last executing test programs: 2m29.903751139s ago: executing program 0 (id=151): r0 = pidfd_open$auto(0x1, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x8, 0xeb1, r0, 0x8000) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r1 = io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r1) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000000780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000740)={&(0x7f0000000500)=ANY=[@ANYBLOB="b50000000000000000b5172ab884e5cd533e27cac2ea28d43798ad98b8969dfb5495aa4c015bdaa02bb74602d3a0964c0f9060492d39242c80461d97b52100bd5075edb346b04dd1c251d1030d6a4d2fe8ca1d40311e3d325d2bf10e5a574dbaa78e00a5476ebeda97093a42df5c53", @ANYRESHEX=r0, @ANYBLOB="000225bd7000fbdbdf25080000002800018008000300000000c114000200776732000000000000000000000000000800030003000000bd02028008000900", @ANYRESDEC=r0, @ANYRESDEC=r0], 0x2fc}, 0x1, 0x0, 0x0, 0x4081}, 0x4000004) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto_IORING_REGISTER_NAPI(r2, 0x1b, &(0x7f00000000c0), 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0xe3a6) socket(0x28, 0x5, 0x0) sendmsg$auto_NL802154_CMD_DEL_SEC_KEY(r2, 0x0, 0x20044814) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x2aa01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, r0, 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x28640, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x40000, 0x0) io_uring_setup$auto(0x6, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x3, 0x6) openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, 0x0, 0x100000, 0x0) setns(r0, 0x60020000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000300)={0x293104480, 0x0, 0x0, 0x0, {0x10020}, 0x0, 0x0, 0x0, &(0x7f0000000100)=[0x0], 0x1, {r0}}, 0x58) r4 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000180), r1) sendmsg$auto_KSMBD_EVENT_SHUTTING_DOWN(r1, &(0x7f0000000240)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r4, 0x100, 0x70bd2c, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x14}}, 0x8020) 2m28.896838506s ago: executing program 0 (id=154): mmap$auto(0x293, 0x3, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) ioctl$auto_TIOCGDEV2(r0, 0x80045432, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x4, 0x200007, 0x9) r1 = io_uring_setup$auto(0x1, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x9, 0xffffffffffffffff, [], {0x9, 0x6, 0xb, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x1, 0x1, 0x52, 0x5, 0x1, 0xb0, 0x104, 0x8, 0x100000000}}) syz_clone(0x1012000, 0x0, 0x0, 0x0, 0x0, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, 0x0, 0x414041, 0x0) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x800008000) getpid() openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/pci/00/01.1\x00', 0x202280, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000001c0), r1) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1cc44bf37b00310900f4f8b69181a3bf952f9a98db3fe38918b4d65a19fa43e373370c5d8fee49c39c0e281176722d02083c8a915dc71058b0868de1e1da129c28f6a26e6212677f85dab602d2d68990dabf57bbf4e678ba0a198e08bcaec90e8582c6d235a8432cabd4", @ANYRES16=r3, @ANYBLOB="040027bd7000ffdbdf25010000000800190004000000"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x11) ioctl$auto_VHOST_SET_MEM_TABLE(r2, 0x4001af84, 0x0) 2m26.347315055s ago: executing program 0 (id=165): ioctl$auto(0xffffffffffffffff, 0x40045564, 0xffffffffffffffff) mmap$auto(0x5, 0x20009, 0x4000000000df, 0x13, 0xffffffffffffffff, 0x40000008004) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\xff\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xf8$\x00\x00\x00\x00\x00\x00q\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x92\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xdex\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/218, 0xfdef, 0x3) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/route/flush\x00', 0x80401, 0x0) mmap$auto(0x0, 0x2020009, 0x1, 0x8000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) settimeofday$auto(&(0x7f0000000080)={0x7fffffff, 0x5}, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) arch_prctl$auto_ARCH_MAP_VDSO_32(0x2002, 0x3) r1 = io_uring_setup$auto(0x7, 0x0) mmap$auto(0x0, 0xfffffffffffffffe, 0x3, 0xeb1, 0xffffffffffffffff, 0x404) openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, 0x0, 0x902, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto_SO_RCVTIMEO_NEW(r1, 0xffffb64e, 0x42, &(0x7f0000000000), 0x58) mremap$auto(0x8, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x200007, 0x19) io_uring_setup$auto(0x8a, &(0x7f0000000080)={0x80000003, 0x9, 0x3fff, 0x6, 0x0, 0x8, 0xffffffffffffffff, [0x1, 0x20000000, 0x800], {0x2, 0x4, 0xf, 0x29d, 0x100, 0x7f, 0x501, 0x4000006, 0x1000002000}, {0x100, 0x8, 0x52, 0x9, 0x3, 0x40, 0x7, 0x8, 0x8}}) getsockopt$auto_SO_GET_FILTER(0xffffffffffffffff, 0xfffffff9, 0x1a, &(0x7f0000000000)='/\x00', &(0x7f0000000180)=0xb) syz_clone(0x100800, 0x0, 0xffffffffffffff25, 0x0, 0x0, 0x0) r2 = bpf$auto(0x14, &(0x7f00000000c0)=@link_create={@map_fd=r0, @target_ifindex, 0x5, 0x5, @bpf_attr_link_create_4_1={0x2, 0x80000001}}, 0x7) madvise$auto(0x0, 0x200007, 0x8) bpf$auto(0x5, &(0x7f0000000300)=@bpf_attr_3={0x17, 0x24, 0xf, 0x63, 0x400000, 0x0, 0x4, 0x80f0c8, 0x60, "31b40cd8ed068f6500", 0x0, 0x113eb3f2, 0xffffffffffffffff, 0xe4, 0x7, 0x5, 0x6, 0x8, 0xfffffffc, 0x3, @attach_prog_fd, 0xe, 0xc, 0x8, 0x0, 0xfffffffe, r2}, 0x47) madvise$auto(0x0, 0x200204, 0x15) 2m25.572638317s ago: executing program 0 (id=166): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa902, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/hwdep\x00', 0x0, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) unlink$auto(&(0x7f0000000000)='./file0\x00') ptrace$auto(0x10, r0, 0x4, 0x100000000) ptrace$auto_PTRACE_SETREGSET(0x4205, r0, 0x2, 0x2) 2m24.559388887s ago: executing program 0 (id=170): unshare$auto(0x40000080) unshare$auto(0x8000000000000001) r0 = socket(0xa, 0x3, 0x101) setsockopt$auto(r0, 0x29, 0x2, 0x0, 0x5) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r1, 0x8000) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r2, &(0x7f0000000300)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\xa3j\xe7\x7fu\xba\x80}\xdb\xe1\x1cd\xf8%\xfe\x92\x84*=\xfd0\xb3\b\xa7+&\xc9\x02\xd1D\x99\xf4(\xe6\xc8\x13\x94\xb5\x94\xee6\x15\a\xf6\x9b\x04{\xa4\xac\x8f\bj\xd2\xaf\xaa.S\xa4\x04+C\xf0\x15\x87\xcf\xf0j\x99XGD\xc6$\xcd\x9f\xff\xff\xea\x8a2\x11f\x9a\xe6i\x01e \x1b\xa1L\x1e\xb2\'\x05n\xb9]w\xd4\x8b\xf6\xdf\xadG/\xc4ob\x00\x04\x06\xa0!\x8a;\x96\xe2\xf0\x16\x12e=\xbf,\x83~\xf0\x92\xe4\xaf\x85\x126\n\x03,\xa1\x17\xf4\xaa\x10\xcb\xee(\xfaF\xb9\x90\x8b\xae\x95\xdf?O\xbbR\xfeb\x14E\xdf\xad\x03^\xb0\xc2\x04u~\t\x86\x84\xc5\x1dB\xec\xec\xee\xf4\xd1\xf5\x1eiUa\xc6\x87\x03@/\xce0\x8b\xd0\xcc0o#\xff\x12\x194\x18\x1ft}\xff\x8a\x95\x98\x1a;(\xbdX\xdc\xbb\x96k\xd5\xe1|\xa4y\x93\xb8{.[\xea\x1f\x98hg\xe4\x84\x835\x98\xc6\x9e\x94\xb8\xdd\x11\xef\x05\xa9\xea\x00\x1e\xe8c\xc9|\xa1\x17wd\xf4\xdf\x1a\x8d\xfd\x1em\xae\x80\xf5j\x03e\xb7d\xcb\xd3\xf0\x1c\xe1\x0e?M6\x8eg\xf1\x84?\xb2b\xa5^,7cA\'\r\xa8\x00\xcc-z}8\a\v\xbf\x7f`k\xf1\xf5\x85\xfc\x8d\xbe\xa6k\xe6Bwc\xed\xdb\xd1\xd1\xef\xfd\xf42\xaf\xf8\x9f%R7V\xa4\xbf\x19L<\xe4\xd9\xf4\x9bI\xd1\xc5\x9c\x02H 6\x14/r0, &(0x7f0000000180)="0e9c17fe83031bbfd3bcb8bac55c38ad2e490b0f2392e1db455249ec8902033d6e92a6e1c675e3733c8d947ba016a8992c941e4b", 0x8000, &(0x7f00000004c0)="d27974c758286a209f4b98a5078074e7795d0f5f620da1be5f361525623bd97bc5c9ca29b71b2e009c85404d3a170c9bb497fdd2a2fb793d2ab6ce5c6c728288d1620ea6f00ca5e3f2b976cd8ee28197ebca358cf013fc29f6955bb0e7b8722aab2027c5e8ac35d8bc88741259e23554c787f142b73511798343f79805ef2d301eb4d8fde43c3d9fe3bcf38b4884f83f16bf60a1c22b673476f33c4c32a2b066080208979251e0b1cf21e320c53b0f9791f31ba3addd66757e8067356301b11851fbda3160e333a65c6f1e92c15e323381eaff092063443ab1ecabce3fc4ea335e315b929af44763f14665d29482b543526fc5f7ed5376", 0x9, &(0x7f00000005c0)="72f3606b3869fd2e3680f44d13acafc39009607574a5559d6f1d0e5d4b9112339e98d8ff1c41d2e327b5fb8a40f7362c618b9f1b61ea02a76f0cdd4ec18d284e977e9e7b76836eef3e9540bab12c1d88b3bbb594a87f43b7d2efb8d91b90032cb098354504644a2bf4c2f0f3038e1946b27d6fb16d818ba7755c91e5f6d87c14a9f3b57a3d7c5cda810f5a883735116ce807fd83a6a670f005eb4ccf", &(0x7f0000000680)=0xffffffff}) r2 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000740), r0) sendmsg$auto_THERMAL_GENL_CMD_CDEV_GET(r1, &(0x7f0000000840)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000800)={&(0x7f0000000780)={0x50, r2, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@THERMAL_GENL_ATTR_TZ_ID={0x8, 0x2, 0xab75}, @THERMAL_GENL_ATTR_TZ_NAME={0x4}, @THERMAL_GENL_ATTR_CDEV_NAME={0x14, 0x12, 'veth1_to_hsr\x00'}, @THERMAL_GENL_ATTR_TZ_CDEV_WEIGHT={0x8, 0xb, 0x80000000}, @THERMAL_GENL_ATTR_CDEV_CUR_STATE={0x8, 0x10, 0x10001}, @THERMAL_GENL_ATTR_TZ_GOV_NAME={0x4}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_ID={0x8, 0x15, 0x8}]}, 0x50}, 0x1, 0x0, 0x0, 0x4084}, 0x40014) madvise$auto(0x0, 0x200007, 0x8) r3 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) ioctl$auto_TIOCGPTPEER2(r0, 0x5441, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(r3, 0x3, &(0x7f00000000c0)='/dev/kvm\x00', &(0x7f00000002c0)="06a1f7bb16f81b18c75bba10364b2b43efade5a9fef65e8cba91629684e24e9012362e6f7621dda06775d495247bffd802edbe6936a3d60d7197486748a7ca1dbba3263ecc6f5d767c247ba51887180a1ea82a0ba08e579f51b654b5807d910c2cc2b9a2e30234d92ffc6c2dc1fc6c4308f9fa311915ede69fe215eaaccba42e3cbbd8ed8daf77928b11be75e2e7b0f1b21045546b66d819903a254c168adfa0d50bf32a0d86c6274a618b346c5a9f63f5d5b0401c51c88ef282b5d8195626fe0749013c32a20163e61e6c5bc2bffb8ab5adda9eabfa9d55f0406788cacc20867c02743abb7b0ef7fe7871b91661642558035c211261ec", 0xffffffffffffffff) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0xd00, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x206200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) sendmsg$auto_NL802154_CMD_SET_CCA_ED_LEVEL(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="08002dbd5f00eddbdf250e0000000500120040000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8001}, 0x40000) io_setup$auto(0x7ffe, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ram7\x00', 0x6af970bd8aeafe47, 0x0) ioctl$auto_HDIO_GETGEO(r4, 0x301, &(0x7f00000003c0)="a097ac3a533408960b39941b04e7d20c2897ecd48b6c61586266259f4e1617d478e0b24ecc4eed27ee2fb710b1352bbb8c0858c499cca02f1e6d5370e397b95d0ce2f8e855ce0dd8a06f5abf90241e5105d0f7a6f69169fa834c77e62141a1556ee63ce29e9a0844e9134fe77149d5009c7419c2bd4245f65c77c92555fecb6b1e918269d62a7c67ec1902d52fb89c4cc4589acc7dd2c2b86aa5d7bff0958b3ae909a1d5433345216c505bd124e7ed0a175cf02fd8fbc0c79dcc3f7891be51e978184870e62c023dd403e59c8a6be122fdc688ccf1b28be08eb2424d778d7c56e738e6ca425063ded6a40cbfcdf2") fcntl$auto_F_SETOWN(0xffffffffffffffff, 0x8, 0x0) write$auto_sg_fops_sg(r3, &(0x7f0000000240)="4a0200000000040000000000000000000700924d1b3c5d2e00000000fdd2adc245a4fe3a61af156016d2e122228118b035ab6f7e46cbe922896e7e796fec3370fd6cf2d037d9f213d48b743bd7804490341927d618b20f562edf1261d0", 0x5d) 6.005513595s ago: executing program 2 (id=673): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48980, 0x0) mmap$auto(0x0, 0x8, 0x1000000004, 0x8b72, 0x2, 0x8000) r0 = socket(0x1e, 0x2, 0x0) getsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) memfd_create$auto(0x0, 0x7) fcntl$auto(0xff80000000000000, 0x40a, 0x3f) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/oom_adj\x00', 0x980, 0x0) socket(0x2c, 0x3, 0x0) shmget$auto(0x1, 0x10565, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000ac0), r1) sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(r1, 0x0, 0x4) shmat$auto(0x10000, &(0x7f0000000280)='(\x00', 0x5) r2 = wait4$auto(0xffffffffffffffff, &(0x7f0000000000)=0x10, 0x4, &(0x7f00000000c0)={{0x9ca, 0x8000000000000001}, {0x4, 0x7}, 0xfffffffffffffffe, 0x8, 0x3, 0x3, 0x1, 0x6, 0x8001, 0x9, 0x3, 0x0, 0xffffffffffff289b, 0x3, 0x2}) shmctl$auto_SHM_LOCK(0x3, 0xb, &(0x7f00000001c0)={{0x2, 0xffffffffffffffff, 0xee01, 0x7fffffff, 0x4, 0x1781, 0x40}, 0x80000001, 0x71, 0x7fff, 0x400, @inferred, @inferred=r2, 0x2, 0x0, 0x0, &(0x7f0000000180)="6aa9f450cd41400ff19ce80c38955761650847da1d19a473ea07c5f21d47cae01adb"}) 5.752541262s ago: executing program 2 (id=674): mmap$auto(0x100000000, 0x2000d, 0x1, 0xeb1, 0xffffffffffffffff, 0x100000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5, 0x0, 0x9, 0x0, 0x800000000005, 0x7ffffffd}, 0x8}, 0x3, 0x1, 0x0) semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) r1 = openat2$auto(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)={0x982, 0x6, 0x4}, 0x7f) sendmsg$auto_IEEE802154_ADD_IFACE(r1, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x34, 0x0, 0x100, 0x70bd2a, 0x25dfdbfc, {}, [@IEEE802154_ATTR_SRC_SHORT_ADDR={0x6, 0xb, 0x9}, @IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0xd4}, @IEEE802154_ATTR_DEST_PAN_ID={0x6, 0x10, 0xac6a}, @IEEE802154_ATTR_PAGE={0x5, 0x1d, 0x40}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x525a05df5b8ef67a) r2 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000180), r1) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000080)={0x0, 0x10001}, 0x400040000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x200000000) sendmsg$auto_NCSI_CMD_SEND_CMD(r1, &(0x7f0000001600)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000015c0)={&(0x7f00000009c0)={0xbe0, r2, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@NCSI_ATTR_PACKAGE_LIST={0x439, 0x2, 0x0, 0x1, [@nested={0x1f2, 0x2, 0x0, 0x1, [@typed={0x4, 0xf4}, @nested={0x4, 0x5f}, @generic="9152ed0bc658e5e2dc26b63bd1c464ff9250f5d81f470df322e0638e0d900cdc45c55f08c76f1eb84115c5cf1ac97a0a4420bbbbc43e98cc933265c65808ab2ee89b1f9831061314973d7f40cd913fd588920afda75cf9b615a351fb2df47768cdafd0891823a59d02e7314c5cc2fe201a07f0e62ed03193bfec853bddbd94c7ecd3d37d70d2846494f7b4c6328e9eb9175f0e6aa56f139c7c72a77d01db8b56a04758f971d3d7c7fe3687bacf8c5cb87149c96a110f1717563493fbc676f87f6e06a0f7c78965e733ae2ba11c", @nested={0x4, 0x157}, @typed={0x8, 0xe8, 0x0, 0x0, @u32=0xff}, @nested={0x4, 0x154}, @generic="9bc7cc18633ebb7405a69a75335625522f5edd9c57d062214bd7047126f0a4c0c2d6af67d765e6d2f7538336d5b57068cba50785655be8f9d4d391381db251378be9869a4b5fa8ed345bfd967245e4c6380904d6270524293252ee3d7f4674d8394a14a0a2fe3ae7f4f30131b457c20910f952fcdb", @typed={0x4, 0x6d}, @generic="b03e7e90dece3f94572d88354e9e657e5dc68391f9bfbe7efbc7e501634b5f8fc8b6e49f553a63257c3222ad72304cad6ba0403f58f5e30eb57240302c504e8995aef06b10249f25d680c666c3e35f578b98fe5b63414c53aa8ca88cd05ea04d72520e0450ca36192adb8b2b855760826708b0634b71d433663fec6cb086a06fc7d821ec8bc532e08d048cee51d22c4a"]}, @typed={0xb4, 0x116, 0x0, 0x0, @binary="026c47db5c9783a00552bf620e858dfb1bc04eb805514cd1f724865552bf3315404f8c406145bded10f139819dc0cebfda3b7c970e8e55a09652b0f4d8d1aae4a2f2ba8540f904d72b57b5600050716762397945e8d951fc65b52cf05de1096c1ee9f8ab1717842dd3a179513fbf27ee4dd0bab06bf942ce769bd2c6bcf3e03ef9cc4d197c5eb5970cd455bb7a08b392a321e821d3b38bfc4ff078c9ce2e4fa2e9991a5c3b2a5862fe93e6f6e6be9df2"}, @typed={0x8, 0xf4, 0x0, 0x0, @pid=r3}, @generic="8d839b04032c1f677776804c34d4a502a008a3e53fd471ef51900be2f2eb8e6d71d7d83903661a9b80a28e3b7eba2854ee8f3840d04a33b629e94276f04c91c1cf6488a10ff11e9a5e1a779ed86d42078f3f7e26042eed36130d8c3612c4005c0abd37e24902a45040bba6e7ed4fdbe8f502879b89e5336df086e6ebb2ad37c5c6d78e932729489d39824f369211de6a968a9c28b5ab2ae0e49e726b4591903b55fc01013dbf8757407eaa2d4054e61f9fa41a8fa36eb01a54848198882b7abbf63bc962f6b7aeae4c7807f0cdd7831c87", @typed={0xb3, 0xfb, 0x0, 0x0, @binary="c27af9e84690d71aed7c17150f9cab7adeae205966073a5caecbf58597c38c93b68c79891016547576c78b89e515a2d085cdb77ed0448a07af361c949ac83a39cc13667632426024331858d06ac7a5e5f5fea965c340a9cbbe31453a2121e70077e7b6ec1793e26573515f08246bf508840b71242918d494e9bdb75215e065b3221c81752ca92c4a95a142c777e30fb881dbe6e87e4bd1716f54f0b0d5b2369001757e66cf6982a1017f69514cea13"}]}, @NCSI_ATTR_CHANNEL_MASK={0x8, 0x8, 0x3ba67bd8}, @NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0xb49}, @NCSI_ATTR_MULTI_FLAG={0x4}, @NCSI_ATTR_DATA={0x77a, 0x5, "f928e09d7bd7fa2202977becacbfba05779299539e9087c29bdcfb7e759354020deebb22ec4bd883dbb7deea7425a87316ae9678267fecc436029b01e0ddc119fc3e4773eb5acadcfedf56a5cc5227743accf629c50812ae37af5cde21bcc23362ab755f2630ac53e3dfcc67731cb38a4be45a151fc54e296eab4b67d8e1816732a34c3255ee7541ff4e75615890783b19a98f05211738c03f34fa2113b6d768ccabd78c5e2780c2c0da118f0d282c44f4fb6133389f4ab50bb5c224255a6c7e9e3ae7314ea96ace9e25f2b3be2182b1eb0deff67feb536c5fe5f005b6a7a0b3b5582a69abc83c37a4d8038e829d60a991d7ffd9851edb138fdce06abb8867a2be56a5dbebd5e7ef3d7362ea7e6723b8ad49689b4363c54afdea8d7e7448499f38e48320398a4234fa61a3d20c09ba7d4baa283e7122deea61454d68879cdb549df69234ea91c57e5472579702e21a80a1537ec61e189b1fc21d7ffbbf5cf6962454217baa5d903e28f3a697a883b279e211f7ed6716fe84d6ff67f82602ff77a0e798d6692440fdebe9a433ae69b89b55aeba6241f29aef20ad6fcfc85fcbd4e9e59f159ce4a4cc77ccae8332290b4cde9437607273c950478e91905f51b234f42a18f6cd00da83811e1c385767bb91b1b792b79c154f4fc49dcf5876ffcb4e701d522917a0d253e3469bdc1c498a062706b8338e16bd44bcb04a28b79a71f4924e8f52ef66838f35ab5d569765b5b13860986c53cfe5a07018594b69ca399427013a1871f599564b7269f44edecaeaa1b84ed56c249d5968235b9e23c37bf71f0ab9a741176fb33b8c83afcbfb6efae66c56310915cddbd681b9dc72b8ec14a881f1fa9e193b9db73e0a2cba79616d28bda7bf0b31202c1a24711c2bfc85bf689d34e439409ad93bb4eadb1ecf761626375fbe5656e9760086eb85116f83b5d99d22a6bc0cce98cf77533b22f0d305a1e00f651dae93dc7bd3aacf3ff45d6df754f35d901ec6ac3014f505ac13dbfe184f3f37bb1c29482fcc86f419d8cfed35fee9e8a612574f9e3afe27e9ee3ae5f8ff22734150611188de68af93f3b156b2fe92165a0ed97e1ece3f5751e4df65eff481c7f2391c8f45f7d082b104e353ec2092e616bd9d83c663cb176deb7b25a216f8b903c461f93b3b771f9cee918043cc21fa9ea85c42326cb2dd3c846d0dcf1fe33fc61d2bff8f1cf63e38329e2d508b484106f1050a4f396b38449571995d111c345e6363388844bc7e7403199a52acdee14a4e661a8dbef77e25e57ad16a90dba607182afb1f891c7178f923130db86b4a501cd43de8571eed672cf02408586440be582c91b64f7212971886f75ac25cb9c3adedbccf226b5252f26d3f7fef415b748fa39cac970d1b07ac8b7ce6b026a95cfc1a1532d300345dd274259cf0602ada400278fd0d09c687b4c324cb9714be58e51cd8dd36619ad89e4090eae95e0589245f210cb05e9fa90318d39007ea4fc8ccbd9dae613027ea6c95940a7ed72efc660c622095bb42173939eb42f4400f5ad6184540d718946926f5b987fbffaf115bed18f27c946a77ae78ff5b5e72d2a64aac60aaed728ea3ede4d78de9f79b11ec917623a885d4027d2a999b98298e2af8b9aeabf1380b5c3feeba52a1814a05e7a8ce3ee85d1b42a1dd9adb23381dbd76cb6688a238e76ce6f4098063ea755f1ef7abbfa23490a6544099a6f9530259faf5e3d0c07b2c8bf986aeb5028268ebe4d908e0413e964fd8b2d5ddb3d47b9b0e68de5096732bea7dc3b1b3466f7dff45721a9b1d5811a4e1874ec2be961d37a9d9d2ef50492bb75ab96504dafd326decc198ac8805a18e350c38e4de47ef2350d18f3501b50bb285023023d03fa66cf215ec6a34564affb95aca93f3677d4154b6aa9c1fbda430511f31eb6468825fbbe8a124a886ab881b7da7b71a1159bdeada0ce632d3e54e561468f4dd26640cc2d9f1587b7023928741d0f71fd00e58ae6f58d9eec0f2c07da2ccb093512d538bf1f4ea2311d4faeec03187739b1ff36129da3bf1c5999fafaeacb9be63fe3ae8765b827fe1711a0b134494c8a5f067642946e42ada782618ed9daac32eb165bc327e278c3ff030a593d85b93e3ccb751fe67c6d8bf647bcaa91c66b859db93c60a88686d07eb250e91d16a1f90c099d4835b71ba0bc03d950690a626fe5575633b90216163e1443d5213286194c0df5aa891ba17db5893fc758c282639bc7ec6ed7d27421dbdb73d01e9e149799ca2860748c06a69b41c74def7bbf31e42be43ccb4b8a5e64459f476eac90023c0677c94c6d785435e4ac8ab6891161f9b7e1d0be6bd44d17de9672aa470df2dee31ca60875388a25a90271c4b4fcf4ecc75651090ee9530d72cf969e4c1f0a3ab036bd131cc02b87bfbefa7472d8623ac7be17a1c56cf5b3c4818af0a0a2b910948e7492048f50d855efee2a12d8c63b7ddf9da4cef69ffdcf551b18936d45158aa1e6ade7060979b2f1e60e679dcdee9b45f203d4f23f30205596485409ed517525f2c922ba15574d1191711355495f0de907f42fea54bb1157d2eac8afa28574f6b460b519d8eeedacaec0815abc980a4b96289d3f9ae2a3145d15240fca1d5cbe7a53e149a6e083b7befb52f51c679e115a0a366197c0e95a4c2a1b5511155ec9815bc0402d19d9f125a7bc5c63290ac29"}]}, 0xbe0}, 0x1, 0x0, 0x0, 0x4010}, 0x811) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r0, 0x80045105, 0x0) socket(0x1e, 0x80000, 0x9) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0) write$auto_dev_fops_plock(0xffffffffffffffff, &(0x7f0000000200)="ea579eafbef6a78ace20c66c3ed28a307811ba5a77e0d6f20eee070874ce267321ef2da8ccef77a2a57912658cfac38b23199ba898ef2c29ea039494e108e23fc3d3de801c6cdb8c585be1ec026d327ad05a0c7812805bb6d050f902f2e77e549ec276c282a2bb8c2847f2e7105018d493a4a1", 0x73) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r6 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000340), r6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0xf8f) prctl$auto(0x16, 0x21, 0x6, 0xfffffffffffffffe, 0x5) sendfile$auto(r5, r4, 0x0, 0x1fff5) close_range$auto(0x2, 0x8, 0x0) semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4) io_uring_setup$auto(0x4bf15e08, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) unshare$auto(0x40000080) 4.308101343s ago: executing program 3 (id=678): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_RNDADDENTROPY2(r0, 0x40085203, &(0x7f0000000440)=[0xfff, 0xedc0]) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x80c0, 0x0) close_range$auto(0x2, r1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x801, 0x84) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r3, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000040)=r2) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0) ioctl$auto(r4, 0x5, 0xffffffffffffffff) keyctl$auto(0x7, 0x7fffffffffffffff, 0x0, 0x4, 0x3) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x541a, r5) 4.263136457s ago: executing program 2 (id=679): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_RNDADDENTROPY2(r0, 0x40085203, &(0x7f0000000440)=[0xfff, 0xedc0]) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x80c0, 0x0) close_range$auto(0x2, r1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x801, 0x84) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r3, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000040)=r2) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0) ioctl$auto(r4, 0x5, 0xffffffffffffffff) keyctl$auto(0x7, 0x7fffffffffffffff, 0x0, 0x4, 0x3) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x541a, r5) 4.04295488s ago: executing program 3 (id=680): r0 = socket(0x2, 0x2, 0x0) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x52) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) socket(0xa, 0x1, 0x84) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xe0300, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x80111500, 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) madvise$auto(0x0, 0xfffffffffffeffff, 0x15) socket(0x2, 0x3, 0xa) socket(0x2, 0x3, 0xa) connect$auto(0x3, 0x0, 0x54) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snd/pcmC0D0c\x00', 0x80000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r3, 0x805, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) gettid() openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0xa901, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r4 = socket(0x2, 0x1, 0x0) bind$auto(r4, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x1c, 0x20000000) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r5, 0x0, 0x400000000006) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 4.035405749s ago: executing program 1 (id=688): unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x2, 0x0) write$auto_sg_fops_sg(r0, 0x0, 0x0) r1 = socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000080)=0xb5) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, r2, 0x10, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_BSS_BASIC_RATES={0x1e, 0x24, "ddf62f850d1014c90c4772113443d53d0820fdc5dbb38f802043"}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x9}, @NL80211_ATTR_EXTERNAL_AUTH_SUPPORT={0x4}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x7}]}, 0x48}, 0x1, 0x0, 0x0, 0x91}, 