last executing test programs: 4m53.337506739s ago: executing program 2 (id=1087): socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0x80000e9e, 0x1, 0xd, 0xfffffffffffffff9, 0x100000000, 0x2c2, 0x800002017d, 0x4, 0x8, 0x7, 0xfffffffffffffffd, 0xfb, 0xff, 0x21, 0x100000005]}, 0x0, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x20040810}, 0x4000000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_gen_netlink(0x0, 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x40814) prctl$auto(0x51, 0x1, 0x0, 0x40, 0x100000000080000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, 0x0, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) read$auto_usbfs_devices_fops_usb(r2, &(0x7f0000000240)=""/7, 0x7) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/transparent_hugepage/hugepages-2048kB/enabled\x00', 0x22b42, 0x0) sendfile$auto(r3, r3, 0x0, 0x6) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() mlockall$auto(0x5) rt_sigprocmask$auto(0x6, &(0x7f0000000080)={0x6}, 0xffffffffffffffff, 0x8) close_range$auto(0x2, 0x8, 0x0) 4m52.257476142s ago: executing program 2 (id=1091): r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) r2 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/kallsyms\x00', 0x20100, 0x0) pread64$auto(r3, 0x0, 0x8, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TCP_METRICS_CMD_GET(r0, &(0x7f0000000c00)={0x0, 0xfffffffffffffedd, &(0x7f0000000bc0)={&(0x7f0000000040)={0x14, r2, 0x4, 0x70bd2d, 0x25dfd3f9}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) io_setup$auto(0x1, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpagecgroup\x00', 0x60400, 0x0) openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, 0x0, 0x40102, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x8000000000000eb1, 0x401, 0x108000) r5 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x40, 0x0) ioctl$auto_TUNGETIFF(r5, 0x800454d2, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r6 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r4) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000140)={'pim6reg\x00'}) read$auto_uprobe_events_ops_trace_uprobe(r6, 0x0, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000200)={{0x0, 0x200000, 0x0, 0x2, 0x0, 0x7, 0xa505}, 0x2800}, 0x7, 0x8) close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000005800), 0xffffffffffffffff) 4m51.114559018s ago: executing program 2 (id=1095): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) rt_sigqueueinfo$auto(0x0, 0x8, &(0x7f0000000240)={@siginfo_0_0={0x8001, 0x7fff, 0xfffffff7, @_rt={0x0, 0xffffffffffffffff, @sival_ptr=0x0}}}) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d190eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eaf240963110d61771552c03de65800", 0x2}) select$auto(0x2, &(0x7f0000000040)={[0xfffffffffffffffd, 0x9, 0xfffffffffffffe00, 0x5, 0x1, 0x100000000, 0x400, 0x330c, 0x6, 0x4, 0xffffffffffffffff, 0x37e1, 0x1, 0x5, 0x2, 0x6]}, &(0x7f00000000c0)={[0x56, 0x3, 0xeb2, 0xa, 0x10, 0x1, 0x1, 0x4, 0x5, 0x3, 0x6, 0x0, 0x8, 0xc, 0x5]}, &(0x7f0000000140)={[0x7, 0xf, 0xffffffffffffffff, 0x8, 0x40000000, 0x8, 0x62d, 0x2, 0x7, 0x5, 0x2, 0x7fffffff, 0x200, 0x2962879c, 0xcf9]}, &(0x7f00000001c0)={0x80000000, 0x7}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) io_uring_setup$auto(0xa, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dri/renderD128\x00', 0x200000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mremap$auto(0x110c230000, 0x0, 0x101, 0x3, 0x0) setresuid$auto(0xffffffff, 0x7, 0x3) mremap$auto(0x0, 0x2, 0x72c6, 0x0, 0xfff) r1 = socket(0xa, 0x801, 0x84) getsockopt$auto(r1, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x26efe254) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 4m50.904931273s ago: executing program 2 (id=1096): epoll_pwait2$auto(0xffffffffffffffff, 0x0, 0x8, 0x0, 0xfffffffffffffffe, 0x8) openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, 0x0, 0x12900, 0x0) mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) socketpair$auto(0xffffffff, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b52, 0x1) 4m50.731690426s ago: executing program 2 (id=1099): r0 = socket(0xa, 0x2, 0x0) setsockopt$auto(r0, 0x29, 0x37, &(0x7f00000002c0)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) getdents$auto(r0, &(0x7f0000000100)={0x118c, 0x9, 