last executing test programs: 10.762096682s ago: executing program 2 (id=3045): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mq_timedsend$auto(r2, 0x0, 0x2, 0x9, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) read$auto(r1, 0x0, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) socket(0x22, 0x3, 0x0) sendfile$auto(r0, r4, 0x0, 0x1000200) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x801, 0x106) select$auto(0x5, 0x0, &(0x7f0000000140)={[0x9, 0x8, 0x3, 0x10, 0x3, 0x9, 0x9, 0xff, 0x3, 0x2, 0x2, 0x7, 0x100000001, 0x8000000000000001, 0x4, 0x9]}, 0x0, 0x0) socket(0x11, 0x80000, 0x84) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x460802, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000180)={0x0, 0x3, 0x1830}) write$auto_console_fops_tty_io(r5, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef) 10.640911648s ago: executing program 0 (id=3046): r0 = socket(0x23, 0x3, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000200)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x40098d1}, 0x20009004) write$auto(r0, &(0x7f0000000100)='\x00', 0xfffffffffffffffa) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) memfd_secret$auto(0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x17, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r1, 0x1, &(0x7f0000000000)='-\x00', &(0x7f0000000040), 0x0) setrlimit$auto(0x7ffb, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000340)={0x1045100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r2, 0x0, 0x39b8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/mac80211_hwsim/hwsim14/power/autosuspend_delay_ms\x00', 0x167b02, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/bond0/bonding/arp_ip_target\x00', 0xa0002, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) 10.298463264s ago: executing program 2 (id=3047): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x43102, 0x0) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000180)=""/178, 0xb2) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, 0x0, 0xc040810) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, 0x0, 0x414041, 0x0) setsockopt$auto(0x3, 0x29, 0x46, 0x0, 0x808) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x8000000000002, 0x0, 0x10000000, 0x3) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) write$auto(r2, &(0x7f0000000040)='//\xf2?', 0x80000000) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) shmdt$auto(0x0) read$auto(0xffffffffffffffff, 0x0, 0x20) socket(0x2, 0x801, 0x106) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x6, 0x0) 10.104821352s ago: executing program 1 (id=3048): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mq_timedsend$auto(r2, 0x0, 0x2, 0x9, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) read$auto(r1, 0x0, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) socket(0x22, 0x3, 0x0) sendfile$auto(r0, r4, 0x0, 0x1000200) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000b00)='/dev/cuse\x00', 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x801, 0x106) select$auto(0x5, 0x0, &(0x7f0000000140)={[0x9, 0x8, 0x3, 0x10, 0x3, 0x9, 0x9, 0xff, 0x3, 0x2, 0x2, 0x7, 0x100000001, 0x8000000000000001, 0x4, 0x9]}, 0x0, 0x0) socket(0x11, 0x80000, 0x84) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x460802, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000180)={0x0, 0x3, 0x1830}) 9.586213393s ago: executing program 3 (id=3049): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mq_timedsend$auto(r2, 0x0, 0x2, 0x9, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) read$auto(r1, 0x0, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) socket(0x22, 0x3, 0x0) sendfile$auto(r0, r4, 0x0, 0x1000200) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x801, 0x106) select$auto(0x5, 0x0, &(0x7f0000000140)={[0x9, 0x8, 0x3, 0x10, 0x3, 0x9, 0x9, 0xff, 0x3, 0x2, 0x2, 0x7, 0x100000001, 0x8000000000000001, 0x4, 0x9]}, 0x0, 0x0) socket(0x11, 0x80000, 0x84) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x460802, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000180)={0x0, 0x3, 0x1830}) write$auto_console_fops_tty_io(r5, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef) 9.135219055s ago: executing program 3 (id=3050): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_dev_fops_plock(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181040, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) listen$auto(r0, 0x4d) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder1\x00', 0x240, 0x0) statx$auto(0xffffffffffffffff, 0x0, 0x1000, 0x8, 0x0) close_range$auto(0xffffffffffffffff, 0xa, 0x0) futex_waitv$auto(0x0, 0x3ff, 0x7, 0x0, 0x0) socket(0x18, 0xa, 0x1) unshare$auto(0x40000080) ppoll$auto(0x0, 0x1000200, 0x0, 0x0, 0x8) mmap$auto(0x4, 0xa020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x7ffe) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x80001, 0x0) socket(0x2, 0x3, 0xa) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x28002, 0x0) select$auto(0x4, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttyS0\x00', 0x0, 0x0) rt_sigtimedwait$auto(0x0, 0x0, &(0x7f00000001c0)={0xfffffffffffffff9, 0xeb2f}, 0x8) ioctl$auto_TIOCMSET2(r2, 0x5418, &(0x7f00000001c0)) 9.061397477s ago: executing program 1 (id=3051): write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) close_range$auto(0x0, 0xfffffffffffff000, 0x0) mq_notify$auto(0xffffffffffffffff, &(0x7f0000000180)={@sival_ptr=0x0, @inferred, 0x0, @_sigev_thread={0x0, 0x0}}) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_timedsend$auto(r1, 0x0, 0x2, 0x9, 0x0) 7.50437464s ago: executing program 2 (id=3052): mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/trace_marker\x00', 0x341, 0x0) mmap$auto(0x401000000000, 0x40000004020009, 0xc, 0x15, 0xffffffffffffffff, 0x7ffe) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) r3 = getuid() sendmsg$auto_TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000001c0)={&(0x7f0000002200)=ANY=[@ANYBLOB="901d0000", @ANYRES16, @ANYBLOB, @ANYRES32=r1, @ANYBLOB="5707be7cd8848e7744de2fb3b8bd1dfbcab32ed5616e3e0b305ea367d9c1a760158c9e347046ff09af0a5f8bdb4724075cf1d6f3b30fceabe162bf7d38c2346cdc953da7703957c1acfd0b58c9848d992fd8d3d4ec08040009", @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="04009b800800340000000000000000ab008680040003808352f74ae947fb23c79111bc17b6bf8c6c3d619fc962743d7d14007e000000000000000000000000000000000004001e8027a418ee81d8d4625e800957f968a786b97aee04fe05f579d40c5406fd0d5ef0103e622a30d7ae796f01424e1cee1b2f82b798bd87ce1151af749262a081ccbf323c40080d96e502fc77c2b2b0fd240a6602b1352d77649318b9f91026a21728eb7be75449a5e5d620d983c79b7dc4e8e54200729c70094e951838c6c10d02f507d846b1b09fe0b19842d0f79322ee4d223f6dc68534052022adf30b8b217a692b6e184d0912bbb191ec1ddff9644dcd5c67984d729df9c870a12cd2d0562e8ceae6f8eeda8d3416a8c1f094839f061a4add8fa9044cedd640a014fd2752c2ca03ae256937be3e449f21cfea42723a8109f039b474e345a11a7aabaced775bbeb653270c8e20853679dd1a8f236fcc1c563943a06ab168fb6141682e19907ba333753b79debc5f1f003d80e2a50e9926de63ef942dfb2e3f4ba87020906ef84b514ccb6c18dc00000000fe00058008", @ANYRES32, @ANYBLOB, @ANYRES32=r0, @ANYBLOB="080017009507000006008d007b0000002000db8004001b8014007b00fc0100000000000000000000000000000400d0800400ca000400f380b1ac8cc2f2532445cf4f070f70d7db4240319ce22baa1cf45c6edb6123a7506113f7079cc5befdb7efcda99dac56274f77e6b4ca6b73f565baeef0b044e16f50868aedae53adacfda229944027b08ed35e913361503c477b8a27a558d116498ae75b105aef6daa44b7122d40822b426b7c575fbd2a8c94408c1d9b433df908c397a18891960715dcd2690800078004001a8000008305048074f21ce5a5e37b59bba86390d6a50f13a4e57d6930a27e61bdefaba25562857af34f54bbbf8dea09e7a686e70c823e96714d85668df3e2e9e7f9f4ca706ffd6459535b4d95db88cac6366775fe26b4bbabcdf79f129d7a62a73aa01b0ba3f0841be3c22f5235d97787ed04006700ec8e2fde77cc9bd71b33a7b512814872ac7413ad8314006600ff0100000000000000000000000000018500fa00c73c78455c0a7ca08f4b32c31a1d076653e2cf8b4c301619322c2ff6f53738535c3f71b2416c8b2b9c62fbea50ab0e7758015868ff1d31842799499e6d7cc3a5a4406b1c1686ca977cc478d2f25cc58157dc2f243c84004c1095aa042ddf3b1c22441999a56ee9bebe99594a2702bb9059b51571dfe10e6b159308cd4990becdf2000000147ef978ae28b1ef61321c766aa0a3016c8bc6596d6f3c6a9e9446250e8b86a258e6499b151e464b780fd59260cf4ce97e92aad0cb7a986f7e97491d9969dccae556fc5e507aee23f40c83991fe894a004094302893261344a2d78852392bf3585a819f96cfe3ed7a5fecb572454a7c0b2e676dab4d8d7b2357897fd1777ee5c816efdcd4444df833cc7978c7f54cde157e3cf7ccfa646c7235ab050abed6fd8677a46243793bbf5360b4b0d1a50eec2b37b1349afb4bb1e04dd13ef491943ffa0d4ae24374dc12a6fa2470c00ba006e6c38303231310004d47c0d9b4ad7f8f1ba5e1d4ce660da5746da27992b293af0b807528f50d0e6d2b0b41dda172fac34905fdf98d3a9c40763a69180fb674c8ba86a92a8d5c3ac005422a41b56f551334db5df652458ffba182a702b85d440044379ae1df187237977de397d8bfcf368bf761ceed204113d6ced259b58d060e305d661fba532a3f5e7a54f2194e6f22bfb7dfdd1a44892d2d87ee055110e72df2fd4743cfd5aba77251cf3b95e2c491d1454f3e35526fdb2e0daa740925be684ba711ccffeb3d031df3589a7eff265544c8d585cb4b2898ec8788846f49a21fb36b8db2da2ab1ef9a5025880c500f2008c2f10666443f1ac1a8cc60ad8ddc6a49e9e70c93aa8ecefcc6d50059327ce7606eee6f19670a825d18c98b36652368e2425406316cae751284ed1cee6a102b1784aa20c22843d1414e11dea7129fcc0e01e7d043014ffb1f2d13dd923f12beca055612cf1fb886971986086142fea1f2d8a2c46343e77a69c945859eda4921e04c1b15035eae070bd6fb6c8b83a1951480e0cb6c6c32ec2a90d958ba7bbad5a3f609a38e89b66ea6ea05d5e20383b5aa988fe761fec4bd3ec1b467105714c08fd0000000400a98036ffa99410db814df01973d68db033f4ee87aec2a3892d37ad2087ad0def0d948efa748f812c6d02424d38d8c88e1dd5049980f3ce2f4b66266222d08e96478ed174efeaa00b88389ae193eb30c196206d44b7915e039d40785ac0ddfaa1149b3d82a2e7cd7cf432ecdd877519ce49d7d4d9fc821ba8fb40726714cd8775b0d5af9863379226847e153d5a22ca94d7168c52c09d3e11e1b6c74d4b756dc823dd5ab47f79d75b62c0b872872040582510e6927fd5850e5d784d04002b8021164748b4a166dcf1799e5f9b86dac3fe303aa6feb1fe8e8d167a9e0cf465a586cbce8aa60d7b5fec02ac9310746e4c64fa7fef906e4071bd8ab49b95768cdcb0844158fd5df872be0d60a53a437f76359568956a73a35ef06c847f66eb1b00102b01ddbe1b62edc3626eb08ddce6e4285e41f236f4d73b6349f52cfe47010a6362ea7dcc494290bee854dbb918d06a3ada2227eb6dfb9d1346108d2b08f0e207d195c30fd1f65ecf89789aedc304f22e1d151e0b801572b23685b7e575e6743c184802e0e616fca6283f4011441f1638e96e337587558d698a2edd4e06cde17243e4cf12c44c4bf021fc2dee596bd8da56", @ANYRES32=r3, @ANYRES32, @ANYBLOB="0c001c0006000000000000000800a6000a01010204007580000007020280fd00f980bd303502d572a153126393fcf955a7f3fc4b6effc2938fe89d05c24c13d274de030f62905fda4401fb967408b20b56ddfe2af28a54701b98c669538caf8ea9a9eaf01ab6307a64d7a290268db39ea238256f7e41647035a93ed2b9015bf9febc51c74c9999d055496f461b108e1aab72c2d16af33fb964f55013a250db66c4facb472b056ae66fcadf553973fccc6f067d6b154f45854261a02b42e7371279410e98ba9d5a6fc4b1cde86d2dd4d69fe37565011087d55a49d5f7a44ea78a4e53d4145f", @ANYBLOB="08001200", @ANYRES32=r0, @ANYRES16=r3, @ANYRES32, @ANYBLOB="0000000b00a6002d242940402800003d8dd36080fa7aa05b59b135f2b57c9eda9e52eab69a4c50d5abb614cc556824f73f6691cbca4326fd9b905235abff3f077b5f11cff5ab049e5e24b30acf407b963665f8323be4eecd9e9d9ca15b7561c456b6a8d7b1b6583d8db1671a7cbf986c606cd23097e42e53606aad329982da6d0a14de4362e141689da6e56898d4eecc97defd881a7d2ce5b8a87074f131688557b7a1d8638c0c67e386abf5d922cb90fb9a9ec5715ff287c2ca99a601a00f0146d433caf1aff5bf13395c86eee32620637a3ab607522b6ae1221bb9eac7b3712479e2f8c4a0f821386c3e17ba37e6b1c5df07d6129a6d2353e4d399e55c9fcefe2f2c7ad83c00040004803a000000b0030dea85a2ec43a7936b290b90f49ac78d7bce4ff8f9834e3e1bc51e40efe34a1ce6e0042d61d6c303f58a859d"], 0x1d90}, 0x1, 0x0, 0x0, 0x80}, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) bpf$auto_BPF_PROG_LOAD(0x5, &(0x7f0000000300)=@info={r2, 0x7}, 0x7ff) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) ioctl$auto_VFIO_IOMMU_MAP_DMA(0xffffffffffffffff, 0x3b71, 0x0) 6.357481626s ago: executing program 3 (id=3053): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, r0, 0x0) r2 = socket(0x10, 0x2, 0x4) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r3) read$auto(r3, &(0x7f0000000000)='\x00', 0x91e2) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/fs/ocfs2/cluster_stack\x00', 0x88282, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/disk\x00', 0x100, 0x0) fanotify_init$auto(0x65, 0x2) socket(0x22, 0x3, 0x0) clone$auto(0x7fff, 0xff, 0x0, 0x0, 0x7) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r4, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r2, &(0x7f0000000000)='-\xd3', 0xfdef) 6.123543945s ago: executing program 0 (id=3054): read$auto(0xffffffffffffffff, 0x0, 0x1ff) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x8002, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0xc8, 0x400454de, 0x6f) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x806, 0x81) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1ca142, 0x0) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x78482, 0x0) read$auto(r2, 0x0, 0x1f40) writev$auto(r1, &(0x7f0000000200)={0x0, 0xfff}, 0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x1, 0x8000) getsockopt$auto(r3, 0xffffffff, 0x38, 0xfffffffffffffffe, 0x0) syz_clone(0x5000400, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x88000, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) syz_clone(0x4001000, 0x0, 0x0, 0x0, 0x0, 0x0) 5.943412385s ago: executing program 1 (id=3055): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mq_timedsend$auto(r2, 0x0, 0x2, 0x9, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) read$auto(r1, 0x0, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) socket(0x22, 0x3, 0x0) sendfile$auto(r0, r4, 0x0, 0x1000200) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000b00)='/dev/cuse\x00', 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x801, 0x106) select$auto(0x5, 0x0, &(0x7f0000000140)={[0x9, 0x8, 0x3, 0x10, 0x3, 0x9, 0x9, 0xff, 0x3, 0x2, 0x2, 0x7, 0x100000001, 0x8000000000000001, 0x4, 0x9]}, 0x0, 0x0) socket(0x11, 0x80000, 0x84) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x460802, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000180)={0x0, 0x3, 0x1830}) write$auto_console_fops_tty_io(r5, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef) 5.887197547s ago: executing program 3 (id=3056): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0xa, 0x5, 0x84) setsockopt$auto(r0, 0x10000000084, 0x20, 0x0, 0x7) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae80, 0x0) ioctl$auto(0xffffffffffffffff, 0xae44, 0xffffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptywf\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xb, 0x4, 0x80) unshare$auto(0x40000080) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/slabinfo\x00', 0x0, 0x0) lseek$auto(r1, 0x7fd, 0x1) mmap$auto(0xfffffffffffffffe, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x0) fadvise64$auto(0xffffffffffffffff, 0x0, 0xffffffff80000001, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) msgget$auto(0x0, 0x5) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, 0x0, 0x20602, 0x0) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) msgctl$auto(0x0, 0x0, 0x0) 5.359840134s ago: executing program 2 (id=3057): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x80a040, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0xa, 0x1, 0x84) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/trace\x00', 0x1a6b75d638828712, 0x0) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/free_buffer\x00', 0x4c000, 0xebff) socket(0x2, 0x1, 0x0) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x4e25, @multicast2}, 0x6d) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2, 0x0) read$auto(r0, 0x0, 0x7) write$auto(0xffffffffffffffff, 0x0, 0x2008000000000a9f) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x1, 0x0) socket(0x11, 0x80003, 0x300) sendto$auto(0x3, 0x0, 0xfdef, 