last executing test programs: 15.290031063s ago: executing program 0 (id=409): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sr0\x00', 0x1, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r1 = socket(0xa, 0x2, 0x0) cachestat$auto(r1, &(0x7f0000000000)={0x0, 0x7fc}, &(0x7f0000000040)={0x2, 0x0, 0xd6, 0x1, 0x3}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = socket(0xa, 0x3, 0x3a) io_uring_register$auto(r2, 0x8, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(0x0, 0x0, 0x408) mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x45, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000) clone$auto(0x100000008, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006) clone$auto(0x1, 0x1, 0x0, 0x0, 0x2) r3 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r3, 0x110, 0x3, 0x0, 0x7) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, 0x0, 0x6, 0xffffffffffffffff, 0x4, 0x400) mprotect$auto(0x0, 0x7, 0x0) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon0\x00', 0x82640, 0x0) readv$auto(r4, &(0x7f0000000380)={0x0, 0x8}, 0x8) 13.55068017s ago: executing program 0 (id=414): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/pids.peak\x00', 0x8000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x9644, 0xdf, 0x9b72, 0x2, 0x2d4a29c0) pivot_root$auto(0x0, 0x0) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000000, 0xe) mmap$auto(0x7f, 0x82020009, 0x3, 0xeb1, 0xffffffffffffffff, 0xfff) connect$auto(0x3, 0x0, 0x10) unshare$auto(0x40000080) r1 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000100), 0x80840, 0x0) lseek$auto(r1, 0x0, 0x2) readv$auto(r1, &(0x7f0000000a80)={0x0, 0x5b54}, 0x1) getsockopt$auto(0xffffffffffffffff, 0x1, 0x3, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) msgctl$auto_MSG_STAT_ANY(0x3, 0xd, &(0x7f00000003c0)={{0x7fff, 0xee00, 0xffffffffffffffff, 0xffdf, 0xa8, 0x80, 0x9}, 0x0, &(0x7f0000000380)=0x2, 0x5, 0x1, 0x3, 0x0, 0x8, 0x5, 0xfffc, 0x8c2, @inferred=0xffffffffffffffff, @raw=0x1}) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2, 0x1}, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) 12.769323166s ago: executing program 3 (id=416): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0xffffffffffffffaf, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x4}, 0x81) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) r3 = dup$auto(r2) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r4, 0x81004523, r3) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r5, 0x0, 0x400100000001, 0x1ff) unshare$auto(0x40000080) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'veth0_macvtap\x00'}) socket(0x10, 0x3, 0x6) mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fsconfig$auto_SHMEM_HUGE_FORCE(0xffffffffffffffff, 0x7, 0x0, &(0x7f00000001c0)="5b0fdf8e7220ade733b697e361a312e8797cf9bc410c090dd180de688ae19ee0f7d3ce7f185fa1b9c9867d234fdb5c62c6e305f1df4ca134c6413371cb668566fc407fc2b99e953d74e9fe557dc0d6dd24b7fd497737dfcd44938915c5131197660e57624aba5b26b726415e50", 0xfffffffffffffffe) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0xac, 0x200, 0x2, 0x40000402, 0x9, 0x9, 0xffffffffffffffff, 0x6, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x2, 0x4cbd5d) ptrace$auto(0x5, 0x0, 0xfffffffffffffffa, 0x8) 12.129310273s ago: executing program 2 (id=417): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000540)={0xfff, &(0x7f0000000180)="f2e37aa851f172bd24308737938225756749a2cd058f981d81224e731c1514b4fd0290f2fb02e666a68c1d72ad5615b16c73b5c0cedf17801dfece4a243f6e3a47ecc1c5db92b3500cef"}) socket(0x15, 0x5, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0xca, 0x0, 0x2d9) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) semctl$auto_SETVAL(0x2, 0x5, 0x10, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x112) rt_sigsuspend$auto(0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x2000, 0x800004, 0x105}) ioctl$auto(0x3, 0x80004509, 0x10000000000402) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, 0x0, 0x50a81, 0x0) 12.128371694s ago: executing program 1 (id=425): pipe$auto(0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xcfk', 0x81) getsockopt$auto_SO_DOMAIN(0xffffffffffffffff, 0xf99, 0x27, &(0x7f0000000040)='-&\x00', &(0x7f0000000100)=0x100203) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x22240, 0x155) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:00.0/power_state\x00', 0x40, 0x0) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/fcloop/ctl/add_local_port\x00', 0xa001, 0x0) write$auto(r1, &(0x7f0000000000)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x92\xa3\x99\xc4 \xbcr^\x9f\x8a\a\xd7\x19\xb8k\xa2\xce\xdb\xab?\xecZ\xb4\x068\xae\b\x1e~\xe0{\x1f\xf6^\x92\xdfDng', 0x80) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x40146f2c, 0x0) prctl$auto(0x23, 0xa, 0x2008, 0x0, 0x0) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x403c6f2b, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, 0x0, 0x6a) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x100000000400008, 0xdf, 0x9b72, 0x2, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) 10.752880146s ago: executing program 3 (id=418): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mkdir$auto(0x0, 0x8001) mount$auto(0x0, 0x0, 0x0, 0x3, 0x0) unshare$auto(0x40000080) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/pcrypt/pencrypt/serial_cpumask\x00', 0xa001, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0) sendfile$auto(r2, r2, 0x0, 0x7fffe000) write$auto(r1, &(0x7f0000000040)=',\x00^\xa2\x02\x00\x05\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xee\x0f_o\xc0\xee?\xce\xa3\x04\x95Hq\xf4\x00\x00\x00\x00\x00\x00\x006\xe0\xb1d)X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x80000000000) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0xf0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x240007, 0x19) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r3, 0x0, 0x0) ioctl$auto_NS_GET_PID_IN_PIDNS(r0, 0x8004b708, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f00000000c0), r5) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x3c, r6, 0x1, 0x70bd2d, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_FD={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x10bb41, 0x0) 10.75201471s ago: executing program 1 (id=427): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sr0\x00', 0x1, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r1 = socket(0xa, 0x3, 0x3a) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r1, 0x8, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(0x0, 0x0, 0x408) mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x45, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000) clone$auto(0x100000008, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006) clone$auto(0x1, 0x1, 0x0, 0x0, 0x2) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r2, 0x110, 0x3, 0x0, 0x7) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, 0x0, 0x6, 0xffffffffffffffff, 0x4, 0x400) mprotect$auto(0x0, 0x7, 0x0) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon0\x00', 0x82640, 0x0) readv$auto(r3, &(0x7f0000000380)={0x0, 0x8}, 0x8) 9.661257971s ago: executing program 1 (id=419): waitid$auto(0x8, 0xffffffffffffffff, &(0x7f0000000100)={@siginfo_0_0={0x5, 0x98, 0x10, @_timer={0x0, 0x40002, @sival_int=0xa, 0x2}}}, 0x3, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, 0x0) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d"}, 0x6, 0x3, 0xff) socket(0x2c, 0x80003, 0x0) unshare$auto(0x40000080) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, 0x0, 0x100000a3d9) socket(0x2b, 0x1, 0x0) ioctl$auto(0x3, 0x8905, 0x38) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/mm/mempolicy/weighted_interleave/node0\x00', 0xa001, 0x0) write$auto(r3, &(0x7f0000000180)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0xfdf1) lstat$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xfffffffffffffffa, 0x8000) 9.110100355s ago: executing program 0 (id=420): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sr0\x00', 0x1, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) r1 = socket(0xa, 0x2, 0x0) cachestat$auto(r1, &(0x7f0000000000)={0x0, 0x7fc}, &(0x7f0000000040)={0x2, 0x0, 0xd6, 0x1, 0x3}, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = socket(0xa, 0x3, 0x3a) io_uring_register$auto(r2, 0x8, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) open(0x0, 0x0, 0x408) mmap$auto(0x0, 0x61, 0x100001000000003, 0x9b72, 0x2, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x45, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x40000eb1, 0x401, 0x8000) clone$auto(0x100000008, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x4000006) clone$auto(0x1, 0x1, 0x0, 0x0, 0x2) r3 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r3, 0x110, 0x3, 0x0, 0x7) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x5, 0xfff, 0x44eb2, 0x10006, 0x300000000000) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, 0x0, 0x6, 0xffffffffffffffff, 0x4, 0x400) mprotect$auto(0x0, 0x7, 0x0) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon0\x00', 0x82640, 0x0) readv$auto(r4, &(0x7f0000000380)={0x0, 0x8}, 0x8) 8.726559939s ago: executing program 2 (id=421): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x10b142, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) flock$auto(0xffffffffffffffff, 0xffffffff) flock$auto(r0, 0x5) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000180)=""/108, 0x6c) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000100), 0xffffffffffffffff) process_vm_writev$auto(0x0, 0x0, 0x200000000017, 0x0, 0x7, 0x0) flock$auto(r0, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) linkat$auto(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mmap$auto(0x0, 0x202000c, 0x3, 0xeb2, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = bpf$auto(0x0, 0x0, 0x1000000f) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'veth0_to_bond\x00'}) socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) recvmmsg$auto(r1, &(0x7f0000000580)={{0x0, 0x200, 0x0, 0x7, &(0x7f0000000500)="3f3e67da62797e85e472faca6dc26e8c6967a15ab05e941d3c519cb2b377c0", 0x6, 0x1}, 0x3b}, 0x68, 0x3, 0x0) timer_create$auto_CLOCK_TAI(0xb, &(0x7f00000000c0)={@sival_int=0x8, @inferred=r0, 0x5}, &(0x7f0000000140)=0x7) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @empty}, 0x51) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x7fffffff) 7.370193462s ago: executing program 3 (id=422): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/mounts\x00', 0x105442, 0x0) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000100)=""/4096, 0x1000) setsockopt$auto_SO_CNX_ADVICE(r0, 0xfff, 0x35, &(0x7f0000001500)='\x00', 0x9) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001180), r1) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000014c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001340)={0x1c, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_FILS_CACHE_ID={0x4}, @NL80211_ATTR_FREQ_FIXED={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x40011) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioctl$auto_SNDRV_PCM_IOCTL_INFO(r1, 0x81204101, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r3 = socket(0x1e, 0x1, 0x0) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001580), r0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) statx$auto(0xffffffffffffff9c, &(0x7f0000001240)=':,\x00', 0x0, 0x9000000, &(0x7f0000001280)={0x4, 0xac, 0xfffffffffffffffb, 0x1, 0xee00, 0x0, 0x7, 0x100, 0xa, 0x8001, 0x2, 0x0, {0x4, 0x7}, {0x3, 0x3274925}, {0x1, 0x4}, {0x180000000000000, 0x400}, 0x10001, 0x3, 0x8, 0x727, 0x33, 0x8, 0xfffffffd, 0xfffffffffffffffd, 0xfffffffe, 0x401, 0x3, 0xc58, [0x5, 0xa71d, 0x7df5, 0x6, 0x9, 0x0, 0x8000, 0x6, 0x81]}) r7 = wait4$auto(0x0, &(0x7f0000001380)=0x7, 0x6, &(0x7f00000013c0)={{0xc000000, 0x4}, {0x48, 0x7}, 0x55f, 0xa4ac, 0x12, 0x1, 0x2, 0x1, 0x100, 0x9, 0x45, 0x7, 0x6, 0xfffffffffffffeff, 0x81, 0x1b}) shmctl$auto_IPC_INFO(0x2, 0x3, &(0x7f0000001580)={{0x8, 0x0, r6, 0x7bf, 0x19, 0x7ff, 0x8001}, 0x3, 0x1, 0x3, 0x4, @inferred=r7, @raw=0x101, 0xe641, 0x0, 0x0, &(0x7f0000001540)="65c8e2dc93f86ac11fb36326c1fbced2a465fc8969632a9a94465951ed56a5d6ef64ccdae2420078f6c4cdcf"}) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000001d80)={&(0x7f0000001540)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001d40)={&(0x7f00000015c0)={0x460, r4, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x58, 0x2, 0x0, 0x1, [@nested={0x4, 0x157}, @nested={0x24, 0x8c, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid=r5}, @nested={0x4, 0x77}, @typed={0x6, 0xc6, 0x0, 0x0, @str='[\x00'}, @typed={0xc, 0x12a, 0x0, 0x0, @u64=0x6}]}, @typed={0x8, 0xdd, 0x0, 0x0, @u32=0x2}, @nested={0x20, 0x5b, 0x0, 0x1, [@typed={0x8, 0x5e, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x11c, 0x0, 0x0, @fd=r1}, @typed={0xc, 0xc9, 0x0, 0x0, @u64=0xcb8}, @generic]}, @typed={0x4, 0xa8}, @generic]}, @ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xfffffffe}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x3e4, 0x2, 0x0, 0x1, [@nested={0x95, 0x4d, 0x0, 0x1, [@typed={0x8, 0xcd, 0x0, 0x0, @uid=0xee00}, @generic="35e778354a4cbbe66767af46447c2a916be188961f60217bca921fb75729764a6c7c3c120f4d577e9ef3d031944d9c536edb68f32c9ffe8b406f97b09c0a3c210ab31952e376889c028b0295537be8b7696fb76083a2a1994cbfc50516f0434c90dca8ab94bd1b8fb9087388090224ffade4e1d4361349d2a9c05b02ae9d12f990d878ec8207ea419f"]}, @generic="55d67aa9eb50baa8b549389e99869b7ccf334d1f0593450b7551ef04576384c88763ebbe06254ae6fc75", @nested={0x28f, 0x92, 0x0, 0x1, [@typed={0x101, 0x156, 0x0, 0x0, @binary="fbcedf7ca35d0089dd7fb7204664dc05d1bb98ada40bc7a43d16e21978dc0a916d0dce92db81c59c59e12a65101486ec47c4e78664b3c8e43aafd586ec8c9c045d0adab9cde9ba5725ac36bdd7514a261c5fe31923799b37be356a343440ac95088fafa187273a7494c78b3d345152afc103949ff9019e6c1dc81181b631c1352ae7565a8c27e68cc32ca3e10ed3618d48574dd6615f82be8139d3d5db83be4efabe890962a93bbd924d5e77ad7f6a029a9bf9181df414b1611abc175f452c8433b93dc7f93641ef3d47500954fee4ccb5d84ea3ef8aebc198a711623949ed7ec9110889f559034df0deaf0fe8a87412d8e765b8f67c61b7c6b5709e42"}, @nested={0x4, 0x22}, @generic="97068e7d5cad19da5fb2a0d6c5dc42c5359eee09e3f7dd215547d2e5ef6b011eee641e2bedad396d9182e5a88934df667f3adc8ba9d6d60f7a42d5d0afd2e7490eee1ed6f428d3cb1325bb0b2a78e24cf3549c36a298a80a0e056de075d7489d642a57dfdd3b0330a2e4428582baddc22ed661f0defa944000851fe9a1414066a8ae6031a216728e4d3b09701f0b9f3e4215df76adf7dc2a15de3991fc4c26f03b8a0dcdd661e1482e8dc4e1ac1300ed466b8ec79917a934834912b7c6548150df9e859cb3509639cc", @generic="cbf10c685484165bf14589d7ab869dbd02a585daca2674a5c6a484130cc079e8b133e75558f3ad1d7802c8252112c9630eb13c5a8aa557f995d2eb2e5a64d9aa5c45496c4340f2df3704636313fd4b277242ab751255a3814fef6c2e105a9f366ab8f26409ad6b4376d4a9aefa9d46a60ac80177c9e31814aed29fcdb7895d4bc2f0bfe444ddce9b7951295ca992dcdc518e55e71eaeed49daae", @typed={0x8, 0x15a, 0x0, 0x0, @fd=r0}, @nested={0x4, 0x9}, @generic, @typed={0x14, 0xd8, 0x0, 0x0, @ipv6=@loopback}]}, @typed={0x8, 0x121, 0x0, 0x0, @fd=r3}, @generic="48932c880e4a69a2b993548a860cb8d041b8cfb5941b0bd7f25a6fd03e299ee697f5cc93236f2d97", @generic="e67e66be2b", @generic="50800a78bd77ec33e28a7c42d257e4ef70059c3f2bbd4a1af7d79c914232a119552bbe460eda5ee650aa17e9592f3e3a1f7b9bbbf3c095851139de2855dcb69b7136fcd4ad5ebe64dbf897f79a68845e056ab4c048de94af8f"]}]}, 0x460}, 0x1, 0x0, 0x0, 0x20000800}, 0x1000) r8 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0) ioctl$auto(r8, 0xc0045627, r3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 6.39130913s ago: executing program 0 (id=423): mmap$auto(0x2, 0x2, 0x80000000df, 0x14, 0x401, 0x8000) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x290040, 0x18c) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) sendmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000028, 0x0, 0x1, 0x3e0}, 0x800}, 0x4, 0x4008) mmap$auto(0x0, 0x202000d, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x3, 0x3a) bind$auto(0x3, &(0x7f0000000040)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x4, 0x3}}, 0x6a) r1 = getpid() openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101181, 0x0) process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040), 0xffffffff}, 0x6, 0x0) r2 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x5, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xca, 0x0, 0x567) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x22281, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptywe\x00', 0x202800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_BLKPG2(0xffffffffffffffff, 0x1269, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x23, 0x80805, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nbd1\x00', 0x8000, 0x0) ioctl$auto_BLKRRPART(r3, 0x125f, 0x0) 5.642765286s ago: executing program 1 (id=424): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) socket(0x2, 0x1, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0xb) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, 0x0}) write$auto(r2, 0x0, 0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio11\x00', 0x80002, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x902, 0x0) mmap$auto(0x7fffffffe000, 0x81, 0xffffffffffffa3a6, 0x8011, 0x3, 0x8000) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x2, 0x6, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x34, r5, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x10}, @OVS_FLOW_ATTR_KEY={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0xf, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x448c0) sendmsg$auto_SMC_PNETID_ADD(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="185e", @ANYRES16=r4, @ANYBLOB="010029bd7000fcdbdf25020000000b00010064756d6d793000000b00020064756d6d79300000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x44c0) 5.581354496s ago: executing program 3 (id=426): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) socket(0x2, 0x1, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0xb) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, 0x0}) write$auto(r2, 0x0, 0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio11\x00', 0x80002, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x902, 0x0) mmap$auto(0x7fffffffe000, 0x81, 0xffffffffffffa3a6, 0x8011, 0x3, 0x8000) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x2, 0x6, 0x0) ioctl$auto_SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000200)="538b2f525e17429845091e0af7da403c56eaa6f80b80de3866dbf18d049307def4e2becf58bc80eccb7cf4264c2051d48b9e9366e07e691f93161a7afbaedd1e5653be34b2ba4594cb045fb918676c92bf2f0e59566c5f5cac2cd65d9f26a74c18737b1e66395f4a71bbb60ed6d9ebec9220c0efff4c2be998cf1b3b0aefedb898978058171f2dc17cd27cf0ad91d248b57d07b5c926969969829452c20c152fef25ed370010764dad0b89939f95ce4434bb959e23f94fa8684353") sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x34, r5, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x10}, @OVS_FLOW_ATTR_KEY={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0xf, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x448c0) sendmsg$auto_SMC_PNETID_ADD(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="185e", @ANYRES16=r4, @ANYBLOB="010029bd7000fcdbdf25020000000b00010064756d6d793000000b00020064756d6d79300000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x44c0) 5.20407186s ago: executing program 2 (id=428): pipe$auto(0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xcfk', 0x81) getsockopt$auto_SO_DOMAIN(0xffffffffffffffff, 0xf99, 0x27, &(0x7f0000000040)='-&\x00', &(0x7f0000000100)=0x100203) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x22240, 0x155) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:00.0/power_state\x00', 0x40, 0x0) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/fcloop/ctl/add_local_port\x00', 0xa001, 0x0) write$auto(r1, &(0x7f0000000000)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k\x92\xa3\x99\xc4 \xbcr^\x9f\x8a\a\xd7\x19\xb8k\xa2\xce\xdb\xab?