0x2, "9e0dc28f781d9c4d42d16dacdb607d38f0da591a884e2d9012dc7fe1dee42a03236bc1431ac0ea8e65c073e16f78c6d63d99f67403967581ca4ac8528065df23b0ba2410bfc9408224672a7b1e9101057f207224976e7cd807db8650752bb717c8eff7eab2397277d14d44a513bea40ab181e398396c6b3637bfec5ff754e655d6292e41829b7bbe6a3df21cc632425317ecf7d567532cf33c2263b60f26299a24eaa4b463a755b8659c36c91abb152ed234dfa15a4f9531a312ed04b26b363f4450bbae8e691def0bd70729e0e04d"}, 0x7) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) r4 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000040), 0x187282, 0x0) ioctl$auto_UBI_IOCATT(r4, 0x40186f40, &(0x7f0000000080)={0x1f, 0x0, 0xfffffff8, 0x9, 0x5, 0xbb}) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x4) fallocate$auto(0x3, 0x8, 0x200000000000b, 0x9) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fbdbdf255d33000008000300", @ANYRES32=r3], 0x24}, 0x1, 0x0, 0x0, 0x20040810}, 0x20000084) sendmsg$auto_NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="100028bd702fae3c65748cf01f96349557000300000004008c000400d800"], 0x24}, 0x1, 0x0, 0x0, 0x20004010}, 0x40891) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x400000000000003, 0x29, 0x6, 0x0, 0x3) 4m50.564739629s ago: executing program 2 (id=1102): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r0, 0x104000000000010e, 0xb, 0x0, 0x400) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r0) sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000acb5f98aed022e38ad12443d054bcfe0845b7f8d19425a90ac9c10569bef8fe99e48da878e634927b6b3dd118412835e7536b44c2b29e640d34518c645212fe9d83e37aac946a324ba97e0d959884676a473ff378e1d1fa58a8a12727c3c6b94f678c1341d3bc70bc2724553a897866bc4a15f7d1135e959cae583eec3be2f65558f966fac818dd1021080305e", @ANYRES16=r1, @ANYBLOB="010029bd7000fddbdf2507000000"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x24004840) mmap$auto(0x4, 0x400008, 0x8, 0x935, r0, 0x8004) write$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000200)="2669796bc44548b2adab7f57f4ea3748d7fd362831337addb3d9a827f2bfaee67bb5e95cd9cf2a2ccdfbb3d2135ff9fd47efb51d9aae76773856618884f8148555fd0f97060fbb50ff8c4df057f8ddf6030d03fafd612d6e5ce630f072fb247639ed9866df48ab052b7c1fbe2e8c279fb91913d2729b80245a2120626914a53b463e849cdd744e07defe0af4e388a6bbfbdc466911c6bd0128012d21aa", 0x9d) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) move_pages$auto(0x1, 0x400000000f54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) socket(0xa, 0x1, 0x84) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) futex_requeue$auto(0x0, 0x9, 0x5, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x51) statmount$auto(0x0, 0x0, 0x1fe, 0x10081) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) write$auto(0xffffffffffffffff, 0x0, 0x80) 4m35.530053842s ago: executing program 32 (id=1102): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r0, 0x104000000000010e, 0xb, 0x0, 0x400) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r0) sendmsg$auto_ETHTOOL_MSG_DEBUG_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000acb5f98aed022e38ad12443d054bcfe0845b7f8d19425a90ac9c10569bef8fe99e48da878e634927b6b3dd118412835e7536b44c2b29e640d34518c645212fe9d83e37aac946a324ba97e0d959884676a473ff378e1d1fa58a8a12727c3c6b94f678c1341d3bc70bc2724553a897866bc4a15f7d1135e959cae583eec3be2f65558f966fac818dd1021080305e", @ANYRES16=r1, @ANYBLOB="010029bd7000fddbdf2507000000"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x24004840) mmap$auto(0x4, 0x400008, 0x8, 0x935, r0, 0x8004) write$auto_proc_iter_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000200)="2669796bc44548b2adab7f57f4ea3748d7fd362831337addb3d9a827f2bfaee67bb5e95cd9cf2a2ccdfbb3d2135ff9fd47efb51d9aae76773856618884f8148555fd0f97060fbb50ff8c4df057f8ddf6030d03fafd612d6e5ce630f072fb247639ed9866df48ab052b7c1fbe2e8c279fb91913d2729b80245a2120626914a53b463e849cdd744e07defe0af4e388a6bbfbdc466911c6bd0128012d21aa", 0x9d) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x801, 0x84) move_pages$auto(0x1, 0x400000000f54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) ftruncate$auto(0x3, 0x700) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x85, 0x0, 0x90) socket(0xa, 0x1, 0x84) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) futex_requeue$auto(0x0, 0x9, 0x5, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, 0x0, 0x51) statmount$auto(0x0, 0x0, 0x1fe, 0x10081) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) write$auto(0xffffffffffffffff, 