0x7, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x20) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0x5, 0x0, 0x8004) sendmsg$auto_CTRL_CMD_GETPOLICY(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c01d}, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000080), 0xffffffffffffffff) 4.91020157s ago: executing program 1 (id=3058): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x2, 0x0) r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x2000000) ioctl$auto_VHOST_SET_VRING_CALL2(r0, 0x4008af21, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r2, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) r3 = socket(0x1d, 0x5, 0x0) syz_genetlink_get_family_id$auto_smbd_genl(0x0, 0xffffffffffffffff) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r3, 0x0, 0x30004850) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x4b47, 0x1) mmap$auto(0x0, 0x404008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = open(&(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x80400, 0xb5d1af1605322ddc) r6 = open_by_handle_at$auto(r5, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) sendfile$auto(r6, r5, 0x0, 0x2) io_uring_setup$auto(0xd364, &(0x7f0000000000)={0x3fe, 0x10002, 0x7d, 0x3, 0x5, 0x5, 0xffffffffffffffff, [], {0x0, 0x10, 0x6, 0x6, 0x40, 0x4, 0x7, 0x7, 0x80000000}, {0x7, 0x4, 0x80000001, 0x8, 0x6b, 0x5, 0x0, 0xfffffffa, 0xb0}}) 4.884332464s ago: executing program 0 (id=3059): ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f00000000c0)={0x4, &(0x7f0000000080)={0x4, 0x9, 0x1, @raw=0x2}}) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000100)="da518ed75fcc9f1a8be03501757c05ab6f5a5b36148695b3115a77b09872bf8a5e4c18ed50fc7653bb12525189093819ba59de56fb2504684cfb4f2a2fd2f9f6e2b9418bd2758adb0f57e8ddd982db4206c2b33c55455cfc5dfe1ddc725fd46849d1dcb59678cc1f78ecec38868c1f514ed226e66821923de93165e2805e2e89f8c1d14629e9cea74e8bb76297e617accc6b9d824259b5bd3f6c8068692e8580b1ad399ee8818c436111bd3f", 0xac) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000180), 0x7}, 0x4) mmap$auto(0x0, 0x6, 0x1ff, 0x14, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000000)=@can={0x1d, r2}, 0x67) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) unshare$auto(0x40000080) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000b00), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x38, r5, 0xc1b, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x7a5}, [@GTPA_VERSION={0x8}, @GTPA_FLOW={0x6, 0x6, 0x7}, @GTPA_LINK={0x8, 0x1, 0xfffffff8}, @GTPA_TID={0xc, 0x3, 0x8000000000000000}]}, 0x38}, 0x1, 0x0, 0x0, 0x4080}, 0x800) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3f0000f5) write$auto(0x3, 0x0, 0xffd8) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) sendmsg$auto_GTP_CMD_ECHOREQ(0xffffffffffffffff, 0x0, 0x80) mq_timedsend$auto(0xffffffffffffffff, &(0x7f0000000040)='@*!:}\xc1-.!\\u\x95E\x97\',-\x00', 0x2, 0x4, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f00) 3.954468036s ago: executing program 2 (id=3060): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x5, 0x84) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae80, 0x0) ioctl$auto(r0, 0xae44, 0xffffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptywf\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xb, 0x4, 0x80) unshare$auto(0x40000080) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/slabinfo\x00', 0x0, 0x0) lseek$auto(r1, 0x7fd, 0x1) mmap$auto(0xfffffffffffffffe, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x0) fadvise64$auto(0xffffffffffffffff, 0x0, 0xffffffff80000001, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) msgget$auto(0x0, 0x5) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, 0x0, 0x20602, 0x0) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) msgctl$auto(0x0, 0x0, 0x0) 2.458654004s ago: executing program 0 (id=3061): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x1d, 0x2, 0x6) setsockopt$auto(r0, 0x6a, 0x4000002, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/modules\x00', 0x3cb001, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x242e40, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r1, 0x540a, 0x0) unshare$auto(0x40000080) unshare$auto(0x6) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/statistics/dot11RTSSuccessCount\x00', 0x800, 0x0) link$auto(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xa, 0x5, 0x84) init_module$auto(0x0, 0xffff9, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/dynamic_events\x00', 0x201, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r2 = waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x3, 0x0) prctl$auto(0x7, 0x4, r2, 0xffffffffffffffff, 0x6) write$auto(0x3, 0x0, 0x100082) semtimedop$auto(0x0, &(0x7f0000000340)={0x1, 0x1ff, 0x10}, 0x9, &(0x7f0000000380)={0x6, 0x5}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) 2.327896544s ago: executing program 3 (id=3062): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mq_timedsend$auto(r2, 0x0, 0x2, 0x9, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) read$auto(r1, 0x0, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) socket(0x22, 0x3, 0x0) sendfile$auto(r0, r4, 0x0, 0x1000200) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x801, 0x106) select$auto(0x5, 0x0, &(0x7f0000000140)={[0x9, 0x8, 0x3, 0x10, 0x3, 0x9, 0x9, 0xff, 0x3, 0x2, 0x2, 0x7, 0x100000001, 0x8000000000000001, 0x4, 0x9]}, 0x0, 0x0) socket(0x11, 0x80000, 0x84) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x460802, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000180)={0x0, 0x3, 0x1830}) write$auto_console_fops_tty_io(r5, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef) 2.260751646s ago: executing program 2 (id=3063): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4bfa, 0x1) r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r1, 0x400, 0x1) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x20, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000850}, 0xc08c) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r3 = socket$nl_generic(0x10, 0x3, 0x10) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r4 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r4, 0x0, 0x4) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="a001ee", @ANYRES16=r2, @ANYBLOB], 0x1a0}, 0x1, 0x0, 0x0, 0x4040004}, 0x24048000) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000300), r3) 1.576802177s ago: executing program 3 (id=3064): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x5, 0x4, 0x7) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x42800, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x22002, 0x0) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/mem\x00', 0x200, 0x0) read$auto_proc_mem_operations_base(r0, &(0x7f0000000200)=""/81, 0x51) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2, 0x80002, 0x73) r2 = io_uring_setup$auto(0x406, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, 0x0, 0x80) getrandom$auto(0x0, 0x6000000, 0x3) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) io_uring_enter$auto(r2, 0x7, 0x7ffffffb, 0x3, 0x0, 0x3) move_pages$auto(0x0, 0xa, 0x0, 0x0, 0x0, 0x2) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(0xffffffffffffffff, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000280)={0x14, r3, 0xf3e97f51700e57cf, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8020) acct$auto(&(0x7f0000000180)=':.\xf8}/\x00') ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r2, 0x7ab, 0x0) io_uring_enter$auto(0x3, 0x5, 0x5f3, 0x3, 0x0, 0x2) write$auto(0x3, 0x0, 0x70) 1.367813146s ago: executing program 0 (id=3065): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31) mmap$auto(0x9, 0x200, 0x4, 0x18, 0x3, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x81) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000100), 0x80080, 0x0) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x24048084) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x2ab01, 0x0) ioctl$auto_USBDEVFS_DROP_PRIVILEGES(r1, 0x4004551e, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d190eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eaf240963110d61771552c03de65800", 0x2}) ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) socket(0x11, 0x80003, 0x300) 1.222865257s ago: executing program 1 (id=3066): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r0 = socket(0xa, 0x5, 0x84) setsockopt$auto(r0, 0x10000000084, 0x20, 0x0, 0x7) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae80, 0x0) ioctl$auto(0xffffffffffffffff, 0xae44, 0xffffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptywf\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xb, 0x4, 0x80) unshare$auto(0x40000080) r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/slabinfo\x00', 0x0, 0x0) lseek$auto(r1, 0x7fd, 0x1) mmap$auto(0xfffffffffffffffe, 0x580f, 0x112f4a03, 0x8000000008011, 0x3, 0x0) fadvise64$auto(0xffffffffffffffff, 0x0, 0xffffffff80000001, 0x8) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xe0002, 0x0) msgget$auto(0x0, 0x5) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, 0x0, 0x20602, 0x0) msgsnd$auto(0x0, &(0x7f0000000040)={0x5}, 0x1000, 0x4) msgctl$auto(0x0, 0x0, 0x0) 218.0264ms ago: executing program 1 (id=3067): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mq_timedsend$auto(r2, 0x0, 0x2, 0x9, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) read$auto(r1, 0x0, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) socket(0x22, 0x3, 0x0) sendfile$auto(r0, r4, 0x0, 0x1000200) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000b00)='/dev/cuse\x00', 0x0, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x801, 0x106) select$auto(0x5, 0x0, &(0x7f0000000140)={[0x9, 0x8, 0x3, 0x10, 0x3, 0x9, 0x9, 0xff, 0x3, 0x2, 0x2, 0x7, 0x100000001, 0x8000000000000001, 0x4, 0x9]}, 0x0, 0x0) socket(0x11, 0x80000, 0x84) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x460802, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000180)={0x0, 0x3, 0x1830}) write$auto_console_fops_tty_io(r5, &(0x7f0000000000)="c80d1b5d399b3f", 0xfdef) 0s ago: executing program 0 (id=3068): socket(0x6, 0x3, 0x37) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x26, 0x5, 0x8c68) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/midi2\x00', 0x101e41, 0x0) ioperm$auto(0x4, 0x100000001, 0x4000005) futex_waitv$auto(0x0, 0x7ff, 0x8, &(0x7f00000000c0)={0x1000000004, 0x10}, 0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x74c40, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x800, 0x8000009, 0x1, 0x19, 0xffffffffffffffff, 0x100000000000008) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x7, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r4 = ioctl$auto_TUNATTACHFILTER(r0, 0x401054d5, 0x0) ioctl$auto_virtual_ncidev_fops_virtual_ncidev(r4, 0x6, 0x0) r5 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r5, 0x40146f2c, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000100), 0x101000, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x50ba82, 0x0) unshare$auto(0x40000080) setsockopt$auto(r1, 0xd0, 0x800000e4, 0x0, 0x569) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.170' (ED25519) to the list of known hosts. [ 90.739746][ T5809] cgroup: Unknown subsys name 'net' [ 90.876721][ T5809] cgroup: Unknown subsys name 'cpuset' [ 90.886293][ T5809] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 92.703561][ T5809] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 94.726997][ T5823] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 94.739488][ T5823] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 94.749393][ T5823] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 94.760547][ T5823] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 94.768751][ T5823] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 94.880952][ T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 94.890542][ T51] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 94.910652][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 94.918598][ T5827] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 94.926992][ T5830] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 94.930161][ T5827] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 94.938653][ T5830] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 94.945143][ T5827] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 94.950529][ T5830] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 94.957315][ T5827] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 94.968889][ T5830] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.009487][ T5823] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.018113][ T5823] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.027010][ T5823] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 95.036544][ T5823] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 95.596772][ T5820] chnl_net:caif_netlink_parms(): no params data found [ 95.651986][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 95.681985][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 95.818011][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 95.950547][ T5820] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.958110][ T5820] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.966490][ T5820] bridge_slave_0: entered allmulticast mode [ 95.974348][ T5820] bridge_slave_0: entered promiscuous mode [ 96.003352][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.010606][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.017801][ T5826] bridge_slave_0: entered allmulticast mode [ 96.025908][ T5826] bridge_slave_0: entered promiscuous mode [ 96.034708][ T5820] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.042035][ T5820] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.049483][ T5820] bridge_slave_1: entered allmulticast mode [ 96.056956][ T5820] bridge_slave_1: entered promiscuous mode [ 96.084122][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.091344][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.098579][ T5826] bridge_slave_1: entered allmulticast mode [ 96.106437][ T5826] bridge_slave_1: entered promiscuous mode [ 96.126144][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.133654][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.140971][ T5825] bridge_slave_0: entered allmulticast mode [ 96.149365][ T5825] bridge_slave_0: entered promiscuous mode [ 96.210529][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.218291][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.226723][ T5825] bridge_slave_1: entered allmulticast mode [ 96.236214][ T5825] bridge_slave_1: entered promiscuous mode [ 96.277367][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.291276][ T5820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.328372][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.353981][ T5820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.366114][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.376010][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.383493][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.390940][ T5831] bridge_slave_0: entered allmulticast mode [ 96.398323][ T5831] bridge_slave_0: entered promiscuous mode [ 96.433473][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.443784][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.451124][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.458313][ T5831] bridge_slave_1: entered allmulticast mode [ 96.466082][ T5831] bridge_slave_1: entered promiscuous mode [ 96.477940][ T5826] team0: Port device team_slave_0 added [ 96.520871][ T5826] team0: Port device team_slave_1 added [ 96.540912][ T5820] team0: Port device team_slave_0 added [ 96.550315][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.586789][ T5820] team0: Port device team_slave_1 added [ 