last executing test programs: 10.300793935s ago: executing program 1 (id=106): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1e, 0x4, 0x0) socket(0x21, 0x1, 0x0) r1 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) r2 = socket(0x15, 0x5, 0x0) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtd\x00', 0x80842, 0x0) unshare$auto(0x40000080) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(r4, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000280)={0x14, r5, 0xf3e97f51700e57cf, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8020) read$auto(0xffffffffffffffff, 0x0, 0x7f) mprotect$auto(0x8000, 0x8, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x129600, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) read$auto(r4, 0x0, 0x3) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) sendmsg$auto_NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000200)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x140}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x18, r7, 0x4, 0x70bd2c, 0x25dfdbfc, {}, [@NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x800}, 0x8000) read$auto_proc_iter_file_ops_compat_inode(r3, &(0x7f0000000280)=""/144, 0x90) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r8) sendmsg$auto_TIPC_NL_NET_SET(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000007980)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r9, @ANYRESOCT=r6, @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x44050}, 0x10) 8.121271044s ago: executing program 1 (id=112): socket(0xa, 0x1, 0x83) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) mmap$auto(0xfffffffffffffff9, 0x2000c, 0x2, 0xa818, 0x40000000000a5, 0x5) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket(0x29, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) lseek$auto(r2, 0xffffffffffffbaeb, 0xcd06) sendmsg$auto_ETHTOOL_MSG_EEE_SET(r1, 0x0, 0x4048010) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff024}}) write$auto(r5, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_FS_IOC_RESVSP(r0, 0x40305828, 0xc) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda\x00', 0x60342, 0x0) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r7, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000080)=ANY=[@ANYBLOB="c69ab8df678cb26add00f4fd1a3269cc945cc5", @ANYRES16=r6, @ANYBLOB="01012bbd7000fddbdf250d00000008000300", @ANYRES32=0x0, @ANYBLOB="0c0006000100000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x64004401}, 0x800) write$auto(r4, 0x0, 0x80000000) 5.870993482s ago: executing program 1 (id=117): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/stat_refresh\x00', 0x101382, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x17, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0) ioctl$auto(r0, 0x400454d8, r0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x20c1, 0x0) openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x181441, 0x0) setitimer$auto(0x5, &(0x7f0000000040)={{0x1b8, 0x4}, {0x8, 0x8000000000000000}}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x4d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x20, r4, 0x1, 0x70bd31, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x1}]}, @ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x20}}, 0x24048004) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x18, r6, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 5.789648408s ago: executing program 2 (id=119): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) r1 = socket(0x15, 0x5, 0x0) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto(r1, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r2) sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000003d00)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000ffdbdf250f0000000c00078008000200", @ANYRES32], 0x20}, 0x1, 0x0, 0x0, 0x44050}, 0x2) sendmsg$auto_TIPC_NL_LINK_GET(r1, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x801}, 0x4) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(r1, &(0x7f0000000b40)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x6}, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) close_range$auto(0x2, 0x8, 0xfff5) 5.539250719s ago: executing program 2 (id=120): socket(0xa, 0x1, 0x83) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) mmap$auto(0xfffffffffffffff9, 0x2000c, 0x2, 0xa818, 0x40000000000a5, 0x5) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket(0x29, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) lseek$auto(r2, 0xffffffffffffbaeb, 0xcd06) sendmsg$auto_ETHTOOL_MSG_EEE_SET(r1, 0x0, 0x4048010) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff00c}}) write$auto(r5, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_FS_IOC_RESVSP(r0, 0x40305828, 0xc) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r7, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000080)=ANY=[@ANYBLOB="c69ab8df678cb26add00f4fd1a3269cc945cc5", @ANYRES16=r6, @ANYBLOB="01012bbd7000fddbdf250d00000008000300", @ANYRES32=0x0, @ANYBLOB="0c0006000100000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x64004401}, 0x800) write$auto(r4, 0x0, 0x80000000) 4.178193114s ago: executing program 3 (id=121): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) 3.876850066s ago: executing program 3 (id=122): r0 = socket(0x2c, 0x1, 0x83) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, r0, 0x8004) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x4f, 0x0) mmap$auto(0xfffffffffffffff8, 0x20010, 0x2, 0x10, r0, 0x5) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r2 = socket(0x29, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) lseek$auto(r3, 0xffffffffffffbaeb, 0xcd06) sendmsg$auto_ETHTOOL_MSG_EEE_SET(r2, 0x0, 0x4048010) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff024}}) write$auto(r5, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_FS_IOC_RESVSP(r1, 0x40305828, 0xc) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r7, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000080)=ANY=[@ANYBLOB="c69ab8df678cb26add00f4fd1a3269cc945cc5", @ANYRES16=r6, @ANYBLOB="01012bbd7000fddbdf250d00000008000300", @ANYRES32=0x0, @ANYBLOB="0c0006000100000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x64004401}, 0x800) write$auto(r1, 0x0, 0xa43) 3.49156276s ago: executing program 1 (id=123): mmap$auto(0x0, 0x271c5fc1, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x8001, 0x0) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(r0, 0xc018620c, &(0x7f0000000040)="d8e3ebfca3b4911239df17e7904be31d5afe868b8a53b52b5428b84844643f2bf320a4b044ff0e3b8eb3044bd3340974b20ad24d88b17512716bf7ac601867f27406be7704c8329187f04a20614fc59680230a946585b92c941efe65c05e284ca45cf1f7a32ab5410a222aea8ccf") r1 = fsopen$auto(0x0, 0x8fb) epoll_create1$auto(0x7f) socket(0xa, 0x2, 0x88) prctl$auto_PR_SET_MM_START_DATA(0x8829, 0x3, 0xffffffffffffffff, 0xffffffff, 0x6) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) write$auto_tomoyo_operations_securityfs_if(r2, &(0x7f0000000180)="0a1b9a5c3000006e163bb154d7886d8edeea371cadb848770dc8f745d1c76eedba12b9f694dabdbcf3401910000000000060000023b5d40a", 0x38) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, r1, 0x8000) capset$auto(&(0x7f00000000c0)={0x20080522}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x59, 0x0) mmap$auto(0x0, 0xb2, 0xde, 0x9b72, 0x2, 0x8000) r3 = io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x6, 0x2, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x76c5, 0x400005, 0x100000005}}) io_uring_enter$auto(r3, 0x9, 0x820e, 0x8b, 0x0, 0x18) close_range$auto(0x0, 0xfffffffffffff000, 0x0) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x2, 0x9, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyaf\x00', 0x101840, 0x0) r4 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r4) mkdir$auto(&(0x7f00000001c0)='./cgroup\x00', 0xa) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.type\x00', 0x183042, 0x0) rmdir$auto(&(0x7f0000000080)='./cgroup\x00') msgget$auto(0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x9, 0x3ff57697, 0x17, r1, 0x8000000000008001) mlockall$auto(0x7) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) 3.429059052s ago: executing program 0 (id=124): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/stat_refresh\x00', 0x101382, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x17, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0) ioctl$auto(r0, 0x400454d8, r0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x20c1, 0x0) openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000000), 0x181441, 0x0) setitimer$auto(0x5, &(0x7f0000000040)={{0x1b8, 0x4}, {0x8, 0x8000000000000000}}, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x4d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)={0x20, r4, 0x1, 0x70bd31, 0x25dfdbfc, {}, [@ETHTOOL_A_FEATURES_WANTED={0x8, 0x3, 0x0, 0x1, [@nested={0x4, 0x1}]}, @ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x20}}, 0x24048004) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x18, r6, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 3.425851466s ago: executing program 2 (id=125): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/protocols\x00', 0x80080, 0x0) set_mempolicy_home_node$auto(0x20600000, 0xffffffffffffffff, 0x0, 0x0) read$auto(r0, &(0x7f0000000000)='/,\x00', 0x5644) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003180), r1) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f0000000000)={0x14, r2, 