last executing test programs: 13m16.770437358s ago: executing program 1 (id=2972): unshare$auto(0x40000080) unshare$auto(0x40000080) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/037/001\x00', 0x4a901, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/conf/veth0_to_bond/rp_filter\x00', 0x42a81, 0x0) close_range$auto(r0, 0xffffffffffffffff, 0x4000000000002) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000), 0x0) openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0) bpf$auto(0x3, &(0x7f00000001c0)=@query={@target_ifindex, 0x9, 0x6, 0x6, 0xc817, @prog_cnt=0x1, 0x0, 0x2, 0x1, 0xfffffffffffffc63}, 0xc) ioctl$auto_TUNGETVNETHDRSZ2(0xffffffffffffffff, 0x800454d7, &(0x7f0000000200)=0x3) socket(0x2b, 0x1, 0x0) mmap$auto(0x20, 0x400005, 0xe2, 0x9b72, r1, 0x8000) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) r2 = openat$auto_bdi_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/bdi/43:256/stats\x00', 0x181c01, 0x0) setsockopt$auto(r2, 0x5, 0x7fff, &(0x7f00000001c0)='[\x00', 0xfffffff9) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) sendto$auto(0x3, 0x0, 0xffeb, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e22, @multicast2}, 0x19) listen$auto(0x3, 0x81) write$auto(0xffffffffffffffff, 0x0, 0x6051) unshare$auto(0x40000080) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000280)='/proc/sys/net/ipv4/tcp_ehash_entries\x00', 0x40100, 0x0) unshare$auto(0x100000001) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 13m13.302064428s ago: executing program 1 (id=2979): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyd2\x00', 0x202000, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = socket(0xa, 0x801, 0x84) getsockopt$auto(r3, 0x84, 0x6d, 0x0, 0x0) ioctl$auto_TIOCGWINSZ(r2, 0x5413, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x200, 0x0) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pwrite64$auto(0xffffffffffffffff, 0x0, 0x400, 0x27) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_SESSION_GET(r1, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0108e4c15a1f0001766574683100"/25], 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x0) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r0) shmctl$auto_IPC_SET(0x1, 0x1, 0x0) sendmsg$auto_NL80211_CMD_UNEXPECTED_FRAME(0xffffffffffffffff, 0x0, 0x20000080) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r7, 0x0, 0x4000000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="2f212cbd7000fadbdf252100000008000300", @ANYRES32=r8], 0x24}, 0x1, 0x0, 0x0, 0x20001000}, 0x4000000) 13m12.183483953s ago: executing program 1 (id=2983): pidfd_open$auto(0x1, 0x0) r0 = socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sysfs$auto(0x2, 0x10000000000002d, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r1, 0x7af, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0xa0302, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000280)) mmap$auto(0x0, 0x400007, 0xdf, 0x10011, r2, 0x0) read$auto(r2, 0x0, 0x20000000008) socket$nl_generic(0x10, 0x3, 0x10) read$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ram2\x00', 0x361743, 0x0) close_range$auto(0x2, 0xa, 0x0) read$auto(0xffffffffffffffff, &(0x7f0000000240)='nl80211\x00', 0x7) ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r1, 0x7af, 0x0) bpf$auto_BPF_MAP_UPDATE_BATCH(0x1a, &(0x7f0000000100)=@info={r1, 0x0, 0xc97c}, 0x3ff) fsconfig$auto_SHMEM_HUGE_NEVER(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_DEL_NAN_FUNCTION(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001380)={&(0x7f00000036c0)=ANY=[@ANYBLOB="7c110000", @ANYRES16=0x0, @ANYBLOB="000428bd7000fddbdf2576000000080037000100010004000b001c00e700fb21cf708c794d4787a1487c0c98ae5f1147c2e9936a80c70400e3803a115a8069eebc0b79301fc2f144eec339a9789661a431c386f6e8c5a35523c2da7665d5d6829cf74ec99f1c0aa5664c6f14003b8008005c00ffffffff08005700", @ANYRES32=0x0, @ANYBLOB="0c00ac80040092800400a780867e81a53b1924caaf52d8ecb9ee46220272c01d6807915c7fab7399c9375f8337425a28f62566c1e63849ece1a4f60aa8b811f6e6dddc3ff6b6c3113fffaca7d5432913a1cc722e7430d1a465a95067a867ddb6eb86e8c73f8389c8f5a2624f79cc5de444a40443670481ab75dd0a2771ea5473a3ca70022751e64cfc38dcb84a0b95102d9c757fd0bc98eda5f823cd18a292189460236d09b8005ec37fadf35d4943a57e81722d2ef1d3c533ffb35b7a2ca329e865fe431672cb7340020cb7445733fab9fdf591406b370e186939fad6f029682a7691c51eafcf052ec857ccf7c6e9305b1bb4c62676ae9976dcf107cce397d1239f3953b93bb4452084c797158b26543b2709c2d2a1ddb23fd320f6a73acfd37e307563b2ece47be6a7abdcd2a90523e957510cd19f123ae8a77899651dcadf5e603c1ec3971fb9b7fe0fffe62819ddbd9061180d04fdf5fe08a0f68d035dad7c630cd15c899535f8cc0ea85e51664feee1f52836af1940836503ea76d1535a16dfcda43363e5564ee2c92fe9751b7f9752814b649bc1d3744232c2b3789f9a0b929340a79206cb14f9c3ee56e5c9310f7d271b63460f2b7ccf1d2b4b74f34da1efaf312de58d063ab399b7429910bcb2a15af5251ba4797c1ba56272691bf1379dda610c0a942ff56797a3e892fca2984939820a0c7208afa75fb9702889702744e1571b4a388810dbb2c78a69dbe69ac3bc43f92087240f131c9bc5a2a4fc720c3b99a4365b9e2e5ccf4a240201fc314b7cf4bb7c72cdd7e404e2d649bf95714837afc2d91d0de950be205db59c6ddd0e81592dcd898492a12395294358f1d46e086df3f5fcff7c7cd53c2f0fa898c7a02dbb2334754f233fee101b1f6fce567f3d75d4a949e278e2e93b2cd1fa497f7da1b4dd7d50c7fa45ec71e7fa6b025d7492770128ad01d321e90706dc8b40677dc0087179376b7464616b55339cb4b7f844679eed0f04cddf1e96f7a95937f1a6331735ae9103e444da0ba2960cb48723a381460c67a1b158d3ef6e0879498ead1dab1ea4f73a281834af467aaa9003bcb6423b0b6b35885c9abc03b4ce08f199710f49ef0f6c88c3372cf42e93c34c9906d3b6c493c8271bcb60f2f99d5df9679d7b04dc4473086857a53b4e6a2b72c2119ba38a82a0952fb1fba8c0791bb1260f5e25707393eadb578b04f487bf0d17623b95e213aa095939392050989318de31da0fd0a73bd39d737d77fee227c83c04e0a708b05cf6ce1cc1ba21435826a88b0f15e6e4328af17b4e58f6b158aabb9b644cfd3608c50945d39901d82992be8ca07cff1eac0a7318770a638a08a3734f1d9206ae3038830dc0bcbb838a96ac207a17b72d926ad0ca95684b036f17bf4b677a1b04e0e5ad74c380bd16a406086e081d07e0dce3e41b87680da385db22eec43d24700b34eb068a9510acba0d2bd71a884a36e704a588e631f6026ff8a1cb9ff4d7f5491f217b79c605eb4665a68e2cee5a3e0fe3cd7e3eca0eebd5fbd4c9a985990c39db9f0b403837f10274ab451ca716933148f5e822243230a15f927d2aa85ef9836f9ca2e2f4dfdb2283c95b5c5b1d0622bd26f4ffdcc44c0a9f5477d6106a6fd598a3e7987f78fa14724531bf5c1ad58840fab0f20a79b6b5a15d584de932f4cd824811d804f4648f672c15c931d681c9a9e89f6f17f1f3ac989b2c7f9578ff9a29dfb04786b3fc51a8d12f73520756d26f269328df2b8ad90ad422f524609aa675530bf667629583ecb87428e4cbe2ff25d21e5cbeebc0741999807030cb09b3feccec2163f44d0a039c2a5f3e7590e46f95565cbe31c563b252927507974f03c7233c80908a2ef4162bb8014e86dada8efa2d1d0fd3b972690828d43856fbef68b7bdec4643577983187fe84e7dd334520f4f51bae3c8f4bf2aee8027124b1b8de2b2ecd6f23a223ad1a1c719b8cb8147a6c8971088a327bb8a9c1120eee52d3e8987e7f8792246723dcf7bb254de783def4822e6eaa36dd784e0d449deba6bb7f1f659b3849467dbb0bc7ebd5cc5dea8dad316cd8bb471a6ca67aaab44808a22e221bfbfaf850b8bc9753b503cb4d2389c5c274569dbc58eacb1d77c03644ca08be74d492384b08295e437db08922497f0a264ed18bb3f3f881dc0261bd3a7096aa5b85d96155232a53afc6f4f7713261644f685eefcf07d52babc66eca5c9677c56131741bb5b10d2cda92d352ab9d392b9a4cb93fa46b36192331c5366c08703beaddb2678c07bd71045dc1833dfd4833e25f9e9c8339b71ddbd0dbe88071f589ae462669dd51f964477ca5dfa50c015c9e3e2d96232c40670969e0f02eba3c31f8f9cfcce08cd49b68b6c5efec9fabcc851f5e34e1d1a3ce75514be8eb91749308159d7ed17191ca087eadd100360a0141b8be425f4f959da64dcb6e0357b4bbcc8f5a9ad373b0126c3c8b1673eb016e2fd840cba255f029f86a6c0124d751f34dc9f407d4e0abf6c0ef1518ba447517ef1c7ffd8250edae3cd69cfd5156da9c9a65852a7226b54514e97a8e47c90a8dabca95143aded5f25cf756eeaa1f2d65dcaaa813fa5c1adc60cc4bcbe14effba5363ea11bc62f32c7f10ac7db9f0ddf881f076017e7ff288a77feff528c92a65f7c999b9a915afc484010e5cb31acc0a4a21946f4cbd0c6d01b339ea3f89d75b5581527ca4f28b20c4b0f1a61c174fd95596e11cd785e7d07be1c78ea91e6d0e02f62556f3710f61eeee2684e6680b7a80e944d5cd2369a2436d3e7f2e0c9679bea6421ccac42079cc79a36f89de5128cea0dc60760c59b20f41da83827db44e2cd5098d068c2d81347b2addfa5c838fdda77a6522c632f7d52db8538503dbe411bc742ad54d2eb94b6edacbd42963eab31765c67b3d5ca58a12a2fae7eef41bf97310dc44eedd3fffc931833065fb168996c2f5cce76639b750c2a41223d4ffea3338546ce527384420f28085fa0d749ee59c3529d5b1369a3f99dec7390af447637c29f566f1ce9b092d1a75bf7385ebd13aeeecd3694f8b79088f8f248f0b729901637721e8a833608d8670b75f488cd9ad182da22f55c3a8039d435532ca161ed695880d9f1b1241183387294a47ebc55da15ea0f203bfb06154723e9bfdda2f85d80f843145831f45bef1238634bfd5101f7ec43877f67259487b9b3aff66fc370f9cb663631bf041f94dbeafad37fc91ea19eb278647fa5b077da619089f3bec6c46d684a859211693f4f996d3f9bf3b45ac77172737e93fdaf1de3aa5936169b50600db02f35580a6429c9ab0ab540df45004f1396c7aefa56e31d41afeca52654bbd116ea41351f77b741722c9de4b0d4518ebe8275949bcd4fb01ec910ee31e860783fe1d273cfb25a1d59569cc9dfe50babc06b8058764e3704d1f5080e565bdc2c5c646e267a29ebc9a5ba61abd0bbf91fe49747f2c7ed56061a2ac76fb597b20ceae666015cd9e115dc4ca9c1045057a96468af23640fcb18f3211758f06b70e657614ce0d247f3e38e62f7e9ec2850be14308ccf97548d87eebc61241b50209f4fd38e818756fbb64909658191e957496df44e37eeb07aabcb2935d43856b194d06646e7f417f7920a9f1d401b98fa088d80587a034908b73458a3bdbf619dce0e3a0db58c9b9530709567fd1dfb16fb2da54cde90323f6eac795a4e104707d8625a48758e9f1f1b1b1c2792f853b7eb4f69c6c76e6fb475838df4e09105a63d2274702251de648d5c503f6d55e5be2bd1e00b02214ea19bddf187aa8d2dd2dfaabcff988b7daee96c6a61376a25d240c7d27098679c673bc749eee7f29f0d6da326a770fb268d2d5008838bc153f3c6758de004eed069915953846b615bbf739214fb81cac0060377b034c646bda204df0ff1d4d9c48fe49ab8f30d215e47db414b386436a3c98110bb5733a6f67315fb8954c856bcaa2858aaf6ced912c249fa9106d27060441f29887e0fea2365d2d0cb6d5c2f1701b76fac977ac113dc0e61be75b36916826c0331a9a5b5aca4254e7660a13c454e4426df59d7f6e9624c2decaa6b726b1c39412b4379efaffa7f3ce200f9ec6801afa50edaed5666bc0270e17a2f06bd0821b51f80a93b587619b0a0086dd16ec10fe69367dbbdb5f36f5a063815674b184da5923166f08d7de575726af9ef6f9aef995910888c26f6e92b0908900f1eded968652d9fbb442dccf019ba423e4ad7acf661f7b57321cc33a74800b0b648edc2e7f61c63506d067fdf126d72cf02c4d8f980be8b2223eafe684d356cfec58d359efc64c3c91a7e2b72893e00518ca9e4abd82a0dcb59025dfc628bb1a137d18674016cfb1f30bb26b1aab56ae13c79374041e06f7b5a09bc341cac3fa322fb8f1a679684a312d1f03eed8d0d07f79e70296455c5f5d64bf4f8dcf8e7f738fc984e8b61eac04e33d0407b24991bed17e86377007ccfa043cae682c9f410e4fa0b4ec24ff686516e4983c85b7e790f753d7959dd400ad9278553be569409669e32a54e9084d6d3b12114a6e5c947a6b9c4c700e042aef766e040bee8f8990e8bb50cc0eb09dc44114652f1d076ffc39461675c45bfa462814f41603b0b21a3d833fd36ce4c9b324d9d13b34b22ff58e3cab36fa0aa91234cb13cdeabf8ef7eeb31435bb828b1f464b1d1d9e59d086501547e8de35662d78822521afa3927dfbaf9ed2e64eb61bf2078ebdd6679810ac92adaf86dcd56dea44d3bad2c802ae840f1e77407272c1d5fe8cb26f18604320795480d74b7e3eaed133b7751c4b0d179af2c8198fcbc69eb467e4da54ea3a1605542455a3afd83972e62464e95fa5f0c4170e286ea9f3473139c35679654def80c119c6ab8e63d10096260cf08f87bc594fc7b786e23fe93ecaffe75fbb35f93da57abc511ff25866e391fdf0ebe12583564e0faf00a7ad0f1a877a3c240b8d5619bbe30c4e7ae426f98468127cc20d63408e54981e70581181b7b32f04ace0d7ae2b3bfc664118c028ea1a7a44cc9b26d17a6895de5d690380f08c124a7d89b688a6e858b53e4444ea7de8fbbd969f4bce63f69b9ac2c9f9b90a3783b0c5d3984ff8bb15be4e4d80d2df2c8c1eb8e1dc26ecdb121f65cbe3a5d5e8360a81ffc82efc03971a5ff294b161cc7360192f04b9167a692acd13dd26216609c7a78a35159b52487568e6456bec6e8a809fe47857528d557af40796bb8aa49d817b12fd173974c8250510245a9f1a8304294821b07a1b6d14f6be022db529fbd950583bd326ca5ddc4e9f46938a3f652f39a57cbd7f0fa5073eae6d5a109605b32582d454c4d4472f0864a7134735e268c34c9b95ca60df314dd3494dde2c949834a9ae6a9455fa25e280f5a40a0cef046ded7741814590d57e8e85fb3afb64e8916105926dc6d893e2785889eef48800ca072aaf3407a45775dc08960ed30808b4f69b85048a6c5ff6bd0011cdfe5d877187edc5c3388e729307f0a5aca067b0c0d8d75a5398120c1a1ede1860e9b620ca00e7a6e21039429ceb01eafc8eda11b9e9b554de6e633760334155a84687a96b39f830b53a253ec42ef237637b1c50f837f524fa002cdc47d97581006e5f60597dc1811657ec189787e1fa592bcce22c998b4229deac346064fcb10ee8e160e59b55536e1992675c1a55d547f2144f8413ef92c2c333fabade76a6ccf6ba7a9c8528d528dbd26f8db267ee4480ab2058541db56c75ff33024e696f4adeac2c548de966221b483a0f115be58b69b8250d9b92f20de265833de56217f93be7560e14b753a21cc78040e182e955a4d624f098e1da8a5901f1a2e9a4219b3f82ae0eef1cd8e2797c27e93bdff4e7f4da15e683fbe029b5eb37517183f0000aa3b992b98473b482db8fd3c27b6dbdac48d4b40160e7ef9ab75e92951d5e115e6bd6250f8695518a1818ab9d58d7cdb78ec33c93fe2ac51fcd9629e99c98ecb8084ec7c4fcf2fa6859260901bfaecf8b5320eac026e5344be7ba51c2f9666f652d9fcea4832423aa70898e8f3ac57786e1d58fc3e84c60a0f5a8194b6a0925f159ec4b9d2bf75d7cf379e0ebdae8637c44f1c163ef89d542c45ee1f00c1f92a82b7f5b794668e15011accd94b08", @ANYRES32=0x0, @ANYRES64=r0], 0x117c}}, 0x97d83e8ba64ab41e) ioctl$auto_IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(r1, 0x7b0, 0x0) msync$auto(0x200000, 0x2000000005, 0x6) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram12\x00', 0x1, 0x0) ioctl$auto_BLKTRACESETUP32(r3, 0xc0401273, &(0x7f0000000000)={"b8ba916947e37a41eda273897f913e9793e771f1c8a3c5aee0410bb1d2ac16b5", 0x2, 0x7, 0x10001, 0x7, 0xefd, 0xffffffffffffffff}) 13m11.61590916s ago: executing program 1 (id=2985): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x67e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) unshare$auto(0x40000080) ioctl$auto_NS_GET_TGID_IN_PIDNS(0xffffffffffffffff, 0x8004b709, 0x0) unshare$auto(0x40000080) socket(0x18, 0x800, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, 0x0, 0x6a) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x1a, 0x0, 0xfffffffffffffffc, 0x5}, 0x6}, 0x1, 0x401) sendto$auto(0xffffffffffffffff, 0x0, 0x401, 0x6358c0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 13m9.279791572s ago: executing program 1 (id=2994): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) socket(0x1d, 0x2, 0x6) r0 = socket(0x2, 0x2, 0x1) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r1, 0xfd}, 0x6a) write$auto(0x3, 0x0, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0) openat$auto_vrr_range_fops_(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/dri/vkms/Virtual-1/vrr_range\x00', 0x800, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000080)={0x14, r3, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}}, 0x40d0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'gretap0\x00'}) 13m6.301126799s ago: executing program 1 (id=3004): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(r0, 0x0, 0x50388000000) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xd2582, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/devices\x00', 0x2000, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x40a0ae49, 0x38) mprotect$auto(0x200000000000, 0x806121, 0x8) pselect6$auto(0x1, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000002c0), r2) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYRES64=r1, @ANYRES16=0x0, @ANYRESDEC=r0], 0x18}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) remap_file_pages$auto(0x17, 0x10, 0xb, 0x12000000000000, 0x10000) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x40146f2b, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/tty/ptyvc/power/autosuspend_delay_ms\x00', 0xa0440, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000004180)=""/104, 0x68) r6 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r6, 0x3fe, 0x0) sendmsg$auto_MACSEC_CMD_DEL_RXSC(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000002bc0)={&(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRESHEX=0x0], 0x14}, 0x1, 0x0, 0x0, 0x14048010}, 0x4c080) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2c, 0x2, 0x40) 12m51.112460943s ago: executing program 32 (id=3004): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(r0, 0x0, 0x50388000000) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xd2582, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/devices\x00', 0x2000, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x40a0ae49, 0x38) mprotect$auto(0x200000000000, 0x806121, 0x8) pselect6$auto(0x1, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000002c0), r2) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_ACT(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYRES64=r1, @ANYRES16=0x0, @ANYRESDEC=r0], 0x18}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) remap_file_pages$auto(0x17, 0x10, 0xb, 0x12000000000000, 0x10000) r4 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000280), 0x141182, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r4, 0x40146f2b, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/tty/ptyvc/power/autosuspend_delay_ms\x00', 0xa0440, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000004180)=""/104, 0x68) r6 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r6, 0x3fe, 0x0) sendmsg$auto_MACSEC_CMD_DEL_RXSC(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000002bc0)={&(0x7f0000000180)=ANY=[@ANYRES64=r0, @ANYRESHEX=0x0], 0x14}, 0x1, 0x0, 0x0, 0x14048010}, 0x4c080) r7 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r7, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2c, 0x2, 0x40) 6m7.77572066s ago: executing program 0 (id=4249): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram5/queue/max_segment_size\x00', 0x84082, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) mremap$auto(0x8000000003, 0xda1, 0x3fd6, 0xb, 0xfffffffffffffffd) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r3 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00", @ANYRES32=r3, @ANYBLOB="0c002e010800000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, &(0x7f0000001c40)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001c00)={&(0x7f0000000340)=ANY=[@ANYBLOB="5ffef04a6db608edb64717302922a09a696f89fde0f2e24380e9264f1128fe7a9f21271e9694b143c30549b3a5f3a5878b19d8fbd4d7935c1c520d615de89c54f94f0a23e260f60f52c5a97d4e0ecb602ede413ddd8d7ea33110b02c941b188df12fa41061df3ac79fe85e677c0650fff7f14c3eef3a1e8c7b84b7f0e40fbfec2106a5f6be26f62129c49dbe405e56021287b4d8b42d18bac30845328cfd278e1fd5f8428d944f25e6dd9d72e871c50fea434c7a1de5b3400b9e1c8a01a96fb230f9cb994f4a", @ANYRES16=r2, @ANYBLOB="000027bd7000fbdbdf25740000000600510109000000"], 0x1c}}, 0x4000801) close_range$auto(0x0, 0xfffffffffffff000, 0x2) timerfd_create$auto(0x9, 0x0) r4 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x8040, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r5 = io_uring_setup$auto(0x4, 0x0) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) fcntl$auto(0x0, 0xf, 0x8100000) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r5, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000300)=ANY=[@ANYRESHEX=r4, @ANYRESHEX=r4, @ANYRESDEC=0x0], 0x14}, 0x1, 0x0, 0x0, 0x24040091}, 0x81) close_range$auto(r4, r4, 0x401) setsockopt$auto_SO_SELECT_ERR_QUEUE(0xffffffffffffffff, 0x1, 0x2d, &(0x7f0000000080)='/sys/kernel/debug/usb/usbmon/33u\x00', 0x6) r6 = fanotify_init$auto(0x6a1, 0x2000000000002) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0xa8a02, 0x0) io_uring_setup$auto(0x58, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/usb/usbmon/33u\x00', 0x20202, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x5, 0x400008, 0x8, 0x9b73, r6, 0x8000) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0x8000000000000000, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000000)="2dc2f4", 0x3) 6m5.321420366s ago: executing program 0 (id=4256): syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf8\xfe\n\xa7\xfeD\xca\xd9\xb3\xc1\xe4\xf5j\x94\x7f\x00\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xed\x013\x87l\xb9\x1e\x05\x90\xa2', 0x2) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080)) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000003c0)={{0x9, 0x5, 0x8, 0x7f}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(r1, 0x400, 0x1) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/dev_snmp6/gretap0\x00', 0x0, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000540), 0x20000, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x100000001, 0x9) socket(0x1, 0x1, 0xff) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) set_mempolicy_home_node$auto(0x0, 0x2010001, 0x3ff, 0xffff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket(0x28, 0x1, 0x0) timer_create$auto_CLOCK_TAI(0xb, &(0x7f0000000440)={@sival_ptr=&(0x7f0000000340)="3bff32aea1c68780096698054539456c06b0fbd9728e5ecf59e694cef2198d1a9fe5ae3c7e3061c4a3f8351c95c1fa1078b1de004fa5ba8858fddd28675816102b0dfe3bf8f3006966d836572878d4f3feef", @raw=0x2, 0x8}, &(0x7f0000000480)=0x7fffffff) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x10000000000007, 0x0, 0x1, 0x36, 0x8, 0x15f4da07, 0x6, 0x0, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x47fff, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) open(&(0x7f00000001c0)='./file0\x00', 0x161342, 0x13a) close_range$auto(0x2, 0x8, 0x0) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0xffffffffffffffa6) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xaa902, 0x0) pread64$auto(r3, 0x0, 0xec5d, 0x1000000000007f) sendmsg$auto_NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, 0x0, 0x48000) 6m1.785038869s ago: executing program 0 (id=4266): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = fanotify_init$auto(0x4005, 0x1) mincore$auto(0x1000, 0x8001, 0x0) socket(0x25, 0x1, 0x0) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x13e, 0x0, 0xfffffffffffffffd) ioctl$auto(0x4000000000000c8, 0x400454d1, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="180000b1bf934ec991b900", @ANYRES16=r3, @ANYBLOB="00032bbd7000ffdbdf250300000004000380", @ANYRES64=r1, @ANYRESOCT=0x0, @ANYRESHEX=r3, @ANYRESOCT=r0], 0x18}, 0x1, 0x0, 0x0, 0x40008c0}, 0x8804) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x400, 0x0) read$auto(r4, 0x0, 0x20) write$auto(0xffffffffffffffff, 0x0, 0x3) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mprotect$auto(0x0, 0x806121, 0x8) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(r5, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000280)={0x14, r6, 0xf3e97f51700e57cf, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8020) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) 5m58.878986612s ago: executing program 0 (id=4270): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_receive_credit_max\x00', 0xc0000, 0x0) setsockopt$auto_SO_SNDTIMEO_OLD(r0, 0x9, 0x15, &(0x7f0000000040)='/proc/fs/cifs/smbd_receive_credit_max\x00', 0x10) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000000080)=""/111, 0x6f) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xa00, 0x0, 0xfffffffffffffffd) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_GET(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x24, r2, 0x374fe8f90a251713, 0x70bd29, 0x25dfdbfe, {0x3, 0x0, 0xf000}, [@OVS_DP_ATTR_NAME={0xe, 0x1, '/dev/cec4\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x20044011}, 0x20000008) kcmp$auto_KCMP_EPOLL_TFD(0x0, 0x0, 0x7, 0xffffffffffffffff, 0x9) 5m58.191395272s ago: executing program 0 (id=4271): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) memfd_create$auto(0x0, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/bus/pci/rescan\x00', 0x20681, 0x0) socket(0x2a, 0x2, 0x6) socket(0x18, 0x1, 0xffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x27, 0x4, 0x3a) write$auto(0xca, &(0x7f00000004c0)='\x04>2\x18!\xe2\x00\x94\xf2\xa2\x00\x00\x8d\xa9p\xcc\xccV\xf9ozi\xb2:\x19\x92r\xcc9\x99f\xc5BV\xb1\x92l\xed\x84fe\x8a\x8c\xd3*\xfe\x1dE\xa1W8\x03\xcb\t\x13K\xb4\x893\xf3Q\x7f\xd1|\xefp\xb1\xb3\xcer8\b=\xa4y\xd4\x88\xbcn\x8d\xf3\f\xbe\x9f\xed\xc1k\xcf\x0f`6\xe0\xd1\x03\x108a\x90KG,\xf8\v\x88\xe2+\xcb\xf2v\x8bL\xa6\xaa}*\xce\xd8\x98\xc9\\f\xccT\xa1\x05\x14\x84\xbb\aF,\xc8\xc7u\x93\xe8?