96.595155][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.607074][ T5825] team0: Port device team_slave_0 added [ 96.615506][ T5825] team0: Port device team_slave_1 added [ 96.647456][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.654918][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.681052][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.736123][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.743544][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.769886][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.814351][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.821861][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.822753][ T51] Bluetooth: hci0: command tx timeout [ 96.851963][ T5820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.867297][ T5820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 96.874496][ T5820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.900885][ T5820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 96.915203][ T5831] team0: Port device team_slave_0 added [ 96.921718][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 96.928712][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 96.954930][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 96.977303][ T5831] team0: Port device team_slave_1 added [ 96.995468][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.002744][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.029220][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.059484][ T51] Bluetooth: hci1: command tx timeout [ 97.059496][ T5823] Bluetooth: hci2: command tx timeout [ 97.107426][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.114542][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.141136][ T51] Bluetooth: hci3: command tx timeout [ 97.148360][ T1210] cfg80211: failed to load regulatory.db [ 97.154383][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.194918][ T5826] hsr_slave_0: entered promiscuous mode [ 97.201624][ T5826] hsr_slave_1: entered promiscuous mode [ 97.210916][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.217924][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.244506][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.310975][ T5820] hsr_slave_0: entered promiscuous mode [ 97.317541][ T5820] hsr_slave_1: entered promiscuous mode [ 97.324677][ T5820] debugfs: 'hsr0' already exists in 'hsr' [ 97.330678][ T5820] Cannot create hsr debugfs directory [ 97.344055][ T5825] hsr_slave_0: entered promiscuous mode [ 97.350759][ T5825] hsr_slave_1: entered promiscuous mode [ 97.357026][ T5825] debugfs: 'hsr0' already exists in 'hsr' [ 97.362869][ T5825] Cannot create hsr debugfs directory [ 97.487058][ T5831] hsr_slave_0: entered promiscuous mode [ 97.497176][ T5831] hsr_slave_1: entered promiscuous mode [ 97.503916][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 97.510681][ T5831] Cannot create hsr debugfs directory [ 97.962353][ T5826] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 97.980895][ T5826] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 97.992702][ T5826] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.014706][ T5826] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.094548][ T5820] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.116435][ T5820] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.141534][ T5820] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.153404][ T5820] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.245002][ T5825] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.256844][ T5825] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.272749][ T5825] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.284860][ T5825] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.362352][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.422407][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 98.435735][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 98.453715][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 98.466687][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.492142][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.536964][ T635] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.544427][ T635] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.571311][ T635] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.578470][ T635] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.658449][ T5820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.732150][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.757212][ T5820] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.804184][ T635] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.811501][ T635] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.826868][ T635] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.834201][ T635] bridge0: port 2(bridge_slave_1) entered forwarding state [ 98.846510][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 98.902876][ T51] Bluetooth: hci0: command tx timeout [ 98.920600][ T635] bridge0: port 1(bridge_slave_0) entered blocking state [ 98.927821][ T635] bridge0: port 1(bridge_slave_0) entered forwarding state [ 98.950652][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 98.957879][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.089064][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.140760][ T51] Bluetooth: hci2: command tx timeout [ 99.140791][ T5823] Bluetooth: hci1: command tx timeout [ 99.190716][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.219791][ T5823] Bluetooth: hci3: command tx timeout [ 99.224221][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.232505][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.267475][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.294313][ T143] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.301570][ T143] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.456146][ T5826] veth0_vlan: entered promiscuous mode [ 99.496576][ T5826] veth1_vlan: entered promiscuous mode [ 99.581213][ T5820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.607239][ T5826] veth0_macvtap: entered promiscuous mode [ 99.645961][ T5826] veth1_macvtap: entered promiscuous mode [ 99.702957][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.724012][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.742476][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.802466][ T1084] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.818528][ T1084] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.845461][ T1084] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.855874][ T1084] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.885308][ T5820] veth0_vlan: entered promiscuous mode [ 99.961096][ T5825] veth0_vlan: entered promiscuous mode [ 99.972101][ T5820] veth1_vlan: entered promiscuous mode [ 99.995317][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.038658][ T5825] veth1_vlan: entered promiscuous mode [ 100.108181][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.138102][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.191836][ T5820] veth0_macvtap: entered promiscuous mode [ 100.206593][ T5820] veth1_macvtap: entered promiscuous mode [ 100.221850][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.231147][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.238915][ T5831] veth0_vlan: entered promiscuous mode [ 100.275224][ T5831] veth1_vlan: entered promiscuous mode [ 100.296893][ T5825] veth0_macvtap: entered promiscuous mode [ 100.314395][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.330838][ T5825] veth1_macvtap: entered promiscuous mode [ 100.353233][ T5826] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 100.378909][ T5820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.422401][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.451169][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.489893][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.513992][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.521703][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.545654][ T5831] veth0_macvtap: entered promiscuous mode [ 100.565624][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.641220][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.668707][ T5831] veth1_macvtap: entered promiscuous mode [ 100.712156][ T635] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.800766][ T635] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.810537][ T635] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.827414][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.850490][ T635] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.896536][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.980695][ T5823] Bluetooth: hci0: command tx timeout [ 101.012674][ T1084] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.033800][ T1084] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.050666][ T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.067483][ T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.110783][ T1084] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.160420][ T1084] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.219871][ T5823] Bluetooth: hci2: command tx timeout [ 101.220701][ T51] Bluetooth: hci1: command tx timeout [ 101.236983][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.259689][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.288038][ T635] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.299873][ T51] Bluetooth: hci3: command tx timeout [ 101.319580][ T635] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.400132][ T1084] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.412620][ T1084] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.678470][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.776031][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.849499][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.858088][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.867203][ T5919] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 103.062144][ T51] Bluetooth: hci0: command tx timeout [ 103.300165][ T51] Bluetooth: hci1: command tx timeout [ 103.302281][ T5823] Bluetooth: hci2: command tx timeout [ 103.380812][ T5823] Bluetooth: hci3: command tx timeout [ 103.751105][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.962924][ T5958] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 104.009328][ T30] audit: type=1804 audit(1772545901.537:2): pid=5958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.14" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 104.369485][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.622829][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 104.659996][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 104.739874][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 104.827643][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 104.859690][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.930019][ T0] NOHZ tick-stop error: local softirq work is pending, handler #342!!! [ 104.940802][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 105.190129][ T5974] FAULT_INJECTION: forcing a failure. [ 105.190129][ T5974] name failslab, interval 1, probability 0, space 0, times 1 [ 105.203234][ T5974] CPU: 1 UID: 0 PID: 5974 Comm: syz.1.18 Not tainted syzkaller #0 PREEMPT(full) [ 105.203276][ T5974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 105.203302][ T5974] Call Trace: [ 105.203312][ T5974] [ 105.203327][ T5974] dump_stack_lvl+0x100/0x190 [ 105.203386][ T5974] should_fail_ex.cold+0x5/0xa [ 105.203438][ T5974] should_failslab+0xc2/0x120 [ 105.203469][ T5974] __kvmalloc_node_noprof+0xfa/0xa00 [ 105.203516][ T5974] ? io_alloc_cache_init+0x38/0x170 [ 105.203567][ T5974] io_alloc_cache_init+0x38/0x170 [ 105.203611][ T5974] io_rsrc_cache_init+0x40/0x50 [ 105.203650][ T5974] io_uring_setup.cold+0x43d/0x1d09 [ 105.203699][ T5974] ? __pfx_io_uring_setup+0x10/0x10 [ 105.203735][ T5974] ? do_futex+0x192/0x350 [ 105.203775][ T5974] ? __pfx_do_futex+0x10/0x10 [ 105.203810][ T5974] ? __pfx_do_sys_openat2+0x10/0x10 [ 105.203866][ T5974] ? xfd_validate_state+0x129/0x190 [ 105.203923][ T5974] __x64_sys_io_uring_setup+0xc2/0x170 [ 105.203964][ T5974] do_syscall_64+0x106/0xf80 [ 105.204004][ T5974] ? clear_bhb_loop+0x40/0x90 [ 105.204048][ T5974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.204082][ T5974] RIP: 0033:0x7fe1b299c799 [ 105.204110][ T5974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 105.204148][ T5974] RSP: 002b:00007fe1b3907028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 105.204180][ T5974] RAX: ffffffffffffffda RBX: 00007fe1b2c15fa0 RCX: 00007fe1b299c799 [ 105.204201][ T5974] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005 [ 105.204218][ T5974] RBP: 00007fe1b2a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 105.204235][ T5974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 105.204252][ T5974] R13: 00007fe1b2c16038 R14: 00007fe1b2c15fa0 R15: 00007fffe8bd8398 [ 105.204291][ T5974] [ 105.950235][ T5981] Zero length message leads to an empty skb [ 106.185827][ T5985] random: crng reseeded on system resumption [ 106.888240][ T5989] zswap: compressor not available [ 107.148907][ T6001] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 108.612083][ T6019] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 109.569909][ T6033] netlink: 25 bytes leftover after parsing attributes in process `syz.0.30'. [ 109.948038][ T6038] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 110.012116][ T6041] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 111.427108][ T6062] mmap: syz.2.37 (6062) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 113.023710][ T6087] netlink: 252 bytes leftover after parsing attributes in process `syz.0.44'. [ 113.036872][ T6087] netlink: 252 bytes leftover after parsing attributes in process `syz.0.44'. [ 116.267587][ T6135] FAULT_INJECTION: forcing a failure. [ 116.267587][ T6135] name failslab, interval 1, probability 0, space 0, times 0 [ 116.333667][ T6135] CPU: 1 UID: 0 PID: 6135 Comm: syz.1.52 Not tainted syzkaller #0 PREEMPT(full) [ 116.333718][ T6135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 116.333733][ T6135] Call Trace: [ 116.333742][ T6135] [ 116.333752][ T6135] dump_stack_lvl+0x100/0x190 [ 116.333798][ T6135] should_fail_ex.cold+0x5/0xa [ 116.333829][ T6135] should_failslab+0xc2/0x120 [ 116.333855][ T6135] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 116.333894][ T6135] ? acpi_ut_create_generic_state+0x61/0xc0 [ 116.333936][ T6135] ? __pfx_acpi_ut_trace+0x10/0x10 [ 116.333963][ T6135] acpi_ut_create_generic_state+0x61/0xc0 [ 116.334004][ T6135] acpi_ps_init_scope+0x3a/0x240 [ 116.334103][ T6135] acpi_ds_init_aml_walk+0x1f6/0x680 [ 116.334150][ T6135] acpi_ds_call_control_method+0x3a2/0xab0 [ 116.334192][ T6135] acpi_ps_parse_aml+0xacd/0x1120 [ 116.334242][ T6135] acpi_ps_execute_method+0x5c4/0xe90 [ 116.334275][ T6135] acpi_ns_evaluate+0x640/0x1670 [ 116.334309][ T6135] acpi_evaluate_object+0x420/0xe00 [ 116.334344][ T6135] ? kasan_save_stack+0x30/0x50 [ 116.334382][ T6135] ? kasan_save_track+0x14/0x30 [ 116.334425][ T6135] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 116.334471][ T6135] acpi_evaluate_integer+0xdf/0x220 [ 116.334521][ T6135] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 116.334567][ T6135] ? __pfx_status_show+0x10/0x10 [ 116.334602][ T6135] status_show+0xa0/0x120 [ 116.334638][ T6135] ? __pfx_status_show+0x10/0x10 [ 116.334681][ T6135] dev_attr_show+0x52/0xa0 [ 116.334725][ T6135] ? __pfx_dev_attr_show+0x10/0x10 [ 116.334764][ T6135] sysfs_kf_seq_show+0x217/0x3a0 [ 116.334802][ T6135] seq_read_iter+0x32f/0x1270 [ 