/0x2c0 [ 140.591699][ T6663] genl_rcv_msg+0x55c/0x800 [ 140.591717][ T6663] ? __pfx_genl_rcv_msg+0x10/0x10 [ 140.591732][ T6663] ? __pfx_nbd_genl_connect+0x10/0x10 [ 140.591754][ T6663] netlink_rcv_skb+0x158/0x420 [ 140.591776][ T6663] ? __pfx_genl_rcv_msg+0x10/0x10 [ 140.591792][ T6663] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 140.591823][ T6663] ? netlink_deliver_tap+0x1ae/0xd30 [ 140.591846][ T6663] genl_rcv+0x28/0x40 [ 140.591858][ T6663] netlink_unicast+0x5a7/0x870 [ 140.591882][ T6663] ? __pfx_netlink_unicast+0x10/0x10 [ 140.591904][ T6663] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 140.591923][ T6663] ? __lock_acquire+0xb97/0x1ce0 [ 140.591947][ T6663] netlink_sendmsg+0x8d1/0xdd0 [ 140.591971][ T6663] ? __pfx_netlink_sendmsg+0x10/0x10 [ 140.591995][ T6663] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 140.592013][ T6663] ____sys_sendmsg+0xa98/0xc70 [ 140.592030][ T6663] ? copy_msghdr_from_user+0x10a/0x160 [ 140.592050][ T6663] ? __pfx_____sys_sendmsg+0x10/0x10 [ 140.592070][ T6663] ? __pfx_futex_wake_mark+0x10/0x10 [ 140.592094][ T6663] ___sys_sendmsg+0x134/0x1d0 [ 140.592116][ T6663] ? __pfx____sys_sendmsg+0x10/0x10 [ 140.592160][ T6663] __sys_sendmsg+0x16d/0x220 [ 140.592181][ T6663] ? __pfx___sys_sendmsg+0x10/0x10 [ 140.592201][ T6663] ? __x64_sys_futex+0x1e0/0x4c0 [ 140.592231][ T6663] do_syscall_64+0xcd/0x4c0 [ 140.592253][ T6663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.592268][ T6663] RIP: 0033:0x7efc9c38eba9 [ 140.592279][ T6663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.592293][ T6663] RSP: 002b:00007efc9d2ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 140.592307][ T6663] RAX: ffffffffffffffda RBX: 00007efc9c5d5fa0 RCX: 00007efc9c38eba9 [ 140.592316][ T6663] RDX: 0000000020040000 RSI: 0000200000000500 RDI: 0000000000000005 [ 140.592324][ T6663] RBP: 00007efc9c411e19 R08: 0000000000000000 R09: 0000000000000000 [ 140.592333][ T6663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 140.592341][ T6663] R13: 00007efc9c5d6038 R14: 00007efc9c5d5fa0 R15: 00007ffe0e1616e8 [ 140.592360][ T6663] [ 140.622495][ T6663] nbd: failed to add new device [ 140.689220][ T6663] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 141.226513][ T6671] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 141.294944][ T6672] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 143.840109][ T5868] Bluetooth: hci1: unexpected event 0x17 length: 440 > 6 [ 146.052682][ T6744] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(7) [ 150.300658][ T6807] mmap: syz.1.154 (6807) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 150.330748][ T6806] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 150.468609][ T6812] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 151.285212][ T6827] binder: 6820:6827 ioctl c0306201 200000001040 returned -14 [ 151.385338][ T6821] random: crng reseeded on system resumption [ 152.037272][ T6828] bond0: option all_slaves_active: invalid value () [ 153.502204][ T6857] FAULT_INJECTION: forcing a failure. [ 153.502204][ T6857] name failslab, interval 1, probability 0, space 0, times 0 [ 153.599000][ T6857] CPU: 0 UID: 0 PID: 6857 Comm: syz.0.166 Not tainted syzkaller #0 PREEMPT(full) [ 153.599033][ T6857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 153.599049][ T6857] Call Trace: [ 153.599056][ T6857] [ 153.599066][ T6857] dump_stack_lvl+0x16c/0x1f0 [ 153.599103][ T6857] should_fail_ex+0x512/0x640 [ 153.599126][ T6857] ? __kmalloc_noprof+0xbf/0x510 [ 153.599145][ T6857] ? group_cpus_evenly+0x199/0x650 [ 153.599161][ T6857] should_failslab+0xc2/0x120 [ 153.599180][ T6857] __kmalloc_noprof+0xd2/0x510 [ 153.599200][ T6857] group_cpus_evenly+0x199/0x650 [ 153.599219][ T6857] ? __pfx_group_cpus_evenly+0x10/0x10 [ 153.599248][ T6857] blk_mq_map_queues+0xa5/0x4d0 [ 153.599268][ T6857] ? __pfx_blk_mq_map_queues+0x10/0x10 [ 153.599286][ T6857] ? rcu_is_watching+0x12/0xc0 [ 153.599304][ T6857] blk_mq_update_queue_map+0x34a/0x3e0 [ 153.599330][ T6857] blk_mq_alloc_tag_set+0x61a/0x1260 [ 153.599356][ T6857] loop_add+0x3b2/0xb70 [ 153.599374][ T6857] ? __pfx_loop_add+0x10/0x10 [ 153.599403][ T6857] ? find_held_lock+0x2b/0x80 [ 153.599420][ T6857] loop_control_ioctl+0x13e/0x630 [ 153.599438][ T6857] ? __pfx_loop_control_ioctl+0x10/0x10 [ 153.599458][ T6857] ? __pfx_loop_control_ioctl+0x10/0x10 [ 153.599477][ T6857] __x64_sys_ioctl+0x18b/0x210 [ 153.599503][ T6857] do_syscall_64+0xcd/0x4c0 [ 153.599526][ T6857] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.599540][ T6857] RIP: 0033:0x7f8b9f58eba9 [ 153.599552][ T6857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 153.599565][ T6857] RSP: 002b:00007f8ba04a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 153.599579][ T6857] RAX: ffffffffffffffda RBX: 00007f8b9f7d5fa0 RCX: 00007f8b9f58eba9 [ 153.599588][ T6857] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 000000000000000b [ 153.599597][ T6857] RBP: 00007f8b9f611e19 R08: 0000000000000000 R09: 0000000000000000 [ 153.599606][ T6857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.599614][ T6857] R13: 00007f8b9f7d6038 R14: 00007f8b9f7d5fa0 R15: 00007ffe2c4a9ae8 [ 153.599632][ T6857] [ 153.813009][ C0] vkms_vblank_simulate: vblank timer overrun [ 154.014772][ T6864] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 156.285090][ T6892] process 'syz.2.173' launched './file0' with NULL argv: empty string added [ 158.221085][ T6914] mkiss: ax0: crc mode is auto. [ 159.451556][ T6924] capability: warning: `syz.1.177' uses 32-bit