\x92\t\xa9`\xff\x93l\x93\xac\n\xdd\xa4\n\x8e\xec\x14\x02|\xf7\xc4\x8e\x06h\xc0\x8f\x04\xceB\x03\xda\x89\x8f\xf3g\x1a\xb8\x1a\x18\xf2\x93DRSO\x97\xb1\xc3\xa8Q\xa2\xb2\xa8\xc3\xd3\xf9\xd4Y\x8d\x8d\xad\x8f[\xbe\xe5\xf1\x9f\x01s\x8eg\x05\xe8\xf9\x8f\xa6g\vu\xc9\xef\x0f\xbd(y8@\xca\xec(\xe8\x91\xf8$<\x81\x85\xac\xd7\x878\xd9\xce%\xcf\xab\xdb\xaf{\x82\x83\x8d\xce\xc0\r\xb6\xe4$\xd0<\xf8\xeay \xf1\x19\xb3Ta~*&\xd8\xc8\x00%\xdc\xbc;\x9f\xcf\xf0\xd8\xd7 \xa5\x8b\x10o \x13s}{\xe5\xb2\xd9;_\xec\xdef\xb1<\x18qg\x1e{\xba\xb0\xf7\xbb\xca\x00'/323, 0x7f) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000140)='/dev/binderfs/binder1\x00', 0x800, 0x0) 5m56.789216076s ago: executing program 0 (id=4275): close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x3, 0x2) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="01012b"], 0x20}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) close_range$auto(0x2, 0x8, 0x0) (async) r0 = socket(0x15, 0xa, 0x4) socket(0x10, 0x2, 0xc) (async) write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef) mmap$auto(0x0, 0x4, 0x3, 0x40eb2, 0x401, 0x300000000000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x2) (async) r1 = io_uring_setup$auto(0x1, 0x0) (async) move_pages$auto(0x0, 0x800000f54, 0x0, 0x0, 0x0, 0x8000000000000000) (async) r2 = socket(0xa, 0x2, 0x0) (async) socket(0xa, 0x801, 0x84) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x4220, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r2) (async) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) (async) mmap$auto(0x7, 0xfffffffffffff000, 0x7fb, 0xefffffff, 0x401, 0x40000000002) (async) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) (async) r4 = open(&(0x7f00000001c0)='&&/file0\x00', 0x595102, 0x408) write$auto(r4, 0x0, 0xfffffdf1) (async) linkat$auto(r4, 0x0, 0xffffffffffffff9c, &(0x7f0000000040)='&&\x00', 0x1000) (async) mount$auto(0x0, 0x0, &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) 5m41.391452067s ago: executing program 33 (id=4275): close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x3, 0x2) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="01012b"], 0x20}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) close_range$auto(0x2, 0x8, 0x0) (async) r0 = socket(0x15, 0xa, 0x4) socket(0x10, 0x2, 0xc) (async) write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef) mmap$auto(0x0, 0x4, 0x3, 0x40eb2, 0x401, 0x300000000000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x3, 0x2) (async) r1 = io_uring_setup$auto(0x1, 0x0) (async) move_pages$auto(0x0, 0x800000f54, 0x0, 0x0, 0x0, 0x8000000000000000) (async) r2 = socket(0xa, 0x2, 0x0) (async) socket(0xa, 0x801, 0x84) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x4220, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async) ioctl$auto(0x3, 0xae41, r2) (async) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) (async) mmap$auto(0x7, 0xfffffffffffff000, 0x7fb, 0xefffffff, 0x401, 0x40000000002) (async) syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) (async) r4 = open(&(0x7f00000001c0)='&&/file0\x00', 0x595102, 0x408) write$auto(r4, 0x0, 0xfffffdf1) (async) linkat$auto(r4, 0x0, 0xffffffffffffff9c, &(0x7f0000000040)='&&\x00', 0x1000) (async) mount$auto(0x0, 0x0, &(0x7f0000000100)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) 1m41.56936222s ago: executing program 2 (id=4798): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram5/queue/max_segment_size\x00', 0x84082, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) mremap$auto(0x8000000003, 0xda1, 0x3fd6, 0xb, 0xfffffffffffffffd) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x840}, 0x0) r3 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00", @ANYRES32=r3, @ANYBLOB="0c002e010800000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) sendmsg$auto_NL80211_CMD_STOP_NAN(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000001b80)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001c00)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYRES16=r4, @ANYBLOB="000027bd7000fbdbdf25740000000600510109000000", @ANYRES64=r0, @ANYRESHEX=r3], 0x1c}}, 0x4000801) close_range$auto(0xffffffffffffffff, 0xfffffffffffff000, 0x10000) timerfd_create$auto(0x9, 0x0) r5 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x8040, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r6 = io_uring_setup$auto(0x24, 0x0) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) fcntl$auto(0x0, 0xf, 0x8100000) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r6, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000300)=ANY=[@ANYRESHEX=r5, @ANYRESHEX=r5, @ANYRESDEC=0x0], 0x14}, 0x1, 0x0, 0x0, 0x24040091}, 0x81) close_range$auto(r5, r5, 0x401) setsockopt$auto_SO_SELECT_ERR_QUEUE(0xffffffffffffffff, 0x1, 0x2d, &(0x7f0000000080)='/sys/kernel/debug/usb/usbmon/33u\x00', 0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) mincore$auto(0x0, 0x10000, 0x0) r7 = fanotify_init$auto(0x69e, 0x6) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/6t\x00', 0xa8a02, 0x0) io_uring_setup$auto(0x58, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/debug/usb/usbmon/33u\x00', 0x20202, 0x0) mmap$auto(0x5, 0x400008, 0x8, 0x9b73, r7, 0x8000) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0x8000000000000000, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000000)="2dc2f4", 0x3) 1m40.839376562s ago: executing program 2 (id=4800): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x4ea42, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0) mmap$auto(0x0, 0x810004, 0x400000000fff, 0x8000000008011, 0x3, 0x8000) r0 = socket(0xa, 0x3, 0x3a) close$auto(r0) io_uring_register$auto(r0, 0x8, 0x0, 0x0) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027617c36720add70ab0343990f7d0bbc96dc0b"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) read$auto(r1, &(0x7f0000000040)='\x00', 0x10001) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000fb3d89cb809172a3320003008000400088"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000804}, 0x40000) r2 = socket(0x10, 0x2, 0x0) fchdir$auto(r1) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x2c, 0x0, 0x1, 0x5, 0x25dfdbfd, {}, [@GTPA_I_TEI={0x8, 0x8, 0x5}, @GTPA_LINK={0x8, 0x1, 0x6551e4e0}, @GTPA_VERSION={0x8, 0x2, 0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x14) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x800}, 0x2, 0x0, 0x7, 0xa505}, 0xa788}, 0x7, 0x8) write$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0xfffffdef) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) inotify_init1$auto(0x8) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x801, 0x4f46, 0x6) 1m35.66516777s ago: executing program 2 (id=4806): r0 = socket(0x15, 0x5, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000380)=""/41, 0x29) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a) r1 = openat$auto_proc_page_owner_threshold_(0xffffffffffffff9c, &(0x7f0000000000), 0x109280, 0x0) read$auto(r1, &(0x7f0000000100)='1\xb4\a\x00', 0x5) recvmsg$auto(r0, &(0x7f0000002980)={&(0x7f0000001700)="9c0181f7400e95060cbb03394310de10fb0e51c168c506dbe89d6f186b49d6d5b48ae7b96b6e0000f727c5950c210b206ed81004f601aa89709de9faf70ee2de212cd7ab2deee550d6a1483299a56e28dd000000000000000000", 0xffffff0c, &(0x7f0000002900)={&(0x7f0000000700)="99fcd25dc8a35d8d8051be3a0bac7571e5550f72ee5062e3351e7f7903ab48d4094f229a3da3bddef919d0df0370b4ddca107e438880157a1721abc58883649ca429cade66ee19362791a4d15eaa2e6ad0aa9eed6b72bf30e27ca0f33c8e2c5d97a095c43725d8ed950062b0eff31a711b69b8aef27d0b1f7d292fbaaba1464cd114a22f952460dd781c420c31b84a757b5bbb57e9621022562fd99e0a95a15ccdfbcf7d3c38604fcd391316e21077eecc566bb67628c2c496582cec26254ed8db2ce036e8cbbee8e6ee6fc9947caf9bd7c149bec8d4e70e4f7e460a4d0619dd35168b59e1fdf759c1bf8409e89f6fe1ce85dbce1ea67e8cd6bbf752146b0bac3aba9db48b14f5329cd05b463c364cfc02f9f94b127eeac310512bf6969dbe5b175c13671a8dc26b4630e666a27687373b63aa1c820a2c2ded6bb5ba8905582e69f280d79beff64614f67f992321742d13b132c6e8161dbedeca87d059f647ec510fe73ab0dad15af13786b574e4413463c3601adf3c4d81c38e0fbba844e36bf730a464a6ada1a9a2c37a4394f6d3521d62772c8b34271bbcac7a110a3e0e55ff8af5203988f6a449527fb7eb4f629158583c7f4ecb5bb4e6f52117467dd7eb44327e6b68c7722b2b3eeb1648675ecf7f2d9528136426e3579687b8e2ff1d7bb55095ced35bb615e05120eb0fa50e7e678eb430fdbe857b8d1b5b858ae0df7e76d59296d258e98f6be7b605a3d5d4d0b216a23a24a47f3e087185e62df6a176972cd42010a78b0bcf31bf03079b93bf06a0cdb0501585d14e2451133d4ea4751d8b394c64df4bb9d7aaf36a957b38f1d3d71b5e54a3db9129bf82ecc6ce580d2ae50efa6945a39d0f9d05927dcf672d416182d68b13bd067970b08a60bdb84b83855e9dbd9c1b479a946e132c5c21ae7b76732de4bc28b9cb4d8802c6f893777be740dd1ba46a4ead617dd9bc38a9dfff9e776193f9b8d920e945bc4517acfa31ee1d74a427b8f0b449a6110a60eef255fce170e974e6f0545bf997b78fb42fe4215d2a4c73429e0099a3b9702c7499d671a77e31e47d0c45baef2a80b001dc7a360cf0685d0e52b4a1313e9501cfabd5e18b09bf941d80e797d3dc2af2aeb0fd934c8b06e28c662d773a1962dc927938e1eb9df5f7b5da8a163c0d0a2078c9d692faaeae486f4690d22e3ab2ad2f73fbf95a58f3e26b2274cefc07d6a02773ac718ca6724ad577618505bf2312cb5a07243021795309b4ee3a949b303b2a7f8a54c89c644d7f04375fd65301e8f5f4ae2ea1e0a8eac908b2504ef718848a8ba1fc4d0f1ddb033cb04ae7ac243b26a629adad29f3386349193432d7cf0424fbefe7d9283b6453a910a79eb9a1874c10bd9208fcb1f1a87c7fc3054e55eecbe623fa61871e8a1e88b3ce9e8d8e8be1d1925b4ee85f748fff4b7baaadf77f817423cc92e1072788c65ec571db7ae3415a35b6b65abbc411f547d6b877bc6ded13de534df4d031bf48bfd3ae1b4489c12ddd92bb5fef2dc5e3fcb52f1c187f5747cacdafbff8ac0d962baa014bb2199edf588ac2f76c33c3fc62ec58b81a912ba5488e902cb0dd71d6092bd4a0dcab71da894eacb04bf289dee9e76b33b5c4896287db4540c8045fd9e5ae3e9b37c4fa3020570519b1e91fcd29897314a1a65e137fe87b06bff3a3a0b3a5bbe37351765e63bc5ba2b3f86c2cfc3236ae7a7c49508b38a8176f97d672e71fc7afa63731655c71bd643bf96bcd19c031fe775ad2d0951b2fc699cc384210edd731ab779c475d972745434644e9d63cd0658521035db9d339698dcac33c60c95467e6a15e81129b2d25dabf00a8afa482b7f327dd7348522b5a8174b5c53feee7c3d8ab604310c0c43669b62113a4b86a66abf8b8a54e3bbd08d231ccc67ca06ea0498d182eb8724ce0a375b952501bd482fbb4f51816647a2a547b86779d932beebaea3d0087d3974fc0cd5e596edd08fe928a5b6e6ed5dab292d858b7552300cd0f473ec24472783a387edee9ef21bb49bbaf8dd0c21a05b361202faf9f57c325c2d019590cd9406ee82b16186fafad91849ac422cfef63ceed8970ceb202f259c045d75075bc59226b794bc5ad7bbbf7ebd0b6bbba250d21b1bafda22df01433e66c4e81fe36fcd7b062d5eb925fe5f0b635023d43aaa645214783f433bde8f4a0abc82c0b67fc2ca1f013dd7193a0236b0a9c4d68ecc3698a2e69114f4d5e233e3f379b05514edc4c2af03489443c3db1a391833d7147e2c1873fd5e14245f8f18dc94a019d231c7d61311741274e661fca013bfa4a5353082b3c1818c2f64f653c0e2acfccbf36ef6571ce4d560be75ba7fd1c54d4c867817f161d2c1cf94c8754b739002935cadf58bb556c8540194d678f088ff33270e745150a93f16c6e625a8ee55b841172e7241d919cf80fdeb7ee7661e79c06f14b5a022043434f893cf6754d717b9faec1766759b51d35a71e4aa85e2cbafc2227ca523173eb17f2bbe501d612bf3ebf0ad188262ba005b5d9447fce69793cbccb540388914d4258412c9465f99f4d593e8d737f276a6b6271eafc5365b47e6bc47762fbfc3843475a9d70f9be2650ff62f5fb82d2814cd57d110fccb63518e7a9856c01226076e8b44eeaee1b65b78b2905701511b2a8cb1af4ea821d3a06b0e6409e91e1958f34077e4c14d728702e1309d4ebbc9a79ea7643af577cfa2741aaa42bb0bc3519e492bbeb0edc180a311ea393bad59682a44440fa0674bd3208fcac1e38f6db2589a76696477adcd4d5e6a0986625687368225772a54ad5af66ed6d9cbb25c7e6c9c8f4effe357fecc6bfa9b470fd4b42e2149865e3234b2e3286192dbc7db6eb45ef5d0cecd1a4f534a006b441532f35d2a248b6c3f11772a0e03a80287defc5c886f39e8ca8aae825e8e26c72383edfc7f3054e63545c6e3ae2ae5b258219c42ca8483b7110bed6e9e4103d1076b72f2e1710582a1ecc4802b95f982873e6b43341cc920e03b30dc84a7e71ff6008502c1eb78b2e99c2aad8d2acf9a4d3f9a74977e221f5e91a67a7a0fa1d0f2581b8fb3fa3cbb4009a92fb5c7c1a24391abeb729addeb5a9cbd7736b9bd9b4f5f972cb87243f287f24facbb85d7874fd1b8f74310d8bfba397daaf6a2dc3606044414553a9a29092ce30dd0122b9b1281cb7d9a430814271090c9fcc5f3ce91131ae4171c61143d3fde66d46d6c7e08df697ca36ccd1650d59150e8b426f9a41bdd039ad7e659ce00315dc7ab5104833c09d972c302e1248028a5ac5fdcc1d208ccd7db6fd548629ae9b3480ea02b0b587c81cbd6953c0dff40b2fb04a081143b7c1e37750a7672c0de0fdb43741b0fc8eaaeb1419e76bea5c8b53d34286c3c9789c8e77c19afb88406fd91d4d06024da3619158b21c85cee61ce866462c210f3e5c1833733687aa68852b1f03f61a4769c91398af9c8adb5199f5f158ffeda586ef3cc9397995eac1b280f9d89cfc156be1271972125b8e37af23d128738927a5e6a9691b90a835aa47c1f008bfa5f5ef7848c39fbd79b903fc43e6d50e754ba1062e1c5488fe3c994bb644f70ff91e2b1541fd5dd5ed5cde2e0410d9919c77109adc0a30d34523406111baaa7b65756746779f43c6e079b4d9fc7c131c35b0a728bfee9fd678e8f86978c861b9f1e406569671a6fc8a0515755ade355bfffcf76addb4224d760c0d279249de0685c72efdb040843d790c21418103687994e031604c34cbddd8835dfc6c8d546a03b28f402381154d42a5706657bb89c03e412c6b5597a71671e23c20ff97c26cae3ad36b05616ee5464580526a3b5c136dd27797e123f0dabb5723545355898172d35ab931085b487d48f78afdfe6ad7fd056697ffdea5a0ac1d381082d0cacd4683ceee5d8b8b117ac39c51e8bc0d18e427aeeab8ec8f54be134cff59c001f948900a5930dbfb0931c9130cb6521dac04f291f69c653d85541157a9e762894e8eb80784ccea952b77ddfeefcc3f7e0adca9b6ac9a2041d458afa992da1e36c444526881cdf070e14882f49735d7044bcb239348c85d82eacf87ec82bb31a515e8f694c1a0a986885ad0211cb2d4b87848439868ab2ea6201d7d21fdbc3714b1ac557dc88d7d62dd25db0db7c26a5a718a90800cf721d69c77f041a5e742bd3a76c60a4828beea68f665ed6bd1499fd3af66fbb7e25608d61153267e07a17d0d0ffb7c63acfa0b5cc517e3772895db4d4aeb70e831f3a256d0bdb8d1a74b046c24a066f8f0b2fb2a6e923a2076c9fcebdc85e0e622d1c112bce248c871ecb228604df0c1836789193010ac41f1b2bfee9fcf804622695590f4f37c93068eef1ac16fd4b9100e7899138cc17a7b10d51375349fb0ede87a3e612125bfdfd4fe2300cb22ff6f3adeba8d5caced79b02dac0fe558969e21786e1ee1cdabdb2ce6fd69f638d44625327046adb6f09395c2428df89170ccd17dccac9a3233d65c501deeaf8a0f07eef4879ad2561d7acf534a62537d3db72d53dbc51d45857f23234c5690e7177e9d1d60a18c659c831c9dbd366e30e7fd4b0b6174038d7fb4b04f259bde63abf8669382e23295a882701b12ee405bc99777d7e4df22144f047cffde00d92c936a4741e5fc4123108c310b43ae510cbc8f98c86c0dabb339b73835aa26b0f0e54791b708583c35b303ceff1ffad7e5d1e573424471546400967a3332c2fa88b24f7db1d2d8ec7d79927066ec202707d397b5af24b74c9c444b46dd1c964323fc3c78faf501fe730e7cedede24aaeb6daebfe8f9dcdd95b05ad7ba9763c1a3f8972992baa3832ee84fdf9d8ebf0fbedd53a84ab87829d579d531de350fa947c5d5a62fcf4a9ab8afe7254672cc7a45b242f48c24d364364313cb093979ccad44a2e270f9c5eb9b47a5c836eee6fe9d9af740187ece88d0f21cd283186b3ca30d19184d4663196203f546d29986833460ed99f87b1ff043051e09621c7676b09e946fa55fcc0ecd9d6b95fee8a6f80e523b440e3b8d63de60b52496c8209b899347a7a00bed2fa178583570ce5102267d33b5067c85b7fbb3c5581dc0f1a773b91cbf0cf075c54cb8c9571c87d1d32e3b9a5f2d4829091bd25c497dc8a8d871ff88692df1eb7f16d120d4732b9a1762a46cefe8bb6d74ac6e4fa2e164d303a6f39427518bfad7a1b4db86c694945bd6061f2c7291f9db4c6f413ed149a5ac4b4fde4b21dbf134418d2ae2830598599456a45d5a05e15cf6b6ad3707867f8eaa3cb5e0e0350a9e330dee16a5ca37df561726ca6962d7d2c6590a74381d8e5a7be1fd5a771cd999e7ea3b68f6abf7e443afca20f50810163caf69ca48b1747f2424dfdce2621835622aa2133e0831be4a9c0179ad61a1a057259fadcab441a569863c1d1a185443bd96927f006a2f03aa0978086db75c25f7acc36d37ca7c474cd5f3aced34afbf1273eac7093ca507640d208a2d5af2a71a3d0099550c85749c54d00e7d7d1c3b4a14957d0da8bdb9943af914effedc96b2b244b42f15869925b72d78506e3f30dfecab3fa4e1025150c55ad85ba8a13127ab1c7eb9e2c43cd6fafdfa49a020b1b2e586479da34c262984cb293d7d40bb08863188b45c69da99682e340caa25c88dde758c053c315afc58fcaedabd12a05e8de598be099bdbd7ed40c9750cf5f6cb063897f2e71d3d27df8a3812ef46bf13cd2c09ae06553fba2955e9f03fa2c8b623c4b03d053bba2177296c01b5d65e8875f5ab5cb7d4ef02fd7e7263634d4cf7fcfdc68cb1a2ef4060c6548be8913", 0x2}, 0x1, &(0x7f0000002940)="1b55ec0d0be29fcf395f6be5db0a83a7fec180d34e2b4207d4cd38fa36596087cd5d9f959b03485d2ff71fc0493d6d7a8ee4"}, 0x40000009) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) socket(0x18, 0x800, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0xa000, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x18, 0x1, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) getsockopt$auto_SO_TIMESTAMPING_OLD(r4, 0x1, 0x25, &(0x7f0000000000)='&#\x00', &(0x7f0000000040)=0x3) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000002680), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_DEL_DAEMON(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x24, r6, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DAEMON={0x10, 0x3, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64=0x2}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40014}, 0x24008040) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/firmware/acpi/interrupts/gpe02\x00', 0x2, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r9) sendmsg$auto_SMC_PNETID_ADD(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x40084}, 0x44c0) sendmsg$auto_SMC_PNETID_FLUSH(r8, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYBLOB="b0000000", @ANYRES16=r7, @ANYBLOB="00022abd7000fcdbdf25040000000700010008230000320001002f7379732f646576696365732f706c6174666f726d2f64756d6d795f6863642e372f757362382f72656d6f7665000000060001008e000000280002002f7379732f6669726d776172652f616370692f696e74657272f83883fc2f677065303200280002002f7379732f6669726d776172652f616370692f696e74657272757074732f67706530320005000400ff0000004fa3a70fef0a4b405aceeb0b5f175f1246460bf2cf2b2d6d567b0194301cb2d481f9c77369547cfc6699536ebd7e0738f244a1225b6ff6f4e785"], 0xb0}, 0x1, 0x0, 0x0, 0x4}, 0x10) sendfile$auto(r7, r7, 0x0, 0x3) write$auto(r4, &(0x7f0000000340)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\x9du\xbc\xe8\xd3j\x06\xc25x\xde\x84\xad\x17(\x0f\xc0\x14<6\x1eyY`\xd4g\xc3\xdeIJr\f\xbb \x0ew4\xa3\xde{\xa6\x93\x8fC\xe4@\xce\xbf\r.\x98\x8c\x0f\x90\n\xfa\"\xaa&?\xfdW\xdd\xd8<\n\x81\x9bU\xa3+wN\xd64O2\n\xa1\x937J`\xa1\xfd\x90S\x90\x93\xd7YL}\xd2\xcfL\x89', 0x98c7) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) r10 = fcntl$getown(r3, 0x9) kcmp$auto_KCMP_EPOLL_TFD(0x0, r10, 0x7, r2, 0x2) 1m34.414749311s ago: executing program 2 (id=4810): clock_settime$auto(0x194, &(0x7f0000000140)={0x460, 0x3}) adjtimex$auto(&(0x7f0000000780)={0xf, 0x0, 0x2b8, 0x100000001, 0x6, 0xffffffffffffffff, 0x2, 0x0, 0xe, 0x0, 0x8, {0x2fa}, 0x1, 0x4, 0x5, 0x1, 0x0, 0x6, 0x800400000000, 0x8, 0x9, 0x5}) adjtimex$auto(&(0x7f0000000540)={0x72, 0x0, 0xff, 0x4000, 0x2, 0xffffffffffffffff, 0xa0c, 0x0, 0x3ffbffffffffff, 0x9536, 0x6, {0x200, 0x4}, 0x80, 0x80, 0x20000, 0x5, 0x0, 0x100000000, 0x21, 0x18d, 0x200, 0xa, 0x2015}) 1m34.154190528s ago: executing program 2 (id=4812): mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) semctl$auto(0xa, 0x2, 0x13, 0xde) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc018ae85, 0x0) 1m33.781780883s ago: executing program 2 (id=4814): mmap$auto(0x0, 0x2020009, 0xa348b21, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000040), 0xa2741, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) socket(0x11, 0x3, 0x2) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000000c0), 0xffffffffffffffff) openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000040), 0x101400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x2, 0x0) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/mmap_min_addr\x00', 0x101302, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/controlC2\x00', 0x20002, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x40401, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x540b, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/oom_score\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(r1, 0x1, 0x820, 0x7fff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) r2 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/cuse\x00', 0x1c1041, 0x0) sendfile$auto(r2, 0x3, 0x0, 0x7ffff000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) 1m23.232804402s ago: executing program 4 (id=4832): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x10001) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000240)={0x0, 0x7}, 0x2) listmount$auto(0x0, 0x0, 0xf4240, 0x1) 1m22.481338681s ago: executing program 4 (id=4833): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x7, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x8640, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) preadv$auto(0x3, 0x0, 0x3, 0x2, 0x13) close_range$auto(0x2, 0x8, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) r3 = socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) r4 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, 0x0, 0x42000, 0x0) read$auto_proc_pid_smaps_operations_internal(r4, 0x0, 0x0) write$auto(r3, 0x0, 0x8) read$auto(0x3, 0x0, 0x7fffffff) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="01010038dae777ed9920b0b0009200170e9621f25338ceaf02211c6a61fe7dc154ecaa50f2469cc223515141980639b06208dcc82af48fae3e3075ce3f4c93cae48c698846088f7ce14b41dcc2330a5f20f8b22f659c1aba336e313591715202f96622cf0823566301a0b37e0606beb0e12c6327", @ANYRES16=r0, @ANYBLOB="010001010000fb8aaadbdf25ad003c97362c80b1", @ANYRES32=r2, @ANYRES16], 0x24}, 0x1, 0x1400}, 0x20000084) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) socket(0x11, 0x3, 0x9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy0/net/wpan0/dormant\x00', 0x80, 0x0) bpf$auto_BPF_OBJ_GET_INFO_BY_FD(0xf, &(0x7f00000002c0)=@bpf_attr_3={0xdf05, 0xb4a3, 0x1, 0x5b7, 0x100001, 0x9, 0x2000008621, 0x92d, 0x2, "bb7c944d1902ccdb035eba86d79f428b", 0x0, 0x10000, 0xffffffffffffffff, 0x10000000, 0x7fb, 0x9, 0x6, 0x1, 0x8, 0xfb, @attach_btf_obj_fd, 0xfffffffc, 0x7f, 0x5, 0x5, 0x8, 0xffffffffffffffff}, 0x201) r8 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r7) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r6, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="1104000000", @ANYRES16=r9, @ANYBLOB="000128bd7000fddbdf250700000005001c0091000000"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x0) write$auto(r8, &(0x7f0000000200)='/de\xef\xe7audio1\x00', 0xa3d9) read$auto(0x3, 0x0, 0x8080) 1m21.016080971s ago: executing program 4 (id=4834): socketcall$auto(0x9, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder0\x00', 0x0, 0x0) r0 = openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) pread64$auto(r0, 0x0, 0x2, 0x3) 1m20.463235846s ago: executing program 4 (id=4835): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/nfsfs/volumes\x00', 0x800, 0x0) 1m19.816366327s ago: executing program 4 (id=4837): openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000002180)='/dev/snd/pcmC0D0p\x00', 0x0, 0x0) r0 = fcntl$auto(0x3, 0x4, 0xa553) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) openat$auto_nsim_udp_tunnels_info_reset_fops_udp_tunnels(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/netdevsim/netdevsim0/ports/0/udp_ports_reset\x00', 0x12280, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.max.depth\x00', 0x20681, 0x0) capget$auto(&(0x7f0000000080)={0x19980330, 0xffffffffffffffff}, &(0x7f00000001c0)={0x8, 0x7fff, 0x2}) ioctl$auto_IOC_PR_RESERVE(r0, 0x401070c9, &(0x7f0000000000)={0x2, 0x7, 0xfffffff9}) read$auto(r1, &(0x7f0000000080)='/dev/snd/pcmC0D0p\x00', 0x4) 1m18.84851055s ago: executing program 4 (id=4838): swapon$auto(&(0x7f0000000000)='/dev/loop7\x00', 0x4) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r1 = wait4$auto(0x0, &(0x7f00000000c0)=0x2, 0x5b80, &(0x7f0000000380)={{0x8, 0x4}, {0xfffffffffffffffb, 0x100000001}, 0xac6d, 0x2, 0x1, 0x3, 0x2, 0x0, 0x2, 0x4cd, 0x86, 0x9, 0x3, 0x4, 0x4, 0x100}) r2 = prctl$auto_SIGCONT(0xfffffffd, 0x12, r1, 0x1139, 0xfffffffffffff428) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0002, 0x0) prctl$auto_PR_SET_THP_DISABLE(0x29, 0x1, 0x2, 0x0, 0x0) close_range$auto(r2, 0x8, 0x1) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8802, 0x0) r4 = socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8) write$auto_ocfs2_control_fops_stack_user(r3, &(0x7f0000003900)='\t', 0x1) write$auto(r0, &(0x7f0000000080)=')@-!