116.334854][ T6135] kernfs_fop_read_iter+0x46c/0x610 [ 116.334882][ T6135] ? rw_verify_area+0xce/0x6d0 [ 116.334917][ T6135] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 116.334946][ T6135] vfs_read+0x825/0xb30 [ 116.334989][ T6135] ? __pfx_vfs_read+0x10/0x10 [ 116.335079][ T6135] ksys_read+0x12a/0x250 [ 116.335120][ T6135] ? __pfx_ksys_read+0x10/0x10 [ 116.335169][ T6135] do_syscall_64+0x106/0xf80 [ 116.335199][ T6135] ? clear_bhb_loop+0x40/0x90 [ 116.335231][ T6135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.335258][ T6135] RIP: 0033:0x7fe1b299c799 [ 116.335279][ T6135] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 116.335303][ T6135] RSP: 002b:00007fe1b3907028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 116.335328][ T6135] RAX: ffffffffffffffda RBX: 00007fe1b2c15fa0 RCX: 00007fe1b299c799 [ 116.335345][ T6135] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 116.335360][ T6135] RBP: 00007fe1b2a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 116.335375][ T6135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 116.335390][ T6135] R13: 00007fe1b2c16038 R14: 00007fe1b2c15fa0 R15: 00007fffe8bd8398 [ 116.335422][ T6135] [ 116.335616][ T6135] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 118.514765][ T6168] netlink: 28 bytes leftover after parsing attributes in process `syz.1.59'. [ 119.438512][ T6177] netlink: 330 bytes leftover after parsing attributes in process `syz.0.62'. [ 120.301125][ T6187] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input5 [ 120.900370][ T6192] netlink: 330 bytes leftover after parsing attributes in process `syz.0.66'. [ 120.910453][ T6192] ›: renamed from bond_slave_0 (while UP) [ 120.932814][ T6192] netlink: 330 bytes leftover after parsing attributes in process `syz.0.66'. [ 123.421696][ T6238] random: crng reseeded on system resumption [ 123.529312][ T6238] hub 1-0:1.0: USB hub found [ 123.543623][ T6238] hub 1-0:1.0: 1 port detected [ 123.985661][ T6245] ubi0: attaching mtd0 [ 124.050656][ T6245] ubi0: scanning is finished [ 124.055433][ T6245] ubi0: empty MTD device detected [ 124.583246][ T6245] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 124.659229][ T6245] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 124.819183][ T6245] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 124.826230][ T6245] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 124.909282][ T6245] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 124.916148][ T6245] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 124.935395][ T6245] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1528373583 [ 124.966137][ T6245] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 125.028435][ T6255] ubi0: background thread "ubi_bgt0d" started, PID 6255 [ 125.030331][ T6246] ubi0: detaching mtd0 [ 125.157198][ T6246] ubi0: mtd0 is detached [ 127.299963][ T6284] netlink: 4 bytes leftover after parsing attributes in process `syz.0.88'. [ 127.327381][ T6284] netlink: 13 bytes leftover after parsing attributes in process `syz.0.88'. [ 131.775371][ T6361] futex_wake_op: syz.2.106 tries to shift op by -2048; fix this program [ 131.815437][ T6364] syz.1.108 uses obsolete (PF_INET,SOCK_PACKET) [ 131.828951][ T6366] netlink: 50 bytes leftover after parsing attributes in process `syz.0.107'. [ 131.977327][ T6355] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 131.984357][ T6355] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 132.084744][ T6355] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 132.137135][ T6355] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 132.149368][ T6355] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 132.204600][ T6355] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 132.257495][ T6355] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 132.273610][ T6355] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 132.630474][ T6355] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 132.716395][ T6355] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 132.731817][ T6355] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 132.796305][ T6355] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 132.999228][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.005861][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.072557][ T6373] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 133.709686][ T5823] Bluetooth: hci0: command 0x0c1a tx timeout [ 134.180194][ T5823] Bluetooth: hci1: command 0x0c1a tx timeout [ 134.290141][ T5823] Bluetooth: hci2: command 0x0c1a tx timeout [ 134.741407][ T5823] Bluetooth: hci3: command 0x0c1a tx timeout [ 134.774282][ T6402] netlink: 'syz.2.119': attribute type 4 has an invalid length. [ 134.784196][ T6402] netlink: 'syz.2.119': attribute type 5 has an invalid length. [ 134.792032][ T6402] netlink: 10 bytes leftover after parsing attributes in process `syz.2.119'. [ 135.780494][ T5823] Bluetooth: hci0: command 0x0c1a tx timeout [ 136.266970][ T5823] Bluetooth: hci1: command 0x0c1a tx timeout [ 136.346349][ T5823] Bluetooth: hci2: command 0x0c1a tx timeout [ 136.827711][ T5823] Bluetooth: hci3: command 0x0c1a tx timeout [ 137.859330][ T5823] Bluetooth: hci0: command 0x0c1a tx timeout [ 138.290904][ T6452] forcing mempool usage for __sg_alloc_table+0x250/0x490 [ 138.339207][ T5823] Bluetooth: hci1: command 0x0c1a tx timeout [ 138.429740][ T5823] Bluetooth: hci2: command 0x0c1a tx timeout [ 138.909603][ T5823] Bluetooth: hci3: command 0x0c1a tx timeout [ 145.093474][ T6556] FAULT_INJECTION: forcing a failure. [ 145.093474][ T6556] name failslab, interval 1, probability 0, space 0, times 0 [ 145.107503][ T6556] CPU: 0 UID: 0 PID: 6556 Comm: syz.3.146 Not tainted syzkaller #0 PREEMPT(full) [ 145.107551][ T6556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 145.107573][ T6556] Call Trace: [ 145.107585][ T6556] [ 145.107598][ T6556] dump_stack_lvl+0x100/0x190 [ 145.107666][ T6556] should_fail_ex.cold+0x5/0xa [ 145.107708][ T6556] ? usb_hcd_submit_urb+0x601/0x2150 [ 145.107758][ T6556] should_failslab+0xc2/0x120 [ 145.107793][ T6556] __kmalloc_noprof+0xe0/0x850 [ 145.107852][ T6556] ? mark_held_locks+0x40/0x70 [ 145.107903][ T6556] usb_hcd_submit_urb+0x601/0x2150 [ 145.107969][ T6556] usb_submit_urb+0x8aa/0x1910 [ 145.108010][ T6556] ? __init_swait_queue_head+0xca/0x150 [ 145.108067][ T6556] usb_start_wait_urb+0x106/0x4c0 [ 145.108104][ T6556] ? __pfx_usb_start_wait_urb+0x10/0x10 [ 145.108154][ T6556] ? __asan_memset+0x23/0x50 [ 145.108209][ T6556] usb_control_msg+0x326/0x4a0 [ 145.108251][ T6556] ? __pfx_usb_control_msg+0x10/0x10 [ 145.108284][ T6556] ? kernfs_find_and_get_ns+0x5f/0x70 [ 145.108352][ T6556] usb_hub_set_port_power+0x125/0x180 [ 145.108401][ T6556] disable_store+0x2eb/0x450 [ 145.108445][ T6556] ? __pfx_disable_store+0x10/0x10 [ 145.108485][ T6556] ? find_held_lock+0x2b/0x80 [ 145.108515][ T6556] ? sysfs_file_kobj+0xe4/0x290 [ 145.108553][ T6556] ? sysfs_file_kobj+0xe4/0x290 [ 145.108596][ T6556] ? __pfx_disable_store+0x10/0x10 [ 145.108633][ T6556] dev_attr_store+0x58/0x80 [ 145.108685][ T6556] ? __pfx_dev_attr_store+0x10/0x10 [ 145.108737][ T6556] sysfs_kf_write+0xf2/0x150 [ 145.108781][ T6556] kernfs_fop_write_iter+0x3e0/0x5f0 [ 145.108815][ T6556] ? __pfx_sysfs_kf_write+0x10/0x10 [ 145.108866][ T6556] vfs_write+0x6ac/0x1070 [ 145.108922][ T6556] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 145.108962][ T6556] ? __pfx_vfs_write+0x10/0x10 [ 145.109044][ T6556] ksys_write+0x12a/0x250 [ 145.109099][ T6556] ? __pfx_ksys_write+0x10/0x10 [ 145.109162][ T6556] do_syscall_64+0x106/0xf80 [ 145.109202][ T6556] ? clear_bhb_loop+0x40/0x90 [ 145.109243][ T6556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.109277][ T6556] RIP: 0033:0x7ff12f19c799 [ 145.109312][ T6556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 145.109343][ T6556] RSP: 002b:00007ff130104028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 145.109374][ T6556] RAX: ffffffffffffffda RBX: 00007ff12f415fa0 RCX: 00007ff12f19c799 [ 145.109395][ T6556] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 145.109415][ T6556] RBP: 00007ff12f232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 145.109435][ T6556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 145.109455][ T6556] R13: 00007ff12f416038 R14: 00007ff12f415fa0 R15: 00007ffefd463468 [ 145.109501][ T6556] [ 145.475834][ T6561] netlink: 4 bytes leftover after parsing attributes in process `syz.3.146'. [ 145.490160][ T6561] netlink: 17 bytes leftover after parsing attributes in process `syz.3.146'. [ 145.987535][ T6571] forcing mempool usage for bio_alloc_bioset+0x392/0x850 [ 146.649755][ T6579] netlink: 'syz.3.154': attribute type 29 has an invalid length. [ 146.664497][ T6579] netlink: 'syz.3.154': attribute type 30 has an invalid length. [ 146.672674][ T6579] netlink: 'syz.3.154': attribute type 31 has an invalid length. [ 146.681292][ T6579] netlink: 'syz.3.154': attribute type 32 has an invalid length. [ 146.714617][ T6579] netlink: 'syz.3.154': attribute type 33 has an invalid length. [ 146.733041][ T6579] netlink: 'syz.3.154': attribute type 35 has an invalid length. [ 146.768329][ T6579] netlink: 'syz.3.154': attribute type 37 has an invalid length. [ 146.808545][ T6579] netlink: 18 bytes leftover after parsing attributes in process `syz.3.154'. [ 147.548735][ T6582] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 147.555755][ T6582] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 147.564852][ T6582] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 147.654425][ T6582] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 147.781382][ T6597] FAULT_INJECTION: forcing a failure. [ 147.781382][ T6597] name failslab, interval 1, probability 0, space 0, times 0 [ 147.865408][ T6597] CPU: 1 UID: 0 PID: 6597 Comm: syz.2.158 Not tainted syzkaller #0 PREEMPT(full) [ 147.865454][ T6597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 147.865475][ T6597] Call Trace: [ 147.865486][ T6597] [ 147.865499][ T6597] dump_stack_lvl+0x100/0x190 [ 147.865558][ T6597] should_fail_ex.cold+0x5/0xa [ 147.865598][ T6597] ? group_cpus_evenly+0xec/0x660 [ 147.865645][ T6597] should_failslab+0xc2/0x120 [ 147.865680][ T6597] __kmalloc_noprof+0xe0/0x850 [ 147.865741][ T6597] group_cpus_evenly+0xec/0x660 [ 147.865798][ T6597] ? __pfx_group_cpus_evenly+0x10/0x10 [ 147.865866][ T6597] blk_mq_map_queues+0x9d/0x430 [ 147.865907][ T6597] ? __pfx_blk_mq_map_queues+0x10/0x10 [ 147.865941][ T6597] ? rcu_is_watching+0x12/0xc0 [ 147.865994][ T6597] ? trace_kmalloc+0x101/0x130 [ 147.866028][ T6597] ? __kasan_kmalloc+0xaa/0xb0 [ 147.866088][ T6597] blk_mq_update_queue_map+0x305/0x3a0 [ 147.866147][ T6597] blk_mq_alloc_tag_set+0x65f/0x1260 [ 147.866208][ T6597] ? ida_free+0x273/0x2f0 [ 147.866258][ T6597] loop_add+0x3b7/0xb60 [ 147.866298][ T6597] ? __pfx_loop_add+0x10/0x10 [ 147.866363][ T6597] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 147.866426][ T6597] loop_control_ioctl+0xae/0x620 [ 147.866468][ T6597] ? __pfx_loop_control_ioctl+0x10/0x10 [ 147.866508][ T6597] ? xfd_validate_state+0x129/0x190 [ 147.866561][ T6597] ? __pfx_loop_control_ioctl+0x10/0x10 [ 147.866609][ T6597] __x64_sys_ioctl+0x18e/0x210 [ 147.866664][ T6597] do_syscall_64+0x106/0xf80 [ 147.866704][ T6597] ? clear_bhb_loop+0x40/0x90 [ 147.866747][ T6597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.866783][ T6597] RIP: 0033:0x7fda9a79c799 [ 147.866811][ T6597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 147.866844][ T6597] RSP: 002b:00007fda989f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 147.866878][ T6597] RAX: ffffffffffffffda RBX: 00007fda9aa15fa0 RCX: 00007fda9a79c799 [ 147.866900][ T6597] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002 [ 147.866922][ T6597] RBP: 00007fda9a832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 147.866943][ T6597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 147.866963][ T6597] R13: 00007fda9aa16038 R14: 00007fda9aa15fa0 R15: 00007ffce1d08688 [ 147.867004][ T6597] [ 148.546755][ T6603] FAULT_INJECTION: forcing a failure. [ 148.546755][ T6603] name failslab, interval 1, probability 0, space 0, times 0 [ 148.609276][ T6603] CPU: 0 UID: 0 PID: 6603 Comm: syz.0.160 Not tainted syzkaller #0 PREEMPT(full) [ 148.609321][ T6603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 148.609341][ T6603] Call Trace: [ 148.609352][ T6603] [ 148.609364][ T6603] dump_stack_lvl+0x100/0x190 [ 148.609422][ T6603] should_fail_ex.cold+0x5/0xa [ 148.609461][ T6603] should_failslab+0xc2/0x120 [ 148.609498][ T6603] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 148.609546][ T6603] ? fcntl_setlk+0xaa/0xe40 [ 148.609578][ T6603] ? __lock_acquire+0x4a5/0x2630 [ 148.609641][ T6603] fcntl_setlk+0xaa/0xe40 [ 148.609682][ T6603] ? __pfx_fcntl_setlk+0x10/0x10 [ 148.609725][ T6603] ? find_held_lock+0x2b/0x80 [ 148.609756][ T6603] ? __might_fault+0xc5/0x140 [ 148.609803][ T6603] ? __might_fault+0xc5/0x140 [ 148.609869][ T6603] do_fcntl+0xf39/0x1670 [ 148.609914][ T6603] ? __pfx_do_fcntl+0x10/0x10 [ 148.609954][ T6603] ? __fget_files+0x215/0x3d0 [ 148.610024][ T6603] ? tomoyo_file_fcntl+0x6c/0xc0 [ 148.610076][ T6603] __x64_sys_fcntl+0x163/0x200 [ 148.610124][ T6603] do_syscall_64+0x106/0xf80 [ 148.610163][ T6603] ? clear_bhb_loop+0x40/0x90 [ 148.610207][ T6603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.610244][ T6603] RIP: 0033:0x7f0d56b9c799 [ 148.610273][ T6603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 148.610306][ T6603] RSP: 002b:00007f0d57a8a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 148.610338][ T6603] RAX: ffffffffffffffda RBX: 00007f0d56e15fa0 RCX: 00007f0d56b9c799 [ 148.610361][ T6603] RDX: 0000000000000004 RSI: 0000000000000026 RDI: 0000000000000004 [ 148.610382][ T6603] RBP: 00007f0d56c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 148.610403][ T6603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.610423][ T6603] R13: 00007f0d56e16038 R14: 00007f0d56e15fa0 R15: 00007ffd60190078 [ 148.610467][ T6603] [ 149.060551][ T5823] Bluetooth: hci0: command 0x0c1a tx timeout [ 149.631782][ T5823] Bluetooth: hci2: command 0x0c1a tx timeout [ 149.638045][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 149.699243][ T5823] Bluetooth: hci3: command 0x0c1a tx timeout [ 150.213940][ T5823] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 150.214019][ T5823] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 150.230315][ T5823] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 150.230387][ T5823] Bluetooth: hci3: adv larger than maximum supported [ 150.237765][ T5823] Bluetooth: hci3: adv larger than maximum supported [ 150.244849][ T5823] Bluetooth: hci3: Malformed LE Event: 0x0d [ 150.987790][ T6634] FAULT_INJECTION: forcing a failure. [ 150.987790][ T6634] name failslab, interval 1, probability 0, space 0, times 0 [ 151.001891][ T6634] CPU: 1 UID: 0 PID: 6634 Comm: syz.3.166 Not tainted syzkaller #0 PREEMPT(full) [ 151.001938][ T6634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 151.001966][ T6634] Call Trace: [ 151.001976][ T6634] [ 151.001995][ T6634] dump_stack_lvl+0x100/0x190 [ 151.002053][ T6634] should_fail_ex.cold+0x5/0xa [ 151.002094][ T6634] should_failslab+0xc2/0x120 [ 151.002135][ T6634] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 151.002189][ T6634] ? __alloc_skb+0x140/0x710 [ 151.002234][ T6634] __alloc_skb+0x140/0x710 [ 151.002268][ T6634] ? __alloc_skb+0x5b7/0x710 [ 151.002305][ T6634] ? __pfx___alloc_skb+0x10/0x10 [ 151.002347][ T6634] ? sk_page_frag_refill+0x6c/0x340 [ 151.002406][ T6634] kcm_sendmsg+0x1036/0x32e0 [ 151.002472][ T6634] ? __pfx_kcm_sendmsg+0x10/0x10 [ 151.002512][ T6634] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 151.002568][ T6634] sock_sendmsg+0x3a1/0x430 [ 151.002621][ T6634] ? __pfx_sock_sendmsg+0x10/0x10 [ 151.002701][ T6634] splice_to_socket+0xb4c/0x11b0 [ 151.002733][ T6634] ? touch_atime+0xa5/0x7a0 [ 151.002799][ T6634] ? __pfx_splice_to_socket+0x10/0x10 [ 151.002884][ T6634] ? trace_kmalloc+0x101/0x130 [ 151.002925][ T6634] ? lockdep_init_map_type+0x5c/0x250 [ 151.002974][ T6634] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 151.003036][ T6634] ? __pfx_splice_to_socket+0x10/0x10 [ 151.003074][ T6634] direct_splice_actor+0x192/0x6c0 [ 151.003137][ T6634] splice_direct_to_actor+0x345/0xa30 [ 151.003198][ T6634] ? __pfx_direct_splice_actor+0x10/0x10 [ 151.003263][ T6634] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 151.003333][ T6634] do_splice_direct+0x174/0x240 [ 151.003392][ T6634] ? __pfx_do_splice_direct+0x10/0x10 [ 151.003451][ T6634] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 151.003509][ T6634] ? bpf_lsm_file_permission+0x9/0x10 [ 151.003564][ T6634] ? security_file_permission+0x76/0x210 [ 151.003619][ T6634] ? rw_verify_area+0xce/0x6d0 [ 151.003672][ T6634] do_sendfile+0xadc/0xe20 [ 151.003734][ T6634] ? __pfx_do_sendfile+0x10/0x10 [ 151.003793][ T6634] ? __x64_sys_futex+0x34f/0x4d0 [ 151.003837][ T6634] ? __x64_sys_futex+0x358/0x4d0 [ 151.003886][ T6634] __x64_sys_sendfile64+0x1d8/0x220 [ 151.003926][ T6634] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 151.003979][ T6634] do_syscall_64+0x106/0xf80 [ 151.004064][ T6634] ? clear_bhb_loop+0x40/0x90 [ 151.004108][ T6634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.004149][ T6634] RIP: 0033:0x7ff12f19c799 [ 151.004178][ T6634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 151.004211][ T6634] RSP: 002b:00007ff130104028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 151.004244][ T6634] RAX: ffffffffffffffda RBX: 00007ff12f415fa0 RCX: 00007ff12f19c799 [ 151.004267][ T6634] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000001 [ 151.004287][ T6634] RBP: 00007ff12f232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 151.004308][ T6634] R10: 000000007ffff011 R11: 0000000000000246 R12: 0000000000000000 [ 151.004329][ T6634] R13: 00007ff12f416038 R14: 00007ff12f415fa0 R15: 00007ffefd463468 [ 151.004375][ T6634] [ 151.976097][ T6642] netlink: 4 bytes leftover after parsing attributes in process `syz.1.168'. [ 152.000370][ T6642] netlink: 354 bytes leftover after parsing attributes in process `syz.1.168'. [ 153.133039][ T6666] FAULT_INJECTION: forcing a failure. [ 153.133039][ T6666] name failslab, interval 1, probability 0, space 0, times 0 [ 153.162107][ T6666] CPU: 1 UID: 0 PID: 6666 Comm: syz.1.177 Not tainted syzkaller #0 PREEMPT(full) [ 153.162152][ T6666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 153.162172][ T6666] Call Trace: [ 153.162183][ T6666] [ 153.162196][ T6666] dump_stack_lvl+0x100/0x190 [ 153.162254][ T6666] should_fail_ex.cold+0x5/0xa [ 153.162296][ T6666] should_failslab+0xc2/0x120 [ 153.162332][ T6666] __kmalloc_cache_noprof+0x7a/0x6f0 [ 153.162377][ T6666] ? apply_subsystem_event_filter+0x45a/0x17d0 [ 153.162445][ T6666] apply_subsystem_event_filter+0x45a/0x17d0 [ 153.162515][ T6666] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 153.162581][ T6666] ? _copy_from_user+0x59/0xd0 [ 153.162652][ T6666] ? __pfx_subsystem_filter_write+0x10/0x10 [ 153.162705][ T6666] subsystem_filter_write+0x95/0x120 [ 153.162761][ T6666] vfs_writev+0x5ea/0xe10 [ 153.162812][ T6666] ? rcu_is_watching+0x12/0xc0 [ 153.162875][ T6666] ? __pfx_vfs_writev+0x10/0x10 [ 153.162925][ T6666] ? fdget_pos+0x2aa/0x380 [ 153.162992][ T6666] ? __fget_files+0x21f/0x3d0 [ 153.163059][ T6666] ? do_writev+0x13e/0x340 [ 153.163108][ T6666] do_writev+0x13e/0x340 [ 153.163162][ T6666] ? __pfx_do_writev+0x10/0x10 [ 153.163227][ T6666] do_syscall_64+0x106/0xf80 [ 153.163268][ T6666] ? clear_bhb_loop+0x40/0x90 [ 153.163311][ T6666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.163347][ T6666] RIP: 0033:0x7fe1b299c799 [ 153.163375][ T6666] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 153.163408][ T6666] RSP: 002b:00007fe1b38e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 153.163440][ T6666] RAX: ffffffffffffffda RBX: 00007fe1b2c16090 RCX: 00007fe1b299c799 [ 153.163463][ T6666] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000006 [ 153.163483][ T6666] RBP: 00007fe1b2a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 153.163503][ T6666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.163523][ T6666] R13: 00007fe1b2c16128 R14: 00007fe1b2c16090 R15: 00007fffe8bd8398 [ 153.163568][ T6666] [ 153.942564][ T6681] netlink: 25 bytes leftover after parsing attributes in process `syz.3.180'. [ 154.411206][ T6685] netlink: 186 bytes leftover after parsing attributes in process `syz.1.183'. [ 154.704740][ T6695] ubi0: attaching mtd0 [ 154.741710][ T6695] ubi0: scanning is finished [ 154.772655][ T6698] FAULT_INJECTION: forcing a failure. [ 154.772655][ T6698] name fail_futex, interval 1, probability 0, space 0, times 1 [ 154.875517][ T6698] CPU: 1 UID: 0 PID: 6698 Comm: syz.1.186 Not tainted syzkaller #0 PREEMPT(full) [ 154.875559][ T6698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 154.875576][ T6698] Call Trace: [ 154.875585][ T6698] [ 154.875596][ T6698] dump_stack_lvl+0x100/0x190 [ 154.875660][ T6698] should_fail_ex.cold+0x5/0xa [ 154.875695][ T6698] get_futex_key+0x1d2/0x1620 [ 154.875741][ T6698] ? __pfx_get_futex_key+0x10/0x10 [ 154.875799][ T6698] futex_wait_setup+0x83/0x510 [ 154.875863][ T6698] __futex_wait+0x19f/0x300 [ 154.875918][ T6698] ? __pfx___futex_wait+0x10/0x10 [ 154.875977][ T6698] ? __pfx_futex_wake_mark+0x10/0x10 [ 154.876034][ T6698] ? futex_hash+0x2c5/0x380 [ 154.876086][ T6698] futex_wait+0xed/0x380 [ 154.876138][ T6698] ? __pfx_futex_wait+0x10/0x10 [ 154.876200][ T6698] ? __lock_acquire+0x4a5/0x2630 [ 154.876256][ T6698] do_futex+0x1ef/0x350 [ 154.876300][ T6698] ? __pfx_do_futex+0x10/0x10 [ 154.876346][ T6698] ? find_held_lock+0x2b/0x80 [ 154.876376][ T6698] ? __fget_files+0x215/0x3d0 [ 154.876434][ T6698] __x64_sys_futex+0x34f/0x4d0 [ 154.876480][ T6698] ? __fget_files+0x21f/0x3d0 [ 154.876533][ T6698] ? __pfx___x64_sys_futex+0x10/0x10 [ 154.876599][ T6698] do_syscall_64+0x106/0xf80 [ 154.876643][ T6698] ? clear_bhb_loop+0x40/0x90 [ 154.876680][ T6698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.876710][ T6698] RIP: 0033:0x7fe1b299c799 [ 154.876734][ T6698] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 154.876763][ T6698] RSP: 002b:00007fe1b38e60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 154.876791][ T6698] RAX: ffffffffffffffda RBX: 00007fe1b2c16098 RCX: 00007fe1b299c799 [ 154.876811][ T6698] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fe1b2c16098 [ 154.876829][ T6698] RBP: 00007fe1b2c16090 R08: 0000000000000000 R09: 0000000000000000 [ 154.876847][ T6698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.876864][ T6698] R13: 00007fe1b2c16128 R14: 00007fffe8bd82b0 R15: 00007fffe8bd8398 [ 154.876902][ T6698] [ 155.300170][ T6695] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 155.359223][ T6695] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 155.367509][ T6695] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 155.409193][ T6695] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 155.442631][ T6695] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 155.493304][ T6695] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 155.550993][ T6695] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1528373583 [ 155.641866][ T6695] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 155.679298][ T6707] ubi0: background thread "ubi_bgt0d" started, PID 6707 [ 155.703519][ T6697] ubi0: detaching mtd0 [ 155.832698][ T6697] ubi0: mtd0 is detached [ 156.079169][ T6720] netlink: 28 bytes leftover after parsing attributes in process `syz.0.191'. [ 156.604783][ T6728] netlink: 186 bytes leftover after parsing attributes in process `syz.0.193'. [ 158.240093][ T6747] blk-mq: reduced tag depth (128 -> 64) [ 159.076686][ T6762] netlink: 4 bytes leftover after parsing attributes in process `syz.2.203'. [ 159.097307][ T6762] netlink: 354 bytes leftover after parsing attributes in process `syz.2.203'. [ 161.176023][ T6791] netlink: 25 bytes leftover after parsing attributes in process `syz.0.216'. [ 162.050340][ T6800] FAULT_INJECTION: forcing a failure. [ 162.050340][ T6800] name failslab, interval 1, probability 0, space 0, times 0 [ 162.065588][ T6800] CPU: 1 UID: 0 PID: 6800 Comm: syz.3.210 Not tainted syzkaller #0 PREEMPT(full) [ 162.065636][ T6800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 162.065657][ T6800] Call Trace: [ 162.065668][ T6800] [ 162.065681][ T6800] dump_stack_lvl+0x100/0x190 [ 162.065743][ T6800] should_fail_ex.cold+0x5/0xa [ 162.065784][ T6800] should_failslab+0xc2/0x120 [ 162.065854][ T6800] __kmalloc_cache_node_noprof+0x7d/0x770 [ 162.065911][ T6800] ? sbitmap_queue_init_node+0x291/0x4a0 [ 162.065965][ T6800] sbitmap_queue_init_node+0x291/0x4a0 [ 162.066017][ T6800] blk_mq_init_tags+0x1ba/0x300 [ 162.066072][ T6800] blk_mq_alloc_map_and_rqs+0x218/0xeb0 [ 162.066123][ T6800] ? trace_kmalloc+0x101/0x130 [ 162.066164][ T6800] __blk_mq_alloc_map_and_rqs+0x128/0x1f0 [ 162.066217][ T6800] blk_mq_alloc_tag_set+0x7bd/0x1260 [ 162.066279][ T6800] loop_add+0x3b7/0xb60 [ 162.066318][ T6800] ? __pfx_loop_add+0x10/0x10 [ 162.066382][ T6800] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 162.066446][ T6800] loop_control_ioctl+0xae/0x620 [ 162.066486][ T6800] ? __pfx_loop_control_ioctl+0x10/0x10 [ 162.066526][ T6800] ? xfd_validate_state+0x129/0x190 [ 162.066578][ T6800] ? __pfx_loop_control_ioctl+0x10/0x10 [ 162.066619][ T6800] __x64_sys_ioctl+0x18e/0x210 [ 162.066671][ T6800] do_syscall_64+0x106/0xf80 [ 162.066711][ T6800] ? clear_bhb_loop+0x40/0x90 [ 162.066752][ T6800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.066786][ T6800] RIP: 0033:0x7ff12f19c799 [ 162.066815][ T6800] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 162.066856][ T6800] RSP: 002b:00007ff130104028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 162.066889][ T6800] RAX: ffffffffffffffda RBX: 00007ff12f415fa0 RCX: 00007ff12f19c799 [ 162.066910][ T6800] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000002 [ 162.066930][ T6800] RBP: 00007ff12f232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 162.066950][ T6800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 162.066969][ T6800] R13: 00007ff12f416038 R14: 00007ff12f415fa0 R15: 00007ffefd463468 [ 162.067011][ T6800] [ 162.067660][ T6800] blk-mq: reduced tag depth (128 -> 64) [ 163.472629][ T6826] netlink: 13 bytes leftover after parsing attributes in process `syz.1.219'. [ 165.376629][ T6853] netlink: 306 bytes leftover after parsing attributes in process `syz.2.228'. [ 166.109389][ T5823] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 166.364916][ T6876] FAULT_INJECTION: forcing a failure. [ 166.364916][ T6876] name failslab, interval 1, probability 0, space 0, times 0 [ 166.396593][ T6876] CPU: 1 UID: 0 PID: 6876 Comm: syz.1.235 Not tainted syzkaller #0 PREEMPT(full) [ 166.396644][ T6876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 166.396664][ T6876] Call Trace: [ 166.396674][ T6876] [ 166.396687][ T6876] dump_stack_lvl+0x100/0x190 [ 166.396744][ T6876] should_fail_ex.cold+0x5/0xa [ 166.396783][ T6876] should_failslab+0xc2/0x120 [ 166.396821][ T6876] __kmalloc_cache_noprof+0x7a/0x6f0 [ 166.396869][ T6876] ? __alloc_workqueue+0x1a0/0x1880 [ 166.396920][ T6876] __alloc_workqueue+0x1a0/0x1880 [ 166.396975][ T6876] alloc_workqueue_noprof+0xd2/0x200 [ 166.397018][ T6876] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 166.397071][ T6876] ? rcu_is_watching+0x12/0xc0 [ 166.397125][ T6876] ? trace_kmalloc+0x101/0x130 [ 166.397159][ T6876] ? __kasan_kmalloc+0xaa/0xb0 [ 166.397213][ T6876] ? __kmalloc_noprof+0x320/0x850 [ 166.397273][ T6876] ieee80211_register_hw+0x1f80/0x4140 [ 166.397341][ T6876] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 166.397386][ T6876] ? __pfx___debug_object_init+0x10/0x10 [ 166.397447][ T6876] ? find_held_lock+0x2b/0x80 [ 166.397482][ T6876] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 166.397541][ T6876] ? __hrtimer_setup+0x178/0x280 [ 166.397591][ T6876] mac80211_hwsim_new_radio+0x2847/0x57d0 [ 166.397668][ T6876] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 166.397730][ T6876] hwsim_new_radio_nl+0xc1f/0x1340 [ 166.397783][ T6876] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 166.397845][ T6876] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 166.397899][ T6876] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 166.397962][ T6876] genl_family_rcv_msg_doit+0x214/0x300 [ 166.398018][ T6876] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 166.398080][ T6876] ? genl_get_cmd+0x3ef/0x720 [ 166.398139][ T6876] ? bpf_lsm_capable+0x9/0x10 [ 166.398175][ T6876] ? security_capable+0x80/0x260 [ 166.398224][ T6876] ? ns_capable+0xd2/0xf0 [ 166.398260][ T6876] genl_rcv_msg+0x560/0x800 [ 166.398318][ T6876] ? __pfx_genl_rcv_msg+0x10/0x10 [ 166.398370][ T6876] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 166.398434][ T6876] netlink_rcv_skb+0x159/0x420 [ 166.398480][ T6876] ? __pfx_genl_rcv_msg+0x10/0x10 [ 166.398534][ T6876] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 166.398596][ T6876] ? netlink_deliver_tap+0x1ae/0xcc0 [ 166.398645][ T6876] genl_rcv+0x28/0x40 [ 166.398687][ T6876] netlink_unicast+0x5aa/0x870 [ 166.398737][ T6876] ? __pfx_netlink_unicast+0x10/0x10 [ 166.398797][ T6876] netlink_sendmsg+0x8b0/0xda0 [ 166.398851][ T6876] ? __pfx_netlink_sendmsg+0x10/0x10 [ 166.398893][ T6876] ? __import_iovec+0x1d2/0x640 [ 166.398931][ T6876] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 166.398986][ T6876] ____sys_sendmsg+0xa54/0xc30 [ 166.399041][ T6876] ? __pfx_____sys_sendmsg+0x10/0x10 [ 166.399109][ T6876] ? try_to_wake_up+0x644/0x1a80 [ 166.399149][ T6876] ___sys_sendmsg+0x190/0x1e0 [ 166.399211][ T6876] ? __pfx____sys_sendmsg+0x10/0x10 [ 166.399262][ T6876] ? futex_private_hash_put+0x107/0x1c0 [ 166.399350][ T6876] __sys_sendmsg+0x170/0x220 [ 166.399393][ T6876] ? __pfx___sys_sendmsg+0x10/0x10 [ 166.399434][ T6876] ? __x64_sys_futex+0x34f/0x4d0 [ 166.399505][ T6876] do_syscall_64+0x106/0xf80 [ 166.399544][ T6876] ? clear_bhb_loop+0x40/0x90 [ 166.399588][ T6876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.399624][ T6876] RIP: 0033:0x7fe1b299c799 [ 166.399652][ T6876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 166.399685][ T6876] RSP: 002b:00007fe1b3907028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 166.399717][ T6876] RAX: ffffffffffffffda RBX: 00007fe1b2c15fa0 RCX: 00007fe1b299c799 [ 166.399740][ T6876] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 166.399762][ T6876] RBP: 00007fe1b2a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 166.399783][ T6876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.399803][ T6876] R13: 00007fe1b2c16038 R14: 00007fe1b2c15fa0 R15: 00007fffe8bd8398 [ 166.399853][ T6876] [ 167.425395][ T6892] cougar: G6 mapped to space [ 168.182666][ T6896] netlink: 62 bytes leftover after parsing attributes in process `syz.0.249'. [ 168.213186][ T6896] netlink: 62 bytes leftover after parsing attributes in process `syz.0.249'. [ 168.239071][ T6896] netlink: 62 bytes leftover after parsing attributes in process `syz.0.249'. [ 168.248488][ T6896] netlink: 62 bytes leftover after parsing attributes in process `syz.0.249'. [ 168.278712][ T6896] netlink: 62 bytes leftover after parsing attributes in process `syz.0.249'. [ 168.309271][ T6896] netlink: 62 bytes leftover after parsing attributes in process `syz.0.249'. [ 168.331940][ T6896] netlink: 62 bytes leftover