0x80) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_UI_BEGIN_FF_ERASE(r3, 0xc00c55ca, &(0x7f0000000000)={0x8, 0x5, 0x5}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) connect$auto(0x3, 0x0, 0x54) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x200000000, 0x40009, 0xe1, 0x9b72, 0x7, 0x27fff) timer_create$auto(0x9, &(0x7f0000000300)={@sival_ptr=&(0x7f0000000240)="f5bad0a6cbf6811c1375d370b9b0c9f46a08ce31f27075a1be3a08eeee370e8ab7330639f9a865204703b07aad5f8500a4e07709b7441dc265784a17cce9025f453a413d87fa1c22037757d1014dad7af5c6bf0412ac16b4c459c00df7b140988749e6ab0025dd4cfa4c4208397f20ee696473e99af8dba0d7ea8739c25f58c886e0dfb2a7f1622622efe852db10f0eb", @inferred=r3, 0xffff}, &(0x7f0000000340)=0x4) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 3.070641773s ago: executing program 2 (id=681): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0xffffffff, 0x0, 0x1, 0x42, 0x200000000065f, 0x401ffde, 0x7, 0x3, 0x2, 0x100, 0x3eb, 0x5, 0x2, 0x3000, 0x2, 0x6, 0x10003, 0x82, 0x4, 0x0, 0x7, 0x1ffb, 0x203, 0x400, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x80000000, 0x4, 0xfffffffffffffffc, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffe, 0x0, 0x1, 0x0, 0x0, 0x6, 0x0, 0x0, 0xfffffffffffbfffc, 0x0, 0x0, 0x0, 0x0, 0x200, 0x8000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x7fff]}, 0x7, 0xd) rt_sigqueueinfo$auto(0x0, 0x7e, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x41, 0x7e73, @_sigfault={0x0, @_perf={0xc, 0x40009, 0x9}}}}) r0 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r0, &(0x7f0000000080)={{&(0x7f0000000000), 0x5ac, &(0x7f00000000c0)={&(0x7f0000000200), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0xe}, 0x5}, 0x2, 0x100) symlink$auto(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000440)='./file0\x00') r1 = socket(0x10, 0x2, 0x0) setsockopt$auto(r1, 0x104000000000010e, 0x4, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="1b0026bd7400fddbdf650300000004000800100003800c0017800800018004003380ed000100898771f1c19f17790485908288480000040002805cd191e955f51e880c93ae258a26d0a5d7164f4640aeb7d81522068e010ce410215e2a7545d61e5b7a0a5592b717580b1f7e565f309c18cec54519c19457d3a369f2b9531d9b4b63d84dc53303e5a10b478f310234c97fa644a800ce66c1ef6bdc0f8782bed6b61dba1a580752dce7d85a498985d19e4dfc052116e40002f01078a6b2d58f527d144384bdfd90d1cd340389cc4eb563cbc08bc2b13a14f735e44033f907"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000200)='/dev/bus/usb/019/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000500)={0x4, 0x80, 0x90000, 0x15, &(0x7f0000000380)="4c47c610e1c226546697572cede49600cfdbb156df482f78f252c40000f904f2b6bd763bdc86da2659e61c8f7e19745745b5e33c6b2ea367930a4aa2d0b4542eec4b3b13be18c338741649b9a8e560b09af143d737c4f9840902ce9dfb191feeb13735f3449b", 0xc694, 0x3, 0x7e, @number_of_packets=0x3, 0x20047, 0xc, 0x0}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x103800, 0x0) r5 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x20) chmod$auto(&(0x7f0000000240)='./file0\x00', 0xf4be) chown$auto(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r6 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000680)='/dev/input/event2\x00', 0x100, 0x0) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000400), r0) sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(r5, &(0x7f0000000700)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000006c0)={&(0x7f0000000540)={0x114, r7, 0x4, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_BSSID={0xfb, 0xf5, "5e0114f54cba7a51eaecf9aabfab0b9055786683202093e51677141ac72c9b43f44ecbf4a257529a3a729a1e550e1d50a121e085fe274d105282781e658eefe387b79172f21e541968c0df244c163ea86c5ffd32153d5f4b243cd616d3cfa8fb44427a9033314cdc5a44f6ee75b1bb6dcf92b714bedb8fba421d43aa8611bc99b117896957c2c8eaa91153928d02dc7e3e027ea79fde1a3c79296e09443d1cec99eaf484a8a862861f1ef99184ece5ec93b503338b25ddf282c2e9142b99a1e2928144499f32a0cfcff986ddee2f6292aa7bac3ff44922b8af768c6c314fa34b156e0b3ed6cd29ff1a1768ab48811f76c2f0ad8e6b8a64"}, @NL80211_ATTR_EPCS={0x4}]}, 0x114}}, 0x8040) ioctl$auto_EVIOCGKEYCODE_V2(r6, 0x80284504, &(0x7f00000000c0)={0x3, 0x9, 0x1, 0xc1e, "c92eee6d23cfaacb4b946edb9f435bcb5223b07f36dcc2e8b0d2e486bbf74a63"}) rename$auto(&(0x7f00000004c0)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00') 2.848559151s ago: executing program 3 (id=682): syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000680), 0xffffffffffffffff) ioctl$auto_TIOCGDEV2(0xffffffffffffffff, 0x80045432, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0xb, 0x1, 0x81) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setsockopt$auto_SO_SNDBUFFORCE(r0, 0x10, 0x20, &(0x7f0000000040)='SMC_GEN_NETLINK\x00', 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) unshare$auto(0x40000080) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) getsockopt$auto_SO_BSDCOMPAT(r1, 0x0, 0xe, &(0x7f0000000840)='*\\\x88\x83.\xc1\xce\x00)T3\xf0heJ\xd6\xde\x1f\xb5j\t\xd1\xca)\xb2\xdf\v\by\x1a\xe3\xfe\xfd\x06W?@\xf0\xdd\x95b\x93\xfai\xb7\xc6\xd1t\x89\x04\xf52\xf1\xc8\xd9)p\x01\xcd\x19\x81Rcr\xee\x1c\x94u\x05<\x14h\xc81O-C\xe8<\x1fu\xbd\x8a1\xd9dLi\x895\n\xb8\x8f/sTF\xb5\x9f\x1b\xa0\xd9\x80O\x14\x8d\x17\xa8\x8a\xf0o\x1bY\f[\xcb\xb0;D\xb6zd\xf4\x93\xb1eE\x01\xabt\xc2\x84\xb4\x0e\xa7Y\xb5\xf1.\xa0\xd2X\xb2\xf2\xd8\xb7M%\xe3\x17\xd0\x1d\x03\xf4\xec~!\xbf9\x8d\x89\xf5r\x96&\xbf\xd2N)g\xb6:\xff\x03\x00\x00\xc2\xcd\xef\x8c\\\xfet\a\'\xb7U,\'\x8a(Z\xe9gR\x95\x9d\xaa5\xf9Q\xf2GSA\x92;\x19\xedPD\xcb\xe7\xc2\xa5\x0ff\xe0\xd5;\x03-\xf3Yu\xe4()\xf5\xfb\xecU\xeb\xc8\xf5\':\xe0\xdc\x8cL\x1a\xf5\xcb\xeb\x1f\x14\xc5\xb9v~R^)+]\x17\xb0\x99\xf5\x9b`\xb2K\xf8 \xbe{\x11\x8b\x8b\n$\xcbY5C\xf75\x05x@\x16\xd0\x18k\xb0nO]\xc8\x9d}h\x93\r\x9eSP\xbd\x1d\xdd\x90\xe5\x1dd\xc7\xcdN\xd3L\xf0\x84H\x0f\xe2\xc5\xde=\xc0\xb8h\x84Y\xcb\x94[\x05\xbb\x01Kb\x17#E\"\xac\xf5\x98) -\x83V\x81\x83@CU\xc6\xcbbI\xb4\xdaQ\xec\x03fa\xd1\xbc:jCh\xb0wzgK6\x9c\x8f\xc7\x85\xaa[\xe8E\xeee\xb9O/\x84\xce$\xe5\x8a\x97\xaauS\fN87&\xf6\x83\xf8\xd4\x9f#\x14V\x02a=\x02fK\x85\xf0\xed\xec\x89\xe8\xaa\x03|\x04\xb7\xef4\x18\x82\xc0i\x80e8\xa7\b\xb5\xbd\xc3\xcc\x91N\xa9\x1bm\a>\x15_o[\xcaq&R\xdd@/-\xf1\xf4\xe2\x17G=\xde\x15\xaeup\xa8\xe9\"\xf1\xd6\x9a\x02Fu\xf9\xc3\x8d\xa1|M\xa4\xe8\x8e\xf9\x16\xb1\xa3\\DE\x9d~\xd2\x1c\x7f\x1a\nS\xb1\x1a%(', 0x0) mmap$auto(0x0, 0x810000, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r1, &(0x7f0000000080)={0x0, 0x80000003}, 0x7, 0xffffffffffffffff, 0x8000000000000, 0x2f) bind$auto(0x3, &(0x7f0000000040)=@tipc=@name={0x1e, 0x2, 0x3, {{0x41, 0x3}, 0x4}}, 0x6a) getpid() mmap$auto(0x0, 0x128008, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) shmget$auto(0x0, 0x7b, 0x100) r2 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) r3 = syz_clone3(&(0x7f0000000600)={0x22000000, 0x0, &(0x7f00000001c0), &(0x7f0000000200), {0xa}, &(0x7f00000002c0)=""/150, 0x96, &(0x7f0000000380)=""/162, &(0x7f0000000440)}, 0x58) r4 = socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x4dd8, 0x5) r5 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000180), r0) sendmsg$auto_NETDEV_CMD_BIND_RX(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010026bd7000fcdbdf2500cde4b7ecd5e730a82ec348fbdc4447570cc6b6117c628bf9bf7fd0995cd394096e079a4fa38f2f2866da338e129e1a7b1b96a22f35164e3aa4283e1788c1ba3441a67385ff189f57edd58acda3e6e3cb090f378578d175d161c463b0620eeb579afb2facb62fd1342ade902a5a366e23c952f20dd9831e7e76c5d4ff358c873f83330d1da8788b61d43dc335babf4a717ad846d918fc07617b34101ae80c1bd0d562aa64accc8d4a16f8c04a6e5b66bc096c4f64517391f4cae711290e08c81e3d2290f501979d20b5db4124db62", @ANYRES32, @ANYBLOB="0400028008000100"], 0x28}, 0x1, 0x0, 0x0, 0x4800}, 0x4) close_range$auto(0x2, 0x8, 0x0) prctl$auto(0x3e, 0x1ff, r3, 0xffffffffffffffff, 0x4000006) listen$auto(r1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0x0, 0x0) 2.84258908s ago: executing program 2 (id=691): pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91\vI\x1eRN8\x99\x88G\xd9\xec\x1epJ\"ds\x1cJr\xde:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18\x89\v\xea\x1b\x95\xaf\xee\xe69\x8d(<\xc7+\x83\xfcQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd3\x81Y\xa3Fp\v\xdc\xe2\xc3\xc3\xdbS\xdc', 0xfdef, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x109802, 0x0) unshare$auto(0x40000080) r0 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r0, 0x107, 0x9, 0x0, 0x20008004) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r1, 0x8000) mlock$auto(0x3, 0x7fff) execve$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)=&(0x7f00000000c0)='@)\x00', &(0x7f0000000180)=&(0x7f0000000140)='\x00') mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0xb, 0x0) futex$auto(0x0, 0x10d, 0x2, 0x0, 0x0, 0x8) r2 = socket(0xa, 0x3, 0x3a) getsockopt$auto(r2, 0x3a, 0x1, 0x0, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000600)='/proc/sys/vm/dirty_background_bytes\x00', 0x81, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(r3, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x8004) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) close_range$auto(0xffffffffffffffff, 0x8, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) setresuid$auto(0x0, 0x8, 0x0) setfsuid$auto(0x0) setresuid$auto(0x8, 0x8, 0x0) 2.432778084s ago: executing program 1 (id=685): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x200007, 0x19) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080)) mmap$auto(0x0, 0x5810, 0xffa, 0x8000000008011, 0x3, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r0, 0xc0045002, 0x0) prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x5, 0x2, 0xffffffffffffffff, 0x0, 0x3) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'dvmrp0\x00'}) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB, @ANYBLOB, @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) r3 = getegid() fsconfig$auto(0xffffffffffffffff, 0x3, 0x0, 0x0, r3) r4 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, 0x0, 0xfffffffd, &(0x7f0000000180)={{0x9, 0x8}, {0x0, 0x400}, 0x9, 0x2, 0x3, 0x1fc, 0x7, 0x1, 0x6, 0x7, 0x5, 0x10000, 0x5, 0xabc, 0xa, 0x81}) shmctl$auto_IPC_INFO(0x3, 0x3, &(0x7f0000000440)={{0xa, 0x0, 0x0, 0x8, 0x6, 0xfff, 0xc}, 0x1, 0x9, 0xffffffffffffffff, 0x7, @raw=0xe99, @inferred=r4, 0x7, 0x0, &(0x7f0000000240), 0x0}) msgctl$auto_IPC_SET(0xfffffff9, 0x1, &(0x7f00000000c0)={{0x2, 0x0, r3, 0x3, 0xffff7fff, 0x80000000, 0xf}, &(0x7f0000000000)=0xfa, 0x0, 0x3, 0x7, 0xf20, 0x9, 0xffffffff, 0x3c40, 0x2, 0x1ff, @inferred=r4, @raw=0x400}) r5 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/mem\x00', 0x80000, 0x0) r6 = setfsuid$auto(0xee00) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x488, 0x0) mmap$auto(0x0, 0x8, 0x2, 0x12, 0x2, 0x8000) setresuid$auto(0x2, 0x7, 0x8080) prctl$auto(0x10, 0x2, 0x0, 0x20000004, 0x2) madvise$auto(0x0, 0x2003f2, 0x15) fchown$auto(r5, r6, 0x0) setfsuid$auto(0xee00) setfsuid$auto(0x0) 2.148064019s ago: executing program 4 (id=686): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="00100000", @ANYRES16=r1, @ANYBLOB="000826bd7000fedbdf257e0000000500ee00010000000400500106005101050000002700fe00f685e1412d9dc6a0421d949b214a4d304d6d0dab0c1fd1b570625ad389736e4f90a58100"], 0x50}, 0x1, 0x0, 0x0, 0x50}, 0x20000000) mmap$auto(0x0, 0x402200d, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010329bd700002dcdf25050000000c00010000000100000000000c00010005"], 0x2c}, 0x1, 0x0, 0x0, 0x20008810}, 0x81) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) r2 = socket(0x2, 0x3, 0x100) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="0c001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) r3 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r2, &(0x7f0000002040)={&(0x7f0000001940)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000002000)={&(0x7f0000001980)={0x67c, r1, 0x8, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_P2P_CTWINDOW={0x5, 0xa2, 0x7}, @NL80211_ATTR_TIMEOUT={0x8, 0x110, 0x4}, @NL80211_ATTR_FRAME_MATCH={0xc7, 0x5b, "c45bffa92b83ff83ed19ecff76e3f1f627604d57dacb74746f3dbac06ee4ce6cce5d52ff121ab84d79a1f4bece19791af7442e96f5c214d16222d3647205ac17655742ee6b33ad974d157d4da3c8394077bee89a930d8603f539bbecc1c45e8b19356de1d12326d367c76347c2356cceb7f16d6d130f523c8b77ff35f2a7840d6517b1094105722043434fbaab815c963e53b5c5dc2bce6d5bca946c8d4bf95dfe35602fd9558d6a1c1ee3a8a51066f2aba44f4a049de168ea34bc5e5500a22dc4052b"}, @NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x1}, @NL80211_ATTR_IE={0x580, 0x2a, "153600c627ac15f52628b99a1c1ef1264cf9576953b2916bb03e10f018e1e0dc23edfba8be641d71b4fb1a6e562d82954a0f088d2c267b80a52a351f2a21f3517a3a46434eb0296dafcf9d3a7a0e5783562c21034252e7494c12f31b3ba8cd235c5b198b11548691eb593c9bc75b6e92f8686fa9774720e1ec1f65c38f0eecd40136c18b146d4101e2b946eb2a30c55800153859adc9208ad4dd360ff4acf827e07a01a2d99736c29aedbb3085fc73387e1a02b37be9f2367a13bfbc3f30091168520c9c748d108a4a868a2ca811cdfa27764fc25dae575aeca389c5ae6b87ae12df0421ea04042921664dc114b830e9b4d1bdbbb52a87c5549c233ae26ca0e48f93f48a74d1937d452ba470a70640cec0f4dd8f93a96d08ae903f4c073356160167f200faa2bb015647c6b6a32649f5a194e8070be0ebe916831729e28ee91883b87f402e33ac3bc364fa026edf6ebb9df096ebddfed7ed9746b0653d968d009070604008b9e27e34e196da6b24d4fec0c4d35f2a7b0c79f671db51c59b8f30d59c0fc7ac8db4b85a0c0b8f86536aeb7e2dbac10e02872e01589d37e2519012afdae0acce1c07db4a42c1057bc3094a26f394b9ef53382a816806344a7c41a1ce74dc1684de0cc59aec186bd4a4874c00d385b933c2a28ed7ed4ec46c20cfb595ba83d6c553e71246ae68e750c8a0f490e4032bf552cb6870e49bb98fcbaa9d57c8e10ff841a286fa4644a748478351edd19866abb814e338f1ac0006e559f5949c20acfdee7301743bdb38aa0568b745dabd7f6a17c09faafb582ca84ecb9940a631ca6ff614a7486c84b957a79315910fc2972ba55e764237b410aaf2c083f19db6be97f3f4fe1551e1cc842ebddaf9e7dab4f29a2493bc45d1afbc4b01f7ecbb6d92c448edc17410e0327f4830da3fde2a3bee280e59e3902b36b17aa5e426c4700972377037fd9e9217463ad4e63fd0dd22ffb56654ee3e5efdad48e666a6407fa50e76e42384bd04ce8fb90f39093e1d535ea5c0f9e5ffafa77ac0798983c25e9a2775c384471ed978f43278cfcbcd14319fe6ddbcef7dbe5d9349ef816f9286ddc22b1566562b1421b6020429b7597b5df8ea771c9aba0383d85159eca3fa6e0df4bc425f69c21d5511d4e0816ce35f7d5b544960a5fe018aa331b47b964afca7846f40e105f7bc6ce5d938806bfd62e7f4f7bb69446ba66726f78b23a886993768bf23a4a1e6a75b16eac08078cf2d496705fba28e549ee800db44be41ebe7d456ae9b7bda83fc75d60641a38cd4c27872af3203458c3ac3c06960b492be1e586e9a63d1bddd929a161f3542d4bdb04e084a25087eae04cfadd43a6556a011e5dbe1339b358519c9218146a62b7aa0a9211aefda95600fca6a1fe9e5d61905cae1125e1b05f18f36fbe4acf7b63d836d9cafa3c4dde555bbca844528a9ac7ae24ea6c228ffb08239209d931675034c7630fb5696ce5d605f9ef8a4d29d9470003c05b01108b326d8285f9d5abf29b3a2cf964a1a4db8878a75e08a753befb925d143668f0f0de552534426445f9a75f1fa4fd8b0c5a1b14c37907690484c0c5a28977eb6b08913eeafaa4979f540ed44ef7da25b964ee6ae4170e0541d987c2a38db0670de6a8d48ee68928a99ff6a52eb174d467732b0a5c4a19f8149bd9f326f86577a6fca45916a547ef2c4555649fdcd11a50871ee3d8cd7a327e08b7b4841fc483a595f7b88fe6bae334d315404800075f0e10634d61523793362980c64f10edc64eb76928e129bfa28c30054f3f2ef6c41ab312740b1a0c9d3bb2646f6a50de6a1636ffc9cf69f6a84f987ce7997b5fab0675eae308207043956f4a95aed141fdb53d32bf018ad32ae10bbe7cfa6fcfe9611b85ba099a1e8201c1ec3da17931b923826317bbdeeb055424f21580bafff560ccd6b799b43c595d7e677381d0fb62edcdac2684e3bba2ee9c4aa05449fb31870b30ceb"}, @NL80211_ATTR_MESH_PEER_AID={0x6, 0xed, 0xc}]}, 0x67c}, 0x1, 0x0, 0x0, 0x8000}, 0x10) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/tracing/events/vmalloc/alloc_vmap_area/trigger\x00', 0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x60, 0x0, 0x2, 0x0, 0x7, 0xb}, 0x800}, 0x7, 0x4008) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, &(0x7f0000000140)={"57f475c61457e99f769f5235b668e09caf9941b9b26b2fb80cf70643d6ff9594", 0x3ff, 0x23, 0xc130, 0xd5e9, 0x401}) r4 = socket(0xa, 0x1, 0x84) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) setsockopt$auto(r4, 0x0, 0x60, 0x0, 0x6f7250c4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x0, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x5, 0x9}, 0x7}, 0x3, 0x0) r6 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001840), r3) sendmsg$auto_NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r2, &(0x7f0000001900)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000018c0)={&(0x7f0000001880)={0x1c, r7, 0x301, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4044800}, 0x4040) r8 = getpid() process_vm_readv$auto(r8, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r0, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)={0x1524, r6, 0x23, 0x70bd27, 0x25dfdbfc, {}, [@MACSEC_ATTR_SA_CONFIG={0x1503, 0x3, 0x0, 0x1, [@generic="4ab0a3f2879ab88e09", @nested={0xa4, 0x53, 0x0, 0x1, [@typed={0x9f, 0x7, 0x0, 0x0, @binary="c78f9f8f221d910d28e2cdcece4306f8ce941697f08dfc15756b3d4651b597f92f914988a797cf3d27a779db19f3c6eebd88586c48e8a6f25e49bbe422e5b02f1eee316cf25d51fff3cb125280d9388dae38b344171ab876ac090b884f6f05cdbdcfbc4f583aca3f54df15fd2af54ea9acd32e3df6ef944a6f82774fca876f2d11867637daee63b31245652e7ce637b9692dc7b0958c0587833d3a"}]}, @generic="09ab7d80afe360d9c3a99e08f584a0dd896b280b53aa6323589d050bfffb5b9e9f8bb055976ac76b4ee8ae04eb413a59e39c0a7a6298db5eb9c5831073f820933ff4d098b0c55156bf0a92fe782702ccae15c09a6241df9f594f016c05b7cd1c7679f559b1b32a83f35cd9038624bc6ba38bc5cb38975755a20a69fdaa6bff10f86bdfabf328b24b58096f80f76d95354b56c61423142c563788001b9db25ffd2e97729ad5d26605649ed337b6b5c6256400e7d865938dffd307ae9af99736db964ad49f157578b8dfc092d61f6cf036ba3cf62fd652251130f6332b6d4c479819254beef9cfc1887dd0101c85ec20cb602e", @generic="7fedcd6689647a3c71a12aeddb9250703ae4e9b3cf00d22010e0cda479b0e14e364f9711c187936cb4f966e3ec4b935fdebbcfd7b96c29d0c350a86d21b4eef1b38fb1ad8918ea3db25d795461913087da88a92470c2fe8a74f5e54b8cad83f1d1723115d836dbd7c1da784da68f2e54fb21791d45d34c32963c9ae5ba4d", @generic="ffc5da4a6ec6a90369929f106c71eaa804f829ab2035ae3ea4a4f86108f5277d31fdfcfcfcf61ab0fc9eeea7f77f068e4066168cf783fe73e9ea59df81066ff6f95a3afa399ac75645e843f50d0fba32615b42d9ff7c2e0f2e266993604a0b53bcc96d77b9c26869f498cd897a1dd7502d3e05f7e4f0b3c5b89081bf18a938b4b3e36d2d002e0ab7581228b22d9ab090d16da69f1612b3efb6b944a5513e597cc23358b89cbea1dd5f39076eb805c063337a8c606a34679bf1ef567837ba15d72d865647e67eaf47fb2a97d1d5c63457e20b98e54381180562f30559e8156dc2c1191e9182df509167fe91c80d5c6651ab35dbb3e12c60779e64e476b1e2d9b81e7a172350d2478e34dc269510e54cf4a64dae884f5907e35d4d2ea98bce0ac607bdbeacbc932dced1e499c9fab8bb78d3f1078efa741d1d7caab4af415ac1e52d9ab517f8fc3bcc8f60634e3832b99a7aedb714fec0be84c1e87308c045a612880366acd7a9e72e202791483f5372be9e15d2ddf7b130fe9e40ef949e9d3203a765c7051282a312c2e727f35aed7c9eb918814065b6e3d0ddbd13108a922e3d8fa475543a10a9e9ca4d03194567b4d134a2f3eb8fbb2a91141975fd9e8f57e6756471c08bd880af340b15a166308ad660aa5766636c6ad0125b583eb6534521244994fc5f7ff3ba2f4fce98aa595051ab74e81e63a3ef305e0b7841a95b93b6e9bdf663474de059de82502f0911c09587f633844c21959736a2feda840198dba654d6c6738c0c655cb1aec0da13a892702b2e80aa470823b41c71464ceb8a2daae8ca3e69d236f895ca5043dd9655e25f4bdf88632b937866741bb031666db85f543826daa7c3281661f8df7aabedab0ab1af86e186e88cd218899a3e66d0a4bb9a11ced312612c9c8de7e614a42b726abef1be8911f58dfd1bc6a9facae375f9f413bbdb2c0d28b820b3201f45c58f99d27e74d1681fd81033e1636350ba709ba21aadaef8241f2ae1a3ef1b75e085247b5c55b13f9d393fb5cb2d4b9ee43ebacdd857946d23c3e23b0e86d966e4178fcae8ab0e126fa97373f520d604d51384042d85dc05814f69657a30466abfc730761e6197afe8d24935fb87e91fe9ed1bde3d1a02fc6991c2ce73d3a0b9587ae73e391a478b926f58620b97d647d569ac8ebcb060fad86f2245e47ea3b23d3563869cab6ac949d55c79400126b74e745c776e305babb9c7558c0a2b967d5b14050ddc877fe28b2075450b83ad8471f569c85d6c190f55b9716ce28353fadfa496c2280c43f12fded6513c2941d58a590c1fd6eabbc4dd84ed606affdcb4645e63b008117b9ab0ce112c297466c6574d93ff7e551eb9973fffa27c20b7d50e59856d7f115edef6c35f1976418d4e7988eaeb806fd75551602167a9251bc73d9d563b0e3d0e783e0180f54b991807a474bc041e23bbb8fc39f7778c3a888bd60ab577efbd4106979568df6319c09e50352ca136aa3a185f1cdd5ed762b773f549987344a1876ccc7bed1a0d2a26e6da7dc37b3a99993b45c1bf27fab5f0279881de95ac2054502b367b9a878eda376926f35ae9e4f94a222857ada94a13e64cd66b90fbbb51f143f06a53678e2d2e590168dcd44f148c47e8d12306e5965617e120974908b3223209d5e2b22f6fde28898d600092de7ae9c5a826941abf97b7eaa4eca83a154e3c44f808119b654a6cc4b29bd7e3b93ec2c7300a0ca31f547162ff438660db06456a58893cbb87887ac9f4973c5324bf0b935047008ae6b8c0e346dcaa0a81cde24e7ce811a4f0fe3c36926af7ea691ba1f72134166bdede973e463a79ef8bdb910c6dd8dbf08b43fb71add0259db56525c1770bcf7e8ea02475b088f7e8e9d8519ed2a88b22019cb1b01770cbd90fab2fafb7fba0e6900bfd6a47ac2749ac09e5b935b448d1b9c63a1d850c1a8926d59f959cf6cbcef89afe999c11bc8094e21c6b5e52349269fcd468b4a8abfdb7bb8205bede27074786a94040a2f71bdba7fb9f4bdcbadc2c6cc0c36fdd47a9038c91544fba6056e2ac138b0f290c6b5b284f463fe928bbd10e0b1462121c04e6ce1692d10334a719c15e72d28e2356c5455e380c3b8eba289149da2b5daf9f6f30c0b7d63b0d90b5662c108c1da38044539de1e48c70415f7012cd031cc665ce5f51d0afe7e7ed58545da0e79a7c72841aeab2234aa87c31362c2b3ec58f98a9231a91afeaf992c5999d81de2ce2837bac2985daed4c5ccd08280f6131f8cf3d3a3873067ccea6ea3e3908ec26add9524dacb0a50394b9ee357fb96f66cfe202a843dc31c2eed05d8fd1ef9574ca5b90bd6b0774ff0f8b6c49d02a3bd3bbf699f3fefaca35b4ec065f466ddbf94a326a84366f20cc084eed22036cbc7a3b91572068bac64692ab03c5ee9e591cfe9cf92ec20defd7493b8d4bd307e6f80e05b67e51a6f3e8343ba21de476a55dcd6ef529bf80e5389261d673c3c74fa6de37e30d2d305b1221251140726a71746563c2a13a9699896a7c6eddefb9718daf82fa2e18460879a630d8165bb6b9ac57dcb40ba34ad9c1824d37c4190f3bbe7e35b046e11bbc30eec8d0a2982b6ec4256b9eee8d731aeba6811a406391181b800643873f79ccdb7733158dec6feb0b3b799c1f89b45b1720bea52774cc72e31017f5f344cee4bb6e73988573c5f3e8565bbd93b5b0b50cb27a1458017ec0ba127fc1b67ee313437e9e2c90be80b332bba4ceeb92d1a35657b588b8105ddda6d259dd9934ee6ac1b29959ea8c4a19e3c4e79a3cda9e6e0e174c723ee273ab73a5247299c45f04baa542d58ce47018a279a3e7d3eaaff8287a9e387785981f505b8529772f7e5e0d40dae77fb3036946c2b9dedeac790d16ef4d91d103e248b91e69ef54f68950fadf4c298269ffe37ef80baa4974572f3134783ee42bbdc8d5b03daaca9d744d0d699c0e9537eb9d5e15437b0f7eee564aea175a197dc3891e64949c5fa663af277c5be74750f0aebc9bc45ae16823063d1cd7a4275bf08cb2710ad8eeef389b4204781302c75b67ee559432e0a668188d37a0a9c4b1b18b8380ff7fd824649bae9f7813b1dadfaba23d8e2bea3b59d160a04ba7549f1fb2ab02f8df075e984d71fc42f3c2c0fc838b8025a68a49d9f1ff7aa1ced8a4fcb1e9c5c690dd180b615ddf74dc432e77e875cf36e1dda1385f1345128ba5b62043d4991297e6cdb5e4ad1581fe7fe461916982c50960e64f4a665b2dfceaec6f7ea5d819da479873bf9fc2f31380705cff46551898b261e56099356d98fc8950f7f284af8afbef6840636dd695235bd01b9644a566694a83addf6e3f0fd25d87917c96f851a83fda017770fb57cc83ee37ee812636d6f53fec19a4eb39d700c27d5d3e95f37227719cad6ef5eeffdd149de38e25157b38c9fa1e903b3d2c120219e52405db13fb62980756084341f01f75b0ee1fee0c4c3f50412fbab87742f3fb2ba881156b6408344993b5d993c48b2bed249e1868bcb9af6d2fa269688e33df93a37618eb582e9460721227429d97e40745835a458ecd1713d7f4cdddc2ee31faf590ec60c1b47cddb271a24a266a53ff7968fd29b8700b3c639d390edcc20864c2605e3d4e5110fdffb41889350652428c7255b4e60782d7ec3431f5f31bd0a46bc7b15c1166a006db0bf97d6ca2f271956c8275abe890ba01a64d1bbb7b21761b6d1c96e8a891edba56bec3d5c7ce543575d6fd224cf1f0c501cd5bafcca75557707a2d604639cc66cd6da3d6e3407669e9de68ca57a3d125acd919bca6ea4d2139efb3f086d663bb9ed17517b0612e299f145a0152ad831eb022c004793ed9458a7f9470fb67cc9d17010967f1af96f002627d8e6a46512037dd3484503e9cf8fd8d08a158fbb4e542a530c3f5213428d557be5471bbcc001bd7d8f4281b6506c45c7faa297cb68ceba5a8bd6d906f88217b28ba92151d2959c64269d91555f7596f5cc205e2077e5660fa0a604d898a69eaa81740508b9ece8cbd85e6ef18091c4f6ebf4764624bc8785f6cdc919fdb4da55295707ae51867b1af9db0778c842c524f2a8f96a53c0025327d4de4a43c25cd03e5320fec1bb740ab33536ca66d10bd6e71e1ecb4e4d8813db8ae12fd6df023db13c0e06f39fecaf7f3ced5c525f3e4ced00bbb10a8bbcf34ead73d2ef388a339379d6645a2cb702ffca92cf7267a48543502ca1d7f757da6ae3c68bfff7b6174d35c150bb8d7ef01cce54fee2ce3758aef2b18b4460e37bb492134ccc10e78c5d19b768bf0236fb732dcdb453a03e95221ed7811d5435dc7f86ad90a85f5d0a8befa6aac704562e89bb89838f19d8cdf31eedba8d203ed8ace95c73af410c22c15727211aae7beef2de9f4f1ffa25542d6aba0c29dc5112a546aee349c6462de3bd75b3c5619a53b4d9ed78630c7ad6607114e2c57bbb1d81af0aff1f482560ac035ccf943750e02f485b1a7049a631c54f62f0fa1344176b18696f919c3c4a375f4b8d8e916ce755988537ec41f4c3442b3c7bc7a327b379ae6406b31a86890b761c5bdb6f5d68baf0b4e589c101e8be2c88a209b618e46f6cbfd626cfc786aa026f3901f4cd12c725692c0307aa8c1bb0d297bd9257ac5e50d5bb8d70b4b40e292fd3d611f27f461346e5506b0c1694ba7fe322ac2988667930b04e54e5eeba5cf7097c1f703624136431e95048940a426c708c3724fc9d94b4f893a541b1b4a773ffbe0b03771db0c31bf3781186384112658544f1882e54f1d1dc75661a9b39178a0de759d055370d0f4f9f8e30c07b88ee827fcc263a8dd0d5fa7acf068f81c2e77861efe1bb13045a74a64de1810a23d4b50a4701862420f3b11ef437a5da581cdde2df1c65da09e9f16693184ebda5604a161753a52ea282ecb6a71e1a5bc98df232ce219e71272c49883f893204d0602bddb2754d894af8a7e6a1303bef1b4a6d7db0cc29963716b722a6be94b8cdad869a18a89db845300b05456bb829b7c627aa31d6e94bbd281acbcd91b4b9da3a5f9315412cb9f6362dda9eaf907b1eca1fd9bf19430938b317e2da293ed70edf00d3f9db29ea9f64399f6785d9db9317fdfb2731bae29397b6cb0de0b46632b8609176b81920fd9f3cdb046eafffb9d167bc4064a5fc0955720b0a983962ca34de43b3c966f2d7a55eac9a1a2077264ff2d8ae45d1b4116fefd338c2156d3c5017a74a9ccb0786a3ab70c90f38a83b4e7330e939d0157330fde66321926fd681f93ef5845314bd53a0378476c5c4617ac1e479cc3d8297059f679d078f3f3e8f09ad504fc0997036747ee8eb8c8ec464a78cbde1cda8a3cb425e18768f9ed0156da1852be48305c8a2e36cde1dd0365c3ee3717e3112e02181ffc88986e4957f795f6dbb854d4270329154c907c115a5a9bd0bc041d1af70072fb35cdc192d188028ce1e85f2df5f82ef69843b9e1000d3dde6b0f08316a27bd42b7336ac6340aa55a7859290ae11186b8f0c09e44a18da5310bcdb60164dfa48f199292fe2dc7d9144a6ede6ac57aa67f9b4f5307c36544e89e7eccb34b0f59730a45c8ce7a28717c53bea96aca5152194ed79996cfa6b1b2e584d8e238a2bbd0701404b1dc09374b9179ed1e74fa654010e6ab9e9e469431f4acb50140ce33e7844e25ea2e3ea8e0aa45a1e6891805e7e1c995226b6f0e98f1b62c4f3f4ecc25079f5b053896eee8e3415ee9c64da3685be40d7bbbdf84cbdfaf5fe7cf72f45fbbb8bc33080625637169ce3a5dce8291de2e5407287b23770fc3cac7", @typed={0x4, 