\x00', 0x1e1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) sendmsg$auto_SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd7000fbdb00050002000000"], 0x24}, 0x1, 0x0, 0x0, 0x20004810}, 0x40) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100253d7002fddbdf2501000000140007800c0001800800018000000000040089800c0002000600000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x8080) mmap$auto(0x0, 0x5, 0x203, 0xfffffffffffffffc, 0x405, 0x0) statmount$auto(0x0, &(0x7f0000000580)={0x8, 0x3ff, 0xfffffffffffffff9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x20000000006, 0x4, 0x5, 0x400005, 0x9, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x4, 0x0, 0x7fffffff, 0x0, 0x0, 0x101, 0x78, 0x0, 0x0, [0x3, 0x0, 0x0, 0x200, 0x9, 0xeaf, 0xffffffffffffdffa, 0x4, 0x3, 0x0, 0x0, 0x5, 0x2000000000000001, 0x1, 0x5, 0x0, 0x0, 0x4, 0x1, 0x20000000000, 0x82, 0x800000000002, 0x9, 0x10000000, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0xfffffffffffffffc, 0x0, 0x2961, 0x0, 0x2], "8f80bc2ca47feef4293b48d2c2749da2c169970ab8d4b0d653923068b84ee2625d076ef1ecee03fbb783ed6ebd36f672235dbeb493b23d33517d2008043cc600492f57f79c3b42320a1d666ed3fe5ec46658e30b462d6b074185d99df0ab891e70b4b7985050f55c01ad9eb5d7d25688adeccc790ca9f47accb47432376923fcdd49689c03d1441ce0d2997608ce6cf8cffab4dda81bc41c4474ff471c5cf831527408637107ba3a8641fb1c5453a77cef9d06ea25415740b3b1228a7f"}, 0x2001fb, 0x8000007f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r6 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r6, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) 1m15.82144299s ago: executing program 3 (id=4842): socketcall$auto(0x9, 0x0) mmap$auto(0x0, 0x5, 0xfffffffffffffe01, 0x8011, 0x3, 0x8000) r0 = openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) pread64$auto(r0, 0x0, 0x2, 0x3) 1m15.601590758s ago: executing program 3 (id=4843): mkdir$auto(&(0x7f00000001c0)='./file0\x00', 0x0) mmap$auto(0x0, 0x4994, 0xdf, 0x4a38, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x1) getsockopt$auto(r0, 0x0, 0x80, 0x0, 0x0) getsockopt$auto_SO_BUSY_POLL(r0, 0x29, 0x3a, 0x0, 0x0) mount$auto(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000)='cifs\x00', 0x8000, &(0x7f0000000240)="8983b4d503e98c29ac0907551c70860db5cca27b1ab4bc56020b5d379e3632275ddfcea8c9fa21b267c9caaecb3712fa39bdf3664db83c2a79a27345e968ee01e9943d") mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x81) fcntl$auto_F_DUPFD(r1, 0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x2021000, 0x66) r2 = openat$auto_proc_pid_smaps_operations_internal(0xffffffffffffff9c, &(0x7f0000000b00)='/proc/self/smaps\x00', 0x42000, 0x0) ioctl$auto_BLKPG(0xffffffffffffffff, 0x1269, 0x0) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) write$auto_cachefiles_daemon_fops_internal(0xffffffffffffffff, &(0x7f0000000300), 0x0) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) r3 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(r3, &(0x7f00000003c0)={{0x0, 0x4, &(0x7f0000000280)={0x0, 0x4040009}, 0xc, &(0x7f0000000000), 0x16, 0x8}, 0x5a55}, 0xd, 0x3, 0x0) close_range$auto(0x2, 0x8000, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0xb2) lseek$auto(0x3, 0x8, 0x3) read$auto_proc_pid_smaps_operations_internal(r2, &(0x7f00000002c0)=""/190, 0xfffffe39) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) inotify_init1$auto(0x3000000000000) unshare$auto(0x40000080) 1m11.633654545s ago: executing program 3 (id=4844): r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x683942, 0x0) write$auto_ftrace_subsystem_filter_fops_trace_events(r0, &(0x7f00000000c0)="9210294220607df6bcd3754b29350096f83d19bedf46827be4db9a0a67c3c2b4471a9297677c9b8242238f69e18d20d8ea130c4b62f380267658771e54f3fdfca26d2aa088aa4cf197c2e3745f833316857676256456772fee6273072abae10f9bc0c1f0680929464d4f191e4a37c7ee9f", 0x71) openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x80001, 0x0) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r2, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="01002dbd7000fddbdf258c00000006000e001c85db4261a133d3c2da003a0b3ccfee9305cb1e8801dbc2eb90494ae9f65267f6abd0f50507510d2fed466b9c76aa2b2407bcd964a8d501f649a8419fff2cd5bcabea90af5a90964d3f98f034380f61d0f9cbfd361a46ac525517f8537f1a800f0064e870dc7b1b66d9cb5b1201c163ad790739677afa56780296018fe6ff37675241c5c984caacfb53096f094d45b0cbf002d6530fba3f9f3e570a58d06d5714ddf46f938f2fc6ca5e5c26ad7d955de1e910b5ea3d0435beb9a2af61fa835b7eceaff7d06731eae125bbd97a3d9e02"], 0x1c}, 0x1, 0x0, 0x0, 0x6040000}, 0x20008810) linkat$auto(r1, 0x0, 0xffffffffffffff9c, 0x0, 0x1000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/sit0/ifindex\x00', 0x80000, 0x0) read$auto(r4, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/nfsfs/volumes\x00', 0x800, 0x0) 1m11.309763287s ago: executing program 3 (id=4845): r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/misc\x00', 0x10b402, 0x0) pread64$auto(r0, &(0x7f0000000040)='/proc/scsi/sg/devices\x00', 0x100000001, 0xff) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sysfs$auto(0x2, 0x49, 0x5) mbind$auto(0x3, 0x3, 0xffffffff, &(0x7f0000000240)=0x3ff, 0x8, 0x4300) r1 = fsopen$auto(0x0, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/statistics/tx_compressed\x00', 0x80000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/fcloop/ctl/del_remote_port\x00', 0xa001, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ttyS2\x00', 0x0, 0x0) ioctl$auto_TCFLSH2(r3, 0x5453, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002cbd7000fcdbdf252100000008000300", @ANYRES32=r6], 0x28}}, 0x40480d0) sendmsg$auto_NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb8, r5, 0x1, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}, @NL80211_ATTR_STA_SUPPORTED_CHANNELS={0x9d, 0xbd, "096538b49ef153c0064b47052d72b80f19d46bcd7282b88f2672152cba06ef2fe897e66a866bd7390e33bf24e4f4e9a090b6f244247383391218ddf337a0900470ca962b6b71459552154b38c0261ec2e1464fe5a1fb48e8e3f2b21c1a069dce8e08aa85140c868d633701614cb9bc37a1dfea1e64448e2917bc8a959d0e4e5fd3b7a913bd278df1fdba28adc49cb8797ea1d1b949a96742b5"}]}, 0xb8}, 0x1, 0x0, 0x0, 0x81}, 0x80) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r8 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$auto(0x3, 0xc048aec8, r2) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 1m10.451474494s ago: executing program 3 (id=4847): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000db, 0x12, 0x400, 0x18002) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) getpriority$auto_PRIO_USER(0x2, 0x0) mmap$auto(0x7, 0x4000000000000400, 0xdf, 0xeb1, 0x1272, 0x8000) pipe2$auto(0x0, 0x80) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x4, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r1, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) r3 = socket(0x2c, 0x6, 0x0) write$auto(r3, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) r4 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) ioctl$auto_FS_IOC_SETFLAGS(r2, 0x40086602, 0xe20) read$auto_state_fops_(r4, &(0x7f0000000180)=""/61, 0xfffffeeb) 1m7.158838779s ago: executing program 3 (id=4850): swapon$auto(&(0x7f0000000000)='/dev/loop7\x00', 0x4) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r1 = wait4$auto(0x0, &(0x7f00000000c0)=0x2, 0x5b80, &(0x7f0000000380)={{0x8, 0x4}, {0xfffffffffffffffb, 0x100000001}, 0xac6d, 0x2, 0x1, 0x3, 0x2, 0x0, 0x2, 0x4cd, 0x86, 0x9, 0x3, 0x4, 0x4, 0x100}) r2 = prctl$auto_SIGCONT(0xfffffffd, 0x12, r1, 0x1139, 0xfffffffffffff428) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0002, 0x0) prctl$auto_PR_SET_THP_DISABLE(0x29, 0x1, 0x2, 0x0, 0x0) close_range$auto(r2, 0x8, 0x1) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8802, 0x0) r4 = socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8) write$auto_ocfs2_control_fops_stack_user(r3, &(0x7f0000003900)='\t', 0x1) write$auto(r0, &(0x7f0000000080)=')@-!\x00', 0x1e1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) sendmsg$auto_SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd7000fbdb00050002000000"], 0x24}, 0x1, 0x0, 0x0, 0x20004810}, 0x40) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100253d7002fddbdf2501000000140007800c0001800800018000000000040089800c0002000600000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x8080) mmap$auto(0x0, 0x5, 0x203, 0xfffffffffffffffc, 0x405, 0x0) statmount$auto(0x0, &(0x7f0000000580)={0x8, 0x3ff, 0xfffffffffffffff9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x20000000006, 0x4, 0x5, 0x400005, 0x9, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x4, 0x0, 0x7fffffff, 0x0, 0x0, 0x101, 0x78, 0x0, 0x0, [0x3, 0x0, 0x0, 0x200, 0x9, 0xeaf, 0xffffffffffffdffa, 0x4, 0x3, 0x0, 0x0, 0x5, 0x2000000000000001, 0x1, 0x5, 0x0, 0x0, 0x4, 0x1, 0x20000000000, 0x82, 0x800000000002, 0x9, 0x10000000, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0xfffffffffffffffc, 0x0, 0x2961, 0x0, 0x2], "8f80bc2ca47feef4293b48d2c2749da2c169970ab8d4b0d653923068b84ee2625d076ef1ecee03fbb783ed6ebd36f672235dbeb493b23d33517d2008043cc600492f57f79c3b42320a1d666ed3fe5ec46658e30b462d6b074185d99df0ab891e70b4b7985050f55c01ad9eb5d7d25688adeccc790ca9f47accb47432376923fcdd49689c03d1441ce0d2997608ce6cf8cffab4dda81bc41c4474ff471c5cf831527408637107ba3a8641fb1c5453a77cef9d06ea25415740b3b1228a7f"}, 0x2001fb, 0x8000007f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r6 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r6, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) 1m3.559180806s ago: executing program 34 (id=4838): swapon$auto(&(0x7f0000000000)='/dev/loop7\x00', 0x4) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r1 = wait4$auto(0x0, &(0x7f00000000c0)=0x2, 0x5b80, &(0x7f0000000380)={{0x8, 0x4}, {0xfffffffffffffffb, 0x100000001}, 0xac6d, 0x2, 0x1, 0x3, 0x2, 0x0, 0x2, 0x4cd, 0x86, 0x9, 0x3, 0x4, 0x4, 0x100}) r2 = prctl$auto_SIGCONT(0xfffffffd, 0x12, r1, 0x1139, 0xfffffffffffff428) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0002, 0x0) prctl$auto_PR_SET_THP_DISABLE(0x29, 0x1, 0x2, 0x0, 0x0) close_range$auto(r2, 0x8, 0x1) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8802, 0x0) r4 = socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8) write$auto_ocfs2_control_fops_stack_user(r3, &(0x7f0000003900)='\t', 0x1) write$auto(r0, &(0x7f0000000080)=')@-!\x00', 0x1e1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) sendmsg$auto_SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd7000fbdb00050002000000"], 0x24}, 0x1, 0x0, 0x0, 0x20004810}, 0x40) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100253d7002fddbdf2501000000140007800c0001800800018000000000040089800c0002000600000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x8080) mmap$auto(0x0, 0x5, 0x203, 0xfffffffffffffffc, 0x405, 0x0) statmount$auto(0x0, &(0x7f0000000580)={0x8, 0x3ff, 0xfffffffffffffff9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x20000000006, 0x4, 0x5, 0x400005, 0x9, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x4, 0x0, 0x7fffffff, 0x0, 0x0, 0x101, 0x78, 0x0, 0x0, [0x3, 0x0, 0x0, 0x200, 0x9, 0xeaf, 0xffffffffffffdffa, 0x4, 0x3, 0x0, 0x0, 0x5, 0x2000000000000001, 0x1, 0x5, 0x0, 0x0, 0x4, 0x1, 0x20000000000, 0x82, 0x800000000002, 0x9, 0x10000000, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0xfffffffffffffffc, 0x0, 0x2961, 0x0, 0x2], "8f80bc2ca47feef4293b48d2c2749da2c169970ab8d4b0d653923068b84ee2625d076ef1ecee03fbb783ed6ebd36f672235dbeb493b23d33517d2008043cc600492f57f79c3b42320a1d666ed3fe5ec46658e30b462d6b074185d99df0ab891e70b4b7985050f55c01ad9eb5d7d25688adeccc790ca9f47accb47432376923fcdd49689c03d1441ce0d2997608ce6cf8cffab4dda81bc41c4474ff471c5cf831527408637107ba3a8641fb1c5453a77cef9d06ea25415740b3b1228a7f"}, 0x2001fb, 0x8000007f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r6 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r6, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) 52.056738693s ago: executing program 35 (id=4850): swapon$auto(&(0x7f0000000000)='/dev/loop7\x00', 0x4) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bind$auto(0x3, &(0x7f0000000000)=@generic={0x10, "a500acb75c9cedd1b5e9a0d76293"}, 0x68) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r0 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) r1 = wait4$auto(0x0, &(0x7f00000000c0)=0x2, 0x5b80, &(0x7f0000000380)={{0x8, 0x4}, {0xfffffffffffffffb, 0x100000001}, 0xac6d, 0x2, 0x1, 0x3, 0x2, 0x0, 0x2, 0x4cd, 0x86, 0x9, 0x3, 0x4, 0x4, 0x100}) r2 = prctl$auto_SIGCONT(0xfffffffd, 0x12, r1, 0x1139, 0xfffffffffffff428) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa0002, 0x0) prctl$auto_PR_SET_THP_DISABLE(0x29, 0x1, 0x2, 0x0, 0x0) close_range$auto(r2, 0x8, 0x1) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8802, 0x0) r4 = socket(0x28, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) writev$auto(0x3, 0x0, 0x8) write$auto_ocfs2_control_fops_stack_user(r3, &(0x7f0000003900)='\t', 0x1) write$auto(r0, &(0x7f0000000080)=')@-!\x00', 0x1e1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) sendmsg$auto_SEG6_CMD_DUMPHMAC(r4, &(0x7f0000000540)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000229bd7000fbdb00050002000000"], 0x24}, 0x1, 0x0, 0x0, 0x20004810}, 0x40) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NBD_CMD_CONNECT(r5, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16, @ANYBLOB="0100253d7002fddbdf2501000000140007800c0001800800018000000000040089800c0002000600000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x804}, 0x8080) mmap$auto(0x0, 0x5, 0x203, 0xfffffffffffffffc, 0x405, 0x0) statmount$auto(0x0, &(0x7f0000000580)={0x8, 0x3ff, 0xfffffffffffffff9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x20000000006, 0x4, 0x5, 0x400005, 0x9, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x4, 0x0, 0x7fffffff, 0x0, 0x0, 0x101, 0x78, 0x0, 0x0, [0x3, 0x0, 0x0, 0x200, 0x9, 0xeaf, 0xffffffffffffdffa, 0x4, 0x3, 0x0, 0x0, 0x5, 0x2000000000000001, 0x1, 0x5, 0x0, 0x0, 0x4, 0x1, 0x20000000000, 0x82, 0x800000000002, 0x9, 0x10000000, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0xfffffffffffffffc, 0x0, 0x2961, 0x0, 0x2], "8f80bc2ca47feef4293b48d2c2749da2c169970ab8d4b0d653923068b84ee2625d076ef1ecee03fbb783ed6ebd36f672235dbeb493b23d33517d2008043cc600492f57f79c3b42320a1d666ed3fe5ec46658e30b462d6b074185d99df0ab891e70b4b7985050f55c01ad9eb5d7d25688adeccc790ca9f47accb47432376923fcdd49689c03d1441ce0d2997608ce6cf8cffab4dda81bc41c4474ff471c5cf831527408637107ba3a8641fb1c5453a77cef9d06ea25415740b3b1228a7f"}, 0x2001fb, 0x8000007f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r6 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r6, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) 19.288104117s ago: executing program 5 (id=4904): mmap$auto(0x0, 0x2020009, 0x126, 0x19, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x100000000000033, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) clone$auto(0x100000020003b49, 0x80000000002, 0x0, 0x0, 0x4) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x2, 0xd, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x6, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0x100, 0x1, 0x52, 0x2, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_add_rule$auto(r0, 0x1, 0x0, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) r1 = socket(0x1e, 0x1, 0x0) bind$auto(r1, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x1, {0x0, 0x4, 0x1}}, 0x66) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb2, 0x401, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r2, 0x5425, 0x0) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) mprotect$auto(0x1000, 0x401000, 0x4) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x3, 0x3a) 18.88236019s ago: executing program 5 (id=4905): mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto_BPF_LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000100)=@info={r0, 0x8e52, 0x425}, 0x6) socket(0x2, 0x1, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x55) keyctl$auto(0x7, 0x7fffffffffffffff, 0x0, 0x4, 0x3) keyctl$auto(0xb, 0xffffffffffffffff, 0x2, 0x2, 0xfffffffffffffff8) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) shmctl$auto(0x691, 0x3, 0x0) setsockopt$auto(0x3, 0x0, 0x32, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/input/event0\x00', 0x3496c2, 0x0) socket(0xa, 0x5, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r1, 0x81a0ae8c, 0x0) 18.39706108s ago: executing program 5 (id=4906): close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, 0x0, 0x6a) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x80802, 0x0) read$auto_vrr_range_fops_(0xffffffffffffffff, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000080)={0x14, r1, 0x705, 0x70bd25, 0x25dfdbfb}, 0x14}}, 0x40d0) (fail_nth: 5) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 17.677751154s ago: executing program 5 (id=4907): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/sunrpc/parameters/auth_hashtable_size\x00', 0x2ab42, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/lockd/parameters/nlm_grace_period\x00', 0x8001, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r3, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x5c, r4, 0x1, 0x70bd29, 0x25dfdc00, {0x1, 0x0, 0x3f00}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x59}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x9}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @loopback}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3f}]}, 0x5c}, 0x1, 0x0, 0x0, 0x44000}, 0x90) io_uring_setup$auto(0x6, 0x0) pwrite64$auto(r2, &(0x7f0000000100)='/sys/module/lockd/parameters/nlm_grace_period\x00', 0x5, 0xffffffff) syz_genetlink_get_family_id$auto_nfc(0x0, 0xffffffffffffffff) openat$auto_random_fops_random(0xffffffffffffff9c, 0x0, 0x0, 0x0) select$auto(0x5, &(0x7f0000000080)={[0x20000009, 0xfffffffffffffffc, 0x9, 0x5, 0xc, 0x3, 0x3, 0x1ffe000, 0xcad, 0x2, 0x9, 0xf, 0xa657, 0x202, 0x6, 0x1]}, 0x0, 0x0, 0x0) io_uring_register$auto(0x2, 0x13, &(0x7f00000001c0), 0x2) 16.724425461s ago: executing program 5 (id=4908): mmap$auto(0x0, 0xf6, 0xdf, 0xeb1, 0x401, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv6/route/flush\x00', 0x80401, 0x0) write$auto(r0, 0x0, 0x0) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r2, 0x104000000000010e, 0xa, 0x0, 0x400) r3 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000011c0)=ANY=[@ANYBLOB="1e7419c167a94689798ffb22752dbe346e067dcba3dfe3dbf38b11278cf041e56ca037ab6f1fcece98d7e55b84b72ecd87435fe2ee0bbcfb96cf515e0b8423624820280b8e6b35791c45120bfadc44b0678d06fa20aa21da970850a7e42a17d9adcb561bf645bdbf3eba9d7782c13d5ba959a359cf1c8e8778eb481e2606620683836418b42702cd", @ANYRES16=r3, @ANYBLOB="070125bd7000fedbdf2500000000"], 0x14}, 0x1, 0x0, 0x0, 0x44}, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001080)={'veth1_to_team\x00', 0x0}) sendmsg$auto_ILA_CMD_GET(r2, &(0x7f0000001180)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001140)={&(0x7f0000001280)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042abd7000fedbdf250300000005000700040000000c00010007000000000000000c000100050000000000000008000400", @ANYRES32=r6, @ANYBLOB="080004009e3ab98f1120efebc067a9e9c0847fc8329b23cd99d892fc2d56350349745f12d2d6c948efd72e475fb87359f7c66f09c3ee5fd3a753e210c6494045a3424039d788c98061b1bcc74b409d6baee03eb71f906d222cda88e838a19a49061f1898c8bda56ef7192ffa", @ANYRES32=r7, @ANYBLOB="0c00030000020000000000000c000300040000000000000005000800c000000005000700fe000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40804}, 0x804) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x0, 0x0) r8 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) read$auto_rng_chrdev_ops_core(r8, &(0x7f0000000040)=""/4096, 0xfffffe82) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r9 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8442, 0x0) ioctl$auto_PPPIOCSPASS(r9, 0x40107447, &(0x7f0000000080)={0x0, 0x0}) ioctl$auto_PPPIOCSPASS(r1, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff014}}) 15.715720895s ago: executing program 5 (id=4909): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x801, 0x84) ioctl$auto_VHOST_GET_BACKEND_FEATURES(0xffffffffffffffff, 0x8008af26, &(0x7f00000000c0)=0x5) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r0 = socket(0x1d, 0x2, 0x2) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r0) socket(0x10, 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) write$auto(r2, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/netdevsim/del_device\x00', 0x501, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)="3290b800009c550d22350f737ca2dd0af0d849aec832ec49c034169af8fa9231c143b1a8dd292977588a83400445ddc508f3aef64488936413adba3a9cc99bdfd8e7000000", 0x45) listen$auto(0xffffffffffffffff, 0x100006) migrate_pages$auto(0x0, 0xfffffffffffffff3, &(0x7f0000000100)=0xc, &(0x7f0000000140)=0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) prctl$auto(0x80000001, 0x2, 0x4, 0x6, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) write$auto(r4, &(0x7f0000000340)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\x9du\xbc\xe8\xd3j\x06\xc25x\xde\x84\xad\x17(\x0f\xc0\x14<6\x1eyY`\xd4g\xc3\xdeIJr\f\xbb \x0ew4\xa3\xde{\xa6\x93\x8fC\xe4@\xce\xbf\r.\x98\x8c\x0f\x90\n\xfa\"\xaa&?\xfdW\xdd\xd8<\n\x81\x9bU\xa3+wN\xd64O2\n\xa1\x937J`\xa1\xfd\x90S\x90\x93\xd7YL}\xd2\xcfL\x89', 0x98c7) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @private=0xa010100}, 0x54) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty\x00', 0x800, 0x0) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card2/midi0\x00', 0x129102, 0x0) lseek$auto(r5, 0x7, 0x0) 0s ago: executing program 36 (id=4909): unshare$auto(0x40000080) mmap$auto(0x0, 0x400008, 0xe3, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x801, 0x84) ioctl$auto_VHOST_GET_BACKEND_FEATURES(0xffffffffffffffff, 0x8008af26, &(0x7f00000000c0)=0x5) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r0 = socket(0x1d, 0x2, 0x2) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r0) socket(0x10, 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) write$auto(r2, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/netdevsim/del_device\x00', 0x501, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)="3290b800009c550d22350f737ca2dd0af0d849aec832ec49c034169af8fa9231c143b1a8dd292977588a83400445ddc508f3aef64488936413adba3a9cc99bdfd8e7000000", 0x45) listen$auto(0xffffffffffffffff, 0x100006) migrate_pages$auto(0x0, 0xfffffffffffffff3, &(0x7f0000000100)=0xc, &(0x7f0000000140)=0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) prctl$auto(0x80000001, 0x2, 0x4, 0x6, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.7/usb8/remove\x00', 0xa001, 0x0) write$auto(r4, &(0x7f0000000340)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\x9du\xbc\xe8\xd3j\x06\xc25x\xde\x84\xad\x17(\x0f\xc0\x14<6\x1eyY`\xd4g\xc3\xdeIJr\f\xbb \x0ew4\xa3\xde{\xa6\x93\x8fC\xe4@\xce\xbf\r.\x98\x8c\x0f\x90\n\xfa\"\xaa&?\xfdW\xdd\xd8<\n\x81\x9bU\xa3+wN\xd64O2\n\xa1\x937J`\xa1\xfd\x90S\x90\x93\xd7YL}\xd2\xcfL\x89', 0x98c7) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @private=0xa010100}, 0x54) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty\x00', 0x800, 0x0) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card2/midi0\x00', 0x129102, 0x0) lseek$auto(r5, 0x7, 0x0) kernel console output (not intermixed with test programs): : 0 0 0 0 0 [ 1731.670752][T26310] Node 0 DMA: 71*4kB (M) 16*8kB (M) 24*16kB (M) 19*32kB (M) 12*64kB (M) 4*128kB (M) 1*256kB (M) 1*512kB (M) 1*1024kB (U) 0*2048kB 2*4096kB (M) = 12668kB [ 1731.717994][T26310] Node 0 DMA32: 25376*4kB (UME) 8208*8kB (UME) 7796*16kB (UME) 1915*32kB (UME) 2113*64kB (UME) 1067*128kB (UME) 623*256kB (UME) 261*512kB (UM) 84*1024kB (U) 0*2048kB 0*4096kB = 1004128kB [ 1731.774583][T26310] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1731.821646][T26310] Node 1 Normal: 56*4kB (U) 22*8kB (U) 29*16kB (UE) 3*32kB (UE) 22*64kB (U) 14*128kB (UE) 15*256kB (UME) 23*512kB (UME) 11*1024kB (UME) 4*2048kB (UE) 775*4096kB (UM) = 3213632kB [ 1731.873084][T26310] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1731.943845][T26310] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=1 hugepages_size=2048kB [ 1731.971579][T26310] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1732.004425][T26310] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1732.037087][T26310] 97471 total pagecache pages [ 1732.052797][T26310] 18 pages in swap cache [ 1732.070398][T26310] Free swap = 124892kB [ 1732.085562][T26310] Total swap = 124996kB [ 1732.102179][T26310] 2097051 pages RAM [ 1732.113811][T26310] 0 pages HighMem/MovableOnly [ 1732.137579][T26310] 430812 pages reserved [ 1732.137596][T26310] 0 pages cma reserved [ 1733.098063][T26347] netlink: 'syz.5.4558': attribute type 1 has an invalid length. [ 1733.241398][T26347] netlink: 198 bytes leftover after parsing attributes in process `syz.5.4558'. [ 1733.489647][T26352] Unable to find swap-space signature [ 1733.572402][T26352] bond0: invalid ARP target specified [ 1733.625343][T26352] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4560'. [ 1733.726560][ T29] audit: type=1800 audit(4294985954.796:205): pid=26351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4559" name="file0" dev="tmpfs" ino=1797 res=0 errno=0 [ 1734.755589][T26370] FAULT_INJECTION: forcing a failure. [ 1734.755589][T26370] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1734.821970][T26370] CPU: 0 UID: 0 PID: 26370 Comm: syz.2.4564 Tainted: G L syzkaller #0 PREEMPT(full) [ 1734.822009][T26370] Tainted: [L]=SOFTLOCKUP [ 1734.822019][T26370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1734.822034][T26370] Call Trace: [ 1734.822043][T26370] [ 1734.822053][T26370] dump_stack_lvl+0x100/0x190 [ 1734.822083][T26370] should_fail_ex.cold+0x5/0xa [ 1734.822110][T26370] ? prepare_alloc_pages+0x16d/0x5f0 [ 1734.822143][T26370] should_fail_alloc_page+0xeb/0x140 [ 1734.822173][T26370] prepare_alloc_pages+0x1f0/0x5f0 [ 1734.822209][T26370] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1734.822275][T26370] ? rcu_is_watching+0x12/0xc0 [ 1734.822306][T26370] ? trace_mm_page_alloc+0x163/0x1d0 [ 1734.822338][T26370] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1734.822382][T26370] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1734.822426][T26370] ? __pfx_stack_trace_save+0x10/0x10 [ 1734.822462][T26370] ? stack_depot_save_flags+0x27/0x9d0 [ 1734.822491][T26370] ? is_bpf_text_address+0x8a/0x1a0 [ 1734.822528][T26370] ? is_bpf_text_address+0x8a/0x1a0 [ 1734.822565][T26370] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1734.822610][T26370] ? kasan_save_stack+0x3f/0x50 [ 1734.822633][T26370] ? kasan_save_stack+0x30/0x50 [ 1734.822655][T26370] ? kasan_save_track+0x14/0x30 [ 1734.822679][T26370] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 1734.822720][T26370] ? __get_vm_area_node+0x1ca/0x330 [ 1734.822769][T26370] ? __vmalloc_node_range_noprof+0x228/0x1630 [ 1734.822801][T26370] ? __kvmalloc_node_noprof+0x3de/0xa00 [ 1734.822824][T26370] ? __do_sys_listmount+0x289/0xee0 [ 1734.822849][T26370] ? do_syscall_64+0x10b/0xf80 [ 1734.822879][T26370] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1734.822912][T26370] alloc_pages_bulk_noprof+0x657/0x1390 [ 1734.822958][T26370] ? policy_nodemask+0xed/0x4f0 [ 1734.822988][T26370] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1734.823043][T26370] __kasan_populate_vmalloc+0xf0/0x210 [ 1734.823088][T26370] alloc_vmap_area+0x95d/0x2b70 [ 1734.823127][T26370] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1734.823161][T26370] __get_vm_area_node+0x1ca/0x330 [ 1734.823196][T26370] __vmalloc_node_range_noprof+0x228/0x1630 [ 1734.823230][T26370] ? __do_sys_listmount+0x289/0xee0 [ 