\xecZ\xb4\x068\xae\b\x1e~\xe0{\x1f\xf6^\x92\xdfDng', 0x80) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x40146f2c, 0x0) prctl$auto(0x23, 0xa, 0x2008, 0x0, 0x0) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x403c6f2b, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, 0x0, 0x6a) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x100000000400008, 0xdf, 0x9b72, 0x2, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) 4.165667006s ago: executing program 2 (id=429): openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x6600, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder0\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) socket(0xa, 0x1, 0x84) socket(0x2, 0x2, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x181040, 0x0) openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, 0x0, 0x48400, 0x0) openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) pipe$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_udc.0/udc/dummy_udc.0/maximum_speed\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/irq.pressure\x00', 0x101102, 0x0) openat$auto_ocfs2_control_fops_stack_user(0xffffffffffffff9c, &(0x7f0000000040), 0x669400, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0p/sub3/xrun_injection\x00', 0x8a180, 0x0) socketpair$auto(0x800001, 0x2, 0x615e, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x82, 0x0, 0x0) ioctl$auto(0x3, 0x80106f53, r0) 4.093706178s ago: executing program 0 (id=430): acct$auto(&(0x7f00000002c0)='nl802154\x00') r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/fcloop/ctl/del_local_port\x00', 0x80001, 0x0) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r1, 0x4, 0x100000000) waitid$auto_P_PID(0x1, r1, 0x0, 0x7, &(0x7f0000000080)={{0x3, 0x8}, {0x7, 0x7}, 0x2, 0x3, 0x7fffffff, 0x2f, 0x7, 0x19e296a3, 0x100000001, 0x3883, 0x7, 0x7, 0x81, 0x81, 0x0, 0x7}) sendmmsg$auto(r0, &(0x7f0000000280)={{&(0x7f0000000000)="421a500d77f796ee16d344ad424cb4a1b31d1cb3d6dd2e222d07171ece7aae6a2e1bc0f71446cb60dbe477bec77f9ab2fe418023ee36d0ddc8d3ea5effddcf508f8ec031971dec15a328f8292099723a88da18beb7", 0x7, &(0x7f00000001c0)={&(0x7f00000000c0)="e243c5276013d88a90d924156c4484cb9a3c43d482ea6f84aef04ed7cb0e61462cf1df1281538c83e640c31fbd18524009109f5ffb5b1c9bd70e608e17336a5ef412cf9dd51f593938410c3eeff03bbd4aaadb02a2f8a5a7ba78b45c24a15cf675ade451d9494b7a460c9a43fdedf5437984af68a79a0987b5d406b4b0be088ac2ef64d9b310947928512ccdb47f5d025e784b4d11a7e82d2f6c87456b07e92b4bcb7b06b08ce9d5e2356c3c05afcf889269ff721ef00321f9eb47a4dd1e75e86520a800f6e05900eace9fe224b3dee340afee48b6c076011648100bf7f563ef9e0329c6a9c959503de3992497622b46d89c9f36d91f3b", 0x3000000000}, 0x80, &(0x7f0000000200)="d480b8109a63c1cb9b07cc3c6b4d45bf00dc8e06c84105c0851dfe7cd425ae047e6bdc047b419555bad16b2c9595ae2cce58cac3fbaa4f0bfa32ce8a6db4b5ab4232b75a363c91fffa51652dad2a837256c2c11c96bc9c2e", 0x1003, 0x7}, 0x8}, 0x9, 0x3) symlink$auto(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000440)='./file0\x00') rename$auto(&(0x7f00000004c0)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00') r2 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002740), 0xffffffffffffffff) mremap$auto(0x3, 0x8, 0x1f449f79, 0x23, 0x0) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x50) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) ioctl$auto_BLKALIGNOFF(0xffffffffffffffff, 0x127a, 0x0) madvise$auto(0x0, 0x1010001, 0x100000003) madvise$auto(0x1000, 0x400050, 0x9) write$auto(0x1, 0x0, 0x80000000) mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) migrate_pages$auto(0x0, 0x2, &(0x7f0000000000)=0xffffffff9aa1c8c2, &(0x7f0000000040)=0x9) munmap$auto(0x8000, 0xffffffff) write$auto(r0, &(0x7f0000000000), 0x9) 3.731413841s ago: executing program 2 (id=431): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/mounts\x00', 0x105442, 0x0) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000100)=""/4096, 0x1000) setsockopt$auto_SO_CNX_ADVICE(r0, 0xfff, 0x35, &(0x7f0000001500)='\x00', 0x9) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000014c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001340)={0x1c, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_FILS_CACHE_ID={0x4}, @NL80211_ATTR_FREQ_FIXED={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x40011) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioctl$auto_SNDRV_PCM_IOCTL_INFO(0xffffffffffffffff, 0x81204101, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r3 = socket(0x1e, 0x1, 0x0) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001580), r0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) statx$auto(0xffffffffffffff9c, &(0x7f0000001240)=':,\x00', 0x0, 0x9000000, &(0x7f0000001280)={0x4, 0xac, 0xfffffffffffffffb, 0x1, 0xee00, 0x0, 0x7, 0x100, 0xa, 0x8001, 0x2, 0x0, {0x4, 0x7}, {0x3, 0x3274925}, {0x1, 0x4}, {0x180000000000000, 0x400}, 0x10001, 0x3, 0x8, 0x727, 0x33, 0x8, 0xfffffffd, 0xfffffffffffffffd, 0xfffffffe, 0x401, 0x3, 0xc58, [0x5, 0xa71d, 0x7df5, 0x6, 0x9, 0x0, 0x8000, 0x6, 0x81]}) r7 = wait4$auto(0x0, &(0x7f0000001380)=0x7, 0x6, &(0x7f00000013c0)={{0xc000000, 0x4}, {0x48, 0x7}, 0x55f, 0xa4ac, 0x12, 0x1, 0x2, 0x1, 0x100, 0x9, 0x45, 0x7, 0x6, 0xfffffffffffffeff, 0x81, 0x1b}) shmctl$auto_IPC_INFO(0x2, 0x3, &(0x7f0000001580)={{0x8, 0x0, r6, 0x7bf, 0x19, 0x7ff, 0x8001}, 0x3, 0x1, 0x3, 0x4, @inferred=r7, @raw=0x101, 0xe641, 0x0, 0x0, &(0x7f0000001540)="65c8e2dc93f86ac11fb36326c1fbced2a465fc8969632a9a94465951ed56a5d6ef64ccdae2420078f6c4cdcf"}) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000001d80)={&(0x7f0000001540)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001d40)={&(0x7f00000015c0)={0x460, r4, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x58, 0x2, 0x0, 0x1, [@nested={0x4, 0x157}, @nested={0x24, 0x8c, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid=r5}, @nested={0x4, 0x77}, @typed={0x6, 0xc6, 0x0, 0x0, @str='[\x00'}, @typed={0xc, 0x12a, 0x0, 0x0, @u64=0x6}]}, @typed={0x8, 0xdd, 0x0, 0x0, @u32=0x2}, @nested={0x20, 0x5b, 0x0, 0x1, [@typed={0x8, 0x5e, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x11c, 0x0, 0x0, @fd}, @typed={0xc, 0xc9, 0x0, 0x0, @u64=0xcb8}, @generic]}, @typed={0x4, 0xa8}, @generic]}, @ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xfffffffe}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x3e4, 0x2, 0x0, 0x1, [@nested={0x95, 0x4d, 0x0, 0x1, [@typed={0x8, 0xcd, 0x0, 0x0, @uid=0xee00}, @generic="35e778354a4cbbe66767af46447c2a916be188961f60217bca921fb75729764a6c7c3c120f4d577e9ef3d031944d9c536edb68f32c9ffe8b406f97b09c0a3c210ab31952e376889c028b0295537be8b7696fb76083a2a1994cbfc50516f0434c90dca8ab94bd1b8fb9087388090224ffade4e1d4361349d2a9c05b02ae9d12f990d878ec8207ea419f"]}, @generic="55d67aa9eb50baa8b549389e99869b7ccf334d1f0593450b7551ef04576384c88763ebbe06254ae6fc75", @nested={0x28f, 0x92, 0x0, 0x1, [@typed={0x101, 0x156, 0x0, 0x0, @binary="fbcedf7ca35d0089dd7fb7204664dc05d1bb98ada40bc7a43d16e21978dc0a916d0dce92db81c59c59e12a65101486ec47c4e78664b3c8e43aafd586ec8c9c045d0adab9cde9ba5725ac36bdd7514a261c5fe31923799b37be356a343440ac95088fafa187273a7494c78b3d345152afc103949ff9019e6c1dc81181b631c1352ae7565a8c27e68cc32ca3e10ed3618d48574dd6615f82be8139d3d5db83be4efabe890962a93bbd924d5e77ad7f6a029a9bf9181df414b1611abc175f452c8433b93dc7f93641ef3d47500954fee4ccb5d84ea3ef8aebc198a711623949ed7ec9110889f559034df0deaf0fe8a87412d8e765b8f67c61b7c6b5709e42"}, @nested={0x4, 0x22}, @generic="97068e7d5cad19da5fb2a0d6c5dc42c5359eee09e3f7dd215547d2e5ef6b011eee641e2bedad396d9182e5a88934df667f3adc8ba9d6d60f7a42d5d0afd2e7490eee1ed6f428d3cb1325bb0b2a78e24cf3549c36a298a80a0e056de075d7489d642a57dfdd3b0330a2e4428582baddc22ed661f0defa944000851fe9a1414066a8ae6031a216728e4d3b09701f0b9f3e4215df76adf7dc2a15de3991fc4c26f03b8a0dcdd661e1482e8dc4e1ac1300ed466b8ec79917a934834912b7c6548150df9e859cb3509639cc", @generic="cbf10c685484165bf14589d7ab869dbd02a585daca2674a5c6a484130cc079e8b133e75558f3ad1d7802c8252112c9630eb13c5a8aa557f995d2eb2e5a64d9aa5c45496c4340f2df3704636313fd4b277242ab751255a3814fef6c2e105a9f366ab8f26409ad6b4376d4a9aefa9d46a60ac80177c9e31814aed29fcdb7895d4bc2f0bfe444ddce9b7951295ca992dcdc518e55e71eaeed49daae", @typed={0x8, 0x15a, 0x0, 0x0, @fd=r0}, @nested={0x4, 0x9}, @generic, @typed={0x14, 0xd8, 0x0, 0x0, @ipv6=@loopback}]}, @typed={0x8, 0x121, 0x0, 0x0, @fd=r3}, @generic="48932c880e4a69a2b993548a860cb8d041b8cfb5941b0bd7f25a6fd03e299ee697f5cc93236f2d97", @generic="e67e66be2b", @generic="50800a78bd77ec33e28a7c42d257e4ef70059c3f2bbd4a1af7d79c914232a119552bbe460eda5ee650aa17e9592f3e3a1f7b9bbbf3c095851139de2855dcb69b7136fcd4ad5ebe64dbf897f79a68845e056ab4c048de94af8f"]}]}, 0x460}, 0x1, 0x0, 0x0, 0x20000800}, 0x1000) r8 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0) ioctl$auto(r8, 0xc0045627, r3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 2.983673573s ago: executing program 3 (id=432): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) socket(0x2, 0x1, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0xb) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, 0x0}) write$auto(r2, 0x0, 0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio11\x00', 0x80002, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x902, 0x0) mmap$auto(0x7fffffffe000, 0x81, 0xffffffffffffa3a6, 0x8011, 0x3, 0x8000) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x2, 0x6, 0x0) ioctl$auto_SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000200)="538b2f525e17429845091e0af7da403c56eaa6f80b80de3866dbf18d049307def4e2becf58bc80eccb7cf4264c2051d48b9e9366e07e691f93161a7afbaedd1e5653be34b2ba4594cb045fb918676c92bf2f0e59566c5f5cac2cd65d9f26a74c18737b1e66395f4a71bbb60ed6d9ebec9220c0efff4c2be998cf1b3b0aefedb898978058171f2dc17cd27cf0ad91d248b57d07b5c926969969829452c20c152fef25ed370010764dad0b89939f95ce4434bb959e23f94fa8684353") sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x34, r5, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x10}, @OVS_FLOW_ATTR_KEY={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0xf, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x448c0) sendmsg$auto_SMC_PNETID_ADD(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="185e", @ANYRES16=r4, @ANYBLOB="010029bd7000fcdbdf25020000000b00010064756d6d793000000b00020064756d6d79300000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x44c0) 2.680845942s ago: executing program 2 (id=433): r0 = ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) socket(0xf, 0x800, 0x5) r1 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0) r2 = syz_genetlink_get_family_id$auto_ioam6(&(0x7f00000000c0), r0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)={0x1c, r2, 0x9, 0x70bd2c, 0x25dfdbfb, {}, [@IOAM6_ATTR_NS_ID={0x6, 0x1, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x808) ioctl$auto(r1, 0x400454d0, r1) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r4, 0x8, 0x7fe) ptrace$auto_PTRACE_DETACH(0x4212, r4, 0x8, 0xd) pread64$auto(0xffffffffffffffff, 0x0, 0xf42c, 0x400) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x54) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'virt_wifi0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r6, &(0x7f0000000080)={0x0, 0xfce6, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="130036bd7000fbdbdf250200000008000300", @ANYRES32=r7, @ANYBLOB="0800610002000000"], 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x20040894) close_range$auto(0x0, 0xfffffffffffff000, 0x2) eventfd$auto(0x4) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) waitid$auto(0x9, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000001c0)={{0x4, 0x4000000000002}, {0x3}, 0xffffffffffffff74, 0x3ff, 0x4, 0x3, 0x4, 0x3, 0x7c3, 0x6, 0x1, 0x3, 0x8, 0x2, 0x9, 0x200}) r8 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000580), 0x2802, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r8, 0xfffffff7effffd0a, &(0x7f00000001c0)) unshare$auto(0x40000080) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) setsockopt$auto(0x3, 0x7f, 0x7e, 0x0, 0x8) 2.406419715s ago: executing program 1 (id=434): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/mounts\x00', 0x105442, 0x0) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0) setsockopt$auto_SO_CNX_ADVICE(r0, 0xfff, 0x35, &(0x7f0000001500)='\x00', 0x9) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001180), r1) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000014c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001340)={0x1c, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_FILS_CACHE_ID={0x4}, @NL80211_ATTR_FREQ_FIXED={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x40011) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioctl$auto_SNDRV_PCM_IOCTL_INFO(r1, 0x81204101, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r3 = socket(0x1e, 0x1, 0x0) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001580), r0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) statx$auto(0xffffffffffffff9c, &(0x7f0000001240)=':,\x00', 0x0, 0x9000000, &(0x7f0000001280)={0x4, 0xac, 0xfffffffffffffffb, 0x1, 0xee00, 0x0, 0x7, 0x100, 0xa, 0x8001, 0x2, 0x0, {0x4, 0x7}, {0x3, 0x3274925}, {0x1, 0x4}, {0x180000000000000, 0x400}, 0x10001, 0x3, 0x8, 0x727, 0x33, 0x8, 0xfffffffd, 0xfffffffffffffffd, 0xfffffffe, 0x401, 0x3, 0xc58, [0x5, 0xa71d, 0x7df5, 0x6, 0x9, 0x0, 0x8000, 0x6, 0x81]}) r7 = wait4$auto(0x0, &(0x7f0000001380)=0x7, 0x6, &(0x7f00000013c0)={{0xc000000, 0x4}, {0x48, 0x7}, 0x55f, 0xa4ac, 0x12, 0x1, 0x2, 0x1, 0x100, 0x9, 0x45, 0x7, 0x6, 0xfffffffffffffeff, 0x81, 0x1b}) shmctl$auto_IPC_INFO(0x2, 0x3, &(0x7f0000001580)={{0x8, 0x0, r6, 0x7bf, 0x19, 0x7ff, 0x8001}, 0x3, 0x1, 0x3, 0x4, @inferred=r7, @raw=0x101, 0xe641, 0x0, 0x0, &(0x7f0000001540)="65c8e2dc93f86ac11fb36326c1fbced2a465fc8969632a9a94465951ed56a5d6ef64ccdae2420078f6c4cdcf"}) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000001d80)={&(0x7f0000001540)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001d40)={&(0x7f00000015c0)={0x460, r4, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x58, 0x2, 0x0, 0x1, [@nested={0x4, 0x157}, @nested={0x24, 0x8c, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid=r5}, @nested={0x4, 0x77}, @typed={0x6, 0xc6, 0x0, 0x0, @str='[\x00'}, @typed={0xc, 0x12a, 0x0, 0x0, @u64=0x6}]}, @typed={0x8, 0xdd, 0x0, 0x0, @u32=0x2}, @nested={0x20, 0x5b, 0x0, 0x1, [@typed={0x8, 0x5e, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x11c, 0x0, 0x0, @fd=r1}, @typed={0xc, 0xc9, 0x0, 0x0, @u64=0xcb8}, @generic]}, @typed={0x4, 0xa8}, @generic]}, @ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xfffffffe}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x3e4, 0x2, 0x0, 0x1, [@nested={0x95, 0x4d, 0x0, 0x1, [@typed={0x8, 0xcd, 0x0, 0x0, @uid=0xee00}, @generic="35e778354a4cbbe66767af46447c2a916be188961f60217bca921fb75729764a6c7c3c120f4d577e9ef3d031944d9c536edb68f32c9ffe8b406f97b09c0a3c210ab31952e376889c028b0295537be8b7696fb76083a2a1994cbfc50516f0434c90dca8ab94bd1b8fb9087388090224ffade4e1d4361349d2a9c05b02ae9d12f990d878ec8207ea419f"]}, @generic="55d67aa9eb50baa8b549389e99869b7ccf334d1f0593450b7551ef04576384c88763ebbe06254ae6fc75", @nested={0x28f, 0x92, 0x0, 0x1, [@typed={0x101, 0x156, 0x0, 0x0, @binary="fbcedf7ca35d0089dd7fb7204664dc05d1bb98ada40bc7a43d16e21978dc0a916d0dce92db81c59c59e12a65101486ec47c4e78664b3c8e43aafd586ec8c9c045d0adab9cde9ba5725ac36bdd7514a261c5fe31923799b37be356a343440ac95088fafa187273a7494c78b3d345152afc103949ff9019e6c1dc81181b631c1352ae7565a8c27e68cc32ca3e10ed3618d48574dd6615f82be8139d3d5db83be4efabe890962a93bbd924d5e77ad7f6a029a9bf9181df414b1611abc175f452c8433b93dc7f93641ef3d47500954fee4ccb5d84ea3ef8aebc198a711623949ed7ec9110889f559034df0deaf0fe8a87412d8e765b8f67c61b7c6b5709e42"}, @nested={0x4, 0x22}, @generic="97068e7d5cad19da5fb2a0d6c5dc42c5359eee09e3f7dd215547d2e5ef6b011eee641e2bedad396d9182e5a88934df667f3adc8ba9d6d60f7a42d5d0afd2e7490eee1ed6f428d3cb1325bb0b2a78e24cf3549c36a298a80a0e056de075d7489d642a57dfdd3b0330a2e4428582baddc22ed661f0defa944000851fe9a1414066a8ae6031a216728e4d3b09701f0b9f3e4215df76adf7dc2a15de3991fc4c26f03b8a0dcdd661e1482e8dc4e1ac1300ed466b8ec79917a934834912b7c6548150df9e859cb3509639cc", @generic="cbf10c685484165bf14589d7ab869dbd02a585daca2674a5c6a484130cc079e8b133e75558f3ad1d7802c8252112c9630eb13c5a8aa557f995d2eb2e5a64d9aa5c45496c4340f2df3704636313fd4b277242ab751255a3814fef6c2e105a9f366ab8f26409ad6b4376d4a9aefa9d46a60ac80177c9e31814aed29fcdb7895d4bc2f0bfe444ddce9b7951295ca992dcdc518e55e71eaeed49daae", @typed={0x8, 0x15a, 0x0, 0x0, @fd=r0}, @nested={0x4, 0x9}, @generic, @typed={0x14, 0xd8, 0x0, 0x0, @ipv6=@loopback}]}, @typed={0x8, 0x121, 0x0, 0x0, @fd=r3}, @generic="48932c880e4a69a2b993548a860cb8d041b8cfb5941b0bd7f25a6fd03e299ee697f5cc93236f2d97", @generic="e67e66be2b", @generic="50800a78bd77ec33e28a7c42d257e4ef70059c3f2bbd4a1af7d79c914232a119552bbe460eda5ee650aa17e9592f3e3a1f7b9bbbf3c095851139de2855dcb69b7136fcd4ad5ebe64dbf897f79a68845e056ab4c048de94af8f"]}]}, 0x460}, 0x1, 0x0, 0x0, 0x20000800}, 0x1000) r8 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0) ioctl$auto(r8, 0xc0045627, r3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 1.003186723s ago: executing program 0 (id=435): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/mounts\x00', 0x105442, 0x0) r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000100)=""/4096, 0x1000) setsockopt$auto_SO_CNX_ADVICE(r0, 0xfff, 0x35, &(0x7f0000001500)='\x00', 0x9) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f00000014c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000001340)={0x1c, r2, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_FILS_CACHE_ID={0x4}, @NL80211_ATTR_FREQ_FIXED={0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000005}, 