0x7f}, @nested={0x1ec, 0x64, 0x0, 0x1, [@nested={0x1d4, 0x7, 0x0, 0x1, [@generic="69afc86746945c311a7b13fe3acfe729afaec3c80d15fb8c8dce60d43c5d42e99abefa44d76c196442898e8821437f9f2a63caa87b01699c43a8491289bf40f8d0a4e19a3c27c2f7e505d2d0a7fef94e59dbe59802e7e2e637013124953ac41cd9be1d347894b1d5055202ba700fa2c857cd3e96f03a827695aa0fc4a6124fec8382d1c763d92f562a98d4898cc189e95cc88d3dc587b7e5864c9208379d5a23e6e3b764a22e9789f75a5c1991220fed6ba58286e49891f8a5", @typed={0x8, 0x12e, 0x0, 0x0, @pid=r8}, @typed={0x8, 0x44, 0x0, 0x0, @pid}, @typed={0x8, 0x51, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @generic="b0c44b9fb31d883e2e48e1993f88a0feac91054f176ed6d3aef1abcf8dc591387bbf065345ffd142505dad7b0c1a56e7c7eedd111ed68783bf39ae9bc9f2cded7c659cdeb83037d4342ef9d0ecd229046219a2d124ce6e7b8e1cef08f59cd470a20ee8e6b80b6fd93ca263828f5e1ebe57ca475ae2d78132a76c618a73f146799a3d78eb62c2520ea93333b04453cebbf79862cd0ff42ff51d55cac5a9bb15b31539d97bb7ba76736ab20368dbe236cf4ea75e422e76e3f676e08057786d84d17a3dac21db674e9cd212598a63a33d2d582272b781b746d7853d0f4f755498be56210882e5751daa00fd2b3f866247b1245455db00b12410852bb3a29152cf"]}, @nested={0x8, 0x36, 0x0, 0x1, [@nested={0x4, 0xca}]}, @typed={0x4, 0x163}, @typed={0x8, 0x4, 0x0, 0x0, @ipv4=@multicast2}]}, @generic="670d987cc3319263fa8f05aba8b4891568157f31f68b1eb96ff0224cceab47411a91a93cdef98d069c9168bf4f09b1debf4cfd1dc359d1ed9fb54052b6c34431f4a4518cd350ca3abfb3c7b2b39f2f2f038ddf84732edf5bd1c7bf29834c3ee9b79ef621d88aa7b4911fbf9ae7631e7bfd4c26de8f48d27ad4e1e2ca911e270aff3a94c28bd0da38ba79de4cf896e7343f2ce65d87123691b131861e51ce6fe29c9ca8b3d6244347319146db342cc96eb550ca077b45ff648f043b55ee0acd504a4e1f928cf420a7255b94fa91f3f6bd5f41461e7e07fc09b5e8d41858c1154dc4e885ce786a3992bcff3ff72f8c1f3a9d17"]}, @MACSEC_ATTR_RXSC_CONFIG={0x4}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x1524}, 0x1, 0x0, 0x0, 0x4008000}, 0x0) 1.703583379s ago: executing program 1 (id=687): r0 = bpf$auto(0x0, 0x0, 0xee) mmap$auto(0x8001, 0x4000b, 0x8, 0x400000009b72, 0x7, 0x28000) (async) modify_ldt$auto(0xfffffffd, 0x0, 0x3) (async) mmap$auto(0x8a1e, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) (async) modify_ldt$auto(0x0, 0x0, 0xfffffffffffffffb) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/profiling\x00', 0x82002, 0x0) (async) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000004c0)="0000ffd7d38d215c8000a3812198eb0e2f933071497e4e1e3d78d46a28d2fbb49c665fb871b1f2cede2a67c9e2545a52ef2d619b7fe3178de1b4bb657f54ace8bc8e88a4ac704eea2b21418ea29f49256c9e6fe4a72ccc780ca65decef754cf13cf0e79540ace476161de62fc38295e058d139fe9a6bd0b62eebddba85ce17f8e4a07e405e73cc29b48e62cede1d145d240dd4f660b3f94d0f59fcfd7c95bfb4f39468e454fcee837102d681677fa381275aa194e0167893eafbdb5ab7099e018d2df051a8cbd7d98e609691a2ff12045fc558c12ace818757dc835d102cbac98b7995c089f9f46e1d990f49c2c1fdc824214b3528dd1db5e5c547bb92e33b460b168fa0c072b78da5830a9f14185b6bd9c213fed0162ac57a4ac684da662758179b75c3adda427137c5879e84217d34441b38f910330baae8da747bd26071c24d6f68abb268629d005b4b0f5e802afe0c5f8e27e707b951bd3c169c52", 0x15d) (async) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x68582, 0x0) sync_file_range$auto(r3, 0x7, 0x80000000, 0x5) socket(0x2b, 0x5, 0xfffffffd) (async) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000001200)='/proc/self/net/raw\x00', 0x0, 0x0) (async) r4 = ioctl$auto_userfaultfd_dev_fops_userfaultfd(0xffffffffffffffff, 0x2, 0x0) ioctl$auto_TUNSETCARRIER(r4, 0x400454e2, &(0x7f0000001140)=0x186f) (async) mmap$auto(0x0, 0xe97f, 0xdf, 0xeb1, 0x402, 0x8000) (async) bpf$auto(0x3, &(0x7f00000001c0)=@bpf_attr_4={0x200, r4, 0x3, r1}, 0x6f0) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0) sendfile$auto(r5, r6, 0x0, 0x7ffe) (async) ioctl$auto_VHOST_SET_FEATURES2(0xffffffffffffffff, 0x4008af00, &(0x7f0000000040)=0x3) (async) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x4, 0xdd, 0xeb1, 0x40000000000a5, 0x100000008000) (async) write$auto(0xffffffffffffffff, 0x0, 0x6) (async) madvise$auto(0x0, 0x2003f2, 0x15) (async) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/zoneinfo\x00', 0x204801, 0x0) read$auto_proc_iter_file_ops_compat_inode(r7, &(0x7f0000000180)=""/178, 0xb2) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) 1.573263706s ago: executing program 4 (id=689): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_RNDADDENTROPY2(r0, 0x40085203, &(0x7f0000000440)=[0xfff, 0xedc0]) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x80c0, 0x0) close_range$auto(0x2, r1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x801, 0x84) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r3, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000040)=r2) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0) ioctl$auto(r4, 0x5, 0xffffffffffffffff) keyctl$auto(0x7, 0x7fffffffffffffff, 0x0, 0x4, 0x3) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x541a, r5) 1.36804882s ago: executing program 4 (id=690): mmap$auto(0x0, 0x400008, 0x5, 0x2000000049b72, 0xffffffffffffffff, 0x8000) bpf$auto_BPF_OBJ_GET_INFO_BY_FD(0xf, &(0x7f0000000000)=@bpf_attr_7={@map_id=0x100, 0x6, 0x3}, 0x1000) 1.328998052s ago: executing program 3 (id=692): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) r0 = io_uring_setup$auto(0x1, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x1c1402, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f0, 0x17) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0x100082) syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) ioprio_get$auto(0x3, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_DOWN(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYRESDEC=r0, @ANYRESDEC=r0, @ANYBLOB="20002dbd7000000e0000000000000005000b000900000000000000000018311226a4c759349eb93d58162239f26e4f280e44f1a439e1b1f13360a815a1ad41a85f4cab8bb49b52ffa6b60563f0f3e70e2883e15c38246a954fd95261be5305af6ff35c4ee980723c69f480a79707263f01d4623c36bcbe9c453af3aecc9439b6613d1fcc7ec3947e874dba84b0ffab2e8668b890695ec505244e1fb76e06f051fe2a3d9afe0dc37ac1d06fb9caf5a5af25a115c1c6eba8290e5c884aa198257534cecaa05fc44f51669b7e3f8f92ec2e0907b4c6202cedbea89648daf03d2d87ba350e769827159f21233237977f82ef1629ff1539b730112f965202afd5"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x4c801) fanotify_init$auto(0x5, 0x2000000000002) 611.149347ms ago: executing program 4 (id=693): socket(0xa, 0x2, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r0) gettid() r1 = openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48101, 0x0) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x10080, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x34, r3, 0x1, 0x2070bd26, 0x25dfdbf8, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x4}, @OVS_DP_ATTR_UPCALL_PID={0x8}, @OVS_DP_ATTR_NAME={0xd, 0x1, '&#$@\\]\\-\x00'}]}, 0x34}, 0x1, 0x300, 0x0, 0x801}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = open(&(0x7f0000000180)=':,/file0\x00', 0x597002, 0x408) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x7d1500, 0x0) write$auto(r5, 0x0, 0xfffffdf1) setsockopt$auto_SO_ATTACH_REUSEPORT_EBPF(r1, 0x7, 0x34, &(0x7f00000001c0)='-*{\x00', 0x1) linkat$auto(r5, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) utimes$auto(&(0x7f00000000c0)=':,\x00', 0x0) mprotect$auto(0x0, 0x8000000000000001, 0x8) r6 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000300)={0x24, r6, 0x159198c6007aa95d, 0x70bd29, 0x25dfdbfc, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0x4}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x40) 531.620311ms ago: executing program 4 (id=694): mmap$auto(0x0, 0x400006, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) r0 = socket(0xb, 0x3, 0x39a4) r1 = socket(0x23, 0x2, 0x0) ioctl$auto(r1, 0x89a2, 0x8) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6\x00\x00\x00', 0x0, 0x0) symlink$auto(&(0x7f0000000080)='.\x00', &(0x7f0000000040)='./file0\x00') openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000002c0)={0x0, 0x10, 0x13}, 0x18) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x40000002c55, 0x0) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x5, 0x0, 0x8004) socketpair$auto(0xfffffffe, 0x1, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x89a0, 0x4) 394.007494ms ago: executing program 3 (id=695): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_RNDADDENTROPY2(r0, 0x40085203, &(0x7f0000000440)=[0xfff, 0xedc0]) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x80c0, 0x0) close_range$auto(0x2, r1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0xa, 0x801, 0x84) shutdown$auto(0x200000003, 0x2) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r3, 0xfff7, 0x9816}, 0x7f, 0x9) ioctl$auto_VHOST_SET_LOG_FD(r4, 0x4004af07, &(0x7f0000000040)=r2) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x0) ioctl$auto(r4, 0x5, 0xffffffffffffffff) keyctl$auto(0x7, 0x7fffffffffffffff, 0x0, 0x4, 0x3) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ttyprintk\x00', 0x40001, 0x0) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, 0x0, 0x0) ioctl$auto(0x3, 0x541a, r5) 229.736795ms ago: executing program 4 (id=696): unshare$auto(0x40000080) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/dev_mcast\x00', 0x40280, 0x0) pread64$auto(r0, &(0x7f00000000c0)='veth1\xe7#\x16T+\xee\x03\xc4\x1c\a\xdfa\x8b[,>\xa9\xd2\xef\xb0\xfb{b^\xef\x93\x97\x06H\xcb\xe7g\xea\x9dE\xc0\xdc\x1e\x02`\x00Z\x9d|\x8f\x92\xe09\xe1hBJL\x1e\"F\xc4\xd0z\xac5+I\xfbb\x9d\x97.]\x95H\f&_\x8d1\x83\x90,\x01\x8ab\xe6P\xb8J\xc4\xc3&\xe3\x05\x7fl\x18\xf40\x18x\x88\x86\xe6{\xdb\x1c\xfef\xf1x\xc9vKq\xd4/N&\x1f\xae\xa8\x9b\xb2\xdbZ\xed\x16a}\xa9gj\xc2mt\x87&\xf7Z\xf1u\xf0\x14\x00\x00\x00\x00\x00\x00\x00i\xb9\xc8\xc6V5]\x06/\xb1`\xd9X\xe5\xfc$\a\xf3S\xbb\xe99\xf1PZ\x81\x8f\xfc\xa4w\\\x84B\x03+\xa2\xe1\xb4\x9dv\xe1\xd7\b9\xc3.\x96I\x98\x00\x00\x00\x00\x00', 0x200000000004, 0xfc) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x82802, 0x0) mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) r1 = socket(0x2, 0x80002, 0x73) getsockopt$auto(r1, 0x0, 0x2, 0x0, 0x0) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cec10\x00', 0x101901, 0x0) r3 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, 0x0, 0x0) r5 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r5, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101000, 0x0) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) r6 = socket(0x6, 0x6, 0x0) getsockopt$auto(r6, 0x6, 0x19, 0x0, 0x0) ioctl$auto_UBI_IOCATT(r3, 0x40186f40, &(0x7f0000000000)={0x1f, 0x0, 0x202, 0x9, 0x1}) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(r2, 0xc05c6104, &(0x7f0000000100)={'\x00', 0x0, 0x6, 0x2, 0x9b3, 0x7, "030102001100f0ffffffffffff1be1", "149200", "0001410c", '\x00\x00\n\x00', ["f7404de9641f0004000020c1", 'p\x00\x00\x00\t\x00', "ef5ac4927ad89c5c00", "00000000000000ae00"]}) ioctl$auto_CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000000)={0x80006, 0x3, 0x7, 0x1, 0x2, 0x7fffffff, "9b2189084142725dff0d933475a77466", 0xb, 0x5, 0x9, 0x5, 0x2, 0x4, 0x2}) write$auto(0xffffffffffffffff, &(0x7f0000000040)='#[-#\x00', 0x4) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x29, 0x17000000, 0x0, 0x0, 0x3) r7 = pidfd_open$auto(0x1, 0x0) signalfd4$auto(r2, &(0x7f00000019c0)={0x795e}, 0x9, 0x6) setns(r7, 0x4000000) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000240), r4) sendmsg$auto_NFSD_CMD_LISTENER_SET(r7, &(0x7f0000001980)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4880}, 0x44000) 223.164304ms ago: executing program 3 (id=697): r0 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000002fc0)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x2, 0x0) r1 = bpf$auto_BPF_LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0) r2 = socket(0x2a, 0x2, 0x1) flistxattr$auto(r2, 0x0, 0x4) ftruncate$auto(r0, 0x100000001) ioctl$auto_VHOST_GET_FEATURES(r1, 0x8008af00, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) mmap$auto(0xffffffffffffffff, 0x2020004, 0x203, 0xeb1, 0xffffffffffffffff, 0x208000) bind$auto(0x3, 0x0, 0x6d) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000000), r1) rseq$auto(0x0, 0x8000, 0x0, 0x6) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/free_buffer\x00', 0x20103, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xdf) socket(0x2, 0x801, 0x6) madvise$auto(0x0, 0xffffffffffff0005, 0x17) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="05082dbd7000ecdbdf257e000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) mmap$auto(0x1, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) fanotify_init$auto(0x5, 0x0) 159.97759ms ago: executing program 1 (id=698): mmap$auto(0x293, 0x3, 0x3, 0xeb5, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x300c00, 0x0) ioctl$auto_TIOCGDEV2(r0, 0x80045432, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x4, 0x200007, 0x9) r1 = io_uring_setup$auto(0x1, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x9, 0xffffffffffffffff, [], {0x9, 0x6, 0xb, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x1, 0x1, 0x52, 0x5, 0x1, 0xb0, 0x104, 0x8, 0x100000000}}) syz_clone(0x1012000, 0x0, 0x0, 0x0, 0x0, 0x0) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) setsockopt$auto(0x3, 0x10000000084, 0xa, 0x0, 0x20) getpgid(0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, 0x0, 0x414041, 0x0) mmap$auto(0x0, 0x400008, 0xde, 0x9b72, 0x2, 0x800008000) getpid() openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/bus/pci/00/01.1\x00', 0x202280, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = syz_genetlink_get_family_id$auto_thermal(&(0x7f00000001c0), r1) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1cc44bf37b00310900f4f8b69181a3bf952f9a98db3fe38918b4d65a19fa43e373370c5d8fee49c39c0e281176722d02083c8a915dc71058b0868de1e1da129c28f6a26e6212677f85dab602d2d68990dabf57bbf4e678ba0a198e08bcaec90e8582c6d235a8432cabd4", @ANYRES16=r3, @ANYBLOB="040027bd7000ffdbdf25010000000800190004000000"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x11) ioctl$auto_VHOST_SET_MEM_TABLE(r2, 0x4001af84, 0x0) 0s ago: executing program 2 (id=699): sendmsg$auto_NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="7c5a0010", @ANYRESOCT=0x0, @ANYBLOB="080026bd7000ffdbdf25080000004700a680de5f2bb1d6533e45e81d124a6d7e7cfdc7fb6e1a5829342ffd8e18194be946b180f56aabe96bea5dfe08000200", @ANYRES32, @ANYBLOB="b8d5496131e417b2c038a4c0dd43c6082f6500c201b2006a409074605225ed6a4ef99d9b5deb9c56c8a58a844f483c07f85f394093b441d82ca65340ff50e3313cd7337be6332143b77d999adf87eb9b75a0694d2693ffd50a8e8ac11fae4741afa4f7367840bbb1616dd37a868630262e38312246f02425ccac02a82194f26abc0e7b9eaa1341b00013452d885fc6ba9a2ec8f9e7d678a3379af0aa6f8575f87a69283d29b1051547ec7c8cd6c53586c9045beca3d09c065bac8af61d3af5423f617b969be8d96ddf82d98b2584a4012b10cf2de806c00db33226f185ec7c03c80a043cf581dfece8203632b50f5bff0007c032fbdc242eb66e2c437aec293871575013d33befff86b5c6f43122eca52fb41efa991f65cfaf9666231912460f4a3c96f8c52c9c8c434f5dfcacf048184f61ca350b49457a8ca3affd5e71c9069d12323ac1dda7207100"], 0x27c}, 0x1, 0x0, 0x0, 0x20040881}, 0x40000000) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x0, 0x9, 0x3, 0xc, 0x940, 0x1ffe0, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb1, 0x6, 0x5, 0x3, 0x5, 0x7, 0x0, 0x3, 0x7, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x5, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x6d76]}, 0x1fe, 0x81) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="eb951c57219acd2abb99c7edcb03b8aa19577715f705b557dfddb807126689551308674bae94be36b5a0e11af4f2f53b5cf035eba303997f5935524cd95926a513c1f326580f4873e7804b4e6bad6f65bea938c389ff604536f0c3000ac9b2dbf88ea18e21def93997a37654869a5b737627d129b20cbdf36a445c74fdf58b92606d0a6169ea367d850877500699c02b72f375450381faa4e3358fde7eb148aa4598f44edc65297f9154be4384f30ff784c532a48392e4165009d0a9019cb81645fc40f2e9ff56df0849976c4391", @ANYBLOB="10007ecbeed619e0a86428282d1c0cd28a46076aea069c923be7f48600dfc8d8d036cb822c584f9ff0ef96bbd8ec82e647a1f6a7e24be1bb60d19dc0fccb74cfb853420775ad53fe274a3b58c751a59d1b5928f5674d23b8e53c9c2e37"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0xc000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000080)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x6, 0x400a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000040)='/dev/media11\x00', 0x40, 0x0) ioctl$auto_media_devnode_fops_mc_devnode(r2, 0x80047c05, 0x0) ioctl$auto(0x3, 0x541b, 0x38) openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0) mmap$auto(0x0, 0x6, 0x4000000000df, 0x40000400000eb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mem/full/uevent\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000080)=""/58, 0x3a) r4 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000040)="8c9700089d1b208365d5b5d112dbab029ed13881d2f2c7ba2eb01c3db79f77fdc2bb50c64a925009dff4cd1aca925c57100112d88f73348a54396800ed598a0e5500d7c0cbb6b1e9", 0x40000000001243}, 0x4, 0x0) getcpu$auto(0x0, 0x0, 0x0) ioctl$auto(r4, 0x400454ca, 0x38) r6 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) ioctl$auto(r6, 0x400454ca, 0x38) r7 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/smaps\x00', 0x24101, 0x0) close_range$auto(r7, 0xfffffffffffff000, 0x8) unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): n up link [ 78.738628][ T5634] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.759888][ T5635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.771857][ T5633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.783827][ T5634] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.803587][ T5635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.831486][ T5632] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 78.870030][ T5632] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 78.880981][ T5641] Bluetooth: hci0: command tx timeout [ 78.881272][ T50] Bluetooth: hci3: command tx timeout [ 78.887238][ T5646] Bluetooth: hci2: command tx timeout [ 78.893426][ T4951] Bluetooth: hci1: command tx timeout [ 78.911580][ T5633] team0: Port device team_slave_0 added [ 78.919148][ T5634] team0: Port device team_slave_0 added [ 78.934972][ T5635] team0: Port device team_slave_0 added [ 78.943533][ T5635] team0: Port device team_slave_1 added [ 78.950787][ T5633] team0: Port device team_slave_1 added [ 78.958295][ T5634] team0: Port device team_slave_1 added [ 79.009156][ T5632] team0: Port device team_slave_0 added [ 79.046192][ T5632] team0: Port device team_slave_1 added [ 79.052811][ T5635] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.059861][ T5635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.085837][ T5635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.098166][ T5633] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.105398][ T5633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.131409][ T5633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.143891][ T5634] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.150859][ T5634] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.177094][ T5634] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.198674][ T5635] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.205794][ T5635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.232074][ T5635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.243602][ T5633] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.250816][ T5633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.277196][ T5633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.289184][ T5634] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.296444][ T5634] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.322485][ T5634] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.367183][ T5632] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.374194][ T5632] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.400362][ T5632] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.413353][ T5632] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.420649][ T5632] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 79.446909][ T5632] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.548286][ T5634] hsr_slave_0: entered promiscuous mode [ 79.554786][ T5634] hsr_slave_1: entered promiscuous mode [ 79.567790][ T5633] hsr_slave_0: entered promiscuous mode [ 79.574119][ T5633] hsr_slave_1: entered promiscuous mode [ 79.580520][ T5633] debugfs: 'hsr0' already exists in 'hsr' [ 79.586317][ T5633] Cannot create hsr debugfs directory [ 79.596585][ T5635] hsr_slave_0: entered promiscuous mode [ 79.603151][ T5635] hsr_slave_1: entered promiscuous mode [ 79.609234][ T5635] debugfs: 'hsr0' already exists in 'hsr' [ 79.615077][ T5635] Cannot create hsr debugfs directory [ 79.638935][ T5632] hsr_slave_0: entered promiscuous mode [ 79.645208][ T5632] hsr_slave_1: entered promiscuous mode [ 79.651636][ T5632] debugfs: 'hsr0' already exists in 'hsr' [ 79.657373][ T5632] Cannot create hsr debugfs directory [ 80.116669][ T5634] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 80.134279][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 80.142535][ T5634] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 80.153759][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 80.163227][ T5634] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 80.175154][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 80.185528][ T5634] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 80.196886][ T5634] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 80.264403][ T5633] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 80.274365][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 80.282447][ T5633] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 80.293012][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 80.306496][ T5633] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 80.317186][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 80.325834][ T5633] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 80.335908][ T5633] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 80.435091][ T5632] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 80.445853][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 80.462378][ T5632] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 80.472525][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 80.488510][ T5632] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 80.498816][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 80.522196][ T5632] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 80.532577][ T5632] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 80.604246][ T5635] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 80.615157][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 80.631427][ T5635] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 80.642407][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 80.651752][ T5635] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 80.661540][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 80.669354][ T5635] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 80.680003][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 80.725032][ T5634] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.797697][ T5634] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.809287][ T5633] 8021q: adding VLAN 0 to HW filter on device bond0 [ 80.839034][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.846503][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.879860][ T139] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.887020][ T139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.902674][ T5633] 8021q: adding VLAN 0 to HW filter on device team0 [ 80.922849][ T139] bridge0: port 1(bridge_slave_0) entered blocking state [ 80.930055][ T139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 80.959458][ T139] bridge0: port 2(bridge_slave_1) entered blocking state [ 80.960841][ T5646] Bluetooth: hci0: command tx timeout [ 80.967074][ T139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 80.972211][ T4951] Bluetooth: hci2: command tx timeout [ 80.985738][ T5641] Bluetooth: hci1: command tx timeout [ 80.991503][ T5641] Bluetooth: hci3: command tx timeout [ 81.065361][ T5632] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.113524][ T5635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.123117][ T5632] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.163837][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.171067][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.209090][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.216316][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.252733][ T5635] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.276278][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.283482][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.314829][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.322027][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.052711][ T5634] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.226319][ T5634] veth0_vlan: entered promiscuous mode [ 82.272943][ T5634] veth1_vlan: entered promiscuous mode [ 82.296702][ T5633] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.383305][ T5632] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.416447][ T5634] veth0_macvtap: entered promiscuous mode [ 82.447671][ T5634] veth1_macvtap: entered promiscuous mode [ 82.479038][ T5635] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 82.496762][ T5633] veth0_vlan: entered promiscuous mode [ 82.507579][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.528582][ T5634] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.549179][ T5633] veth1_vlan: entered promiscuous mode [ 82.560886][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.572234][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.593579][ T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.602573][ T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.674520][ T5632] veth0_vlan: entered promiscuous mode [ 82.746265][ T5632] veth1_vlan: entered promiscuous mode [ 82.759192][ T5633] veth0_macvtap: entered promiscuous mode [ 82.770740][ T139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.780421][ T139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.789925][ T5635] veth0_vlan: entered promiscuous mode [ 82.825577][ T5633] veth1_macvtap: entered promiscuous mode [ 82.851019][ T5635] veth1_vlan: entered promiscuous mode [ 82.861352][ T139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 82.873024][ T139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 82.874207][ T5633] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 82.904419][ T5633] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 82.937610][ T3337] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.946785][ T3337] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.973514][ T3337] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 82.982448][ T5634] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 82.997620][ T3337] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.012566][ T5635] veth0_macvtap: entered promiscuous mode [ 83.021236][ T5632] veth0_macvtap: entered promiscuous mode [ 83.037218][ T5635] veth1_macvtap: entered promiscuous mode [ 83.043699][ T4951] Bluetooth: hci3: command tx timeout [ 83.043903][ T5641] Bluetooth: hci2: command tx timeout [ 83.049378][ T5646] Bluetooth: hci0: command tx timeout [ 83.054582][ T5641] Bluetooth: hci1: command tx timeout [ 83.073460][ T5632] veth1_macvtap: entered promiscuous mode [ 83.207137][ T5635] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.239210][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.268660][ T5632] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.281559][ T5635] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.298738][ T3337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.327909][ T3382] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.342232][ T3337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.381564][ T3382] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.401456][ T3382] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.435625][ T3382] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.463053][ T3382] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.505721][ T3382] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.521661][ T3382] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.545771][ T3382] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.556192][ T3337] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.568061][ T3382] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.723884][ T3337] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.767894][ T3337] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.884767][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.902555][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.004647][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.033031][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.177658][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.219745][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.328492][ T5793] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 84.934527][ T5799] mmap: syz.1.2 (5799) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 85.120488][ T5641] Bluetooth: hci3: command tx timeout [ 85.120593][ T50] Bluetooth: hci0: command tx timeout [ 85.126014][ T5641] Bluetooth: hci1: command tx timeout [ 85.131723][ T4951] Bluetooth: hci2: command tx timeout [ 85.453480][ T5811] NFSD: Failed to start, no listeners configured. [ 86.929117][ T5824] Process accounting resumed [ 87.814864][ T5837] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 92.033162][ T24] cfg80211: failed to load regulatory.db [ 93.412658][ T5914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.22'. [ 93.539385][ T5914] vivid-007: ================= START STATUS ================= [ 93.573899][ T5914] vivid-007: Generate PTS: true [ 93.587181][ T5914] vivid-007: Generate SCR: true [ 93.626869][ T5914] tpg source WxH: 320x240 (Y'CbCr) [ 93.651870][ T5914] tpg field: 1 [ 93.678277][ T5914] tpg crop: (0,0)/320x240 [ 93.707857][ T5914] tpg compose: (0,0)/320x240 [ 93.724982][ T5914] tpg colorspace: 8 [ 93.739042][ T5914] tpg transfer function: 0/0 [ 93.754599][ T5914] tpg Y'CbCr encoding: 0/0 [ 93.762517][ T5914] tpg quantization: 0/0 [ 93.783098][ T5914] tpg RGB range: 0/2 [ 93.817387][ T5914] vivid-007: ================== END STATUS ================== [ 95.376422][ T5935] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 95.406040][ T5935] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 95.449276][ T5935] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 95.486748][ T5935] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 95.501419][ T5935] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 95.527110][ T5935] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 95.551270][ T5935] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 95.565689][ T5935] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 95.581398][ T5935] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 95.598086][ T5935] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 95.610484][ T5935] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 95.634372][ T5935] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 97.440284][ T5641] Bluetooth: hci0: command 0x0c1a tx timeout [ 97.520300][ T5641] Bluetooth: hci2: command 0x0c1a tx timeout [ 97.603958][ T4951] Bluetooth: hci1: command 0x0c1a tx timeout [ 97.611849][ T5641] Bluetooth: hci3: command 0x0c1a tx timeout [ 97.828419][ T5986] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 99.292349][ T5641] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 99.338941][ T6007] vivid-008: ================= START STATUS ================= [ 99.419351][ T6007] vivid-008: ================== END STATUS ================== [ 99.530799][ T4951] Bluetooth: hci0: command 0x0c1a tx timeout [ 99.610920][ T4951] Bluetooth: hci2: command 0x0c1a tx timeout [ 99.693462][ T4951] Bluetooth: hci3: command 0x0c1a tx timeout [ 99.699583][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 101.610274][ T4951] Bluetooth: hci0: command 0x0c1a tx timeout [ 101.680278][ T4951] Bluetooth: hci2: command 0x0c1a tx timeout [ 101.766606][ T5641] Bluetooth: hci3: command 0x0c1a tx timeout [ 101.766618][ T4951] Bluetooth: hci1: command 0x0c1a tx timeout [ 101.901941][ T5998] random: crng reseeded on system resumption [ 103.464403][ T6054] zswap: compressor not available [ 103.760631][ T5641] Bluetooth: hci2: command 0x0c1a tx timeout [ 104.277423][ T6066] hub 1-0:1.0: USB hub found [ 104.297908][ T6066] hub 1-0:1.0: 1 port detected [ 104.348002][ T6075] FAULT_INJECTION: forcing a failure. [ 104.348002][ T6075] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 104.442630][ T6075] CPU: 0 UID: 0 PID: 6075 Comm: syz.1.49 Not tainted syzkaller #0 PREEMPT(full) [ 104.442668][ T6075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 104.442689][ T6075] Call Trace: [ 104.442698][ T6075] [ 104.442708][ T6075] dump_stack_lvl+0x100/0x190 [ 104.442769][ T6075] should_fail_ex.cold+0x5/0xa [ 104.442805][ T6075] strncpy_from_user+0x3b/0x2d0 [ 104.442851][ T6075] do_getname+0x78/0x390 [ 104.442897][ T6075] do_sys_openat2+0xc5/0x1e0 [ 104.442941][ T6075] ? __pfx_do_sys_openat2+0x10/0x10 [ 104.442998][ T6075] __x64_sys_openat+0x12d/0x210 [ 104.443041][ T6075] ? __pfx___x64_sys_openat+0x10/0x10 [ 104.443089][ T6075] ? rcu_is_watching+0x12/0xc0 [ 104.443124][ T6075] do_syscall_64+0x115/0x840 [ 104.443162][ T6075] ? clear_bhb_loop+0x40/0x90 [ 104.443198][ T6075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.443227][ T6075] RIP: 0033:0x7fdb4219ce59 [ 104.443251][ T6075] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 104.443277][ T6075] RSP: 002b:00007fdb430f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 104.443304][ T6075] RAX: ffffffffffffffda RBX: 00007fdb42416180 RCX: 00007fdb4219ce59 [ 104.443323][ T6075] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 104.443341][ T6075] RBP: 00007fdb42232d6f R08: 0000000000000000 R09: 0000000000000000 [ 104.443358][ T6075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 104.443374][ T6075] R13: 00007fdb42416218 R14: 00007fdb42416180 R15: 00007ffc68d93f88 [ 104.443410][ T6075] [ 104.508866][ T6070] hub 1-0:1.0: USB hub found [ 104.666741][ T6070] hub 1-0:1.0: 1 port detected [ 105.840582][ T5641] Bluetooth: hci2: command 0x0c1a tx timeout [ 107.641738][ T6115] cougar: G6 mapped to F18 [ 109.501743][ T6144] Zero length message leads to an empty skb [ 109.520541][ T6144] netlink: 'syz.0.61': attribute type 1 has an invalid length. [ 109.554620][ T6144] netlink: 33 bytes leftover after parsing attributes in process `syz.0.61'. [ 110.199557][ T6151] ubi31: attaching mtd0 [ 110.222446][ T6151] ubi31: scanning is finished [ 110.232336][ T6151] ubi31: empty MTD device detected [ 110.750055][ T6151] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 110.805824][ T6151] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3518 bytes [ 110.837557][ T6151] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 110.865866][ T6151] ubi31: VID header offset: 514 (aligned 514), data offset: 578 [ 110.916013][ T6151] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 110.977644][ T6151] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 20 [ 111.065568][ T6151] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 295858216 [ 111.114898][ T6151] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 111.145108][ T6164] zswap: compressor not available [ 111.167531][ T6167] ubi31: background thread "ubi_bgt31d" started, PID 6167 [ 111.438463][ T6181] cougar: G6 mapped to F18 [ 113.207825][ T6207] netlink: 'syz.1.72': attribute type 1 has an invalid length. [ 113.237824][ T6207] netlink: 33 bytes leftover after parsing attributes in process `syz.1.72'. [ 113.395832][ T6201] FAULT_INJECTION: forcing a failure. [ 113.395832][ T6201] name fail_futex, interval 1, probability 0, space 0, times 1 [ 113.440738][ T6201] CPU: 1 UID: 0 PID: 6201 Comm: syz.0.70 Not tainted syzkaller #0 PREEMPT(full) [ 113.440773][ T6201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 113.440782][ T6201] Call Trace: [ 113.440788][ T6201] [ 113.440793][ T6201] dump_stack_lvl+0x100/0x190 [ 113.440835][ T6201] should_fail_ex.cold+0x5/0xa [ 113.440854][ T6201] get_futex_key+0x295/0x1510 [ 113.440880][ T6201] ? __pfx_get_futex_key+0x10/0x10 [ 113.440903][ T6201] ? lock_acquire+0x1b1/0x370 [ 113.440931][ T6201] futex_wake+0xea/0x530 [ 113.440954][ T6201] ? __pfx_futex_wake+0x10/0x10 [ 113.440971][ T6201] ? exit_mm_release+0x19/0x30 [ 113.440997][ T6201] do_futex+0x32b/0x350 [ 113.441019][ T6201] ? __pfx_do_futex+0x10/0x10 [ 113.441033][ T6201] ? __might_fault+0xc5/0x140 [ 113.441060][ T6201] mm_release+0x24a/0x2f0 [ 113.441078][ T6201] do_exit+0x707/0x2af0 [ 113.441103][ T6201] ? __pfx_do_exit+0x10/0x10 [ 113.441123][ T6201] ? do_raw_spin_lock+0x128/0x260 [ 113.441139][ T6201] ? find_held_lock+0x2b/0x80 [ 113.441156][ T6201] ? get_signal+0x7e5/0x2210 [ 113.441175][ T6201] do_group_exit+0xd5/0x2a0 [ 113.441198][ T6201] get_signal+0x20ff/0x2210 [ 113.441222][ T6201] ? __pfx_get_signal+0x10/0x10 [ 113.441242][ T6201] ? do_futex+0x192/0x350 [ 113.441258][ T6201] arch_do_signal_or_restart+0x91/0x7a0 [ 113.441283][ T6201] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 113.441309][ T6201] ? kernel_mbind+0x118/0x200 [ 113.441330][ T6201] ? rcu_is_watching+0x12/0xc0 [ 113.441354][ T6201] exit_to_user_mode_loop+0x98/0x670 [ 113.441381][ T6201] ? rcu_is_watching+0x12/0xc0 [ 113.441399][ T6201] do_syscall_64+0x652/0x840 [ 113.441420][ T6201] ? clear_bhb_loop+0x40/0x90 [ 113.441438][ T6201] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.441453][ T6201] RIP: 0033:0x7f7a52d9ce59 [ 113.441470][ T6201] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 113.441486][ T6201] RSP: 002b:00007f7a53c770e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 113.441503][ T6201] RAX: fffffffffffffe00 RBX: 00007f7a53016188 RCX: 00007f7a52d9ce59 [ 113.441513][ T6201] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7a53016188 [ 113.441521][ T6201] RBP: 00007f7a53016180 R08: 0000000000000000 R09: 0000000000000000 [ 113.441530][ T6201] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.441538][ T6201] R13: 00007f7a53016218 R14: 00007fff6b6f3bd0 R15: 00007fff6b6f3cb8 [ 113.441556][ T6201] [ 115.066312][ T6242] bond0: invalid ARP target specified [ 115.288572][ T6245] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 117.029665][ T6264] Process accounting paused [ 117.777596][ T6297] FAULT_INJECTION: forcing a failure. [ 117.777596][ T6297] name failslab, interval 1, probability 0, space 0, times 1 [ 117.823766][ T6297] CPU: 0 UID: 0 PID: 6297 Comm: syz.3.90 Not tainted syzkaller #0 PREEMPT(full) [ 117.823808][ T6297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 117.823824][ T6297] Call Trace: [ 117.823834][ T6297] [ 117.823844][ T6297] dump_stack_lvl+0x100/0x190 [ 117.823904][ T6297] should_fail_ex.cold+0x5/0xa [ 117.823937][ T6297] should_failslab+0xc2/0x120 [ 117.823973][ T6297] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 117.824018][ T6297] ? __d_alloc+0x34/0xa40 [ 117.824062][ T6297] __d_alloc+0x34/0xa40 [ 117.824101][ T6297] d_alloc_pseudo+0x1c/0xc0 [ 117.824126][ T6297] alloc_file_pseudo+0xcf/0x230 [ 117.824166][ T6297] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 117.824213][ T6297] __shmem_file_setup+0x205/0x460 [ 117.824250][ T6297] ? __pfx___shmem_file_setup+0x10/0x10 [ 117.824295][ T6297] ? vm_area_alloc+0x1f/0x160 [ 117.824342][ T6297] shmem_zero_setup+0x96/0x1b0 [ 117.824374][ T6297] __mmap_region+0x2509/0x2dd0 [ 117.824426][ T6297] ? __pfx___mmap_region+0x10/0x10 [ 117.824477][ T6297] ? __lock_acquire+0x4a5/0x2630 [ 117.824548][ T6297] ? __lock_acquire+0x4a5/0x2630 [ 117.824591][ T6297] ? do_raw_spin_unlock+0x145/0x1e0 [ 117.824622][ T6297] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 117.824678][ T6297] ? rcu_is_watching+0x12/0xc0 [ 117.824720][ T6297] ? rcu_is_watching+0x12/0xc0 [ 117.824751][ T6297] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 117.824786][ T6297] ? lockdep_hardirqs_on+0x78/0x100 [ 117.824893][ T6297] mmap_region+0x35d/0x620 [ 117.824923][ T6297] ? rcu_is_watching+0x12/0xc0 [ 117.824955][ T6297] ? __pfx_mmap_region+0x10/0x10 [ 117.824987][ T6297] ? cap_mmap_addr+0x4b/0x120 [ 117.825012][ T6297] ? bpf_lsm_mmap_addr+0x9/0x30 [ 117.825036][ T6297] ? security_mmap_addr+0x71/0x1e0 [ 117.825072][ T6297] ? __get_unmapped_area+0x255/0x3e0 [ 117.825110][ T6297] do_mmap+0xc63/0x12f0 [ 117.825148][ T6297] ? __pfx_do_mmap+0x10/0x10 [ 117.825180][ T6297] ? __pfx_down_write_killable+0x10/0x10 [ 117.825210][ T6297] vm_mmap_pgoff+0x29e/0x470 [ 117.825248][ T6297] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 117.825284][ T6297] ? do_futex+0x192/0x350 [ 117.825312][ T6297] ? __pfx_do_futex+0x10/0x10 [ 117.825346][ T6297] ksys_mmap_pgoff+0xe4/0x610 [ 117.825378][ T6297] ? __x64_sys_futex+0x358/0x4d0 [ 117.825406][ T6297] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 117.825437][ T6297] ? xfd_validate_state+0x129/0x190 [ 117.825462][ T6297] ? ksys_write+0x1ac/0x250 [ 117.825499][ T6297] __x64_sys_mmap+0x125/0x190 [ 117.825533][ T6297] do_syscall_64+0x115/0x840 [ 117.825571][ T6297] ? clear_bhb_loop+0x40/0x90 [ 117.825604][ T6297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.825630][ T6297] RIP: 0033:0x7f285f39ce59 [ 117.825650][ T6297] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 117.825675][ T6297] RSP: 002b:00007f28601cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 117.825703][ T6297] RAX: ffffffffffffffda RBX: 00007f285f615fa0 RCX: 00007f285f39ce59 [ 117.825722][ T6297] RDX: 00000000000000df RSI: 000000000000e983 RDI: 0000000000000000 [ 117.825738][ T6297] RBP: 00007f285f432d6f R08: 0000000000000401 R09: 0000000000008000 [ 117.825755][ T6297] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 117.825769][ T6297] R13: 00007f285f616038 R14: 00007f285f615fa0 R15: 00007ffe6096ceb8 [ 117.825805][ T6297] [ 119.519261][ T6328] process 'syz.2.95' launched ':,' with NULL argv: empty string added [ 121.987696][ T6373] random: crng reseeded on system resumption [ 122.284086][ C1] vcan0: j1939_tp_rxtimer: 0xffff88807a430400: rx timeout, send abort [ 122.294539][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88807a430400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 123.793848][ T6406] random: crng reseeded on system resumption [ 124.614317][ T6409] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 125.588519][ T6420] ubi: mtd0 is already attached to ubi31 [ 127.439157][ T6441] bond0: invalid ARP target specified [ 128.017030][ T6468] ptrace attach of "ci-qemu-gce-upstream-auto/syz-executor exec"[6471] was attempted by "N*+!úÌëµßöÃM%ºÌQÜ|8,¼ë—£I\x074Ü5[]‘ª`ÑZ€®9h¸>g&][ìðä“.ävËn`¢ßä;õË53üü‘JvFã,*\x22–’“¼\x1bé%ßNËOæÀš°Oéä'¿8ªLäõÂð\x09è\x0dÊÀ߈«´î¹¾l®bYŸÀÉê.VÇ?àÃå–ö0©$¼ÐeSƒãK‘ünÍÂWÀæ]!Uæ¾³v*F(UÇzOé¦ðŽ÷° e&+s<[3G9\x5c[\x09‚‚´i\x0crPà}'´Åúº/½uÿ¾©òRYJÐmêøYa ˆ£(™o%\x09= ‰^LS^ìu°å5V8gÖ7.HÕôž\x0cÞ\x0d˜9‹ÀHëÓ(DÀwMøñi“°öÅÜÞ¦-s\x07ô€Ê@°¦\x1bJ„JÉô%²,åìW¡%j•Œ6/Ù>!lPö™_['Éåô­ÛÚkÁl¶n9EfUH\x0až˜#°ß²qò„ZgA,Cl]fè–JÄÔ@\x0dçŠÙ3{9ÿhD\x0aHéEÝ\x0d+=¿C`»¹™Ë>“oÛFîza,”–¤Z´ÿÏ ö×æ­xQÒ¦\x5c(\x07Mæ\x1bp7H…\x0b9qÊ\x22œFGåëèTP'@P£G¨o]Æ_Å=–P¢DN¬*¸†Qg ò—J3$nÂq\x22aõø\x0b1ñ¹OçÙ󎧴ü¯.