1734.823265][T26370] ? __do_sys_listmount+0x289/0xee0 [ 1734.823294][T26370] ? alloc_pages_mpol+0x25a/0x540 [ 1734.823324][T26370] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1734.823362][T26370] ? rcu_is_watching+0x12/0xc0 [ 1734.823397][T26370] __kvmalloc_node_noprof+0x3de/0xa00 [ 1734.823422][T26370] ? __do_sys_listmount+0x289/0xee0 [ 1734.823446][T26370] ? __do_sys_listmount+0x289/0xee0 [ 1734.823470][T26370] ? _copy_from_user+0x59/0xd0 [ 1734.823509][T26370] ? copy_mnt_id_req+0x1b1/0x350 [ 1734.823549][T26370] __do_sys_listmount+0x289/0xee0 [ 1734.823574][T26370] ? __pfx_do_futex+0x10/0x10 [ 1734.823603][T26370] ? __fget_files+0x21f/0x3d0 [ 1734.823631][T26370] ? __pfx___do_sys_listmount+0x10/0x10 [ 1734.823670][T26370] ? rcu_is_watching+0x12/0xc0 [ 1734.823702][T26370] do_syscall_64+0x10b/0xf80 [ 1734.823737][T26370] ? clear_bhb_loop+0x40/0x90 [ 1734.823767][T26370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1734.823792][T26370] RIP: 0033:0x7f499479cdd9 [ 1734.823812][T26370] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1734.823836][T26370] RSP: 002b:00007f499571a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1734.823860][T26370] RAX: ffffffffffffffda RBX: 00007f4994a15fa0 RCX: 00007f499479cdd9 [ 1734.823877][T26370] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1734.823892][T26370] RBP: 00007f4994832d69 R08: 0000000000000000 R09: 0000000000000000 [ 1734.823908][T26370] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1734.823923][T26370] R13: 00007f4994a16038 R14: 00007f4994a15fa0 R15: 00007ffe97277278 [ 1734.823953][T26370] [ 1739.925818][T26400] random: crng reseeded on system resumption [ 1740.365919][T26414] FAULT_INJECTION: forcing a failure. [ 1740.365919][T26414] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1740.425355][T26416] FAULT_INJECTION: forcing a failure. [ 1740.425355][T26416] name failslab, interval 1, probability 0, space 0, times 0 [ 1740.444670][T26414] CPU: 0 UID: 0 PID: 26414 Comm: syz.2.4575 Tainted: G L syzkaller #0 PREEMPT(full) [ 1740.444710][T26414] Tainted: [L]=SOFTLOCKUP [ 1740.444719][T26414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1740.444735][T26414] Call Trace: [ 1740.444743][T26414] [ 1740.444753][T26414] dump_stack_lvl+0x100/0x190 [ 1740.444785][T26414] should_fail_ex.cold+0x5/0xa [ 1740.444813][T26414] ? prepare_alloc_pages+0x16d/0x5f0 [ 1740.444848][T26414] should_fail_alloc_page+0xeb/0x140 [ 1740.444879][T26414] prepare_alloc_pages+0x1f0/0x5f0 [ 1740.444919][T26414] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1740.444967][T26414] ? rcu_is_watching+0x12/0xc0 [ 1740.444998][T26414] ? trace_mm_page_alloc+0x163/0x1d0 [ 1740.445030][T26414] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1740.445074][T26414] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1740.445131][T26414] ? __pfx_stack_trace_save+0x10/0x10 [ 1740.445165][T26414] ? stack_depot_save_flags+0x27/0x9d0 [ 1740.445200][T26414] ? is_bpf_text_address+0x8a/0x1a0 [ 1740.445234][T26414] ? is_bpf_text_address+0x8a/0x1a0 [ 1740.445269][T26414] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1740.445308][T26414] ? kasan_save_stack+0x3f/0x50 [ 1740.445331][T26414] ? kasan_save_stack+0x30/0x50 [ 1740.445353][T26414] ? kasan_save_track+0x14/0x30 [ 1740.445375][T26414] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 1740.445415][T26414] ? __get_vm_area_node+0x1ca/0x330 [ 1740.445444][T26414] ? __vmalloc_node_range_noprof+0x228/0x1630 [ 1740.445476][T26414] ? __kvmalloc_node_noprof+0x3de/0xa00 [ 1740.445498][T26414] ? __do_sys_listmount+0x289/0xee0 [ 1740.445523][T26414] ? do_syscall_64+0x10b/0xf80 [ 1740.445553][T26414] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1740.445586][T26414] alloc_pages_bulk_noprof+0x657/0x1390 [ 1740.445632][T26414] ? policy_nodemask+0xed/0x4f0 [ 1740.445662][T26414] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1740.445718][T26414] __kasan_populate_vmalloc+0xf0/0x210 [ 1740.445763][T26414] alloc_vmap_area+0x95d/0x2b70 [ 1740.445801][T26414] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1740.445835][T26414] __get_vm_area_node+0x1ca/0x330 [ 1740.445870][T26414] __vmalloc_node_range_noprof+0x228/0x1630 [ 1740.445904][T26414] ? __do_sys_listmount+0x289/0xee0 [ 1740.445929][T26414] ? get_pid_task+0xfc/0x250 [ 1740.445971][T26414] ? __do_sys_listmount+0x289/0xee0 [ 1740.446000][T26414] ? alloc_pages_mpol+0x25a/0x540 [ 1740.446030][T26414] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1740.446069][T26414] ? rcu_is_watching+0x12/0xc0 [ 1740.446103][T26414] __kvmalloc_node_noprof+0x3de/0xa00 [ 1740.446127][T26414] ? __do_sys_listmount+0x289/0xee0 [ 1740.446152][T26414] ? __do_sys_listmount+0x289/0xee0 [ 1740.446183][T26414] ? _copy_from_user+0x59/0xd0 [ 1740.446223][T26414] ? copy_mnt_id_req+0x1b1/0x350 [ 1740.446263][T26414] __do_sys_listmount+0x289/0xee0 [ 1740.446288][T26414] ? __pfx_do_futex+0x10/0x10 [ 1740.446316][T26414] ? __fget_files+0x21f/0x3d0 [ 1740.446345][T26414] ? __pfx___do_sys_listmount+0x10/0x10 [ 1740.446384][T26414] ? rcu_is_watching+0x12/0xc0 [ 1740.446416][T26414] do_syscall_64+0x10b/0xf80 [ 1740.446446][T26414] ? clear_bhb_loop+0x40/0x90 [ 1740.446474][T26414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1740.446499][T26414] RIP: 0033:0x7f499479cdd9 [ 1740.446519][T26414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1740.446543][T26414] RSP: 002b:00007f499571a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1740.446566][T26414] RAX: ffffffffffffffda RBX: 00007f4994a15fa0 RCX: 00007f499479cdd9 [ 1740.446583][T26414] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1740.446599][T26414] RBP: 00007f4994832d69 R08: 0000000000000000 R09: 0000000000000000 [ 1740.446614][T26414] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1740.446628][T26414] R13: 00007f4994a16038 R14: 00007f4994a15fa0 R15: 00007ffe97277278 [ 1740.446658][T26414] [ 1741.232689][T26414] warn_alloc: 2 callbacks suppressed [ 1741.232712][T26414] syz.2.4575: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1741.262701][T26416] CPU: 0 UID: 0 PID: 26416 Comm: syz.4.4576 Tainted: G L syzkaller #0 PREEMPT(full) [ 1741.262736][T26416] Tainted: [L]=SOFTLOCKUP [ 1741.262755][T26416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1741.262767][T26416] Call Trace: [ 1741.262775][T26416] [ 1741.262784][T26416] dump_stack_lvl+0x100/0x190 [ 1741.262809][T26416] should_fail_ex.cold+0x5/0xa [ 1741.262835][T26416] ? tomoyo_encode2+0xfb/0x3c0 [ 1741.262858][T26416] should_failslab+0xc2/0x120 [ 1741.262881][T26416] __kmalloc_noprof+0xe0/0x850 [ 1741.262918][T26416] tomoyo_encode2+0xfb/0x3c0 [ 1741.262945][T26416] tomoyo_encode+0x29/0x50 [ 1741.262968][T26416] tomoyo_realpath_from_path+0x18c/0x690 [ 1741.262998][T26416] tomoyo_path_number_perm+0x23c/0x580 [ 1741.263018][T26416] ? tomoyo_path_number_perm+0x22e/0x580 [ 1741.263039][T26416] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1741.263083][T26416] ? find_held_lock+0x2b/0x80 [ 1741.263109][T26416] ? __fget_files+0x215/0x3d0 [ 1741.263137][T26416] ? hook_file_ioctl_common+0x149/0x410 [ 1741.263157][T26416] ? __fget_files+0x215/0x3d0 [ 1741.263184][T26416] ? __fget_files+0x21f/0x3d0 [ 1741.263211][T26416] security_file_ioctl+0xd3/0x230 [ 1741.263232][T26416] __x64_sys_ioctl+0xb7/0x210 [ 1741.263255][T26416] do_syscall_64+0x10b/0xf80 [ 1741.263281][T26416] ? clear_bhb_loop+0x40/0x90 [ 1741.263324][T26416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1741.263346][T26416] RIP: 0033:0x7f8d2079cdd9 [ 1741.263363][T26416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1741.263385][T26416] RSP: 002b:00007f8d215aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1741.263405][T26416] RAX: ffffffffffffffda RBX: 00007f8d20a15fa0 RCX: 00007f8d2079cdd9 [ 1741.263420][T26416] RDX: 0000000000000000 RSI: 0000000081a0ae8c RDI: 0000000000000004 [ 1741.263433][T26416] RBP: 00007f8d215aa090 R08: 0000000000000000 R09: 0000000000000000 [ 1741.263446][T26416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1741.263459][T26416] R13: 00007f8d20a16038 R14: 00007f8d20a15fa0 R15: 00007ffd10fdfba8 [ 1741.263486][T26416] [ 1741.263507][T26416] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1741.512020][T26414] CPU: 0 UID: 0 PID: 26414 Comm: syz.2.4575 Tainted: G L syzkaller #0 PREEMPT(full) [ 1741.512061][T26414] Tainted: [L]=SOFTLOCKUP [ 1741.512071][T26414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1741.512094][T26414] Call Trace: [ 1741.512102][T26414] [ 1741.512112][T26414] dump_stack_lvl+0x100/0x190 [ 1741.512145][T26414] warn_alloc.cold+0x95/0x1c1 [ 1741.512173][T26414] ? __pfx_warn_alloc+0x10/0x10 [ 1741.512213][T26414] ? lockdep_hardirqs_on+0x78/0x100 [ 1741.512248][T26414] ? __get_vm_area_node+0x2c5/0x330 [ 1741.512285][T26414] ? __get_vm_area_node+0x208/0x330 [ 1741.512322][T26414] __vmalloc_node_range_noprof+0xccd/0x1630 [ 1741.512357][T26414] ? get_pid_task+0xfc/0x250 [ 1741.512402][T26414] ? __do_sys_listmount+0x289/0xee0 [ 1741.512432][T26414] ? alloc_pages_mpol+0x25a/0x540 [ 1741.512463][T26414] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1741.512504][T26414] ? rcu_is_watching+0x12/0xc0 [ 1741.512540][T26414] __kvmalloc_node_noprof+0x3de/0xa00 [ 1741.512566][T26414] ? __do_sys_listmount+0x289/0xee0 [ 1741.512592][T26414] ? __do_sys_listmount+0x289/0xee0 [ 1741.512617][T26414] ? _copy_from_user+0x59/0xd0 [ 1741.512657][T26414] ? copy_mnt_id_req+0x1b1/0x350 [ 1741.512698][T26414] __do_sys_listmount+0x289/0xee0 [ 1741.512724][T26414] ? __pfx_do_futex+0x10/0x10 [ 1741.512754][T26414] ? __fget_files+0x21f/0x3d0 [ 1741.512783][T26414] ? __pfx___do_sys_listmount+0x10/0x10 [ 1741.512823][T26414] ? rcu_is_watching+0x12/0xc0 [ 1741.512856][T26414] do_syscall_64+0x10b/0xf80 [ 1741.512887][T26414] ? clear_bhb_loop+0x40/0x90 [ 1741.512918][T26414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1741.512943][T26414] RIP: 0033:0x7f499479cdd9 [ 1741.512963][T26414] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1741.512988][T26414] RSP: 002b:00007f499571a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1741.513012][T26414] RAX: ffffffffffffffda RBX: 00007f4994a15fa0 RCX: 00007f499479cdd9 [ 1741.513028][T26414] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1741.513044][T26414] RBP: 00007f4994832d69 R08: 0000000000000000 R09: 0000000000000000 [ 1741.513059][T26414] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1741.513075][T26414] R13: 00007f4994a16038 R14: 00007f4994a15fa0 R15: 00007ffe97277278 [ 1741.513113][T26414] [ 1741.513122][T26414] Mem-Info: [ 1742.042184][T26414] active_anon:3443 inactive_anon:53850 isolated_anon:0 [ 1742.042184][T26414] active_file:23152 inactive_file:16065 isolated_file:0 [ 1742.042184][T26414] unevictable:768 dirty:413 writeback:0 [ 1742.042184][T26414] slab_reclaimable:10289 slab_unreclaimable:102961 [ 1742.042184][T26414] mapped:52075 shmem:49156 pagetables:2042 [ 1742.042184][T26414] sec_pagetables:0 bounce:0 [ 1742.042184][T26414] kernel_misc_reclaimable:0 [ 1742.042184][T26414] free:1077391 free_pcp:12880 free_cma:0 [ 1742.151797][T26414] Node 0 active_anon:13772kB inactive_anon:216960kB active_file:88868kB inactive_file:65796kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:189504kB dirty:1652kB writeback:0kB shmem:196752kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11584kB pagetables:7824kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1742.232857][T26414] Node 1 active_anon:0kB inactive_anon:1716kB active_file:3740kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:21344kB dirty:0kB writeback:0kB shmem:3252kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:96kB pagetables:344kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1742.310497][T26414] Node 0 DMA free:13340kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:596kB active_file:1424kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1742.494071][T26414] lowmem_reserve[]: 0 2477 2479 2479 2479 [ 1742.505298][T26419] FAULT_INJECTION: forcing a failure. [ 1742.505298][T26419] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1742.533177][T26414] Node 0 DMA32 free:1099092kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13772kB inactive_anon:223800kB active_file:87444kB inactive_file:54788kB unevictable:1536kB writepending:1652kB zspages:172kB present:3129332kB managed:2537396kB mlocked:0kB bounce:0kB free_pcp:7876kB local_pcp:7876kB free_cma:0kB [ 1742.615261][T26419] CPU: 0 UID: 0 PID: 26419 Comm: syz.3.4577 Tainted: G L syzkaller #0 PREEMPT(full) [ 1742.615301][T26419] Tainted: [L]=SOFTLOCKUP [ 1742.615309][T26419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1742.615325][T26419] Call Trace: [ 1742.615333][T26419] [ 1742.615343][T26419] dump_stack_lvl+0x100/0x190 [ 1742.615375][T26419] should_fail_ex.cold+0x5/0xa [ 1742.615402][T26419] ? prepare_alloc_pages+0x16d/0x5f0 [ 1742.615436][T26419] should_fail_alloc_page+0xeb/0x140 [ 1742.615468][T26419] prepare_alloc_pages+0x1f0/0x5f0 [ 1742.615505][T26419] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1742.615553][T26419] ? rcu_is_watching+0x12/0xc0 [ 1742.615583][T26419] ? trace_mm_page_alloc+0x163/0x1d0 [ 1742.615615][T26419] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1742.615659][T26419] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1742.615704][T26419] ? __pfx_stack_trace_save+0x10/0x10 [ 1742.615741][T26419] ? stack_depot_save_flags+0x27/0x9d0 [ 1742.615769][T26419] ? is_bpf_text_address+0x8a/0x1a0 [ 1742.615804][T26419] ? is_bpf_text_address+0x8a/0x1a0 [ 1742.615841][T26419] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1742.615882][T26419] ? kasan_save_stack+0x3f/0x50 [ 1742.615904][T26419] ? kasan_save_stack+0x30/0x50 [ 1742.615927][T26419] ? kasan_save_track+0x14/0x30 [ 1742.615950][T26419] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 1742.615991][T26419] ? __get_vm_area_node+0x1ca/0x330 [ 1742.616020][T26419] ? __vmalloc_node_range_noprof+0x228/0x1630 [ 1742.616060][T26419] ? __kvmalloc_node_noprof+0x3de/0xa00 [ 1742.616084][T26419] ? __do_sys_listmount+0x289/0xee0 [ 1742.616110][T26419] ? do_syscall_64+0x10b/0xf80 [ 1742.616141][T26419] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1742.616175][T26419] alloc_pages_bulk_noprof+0x657/0x1390 [ 1742.616224][T26419] ? policy_nodemask+0xed/0x4f0 [ 1742.616254][T26419] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1742.616316][T26419] __kasan_populate_vmalloc+0xf0/0x210 [ 1742.616363][T26419] alloc_vmap_area+0x95d/0x2b70 [ 1742.616403][T26419] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1742.616440][T26419] __get_vm_area_node+0x1ca/0x330 [ 1742.616476][T26419] __vmalloc_node_range_noprof+0x228/0x1630 [ 1742.616511][T26419] ? __do_sys_listmount+0x289/0xee0 [ 1742.616537][T26419] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1742.616576][T26419] ? __do_sys_listmount+0x289/0xee0 [ 1742.616606][T26419] ? alloc_pages_mpol+0x25a/0x540 [ 1742.616637][T26419] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1742.616677][T26419] ? rcu_is_watching+0x12/0xc0 [ 1742.616713][T26419] __kvmalloc_node_noprof+0x3de/0xa00 [ 1742.616739][T26419] ? __do_sys_listmount+0x289/0xee0 [ 1742.616764][T26419] ? __do_sys_listmount+0x289/0xee0 [ 1742.616789][T26419] ? _copy_from_user+0x59/0xd0 [ 1742.616829][T26419] ? copy_mnt_id_req+0x1b1/0x350 [ 1742.616871][T26419] __do_sys_listmount+0x289/0xee0 [ 1742.616898][T26419] ? __pfx_do_futex+0x10/0x10 [ 1742.616927][T26419] ? __fget_files+0x21f/0x3d0 [ 1742.616957][T26419] ? __pfx___do_sys_listmount+0x10/0x10 [ 1742.616998][T26419] ? rcu_is_watching+0x12/0xc0 [ 1742.617032][T26419] do_syscall_64+0x10b/0xf80 [ 1742.617071][T26419] ? clear_bhb_loop+0x40/0x90 [ 1742.617101][T26419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1742.617127][T26419] RIP: 0033:0x7f9ea0f9cdd9 [ 1742.617148][T26419] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1742.617173][T26419] RSP: 002b:00007f9ea1da2028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1742.617198][T26419] RAX: ffffffffffffffda RBX: 00007f9ea1215fa0 RCX: 00007f9ea0f9cdd9 [ 1742.617215][T26419] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1742.617231][T26419] RBP: 00007f9ea1032d69 R08: 0000000000000000 R09: 0000000000000000 [ 1742.617247][T26419] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1742.617262][T26419] R13: 00007f9ea1216038 R14: 00007f9ea1215fa0 R15: 00007ffd269efc58 [ 1742.617294][T26419] [ 1743.426844][T26414] lowmem_reserve[]: 0 0 1 1 1 [ 1743.444000][T26414] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1743.534699][T26414] lowmem_reserve[]: 0 0 0 0 0 [ 1743.548996][T26414] Node 1 Normal free:3189812kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:1716kB active_file:3740kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:50276kB local_pcp:50276kB free_cma:0kB [ 1743.663933][T26414] lowmem_reserve[]: 0 0 0 0 0 [ 1743.693012][T26414] Node 0 DMA: 21*4kB (M) 18*8kB (UM) 27*16kB (UM) 18*32kB (UM) 14*64kB (M) 6*128kB (M) 4*256kB (UM) 2*512kB (UM) 2*1024kB (U) 1*2048kB (U) 1*4096kB (M) = 13140kB [ 1743.750545][T26414] Node 0 DMA32: 11211*4kB (UME) 9613*8kB (UME) 8866*16kB (UME) 2597*32kB (UME) 2562*64kB (UME) 1291*128kB (UME) 698*256kB (UME) 265*512kB (UM) 81*1024kB (U) 0*2048kB 0*4096kB = 1073236kB [ 1743.820739][T26414] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1743.858147][T26414] Node 1 Normal: 57*4kB (U) 24*8kB (U) 33*16kB (UE) 4*32kB (UE) 22*64kB (U) 15*128kB (UE) 15*256kB (UME) 24*512kB (UME) 11*1024kB (UME) 2*2048kB (UE) 770*4096kB (M) = 3189812kB [ 1743.917121][T26414] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1743.947046][T26414] Node 0 hugepages_total=3 hugepages_free=2 hugepages_surp=1 hugepages_size=2048kB [ 1743.975013][T26414] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1744.012968][T26414] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1744.045362][T26414] 98479 total pagecache pages [ 1744.058916][T26414] 16 pages in swap cache [ 1744.073985][T26414] Free swap = 124892kB [ 1744.087657][T26414] Total swap = 124996kB [ 1744.103688][T26414] 2097051 pages RAM [ 1744.115236][T26414] 0 pages HighMem/MovableOnly [ 1744.132164][T26414] 430812 pages reserved [ 1744.143399][T26414] 0 pages cma reserved [ 1745.392831][T26442] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1746.169595][T26445] input: f as /devices/virtual/input/input146 [ 1749.764114][T26486] Unable to find swap-space signature [ 1749.793649][T26478] input: f as /devices/virtual/input/input148 [ 1749.916307][T26486] bond0: invalid ARP target specified [ 1750.032774][T26486] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4592'. [ 1751.862305][T26492] kexec: Could not allocate control_code_buffer [ 1752.933397][T26522] Unable to find swap-space signature [ 1753.100430][T26522] bond0: invalid ARP target specified [ 1753.260922][T26522] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4601'. [ 1758.357203][T26585] FAULT_INJECTION: forcing a failure. [ 1758.357203][T26585] name failslab, interval 1, probability 0, space 0, times 0 [ 1758.467098][T26585] CPU: 0 UID: 0 PID: 26585 Comm: syz.4.4613 Tainted: G L syzkaller #0 PREEMPT(full) [ 1758.467137][T26585] Tainted: [L]=SOFTLOCKUP [ 1758.467146][T26585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1758.467162][T26585] Call Trace: [ 1758.467170][T26585] [ 1758.467180][T26585] dump_stack_lvl+0x100/0x190 [ 1758.467210][T26585] should_fail_ex.cold+0x5/0xa [ 1758.467241][T26585] should_failslab+0xc2/0x120 [ 1758.467270][T26585] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1758.467310][T26585] ? shmem_alloc_inode+0x25/0x50 [ 1758.467341][T26585] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1758.467377][T26585] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 1758.467408][T26585] shmem_alloc_inode+0x25/0x50 [ 1758.467437][T26585] alloc_inode+0x68/0x250 [ 1758.467475][T26585] new_inode+0x22/0x1c0 [ 1758.467514][T26585] shmem_get_inode+0x1e3/0xfb0 [ 1758.467549][T26585] ? __pfx_shmem_get_inode+0x10/0x10 [ 1758.467589][T26585] __shmem_file_setup+0x382/0x460 [ 1758.467623][T26585] ? __pfx___shmem_file_setup+0x10/0x10 [ 1758.467666][T26585] ? vm_area_alloc+0x1f/0x160 [ 1758.467704][T26585] shmem_zero_setup+0x96/0x1b0 [ 1758.467731][T26585] __mmap_region+0x24e9/0x2da0 [ 1758.467774][T26585] ? __pfx___mmap_region+0x10/0x10 [ 1758.467828][T26585] ? __update_load_avg_se+0x5c7/0xe80 [ 1758.467868][T26585] ? do_raw_spin_lock+0x128/0x260 [ 1758.467914][T26585] ? do_raw_spin_lock+0x128/0x260 [ 1758.467941][T26585] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1758.467979][T26585] ? hrtimer_start_range_ns+0x860/0x1a50 [ 1758.468010][T26585] ? find_held_lock+0x2b/0x80 [ 1758.468040][T26585] ? finish_task_switch.isra.0+0x2c6/0x1010 [ 1758.468115][T26585] mmap_region+0x35d/0x620 [ 1758.468138][T26585] ? rcu_is_watching+0x12/0xc0 [ 1758.468168][T26585] ? __pfx_mmap_region+0x10/0x10 [ 1758.468193][T26585] ? cap_mmap_addr+0x4b/0x120 [ 1758.468226][T26585] ? bpf_lsm_mmap_addr+0x9/0x30 [ 1758.468249][T26585] ? security_mmap_addr+0x71/0x1e0 [ 1758.468276][T26585] ? __get_unmapped_area+0x255/0x3e0 [ 1758.468308][T26585] do_mmap+0xc63/0x12f0 [ 1758.468342][T26585] ? __pfx_do_mmap+0x10/0x10 [ 1758.468371][T26585] ? __pfx_down_write_killable+0x10/0x10 [ 1758.468413][T26585] vm_mmap_pgoff+0x29e/0x470 [ 1758.468449][T26585] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1758.468483][T26585] ? do_futex+0x192/0x350 [ 1758.468528][T26585] ? __pfx_do_futex+0x10/0x10 [ 1758.468558][T26585] ? __sys_socketpair+0x493/0x5b0 [ 1758.468600][T26585] ksys_mmap_pgoff+0xe4/0x610 [ 1758.468636][T26585] ? __x64_sys_futex+0x358/0x4d0 [ 1758.468664][T26585] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1758.468694][T26585] ? xfd_validate_state+0x129/0x190 [ 1758.468726][T26585] __x64_sys_mmap+0x125/0x190 [ 1758.468757][T26585] do_syscall_64+0x10b/0xf80 [ 1758.468789][T26585] ? clear_bhb_loop+0x40/0x90 [ 1758.468818][T26585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1758.468844][T26585] RIP: 0033:0x7f8d2079cdd9 [ 1758.468864][T26585] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1758.468890][T26585] RSP: 002b:00007f8d215aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1758.468914][T26585] RAX: ffffffffffffffda RBX: 00007f8d20a15fa0 RCX: 00007f8d2079cdd9 [ 1758.468931][T26585] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 1758.468947][T26585] RBP: 00007f8d20832d69 R08: fffffffffffffffa R09: 0000000000008000 [ 1758.468964][T26585] R10: 0800000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 1758.468980][T26585] R13: 00007f8d20a16038 R14: 00007f8d20a15fa0 R15: 00007ffd10fdfba8 [ 1758.469012][T26585] [ 1761.790842][T26609] program syz.2.4621 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1762.735700][T26612] NFSD: Failed to start, no listeners configured. [ 1764.285116][T26645] Unable to find swap-space signature [ 1764.507149][T26647] bond0: invalid ARP target specified [ 1764.903264][T26645] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4629'. [ 1765.699705][T26662] FAULT_INJECTION: forcing a failure. [ 1765.699705][T26662] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1765.803536][T26664] FAULT_INJECTION: forcing a failure. [ 1765.803536][T26664] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1765.847850][T26662] CPU: 0 UID: 0 PID: 26662 Comm: syz.3.4632 Tainted: G L syzkaller #0 PREEMPT(full) [ 1765.847889][T26662] Tainted: [L]=SOFTLOCKUP [ 1765.847898][T26662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1765.847912][T26662] Call Trace: [ 1765.847921][T26662] [ 1765.847930][T26662] dump_stack_lvl+0x100/0x190 [ 1765.847962][T26662] should_fail_ex.cold+0x5/0xa [ 1765.847988][T26662] ? prepare_alloc_pages+0x16d/0x5f0 [ 1765.848021][T26662] should_fail_alloc_page+0xeb/0x140 [ 1765.848058][T26662] prepare_alloc_pages+0x1f0/0x5f0 [ 1765.848092][T26662] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1765.848132][T26662] ? is_bpf_text_address+0x8a/0x1a0 [ 1765.848165][T26662] ? is_bpf_text_address+0x8a/0x1a0 [ 1765.848198][T26662] ? bpf_ksym_find+0x124/0x1c0 [ 1765.848222][T26662] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1765.848261][T26662] ? is_bpf_text_address+0x94/0x1a0 [ 1765.848293][T26662] ? kernel_text_address+0x8d/0x100 [ 1765.848318][T26662] ? __kernel_text_address+0xd/0x30 [ 1765.848342][T26662] ? unwind_get_return_address+0x59/0xa0 [ 1765.848375][T26662] ? arch_stack_walk+0xa6/0xf0 [ 1765.848404][T26662] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1765.848456][T26662] ? stack_depot_save_flags+0x27/0x9d0 [ 1765.848486][T26662] ? stack_trace_save+0x8e/0xc0 [ 1765.848521][T26662] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1765.848557][T26662] ? policy_nodemask+0xed/0x4f0 [ 1765.848586][T26662] alloc_pages_mpol+0x1fb/0x540 [ 1765.848614][T26662] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1765.848649][T26662] alloc_pages_noprof+0x1a/0x160 [ 