0x40011) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) ioctl$auto_SNDRV_PCM_IOCTL_INFO(0xffffffffffffffff, 0x81204101, 0x0) close_range$auto(0x0, 0xfffffffffffff001, 0x2) r3 = socket(0x1e, 0x1, 0x0) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001580), r0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) statx$auto(0xffffffffffffff9c, &(0x7f0000001240)=':,\x00', 0x0, 0x9000000, &(0x7f0000001280)={0x4, 0xac, 0xfffffffffffffffb, 0x1, 0xee00, 0x0, 0x7, 0x100, 0xa, 0x8001, 0x2, 0x0, {0x4, 0x7}, {0x3, 0x3274925}, {0x1, 0x4}, {0x180000000000000, 0x400}, 0x10001, 0x3, 0x8, 0x727, 0x33, 0x8, 0xfffffffd, 0xfffffffffffffffd, 0xfffffffe, 0x401, 0x3, 0xc58, [0x5, 0xa71d, 0x7df5, 0x6, 0x9, 0x0, 0x8000, 0x6, 0x81]}) r7 = wait4$auto(0x0, &(0x7f0000001380)=0x7, 0x6, &(0x7f00000013c0)={{0xc000000, 0x4}, {0x48, 0x7}, 0x55f, 0xa4ac, 0x12, 0x1, 0x2, 0x1, 0x100, 0x9, 0x45, 0x7, 0x6, 0xfffffffffffffeff, 0x81, 0x1b}) shmctl$auto_IPC_INFO(0x2, 0x3, &(0x7f0000001580)={{0x8, 0x0, r6, 0x7bf, 0x19, 0x7ff, 0x8001}, 0x3, 0x1, 0x3, 0x4, @inferred=r7, @raw=0x101, 0xe641, 0x0, 0x0, &(0x7f0000001540)="65c8e2dc93f86ac11fb36326c1fbced2a465fc8969632a9a94465951ed56a5d6ef64ccdae2420078f6c4cdcf"}) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000001d80)={&(0x7f0000001540)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001d40)={&(0x7f00000015c0)={0x460, r4, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x58, 0x2, 0x0, 0x1, [@nested={0x4, 0x157}, @nested={0x24, 0x8c, 0x0, 0x1, [@typed={0x8, 0x2, 0x0, 0x0, @pid=r5}, @nested={0x4, 0x77}, @typed={0x6, 0xc6, 0x0, 0x0, @str='[\x00'}, @typed={0xc, 0x12a, 0x0, 0x0, @u64=0x6}]}, @typed={0x8, 0xdd, 0x0, 0x0, @u32=0x2}, @nested={0x20, 0x5b, 0x0, 0x1, [@typed={0x8, 0x5e, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x11c, 0x0, 0x0, @fd}, @typed={0xc, 0xc9, 0x0, 0x0, @u64=0xcb8}, @generic]}, @typed={0x4, 0xa8}, @generic]}, @ETHTOOL_A_STRSET_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0xfffffffe}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x3e4, 0x2, 0x0, 0x1, [@nested={0x95, 0x4d, 0x0, 0x1, [@typed={0x8, 0xcd, 0x0, 0x0, @uid=0xee00}, @generic="35e778354a4cbbe66767af46447c2a916be188961f60217bca921fb75729764a6c7c3c120f4d577e9ef3d031944d9c536edb68f32c9ffe8b406f97b09c0a3c210ab31952e376889c028b0295537be8b7696fb76083a2a1994cbfc50516f0434c90dca8ab94bd1b8fb9087388090224ffade4e1d4361349d2a9c05b02ae9d12f990d878ec8207ea419f"]}, @generic="55d67aa9eb50baa8b549389e99869b7ccf334d1f0593450b7551ef04576384c88763ebbe06254ae6fc75", @nested={0x28f, 0x92, 0x0, 0x1, [@typed={0x101, 0x156, 0x0, 0x0, @binary="fbcedf7ca35d0089dd7fb7204664dc05d1bb98ada40bc7a43d16e21978dc0a916d0dce92db81c59c59e12a65101486ec47c4e78664b3c8e43aafd586ec8c9c045d0adab9cde9ba5725ac36bdd7514a261c5fe31923799b37be356a343440ac95088fafa187273a7494c78b3d345152afc103949ff9019e6c1dc81181b631c1352ae7565a8c27e68cc32ca3e10ed3618d48574dd6615f82be8139d3d5db83be4efabe890962a93bbd924d5e77ad7f6a029a9bf9181df414b1611abc175f452c8433b93dc7f93641ef3d47500954fee4ccb5d84ea3ef8aebc198a711623949ed7ec9110889f559034df0deaf0fe8a87412d8e765b8f67c61b7c6b5709e42"}, @nested={0x4, 0x22}, @generic="97068e7d5cad19da5fb2a0d6c5dc42c5359eee09e3f7dd215547d2e5ef6b011eee641e2bedad396d9182e5a88934df667f3adc8ba9d6d60f7a42d5d0afd2e7490eee1ed6f428d3cb1325bb0b2a78e24cf3549c36a298a80a0e056de075d7489d642a57dfdd3b0330a2e4428582baddc22ed661f0defa944000851fe9a1414066a8ae6031a216728e4d3b09701f0b9f3e4215df76adf7dc2a15de3991fc4c26f03b8a0dcdd661e1482e8dc4e1ac1300ed466b8ec79917a934834912b7c6548150df9e859cb3509639cc", @generic="cbf10c685484165bf14589d7ab869dbd02a585daca2674a5c6a484130cc079e8b133e75558f3ad1d7802c8252112c9630eb13c5a8aa557f995d2eb2e5a64d9aa5c45496c4340f2df3704636313fd4b277242ab751255a3814fef6c2e105a9f366ab8f26409ad6b4376d4a9aefa9d46a60ac80177c9e31814aed29fcdb7895d4bc2f0bfe444ddce9b7951295ca992dcdc518e55e71eaeed49daae", @typed={0x8, 0x15a, 0x0, 0x0, @fd=r0}, @nested={0x4, 0x9}, @generic, @typed={0x14, 0xd8, 0x0, 0x0, @ipv6=@loopback}]}, @typed={0x8, 0x121, 0x0, 0x0, @fd=r3}, @generic="48932c880e4a69a2b993548a860cb8d041b8cfb5941b0bd7f25a6fd03e299ee697f5cc93236f2d97", @generic="e67e66be2b", @generic="50800a78bd77ec33e28a7c42d257e4ef70059c3f2bbd4a1af7d79c914232a119552bbe460eda5ee650aa17e9592f3e3a1f7b9bbbf3c095851139de2855dcb69b7136fcd4ad5ebe64dbf897f79a68845e056ab4c048de94af8f"]}]}, 0x460}, 0x1, 0x0, 0x0, 0x20000800}, 0x1000) r8 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0) ioctl$auto(r8, 0xc0045627, r3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 628.840413ms ago: executing program 1 (id=436): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x5, 0x8000) socket(0x2, 0x1, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0xb) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f00000000c0)={0x9, 0x0}) write$auto(r2, 0x0, 0x6) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r3) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio11\x00', 0x80002, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x902, 0x0) mmap$auto(0x7fffffffe000, 0x81, 0xffffffffffffa3a6, 0x8011, 0x3, 0x8000) r5 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0x2, 0x6, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={0x34, r5, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x10}, @OVS_FLOW_ATTR_KEY={0x18, 0x1, 0x0, 0x1, [@typed={0x14, 0xf, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x448c0) sendmsg$auto_SMC_PNETID_ADD(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="185e", @ANYRES16=r4, @ANYBLOB="010029bd7000fcdbdf25020000000b00010064756d6d793000000b00020064756d6d79300000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x44c0) 0s ago: executing program 3 (id=437): rt_sigqueueinfo$auto(0x0, 0x7, &(0x7f0000000040)={@siginfo_0_0={0x2877, 0x7, 0xffffffc4, @_sigsys={0x0, 0xfffffffe, 0x5}}}) mmap$auto(0x32a82e25, 0xa, 0x8, 0xeb1, 0xfffffffffffffffa, 0x8004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2a, 0x2, 0x1) connect$auto(r0, &(0x7f0000000040)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) io_uring_setup$auto(0x1, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) getcwd$auto(0x0, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'tunl0\x00'}) connect$auto(r0, &(0x7f0000000000)=@vsock={0x28, 0x0, 0x2711}, 0x53) prctl$auto(0x3e, 0xfffffffffffffef8, 0x0, 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0xa, 0x0) socket(0xa, 0x801, 0x106) write$auto(0x1, 0x0, 0x80000000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001100), 0xffffffffffffffff) openat$auto_zero_fops_mem(0xffffffffffffff9c, 0x0, 0x80200, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) select$auto(0x7, 0x0, 0x0, 0x0, 0x0) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0x8008b705, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x7, 0x18000014) open(&(0x7f0000000000)='./bus\x00', 0x1652c2, 0xe1d2b27bdc14aa98) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.26' (ED25519) to the list of known hosts. [ 97.329469][ T795] cfg80211: failed to load regulatory.db [ 98.855994][ T5812] cgroup: Unknown subsys name 'net' [ 99.011381][ T5812] cgroup: Unknown subsys name 'cpuset' [ 99.022065][ T5812] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 100.941914][ T5812] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 103.370903][ T5834] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 103.379401][ T5831] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 103.389997][ T5834] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.395878][ T5834] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.409443][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 103.421383][ T5831] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 103.431137][ T5834] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 103.432367][ T5831] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 103.451602][ T5831] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.461322][ T5836] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 103.471225][ T5831] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 103.483832][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 103.492231][ T5834] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 103.501667][ T5831] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.505102][ T5834] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 103.514377][ T5831] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 103.522710][ T5834] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 103.530180][ T5831] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 103.558089][ T5831] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.567287][ T5834] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 104.344744][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 104.478946][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 104.540265][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 104.598543][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 104.765098][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.775130][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.782792][ T5823] bridge_slave_0: entered allmulticast mode [ 104.791841][ T5823] bridge_slave_0: entered promiscuous mode [ 104.825091][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.832920][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.841474][ T5823] bridge_slave_1: entered allmulticast mode [ 104.849423][ T5823] bridge_slave_1: entered promiscuous mode [ 104.959250][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.967498][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.975274][ T5824] bridge_slave_0: entered allmulticast mode [ 104.983443][ T5824] bridge_slave_0: entered promiscuous mode [ 105.025044][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.035719][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.043401][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.050987][ T5824] bridge_slave_1: entered allmulticast mode [ 105.059010][ T5824] bridge_slave_1: entered promiscuous mode [ 105.067212][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.074409][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.082190][ T5825] bridge_slave_0: entered allmulticast mode [ 105.090529][ T5825] bridge_slave_0: entered promiscuous mode [ 105.102453][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.113331][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.120999][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.129634][ T5826] bridge_slave_0: entered allmulticast mode [ 105.137409][ T5826] bridge_slave_0: entered promiscuous mode [ 105.159814][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.168220][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.175694][ T5825] bridge_slave_1: entered allmulticast mode [ 105.183764][ T5825] bridge_slave_1: entered promiscuous mode [ 105.204788][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.213172][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.220618][ T5826] bridge_slave_1: entered allmulticast mode [ 105.228330][ T5826] bridge_slave_1: entered promiscuous mode [ 105.296984][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.324129][ T5823] team0: Port device team_slave_0 added [ 105.346875][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.359409][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.370638][ T5823] team0: Port device team_slave_1 added [ 105.380817][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 105.395863][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.422190][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 105.516846][ T5826] team0: Port device team_slave_0 added [ 105.525749][ T5824] team0: Port device team_slave_0 added [ 105.547184][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.555988][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.586614][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.599131][ T51] Bluetooth: hci2: command tx timeout [ 105.608608][ T5826] team0: Port device team_slave_1 added [ 105.618091][ T5824] team0: Port device team_slave_1 added [ 105.625863][ T5825] team0: Port device team_slave_0 added [ 105.632847][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.640354][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.668154][ T51] Bluetooth: hci1: command tx timeout [ 105.674812][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.687861][ T51] Bluetooth: hci3: command tx timeout [ 105.688101][ T5831] Bluetooth: hci0: command tx timeout [ 105.727825][ T5825] team0: Port device team_slave_1 added [ 105.785436][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.793193][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.824115][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.837664][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.845462][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.872532][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.885952][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.894753][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.928397][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.942030][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.949347][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.980648][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.034134][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 106.041487][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.067931][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 106.081921][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 106.089321][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 106.115934][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 106.151320][ T5823] hsr_slave_0: entered promiscuous mode [ 106.158207][ T5823] hsr_slave_1: entered promiscuous mode [ 106.222847][ T5824] hsr_slave_0: entered promiscuous mode [ 106.229969][ T5824] hsr_slave_1: entered promiscuous mode [ 106.237277][ T5824] debugfs: 'hsr0' already exists in 'hsr' [ 106.243423][ T5824] Cannot create hsr debugfs directory [ 106.295307][ T5826] hsr_slave_0: entered promiscuous mode [ 106.305222][ T5826] hsr_slave_1: entered promiscuous mode [ 106.312071][ T5826] debugfs: 'hsr0' already exists in 'hsr' [ 106.318713][ T5826] Cannot create hsr debugfs directory [ 106.354959][ T5825] hsr_slave_0: entered promiscuous mode [ 106.361682][ T5825] hsr_slave_1: entered promiscuous mode [ 106.368953][ T5825] debugfs: 'hsr0' already exists in 'hsr' [ 106.374810][ T5825] Cannot create hsr debugfs directory [ 106.988687][ T5823] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 107.023332][ T5823] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 107.035124][ T5823] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 107.059317][ T5823] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 107.117308][ T5824] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 107.129364][ T5824] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 107.144615][ T5824] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 107.158505][ T5824] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 107.257752][ T5825] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 107.280770][ T5825] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 107.295660][ T5825] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 107.324323][ T5825] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 107.428402][ T5826] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 107.441053][ T5826] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 107.452248][ T5826] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 107.473445][ T5826] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 107.552968][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.605592][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.624179][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.646554][ T5831] Bluetooth: hci2: command tx timeout [ 107.660377][ T3559] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.667879][ T3559] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.710247][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 107.727425][ T5831] Bluetooth: hci0: command tx timeout [ 107.730123][ T5828] Bluetooth: hci1: command tx timeout [ 107.739158][ T51] Bluetooth: hci3: command tx timeout [ 107.750244][ T3559] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.758108][ T3559] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.769886][ T3559] bridge0: port 1(bridge_slave_0) entered blocking state [ 107.778744][ T3559] bridge0: port 1(bridge_slave_0) entered forwarding state [ 107.795590][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 107.803117][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.912003][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 107.990340][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.018706][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 108.031157][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.038535][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.065586][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.072887][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.168284][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 108.212192][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 108.219444][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 108.268832][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 108.276243][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 108.421137][ T5826] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 108.589885][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.640747][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.729888][ T5824] veth0_vlan: entered promiscuous mode [ 108.745529][ T5824] veth1_vlan: entered promiscuous mode [ 108.839762][ T5823] veth0_vlan: entered promiscuous mode [ 108.866817][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 108.903202][ T5823] veth1_vlan: entered promiscuous mode [ 108.922977][ T5824] veth0_macvtap: entered promiscuous mode [ 108.943048][ T5824] veth1_macvtap: entered promiscuous mode [ 108.992666][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.014124][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 109.028228][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.062088][ T35] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.073858][ T5823] veth0_macvtap: entered promiscuous mode [ 109.083633][ T35] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.095442][ T35] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.118896][ T35] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.142930][ T5823] veth1_macvtap: entered promiscuous mode [ 109.158345][ T5825] veth0_vlan: entered promiscuous