after parsing attributes in process `syz.0.249'. [ 168.359613][ T6896] netlink: 62 bytes leftover after parsing attributes in process `syz.0.249'. [ 168.369075][ T6896] netlink: 62 bytes leftover after parsing attributes in process `syz.0.249'. [ 170.958295][ T5823] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 170.958345][ T5823] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 170.975371][ T5823] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 170.975432][ T5823] Bluetooth: hci2: adv larger than maximum supported [ 170.984851][ T5823] Bluetooth: hci2: adv larger than maximum supported [ 170.991686][ T5823] Bluetooth: hci2: Malformed LE Event: 0x0d [ 172.960114][ T6974] FAULT_INJECTION: forcing a failure. [ 172.960114][ T6974] name fail_futex, interval 1, probability 0, space 0, times 0 [ 172.981327][ T6974] CPU: 0 UID: 0 PID: 6974 Comm: syz.3.259 Not tainted syzkaller #0 PREEMPT(full) [ 172.981372][ T6974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 172.981397][ T6974] Call Trace: [ 172.981405][ T6974] [ 172.981414][ T6974] dump_stack_lvl+0x100/0x190 [ 172.981455][ T6974] should_fail_ex.cold+0x5/0xa [ 172.981484][ T6974] get_futex_key+0x1d2/0x1620 [ 172.981517][ T6974] ? __pfx_get_futex_key+0x10/0x10 [ 172.981558][ T6974] futex_wait_setup+0x83/0x510 [ 172.981605][ T6974] __futex_wait+0x19f/0x300 [ 172.981646][ T6974] ? __pfx___futex_wait+0x10/0x10 [ 172.981691][ T6974] ? __pfx_futex_wake_mark+0x10/0x10 [ 172.981734][ T6974] ? find_held_lock+0x2b/0x80 [ 172.981756][ T6974] ? futex_wake+0x456/0x530 [ 172.981800][ T6974] futex_wait+0xed/0x380 [ 172.981838][ T6974] ? __pfx_futex_wait+0x10/0x10 [ 172.981882][ T6974] ? do_writev+0x214/0x340 [ 172.981926][ T6974] do_futex+0x1ef/0x350 [ 172.981958][ T6974] ? __pfx_do_futex+0x10/0x10 [ 172.981992][ T6974] ? __fget_files+0x21f/0x3d0 [ 172.982042][ T6974] __x64_sys_futex+0x34f/0x4d0 [ 172.982078][ T6974] ? __pfx___x64_sys_futex+0x10/0x10 [ 172.982123][ T6974] do_syscall_64+0x106/0xf80 [ 172.982151][ T6974] ? clear_bhb_loop+0x40/0x90 [ 172.982182][ T6974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.982207][ T6974] RIP: 0033:0x7ff12f19c799 [ 172.982228][ T6974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 172.982251][ T6974] RSP: 002b:00007ff1300e30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 172.982274][ T6974] RAX: ffffffffffffffda RBX: 00007ff12f416098 RCX: 00007ff12f19c799 [ 172.982290][ T6974] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff12f416098 [ 172.982305][ T6974] RBP: 00007ff12f416090 R08: 0000000000000000 R09: 0000000000000000 [ 172.982320][ T6974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 172.982334][ T6974] R13: 00007ff12f416128 R14: 00007ffefd463380 R15: 00007ffefd463468 [ 172.982365][ T6974] [ 174.268838][ T5823] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 174.268872][ T5823] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 174.284506][ T5823] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 174.284550][ T5823] Bluetooth: hci0: adv larger than maximum supported [ 174.293618][ T5823] Bluetooth: hci0: adv larger than maximum supported [ 174.300473][ T5823] Bluetooth: hci0: Malformed LE Event: 0x0d [ 175.374785][ T7004] __nla_validate_parse: 9 callbacks suppressed [ 175.374814][ T7004] netlink: 9 bytes leftover after parsing attributes in process `syz.3.267'. [ 175.429060][ T7008] netlink: 14 bytes leftover after parsing attributes in process `syz.2.268'. [ 177.416813][ T5823] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 177.416860][ T5823] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 177.435350][ T5823] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 177.435410][ T5823] Bluetooth: hci1: adv larger than maximum supported [ 177.442817][ T5823] Bluetooth: hci1: adv larger than maximum supported [ 177.449629][ T5823] Bluetooth: hci1: Malformed LE Event: 0x0d [ 178.291437][ T7066] netlink: 62 bytes leftover after parsing attributes in process `syz.3.278'. [ 178.472243][ T7066] netlink: 62 bytes leftover after parsing attributes in process `syz.3.278'. [ 178.524040][ T7066] netlink: 62 bytes leftover after parsing attributes in process `syz.3.278'. [ 178.669481][ T7066] netlink: 62 bytes leftover after parsing attributes in process `syz.3.278'. [ 178.709777][ T7066] netlink: 62 bytes leftover after parsing attributes in process `syz.3.278'. [ 178.762692][ T7066] netlink: 62 bytes leftover after parsing attributes in process `syz.3.278'. [ 178.834943][ T7066] netlink: 62 bytes leftover after parsing attributes in process `syz.3.278'. [ 179.131736][ T7066] netlink: 62 bytes leftover after parsing attributes in process `syz.3.278'. [ 180.731366][ T7083] __nla_validate_parse: 10 callbacks suppressed [ 180.731394][ T7083] netlink: 25 bytes leftover after parsing attributes in process `syz.2.284'. [ 180.995257][ T7093] netlink: 29 bytes leftover after parsing attributes in process `syz.1.286'. [ 181.134452][ T5823] Bluetooth: hci2: unexpected event 0x02 length: 726 > 260 [ 181.497658][ T5823] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 181.505021][ T5823] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 181.520172][ T5823] Bluetooth: hci1: Unknown advertising packet type: 0x7f [ 181.520207][ T5823] Bluetooth: hci1: adv larger than maximum supported [ 181.532462][ T5823] Bluetooth: hci1: adv larger than maximum supported [ 181.539971][ T5823] Bluetooth: hci1: Malformed LE Event: 0x0d [ 181.568132][ T7101] netlink: 342 bytes leftover after parsing attributes in process `syz.2.290'. [ 182.273798][ T7114] netlink: 12 bytes leftover after parsing attributes in process `syz.3.294'. [ 182.325258][ T7114] unsupported nlmsg_type 40 [ 182.733243][ T7126] netlink: 330 bytes leftover after parsing attributes in process `syz.3.297'. [ 184.941770][ T7159] [U] ^\ [ 185.326424][ T5823] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 185.326467][ T5823] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 185.341697][ T5823] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 185.341734][ T5823] Bluetooth: hci2: adv larger than maximum supported [ 185.348832][ T5823] Bluetooth: hci2: adv larger than maximum supported [ 185.355658][ T5823] Bluetooth: hci2: Malformed LE Event: 0x0d [ 188.161248][ T7217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.322'. [ 188.202226][ T7217] netlink: 13 bytes leftover after parsing attributes in process `syz.2.322'. [ 189.678433][ T7238] [U]  [ 189.681450][ T7238] [U] [ 189.684168][ T7238] [U] [ 189.686889][ T7238] [U] [ 189.782543][ T7238] [U] [ 189.785348][ T7238] [U] [ 189.788102][ T7238] [U] [ 189.790862][ T7238] [U] [ 189.798112][ T7238] [U] [ 189.800906][ T7238] [U] [ 189.803655][ T7238] [U] [ 189.806397][ T7238] [U] [ 189.816332][ T7238] [U] [ 189.819118][ T7238] [U] [ 189.821880][ T7238] [U] [ 189.824630][ T7238] [U] [ 189.847597][ T7238] [U] [ 189.850396][ T7238] [U] [ 189.853165][ T7238] [U] [ 189.855916][ T7238] [U] [ 189.949452][ T7238] [U] [ 189.952233][ T7238] [U] [ 189.954990][ T7238] [U] [ 189.957752][ T7238] [U] [ 189.970392][ T7238] [U] [ 189.973151][ T7238] [U] [ 189.975866][ T7238] [U] [ 189.978573][ T7238] [U] [ 189.989455][ T7238] [U] [ 189.992230][ T7238] [U] [ 189.994986][ T7238] [U] [ 189.997739][ T7238] [U] [ 190.021978][ T7238] [U] [ 190.024781][ T7238] [U] [ 190.027538][ T7238] [U] [ 190.030275][ T7238] [U] [ 190.054748][ T7238] [U] [ 190.057530][ T7238] [U] [ 190.060305][ T7238] [U] [ 190.063059][ T7238] [U] [ 190.096476][ T7238] [U] [ 190.099243][ T7238] [U] [ 190.101980][ T7238] [U] [ 190.104698][ T7238] [U] [ 190.129848][ T7238] [U] [ 190.132620][ T7238] [U] [ 190.135341][ T7238] [U] [ 190.138051][ T7238] [U] [ 190.171710][ T7238] [U] [ 190.174497][ T7238] [U] [ 190.177213][ T7238] [U] [ 190.179927][ T7238] [U] [ 190.255565][ T7238] [U] [ 190.258322][ T7238] [U] [ 190.261037][ T7238] [U] [ 190.263746][ T7238] [U] [ 190.317190][ T7249] netlink: 'syz.3.330': attribute type 10 has an invalid length. [ 190.319992][ T7238] [U] [ 190.327710][ T7238] [U] [ 190.330472][ T7238] [U] [ 190.333239][ T7238] [U] [ 190.366587][ T7238] [U] [ 190.369379][ T7238] [U] [ 190.372129][ T7238] [U] [ 190.374880][ T7238] [U] [ 190.376782][ T7249] netlink: 330 bytes leftover after parsing attributes in process `syz.3.330'. [ 190.395324][ T7238] [U] [ 190.398120][ T7238] [U] [ 190.400835][ T7238] [U] [ 190.403545][ T7238] [U] [ 190.440962][ T7238] [U] [ 190.443737][ T7238] [U] [ 190.446477][ T7238] [U] [ 190.449236][ T7238] [U] [ 190.470791][ T7238] [U] [ 190.473570][ T7238] [U] [ 190.476309][ T7238] [U] [ 190.479047][ T7238] [U] [ 190.549384][ T7238] [U] [ 190.552133][ T7238] [U] [ 190.554841][ T7238] [U] [ 190.557548][ T7238] [U] [ 190.607683][ T7238] [U] [ 190.610477][ T7238] [U] [ 190.613234][ T7238] [U] [ 190.615950][ T7238] [U] [ 190.634181][ T7238] [U] [ 190.636923][ T7238] [U] [ 190.639660][ T7238] [U] [ 190.642413][ T7238] [U] [ 190.665765][ T7238] [U] [ 190.668544][ T7238] [U] [ 190.671288][ T7238] [U] [ 190.674033][ T7238] [U] [ 190.691248][ T7238] [U] [ 190.694039][ T7238] [U] [ 190.696770][ T7238] [U] [ 190.699487][ T7238] [U] [ 190.733499][ T7255] netlink: 186 bytes leftover after parsing attributes in process `syz.3.331'. [ 190.761845][ T7238] [U] [ 190.764637][ T7238] [U] [ 190.767390][ T7238] [U] [ 190.770127][ T7238] [U] [ 190.932180][ T7238] [U] [ 190.934987][ T7238] [U] [ 190.937775][ T7238] [U] [ 190.940531][ T7238] [U] [ 190.975415][ T7238] [U] [ 190.978182][ T7238] [U] [ 190.980893][ T7238] [U] [ 190.983610][ T7238] [U] [ 191.008880][ T7238] [U] [ 191.011627][ T7238] [U] [ 191.014340][ T7238] [U] [ 191.017048][ T7238] [U] [ 191.032286][ T7238] [U] [ 191.035058][ T7238] [U] [ 191.037768][ T7238] [U] [ 191.040508][ T7238] [U] [ 191.050280][ T7238] [U] [ 191.053062][ T7238] [U] [ 191.055821][ T7238] [U] [ 191.058554][ T7238] [U] [ 191.201228][ T7238] [U] [ 191.203991][ T7238] [U] [ 191.206706][ T7238] [U] [ 191.209437][ T7238] [U] [ 191.229378][ T7238] [U] [ 191.860188][ T7271] netlink: 4 bytes leftover after parsing attributes in process `syz.1.334'. [ 191.933444][ T7271] netlink: 25 bytes leftover after parsing attributes in process `syz.1.334'. [ 193.444843][ T7301] zswap: compressor  not available [ 194.139373][ T7321] FAULT_INJECTION: forcing a failure. [ 194.139373][ T7321] name failslab, interval 1, probability 0, space 0, times 0 [ 194.422389][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.429457][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.781227][ T7321] CPU: 1 UID: 0 PID: 7321 Comm: syz.0.345 Not tainted syzkaller #0 PREEMPT(full) [ 194.781274][ T7321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 194.781295][ T7321] Call Trace: [ 194.781306][ T7321] [ 194.781318][ T7321] dump_stack_lvl+0x100/0x190 [ 194.781377][ T7321] should_fail_ex.cold+0x5/0xa [ 194.781417][ T7321] should_failslab+0xc2/0x120 [ 194.781452][ T7321] __kmalloc_cache_noprof+0x7a/0x6f0 [ 194.781498][ T7321] ? audit_log_d_path+0xed/0x210 [ 194.781555][ T7321] ? get_mm_exe_file+0x8a/0x1a0 [ 194.781600][ T7321] audit_log_d_path+0xed/0x210 [ 194.781655][ T7321] audit_log_d_path_exe+0x46/0x80 [ 194.781708][ T7321] audit_log_task+0x2fe/0x3a0 [ 194.781745][ T7321] ? __pfx_audit_log_task+0x10/0x10 [ 194.781781][ T7321] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 194.781834][ T7321] audit_seccomp+0x79/0x190 [ 194.781888][ T7321] ? exc_general_protection+0x12e/0x250 [ 194.781945][ T7321] __secure_computing+0x26d/0x2c0 [ 194.781995][ T7321] do_syscall_64+0x568/0xf80 [ 194.782035][ T7321] ? clear_bhb_loop+0x40/0x90 [ 194.782078][ T7321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.782113][ T7321] RIP: 0033:0x7f0d56b9c799 [ 194.782141][ T7321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 194.782174][ T7321] RSP: 002b:00007f0d57a47a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 194.782206][ T7321] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f0d56b9c799 [ 194.782228][ T7321] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000000000000b [ 194.782248][ T7321] RBP: 00007f0d57a48030 R08: 0000000000000000 R09: 000000000000000b [ 194.782269][ T7321] R10: 0000000000000009 R11: 0000000000000246 R12: 00000000000090c2 [ 194.782289][ T7321] R13: 00007f0d56e16218 R14: 00007f0d56e16180 R15: 00007ffd60190078 [ 194.782333][ T7321] [ 194.783471][ T30] audit: type=1326 audit(2147483662.880:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7313 comm="syz.0.345" exe="" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0d56b9c799 code=0x0 [ 196.169029][ T7337] FAULT_INJECTION: forcing a failure. [ 196.169029][ T7337] name failslab, interval 1, probability 0, space 0, times 0 [ 196.209261][ T7337] CPU: 1 UID: 0 PID: 7337 Comm: syz.0.349 Not tainted syzkaller #0 PREEMPT(full) [ 196.209307][ T7337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 196.209327][ T7337] Call Trace: [ 196.209337][ T7337] [ 196.209349][ T7337] dump_stack_lvl+0x100/0x190 [ 196.209404][ T7337] should_fail_ex.cold+0x5/0xa [ 196.209442][ T7337] should_failslab+0xc2/0x120 [ 196.209476][ T7337] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 196.209525][ T7337] ? __kernfs_new_node+0xd2/0x960 [ 196.209579][ T7337] __kernfs_new_node+0xd2/0x960 [ 196.209624][ T7337] ? kernfs_add_one+0x583/0x850 [ 196.209677][ T7337] ? __pfx___kernfs_new_node+0x10/0x10 [ 196.209735][ T7337] ? find_held_lock+0x2b/0x80 [ 196.209765][ T7337] ? kernfs_root+0xee/0x2a0 [ 196.209806][ T7337] ? kernfs_root+0xee/0x2a0 [ 196.209861][ T7337] kernfs_new_node+0x11b/0x1a0 [ 196.209929][ T7337] __kernfs_create_file+0x53/0x350 [ 196.209973][ T7337] sysfs_add_file_mode_ns+0x207/0x3c0 [ 196.210030][ T7337] sysfs_create_file_ns+0x145/0x1e0 [ 196.210074][ T7337] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 196.210119][ T7337] ? __pfx___up_read+0x10/0x10 [ 196.210168][ T7337] ? acpi_device_notify+0x464/0x500 [ 196.210218][ T7337] ? kobject_put+0xb9/0x640 [ 196.210269][ T7337] device_create_file+0xf2/0x1d0 [ 196.210313][ T7337] device_add+0x2cb/0x1950 [ 196.210368][ T7337] ? kfree_const+0x5a/0x70 [ 196.210420][ T7337] ? __pfx_device_add+0x10/0x10 [ 196.210473][ T7337] ? kfree_const+0x5a/0x70 [ 196.210523][ T7337] ? kfree+0x2ec/0x6b0 [ 196.210577][ T7337] device_create_groups_vargs+0x1f8/0x270 [ 196.210643][ T7337] device_create+0xed/0x130 [ 196.210677][ T7337] ? __pfx_device_create+0x10/0x10 [ 196.210730][ T7337] ? lockdep_init_map_type+0x5c/0x250 [ 196.210777][ T7337] ? timer_init_key+0x150/0x340 [ 196.210821][ T7337] ? ieee80211_roc_setup+0x136/0x270 [ 196.210857][ T7337] ? ieee80211_alloc_hw_nm+0x19c3/0x22a0 [ 196.210909][ T7337] mac80211_hwsim_new_radio+0x37f/0x57d0 [ 196.210985][ T7337] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 196.211046][ T7337] ? __nla_validate_parse+0x1e7/0x28b0 [ 196.211091][ T7337] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 196.211153][ T7337] hwsim_new_radio_nl+0xc1f/0x1340 [ 196.211206][ T7337] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 196.211268][ T7337] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 196.211322][ T7337] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 196.211385][ T7337] genl_family_rcv_msg_doit+0x214/0x300 [ 196.211442][ T7337] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 196.211494][ T7337] ? genl_get_cmd+0x3ef/0x720 [ 196.211552][ T7337] ? bpf_lsm_capable+0x9/0x10 [ 196.211587][ T7337] ? security_capable+0x80/0x260 [ 196.211635][ T7337] ? ns_capable+0xd2/0xf0 [ 196.211671][ T7337] genl_rcv_msg+0x560/0x800 [ 196.211727][ T7337] ? __pfx_genl_rcv_msg+0x10/0x10 [ 196.211779][ T7337] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 196.211843][ T7337] netlink_rcv_skb+0x159/0x420 [ 196.211888][ T7337] ? __pfx_genl_rcv_msg+0x10/0x10 [ 196.211949][ T7337] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 