1765.848680][T26662] kimage_alloc_pages+0x72/0x380 [ 1765.848718][T26662] kimage_alloc_control_pages+0x157/0xa20 [ 1765.848761][T26662] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 1765.848798][T26662] ? kasan_save_track+0x14/0x30 [ 1765.848826][T26662] do_kexec_load+0x275/0x810 [ 1765.848865][T26662] ? __pfx_do_kexec_load+0x10/0x10 [ 1765.848903][T26662] ? _copy_from_user+0x59/0xd0 [ 1765.848944][T26662] __x64_sys_kexec_load+0x1bf/0x230 [ 1765.848984][T26662] do_syscall_64+0x10b/0xf80 [ 1765.849014][T26662] ? clear_bhb_loop+0x40/0x90 [ 1765.849048][T26662] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1765.849073][T26662] RIP: 0033:0x7f9ea0f9cdd9 [ 1765.849093][T26662] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1765.849116][T26662] RSP: 002b:00007f9ea1d81028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 1765.849140][T26662] RAX: ffffffffffffffda RBX: 00007f9ea1216090 RCX: 00007f9ea0f9cdd9 [ 1765.849156][T26662] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 0000200000000007 [ 1765.849171][T26662] RBP: 00007f9ea1d81090 R08: 0000000000000000 R09: 0000000000000000 [ 1765.849186][T26662] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001 [ 1765.849200][T26662] R13: 00007f9ea1216128 R14: 00007f9ea1216090 R15: 00007ffd269efc58 [ 1765.849230][T26662] [ 1766.442372][T26662] kexec: Could not allocate control_code_buffer [ 1766.450865][T26664] CPU: 0 UID: 0 PID: 26664 Comm: syz.2.4633 Tainted: G L syzkaller #0 PREEMPT(full) [ 1766.450901][T26664] Tainted: [L]=SOFTLOCKUP [ 1766.450910][T26664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1766.450924][T26664] Call Trace: [ 1766.450932][T26664] [ 1766.450942][T26664] dump_stack_lvl+0x100/0x190 [ 1766.450971][T26664] should_fail_ex.cold+0x5/0xa [ 1766.451000][T26664] _copy_from_user+0x2e/0xd0 [ 1766.451040][T26664] ____sys_sendmsg+0x1d1/0xb70 [ 1766.451074][T26664] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1766.451126][T26664] ? __pfx__kstrtoull+0x10/0x10 [ 1766.451159][T26664] ___sys_sendmsg+0x190/0x1e0 [ 1766.451194][T26664] ? __pfx____sys_sendmsg+0x10/0x10 [ 1766.451239][T26664] ? find_held_lock+0x2b/0x80 [ 1766.451293][T26664] __sys_sendmmsg+0x205/0x430 [ 1766.451321][T26664] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1766.451354][T26664] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1766.451397][T26664] ? fput+0x79/0x100 [ 1766.451428][T26664] ? ksys_write+0x1ac/0x250 [ 1766.451457][T26664] ? __pfx_ksys_write+0x10/0x10 [ 1766.451487][T26664] __x64_sys_sendmmsg+0x9c/0x100 [ 1766.451511][T26664] ? lockdep_hardirqs_on+0x78/0x100 [ 1766.451541][T26664] do_syscall_64+0x10b/0xf80 [ 1766.451569][T26664] ? clear_bhb_loop+0x40/0x90 [ 1766.451596][T26664] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1766.451621][T26664] RIP: 0033:0x7f499479cdd9 [ 1766.451639][T26664] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1766.451661][T26664] RSP: 002b:00007f499571a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1766.451683][T26664] RAX: ffffffffffffffda RBX: 00007f4994a15fa0 RCX: 00007f499479cdd9 [ 1766.451699][T26664] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003 [ 1766.451713][T26664] RBP: 00007f499571a090 R08: 0000000000000000 R09: 0000000000000000 [ 1766.451727][T26664] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000001 [ 1766.451742][T26664] R13: 00007f4994a16038 R14: 00007f4994a15fa0 R15: 00007ffe97277278 [ 1766.451770][T26664] [ 1767.795328][T26681] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1767.813104][T26681] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1767.822320][T26681] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1767.836947][T26681] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1767.856462][T26681] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1768.030070][T26679] FAULT_INJECTION: forcing a failure. [ 1768.030070][T26679] name failslab, interval 1, probability 0, space 0, times 0 [ 1768.238348][T26679] CPU: 0 UID: 0 PID: 26679 Comm: syz.4.4636 Tainted: G L syzkaller #0 PREEMPT(full) [ 1768.238387][T26679] Tainted: [L]=SOFTLOCKUP [ 1768.238396][T26679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1768.238411][T26679] Call Trace: [ 1768.238419][T26679] [ 1768.238429][T26679] dump_stack_lvl+0x100/0x190 [ 1768.238460][T26679] should_fail_ex.cold+0x5/0xa [ 1768.238495][T26679] ? tomoyo_encode2+0xfb/0x3c0 [ 1768.238542][T26679] should_failslab+0xc2/0x120 [ 1768.238571][T26679] __kmalloc_noprof+0xe0/0x850 [ 1768.238610][T26679] ? d_absolute_path+0x136/0x1b0 [ 1768.238640][T26679] tomoyo_encode2+0xfb/0x3c0 [ 1768.238674][T26679] tomoyo_encode+0x29/0x50 [ 1768.238703][T26679] tomoyo_realpath_from_path+0x18c/0x690 [ 1768.238742][T26679] tomoyo_path_number_perm+0x23c/0x580 [ 1768.238766][T26679] ? tomoyo_path_number_perm+0x22e/0x580 [ 1768.238794][T26679] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1768.238830][T26679] ? do_raw_spin_lock+0x128/0x260 [ 1768.238873][T26679] ? find_held_lock+0x2b/0x80 [ 1768.238904][T26679] ? current_check_access_path+0x269/0x430 [ 1768.238935][T26679] ? __pfx_current_check_access_path+0x10/0x10 [ 1768.238964][T26679] ? do_raw_spin_unlock+0x145/0x1e0 [ 1768.238996][T26679] ? simple_lookup+0x105/0x1d0 [ 1768.239030][T26679] tomoyo_path_mknod+0x164/0x190 [ 1768.239068][T26679] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 1768.239111][T26679] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1768.239152][T26679] security_path_mknod+0x161/0x300 [ 1768.239186][T26679] filename_mknodat+0x241/0x7f0 [ 1768.239224][T26679] ? __pfx_filename_mknodat+0x10/0x10 [ 1768.239257][T26679] ? strncpy_from_user+0x19d/0x2d0 [ 1768.239286][T26679] ? do_getname+0x191/0x390 [ 1768.239325][T26679] __x64_sys_mknod+0x8f/0xc0 [ 1768.239359][T26679] do_syscall_64+0x10b/0xf80 [ 1768.239391][T26679] ? clear_bhb_loop+0x40/0x90 [ 1768.239421][T26679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1768.239447][T26679] RIP: 0033:0x7f8d2079cdd9 [ 1768.239468][T26679] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1768.239492][T26679] RSP: 002b:00007f8d215aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 1768.239517][T26679] RAX: ffffffffffffffda RBX: 00007f8d20a15fa0 RCX: 00007f8d2079cdd9 [ 1768.239534][T26679] RDX: 0000000000000044 RSI: 0000000000001001 RDI: 0000200000000040 [ 1768.239550][T26679] RBP: 00007f8d20832d69 R08: 0000000000000000 R09: 0000000000000000 [ 1768.239565][T26679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1768.239581][T26679] R13: 00007f8d20a16038 R14: 00007f8d20a15fa0 R15: 00007ffd10fdfba8 [ 1768.239613][T26679] [ 1769.374854][T26679] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1769.924380][T26681] Bluetooth: hci4: command tx timeout [ 1770.875704][T26708] Unable to find swap-space signature [ 1770.959251][T26708] bond0: invalid ARP target specified [ 1770.998356][T26708] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4639'. [ 1771.559952][T26715] FAULT_INJECTION: forcing a failure. [ 1771.559952][T26715] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1771.627567][T25269] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1771.701983][T26715] CPU: 0 UID: 0 PID: 26715 Comm: syz.4.4642 Tainted: G L syzkaller #0 PREEMPT(full) [ 1771.702023][T26715] Tainted: [L]=SOFTLOCKUP [ 1771.702032][T26715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1771.702046][T26715] Call Trace: [ 1771.702054][T26715] [ 1771.702063][T26715] dump_stack_lvl+0x100/0x190 [ 1771.702094][T26715] should_fail_ex.cold+0x5/0xa [ 1771.702121][T26715] ? prepare_alloc_pages+0x16d/0x5f0 [ 1771.702154][T26715] should_fail_alloc_page+0xeb/0x140 [ 1771.702185][T26715] prepare_alloc_pages+0x1f0/0x5f0 [ 1771.702220][T26715] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1771.702265][T26715] ? rcu_is_watching+0x12/0xc0 [ 1771.702295][T26715] ? trace_mm_page_alloc+0x163/0x1d0 [ 1771.702326][T26715] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1771.702369][T26715] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1771.702412][T26715] ? __pfx_stack_trace_save+0x10/0x10 [ 1771.702446][T26715] ? stack_depot_save_flags+0x27/0x9d0 [ 1771.702474][T26715] ? is_bpf_text_address+0x8a/0x1a0 [ 1771.702508][T26715] ? is_bpf_text_address+0x8a/0x1a0 [ 1771.702543][T26715] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1771.702583][T26715] ? kasan_save_stack+0x3f/0x50 [ 1771.702605][T26715] ? kasan_save_stack+0x30/0x50 [ 1771.702626][T26715] ? kasan_save_track+0x14/0x30 [ 1771.702649][T26715] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 1771.702689][T26715] ? __get_vm_area_node+0x1ca/0x330 [ 1771.702717][T26715] ? __vmalloc_node_range_noprof+0x228/0x1630 [ 1771.702757][T26715] ? __kvmalloc_node_noprof+0x3de/0xa00 [ 1771.702780][T26715] ? __do_sys_listmount+0x289/0xee0 [ 1771.702806][T26715] ? do_syscall_64+0x10b/0xf80 [ 1771.702837][T26715] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1771.702869][T26715] alloc_pages_bulk_noprof+0x657/0x1390 [ 1771.702915][T26715] ? policy_nodemask+0xed/0x4f0 [ 1771.702946][T26715] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1771.703002][T26715] __kasan_populate_vmalloc+0xf0/0x210 [ 1771.703051][T26715] alloc_vmap_area+0x95d/0x2b70 [ 1771.703090][T26715] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1771.703125][T26715] __get_vm_area_node+0x1ca/0x330 [ 1771.703160][T26715] __vmalloc_node_range_noprof+0x228/0x1630 [ 1771.703194][T26715] ? __do_sys_listmount+0x289/0xee0 [ 1771.703219][T26715] ? get_pid_task+0xfc/0x250 [ 1771.703263][T26715] ? __do_sys_listmount+0x289/0xee0 [ 1771.703292][T26715] ? alloc_pages_mpol+0x25a/0x540 [ 1771.703322][T26715] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1771.703361][T26715] ? rcu_is_watching+0x12/0xc0 [ 1771.703396][T26715] __kvmalloc_node_noprof+0x3de/0xa00 [ 1771.703420][T26715] ? __do_sys_listmount+0x289/0xee0 [ 1771.703445][T26715] ? __do_sys_listmount+0x289/0xee0 [ 1771.703470][T26715] ? _copy_from_user+0x59/0xd0 [ 1771.703509][T26715] ? copy_mnt_id_req+0x1b1/0x350 [ 1771.703549][T26715] __do_sys_listmount+0x289/0xee0 [ 1771.703575][T26715] ? __pfx_do_futex+0x10/0x10 [ 1771.703604][T26715] ? __fget_files+0x21f/0x3d0 [ 1771.703633][T26715] ? __pfx___do_sys_listmount+0x10/0x10 [ 1771.703672][T26715] ? rcu_is_watching+0x12/0xc0 [ 1771.703704][T26715] do_syscall_64+0x10b/0xf80 [ 1771.703740][T26715] ? clear_bhb_loop+0x40/0x90 [ 1771.703771][T26715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1771.703796][T26715] RIP: 0033:0x7f8d2079cdd9 [ 1771.703816][T26715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1771.703841][T26715] RSP: 002b:00007f8d215aa028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1771.703864][T26715] RAX: ffffffffffffffda RBX: 00007f8d20a15fa0 RCX: 00007f8d2079cdd9 [ 1771.703881][T26715] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1771.703896][T26715] RBP: 00007f8d20832d69 R08: 0000000000000000 R09: 0000000000000000 [ 1771.703910][T26715] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1771.703925][T26715] R13: 00007f8d20a16038 R14: 00007f8d20a15fa0 R15: 00007ffd10fdfba8 [ 1771.703955][T26715] [ 1772.499575][T26715] warn_alloc: 1 callbacks suppressed [ 1772.499596][T26715] syz.4.4642: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1772.541515][T26715] CPU: 0 UID: 0 PID: 26715 Comm: syz.4.4642 Tainted: G L syzkaller #0 PREEMPT(full) [ 1772.541556][T26715] Tainted: [L]=SOFTLOCKUP [ 1772.541566][T26715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1772.541581][T26715] Call Trace: [ 1772.541591][T26715] [ 1772.541600][T26715] dump_stack_lvl+0x100/0x190 [ 1772.541633][T26715] warn_alloc.cold+0x95/0x1c1 [ 1772.541660][T26715] ? __pfx_warn_alloc+0x10/0x10 [ 1772.541698][T26715] ? lockdep_hardirqs_on+0x78/0x100 [ 1772.541734][T26715] ? __get_vm_area_node+0x2c5/0x330 [ 1772.541771][T26715] ? __get_vm_area_node+0x208/0x330 [ 1772.541807][T26715] __vmalloc_node_range_noprof+0xccd/0x1630 [ 1772.541841][T26715] ? get_pid_task+0xfc/0x250 [ 1772.541886][T26715] ? __do_sys_listmount+0x289/0xee0 [ 1772.541916][T26715] ? alloc_pages_mpol+0x25a/0x540 [ 1772.541947][T26715] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1772.541987][T26715] ? rcu_is_watching+0x12/0xc0 [ 1772.542024][T26715] __kvmalloc_node_noprof+0x3de/0xa00 [ 1772.542050][T26715] ? __do_sys_listmount+0x289/0xee0 [ 1772.542075][T26715] ? __do_sys_listmount+0x289/0xee0 [ 1772.542101][T26715] ? _copy_from_user+0x59/0xd0 [ 1772.542141][T26715] ? copy_mnt_id_req+0x1b1/0x350 [ 1772.542182][T26715] __do_sys_listmount+0x289/0xee0 [ 1772.542209][T26715] ? __pfx_do_futex+0x10/0x10 [ 1772.542239][T26715] ? __fget_files+0x21f/0x3d0 [ 1772.542268][T26715] ? __pfx___do_sys_listmount+0x10/0x10 [ 1772.542309][T26715] ? rcu_is_watching+0x12/0xc0 [ 1772.542342][T26715] do_syscall_64+0x10b/0xf80 [ 1772.542374][T26715] ? clear_bhb_loop+0x40/0x90 [ 1772.542404][T26715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1772.542437][T26715] RIP: 0033:0x7f8d2079cdd9 [ 1772.542457][T26715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1772.542482][T26715] RSP: 002b:00007f8d215aa028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1772.542507][T26715] RAX: ffffffffffffffda RBX: 00007f8d20a15fa0 RCX: 00007f8d2079cdd9 [ 1772.542524][T26715] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1772.542540][T26715] RBP: 00007f8d20832d69 R08: 0000000000000000 R09: 0000000000000000 [ 1772.542556][T26715] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1772.542571][T26715] R13: 00007f8d20a16038 R14: 00007f8d20a15fa0 R15: 00007ffd10fdfba8 [ 1772.542602][T26715] [ 1772.542612][T26715] Mem-Info: [ 1772.787108][T26681] Bluetooth: hci4: command tx timeout [ 1773.197211][T25269] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1773.315990][T26719] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1773.330619][T26719] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1773.357599][T26719] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1773.387279][T26719] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1773.420292][T26719] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1773.446850][T25269] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1773.477118][T26719] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1773.730923][T26715] active_anon:3441 inactive_anon:40903 isolated_anon:0 [ 1773.730923][T26715] active_file:13754 inactive_file:16147 isolated_file:0 [ 1773.730923][T26715] unevictable:768 dirty:364 writeback:0 [ 1773.730923][T26715] slab_reclaimable:10239 slab_unreclaimable:101832 [ 1773.730923][T26715] mapped:46336 shmem:38284 pagetables:1933 [ 1773.730923][T26715] sec_pagetables:0 bounce:0 [ 1773.730923][T26715] kernel_misc_reclaimable:0 [ 1773.730923][T26715] free:1089489 free_pcp:23704 free_cma:0 [ 1773.796670][T25269] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1774.275558][T26715] Node 0 active_anon:13764kB inactive_anon:172980kB active_file:55048kB inactive_file:65480kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:167444kB dirty:1464kB writeback:0kB shmem:154580kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11680kB pagetables:7332kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1774.674410][T26715] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:20480kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:96kB pagetables:344kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1774.864908][T25269] gretap0: left allmulticast mode [ 1774.874282][T25269] bridge0: port 3(gretap0) entered disabled state [ 1774.902957][T26746] Unable to find swap-space signature [ 1774.945275][T25269] bridge_slave_1: left allmulticast mode [ 1774.986244][T25269] bridge_slave_1: left promiscuous mode [ 1775.022500][T25269] bridge0: port 2(bridge_slave_1) entered disabled state [ 1775.073175][T25269] bridge_slave_0: left allmulticast mode [ 1775.123136][T25269] bridge_slave_0: left promiscuous mode [ 1775.134649][T26715] Node 0 DMA free:15100kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:260kB local_pcp:260kB free_cma:0kB [ 1775.177490][T26748] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4648'. [ 1775.188220][T25269] bridge0: port 1(bridge_slave_0) entered disabled state [ 1775.255755][T26752] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4649'. [ 1775.362310][T19485] Bluetooth: hci2: command 0x0c1a tx timeout [ 1775.369642][T26681] Bluetooth: hci1: command 0x0c1a tx timeout [ 1775.376815][T26681] Bluetooth: hci3: command 0x0c1a tx timeout [ 1775.447800][T26753] Bluetooth: hci4: command 0x0419 tx timeout [ 1775.487329][T26715] lowmem_reserve[]: 0 2477 2479 2479 2479 [ 1775.553718][T26715] Node 0 DMA32 free:1141440kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13772kB inactive_anon:172556kB active_file:55192kB inactive_file:71144kB unevictable:1536kB writepending:1032kB zspages:148kB present:3129332kB managed:2537396kB mlocked:0kB bounce:0kB free_pcp:37852kB local_pcp:37852kB free_cma:0kB [ 1775.839528][T26715] lowmem_reserve[]: 0 0 1 1 1 [ 1775.885752][T26715] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1776.048134][T25269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1776.078544][T25269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1776.112742][T26715] lowmem_reserve[]: 0 0 0 0 0 [ 1776.122527][T25269] bond0 (unregistering): Released all slaves [ 1776.146052][T26715] Node 1 Normal free:3183132kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:62440kB local_pcp:62440kB free_cma:0kB [ 1776.205329][T26680] bridge0: port 1(bridge_slave_0) entered blocking state [ 1776.251764][T26680] bridge0: port 1(bridge_slave_0) entered disabled state [ 1776.272842][T26680] bridge_slave_0: entered allmulticast mode [ 1776.303520][T26680] bridge_slave_0: entered promiscuous mode [ 1776.358776][T26680] bridge0: port 2(bridge_slave_1) entered blocking state [ 1776.451967][T26680] bridge0: port 2(bridge_slave_1) entered disabled state [ 1776.514078][T26680] bridge_slave_1: entered allmulticast mode [ 1776.582667][T26680] bridge_slave_1: entered promiscuous mode [ 1776.601241][T26715] lowmem_reserve[]: 0 0 0 0 0 [ 1776.637931][T26715] Node 0 DMA: 1*4kB (M) 3*8kB (M) 2*16kB (M) 0*32kB 3*64kB (M) 2*128kB (M) 1*256kB (M) 2*512kB (M) 3*1024kB (UM) 1*2048kB (M) 2*4096kB (UM) = 15100kB [ 1776.704276][ T5292] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1776.788168][T26715] Node 0 DMA32: 813*4kB (UE) 6305*8kB (UME) 7028*16kB (UME) 1076*32kB (UME) 1553*64kB (UME) 991*128kB (UME) 693*256kB (UME) 309*512kB (UM) 139*1024kB (UM) 17*2048kB (M) 45*4096kB (M) = 1123900kB [ 1776.812602][T26680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1776.830887][T26764] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4650'. [ 1776.904213][T26680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1776.988906][T26715] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1777.122845][T26715] Node 1 Normal: 57*4kB (U) 23*8kB (U) 34*16kB (UE) 5*32kB (UE) 23*64kB (U) 14*128kB (UE) 15*256kB (UME) 23*512kB (UME) 11*1024kB (UME) 3*2048kB (UE) 768*4096kB (M) = 3183132kB [ 1777.214417][T26680] team0: Port device team_slave_0 added [ 1777.273278][T26680] team0: Port device team_slave_1 added [ 1777.306415][T26715] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1777.411832][T26715] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 1777.507367][T26715] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1777.521581][T26753] Bluetooth: hci4: command 0x0419 tx timeout [ 1777.597623][T26715] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1777.683827][T26715] 78299 total pagecache pages [ 1777.767787][T26715] 42 pages in swap cache [ 1777.815953][T26715] Free swap = 124408kB [ 1777.874250][T26715] Total swap = 124996kB [ 1777.898817][T26680] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1777.934640][T26715] 2097051 pages RAM [ 1777.942153][T26680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1778.022598][T26715] 0 pages HighMem/MovableOnly [ 1778.047842][T26715] 430812 pages reserved [ 1778.091126][T26680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1778.104794][T26715] 0 pages cma reserved [ 1778.160897][T26680] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1778.206505][T26680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1778.322880][T26781] input: f as /devices/virtual/input/input152 [ 1778.388307][T26680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1779.377631][T26680] hsr_slave_0: entered promiscuous mode [ 1779.413093][T26680] hsr_slave_1: entered promiscuous mode [ 1779.455101][T26680] debugfs: 'hsr0' already exists in 'hsr' [ 1779.492378][T26680] Cannot create hsr debugfs directory [ 1779.602402][T26753] Bluetooth: hci4: command 0x0419 tx timeout [ 1779.699085][ T5292] 8021q: adding VLAN 0 to HW filter on device eth9 [ 1779.896755][T26767] binder: 26765:26767 ioctl 40086602 e20 returned -22 [ 1781.686146][T26753] Bluetooth: hci4: command 0x0419 tx timeout [ 1784.440108][T26846] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4659'. [ 1784.606752][T26846] veth1_macvtap: left promiscuous mode [ 1784.650760][T26846] macsec0: entered promiscuous mode [ 1784.703527][T26846] macsec0: entered allmulticast mode [ 1785.370261][T26680] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1785.719660][T26680] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 1785.807471][T26680] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1785.859571][T26680] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 1786.041277][T26680] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1786.145710][T26680] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 1786.520841][T26680] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1786.541353][T26870] CIFS mount error: No usable UNC path provided in device string! [ 1786.541353][T26870] [ 1786.585532][T26680] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 1786.645161][T26870] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 1788.348082][T25269] hsr_slave_0: left promiscuous mode [ 1788.392308][T25269] hsr_slave_1: left promiscuous mode [ 1788.428150][T25269] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1788.483696][T25269] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1788.535371][T25269] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1788.578642][T25269] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1788.650301][T25269] veth1_macvtap: left promiscuous mode [ 1788.680621][T25269] veth0_macvtap: left promiscuous mode [ 1789.566508][T25269] team0 (unregistering): Port device team_slave_1 removed [ 1790.186407][T26901] ovs_: entered promiscuous mode [ 1790.737378][T26680] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1790.885635][T26680] 8021q: adding VLAN 0 to HW filter on device team0 [ 1790.950262][T16725] bridge0: port 1(bridge_slave_0) entered blocking state [ 1790.957487][T16725] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1791.621127][T16725] bridge0: port 2(bridge_slave_1) entered blocking state [ 1791.628452][T16725] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1791.721245][T26943] Unable to find swap-space signature [ 1791.764717][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1791.771138][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1792.453576][T26943] bond0: invalid ARP target specified [ 1792.592157][T26942] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4671'. [ 1792.643011][T26945] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4672'. [ 1793.101413][T26942] veth1_macvtap: left promiscuous mode [ 1793.155672][T26942] macsec0: entered promiscuous mode [ 1793.183630][T26942] macsec0: entered allmulticast mode [ 1793.605779][T26960] blktrace: Concurrent blktraces are not allowed on loop2 [ 1793.740599][T26963] netlink: 342 bytes leftover after parsing attributes in process `syz.5.4674'. [ 1793.856694][T26967] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4674'. [ 1793.916124][ T29] audit: type=1400 audit(4294986014.976:206): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=26965 comm="syz.4.4675" [ 1794.444724][T26971] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1794.687291][T26971] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1794.754933][T26971] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1794.839045][T26971] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1795.179703][T26986] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4678'. [ 1795.388616][T26986] team0: Port device team_slave_0 removed [ 1795.430554][T26988] can: request_module (can-proto-0) failed. [ 1795.547875][T26680] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1795.797441][T26680] veth0_vlan: entered promiscuous mode [ 1795.878743][T26680] veth1_vlan: entered promiscuous mode [ 1796.056612][T26680] veth0_macvtap: entered promiscuous mode [ 1796.106770][T26680] veth1_macvtap: entered promiscuous mode [ 1796.161917][T26753] Bluetooth: hci3: command 0x0c1a tx timeout [ 