mode [ 109.194003][ T5825] veth1_vlan: entered promiscuous mode [ 109.205587][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.253757][ T5826] veth0_vlan: entered promiscuous mode [ 109.265480][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.308587][ T35] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.319150][ T35] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.358596][ T5826] veth1_vlan: entered promiscuous mode [ 109.365649][ T35] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.375023][ T35] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.427173][ T5825] veth0_macvtap: entered promiscuous mode [ 109.434987][ T166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.462758][ T166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.486061][ T5825] veth1_macvtap: entered promiscuous mode [ 109.554706][ T5826] veth0_macvtap: entered promiscuous mode [ 109.582262][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.592052][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.592911][ T5826] veth1_macvtap: entered promiscuous mode [ 109.637417][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.647860][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.681703][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.699626][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 109.727072][ T51] Bluetooth: hci2: command tx timeout [ 109.750399][ T5824] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 109.763781][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.789639][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 109.810792][ T51] Bluetooth: hci0: command tx timeout [ 109.817109][ T51] Bluetooth: hci3: command tx timeout [ 109.817694][ T5828] Bluetooth: hci1: command tx timeout [ 109.870160][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.881050][ T166] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.894242][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.903890][ T166] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.957284][ T166] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.029915][ T166] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.047759][ T166] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.095239][ T166] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.125695][ T166] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.227283][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.235264][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.306647][ T5919] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 110.339634][ T5917] zswap: compressor not available [ 110.350717][ T166] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 110.480470][ T166] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.504770][ T166] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.664107][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.686438][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 110.962541][ T3559] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 110.962592][ T3559] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 111.041435][ T5933] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.297281][ T5938] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 111.809962][ T5828] Bluetooth: hci2: command tx timeout [ 111.889026][ T5828] Bluetooth: hci3: command tx timeout [ 111.889046][ T51] Bluetooth: hci0: command tx timeout [ 111.889116][ T51] Bluetooth: hci1: command tx timeout [ 112.036837][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.262826][ T5947] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 112.328846][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 113.659669][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 113.864383][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 114.468675][ T5958] [U] ^@ [ 115.196409][ T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!! [ 115.385199][ T51] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 115.559171][ T5989] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 115.711334][ T5975] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 115.748336][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.912433][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 116.687946][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 116.728156][ T5978] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 116.749332][ T5978] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 116.814912][ T5978] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 116.884828][ T5978] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 116.884897][ T5978] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 116.946676][ T6005] ima: policy update failed [ 116.954578][ T5978] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 116.977406][ T29] audit: type=1802 audit(1772584410.647:2): pid=6005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.14" res=0 errno=0 [ 116.995104][ T5978] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 117.011297][ T5978] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 117.030168][ T5978] Bluetooth: hci3: Opcode 0x0406 failed: -4 syzkaller syzkaller login: [ 117.053369][ T5978] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 117.066922][ T5978] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 117.092704][ T5978] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 117.122945][ T5989] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR [ 117.167317][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 117.244174][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 117.476955][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 117.766715][ T6017] bridge0: port 3(team0) entered blocking state [ 117.773260][ T6017] bridge0: port 3(team0) entered disabled state [ 117.783074][ T6017] team0: entered allmulticast mode [ 117.788447][ T6017] team_slave_0: entered allmulticast mode [ 117.870768][ T6017] team_slave_1: entered allmulticast mode [ 118.040439][ T6017] team0: entered promiscuous mode [ 118.045681][ T6017] team_slave_0: entered promiscuous mode [ 118.111003][ T6017] team_slave_1: entered promiscuous mode [ 118.173004][ T6017] bridge0: port 3(team0) entered blocking state [ 118.179631][ T6017] bridge0: port 3(team0) entered forwarding state [ 118.928997][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 119.011341][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 119.087675][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 119.256767][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 119.348180][ T6032] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 119.431336][ T6031] ima: policy update failed [ 119.462970][ T29] audit: type=1802 audit(1772584413.127:3): pid=6031 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.20" res=0 errno=0 [ 121.008570][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 121.086534][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 121.183031][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 121.336570][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 122.108437][ T6059] netlink: 60 bytes leftover after parsing attributes in process `syz.3.26'. [ 123.086927][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 123.169497][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 123.246605][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 123.352145][ T51] Bluetooth: hci2: unexpected event 0x0f length: 440 > 4 [ 123.352854][ T51] Bluetooth: hci2: unexpected event for opcode 0x0010 [ 124.128505][ T6082] FAULT_INJECTION: forcing a failure. [ 124.128505][ T6082] name fail_futex, interval 1, probability 0, space 0, times 1 [ 124.163469][ T6082] CPU: 1 UID: 0 PID: 6082 Comm: syz.0.29 Not tainted syzkaller #0 PREEMPT(full) [ 124.163511][ T6082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 124.163538][ T6082] Call Trace: [ 124.163549][ T6082] [ 124.163564][ T6082] dump_stack_lvl+0x100/0x190 [ 124.163622][ T6082] should_fail_ex.cold+0x5/0xa [ 124.163669][ T6082] get_futex_key+0x1d2/0x1620 [ 124.163709][ T6082] ? __pfx_get_futex_key+0x10/0x10 [ 124.163755][ T6082] futex_wake+0xea/0x530 [ 124.163801][ T6082] ? __pfx_futex_wake+0x10/0x10 [ 124.163843][ T6082] ? __call_rcu_common.constprop.0+0x3f0/0x9b0 [ 124.163895][ T6082] do_futex+0x32b/0x350 [ 124.163932][ T6082] ? __pfx_do_futex+0x10/0x10 [ 124.163969][ T6082] ? __pfx___might_resched+0x10/0x10 [ 124.164010][ T6082] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 124.164055][ T6082] __x64_sys_futex+0x34f/0x4d0 [ 124.164096][ T6082] ? __pfx___x64_sys_futex+0x10/0x10 [ 124.164147][ T6082] do_syscall_64+0x106/0xf80 [ 124.164181][ T6082] ? clear_bhb_loop+0x40/0x90 [ 124.164216][ T6082] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.164247][ T6082] RIP: 0033:0x7f3d18f9c799 [ 124.164282][ T6082] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 124.164311][ T6082] RSP: 002b:00007f3d19de60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.164339][ T6082] RAX: ffffffffffffffda RBX: 00007f3d19215fa8 RCX: 00007f3d18f9c799 [ 124.164358][ T6082] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f3d19215fac [ 124.164376][ T6082] RBP: 00007f3d19215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 124.164393][ T6082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.164409][ T6082] R13: 00007f3d19216038 R14: 00007ffc3b2b37d0 R15: 00007ffc3b2b38b8 [ 124.164446][ T6082] [ 124.896931][ T51] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9 [ 124.960388][ T6096] netlink: set zone limit has 8 unknown bytes [ 124.979596][ T6097] netlink: zone id is out of range [ 124.984904][ T6097] netlink: zone id is out of range [ 124.996651][ T6097] netlink: zone id is out of range [ 125.001862][ T6097] netlink: zone id is out of range [ 125.012111][ T6097] netlink: zone id is out of range [ 125.175493][ T6097] netlink: zone id is out of range [ 125.183017][ T6097] netlink: zone id is out of range [ 125.189379][ T6097] netlink: zone id is out of range [ 125.195004][ T6097] netlink: zone id is out of range [ 127.409589][ T51] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 127.419803][ T51] Bluetooth: hci2: Injecting HCI hardware error event [ 127.428181][ T51] Bluetooth: hci2: hardware error 0x00 [ 127.659803][ T6113] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 127.679441][ T6113] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 127.751815][ T6118] FAULT_INJECTION: forcing a failure. [ 127.751815][ T6118] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 127.791906][ T6118] CPU: 1 UID: 0 PID: 6118 Comm: syz.1.36 Not tainted syzkaller #0 PREEMPT(full) [ 127.791953][ T6118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 127.791972][ T6118] Call Trace: [ 127.791982][ T6118] [ 127.791995][ T6118] dump_stack_lvl+0x100/0x190 [ 127.792051][ T6118] should_fail_ex.cold+0x5/0xa [ 127.792091][ T6118] _copy_from_iter+0x1f4/0x1690 [ 127.792129][ T6118] ? __asan_memset+0x23/0x50 [ 127.792178][ T6118] ? __pfx__copy_from_iter+0x10/0x10 [ 127.792233][ T6118] ? __pfx___alloc_skb+0x10/0x10 [ 127.792271][ T6118] ? __pfx___might_resched+0x10/0x10 [ 127.792319][ T6118] ? __lock_acquire+0x4a5/0x2630 [ 127.792380][ T6118] netlink_sendmsg+0x808/0xda0 [ 127.792433][ T6118] ? __pfx_netlink_sendmsg+0x10/0x10 [ 127.792477][ T6118] ? __import_iovec+0x1d2/0x640 [ 127.792512][ T6118] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 127.792562][ T6118] ____sys_sendmsg+0xa54/0xc30 [ 127.792653][ T6118] ? __pfx_____sys_sendmsg+0x10/0x10 [ 127.792720][ T6118] ? __pfx_futex_wake_mark+0x10/0x10 [ 127.792763][ T6118] ___sys_sendmsg+0x190/0x1e0 [ 127.792802][ T6118] ? __pfx____sys_sendmsg+0x10/0x10 [ 127.792865][ T6118] ? do_futex+0x192/0x350 [ 127.792904][ T6118] __sys_sendmsg+0x170/0x220 [ 127.792934][ T6118] ? __pfx___sys_sendmsg+0x10/0x10 [ 127.792970][ T6118] ? __x64_sys_futex+0x34f/0x4d0 [ 127.793018][ T6118] do_syscall_64+0x106/0xf80 [ 127.793045][ T6118] ? clear_bhb_loop+0x40/0x90 [ 127.793075][ T6118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.793100][ T6118] RIP: 0033:0x7f1a1659c799 [ 127.793120][ T6118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 127.793143][ T6118] RSP: 002b:00007f1a1736e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 127.793165][ T6118] RAX: ffffffffffffffda RBX: 00007f1a16815fa0 RCX: 00007f1a1659c799 [ 127.793181][ T6118] RDX: 0000000020008000 RSI: 0000200000000000 RDI: 0000000000000006 [ 127.793195][ T6118] RBP: 00007f1a16632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 127.793209][ T6118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 127.793223][ T6118] R13: 00007f1a16816038 R14: 00007f1a16815fa0 R15: 00007fff3cc90b68 [ 127.793253][ T6118] [ 129.486823][ T51] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 130.004761][ T6135] netlink: 12 bytes leftover after parsing attributes in process `syz.1.41'. [ 130.633495][ T51] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 130.995058][ T6136] Zero length message leads to an empty skb [ 131.707870][ T6158] netlink: 326 bytes leftover after parsing attributes in process `syz.3.44'. [ 132.582443][ T6168] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 133.183429][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.194652][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 134.641149][ T6172] FAULT_INJECTION: forcing a failure. [ 134.641149][ T6172] name failslab, interval 1, probability 0, space 0, times 1 [ 134.666375][ T6172] CPU: 1 UID: 0 PID: 6172 Comm: syz.3.45 Not tainted syzkaller #0 PREEMPT(full) [ 134.666419][ T6172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 134.666439][ T6172] Call Trace: [ 134.666450][ T6172] [ 134.666462][ T6172] dump_stack_lvl+0x100/0x190 [ 134.666521][ T6172] should_fail_ex.cold+0x5/0xa [ 134.666562][ T6172] should_failslab+0xc2/0x120 [ 134.666598][ T6172] __kmalloc_cache_noprof+0x7a/0x6f0 [ 134.666643][ T6172] ? newseg+0x269/0xed0 [ 134.666686][ T6172] newseg+0x269/0xed0 [ 134.666722][ T6172] ? __pfx_futex_wait+0x10/0x10 [ 134.666777][ T6172] ? __pfx_newseg+0x10/0x10 [ 134.666811][ T6172] ? down_write+0x146/0x1f0 [ 134.666856][ T6172] ? __sched_setaffinity+0x17c/0x280 [ 134.666894][ T6172] ? __pfx___sched_setaffinity+0x10/0x10 [ 134.666934][ T6172] ipcget+0xee/0xf50 [ 134.666970][ T6172] ? do_futex+0x192/0x350 [ 134.667013][ T6172] ? __pfx_do_futex+0x10/0x10 [ 134.667057][ T6172] ? sched_setaffinity+0xe0/0x400 [ 134.667100][ T6172] ? __might_fault+0xc5/0x140 [ 134.667149][ T6172] ? __pfx_ipcget+0x10/0x10 [ 134.667192][ T6172] ? __x64_sys_futex+0x34f/0x4d0 [ 134.667242][ T6172] ? __x64_sys_futex+0x358/0x4d0 [ 134.667292][ T6172] __x64_sys_shmget+0x13b/0x1b0 [ 134.667330][ T6172] ? __pfx___x64_sys_shmget+0x10/0x10 [ 134.667379][ T6172] do_syscall_64+0x106/0xf80 [ 134.667418][ T6172] ? clear_bhb_loop+0x40/0x90 [ 134.667461][ T6172] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.667496][ T6172] RIP: 0033:0x7f6e5dd9c799 [ 134.667524][ T6172] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 134.667556][ T6172] RSP: 002b:00007f6e5ec25028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 134.667588][ T6172] RAX: ffffffffffffffda RBX: 00007f6e5e015fa0 RCX: 00007f6e5dd9c799 [ 134.667609][ T6172] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 134.667630][ T6172] RBP: 00007f6e5de32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 134.667650][ T6172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.667669][ T6172] R13: 00007f6e5e016038 R14: 00007f6e5e015fa0 R15: 00007ffedca15108 [ 134.667714][ T6172] [ 134.826542][ T51] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 136.926460][ T6205] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 136.936644][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 137.602960][ T6246] FAULT_INJECTION: forcing a failure. [ 137.602960][ T6246] name failslab, interval 1, probability 0, space 0, times 0 [ 137.635421][ T6246] CPU: 0 UID: 0 PID: 6246 Comm: syz.1.57 Not tainted syzkaller #0 PREEMPT(full) [ 137.635458][ T6246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 137.635473][ T6246] Call Trace: [ 137.635482][ T6246] [ 137.635491][ T6246] dump_stack_lvl+0x100/0x190 [ 137.635533][ T6246] should_fail_ex.cold+0x5/0xa [ 137.635562][ T6246] should_failslab+0xc2/0x120 [ 137.635587][ T6246] __kmalloc_cache_noprof+0x7a/0x6f0 [ 137.635620][ T6246] ? __debugfs_file_get+0x2ac/0x860 [ 137.635655][ T6246] __debugfs_file_get+0x2ac/0x860 [ 137.635684][ T6246] ? __pfx___debugfs_file_get+0x10/0x10 [ 137.635714][ T6246] ? __pfx_apparmor_file_open+0x10/0x10 [ 137.635750][ T6246] ? path_get+0x61/0x80 [ 137.635780][ T6246] full_proxy_open_regular+0x4f/0x370 [ 137.635816][ T6246] do_dentry_open+0x6d8/0x1660 [ 137.635840][ T6246] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 137.635881][ T6246] vfs_open+0x82/0x3f0 [ 137.635915][ T6246] path_openat+0x208c/0x31a0 [ 137.635957][ T6246] ? __pfx_path_openat+0x10/0x10 [ 137.635994][ T6246] do_file_open+0x20e/0x430 [ 137.636021][ T6246] ? __pfx_do_file_open+0x10/0x10 [ 137.636067][ T6246] ? alloc_fd+0x476/0x790 [ 137.636094][ T6246] ? do_getname+0x191/0x390 [ 137.636127][ T6246] do_sys_openat2+0x10d/0x1e0 [ 137.636159][ T6246] ? __pfx_do_sys_openat2+0x10/0x10 [ 137.636194][ T6246] ? __fget_files+0x21f/0x3d0 [ 137.636222][ T6246] __x64_sys_openat+0x12d/0x210 [ 137.636291][ T6246] ? __pfx___x64_sys_openat+0x10/0x10 [ 137.636350][ T6246] do_syscall_64+0x106/0xf80 [ 137.636389][ T6246] ? clear_bhb_loop+0x40/0x90 [ 137.636430][ T6246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.636471][ T6246] RIP: 0033:0x7f1a1659c799 [ 137.636493][ T6246] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 137.636516][ T6246] RSP: 002b:00007f1a1736e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 137.636540][ T6246] RAX: ffffffffffffffda RBX: 00007f1a16815fa0 RCX: 00007f1a1659c799 [ 137.636556][ T6246] RDX: 0000000000000000 RSI: 0000200000000300 RDI: ffffffffffffff9c [ 137.636571][ T6246] RBP: 00007f1a16632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 137.636586][ T6246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.636601][ T6246] R13: 00007f1a16816038 R14: 00007f1a16815fa0 R15: 00007fff3cc90b68 [ 137.636632][ T6246] [ 138.078007][ T6246] netlink: 122 bytes leftover after parsing attributes in process `syz.1.57'. [ 138.275711][ T6205] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 138.326106][ T29] audit: type=1800 audit(1772584431.967:4): pid=6252 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.58" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 138.377007][ T6205] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 139.011217][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 139.546541][ T6261] FAULT_INJECTION: forcing