0x301, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) read$auto(r1, &(0x7f0000000080)='\x00', 0xff09) ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000100)={"1693a1b2bbfede40af1c4f12f581e7f7bca6adec933e93bca03bad44a33019fd", 0x7, 0xfffffff9, 0x5, 0x5, 0x8, 0xffffffffffffffff}) getpgrp(r3) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/disksize\x00', 0x2202, 0x0) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), r1) mkdir$auto(&(0x7f00000002c0)='./file0\x00', 0x97ef) sendmsg$auto_OVS_FLOW_CMD_DEL(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\f', @ANYRES16=r5, @ANYBLOB="00042bbd7000fcdbdf250200000008000a0000000000100001800c008d000000000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4000010}, 0x4000811) write$auto(r4, &(0x7f00000001c0)='7K\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3dec) 3.129352718s ago: executing program 2 (id=126): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x883, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) getrlimit$auto(0x3, 0x0) ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) ioctl$auto_BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x7e1b, 0x0) r2 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0) ioctl$auto(r2, 0x4008550c, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$auto_psample(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) lseek$auto(0x3, 0xffffffffff800002, 0x10) ioctl$auto_BLKFLSBUF(r3, 0x1261, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) write$auto(r0, &(0x7f00000001c0)='7\x00e\xa0\x04|\x03\xcb\x12\x1c\xc7k2\x85\xe7<,3\xd9\xfc\xa0N\xb6\"\xfb5\v\xa8}\xe3,z\xf1n,\x81<\xb9\xd5\x05\xa61\x9a;\x8c\xae@Q\x12\x10\b\x81\xcf\xbe\v\x00RK\xe2\x12\xe1<\x9a\x1f\xa6\x130`\'\xd1\xaf\xfa\xd1\nI\xb6\xa1uq\x93e9\x83`\f.\x1c\xccxn\xaf\'\x01\x00\x00\x00\x00\x00\x00\x00\xf9\xd2\xcd\xfe\x13\xad\x01Ps\x9f\x00\x1a', 0x0) 2.518273893s ago: executing program 3 (id=127): socket(0x29, 0x4, 0x2) socket(0x2, 0x1, 0x0) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) sendto$auto(0x3, 0x0, 0x7, 0x101, 0x0, 0x6) 2.442990786s ago: executing program 0 (id=128): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x7, 0x40000000000ebf, 0xffffffffffffffff, 0x8000) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x44301, 0x0) bpf$auto(0x800000, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0x4, 0x1, 0x10000, 0x0, r1, 0x1000, "72fea04183dce563f03f2a25077b3383", 0x0, 0xffffffffffffffff, 0x4, 0x6, 0x101, 0x1, r0}, 0x6f3) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x8, 0x0, 0x7, 0x0, 0xfffffffffffffffd, 0x200}, 0x5}, 0x3, 0x4, 0x0) mount$auto(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000100)='nfs4\x00\xe9\x84;\xd2\x12h;\xc1\xd1HL\x8c\xafN?\r\xe8\x8fD\x0fN\x99\x15\xe8\xd2FD2\xd9A\x01\xd2\xcb;T\x98-e\xea\xf0\xe9\xd5\x11[,l\x95\xf5\xc9n\x80\xf9\x9cB\x93\"\'\x12\n+9\xa8\xc3\x97\\\xd8\xdc\xcd\xf9\t\xc6\xf8=\xc9/\xc9\x946\xf3\xac\x8fa\x80$C7Sn\x9c\x9f\xf5\xa1\v\xc2\xb2W\xa9W\xa2\xec\xe6\x04.\xca\x83\xb9\xb0\xc8R\xdc\xef=0}o>\x87g\xe9\xee;\x98<\xa0\xca<\xae\x8b(N\x1d\xc3\x04\xdeND\x0e\xa2\xed\\\x11\x1d@\x9ev\a4\\m\xa9dv\xb5\'\xa6(+\x9c\xd0\x97\xf5N\x90\xbc|fW5\xa2)\xa7', 0x5, &(0x7f00000001c0)) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x22, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r3, 0x10f, 0x87, 0x0, 0x14) r4 = socket(0x15, 0x5, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/arp_tables_targets\x00', 0x582, 0x0) read$auto_proc_iter_file_ops_compat_inode(r5, &(0x7f0000000180)=""/250, 0xfa) bind$auto(r4, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto(r4, &(0x7f0000000180)={&(0x7f0000000040), 0x9, 0x0, 0x4, 0x0, 0x1, 0x7}, 0x800) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r6) sendmsg$auto_TIPC_NL_NET_SET(r2, &(0x7f00000079c0)={0x0, 0x0, &(0x7f0000007980)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01002cbd7000ffdbdf250f0000000c00078008000200", @ANYRES32, @ANYRES64=r7], 0x20}, 0x1, 0x0, 0x0, 0x44050}, 0x2) sendmsg$auto_TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000000c0), 0xc, 0x0, 0x1, 0x0, 0x0, 0x400d0}, 0x40) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(r4, &(0x7f0000000b40)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x6}, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) close_range$auto(0x2, 0x8, 0x0) 2.384078783s ago: executing program 1 (id=129): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x8ea182, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="42bf", 0x2) mmap$auto(0x0, 0x2020009, 0x40000003, 0xeb1, r0, 0x8000) timer_create$auto(0xfffffffc, 0x0, 0x0) r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) unshare$auto(0x40000080) socket(0xf, 0x3, 0x8) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/fail-nth\x00', 0x20c041, 0x0) write$auto(r2, 0x0, 0x85) madvise$auto(0x9, 0x2003f4, 0x4) close_range$auto(0xffffffffffffffff, 0x8, 0x4) r3 = io_uring_setup$auto(0x7, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_FORWARD(r3, 0x40084149, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x8640, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) preadv$auto(0x3, 0x0, 0x3, 0x2, 0x13) fsconfig$auto(r1, 0x800080, 0x0, 0x0, 0x0) connect$auto(0x3, 0x0, 0x54) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event1\x00', 0x2e49c1, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 2.280219376s ago: executing program 0 (id=130): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000003180), r0) epoll_wait$auto(r0, &(0x7f0000000040)={0xac, 0x9}, 0x6, 0x3) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000003400)={0x0, 0x0, &(0x7f00000033c0)={&(0x7f0000000000)={0x14, r1, 0x301, 0x70bd29, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) read$auto(r0, &(0x7f0000000080)='\x00', 0xff09) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/disksize\x00', 0x2202, 0x0) msgctl$auto_MSG_STAT(0x5, 0xb, &(0x7f0000000140)={{0x5, 0xee01, 0xffffffffffffffff, 0x0, 0x1000, 0x3, 0x6}, &(0x7f00000000c0)=0x6, &(0x7f0000000100)=0x6, 0xe7, 0x9, 0x7, 0xffffffff00000001, 0x6, 0xff, 0x9, 0x6, @raw=0x1}) ioprio_set$auto(0x5, r3, 0x1) write$auto(r2, &(0x7f00000001c0)='7K\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3dec) 2.088629224s ago: executing program 0 (id=131): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) unlink$auto(&(0x7f0000000080)='./cgroup.cpu/cgroup.procs\x00') r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x0, 0x0) read$auto_tomoyo_operations_securityfs_if(r2, &(0x7f0000000040)=""/4099, 0xfd98) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xfc, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00"}, 0x401, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b751, 0x1}, "6cc1142ef6df12bf3373a1183b0000008fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc100"}) ioctl$auto_SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f0000000000)={0x6, 0xb0c, [0x80000001]}) close_range$auto(0x2, 0x8, 0x0) 2.056223236s ago: executing program 3 (id=132): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x18, r1, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 2.007028279s ago: executing program 2 (id=133): socket(0xa, 0x1, 0x83) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) mmap$auto(0xfffffffffffffff9, 0x2000c, 0x2, 0xa818, 0x40000000000a5, 0x5) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket(0x29, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) lseek$auto(r2, 0xffffffffffffbaeb, 0xcd06) sendmsg$auto_ETHTOOL_MSG_EEE_SET(r1, 0x0, 0x4048010) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r5 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r5, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r5, 0x4004743c, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff024}}) write$auto(r5, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_FS_IOC_RESVSP(r0, 0x40305828, 0xc) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r7, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000080)=ANY=[@ANYBLOB="c69ab8df678cb26add00f4fd1a3269cc945cc5", @ANYRES16=r6, @ANYBLOB="01012bbd7000fddbdf250d00000008000300", @ANYRES32=0x0, @ANYBLOB="0c0006000100000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x64004401}, 0x800) write$auto(r4, 0x0, 0x80000000) 1.790447291s ago: executing program 3 (id=134): memfd_secret$auto(0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x1a, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0xfffffffffffffffd, 0x7, 0x10001, 0x9b71, r0, 0xfffffffffffffffc) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x3) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) socket(0x2b, 0x1, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyr0\x00', 0x41, 0x0) ioctl$auto(r2, 0x540a, 0x1) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x500, 0x200007, 0x19) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000000)="4c91f2c388274610e12c861bb2bfd9800e9b394b", 0x14) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8000, 0xe9) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/scsi/sg/debug\x00', 0x2000, 0x0) pread64$auto(r3, 0x0, 0x6, 0x3) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) 1.700543071s ago: executing program 0 (id=135): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) timer_create$auto(0x0, 0x0, 0x0) timer_settime$auto(0x0, 0xffff8000, &(0x7f00000000c0)={{0xfbf5, 