§ [ 128.252848][ T6472] dump_stack_lvl+0x100/0x190 [ 128.252899][ T6472] should_fail_ex.cold+0x5/0xa [ 128.252933][ T6472] ? __netlink_kernel_create+0x181/0x750 [ 128.252965][ T6472] should_failslab+0xc2/0x120 [ 128.253001][ T6472] __kmalloc_noprof+0xe0/0x850 [ 128.253034][ T6472] __netlink_kernel_create+0x181/0x750 [ 128.253074][ T6472] ? __pfx___netlink_kernel_create+0x10/0x10 [ 128.253132][ T6472] ? __pfx_genl_pernet_init+0x10/0x10 [ 128.253173][ T6472] genl_pernet_init+0xbd/0x160 [ 128.253215][ T6472] ? __pfx_genl_pernet_init+0x10/0x10 [ 128.253257][ T6472] ? lockdep_init_map_type+0x5c/0x250 [ 128.253287][ T6472] ? __pfx_genl_rcv+0x10/0x10 [ 128.253330][ T6472] ? __pfx_genl_bind+0x10/0x10 [ 128.253367][ T6472] ? __pfx_genl_unbind+0x10/0x10 [ 128.253403][ T6472] ? __pfx_genl_release+0x10/0x10 [ 128.253441][ T6472] ? mutex_init_lockdep+0xf1/0x120 [ 128.253473][ T6472] ops_init+0x1e2/0x5f0 [ 128.253509][ T6472] setup_net+0x118/0x3a0 [ 128.253542][ T6472] ? __pfx_setup_net+0x10/0x10 [ 128.253575][ T6472] ? mutex_init_lockdep+0xf1/0x120 [ 128.253612][ T6472] copy_net_ns+0x46f/0x7c0 [ 128.253651][ T6472] create_new_namespaces+0x3ea/0xac0 [ 128.253712][ T6472] unshare_nsproxy_namespaces+0xf2/0x220 [ 128.253753][ T6472] ksys_unshare+0x438/0xab0 [ 128.253797][ T6472] ? __pfx_ksys_unshare+0x10/0x10 [ 128.253835][ T6472] ? xfd_validate_state+0x129/0x190 [ 128.253861][ T6472] ? exit_to_user_mode_loop+0xf3/0x670 [ 128.253918][ T6472] __x64_sys_unshare+0x31/0x40 [ 128.253958][ T6472] do_syscall_64+0x115/0x840 [ 128.253998][ T6472] ? clear_bhb_loop+0x40/0x90 [ 128.254034][ T6472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.254063][ T6472] RIP: 0033:0x7fdb4219ce59 [ 128.254088][ T6472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 128.254123][ T6472] RSP: 002b:00007fdb43117028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 128.254152][ T6472] RAX: ffffffffffffffda RBX: 00007fdb42416090 RCX: 00007fdb4219ce59 [ 128.254171][ T6472] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 128.254189][ T6472] RBP: 00007fdb42232d6f R08: 0000000000000000 R09: 0000000000000000 [ 128.254206][ T6472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.254226][ T6472] R13: 00007fdb42416128 R14: 00007fdb42416090 R15: 00007ffc68d93f88 [ 128.254265][ T6472] [ 128.255914][ T6476] random: crng reseeded on system resumption [ 128.757399][ T5641] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 129.430472][ T6496] bridge0: port 3(team0) entered blocking state [ 129.445161][ T6496] bridge0: port 3(team0) entered disabled state [ 129.457213][ T6496] team0: entered allmulticast mode [ 129.475369][ T6496] team_slave_0: entered allmulticast mode [ 129.485191][ T6496] team_slave_1: entered allmulticast mode [ 129.504552][ T6496] team0: entered promiscuous mode [ 129.509692][ T6496] team_slave_0: entered promiscuous mode [ 129.527432][ T6496] team_slave_1: entered promiscuous mode [ 129.550242][ T6496] bridge0: port 3(team0) entered blocking state [ 129.557355][ T6496] bridge0: port 3(team0) entered forwarding state [ 130.801890][ T5641] Bluetooth: hci0: command 0x0c1a tx timeout [ 130.847524][ T6536] netlink: 36 bytes leftover after parsing attributes in process `syz.0.135'. [ 130.961655][ T6537] futex_wake_op: syz.1.136 tries to shift op by -1; fix this program [ 131.274040][ T6546] FAULT_INJECTION: forcing a failure. [ 131.274040][ T6546] name failslab, interval 1, probability 0, space 0, times 0 [ 131.304047][ T6546] CPU: 0 UID: 0 PID: 6546 Comm: syz.2.137 Tainted: G L syzkaller #0 PREEMPT(full) [ 131.304093][ T6546] Tainted: [L]=SOFTLOCKUP [ 131.304103][ T6546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 131.304119][ T6546] Call Trace: [ 131.304128][ T6546] [ 131.304138][ T6546] dump_stack_lvl+0x100/0x190 [ 131.304192][ T6546] should_fail_ex.cold+0x5/0xa [ 131.304227][ T6546] ? lsm_blob_alloc+0x68/0x90 [ 131.304266][ T6546] should_failslab+0xc2/0x120 [ 131.304300][ T6546] __kmalloc_noprof+0xe0/0x850 [ 131.304327][ T6546] ? trace_kmem_cache_alloc+0xd5/0x100 [ 131.304370][ T6546] lsm_blob_alloc+0x68/0x90 [ 131.304412][ T6546] security_prepare_creds+0x2d/0x290 [ 131.304455][ T6546] prepare_creds+0x5d6/0x950 [ 131.304486][ T6546] __sys_setreuid+0x109/0xb00 [ 131.304517][ T6546] ? rcu_is_watching+0x12/0xc0 [ 131.304552][ T6546] do_syscall_64+0x115/0x840 [ 131.304600][ T6546] ? clear_bhb_loop+0x40/0x90 [ 131.304637][ T6546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.304667][ T6546] RIP: 0033:0x7f0492f9ce59 [ 131.304692][ T6546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 131.304718][ T6546] RSP: 002b:00007f0493de7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 131.304745][ T6546] RAX: ffffffffffffffda RBX: 00007f0493215fa0 RCX: 00007f0492f9ce59 [ 131.304765][ T6546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 131.304781][ T6546] RBP: 00007f0493032d6f R08: 0000000000000000 R09: 0000000000000000 [ 131.304799][ T6546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.304815][ T6546] R13: 00007f0493216038 R14: 00007f0493215fa0 R15: 00007ffe92e776c8 [ 131.304851][ T6546] [ 132.890332][ T5641] Bluetooth: hci0: command 0x0c1a tx timeout [ 132.964876][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.974379][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.108901][ T6567] Process accounting resumed [ 133.196345][ T6560] ima: policy update failed [ 133.218989][ T30] audit: type=1802 audit(1780084421.802:2): pid=6560 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.140" res=0 errno=0 [ 134.618692][ T6598] random: crng reseeded on system resumption [ 137.011901][ T6661] random: crng reseeded on system resumption [ 138.407467][ T6694] vhci_hcd vhci_hcd.1: invalid port number 16 [ 138.430712][ T6694] vhci_hcd vhci_hcd.1: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 140.119671][ T6725] random: crng reseeded on system resumption [ 141.304146][ T6754] netlink: 16 bytes leftover after parsing attributes in process `syz.3.171'. [ 141.372961][ T6754] mac80211_hwsim hwsim10 wlan2: entered promiscuous mode [ 141.394039][ T6754] mac80211_hwsim hwsim10 wlan2: entered allmulticast mode [ 141.564768][ T6751] FAULT_INJECTION: forcing a failure. [ 141.564768][ T6751] name failslab, interval 1, probability 0, space 0, times 0 [ 141.604706][ T6751] CPU: 1 UID: 0 PID: 6751 Comm: syz.0.170 Tainted: G L syzkaller #0 PREEMPT(full) [ 141.604748][ T6751] Tainted: [L]=SOFTLOCKUP [ 141.604757][ T6751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 141.604770][ T6751] Call Trace: [ 141.604779][ T6751] [ 141.604790][ T6751] dump_stack_lvl+0x100/0x190 [ 141.604840][ T6751] should_fail_ex.cold+0x5/0xa [ 141.604876][ T6751] should_failslab+0xc2/0x120 [ 141.604907][ T6751] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 141.604943][ T6751] ? anon_vma_clone+0x2ba/0xcd0 [ 141.604977][ T6751] anon_vma_clone+0x2ba/0xcd0 [ 141.605033][ T6751] __split_vma+0x51f/0xda0 [ 141.605080][ T6751] ? __pfx___split_vma+0x10/0x10 [ 141.605139][ T6751] vma_modify+0x12ad/0x25c0 [ 141.605196][ T6751] ? __pfx_vma_modify+0x10/0x10 [ 141.605263][ T6751] vma_modify_policy+0x238/0x300 [ 141.605310][ T6751] ? __pfx_vma_modify_policy+0x10/0x10 [ 141.605355][ T6751] ? find_held_lock+0x2b/0x80 [ 141.605421][ T6751] mbind_range+0x175/0x550 [ 141.605465][ T6751] do_mbind+0x7dc/0xfd0 [ 141.605515][ T6751] ? __pfx_do_mbind+0x10/0x10 [ 141.605554][ T6751] ? ksys_write+0x190/0x250 [ 141.605606][ T6751] ? __pfx_get_nodes+0x10/0x10 [ 141.605646][ T6751] kernel_mbind+0x1b7/0x200 [ 141.605689][ T6751] ? __pfx_kernel_mbind+0x10/0x10 [ 141.605733][ T6751] ? rcu_is_watching+0x12/0xc0 [ 141.605770][ T6751] do_syscall_64+0x115/0x840 [ 141.605809][ T6751] ? clear_bhb_loop+0x40/0x90 [ 141.605844][ T6751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.605874][ T6751] RIP: 0033:0x7f7a52d9ce59 [ 141.605898][ T6751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 141.605925][ T6751] RSP: 002b:00007f7a53c77028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 141.605952][ T6751] RAX: ffffffffffffffda RBX: 00007f7a53016180 RCX: 00007f7a52d9ce59 [ 141.605972][ T6751] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 141.605989][ T6751] RBP: 00007f7a52e32d6f R08: 0000000000000006 R09: 0000000000000002 [ 141.606006][ T6751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.606029][ T6751] R13: 00007f7a53016218 R14: 00007f7a53016180 R15: 00007fff6b6f3cb8 [ 141.606066][ T6751] [ 142.508975][ T6776] zswap: compressor not available [ 144.446753][ T6835] FAULT_INJECTION: forcing a failure. [ 144.446753][ T6835] name failslab, interval 1, probability 0, space 0, times 0 [ 144.498124][ T6835] CPU: 0 UID: 0 PID: 6835 Comm: syz.3.185 Tainted: G L syzkaller #0 PREEMPT(full) [ 144.498172][ T6835] Tainted: [L]=SOFTLOCKUP [ 144.498182][ T6835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 144.498198][ T6835] Call Trace: [ 144.498206][ T6835] [ 144.498217][ T6835] dump_stack_lvl+0x100/0x190 [ 144.498272][ T6835] should_fail_ex.cold+0x5/0xa [ 144.498307][ T6835] ? __netlink_kernel_create+0x181/0x750 [ 144.498344][ T6835] should_failslab+0xc2/0x120 [ 144.498380][ T6835] __kmalloc_noprof+0xe0/0x850 [ 144.498415][ T6835] __netlink_kernel_create+0x181/0x750 [ 144.498455][ T6835] ? __pfx___netlink_kernel_create+0x10/0x10 [ 144.498509][ T6835] uevent_net_init+0xf8/0x330 [ 144.498534][ T6835] ? __pfx_uevent_net_init+0x10/0x10 [ 144.498552][ T6835] ? __pfx_uevent_net_rcv+0x10/0x10 [ 144.498576][ T6835] ? __kmalloc_noprof+0x320/0x850 [ 144.498594][ T6835] ? __pfx_uevent_net_init+0x10/0x10 [ 144.498609][ T6835] ops_init+0x1e2/0x5f0 [ 144.498628][ T6835] setup_net+0x118/0x3a0 [ 144.498645][ T6835] ? __pfx_setup_net+0x10/0x10 [ 144.498660][ T6835] ? mutex_init_lockdep+0xf1/0x120 [ 144.498679][ T6835] copy_net_ns+0x46f/0x7c0 [ 144.498698][ T6835] create_new_namespaces+0x3ea/0xac0 [ 144.498721][ T6835] unshare_nsproxy_namespaces+0xf2/0x220 [ 144.498741][ T6835] ksys_unshare+0x438/0xab0 [ 144.498762][ T6835] ? __pfx_ksys_unshare+0x10/0x10 [ 144.498781][ T6835] ? xfd_validate_state+0x129/0x190 [ 144.498803][ T6835] __x64_sys_unshare+0x31/0x40 [ 144.498826][ T6835] do_syscall_64+0x115/0x840 [ 144.498845][ T6835] ? clear_bhb_loop+0x40/0x90 [ 144.498863][ T6835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.498878][ T6835] RIP: 0033:0x7f285f39ce59 [ 144.498891][ T6835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 144.498905][ T6835] RSP: 002b:00007f28601cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 144.498920][ T6835] RAX: ffffffffffffffda RBX: 00007f285f615fa0 RCX: 00007f285f39ce59 [ 144.498929][ T6835] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 144.498938][ T6835] RBP: 00007f285f432d6f R08: 0000000000000000 R09: 0000000000000000 [ 144.498946][ T6835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.498955][ T6835] R13: 00007f285f616038 R14: 00007f285f615fa0 R15: 00007ffe6096ceb8 [ 144.498974][ T6835] [ 144.800809][ T6835] kobject_uevent: unable to create netlink socket! [ 144.975805][ T6835] vhci_hcd vhci_hcd.0: default hub control req: 0000 v0000 i0000 l0 [ 145.010570][ T30] audit: type=1800 audit(2147483652.510:3): pid=6835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.185" name="SYSVffffffff" dev="tmpfs" ino=0 res=0 errno=0 [ 145.294533][ T6848] futex_wake_op: syz.3.187 tries to shift op by -2048; fix this program [ 147.092020][ T6875] Process accounting resumed [ 147.638533][ T6904] ======================================================= [ 147.638533][ T6904] WARNING: The mand mount option has been deprecated and [ 147.638533][ T6904] and is ignored by this kernel. Remove the mand [ 147.638533][ T6904] option from the mount to silence this warning. [ 147.638533][ T6904] ======================================================= [ 147.985569][ T6909] netlink: 36 bytes leftover after parsing attributes in process `syz.3.201'. [ 148.015259][ T6909] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 149.186591][ T6926] netlink: 334 bytes leftover after parsing attributes in process `syz.2.204'. [ 149.939897][ T6935] openvswitch: netlink: IP tunnel attribute has 24 unknown bytes. [ 150.924803][ T30] audit: type=1800 audit(2147483658.430:4): pid=6954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.210" name="members" dev="configfs" ino=14477 res=0 errno=0 [ 151.654817][ T6975] openvswitch: netlink: VXLAN extension 0 has unexpected len 4 expected 0 [ 152.318913][ T6992] smpboot: CPU 1 is now offline [ 152.492021][ T6995] netlink: 334 bytes leftover after parsing attributes in process `syz.1.220'. [ 152.966139][ T7003] vhci_hcd vhci_hcd.1: invalid port number 16 [ 152.990279][ T7003] vhci_hcd vhci_hcd.1: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 155.970738][ T7076] usb usb36: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 156.005580][ T7076] vhci_hcd vhci_hcd.1: Wrong hub descriptor type for USB 3.0 roothub. [ 156.022192][ T7078] netlink: 'syz.3.234': attribute type 23 has an invalid length. [ 157.593728][ T7091] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 157.607664][ T7091] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 157.627798][ T7091] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 157.645219][ T7091] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 157.872283][ T7109] FAULT_INJECTION: forcing a failure. [ 157.872283][ T7109] name failslab, interval 1, probability 0, space 0, times 0 [ 157.934479][ T7109] CPU: 0 UID: 0 PID: 7109 Comm: syz.1.240 Tainted: G L syzkaller #0 PREEMPT(full) [ 157.934506][ T7109] Tainted: [L]=SOFTLOCKUP [ 157.934511][ T7109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 157.934520][ T7109] Call Trace: [ 157.934526][ T7109] [ 157.934531][ T7109] dump_stack_lvl+0x100/0x190 [ 157.934562][ T7109] should_fail_ex.cold+0x5/0xa [ 157.934583][ T7109] ? __register_sysctl_table+0xbe4/0x1650 [ 157.934602][ T7109] should_failslab+0xc2/0x120 [ 157.934620][ T7109] __kmalloc_noprof+0xe0/0x850 [ 157.934638][ T7109] __register_sysctl_table+0xbe4/0x1650 [ 157.934662][ T7109] ? __pfx___register_sysctl_table+0x10/0x10 [ 157.934680][ T7109] ? is_module_address+0x69/0xf0 [ 157.934696][ T7109] ? register_net_sysctl_sz+0x222/0x430 [ 157.934725][ T7109] __devinet_sysctl_register+0x1b9/0x360 [ 157.934748][ T7109] ? trace_kmalloc+0xe3/0x110 [ 157.934765][ T7109] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 157.934790][ T7109] ? __asan_memcpy+0x3c/0x60 [ 157.934815][ T7109] devinet_init_net+0x303/0x8d0 [ 157.934837][ T7109] ? __pfx_devinet_init_net+0x10/0x10 [ 157.934857][ T7109] ops_init+0x1e2/0x5f0 [ 157.934876][ T7109] setup_net+0x118/0x3a0 [ 157.934892][ T7109] ? __pfx_setup_net+0x10/0x10 [ 157.934908][ T7109] ? mutex_init_lockdep+0xf1/0x120 [ 157.934926][ T7109] copy_net_ns+0x46f/0x7c0 [ 157.934945][ T7109] create_new_namespaces+0x3ea/0xac0 [ 157.934969][ T7109] unshare_nsproxy_namespaces+0xf2/0x220 [ 157.934989][ T7109] ksys_unshare+0x438/0xab0 [ 157.935011][ T7109] ? __pfx_ksys_unshare+0x10/0x10 [ 157.935030][ T7109] ? xfd_validate_state+0x129/0x190 [ 157.935051][ T7109] __x64_sys_unshare+0x31/0x40 [ 157.935071][ T7109] do_syscall_64+0x115/0x840 [ 157.935091][ T7109] ? clear_bhb_loop+0x40/0x90 [ 157.935113][ T7109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.935129][ T7109] RIP: 0033:0x7fdb4219ce59 [ 157.935142][ T7109] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 157.935156][ T7109] RSP: 002b:00007fdb43138028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 157.935171][ T7109] RAX: ffffffffffffffda RBX: 00007fdb42415fa0 RCX: 00007fdb4219ce59 [ 157.935181][ T7109] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 157.935190][ T7109] RBP: 00007fdb42232d6f R08: 0000000000000000 R09: 0000000000000000 [ 157.935198][ T7109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 157.935206][ T7109] R13: 00007fdb42416038 R14: 00007fdb42415fa0 R15: 00007ffc68d93f88 [ 157.935226][ T7109] [ 157.935242][ T7109] sysctl could not get directory: /net/ipv4/conf/all -12 [ 158.347086][ T7110] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 158.354486][ T7110] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 158.802838][ T5641] Bluetooth: hci0: command 0x0c1a tx timeout [ 159.041210][ T7122] zswap: compressor not available [ 159.248492][ T50] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 159.267976][ T50] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 159.279527][ T50] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 159.293323][ T50] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 159.305527][ T50] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 159.680756][ T5641] Bluetooth: hci1: command 0x0c1a tx timeout [ 159.687513][ T5646] Bluetooth: hci2: command 0x0c1a tx timeout [ 159.694139][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 159.840562][ T4951] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 160.138847][ T7047] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.427472][ T7047] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 160.662433][ T7047] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.360640][ T4951] Bluetooth: hci5: command tx timeout [ 161.642906][ T7047] bridge_slave_1: left allmulticast mode [ 161.669211][ T7047] bridge_slave_1: left promiscuous mode [ 161.700329][ T7047] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.774098][ T7047] bridge_slave_0: left allmulticast mode [ 161.803508][ T7047] bridge_slave_0: left promiscuous mode [ 161.838674][ T7047] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.838899][ T7047] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.954933][ T7047] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 163.021378][ T7047] bond0 (unregistering): Released all slaves [ 163.244059][ T5296] 8021q: adding VLAN 0 to HW filter on device eth1 [ 163.440409][ T4951] Bluetooth: hci5: command tx timeout [ 164.346378][ T7047] hsr_slave_0: left promiscuous mode [ 164.373898][ T7047] hsr_slave_1: left promiscuous mode [ 164.398661][ T7047] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 164.446671][ T7047] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 164.500633][ T7047] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 164.536801][ T7047] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 164.653308][ T7047] veth1_macvtap: left promiscuous mode [ 164.686501][ T7047] veth0_macvtap: left promiscuous mode [ 164.717152][ T7047] veth1_vlan: left promiscuous mode [ 164.745870][ T7047] veth0_vlan: left promiscuous mode [ 165.481956][ T7047] team0 (unregistering): Port device team_slave_1 removed [ 165.520431][ T4951] Bluetooth: hci5: command tx timeout [ 165.532167][ T7047] team0 (unregistering): Port device team_slave_0 removed [ 165.938014][ T5296] 8021q: adding VLAN 0 to HW filter on device eth2 [ 166.203692][ T7130] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.243324][ T7130] bridge0: port 1(bridge_slave_0) entered disabled state [ 166.288224][ T7130] bridge_slave_0: entered allmulticast mode [ 166.324866][ T7130] bridge_slave_0: entered promiscuous mode [ 166.378203][ T7130] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.426782][ T7130] bridge0: port 2(bridge_slave_1) entered disabled state [ 166.458638][ T7130] bridge_slave_1: entered allmulticast mode [ 166.489013][ T7130] bridge_slave_1: entered promiscuous mode [ 166.766094][ T7130] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 167.105166][ T7130] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 167.313649][ T7130] team0: Port device team_slave_0 added [ 167.484033][ T7130] team0: Port device team_slave_1 added [ 167.600265][ T4951] Bluetooth: hci5: command tx timeout [ 167.616962][ T7260] openvswitch: netlink: IP tunnel attribute has 24 unknown bytes. [ 167.666824][ T5296] 8021q: adding VLAN 0 to HW filter on device eth3 [ 167.695485][ T7130] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 167.726134][ T7130] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 167.863444][ T7130] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 167.942275][ T7130] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 167.977926][ T7130] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 168.095080][ T7130] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 168.356380][ T7130] hsr_slave_0: entered promiscuous mode [ 168.389732][ T7130] hsr_slave_1: entered promiscuous mode [ 168.426069][ T7130] debugfs: 'hsr0' already exists in 'hsr' [ 168.469828][ T7130] Cannot create hsr debugfs directory [ 169.565154][ T7293] netlink: 334 bytes leftover after parsing attributes in process `syz.3.260'. [ 169.600698][ T5296] 8021q: adding VLAN 0 to HW filter on device eth4 [ 170.447259][ T7130] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 170.492792][ T7130] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 170.535003][ T7130] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 170.585096][ T7130] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 170.696697][ T7313] usb usb16: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 170.752530][ T7130] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 170.817674][ T7130] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 170.879899][ T7130] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 170.954836][ T7130] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 171.854605][ T7130] 8021q: adding VLAN 0 to HW filter on device bond0 [ 171.979989][ T7130] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.052163][ T3358] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.059282][ T3358] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.139886][ T7356] device-mapper: ioctl: device name cannot contain '/' [ 172.170636][ T7047] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.177775][ T7047] bridge0: port 2(bridge_slave_1) entered forwarding state [ 173.058322][ T7367] hub 1-0:1.0: USB hub found [ 173.082153][ T7367] hub 1-0:1.0: 1 port detected [ 174.120552][ T7130] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 174.931387][ T7411] netlink: 'syz.2.278': attribute type 11 has an invalid length. [ 174.985696][ T7130] veth0_vlan: entered promiscuous mode [ 175.017411][ T7411] netlink: 8 bytes leftover after parsing attributes in process `syz.2.278'. [ 175.037203][ T7130] veth1_vlan: entered promiscuous mode [ 175.134109][ T7130] veth0_macvtap: entered promiscuous mode [ 175.188438][ T7130] veth1_macvtap: entered promiscuous mode [ 175.274906][ T7130] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 175.336939][ T7130] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 175.386859][ T7047] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.426304][ T7047] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.501852][ T7047] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.551042][ T7047] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.978010][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.055396][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 176.122070][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 176.171503][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 177.663792][ T7461] netlink: 334 bytes leftover after parsing attributes in process `syz.2.284'. [ 177.895311][ T7442] syz.3.283 (7442) used greatest stack depth: 19440 bytes left [ 177.985480][ T7439] Process accounting paused [ 178.385257][ T7477] netlink: 330 bytes leftover after parsing attributes in process `syz.4.288'. [ 178.532213][ T4951] Bluetooth: hci1: unexpected event 0x1d length: 6 > 5 [ 179.013511][ T7494] netlink: 'syz.3.290': attribute type 2 has an invalid length. [ 179.120049][ T7494] netlink: 'syz.3.290': attribute type 8 has an invalid length. [ 179.345858][ T7484] bond0: option slaves: interface -Ãô¾ does not exist! [ 179.366673][ T7505] random: crng reseeded on system resumption [ 179.748618][ T7505] netlink: 342 bytes leftover after parsing attributes in process `syz.3.294'. [ 179.807940][ T7511] netlink: 342 bytes leftover after parsing attributes in process `syz.3.294'. [ 180.864822][ T7556] random: crng reseeded on system resumption [ 181.177919][ T7547] hub 1-0:1.0: USB hub found [ 181.249107][ T7547] hub 1-0:1.0: 1 port detected [ 183.172985][ T7618] netlink: 208 bytes leftover after parsing attributes in process `syz.3.305'. [ 183.537492][ T7619] netlink: 208 bytes leftover after parsing attributes in process `syz.3.305'. [ 183.612041][ T7619] FAULT_INJECTION: forcing a failure. [ 183.612041][ T7619] name failslab, interval 1, probability 0, space 0, times 0 [ 183.679789][ T7619] CPU: 0 UID: 0 PID: 7619 Comm: syz.3.305 Tainted: G L syzkaller #0 PREEMPT(full) [ 183.679814][ T7619] Tainted: [L]=SOFTLOCKUP [ 183.679819][ T7619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 183.679827][ T7619] Call Trace: [ 183.679833][ T7619] [ 183.679838][ T7619] dump_stack_lvl+0x100/0x190 [ 183.679867][ T7619] should_fail_ex.cold+0x5/0xa [ 183.679887][ T7619] should_failslab+0xc2/0x120 [ 183.679905][ T7619] __kmalloc_cache_noprof+0x7a/0x6f0 [ 183.679930][ T7619] ? __alloc_workqueue+0x1a0/0x1980 [ 183.679954][ T7619] __alloc_workqueue+0x1a0/0x1980 [ 183.679980][ T7619] alloc_workqueue_noprof+0xc7/0x130 [ 183.680001][ T7619] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 183.680023][ T7619] ? trace_kmalloc+0xe3/0x110 [ 183.680039][ T7619] ? __kasan_kmalloc+0xaa/0xb0 [ 183.680063][ T7619] ieee80211_register_hw+0x2148/0x4570 [ 183.680089][ T7619] ? mark_held_locks+0x41/0x70 [ 183.680117][ T7619] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 183.680139][ T7619] ? __pfx___debug_object_init+0x10/0x10 [ 183.680162][ T7619] ? find_held_lock+0x2b/0x80 [ 183.680181][ T7619] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 183.680203][ T7619] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 183.680226][ T7619] ? __hrtimer_setup+0x208/0x330 [ 