0x0, 0x80) 5.554656032s ago: executing program 0 (id=2418): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) mmap$auto(0x0, 0x40000c, 0x45bd, 0x9b72, 0x2, 0x8000) r0 = epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_marker_raw\x00', 0x401, 0x0) write$auto(0x3, 0x0, 0x5c8) statmount$auto(0x0, &(0x7f0000000180)={0x770, 0xfffffffe, 0x8, 0x4, 0x4005, 0x0, 0x3ffde, 0x400, 0x3, 0x9, 0x6, 0x6, 0x4, 0x11ffffffffffb, 0xb2, 0x2, 0x6, 0x10, 0x80, 0x800000029f, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x4, 0x0, 0x0, 0x0, 0x0, [0x2, 0x6, 0x0, 0x4, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7fffffff, 0xfffffffffffffffb, 0x0, 0x9, 0x2000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x20000000000000, 0x0, 0x1000000000000200, 0x0, 0x400, 0x96, 0x9, 0x4, 0xe17, 0x0, 0x6]}, 0x1fe, 0x1) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0) writev$auto(r0, &(0x7f0000000100)={&(0x7f00000000c0)="d2784339a8a16fb9526347efa76ac7fad5255421ebcc7ed0e6b570240df16bf29d8989a5b39272cbf8", 0x80000000}, 0x9) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x480001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r2, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timerfd_gettime$auto(0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x19, 0xffffffffffffffff, 0x28000) madvise$auto(0x0, 0x2003f0, 0x15) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd03, &(0x7f00000001c0)) socket(0x2, 0x1, 0x106) getsockopt$auto(r0, 0xfffffff4, 0x100004, 0xfffffffffffffffe, 0xfffffffffffffffd) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x41) 4.90920926s ago: executing program 1 (id=2421): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) gettid() set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) r0 = socket(0xf, 0x5, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0xffff}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000018c0)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001880)={&(0x7f0000001940)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000401000000ffdbdf25090000000a000800d63d89b97520000008003a00000000007b806e767f79b93179a625778d495fdae8026a88992521e04facde48d111291d156b3a65529c7a46be6ce23a1ee49c20f7c657909501359b0f0498a1a9562042788cd7c4f1ae8cbd12fee6974149baebd68d660efe4735db13723a44a07ea4fb97250e771eb412fb0f7c3c280b74c4ef8524ab41ff708c77ca7a130740fc04c8a51eb58c35d0070a8abf1c3244e91d86c64d33a54641c4af6190aa75b3571f77d4e33f42a494874889ac2ddb1a8bf657b8186291d47b9932128cc4fbb5e53fd7f254c5ec64dd2332a39b5e155e3def79edf4479f4d88e2eb6644bb5e263dd14a7b697ca3d7c86cbe9566b6fd9cfaf85aa255e33524cc64907234fef18c06a50e8e56fbe59be37fda012e34c735dc14a328dca31660bf9c6aa85343c96f2b96d835d4d4d61a482d1a82ba126047178bda3c387ab85ef45e77a05bd8624cdd6365b1683d02ca571c6873a498d8d61af141a60a0e"], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x200400c0) openat$auto_msft_opcode_fops_(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/bluetooth/hci4/msft_opcode\x00', 0x2, 0x0) openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f00000003c0), 0x1001, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000340), r3) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000017c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYRES64=r0, @ANYRESDEC=r2, @ANYRESDEC=r1], 0x13d0}, 0x1, 0x0, 0x0, 0x4000}, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r5 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000440)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7fe}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) 3.895970332s ago: executing program 3 (id=2423): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, 0x0, 0x21) connect$auto(0x3, 0x0, 0x54) mmap$auto(0x0, 0x400008, 0xdf, 0x9b7f, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0) ioprio_set$auto(0x2, 0x800000000, 0x8) read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000100)=""/92, 0x5c) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) sendmsg$auto_NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="810b25bd7000ffdbdf251100000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="98200000edd01987167d38dd9d3d64cde5dec3a7d963ff33829f0200c0dfef8dd92f8aa0d53faa971d5d378265e91ef90bcfb7a8093b022a63f41e590bd9907bd37782077881ad2c410000000000", @ANYRES16=r1, @ANYBLOB="000329bd7000ffdbdf254c0000000800ef00050000000e004e01464f331a451ec8cc768700001e002400e574fe8a8ae4a0667f951e6f2b65936c44c7d6f5300b941fd922000006009c0011ac000044004901324555e6ca7432bd98ad1b202633efbdd1fb06810292c837b89bb5ad85737b3cd4d3617b8e596a92e267fd9706d2a3dcb55115854ef4807b160252df2a4e7a4b"], 