0x4}, {0x200000d, 0x4}}, 0x0) timer_gettime$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0) ioctl$auto(0x3, 0xc0585605, r1) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) socket(0x2, 0x4, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r2, 0xc0481273, &(0x7f00000000c0)={"ef65ce6c00cf81000000ffffffffffffff291d000000000700", 0x3ff, 0x408, 0xfff, 0x400004, 0x200000000040000d}) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0x4000df, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) getrandom$auto(0x0, 0xa, 0x3) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) ioctl$auto(r3, 0x4b67, 0x1) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/rxrpc/calls\x00', 0x40280, 0x0) socket(0x1d, 0x2, 0x6) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000810}, 0x6080) 1.604227883s ago: executing program 1 (id=136): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_tk_debug_sleep_time_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x1cc641, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) socket(0x10, 0x2, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r1 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) io_uring_setup$auto(0xf0, &(0x7f0000000180)={0x6, 0x18, 0xd64, 0xc852, 0x6, 0x7, r1, [0x1, 0x401, 0x1000], {0x7, 0x5, 0x1, 0x4, 0x95, 0xf4c, 0x7fff, 0xfffffffb, 0x65f29f6d}, {0x3, 0xadc, 0x10000, 0x0, 0x5, 0xffffffff, 0x1000, 0x54f, 0x5}}) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) r2 = socket(0xa, 0x3, 0xff) connect$auto(r2, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) write$auto_proc_mem_operations_base(0xffffffffffffffff, 0x0, 0x0) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) syz_clone(0x1002000, 0x0, 0x0, 0x0, 0x0, 0x0) futex_wake$auto(0x0, 0x5, 0x4, 0xa) futex_wake$auto(0x0, 0xfffffffffffffff8, 0xfff, 0x7f) 356.724775ms ago: executing program 2 (id=137): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x8003, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) getrlimit$auto(0x3, 0x0) ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r1, 0x4000457b, 0x10000000000402) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r2, 0xc0045002, 0x0) r3 = open(0x0, 0x4603, 0x56) getdents$auto(r3, 0x0, 0x400018) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sr0\x00', 0x80002, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram4\x00', 0x242100, 0x0) ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r5, 0x1261, 0x0) lseek$auto(0x3, 0xffffffffff800002, 0x10) ioctl$auto_BLKFLSBUF(r5, 0x1261, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x84) 123.511314ms ago: executing program 0 (id=138): socket(0xa, 0x1, 0x83) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x4d, 0x0) mmap$auto(0xfffffffffffffff9, 0x2000c, 0x2, 0xa818, 0x40000000000a5, 0x5) r0 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = socket(0x1a, 0x2, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) lseek$auto(r2, 0xffffffffffffbaeb, 0xcd06) sendmsg$auto_ETHTOOL_MSG_EEE_SET(r1, 0x0, 0x4048010) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r4, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r4, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff024}}) write$auto(r4, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_FS_IOC_RESVSP(r0, 0x40305828, 0xc) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r5 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000002c0), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(r6, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000080)=ANY=[@ANYBLOB="c69ab8df678cb26add00f4fd1a3269cc945cc5", @ANYRES16=r5, @ANYBLOB="01012bbd7000fddbdf250d00000008000300", @ANYRES32=0x0, @ANYBLOB="0c0006000100000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x64004401}, 0x800) write$auto(r3, 0x0, 0x80000000) 0s ago: executing program 3 (id=139): socket(0x2, 0x6, 0x8) mmap$auto(0x0, 0x4020009, 0xe3, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x600, 0x7fffffff, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x8001, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/conf/tunl0/disable_policy\x00', 0xd02, 0x0) sendfile$auto(r0, r1, 0x0, 0x800048) setregid$auto(0xffffffffffffffff, 0xfffe) setresgid$auto(0x0, 0x0, 0x0) msgctl$auto_MSG_STAT(0x5, 0xb, &(0x7f00000000c0)={{0xe1, 0xffffffffffffffff, 0x0, 0x903, 0x80000000, 0x53, 0x8}, &(0x7f0000000000)=0x8, &(0x7f0000000080)=0xc0, 0x774, 0xfffffffffffffff9, 0x1, 0x1, 0x75, 0x1000, 0xbb7, 0x3ff, @raw=0x2000, @inferred=0xffffffffffffffff}) keyctl$auto(0x14, r2, r2, r3, 0xa74) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/device_info\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000140)="22edd92f26639ec0023a8686bd579dcf16f50e9bfa20abfa3ae55be8b5f870918621c10d9e916f6fe4fca6d7515871f05cc91f4246f6515662789a97d863c26cfd02b1cf15933b053fbdab9b22b1", 0x4e) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/platform/snd_aloop.0/sound/card1/id\x00', 0x48a22, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000004c0)='B', 0x1) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.241' (ED25519) to the list of known hosts. [ 68.384462][ T5811] cgroup: Unknown subsys name 'net' [ 68.490623][ T5811] cgroup: Unknown subsys name 'cpuset' [ 68.499091][ T5811] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 69.888822][ T5811] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 71.400735][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.407215][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.921247][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 71.929307][ T5836] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 71.937404][ T5836] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 71.938326][ T5837] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 71.946317][ T5836] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 71.961109][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 71.962845][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 71.983304][ T5839] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 71.991108][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 71.999164][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 71.999812][ T5836] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 72.008065][ T5839] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 72.015408][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 72.021371][ T5839] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 72.028317][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 72.035455][ T5839] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 72.042297][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 72.049502][ T5839] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 72.058219][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 72.077541][ T5836] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 72.629945][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 72.641469][ T5822] chnl_net:caif_netlink_parms(): no params data found [ 72.748418][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 72.813493][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 72.910595][ T5822] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.918659][ T5822] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.925916][ T5822] bridge_slave_0: entered allmulticast mode [ 72.933468][ T5822] bridge_slave_0: entered promiscuous mode [ 72.951681][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.958848][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 72.966031][ T5826] bridge_slave_0: entered allmulticast mode [ 72.973285][ T5826] bridge_slave_0: entered promiscuous mode [ 72.994134][ T5822] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.001427][ T5822] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.008753][ T5822] bridge_slave_1: entered allmulticast mode [ 73.015651][ T5822] bridge_slave_1: entered promiscuous mode [ 73.028404][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.035537][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.042987][ T5826] bridge_slave_1: entered allmulticast mode [ 73.050690][ T5826] bridge_slave_1: entered promiscuous mode [ 73.089952][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.115117][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.122488][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.130008][ T5823] bridge_slave_0: entered allmulticast mode [ 73.137022][ T5823] bridge_slave_0: entered promiscuous mode [ 73.147886][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.170899][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.178629][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.185809][ T5823] bridge_slave_1: entered allmulticast mode [ 73.193560][ T5823] bridge_slave_1: entered promiscuous mode [ 73.213305][ T5822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.253244][ T5822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.284358][ T5826] team0: Port device team_slave_0 added [ 73.300636][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.308098][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 73.315250][ T5824] bridge_slave_0: entered allmulticast mode [ 73.322701][ T5824] bridge_slave_0: entered promiscuous mode [ 73.332804][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.344430][ T5826] team0: Port device team_slave_1 added [ 