a failure. [ 139.546541][ T6261] name failslab, interval 1, probability 0, space 0, times 0 [ 139.559983][ T6261] CPU: 0 UID: 0 PID: 6261 Comm: syz.1.61 Not tainted syzkaller #0 PREEMPT(full) [ 139.560026][ T6261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 139.560047][ T6261] Call Trace: [ 139.560059][ T6261] [ 139.560072][ T6261] dump_stack_lvl+0x100/0x190 [ 139.560128][ T6261] should_fail_ex.cold+0x5/0xa [ 139.560174][ T6261] should_failslab+0xc2/0x120 [ 139.560211][ T6261] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 139.560261][ T6261] ? __proc_create+0x2cb/0x8c0 [ 139.560323][ T6261] __proc_create+0x2cb/0x8c0 [ 139.560387][ T6261] ? __pfx___proc_create+0x10/0x10 [ 139.560437][ T6261] ? __lock_acquire+0x4a5/0x2630 [ 139.560484][ T6261] ? _raw_write_unlock+0x28/0x50 [ 139.560523][ T6261] ? proc_register+0x559/0x8a0 [ 139.560580][ T6261] proc_create_reg+0x75/0x170 [ 139.560615][ T6261] proc_create_data+0x86/0x110 [ 139.560647][ T6261] ? __pfx_proc_create_data+0x10/0x10 [ 139.560677][ T6261] ? net_generic+0xea/0x2a0 [ 139.560731][ T6261] gss_svc_init_net+0x2e7/0x640 [ 139.560765][ T6261] ? __pfx_canbcm_pernet_init+0x10/0x10 [ 139.560808][ T6261] ? __pfx_rpcsec_gss_init_net+0x10/0x10 [ 139.560845][ T6261] ops_init+0x1e2/0x5f0 [ 139.560889][ T6261] setup_net+0x118/0x3a0 [ 139.560932][ T6261] ? __pfx_setup_net+0x10/0x10 [ 139.560960][ T6261] ? lockdep_init_map_type+0x5c/0x250 [ 139.560993][ T6261] ? mutex_init_lockep+0x110/0x150 [ 139.561030][ T6261] copy_net_ns+0x46f/0x7c0 [ 139.561066][ T6261] create_new_namespaces+0x3ea/0xac0 [ 139.561097][ T6261] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 139.561125][ T6261] ksys_unshare+0x473/0xad0 [ 139.561157][ T6261] ? __pfx_ksys_unshare+0x10/0x10 [ 139.561198][ T6261] __x64_sys_unshare+0x31/0x40 [ 139.561227][ T6261] do_syscall_64+0x106/0xf80 [ 139.561254][ T6261] ? clear_bhb_loop+0x40/0x90 [ 139.561284][ T6261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.561308][ T6261] RIP: 0033:0x7f1a1659c799 [ 139.561328][ T6261] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 139.561350][ T6261] RSP: 002b:00007f1a1736e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 139.561372][ T6261] RAX: ffffffffffffffda RBX: 00007f1a16815fa0 RCX: 00007f1a1659c799 [ 139.561388][ T6261] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 139.561402][ T6261] RBP: 00007f1a16632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 139.561416][ T6261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.561430][ T6261] R13: 00007f1a16816038 R14: 00007f1a16815fa0 R15: 00007fff3cc90b68 [ 139.561461][ T6261] [ 140.446429][ T51] Bluetooth: hci3: command 0x0c1a tx timeout [ 144.514296][ T6304] process 'syz.1.67' launched '/dev/fd/4' with NULL argv: empty string added [ 144.760033][ T6318] __vm_enough_memory: pid: 6318, comm: syz.2.70, bytes: 4398046511104 not enough memory for the allocation [ 149.547755][ T6362] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 150.693574][ T6347] tipc: Started in network mode [ 150.771655][ T6383] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 150.936526][ T6347] tipc: Node identity ee, cluster identity 4711 [ 151.075937][ T6347] tipc: Node number set to 238 [ 152.300679][ T6413] blktrace: Concurrent blktraces are not allowed on loop2 [ 152.479303][ T6413] QAT: Stopping all acceleration devices. [ 154.162057][ T51] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 154.846436][ T29] audit: type=1800 audit(1772584448.477:5): pid=6442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.85" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 156.055933][ T6456] netlink: 28 bytes leftover after parsing attributes in process `syz.0.88'. [ 158.384594][ T6491] netlink: 186 bytes leftover after parsing attributes in process `syz.1.93'. [ 162.489294][ T6547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.104'. [ 162.542049][ T6547] netlink: 354 bytes leftover after parsing attributes in process `syz.0.104'. [ 163.265769][ T6559] block nbd8: shutting down sockets [ 164.122109][ T29] audit: type=1326 audit(1772585480.797:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6562 comm="syz.2.109" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3d89b9c799 code=0x0 [ 164.300639][ T6567] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 164.300639][ T6567] The task syz.2.109 (6567) triggered the difference, watch for misbehavior. [ 164.433308][ T6544] Invalid ELF header magic: != ELF [ 166.511671][ T6597] FAULT_INJECTION: forcing a failure. [ 166.511671][ T6597] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 166.544335][ T6597] CPU: 1 UID: 0 PID: 6597 Comm: syz.3.113 Tainted: G L syzkaller #0 PREEMPT(full) [ 166.544391][ T6597] Tainted: [L]=SOFTLOCKUP [ 166.544404][ T6597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 166.544424][ T6597] Call Trace: [ 166.544435][ T6597] [ 166.544447][ T6597] dump_stack_lvl+0x100/0x190 [ 166.544502][ T6597] should_fail_ex.cold+0x5/0xa [ 166.544534][ T6597] ? prepare_alloc_pages+0x16d/0x5f0 [ 166.544586][ T6597] should_fail_alloc_page+0xeb/0x140 [ 166.544625][ T6597] prepare_alloc_pages+0x1f0/0x5f0 [ 166.544670][ T6597] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 166.544721][ T6597] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 166.544756][ T6597] ? lockdep_hardirqs_on+0x78/0x100 [ 166.544794][ T6597] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 166.544830][ T6597] ? stack_depot_save_flags+0x479/0x9d0 [ 166.544873][ T6597] ? kasan_save_stack+0x3f/0x50 [ 166.544943][ T6597] ? kasan_save_stack+0x30/0x50 [ 166.544991][ T6597] ? kasan_save_track+0x14/0x30 [ 166.545037][ T6597] ? __kasan_slab_alloc+0x89/0x90 [ 166.545067][ T6597] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 166.545116][ T6597] ? get_locked_pte+0x25/0xc0 [ 166.545151][ T6597] ? insert_page+0xcc/0x220 [ 166.545185][ T6597] ? vm_insert_page+0x2c0/0x400 [ 166.545222][ T6597] ? __mmap_region+0x1443/0x29e0 [ 166.545265][ T6597] ? do_mmap+0xc63/0x12f0 [ 166.545296][ T6597] ? vm_mmap_pgoff+0x29e/0x470 [ 166.545328][ T6597] ? ksys_mmap_pgoff+0x3c8/0x650 [ 166.545358][ T6597] ? __x64_sys_mmap+0x125/0x190 [ 166.545403][ T6597] ? do_syscall_64+0x106/0xf80 [ 166.545440][ T6597] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.545493][ T6597] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 166.545551][ T6597] ? policy_nodemask+0xed/0x4f0 [ 166.545598][ T6597] alloc_pages_mpol+0x1fb/0x550 [ 166.545634][ T6597] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 166.545680][ T6597] alloc_pages_noprof+0x131/0x390 [ 166.545723][ T6597] pte_alloc_one+0x1e/0x3e0 [ 166.545762][ T6597] __pte_alloc+0x6d/0x3f0 [ 166.545794][ T6597] ? __pfx___pte_alloc+0x10/0x10 [ 166.545830][ T6597] ? walk_to_pmd+0x302/0x4c0 [ 166.545873][ T6597] get_locked_pte+0xa1/0xc0 [ 166.545913][ T6597] insert_page+0xcc/0x220 [ 166.545953][ T6597] ? __pfx_insert_page+0x10/0x10 [ 166.545990][ T6597] ? __pfx_down_read_trylock+0x10/0x10 [ 166.546052][ T6597] vm_insert_page+0x2c0/0x400 [ 166.546097][ T6597] kcov_mmap+0xca/0x130 [ 166.546152][ T6597] __mmap_region+0x1443/0x29e0 [ 166.546209][ T6597] ? __pfx___mmap_region+0x10/0x10 [ 166.546261][ T6597] ? find_held_lock+0x2b/0x80 [ 166.546291][ T6597] ? ima_match_policy+0x8c4/0x2350 [ 166.546345][ T6597] ? ima_match_policy+0x8c4/0x2350 [ 166.546436][ T6597] ? find_held_lock+0x2b/0x80 [ 166.546466][ T6597] ? process_measurement+0x4c8/0x2350 [ 166.546510][ T6597] ? process_measurement+0x4c8/0x2350 [ 166.546610][ T6597] ? process_measurement+0x1f4/0x2350 [ 166.546729][ T6597] mmap_region+0x30a/0x3e0 [ 166.546788][ T6597] do_mmap+0xc63/0x12f0 [ 166.546831][ T6597] ? __pfx_do_mmap+0x10/0x10 [ 166.546868][ T6597] ? __pfx_down_write_killable+0x10/0x10 [ 166.546921][ T6597] vm_mmap_pgoff+0x29e/0x470 [ 166.546968][ T6597] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 166.547001][ T6597] ? __fget_files+0x215/0x3d0 [ 166.547041][ T6597] ? __fget_files+0x21f/0x3d0 [ 166.547079][ T6597] ksys_mmap_pgoff+0x3c8/0x650 [ 166.547112][ T6597] ? __x64_sys_futex+0x34f/0x4d0 [ 166.547152][ T6597] ? __x64_sys_futex+0x358/0x4d0 [ 166.547193][ T6597] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 166.547223][ T6597] ? xfd_validate_state+0x129/0x190 [ 166.547270][ T6597] __x64_sys_mmap+0x125/0x190 [ 166.547315][ T6597] do_syscall_64+0x106/0xf80 [ 166.547347][ T6597] ? clear_bhb_loop+0x40/0x90 [ 166.547382][ T6597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.547411][ T6597] RIP: 0033:0x7f6e5dd9c799 [ 166.547435][ T6597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 166.547463][ T6597] RSP: 002b:00007f6e5ec25028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 166.547489][ T6597] RAX: ffffffffffffffda RBX: 00007f6e5e015fa0 RCX: 00007f6e5dd9c799 [ 166.547508][ T6597] RDX: 0000000000000007 RSI: 00000000003fffff RDI: 0000000000012000 [ 166.547525][ T6597] RBP: 00007f6e5de32bd9 R08: 00000000000000dd R09: 0000000000000000 [ 166.547541][ T6597] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 166.547558][ T6597] R13: 00007f6e5e016038 R14: 00007f6e5e015fa0 R15: 00007ffedca15108 [ 166.547603][ T6597] [ 166.989707][ T6597] kcov: kcov: vm_insert_page() failed [ 168.318497][ T6606] zswap: compressor not available [ 170.066828][ T6633] smpboot: CPU 1 is now offline [ 170.178504][ T6634] netlink: 12 bytes leftover after parsing attributes in process `syz.3.119'. [ 170.248335][ T6634] net_ratelimit: 5 callbacks suppressed [ 170.248357][ T6634] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 171.554751][ T6660] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 171.769637][ T6660] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 172.362147][ T6652] zswap: compressor not available [ 172.675122][ T6660] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 173.193280][ T6660] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 173.571749][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 173.633028][ T6671] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 173.932188][ T6652] FAULT_INJECTION: forcing a failure. [ 173.932188][ T6652] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 174.000935][ T6652] CPU: 0 UID: 0 PID: 6652 Comm: syz.3.123 Tainted: G L syzkaller #0 PREEMPT(full) [ 174.000977][ T6652] Tainted: [L]=SOFTLOCKUP [ 174.000985][ T6652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 174.000999][ T6652] Call Trace: [ 174.001007][ T6652] [ 174.001016][ T6652] dump_stack_lvl+0x100/0x190 [ 174.001059][ T6652] should_fail_ex.cold+0x5/0xa [ 174.001083][ T6652] ? prepare_alloc_pages+0x16d/0x5f0 [ 174.001113][ T6652] should_fail_alloc_page+0xeb/0x140 [ 174.001140][ T6652] prepare_alloc_pages+0x1f0/0x5f0 [ 174.001173][ T6652] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 174.001211][ T6652] ? rcu_is_watching+0x12/0xc0 [ 174.001252][ T6652] ? __lock_acquire+0x4a5/0x2630 [ 174.001292][ T6652] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 174.001332][ T6652] ? do_raw_spin_lock+0x128/0x260 [ 174.001368][ T6652] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 174.001404][ T6652] ? find_held_lock+0x2b/0x80 [ 174.001435][ T6652] ? __lock_acquire+0x4a5/0x2630 [ 174.001508][ T6652] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 174.001551][ T6652] ? policy_nodemask+0xed/0x4f0 [ 174.001578][ T6652] alloc_pages_mpol+0x1fb/0x550 [ 174.001605][ T6652] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 174.001631][ T6652] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 174.001669][ T6652] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 174.001713][ T6652] folio_alloc_mpol_noprof+0x36/0x340 [ 174.001744][ T6652] shmem_alloc_folio+0x135/0x160 [ 174.001776][ T6652] shmem_alloc_and_add_folio+0x371/0xd40 [ 174.001820][ T6652] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 174.001859][ T6652] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 174.001902][ T6652] shmem_get_folio_gfp+0x6ab/0x1900 [ 174.001945][ T6652] ? find_held_lock+0x2b/0x80 [ 174.001970][ T6652] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 174.002008][ T6652] ? ktime_get_coarse_real_ts64_mg+0x235/0x300 [ 174.002038][ T6652] ? lockdep_hardirqs_on+0x78/0x100 [ 174.002070][ T6652] shmem_fault+0x1f9/0xa20 [ 174.002107][ T6652] ? __lock_acquire+0x4a5/0x2630 [ 174.002136][ T6652] ? __pfx_shmem_fault+0x10/0x10 [ 174.002175][ T6652] ? __up_read+0x2c5/0x700 [ 174.002219][ T6652] ? __pfx_filemap_map_pages+0x10/0x10 [ 174.002254][ T6652] __do_fault+0x10d/0x550 [ 174.002296][ T6652] ? __pfx_filemap_map_pages+0x10/0x10 [ 174.002330][ T6652] do_fault+0x2db/0x1950 [ 174.002361][ T6652] __handle_mm_fault+0x180f/0x2b60 [ 174.002402][ T6652] ? __pfx___handle_mm_fault+0x10/0x10 [ 174.002436][ T6652] ? pte_offset_map_lock+0x174/0x320 [ 174.002469][ T6652] ? find_held_lock+0x2b/0x80 [ 174.002501][ T6652] ? follow_page_pte+0x5b3/0x1400 [ 174.002533][ T6652] handle_mm_fault+0x36d/0xa20 [ 174.002571][ T6652] __get_user_pages+0xf9c/0x34d0 [ 174.002605][ T6652] ? down_read_killable+0x30e/0x4c0 [ 174.002640][ T6652] ? __pfx___get_user_pages+0x10/0x10 [ 174.002675][ T6652] faultin_page_range+0x1f1/0x9e0 [ 174.002709][ T6652] madvise_do_behavior+0x354/0x510 [ 174.002740][ T6652] ? __pfx_madvise_do_behavior+0x10/0x10 [ 174.002784][ T6652] do_madvise+0x195/0x240 [ 174.002811][ T6652] ? __pfx_do_madvise+0x10/0x10 [ 174.002837][ T6652] ? do_futex+0x192/0x350 [ 174.002895][ T6652] __x64_sys_madvise+0xa9/0x110 [ 174.002922][ T6652] ? lockdep_hardirqs_on+0x78/0x100 [ 174.002952][ T6652] do_syscall_64+0x106/0xf80 [ 174.002980][ T6652] ? clear_bhb_loop+0x40/0x90 [ 174.003010][ T6652] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.003035][ T6652] RIP: 0033:0x7f6e5dd9c799 [ 174.003055][ T6652] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 174.003078][ T6652] RSP: 002b:00007f6e5ec25028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 174.003101][ T6652] RAX: ffffffffffffffda RBX: 00007f6e5e015fa0 RCX: 00007f6e5dd9c799 [ 174.003117][ T6652] RDX: 0000000000000017 RSI: 000000000000ca3d RDI: 0000000000000000 [ 174.003131][ T6652] RBP: 00007f6e5de32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 174.003145][ T6652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.003159][ T6652] R13: 00007f6e5e016038 R14: 00007f6e5e015fa0 R15: 00007ffedca15108 [ 174.003190][ T6652] [ 174.734794][ T6677] program syz.2.128 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 174.911956][ T6676] ima: policy update failed [ 174.950238][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 174.980080][ T29] audit: type=1807 audit(1772585491.422:7): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 175.033417][ T29] audit: type=1802 audit(1772585491.422:8): pid=6677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.128" res=0 errno=0 [ 175.102275][ T29] audit: type=1802 audit(1772585491.642:9): pid=6676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.128" res=0 errno=0 [ 175.342415][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 175.727812][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 175.877474][ T6695] netlink: 186 bytes leftover after parsing attributes in process `syz.1.130'. [ 175.891874][ T6697] FAULT_INJECTION: forcing a failure. [ 175.891874][ T6697] name failslab, interval 1, probability 0, space 0, times 0 [ 175.936727][ T6697] CPU: 0 UID: 0 PID: 6697 Comm: syz.2.131 Tainted: G L syzkaller #0 PREEMPT(full) [ 175.936765][ T6697] Tainted: [L]=SOFTLOCKUP [ 175.936773][ T6697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 175.936788][ T6697] Call Trace: [ 175.936795][ T6697] [ 175.936804][ T6697] dump_stack_lvl+0x100/0x190 [ 175.936846][ T6697] should_fail_ex.cold+0x5/0xa [ 175.936874][ T6697] should_failslab+0xc2/0x120 [ 175.936899][ T6697] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 175.936935][ T6697] ? security_file_alloc+0x34/0x2c0 [ 175.936959][ T6697] ? trace_kmem_cache_alloc+0xf3/0x120 [ 175.936989][ T6697] security_file_alloc+0x34/0x2c0 [ 175.937018][ T6697] init_file+0x95/0x480 [ 175.937046][ T6697] alloc_empty_file+0x73/0x1c0 [ 175.937076][ T6697] dentry_open+0x46/0xd0 [ 175.937106][ T6697] acct_on+0x189/0x9e0 [ 175.937143][ T6697] ? __pfx_acct_on+0x10/0x10 [ 175.937178][ T6697] ? bpf_lsm_capable+0x9/0x10 [ 175.937207][ T6697] ? security_capable+0x80/0x260 [ 175.937243][ T6697] __x64_sys_acct+0x81/0x1e0 [ 175.937277][ T6697] ? lockdep_hardirqs_on+0x78/0x100 [ 175.937306][ T6697] do_syscall_64+0x106/0xf80 [ 175.937333][ T6697] ? clear_bhb_loop+0x40/0x90 [ 175.937362][ T6697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.937387][ T6697] RIP: 0033:0x7f3d89b9c799 [ 175.937411][ T6697] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 175.937434][ T6697] RSP: 002b:00007f3d8ab18028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 175.937457][ T6697] RAX: ffffffffffffffda RBX: 00007f3d89e15fa0 RCX: 00007f3d89b9c799 [ 175.937472][ T6697] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100 [ 175.937487][ T6697] RBP: 00007f3d89c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 175.937501][ T6697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 175.937515][ T6697] R13: 00007f3d89e16038 R14: 00007f3d89e15fa0 R15: 00007fff99b71598 [ 175.937546][ T6697] [ 178.449085][ T6725] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 179.250504][ T6745] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 179.882625][ T6727] Invalid ELF header magic: != ELF [ 180.123364][ T6754] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 180.395256][ T6759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 180.440125][ T6759] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 180.556881][ T6759] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 180.661608][ T6759] page_type: f5(slab) [ 180.730753][ T6759] raw: 00fff00000000040 ffff888140413140 dead000000000100 dead000000000122 [ 180.829957][ T6759] raw: 0000000000000000 0000000800150015 00000000f5000000 0000000000000000 [ 180.830010][ T6759] head: 00fff00000000040 ffff888140413140 dead000000000100 dead000000000122 [ 180.830034][ T6759] head: 0000000000000000 0000000800150015 00000000f5000000 0000000000000000 [ 180.830057][ T6759] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 180.830080][ T6759] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 180.830096][ T6759] page dumped because: unmovable page [ 180.830115][ T6759] page_owner tracks the page as allocated [ 180.830150][ T6759] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5201, tgid 5201 (udevd), ts 64601624305, free_ts 34474516956 [ 180.830199][ T6759] post_alloc_hook+0x153/0x170 [ 180.830236][ T6759] get_page_from_freelist+0x111d/0x3140 [ 180.830272][ T6759] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 180.830308][ T6759] new_slab+0xa6/0x6d0 [ 