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x80c0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r5 = socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'vlan0\x00'}) 3.789681305s ago: executing program 1 (id=2425): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) getcwd$auto(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x10000000084, 0x2, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0xa, 0x100073) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @local}, 0x6a) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r1 = socket(0x11, 0x2, 0x300) sendfile$auto(0x1, r1, 0x0, 0x8fb5) unshare$auto(0x4) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020007, 0x2, 0xebd, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, r1, 0x0) 3.707000117s ago: executing program 0 (id=2426): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) gettid() set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) r0 = socket(0xf, 0x5, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0xffff}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000018c0)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001880)={&(0x7f0000001940)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000401000000ffdbdf25090000000a000800d63d89b97520000008003a00000000007b806e767f79b93179a625778d495fdae8026a88992521e04facde48d111291d156b3a65529c7a46be6ce23a1ee49c20f7c657909501359b0f0498a1a9562042788cd7c4f1ae8cbd12fee6974149baebd68d660efe4735db13723a44a07ea4fb97250e771eb412fb0f7c3c280b74c4ef8524ab41ff708c77ca7a130740fc04c8a51eb58c35d0070a8abf1c3244e91d86c64d33a54641c4af6190aa75b3571f77d4e33f42a494874889ac2ddb1a8bf657b8186291d47b9932128cc4fbb5e53fd7f254c5ec64dd2332a39b5e155e3def79edf4479f4d88e2eb6644bb5e263dd14a7b697ca3d7c86cbe9566b6fd9cfaf85aa255e33524cc64907234fef18c06a50e8e56fbe59be37fda012e34c735dc14a328dca31660bf9c6aa85343c96f2b96d835d4d4d61a482d1a82ba126047178bda3c387ab85ef45e77a05bd8624cdd6365b1683d02ca571c6873a498d8d61af141a60a0e"], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x200400c0) openat$auto_msft_opcode_fops_(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/bluetooth/hci4/msft_opcode\x00', 0x2, 0x0) openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f00000003c0), 0x1001, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000340), r3) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000017c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYRES64=r0, @ANYRESDEC=r2, @ANYRESDEC=r1], 0x13d0}, 0x1, 0x0, 0x0, 0x4000}, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r5 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000440)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7fe}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 3.556532461s ago: executing program 3 (id=2427): r0 = socket(0x2, 0x1, 0x84) setsockopt$auto(r0, 0x84, 0x21, &(0x7f0000000180)='$+l\x00', 0xd4) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x3, 0x0, 0x0, @u32=0x2000}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x800) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5) futex$auto(&(0x7f0000000080)=0x89, 0x5, 0x9, 0x0, &(0x7f0000000000)=0x4, 0x1bc) mmap$auto(0x0, 0xdf33, 0xe2, 0xeb1, 0x405, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r3, 0x560a, 0x7) 2.92410756s ago: executing program 4 (id=2429): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x21, 0x1, 0x2) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) rt_sigprocmask$auto_SIG_UNBLOCK(0x1, &(0x7f0000000000)={0x2}, 0x0, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000080), r0) r2 = setfsuid$auto(0xee00) setreuid$auto(r2, 0x0) r3 = waitid$auto_P_PID(0x1, 0x0, &(0x7f0000000180)={@_si_pad}, 0xf, &(0x7f0000000200)={{0xe7, 0xfffffffffffffff8}, {0x0, 0x1}, 0x3ff, 0x4, 0x607, 0xf6e1, 0xff00000000000, 0x7, 0xcef, 0x2, 0x7, 0x1000, 0x2, 0x25, 0x7, 0x5}) r4 = set_tid_address$auto(&(0x7f00000000c0)=0xf307) r5 = setfsuid$auto(0xee00) setreuid$auto(r5, 0x0) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_GET(r0, &(0x7f0000000740)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000700)={&(0x7f00000002c0)={0x43c, r1, 0x800, 0x70bd2a, 0x25dfdbfd, {}, [@THERMAL_GENL_ATTR_TZ={0x1d8, 0x1, 0x0, 0x1, [@nested={0xde, 0x120, 0x0, 0x1, [@typed={0x6, 0x18, 0x0, 0x0, @str='%\x00'}, @generic="542719130d8608bb3ff08bfff392138f74065aa6e334df07434b5d3bf4f87829cd2fa1a686f80538bbe335f06cc18a97947bb56a143c631440686d9f211a3326b7c636ef6a31bf4481a66b0385397fabcfd64b13aae512463df470e35533f72a0bdd0ab397b5ffcde57f481ba9141716ac5dbec149", @generic="66af80eb3af8e908c971cc688b63e0988ea4ec9ce84e5f053c29fbaec05a9db4b0a714f79f490757718455a28e192418c0ec3287fc7b154059049905f548d2af82f6adbfa40a74799f", @nested={0x4, 0xbe}, @typed={0x9, 0x7f, 0x0, 0x0, @str='\\$%!