1796.201227][T26680] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1796.246621][T26680] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1796.305666][T11598] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1796.357836][T11598] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1796.430966][T11598] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1796.477345][T11598] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1796.722148][T26753] Bluetooth: hci1: command 0x0c1a tx timeout [ 1796.740195][T16725] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1796.781877][T16725] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1796.801954][T26753] Bluetooth: hci2: command 0x0c1a tx timeout [ 1796.882024][T26753] Bluetooth: hci4: command 0x0419 tx timeout [ 1796.913270][T26537] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1796.946335][T26537] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1797.937682][T27022] bond0: invalid ARP target specified [ 1798.165799][T27023] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4683'. [ 1799.262934][T27033] FAULT_INJECTION: forcing a failure. [ 1799.262934][T27033] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1799.333918][T27033] CPU: 0 UID: 0 PID: 27033 Comm: syz.3.4687 Tainted: G L syzkaller #0 PREEMPT(full) [ 1799.333957][T27033] Tainted: [L]=SOFTLOCKUP [ 1799.333966][T27033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1799.333982][T27033] Call Trace: [ 1799.333990][T27033] [ 1799.334000][T27033] dump_stack_lvl+0x100/0x190 [ 1799.334031][T27033] should_fail_ex.cold+0x5/0xa [ 1799.334058][T27033] ? prepare_alloc_pages+0x16d/0x5f0 [ 1799.334092][T27033] should_fail_alloc_page+0xeb/0x140 [ 1799.334123][T27033] prepare_alloc_pages+0x1f0/0x5f0 [ 1799.334166][T27033] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 1799.334213][T27033] ? rcu_is_watching+0x12/0xc0 [ 1799.334243][T27033] ? trace_mm_page_alloc+0x163/0x1d0 [ 1799.334274][T27033] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 1799.334317][T27033] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1799.334361][T27033] ? __pfx_stack_trace_save+0x10/0x10 [ 1799.334396][T27033] ? stack_depot_save_flags+0x27/0x9d0 [ 1799.334424][T27033] ? is_bpf_text_address+0x8a/0x1a0 [ 1799.334457][T27033] ? is_bpf_text_address+0x8a/0x1a0 [ 1799.334492][T27033] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1799.334536][T27033] ? kasan_save_stack+0x3f/0x50 [ 1799.334558][T27033] ? kasan_save_stack+0x30/0x50 [ 1799.334580][T27033] ? kasan_save_track+0x14/0x30 [ 1799.334602][T27033] ? kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 1799.334641][T27033] ? __get_vm_area_node+0x1ca/0x330 [ 1799.334670][T27033] ? __vmalloc_node_range_noprof+0x228/0x1630 [ 1799.334702][T27033] ? __kvmalloc_node_noprof+0x3de/0xa00 [ 1799.334724][T27033] ? __do_sys_listmount+0x289/0xee0 [ 1799.334749][T27033] ? do_syscall_64+0x10b/0xf80 [ 1799.334779][T27033] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1799.334811][T27033] alloc_pages_bulk_noprof+0x657/0x1390 [ 1799.334857][T27033] ? policy_nodemask+0xed/0x4f0 [ 1799.334886][T27033] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1799.334943][T27033] __kasan_populate_vmalloc+0xf0/0x210 [ 1799.334988][T27033] alloc_vmap_area+0x95d/0x2b70 [ 1799.335026][T27033] ? __pfx_alloc_vmap_area+0x10/0x10 [ 1799.335062][T27033] __get_vm_area_node+0x1ca/0x330 [ 1799.335096][T27033] __vmalloc_node_range_noprof+0x228/0x1630 [ 1799.335132][T27033] ? __do_sys_listmount+0x289/0xee0 [ 1799.335165][T27033] ? get_pid_task+0xfc/0x250 [ 1799.335208][T27033] ? __do_sys_listmount+0x289/0xee0 [ 1799.335238][T27033] ? alloc_pages_mpol+0x25a/0x540 [ 1799.335268][T27033] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1799.335307][T27033] ? rcu_is_watching+0x12/0xc0 [ 1799.335342][T27033] __kvmalloc_node_noprof+0x3de/0xa00 [ 1799.335367][T27033] ? __do_sys_listmount+0x289/0xee0 [ 1799.335391][T27033] ? __do_sys_listmount+0x289/0xee0 [ 1799.335415][T27033] ? _copy_from_user+0x59/0xd0 [ 1799.335455][T27033] ? copy_mnt_id_req+0x1b1/0x350 [ 1799.335494][T27033] __do_sys_listmount+0x289/0xee0 [ 1799.335520][T27033] ? __pfx_do_futex+0x10/0x10 [ 1799.335548][T27033] ? __fget_files+0x21f/0x3d0 [ 1799.335577][T27033] ? __pfx___do_sys_listmount+0x10/0x10 [ 1799.335617][T27033] ? rcu_is_watching+0x12/0xc0 [ 1799.335649][T27033] do_syscall_64+0x10b/0xf80 [ 1799.335679][T27033] ? clear_bhb_loop+0x40/0x90 [ 1799.335708][T27033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1799.335733][T27033] RIP: 0033:0x7f645d59cdd9 [ 1799.335753][T27033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1799.335778][T27033] RSP: 002b:00007f645e38f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1799.335802][T27033] RAX: ffffffffffffffda RBX: 00007f645d815fa0 RCX: 00007f645d59cdd9 [ 1799.335818][T27033] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1799.335834][T27033] RBP: 00007f645d632d69 R08: 0000000000000000 R09: 0000000000000000 [ 1799.335849][T27033] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1799.335863][T27033] R13: 00007f645d816038 R14: 00007f645d815fa0 R15: 00007ffe4b245688 [ 1799.335893][T27033] [ 1799.339847][T27033] syz.3.4687: vmalloc error: size 8000000, vm_struct allocation failed, mode:0x400cc0(GFP_KERNEL_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 1800.660891][T27033] CPU: 0 UID: 0 PID: 27033 Comm: syz.3.4687 Tainted: G L syzkaller #0 PREEMPT(full) [ 1800.660928][T27033] Tainted: [L]=SOFTLOCKUP [ 1800.660937][T27033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1800.660952][T27033] Call Trace: [ 1800.660961][T27033] [ 1800.660970][T27033] dump_stack_lvl+0x100/0x190 [ 1800.661010][T27033] warn_alloc.cold+0x95/0x1c1 [ 1800.661036][T27033] ? __pfx_warn_alloc+0x10/0x10 [ 1800.661072][T27033] ? lockdep_hardirqs_on+0x78/0x100 [ 1800.661106][T27033] ? __get_vm_area_node+0x2c5/0x330 [ 1800.661140][T27033] ? __get_vm_area_node+0x208/0x330 [ 1800.661174][T27033] __vmalloc_node_range_noprof+0xccd/0x1630 [ 1800.661207][T27033] ? get_pid_task+0xfc/0x250 [ 1800.661250][T27033] ? __do_sys_listmount+0x289/0xee0 [ 1800.661278][T27033] ? alloc_pages_mpol+0x25a/0x540 [ 1800.661308][T27033] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 1800.661346][T27033] ? rcu_is_watching+0x12/0xc0 [ 1800.661380][T27033] __kvmalloc_node_noprof+0x3de/0xa00 [ 1800.661404][T27033] ? __do_sys_listmount+0x289/0xee0 [ 1800.661432][T27033] ? __do_sys_listmount+0x289/0xee0 [ 1800.661456][T27033] ? _copy_from_user+0x59/0xd0 [ 1800.661494][T27033] ? copy_mnt_id_req+0x1b1/0x350 [ 1800.661533][T27033] __do_sys_listmount+0x289/0xee0 [ 1800.661558][T27033] ? __pfx_do_futex+0x10/0x10 [ 1800.661587][T27033] ? __fget_files+0x21f/0x3d0 [ 1800.661614][T27033] ? __pfx___do_sys_listmount+0x10/0x10 [ 1800.661651][T27033] ? rcu_is_watching+0x12/0xc0 [ 1800.661682][T27033] do_syscall_64+0x10b/0xf80 [ 1800.661712][T27033] ? clear_bhb_loop+0x40/0x90 [ 1800.661740][T27033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1800.661765][T27033] RIP: 0033:0x7f645d59cdd9 [ 1800.661784][T27033] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1800.661807][T27033] RSP: 002b:00007f645e38f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ca [ 1800.661830][T27033] RAX: ffffffffffffffda RBX: 00007f645d815fa0 RCX: 00007f645d59cdd9 [ 1800.661846][T27033] RDX: 00000000000f4240 RSI: 0000000000000000 RDI: 0000200000000080 [ 1800.661860][T27033] RBP: 00007f645d632d69 R08: 0000000000000000 R09: 0000000000000000 [ 1800.661875][T27033] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 1800.661889][T27033] R13: 00007f645d816038 R14: 00007f645d815fa0 R15: 00007ffe4b245688 [ 1800.661917][T27033] [ 1801.201290][T27050] bond0: invalid ARP target specified [ 1801.230316][T27050] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4692'. [ 1801.546129][T27055] netlink: 'syz.5.4694': attribute type 2 has an invalid length. [ 1802.171272][T27033] Mem-Info: [ 1802.186785][T27033] active_anon:3985 inactive_anon:6999 isolated_anon:0 [ 1802.186785][T27033] active_file:13930 inactive_file:22427 isolated_file:0 [ 1802.186785][T27033] unevictable:768 dirty:450 writeback:0 [ 1802.186785][T27033] slab_reclaimable:9991 slab_unreclaimable:98252 [ 1802.186785][T27033] mapped:27977 shmem:4827 pagetables:1891 [ 1802.186785][T27033] sec_pagetables:0 bounce:0 [ 1802.186785][T27033] kernel_misc_reclaimable:0 [ 1802.186785][T27033] free:1119941 free_pcp:25703 free_cma:0 [ 1802.423492][T27033] Node 0 active_anon:13808kB inactive_anon:29972kB active_file:55716kB inactive_file:89580kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:92520kB dirty:1956kB writeback:0kB shmem:17668kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11872kB pagetables:7376kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1802.586611][T27033] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:20480kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:96kB pagetables:344kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB gpu_active:0kB gpu_reclaim:0kB [ 1802.818906][T27033] Node 0 DMA free:15100kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:260kB local_pcp:260kB free_cma:0kB [ 1803.029568][T27033] lowmem_reserve[]: 0 2477 2479 2479 2479 [ 1803.092714][T27033] Node 0 DMA32 free:1281592kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13764kB inactive_anon:34512kB active_file:55716kB inactive_file:89580kB unevictable:1536kB writepending:1964kB zspages:148kB present:3129332kB managed:2537396kB mlocked:0kB bounce:0kB free_pcp:36268kB local_pcp:36268kB free_cma:0kB [ 1803.294782][T27033] lowmem_reserve[]: 0 0 1 1 1 [ 1803.320769][T27033] Node 0 Normal free:8kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1803.488060][T27033] lowmem_reserve[]: 0 0 0 0 0 [ 1803.509372][T27033] Node 1 Normal free:3185356kB boost:0kB min:55828kB low:69784kB high:83740kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:60172kB local_pcp:60172kB free_cma:0kB [ 1803.641691][T27085] nbd: socks must be embedded in a SOCK_ITEM attr [ 1803.658233][T27085] block nbd0: shutting down sockets [ 1803.684072][T27033] lowmem_reserve[]: 0 0 0 0 0 [ 1803.720660][T27033] Node 0 DMA: 1*4kB (M) 3*8kB (M) 2*16kB (M) 0*32kB 3*64kB (M) 2*128kB (M) 1*256kB (M) 2*512kB (M) 3*1024kB (UM) 1*2048kB (M) 2*4096kB (UM) = 15100kB [ 1803.807668][T27033] Node 0 DMA32: 14748*4kB (UME) 7807*8kB (UME) 8175*16kB (UME) 1895*32kB (UME) 1756*64kB (UME) 1048*128kB (UME) 709*256kB (UME) 336*512kB (UM) 144*1024kB (UM) 20*2048kB (UM) 44*4096kB (M) = 1281592kB [ 1803.927284][T27033] Node 0 Normal: 2*4kB (U) 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 1803.983159][T27033] Node 1 Normal: 58*4kB (U) 24*8kB (U) 33*16kB (UE) 4*32kB (UE) 23*64kB (U) 14*128kB (UE) 16*256kB (UME) 23*512kB (UME) 11*1024kB (UME) 2*2048kB (UE) 769*4096kB (UM) = 3185400kB [ 1804.086702][T27033] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1804.142962][T27033] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 1804.187441][T27033] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1804.233634][T27033] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 1804.275497][T27033] 45491 total pagecache pages [ 1804.300469][T27033] 16 pages in swap cache [ 1804.321172][T27033] Free swap = 124096kB [ 1804.347970][T27033] Total swap = 124996kB [ 1804.367718][T27033] 2097051 pages RAM [ 1804.384568][T27033] 0 pages HighMem/MovableOnly [ 1804.417779][T27033] 430812 pages reserved [ 1804.436744][T27033] 0 pages cma reserved [ 1804.741824][T27098] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 1805.095097][T27098] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xeffffd1f [ 1805.160459][T27105] input: f as /devices/virtual/input/input158 [ 1806.091283][T27118] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ys' [ 1806.198422][T27123] Unable to find swap-space signature [ 1806.321627][T27123] bond0: invalid ARP target specified [ 1806.537507][T27126] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4710'. [ 1807.186286][T27132] input: f as /devices/virtual/input/input160 [ 1807.849200][T27140] bond0: invalid ARP target specified [ 1807.907635][T27140] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4714'. [ 1808.129474][T27138] input: f as /devices/virtual/input/input161 [ 1809.297611][T27164] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 1810.190753][T27170] input: f as /devices/virtual/input/input162 [ 1810.719779][T27181] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79' [ 1813.865784][T27211] binder: 27185:27211 ioctl 40086602 e20 returned -22 [ 1815.710514][T27226] Unable to find swap-space signature [ 1815.905449][T27229] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4735'. [ 1816.100906][T27226] bond0: invalid ARP target specified [ 1816.556629][T27231] input: f as /devices/virtual/input/input163 [ 1816.980722][T27236] ima: policy update failed [ 1817.022017][ T29] audit: type=1802 audit(4294986038.096:207): pid=27236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.4737" res=0 errno=0 [ 1817.605497][T27250] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ys' [ 1819.205318][T27266] Unable to find swap-space signature [ 1819.303576][T27266] bond0: invalid ARP target specified [ 1819.417589][T27266] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4745'. [ 1820.089523][T27279] FAULT_INJECTION: forcing a failure. [ 1820.089523][T27279] name failslab, interval 1, probability 0, space 0, times 0 [ 1820.238093][T27279] CPU: 0 UID: 0 PID: 27279 Comm: syz.5.4748 Tainted: G L syzkaller #0 PREEMPT(full) [ 1820.238136][T27279] Tainted: [L]=SOFTLOCKUP [ 1820.238145][T27279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1820.238160][T27279] Call Trace: [ 1820.238169][T27279] [ 1820.238178][T27279] dump_stack_lvl+0x100/0x190 [ 1820.238209][T27279] should_fail_ex.cold+0x5/0xa [ 1820.238240][T27279] ? __seq_open_private+0x22/0xd0 [ 1820.238265][T27279] should_failslab+0xc2/0x120 [ 1820.238294][T27279] __kmalloc_noprof+0xe0/0x850 [ 1820.238333][T27279] ? rcu_is_watching+0x12/0xc0 [ 1820.238369][T27279] __seq_open_private+0x22/0xd0 [ 1820.238395][T27279] seq_open_net+0x1ab/0x2a0 [ 1820.238429][T27279] ? __pfx_seq_open_net+0x10/0x10 [ 1820.238464][T27279] proc_reg_open+0x2ab/0x5f0 [ 1820.238498][T27279] do_dentry_open+0x6d8/0x1660 [ 1820.238529][T27279] ? __pfx_proc_reg_open+0x10/0x10 [ 1820.238565][T27279] vfs_open+0x82/0x3f0 [ 1820.238605][T27279] path_openat+0x208c/0x31a0 [ 1820.238655][T27279] ? __pfx_path_openat+0x10/0x10 [ 1820.238696][T27279] do_file_open+0x20e/0x430 [ 1820.238730][T27279] ? __pfx_do_file_open+0x10/0x10 [ 1820.238772][T27279] ? __pfx_kfree_link+0x10/0x10 [ 1820.238805][T27279] ? alloc_fd+0x476/0x790 [ 1820.238838][T27279] ? do_getname+0x191/0x390 [ 1820.238877][T27279] do_sys_openat2+0x10d/0x1e0 [ 1820.238915][T27279] ? __pfx_do_sys_openat2+0x10/0x10 [ 1820.238956][T27279] ? __fget_files+0x21f/0x3d0 [ 1820.238990][T27279] __x64_sys_openat+0x12d/0x210 [ 1820.239029][T27279] ? __pfx___x64_sys_openat+0x10/0x10 [ 1820.239073][T27279] ? rcu_is_watching+0x12/0xc0 [ 1820.239107][T27279] do_syscall_64+0x10b/0xf80 [ 1820.239138][T27279] ? clear_bhb_loop+0x40/0x90 [ 1820.239168][T27279] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1820.239194][T27279] RIP: 0033:0x7f23ef39cdd9 [ 1820.239215][T27279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1820.239240][T27279] RSP: 002b:00007f23f0274028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1820.239264][T27279] RAX: ffffffffffffffda RBX: 00007f23ef615fa0 RCX: 00007f23ef39cdd9 [ 1820.239281][T27279] RDX: 0000000000000800 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 1820.239297][T27279] RBP: 00007f23ef432d69 R08: 0000000000000000 R09: 0000000000000000 [ 1820.239312][T27279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1820.239328][T27279] R13: 00007f23ef616038 R14: 00007f23ef615fa0 R15: 00007ffe827d1e08 [ 1820.239358][T27279] [ 1822.943546][T27307] Unable to find swap-space signature [ 1822.995851][T27307] bond0: invalid ARP target specified [ 1823.055492][T27307] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4756'. [ 1823.148289][T27312] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ys' [ 1826.394451][T27330] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4759'. [ 1827.202501][T27355] Unable to find swap-space signature [ 1827.330368][T27355] bond0: invalid ARP target specified [ 1827.416359][T27355] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4765'. [ 1827.963282][T27360] FAULT_INJECTION: forcing a failure. [ 1827.963282][T27360] name failslab, interval 1, probability 0, space 0, times 0 [ 1828.115691][T27360] CPU: 0 UID: 0 PID: 27360 Comm: syz.2.4766 Tainted: G L syzkaller #0 PREEMPT(full) [ 1828.115730][T27360] Tainted: [L]=SOFTLOCKUP [ 1828.115739][T27360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1828.115754][T27360] Call Trace: [ 1828.115763][T27360] [ 1828.115773][T27360] dump_stack_lvl+0x100/0x190 [ 1828.115806][T27360] should_fail_ex.cold+0x5/0xa [ 1828.115837][T27360] ? sk_prot_alloc+0x10b/0x2a0 [ 1828.115868][T27360] should_failslab+0xc2/0x120 [ 1828.115897][T27360] __kmalloc_noprof+0xe0/0x850 [ 1828.115949][T27360] ? security_inode_alloc+0xcf/0x2c0 [ 1828.115993][T27360] sk_prot_alloc+0x10b/0x2a0 [ 1828.116025][T27360] sk_alloc+0x36/0xe80 [ 1828.116049][T27360] __netlink_create+0x5e/0x2c0 [ 1828.116078][T27360] __netlink_kernel_create+0xed/0x750 [ 1828.116112][T27360] ? __pfx___netlink_kernel_create+0x10/0x10 [ 1828.116151][T27360] ? __pfx_genl_pernet_init+0x10/0x10 [ 1828.116186][T27360] genl_pernet_init+0xbd/0x160 [ 1828.116221][T27360] ? __pfx_genl_pernet_init+0x10/0x10 [ 1828.116255][T27360] ? lockdep_init_map_type+0x5c/0x250 [ 1828.116279][T27360] ? __pfx_genl_rcv+0x10/0x10 [ 1828.116311][T27360] ? __pfx_genl_bind+0x10/0x10 [ 1828.116342][T27360] ? __pfx_genl_unbind+0x10/0x10 [ 1828.116373][T27360] ? __pfx_genl_release+0x10/0x10 [ 1828.116408][T27360] ? mutex_init_lockdep+0xf1/0x120 [ 1828.116436][T27360] ops_init+0x1e2/0x5f0 [ 1828.116464][T27360] setup_net+0x118/0x3a0 [ 1828.116492][T27360] ? __pfx_setup_net+0x10/0x10 [ 1828.116519][T27360] ? mutex_init_lockdep+0xf1/0x120 [ 1828.116548][T27360] copy_net_ns+0x46f/0x7c0 [ 1828.116579][T27360] create_new_namespaces+0x3ea/0xac0 [ 1828.116628][T27360] unshare_nsproxy_namespaces+0xf2/0x220 [ 1828.116660][T27360] ksys_unshare+0x438/0xab0 [ 1828.116703][T27360] ? __pfx_ksys_unshare+0x10/0x10 [ 1828.116736][T27360] ? xfd_validate_state+0x129/0x190 [ 1828.116768][T27360] __x64_sys_unshare+0x31/0x40 [ 1828.116802][T27360] do_syscall_64+0x10b/0xf80 [ 1828.116830][T27360] ? clear_bhb_loop+0x40/0x90 [ 1828.116858][T27360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1828.116881][T27360] RIP: 0033:0x7f499479cdd9 [ 1828.116900][T27360] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1828.116925][T27360] RSP: 002b:00007f499571a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1828.116946][T27360] RAX: ffffffffffffffda RBX: 00007f4994a15fa0 RCX: 00007f499479cdd9 [ 1828.116962][T27360] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1828.116975][T27360] RBP: 00007f4994832d69 R08: 0000000000000000 R09: 0000000000000000 [ 1828.116989][T27360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1828.117002][T27360] R13: 00007f4994a16038 R14: 00007f4994a15fa0 R15: 00007ffe97277278 [ 1828.117030][T27360] [ 1829.225915][T27374] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1831.004241][T27396] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 1832.778804][T27413] FAULT_INJECTION: forcing a failure. [ 1832.778804][T27413] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1832.838341][T27413] CPU: 0 UID: 0 PID: 27413 Comm: syz.4.4780 Tainted: G L syzkaller #0 PREEMPT(full) [ 1832.838395][T27413] Tainted: [L]=SOFTLOCKUP [ 1832.838404][T27413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1832.838419][T27413] Call Trace: [ 1832.838427][T27413] [ 1832.838437][T27413] dump_stack_lvl+0x100/0x190 [ 1832.838467][T27413] should_fail_ex.cold+0x5/0xa [ 1832.838496][T27413] get_futex_key+0x1d2/0x1510 [ 1832.838526][T27413] ? __pfx_get_futex_key+0x10/0x10 [ 1832.838552][T27413] ? blk_finish_plug+0x83/0xa0 [ 1832.838597][T27413] ? madvise_do_behavior+0x1fc/0x510 [ 1832.838633][T27413] futex_wake+0xea/0x530 [ 1832.838666][T27413] ? __pfx___up_read+0x10/0x10 [ 1832.838692][T27413] ? madvise_unlock+0x172/0x220 [ 1832.838722][T27413] ? __pfx_futex_wake+0x10/0x10 [ 1832.838758][T27413] ? madvise_unlock+0xa9/0x220 [ 1832.838794][T27413] do_futex+0x32b/0x350 [ 1832.838821][T27413] ? __pfx_do_futex+0x10/0x10 [ 1832.838851][T27413] ? __sys_sendmsg+0x18f/0x220 [ 1832.838883][T27413] __x64_sys_futex+0x34f/0x4d0 [ 1832.838914][T27413] ? __pfx___x64_sys_futex+0x10/0x10 [ 1832.838947][T27413] ? rcu_is_watching+0x12/0xc0 [ 1832.838981][T27413] do_syscall_64+0x10b/0xf80 [ 1832.839013][T27413] ? clear_bhb_loop+0x40/0x90 [ 1832.839044][T27413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1832.839069][T27413] RIP: 0033:0x7f8d2079cdd9 [ 1832.839089][T27413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1832.839114][T27413] RSP: 002b:00007f8d215aa0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1832.839137][T27413] RAX: ffffffffffffffda RBX: 00007f8d20a15fa8 RCX: 00007f8d2079cdd9 [ 1832.839154][T27413] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8d20a15fac [ 1832.839170][T27413] RBP: 00007f8d20a15fa0 R08: 0000000000000001 R09: 0000000000000000 [ 1832.839185][T27413] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1832.839201][T27413] R13: 00007f8d20a16038 R14: 00007ffd10fdfac0 R15: 00007ffd10fdfba8 [ 1832.839232][T27413] [ 1833.998184][T27423] Unable to find swap-space signature [ 1834.069305][T27423] bond0: invalid ARP target specified [ 1834.115630][T27423] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4783'. [ 1834.424462][ T29] audit: type=1800 audit(4294967310.480:208): pid=27425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4785" name="lu_gp_id" dev="configfs" ino=145591 res=0 errno=0 [ 1839.164470][T27470] FAULT_INJECTION: forcing a failure. [ 1839.164470][T27470] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1839.295979][T27470] CPU: 0 UID: 0 PID: 27470 Comm: syz.2.4797 Tainted: G L syzkaller #0 PREEMPT(full) [ 1839.296021][T27470] Tainted: [L]=SOFTLOCKUP [ 1839.296029][T27470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1839.296043][T27470] Call Trace: [ 1839.296051][T27470] [ 1839.296060][T27470] dump_stack_lvl+0x100/0x190 [ 1839.296090][T27470] should_fail_ex.cold+0x5/0xa [ 1839.296119][T27470] _copy_from_user+0x2e/0xd0 [ 1839.296157][T27470] copy_msghdr_from_user+0x9f/0x4f0 [ 1839.296192][T27470] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1839.296238][T27470] ___sys_sendmsg+0x106/0x1e0 [ 1839.296275][T27470] ? __pfx____sys_sendmsg+0x10/0x10 [ 1839.296340][T27470] __sys_sendmsg+0x170/0x220 [ 1839.296364][T27470] ? __pfx___sys_sendmsg+0x10/0x10 [ 1839.296400][T27470] ? rcu_is_watching+0x12/0xc0 [ 1839.296432][T27470] do_syscall_64+0x10b/0xf80 [ 1839.296461][T27470] ? clear_bhb_loop+0x40/0x90 [ 1839.296489][T27470] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1839.296513][T27470] RIP: 0033:0x7f499479cdd9 [ 1839.296532][T27470] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1839.296555][T27470] RSP: 002b:00007f499571a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1839.296577][T27470] RAX: ffffffffffffffda RBX: 00007f4994a15fa0 RCX: 00007f499479cdd9 [ 1839.296592][T27470] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000003 [ 1839.296606][T27470] RBP: 00007f499571a090 R08: 0000000000000000 R09: 0000000000000000 [ 1839.296620][T27470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1839.296634][T27470] R13: 00007f4994a16038 R14: 00007f4994a15fa0 R15: 00007ffe97277278 [ 1839.296662][T27470] [ 1839.503574][T27472] input: f as /devices/virtual/input/input165 [ 1841.374068][T27491] netlink: 'syz.2.4800': attribute type 1 has an invalid length. [ 1841.458017][T27482] netlink: 'syz.3.4799': attribute type 33 has an invalid length. [ 1841.491281][T27491] netlink: 198 bytes leftover after parsing attributes in process `syz.2.4800'. [ 1846.705330][T27525] netlink: 'syz.2.4806': attribute type 1 has an invalid length. [ 1848.390273][T27544] nvme_fcloop: unknown parameter or missing value '7=";&L=j"Yq'R"' [ 1850.588871][T22417] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1850.606135][T22417] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1850.615717][T22417] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1850.635993][T22417] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1850.649160][T22417] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1851.978224][T26538] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1852.692938][T26538] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1852.725135][T22417] Bluetooth: hci0: command tx timeout [ 1852.841325][T27584] binder: 