196.212015][ T7337] ? netlink_deliver_tap+0x1ae/0xcc0 [ 196.212065][ T7337] genl_rcv+0x28/0x40 [ 196.212110][ T7337] netlink_unicast+0x5aa/0x870 [ 196.212161][ T7337] ? __pfx_netlink_unicast+0x10/0x10 [ 196.212223][ T7337] netlink_sendmsg+0x8b0/0xda0 [ 196.212276][ T7337] ? __pfx_netlink_sendmsg+0x10/0x10 [ 196.212320][ T7337] ? __import_iovec+0x1d2/0x640 [ 196.212357][ T7337] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 196.212413][ T7337] ____sys_sendmsg+0xa54/0xc30 [ 196.212469][ T7337] ? __pfx_____sys_sendmsg+0x10/0x10 [ 196.212530][ T7337] ? __pfx_futex_wake_mark+0x10/0x10 [ 196.212590][ T7337] ___sys_sendmsg+0x190/0x1e0 [ 196.212646][ T7337] ? __pfx____sys_sendmsg+0x10/0x10 [ 196.212752][ T7337] __sys_sendmsg+0x170/0x220 [ 196.212794][ T7337] ? __pfx___sys_sendmsg+0x10/0x10 [ 196.212835][ T7337] ? __x64_sys_futex+0x34f/0x4d0 [ 196.212905][ T7337] do_syscall_64+0x106/0xf80 [ 196.212952][ T7337] ? clear_bhb_loop+0x40/0x90 [ 196.212997][ T7337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.213034][ T7337] RIP: 0033:0x7f0d56b9c799 [ 196.213063][ T7337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 196.213095][ T7337] RSP: 002b:00007f0d57a8a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 196.213127][ T7337] RAX: ffffffffffffffda RBX: 00007f0d56e15fa0 RCX: 00007f0d56b9c799 [ 196.213150][ T7337] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 196.213172][ T7337] RBP: 00007f0d56c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 196.213193][ T7337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.213213][ T7337] R13: 00007f0d56e16038 R14: 00007f0d56e15fa0 R15: 00007ffd60190078 [ 196.213260][ T7337] [ 196.952070][ T7341] netlink: 9 bytes leftover after parsing attributes in process `syz.3.351'. [ 197.859180][ T12] netdevsim netdevsim1335 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 198.035456][ T7357] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.356'. [ 198.503423][ T7369] FAULT_INJECTION: forcing a failure. [ 198.503423][ T7369] name failslab, interval 1, probability 0, space 0, times 0 [ 198.627317][ T7369] CPU: 1 UID: 0 PID: 7369 Comm: syz.3.359 Not tainted syzkaller #0 PREEMPT(full) [ 198.627362][ T7369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 198.627381][ T7369] Call Trace: [ 198.627392][ T7369] [ 198.627413][ T7369] dump_stack_lvl+0x100/0x190 [ 198.627471][ T7369] should_fail_ex.cold+0x5/0xa [ 198.627511][ T7369] ? process_preds+0x4c2/0x1d90 [ 198.627584][ T7369] should_failslab+0xc2/0x120 [ 198.627619][ T7369] __kmalloc_noprof+0xe0/0x850 [ 198.627681][ T7369] process_preds+0x4c2/0x1d90 [ 198.627743][ T7369] ? create_filter_start.constprop.0+0x134/0x310 [ 198.627803][ T7369] create_filter+0x140/0x210 [ 198.627856][ T7369] ? __pfx_create_filter+0x10/0x10 [ 198.627912][ T7369] ? find_held_lock+0x2b/0x80 [ 198.627950][ T7369] apply_event_filter+0x220/0x500 [ 198.628005][ T7369] ? __pfx_apply_event_filter+0x10/0x10 [ 198.628072][ T7369] event_filter_write+0x16d/0x290 [ 198.628114][ T7369] vfs_write+0x2aa/0x1070 [ 198.628170][ T7369] ? __pfx_event_filter_write+0x10/0x10 [ 198.628214][ T7369] ? __pfx_vfs_write+0x10/0x10 [ 198.628266][ T7369] ? __fget_files+0x215/0x3d0 [ 198.628334][ T7369] ? __fget_files+0x21f/0x3d0 [ 198.628406][ T7369] ksys_write+0x12a/0x250 [ 198.628460][ T7369] ? __pfx_ksys_write+0x10/0x10 [ 198.628526][ T7369] do_syscall_64+0x106/0xf80 [ 198.628566][ T7369] ? clear_bhb_loop+0x40/0x90 [ 198.628610][ T7369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.628646][ T7369] RIP: 0033:0x7ff12f19c799 [ 198.628674][ T7369] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 198.628708][ T7369] RSP: 002b:00007ff130104028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 198.628740][ T7369] RAX: ffffffffffffffda RBX: 00007ff12f415fa0 RCX: 00007ff12f19c799 [ 198.628764][ T7369] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 198.628784][ T7369] RBP: 00007ff12f232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 198.628809][ T7369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.628829][ T7369] R13: 00007ff12f416038 R14: 00007ff12f415fa0 R15: 00007ffefd463468 [ 198.628875][ T7369] [ 198.862569][ T7359] syz.2.357 (7359) used greatest stack depth: 19672 bytes left [ 200.808174][ T7395] netlink: 4 bytes leftover after parsing attributes in process `syz.3.367'. [ 200.818741][ T7395] netlink: 'syz.3.367': attribute type 1 has an invalid length. [ 200.826936][ T7395] netlink: 'syz.3.367': attribute type 6 has an invalid length. [ 202.396178][ T7424] [U]  [ 202.399046][ T7424] [U] [ 202.401791][ T7424] [U] [ 202.404617][ T7424] [U] [ 202.441429][ T7424] [U] [ 202.444200][ T7424] [U] [ 202.446920][ T7424] [U] [ 202.449639][ T7424] [U] [ 202.491714][ T7424] [U] [ 202.494461][ T7424] [U] [ 202.497172][ T7424] [U] [ 202.499881][ T7424] [U] [ 202.560871][ T7424] [U] [ 202.563640][ T7424] [U] [ 202.566355][ T7424] [U] [ 202.569067][ T7424] [U] [ 202.592529][ T7424] [U] [ 202.595288][ T7424] [U] [ 202.598000][ T7424] [U] [ 202.600712][ T7424] [U] [ 202.617077][ T7424] [U] [ 202.619850][ T7424] [U] [ 202.622612][ T7424] [U] [ 202.625367][ T7424] [U] [ 202.651408][ T7424] [U] [ 202.654161][ T7424] [U] [ 202.656878][ T7424] [U] [ 202.659626][ T7424] [U] [ 202.667961][ T7424] [U] [ 202.670749][ T7424] [U] [ 202.673465][ T7424] [U] [ 202.676180][ T7424] [U] [ 202.689487][ T7424] [U] [ 202.692258][ T7424] [U] [ 202.694975][ T7424] [U] [ 202.697708][ T7424] [U] [ 202.703293][ T7424] [U] [ 202.706054][ T7424] [U] [ 202.708801][ T7424] [U] [ 202.711556][ T7424] [U] [ 202.730111][ T7424] [U] [ 202.732879][ T7424] [U] [ 202.735632][ T7424] [U] [ 202.738341][ T7424] [U] [ 202.777245][ T7424] [U] [ 202.780035][ T7424] [U] [ 202.782767][ T7424] [U] [ 202.785481][ T7424] [U] [ 202.818874][ T7424] [U] [ 202.821640][ T7424] [U] [ 202.824391][ T7424] [U] [ 202.827138][ T7424] [U] [ 202.907768][ T7424] [U] [ 202.910573][ T7424] [U] [ 202.913331][ T7424] [U] [ 202.916083][ T7424] [U] [ 202.948070][ T7424] [U] [ 202.950865][ T7424] [U] [ 202.953616][ T7424] [U] [ 202.956350][ T7424] [U] [ 202.959965][ T7424] [U] [ 202.962725][ T7424] [U] [ 202.965484][ T7424] [U] [ 202.968244][ T7424] [U] [ 202.979474][ T7424] [U] [ 202.982270][ T7424] [U] [ 202.985043][ T7424] [U] [ 202.987799][ T7424] [U] [ 203.001143][ T7424] [U] [ 203.003928][ T7424] [U] [ 203.006672][ T7424] [U] [ 203.009424][ T7424] [U] [ 203.074195][ T7440] netlink: 4 bytes leftover after parsing attributes in process `syz.0.377'. [ 203.109485][ T7424] [U] [ 203.112276][ T7424] [U] [ 203.115027][ T7424] [U] [ 203.117782][ T7424] [U] [ 203.160805][ T7440] netlink: 'syz.0.377': attribute type 1 has an invalid length. [ 203.179215][ T7440] netlink: 13 bytes leftover after parsing attributes in process `syz.0.377'. [ 203.190451][ T7424] [U] [ 203.193222][ T7424] [U] [ 203.195972][ T7424] [U] [ 203.198720][ T7424] [U] [ 203.254793][ T7424] [U] [ 203.257585][ T7424] [U] [ 203.260335][ T7424] [U] [ 203.263089][ T7424] [U] [ 203.280794][ T7424] [U] [ 203.283593][ T7424] [U] [ 203.286337][ T7424] [U] [ 203.289099][ T7424] [U] [ 203.330546][ T7424] [U] [ 203.333326][ T7424] [U] [ 203.336077][ T7424] [U] [ 203.338819][ T7424] [U] [ 203.372237][ T7424] [U] [ 203.375035][ T7424] [U] [ 203.377790][ T7424] [U] [ 203.380539][ T7424] [U] [ 203.388921][ T7424] [U] [ 203.391701][ T7424] [U] [ 203.394453][ T7424] [U] [ 203.397204][ T7424] [U] [ 203.431426][ T7424] [U] [ 203.434215][ T7424] [U] [ 203.436978][ T7424] [U] [ 203.439728][ T7424] [U] [ 203.449882][ T7424] [U] [ 203.452682][ T7424] [U] [ 203.455424][ T7424] [U] [ 203.458131][ T7424] [U] [ 203.465111][ T7424] [U] [ 203.467888][ T7424] [U] [ 203.470645][ T7424] [U] [ 203.473396][ T7424] [U] [ 203.672960][ T7424] [U] [ 203.675716][ T7424] [U] [ 203.678466][ T7424] [U] [ 203.681222][ T7424] [U] [ 203.690930][ T7424] [U] [ 203.693717][ T7424] [U] [ 203.696467][ T7424] [U] [ 203.699205][ T7424] [U] [ 203.707353][ T7424] [U] [ 203.710123][ T7424] [U] [ 203.712837][ T7424] [U] [ 203.715545][ T7424] [U] [ 203.721134][ T7424] [U] [ 203.723915][ T7424] [U] [ 203.726672][ T7424] [U] [ 203.729420][ T7424] [U] [ 203.732177][ T7424] [U] [ 203.752014][ T7424] [U] [ 206.865319][ T7483] netlink: 4 bytes leftover after parsing attributes in process `syz.0.386'. [ 206.875657][ T7483] netlink: 13 bytes leftover after parsing attributes in process `syz.0.386'. [ 207.109294][ T7491] netlink: 28 bytes leftover after parsing attributes in process `syz.2.390'. [ 207.164653][ T7491] veth1_macvtap: left promiscuous mode [ 208.809580][ T7517] writes to the poll attribute are ignored. [ 208.903848][ T7517] please use driver specific parameters instead. [ 210.388364][ T7534] netlink: 350 bytes leftover after parsing attributes in process `syz.3.403'. [ 211.445496][ T7557] FAULT_INJECTION: forcing a failure. [ 211.445496][ T7557] name failslab, interval 1, probability 0, space 0, times 0 [ 211.470663][ T7557] CPU: 1 UID: 0 PID: 7557 Comm: syz.1.406 Not tainted syzkaller #0 PREEMPT(full) [ 211.470711][ T7557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 211.470740][ T7557] Call Trace: [ 211.470751][ T7557] [ 211.470765][ T7557] dump_stack_lvl+0x100/0x190 [ 211.470825][ T7557] should_fail_ex.cold+0x5/0xa [ 211.470865][ T7557] ? process_preds+0x4c2/0x1d90 [ 211.470913][ T7557] should_failslab+0xc2/0x120 [ 211.470948][ T7557] __kmalloc_noprof+0xe0/0x850 [ 211.471009][ T7557] process_preds+0x4c2/0x1d90 [ 211.471072][ T7557] ? create_filter_start.constprop.0+0x134/0x310 [ 211.471132][ T7557] create_filter+0x140/0x210 [ 211.471185][ T7557] ? __pfx_create_filter+0x10/0x10 [ 211.471238][ T7557] ? find_held_lock+0x2b/0x80 [ 211.471275][ T7557] apply_event_filter+0x220/0x500 [ 211.471330][ T7557] ? __pfx_apply_event_filter+0x10/0x10 [ 211.471395][ T7557] event_filter_write+0x16d/0x290 [ 211.471437][ T7557] vfs_write+0x2aa/0x1070 [ 211.471493][ T7557] ? __pfx_event_filter_write+0x10/0x10 [ 211.471537][ T7557] ? __pfx_vfs_write+0x10/0x10 [ 211.471588][ T7557] ? __fget_files+0x215/0x3d0 [ 211.471651][ T7557] ? __fget_files+0x21f/0x3d0 [ 211.471717][ T7557] ksys_write+0x12a/0x250 [ 211.471779][ T7557] ? __pfx_ksys_write+0x10/0x10 [ 211.471845][ T7557] do_syscall_64+0x106/0xf80 [ 211.471885][ T7557] ? clear_bhb_loop+0x40/0x90 [ 211.471927][ T7557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.471963][ T7557] RIP: 0033:0x7fe1b299c799 [ 211.471991][ T7557] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 211.472025][ T7557] RSP: 002b:00007fe1b3907028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 211.472058][ T7557] RAX: ffffffffffffffda RBX: 00007fe1b2c15fa0 RCX: 00007fe1b299c799 [ 211.472080][ T7557] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 211.472100][ T7557] RBP: 00007fe1b2a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 211.472120][ T7557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 211.472140][ T7557] R13: 00007fe1b2c16038 R14: 00007fe1b2c15fa0 R15: 00007fffe8bd8398 [ 211.472185][ T7557] [ 212.100810][ T7553] FAULT_INJECTION: forcing a failure. [ 212.100810][ T7553] name failslab, interval 1, probability 0, space 0, times 0 [ 212.133907][ T7553] CPU: 1 UID: 0 PID: 7553 Comm: syz.3.407 Not tainted syzkaller #0 PREEMPT(full) [ 212.133956][ T7553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 212.133976][ T7553] Call Trace: [ 212.133986][ T7553] [ 212.134000][ T7553] dump_stack_lvl+0x100/0x190 [ 212.134059][ T7553] should_fail_ex.cold+0x5/0xa [ 212.134108][ T7553] should_failslab+0xc2/0x120 [ 212.134145][ T7553] __kmalloc_cache_noprof+0x7a/0x6f0 [ 212.134191][ T7553] ? kobject_uevent_env+0x263/0x18b0 [ 212.134253][ T7553] kobject_uevent_env+0x263/0x18b0 [ 212.134309][ T7553] ? kvm_uevent_notify_change.part.0+0x321/0x450 [ 212.134355][ T7553] ? kfree+0x1f6/0x6b0 [ 212.134405][ T7553] kvm_uevent_notify_change.part.0+0x3a6/0x450 [ 212.134453][ T7553] ? __pfx_kvm_vm_release+0x10/0x10 [ 212.134492][ T7553] kvm_put_kvm+0xe4/0xb10 [ 212.134530][ T7553] ? lockdep_hardirqs_on+0x78/0x100 [ 212.134570][ T7553] ? _raw_spin_unlock_irq+0x2e/0x50 [ 212.134608][ T7553] ? __pfx_kvm_vm_release+0x10/0x10 [ 212.134648][ T7553] kvm_vm_release+0x3c/0x50 [ 212.134684][ T7553] __fput+0x3ff/0xb40 [ 212.134726][ T7553] ? _raw_spin_unlock_irq+0x23/0x50 [ 212.134766][ T7553] task_work_run+0x150/0x240 [ 212.134818][ T7553] ? __pfx_task_work_run+0x10/0x10 [ 212.134881][ T7553] exit_to_user_mode_loop+0x100/0x4a0 [ 212.134932][ T7553] do_syscall_64+0x668/0xf80 [ 212.134971][ T7553] ? clear_bhb_loop+0x40/0x90 [ 212.135015][ T7553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.135051][ T7553] RIP: 0033:0x7ff12f19c799 [ 212.135088][ T7553] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 212.135123][ T7553] RSP: 002b:00007ff130104028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 212.135156][ T7553] RAX: 0000000000000000 RBX: 00007ff12f415fa0 RCX: 00007ff12f19c799 [ 212.135179][ T7553] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 212.135199][ T7553] RBP: 00007ff12f232bd9 R08: 0000000000000000 R09: 0000000000000000 [ 212.135221][ T7553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 212.135241][ T7553] R13: 00007ff12f416038 R14: 00007ff12f415fa0 R15: 00007ffefd463468 [ 212.135284][ T7553] [ 213.000765][ T7576] ======================================================= [ 213.000765][ T7576] WARNING: The mand mount option has been deprecated and [ 213.000765][ T7576] and is ignored by this kernel. Remove the mand [ 213.000765][ T7576] option from the mount to silence this warning. [ 213.000765][ T7576] ======================================================= [ 213.071589][ T51] Bluetooth: hci0: unexpected event 0x05 length: 43 > 4 [ 214.019256][ T5823] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 214.181612][ T7590] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4294967104 (549755789312 ns) > initial count (26496 ns). Using initial count to start timer. [ 214.245976][ T7588] netlink: 25 bytes leftover after parsing attributes in process `syz.0.415'. [ 216.691772][ T7610] zswap: compressor û not available [ 219.979428][ T7650] netlink: 354 bytes leftover after parsing attributes in process `syz.2.432'. [ 220.263630][ T7651] zswap: compressor  not available [ 220.852711][ T7665] netlink: 12 bytes leftover after parsing attributes in process `syz.1.434'. [ 221.026088][ T7671] HfR: entered promiscuous mode [ 221.118215][ T7665] i: entered promiscuous mode [ 221.361575][ T7676] FAULT_INJECTION: forcing a failure. [ 221.361575][ T7676] name failslab, interval 1, probability 0, space 0, times 0 [ 221.375488][ T7676] CPU: 0 UID: 0 PID: 7676 Comm: syz.0.438 Not tainted syzkaller #0 PREEMPT(full) [ 221.375536][ T7676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 221.375557][ T7676] Call Trace: [ 221.375568][ T7676] [ 221.375581][ T7676] dump_stack_lvl+0x100/0x190 [ 221.375639][ T7676] should_fail_ex.cold+0x5/0xa [ 221.375681][ T7676] should_failslab+0xc2/0x120 [ 221.375717][ T7676] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 221.375768][ T7676] ? vm_area_dup+0x27/0x8e0 [ 221.375822][ T7676] vm_area_dup+0x27/0x8e0 [ 221.375871][ T7676] __split_vma+0x18c/0xd90 [ 221.375924][ T7676] ? __pfx___split_vma+0x10/0x10 [ 221.375969][ T7676] ? finish_task_switch.isra.0+0x200/0xb80 [ 221.376027][ T7676] ? lockdep_hardirqs_on+0x78/0x100 [ 221.376079][ T7676] vma_modify+0x1121/0x2250 [ 221.376139][ T7676] ? __pfx_vma_modify+0x10/0x10 [ 221.376198][ T7676] vma_modify_flags+0x257/0x3d0 [ 221.376250][ T7676] ? __pfx_vma_modify_flags+0x10/0x10 [ 221.376318][ T7676] ? mtree_range_walk+0x6ce/0xcd0 [ 221.376367][ T7676] mlock_fixup+0x302/0xf00 [ 221.376421][ T7676] ? __pfx_mlock_fixup+0x10/0x10 [ 221.376481][ T7676] apply_vma_lock_flags+0x256/0x370 [ 221.376537][ T7676] ? __pfx_apply_vma_lock_flags+0x10/0x10 [ 221.376588][ T7676] ? __pfx___might_resched+0x10/0x10 [ 221.376651][ T7676] ? __pfx_down_write_killable+0x10/0x10 [ 221.376704][ T7676] ? do_futex+0x192/0x350 [ 221.376754][ T7676] do_mlock+0x261/0x7f0 [ 221.376809][ T7676] ? __pfx_do_mlock+0x10/0x10 [ 221.376855][ T7676] ? __x64_sys_futex+0x34f/0x4d0 [ 221.376898][ T7676] ? __x64_sys_futex+0x358/0x4d0 [ 221.376945][ T7676] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 221.376989][ T7676] ? xfd_validate_state+0x129/0x190 [ 221.377054][ T7676] __x64_sys_mlock+0x59/0x80 [ 221.377107][ T7676] do_syscall_64+0x106/0xf80 [ 221.377146][ T7676] ? clear_bhb_loop+0x40/0x90 [ 221.377190][ T7676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.377226][ T7676] RIP: 0033:0x7f0d56b9c799 [ 221.377255][ T7676] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 221.377288][ T7676] RSP: 002b:00007f0d57a8a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000095 [ 221.377321][ T7676] RAX: ffffffffffffffda RBX: 00007f0d56e15fa0 RCX: 00007f0d56b9c799 [ 221.377344][ T7676] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 000000000000fbe8 [ 221.377365][ T7676] RBP: 00007f0d56c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 221.377385][ T7676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.377405][ T7676] R13: 00007f0d56e16038 R14: 00007f0d56e15fa0 R15: 00007ffd60190078 [ 221.377450][ T7676] [ 224.497912][ T7718] netlink: 4 bytes leftover after parsing attributes in process `syz.2.451'. [ 224.551262][ T7714] netlink: 4 bytes leftover after parsing attributes in process `syz.2.451'. [ 225.945702][ T30] audit: type=1326 audit(2147483694.670:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7729 comm="syz.3.453" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff12f19c799 code=0x0 [ 1222.984456][T18167] Invalid ELF header magic: != ELF [ 1224.181197][T18181] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2970'. [ 1224.765415][T18187] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2972'. [ 1230.962547][T18245] Invalid ELF header magic: != ELF [ 1231.541368][T18256] Invalid ELF header magic: != ELF [ 1231.949148][T18262] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2991'. [ 1235.420101][T18280] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2995'. [ 1238.919080][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1238.925453][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1239.355357][T18305] Invalid ELF header magic: != ELF [ 1239.436631][T18305] FAULT_INJECTION: forcing a failure. [ 1239.436631][T18305] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1239.598789][T18305] CPU: 0 UID: 0 PID: 18305 Comm: syz.1.3000 Tainted: G L syzkaller #0 PREEMPT(full) [ 1239.598829][T18305] Tainted: [L]=SOFTLOCKUP [ 1239.598838][T18305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1239.598854][T18305] Call Trace: [ 1239.598862][T18305] [ 1239.598874][T18305] dump_stack_lvl+0x100/0x190 [ 1239.598933][T18305] should_fail_ex.cold+0x5/0xa [ 1239.598962][T18305] _copy_from_iter+0x1f4/0x1690 [ 1239.599008][T18305] ? __pfx___ldsem_down_read_nested+0x10/0x10 [ 1239.599050][T18305] ? __pfx__copy_from_iter+0x10/0x10 [ 1239.599092][T18305] ? _mutex_trylock_nest_lock+0x170/0x310 [ 1239.599124][T18305] ? file_tty_write.isra.0+0x24b/0x890 [ 1239.599156][T18305] ? __pfx__mutex_trylock_nest_lock+0x10/0x10 [ 1239.599197][T18305] file_tty_write.isra.0+0x45b/0x890 [ 1239.599236][T18305] vfs_write+0x6ac/0x1070 [ 1239.599277][T18305] ? __pfx_tty_write+0x10/0x10 [ 1239.599309][T18305] ? __pfx_vfs_write+0x10/0x10 [ 1239.599347][T18305] ? find_held_lock+0x2b/0x80 [ 1239.599389][T18305] ksys_write+0x12a/0x250 [ 1239.599429][T18305] ? __pfx_ksys_write+0x10/0x10 [ 1239.599478][T18305] do_syscall_64+0x106/0xf80 [ 1239.599506][T18305] ? clear_bhb_loop+0x40/0x90 [ 1239.599537][T18305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1239.599562][T18305] RIP: 0033:0x7fe1b299c799 [ 1239.599594][T18305] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1239.599619][T18305] RSP: 002b:00007fe1b38e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1239.599643][T18305] RAX: ffffffffffffffda RBX: 00007fe1b2c16090 RCX: 00007fe1b299c799 [ 1239.599660][T18305] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 1239.599675][T18305] RBP: 00007fe1b2a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1239.599691][T18305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1239.599705][T18305] R13: 00007fe1b2c16128 R14: 00007fe1b2c16090 R15: 00007fffe8bd8398 [ 1239.599738][T18305] [ 1245.210902][T18339] Invalid ELF header magic: != ELF [ 1249.687039][ T30] audit: type=1804 audit(4294967612.000:16): pid=18359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3010" name="file0" dev="tmpfs" ino=4315 res=1 errno=0 [ 1249.775862][ T30] audit: type=1804 audit(4294967612.090:17): pid=18371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3010" name="file0" dev="tmpfs" ino=4315 res=1 errno=0 [ 1251.357389][T11553] Bluetooth: hci0: unexpected event 0x18 length: 440 > 23 [ 1253.515630][T18375] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1257.788527][T18452] Invalid ELF header magic: != ELF [ 1258.720523][T18466] Invalid ELF header magic: != ELF [ 1259.886495][T18485] FAULT_INJECTION: forcing a failure. [ 1259.886495][T18485] name failslab, interval 1, probability 0, space 0, times 0 [ 1259.959024][T18485] CPU: 0 UID: 0 PID: 18485 Comm: syz.0.3037 Tainted: G L syzkaller #0 PREEMPT(full) [ 1259.959065][T18485] Tainted: [L]=SOFTLOCKUP [ 1259.959074][T18485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1259.959089][T18485] Call Trace: [ 1259.959096][T18485] [ 1259.959106][T18485] dump_stack_lvl+0x100/0x190 [ 1259.959159][T18485] should_fail_ex.cold+0x5/0xa [ 1259.959188][T18485] should_failslab+0xc2/0x120 [ 1259.959214][T18485] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1259.959251][T18485] ? __proc_create+0x2cb/0x8c0 [ 1259.959299][T18485] __proc_create+0x2cb/0x8c0 [ 1259.959340][T18485] ? __pfx___proc_create+0x10/0x10 [ 1259.959385][T18485] ? _raw_spin_unlock+0x28/0x50 [ 1259.959415][T18485] proc_create_reg+0x75/0x170 [ 1259.959441][T18485] proc_create_net_data+0x8e/0x1c0 [ 1259.959483][T18485] ? __pfx_proc_create_net_data+0x10/0x10 [ 1259.959532][T18485] ? __pfx_arp_net_init+0x10/0x10 [ 1259.959572][T18485] arp_net_init+0x53/0x80 [ 1259.959607][T18485] ops_init+0x1e2/0x5f0 [ 1259.959641][T18485] setup_net+0x118/0x3a0 [ 1259.959673][T18485] ? __pfx_setup_net+0x10/0x10 [ 1259.959703][T18485] ? lockdep_init_map_type+0x5c/0x250 [ 1259.959740][T18485] ? mutex_init_lockep+0x110/0x150 [ 1259.959803][T18485] copy_net_ns+0x46f/0x7c0 [ 1259.959855][T18485] create_new_namespaces+0x3ea/0xac0 [ 1259.959888][T18485] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1259.959917][T18485] ksys_unshare+0x473/0xad0 [ 1259.959963][T18485] ? __pfx_ksys_unshare+0x10/0x10 [ 1259.960006][T18485] __x64_sys_unshare+0x31/0x40 [ 1259.960036][T18485] do_syscall_64+0x106/0xf80 [ 1259.960065][T18485] ? clear_bhb_loop+0x40/0x90 [ 1259.960095][T18485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1259.960121][T18485] RIP: 0033:0x7f0d56b9c799 [ 1259.960146][T18485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1259.960171][T18485] RSP: 002b:00007f0d57a8a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1259.960195][T18485] RAX: ffffffffffffffda RBX: 00007f0d56e15fa0 RCX: 00007f0d56b9c799 [ 1259.960211][T18485] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1259.960226][T18485] RBP: 00007f0d56c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1259.960242][T18485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1259.960257][T18485] R13: 00007f0d56e16038 R14: 00007f0d56e15fa0 R15: 00007ffd60190078 [ 1259.960288][T18485] [ 1261.795163][T18495] input: f¬ as /devices/virtual/input/input57 [ 1270.745048][T18592] can: request_module (can-proto-0) failed. [ 1272.496734][T18602] Invalid ELF header magic: != ELF [ 1273.711110][T18615] input: f¬ as /devices/virtual/input/input58 [ 1274.847421][T18631] FAULT_INJECTION: forcing a failure. [ 1274.847421][T18631] name failslab, interval 1, probability 0, space 0, times 0 [ 1274.940865][T18631] CPU: 0 UID: 0 PID: 18631 Comm: syz.0.3068 Tainted: G L syzkaller #0 PREEMPT(full) [ 1274.940906][T18631] Tainted: [L]=SOFTLOCKUP [ 1274.940915][T18631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1274.940930][T18631] Call Trace: [ 1274.940938][T18631] [ 1274.940947][T18631] dump_stack_lvl+0x100/0x190 [ 1274.940990][T18631] should_fail_ex.cold+0x5/0xa [ 1274.941019][T18631] should_failslab+0xc2/0x120 [ 1274.941045][T18631] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1274.941078][T18631] ? vidtv_psi_pmt_stream_init+0x4e/0x3e0 [ 1274.941192][T18631] ? vidtv_psi_pmt_table_init+0x363/0x430 [ 1274.941223][T18631] vidtv_psi_pmt_stream_init+0x4e/0x3e0 [ 1274.941252][T18631] vidtv_channel_si_init+0x1289/0x18d0 [ 1274.941296][T18631] vidtv_mux_init+0x526/0xbf0 [ 1274.941337][T18631] vidtv_start_feed+0x33e/0x4c0 [ 1274.941396][T18631] ? __pfx_vidtv_start_feed+0x10/0x10 [ 1274.941437][T18631] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 1274.941485][T18631] ? mark_held_locks+0x40/0x70 [ 1274.941521][T18631] ? __pfx_vidtv_start_feed+0x10/0x10 [ 1274.941560][T18631] dmx_ts_feed_start_filtering+0xf6/0x220 [ 1274.941652][T18631] dvb_dmxdev_start_feed+0x273/0x3f0 [ 1274.941692][T18631] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 1274.941734][T18631] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 1274.941774][T18631] dvb_demux_do_ioctl+0xe64/0x1200 [ 1274.941824][T18631] dvb_usercopy+0x167/0x340 [ 1274.941857][T18631] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 1274.941897][T18631] ? __pfx_dvb_usercopy+0x10/0x10 [ 1274.941943][T18631] ? __fget_files+0x21f/0x3d0 [ 1274.941990][T18631] dvb_demux_ioctl+0x29/0x40 [ 1274.942023][T18631] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 1274.942058][T18631] __x64_sys_ioctl+0x18e/0x210 [ 1274.942097][T18631] do_syscall_64+0x106/0xf80 [ 1274.942126][T18631] ? clear_bhb_loop+0x40/0x90 [ 1274.942157][T18631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1274.942183][T18631] RIP: 0033:0x7f0d56b9c799 [ 1274.942203][T18631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1274.942227][T18631] RSP: 002b:00007f0d57a8a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1274.942251][T18631] RAX: ffffffffffffffda RBX: 00007f0d56e15fa0 RCX: 00007f0d56b9c799 [ 1274.942267][T18631] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 1274.942282][T18631] RBP: 00007f0d56c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1274.942298][T18631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1274.942318][T18631] R13: 00007f0d56e16038 R14: 00007f0d56e15fa0 R15: 00007ffd60190078 [ 1274.942351][T18631] [ 1275.210348][T18631] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI [ 1275.222313][T18631] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 1275.230795][T18631] CPU: 0 UID: 0 PID: 18631 Comm: syz.0.3068 Tainted: G L syzkaller #0 PREEMPT(full) [ 1275.241785][T18631] Tainted: [L]=SOFTLOCKUP [ 1275.246160][T18631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1275.256254][T18631] RIP: 0010:vidtv_psi_desc_assign+0x24/0x90 [ 1275.262192][T18631] Code: 90 90 90 90 90 90 0f 1f 40 d6 41 54 55 48 89 f5 53 48 89 fb e8 4d 45 dc f9 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 75 4c 4c 8b 23 49 39 ec 74 36 e8 29 45 dc f9 4d 85 e4 [ 1275.281862][T18631] RSP: 0018:ffffc90003367a10 EFLAGS: 00010247 [ 1275.287968][T18631] RAX: dffffc0000000000 RBX: 0000000000000005 RCX: ffffc90005b69000 [ 1275.295954][T18631] RDX: 0000000000000000 RSI: ffffffff882bc993 RDI: 0000000000000005 [ 1275.303954][T18631] RBP: ffff88803479d7e0 R08: 0000000000000000 R09: 4453534204050000 [ 1275.311955][T18631] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000 [ 1275.319966][T18631] R13: ffff88805dfde6c0 R14: ffff888021af0a00 R15: ffff88805b8b6200 [ 1275.327951][T18631] FS: 00007f0d57a8a6c0(0000) GS:ffff88812434c000(0000) knlGS:0000000000000000 [ 1275.336898][T18631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1275.343498][T18631] CR2: 0000001b309ffff8 CR3: 0000000032314000 CR4: 00000000003526f0 [ 1275.351485][T18631] Call Trace: [ 1275.354794][T18631] [ 1275.357931][T18631] vidtv_channel_si_init+0x12fc/0x18d0 [ 1275.363430][T18631] vidtv_mux_init+0x526/0xbf0 [ 1275.368132][T18631] vidtv_start_feed+0x33e/0x4c0 [ 1275.373031][T18631] ? __pfx_vidtv_start_feed+0x10/0x10 [ 1275.378442][T18631] ? __pfx_vidtv_bridge_on_new_pkts_avail+0x10/0x10 [ 1275.385066][T18631] ? mark_held_locks+0x40/0x70 [ 1275.389875][T18631] ? __pfx_vidtv_start_feed+0x10/0x10 [ 1275.395277][T18631] dmx_ts_feed_start_filtering+0xf6/0x220 [ 1275.401029][T18631] dvb_dmxdev_start_feed+0x273/0x3f0 [ 1275.406376][T18631] dvb_dmxdev_filter_start+0x1b6/0xdd0 [ 1275.411868][T18631] ? dvb_dmxdev_add_pid+0x2a1/0x380 [ 1275.417093][T18631] dvb_demux_do_ioctl+0xe64/0x1200 [ 1275.422264][T18631] dvb_usercopy+0x167/0x340 [ 1275.426788][T18631] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 1275.432364][T18631] ? __pfx_dvb_usercopy+0x10/0x10 [ 1275.437417][T18631] ? __fget_files+0x21f/0x3d0 [ 1275.442125][T18631] dvb_demux_ioctl+0x29/0x40 [ 1275.446763][T18631] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 1275.452077][T18631] __x64_sys_ioctl+0x18e/0x210 [ 1275.456871][T18631] do_syscall_64+0x106/0xf80 [ 1275.461479][T18631] ? clear_bhb_loop+0x40/0x90 [ 1275.466170][T18631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1275.472092][T18631] RIP: 0033:0x7f0d56b9c799 [ 1275.476518][T18631] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1275.496140][T18631] RSP: 002b:00007f0d57a8a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1275.504567][T18631] RAX: ffffffffffffffda RBX: 00007f0d56e15fa0 RCX: 00007f0d56b9c799 [ 1275.512551][T18631] RDX: 0000000000000000 RSI: 0000000040146f2c RDI: 0000000000000002 [ 1275.520530][T18631] RBP: 00007f0d56c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1275.528510][T18631] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1275.536491][T18631] R13: 00007f0d56e16038 R14: 00007f0d56e15fa0 R15: 00007ffd60190078 [ 1275.544478][T18631] [ 1275.547505][T18631] Modules linked in: [ 1275.552272][T18631] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to send rpc fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe) [ 1275.746481][T18628] base_sock_release(ffff88805c9605c0) sk=ffff88802a433000 [ 1275.987117][T18631] RIP: 0010:vidtv_psi_desc_assign+0x24/0x90 [ 1276.068940][T18631] Code: 90 90 90 90 90 90 0f 1f 40 d6 41 54 55 48 89 f5 53 48 89 fb e8 4d 45 dc f9 48 89 da 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 <80> 3c 02 00 75 4c 4c 8b 23 49 39 ec 74 36 e8 29 45 dc f9 4d 85 e4 [ 1276.494289][T18631] RSP: 0018:ffffc90003367a10 EFLAGS: 00010247 [ 1276.528717][T18631] RAX: dffffc0000000000 RBX: 0000000000000005 RCX: ffffc90005b69000 [ 1276.536777][T18631] RDX: 0000000000000000 RSI: ffffffff882bc993 RDI: 0000000000000005 [ 1276.610039][T18631] RBP: ffff88803479d7e0 R08: 0000000000000000 R09: 4453534204050000 [ 1276.618103][T18631] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000 [ 1276.728996][T18631] R13: ffff88805dfde6c0 R14: ffff888021af0a00 R15: ffff88805b8b6200 [ 1276.737046][T18631] FS: 00007f0d57a8a6c0(0000) GS:ffff88812434c000(0000) knlGS:0000000000000000 [ 1276.855381][T18631] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1276.898796][T18563] base_sock_release(ffff88808a293f40) sk=ffff88807bcaf000 [ 1276.930818][T18631] CR2: 00007f0ac1272bd0 CR3: 0000000032314000 CR4: 00000000003526f0 [ 1276.988743][T18631] Kernel panic - not syncing: Fatal exception [ 1276.994925][T18631] Kernel Offset: disabled [ 1276.999263][T18631] Rebooting in 86400 seconds..