\x00'}, @nested={0x4, 0xd0}]}, @typed={0x8, 0x5, 0x0, 0x0, @uid=r2}, @generic="895d0c8917a174c5c5e1adea07310f763fde2db54476dd5f62cfb654c9925a5dfc2f533aa486d5df735a41bd5a1af83daa2a8e6e05ec11ad16b2a9b62c2789a28311451f9959443eb95dab41cf52533bfc46912f3483c0773b8fc5d2643e8eaf8b323a2d512dcad34f34b9afaeef0bf75ffd109e4a8ecfe170117fe213498ab3ce3c4c88d2e5fd212532b12347fd65111322f2f468ab62c4c7c8298e933c02df535bcdebc1d94bad6e42385ec5ac61c028ee701092f5ae6d04f01b6d7f95610b081309db7f4944", @generic="72203be8aa068945e2855d200970af0bbb4be98465541e9cd022612b446c559167f08602d9"]}, @THERMAL_GENL_ATTR_TZ_TRIP_TYPE={0x8, 0x6, 0x3}, @THERMAL_GENL_ATTR_CPU_CAPABILITY={0x78, 0x14, 0x0, 0x1, [@nested={0x72, 0x32, 0x0, 0x1, [@typed={0x4, 0x9e}, @generic="44f53381b59150e4b8d8c3b09567da364ea6111ab278c68339eb7ddee925815ee4e7436db931c3c4e54ee953c4d5a0508553c2516bfc6655dea236091ba22480bda67fb391700af79307d5eeaba3b6b5c39d166ab4df17c3804d149778262011c32ebaaf51da", @nested={0x4, 0x14e}]}]}, @THERMAL_GENL_ATTR_CDEV={0x1a0, 0xe, 0x0, 0x1, [@nested={0x15d, 0x121, 0x0, 0x1, [@generic="f5f4c2592dbfc6110502f24a78267e653f369d7eb296f464cbece3b9d7", @generic="6e6586048a97c5cc91900697c4fbbf55af3ce96c89207c6bff4e581985f6b2de15dc2349ec7e89596929825c52f4c579806e0e3e752a43445e3a0142ab0828a155756a1199d85f6abe134eb476e365f4b1d68c5de2aad53fb9c1e4c92063f0306a97e67d6f9640ffe7597d3cbe2e8d616a616e705ee91dd7257291535aad7e2b17ca74dd2ee9de48d9c145c3bc14d016cd9d4c97e652521d567a80bf514ed3c581293385c36167b9d87ee068052ea8aeb1c308afe924494b4ccc0b05866b1867a9c412dc4717baf29b6d58997a528188d4a78e8446b3", @generic="d9ff33f1d325939a91621d59a68a7ae615d19c300453a46f492fbea0bfeffa95c5792dda3df8e3a3cee629b1ecc3459296c032ed9044dac6795de5029a36105a617176a843ddd39f39f0b8a9d5a8", @nested={0x4, 0x6}, @typed={0x4, 0x31}, @typed={0x8, 0x46, 0x0, 0x0, @uid=0xffffffffffffffff}, @typed={0x8, 0xc, 0x0, 0x0, @pid=r3}]}, @nested={0x2c, 0xfd, 0x0, 0x1, [@nested={0x4, 0x12d}, @typed={0x8, 0x62, 0x0, 0x0, @fd=r0}, @typed={0x8, 0x94, 0x0, 0x0, @pid=r4}, @typed={0x14, 0x5b, 0x0, 0x0, @ipv6=@mcast2}]}, @typed={0x8, 0x80, 0x0, 0x0, @u32=0x3}, @typed={0x8, 0xa4, 0x0, 0x0, @uid=r5}]}, @THERMAL_GENL_ATTR_CDEV_MAX_STATE={0x8, 0x11, 0xc}, @THERMAL_GENL_ATTR_CDEV_MAX_STATE={0x8, 0x11, 0x40000000}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_EFFICIENCY={0x8, 0x17, 0x8}, @THERMAL_GENL_ATTR_TZ_MODE={0x8, 0x9, 0x2}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_ID={0x8, 0x15, 0xb78c}, @THERMAL_GENL_ATTR_CPU_CAPABILITY_PERFORMANCE={0x8, 0x16, 0x7}]}, 0x43c}, 0x1, 0x0, 0x0, 0x8050}, 0x20040000) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000000)=ANY=[@ANYBLOB="a3000000", @ANYRES16=0x0, @ANYBLOB="47582bbd"], 0x44}}, 0x4044000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) socket(0x10, 0x2, 0x4) madvise$auto(0x0, 0x5, 0x15) mprotect$auto(0x0, 0x806121, 0x8) 2.915105327s ago: executing program 1 (id=2430): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) gettid() set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) r0 = socket(0xf, 0x5, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0xffff}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000018c0)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001880)={&(0x7f0000001940)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000401000000ffdbdf25090000000a000800d63d89b97520000008003a00000000007b806e767f79b93179a625778d495fdae8026a88992521e04facde48d111291d156b3a65529c7a46be6ce23a1ee49c20f7c657909501359b0f0498a1a9562042788cd7c4f1ae8cbd12fee6974149baebd68d660efe4735db13723a44a07ea4fb97250e771eb412fb0f7c3c280b74c4ef8524ab41ff708c77ca7a130740fc04c8a51eb58c35d0070a8abf1c3244e91d86c64d33a54641c4af6190aa75b3571f77d4e33f42a494874889ac2ddb1a8bf657b8186291d47b9932128cc4fbb5e53fd7f254c5ec64dd2332a39b5e155e3def79edf4479f4d88e2eb6644bb5e263dd14a7b697ca3d7c86cbe9566b6fd9cfaf85aa255e33524cc64907234fef18c06a50e8e56fbe59be37fda012e34c735dc14a328dca31660bf9c6aa85343c96f2b96d835d4d4d61a482d1a82ba126047178bda3c387ab85ef45e77a05bd8624cdd6365b1683d02ca571c6873a498d8d61af141a60a0e"], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x200400c0) openat$auto_msft_opcode_fops_(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/bluetooth/hci4/msft_opcode\x00', 