27580:27584 ioctl c0306201 200000001100 returned -14 [ 1853.104370][T26538] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1853.205722][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1853.216242][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1853.480562][T26538] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1854.545668][T27607] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 1854.741957][T26538] gretap0: left allmulticast mode [ 1854.769805][T26538] gretap0: left promiscuous mode [ 1854.798534][T26538] bridge0: port 4(gretap0) entered disabled state [ 1854.805687][T22417] Bluetooth: hci0: command tx timeout [ 1854.875946][T26538] dummy0: left allmulticast mode [ 1854.928685][T26538] dummy0: left promiscuous mode [ 1854.959425][T26538] bridge0: port 3(dummy0) entered disabled state [ 1855.045153][T26538] bridge_slave_1: left allmulticast mode [ 1855.080539][T26538] bridge_slave_1: left promiscuous mode [ 1855.116811][T26538] bridge0: port 2(bridge_slave_1) entered disabled state [ 1856.367580][T26538] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1856.444451][T26538] bond0 (unregistering): Released all slaves [ 1856.712454][T26538] &#$@\]\-: left promiscuous mode [ 1856.785517][T27628] input: f as /devices/virtual/input/input166 [ 1856.881270][T22417] Bluetooth: hci0: command tx timeout [ 1856.992710][T27559] bridge0: port 1(bridge_slave_0) entered blocking state [ 1857.048039][T27559] bridge0: port 1(bridge_slave_0) entered disabled state [ 1857.089636][T27559] bridge_slave_0: entered allmulticast mode [ 1857.152910][T27559] bridge_slave_0: entered promiscuous mode [ 1857.203232][ T5292] 8021q: adding VLAN 0 to HW filter on device eth5 [ 1857.423919][T27559] bridge0: port 2(bridge_slave_1) entered blocking state [ 1857.458422][T27559] bridge0: port 2(bridge_slave_1) entered disabled state [ 1857.495457][T27559] bridge_slave_1: entered allmulticast mode [ 1857.534649][T27559] bridge_slave_1: entered promiscuous mode [ 1857.786149][T27559] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1857.859617][T27559] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1858.409943][T27559] team0: Port device team_slave_0 added [ 1858.460993][T27559] team0: Port device team_slave_1 added [ 1858.961735][T22417] Bluetooth: hci0: command tx timeout [ 1859.436796][ T29] audit: type=1800 audit(4294967335.490:209): pid=27650 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4831" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 1859.492172][T27559] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1859.541629][T27559] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1859.702970][T27559] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1859.772145][T27559] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1859.815469][T27559] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1859.929519][T27559] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1860.151741][ T5292] 8021q: adding VLAN 0 to HW filter on device eth9 [ 1860.779225][T27559] hsr_slave_0: entered promiscuous mode [ 1860.810535][T27559] hsr_slave_1: entered promiscuous mode [ 1860.857066][T27559] debugfs: 'hsr0' already exists in 'hsr' [ 1860.890530][T27559] Cannot create hsr debugfs directory [ 1861.989975][T27681] Unable to find swap-space signature [ 1862.487445][T27683] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4836'. [ 1862.525684][T27688] capability: warning: `syz.4.4837' uses 32-bit capabilities (legacy support in use) [ 1863.217714][ T5292] 8021q: adding VLAN 0 to HW filter on device eth10 [ 1863.373736][T27694] Unable to find swap-space signature [ 1863.628370][T27695] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4838'. [ 1863.654365][T27699] lo: entered allmulticast mode [ 1864.005624][T27699] lo: left allmulticast mode [ 1865.960863][T26538] hsr_slave_0: left promiscuous mode [ 1866.023986][T26538] hsr_slave_1: left promiscuous mode [ 1866.063514][T26538] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1866.107506][T26538] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1866.164612][T26538] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1866.207274][T26538] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1866.287858][T26538] veth0_macvtap: left promiscuous mode [ 1866.319739][T26538] veth1_vlan: left promiscuous mode [ 1866.352214][T26538] veth0_vlan: left promiscuous mode [ 1866.477577][T27732] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 1867.643353][T26538] team0 (unregistering): Port device team_slave_1 removed [ 1867.723578][T26538] team0 (unregistering): Port device team_slave_0 removed [ 1868.742783][T27746] binder: 27710:27746 ioctl 40086602 e20 returned -22 [ 1871.067077][T27772] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4845'. [ 1873.047712][T27794] binder: 27780:27794 ioctl 40086602 e20 returned -22 [ 1874.766779][T27803] Unable to find swap-space signature [ 1874.908392][T27806] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4850'. [ 1878.670294][T26753] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1878.690673][T26753] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1878.699820][T26753] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1878.714000][T26753] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1878.729123][T26753] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1879.615879][T27832] binder: 27829:27832 ioctl c0306201 200000001100 returned -14 [ 1880.193055][T27822] bridge0: port 1(bridge_slave_0) entered blocking state [ 1880.211589][T27822] bridge0: port 1(bridge_slave_0) entered disabled state [ 1880.226815][T27822] bridge_slave_0: entered allmulticast mode [ 1880.247180][T27822] bridge_slave_0: entered promiscuous mode [ 1880.264964][T27822] bridge0: port 2(bridge_slave_1) entered blocking state [ 1880.283280][T27822] bridge0: port 2(bridge_slave_1) entered disabled state [ 1880.300690][T27822] bridge_slave_1: entered allmulticast mode [ 1880.319262][T27822] bridge_slave_1: entered promiscuous mode [ 1880.388460][T27822] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1880.435779][T27822] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1880.520229][T27822] team0: Port device team_slave_0 added [ 1880.540379][T27822] team0: Port device team_slave_1 added [ 1880.605048][T27822] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1880.619629][T27822] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1880.696391][T27822] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1880.724612][T27822] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1880.740776][T27822] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1880.804157][T26753] Bluetooth: hci3: command tx timeout [ 1880.825299][T27822] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1881.023311][T27822] hsr_slave_0: entered promiscuous mode [ 1881.039434][T27822] hsr_slave_1: entered promiscuous mode [ 1882.591667][T27859] binder: 27852:27859 ioctl 40086602 e20 returned -22 [ 1882.883029][T26753] Bluetooth: hci3: command tx timeout [ 1884.961402][T26753] Bluetooth: hci3: command tx timeout [ 1886.904832][T27876] binder: 27870:27876 ioctl 40086602 e20 returned -22 [ 1887.041319][T26753] Bluetooth: hci3: command tx timeout [ 1887.930744][T27881] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 1888.327058][T27887] binder: 27882:27887 ioctl c0306201 200000001100 returned -14 [ 1888.857150][T27893] binder: 27888:27893 ioctl c0306201 200000001100 returned -14 [ 1890.034707][T22417] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 1890.053037][T22417] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 1890.062572][T22417] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 1890.079946][T22417] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 1890.089271][T22417] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 1891.264829][T27900] bridge0: port 1(bridge_slave_0) entered blocking state [ 1891.282448][T27900] bridge0: port 1(bridge_slave_0) entered disabled state [ 1891.296399][T27900] bridge_slave_0: entered allmulticast mode [ 1891.313166][T27900] bridge_slave_0: entered promiscuous mode [ 1891.331987][T27900] bridge0: port 2(bridge_slave_1) entered blocking state [ 1891.347074][T27900] bridge0: port 2(bridge_slave_1) entered disabled state [ 1891.364163][T27900] bridge_slave_1: entered allmulticast mode [ 1891.382859][T27900] bridge_slave_1: entered promiscuous mode [ 1891.459492][T27900] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1891.487671][T27900] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1891.569810][T27900] team0: Port device team_slave_0 added [ 1891.587426][T27900] team0: Port device team_slave_1 added [ 1891.649637][T27900] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1891.665235][T27900] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1891.722699][T27900] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1891.750348][T27900] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1891.769855][T27900] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1891.826448][T27900] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1891.929546][T27900] hsr_slave_0: entered promiscuous mode [ 1891.936398][T27900] hsr_slave_1: entered promiscuous mode [ 1891.945956][T27900] debugfs: 'hsr0' already exists in 'hsr' [ 1891.961942][T27900] Cannot create hsr debugfs directory [ 1892.161424][T22417] Bluetooth: hci5: command tx timeout [ 1892.250025][T27924] input: f as /devices/virtual/input/input167 [ 1893.380427][T27929] netlink: 'syz.5.4873': attribute type 11 has an invalid length. [ 1894.241362][T22417] Bluetooth: hci5: command tx timeout [ 1895.469717][T27948] block2mtd: illegal erase size [ 1896.321585][T22417] Bluetooth: hci5: command tx timeout [ 1896.385529][T27958] netlink: 'syz.5.4880': attribute type 5 has an invalid length. [ 1896.403325][T27958] netlink: 'syz.5.4880': attribute type 1 has an invalid length. [ 1896.421264][T27958] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4880'. [ 1896.820813][T27965] binder: 27960:27965 ioctl c0306201 200000001100 returned -14 [ 1898.401293][T22417] Bluetooth: hci5: command tx timeout [ 1898.982737][T27981] binder: 27974:27981 ioctl 40086602 e20 returned -22 [ 1905.257956][T27993] kexec: Could not allocate control_code_buffer [ 1905.637955][T27997] random: crng reseeded on system resumption [ 1906.944874][T28006] binder: 27999:28006 ioctl 40086602 e20 returned -22 [ 1911.748006][T26753] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 1911.760442][T26753] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 1911.776664][T26753] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 1911.790722][T26753] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 1911.799634][T26753] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 1912.974675][T28017] bridge0: port 1(bridge_slave_0) entered blocking state [ 1912.983461][T28017] bridge0: port 1(bridge_slave_0) entered disabled state [ 1912.990679][T28017] bridge_slave_0: entered allmulticast mode [ 1912.999962][T28017] bridge_slave_0: entered promiscuous mode [ 1913.009254][T28017] bridge0: port 2(bridge_slave_1) entered blocking state [ 1913.017154][T28017] bridge0: port 2(bridge_slave_1) entered disabled state [ 1913.024891][T28017] bridge_slave_1: entered allmulticast mode [ 1913.032383][T28017] bridge_slave_1: entered promiscuous mode [ 1913.067453][T28017] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1913.079847][T28017] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1913.114831][T28017] team0: Port device team_slave_0 added [ 1913.123952][T28017] team0: Port device team_slave_1 added [ 1913.152559][T28017] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1913.159540][T28017] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1913.186888][T28017] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1913.200084][T28017] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1913.209059][T28017] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1913.238126][T28017] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1913.285643][T28017] hsr_slave_0: entered promiscuous mode [ 1913.292533][T28017] hsr_slave_1: entered promiscuous mode [ 1913.298765][T28017] debugfs: 'hsr0' already exists in 'hsr' [ 1913.305782][T28017] Cannot create hsr debugfs directory [ 1913.841506][T22417] Bluetooth: hci6: command tx timeout [ 1914.653366][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1914.659830][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1915.266582][T28040] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 1915.921481][T22417] Bluetooth: hci6: command tx timeout [ 1916.493384][T28050] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4895'. [ 1917.645203][T28059] tipc: Started in network mode [ 1917.650180][T28059] tipc: Node identity ffffffff, cluster identity 4711 [ 1917.658758][T28059] tipc: Node number set to 4294967295 [ 1918.001469][T22417] Bluetooth: hci6: command tx timeout [ 1918.360201][T28058] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1918.367592][T28058] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 1918.376110][T28058] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1918.384033][T28058] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1918.392650][T28058] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1918.403626][T28058] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1918.414969][T28058] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1918.421077][T28058] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1918.429979][T28058] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1918.438602][T28058] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 1918.445766][T28058] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 1918.453597][T28058] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 1918.463671][T28058] Bluetooth: hci6: Opcode 0x0c1a failed: -4 [ 1918.469802][T28058] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 1918.480447][T28058] Bluetooth: hci6: Opcode 0x0406 failed: -4 [ 1918.639995][T28064] input: f as /devices/virtual/input/input170 [ 1919.564664][T28074] FAULT_INJECTION: forcing a failure. [ 1919.564664][T28074] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1919.577900][T28074] CPU: 0 UID: 0 PID: 28074 Comm: syz.5.4901 Tainted: G L syzkaller #0 PREEMPT(full) [ 1919.577954][T28074] Tainted: [L]=SOFTLOCKUP [ 1919.577963][T28074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1919.577978][T28074] Call Trace: [ 1919.577986][T28074] [ 1919.577995][T28074] dump_stack_lvl+0x100/0x190 [ 1919.578026][T28074] should_fail_ex.cold+0x5/0xa [ 1919.578058][T28074] should_fail_futex+0x4c/0x60 [ 1919.578097][T28074] futex_lock_pi_atomic+0x12d/0xaf0 [ 1919.578129][T28074] ? futex_hash+0x141/0x370 [ 1919.578154][T28074] futex_lock_pi+0x245/0x7a0 [ 1919.578188][T28074] ? __pfx_futex_lock_pi+0x10/0x10 [ 1919.578247][T28074] ? __pfx_futex_wake_mark+0x10/0x10 [ 1919.578284][T28074] ? ksys_write+0x190/0x250 [ 1919.578310][T28074] ? ksys_write+0x190/0x250 [ 1919.578343][T28074] do_futex+0x18a/0x350 [ 1919.578368][T28074] ? __pfx_do_futex+0x10/0x10 [ 1919.578401][T28074] __x64_sys_futex+0x34f/0x4d0 [ 1919.578431][T28074] ? __pfx___x64_sys_futex+0x10/0x10 [ 1919.578457][T28074] ? ksys_write+0x1ac/0x250 [ 1919.578487][T28074] ? rcu_is_watching+0x12/0xc0 [ 1919.578520][T28074] do_syscall_64+0x10b/0xf80 [ 1919.578553][T28074] ? clear_bhb_loop+0x40/0x90 [ 1919.578600][T28074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1919.578627][T28074] RIP: 0033:0x7f23ef39cdd9 [ 1919.578646][T28074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1919.578670][T28074] RSP: 002b:00007f23f0253028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1919.578694][T28074] RAX: ffffffffffffffda RBX: 00007f23ef616090 RCX: 00007f23ef39cdd9 [ 1919.578711][T28074] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 1919.578726][T28074] RBP: 00007f23ef432d69 R08: 0000000000000000 R09: 000000008000fff5 [ 1919.578741][T28074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1919.578757][T28074] R13: 00007f23ef616128 R14: 00007f23ef616090 R15: 00007ffe827d1e08 [ 1919.578788][T28074] [ 1919.783544][T22417] Bluetooth: hci1: command 0x0c1a tx timeout [ 1920.131255][T28074] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [5] [ 1920.402027][T22417] Bluetooth: hci0: command 0x0c1a tx timeout [ 1920.408143][T19485] Bluetooth: hci2: command 0x0c1a tx timeout [ 1920.414298][T26753] Bluetooth: hci4: command 0x0419 tx timeout [ 1920.493406][T26753] Bluetooth: hci6: command 0x0c1a tx timeout [ 1920.501290][T22417] Bluetooth: hci5: command 0x0c1a tx timeout [ 1920.507339][T19485] Bluetooth: hci3: command 0x0c1a tx timeout [ 1922.481744][T22417] Bluetooth: hci0: command 0x0c1a tx timeout [ 1922.563732][T22417] Bluetooth: hci5: command 0x0c1a tx timeout [ 1922.570468][T19485] Bluetooth: hci3: command 0x0c1a tx timeout [ 1922.577024][T26753] Bluetooth: hci6: command 0x0c1a tx timeout [ 1923.530510][T28098] FAULT_INJECTION: forcing a failure. [ 1923.530510][T28098] name failslab, interval 1, probability 0, space 0, times 0 [ 1923.573726][T28098] CPU: 0 UID: 0 PID: 28098 Comm: syz.5.4906 Tainted: G L syzkaller #0 PREEMPT(full) [ 1923.573764][T28098] Tainted: [L]=SOFTLOCKUP [ 1923.573772][T28098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 1923.573787][T28098] Call Trace: [ 1923.573795][T28098] [ 1923.573808][T28098] dump_stack_lvl+0x100/0x190 [ 1923.573838][T28098] should_fail_ex.cold+0x5/0xa [ 1923.573868][T28098] should_failslab+0xc2/0x120 [ 1923.573895][T28098] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1923.573931][T28098] ? skb_clone+0x190/0x400 [ 1923.573972][T28098] skb_clone+0x190/0x400 [ 1923.573996][T28098] netlink_deliver_tap+0xaed/0xcc0 [ 1923.574029][T28098] netlink_unicast+0x62b/0x850 [ 1923.574062][T28098] ? __pfx_netlink_unicast+0x10/0x10 [ 1923.574097][T28098] netlink_sendmsg+0x8b0/0xda0 [ 1923.574130][T28098] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1923.574157][T28098] ? __import_iovec+0x1d2/0x640 [ 1923.574182][T28098] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1923.574218][T28098] ____sys_sendmsg+0x9e1/0xb70 [ 1923.574245][T28098] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1923.574276][T28098] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1923.574316][T28098] ___sys_sendmsg+0x190/0x1e0 [ 1923.574349][T28098] ? __pfx____sys_sendmsg+0x10/0x10 [ 1923.574409][T28098] __sys_sendmsg+0x170/0x220 [ 1923.574433][T28098] ? __pfx___sys_sendmsg+0x10/0x10 [ 1923.574466][T28098] ? rcu_is_watching+0x12/0xc0 [ 1923.574496][T28098] do_syscall_64+0x10b/0xf80 [ 1923.574523][T28098] ? clear_bhb_loop+0x40/0x90 [ 1923.574549][T28098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1923.574572][T28098] RIP: 0033:0x7f23ef39cdd9 [ 1923.574589][T28098] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1923.574610][T28098] RSP: 002b:00007f23f0274028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1923.574630][T28098] RAX: ffffffffffffffda RBX: 00007f23ef615fa0 RCX: 00007f23ef39cdd9 [ 1923.574644][T28098] RDX: 00000000000040d0 RSI: 0000200000000040 RDI: 0000000000000002 [ 1923.574658][T28098] RBP: 00007f23f0274090 R08: 0000000000000000 R09: 0000000000000000 [ 1923.574671][T28098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1923.574683][T28098] R13: 00007f23ef616038 R14: 00007f23ef615fa0 R15: 00007ffe827d1e08 [ 1923.574710][T28098] [ 1924.408414][T28100] zswap: compressor not available [ 1924.561563][T26753] Bluetooth: hci0: command 0x0c1a tx timeout [ 1924.641246][T26753] Bluetooth: hci6: command 0x0c1a tx timeout [ 1924.647325][T22417] Bluetooth: hci5: command 0x0c1a tx timeout [ 1924.653439][T19485] Bluetooth: hci3: command 0x0c1a tx timeout [ 1938.430115][T19485] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 1938.448742][T19485] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 1938.458754][T19485] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 1938.468520][T19485] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 1938.480934][T19485] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 1939.347270][T28119] bridge0: port 1(bridge_slave_0) entered blocking state [ 1939.363883][T28119] bridge0: port 1(bridge_slave_0) entered disabled state [ 1939.381774][T28119] bridge_slave_0: entered allmulticast mode [ 1939.394252][T28119] bridge_slave_0: entered promiscuous mode [ 1939.412919][T28119] bridge0: port 2(bridge_slave_1) entered blocking state [ 1939.431360][T28119] bridge0: port 2(bridge_slave_1) entered disabled state [ 1939.440877][T28119] bridge_slave_1: entered allmulticast mode [ 1939.463452][T28119] bridge_slave_1: entered promiscuous mode [ 1939.534097][T28119] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1939.559893][T28119] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1939.634770][T28119] team0: Port device team_slave_0 added [ 1939.653605][T28119] team0: Port device team_slave_1 added [ 1939.721541][T28119] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1939.728537][T28119] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1939.791173][T28119] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1939.813664][T28119] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1939.831619][T28119] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1939.894486][T28119] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1939.992772][T28119] hsr_slave_0: entered promiscuous mode [ 1940.011556][T28119] hsr_slave_1: entered promiscuous mode [ 1940.022102][T28119] debugfs: 'hsr0' already exists in 'hsr' [ 1940.032920][T28119] Cannot create hsr debugfs directory [ 1940.561272][T19485] Bluetooth: hci7: command tx timeout [ 1942.000750][T26753] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 1942.019724][T26753] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 1942.033303][T26753] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 1942.042551][T26753] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 1942.053034][T26753] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 1942.633880][T28140] bridge0: port 1(bridge_slave_0) entered blocking state [ 1942.641937][T26753] Bluetooth: hci7: command tx timeout [ 1942.650506][T28140] bridge0: port 1(bridge_slave_0) entered disabled state [ 1942.659346][T28140] bridge_slave_0: entered allmulticast mode [ 1942.666944][T28140] bridge_slave_0: entered promiscuous mode [ 1942.675594][T28140] bridge0: port 2(bridge_slave_1) entered blocking state [ 1942.683134][T28140] bridge0: port 2(bridge_slave_1) entered disabled state [ 1942.690548][T28140] bridge_slave_1: entered allmulticast mode [ 1942.698582][T28140] bridge_slave_1: entered promiscuous mode [ 1942.738168][T28140] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1942.754836][T28140] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1942.786729][T28140] team0: Port device team_slave_0 added [ 1942.794895][T28140] team0: Port device team_slave_1 added [ 1942.825922][T28140] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1942.833150][T28140] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1942.860922][T28140] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1942.876828][T28140] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1942.884795][T28140] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1942.911383][T28140] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1942.960138][T28140] hsr_slave_0: entered promiscuous mode [ 1942.969098][T28140] hsr_slave_1: entered promiscuous mode [ 1942.975731][T28140] debugfs: 'hsr0' already exists in 'hsr' [ 1942.984880][T28140] Cannot create hsr debugfs directory [ 1944.082330][T19485] Bluetooth: hci8: command tx timeout [ 1944.721517][T19485] Bluetooth: hci7: command tx timeout [ 1946.161388][T19485] Bluetooth: hci8: command tx timeout [ 1946.801318][T19485] Bluetooth: hci7: command tx timeout [ 1948.241345][T19485] Bluetooth: hci8: command tx timeout [ 1949.945087][T26753] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 1949.960332][T26753] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 1949.975289][T26753] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 1949.984710][T26753] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 1949.992420][T26753] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1950.322289][T26753] Bluetooth: hci8: command tx timeout [ 1950.606446][T28161] bridge0: port 1(bridge_slave_0) entered blocking state [ 1950.613860][T28161] bridge0: port 1(bridge_slave_0) entered disabled state [ 1950.621055][T28161] bridge_slave_0: entered allmulticast mode [ 1950.630165][T28161] bridge_slave_0: entered promiscuous mode [ 1950.638839][T28161] bridge0: port 2(bridge_slave_1) entered blocking state [ 1950.647511][T28161] bridge0: port 2(bridge_slave_1) entered disabled state [ 1950.655592][T28161] bridge_slave_1: entered allmulticast