180.830336][ T6759] refill_objects+0x26b/0x400 [ 180.830368][ T6759] __pcs_replace_empty_main+0x19f/0x600 [ 180.830404][ T6759] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 180.830441][ T6759] __d_alloc+0x34/0xa80 [ 180.830482][ T6759] d_alloc+0x4a/0x1e0 [ 180.830506][ T6759] lookup_one_qstr_excl+0x175/0x250 [ 180.830537][ T6759] filename_create+0x1cf/0x400 [ 180.830572][ T6759] filename_symlinkat+0xe1/0x560 [ 180.830598][ T6759] __x64_sys_symlink+0x79/0xb0 [ 180.830624][ T6759] do_syscall_64+0x106/0xf80 [ 180.830652][ T6759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.830677][ T6759] page last free pid 1 tgid 1 stack trace: [ 180.830691][ T6759] __free_frozen_pages+0x7e1/0x10d0 [ 180.830720][ T6759] free_contig_range+0xde/0x1d0 [ 180.830749][ T6759] destroy_args+0xa8/0x7a0 [ 180.830780][ T6759] debug_vm_pgtable+0x1b66/0x34c0 [ 180.830817][ T6759] do_one_initcall+0x11d/0x760 [ 180.830843][ T6759] kernel_init_freeable+0x6e5/0x7a0 [ 180.830875][ T6759] kernel_init+0x1f/0x1e0 [ 180.830909][ T6759] ret_from_fork+0x754/0xd80 [ 180.830944][ T6759] ret_from_fork_asm+0x1a/0x30 [ 180.844860][ T6765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 180.844893][ T6765] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 180.844913][ T6765] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 180.844937][ T6765] page_type: f5(slab) [ 180.844958][ T6765] raw: 00fff00000000040 ffff888140413140 dead000000000100 dead000000000122 [ 180.844982][ T6765] raw: 0000000000000000 0000000800150015 00000000f5000000 0000000000000000 [ 180.845235][ T6765] head: 00fff00000000040 ffff888140413140 dead000000000100 dead000000000122 [ 180.845267][ T6765] head: 0000000000000000 0000000800150015 00000000f5000000 0000000000000000 [ 180.845291][ T6765] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 180.845314][ T6765] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 180.845359][ T6765] page dumped because: unmovable page [ 180.845374][ T6765] page_owner tracks the page as allocated [ 180.845383][ T6765] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5201, tgid 5201 (udevd), ts 64601624305, free_ts 34474516956 [ 180.845428][ T6765] post_alloc_hook+0x153/0x170 [ 180.845464][ T6765] get_page_from_freelist+0x111d/0x3140 [ 180.845499][ T6765] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 180.845535][ T6765] new_slab+0xa6/0x6d0 [ 180.845562][ T6765] refill_objects+0x26b/0x400 [ 180.845594][ T6765] __pcs_replace_empty_main+0x19f/0x600 [ 180.845629][ T6765] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 180.845665][ T6765] __d_alloc+0x34/0xa80 [ 180.845689][ T6765] d_alloc+0x4a/0x1e0 [ 180.845721][ T6765] lookup_one_qstr_excl+0x175/0x250 [ 180.845751][ T6765] filename_create+0x1cf/0x400 [ 180.845786][ T6765] filename_symlinkat+0xe1/0x560 [ 180.845812][ T6765] __x64_sys_symlink+0x79/0xb0 [ 180.845839][ T6765] do_syscall_64+0x106/0xf80 [ 180.845867][ T6765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.845892][ T6765] page last free pid 1 tgid 1 stack trace: [ 180.845905][ T6765] __free_frozen_pages+0x7e1/0x10d0 [ 180.845934][ T6765] free_contig_range+0xde/0x1d0 [ 180.845963][ T6765] destroy_args+0xa8/0x7a0 [ 180.845994][ T6765] debug_vm_pgtable+0x1b66/0x34c0 [ 180.846025][ T6765] do_one_initcall+0x11d/0x760 [ 180.846049][ T6765] kernel_init_freeable+0x6e5/0x7a0 [ 180.846081][ T6765] kernel_init+0x1f/0x1e0 [ 180.846135][ T6765] ret_from_fork+0x754/0xd80 [ 180.846170][ T6765] ret_from_fork_asm+0x1a/0x30 [ 181.015606][ T6764] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 181.218178][ T6767] nvme_fcloop: unknown parameter or missing value 'ȡ' [ 183.412483][ T6791] syz.3.149 (6791) used greatest stack depth: 19672 bytes left [ 183.870766][ T6811] FAULT_INJECTION: forcing a failure. [ 183.870766][ T6811] name failslab, interval 1, probability 0, space 0, times 0 [ 183.988859][ T6811] CPU: 0 UID: 0 PID: 6811 Comm: syz.2.153 Tainted: G L syzkaller #0 PREEMPT(full) [ 183.988898][ T6811] Tainted: [L]=SOFTLOCKUP [ 183.988907][ T6811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 183.988921][ T6811] Call Trace: [ 183.988929][ T6811] [ 183.988938][ T6811] dump_stack_lvl+0x100/0x190 [ 183.989004][ T6811] should_fail_ex.cold+0x5/0xa [ 183.989033][ T6811] should_failslab+0xc2/0x120 [ 183.989061][ T6811] __kmalloc_cache_noprof+0x7a/0x6f0 [ 183.989092][ T6811] ? ima_add_digest_entry+0x52/0x520 [ 183.989128][ T6811] ima_add_digest_entry+0x52/0x520 [ 183.989163][ T6811] ima_add_template_entry+0x442/0x800 [ 183.989201][ T6811] ? __pfx_ima_add_template_entry+0x10/0x10 [ 183.989235][ T6811] ? ima_calc_field_array_hash+0x378/0x440 [ 183.989279][ T6811] ima_store_template+0xda/0x150 [ 183.989318][ T6811] ima_store_measurement+0x21c/0x5b0 [ 183.989358][ T6811] ? __pfx_ima_store_measurement+0x10/0x10 [ 183.989406][ T6811] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 183.989443][ T6811] process_measurement+0x19cc/0x2350 [ 183.989486][ T6811] ? __pfx_process_measurement+0x10/0x10 [ 183.989520][ T6811] ? trace_contention_end+0x140/0x180 [ 183.989608][ T6811] ? find_held_lock+0x2b/0x80 [ 183.989629][ T6811] ? trace_array_get+0xd8/0x100 [ 183.989650][ T6811] ? trace_array_get+0xd8/0x100 [ 183.989696][ T6811] ? bpf_lsm_locked_down+0x9/0x10 [ 183.989720][ T6811] ? security_locked_down+0x70/0x1e0 [ 183.989747][ T6811] ? tracing_open_generic+0x94/0xc0 [ 183.989783][ T6811] ? subsystem_open+0x1bc/0x4b0 [ 183.989807][ T6811] ? inode_to_bdi+0x9e/0x160 [ 183.989832][ T6811] ima_file_check+0xcc/0x120 [ 183.989865][ T6811] ? __pfx_ima_file_check+0x10/0x10 [ 183.989905][ T6811] security_file_post_open+0xc4/0x210 [ 183.989944][ T6811] path_openat+0x1418/0x31a0 [ 183.989978][ T6811] ? __pfx_path_openat+0x10/0x10 [ 183.990013][ T6811] do_file_open+0x20e/0x430 [ 183.990039][ T6811] ? __pfx_do_file_open+0x10/0x10 [ 183.990084][ T6811] ? alloc_fd+0x476/0x790 [ 183.990109][ T6811] ? do_getname+0x191/0x390 [ 183.990141][ T6811] do_sys_openat2+0x10d/0x1e0 [ 183.990190][ T6811] ? __pfx_do_sys_openat2+0x10/0x10 [ 183.990223][ T6811] ? __pfx_idempotent_init_module+0x10/0x10 [ 183.990262][ T6811] __x64_sys_openat+0x12d/0x210 [ 183.990294][ T6811] ? __pfx___x64_sys_openat+0x10/0x10 [ 183.990338][ T6811] do_syscall_64+0x106/0xf80 [ 183.990365][ T6811] ? clear_bhb_loop+0x40/0x90 [ 183.990394][ T6811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.990419][ T6811] RIP: 0033:0x7f3d89b9c799 [ 183.990440][ T6811] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 183.990463][ T6811] RSP: 002b:00007f3d8aaf7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 183.990486][ T6811] RAX: ffffffffffffffda RBX: 00007f3d89e16090 RCX: 00007f3d89b9c799 [ 183.990502][ T6811] RDX: 0000000000000002 RSI: 0000200000001a80 RDI: ffffffffffffff9c [ 183.990517][ T6811] RBP: 00007f3d89c32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 183.990531][ T6811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.990550][ T6811] R13: 00007f3d89e16128 R14: 00007f3d89e16090 R15: 00007fff99b71598 [ 183.990581][ T6811] [ 183.990592][ T6811] ima: OUT OF MEMORY ERROR creating queue entry [ 184.695000][ T6804] netlink: 4 bytes leftover after parsing attributes in process `syz.1.150'. [ 184.954738][ T29] audit: type=1804 audit(1772585501.617:10): pid=6811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.153" name="/newroot/sys/kernel/tracing/events/vmalloc/filter" dev="tracefs" ino=19680823 res=0 errno=0 [ 185.054956][ T6807] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 185.062638][ T6807] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 185.072695][ T6807] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 185.348996][ T6826] syz.0.156(6826): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 185.897676][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 185.960388][ T6829] [U] [ 185.963391][ T6829] [U] [ 185.966106][ T6829] [U] [ 185.968819][ T6829] [U] [ 185.988829][ T6829] [U] [ 185.991590][ T6829] [U] [ 185.994310][ T6829] [U] [ 185.997025][ T6829] [U] [ 186.012688][ T6829] [U] [ 186.015447][ T6829] [U] [ 186.018173][ T6829] [U] [ 186.020907][ T6829] [U] [ 186.073894][ T6829] [U] [ 186.076678][ T6829] [U] [ 186.079420][ T6829] [U] [ 186.082135][ T6829] [U] [ 186.100118][ T6829] [U] [ 186.102871][ T6829] [U] [ 186.105597][ T6829] [U] [ 186.108328][ T6829] [U] [ 186.125501][ T6829] [U] [ 186.995348][ T6839] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 187.098245][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 187.104466][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 188.272436][ T6858] input: jJǸ-9%vJ86 as /devices/virtual/input/input8 [ 189.290027][ T5831] Bluetooth: hci1: unexpected event 0x20 length: 123 > 7 [ 189.670695][ T6862] zswap: compressor not available [ 193.346192][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.353533][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.592686][ T6918] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 194.601514][ T6918] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 194.732887][ T6924] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 195.073670][ T6918] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 195.306453][ T6918] page_type: f5(slab) [ 195.345381][ T6918] raw: 00fff00000000040 ffff888140413140 dead000000000100 dead000000000122 [ 195.475043][ T6918] raw: 0000000000000000 0000000800150015 00000000f5000000 0000000000000000 [ 195.602047][ T6918] head: 00fff00000000040 ffff888140413140 dead000000000100 dead000000000122 [ 195.748782][ T6918] head: 0000000000000000 0000000800150015 00000000f5000000 0000000000000000 [ 195.766411][ T6943] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 195.894902][ T6918] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 196.140548][ T6918] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 196.284711][ T6918] page dumped because: unmovable page [ 196.357109][ T6918] page_owner tracks the page as allocated [ 196.422446][ T6918] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5201, tgid 5201 (udevd), ts 64601624305, free_ts 34474516956 [ 196.654524][ T6918] post_alloc_hook+0x153/0x170 [ 196.719314][ T6918] get_page_from_freelist+0x111d/0x3140 [ 196.776770][ T6918] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 196.862450][ T6918] new_slab+0xa6/0x6d0 [ 196.896599][ T6918] refill_objects+0x26b/0x400 [ 196.950160][ T6918] __pcs_replace_empty_main+0x19f/0x600 [ 196.986472][ T6918] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 197.037107][ T6918] __d_alloc+0x34/0xa80 [ 197.041337][ T6918] d_alloc+0x4a/0x1e0 [ 197.126841][ T6918] lookup_one_qstr_excl+0x175/0x250 [ 197.203058][ T6918] filename_create+0x1cf/0x400 [ 197.256768][ T6918] filename_symlinkat+0xe1/0x560 [ 197.301427][ T6918] __x64_sys_symlink+0x79/0xb0 [ 197.353401][ T6918] do_syscall_64+0x106/0xf80 [ 197.402027][ T6918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.455450][ T6918] page last free pid 1 tgid 1 stack trace: [ 197.496122][ T6918] __free_frozen_pages+0x7e1/0x10d0 [ 197.529836][ T6918] free_contig_range+0xde/0x1d0 [ 197.566280][ T6918] destroy_args+0xa8/0x7a0 [ 197.599562][ T6918] debug_vm_pgtable+0x1b66/0x34c0 [ 197.633250][ T6918] do_one_initcall+0x11d/0x760 [ 197.665050][ T6918] kernel_init_freeable+0x6e5/0x7a0 [ 197.701148][ T6918] kernel_init+0x1f/0x1e0 [ 197.733559][ T6918] ret_from_fork+0x754/0xd80 [ 197.813580][ T6918] ret_from_fork_asm+0x1a/0x30 [ 199.837650][ T29] audit: type=1800 audit(1772586539.503:11): pid=6993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=13600 res=0 errno=0 [ 199.944713][ T6992] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 200.287139][ T6993] could not allocate digest TFM handle [ 200.962420][ T7003] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 201.099319][ T7014] nvme_fcloop: unknown parameter or missing value 'ȡ' [ 202.476499][ T7027] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 203.774872][ T7033] nvme_fcloop: unknown parameter or missing value '7' [ 205.145702][ T7051] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 206.057881][ T7063] nvme_fcloop: unknown parameter or missing value 'ȡ' [ 206.281621][ T7074] nvme_fcloop: unknown parameter or missing value './file0/.' [ 208.021230][ T7087] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 208.206412][ T7097] netlink: 12 bytes leftover after parsing attributes in process `syz.1.207'. [ 208.281443][ T7097] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 208.353513][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 208.364556][ T7092] smpboot: CPU 1 is now offline [ 211.233976][ T7113] nvme_fcloop: unknown parameter or missing value '7' [ 211.456633][ T7109] nvme_fcloop: unknown parameter or missing value '7' [ 212.589773][ T7116] nvme_fcloop: unknown parameter or missing value 'ȡ' [ 214.611638][ T7134] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 214.647980][ T7140] FAULT_INJECTION: forcing a failure. [ 214.647980][ T7140] name failslab, interval 1, probability 0, space 0, times 0 [ 214.705856][ T7140] CPU: 0 UID: 0 PID: 7140 Comm: syz.0.227 Tainted: G L syzkaller #0 PREEMPT(full) [ 214.705896][ T7140] Tainted: [L]=SOFTLOCKUP [ 214.705904][ T7140] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 214.705919][ T7140] Call Trace: [ 214.705927][ T7140] [ 214.705936][ T7140] dump_stack_lvl+0x100/0x190 [ 214.705977][ T7140] should_fail_ex.cold+0x5/0xa [ 214.706005][ T7140] should_failslab+0xc2/0x120 [ 214.706030][ T7140] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 214.706066][ T7140] ? alloc_inode+0x183/0x250 [ 214.706096][ T7140] ? stashed_dentry_get+0x10a/0x2c0 [ 214.706121][ T7140] ? stashed_dentry_get+0x10a/0x2c0 [ 214.706150][ T7140] alloc_inode+0x183/0x250 [ 214.706185][ T7140] path_from_stashed+0x25b/0x750 [ 214.706216][ T7140] pidfs_alloc_file+0xf8/0x290 [ 214.706254][ T7140] ? __pfx_pidfs_alloc_file+0x10/0x10 [ 214.706300][ T7140] pidfd_prepare+0x123/0x200 [ 214.706329][ T7140] __x64_sys_pidfd_open+0x105/0x1a0 [ 214.706363][ T7140] ? __pfx___x64_sys_pidfd_open+0x10/0x10 [ 214.706405][ T7140] do_syscall_64+0x106/0xf80 [ 214.706433][ T7140] ? clear_bhb_loop+0x40/0x90 [ 214.706462][ T7140] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.706487][ T7140] RIP: 0033:0x7f3d18f9c799 [ 214.706506][ T7140] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 214.706528][ T7140] RSP: 002b:00007f3d19de6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b2 [ 214.706550][ T7140] RAX: ffffffffffffffda RBX: 00007f3d19215fa0 RCX: 00007f3d18f9c799 [ 214.706565][ T7140] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 214.706579][ T7140] RBP: 00007f3d19032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 214.706593][ T7140] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 214.706607][ T7140] R13: 00007f3d19216038 R14: 00007f3d19215fa0 R15: 00007ffc3b2b38b8 [ 214.706637][ T7140] [ 215.279021][ T7143] ======================================================= [ 215.279021][ T7143] WARNING: The mand mount option has been deprecated and [ 215.279021][ T7143] and is ignored by this kernel. Remove the mand [ 215.279021][ T7143] option from the mount to silence this warning. [ 215.279021][ T7143] ======================================================= [ 215.604100][ T7150] netlink: 28 bytes leftover after parsing attributes in process `syz.1.219'. [ 216.901658][ T7152] kexec: Could not allocate control_code_buffer [ 217.932661][ T7162] FAULT_INJECTION: forcing a failure. [ 217.932661][ T7162] name failslab, interval 1, probability 0, space 0, times 0 [ 217.995826][ T7162] CPU: 0 UID: 0 PID: 7162 Comm: syz.1.222 Tainted: G L syzkaller #0 PREEMPT(full) [ 217.995865][ T7162] Tainted: [L]=SOFTLOCKUP [ 217.995873][ T7162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 217.995887][ T7162] Call Trace: [ 217.995895][ T7162] [ 217.995904][ T7162] dump_stack_lvl+0x100/0x190 [ 217.995946][ T7162] should_fail_ex.cold+0x5/0xa [ 217.995975][ T7162] should_failslab+0xc2/0x120 [ 217.995999][ T7162] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 217.996063][ T7162] ? acpi_ps_alloc_op+0x29d/0x360 [ 217.996093][ T7162] acpi_ps_alloc_op+0x29d/0x360 [ 217.996114][ T7162] ? acpi_ut_status_exit+0x111/0x1c0 [ 217.996140][ T7162] acpi_ps_create_op+0x4b3/0xd10 [ 217.996180][ T7162] ? __pfx_acpi_ps_create_op+0x10/0x10 [ 217.996228][ T7162] ? acpi_ut_status_exit+0x111/0x1c0 [ 217.996258][ T7162] acpi_ps_parse_loop+0xa65/0x24a0 [ 217.996304][ T7162] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 217.996342][ T7162] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 217.996510][ T7162] ? acpi_ut_create_thread_state+0x6d/0x170 [ 217.996562][ T7162] acpi_ps_parse_aml+0x81e/0x1120 [ 217.996609][ T7162] acpi_ps_execute_method+0x5c4/0xe90 [ 217.996640][ T7162] acpi_ns_evaluate+0x640/0x1670 [ 217.996674][ T7162] acpi_evaluate_object+0x420/0xe00 [ 217.996708][ T7162] ? kasan_save_stack+0x30/0x50 [ 217.996743][ T7162] ? kasan_save_track+0x14/0x30 [ 217.996786][ T7162] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 217.996833][ T7162] acpi_evaluate_integer+0xdf/0x220 [ 217.996864][ T7162] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 217.996907][ T7162] ? __pfx_status_show+0x10/0x10 [ 217.996941][ T7162] status_show+0xa0/0x120 [ 217.996976][ T7162] ? __pfx_status_show+0x10/0x10 [ 217.997019][ T7162] dev_attr_show+0x52/0xa0 [ 217.997043][ T7162] ? __pfx_dev_attr_show+0x10/0x10 [ 217.997064][ T7162] sysfs_kf_seq_show+0x217/0x3a0 [ 217.997101][ T7162] seq_read_iter+0x32f/0x1270 [ 217.997152][ T7162] kernfs_fop_read_iter+0x46c/0x610 [ 217.997180][ T7162] ? rw_verify_area+0xce/0x6d0 [ 217.997222][ T7162] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 217.997252][ T7162] vfs_read+0x825/0xb30 [ 217.997328][ T7162] ? __pfx_vfs_read+0x10/0x10 [ 217.997393][ T7162] ksys_read+0x12a/0x250 [ 217.997436][ T7162] ? __pfx_ksys_read+0x10/0x10 [ 217.997483][ T7162] do_syscall_64+0x106/0xf80 [ 217.997512][ T7162] ? clear_bhb_loop+0x40/0x90 [ 217.997543][ T7162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.997568][ T7162] RIP: 0033:0x7f1a1659c799 [ 217.997590][ T7162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 217.997613][ T7162] RSP: 002b:00007f1a1736e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 217.997636][ T7162] RAX: ffffffffffffffda RBX: 00007f1a16815fa0 RCX: 00007f1a1659c799 [ 217.997652][ T7162] RDX: 000000000000007a RSI: 0000200000000240 RDI: 000000000000000a [ 217.997667][ T7162] RBP: 00007f1a16632bd9 R08: 0000000000000000 R09: 0000000000000000 [ 217.997682][ T7162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.997697][ T7162] R13: 00007f1a16816038 R14: 00007f1a16815fa0 R15: 00007fff3cc90b68 [ 217.997731][ T7162] [ 217.997793][ T7162] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 219.393620][ T7178] nvme_fcloop: unknown parameter or missing value '7' [ 220.549053][ T7196] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 222.039647][ T7217] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 222.731879][ T7216] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 223.212415][ T7219] smpboot: CPU 1 is now offline [ 228.356859][ T7253] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 228.607762][ T7276] netlink: 28 bytes leftover after parsing attributes in process `syz.2.243'. [ 230.584898][ T7279] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 230.611115][ T7279] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 230.631943][ T7279] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 231.288387][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 231.388424][ T5831] Bluetooth: hci0: ISO packet for unknown connection handle 0 [ 231.702523][ T7301] netlink: 12 bytes leftover after parsing attributes in process `syz.2.249'. [ 232.642748][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 232.648872][ T51] Bluetooth: hci0: command 0x0c1a tx timeout [ 232.802159][ T7295] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 234.689939][ T7317] bridge0: port 3(team0) entered blocking state [ 234.876236][ T7317] bridge0: port 3(team0) entered disabled state [ 235.113877][ T7317] team0: entered allmulticast mode [ 235.119091][ T7317] team_slave_0: entered allmulticast mode [ 235.352056][ T7317] team_slave_1: entered allmulticast mode [ 235.557265][ T7317] team0: entered promiscuous mode [ 235.728290][ T7317] team_slave_0: entered promiscuous mode [ 235.920920][ T7317] team_slave_1: entered promiscuous mode [ 243.025387][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 243.033749][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 243.683188][ T7373] mmap: syz.1.262 (7373) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 246.373528][ T7393] netlink: 60 bytes leftover after parsing attributes in process `syz.1.264'. [ 247.365828][ T7403] netlink: 12 bytes leftover after parsing attributes in process `syz.2.267'. [ 247.522103][ T7403] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 248.444454][ T7406] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 248.700166][ T7413] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 249.347478][ T7416] smpboot: CPU 1 is now offline [ 250.670051][ T7429] netlink: 12 bytes leftover after parsing attributes in process `syz.0.272'. [ 253.078813][ T7448] pim6reg: entered allmulticast mode [ 256.105375][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.111759][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.145576][ T7477] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 257.090754][ T7501] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 257.830121][ T7495] netlink: 12 bytes leftover after parsing attributes in process `syz.3.286'. [ 258.038066][ T7509] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 258.373074][ T22] IRQ fixup: irq 34 move in progress, old vector 49 [ 258.435001][ T7516] smpboot: CPU 1 is now offline [ 258.666593][ T7509] netlink: 12 bytes leftover after parsing attributes in process `syz.1.288'. [ 258.759779][ T7509] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 260.808628][ T7535] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 260.818857][ T7535] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 260.841160][ T7535] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 261.141893][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 261.159935][ T7558] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 261.289949][ T7556] smpboot: CPU 1 is now offline [ 261.346650][ T7558] netlink: 12 bytes leftover after parsing attributes in process `syz.0.297'. [ 261.410534][ T7558] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 262.224605][ T7577] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 262.816408][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 262.896578][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout [ 264.609057][ T7607] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 268.111134][ T7637] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 268.448838][ T7646] netlink: 12 bytes leftover after parsing attributes in process `syz.2.310'. [ 268.535396][ T7646] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 269.014277][ T7643] smpboot: CPU 1 is now offline [ 269.420408][ T7660] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 269.543739][ T7654] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 273.438385][ T7702] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 273.472030][ T7718] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 274.678882][ T7728] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 275.565719][ T7748] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 275.964576][ T7757] netlink: 12 bytes leftover after parsing attributes in process `syz.0.328'. [ 276.178004][ T7757] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 276.384880][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 276.396084][ T7739] smpboot: CPU 1 is now offline [ 277.199209][ T7770] netlink: 12 bytes leftover after parsing attributes in process `syz.1.329'. [ 277.443486][ T7770] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 279.333046][ T7780] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 279.814278][ T7780] netlink: 12 bytes leftover after parsing attributes in process `syz.0.333'. [ 279.967303][ T7780] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 280.096299][ T7781] smpboot: CPU 1 is now offline [ 283.400102][ T7798] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 283.861114][ T7816] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 285.619789][ T7822] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 285.698078][ T7818] netlink: 12 bytes leftover after parsing attributes in process `syz.3.339'. [ 285.833827][ T7818] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 285.846801][ T7842] netlink: 12 bytes leftover after parsing attributes in process `syz.0.343'. [ 285.889685][ T7842] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 286.112252][ T7839] smpboot: CPU 1 is now offline [ 286.792606][ T7850] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 287.034682][ T7850] netlink: 12 bytes leftover after parsing attributes in process `syz.1.345'. [ 287.057320][ T7857] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input11 [ 287.113259][ T7852] smpboot: CPU 1 is now offline [ 287.140738][ T7850] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 287.883728][ T7865] netlink: 12 bytes leftover after parsing attributes in process `syz.2.344'. [ 287.998827][ T7865] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 288.542035][ T7866] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 289.996155][ T7877] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 292.001363][ T7893] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 292.544259][ T7902] smpboot: CPU 1 is now offline [ 292.831495][ T7906] netlink: 12 bytes leftover after parsing attributes in process `syz.0.355'. [ 292.941120][ T7906] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 293.816447][ T7922] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 294.300814][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 294.309320][ T7921] smpboot: CPU 1 is now offline [ 294.896060][ T7931] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 295.665860][ T7943] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 295.947133][ T7937] smpboot: CPU 1 is now offline [ 296.432276][ T7953] netlink: 12 bytes leftover after parsing attributes in process `syz.3.361'. [ 296.461892][ T7953] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 297.070928][ T7955] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 298.964784][ T7974] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 300.980392][ T8006] netlink: 28 bytes leftover after parsing attributes in process `syz.3.372'. [ 301.523458][ T8017] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 301.536832][ T8006] veth0_macvtap: left promiscuous mode [ 301.567578][ T8006] macvtap0: entered promiscuous mode [ 301.581960][ T8006] macvtap0: entered allmulticast mode [ 301.756086][ T8020] smpboot: CPU 1 is now offline [ 303.331139][ T8043] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 303.534404][ T8036] smpboot: CPU 1 is now offline [ 304.282654][ T8052] nvme_fcloop: unknown parameter or missing value '7' [ 304.588247][ T8045] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 304.883398][ T8057] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 305.134202][ T8060] smpboot: CPU 1 is now offline [ 305.796381][ T8068] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 306.384729][ T8081] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 306.636048][ T8088] smpboot: CPU 1 is now offline [ 306.772765][ T8100] netlink: 12 bytes leftover after parsing attributes in process `syz.0.385'. [ 306.828108][ T8100] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 307.042604][ T8101] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 308.186311][ T8119] nvme_fcloop: unknown parameter or missing value '7' [ 308.402409][ T5831] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 309.064337][ T8132] smpboot: CPU 1 is now offline [ 309.801392][ T8139] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 310.129954][ T8141] smpboot: CPU 1 is now offline [ 311.200882][ T8153] nvme_fcloop: unknown parameter or missing value './file0/.' [ 311.224384][ T8163] __vm_enough_memory: pid: 8163, comm: syz.1.399, bytes: 4398046511104 not enough memory for the allocation [ 312.379088][ T8169] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 312.853038][ T8184] pim6reg: entered allmulticast mode [ 313.055557][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 313.066747][ T8176] smpboot: CPU 1 is now offline [ 313.296433][ T8175] netlink: 12 bytes leftover after parsing attributes in process `syz.2.401'. [ 313.425209][ T8175] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 315.473720][ T8201] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 315.898241][ T22] IRQ fixup: irq 33 move in progress, old vector 47 [ 315.907134][ T8202] smpboot: CPU 1 is now offline [ 317.571067][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.583827][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.719777][ T8214] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 319.881120][ T8248] netlink: 186 bytes leftover after parsing attributes in process `syz.2.415'. [ 320.594452][ T8257] netlink: 186 bytes leftover after parsing attributes in process `syz.3.416'. [ 320.736907][ T8252] random: crng reseeded on system resumption [ 320.860178][ T8259] nvme_fcloop: unknown parameter or missing value '7' [ 322.031632][ T8252] netlink: 342 bytes leftover after parsing attributes in process `syz.0.414'. [ 326.815611][ T8305] pim6reg: entered allmulticast mode [ 327.850641][ T8315] nvme_fcloop: unknown parameter or missing value '7' [ 328.114197][ T8311] smpboot: CPU 1 is now offline [ 328.325704][ T8326] netlink: 12 bytes leftover after parsing attributes in process `syz.1.424'. [ 328.536618][ T8326] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 330.527516][ T8348] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 330.999418][ T8346] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 331.121977][ T8336] nvme_fcloop: unknown parameter or missing value 'ȡ.' [ 331.472257][ T8357] smpboot: CPU 1 is now offline [ 333.097774][ T8372] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 333.194168][ T8274] ------------[ cut here ]------------ [ 333.195448][ T8274] [ 333.195457][ T8274] ====================================================== [ 333.195467][ T8274] WARNING: possible circular locking dependency detected [ 333.195481][ T8274] syzkaller #0 Tainted: G L [ 333.195496][ T8274] ------------------------------------------------------ [ 333.195505][ T8274] syz.1.427/8274 is trying to acquire lock: [ 333.195518][ T8274] ffffffff8e6f53c0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80 [ 333.195600][ T8274] [ 333.195600][ T8274] but task is already holding lock: [ 333.195608][ T8274] ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 333.195674][ T8274] [ 333.195674][ T8274] which lock already depends on the new lock. [ 333.195674][ T8274] [ 333.195683][ T8274] [ 333.195683][ T8274] the existing dependency chain (in reverse order) is: [ 333.195692][ T8274] [ 333.195692][ T8274] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 333.195731][ T8274] _raw_spin_lock_nested+0x31/0x40 [ 333.195758][ T8274] raw_spin_rq_lock_nested+0x2c/0x140 [ 333.195784][ T8274] _task_rq_lock+0xcf/0x490 [ 333.195809][ T8274] cgroup_move_task+0x81/0x2b0 [ 333.195837][ T8274] css_set_move_task+0x285/0x600 [ 333.195862][ T8274] cgroup_post_fork+0x202/0x9b0 [ 333.195886][ T8274] copy_process+0x5f26/0x7a10 [ 333.195916][ T8274] kernel_clone+0xfc/0x9a0 [ 333.195944][ T8274] user_mode_thread+0xcc/0x110 [ 333.195974][ T8274] rest_init+0x21/0x260 [ 333.196012][ T8274] start_kernel+0x47f/0x480 [ 333.196046][ T8274] x86_64_start_reservations+0x24/0x30 [ 333.196084][ T8274] x86_64_start_kernel+0x12b/0x130 [ 333.196120][ T8274] common_startup_64+0x13e/0x148 [ 333.196147][ T8274] [ 333.196147][ T8274] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 333.196181][ T8274] _raw_spin_lock_irqsave+0x3a/0x60 [ 333.196207][ T8274] try_to_wake_up+0xb2/0x1a80 [ 333.196230][ T8274] __wake_up_common+0x135/0x1f0 [ 333.196283][ T8274] __wake_up+0x31/0x60 [ 333.196310][ T8274] tty_port_default_wakeup+0x47/0x60 [ 333.196346][ T8274] serial8250_tx_chars+0x68f/0x860 [ 333.196380][ T8274] serial8250_handle_irq+0x73e/0xcb0 [ 333.196418][ T8274] serial8250_default_handle_irq+0x9e/0x270 [ 333.196456][ T8274] serial8250_interrupt+0xf8/0x1d0 [ 333.196497][ T8274] __handle_irq_event_percpu+0x232/0x8e0 [ 333.196541][ T8274] handle_irq_event+0xab/0x1e0 [ 333.196582][ T8274] handle_edge_irq+0x375/0x970 [ 333.196620][ T8274] __common_interrupt+0xd8/0x2f0 [ 333.196659][ T8274] common_interrupt+0xb9/0xe0 [ 333.196699][ T8274] asm_common_interrupt+0x26/0x40 [ 333.196726][ T8274] pv_native_safe_halt+0xf/0x20 [ 333.196755][ T8274] default_idle+0x9/0x10 [ 333.196789][ T8274] default_idle_call+0x6c/0xb0 [ 333.196825][ T8274] do_idle+0x35b/0x4b0 [ 333.196847][ T8274] cpu_startup_entry+0x4f/0x60 [ 333.196870][ T8274] rest_init+0x251/0x260 [ 333.196906][ T8274] start_kernel+0x47f/0x480 [ 333.196939][ T8274] x86_64_start_reservations+0x24/0x30 [ 333.196976][ T8274] x86_64_start_kernel+0x12b/0x130 [ 333.197012][ T8274] common_startup_64+0x13e/0x148 [ 333.197037][ T8274] [ 333.197037][ T8274] -> #2 (&tty->write_wait){-.-.}-{3:3}: [ 333.197073][ T8274] _raw_spin_lock_irqsave+0x3a/0x60 [ 333.197099][ T8274] __wake_up+0x1c/0x60 [ 333.197124][ T8274] tty_port_default_wakeup+0x47/0x60 [ 333.197161][ T8274] serial8250_tx_chars+0x68f/0x860 [ 333.197196][ T8274] serial8250_handle_irq+0x73e/0xcb0 [ 333.197234][ T8274] serial8250_default_handle_irq+0x9e/0x270 [ 333.197273][ T8274] serial8250_interrupt+0xf8/0x1d0 [ 333.197313][ T8274] __handle_irq_event_percpu+0x232/0x8e0 [ 333.197357][ T8274] handle_irq_event+0xab/0x1e0 [ 333.197398][ T8274] handle_edge_irq+0x375/0x970 [ 333.197437][ T8274] __common_interrupt+0xd8/0x2f0 [ 333.197470][ T8274] common_interrupt+0xb9/0xe0 [ 333.197509][ T8274] asm_common_interrupt+0x26/0x40 [ 333.197535][ T8274] _raw_spin_unlock_irqrestore+0x31/0x80 [ 333.197562][ T8274] uart_write+0x29d/0xb20 [ 333.197593][ T8274] n_tty_write+0x44f/0x12d0 [ 333.197632][ T8274] file_tty_write.isra.0+0x4d2/0x890 [ 333.197671][ T8274] redirected_tty_write+0xd4/0x120 [ 333.197704][ T8274] vfs_write+0x6ac/0x1070 [ 333.197746][ T8274] ksys_write+0x12a/0x250 [ 333.197787][ T8274] do_syscall_64+0x106/0xf80 [ 333.197818][ T8274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.197845][ T8274] [ 333.197845][ T8274] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 333.197879][ T8274] _raw_spin_lock_irqsave+0x3a/0x60 [ 333.197906][ T8274] serial8250_console_write+0x17e/0x1900 [ 333.197946][ T8274] console_flush_one_record+0x790/0xe50 [ 333.197991][ T8274] console_unlock+0x103/0x260 [ 333.198032][ T8274] vprintk_emit+0x407/0x6b0 [ 333.198074][ T8274] _printk+0xcf/0x110 [ 333.198097][ T8274] register_console.cold+0xc0/0x248 [ 333.198125][ T8274] univ8250_console_init+0x6f/0x80 [ 333.198151][ T8274] console_init+0x423/0x620 [ 333.198195][ T8274] start_kernel+0x305/0x480 [ 333.198228][ T8274] x86_64_start_reservations+0x24/0x30 [ 333.198266][ T8274] x86_64_start_kernel+0x12b/0x130 [ 333.198304][ T8274] common_startup_64+0x13e/0x148 [ 333.198330][ T8274] [ 333.198330][ T8274] -> #0 (console_owner){-.-.}-{0:0}: [ 333.198364][ T8274] __lock_acquire+0x14b8/0x2630 [ 333.198397][ T8274] lock_acquire+0x1cf/0x380 [ 333.198429][ T8274] console_lock_spinning_enable+0x72/0x80 [ 333.198471][ T8274] console_flush_one_record+0x739/0xe50 [ 333.198515][ T8274] console_unlock+0x103/0x260 [ 333.198557][ T8274] vprintk_emit+0x407/0x6b0 [ 333.198599][ T8274] _printk+0xcf/0x110 [ 333.198622][ T8274] __report_bug.cold+0x15/0x137 [ 333.198665][ T8274] report_bug+0xb2/0x220 [ 333.198691][ T8274] handle_bug+0x16a/0x2a0 [ 333.198726][ T8274] exc_invalid_op+0x17/0x50 [ 333.198762][ T8274] asm_exc_invalid_op+0x1a/0x20 [ 333.198788][ T8274] update_rq_clock+0x40a/0xd20 [ 333.198814][ T8274] __schedule+0x1b7d/0x6120 [ 333.198840][ T8274] preempt_schedule_irq+0x50/0x90 [ 333.198869][ T8274] irqentry_exit+0x17b/0x670 [ 333.198899][ T8274] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 333.198928][ T8274] __kasan_check_write+0x0/0x20 [ 333.198965][ T8274] folios_put_refs+0x1e0/0x840 [ 333.199007][ T8274] free_pages_and_swap_cache+0x242/0x480 [ 333.199046][ T8274] __tlb_batch_free_encoded_pages+0xe9/0x280 [ 333.199080][ T8274] tlb_flush_mmu+0xe9/0x590 [ 333.199112][ T8274] unmap_page_range+0x2333/0x4840 [ 333.199138][ T8274] unmap_single_vma+0x153/0x240 [ 333.199165][ T8274] unmap_vmas+0x295/0x590 [ 333.199191][ T8274] exit_mmap+0x1ef/0xa30 [ 333.199218][ T8274] __mmput+0x12a/0x410 [ 333.199242][ T8274] mmput+0x67/0x80 [ 333.199267][ T8274] do_exit+0x78a/0x2aa0 [ 333.199299][ T8274] do_group_exit+0xd5/0x2a0 [ 333.199342][ T8274] get_signal+0x1ec7/0x21e0 [ 333.199368][ T8274] arch_do_signal_or_restart+0x91/0x770 [ 333.199400][ T8274] irqentry_exit+0x1f8/0x670 [ 333.199430][ T8274] asm_exc_page_fault+0x26/0x30 [ 333.199456][ T8274] [ 333.199456][ T8274] other info that might help us debug this: [ 333.199456][ T8274] [ 333.199465][ T8274] Chain exists of: [ 333.199465][ T8274] console_owner --> &p->pi_lock --> &rq->__lock [ 333.199465][ T8274] [ 333.199504][ T8274] Possible unsafe locking scenario: [ 333.199504][ T8274] [ 333.199511][ T8274] CPU0 CPU1 [ 333.199518][ T8274] ---- ---- [ 333.199525][ T8274] lock(&rq->__lock); [ 333.199540][ T8274] lock(&p->pi_lock); [ 333.199558][ T8274] lock(&rq->__lock); [ 333.199576][ T8274] lock(console_owner); [ 333.199592][ T8274] [ 333.199592][ T8274] *** DEADLOCK *** [ 333.199592][ T8274] [ 333.199598][ T8274] 4 locks held by syz.1.427/8274: [ 333.199613][ T8274] #0: ffff8880344b0340 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x124/0xa30 [ 333.199687][ T8274] #1: ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 333.199750][ T8274] #2: ffffffff8e7d5800 (console_lock){+.