0x2, 0x0) openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f00000003c0), 0x1001, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000340), r3) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000017c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYRES64=r0, @ANYRESDEC=r2, @ANYRESDEC=r1], 0x13d0}, 0x1, 0x0, 0x0, 0x4000}, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r5 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000440)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7fe}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 2.689318337s ago: executing program 4 (id=2431): r0 = socket(0x80000000000000a, 0x2, 0x0) sendto$auto(r0, 0x0, 0x402, 0x101, &(0x7f0000000000)=@generic={0xa, "0183638b0800"}, 0x1c) 2.659338243s ago: executing program 3 (id=2432): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/dummy0/addr_gen_mode\x00', 0x1, 0x0) r0 = socket(0x10, 0x2, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0x9) mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) read$auto_tun_fops_tun(0xffffffffffffffff, 0x0, 0x0) madvise$auto(0x0, 0x600009, 0x19) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) ioctl$auto(r1, 0x4b4e, r1) mmap$auto(0x0, 0x400404, 0xe3, 0x9b72, 0x2, 0x0) madvise$auto(0x110d230000, 0x1, 0x9) r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto(r2, 0x0, 0x80000000006) signalfd$auto(r2, 0x0, 0x8) setsockopt$auto_SO_NO_CHECK(r0, 0xffffffff, 0xb, &(0x7f0000000040)='/dev/tty12\x00', 0xd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) mmap$auto(0x0, 0x9, 0xff7, 0x8000000008012, 0x1000000004, 0x0) ioctl$auto(0xffffffffffffffff, 0x8946, 0x24) fanotify_init$auto(0x0, 0x5) io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x8, 0x1, 0x7654, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x52, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) 2.602677388s ago: executing program 0 (id=2433): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = open(0x0, 0x40000, 0x0) close_range$auto(r0, 0x8000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(0x0, 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r1, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f0000003680)={0x14, r2, 0x32f, 0x70bd2a, 0x25dfdbff, {0x12, 0x0, 0xf0}}, 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x8080) r3 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/numa_maps\x00', 0x701400, 0x0) r4 = setfsuid$auto(0xee00) r5 = setfsuid$auto(0xee01) setresuid$auto(r4, r5, r4) capget$auto(&(0x7f0000000180)={0x5, 0x0}, &(0x7f00000001c0)={0x3, 0x1, 0x7}) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(r0, &(0x7f0000001940)={&(0x7f0000000040), 0xc, &(0x7f0000001900)={&(0x7f0000000200)={0x16fc, r2, 0x2, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x80, 0x6, 0x0, 0x1, [@nested={0x18, 0xf9, 0x0, 0x1, [@typed={0xc, 0x14, 0x0, 0x0, @u64=0x10000}, @nested={0x4, 0xa9}, @nested={0x4, 0x70}]}, @nested={0x63, 0x123, 0x0, 0x1, [@nested={0x4, 0x9f}, @generic="e925203ff7e16f6c4e7b5815c69d4334bce4bf8c52827fb410b05a7d3b39004614a79ff857f96d6bcfa6d3d66977abffb894ac11c2f6cfae49567957807cdf910c2eb62437eeb570717a0e88391363a4254e1465792b654e9b49d5"]}]}, @TIPC_NLA_UNSPEC={0x3b, 0x0, "091a471523da5fc8cc80386c92634c3fd86e216dfc01d2da030d2a1aba162db325b6337fb34d99ee5ade6682132b61f1c876725e6de420"}, @TIPC_NLA_BEARER={0x54, 0x1, 0x0, 0x1, [@typed={0x8, 0xe1, 0x0, 0x0, @fd=r3}, @nested={0x24, 0x24, 0x0, 0x1, [@nested={0x4, 0xce}, @nested={0x4, 0x38}, @typed={0x8, 0x63, 0x0, 0x0, @pid}, @typed={0xd, 0xc5, 0x0, 0x0, @str='*--\'#\xc6$,\x00'}]}, @nested={0x4, 0x8}, @nested={0x20, 0x3e, 0x0, 0x1, [@nested={0x4, 0x19}, @nested={0x4, 0xd3}, @typed={0x14, 0x10, 0x0, 0x0, @ipv6=@private2={0xfc, 0x2, '\x00', 0x1}}]}]}, @TIPC_NLA_MON={0x11df, 0x9, 0x0, 0x1, [@typed={0x8, 0xd8, 0x0, 