73.360133][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.367644][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.375802][ T5824] bridge_slave_1: entered allmulticast mode [ 73.383209][ T5824] bridge_slave_1: entered promiscuous mode [ 73.392216][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.413876][ T5822] team0: Port device team_slave_0 added [ 73.452557][ T5822] team0: Port device team_slave_1 added [ 73.480634][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.487836][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 73.514017][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.536295][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 73.552583][ T5823] team0: Port device team_slave_0 added [ 73.558880][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.565842][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 73.592225][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.627716][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 73.638890][ T5823] team0: Port device team_slave_1 added [ 73.669832][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.676796][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 73.703250][ T5822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.735628][ T5824] team0: Port device team_slave_0 added [ 73.742030][ T5822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.749182][ T5822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 73.775293][ T5822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.803436][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.810477][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 73.836693][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 73.849660][ T5824] team0: Port device team_slave_1 added [ 73.870156][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 73.877510][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 73.903991][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 73.944643][ T5826] hsr_slave_0: entered promiscuous mode [ 73.951102][ T5826] hsr_slave_1: entered promiscuous mode [ 73.969440][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 73.976584][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 74.003483][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 74.043680][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 74.050892][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 74.077038][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 74.118021][ T5835] Bluetooth: hci0: command tx timeout [ 74.123769][ T5835] Bluetooth: hci2: command tx timeout [ 74.129795][ T5836] Bluetooth: hci1: command tx timeout [ 74.135654][ T5836] Bluetooth: hci3: command tx timeout [ 74.151305][ T5822] hsr_slave_0: entered promiscuous mode [ 74.157887][ T5822] hsr_slave_1: entered promiscuous mode [ 74.163917][ T5822] debugfs: 'hsr0' already exists in 'hsr' [ 74.169922][ T5822] Cannot create hsr debugfs directory [ 74.193899][ T5823] hsr_slave_0: entered promiscuous mode [ 74.200640][ T5823] hsr_slave_1: entered promiscuous mode [ 74.206862][ T5823] debugfs: 'hsr0' already exists in 'hsr' [ 74.213006][ T5823] Cannot create hsr debugfs directory [ 74.304418][ T5824] hsr_slave_0: entered promiscuous mode [ 74.310924][ T5824] hsr_slave_1: entered promiscuous mode [ 74.316914][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 74.322875][ T5824] Cannot create hsr debugfs directory [ 74.681976][ T5826] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 74.694211][ T5826] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 74.712563][ T5826] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 74.729438][ T5826] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 74.782001][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 74.793228][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 74.805245][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 74.824437][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 74.904985][ T5822] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 74.918750][ T5822] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 74.932269][ T5822] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 74.944854][ T5822] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 75.036596][ T5824] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 75.051393][ T5824] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 75.068395][ T5824] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 75.078772][ T5824] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 75.133144][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.189356][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.223344][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.230670][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.263349][ T136] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.270544][ T136] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.292985][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.357803][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.375783][ T5822] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.391739][ T1114] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.398921][ T1114] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.424847][ T5822] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.434865][ T1114] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.442147][ T1114] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.479435][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.495497][ T106] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.502645][ T106] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.534905][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.542107][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.578045][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.632352][ T1161] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.639550][ T1161] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.672187][ T1161] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.679324][ T1161] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.849031][ T5824] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 75.899257][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.005267][ T5826] veth0_vlan: entered promiscuous mode [ 76.042164][ T5826] veth1_vlan: entered promiscuous mode [ 76.132846][ T5826] veth0_macvtap: entered promiscuous mode [ 76.165268][ T5826] veth1_macvtap: entered promiscuous mode [ 76.191469][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.200626][ T5836] Bluetooth: hci3: command tx timeout [ 76.206055][ T5836] Bluetooth: hci2: command tx timeout [ 76.211893][ T5835] Bluetooth: hci0: command tx timeout [ 76.217278][ T5836] Bluetooth: hci1: command tx timeout [ 76.252553][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.279874][ T5822] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 76.292190][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.320512][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.363008][ T136] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.374011][ T136] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.395931][ T136] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.405473][ T136] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.484792][ T5824] veth0_vlan: entered promiscuous mode [ 76.491517][ T5822] veth0_vlan: entered promiscuous mode [ 76.500847][ T5823] veth0_vlan: entered promiscuous mode [ 76.534565][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.546867][ T5822] veth1_vlan: entered promiscuous mode [ 76.554263][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.584998][ T5824] veth1_vlan: entered promiscuous mode [ 76.596436][ T5823] veth1_vlan: entered promiscuous mode [ 76.631488][ T5822] veth0_macvtap: entered promiscuous mode [ 76.649503][ T5822] veth1_macvtap: entered promiscuous mode [ 76.668139][ T106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.675986][ T106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.698170][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.721210][ T5822] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.744198][ T57] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.754241][ T57] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.781221][ T57] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.791785][ T57] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.800069][ T5826] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 76.857196][ T5824] veth0_macvtap: entered promiscuous mode [ 76.881677][ T5823] veth0_macvtap: entered promiscuous mode [ 76.926272][ T5823] veth1_macvtap: entered promiscuous mode [ 76.939045][ T5824] veth1_macvtap: entered promiscuous mode [ 76.968674][ T106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.976560][ T106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.026786][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.063737][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 77.073425][ T106] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.078522][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.090264][ T106] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.105326][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 77.137962][ T106] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.166390][ T5910] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 77.167324][ T106] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.198861][ T106] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.229492][ T106] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.279994][ T106] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.301160][ T106] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.344236][ T106] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.368308][ T106] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 77.538350][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.546206][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.690372][ T136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.707130][ T136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.857672][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 77.890347][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 77.898009][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.994939][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 78.014478][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 78.124369][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 78.277679][ T5835] Bluetooth: hci0: command tx timeout [ 78.283220][ T5835] Bluetooth: hci1: command tx timeout [ 78.289507][ T5145] Bluetooth: hci2: command tx timeout [ 78.289638][ T5836] Bluetooth: hci3: command tx timeout [ 78.539755][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.752844][ T5928] tipc: Started in network mode [ 78.758159][ T5928] tipc: Node identity ffffffff, cluster identity 4711 [ 78.767179][ T5928] tipc: Node number set to 4294967295 [ 78.776721][ T5928] bonding: no command found in bonding_masters - use +ifname or -ifname [ 79.455592][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 79.557338][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 80.357637][ T5839] Bluetooth: hci2: command tx timeout [ 80.363191][ T5839] Bluetooth: hci0: command tx timeout [ 80.369434][ T5839] Bluetooth: hci3: command tx timeout [ 80.374841][ T5836] Bluetooth: hci1: command tx timeout [ 80.581912][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 80.838374][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 80.857444][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 80.949654][ T5961] Zero length message leads to an empty skb [ 81.401111][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 81.758211][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 82.330390][ T5981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16'. [ 82.450185][ T5983] zram0: detected capacity change from 0 to 16 [ 82.475428][ T5987] bond0: no command found in slaves file - use +ifname or -ifname [ 83.305514][ T6004] FAULT_INJECTION: forcing a failure. [ 83.305514][ T6004] name failslab, interval 1, probability 0, space 0, times 1 [ 83.328829][ T6004] CPU: 1 UID: 0 PID: 6004 Comm: syz.3.19 Not tainted syzkaller #0 PREEMPT(full) [ 83.328867][ T6004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 83.328891][ T6004] Call Trace: [ 83.328900][ T6004] [ 83.328910][ T6004] dump_stack_lvl+0x100/0x190 [ 83.328966][ T6004] should_fail_ex.cold+0x5/0xa [ 83.328997][ T6004] should_failslab+0xc2/0x120 [ 83.329025][ T6004] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 83.329067][ T6004] ? kstrdup_const+0x63/0x80 [ 83.329100][ T6004] kstrdup+0x51/0xe0 [ 83.329137][ T6004] kstrdup_const+0x63/0x80 [ 83.329161][ T6004] __kernfs_new_node+0x9b/0x960 [ 83.329197][ T6004] ? path_openat+0x208c/0x31a0 [ 83.329222][ T6004] ? do_file_open+0x20e/0x430 [ 83.329249][ T6004] ? __bfs+0x150/0x2a0 [ 83.329276][ T6004] ? __pfx___kernfs_new_node+0x10/0x10 [ 83.329322][ T6004] ? find_held_lock+0x2b/0x80 [ 83.329346][ T6004] ? kernfs_root+0xee/0x2a0 [ 83.329380][ T6004] ? kernfs_root+0xee/0x2a0 [ 83.329424][ T6004] kernfs_new_node+0x11b/0x1a0 [ 83.329470][ T6004] kernfs_create_dir_ns+0x4c/0x1a0 [ 83.329499][ T6004] sysfs_create_dir_ns+0x13a/0x2b0 [ 83.329535][ T6004] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 83.329569][ T6004] ? find_held_lock+0x2b/0x80 [ 83.329593][ T6004] ? kobject_add_internal+0x25f/0x930 [ 83.329634][ T6004] ? kobject_add_internal+0x25f/0x930 [ 83.329678][ T6004] ? do_raw_spin_unlock+0x145/0x1e0 [ 83.329718][ T6004] kobject_add_internal+0x2c8/0x930 [ 83.329769][ T6004] kobject_init_and_add+0x121/0x180 [ 83.329797][ T6004] ? __pfx_kobject_init_and_add+0x10/0x10 [ 83.329823][ T6004] ? kernfs_remove_by_name_ns+0xb9/0xf0 [ 83.329858][ T6004] ? up_write+0x290/0x4f0 [ 83.329903][ T6004] sysfs_slab_add+0x18f/0x1f0 [ 83.329932][ T6004] do_kmem_cache_create+0x472/0x540 [ 83.329973][ T6004] __kmem_cache_create_args+0x386/0x420 [ 83.330017][ T6004] mon_text_open+0x333/0x510 [ 83.330045][ T6004] ? __pfx_mon_text_open+0x10/0x10 [ 83.330074][ T6004] ? __pfx_mon_text_ctor+0x10/0x10 [ 83.330098][ T6004] ? find_held_lock+0x2b/0x80 [ 83.330124][ T6004] ? __pfx_apparmor_file_open+0x10/0x10 [ 83.330164][ T6004] ? lockdown_is_locked_down+0x3d/0x140 [ 83.330202][ T6004] ? bpf_lsm_locked_down+0x9/0x10 [ 83.330234][ T6004] ? __pfx_mon_text_open+0x10/0x10 [ 83.330257][ T6004] full_proxy_open_regular+0x1b6/0x370 [ 83.330299][ T6004] do_dentry_open+0x6d8/0x1660 [ 83.330326][ T6004] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 83.330374][ T6004] vfs_open+0x82/0x3f0 [ 83.330411][ T6004] path_openat+0x208c/0x31a0 [ 83.330452][ T6004] ? __pfx_path_openat+0x10/0x10 [ 83.330493][ T6004] do_file_open+0x20e/0x430 [ 83.330523][ T6004] ? __pfx_do_file_open+0x10/0x10 [ 83.330578][ T6004] ? alloc_fd+0x476/0x790 [ 83.330608][ T6004] ? do_getname+0x191/0x390 [ 83.330640][ T6004] do_sys_openat2+0x10d/0x1e0 [ 83.330670][ T6004] ? __pfx_do_sys_openat2+0x10/0x10 [ 83.330702][ T6004] ? __sys_sendmsg+0x18f/0x220 [ 83.330742][ T6004] __x64_sys_openat+0x12d/0x210 [ 83.330775][ T6004] ? __pfx___x64_sys_openat+0x10/0x10 [ 83.330821][ T6004] do_syscall_64+0x106/0xf80 [ 83.330852][ T6004] ? clear_bhb_loop+0x40/0x90 [ 83.330886][ T6004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.330914][ T6004] RIP: 0033:0x7fd32719c799 [ 83.330949][ T6004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 83.330986][ T6004] RSP: 002b:00007fd3280d7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 83.331011][ T6004] RAX: ffffffffffffffda RBX: 00007fd327415fa0 RCX: 00007fd32719c799 [ 83.331030][ T6004] RDX: 0000000000022202 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 83.331048][ T6004] RBP: 00007fd327232c99 R08: 0000000000000000 R09: 0000000000000000 [ 83.331064][ T6004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 83.331079][ T6004] R13: 00007fd327416038 R14: 00007fd327415fa0 R15: 00007ffed93e0328 [ 83.331117][ T6004] [ 83.730279][ T6004] kobject: kobject_add_internal failed for mon_text_ffff888034116000 (error: -12 parent: slab) [ 83.740789][ T6004] SLUB: Unable to add cache mon_text_ffff888034116000 to sysfs [ 85.658316][ T6036] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 86.487115][ T5836] Bluetooth: hci3: unexpected subevent 0x03 length: 253 > 9 [ 86.763608][ T796] cfg80211: failed to load regulatory.db [ 87.321884][ T6063] zswap: compressor not available [ 88.678776][ T5836] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 89.436341][ T6095] FAULT_INJECTION: forcing a failure. [ 89.436341][ T6095] name failslab, interval 1, probability 0, space 0, times 0 [ 89.453626][ T6095] CPU: 1 UID: 0 PID: 6095 Comm: syz.3.37 Not tainted syzkaller #0 PREEMPT(full) [ 89.453661][ T6095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 89.453676][ T6095] Call Trace: [ 89.453684][ T6095] [ 89.453694][ T6095] dump_stack_lvl+0x100/0x190 [ 89.453738][ T6095] should_fail_ex.cold+0x5/0xa [ 89.453767][ T6095] should_failslab+0xc2/0x120 [ 89.453792][ T6095] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 89.453828][ T6095] ? kvasprintf_const+0x66/0x1a0 [ 89.453867][ T6095] kvasprintf+0xbc/0x150 [ 89.453898][ T6095] ? __pfx_kvasprintf+0x10/0x10 [ 89.453932][ T6095] ? find_held_lock+0x2b/0x80 [ 89.453955][ T6095] ? rcu_read_unlock+0x17/0x60 [ 89.453982][ T6095] ? rcu_read_unlock+0x17/0x60 [ 89.454015][ T6095] kvasprintf_const+0x66/0x1a0 [ 89.454051][ T6095] kobject_set_name_vargs+0x5a/0x140 [ 89.454079][ T6095] dev_set_name+0xc7/0x100 [ 89.454112][ T6095] ? __pfx_dev_set_name+0x10/0x10 [ 89.454146][ T6095] ? trace_kmalloc+0x101/0x130 [ 89.454168][ T6095] ? __kmalloc_large_node_noprof+0x5d/0x70 [ 89.454199][ T6095] ? __kmalloc_noprof+0x320/0x850 [ 89.454241][ T6095] wiphy_new_nm+0x811/0x21a0 [ 89.454280][ T6095] ? __pfx_mac80211_hwsim_remove_chanctx+0x10/0x10 [ 89.454317][ T6095] ? __pfx_mac80211_hwsim_add_chanctx+0x10/0x10 [ 89.454349][ T6095] ? __pfx_mac80211_hwsim_change_chanctx+0x10/0x10 [ 89.454384][ T6095] ieee80211_alloc_hw_nm+0x45d/0x22a0 [ 89.454426][ T6095] ? __local_bh_enable_ip+0x9e/0x120 [ 89.454469][ T6095] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 89.454526][ T6095] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 89.454571][ T6095] ? __nla_validate_parse+0x1e7/0x28b0 [ 89.454609][ T6095] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 89.454659][ T6095] hwsim_new_radio_nl+0xc1f/0x1340 [ 89.454702][ T6095] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 89.454753][ T6095] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 89.454785][ T6095] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 