mode [ 1950.663376][T28161] bridge_slave_1: entered promiscuous mode [ 1950.699537][T28161] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1950.712846][T28161] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1950.745971][T28161] team0: Port device team_slave_0 added [ 1950.754345][T28161] team0: Port device team_slave_1 added [ 1950.781919][T28161] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1950.788927][T28161] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1950.819270][T28161] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1950.832969][T28161] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1950.839939][T28161] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1950.866409][T28161] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1950.914076][T28161] hsr_slave_0: entered promiscuous mode [ 1950.920562][T28161] hsr_slave_1: entered promiscuous mode [ 1950.930619][T28161] debugfs: 'hsr0' already exists in 'hsr' [ 1950.937701][T28161] Cannot create hsr debugfs directory [ 1952.081587][T26753] Bluetooth: hci9: command tx timeout [ 1954.161521][T26753] Bluetooth: hci9: command tx timeout [ 1956.241443][T26753] Bluetooth: hci9: command tx timeout [ 1958.321510][T26753] Bluetooth: hci9: command tx timeout [ 1970.979832][T19485] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1 [ 1970.998342][T19485] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9 [ 1971.011783][T19485] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9 [ 1971.021846][T19485] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4 [ 1971.029646][T19485] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2 [ 1972.014037][T28182] bridge0: port 1(bridge_slave_0) entered blocking state [ 1972.025706][T28182] bridge0: port 1(bridge_slave_0) entered disabled state [ 1972.043211][T28182] bridge_slave_0: entered allmulticast mode [ 1972.064378][T28182] bridge_slave_0: entered promiscuous mode [ 1972.077255][T28182] bridge0: port 2(bridge_slave_1) entered blocking state [ 1972.099240][T28182] bridge0: port 2(bridge_slave_1) entered disabled state [ 1972.111432][T28182] bridge_slave_1: entered allmulticast mode [ 1972.125924][T28182] bridge_slave_1: entered promiscuous mode [ 1972.194871][T28182] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1972.223967][T28182] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1972.288518][T28182] team0: Port device team_slave_0 added [ 1972.304699][T28182] team0: Port device team_slave_1 added [ 1972.366700][T28182] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1972.384266][T28182] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1972.441577][T28182] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1972.466493][T28182] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1972.482626][T28182] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1972.539081][T28182] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1972.614254][T28182] hsr_slave_0: entered promiscuous mode [ 1972.620801][T28182] hsr_slave_1: entered promiscuous mode [ 1972.627621][T28182] debugfs: 'hsr0' already exists in 'hsr' [ 1972.634924][T28182] Cannot create hsr debugfs directory [ 1973.121466][T19485] Bluetooth: hci10: command tx timeout [ 1975.201394][T19485] Bluetooth: hci10: command tx timeout [ 1976.084851][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 1976.091749][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 1977.281440][T19485] Bluetooth: hci10: command tx timeout [ 1979.361376][T19485] Bluetooth: hci10: command tx timeout [ 1998.497236][T26753] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1 [ 1998.513015][T26753] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9 [ 1998.524604][T26753] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9 [ 1998.534873][T26753] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4 [ 1998.545077][T26753] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2 [ 1999.358499][T28207] bridge0: port 1(bridge_slave_0) entered blocking state [ 1999.369466][T28207] bridge0: port 1(bridge_slave_0) entered disabled state [ 1999.379402][T28207] bridge_slave_0: entered allmulticast mode [ 1999.386988][T28207] bridge_slave_0: entered promiscuous mode [ 1999.395516][T28207] bridge0: port 2(bridge_slave_1) entered blocking state [ 1999.402946][T28207] bridge0: port 2(bridge_slave_1) entered disabled state [ 1999.410175][T28207] bridge_slave_1: entered allmulticast mode [ 1999.418127][T28207] bridge_slave_1: entered promiscuous mode [ 1999.456608][T28207] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1999.469527][T28207] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1999.506744][T28207] team0: Port device team_slave_0 added [ 1999.515430][T28207] team0: Port device team_slave_1 added [ 1999.544200][T28207] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1999.552495][T28207] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1999.580280][T28207] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1999.595103][T28207] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1999.603276][T28207] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1999.629697][T28207] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1999.676746][T28207] hsr_slave_0: entered promiscuous mode [ 1999.684949][T28207] hsr_slave_1: entered promiscuous mode [ 1999.691627][T28207] debugfs: 'hsr0' already exists in 'hsr' [ 1999.697384][T28207] Cannot create hsr debugfs directory [ 2000.641448][T26753] Bluetooth: hci11: command tx timeout [ 2002.009334][T19485] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1 [ 2002.026094][T19485] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9 [ 2002.037997][T19485] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9 [ 2002.049294][T19485] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4 [ 2002.058844][T19485] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2 [ 2002.613165][T28228] bridge0: port 1(bridge_slave_0) entered blocking state [ 2002.620729][T28228] bridge0: port 1(bridge_slave_0) entered disabled state [ 2002.628417][T28228] bridge_slave_0: entered allmulticast mode [ 2002.636245][T28228] bridge_slave_0: entered promiscuous mode [ 2002.645791][T28228] bridge0: port 2(bridge_slave_1) entered blocking state [ 2002.654483][T28228] bridge0: port 2(bridge_slave_1) entered disabled state [ 2002.662133][T28228] bridge_slave_1: entered allmulticast mode [ 2002.669527][T28228] bridge_slave_1: entered promiscuous mode [ 2002.705513][T28228] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2002.718048][T28228] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2002.727371][T26753] Bluetooth: hci11: command tx timeout [ 2002.757430][T28228] team0: Port device team_slave_0 added [ 2002.766716][T28228] team0: Port device team_slave_1 added [ 2002.794703][T28228] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2002.802538][T28228] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2002.830166][T28228] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2002.843636][T28228] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2002.851822][T28228] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2002.880218][T28228] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2002.929271][T28228] hsr_slave_0: entered promiscuous mode [ 2002.936556][T28228] hsr_slave_1: entered promiscuous mode [ 2002.943193][T28228] debugfs: 'hsr0' already exists in 'hsr' [ 2002.948956][T28228] Cannot create hsr debugfs directory [ 2004.161454][T26753] Bluetooth: hci12: command tx timeout [ 2004.801251][T26753] Bluetooth: hci11: command tx timeout [ 2006.241937][T26753] Bluetooth: hci12: command tx timeout [ 2006.881277][T26753] Bluetooth: hci11: command tx timeout [ 2008.321368][T26753] Bluetooth: hci12: command tx timeout [ 2010.008368][T19485] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1 [ 2010.019343][T19485] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9 [ 2010.029837][T19485] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9 [ 2010.048313][T19485] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4 [ 2010.057472][T19485] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2 [ 2010.401427][T19485] Bluetooth: hci12: command tx timeout [ 2010.652615][T28246] bridge0: port 1(bridge_slave_0) entered blocking state [ 2010.659982][T28246] bridge0: port 1(bridge_slave_0) entered disabled state [ 2010.667641][T28246] bridge_slave_0: entered allmulticast mode [ 2010.675431][T28246] bridge_slave_0: entered promiscuous mode [ 2010.685240][T28246] bridge0: port 2(bridge_slave_1) entered blocking state [ 2010.692782][T28246] bridge0: port 2(bridge_slave_1) entered disabled state [ 2010.700067][T28246] bridge_slave_1: entered allmulticast mode [ 2010.709184][T28246] bridge_slave_1: entered promiscuous mode [ 2010.748029][T28246] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2010.761569][T28246] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2010.793557][T28246] team0: Port device team_slave_0 added [ 2010.802456][T28246] team0: Port device team_slave_1 added [ 2010.830679][T28246] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2010.838919][T28246] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2010.866097][T28246] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2010.879793][T28246] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2010.887739][T28246] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 2010.915711][T28246] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2010.963417][T28246] hsr_slave_0: entered promiscuous mode [ 2010.970142][T28246] hsr_slave_1: entered promiscuous mode [ 2010.977558][T28246] debugfs: 'hsr0' already exists in 'hsr' [ 2010.983523][T28246] Cannot create hsr debugfs directory [ 2012.161359][T19485] Bluetooth: hci13: command tx timeout [ 2014.241298][T19485] Bluetooth: hci13: command tx timeout [ 2016.321482][T19485] Bluetooth: hci13: command tx timeout [ 2017.042051][ T30] INFO: task syz-executor:27559 blocked for more than 143 seconds. [ 2017.050964][ T30] Tainted: G L syzkaller #0 [ 2017.058346][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2017.067365][ T30] task:syz-executor state:D stack:24240 pid:27559 tgid:27559 ppid:1 task_flags:0x480140 flags:0x00080002 [ 2017.080881][ T30] Call Trace: [ 2017.085313][ T30] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 2017.088285][ T30] __schedule+0x10e9/0x6820 [ 2017.101931][ T30] ? __pfx___schedule+0x10/0x10 [ 2017.112150][ T30] ? find_held_lock+0x2b/0x80 [ 2017.123255][ T30] ? schedule+0x2bf/0x390 [ 2017.133443][ T30] schedule+0xdd/0x390 [ 2017.141434][ T30] schedule_timeout+0x1b2/0x280 [ 2017.169111][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 2017.208440][ T30] ? mark_held_locks+0x40/0x70 [ 2017.237186][ T30] __wait_for_common+0x2e7/0x4c0 [ 2017.260856][ T30] ? __pfx_schedule_timeout+0x10/0x10 [ 2017.271467][ T30] ? __pfx___wait_for_common+0x10/0x10 [ 2017.277004][ T30] remove_one+0x312/0x420 [ 2017.282531][ T30] ? find_next_child+0x18f/0x280 [ 2017.287908][ T30] __simple_recursive_removal+0x148/0x5c0 [ 2017.295823][ T30] ? __pfx_remove_one+0x10/0x10 [ 2017.300729][ T30] debugfs_remove+0x5d/0x80 [ 2017.305604][ T30] nsim_dev_health_exit+0x3b/0xe0 [ 2017.310669][ T30] nsim_dev_reload_destroy+0x144/0x4a0 [ 2017.316693][ T30] nsim_drv_remove+0x52/0x1e0 [ 2017.322325][ T30] ? __pfx_nsim_bus_remove+0x10/0x10 [ 2017.327658][ T30] device_remove+0xcb/0x180 [ 2017.333277][ T30] device_release_driver_internal+0x44e/0x620 [ 2017.339400][ T30] bus_remove_device+0x2bc/0x560 [ 2017.344818][ T30] ? __pfx_bus_remove_device+0x10/0x10 [ 2017.350323][ T30] ? __pfx_device_remove_attrs+0x10/0x10 [ 2017.357015][ T30] device_del+0x376/0x9b0 [ 2017.362681][ T30] ? __pfx_device_del+0x10/0x10 [ 2017.367609][ T30] ? __lock_acquire+0x4a5/0x2630 [ 2017.372973][ T30] device_unregister+0x1d/0xe0 [ 2017.377770][ T30] del_device_store+0x346/0x480 [ 2017.382914][ T30] ? __pfx_del_device_store+0x10/0x10 [ 2017.388315][ T30] ? find_held_lock+0x2b/0x80 [ 2017.394495][ T30] ? sysfs_file_kobj+0xe4/0x290 [ 2017.399417][ T30] ? sysfs_file_kobj+0xe4/0x290 [ 2017.405700][ T30] ? __pfx_del_device_store+0x10/0x10 [ 2017.411431][ T30] bus_attr_store+0x74/0xb0 [ 2017.416000][ T30] ? __pfx_bus_attr_store+0x10/0x10 [ 2017.421925][ T30] sysfs_kf_write+0xf2/0x150 [ 2017.426570][ T30] kernfs_fop_write_iter+0x3e0/0x5f0 [ 2017.433288][ T30] ? __pfx_sysfs_kf_write+0x10/0x10 [ 2017.438536][ T30] vfs_write+0x6ac/0x1070 [ 2017.446003][ T30] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 2017.452183][ T30] ? __pfx_vfs_write+0x10/0x10 [ 2017.456995][ T30] ? __pfx_do_sys_openat2+0x10/0x10 [ 2017.463571][ T30] ksys_write+0x12a/0x250 [ 2017.467946][ T30] ? __pfx_ksys_write+0x10/0x10 [ 2017.473260][ T30] ? rcu_is_watching+0x12/0xc0 [ 2017.478069][ T30] do_syscall_64+0x10b/0xf80 [ 2017.483051][ T30] ? clear_bhb_loop+0x40/0x90 [ 2017.487783][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2017.494994][ T30] RIP: 0033:0x7f45da55d60e [ 2017.499450][ T30] RSP: 002b:00007ffdd90c11a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2017.508236][ T30] RAX: ffffffffffffffda RBX: 000055556fe6f500 RCX: 00007f45da55d60e [ 2017.518231][ T30] RDX: 0000000000000001 RSI: 00007ffdd90c1230 RDI: 0000000000000005 [ 2017.526505][ T30] RBP: 00007f45da6335ec R08: 0000000000000000 R09: 0000000000000000 [ 2017.535010][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2017.543961][ T30] R13: 00007ffdd90c1230 R14: 00007f45db344620 R15: 0000000000000003 [ 2017.552983][ T30] [ 2017.556097][ T30] INFO: task syz.4.4838:27694 blocked for more than 143 seconds. [ 2017.577642][ T30] Tainted: G L syzkaller #0 [ 2017.584457][ T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 2017.593900][ T30] task:syz.4.4838 state:D stack:27096 pid:27694 tgid:27693 ppid:19482 task_flags:0x400140 flags:0x00080002 [ 2017.607826][ T30] Call Trace: [ 2017.611401][ T30] [ 2017.614382][ T30] __schedule+0x10e9/0x6820 [ 2017.618921][ T30] ? __pfx___schedule+0x10/0x10 [ 2017.625378][ T30] ? find_held_lock+0x2b/0x80 [ 2017.630106][ T30] ? schedule+0x2bf/0x390 [ 2017.634793][ T30] schedule+0xdd/0x390 [ 2017.638906][ T30] schedule_preempt_disabled+0x13/0x30 [ 2017.644796][ T30] __mutex_lock+0xced/0x1b10 [ 2017.649431][ T30] ? devlink_health_report+0x66c/0xb20 [ 2017.655954][ T30] ? __pfx___mutex_lock+0x10/0x10 [ 2017.661021][ T30] ? devlink_recover_notify.constprop.0+0x1e3/0x540 [ 2017.669049][ T30] ? devlink_health_report+0x66c/0xb20 [ 2017.674774][ T30] devlink_health_report+0x66c/0xb20 [ 2017.680095][ T30] ? __pfx_devlink_health_report+0x10/0x10 [ 2017.692787][ T30] ? _copy_from_user+0x59/0xd0 [ 2017.698739][ T30] nsim_dev_health_break_write+0x166/0x210 [ 2017.704916][ T30] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 2017.711690][ T30] full_proxy_write+0x135/0x1a0 [ 2017.716593][ T30] vfs_write+0x2aa/0x1070 [ 2017.720947][ T30] ? __pfx_full_proxy_write+0x10/0x10 [ 2017.726851][ T30] ? __pfx_vfs_write+0x10/0x10 [ 2017.733275][ T30] ? __fget_files+0x215/0x3d0 [ 2017.738004][ T30] ? __fget_files+0x21f/0x3d0 [ 2017.743022][ T30] ksys_write+0x12a/0x250 [ 2017.747392][ T30] ? __pfx_ksys_write+0x10/0x10 [ 2017.752815][ T30] ? rcu_is_watching+0x12/0xc0 [ 2017.757627][ T30] do_syscall_64+0x10b/0xf80 [ 2017.764471][ T30] ? clear_bhb_loop+0x40/0x90 [ 2017.769583][ T30] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 2017.776540][ T30] RIP: 0033:0x7f8d2079cdd9 [ 2017.780983][ T30] RSP: 002b:00007f8d215aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 2017.789834][ T30] RAX: ffffffffffffffda RBX: 00007f8d20a15fa0 RCX: 00007f8d2079cdd9 [ 2017.799205][ T30] RDX: 00000000000001e1 RSI: 0000200000000080 RDI: 0000000000000006 [ 2017.808088][ T30] RBP: 00007f8d20832d69 R08: 0000000000000000 R09: 0000000000000000 [ 2017.816319][ T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2017.824621][ T30] R13: 00007f8d20a16038 R14: 00007f8d20a15fa0 R15: 00007ffd10fdfba8 [ 2017.832955][ T30] [ 2017.836125][ T30] [ 2017.836125][ T30] Showing all locks held in the system: [ 2017.848083][ T30] 1 lock held by khungtaskd/30: [ 2017.853495][ T30] #0: ffffffff8e7e52e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 2017.863807][ T30] 2 locks held by getty/26152: [ 2017.868625][ T30] #0: ffff888034c5c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 2017.880741][ T30] #1: ffffc900031702e8 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x14f0 [ 2017.891923][ T30] 7 locks held by syz-executor/27559: [ 2017.897331][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2017.908332][ T30] #1: ffff88802728f880 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2017.918499][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2017.930622][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2017.941515][ T30] #4: ffff8880280e8128 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb2/0x620 [ 2017.953495][ T30] #5: ffff8880278cf258 (&devlink->lock_key#6){+.+.}-{4:4}, at: nsim_drv_remove+0x4a/0x1e0 [ 2017.963879][ T30] #6: ffff88809fd96328 (&sb->s_type->i_mutex_key#9/2){+.+.}-{4:4}, at: __simple_recursive_removal+0xe0/0x5c0 [ 2017.976289][ T30] 3 locks held by syz.4.4838/27694: [ 2017.982394][ T30] #0: ffff88806969bcf0 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380 [ 2017.991691][ T30] #1: ffff888020290410 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.000715][ T30] #2: ffff8880278cf258 (&devlink->lock_key#6){+.+.}-{4:4}, at: devlink_health_report+0x66c/0xb20 [ 2018.015316][ T30] 2 locks held by syz.3.4850/27803: [ 2018.020544][ T30] #0: ffff888020290410 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x9b1/0x31a0 [ 2018.030040][ T30] #1: ffff88809fd96328 (&sb->s_type->i_mutex_key#17){++++}-{4:4}, at: path_openat+0xa16/0x31a0 [ 2018.040847][ T30] 4 locks held by syz-executor/27822: [ 2018.046445][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.055798][ T30] #1: ffff88805aba1c80 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.066947][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.077747][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.088759][ T30] 4 locks held by syz-executor/27900: [ 2018.095051][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.104227][ T30] #1: ffff88805b105080 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.115179][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.126742][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.137405][ T30] 4 locks held by syz-executor/28017: [ 2018.143066][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.152363][ T30] #1: ffff88807c39c080 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.164636][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.176006][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.187210][ T30] 5 locks held by syz.5.4909/28113: [ 2018.192971][ T30] #0: ffff888036aeb270 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380 [ 2018.202858][ T30] #1: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.213158][ T30] #2: ffff88805a1d1880 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.223257][ T30] #3: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.234948][ T30] #4: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.246277][ T30] 4 locks held by syz-executor/28119: [ 2018.251973][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.263121][ T30] #1: ffff888020b36480 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.273186][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.284905][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.295542][ T30] 4 locks held by syz-executor/28140: [ 2018.300943][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.310823][ T30] #1: ffff88805a030c80 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.324799][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.335202][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.347127][ T30] 4 locks held by syz-executor/28161: [ 2018.352807][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.362238][ T30] #1: ffff88808ec51c80 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.372230][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.382625][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.394570][ T30] 4 locks held by syz-executor/28182: [ 2018.399973][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.409227][T19485] Bluetooth: hci13: command tx timeout [ 2018.420525][ T30] #1: ffff8880342d4480 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.430593][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.441930][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.454045][ T30] 4 locks held by syz-executor/28207: [ 2018.459597][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.469018][ T30] #1: ffff88807caed880 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.479143][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.492029][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.504099][ T30] 4 locks held by syz-executor/28228: [ 2018.509502][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.519920][ T30] #1: ffff88805a00a480 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.530092][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.540396][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.550948][ T30] 4 locks held by syz-executor/28246: [ 2018.557229][ T30] #0: ffff88803754e410 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 2018.567884][ T30] #1: ffff888042436880 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 2018.577936][ T30] #2: ffff88802a9ed1e8 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 2018.588685][ T30] #3: ffffffff8fb7f640 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 2018.599365][ T30] [ 2018.603083][ T30] ============================================= [ 2018.603083][ T30] [ 2018.613110][ T30] NMI backtrace for cpu 0 [ 2018.613128][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 2018.613169][ T30] Tainted: [L]=SOFTLOCKUP [ 2018.613176][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 2018.613188][ T30] Call Trace: [ 2018.613195][ T30] [ 2018.613202][ T30] dump_stack_lvl+0x100/0x190 [ 2018.613227][ T30] nmi_cpu_backtrace.cold+0x12d/0x151 [ 2018.613252][ T30] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 2018.613274][ T30] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 2018.613311][ T30] sys_info+0x141/0x190 [ 2018.613339][ T30] watchdog+0xcb1/0x1030 [ 2018.613372][ T30] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2018.613397][ T30] ? __pfx_watchdog+0x10/0x10 [ 2018.613426][ T30] ? __kthread_parkme+0x18c/0x230 [ 2018.613456][ T30] ? kthread+0x13a/0x450 [ 2018.613478][ T30] ? __pfx_watchdog+0x10/0x10 [ 2018.613504][ T30] kthread+0x370/0x450 [ 2018.613521][ T30] ? __pfx_kthread+0x10/0x10 [ 2018.613540][ T30] ret_from_fork+0x72b/0xd50 [ 2018.613563][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 2018.613586][ T30] ? __switch_to+0x800/0x1100 [ 2018.613614][ T30] ? __switch_to_asm+0x39/0x70 [ 2018.613640][ T30] ? __pfx_kthread+0x10/0x10 [ 2018.613658][ T30] ret_from_fork_asm+0x1a/0x30 [ 2018.613696][ T30] [ 2018.759521][ T30] Kernel panic - not syncing: hung_task: blocked tasks [ 2018.766411][ T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Tainted: G L syzkaller #0 PREEMPT(full) [ 2018.777101][ T30] Tainted: [L]=SOFTLOCKUP [ 2018.781425][ T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 2018.791483][ T30] Call Trace: [ 2018.794765][ T30] [ 2018.797700][ T30] dump_stack_lvl+0x100/0x190 [ 2018.802382][ T30] vpanic+0x552/0x970 [ 2018.806371][ T30] ? __pfx_vpanic+0x10/0x10 [ 2018.810880][ T30] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 2018.817052][ T30] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 2018.823228][ T30] panic+0xd1/0xe0 [ 2018.826958][ T30] ? __pfx_panic+0x10/0x10 [ 2018.831392][ T30] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 2018.837589][ T30] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 2018.843774][ T30] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 2018.849946][ T30] ? watchdog.cold+0x1ec/0x234 [ 2018.854717][ T30] ? watchdog+0xcc1/0x1030 [ 2018.859157][ T30] watchdog.cold+0x1fd/0x234 [ 2018.863775][ T30] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 2018.869597][ T30] ? __pfx_watchdog+0x10/0x10 [ 2018.874305][ T30] ? __kthread_parkme+0x18c/0x230 [ 2018.879378][ T30] ? kthread+0x13a/0x450 [ 2018.883672][ T30] ? __pfx_watchdog+0x10/0x10 [ 2018.888374][ T30] kthread+0x370/0x450 [ 2018.892461][ T30] ? __pfx_kthread+0x10/0x10 [ 2018.897069][ T30] ret_from_fork+0x72b/0xd50 [ 2018.901681][ T30] ? __pfx_ret_from_fork+0x10/0x10 [ 2018.906797][ T30] ? __switch_to+0x800/0x1100 [ 2018.911490][ T30] ? __switch_to_asm+0x39/0x70 [ 2018.916266][ T30] ? __pfx_kthread+0x10/0x10 [ 2018.920854][ T30] ret_from_fork_asm+0x1a/0x30 [ 2018.925637][ T30] [ 2018.928740][ T30] Kernel Offset: disabled [ 2018.933079][ T30] Rebooting in 86400 seconds..