capabilities (legacy support in use) [ 160.962524][ T6952] blktrace: Concurrent blktraces are not allowed on nbd3 [ 162.664589][ T6979] binder: 6976:6979 ioctl c0306201 200000001040 returned -14 [ 163.402887][ T6977] random: crng reseeded on system resumption [ 163.570773][ T6994] Invalid ELF header magic: != ELF [ 168.639889][ T7043] bond0: option all_slaves_active: invalid value () [ 171.716342][ T7085] FAULT_INJECTION: forcing a failure. [ 171.716342][ T7085] name failslab, interval 1, probability 0, space 0, times 0 [ 171.776139][ T7085] CPU: 0 UID: 0 PID: 7085 Comm: syz.2.211 Not tainted syzkaller #0 PREEMPT(full) [ 171.776171][ T7085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 171.776180][ T7085] Call Trace: [ 171.776186][ T7085] [ 171.776191][ T7085] dump_stack_lvl+0x16c/0x1f0 [ 171.776218][ T7085] should_fail_ex+0x512/0x640 [ 171.776240][ T7085] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 171.776260][ T7085] should_failslab+0xc2/0x120 [ 171.776280][ T7085] __kmalloc_cache_node_noprof+0x6d/0x420 [ 171.776296][ T7085] ? kfree+0x2b4/0x4d0 [ 171.776307][ T7085] ? blk_mq_init_tags+0x87/0x2b0 [ 171.776332][ T7085] blk_mq_init_tags+0x87/0x2b0 [ 171.776355][ T7085] blk_mq_alloc_map_and_rqs+0x237/0xf60 [ 171.776378][ T7085] ? rcu_is_watching+0x12/0xc0 [ 171.776396][ T7085] __blk_mq_alloc_map_and_rqs+0x128/0x1f0 [ 171.776418][ T7085] blk_mq_alloc_tag_set+0x778/0x1260 [ 171.776444][ T7085] loop_add+0x3b2/0xb70 [ 171.776463][ T7085] ? __pfx_loop_add+0x10/0x10 [ 171.776499][ T7085] ? find_held_lock+0x2b/0x80 [ 171.776517][ T7085] loop_control_ioctl+0x13e/0x630 [ 171.776536][ T7085] ? __pfx_loop_control_ioctl+0x10/0x10 [ 171.776556][ T7085] ? __pfx_loop_control_ioctl+0x10/0x10 [ 171.776575][ T7085] __x64_sys_ioctl+0x18b/0x210 [ 171.776599][ T7085] do_syscall_64+0xcd/0x4c0 [ 171.776621][ T7085] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.776636][ T7085] RIP: 0033:0x7f678fd8eba9 [ 171.776648][ T7085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 171.776660][ T7085] RSP: 002b:00007f6790bc4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 171.776674][ T7085] RAX: ffffffffffffffda RBX: 00007f678ffd5fa0 RCX: 00007f678fd8eba9 [ 171.776684][ T7085] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 000000000000000b [ 171.776692][ T7085] RBP: 00007f678fe11e19 R08: 0000000000000000 R09: 0000000000000000 [ 171.776700][ T7085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.776708][ T7085] R13: 00007f678ffd6038 R14: 00007f678ffd5fa0 R15: 00007ffc11fa3268 [ 171.776726][ T7085] [ 171.777263][ T7085] blk-mq: reduced tag depth (128 -> 64) [ 174.737017][ T7124] blk-mq: reduced tag depth (128 -> 64) [ 176.426745][ T7139] netlink: 268 bytes leftover after parsing attributes in process `syz.1.225'. [ 177.144682][ T7139] syz.1.225 (7139) used greatest stack depth: 19384 bytes left [ 180.739185][ T30] audit: type=1800 audit(4294967375.930:7): pid=7212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=14464 res=0 errno=0 [ 183.696359][ T7243] zswap: compressor 000 not available [ 184.428759][ T7270] bond0: option all_slaves_active: invalid value () [ 187.578157][ T7308] netlink: 268 bytes leftover after parsing attributes in process `syz.3.258'. [ 191.965736][ T7365] netlink: 268 bytes leftover after parsing attributes in process `syz.2.270'. [ 194.409300][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.415713][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.972621][ T7418] bond0: option all_slaves_active: invalid value () [ 196.272354][ T7438] blktrace: Concurrent blktraces are not allowed on ram7 [ 199.910026][ T7486] FAULT_INJECTION: forcing a failure. [ 199.910026][ T7486] name failslab, interval 1, probability 0, space 0, times 0 [ 200.058966][ T7486] CPU: 1 UID: 0 PID: 7486 Comm: syz.0.303 Not tainted syzkaller #0 PREEMPT(full) [ 200.059003][ T7486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 200.059020][ T7486] Call Trace: [ 200.059028][ T7486] [ 200.059038][ T7486] dump_stack_lvl+0x16c/0x1f0 [ 200.059086][ T7486] should_fail_ex+0x512/0x640 [ 200.059125][ T7486] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 200.059158][ T7486] should_failslab+0xc2/0x120 [ 200.059192][ T7486] __kmalloc_cache_node_noprof+0x6d/0x420 [ 200.059217][ T7486] ? register_lock_class+0x41/0x4c0 [ 200.059249][ T7486] ? __lock_acquire+0xb97/0x1ce0 [ 200.059281][ T7486] ? __get_vm_area_node+0x101/0x330 [ 200.059324][ T7486] __get_vm_area_node+0x101/0x330 [ 200.059367][ T7486] __vmalloc_node_range_noprof+0x271/0x14b0 [ 200.059392][ T7486] ? n_tty_open+0x1a/0x170 [ 200.059416][ T7486] ? look_up_lock_class+0x6b/0x150 [ 200.059461][ T7486] ? n_tty_open+0x1a/0x170 [ 200.059496][ T7486] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 200.059519][ T7486] ? look_up_lock_class+0x6b/0x150 [ 200.059559][ T7486] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 200.059591][ T7486] ? n_tty_open+0x1a/0x170 [ 200.059615][ T7486] __vmalloc_node_noprof+0xad/0xf0 [ 200.059639][ T7486] ? n_tty_open+0x1a/0x170 [ 200.059663][ T7486] ? __pfx_n_tty_open+0x10/0x10 [ 200.059690][ T7486] n_tty_open+0x1a/0x170 [ 200.059714][ T7486] ? __pfx_n_tty_open+0x10/0x10 [ 200.059756][ T7486] tty_ldisc_open+0x9f/0x120 [ 200.059792][ T7486] tty_ldisc_setup+0x40/0x100 [ 200.059828][ T7486] tty_init_dev.part.0+0x1ec/0x500 [ 200.059855][ T7486] tty_init_dev+0x60/0x80 [ 200.059878][ T7486] ? __pfx_ptmx_open+0x10/0x10 [ 200.059906][ T7486] ptmx_open+0x10d/0x360 [ 200.059936][ T7486] ? __pfx_ptmx_open+0x10/0x10 [ 200.059965][ T7486] chrdev_open+0x234/0x6a0 [ 200.059995][ T7486] ? __pfx_apparmor_file_open+0x10/0x10 [ 200.060022][ T7486] ? __pfx_chrdev_open+0x10/0x10 [ 200.060054][ T7486] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 200.060091][ T7486] do_dentry_open+0x982/0x1530 [ 200.060121][ T7486] ? __pfx_chrdev_open+0x10/0x10 [ 200.060159][ T7486] vfs_open+0x82/0x3f0 [ 200.060199][ T7486] path_openat+0x1de4/0x2cb0 [ 200.060241][ T7486] ? __pfx_path_openat+0x10/0x10 [ 200.060281][ T7486] do_filp_open+0x20b/0x470 [ 200.060312][ T7486] ? __pfx_do_filp_open+0x10/0x10 [ 200.060370][ T7486] ? alloc_fd+0x471/0x7d0 [ 200.060408][ T7486] do_sys_openat2+0x11b/0x1d0 [ 200.060445][ T7486] ? __pfx_do_sys_openat2+0x10/0x10 [ 200.060483][ T7486] ? __sys_sendmsg+0x18c/0x220 [ 200.060528][ T7486] __x64_sys_openat+0x174/0x210 [ 200.060552][ T7486] ? __pfx___x64_sys_openat+0x10/0x10 [ 200.060592][ T7486] do_syscall_64+0xcd/0x4c0 [ 200.060632][ T7486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.060658][ T7486] RIP: 0033:0x7f8b9f58eba9 [ 200.060679][ T7486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.060703][ T7486] RSP: 002b:00007f8ba04a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 200.060728][ T7486] RAX: ffffffffffffffda RBX: 00007f8b9f7d5fa0 RCX: 00007f8b9f58eba9 [ 200.060754][ T7486] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 200.060771][ T7486] RBP: 00007f8b9f611e19 R08: 0000000000000000 R09: 0000000000000000 [ 200.060787][ T7486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.060802][ T7486] R13: 00007f8b9f7d6038 R14: 00007f8b9f7d5fa0 R15: 00007ffe2c4a9ae8 [ 200.060840][ T7486] [ 200.401603][ T7486] syz.0.303: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 200.478646][ T7486] CPU: 0 UID: 0 PID: 7486 Comm: syz.0.303 Not tainted syzkaller #0 PREEMPT(full) [ 200.478683][ T7486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 200.478699][ T7486] Call Trace: [ 200.478708][ T7486] [ 200.478719][ T7486] dump_stack_lvl+0x16c/0x1f0 [ 200.478763][ T7486] warn_alloc+0x248/0x3a0 [ 200.478796][ T7486] ? __pfx_warn_alloc+0x10/0x10 [ 200.478826][ T7486] ? rcu_is_watching+0x12/0xc0 [ 200.478852][ T7486] ? trace_kmalloc+0x2b/0xd0 [ 200.478884][ T7486] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 200.478922][ T7486] ? __kasan_kmalloc+0x8a/0xb0 [ 200.478958][ T7486] ? __get_vm_area_node+0x208/0x330 [ 200.479005][ T7486] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 200.479031][ T7486] ? look_up_lock_class+0x6b/0x150 [ 200.479077][ T7486] ? n_tty_open+0x1a/0x170 [ 200.479113][ T7486] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 200.479138][ T7486] ? look_up_lock_class+0x6b/0x150 [ 200.479179][ T7486] ? __pfx___ldsem_down_write_nested+0x10/0x10 [ 200.479211][ T7486] ? n_tty_open+0x1a/0x170 [ 200.479235][ T7486] __vmalloc_node_noprof+0xad/0xf0 [ 200.479260][ T7486] ? n_tty_open+0x1a/0x170 [ 200.479286][ T7486] ? __pfx_n_tty_open+0x10/0x10 [ 200.479313][ T7486] n_tty_open+0x1a/0x170 [ 200.479337][ T7486] ? __pfx_n_tty_open+0x10/0x10 [ 200.479362][ T7486] tty_ldisc_open+0x9f/0x120 [ 200.479396][ T7486] tty_ldisc_setup+0x40/0x100 [ 200.479431][ T7486] tty_init_dev.part.0+0x1ec/0x500 [ 200.479458][ T7486] tty_init_dev+0x60/0x80 [ 200.479483][ T7486] ? __pfx_ptmx_open+0x10/0x10 [ 200.479511][ T7486] ptmx_open+0x10d/0x360 [ 200.479542][ T7486] ? __pfx_ptmx_open+0x10/0x10 [ 200.479572][ T7486] chrdev_open+0x234/0x6a0 [ 200.479603][ T7486] ? __pfx_apparmor_file_open+0x10/0x10 [ 200.479632][ T7486] ? __pfx_chrdev_open+0x10/0x10 [ 200.479666][ T7486] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 200.479714][ T7486] do_dentry_open+0x982/0x1530 [ 200.479748][ T7486] ? __pfx_chrdev_open+0x10/0x10 [ 200.479789][ T7486] vfs_open+0x82/0x3f0 [ 200.479831][ T7486] path_openat+0x1de4/0x2cb0 [ 200.479875][ T7486] ? __pfx_path_openat+0x10/0x10 [ 200.479916][ T7486] do_filp_open+0x20b/0x470 [ 200.479946][ T7486] ? __pfx_do_filp_open+0x10/0x10 [ 200.480010][ T7486] ? alloc_fd+0x471/0x7d0 [ 200.480047][ T7486] do_sys_openat2+0x11b/0x1d0 [ 200.480084][ T7486] ? __pfx_do_sys_openat2+0x10/0x10 [ 200.480123][ T7486] ? __sys_sendmsg+0x18c/0x220 [ 200.480169][ T7486] __x64_sys_openat+0x174/0x210 [ 200.480193][ T7486] ? __pfx___x64_sys_openat+0x10/0x10 [ 200.480234][ T7486] do_syscall_64+0xcd/0x4c0 [ 200.480275][ T7486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.480301][ T7486] RIP: 0033:0x7f8b9f58eba9 [ 200.480322][ T7486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 200.480346][ T7486] RSP: 002b:00007f8ba04a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 200.480371][ T7486] RAX: ffffffffffffffda RBX: 00007f8b9f7d5fa0 RCX: 00007f8b9f58eba9 [ 200.480389][ T7486] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 200.480406][ T7486] RBP: 00007f8b9f611e19 R08: 0000000000000000 R09: 0000000000000000 [ 200.480422][ T7486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.480437][ T7486] R13: 00007f8b9f7d6038 R14: 00007f8b9f7d5fa0 R15: 00007ffe2c4a9ae8 [ 200.480474][ T7486] [ 200.832650][ T7486] Mem-Info: [ 200.835875][ T7486] active_anon:13114 inactive_anon:15 isolated_anon:0 [ 200.835875][ T7486] active_file:6226 inactive_file:48412 isolated_file:0 [ 200.835875][ T7486] unevictable:768 dirty:226 writeback:0 [ 200.835875][ T7486] slab_reclaimable:10858 slab_unreclaimable:94662 [ 200.835875][ T7486] mapped:29921 shmem:1392 pagetables:1322 [ 200.835875][ T7486] sec_pagetables:0 bounce:0 [ 200.835875][ T7486] kernel_misc_reclaimable:0 [ 200.835875][ T7486] free:1314510 free_pcp:16819 free_cma:0 [ 200.881688][ T7486] Node 0 active_anon:54756kB inactive_anon:60kB active_file:24904kB inactive_file:193512kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119684kB dirty:1000kB writeback:0kB shmem:4032kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11540kB pagetables:5164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 200.924134][ T7486] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:124kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 201.000332][ T7486] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 201.033389][ T7486] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 201.039208][ T7486] Node 0 DMA32 free:1351560kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:54548kB inactive_anon:60kB active_file:24904kB inactive_file:193508kB unevictable:1536kB writepending:1164kB present:3129332kB managed:2539540kB mlocked:0kB bounce:0kB free_pcp:51680kB local_pcp:20908kB free_cma:0kB [ 201.132894][ T7486] lowmem_reserve[]: 0 0 1 1 1 [ 201.137834][ T7486] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:20kB local_pcp:12kB free_cma:0kB [ 201.203145][ T7486] lowmem_reserve[]: 0 0 0 0 0 [ 201.226218][ T7486] Node 1 Normal free:3891196kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:11872kB local_pcp:6824kB free_cma:0kB [ 201.279905][ T7486] lowmem_reserve[]: 0 0 0 0 0 [ 201.285011][ T7486] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 201.306596][ T7486] Node 0 DMA32: 1623*4kB (UME) 1374*8kB (UME) 682*16kB (UME) 271*32kB (UME) 350*64kB (UME) 225*128kB (ME) 98*256kB (M) 44*512kB (UM) 11*1024kB (M) 3*2048kB (UME) 293*4096kB (UM) = 1353420kB [ 201.333824][ T7486] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 201.345842][ T7486] Node 1 Normal: 191*4kB (UME) 40*8kB (UME) 44*16kB (UME) 140*32kB (UME) 32*64kB (UM) 9*128kB (UME) 3*256kB (ME) 4*512kB (UME) 2*1024kB (UM) 1*2048kB (E) 946*4096kB (M) = 3891196kB [ 201.364850][ T7486] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 201.374602][ T7486] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 201.384021][ T7486] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 201.393685][ T7486] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 201.402972][ T7486] 56109 total pagecache pages [ 201.407727][ T7486] 16 pages in swap cache [ 201.411967][ T7486] Free swap = 124932kB [ 201.416134][ T7486] Total swap = 124996kB [ 201.420502][ T7486] 2097051 pages RAM [ 201.424380][ T7486] 0 pages HighMem/MovableOnly [ 201.429057][ T7486] 430204 pages reserved [ 201.436552][ T7486] 0 pages cma reserved [ 201.446700][ T7486] ptm ptm1: ldisc open failed (-12), clearing slot 1 [ 202.960406][ T7534] netlink: 28 bytes leftover after parsing attributes in process `syz.1.304'. [ 205.825595][ T7576] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 206.304082][ T7577] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 206.338568][ T6964] Bluetooth: hci3: unexpected event 0x0f length: 440 > 4 [ 206.626125][ T7576] HfR: entered promiscuous mode [ 207.117462][ T6964] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 207.117566][ T6964] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 207.133071][ T6964] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 207.133136][ T6964] Bluetooth: hci1: adv larger than maximum supported [ 207.141151][ T6964] Bluetooth: hci1: adv larger than maximum supported [ 207.153443][ T6964] Bluetooth: hci1: Malformed LE Event: 0x0d [ 208.087112][ T6964] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 208.087208][ T6964] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 208.103410][ T6964] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 208.103481][ T6964] Bluetooth: hci1: adv larger than maximum supported [ 208.111013][ T6964] Bluetooth: hci1: adv larger than maximum supported [ 208.117899][ T6964] Bluetooth: hci1: Malformed LE Event: 0x0d [ 209.488971][ T7636] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 209.500612][ T7636] FAULT_INJECTION: forcing a failure. [ 209.500612][ T7636] name failslab, interval 1, probability 0, space 0, times 0 [ 209.533364][ T7636] CPU: 1 UID: 0 PID: 7636 Comm: syz.1.323 Not tainted syzkaller #0 PREEMPT(full) [ 209.533397][ T7636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 209.533412][ T7636] Call Trace: [ 209.533420][ T7636] [ 209.533430][ T7636] dump_stack_lvl+0x16c/0x1f0 [ 209.533473][ T7636] should_fail_ex+0x512/0x640 [ 209.533509][ T7636] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 209.533544][ T7636] should_failslab+0xc2/0x120 [ 209.533577][ T7636] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 209.533608][ T7636] ? __kernfs_new_node+0xd2/0x8e0 [ 209.533644][ T7636] __kernfs_new_node+0xd2/0x8e0 [ 209.533680][ T7636] ? __pfx___kernfs_new_node+0x10/0x10 [ 209.533721][ T7636] ? find_held_lock+0x2b/0x80 [ 209.533747][ T7636] ? kernfs_root+0xee/0x2a0 [ 209.533785][ T7636] kernfs_new_node+0x13c/0x1e0 [ 209.533827][ T7636] __kernfs_create_file+0x53/0x350 [ 209.533856][ T7636] sysfs_add_file_mode_ns+0x207/0x3c0 [ 209.533896][ T7636] sysfs_merge_group+0x1aa/0x340 [ 209.533931][ T7636] ? __pfx_sysfs_merge_group+0x10/0x10 [ 209.533968][ T7636] ? __pfx_dev_add_physical_location+0x10/0x10 [ 209.533995][ T7636] ? bus_to_subsys+0x131/0x160 [ 209.534028][ T7636] dpm_sysfs_add+0x237/0x280 [ 209.534056][ T7636] device_add+0x9a6/0x1aa0 [ 209.534080][ T7636] ? __pfx_device_add+0x10/0x10 [ 209.534103][ T7636] ? __pfx_exact_lock+0x10/0x10 [ 209.534123][ T7636] ? kobject_get+0xbb/0x150 [ 209.534148][ T7636] cdev_device_add+0xc2/0x1e0 [ 209.534167][ T7636] evdev_connect+0x3a4/0x4c0 [ 209.534186][ T7636] input_attach_handler.isra.0+0x173/0x250 [ 209.534204][ T7636] input_register_device+0xab9/0x1180 [ 209.534221][ T7636] ? input_ff_create+0x1b1/0x350 [ 209.534242][ T7636] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 209.534264][ T7636] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 209.534286][ T7636] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 209.534312][ T7636] ? find_held_lock+0x2b/0x80 [ 209.534335][ T7636] ? __pfx_uinput_ioctl+0x10/0x10 [ 209.534356][ T7636] __x64_sys_ioctl+0x18b/0x210 [ 209.534378][ T7636] do_syscall_64+0xcd/0x4c0 [ 209.534401][ T7636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.534415][ T7636] RIP: 0033:0x7fb206b8eba9 [ 209.534427][ T7636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.534441][ T7636] RSP: 002b:00007fb207a3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 209.534455][ T7636] RAX: ffffffffffffffda RBX: 00007fb206dd5fa0 RCX: 00007fb206b8eba9 [ 209.534464][ T7636] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000003 [ 209.534472][ T7636] RBP: 00007fb206c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 209.534480][ T7636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.534488][ T7636] R13: 00007fb206dd6038 R14: 00007fb206dd5fa0 R15: 00007ffd34b4e8b8 [ 209.534512][ T7636] [ 210.002553][ T7636] input: failed to attach handler evdev to device input15, error: -12 [ 210.385215][ T7646] netlink: 28 bytes leftover after parsing attributes in process `syz.1.325'. [ 210.413714][ T7647] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 210.422629][ T7647] Bluetooth: hci3: Injecting HCI hardware error event [ 212.071616][ T30] audit: type=1800 audit(4294967407.270:8): pid=7670 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=16044 res=0 errno=0 [ 212.308356][ T7639] Bluetooth: hci3: hardware error 0x00 [ 212.403577][ T7642] Bluetooth: hci0: command 0x0406 tx timeout [ 212.409645][ T7642] Bluetooth: hci1: command 0x0406 tx timeout [ 212.415997][ T6920] Bluetooth: hci2: command 0x0406 tx timeout [ 214.406060][ T7639] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 221.622576][ T30] audit: type=1800 audit(4294967416.820:9): pid=7817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.358" name="dbroot" dev="configfs" ino=17437 res=0 errno=0 [ 225.673555][ T7639] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 225.673578][ T7639] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 225.688295][ T7639] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 225.688338][ T7639] Bluetooth: hci2: adv larger than maximum supported [ 225.695695][ T7639] Bluetooth: hci2: adv larger than maximum supported [ 225.704078][ T7639] Bluetooth: hci2: Malformed LE Event: 0x0d [ 225.992815][ T7639] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 225.992849][ T7639] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 226.008804][ T7639] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 226.008834][ T7639] Bluetooth: hci2: adv larger than maximum supported [ 226.016819][ T7639] Bluetooth: hci2: adv larger than maximum supported [ 226.026846][ T7639] Bluetooth: hci2: Malformed LE Event: 0x0d [ 233.993529][ T8002] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 234.471233][ T8006] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 235.794189][ T8018] futex_wake_op: syz.0.396 tries to shift op by -9; fix this program [ 237.617055][ T30] audit: type=1800 audit(4294967432.830:10): pid=8043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.401" name="dbroot" dev="configfs" ino=18011 res=0 errno=0 [ 241.964803][ T8113] FAULT_INJECTION: forcing a failure. [ 241.964803][ T8113] name failslab, interval 1, probability 0, space 0, times 0 [ 241.977785][ T8113] CPU: 0 UID: 0 PID: 8113 Comm: syz.1.414 Not tainted syzkaller #0 PREEMPT(full) [ 241.977804][ T8113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 241.977812][ T8113] Call Trace: [ 241.977818][ T8113] [ 241.977823][ T8113] dump_stack_lvl+0x16c/0x1f0 [ 241.977849][ T8113] should_fail_ex+0x512/0x640 [ 241.977871][ T8113] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 241.977892][ T8113] should_failslab+0xc2/0x120 [ 241.977911][ T8113] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 241.977930][ T8113] ? virtual_ncidev_open+0x6f/0x220 [ 241.977947][ T8113] ? kvasprintf_const+0x66/0x1a0 [ 241.977965][ T8113] kvasprintf+0xbc/0x160 [ 241.977980][ T8113] ? __pfx_kvasprintf+0x10/0x10 [ 241.977999][ T8113] ? rcu_is_watching+0x12/0xc0 [ 241.978014][ T8113] ? kfree+0x24f/0x4d0 [ 241.978025][ T8113] ? mark_held_locks+0x49/0x80 [ 241.978046][ T8113] kvasprintf_const+0x66/0x1a0 [ 241.978063][ T8113] kobject_set_name_vargs+0x5a/0x140 [ 241.978077][ T8113] dev_set_name+0xc7/0x100 [ 241.978094][ T8113] ? __pfx_dev_set_name+0x10/0x10 [ 241.978124][ T8113] nfc_allocate_device+0x206/0x5e0 [ 241.978149][ T8113] nci_allocate_device+0x23b/0x430 [ 241.978167][ T8113] virtual_ncidev_open+0x6f/0x220 [ 241.978185][ T8113] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 241.978202][ T8113] misc_open+0x35d/0x420 [ 241.978219][ T8113] ? __pfx_misc_open+0x10/0x10 [ 241.978235][ T8113] chrdev_open+0x234/0x6a0 [ 241.978253][ T8113] ? __pfx_apparmor_file_open+0x10/0x10 [ 241.978269][ T8113] ? __pfx_chrdev_open+0x10/0x10 [ 241.978287][ T8113] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 241.978307][ T8113] do_dentry_open+0x982/0x1530 [ 241.978324][ T8113] ? __pfx_chrdev_open+0x10/0x10 [ 241.978346][ T8113] vfs_open+0x82/0x3f0 [ 241.978372][ T8113] path_openat+0x1de4/0x2cb0 [ 241.978395][ T8113] ? __pfx_path_openat+0x10/0x10 [ 241.978417][ T8113] do_filp_open+0x20b/0x470 [ 241.978433][ T8113] ? __pfx_do_filp_open+0x10/0x10 [ 241.978464][ T8113] ? alloc_fd+0x471/0x7d0 [ 241.978483][ T8113] do_sys_openat2+0x11b/0x1d0 [ 241.978504][ T8113] ? __pfx_do_sys_openat2+0x10/0x10 [ 241.978533][ T8113] __x64_sys_openat+0x174/0x210 [ 241.978545][ T8113] ? __pfx___x64_sys_openat+0x10/0x10 [ 241.978565][ T8113] do_syscall_64+0xcd/0x4c0 [ 241.978587][ T8113] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.978601][ T8113] RIP: 0033:0x7fb206b8eba9 [ 241.978614][ T8113] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 241.978627][ T8113] RSP: 002b:00007fb207a1a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 241.978640][ T8113] RAX: ffffffffffffffda RBX: 00007fb206dd6090 RCX: 00007fb206b8eba9 [ 241.978649][ T8113] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 241.978658][ T8113] RBP: 00007fb206c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 241.978666][ T8113] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.978673][ T8113] R13: 00007fb206dd6128 R14: 00007fb206dd6090 R15: 00007ffd34b4e8b8 [ 241.978692][ T8113] [ 242.635807][ T30] audit: type=1800 audit(4294967437.850:11): pid=8124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.415" name="dbroot" dev="configfs" ino=18208 res=0 errno=0 [ 248.357017][ T8214] futex_wake_op: syz.3.428 tries to shift op by -9; fix this program [ 250.277715][ T8242] random: crng reseeded on system resumption [ 250.284353][ T8242] FAULT_INJECTION: forcing a failure. [ 250.284353][ T8242] name failslab, interval 1, probability 0, space 0, times 0 [ 250.316770][ T8242] CPU: 1 UID: 0 PID: 8242 Comm: syz.1.435 Not tainted syzkaller #0 PREEMPT(full) [ 250.316805][ T8242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 250.316829][ T8242] Call Trace: [ 250.316842][ T8242] [ 250.316852][ T8242] dump_stack_lvl+0x16c/0x1f0 [ 250.316895][ T8242] should_fail_ex+0x512/0x640 [ 250.316940][ T8242] should_failslab+0xc2/0x120 [ 250.316975][ T8242] __kmalloc_cache_noprof+0x6a/0x3e0 [ 250.317002][ T8242] ? do_raw_spin_lock+0x12c/0x2b0 [ 250.317038][ T8242] ? find_held_lock+0x2b/0x80 [ 250.317061][ T8242] ? async_schedule_node_domain+0x54/0x120 [ 250.317097][ T8242] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 250.317133][ T8242] async_schedule_node_domain+0x54/0x120 [ 250.317167][ T8242] dev_cache_fw_image+0x38e/0x490 [ 250.317211][ T8242] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 250.317254][ T8242] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 250.317290][ T8242] dpm_for_each_dev+0x5d/0xb0 [ 250.317322][ T8242] fw_pm_notify+0x81/0x150 [ 250.317356][ T8242] notifier_call_chain+0xb9/0x410 [ 250.317386][ T8242] ? __pfx_fw_pm_notify+0x10/0x10 [ 250.317425][ T8242] blocking_notifier_call_chain_robust+0xc8/0x160 [ 250.317462][ T8242] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 250.317511][ T8242] pm_notifier_call_chain_robust+0x27/0x60 [ 250.317546][ T8242] snapshot_open+0x218/0x2b0 [ 250.317576][ T8242] ? __pfx_snapshot_open+0x10/0x10 [ 250.317608][ T8242] misc_open+0x35d/0x420 [ 250.317639][ T8242] ? __pfx_misc_open+0x10/0x10 [ 250.317669][ T8242] chrdev_open+0x234/0x6a0 [ 250.317700][ T8242] ? __pfx_apparmor_file_open+0x10/0x10 [ 250.317730][ T8242] ? __pfx_chrdev_open+0x10/0x10 [ 250.317764][ T8242] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 250.317801][ T8242] do_dentry_open+0x982/0x1530 [ 250.317834][ T8242] ? __pfx_chrdev_open+0x10/0x10 [ 250.317874][ T8242] vfs_open+0x82/0x3f0 [ 250.317915][ T8242] path_openat+0x1de4/0x2cb0 [ 250.317957][ T8242] ? __pfx_path_openat+0x10/0x10 [ 250.317998][ T8242] do_filp_open+0x20b/0x470 [ 250.318029][ T8242] ? __pfx_do_filp_open+0x10/0x10 [ 250.318088][ T8242] ? alloc_fd+0x471/0x7d0 [ 250.318128][ T8242] do_sys_openat2+0x11b/0x1d0 [ 250.318166][ T8242] ? __pfx_do_sys_openat2+0x10/0x10 [ 250.318222][ T8242] __x64_sys_openat+0x174/0x210 [ 250.318236][ T8242] ? __pfx___x64_sys_openat+0x10/0x10 [ 250.318258][ T8242] do_syscall_64+0xcd/0x4c0 [ 250.318283][ T8242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.318297][ T8242] RIP: 0033:0x7fb206b8eba9 [ 250.318309][ T8242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 250.318323][ T8242] RSP: 002b:00007fb207a3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 250.318338][ T8242] RAX: ffffffffffffffda RBX: 00007fb206dd5fa0 RCX: 00007fb206b8eba9 [ 250.318347][ T8242] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 250.318356][ T8242] RBP: 00007fb206c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 250.318364][ T8242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 250.318372][ T8242] R13: 00007fb206dd6038 R14: 00007fb206dd5fa0 R15: 00007ffd34b4e8b8 [ 250.318392][ T8242] [ 250.321926][ T8242] [ 250.632226][ T8242] ====================================================== [ 250.639228][ T8242] WARNING: possible circular locking dependency detected [ 250.646239][ T8242] syzkaller #0 Not tainted [ 250.650641][ T8242] ------------------------------------------------------ [ 250.657640][ T8242] syz.1.435/8242 is trying to acquire lock: [ 250.663515][ T8242] ffff88807803b9f8 (&ima_iint_mutex_key[depth]){+.+.}-{4:4}, at: process_measurement+0x7e0/0x23e0 [ 250.674126][ T8242] [ 250.674126][ T8242] but task is already holding lock: [ 250.681472][ T8242] ffffffff8f518428 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 250.690345][ T8242] [ 250.690345][ T8242] which lock already depends on the new lock. [ 250.690345][ T8242] [ 250.700733][ T8242] [ 250.700733][ T8242] the existing dependency chain (in reverse order) is: [ 250.709731][ T8242] [ 250.709731][ T8242] -> #4 (dpm_list_mtx){+.