89.454825][ T6095] genl_family_rcv_msg_doit+0x214/0x300 [ 89.454859][ T6095] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 89.454887][ T6095] ? genl_get_cmd+0x3ef/0x720 [ 89.454923][ T6095] ? bpf_lsm_capable+0x9/0x10 [ 89.454949][ T6095] ? security_capable+0x80/0x260 [ 89.454986][ T6095] ? ns_capable+0xd2/0xf0 [ 89.455016][ T6095] genl_rcv_msg+0x560/0x800 [ 89.455047][ T6095] ? __pfx_genl_rcv_msg+0x10/0x10 [ 89.455075][ T6095] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 89.455129][ T6095] netlink_rcv_skb+0x159/0x420 [ 89.455168][ T6095] ? __pfx_genl_rcv_msg+0x10/0x10 [ 89.455197][ T6095] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 89.455251][ T6095] ? netlink_deliver_tap+0x1ae/0xcc0 [ 89.455293][ T6095] genl_rcv+0x28/0x40 [ 89.455315][ T6095] netlink_unicast+0x5aa/0x870 [ 89.455359][ T6095] ? __pfx_netlink_unicast+0x10/0x10 [ 89.455413][ T6095] netlink_sendmsg+0x8b0/0xda0 [ 89.455472][ T6095] ? __pfx_netlink_sendmsg+0x10/0x10 [ 89.455511][ T6095] ? __import_iovec+0x1d2/0x640 [ 89.455546][ T6095] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 89.455591][ T6095] ____sys_sendmsg+0x9e1/0xb70 [ 89.455617][ T6095] ? __pfx_netlink_sendmsg+0x10/0x10 [ 89.455660][ T6095] ? __pfx_____sys_sendmsg+0x10/0x10 [ 89.455695][ T6095] ? __pfx_futex_wake_mark+0x10/0x10 [ 89.455741][ T6095] ___sys_sendmsg+0x190/0x1e0 [ 89.455773][ T6095] ? __pfx____sys_sendmsg+0x10/0x10 [ 89.455847][ T6095] __sys_sendmsg+0x170/0x220 [ 89.455884][ T6095] ? __pfx___sys_sendmsg+0x10/0x10 [ 89.455920][ T6095] ? __x64_sys_futex+0x34f/0x4d0 [ 89.455973][ T6095] do_syscall_64+0x106/0xf80 [ 89.456009][ T6095] ? clear_bhb_loop+0x40/0x90 [ 89.456042][ T6095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.456069][ T6095] RIP: 0033:0x7fd32719c799 [ 89.456091][ T6095] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 89.456117][ T6095] RSP: 002b:00007fd3280d7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 89.456142][ T6095] RAX: ffffffffffffffda RBX: 00007fd327415fa0 RCX: 00007fd32719c799 [ 89.456160][ T6095] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000009 [ 89.456177][ T6095] RBP: 00007fd327232c99 R08: 0000000000000000 R09: 0000000000000000 [ 89.456193][ T6095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.456209][ T6095] R13: 00007fd327416038 R14: 00007fd327415fa0 R15: 00007ffed93e0328 [ 89.456246][ T6095] [ 89.498435][ T6095] nbd: must specify a size in bytes for the device [ 90.387318][ T6103] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 91.442261][ T6110] hub 1-0:1.0: USB hub found [ 91.469777][ T6110] hub 1-0:1.0: 1 port detected [ 91.822122][ T30] audit: type=1326 audit(1773633183.017:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6117 comm="syz.0.42" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb2d179c799 code=0x0 [ 92.353339][ T6128] zswap: compressor G not available [ 93.201495][ T6149] netlink: 'syz.2.47': attribute type 10 has an invalid length. [ 93.218926][ T6149] netlink: 330 bytes leftover after parsing attributes in process `syz.2.47'. [ 93.937005][ T5828] Process accounting resumed [ 94.667454][ T6159] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 95.187469][ T30] audit: type=1800 audit(1773633186.376:3): pid=6181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.52" name="dbroot" dev="configfs" ino=9554 res=0 errno=0 Ijn9_UVQ8j@[ 97.248863][ T6213] netlink: 8 bytes leftover after parsing attributes in process `syz.0.59'. [ 98.611703][ T6230] netlink: 'syz.3.62': attribute type 11 has an invalid length. [ 98.630644][ T6230] netlink: 'syz.3.62': attribute type 11 has an invalid length. [ 98.678385][ T6230] netlink: 'syz.3.62': attribute type 11 has an invalid length. [ 98.687707][ T6230] netlink: 'syz.3.62': attribute type 11 has an invalid length. [ 98.850539][ T6237] zram: Cannot change disksize for initialized device [ 99.575243][ T6234] futex_wake_op: syz.3.62 tries to shift op by -2048; fix this program [ 99.598156][ T6234] futex_wake_op: syz.3.62 tries to shift op by -2048; fix this program [ 99.662358][ T6251] Dead loop on virtual device ip6_vti0, fix it urgently! [ 99.694081][ T6251] Dead loop on virtual device ip6_vti0, fix it urgently! [ 99.712169][ T6251] Dead loop on virtual device ip6_vti0, fix it urgently! [ 99.725541][ T6251] Dead loop on virtual device ip6_vti0, fix it urgently! [ 99.742075][ T6251] Dead loop on virtual device ip6_vti0, fix it urgently! [ 99.772060][ T6251] Dead loop on virtual device ip6_vti0, fix it urgently! [ 99.779788][ T6251] Dead loop on virtual device ip6_vti0, fix it urgently! [ 100.646839][ T6266] tipc: Started in network mode [ 100.651732][ T6266] tipc: Node identity ffffffff, cluster identity 4711 [ 100.701212][ T6266] tipc: Node number set to 4294967295 [ 101.763950][ T6285] tipc: Started in network mode [ 101.769065][ T6285] tipc: Node identity ffffffff, cluster identity 4711 [ 101.776463][ T6285] tipc: Node number set to 4294967295 [ 102.221732][ T6302] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 102.313029][ T6302] CIFS mount error: No usable UNC path provided in device string! [ 102.313029][ T6302] [ 102.348386][ T6302] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 102.651934][ T6312] zram0: detected capacity change from 16 to 0 [ 102.700158][ T6312] zram: Removed device: zram0 [ 103.919523][ T6325] syz.3.81 (6325): /proc/6324/oom_adj is deprecated, please use /proc/6324/oom_score_adj instead. [ 104.830254][ T6346] FAULT_INJECTION: forcing a failure. [ 104.830254][ T6346] name failslab, interval 1, probability 0, space 0, times 0 [ 104.843173][ T6346] CPU: 0 UID: 0 PID: 6346 Comm: syz.3.88 Not tainted syzkaller #0 PREEMPT(full) [ 104.843211][ T6346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 104.843226][ T6346] Call Trace: [ 104.843234][ T6346] [ 104.843243][ T6346] dump_stack_lvl+0x100/0x190 [ 104.843284][ T6346] should_fail_ex.cold+0x5/0xa [ 104.843312][ T6346] should_failslab+0xc2/0x120 [ 104.843337][ T6346] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 104.843375][ T6346] ? kasprintf+0xc7/0x100 [ 104.843410][ T6346] kvasprintf+0xbc/0x150 [ 104.843437][ T6346] ? __pfx_kvasprintf+0x10/0x10 [ 104.843466][ T6346] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 104.843496][ T6346] ? lockdep_hardirqs_on+0x78/0x100 [ 104.843527][ T6346] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 104.843560][ T6346] kasprintf+0xc7/0x100 [ 104.843588][ T6346] ? __pfx_kasprintf+0x10/0x10 [ 104.843632][ T6346] ieee80211_alloc_led_names+0x1b0/0x420 [ 104.843674][ T6346] ieee80211_alloc_hw_nm+0x1934/0x22a0 [ 104.843715][ T6346] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 104.843767][ T6346] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 104.843807][ T6346] ? __nla_validate_parse+0x1e7/0x28b0 [ 104.843843][ T6346] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 104.843894][ T6346] hwsim_new_radio_nl+0xc1f/0x1340 [ 104.843938][ T6346] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 104.843985][ T6346] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 104.844012][ T6346] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 104.844054][ T6346] genl_family_rcv_msg_doit+0x214/0x300 [ 104.844084][ T6346] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 104.844109][ T6346] ? genl_get_cmd+0x3ef/0x720 [ 104.844139][ T6346] ? bpf_lsm_capable+0x9/0x10 [ 104.844163][ T6346] ? security_capable+0x80/0x260 [ 104.844198][ T6346] ? ns_capable+0xd2/0xf0 [ 104.844223][ T6346] genl_rcv_msg+0x560/0x800 [ 104.844251][ T6346] ? __pfx_genl_rcv_msg+0x10/0x10 [ 104.844275][ T6346] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 104.844330][ T6346] netlink_rcv_skb+0x159/0x420 [ 104.844364][ T6346] ? __pfx_genl_rcv_msg+0x10/0x10 [ 104.844391][ T6346] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 104.844440][ T6346] ? netlink_deliver_tap+0x1ae/0xcc0 [ 104.844478][ T6346] genl_rcv+0x28/0x40 [ 104.844498][ T6346] netlink_unicast+0x5aa/0x870 [ 104.844537][ T6346] ? __pfx_netlink_unicast+0x10/0x10 [ 104.844583][ T6346] netlink_sendmsg+0x8b0/0xda0 [ 104.844623][ T6346] ? __pfx_netlink_sendmsg+0x10/0x10 [ 104.844655][ T6346] ? __import_iovec+0x1d2/0x640 [ 104.844685][ T6346] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 104.844726][ T6346] ____sys_sendmsg+0x9e1/0xb70 [ 104.844749][ T6346] ? __pfx_netlink_sendmsg+0x10/0x10 [ 104.844785][ T6346] ? __pfx_____sys_sendmsg+0x10/0x10 [ 104.844814][ T6346] ? try_to_wake_up+0x644/0x1a80 [ 104.844844][ T6346] ___sys_sendmsg+0x190/0x1e0 [ 104.844872][ T6346] ? __pfx____sys_sendmsg+0x10/0x10 [ 104.844897][ T6346] ? futex_private_hash_put+0x107/0x1c0 [ 104.844961][ T6346] __sys_sendmsg+0x170/0x220 [ 104.844993][ T6346] ? __pfx___sys_sendmsg+0x10/0x10 [ 104.845025][ T6346] ? __x64_sys_futex+0x34f/0x4d0 [ 104.845079][ T6346] do_syscall_64+0x106/0xf80 [ 104.845111][ T6346] ? clear_bhb_loop+0x40/0x90 [ 104.845140][ T6346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.845163][ T6346] RIP: 0033:0x7fd32719c799 [ 104.845183][ T6346] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 104.845206][ T6346] RSP: 002b:00007fd3280d7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 104.845229][ T6346] RAX: ffffffffffffffda RBX: 00007fd327415fa0 RCX: 00007fd32719c799 [ 104.845245][ T6346] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000009 [ 104.845260][ T6346] RBP: 