0x0, @u32=0x1}, @generic="499e62b7ae4b01fc85e432e5c7e9f1fc5d2b716fa5ccc070e00e15485f9d7e23ae4905c5296402c694a53eca3c49418485cc42a062e2da7c01881ed14879474c0327f55e3610832b82d6b441f758df9d078c2e1a547e2502557b15d8a5e7431b821c998a7951df19a1e3f9b76fea6c969771fcfb", @nested={0x4, 0x4a, 0x0, 0x1, [@generic]}, @nested={0x1080, 0x91, 0x0, 0x1, [@generic="5e3ec75e877ed43969b5598c2179de32b9358f66964e996944f333b1b5f4ded66da1e41fd2b4fbd686c44acc5cfd36c0f35383b993041c9912a4b65bac35ab3530a0a26c", @typed={0x1004, 0x9, 0x0, 0x0, @binary="5dc8c948b120f91340b8b1234a14d83beade073607d580082d5642130fd76b7b873aae8e1b4f05113960574ee49d8d57f0f3790d43f071392025f700b51a9144a8bdb8a046b3a5c8f021ac517d0fc539804e52ef9528588dfe3dc8a7ece3baa34367ae901fcfa159f939332d15bbfd56db62c15c6fde86bd2bb749efbde523f31965794d9a095e091d61a93fbd6ba8c8fd5b1bc2ced0b588e457b7612ccc44eb80e65dca037c911698eb912ad61cb7531b056d61197f0d654799e429fc552788edc7ae37ed583b029aaa91166ac5965c999186c3ace8a74ea584d932a3b1a0063b5765ca57ed42e0e37e5297c39c83cbd2a24dd66741792b08b8b0e8f3e245a79c581ff499f2eed94057f7c1d889f10d30e68cd1b5c459e31406ee727f8c2912cfef70a1a97b1ee3b43069595cd1ac0fcad76dc2c7d218d21167a53793e871c58fe11e8e3a30b84668d5f189fc14793eb9a0e014b3e170eb3db9829b097902c2d24906ac17888f108cde8fbb54db1871d31e724e3cb2cdc9b0000a291c7454f7627cd70afad29534082cb4cfd4f0cbeadc0b62d6790c7904d5ddd28a4ed2b308657c7fc90bd396deede71e4c076b968134c26ae397451cf4f9736892b2f4eeffcd625170880edd4375cac56700b0961ee0cd65b6c31c729081bfade6927f9d3b44dcac09e0467221a0849e7a169c6810f0a7edfd3b54e97e39dab55416c798ef02d304def520623e7ed624ddbedfbd8a06db1f7e7b18c62842f6b084e2516823c76576f367045dc3270839a027736b007f70d38f745d76f569797b35b55a076d031e5b2656cbefb2e5b51e00e4c994a7f52f838ba85662b3c03591b8d041a3d70783e99234acf4b0a3eedcccafe1b5eda1da7f0d819890bc66cef19f92c0569fab81ad8e9e42c3072a084feec7aacb44ebdc891afb6c0cb65a002d69e9653574a895aba98a1fd56a25822e4f99140c3356b86c15f26361951cb58f0a2fc10fdae8e2538ab2399e152e2ca07d4eaf4bc9628ebfc14e0ecc08fbbfba824c23a3b0845a1affbf22258ff12aff6a523b489b975f9f7bda95cf567957e6ca465b88e9f64e72f17acd6b816acb048b71cd1bb4f470341d5e0285a9d863002032e567ab51b4120dd6b71a61d2d40c1b4979ad02b44e2923db0f520348003bdd51c87aa657e53a2b7db63e5a73bc103fd13926da0f50f4c368d0f7f86a959e11e3297131ff15241d7e9730a30bb7f66942c24fd3be93549e568e8f09b792605c58d9f484dc117c2989a07b44edcf274e703fd0217719447461b715d56fd03fe3d7386f5a250a6bc44bb3b3748c4b89297e63a4ee1489aa5f8afa0a1223a71d38c99cd6df7d5c64839d8174ed73ac70e3e64733e2f95b308f3c80034f163855bdf2a2a7ae463999ba94e443d535af8e8f73180e80bbe631940b3926fb6dc4b44e3c0643ad181729aa4e7074bc3e98a4ed36dddcbcac60310a3696c164f4d25db6805fcde81746e1bd2c3c46fb749eca00d0c8044879b66bd62949479b217fbb9f9ae7b5f1df61570a6a4e30f287e67b517abad86a4d45e3768066357834291026066a2829ad132feae3ca0f76ce8e725cf0a1b3770c1e939f3544bf7399bb3bd9baaae517393486bca2b451b712f03388d0c4d974f5b0a1f0870095e5be6905dda877acd33fd3409a405069fa8b8dd023ac6bdf658aa995131bae6773aa1d035a6b213bab72fd1bde0b7faaae000074cd1a7e8978b9fd6ae61c2d3edabb644b03a43ce7df64a6e9ced100872d5866271c67bee6938bcf549426a09b9ed5621978f4a88cb716678fbbb3e1a34c7d9c144e62493a9a66842c1b0eb0059072cda2d3af45b8c49f00eae343d5acef909550ac66cb292f77d60730ccf84542ba2f211724747988a293b52af84ed939c620ea0ddae2824d517edc319f39a4aa4a6eb1c2ac02a4cfb8c0365d43ebe89f4338b581f4211e1c99e2318ded6974e7d9cfafa542584c052b1e2b6a574fa69247a6d6855368ad9a65635862cbf5b79ab84dce85504a6a315a30dc1ea7c55a09a1cea8d616cf52bc233496a86b3749d38f299fb44d1d9dde7baec613aa4b51722ba186461cbbf5f93fc69b726d9b896241615ccda70e0365893526f48797722ca9e3b3bc42745d5ff8a91b4b86e7d6f7fd9749fe55d7190c9df694a047da1527e95e8c97dc9997a041c0c619b5bef3c6f49bd4ddea3928b7f7cb08c99d829e783ce2b1891be228b120cf8f27634725c328e553424e0e7a6f6910919c140fcd7af148be942f33f5346ed328c1641f4a46fd7a6f27131e909a647b292ba114f6e342ee5be79f88be512feaca6df40450dd72a1ef35e1c10a36637a9f5dc93464e985a3cf7f6e46a0c5bb97f555b49eebc7110245716c085a8cfbbc6dc3b0fce83f80339e483f29b5b8773da65d84dc3e8f32b2f5af413ef8ffd0521e79737aae1861028590550195a9fd0e4efc5869bfea2e677b41f002d22f2ec6833e26be529b5274e92d918182f9162a26adf51c7d3096afc05c34ef489d3238445c9cefe16184cebbf56a343ca3b63309af4eaf4dbf44edb9f8b91744099e5d9fd299606cf4c76868ee5c73b1e2b461b124f7dc5c59dd88e655c502c28d580a9e6128eb747d294f02ba0034a1053fbea5b83cb0ada2dd0ac1b33dbceb0c9bfe8fdba2076bc7e212c9d1704eb8f71f909737dba7a468b0e5c10b2d584d5e511acd0e43a1f4e072c24d56010af1810