+.}-{4:4}: [ 250.717108][ T8242] __mutex_lock+0x193/0x1060 [ 250.722232][ T8242] device_pm_add+0x87/0x3e0 [ 250.727254][ T8242] device_add+0x9cd/0x1aa0 [ 250.732182][ T8242] device_create_groups_vargs+0x1f8/0x270 [ 250.738412][ T8242] device_create+0xed/0x130 [ 250.743426][ T8242] msr_device_create+0x31/0x70 [ 250.748703][ T8242] cpuhp_invoke_callback+0x3d5/0xa10 [ 250.754499][ T8242] cpuhp_thread_fun+0x47e/0x6f0 [ 250.759872][ T8242] smpboot_thread_fn+0x3f7/0xae0 [ 250.765359][ T8242] kthread+0x3c5/0x780 [ 250.769957][ T8242] ret_from_fork+0x56d/0x730 [ 250.775069][ T8242] ret_from_fork_asm+0x1a/0x30 [ 250.780346][ T8242] [ 250.780346][ T8242] -> #3 (cpuhp_state-up){+.+.}-{0:0}: [ 250.787896][ T8242] cpuhp_thread_fun+0x193/0x6f0 [ 250.793263][ T8242] smpboot_thread_fn+0x3f7/0xae0 [ 250.798728][ T8242] kthread+0x3c5/0x780 [ 250.803320][ T8242] ret_from_fork+0x56d/0x730 [ 250.808434][ T8242] ret_from_fork_asm+0x1a/0x30 [ 250.813714][ T8242] [ 250.813714][ T8242] -> #2 (cpu_hotplug_lock){++++}-{0:0}: [ 250.821436][ T8242] cpus_read_lock+0x42/0x160 [ 250.826538][ T8242] ring_buffer_resize+0x105/0x15c0 [ 250.832165][ T8242] tracing_update_buffers+0x15e/0x1f0 [ 250.838053][ T8242] ftrace_event_write+0x14a/0x2c0 [ 250.843588][ T8242] vfs_write+0x2a0/0x11d0 [ 250.848432][ T8242] ksys_write+0x12a/0x250 [ 250.853280][ T8242] do_syscall_64+0xcd/0x4c0 [ 250.858306][ T8242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.864708][ T8242] [ 250.864708][ T8242] -> #1 (trace_types_lock){+.+.}-{4:4}: [ 250.872430][ T8242] __mutex_lock+0x193/0x1060 [ 250.877541][ T8242] tracing_check_open_get_tr.part.0+0x49/0x190 [ 250.884210][ T8242] tracing_open_generic_tr+0x66/0xf0 [ 250.890011][ T8242] do_dentry_open+0x982/0x1530 [ 250.895288][ T8242] vfs_open+0x82/0x3f0 [ 250.899878][ T8242] dentry_open+0x71/0xd0 [ 250.904640][ T8242] ima_calc_file_hash+0x2b6/0x490 [ 250.910177][ T8242] ima_collect_measurement+0x899/0xa40 [ 250.916152][ T8242] process_measurement+0x11fa/0x23e0 [ 250.921947][ T8242] ima_file_check+0xc5/0x110 [ 250.927048][ T8242] security_file_post_open+0x8e/0x210 [ 250.932933][ T8242] path_openat+0x1404/0x2cb0 [ 250.938039][ T8242] do_filp_open+0x20b/0x470 [ 250.943055][ T8242] do_sys_openat2+0x11b/0x1d0 [ 250.948252][ T8242] __x64_sys_openat+0x174/0x210 [ 250.953615][ T8242] do_syscall_64+0xcd/0x4c0 [ 250.958649][ T8242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 250.965056][ T8242] [ 250.965056][ T8242] -> #0 (&ima_iint_mutex_key[depth]){+.+.}-{4:4}: [ 250.973650][ T8242] __lock_acquire+0x12a6/0x1ce0 [ 250.979019][ T8242] lock_acquire+0x179/0x350 [ 250.984040][ T8242] __mutex_lock+0x193/0x1060 [ 250.989151][ T8242] process_measurement+0x7e0/0x23e0 [ 250.994861][ T8242] ima_file_check+0xc5/0x110 [ 250.999978][ T8242] security_file_post_open+0x8e/0x210 [ 251.005874][ T8242] path_openat+0x1404/0x2cb0 [ 251.010991][ T8242] do_file_open_root+0x322/0x610 [ 251.016453][ T8242] file_open_root+0x2a7/0x450 [ 251.021653][ T8242] kernel_read_file_from_path_initns+0x189/0x260 [ 251.028503][ T8242] _request_firmware+0x744/0x1470 [ 251.034045][ T8242] __async_dev_cache_fw_image+0xb1/0x340 [ 251.040197][ T8242] async_schedule_node_domain+0xd4/0x120 [ 251.046341][ T8242] dev_cache_fw_image+0x38e/0x490 [ 251.051883][ T8242] dpm_for_each_dev+0x5d/0xb0 [ 251.057077][ T8242] fw_pm_notify+0x81/0x150 [ 251.062005][ T8242] notifier_call_chain+0xb9/0x410 [ 251.067546][ T8242] blocking_notifier_call_chain_robust+0xc8/0x160 [ 251.074482][ T8242] pm_notifier_call_chain_robust+0x27/0x60 [ 251.080807][ T8242] snapshot_open+0x218/0x2b0 [ 251.085913][ T8242] misc_open+0x35d/0x420 [ 251.090672][ T8242] chrdev_open+0x234/0x6a0 [ 251.095605][ T8242] do_dentry_open+0x982/0x1530 [ 251.100884][ T8242] vfs_open+0x82/0x3f0 [ 251.105474][ T8242] path_openat+0x1de4/0x2cb0 [ 251.110580][ T8242] do_filp_open+0x20b/0x470 [ 251.115595][ T8242] do_sys_openat2+0x11b/0x1d0 [ 251.120795][ T8242] __x64_sys_openat+0x174/0x210 [ 251.126156][ T8242] do_syscall_64+0xcd/0x4c0 [ 251.131182][ T8242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.137583][ T8242] [ 251.137583][ T8242] other info that might help us debug this: [ 251.137583][ T8242] [ 251.147791][ T8242] Chain exists of: [ 251.147791][ T8242] &ima_iint_mutex_key[depth] --> cpuhp_state-up --> dpm_list_mtx [ 251.147791][ T8242] [ 251.161430][ T8242] Possible unsafe locking scenario: [ 251.161430][ T8242] [ 251.168863][ T8242] CPU0 CPU1 [ 251.174212][ T8242] ---- ---- [ 251.179560][ T8242] lock(dpm_list_mtx); [ 251.183708][ T8242] lock(cpuhp_state-up); [ 251.190545][ T8242] lock(dpm_list_mtx); [ 251.197206][ T8242] lock(&ima_iint_mutex_key[depth]); [ 251.202564][ T8242] [ 251.202564][ T8242] *** DEADLOCK *** [ 251.202564][ T8242] [ 251.210691][ T8242] 5 locks held by syz.1.435/8242: [ 251.215698][ T8242] #0: ffffffff8f307ea8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 251.224150][ T8242] #1: ffffffff8e484b88 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 [ 251.234505][ T8242] #2: ffffffff8e4c4ff0 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160 [ 251.246337][ T8242] #3: ffffffff8f51da28 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 251.254955][ T8242] #4: ffffffff8f518428 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 251.264265][ T8242] [ 251.264265][ T8242] stack backtrace: [ 