183.680248][ T7619] mac80211_hwsim_new_radio+0x2a01/0x5aa0 [ 183.680280][ T7619] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 183.680304][ T7619] hwsim_new_radio_nl+0xc5f/0x1370 [ 183.680323][ T7619] ? rcu_is_watching+0x12/0xc0 [ 183.680341][ T7619] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 183.680365][ T7619] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1e5/0x2f0 [ 183.680388][ T7619] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1ef/0x2f0 [ 183.680415][ T7619] genl_family_rcv_msg_doit+0x214/0x300 [ 183.680445][ T7619] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 183.680467][ T7619] ? genl_get_cmd+0x3e7/0x760 [ 183.680491][ T7619] ? bpf_lsm_capable+0x9/0x10 [ 183.680507][ T7619] ? security_capable+0x80/0x260 [ 183.680523][ T7619] ? ns_capable+0xd2/0xf0 [ 183.680541][ T7619] genl_rcv_msg+0x560/0x800 [ 183.680565][ T7619] ? __pfx_genl_rcv_msg+0x10/0x10 [ 183.680587][ T7619] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 183.680613][ T7619] netlink_rcv_skb+0x159/0x420 [ 183.680632][ T7619] ? __pfx_genl_rcv_msg+0x10/0x10 [ 183.680654][ T7619] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 183.680682][ T7619] ? netlink_deliver_tap+0x1ae/0xcc0 [ 183.680703][ T7619] genl_rcv+0x28/0x40 [ 183.680722][ T7619] netlink_unicast+0x585/0x850 [ 183.680744][ T7619] ? __pfx_netlink_unicast+0x10/0x10 [ 183.680769][ T7619] netlink_sendmsg+0x8b0/0xda0 [ 183.680791][ T7619] ? __pfx_netlink_sendmsg+0x10/0x10 [ 183.680810][ T7619] ? __import_iovec+0x1d2/0x640 [ 183.680833][ T7619] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 183.680851][ T7619] ____sys_sendmsg+0x9e1/0xb70 [ 183.680870][ T7619] ? __pfx_netlink_sendmsg+0x10/0x10 [ 183.680891][ T7619] ? __pfx_____sys_sendmsg+0x10/0x10 [ 183.680914][ T7619] ? __pfx_futex_wake_mark+0x10/0x10 [ 183.680936][ T7619] ___sys_sendmsg+0x190/0x1e0 [ 183.680958][ T7619] ? __pfx____sys_sendmsg+0x10/0x10 [ 183.681001][ T7619] __sys_sendmsg+0x170/0x220 [ 183.681017][ T7619] ? __pfx___sys_sendmsg+0x10/0x10 [ 183.681032][ T7619] ? __x64_sys_futex+0x34f/0x4d0 [ 183.681054][ T7619] ? rcu_is_watching+0x12/0xc0 [ 183.681073][ T7619] do_syscall_64+0x115/0x840 [ 183.681093][ T7619] ? clear_bhb_loop+0x40/0x90 [ 183.681111][ T7619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.681126][ T7619] RIP: 0033:0x7f285f39ce59 [ 183.681139][ T7619] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 183.681152][ T7619] RSP: 002b:00007f28601aa028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 183.681167][ T7619] RAX: ffffffffffffffda RBX: 00007f285f616090 RCX: 00007f285f39ce59 [ 183.681176][ T7619] RDX: 0000000004048000 RSI: 0000200000004240 RDI: 0000000000000009 [ 183.681188][ T7619] RBP: 00007f285f432d6f R08: 0000000000000000 R09: 0000000000000000 [ 183.681197][ T7619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.681205][ T7619] R13: 00007f285f616128 R14: 00007f285f616090 R15: 00007ffe6096ceb8 [ 183.681224][ T7619] [ 184.177247][ T7632] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 187.016199][ T7731] program syz.4.317 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 187.505270][ T7740] netlink: 4 bytes leftover after parsing attributes in process `syz.4.318'. [ 187.545887][ T7740] netlink: 25 bytes leftover after parsing attributes in process `syz.4.318'. [ 187.868973][ T7748] netlink: 28 bytes leftover after parsing attributes in process `syz.4.319'. [ 188.016654][ T7751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.320'. [ 188.372009][ T7749] FAULT_INJECTION: forcing a failure. [ 188.372009][ T7749] name fail_futex, interval 1, probability 0, space 0, times 0 [ 188.449971][ T7749] CPU: 0 UID: 0 PID: 7749 Comm: syz.4.319 Tainted: G L syzkaller #0 PREEMPT(full) [ 188.449995][ T7749] Tainted: [L]=SOFTLOCKUP [ 188.450000][ T7749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 188.450009][ T7749] Call Trace: [ 188.450014][ T7749] [ 188.450019][ T7749] dump_stack_lvl+0x100/0x190 [ 188.450059][ T7749] should_fail_ex.cold+0x5/0xa [ 188.450078][ T7749] get_futex_key+0xf78/0x1510 [ 188.450104][ T7749] ? __pfx_get_futex_key+0x10/0x10 [ 188.450127][ T7749] ? lock_acquire+0x1b1/0x370 [ 188.450155][ T7749] futex_wake+0xea/0x530 [ 188.450174][ T7749] ? __pfx_futex_wake+0x10/0x10 [ 188.450192][ T7749] ? exit_mm_release+0x19/0x30 [ 188.450218][ T7749] do_futex+0x32b/0x350 [ 188.450234][ T7749] ? __pfx_do_futex+0x10/0x10 [ 188.450247][ T7749] ? __might_fault+0xc5/0x140 [ 188.450274][ T7749] mm_release+0x24a/0x2f0 [ 188.450292][ T7749] do_exit+0x707/0x2af0 [ 188.450316][ T7749] ? __pfx_do_exit+0x10/0x10 [ 188.450337][ T7749] ? do_raw_spin_lock+0x128/0x260 [ 188.450352][ T7749] ? find_held_lock+0x2b/0x80 [ 188.450369][ T7749] ? get_signal+0x7e5/0x2210 [ 188.450388][ T7749] do_group_exit+0xd5/0x2a0 [ 188.450411][ T7749] get_signal+0x20ff/0x2210 [ 188.450435][ T7749] ? __pfx_get_signal+0x10/0x10 [ 188.450454][ T7749] ? do_futex+0x192/0x350 [ 188.450470][ T7749] arch_do_signal_or_restart+0x91/0x7a0 [ 188.450493][ T7749] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 188.450521][ T7749] ? rcu_is_watching+0x12/0xc0 [ 188.450540][ T7749] exit_to_user_mode_loop+0x98/0x670 [ 188.450563][ T7749] ? rcu_is_watching+0x12/0xc0 [ 188.450581][ T7749] do_syscall_64+0x652/0x840 [ 188.450601][ T7749] ? clear_bhb_loop+0x40/0x90 [ 188.450618][ T7749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.450633][ T7749] RIP: 0033:0x7f382d19ce59 [ 188.450646][ T7749] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 188.450659][ T7749] RSP: 002b:00007f382e11d0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 188.450674][ T7749] RAX: fffffffffffffe00 RBX: 00007f382d416098 RCX: 00007f382d19ce59 [ 188.450683][ T7749] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f382d416098 [ 188.450691][ T7749] RBP: 00007f382d416090 R08: 0000000000000000 R09: 0000000000000000 [ 188.450700][ T7749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 188.450708][ T7749] R13: 00007f382d416128 R14: 00007ffcfa012a30 R15: 00007ffcfa012b18 [ 188.450727][ T7749] [ 189.234240][ T7771] netlink: 8 bytes leftover after parsing attributes in process `syz.2.324'. [ 189.349064][ T4951] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 189.594487][ T7788] random: crng reseeded on system resumption [ 189.963676][ T7790] queue_state_write: operation too long [ 190.004226][ T7790] queue_state_write: use 'run', 'start' or 'kick' [ 190.283267][ T7797] netlink: 4 bytes leftover after parsing attributes in process `syz.1.329'. [ 190.318113][ T7797] netlink: 'syz.1.329': attribute type 1 has an invalid length. [ 190.353136][ T7797] netlink: 51465 bytes leftover after parsing attributes in process `syz.1.329'. [ 191.442902][ T4951] Bluetooth: hci3: command 0x0c1a tx timeout [ 191.492085][ T7818] syz.4.332 uses obsolete (PF_INET,SOCK_PACKET) [ 191.971128][ T7824] smc: net device dummy0 applied user defined pnetid DU [ 192.009886][ T7832] netlink: 'syz.3.335': attribute type 4 has an invalid length. [ 193.070278][ T50] Bluetooth: hci2: unexpected event 0x1d length: 6 > 5 [ 193.129962][ T7847] FAULT_INJECTION: forcing a failure. [ 193.129962][ T7847] name failslab, interval 1, probability 0, space 0, times 0 [ 193.247495][ T7847] CPU: 0 UID: 0 PID: 7847 Comm: syz.1.338 Tainted: G L syzkaller #0 PREEMPT(full) [ 193.247526][ T7847] Tainted: [L]=SOFTLOCKUP [ 193.247534][ T7847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 193.247544][ T7847] Call Trace: [ 193.247549][ T7847] [ 193.247555][ T7847] dump_stack_lvl+0x100/0x190 [ 193.247594][ T7847] should_fail_ex.cold+0x5/0xa [ 193.247614][ T7847] should_failslab+0xc2/0x120 [ 193.247632][ T7847] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 193.247663][ T7847] ? __d_alloc+0x34/0xa40 [ 193.247693][ T7847] __d_alloc+0x34/0xa40 [ 193.247715][ T7847] d_alloc_pseudo+0x1c/0xc0 [ 193.247729][ T7847] alloc_file_pseudo+0xcf/0x230 [ 193.247752][ T7847] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 193.247773][ T7847] ? alloc_fd+0x476/0x790 [ 193.247794][ T7847] sock_alloc_file+0x50/0x210 [ 193.247812][ T7847] __sys_socket+0x1c0/0x260 [ 193.247832][ T7847] ? __pfx___sys_socket+0x10/0x10 [ 193.247863][ T7847] __x64_sys_socket+0x72/0xb0 [ 193.247882][ T7847] ? lockdep_hardirqs_on+0x78/0x100 [ 193.247911][ T7847] do_syscall_64+0x115/0x840 [ 193.247931][ T7847] ? clear_bhb_loop+0x40/0x90 [ 193.247949][ T7847] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.247969][ T7847] RIP: 0033:0x7fdb4219ce59 [ 193.247981][ T7847] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 193.247995][ T7847] RSP: 002b:00007fdb43138028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 193.248010][ T7847] RAX: ffffffffffffffda RBX: 00007fdb42415fa0 RCX: 00007fdb4219ce59 [ 193.248019][ T7847] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000023 [ 193.248032][ T7847] RBP: 00007fdb42232d6f R08: 0000000000000000 R09: 0000000000000000 [ 193.248041][ T7847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.248054][ T7847] R13: 00007fdb42416038 R14: 00007fdb42415fa0 R15: 00007ffc68d93f88 [ 193.248076][ T7847] [ 193.451678][ T7852] sd 0:0:1:0: PR command failed: 1026 [ 193.457553][ T7852] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 193.464544][ T7852] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 193.660777][ T50] Bluetooth: hci3: command 0x0c1a tx timeout [ 194.406170][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.412871][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.843617][ T30] audit: type=1800 audit(2147483702.350:5): pid=7887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.343" name="dbroot" dev="configfs" ino=19267 res=0 errno=0 [ 195.386242][ T7896] hub 1-0:1.0: USB hub found [ 195.469376][ T7896] hub 1-0:1.0: 1 port detected [ 197.231280][ T7936] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1]. [ 197.312566][ T7944] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [2147479552]. [ 197.485659][ T7946] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 197.589209][ T7922] Process accounting resumed [ 197.780761][ T7953] random: crng reseeded on system resumption [ 198.675204][ T7966] program syz.2.358 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 198.900641][ T7967] [U] ^\ [ 199.313471][ T7977] Device name cannot be null; rc = [-22] [ 199.348173][ T4951] block nbd0: Receive control failed (result -107) [ 199.364173][ T7979] kAFS: No cell specified [ 200.405376][ T8009] __vm_enough_memory: pid: 8009, comm: syz.3.366, bytes: 4398046457856 not enough memory for the allocation [ 200.650066][ T8010] FAULT_INJECTION: forcing a failure. [ 200.650066][ T8010] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 200.728420][ T8010] CPU: 0 UID: 0 PID: 8010 Comm: syz.3.366 Tainted: G L syzkaller #0 PREEMPT(full) [ 200.728445][ T8010] Tainted: [L]=SOFTLOCKUP [ 200.728450][ T8010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 200.728458][ T8010] Call Trace: [ 200.728464][ T8010] [ 200.728469][ T8010] dump_stack_lvl+0x100/0x190 [ 200.728499][ T8010] should_fail_ex.cold+0x5/0xa [ 200.728518][ T8010] copy_folio_from_iter_atomic+0x5c8/0x2000 [ 200.728551][ T8010] ? fault_in_readable+0xde/0x190 [ 200.728568][ T8010] ? fault_in_readable+0x11d/0x190 [ 200.728583][ T8010] ? __pfx_copy_folio_from_iter_atomic+0x10/0x10 [ 200.728604][ T8010] ? fault_in_readable+0x14c/0x190 [ 200.728620][ T8010] ? __pfx_fault_in_readable+0x10/0x10 [ 200.728635][ T8010] ? rcu_is_cpu_rrupt_from_idle+0x1c0/0x270 [ 200.728652][ T8010] ? I_BDEV+0xd/0x20 [ 200.728669][ T8010] ? inode_to_bdi+0x9e/0x160 [ 200.728690][ T8010] iomap_file_buffered_write+0x532/0xac0 [ 200.728718][ T8010] ? __pfx_iomap_file_buffered_write+0x10/0x10 [ 200.728741][ T8010] ? inode_set_ctime_current+0x283/0x870 [ 200.728772][ T8010] ? __mark_inode_dirty+0x55c/0x1720 [ 200.728787][ T8010] ? __pfx_down_read+0x10/0x10 [ 200.728801][ T8010] ? preempt_count_add+0x76/0x150 [ 200.728817][ T8010] ? mnt_put_write_access_file+0x4e/0x100 [ 200.728835][ T8010] ? file_update_time_flags+0x373/0x500 [ 200.728859][ T8010] blkdev_write_iter+0x575/0xd70 [ 200.728886][ T8010] vfs_write+0x6ac/0x1070 [ 200.728903][ T8010] ? __pfx_blkdev_write_iter+0x10/0x10 [ 200.728928][ T8010] ? __pfx_vfs_write+0x10/0x10 [ 200.728943][ T8010] ? find_held_lock+0x2b/0x80 [ 200.728972][ T8010] ksys_write+0x12a/0x250 [ 200.728989][ T8010] ? __pfx_ksys_write+0x10/0x10 [ 200.729007][ T8010] ? rcu_is_watching+0x12/0xc0 [ 200.729026][ T8010] do_syscall_64+0x115/0x840 [ 200.729046][ T8010] ? clear_bhb_loop+0x40/0x90 [ 200.729064][ T8010] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 200.729079][ T8010] RIP: 0033:0x7f285f39ce59 [ 200.729091][ T8010] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 200.729105][ T8010] RSP: 002b:00007f28601aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 200.729119][ T8010] RAX: ffffffffffffffda RBX: 00007f285f616090 RCX: 00007f285f39ce59 [ 200.729128][ T8010] RDX: 0000000080000005 RSI: 0000200000000180 RDI: 0000000000000002 [ 200.729137][ T8010] RBP: 00007f285f432d6f R08: 0000000000000000 R09: 0000000000000000 [ 200.729145][ T8010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 200.729154][ T8010] R13: 00007f285f616128 R14: 00007f285f616090 R15: 00007ffe6096ceb8 [ 200.729178][ T8010] [ 201.499532][ T4951] Bluetooth: hci1: unexpected event 0x03 length: 41 > 11 [ 202.396985][ T8072] netlink: 334 bytes leftover after parsing attributes in process `syz.2.377'. [ 202.920595][ T8087] random: crng reseeded on system resumption [ 203.097206][ T8083] hub 1-0:1.0: USB hub found [ 203.149454][ T8083] hub 1-0:1.0: 1 port detected [ 203.347270][ T8094] ubi: mtd0 is already attached to ubi31 [ 204.036020][ T8130] futex_wake_op: syz.1.388 tries to shift op by -2048; fix this program [ 204.066043][ T8130] futex_wake_op: syz.1.388 tries to shift op by -2048; fix this program [ 204.196947][ T8125] FAULT_INJECTION: forcing a failure. [ 204.196947][ T8125] name failslab, interval 1, probability 0, space 0, times 0 [ 204.303838][ T8125] CPU: 0 UID: 0 PID: 8125 Comm: syz.2.387 Tainted: G L syzkaller #0 PREEMPT(full) [ 204.303872][ T8125] Tainted: [L]=SOFTLOCKUP [ 204.303877][ T8125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 204.303886][ T8125] Call Trace: [ 204.303891][ T8125] [ 204.303897][ T8125] dump_stack_lvl+0x100/0x190 [ 204.303927][ T8125] should_fail_ex.cold+0x5/0xa [ 204.303947][ T8125] should_failslab+0xc2/0x120 [ 204.303965][ T8125] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 204.303988][ T8125] ? sk_prot_alloc+0x60/0x2a0 [ 204.304010][ T8125] sk_prot_alloc+0x60/0x2a0 [ 204.304033][ T8125] sk_alloc+0x36/0xe80 [ 204.304048][ T8125] pn_socket_create+0x22d/0x560 [ 204.304072][ T8125] __sock_create+0x339/0x860 [ 204.304094][ T8125] __sys_socket+0x14d/0x260 [ 204.304114][ T8125] ? __pfx___sys_socket+0x10/0x10 [ 204.304140][ T8125] __x64_sys_socket+0x72/0xb0 [ 204.304159][ T8125] ? lockdep_hardirqs_on+0x78/0x100 [ 204.304179][ T8125] do_syscall_64+0x115/0x840 [ 204.304198][ T8125] ? clear_bhb_loop+0x40/0x90 [ 204.304216][ T8125] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.304231][ T8125] RIP: 0033:0x7f0492f9ce59 [ 204.304244][ T8125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 204.304258][ T8125] RSP: 002b:00007f0493de7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 204.304272][ T8125] RAX: ffffffffffffffda RBX: 00007f0493215fa0 RCX: 00007f0492f9ce59 [ 204.304282][ T8125] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000023 [ 204.304290][ T8125] RBP: 00007f0493032d6f R08: 0000000000000000 R09: 0000000000000000 [ 204.304299][ T8125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.304307][ T8125] R13: 00007f0493216038 R14: 00007f0493215fa0 R15: 00007ffe92e776c8 [ 204.304326][ T8125] [ 204.729737][ T8125] sd 0:0:1:0: PR command failed: 1026 [ 204.748822][ T8125] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 204.797222][ T8125] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 205.891434][ T4951] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 207.261124][ T8192] netlink: 12 bytes leftover after parsing attributes in process `syz.4.400'. [ 207.469161][ T30] audit: type=1804 audit(2147483714.970:6): pid=8196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.400" name="/newroot/26/file0" dev="tmpfs" ino=155 res=1 errno=0 [ 207.782161][ T8201] netlink: 4 bytes leftover after parsing attributes in process `syz.2.401'. [ 207.920777][ T5641] Bluetooth: hci2: command 0x0c1a tx timeout [ 208.264880][ T8225] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 208.271371][ T8225] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 208.418115][ T8225] netlink: 20 bytes leftover after parsing attributes in process `syz.2.405'. [ 208.482698][ T8216] Process accounting resumed [ 208.493311][ T8225] hsr_slave_0: left promiscuous mode [ 208.521504][ T8225] hsr_slave_1: left promiscuous mode [ 209.027067][ T8246] FAULT_INJECTION: forcing a failure. [ 209.027067][ T8246] name failslab, interval 1, probability 0, space 0, times 0 [ 209.115903][ T8246] CPU: 0 UID: 8 PID: 8246 Comm: syz.4.411 Tainted: G L syzkaller #0 PREEMPT(full) [ 209.115930][ T8246] Tainted: [L]=SOFTLOCKUP [ 209.115936][ T8246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 209.115944][ T8246] Call Trace: [ 209.115950][ T8246] [ 209.115956][ T8246] dump_stack_lvl+0x100/0x190 [ 209.115986][ T8246] should_fail_ex.cold+0x5/0xa [ 209.116006][ T8246] should_failslab+0xc2/0x120 [ 209.116024][ T8246] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 209.116050][ T8246] ? key_alloc+0xc0f/0x1310 [ 209.116069][ T8246] ? __lock_acquire+0x4a5/0x2630 [ 209.116095][ T8246] key_alloc+0xc0f/0x1310 [ 209.116120][ T8246] ? __pfx_key_alloc+0x10/0x10 [ 209.116137][ T8246] ? __asan_memcpy+0x3c/0x60 [ 209.116163][ T8246] keyring_alloc+0x44/0xc0 [ 209.116186][ T8246] keyctl_get_persistent+0x779/0x8b0 [ 209.116209][ T8246] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 209.116232][ T8246] ? __x64_sys_futex+0x34f/0x4d0 [ 209.116247][ T8246] ? __x64_sys_futex+0x358/0x4d0 [ 209.116264][ T8246] ? ksys_write+0x1ac/0x250 [ 209.116285][ T8246] __do_sys_keyctl+0x3b2/0x5a0 [ 209.116302][ T8246] do_syscall_64+0x115/0x840 [ 209.116322][ T8246] ? clear_bhb_loop+0x40/0x90 [ 209.116340][ T8246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.116355][ T8246] RIP: 0033:0x7f382d19ce59 [ 209.116368][ T8246] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 209.116381][ T8246] RSP: 002b:00007f382e13e028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 209.116396][ T8246] RAX: ffffffffffffffda RBX: 00007f382d415fa0 RCX: 00007f382d19ce59 [ 209.116407][ T8246] RDX: 7fffffffffffffff RSI: 0000000000000000 RDI: 0000000000000016 [ 209.116416][ T8246] RBP: 00007f382d232d6f R08: 0000000000000002 R09: 0000000000000000 [ 209.116424][ T8246] R10: ffffffffffffe6d6 R11: 0000000000000246 R12: 0000000000000000 [ 209.116433][ T8246] R13: 00007f382d416038 R14: 00007f382d415fa0 R15: 00007ffcfa012b18 [ 209.116459][ T8246] [ 210.002483][ T4951] Bluetooth: hci2: command 0x0c1a tx timeout [ 212.632127][ T8318] netlink: 28 bytes leftover after parsing attributes in process `syz.2.422'. [ 212.779020][ T8307] hub 1-0:1.0: USB hub found [ 212.866443][ T8307] hub 1-0:1.0: 1 port detected [ 213.264537][ T8333] ACPI: Can not change Invalid GPE/Fixed Event status [ 214.538086][ T8358] futex_wake_op: syz.2.427 tries to shift op by -2048; fix this program [ 215.494737][ T8371] could not allocate digest TFM handle [ 216.533937][ T8411] FAULT_INJECTION: forcing a failure. [ 216.533937][ T8411] name failslab, interval 1, probability 0, space 0, times 0 [ 216.601722][ T8411] CPU: 0 UID: 0 PID: 8411 Comm: syz.3.437 Tainted: G L syzkaller #0 PREEMPT(full) [ 216.601748][ T8411] Tainted: [L]=SOFTLOCKUP [ 216.601754][ T8411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 216.601763][ T8411] Call Trace: [ 216.601768][ T8411] [ 216.601774][ T8411] dump_stack_lvl+0x100/0x190 [ 216.601804][ T8411] should_fail_ex.cold+0x5/0xa [ 216.601823][ T8411] ? __register_sysctl_table+0xac/0x1650 [ 216.601847][ T8411] should_failslab+0xc2/0x120 [ 216.601872][ T8411] __kmalloc_noprof+0xe0/0x850 [ 216.601890][ T8411] __register_sysctl_table+0xac/0x1650 [ 216.601909][ T8411] ? rcu_is_watching+0x12/0xc0 [ 216.601927][ T8411] ? trace_kmalloc+0xe3/0x110 [ 216.601946][ T8411] ? __pfx___register_sysctl_table+0x10/0x10 [ 216.601964][ T8411] ? rcu_is_cpu_rrupt_from_idle+0x1c1/0x270 [ 216.601983][ T8411] ? __asan_memcpy+0x3c/0x60 [ 216.602006][ T8411] register_pidns_sysctls+0x11d/0x1c0 [ 216.602029][ T8411] ? __ns_common_init+0x299/0x4b0 [ 216.602050][ T8411] copy_pid_ns+0x680/0x10a0 [ 216.602074][ T8411] ? __pfx_copy_pid_ns+0x10/0x10 [ 216.602097][ T8411] ? __pfx_copy_mnt_ns+0x10/0x10 [ 216.602120][ T8411] ? create_new_namespaces+0x30/0xac0 [ 216.602141][ T8411] create_new_namespaces+0x2aa/0xac0 [ 216.602163][ T8411] unshare_nsproxy_namespaces+0xf2/0x220 [ 216.602186][ T8411] ksys_unshare+0x438/0xab0 [ 216.602207][ T8411] ? __pfx_ksys_unshare+0x10/0x10 [ 216.602226][ T8411] ? xfd_validate_state+0x129/0x190 [ 216.602240][ T8411] ? ksys_write+0x1ac/0x250 [ 216.602262][ T8411] __x64_sys_unshare+0x31/0x40 [ 216.602281][ T8411] do_syscall_64+0x115/0x840 [ 216.602302][ T8411] ? clear_bhb_loop+0x40/0x90 [ 216.602319][ T8411] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.602334][ T8411] RIP: 0033:0x7f285f39ce59 [ 216.602348][ T8411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 216.602361][ T8411] RSP: 002b:00007f28601cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 216.602376][ T8411] RAX: ffffffffffffffda RBX: 00007f285f615fa0 RCX: 00007f285f39ce59 [ 216.602386][ T8411] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 216.602394][ T8411] RBP: 00007f285f432d6f R08: 0000000000000000 R09: 0000000000000000 [ 216.602402][ T8411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 216.602411][ T8411] R13: 00007f285f616038 R14: 00007f285f615fa0 R15: 00007ffe6096ceb8 [ 216.602433][ T8411] [ 220.693675][ T8456] netlink: 342 bytes leftover after parsing attributes in process `syz.1.444'. [ 221.183192][ T8469] netlink: 4 bytes leftover after parsing attributes in process `syz.4.449'. [ 221.223607][ T8469] netlink: 25 bytes leftover after parsing attributes in process `syz.4.449'. [ 222.572583][ T8485] hub 1-0:1.0: USB hub found [ 222.681847][ T8485] hub 1-0:1.0: 1 port detected [ 222.840366][ T8509] FAULT_INJECTION: forcing a failure. [ 222.840366][ T8509] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 222.959159][ T8509] CPU: 0 UID: 0 PID: 8509 Comm: syz.1.455 Tainted: G L syzkaller #0 PREEMPT(full) [ 222.959203][ T8509] Tainted: [L]=SOFTLOCKUP [ 222.959208][ T8509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 222.959217][ T8509] Call Trace: [ 222.959222][ T8509] [ 222.959228][ T8509] dump_stack_lvl+0x100/0x190 [ 222.959257][ T8509] should_fail_ex.cold+0x5/0xa [ 222.959273][ T8509] ? prepare_alloc_pages+0x16d/0x5f0 [ 222.959294][ T8509] should_fail_alloc_page+0xeb/0x140 [ 222.959313][ T8509] prepare_alloc_pages+0x1f0/0x5f0 [ 222.959334][ T8509] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 222.959365][ T8509] ? is_bpf_text_address+0x8a/0x1a0 [ 222.959385][ T8509] ? is_bpf_text_address+0x8a/0x1a0 [ 222.959404][ T8509] ? bpf_ksym_find+0x124/0x1c0 [ 222.959419][ T8509] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 222.959441][ T8509] ? is_bpf_text_address+0x94/0x1a0 [ 222.959461][ T8509] ? kernel_text_address+0x8d/0x100 [ 222.959476][ T8509] ? __kernel_text_address+0xd/0x30 [ 222.959490][ T8509] ? unwind_get_return_address+0x59/0xa0 [ 222.959509][ T8509] ? arch_stack_walk+0xa6/0xf0 [ 222.959526][ T8509] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 222.959558][ T8509] ? stack_depot_save_flags+0x27/0x9d0 [ 222.959581][ T8509] ? find_held_lock+0x2b/0x80 [ 222.959598][ T8509] ? __refill_objects_node+0x2a7/0x8e0 [ 222.959622][ T8509] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 222.959645][ T8509] ? policy_nodemask+0xed/0x4f0 [ 222.959664][ T8509] alloc_pages_mpol+0x1fb/0x540 [ 222.959682][ T8509] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 222.959704][ T8509] alloc_pages_noprof+0x1a/0x160 [ 222.959724][ T8509] kimage_alloc_pages+0x72/0x380 [ 222.959746][ T8509] kimage_alloc_control_pages+0x157/0xa20 [ 222.959771][ T8509] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 222.959797][ T8509] do_kexec_load+0x275/0x810 [ 222.959820][ T8509] ? __pfx_do_kexec_load+0x10/0x10 [ 222.959842][ T8509] ? _copy_from_user+0x59/0xd0 [ 222.959864][ T8509] __x64_sys_kexec_load+0x1bf/0x230 [ 222.959887][ T8509] do_syscall_64+0x115/0x840 [ 222.959908][ T8509] ? clear_bhb_loop+0x40/0x90 [ 222.959925][ T8509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.959941][ T8509] RIP: 0033:0x7fdb4219ce59 [ 222.959954][ T8509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 222.959968][ T8509] RSP: 002b:00007fdb43117028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 222.959983][ T8509] RAX: ffffffffffffffda RBX: 00007fdb42416090 RCX: 00007fdb4219ce59 [ 222.959992][ T8509] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 222.960001][ T8509] RBP: 00007fdb42232d6f R08: 0000000000000000 R09: 0000000000000000 [ 222.960010][ T8509] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 222.960019][ T8509] R13: 00007fdb42416128 R14: 00007fdb42416090 R15: 00007ffc68d93f88 [ 222.960038][ T8509] [ 222.960046][ T8509] kexec: Could not allocate control_code_buffer [ 224.169976][ T8530] random: crng reseeded on system resumption [ 224.353284][ T8509] hub 1-0:1.0: USB hub found [ 224.399568][ T8509] hub 1-0:1.0: 1 port detected [ 225.613605][ T8553] netlink: 16 bytes leftover after parsing attributes in process `syz.3.461'. [ 225.857192][ T5641] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 227.014736][ T8562] random: crng reseeded on system resumption [ 227.419308][ T5641] Bluetooth: hci2: Malformed HCI Event [ 227.865753][ T8555] Process accounting paused [ 227.921974][ T4951] Bluetooth: hci3: command 0x0c1a tx timeout [ 228.423386][ T8600] binder: 8599:8600 ioctl 541b 0 returned -22 [ 228.805639][ T8608] FAULT_INJECTION: forcing a failure. [ 228.805639][ T8608] name failslab, interval 1, probability 0, space 0, times 0 [ 228.840581][ T8610] vivid-007: ================= START STATUS ================= [ 228.865905][ T8608] CPU: 0 UID: 8 PID: 8608 Comm: syz.2.473 Tainted: G L syzkaller #0 PREEMPT(full) [ 228.865930][ T8608] Tainted: [L]=SOFTLOCKUP [ 228.865936][ T8608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 228.865945][ T8608] Call Trace: [ 228.865951][ T8608] [ 228.865956][ T8608] dump_stack_lvl+0x100/0x190 [ 228.865986][ T8608] should_fail_ex.cold+0x5/0xa [ 228.866006][ T8608] should_failslab+0xc2/0x120 [ 228.866024][ T8608] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 228.866047][ T8608] ? key_alloc+0x3c5/0x1310 [ 228.866070][ T8608] key_alloc+0x3c5/0x1310 [ 228.866095][ T8608] ? __pfx_key_alloc+0x10/0x10 [ 228.866118][ T8608] keyring_alloc+0x44/0xc0 [ 228.866140][ T8608] lookup_user_key+0x9b8/0x1300 [ 228.866161][ T8608] ? __pfx_lookup_user_key+0x10/0x10 [ 228.866180][ T8608] ? __pfx_futex_wait+0x10/0x10 [ 228.866200][ T8608] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 228.866226][ T8608] keyctl_get_persistent+0x197/0x8b0 [ 228.866249][ T8608] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 228.866271][ T8608] ? __x64_sys_futex+0x34f/0x4d0 [ 228.866286][ T8608] ? __x64_sys_futex+0x358/0x4d0 [ 228.866302][ T8608] ? xfd_validate_state+0x129/0x190 [ 228.866316][ T8608] ? ksys_write+0x1ac/0x250 [ 228.866337][ T8608] __do_sys_keyctl+0x3b2/0x5a0 [ 228.866353][ T8608] do_syscall_64+0x115/0x840 [ 228.866374][ T8608] ? clear_bhb_loop+0x40/0x90 [ 228.866392][ T8608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.866407][ T8608] RIP: 0033:0x7f0492f9ce59 [ 228.866421][ T8608] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 228.866434][ T8608] RSP: 002b:00007f0493de7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 228.866449][ T8608] RAX: ffffffffffffffda RBX: 00007f0493215fa0 RCX: 00007f0492f9ce59 [ 228.866459][ T8608] RDX: 7fffffffffffffff RSI: 0000000000000000 RDI: 0000000000000016 [ 228.866467][ T8608] RBP: 00007f0493032d6f R08: 0000000000000002 R09: 0000000000000000 [ 228.866476][ T8608] R10: ffffffffffffe6d6 R11: 0000000000000246 R12: 0000000000000000 [ 228.866484][ T8608] R13: 00007f0493216038 R14: 00007f0493215fa0 R15: 00007ffe92e776c8 [ 228.866503][ T8608] [ 228.869893][ T8610] vivid-007: Generate PTS: [ 229.196958][ T8614] netlink: 8 bytes leftover after parsing attributes in process `syz.3.472'. [ 229.902966][ T8610] true [ 229.917389][ T8610] vivid-007: Generate SCR: true [ 229.943218][ T8610] tpg source WxH: 320x240 (Y'CbCr) [ 229.976554][ T8610] tpg field: 1 [ 229.993970][ T8610] tpg crop: (0,0)/320x240 [ 230.004464][ T5641] Bluetooth: hci3: command 0x0c1a tx timeout [ 230.024641][ T8610] tpg compose: (0,0)/320x240 [ 230.113577][ T8610] tpg colorspace: 8 [ 230.131896][ T8610] tpg transfer function: 0/0 [ 230.152380][ T8610] tpg Y'CbCr encoding: 0/0 [ 230.173064][ T8610] tpg quantization: 0/0 [ 230.190234][ T8610] tpg RGB range: 0/2 [ 230.234891][ T8610] vivid-007: ================== END STATUS ================== [ 231.364662][ T4951] Bluetooth: hci3: Malformed HCI Event [ 232.562488][ T8677] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 232.587100][ T8677] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 232.607764][ T8677] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 232.634073][ T8677] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 232.658328][ T8677] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 232.707803][ T8677] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 233.356281][ T8697] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 233.834560][ T8711] FAULT_INJECTION: forcing a failure. [ 233.834560][ T8711] name failslab, interval 1, probability 0, space 0, times 0 [ 233.912146][ T8712] random: crng reseeded on system resumption [ 233.940386][ T8711] CPU: 0 UID: 0 PID: 8711 Comm: syz.4.492 Tainted: G L syzkaller #0 PREEMPT(full) [ 233.940412][ T8711] Tainted: [L]=SOFTLOCKUP [ 233.940418][ T8711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 233.940434][ T8711] Call Trace: [ 233.940439][ T8711] [ 233.940446][ T8711] dump_stack_lvl+0x100/0x190 [ 233.940476][ T8711] should_fail_ex.cold+0x5/0xa [ 233.940496][ T8711] should_failslab+0xc2/0x120 [ 233.940514][ T8711] __kmalloc_cache_noprof+0x7a/0x6f0 [ 233.940534][ T8711] ? do_kimage_alloc_init+0x40/0x320 [ 233.940561][ T8711] do_kimage_alloc_init+0x40/0x320 [ 233.940580][ T8711] do_kexec_load+0x11b/0x810 [ 233.940603][ T8711] ? __pfx_do_kexec_load+0x10/0x10 [ 233.940625][ T8711] ? _copy_from_user+0x59/0xd0 [ 233.940647][ T8711] __x64_sys_kexec_load+0x1bf/0x230 [ 233.940670][ T8711] do_syscall_64+0x115/0x840 [ 233.940690][ T8711] ? clear_bhb_loop+0x40/0x90 [ 233.940708][ T8711] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.940723][ T8711] RIP: 0033:0x7f382d19ce59 [ 233.940736][ T8711] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 233.940750][ T8711] RSP: 002b:00007f382e11d028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 233.940765][ T8711] RAX: ffffffffffffffda RBX: 00007f382d416090 RCX: 00007f382d19ce59 [ 233.940775][ T8711] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 233.940783][ T8711] RBP: 00007f382d232d6f R08: 0000000000000000 R09: 0000000000000000 [ 233.940792][ T8711] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 233.940800][ T8711] R13: 00007f382d416128 R14: 00007f382d416090 R15: 00007ffcfa012b18 [ 233.940819][ T8711] [ 234.134527][ T8711] hub 1-0:1.0: USB hub found [ 234.152134][ T8711] hub 1-0:1.0: 1 port detected [ 234.646596][ T4951] Bluetooth: hci5: command 0x0c1a tx timeout [ 234.653627][ T5641] Bluetooth: hci3: command 0x0c1a tx timeout [ 234.659781][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 234.665800][ T5646] Bluetooth: hci2: command 0x0c1a tx timeout [ 236.583455][ T8762] random: crng reseeded on system resumption [ 236.657391][ T8762] QAT: Device 250 not found [ 236.720313][ T5641] Bluetooth: hci5: command 0x0c1a tx timeout [ 236.867478][ T8761] netlink: 338 bytes leftover after parsing attributes in process `syz.3.501'. [ 236.958736][ T8763] netlink: 338 bytes leftover after parsing attributes in process `syz.3.501'. [ 237.388933][ T8776] FAULT_INJECTION: forcing a failure. [ 237.388933][ T8776] name failslab, interval 1, probability 0, space 0, times 0 [ 237.449028][ T8776] CPU: 0 UID: 0 PID: 8776 Comm: syz.2.504 Tainted: G L syzkaller #0 PREEMPT(full) [ 237.449057][ T8776] Tainted: [L]=SOFTLOCKUP [ 237.449063][ T8776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 237.449075][ T8776] Call Trace: [ 237.449081][ T8776] [ 237.449087][ T8776] dump_stack_lvl+0x100/0x190 [ 237.449120][ T8776] should_fail_ex.cold+0x5/0xa [ 237.449139][ T8776] should_failslab+0xc2/0x120 [ 237.449157][ T8776] __kmalloc_cache_noprof+0x7a/0x6f0 [ 237.449178][ T8776] ? do_kimage_alloc_init+0x40/0x320 [ 237.449202][ T8776] do_kimage_alloc_init+0x40/0x320 [ 237.449222][ T8776] do_kexec_load+0x11b/0x810 [ 237.449245][ T8776] ? __pfx_do_kexec_load+0x10/0x10 [ 237.449267][ T8776] ? _copy_from_user+0x59/0xd0 [ 237.449297][ T8776] __x64_sys_kexec_load+0x1bf/0x230 [ 237.449321][ T8776] do_syscall_64+0x115/0x840 [ 237.449342][ T8776] ? clear_bhb_loop+0x40/0x90 [ 237.449364][ T8776] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.449380][ T8776] RIP: 0033:0x7f0492f9ce59 [ 237.449393][ T8776] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 237.449406][ T8776] RSP: 002b:00007f0493dc6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 237.449430][ T8776] RAX: ffffffffffffffda RBX: 00007f0493216090 RCX: 00007f0492f9ce59 [ 237.449440][ T8776] RDX: 0000200000000040 RSI: 0000000000000002 RDI: 0000000000000005 [ 237.449449][ T8776] RBP: 00007f0493032d6f R08: 0000000000000000 R09: 0000000000000000 [ 237.449458][ T8776] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 237.449467][ T8776] R13: 00007f0493216128 R14: 00007f0493216090 R15: 00007ffe92e776c8 [ 237.449494][ T8776] [ 238.371508][ T8776] random: crng reseeded on system resumption [ 238.475617][ T8776] hub 1-0:1.0: USB hub found [ 238.499638][ T8776] hub 1-0:1.0: 1 port detected [ 238.571649][ T8796] FAULT_INJECTION: forcing a failure. [ 238.571649][ T8796] name failslab, interval 1, probability 0, space 0, times 0 [ 238.664638][ T8796] CPU: 0 UID: 0 PID: 8796 Comm: syz.3.506 Tainted: G L syzkaller #0 PREEMPT(full) [ 238.664663][ T8796] Tainted: [L]=SOFTLOCKUP [ 238.664669][ T8796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 238.664677][ T8796] Call Trace: [ 238.664682][ T8796] [ 238.664688][ T8796] dump_stack_lvl+0x100/0x190 [ 238.664718][ T8796] should_fail_ex.cold+0x5/0xa [ 238.664736][ T8796] should_failslab+0xc2/0x120 [ 238.664754][ T8796] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 238.664777][ T8796] ? security_inode_alloc+0x3b/0x2c0 [ 238.664794][ T8796] ? lockdep_init_map_type+0x5c/0x250 [ 238.664811][ T8796] security_inode_alloc+0x3b/0x2c0 [ 238.664828][ T8796] inode_init_always_gfp+0xc77/0xfb0 [ 238.664853][ T8796] alloc_inode+0x8e/0x250 [ 238.664876][ T8796] sock_alloc+0x44/0x280 [ 238.664892][ T8796] ? security_socket_create+0x7f/0x250 [ 238.664908][ T8796] __sock_create+0xc2/0x860 [ 238.664944][ T8796] __sys_socket+0x14d/0x260 [ 238.664964][ T8796] ? __pfx___sys_socket+0x10/0x10 [ 238.664990][ T8796] __x64_sys_socket+0x72/0xb0 [ 238.665012][ T8796] ? lockdep_hardirqs_on+0x78/0x100 [ 238.665034][ T8796] do_syscall_64+0x115/0x840 [ 238.665053][ T8796] ? clear_bhb_loop+0x40/0x90 [ 238.665071][ T8796] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.665092][ T8796] RIP: 0033:0x7f285f39ce59 [ 238.665106][ T8796] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 238.665119][ T8796] RSP: 002b:00007f28601aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 238.665133][ T8796] RAX: ffffffffffffffda RBX: 00007f285f616090 RCX: 00007f285f39ce59 [ 238.665143][ T8796] RDX: 0000000000000383 RSI: 0000000000000004 RDI: 0000000000000008 [ 238.665151][ T8796] RBP: 00007f285f432d6f R08: 0000000000000000 R09: 0000000000000000 [ 238.665160][ T8796] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.665170][ T8796] R13: 00007f285f616128 R14: 00007f285f616090 R15: 00007ffe6096ceb8 [ 238.665189][ T8796] [ 238.667090][ T8796] socket: no more sockets [ 238.916709][ T5641] Bluetooth: hci5: command 0x0c1a tx timeout [ 239.429210][ T8793] Process accounting paused [ 239.790090][ T8815] openvswitch: netlink: Duplicate key (type 15). [ 239.793474][ T8810] openvswitch: netlink: Duplicate key (type 15). [ 241.027645][ T8853] FAULT_INJECTION: forcing a failure. [ 241.027645][ T8853] name failslab, interval 1, probability 0, space 0, times 0 [ 241.100276][ T8853] CPU: 0 UID: 0 PID: 8853 Comm: syz.3.518 Tainted: G L syzkaller #0 PREEMPT(full) [ 241.100301][ T8853] Tainted: [L]=SOFTLOCKUP [ 241.100306][ T8853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 241.100315][ T8853] Call Trace: [ 241.100320][ T8853] [ 241.100325][ T8853] dump_stack_lvl+0x100/0x190 [ 241.100356][ T8853] should_fail_ex.cold+0x5/0xa [ 241.100375][ T8853] should_failslab+0xc2/0x120 [ 241.100393][ T8853] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 241.100416][ T8853] ? __d_alloc+0x34/0xa40 [ 241.100439][ T8853] __d_alloc+0x34/0xa40 [ 241.100460][ T8853] d_alloc_pseudo+0x1c/0xc0 [ 241.100474][ T8853] alloc_file_pseudo+0xcf/0x230 [ 241.100497][ T8853] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 241.100524][ T8853] __shmem_file_setup+0x205/0x460 [ 241.100546][ T8853] ? __pfx___shmem_file_setup+0x10/0x10 [ 241.100567][ T8853] ? vm_area_alloc+0x1f/0x160 [ 241.100591][ T8853] shmem_zero_setup+0x96/0x1b0 [ 241.100607][ T8853] __mmap_region+0x2509/0x2dd0 [ 241.100633][ T8853] ? __pfx___mmap_region+0x10/0x10 [ 241.100667][ T8853] ? find_held_lock+0x2b/0x80 [ 241.100685][ T8853] ? debug_object_activate+0x331/0x490 [ 241.100705][ T8853] ? debug_object_activate+0x331/0x490 [ 241.100725][ T8853] ? do_raw_spin_unlock+0x145/0x1e0 [ 241.100742][ T8853] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 241.100769][ T8853] ? find_held_lock+0x2b/0x80 [ 241.100796][ T8853] ? rcu_is_watching+0x12/0xc0 [ 241.100814][ T8853] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 241.100833][ T8853] ? lockdep_hardirqs_on+0x78/0x100 [ 241.100889][ T8853] mmap_region+0x35d/0x620 [ 241.100904][ T8853] ? rcu_is_watching+0x12/0xc0 [ 241.100921][ T8853] ? __pfx_mmap_region+0x10/0x10 [ 241.100937][ T8853] ? cap_mmap_addr+0x4b/0x120 [ 241.100950][ T8853] ? bpf_lsm_mmap_addr+0x9/0x30 [ 241.100964][ T8853] ? security_mmap_addr+0x71/0x1e0 [ 241.100984][ T8853] ? __get_unmapped_area+0x255/0x3e0 [ 241.101004][ T8853] do_mmap+0xc63/0x12f0 [ 241.101026][ T8853] ? __pfx_do_mmap+0x10/0x10 [ 241.101044][ T8853] ? __pfx_down_write_killable+0x10/0x10 [ 241.101061][ T8853] vm_mmap_pgoff+0x29e/0x470 [ 241.101083][ T8853] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 241.101102][ T8853] ? do_futex+0x192/0x350 [ 241.101118][ T8853] ? __pfx_do_futex+0x10/0x10 [ 241.101134][ T8853] ? __pfx_do_sys_openat2+0x10/0x10 [ 241.101160][ T8853] ksys_mmap_pgoff+0xe4/0x610 [ 241.101178][ T8853] ? __x64_sys_futex+0x358/0x4d0 [ 241.101193][ T8853] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 241.101210][ T8853] ? xfd_validate_state+0x129/0x190 [ 241.101229][ T8853] __x64_sys_mmap+0x125/0x190 [ 241.101246][ T8853] do_syscall_64+0x115/0x840 [ 241.101266][ T8853] ? clear_bhb_loop+0x40/0x90 [ 241.101284][ T8853] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.101299][ T8853] RIP: 0033:0x7f285f39ce59 [ 241.101311][ T8853] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 241.101325][ T8853] RSP: 002b:00007f2860189028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 241.101339][ T8853] RAX: ffffffffffffffda RBX: 00007f285f616180 RCX: 00007f285f39ce59 [ 241.101348][ T8853] RDX: 0000000080000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 241.101357][ T8853] RBP: 00007f285f432d6f R08: fffffffffffffffa R09: 0000000000008000 [ 241.101365][ T8853] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 241.101374][ T8853] R13: 00007f285f616218 R14: 00007f285f616180 R15: 00007ffe6096ceb8 [ 241.101393][ T8853] [ 241.565675][ T8835] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 241.571782][ T8835] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 241.577958][ T8835] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 241.584500][ T8835] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 242.800904][ T8872] Bluetooth: hci2: command 0x0c1a tx timeout [ 243.316671][ T8878] netlink: 24 bytes leftover after parsing attributes in process `syz.3.521'. [ 243.921217][ T8872] Bluetooth: hci5: command 0x0c1a tx timeout [ 243.927481][ T8872] Bluetooth: hci3: command 0x0c1a tx timeout [ 243.933785][ T8872] Bluetooth: hci1: command 0x0c1a tx timeout [ 244.008758][ T8903] netlink: 'syz.1.526': attribute type 2 has an invalid length. [ 245.454204][ T8936] zswap: compressor m7²5€ not available [ 246.546901][ T8968] random: crng reseeded on system resumption [ 246.653599][ T8968] hub 1-0:1.0: USB hub found [ 246.677698][ T8968] hub 1-0:1.0: 1 port detected [ 249.140040][ T9005] openvswitch: netlink: IP tunnel dst address not specified [ 251.212440][ T9053] netlink: 342 bytes leftover after parsing attributes in process `syz.3.558'. [ 251.527332][ T9062] random: crng reseeded on system resumption [ 251.761749][ T9069] netlink: 338 bytes leftover after parsing attributes in process `syz.2.562'. [ 252.114914][ T9073] ACPI: \_SB_.LNKS: No IRQ available. Try pci=noacpi or acpi=off [ 252.114960][ T9073] pci 0000:00:01.3: PCI INT A: no GSI [ 252.653566][ T9097] netlink: 28 bytes leftover after parsing attributes in process `syz.1.566'. [ 254.327553][ T9132] No such timeout policy "" [ 254.360931][ T9132] netlink: Failed to associated timeout policy '' [ 254.573923][ T9134] hub 1-0:1.0: USB hub found [ 254.597461][ T9139] netlink: 326 bytes leftover after parsing attributes in process `syz.3.576'. [ 254.611422][ T9134] hub 1-0:1.0: 1 port detected [ 254.647882][ T9139] bridge0: port 2(bridge_slave_1) entered disabled state [ 254.656508][ T9139] bridge0: port 1(bridge_slave_0) entered disabled state [ 255.155362][ T9152] ubi: mtd0 is already attached to ubi31 [ 255.843384][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.849755][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.318907][ T9190] [U]  [ 258.322010][ T9190] [U] [ 258.324692][ T9190] [U] [ 258.327364][ T9190] [U] [ 258.391309][ T9190] [U] [ 258.394020][ T9190] [U] [ 258.396695][ T9190] [U] [ 258.399364][ T9190] [U] [ 258.448063][ T9190] [U] [ 258.450783][ T9190] [U] [ 258.453461][ T9190] [U] [ 258.456132][ T9190] [U] [ 258.506653][ T9190] [U] [ 259.497523][ T8902] Bluetooth: hci2: Malformed Event: 0x2f [ 259.930985][ T9209] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 259.952147][ T9209] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 259.967147][ T9206] Process accounting resumed [ 259.973781][ T9209] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 260.010476][ T9209] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 260.431757][ T9237] [U]  [ 260.435751][ T9237] [U] [ 260.438750][ T9237] [U] [ 260.441477][ T9237] [U] [ 260.487302][ T9237] [U] [ 260.490227][ T9237] [U] [ 260.493705][ T9237] [U] [ 260.496417][ T9237] [U] [ 260.571787][ T9237] [U] [ 260.574567][ T9237] [U] [ 260.577270][ T9237] [U] [ 260.579965][ T9237] [U] [ 260.635430][ T9237] [U] [ 260.638189][ T9237] [U] [ 260.640902][ T9237] [U] [ 260.643690][ T9237] [U] [ 260.694397][ T9237] [U] [ 260.697146][ T9237] [U] [ 260.699841][ T9237] [U] [ 260.702522][ T9237] [U] [ 260.766492][ T9237] [U] [ 260.769242][ T9237] [U] [ 260.771936][ T9237] [U] [ 260.774614][ T9237] [U] [ 260.838504][ T9237] [U] [ 260.841232][ T9237] [U] [ 260.843916][ T9237] [U] [ 260.846594][ T9237] [U] [ 260.902892][ T9237] [U] [ 260.905776][ T9237] [U] [ 260.908488][ T9237] [U] [ 260.911167][ T9237] [U] [ 260.959158][ T9237] [U] [ 260.961876][ T9237] [U] [ 260.964554][ T9237] [U] [ 260.967227][ T9237] [U] [ 261.026625][ T9237] [U] [ 261.029396][ T9237] [U] [ 261.032099][ T9237] [U] [ 261.034768][ T9237] [U] [ 261.092785][ T9237] [U] [ 261.095504][ T9237] [U] [ 261.098178][ T9237] [U] [ 261.100847][ T9237] [U] [ 261.166475][ T9237] [U] [ 261.360573][ T8902] Bluetooth: hci2: command 0x0c1a tx timeout [ 261.814546][ T9227] Process accounting resumed [ 262.000294][ T8902] Bluetooth: hci3: command 0x0c1a tx timeout [ 262.006320][ T8851] Bluetooth: hci1: command 0x0c1a tx timeout [ 262.037514][ T9253] Process accounting resumed [ 262.082076][ T8851] Bluetooth: hci5: command 0x0c1a tx timeout [ 262.446590][ T9275] futex_wake_op: syz.3.604 tries to shift op by -2048; fix this program [ 264.753216][ T9329] netlink: 25 bytes leftover after parsing attributes in process `syz.1.616'. [ 265.196397][ T8851] Bluetooth: hci2: unexpected event for opcode 0x7c89 [ 266.989573][ T9385] random: crng reseeded on system resumption [ 268.165916][ T9403] ubi: mtd0 is already attached to ubi31 [ 269.009135][ T9431] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 269.009135][ T9431] The task syz.4.632 (9431) triggered the difference, watch for misbehavior. [ 269.616688][ T9405] Process accounting resumed [ 270.227820][ T8851] Bluetooth: hci2: unexpected event 0x3e length: 358 > 260 [ 270.227844][ T8851] Bluetooth: hci2: unexpected subevent 0x1b length: 357 > 260 [ 270.329777][ T9460] random: crng reseeded on system resumption [ 270.357592][ T30] audit: type=1800 audit(2147483777.860:7): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 270.413855][ T9460] FAULT_INJECTION: forcing a failure. [ 270.413855][ T9460] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 270.494430][ T30] audit: type=1800 audit(2147483777.900:8): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 270.520099][ T9460] CPU: 0 UID: 0 PID: 9460 Comm: syz.2.640 Tainted: G L syzkaller #0 PREEMPT(full) [ 270.520125][ T9460] Tainted: [L]=SOFTLOCKUP [ 270.520130][ T9460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 270.520138][ T9460] Call Trace: [ 270.520143][ T9460] [ 270.520149][ T9460] dump_stack_lvl+0x100/0x190 [ 270.520178][ T9460] should_fail_ex.cold+0x5/0xa [ 270.520194][ T9460] ? prepare_alloc_pages+0x16d/0x5f0 [ 270.520215][ T9460] should_fail_alloc_page+0xeb/0x140 [ 270.520234][ T9460] prepare_alloc_pages+0x1f0/0x5f0 [ 270.520256][ T9460] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 270.520281][ T9460] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 270.520311][ T9460] ? stack_trace_save+0x8e/0xc0 [ 270.520330][ T9460] ? __pfx_stack_trace_save+0x10/0x10 [ 270.520348][ T9460] ? arch_stack_walk+0xa6/0xf0 [ 270.520366][ T9460] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 270.520390][ T9460] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 270.520416][ T9460] ? kasan_save_stack+0x30/0x50 [ 270.520430][ T9460] ? kasan_save_track+0x14/0x30 [ 270.520443][ T9460] ? __kasan_kmalloc+0xaa/0xb0 [ 270.520456][ T9460] ? memory_bm_create+0x14d/0xba0 [ 270.520478][ T9460] ? do_syscall_64+0x115/0x840 [ 270.520498][ T9460] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.520516][ T9460] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 270.520538][ T9460] ? policy_nodemask+0xed/0x4f0 [ 270.520557][ T9460] alloc_pages_mpol+0x1fb/0x540 [ 270.520582][ T9460] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 270.520600][ T9460] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 