00007fd327232c99 R08: 0000000000000000 R09: 0000000000000000 [ 104.845275][ T6346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 104.845290][ T6346] R13: 00007fd327416038 R14: 00007fd327415fa0 R15: 00007ffed93e0328 [ 104.845322][ T6346] [ 106.659278][ T6372] netlink: 28 bytes leftover after parsing attributes in process `syz.0.93'. [ 111.348145][ T6420] netlink: 4 bytes leftover after parsing attributes in process `syz.2.102'. [ 112.789734][ T6448] mmap: syz.3.107 (6448) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 112.848916][ T6450] syz.3.107 uses obsolete (PF_INET,SOCK_PACKET) [ 115.151112][ T30] audit: type=1807 audit(1773633206.336:4): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 115.151886][ T30] audit: type=1802 audit(1773633206.336:5): pid=6494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.114" res=0 errno=0 [ 115.152906][ T6494] ima: policy update failed [ 115.153057][ T30] audit: type=1802 audit(1773633206.336:6): pid=6494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.114" res=0 errno=0 [ 115.392647][ T6489] netlink: 32 bytes leftover after parsing attributes in process `syz.3.113'. [ 116.194088][ T6507] sg_write: data in/out 262169/4198358 bytes for SCSI command 0x0-- guessing data in; [ 116.194088][ T6507] program syz.0.116 not setting count and/or reply_len properly [ 117.324518][ T6523] FAULT_INJECTION: forcing a failure. [ 117.324518][ T6523] name failslab, interval 1, probability 0, space 0, times 0 [ 117.412411][ T6523] CPU: 0 UID: 0 PID: 6523 Comm: syz.1.117 Not tainted syzkaller #0 PREEMPT(full) [ 117.412433][ T6523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 117.412442][ T6523] Call Trace: [ 117.412447][ T6523] [ 117.412453][ T6523] dump_stack_lvl+0x100/0x190 [ 117.412480][ T6523] should_fail_ex.cold+0x5/0xa [ 117.412497][ T6523] should_failslab+0xc2/0x120 [ 117.412512][ T6523] __kvmalloc_node_noprof+0xfa/0xa00 [ 117.412533][ T6523] ? bucket_table_alloc.isra.0+0x88/0x460 [ 117.412560][ T6523] bucket_table_alloc.isra.0+0x88/0x460 [ 117.412584][ T6523] rhashtable_init_noprof+0x43b/0x7d0 [ 117.412597][ T6523] ? __init_waitqueue_head+0xca/0x150 [ 117.412621][ T6523] rhltable_init_noprof+0x20/0x60 [ 117.412642][ T6523] sta_info_init+0x27/0x160 [ 117.412662][ T6523] ieee80211_alloc_hw_nm+0x836/0x22a0 [ 117.412684][ T6523] ? __local_bh_enable_ip+0x9e/0x120 [ 117.412703][ T6523] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 117.412733][ T6523] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 117.412757][ T6523] ? __nla_validate_parse+0x1e7/0x28b0 [ 117.412778][ T6523] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 117.412805][ T6523] hwsim_new_radio_nl+0xc1f/0x1340 [ 117.412828][ T6523] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 117.412857][ T6523] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 117.412873][ T6523] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 117.412892][ T6523] genl_family_rcv_msg_doit+0x214/0x300 [ 117.412909][ T6523] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 117.412923][ T6523] ? genl_get_cmd+0x3ef/0x720 [ 117.412945][ T6523] ? bpf_lsm_capable+0x9/0x10 [ 117.412963][ T6523] ? security_capable+0x80/0x260 [ 117.412989][ T6523] ? ns_capable+0xd2/0xf0 [ 117.413004][ T6523] genl_rcv_msg+0x560/0x800 [ 117.413021][ T6523] ? __pfx_genl_rcv_msg+0x10/0x10 [ 117.413035][ T6523] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 117.413063][ T6523] netlink_rcv_skb+0x159/0x420 [ 117.413083][ T6523] ? __pfx_genl_rcv_msg+0x10/0x10 [ 117.413098][ T6523] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 117.413126][ T6523] ? netlink_deliver_tap+0x1ae/0xcc0 [ 117.413152][ T6523] genl_rcv+0x28/0x40 [ 117.413163][ T6523] netlink_unicast+0x5aa/0x870 [ 117.413187][ T6523] ? __pfx_netlink_unicast+0x10/0x10 [ 117.413214][ T6523] netlink_sendmsg+0x8b0/0xda0 [ 117.413238][ T6523] ? __pfx_netlink_sendmsg+0x10/0x10 [ 117.413257][ T6523] ? __import_iovec+0x1d2/0x640 [ 117.413274][ T6523] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 117.413298][ T6523] ____sys_sendmsg+0x9e1/0xb70 [ 117.413312][ T6523] ? __pfx_netlink_sendmsg+0x10/0x10 [ 117.413334][ T6523] ? __pfx_____sys_sendmsg+0x10/0x10 [ 117.413352][ T6523] ? __pfx_futex_wake_mark+0x10/0x10 [ 117.413376][ T6523] ___sys_sendmsg+0x190/0x1e0 [ 117.413393][ T6523] ? __pfx____sys_sendmsg+0x10/0x10 [ 117.413430][ T6523] __sys_sendmsg+0x170/0x220 [ 117.413453][ T6523] ? __pfx___sys_sendmsg+0x10/0x10 [ 117.413472][ T6523] ? __x64_sys_futex+0x34f/0x4d0 [ 117.413501][ T6523] do_syscall_64+0x106/0xf80 [ 117.413521][ T6523] ? clear_bhb_loop+0x40/0x90 [ 117.413538][ T6523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.413553][ T6523] RIP: 0033:0x7f48c119c799 [ 117.413566][ T6523] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 117.413580][ T6523] RSP: 002b:00007f48c20b4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 117.413594][ T6523] RAX: ffffffffffffffda RBX: 00007f48c1416090 RCX: 00007f48c119c799 [ 117.413604][ T6523] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000009 [ 117.413613][ T6523] RBP: 00007f48c1232c99 R08: 0000000000000000 R09: 0000000000000000 [ 117.413621][ T6523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 117.413635][ T6523] R13: 00007f48c1416128 R14: 00007f48c1416090 R15: 00007ffe5943d7e8 [ 117.413654][ T6523] [ 119.211694][ T6542] binder: 6540:6542 ioctl c018620c 200000000040 returned -22 [ 119.393772][ T6539] FAULT_INJECTION: forcing a failure. [ 119.393772][ T6539] name failslab, interval 1, probability 0, space 0, times 0 [ 119.428609][ T6539] CPU: 1 UID: 0 PID: 6539 Comm: syz.0.124 Not tainted syzkaller #0 PREEMPT(full) [ 119.428645][ T6539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 119.428659][ T6539] Call Trace: [ 119.428667][ T6539] [ 119.428676][ T6539] dump_stack_lvl+0x100/0x190 [ 119.428736][ T6539] should_fail_ex.cold+0x5/0xa [ 119.428766][ T6539] should_failslab+0xc2/0x120 [ 119.428794][ T6539] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 119.428836][ T6539] ? kasprintf+0xc7/0x100 [ 119.428872][ T6539] kvasprintf+0xbc/0x150 [ 119.428900][ T6539] ? __pfx_kvasprintf+0x10/0x10 [ 119.428933][ T6539] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 119.428968][ T6539] ? lockdep_hardirqs_on+0x78/0x100 [ 119.429001][ T6539] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 119.429036][ T6539] kasprintf+0xc7/0x100 [ 119.429064][ T6539] ? __pfx_kasprintf+0x10/0x10 [ 119.429110][ T6539] ieee80211_alloc_led_names+0x11b/0x420 [ 119.429153][ T6539] ieee80211_alloc_hw_nm+0x1934/0x22a0 [ 119.429189][ T6539] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 119.429220][ T6539] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 119.429245][ T6539] ? __nla_validate_parse+0x1e7/0x28b0 [ 119.429266][ T6539] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 119.429293][ T6539] hwsim_new_radio_nl+0xc1f/0x1340 [ 119.429316][ T6539] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 119.429343][ T6539] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 119.429359][ T6539] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 119.429390][ T6539] genl_family_rcv_msg_doit+0x214/0x300 [ 119.429408][ T6539] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 119.429423][ T6539] ? genl_get_cmd+0x3ef/0x720 [ 119.429441][ T6539] ? bpf_lsm_capable+0x9/0x10 [ 119.429455][ T6539] ? security_capable+0x80/0x260 [ 119.429476][ T6539] ? ns_capable+0xd2/0xf0 [ 119.429491][ T6539] genl_rcv_msg+0x560/0x800 [ 119.429508][ T6539] ? __pfx_genl_rcv_msg+0x10/0x10 [ 119.429522][ T6539] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 119.429550][ T6539] netlink_rcv_skb+0x159/0x420 [ 119.429571][ T6539] ? __pfx_genl_rcv_msg+0x10/0x10 [ 119.429586][ T6539] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 119.429614][ T6539] ? netlink_deliver_tap+0x1ae/0xcc0 [ 119.429636][ T6539] genl_rcv+0x28/0x40 [ 119.429647][ T6539] netlink_unicast+0x5aa/0x870 [ 119.429671][ T6539] ? __pfx_netlink_unicast+0x10/0x10 [ 119.429698][ T6539] netlink_sendmsg+0x8b0/0xda0 [ 119.429722][ T6539] ? __pfx_netlink_sendmsg+0x10/0x10 [ 119.429741][ T6539] ? __import_iovec+0x1d2/0x640 [ 119.429759][ T6539] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 119.429783][ T6539] ____sys_sendmsg+0x9e1/0xb70 [ 119.429796][ T6539] ? __pfx_netlink_sendmsg+0x10/0x10 [ 119.429818][ T6539] ? __pfx_____sys_sendmsg+0x10/0x10 [ 119.429836][ T6539] ? __pfx_futex_wake_mark+0x10/0x10 [ 119.429860][ T6539] ___sys_sendmsg+0x190/0x1e0 [ 119.429880][ T6539] ? __pfx____sys_sendmsg+0x10/0x10 [ 119.429918][ T6539] __sys_sendmsg+0x170/0x220 [ 119.429939][ T6539] ? __pfx___sys_sendmsg+0x10/0x10 [ 119.429958][ T6539] ? __x64_sys_futex+0x34f/0x4d0 [ 119.429986][ T6539] do_syscall_64+0x106/0xf80 [ 119.430005][ T6539] ? clear_bhb_loop+0x40/0x90 [ 119.430022][ T6539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.430036][ T6539] RIP: 0033:0x7fb2d179c799 [ 119.430057][ T6539] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 119.430072][ T6539] RSP: 002b:00007fb2d269b028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 119.430086][ T6539] RAX: ffffffffffffffda RBX: 00007fb2d1a15fa0 RCX: 00007fb2d179c799 [ 119.430096][ T6539] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000009 [ 119.430105][ T6539] RBP: 00007fb2d1832c99 R08: 0000000000000000 R09: 0000000000000000 [ 119.430113][ T6539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.430121][ T6539] R13: 00007fb2d1a16038 R14: 00007fb2d1a15fa0 R15: 00007ffc76f3f258 [ 119.430141][ T6539] [ 120.901045][ T6573] syz.2.133 (6573) used obsolete PPPIOCDETACH ioctl [ 122.405982][ T6595] Console: switching to colour VGA+ 80x25 [ 122.505597][ T6593] ================================================================== [ 122.505622][ T6593] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60 [ 122.505661][ T6593] Read of size 26 at addr ffff88807c783cea by task syz.2.137/6593 [ 122.505685][ T6593] [ 122.505697][ T6593] CPU: 0 UID: 0 PID: 6593 Comm: syz.2.137 Not tainted syzkaller #0 PREEMPT(full) [ 122.505729][ T6593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 122.505745][ T6593] Call Trace: [ 122.505754][ T6593] [ 122.505762][ T6593] dump_stack_lvl+0x100/0x190 [ 122.505797][ T6593] print_report+0x156/0x4c9 [ 122.505832][ T6593] ? __virt_addr_valid+0x81/0x620 [ 122.505862][ T6593] ? __phys_addr+0xe8/0x180 [ 122.505895][ T6593] ? fbcon_prepare_logo+0x94e/0xc60 [ 122.505922][ T6593] kasan_report+0xdf/0x1e0 [ 122.505947][ T6593] ? fbcon_prepare_logo+0x94e/0xc60 [ 122.505976][ T6593] kasan_check_range+0x10f/0x1e0 [ 122.506003][ T6593] __asan_memcpy+0x23/0x60 [ 122.506037][ T6593] fbcon_prepare_logo+0x94e/0xc60 [ 122.506069][ T6593] fbcon_init+0x10a0/0x1820 [ 122.506100][ T6593] visual_init+0x320/0x620 [ 122.506130][ T6593] do_bind_con_driver.isra.0+0x636/0x9c0 [ 122.506178][ T6593] store_bind+0x609/0x730 [ 122.506225][ T6593] ? __pfx_store_bind+0x10/0x10 [ 122.506257][ T6593] dev_attr_store+0x58/0x80 [ 122.506286][ T6593] ? __pfx_dev_attr_store+0x10/0x10 [ 122.506316][ T6593] sysfs_kf_write+0xf2/0x150 [ 122.506348][ T6593] kernfs_fop_write_iter+0x3e0/0x5f0 [ 122.506375][ T6593] ? __pfx_sysfs_kf_write+0x10/0x10 [ 122.506408][ T6593] vfs_write+0x6ac/0x1070 [ 122.506432][ T6593] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 122.506461][ T6593] ? __pfx_vfs_write+0x10/0x10 [ 122.506512][ T6593] ksys_write+0x12a/0x250 [ 122.506535][ T6593] ? __pfx_ksys_write+0x10/0x10 [ 122.506564][ T6593] do_syscall_64+0x106/0xf80 [ 122.506600][ T6593] ? clear_bhb_loop+0x40/0x90 [ 122.506630][ T6593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.506657][ T6593] RIP: 0033:0x7fd67079c799 [ 122.506680][ T6593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 122.506705][ T6593] RSP: 002b:00007fd67168a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 122.506732][ T6593] RAX: ffffffffffffffda RBX: 00007fd670a15fa0 RCX: 00007fd67079c799 [ 122.506751][ T6593] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 122.506769][ T6593] RBP: 00007fd670832c99 R08: 0000000000000000 R09: 0000000000000000 [ 122.506786][ T6593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.506803][ T6593] R13: 00007fd670a16038 R14: 00007fd670a15fa0 R15: 00007ffd239c5098 [ 122.506831][ T6593] [ 122.506841][ T6593] [ 122.506848][ T6593] Allocated by task 6583: [ 122.506870][ T6593] kasan_save_stack+0x30/0x50 [ 122.506910][ T6593] kasan_save_track+0x14/0x30 [ 122.506947][ T6593] __kasan_kmalloc+0xaa/0xb0 [ 122.506984][ T6593] afs_net_init+0x6e7/0xb00 [ 122.507019][ T6593] ops_init+0x1e2/0x5f0 [ 122.507053][ T6593] setup_net+0x118/0x3a0 [ 122.507087][ T6593] copy_net_ns+0x46f/0x7c0 [ 122.507108][ T6593] create_new_namespaces+0x3ea/0xac0 [ 122.507134][ T6593] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 122.507161][ T6593] ksys_unshare+0x473/0xad0 [ 122.507198][ T6593] __x64_sys_unshare+0x31/0x40 [ 122.507228][ T6593] do_syscall_64+0x106/0xf80 [ 122.507261][ T6593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.507287][ T6593] [ 122.507293][ T6593] The buggy address belongs to the object at ffff88807c783c00 [ 122.507293][ T6593] which belongs to the cache kmalloc-192 of size 192 [ 122.507314][ T6593] The buggy address is located 98 bytes to the right of [ 122.507314][ T6593] allocated 136-byte region [ffff88807c783c00, ffff88807c783c88) [ 122.507342][ T6593] [ 122.507348][ T6593] The buggy address belongs to the physical page: [ 122.507360][ T6593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7c783 [ 122.507388][ T6593] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 122.507410][ T6593] page_type: f5(slab) [ 122.507434][ T6593] raw: 00fff00000000000 ffff88813fe3c3c0 dead000000000100 dead000000000122 [ 122.507462][ T6593] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000 [ 122.507477][ T6593] page dumped because: kasan: bad access detected [ 122.507498][ T6593] page_owner tracks the page as allocated [ 122.507507][ T6593] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5996, tgid 5995 (syz.1.18), ts 84160163791, free_ts 83997680510 [ 122.507552][ T6593] post_alloc_hook+0x153/0x170 [ 122.507585][ T6593] get_page_from_freelist+0x111d/0x3140 [ 122.507621][ T6593] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 122.507657][ T6593] new_slab+0xa6/0x6b0 [ 122.507686][ T6593] refill_objects+0x26b/0x400 [ 122.507717][ T6593] __pcs_replace_empty_main+0x1ab/0x660 [ 122.507752][ T6593] __kmalloc_noprof+0x688/0x850 [ 122.507786][ T6593] __register_sysctl_table+0xbe4/0x1650 [ 122.507825][ T6593] neigh_sysctl_register+0x326/0x660 [ 122.507858][ T6593] devinet_sysctl_register+0xb6/0x210 [ 122.507895][ T6593] inetdev_init+0x2b8/0x570 [ 122.507929][ T6593] inetdev_event+0x7fa/0x17f0 [ 122.507962][ T6593] notifier_call_chain+0x99/0x420 [ 122.507990][ T6593] call_netdevice_notifiers_info+0xbe/0x110 [ 122.508028][ T6593] register_netdevice+0x16e6/0x2210 [ 122.508061][ T6593] __ip_tunnel_create+0x52b/0x670 [ 122.508096][ T6593] page last free pid 0 tgid 0 stack trace: [ 122.508109][ T6593] __free_frozen_pages+0x7e1/0x10d0 [ 122.508138][ T6593] rcu_core+0x5a2/0x10d0 [ 122.508169][ T6593] handle_softirqs+0x1eb/0x9e0 [ 122.508201][ T6593] __irq_exit_rcu+0xef/0x150 [ 122.508226][ T6593] irq_exit_rcu+0x9/0x30 [ 122.508250][ T6593] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 122.508282][ T6593] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 122.508311][ T6593] [ 122.508317][ T6593] Memory state around the buggy address: [ 122.508330][ T6593] ffff88807c783b80: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc [ 122.508348][ T6593] ffff88807c783c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 122.508366][ T6593] >ffff88807c783c80: 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 122.508380][ T6593] ^ [ 122.508395][ T6593] ffff88807c783d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 122.508412][ T6593] ffff88807c783d80: 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc [ 122.508426][ T6593] ================================================================== [ 122.508441][ T6593] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 122.508459][ T6593] CPU: 0 UID: 0 PID: 6593 Comm: syz.2.137 Not tainted syzkaller #0 PREEMPT(full) [ 122.508491][ T6593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 122.508507][ T6593] Call Trace: [ 122.508515][ T6593] [ 122.508525][ T6593] dump_stack_lvl+0x100/0x190 [ 122.508563][ T6593] vpanic+0x552/0x970 [ 122.508589][ T6593] ? __pfx_vpanic+0x10/0x10 [ 122.508614][ T6593] ? __pfx_vprintk_emit+0x10/0x10 [ 122.508643][ T6593] ? fbcon_prepare_logo+0x94e/0xc60 [ 122.508670][ T6593] panic+0xd1/0xe0 [ 122.508693][ T6593] ? __pfx_panic+0x10/0x10 [ 122.508723][ T6593] ? fbcon_prepare_logo+0x94e/0xc60 [ 122.508754][ T6593] check_panic_on_warn.cold+0x19/0x34 [ 122.508783][ T6593] end_report.part.0+0x3a/0x90 [ 122.508818][ T6593] kasan_report.cold+0xe/0x18 [ 122.508854][ T6593] ? fbcon_prepare_logo+0x94e/0xc60 [ 122.508886][ T6593] kasan_check_range+0x10f/0x1e0 [ 122.508918][ T6593] __asan_memcpy+0x23/0x60 [ 122.508952][ T6593] fbcon_prepare_logo+0x94e/0xc60 [ 122.508987][ T6593] fbcon_init+0x10a0/0x1820 [ 122.509017][ T6593] visual_init+0x320/0x620 [ 122.509048][ T6593] do_bind_con_driver.isra.0+0x636/0x9c0 [ 122.509088][ T6593] store_bind+0x609/0x730 [ 122.509125][ T6593] ? __pfx_store_bind+0x10/0x10 [ 122.509156][ T6593] dev_attr_store+0x58/0x80 [ 122.509185][ T6593] ? __pfx_dev_attr_store+0x10/0x10 [ 122.509223][ T6593] sysfs_kf_write+0xf2/0x150 [ 122.509254][ T6593] kernfs_fop_write_iter+0x3e0/0x5f0 [ 122.509280][ T6593] ? __pfx_sysfs_kf_write+0x10/0x10 [ 122.509312][ T6593] vfs_write+0x6ac/0x1070 [ 122.509336][ T6593] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 122.509366][ T6593] ? __pfx_vfs_write+0x10/0x10 [ 122.509417][ T6593] ksys_write+0x12a/0x250 [ 122.509440][ T6593] ? __pfx_ksys_write+0x10/0x10 [ 122.509470][ T6593] do_syscall_64+0x106/0xf80 [ 122.509505][ T6593] ? clear_bhb_loop+0x40/0x90 [ 122.509534][ T6593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 122.509561][ T6593] RIP: 0033:0x7fd67079c799 [ 122.509582][ T6593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 122.509608][ T6593] RSP: 002b:00007fd67168a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 122.509634][ T6593] RAX: ffffffffffffffda RBX: 00007fd670a15fa0 RCX: 00007fd67079c799 [ 122.509653][ T6593] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 122.509670][ T6593] RBP: 00007fd670832c99 R08: 0000000000000000 R09: 0000000000000000 [ 122.509686][ T6593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 122.509701][ T6593] R13: 00007fd670a16038 R14: 00007fd670a15fa0 R15: 00007ffd239c5098 [ 122.509728][ T6593] [ 122.509996][ T6593] Kernel Offset: disabled