251.270139][ T8242] CPU: 1 UID: 0 PID: 8242 Comm: syz.1.435 Not tainted syzkaller #0 PREEMPT(full) [ 251.270163][ T8242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 251.270175][ T8242] Call Trace: [ 251.270183][ T8242] [ 251.270191][ T8242] dump_stack_lvl+0x116/0x1f0 [ 251.270222][ T8242] print_circular_bug+0x275/0x350 [ 251.270248][ T8242] check_noncircular+0x14c/0x170 [ 251.270276][ T8242] __lock_acquire+0x12a6/0x1ce0 [ 251.270307][ T8242] lock_acquire+0x179/0x350 [ 251.270332][ T8242] ? process_measurement+0x7e0/0x23e0 [ 251.270354][ T8242] ? __pfx___might_resched+0x10/0x10 [ 251.270377][ T8242] ? process_measurement+0x7e0/0x23e0 [ 251.270396][ T8242] __mutex_lock+0x193/0x1060 [ 251.270426][ T8242] ? process_measurement+0x7e0/0x23e0 [ 251.270449][ T8242] ? __pfx___mutex_lock+0x10/0x10 [ 251.270478][ T8242] ? __pfx___might_resched+0x10/0x10 [ 251.270498][ T8242] ? find_held_lock+0x2b/0x80 [ 251.270517][ T8242] ? down_write+0x14d/0x200 [ 251.270537][ T8242] ? process_measurement+0x7e0/0x23e0 [ 251.270557][ T8242] process_measurement+0x7e0/0x23e0 [ 251.270580][ T8242] ? __pfx_process_measurement+0x10/0x10 [ 251.270603][ T8242] ? find_held_lock+0x2b/0x80 [ 251.270622][ T8242] ? fscrypt_file_open+0x47c/0x590 [ 251.270658][ T8242] ? __pfx___fsnotify_parent+0x10/0x10 [ 251.270678][ T8242] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 251.270702][ T8242] ima_file_check+0xc5/0x110 [ 251.270722][ T8242] ? __pfx_ima_file_check+0x10/0x10 [ 251.270743][ T8242] ? vfs_open+0x2e3/0x3f0 [ 251.270773][ T8242] security_file_post_open+0x8e/0x210 [ 251.270799][ T8242] path_openat+0x1404/0x2cb0 [ 251.270825][ T8242] ? trace_kmem_cache_alloc+0x28/0xc0 [ 251.270855][ T8242] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 251.270883][ T8242] ? __pfx_path_openat+0x10/0x10 [ 251.270907][ T8242] ? __asan_memcpy+0x3c/0x60 [ 251.270929][ T8242] do_file_open_root+0x322/0x610 [ 251.270953][ T8242] ? __pfx_do_file_open_root+0x10/0x10 [ 251.270987][ T8242] ? vsnprintf+0x318/0x1160 [ 251.271015][ T8242] file_open_root+0x2a7/0x450 [ 251.271040][ T8242] ? __pfx_file_open_root+0x10/0x10 [ 251.271063][ T8242] ? find_held_lock+0x2b/0x80 [ 251.271083][ T8242] ? kernel_read_file_from_path_initns+0x17a/0x260 [ 251.271116][ T8242] kernel_read_file_from_path_initns+0x189/0x260 [ 251.271148][ T8242] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 251.271178][ T8242] ? trace_kmem_cache_alloc+0x28/0xc0 [ 251.271208][ T8242] ? _request_firmware+0x503/0x1470 [ 251.271236][ T8242] _request_firmware+0x744/0x1470 [ 251.271266][ T8242] ? __pfx__request_firmware+0x10/0x10 [ 251.271293][ T8242] ? mark_held_locks+0x49/0x80 [ 251.271317][ T8242] ? irqentry_exit+0x3b/0x90 [ 251.271345][ T8242] ? lockdep_hardirqs_on+0x7c/0x110 [ 251.271374][ T8242] __async_dev_cache_fw_image+0xb1/0x340 [ 251.271403][ T8242] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 251.271434][ T8242] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 251.271462][ T8242] async_schedule_node_domain+0xd4/0x120 [ 251.271487][ T8242] dev_cache_fw_image+0x38e/0x490 [ 251.271513][ T8242] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 251.271540][ T8242] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 251.271566][ T8242] dpm_for_each_dev+0x5d/0xb0 [ 251.271588][ T8242] fw_pm_notify+0x81/0x150 [ 251.271611][ T8242] notifier_call_chain+0xb9/0x410 [ 251.271636][ T8242] ? __pfx_fw_pm_notify+0x10/0x10 [ 251.271662][ T8242] blocking_notifier_call_chain_robust+0xc8/0x160 [ 251.271689][ T8242] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 251.271721][ T8242] pm_notifier_call_chain_robust+0x27/0x60 [ 251.271749][ T8242] snapshot_open+0x218/0x2b0 [ 251.271772][ T8242] ? __pfx_snapshot_open+0x10/0x10 [ 251.271796][ T8242] misc_open+0x35d/0x420 [ 251.271820][ T8242] ? __pfx_misc_open+0x10/0x10 [ 251.271842][ T8242] chrdev_open+0x234/0x6a0 [ 251.271867][ T8242] ? __pfx_apparmor_file_open+0x10/0x10 [ 251.271895][ T8242] ? __pfx_chrdev_open+0x10/0x10 [ 251.271920][ T8242] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 251.271944][ T8242] do_dentry_open+0x982/0x1530 [ 251.271968][ T8242] ? __pfx_chrdev_open+0x10/0x10 [ 251.271995][ T8242] vfs_open+0x82/0x3f0 [ 251.272025][ T8242] path_openat+0x1de4/0x2cb0 [ 251.272051][ T8242] ? __pfx_path_openat+0x10/0x10 [ 251.272077][ T8242] do_filp_open+0x20b/0x470 [ 251.272099][ T8242] ? __pfx_do_filp_open+0x10/0x10 [ 251.272131][ T8242] ? alloc_fd+0x471/0x7d0 [ 251.272155][ T8242] do_sys_openat2+0x11b/0x1d0 [ 251.272184][ T8242] ? __pfx_do_sys_openat2+0x10/0x10 [ 251.272219][ T8242] __x64_sys_openat+0x174/0x210 [ 251.272237][ T8242] ? __pfx___x64_sys_openat+0x10/0x10 [ 251.272259][ T8242] do_syscall_64+0xcd/0x4c0 [ 251.272290][ T8242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.272310][ T8242] RIP: 0033:0x7fb206b8eba9 [ 251.272327][ T8242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.272346][ T8242] RSP: 002b:00007fb207a3b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 251.272364][ T8242] RAX: ffffffffffffffda RBX: 00007fb206dd5fa0 RCX: 00007fb206b8eba9 [ 251.272377][ T8242] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 251.272390][ T8242] RBP: 00007fb206c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 251.272403][ T8242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 251.272414][ T8242] R13: 00007fb206dd6038 R14: 00007fb206dd5fa0 R15: 00007ffd34b4e8b8 [ 251.272433][ T8242] [ 255.845841][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.852110][ T1302] ieee802154 phy1 wpan1: encryption failed: -22