270.520620][ T9460] alloc_pages_noprof+0x1a/0x160 [ 270.520640][ T9460] get_zeroed_page_noprof+0x18/0xb0 [ 270.520658][ T9460] get_image_page+0x18/0x1a0 [ 270.520676][ T9460] alloc_rtree_node+0x3c/0xb0 [ 270.520694][ T9460] memory_bm_create+0x65e/0xba0 [ 270.520721][ T9460] create_basic_memory_bitmaps+0x10b/0x350 [ 270.520743][ T9460] snapshot_open+0x230/0x2a0 [ 270.520764][ T9460] ? __pfx_snapshot_open+0x10/0x10 [ 270.520785][ T9460] misc_open+0x26d/0x450 [ 270.520802][ T9460] ? __pfx_misc_open+0x10/0x10 [ 270.520816][ T9460] chrdev_open+0x234/0x6a0 [ 270.520835][ T9460] ? __pfx_apparmor_file_open+0x10/0x10 [ 270.520852][ T9460] ? __pfx_chrdev_open+0x10/0x10 [ 270.520871][ T9460] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 270.520895][ T9460] do_dentry_open+0x6ab/0x14d0 [ 270.520913][ T9460] ? __pfx_chrdev_open+0x10/0x10 [ 270.520935][ T9460] vfs_open+0x82/0x3f0 [ 270.520959][ T9460] path_openat+0x208c/0x31a0 [ 270.520985][ T9460] ? __pfx_path_openat+0x10/0x10 [ 270.521010][ T9460] do_file_open+0x20e/0x430 [ 270.521030][ T9460] ? __pfx_do_file_open+0x10/0x10 [ 270.521062][ T9460] ? alloc_fd+0x476/0x790 [ 270.521082][ T9460] ? do_getname+0x191/0x390 [ 270.521105][ T9460] do_sys_openat2+0x10d/0x1e0 [ 270.521128][ T9460] ? __pfx_do_sys_openat2+0x10/0x10 [ 270.521151][ T9460] ? kill_something_info+0x111/0x310 [ 270.521176][ T9460] __x64_sys_openat+0x12d/0x210 [ 270.521199][ T9460] ? __pfx___x64_sys_openat+0x10/0x10 [ 270.521230][ T9460] ? rcu_is_watching+0x12/0xc0 [ 270.521250][ T9460] do_syscall_64+0x115/0x840 [ 270.521269][ T9460] ? clear_bhb_loop+0x40/0x90 [ 270.521287][ T9460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.521302][ T9460] RIP: 0033:0x7f0492f9ce59 [ 270.521315][ T9460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 270.521328][ T9460] RSP: 002b:00007f0493da5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 270.521342][ T9460] RAX: ffffffffffffffda RBX: 00007f0493216180 RCX: 00007f0492f9ce59 [ 270.521352][ T9460] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 270.521361][ T9460] RBP: 00007f0493032d6f R08: 0000000000000000 R09: 0000000000000000 [ 270.521369][ T9460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 270.521378][ T9460] R13: 00007f0493216218 R14: 00007f0493216180 R15: 00007ffe92e776c8 [ 270.521397][ T9460] [ 271.340187][ T30] audit: type=1800 audit(2147483777.900:9): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 271.382134][ T30] audit: type=1800 audit(2147483777.900:10): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 271.430963][ T30] audit: type=1800 audit(2147483777.900:11): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 271.521387][ T30] audit: type=1800 audit(2147483777.900:12): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 271.571469][ T30] audit: type=1800 audit(2147483777.970:13): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 271.664939][ T30] audit: type=1800 audit(2147483778.840:14): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 271.748098][ T30] audit: type=1800 audit(2147483778.840:15): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 271.825795][ T30] audit: type=1800 audit(2147483778.840:16): pid=9453 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.639" name="dbroot" dev="configfs" ino=27865 res=0 errno=0 [ 272.808395][ T9499] Setting dangerous option i915.mitigations - tainting kernel [ 273.198652][ T9512] usb usb16: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 273.576331][ T9519] netlink: 8 bytes leftover after parsing attributes in process `syz.2.650'. [ 274.408440][ T9504] Process accounting resumed [ 277.493395][ T9609] Line length is too long: Should be less than 4094 [ 277.695193][ T9606] FAULT_INJECTION: forcing a failure. [ 277.695193][ T9606] name failslab, interval 1, probability 0, space 0, times 0 [ 277.712612][ T9612] netlink: 32 bytes leftover after parsing attributes in process `syz.3.665'. [ 277.787992][ T9606] CPU: 0 UID: 0 PID: 9606 Comm: syz.1.664 Tainted: G U L syzkaller #0 PREEMPT(full) [ 277.788018][ T9606] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 277.788024][ T9606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 277.788033][ T9606] Call Trace: [ 277.788038][ T9606] [ 277.788044][ T9606] dump_stack_lvl+0x100/0x190 [ 277.788075][ T9606] should_fail_ex.cold+0x5/0xa [ 277.788095][ T9606] should_failslab+0xc2/0x120 [ 277.788113][ T9606] __kmalloc_cache_noprof+0x7a/0x6f0 [ 277.788133][ T9606] ? snd_hrtimer_open+0x43/0xf0 [ 277.788158][ T9606] ? __pfx_snd_hrtimer_open+0x10/0x10 [ 277.788180][ T9606] snd_hrtimer_open+0x43/0xf0 [ 277.788206][ T9606] snd_timer_open+0xb65/0x1100 [ 277.788230][ T9606] ? __pfx_snd_timer_open+0x10/0x10 [ 277.788252][ T9606] ? kstrdup+0xb3/0xe0 [ 277.788270][ T9606] snd_seq_timer_open+0x289/0x5d0 [ 277.788287][ T9606] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 277.788304][ T9606] ? find_held_lock+0x2b/0x80 [ 277.788325][ T9606] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 277.788344][ T9606] ? lockdep_hardirqs_on+0x78/0x100 [ 277.788365][ T9606] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 277.788386][ T9606] queue_use+0xdc/0x1f0 [ 277.788409][ T9606] snd_seq_queue_alloc+0x2e5/0x540 [ 277.788437][ T9606] snd_seq_ioctl_create_queue+0xa9/0x370 [ 277.788455][ T9606] call_seq_client_ctl+0xa3/0x130 [ 277.788474][ T9606] snd_seq_kernel_client_ctl+0x77/0xd0 [ 277.788493][ T9606] alloc_seq_queue+0xdb/0x180 [ 277.788512][ T9606] ? __pfx_alloc_seq_queue+0x10/0x10 [ 277.788539][ T9606] ? find_held_lock+0x2b/0x80 [ 277.788558][ T9606] ? mark_held_locks+0x40/0x70 [ 277.788583][ T9606] snd_seq_oss_open+0x2b2/0xa10 [ 277.788605][ T9606] odev_open+0x6f/0x90 [ 277.788621][ T9606] ? __pfx_odev_open+0x10/0x10 [ 277.788637][ T9606] soundcore_open+0x2e3/0x5a0 [ 277.788657][ T9606] ? __pfx_soundcore_open+0x10/0x10 [ 277.788675][ T9606] chrdev_open+0x234/0x6a0 [ 277.788693][ T9606] ? __pfx_apparmor_file_open+0x10/0x10 [ 277.788710][ T9606] ? __pfx_chrdev_open+0x10/0x10 [ 277.788729][ T9606] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 277.788753][ T9606] do_dentry_open+0x6ab/0x14d0 [ 277.788770][ T9606] ? __pfx_chrdev_open+0x10/0x10 [ 277.788793][ T9606] vfs_open+0x82/0x3f0 [ 277.788817][ T9606] path_openat+0x208c/0x31a0 [ 277.788842][ T9606] ? __pfx_path_openat+0x10/0x10 [ 277.788868][ T9606] do_file_open+0x20e/0x430 [ 277.788887][ T9606] ? __pfx_do_file_open+0x10/0x10 [ 277.788919][ T9606] ? alloc_fd+0x476/0x790 [ 277.788946][ T9606] ? do_getname+0x191/0x390 [ 277.788970][ T9606] do_sys_openat2+0x10d/0x1e0 [ 277.788992][ T9606] ? __pfx_do_sys_openat2+0x10/0x10 [ 277.789022][ T9606] __x64_sys_openat+0x12d/0x210 [ 277.789047][ T9606] ? __pfx___x64_sys_openat+0x10/0x10 [ 277.789068][ T9606] ? exit_to_user_mode_loop+0xf3/0x670 [ 277.789094][ T9606] ? rcu_is_watching+0x12/0xc0 [ 277.789113][ T9606] do_syscall_64+0x115/0x840 [ 277.789133][ T9606] ? clear_bhb_loop+0x40/0x90 [ 277.789151][ T9606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 277.789166][ T9606] RIP: 0033:0x7fdb4219ce59 [ 277.789180][ T9606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 277.789194][ T9606] RSP: 002b:00007fdb43138028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 277.789208][ T9606] RAX: ffffffffffffffda RBX: 00007fdb42415fa0 RCX: 00007fdb4219ce59 [ 277.789219][ T9606] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 277.789229][ T9606] RBP: 00007fdb42232d6f R08: 0000000000000000 R09: 0000000000000000 [ 277.789238][ T9606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 277.789247][ T9606] R13: 00007fdb42416038 R14: 00007fdb42415fa0 R15: 00007ffc68d93f88 [ 277.789267][ T9606] [ 280.248733][ T9660] sg_write: data in/out 262108/45 bytes for SCSI command 0x61-- guessing data in; [ 280.248733][ T9660] program syz.1.671 not setting count and/or reply_len properly [ 280.899605][ T9682] random: crng reseeded on system resumption [ 281.099288][ T8851] Bluetooth: hci2: unexpected subevent 0x0c length: 118 > 5 [ 281.516414][ T9696] [U]  [ 281.519206][ T9696] [U] [ 281.521877][ T9696] [U] [ 281.524546][ T9696] [U] [ 281.597994][ T9696] [U] [ 281.600784][ T9696] [U] [ 281.603454][ T9696] [U] [ 281.606121][ T9696] [U] [ 281.667290][ T9696] [U] [ 281.669996][ T9696] [U] [ 281.672668][ T9696] [U] [ 281.675337][ T9696] [U] [ 281.701311][ T9706] FAULT_INJECTION: forcing a failure. [ 281.701311][ T9706] name failslab, interval 1, probability 0, space 0, times 0 [ 281.734436][ T9696] [U] [ 281.737136][ T9696] [U] [ 281.739809][ T9696] [U] [ 281.742479][ T9696] [U] [ 281.777331][ T9706] CPU: 0 UID: 0 PID: 9706 Comm: syz.1.688 Tainted: G U L syzkaller #0 PREEMPT(full) [ 281.777358][ T9706] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 281.777364][ T9706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 281.777373][ T9706] Call Trace: [ 281.777379][ T9706] [ 281.777385][ T9706] dump_stack_lvl+0x100/0x190 [ 281.777414][ T9706] should_fail_ex.cold+0x5/0xa [ 281.777434][ T9706] should_failslab+0xc2/0x120 [ 281.777452][ T9706] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 281.777478][ T9706] ? sp_alloc+0x27/0x160 [ 281.777502][ T9706] sp_alloc+0x27/0x160 [ 281.777522][ T9706] mpol_set_shared_policy+0xa5/0x890 [ 281.777546][ T9706] ? __pfx_shmem_set_policy+0x10/0x10 [ 281.777564][ T9706] mbind_range+0x339/0x550 [ 281.777585][ T9706] do_mbind+0x7dc/0xfd0 [ 281.777610][ T9706] ? __pfx_do_mbind+0x10/0x10 [ 281.777635][ T9706] ? ksys_write+0x190/0x250 [ 281.777661][ T9706] ? __pfx_get_nodes+0x10/0x10 [ 281.777681][ T9706] kernel_mbind+0x1b7/0x200 [ 281.777703][ T9706] ? __pfx_kernel_mbind+0x10/0x10 [ 281.777732][ T9706] ? rcu_is_watching+0x12/0xc0 [ 281.777752][ T9706] do_syscall_64+0x115/0x840 [ 281.777773][ T9706] ? clear_bhb_loop+0x40/0x90 [ 281.777791][ T9706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 281.777806][ T9706] RIP: 0033:0x7fdb4219ce59 [ 281.777819][ T9706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 281.777833][ T9706] RSP: 002b:00007fdb43117028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 281.777848][ T9706] RAX: ffffffffffffffda RBX: 00007fdb42416090 RCX: 00007fdb4219ce59 [ 281.777861][ T9706] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 281.777870][ T9706] RBP: 00007fdb42232d6f R08: 0000000000000006 R09: 0000000000000002 [ 281.777878][ T9706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 281.777887][ T9706] R13: 00007fdb42416128 R14: 00007fdb42416090 R15: 00007ffc68d93f88 [ 281.777906][ T9706] [ 282.107669][ T9696] [U] [ 282.110375][ T9696] [U] [ 282.113054][ T9696] [U] [ 282.115719][ T9696] [U] [ 282.118629][ T9696] [U] [ 282.121303][ T9696] [U] [ 282.123970][ T9696] [U] [ 282.126639][ T9696] [U] [ 282.129601][ T9696] [U] [ 282.132287][ T9696] [U] [ 282.134955][ T9696] [U] [ 282.137627][ T9696] [U] [ 282.140895][ T9696] [U] [ 282.143577][ T9696] [U] [ 282.146249][ T9696] [U] [ 282.148918][ T9696] [U] [ 282.152130][ T9696] [U] [ 282.154813][ T9696] [U] [ 282.157484][ T9696] [U] [ 282.160149][ T9696] [U] [ 282.163040][ T9696] [U] [ 282.165716][ T9696] [U] [ 282.168384][ T9696] [U] [ 282.171056][ T9696] [U] [ 282.174016][ T9696] [U] [ 282.176693][ T9696] [U] [ 282.179361][ T9696] [U] [ 282.182030][ T9696] [U] [ 282.184906][ T9696] [U] [ 282.187586][ T9696] [U] [ 282.190256][ T9696] [U] [ 282.192924][ T9696] [U] [ 282.195902][ T9696] [U] [ 282.198582][ T9696] [U] [ 282.201257][ T9696] [U] [ 282.203925][ T9696] [U] [ 282.206813][ T9696] [U] [ 282.209486][ T9696] [U] [ 282.212156][ T9696] [U] [ 282.214826][ T9696] [U] [ 282.289727][ T9696] [U] [ 282.292433][ T9696] [U] [ 282.295104][ T9696] [U] [ 282.297769][ T9696] [U] [ 282.379803][ T9696] [U] [ 282.528415][ T9715] netlink: 24 bytes leftover after parsing attributes in process `syz.2.681'. [ 283.722050][ T9740] netlink: 5376 bytes leftover after parsing attributes in process `syz.4.686'. [ 284.332217][ T9754] FAULT_INJECTION: forcing a failure. [ 284.332217][ T9754] name failslab, interval 1, probability 0, space 0, times 0 [ 284.414218][ T9754] CPU: 0 UID: 0 PID: 9754 Comm: syz.3.692 Tainted: G U L syzkaller #0 PREEMPT(full) [ 284.414247][ T9754] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 284.414252][ T9754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 284.414262][ T9754] Call Trace: [ 284.414267][ T9754] [ 284.414274][ T9754] dump_stack_lvl+0x100/0x190 [ 284.414305][ T9754] should_fail_ex.cold+0x5/0xa [ 284.414325][ T9754] should_failslab+0xc2/0x120 [ 284.414344][ T9754] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 284.414366][ T9754] ? __d_alloc+0x34/0xa40 [ 284.414390][ T9754] __d_alloc+0x34/0xa40 [ 284.414412][ T9754] d_alloc_pseudo+0x1c/0xc0 [ 284.414426][ T9754] alloc_file_pseudo+0xcf/0x230 [ 284.414449][ T9754] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 284.414482][ T9754] __shmem_file_setup+0x205/0x460 [ 284.414505][ T9754] ? __pfx___shmem_file_setup+0x10/0x10 [ 284.414528][ T9754] ? vm_area_alloc+0x1f/0x160 [ 284.414552][ T9754] shmem_zero_setup+0x96/0x1b0 [ 284.414569][ T9754] __mmap_region+0x2509/0x2dd0 [ 284.414595][ T9754] ? __pfx___mmap_region+0x10/0x10 [ 284.414618][ T9754] ? __lock_acquire+0x4a5/0x2630 [ 284.414641][ T9754] ? find_held_lock+0x2b/0x80 [ 284.414659][ T9754] ? process_measurement+0x4c8/0x2350 [ 284.414674][ T9754] ? process_measurement+0x4c8/0x2350 [ 284.414696][ T9754] ? __lock_acquire+0x4a5/0x2630 [ 284.414718][ T9754] ? do_raw_spin_unlock+0x145/0x1e0 [ 284.414735][ T9754] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 284.414763][ T9754] ? find_held_lock+0x2b/0x80 [ 284.414781][ T9754] ? rcu_is_watching+0x12/0xc0 [ 284.414806][ T9754] ? rcu_is_watching+0x12/0xc0 [ 284.414823][ T9754] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 284.414842][ T9754] ? lockdep_hardirqs_on+0x78/0x100 [ 284.414892][ T9754] mmap_region+0x35d/0x620 [ 284.414906][ T9754] ? rcu_is_watching+0x12/0xc0 [ 284.414923][ T9754] ? __pfx_mmap_region+0x10/0x10 [ 284.414939][ T9754] ? cap_mmap_addr+0x4b/0x120 [ 284.414954][ T9754] ? bpf_lsm_mmap_addr+0x9/0x30 [ 284.414967][ T9754] ? security_mmap_addr+0x71/0x1e0 [ 284.414987][ T9754] ? __get_unmapped_area+0x255/0x3e0 [ 284.415008][ T9754] do_mmap+0xc63/0x12f0 [ 284.415029][ T9754] ? __pfx_do_mmap+0x10/0x10 [ 284.415047][ T9754] ? __pfx_down_write_killable+0x10/0x10 [ 284.415065][ T9754] vm_mmap_pgoff+0x29e/0x470 [ 284.415087][ T9754] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 284.415107][ T9754] ? do_futex+0x192/0x350 [ 284.415123][ T9754] ? __pfx_do_futex+0x10/0x10 [ 284.415141][ T9754] ksys_mmap_pgoff+0xe4/0x610 [ 284.415159][ T9754] ? __x64_sys_futex+0x358/0x4d0 [ 284.415175][ T9754] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 284.415192][ T9754] ? xfd_validate_state+0x129/0x190 [ 284.415206][ T9754] ? ksys_write+0x1ac/0x250 [ 284.415226][ T9754] __x64_sys_mmap+0x125/0x190 [ 284.415244][ T9754] do_syscall_64+0x115/0x840 [ 284.415264][ T9754] ? clear_bhb_loop+0x40/0x90 [ 284.415282][ T9754] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.415297][ T9754] RIP: 0033:0x7f285f39ce59 [ 284.415311][ T9754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 284.415326][ T9754] RSP: 002b:00007f28601cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 284.415341][ T9754] RAX: ffffffffffffffda RBX: 00007f285f615fa0 RCX: 00007f285f39ce59 [ 284.415351][ T9754] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 284.415361][ T9754] RBP: 00007f285f432d6f R08: fffffffffffffffa R09: 0000000000008000 [ 284.415370][ T9754] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 284.415383][ T9754] R13: 00007f285f616038 R14: 00007f285f615fa0 R15: 00007ffe6096ceb8 [ 284.415402][ T9754] [ 284.939511][ T9759] &#$@\]\-: entered promiscuous mode [ 284.949639][ T9758] ima: policy update failed [ 284.968818][ T30] kauditd_printk_skb: 23 callbacks suppressed [ 284.968832][ T30] audit: type=1802 audit(2147483792.460:40): pid=9758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.693" res=0 errno=0 [ 285.594937][ T9774] ================================================================== [ 285.594948][ T9774] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60 [ 285.594975][ T9774] Write of size 8 at addr ffffc900049b1060 by task syz.4.696/9774 [ 285.594987][ T9774] [ 285.594997][ T9774] CPU: 0 UID: 0 PID: 9774 Comm: syz.4.696 Tainted: G U L syzkaller #0 PREEMPT(full) [ 285.595019][ T9774] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 285.595025][ T9774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 285.595034][ T9774] Call Trace: [ 285.595039][ T9774] [ 285.595045][ T9774] dump_stack_lvl+0x100/0x190 [ 285.595068][ T9774] print_report+0x13d/0x4b0 [ 285.595089][ T9774] ? _raw_spin_lock_irqsave+0x52/0x60 [ 285.595109][ T9774] ? sys_imageblit+0x19fb/0x1d60 [ 285.595126][ T9774] kasan_report+0xdf/0x1d0 [ 285.595144][ T9774] ? sys_imageblit+0x19fb/0x1d60 [ 285.595164][ T9774] sys_imageblit+0x19fb/0x1d60 [ 285.595184][ T9774] ? __pfx_sys_imageblit+0x10/0x10 [ 285.595203][ T9774] ? prb_read_valid+0x78/0xa0 [ 285.595218][ T9774] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 285.595242][ T9774] soft_cursor+0x524/0xa10 [ 285.595258][ T9774] ? atomic_notifier_call_chain+0x50/0x1c0 [ 285.595280][ T9774] ? fb_get_color_depth+0x120/0x250 [ 285.595302][ T9774] bit_cursor+0xca1/0x1490 [ 285.595323][ T9774] ? __pfx_bit_cursor+0x10/0x10 [ 285.595344][ T9774] ? __lock_acquire+0x4a5/0x2630 [ 285.595368][ T9774] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 285.595389][ T9774] ? get_color+0x1da/0x450 [ 285.595410][ T9774] ? __pfx_bit_cursor+0x10/0x10 [ 285.595423][ T9774] fbcon_cursor+0x43c/0x5e0 [ 285.595444][ T9774] ? add_softcursor+0x190/0x290 [ 285.595461][ T9774] set_cursor+0x1db/0x250 [ 285.595476][ T9774] con_write+0x89/0xb0 [ 285.595494][ T9774] n_tty_write+0x431/0x11c0 [ 285.595519][ T9774] ? __pfx_n_tty_write+0x10/0x10 [ 285.595539][ T9774] ? trace_kmalloc+0xe3/0x110 [ 285.595556][ T9774] ? __pfx_woken_wake_function+0x10/0x10 [ 285.595573][ T9774] ? rcu_is_watching+0x12/0xc0 [ 285.595588][ T9774] ? file_tty_write.isra.0+0x694/0x890 [ 285.595606][ T9774] ? kfree+0x1dd/0x6c0 [ 285.595625][ T9774] ? __pfx_n_tty_write+0x10/0x10 [ 285.595647][ T9774] file_tty_write.isra.0+0x4d2/0x890 [ 285.595667][ T9774] redirected_tty_write+0xd4/0x120 [ 285.595685][ T9774] vfs_write+0x6ac/0x1070 [ 285.595701][ T9774] ? __pfx_redirected_tty_write+0x10/0x10 [ 285.595721][ T9774] ? __pfx_vfs_write+0x10/0x10 [ 285.595736][ T9774] ? find_held_lock+0x2b/0x80 [ 285.595758][ T9774] ksys_write+0x12a/0x250 [ 285.595774][ T9774] ? __pfx_ksys_write+0x10/0x10 [ 285.595791][ T9774] ? rcu_is_watching+0x12/0xc0 [ 285.595807][ T9774] do_syscall_64+0x115/0x840 [ 285.595827][ T9774] ? clear_bhb_loop+0x40/0x90 [ 285.595844][ T9774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.595859][ T9774] RIP: 0033:0x7f382d19ce59 [ 285.595872][ T9774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 285.595886][ T9774] RSP: 002b:00007f382e11d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 285.595901][ T9774] RAX: ffffffffffffffda RBX: 00007f382d416090 RCX: 00007f382d19ce59 [ 285.595912][ T9774] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000008 [ 285.595921][ T9774] RBP: 00007f382d232d6f R08: 0000000000000000 R09: 0000000000000000 [ 285.595930][ T9774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.595939][ T9774] R13: 00007f382d416128 R14: 00007f382d416090 R15: 00007ffcfa012b18 [ 285.595954][ T9774] [ 285.595959][ T9774] [ 285.595964][ T9774] The buggy address belongs to a vmalloc virtual mapping [ 285.595975][ T9774] Memory state around the buggy address: [ 285.595983][ T9774] ffffc900049b0f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 285.596002][ T9774] ffffc900049b0f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 285.596013][ T9774] >ffffc900049b1000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 285.596021][ T9774] ^ [ 285.596030][ T9774] ffffc900049b1080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 285.596041][ T9774] ffffc900049b1100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 285.596052][ T9774] ================================================================== [ 285.623876][ T9774] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 285.623895][ T9774] CPU: 0 UID: 0 PID: 9774 Comm: syz.4.696 Tainted: G U L syzkaller #0 PREEMPT(full) [ 285.623920][ T9774] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 285.623926][ T9774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 285.623936][ T9774] Call Trace: [ 285.623942][ T9774] [ 285.623947][ T9774] dump_stack_lvl+0x100/0x190 [ 285.623977][ T9774] vpanic+0x552/0x970 [ 285.623992][ T9774] ? __pfx_vpanic+0x10/0x10 [ 285.624005][ T9774] ? mark_held_locks+0x40/0x70 [ 285.624029][ T9774] ? sys_imageblit+0x19fb/0x1d60 [ 285.624048][ T9774] panic+0xd1/0xe0 [ 285.624061][ T9774] ? __pfx_panic+0x10/0x10 [ 285.624075][ T9774] ? sys_imageblit+0x19fb/0x1d60 [ 285.624092][ T9774] ? preempt_schedule_common+0x42/0xc0 [ 285.624115][ T9774] check_panic_on_warn.cold+0x19/0x34 [ 285.624130][ T9774] end_report.part.0+0x3a/0x90 [ 285.624151][ T9774] kasan_report.cold+0xe/0x18 [ 285.624171][ T9774] ? sys_imageblit+0x19fb/0x1d60 [ 285.624196][ T9774] sys_imageblit+0x19fb/0x1d60 [ 285.624216][ T9774] ? __pfx_sys_imageblit+0x10/0x10 [ 285.624237][ T9774] ? prb_read_valid+0x78/0xa0 [ 285.624253][ T9774] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 285.624278][ T9774] soft_cursor+0x524/0xa10 [ 285.624295][ T9774] ? atomic_notifier_call_chain+0x50/0x1c0 [ 285.624317][ T9774] ? fb_get_color_depth+0x120/0x250 [ 285.624348][ T9774] bit_cursor+0xca1/0x1490 [ 285.624366][ T9774] ? __pfx_bit_cursor+0x10/0x10 [ 285.624380][ T9774] ? __lock_acquire+0x4a5/0x2630 [ 285.624405][ T9774] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 285.624426][ T9774] ? get_color+0x1da/0x450 [ 285.624447][ T9774] ? __pfx_bit_cursor+0x10/0x10 [ 285.624461][ T9774] fbcon_cursor+0x43c/0x5e0 [ 285.624482][ T9774] ? add_softcursor+0x190/0x290 [ 285.624499][ T9774] set_cursor+0x1db/0x250 [ 285.624514][ T9774] con_write+0x89/0xb0 [ 285.624533][ T9774] n_tty_write+0x431/0x11c0 [ 285.624564][ T9774] ? __pfx_n_tty_write+0x10/0x10 [ 285.624586][ T9774] ? trace_kmalloc+0xe3/0x110 [ 285.624604][ T9774] ? __pfx_woken_wake_function+0x10/0x10 [ 285.624623][ T9774] ? rcu_is_watching+0x12/0xc0 [ 285.624640][ T9774] ? file_tty_write.isra.0+0x694/0x890 [ 285.624659][ T9774] ? kfree+0x1dd/0x6c0 [ 285.624678][ T9774] ? __pfx_n_tty_write+0x10/0x10 [ 285.624700][ T9774] file_tty_write.isra.0+0x4d2/0x890 [ 285.624720][ T9774] redirected_tty_write+0xd4/0x120 [ 285.624739][ T9774] vfs_write+0x6ac/0x1070 [ 285.624756][ T9774] ? __pfx_redirected_tty_write+0x10/0x10 [ 285.624775][ T9774] ? __pfx_vfs_write+0x10/0x10 [ 285.624791][ T9774] ? find_held_lock+0x2b/0x80 [ 285.624813][ T9774] ksys_write+0x12a/0x250 [ 285.624829][ T9774] ? __pfx_ksys_write+0x10/0x10 [ 285.624846][ T9774] ? rcu_is_watching+0x12/0xc0 [ 285.624863][ T9774] do_syscall_64+0x115/0x840 [ 285.624884][ T9774] ? clear_bhb_loop+0x40/0x90 [ 285.624900][ T9774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 285.624916][ T9774] RIP: 0033:0x7f382d19ce59 [ 285.624929][ T9774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 285.624943][ T9774] RSP: 002b:00007f382e11d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 285.624959][ T9774] RAX: ffffffffffffffda RBX: 00007f382d416090 RCX: 00007f382d19ce59 [ 285.624970][ T9774] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000008 [ 285.624980][ T9774] RBP: 00007f382d232d6f R08: 0000000000000000 R09: 0000000000000000 [ 285.624989][ T9774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.624998][ T9774] R13: 00007f382d416128 R14: 00007f382d416090 R15: 00007ffcfa012b18 [ 285.625013][ T9774] [ 285.625083][ T9774] Kernel Offset: disabled