+.}-{0:0}, at: _printk+0xcf/0x110 [ 333.199810][ T8274] #3: ffffffff8e7d5878 (console_srcu){....}-{0:0}, at: console_flush_one_record+0xfd/0xe50 [ 333.199890][ T8274] [ 333.199890][ T8274] stack backtrace: [ 333.199906][ T8274] CPU: 0 UID: 0 PID: 8274 Comm: syz.1.427 Tainted: G L syzkaller #0 PREEMPT(full) [ 333.199945][ T8274] Tainted: [L]=SOFTLOCKUP [ 333.199954][ T8274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 333.199980][ T8274] Call Trace: [ 333.199989][ T8274] [ 333.200004][ T8274] dump_stack_lvl+0x100/0x190 [ 333.200045][ T8274] print_circular_bug.cold+0x178/0x1c7 [ 333.200094][ T8274] check_noncircular+0x146/0x160 [ 333.200131][ T8274] __lock_acquire+0x14b8/0x2630 [ 333.200172][ T8274] lock_acquire+0x1cf/0x380 [ 333.200206][ T8274] ? console_lock_spinning_enable+0x61/0x80 [ 333.200251][ T8274] ? console_lock_spinning_enable+0x4a/0x80 [ 333.200298][ T8274] console_lock_spinning_enable+0x72/0x80 [ 333.200341][ T8274] ? console_lock_spinning_enable+0x61/0x80 [ 333.200383][ T8274] console_flush_one_record+0x739/0xe50 [ 333.200432][ T8274] ? __pfx_console_flush_one_record+0x10/0x10 [ 333.200483][ T8274] ? is_printk_cpu_sync_owner+0x32/0x40 [ 333.200514][ T8274] console_unlock+0x103/0x260 [ 333.200557][ T8274] ? __pfx_console_unlock+0x10/0x10 [ 333.200604][ T8274] ? do_raw_spin_unlock+0x145/0x1e0 [ 333.200647][ T8274] ? _printk+0xcf/0x110 [ 333.200681][ T8274] vprintk_emit+0x407/0x6b0 [ 333.200727][ T8274] ? __pfx_vprintk_emit+0x10/0x10 [ 333.200774][ T8274] ? __lock_acquire+0x4a5/0x2630 [ 333.200812][ T8274] _printk+0xcf/0x110 [ 333.200837][ T8274] ? __pfx__printk+0x10/0x10 [ 333.200865][ T8274] ? lock_acquire+0x1cf/0x380 [ 333.200900][ T8274] ? __report_bug.cold+0x5/0x137 [ 333.200937][ T8274] ? __report_bug+0x377/0x3d0 [ 333.200966][ T8274] __report_bug.cold+0x15/0x137 [ 333.201002][ T8274] ? update_rq_clock+0x40a/0xd20 [ 333.201032][ T8274] ? __pfx___report_bug+0x10/0x10 [ 333.201060][ T8274] ? unwind_next_frame+0x3c8/0x1ea0 [ 333.201088][ T8274] ? do_group_exit+0xd5/0x2a0 [ 333.201125][ T8274] ? get_signal+0x1ec7/0x21e0 [ 333.201156][ T8274] ? update_rq_clock+0x40a/0xd20 [ 333.201186][ T8274] report_bug+0xb2/0x220 [ 333.201213][ T8274] ? update_rq_clock+0x40a/0xd20 [ 333.201241][ T8274] handle_bug+0x16a/0x2a0 [ 333.201278][ T8274] exc_invalid_op+0x17/0x50 [ 333.201316][ T8274] asm_exc_invalid_op+0x1a/0x20 [ 333.201342][ T8274] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 333.201373][ T8274] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 18 9f ba 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 333.201401][ T8274] RSP: 0018:ffffc90004846ea0 EFLAGS: 00010046 [ 333.201430][ T8274] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001 [ 333.201448][ T8274] RDX: 0000000000000046 RSI: ffffffff8de558ca RDI: ffffffff8c1af620 [ 333.201466][ T8274] RBP: ffffc90004847048 R08: 0000000000000001 R09: 0000000000000001 [ 333.201483][ T8274] R10: ffffffff90d9b217 R11: 0000000000000000 R12: ffffffff90d9e5e4 [ 333.201502][ T8274] R13: ffff8880b853c0c0 R14: ffff88801e6e9e80 R15: ffff8880b853b280 [ 333.201533][ T8274] __schedule+0x1b7d/0x6120 [ 333.201571][ T8274] ? __pfx___schedule+0x10/0x10 [ 333.201601][ T8274] ? mark_held_locks+0x40/0x70 [ 333.201636][ T8274] preempt_schedule_irq+0x50/0x90 [ 333.201673][ T8274] irqentry_exit+0x17b/0x670 [ 333.201707][ T8274] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 333.201737][ T8274] RIP: 0010:__kasan_check_write+0x0/0x20 [ 333.201777][ T8274] Code: 0c 24 89 f6 31 d2 e9 0f f3 ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 0c 24 89 f6 ba 01 00 00 00 e9 dc f2 ff ff 66 66 [ 333.201804][ T8274] RSP: 0018:ffffc90004847150 EFLAGS: 00000293 [ 333.201825][ T8274] RAX: 0000000000000000 RBX: ffffea0001023840 RCX: ffffffff8245cb40 [ 333.201843][ T8274] RDX: ffff88802c1e3d00 RSI: 0000000000000004 RDI: ffffea0001023874 [ 333.201862][ T8274] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000004 [ 333.201878][ T8274] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc90004847298 [ 333.201896][ T8274] R13: dffffc0000000000 R14: ffffc90004847328 R15: ffffc90004847350 [ 333.201919][ T8274] ? folios_put_refs+0x1c0/0x840 [ 333.201964][ T8274] folios_put_refs+0x1e0/0x840 [ 333.202009][ T8274] ? __pfx_folios_put_refs+0x10/0x10 [ 333.202055][ T8274] ? free_swap_cache+0x3b/0x490 [ 333.202094][ T8274] free_pages_and_swap_cache+0x242/0x480 [ 333.202135][ T8274] ? __pfx_free_pages_and_swap_cache+0x10/0x10 [ 333.202186][ T8274] ? __pfx_should_flush_tlb+0x10/0x10 [ 333.202227][ T8274] ? __pfx_flush_tlb_func+0x10/0x10 [ 333.202287][ T8274] ? __pfx___might_resched+0x10/0x10 [ 333.202333][ T8274] __tlb_batch_free_encoded_pages+0xe9/0x280 [ 333.202372][ T8274] tlb_flush_mmu+0xe9/0x590 [ 333.202408][ T8274] unmap_page_range+0x2333/0x4840 [ 333.202452][ T8274] ? __pfx_unmap_page_range+0x10/0x10 [ 333.202483][ T8274] ? mas_next_slot+0x1003/0x18b0 [ 333.202522][ T8274] ? uprobe_munmap+0x9e/0x700 [ 333.202566][ T8274] unmap_single_vma+0x153/0x240 [ 333.202597][ T8274] unmap_vmas+0x295/0x590 [ 333.202627][ T8274] ? __pfx_unmap_vmas+0x10/0x10 [ 333.202673][ T8274] exit_mmap+0x1ef/0xa30 [ 333.202705][ T8274] ? __pfx_exit_mmap+0x10/0x10 [ 333.202736][ T8274] ? trace_contention_end+0x140/0x180 [ 333.202777][ T8274] ? uprobe_clear_state+0x5f/0x360 [ 333.202819][ T8274] ? uprobe_clear_state+0x5f/0x360 [ 333.202866][ T8274] ? __lock_acquire+0x4a5/0x2630 [ 333.202908][ T8274] ? arch_uprobe_clear_state+0x107/0x150 [ 333.202955][ T8274] __mmput+0x12a/0x410 [ 333.202984][ T8274] mmput+0x67/0x80 [ 333.203010][ T8274] do_exit+0x78a/0x2aa0 [ 333.203047][ T8274] ? __pfx_do_exit+0x10/0x10 [ 333.203081][ T8274] ? __pfx_proc_coredump_connector+0x10/0x10 [ 333.203121][ T8274] do_group_exit+0xd5/0x2a0 [ 333.203159][ T8274] get_signal+0x1ec7/0x21e0 [ 333.203194][ T8274] ? __pfx_get_signal+0x10/0x10 [ 333.203227][ T8274] arch_do_signal_or_restart+0x91/0x770 [ 333.203263][ T8274] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 333.203302][ T8274] ? do_user_addr_fault+0x8d6/0x12f0 [ 333.203352][ T8274] irqentry_exit+0x1f8/0x670 [ 333.203386][ T8274] asm_exc_page_fault+0x26/0x30 [ 333.203413][ T8274] RIP: 0033:0x4021000 [ 333.203433][ T8274] Code: Unable to access opcode bytes at 0x4020fd6. [ 333.203445][ T8274] RSP: 002b:0000000000000011 EFLAGS: 00010246 [ 333.203466][ T8274] RAX: 0000000000000000 RBX: 00007f1a16816090 RCX: 00007f1a1659c799 [ 333.203484][ T8274] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000100000008 [ 333.203507][ T8274] RBP: 00007f1a16632bd9 R08: 0000000004000006 R09: 0000000000000000 [ 333.203525][ T8274] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.203542][ T8274] R13: 00007f1a16816128 R14: 00007f1a16816090 R15: 00007fff3cc90b68 [ 333.203564][ T8274] ? 0xffffffff81000000 [ 333.203588][ T8274] [ 334.681802][ T8274] debug_locks && !(lock_is_held(&(__rq_lockp(rq))->dep_map) != 0) [ 334.681837][ T8274] WARNING: kernel/sched/sched.h:1600 at update_rq_clock+0x40a/0xd20, CPU#0: syz.1.427/8274 [ 334.699686][ T8274] Modules linked in: [ 334.703620][ T8274] CPU: 0 UID: 0 PID: 8274 Comm: syz.1.427 Tainted: G L syzkaller #0 PREEMPT(full) [ 334.714463][ T8274] Tainted: [L]=SOFTLOCKUP [ 334.718888][ T8274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 334.728985][ T8274] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 334.734793][ T8274] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 18 9f ba 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 334.754802][ T8274] RSP: 0018:ffffc90004846ea0 EFLAGS: 00010046 [ 334.761980][ T8274] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001 [ 334.770180][ T8274] RDX: 0000000000000046 RSI: ffffffff8de558ca RDI: ffffffff8c1af620 [ 334.779745][ T8274] RBP: ffffc90004847048 R08: 0000000000000001 R09: 0000000000000001 [ 334.787866][ T8274] R10: ffffffff90d9b217 R11: 0000000000000000 R12: ffffffff90d9e5e4 [ 334.795888][ T8274] R13: ffff8880b853c0c0 R14: ffff88801e6e9e80 R15: ffff8880b853b280 [ 334.804088][ T8274] FS: 0000000000000000(0000) GS:ffff88812434e000(0000) knlGS:0000000000000000 [ 334.813070][ T8274] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 334.819690][ T8274] CR2: 00007f1a13f8eff8 CR3: 000000002aeb4000 CR4: 00000000003526f0 [ 334.827698][ T8274] Call Trace: [ 334.831006][ T8274] [ 334.833968][ T8274] __schedule+0x1b7d/0x6120 [ 334.838531][ T8274] ? __pfx___schedule+0x10/0x10 [ 334.843597][ T8274] ? mark_held_locks+0x40/0x70 [ 334.848416][ T8274] preempt_schedule_irq+0x50/0x90 [ 334.853505][ T8274] irqentry_exit+0x17b/0x670 [ 334.858150][ T8274] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 334.863654][ T8274] RIP: 0010:__kasan_check_write+0x0/0x20 [ 334.869345][ T8274] Code: 0c 24 89 f6 31 d2 e9 0f f3 ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 0c 24 89 f6 ba 01 00 00 00 e9 dc f2 ff ff 66 66 [ 334.889000][ T8274] RSP: 0018:ffffc90004847150 EFLAGS: 00000293 [ 334.895104][ T8274] RAX: 0000000000000000 RBX: ffffea0001023840 RCX: ffffffff8245cb40 [ 334.903110][ T8274] RDX: ffff88802c1e3d00 RSI: 0000000000000004 RDI: ffffea0001023874 [ 334.911121][ T8274] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000004 [ 334.919128][ T8274] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc90004847298 [ 334.927135][ T8274] R13: dffffc0000000000 R14: ffffc90004847328 R15: ffffc90004847350 [ 334.935145][ T8274] ? folios_put_refs+0x1c0/0x840 [ 334.940146][ T8274] folios_put_refs+0x1e0/0x840 [ 334.944967][ T8274] ? __pfx_folios_put_refs+0x10/0x10 [ 334.950314][ T8274] ? free_swap_cache+0x3b/0x490 [ 334.955215][ T8274] free_pages_and_swap_cache+0x242/0x480 [ 334.960900][ T8274] ? __pfx_free_pages_and_swap_cache+0x10/0x10 [ 334.967121][ T8274] ? __pfx_should_flush_tlb+0x10/0x10 [ 334.972547][ T8274] ? __pfx_flush_tlb_func+0x10/0x10 [ 334.977833][ T8274] ? __pfx___might_resched+0x10/0x10 [ 334.983182][ T8274] __tlb_batch_free_encoded_pages+0xe9/0x280 [ 334.989288][ T8274] tlb_flush_mmu+0xe9/0x590 [ 334.993842][ T8274] unmap_page_range+0x2333/0x4840 [ 334.998926][ T8274] ? __pfx_unmap_page_range+0x10/0x10 [ 335.004346][ T8274] ? mas_next_slot+0x1003/0x18b0 [ 335.009335][ T8274] ? uprobe_munmap+0x9e/0x700 [ 335.014068][ T8274] unmap_single_vma+0x153/0x240 [ 335.018961][ T8274] unmap_vmas+0x295/0x590 [ 335.023339][ T8274] ? __pfx_unmap_vmas+0x10/0x10 [ 335.028247][ T8274] exit_mmap+0x1ef/0xa30 [ 335.032539][ T8274] ? __pfx_exit_mmap+0x10/0x10 [ 335.037348][ T8274] ? trace_contention_end+0x140/0x180 [ 335.042810][ T8274] ? uprobe_clear_state+0x5f/0x360 [ 335.047977][ T8274] ? uprobe_clear_state+0x5f/0x360 [ 335.053175][ T8274] ? __lock_acquire+0x4a5/0x2630 [ 335.058170][ T8274] ? arch_uprobe_clear_state+0x107/0x150 [ 335.063879][ T8274] __mmput+0x12a/0x410 [ 335.068510][ T8274] mmput+0x67/0x80 [ 335.072274][ T8274] do_exit+0x78a/0x2aa0 [ 335.076569][ T8274] ? __pfx_do_exit+0x10/0x10 [ 335.081235][ T8274] ? __pfx_proc_coredump_connector+0x10/0x10 [ 335.087292][ T8274] do_group_exit+0xd5/0x2a0 [ 335.091867][ T8274] get_signal+0x1ec7/0x21e0 [ 335.096441][ T8274] ? __pfx_get_signal+0x10/0x10 [ 335.101442][ T8274] arch_do_signal_or_restart+0x91/0x770 [ 335.107040][ T8274] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 335.113245][ T8274] ? do_user_addr_fault+0x8d6/0x12f0 [ 335.118719][ T8274] irqentry_exit+0x1f8/0x670 [ 335.123372][ T8274] asm_exc_page_fault+0x26/0x30 [ 335.128310][ T8274] RIP: 0033:0x4021000 [ 335.132334][ T8274] Code: Unable to access opcode bytes at 0x4020fd6. [ 335.138952][ T8274] RSP: 002b:0000000000000011 EFLAGS: 00010246 [ 335.145059][ T8274] RAX: 0000000000000000 RBX: 00007f1a16816090 RCX: 00007f1a1659c799 [ 335.153636][ T8274] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000100000008 [ 335.161750][ T8274] RBP: 00007f1a16632bd9 R08: 0000000004000006 R09: 0000000000000000 [ 335.169759][ T8274] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.177946][ T8274] R13: 00007f1a16816128 R14: 00007f1a16816090 R15: 00007fff3cc90b68 [ 335.185960][ T8274] ? 0xffffffff81000000 [ 335.190199][ T8274] [ 335.193287][ T8274] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 335.200607][ T8274] CPU: 0 UID: 0 PID: 8274 Comm: syz.1.427 Tainted: G L syzkaller #0 PREEMPT(full) [ 335.211444][ T8274] Tainted: [L]=SOFTLOCKUP [ 335.215886][ T8274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 335.226081][ T8274] Call Trace: [ 335.229395][ T8274] [ 335.232360][ T8274] dump_stack_lvl+0x100/0x190 [ 335.237115][ T8274] vpanic+0x552/0x970 [ 335.241230][ T8274] ? __pfx_vpanic+0x10/0x10 [ 335.245799][ T8274] ? lock_release+0x263/0x320 [ 335.250536][ T8274] panic+0xd1/0xe0 [ 335.254315][ T8274] ? __pfx_panic+0x10/0x10 [ 335.258777][ T8274] ? check_panic_on_warn+0x1f/0x90 [ 335.264049][ T8274] check_panic_on_warn.cold+0x19/0x34 [ 335.269476][ T8274] ? update_rq_clock+0x40a/0xd20 [ 335.274578][ T8274] __warn.cold+0x191/0x348 [ 335.279303][ T8274] __report_bug+0x296/0x3d0 [ 335.283967][ T8274] ? update_rq_clock+0x40a/0xd20 [ 335.288957][ T8274] ? __pfx___report_bug+0x10/0x10 [ 335.294028][ T8274] ? unwind_next_frame+0x3c8/0x1ea0 [ 335.299284][ T8274] ? do_group_exit+0xd5/0x2a0 [ 335.304021][ T8274] ? get_signal+0x1ec7/0x21e0 [ 335.316143][ T8274] ? update_rq_clock+0x40a/0xd20 [ 335.321183][ T8274] report_bug+0xb2/0x220 [ 335.325478][ T8274] ? update_rq_clock+0x40a/0xd20 [ 335.330451][ T8274] handle_bug+0x16a/0x2a0 [ 335.334847][ T8274] exc_invalid_op+0x17/0x50 [ 335.339406][ T8274] asm_exc_invalid_op+0x1a/0x20 [ 335.344304][ T8274] RIP: 0010:update_rq_clock+0x40a/0xd20 [ 335.349896][ T8274] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f e9 18 9f ba 09 a8 04 0f 84 df fc ff ff 90 0f 0b 90 e9 d6 fc ff ff 90 <0f> 0b 90 e9 92 fc ff ff 4c 8d 83 40 0b 00 00 48 b8 00 00 00 00 00 [ 335.369548][ T8274] RSP: 0018:ffffc90004846ea0 EFLAGS: 00010046 [ 335.375658][ T8274] RAX: 0000000000000000 RBX: ffff8880b853b280 RCX: 0000000000000001 [ 335.383664][ T8274] RDX: 0000000000000046 RSI: ffffffff8de558ca RDI: ffffffff8c1af620 [ 335.391674][ T8274] RBP: ffffc90004847048 R08: 0000000000000001 R09: 0000000000000001 [ 335.399766][ T8274] R10: ffffffff90d9b217 R11: 0000000000000000 R12: ffffffff90d9e5e4 [ 335.407864][ T8274] R13: ffff8880b853c0c0 R14: ffff88801e6e9e80 R15: ffff8880b853b280 [ 335.415917][ T8274] __schedule+0x1b7d/0x6120 [ 335.420486][ T8274] ? __pfx___schedule+0x10/0x10 [ 335.425409][ T8274] ? mark_held_locks+0x40/0x70 [ 335.430229][ T8274] preempt_schedule_irq+0x50/0x90 [ 335.435306][ T8274] irqentry_exit+0x17b/0x670 [ 335.439941][ T8274] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 335.445476][ T8274] RIP: 0010:__kasan_check_write+0x0/0x20 [ 335.451192][ T8274] Code: 0c 24 89 f6 31 d2 e9 0f f3 ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 8b 0c 24 89 f6 ba 01 00 00 00 e9 dc f2 ff ff 66 66 [ 335.470925][ T8274] RSP: 0018:ffffc90004847150 EFLAGS: 00000293 [ 335.477124][ T8274] RAX: 0000000000000000 RBX: ffffea0001023840 RCX: ffffffff8245cb40 [ 335.485306][ T8274] RDX: ffff88802c1e3d00 RSI: 0000000000000004 RDI: ffffea0001023874 [ 335.493401][ T8274] RBP: 0000000000000004 R08: 0000000000000005 R09: 0000000000000004 [ 335.501626][ T8274] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc90004847298 [ 335.509638][ T8274] R13: dffffc0000000000 R14: ffffc90004847328 R15: ffffc90004847350 [ 335.517650][ T8274] ? folios_put_refs+0x1c0/0x840 [ 335.522653][ T8274] folios_put_refs+0x1e0/0x840 [ 335.527471][ T8274] ? __pfx_folios_put_refs+0x10/0x10 [ 335.532818][ T8274] ? free_swap_cache+0x3b/0x490 [ 335.537720][ T8274] free_pages_and_swap_cache+0x242/0x480 [ 335.543403][ T8274] ? __pfx_free_pages_and_swap_cache+0x10/0x10 [ 335.549623][ T8274] ? __pfx_should_flush_tlb+0x10/0x10 [ 335.555564][ T8274] ? __pfx_flush_tlb_func+0x10/0x10 [ 335.560828][ T8274] ? __pfx___might_resched+0x10/0x10 [ 335.566179][ T8274] __tlb_batch_free_encoded_pages+0xe9/0x280 [ 335.572216][ T8274] tlb_flush_mmu+0xe9/0x590 [ 335.576787][ T8274] unmap_page_range+0x2333/0x4840 [ 335.581874][ T8274] ? __pfx_unmap_page_range+0x10/0x10 [ 335.587312][ T8274] ? mas_next_slot+0x1003/0x18b0 [ 335.592327][ T8274] ? uprobe_munmap+0x9e/0x700 [ 335.597061][ T8274] unmap_single_vma+0x153/0x240 [ 335.602075][ T8274] unmap_vmas+0x295/0x590 [ 335.606447][ T8274] ? __pfx_unmap_vmas+0x10/0x10 [ 335.611348][ T8274] exit_mmap+0x1ef/0xa30 [ 335.615656][ T8274] ? __pfx_exit_mmap+0x10/0x10 [ 335.620469][ T8274] ? trace_contention_end+0x140/0x180 [ 335.625897][ T8274] ? uprobe_clear_state+0x5f/0x360 [ 335.631519][ T8274] ? uprobe_clear_state+0x5f/0x360 [ 335.636717][ T8274] ? __lock_acquire+0x4a5/0x2630 [ 335.641720][ T8274] ? arch_uprobe_clear_state+0x107/0x150 [ 335.647442][ T8274] __mmput+0x12a/0x410 [ 335.651560][ T8274] mmput+0x67/0x80 [ 335.655353][ T8274] do_exit+0x78a/0x2aa0 [ 335.659589][ T8274] ? __pfx_do_exit+0x10/0x10 [ 335.664234][ T8274] ? __pfx_proc_coredump_connector+0x10/0x10 [ 335.670300][ T8274] do_group_exit+0xd5/0x2a0 [ 335.674861][ T8274] get_signal+0x1ec7/0x21e0 [ 335.679432][ T8274] ? __pfx_get_signal+0x10/0x10 [ 335.684335][ T8274] arch_do_signal_or_restart+0x91/0x770 [ 335.689937][ T8274] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 335.696157][ T8274] ? do_user_addr_fault+0x8d6/0x12f0 [ 335.701604][ T8274] irqentry_exit+0x1f8/0x670 [ 335.706498][ T8274] asm_exc_page_fault+0x26/0x30 [ 335.711392][ T8274] RIP: 0033:0x4021000 [ 335.715407][ T8274] Code: Unable to access opcode bytes at 0x4020fd6. [ 335.722018][ T8274] RSP: 002b:0000000000000011 EFLAGS: 00010246 [ 335.728128][ T8274] RAX: 0000000000000000 RBX: 00007f1a16816090 RCX: 00007f1a1659c799 [ 335.736139][ T8274] RDX: 9999999999999999 RSI: 0000000000000009 RDI: 0000000100000008 [ 335.744146][ T8274] RBP: 00007f1a16632bd9 R08: 0000000004000006 R09: 0000000000000000 [ 335.752258][ T8274] R10: ffffffff81000000 R11: 0000000000000246 R12: 0000000000000000 [ 335.760265][ T8274] R13: 00007f1a16816128 R14: 00007f1a16816090 R15: 00007fff3cc90b68 [ 335.768373][ T8274] ? 0xffffffff81000000 [ 335.772576][ T8274] [ 335.776147][ T8274] Kernel Offset: disabled [ 335.780517][ T8274] Rebooting in 86400 seconds..