d6baa6b550f761f18a6baf4f4e7ce435971c2eda38dd7b1e8fc102054ef55ac0ad8ee0dfd55a632ad31f64b4ae4f86e79ad9be9486c7c81c7e734e9d1605b91e101e00be2e76287e711a7c8e8a206c1c72979a54bfffb079104ecceaa9d9d379286284f33de580be820f93a78fcb2dd2af249cd7350251eff3f85d72b86ab6cd1c8e1af93e5c2708a248208130713b7527d47b4fb9f217861cb33d6b4ae1084d03acf0c6e22c2ae55243510fd5fd93a17db5639bc6909063d914428ca2362ba3673552448fee37215734e57911a413ffbd35eec9251d797016aa29d4cd45c2ccd6218449996ce5f62b7efb30b9905afc2285a34b9791fe14b616eddee56096d2ee041315568651cc6c6059b647b7a5b929e07bf7b22896768d63bea27ea1b3d178232260dedd4d52c5723243ee58aba2734038f21f338e921091996d309352858431b8fee9849ee23b71d15abdc96be0c815eaa3f47d0e72ab791150e8968c158bc7e2d4436c60d0ad67659d6052a99f40049d94c1b1ed93f876939642eb42a1ad04fcda9b1df58d1f4eec71624867bbfef42542941fd247310b4d809a9b010c6a179a01eba8a4fdfdc0d24d887dd3e4a5478f6cbc1bd15233f51c6918059f0653e894b55399a9fb5fded781812c095f37ad0f1142a5f6740d069b88ccebdf7720583ac9be0111c84ba635bb491defb8a6c34b1a5068a95c7cba54c27bc7bba11744c511116d3fd6a31b734e0b0e36278cc426a1dcae68f6cc88006d00680b9193756437029c56772298978a613f6b73ba65dd52e79b5b7e7f5299472f7dcaa4bbe6bde37c65ce8cee31447ee2167864226525e31e379bcb1700d1f209c5da329b7ecb4b9b666e98ee5ab85fddcccc2321aaa22ba1ce8ae0a1af7cb492cb13571e20d462ef34ecc0b35d2b41e5d9c2ed8b5ba983a2632a64005dec02771b6677d9ffb253c8bc9e4351ad89d7a0f6a783a3f46c49f1ac11b54ccaab7c276be70c473a3acd524cca6361c7acac2445d83e3ae0bfc9b7b5799de3bd519ffc37f915ed42964d6d69bea8cc3d97dc09f861074bab97e4cbd5872e7b890170ac415af355979a2d468b4e0bafddba2ac01f7939668ad08bb1a1d108eae5a8157426b19d6cdf18b68003cfb02ba20122011457c8d7824e99547c0c6d214c6d64d0340c31953ebf66bfdd9176ed7a8342d78a79ed2a5f3255857a8a84a3cc0039df78f95678458a8c796003f83b60c719a9af7f042317767d7431dcebfcad0d36f1819e3446540b8108ff214062d3e36b0d3e6d86974722e3a67dc70d524cba6bd5385f572f345a9318415555d5e1a899cbd30c2e8dc493b6c0c73f49bc630e626e2d1c235b86d8bfb6528cbf2ca2581bcec0fb3710e4defc8f3fe0b2e9f56dff8776e7754337cb5ad7ad4298ecd02eb3d853f3e81a02952a6d4fb0efa409be32671b04cb1ed5ad739d70c384ff5dc699ee8026003ae504563917dd7200bc36d2205f15cd11fb3024255bad30e7b27729418d75e93a6bf05b5c7687ccc6b73ace1de08b8811124c0c9a663458135707a672cfeca304e0590fdf693a1e31423cff1a932b8121ff7043c2b5412d90271a0b380590762aaef7672ad256c0803bcdd771b5411279874e7919daa90f7494376e666d0558aa13a6f31c546da0930c1b02d8c7d3296d553a9f59750ab53ea6cb9c825dac81cc451768cab41c6c66a7d3a26fa615a79d59002f1d2f602da464c2dc3f3a404dde0da28a7e31432e6e9966eae6d2181967e557be217bf09400153743c95a5462d0eccb6dbe021152e6c8d2a5cf3edbddd7dc565de6fb83029d3dd15f390eaea8cf8b2f9f2faf36005faac9edf5d58c7d4a65a256a3038b4f49bd686b28088d40bdd1b4f7e9aee990ee395273613aa3633bd0a96dc50b1f440a5e8334b67ee7d723b8f717d22194bfd124d7a3f7cdb3323aaf1d9f9b1d74d9ebfb7d0d0e83dc920bf27b21f593be2c13484c8e31e9a30d554355776afa828262816ddeebd97e2894c810a2e51637ca5bd1f91792629eaa87598a66c0addb4b1b164ef29d42a50d789faab009d3f9ae714ed09b157bb424d756d180d8cebc47dd3dc18d51eeaa38bf13d68450fa0b6ccaa1abc46dcd7e8691d98eab799f71b5f251f464295468bf508ad90e2bf87952e0ca711c8c18a173a72b8fe3bf0367f7348f62ae78db6d69927b93272516353f75aba04f8c4531fa2f983ad5f1ac6e52b2a7c698aef11c9d621962219693b66544b7acefe21f7dd078792c9ca52c37d6611ced2ac76522cd65d10b06ad75fac35db880ea5fcb3a06acc13c8498a5b6941d97beb6242dcdee274f0546b7789f859622cdad5c2450fe8d4c26a08da2c4a5ee8a718e1ba7d2ed6945aeb1fdf2c749399d4f7bbf77519f3ae0c4bb19297e5b2153886bd78f05a38ae06959dffacc0c9d58155985b8d3d6fcf8e36d755af199c58b4a18a0b5e1eec3cebe0c632f8f3c83ab054332930123b00d8ce05f09f97ff0f2001221731618aa48dcaaffd73014b21d64dd2c0c7dc6049b2a227336ada809bc56f37a38aa7dc8ce944a97cb7fdeaf1831d2449e830ab2a2aaa0468533d9a43877df79cc830007c212b91734cadcfc1992bd7ac70a7482c9c7839d8737c67a8c0b763a46825ecd43e6daaec67f1e9f43b2bc699332fa99cc2ee1f2308888013f07b9f8fe740981cc605c33cea6063ed785b49bb0ab0853c9a5a84a32b7d942fe8df5a5e9650ec04244004f6733b2df410dd2c8bf1b1ebe02b373cd1d36c1a7ccd205faa75e85482208a6dcbde95f7ff90770399ac14042987ff47754c4a7f80a5523ed525aefc9781ae901338704d202197c0243b33732293618f6e5b1f1cdf179f11cb0bb95fbd0a0720696d45551fa19a274b01dad6234af9d58cb225b2b010ff22fd109f665af5b34066cd52ee6ea477c6f2e5d71c4aa4f6d0944134d0c709583b0fec7321e89270baa51e1fe7b5ffce5ace85314e9967d9c4898fabd2ef08dcc01d3766aff6bc7f38c16ea1880fb98879eebca297a4d27a5ee06cdb3ae01f23b87c70cc"}, @typed={0xc, 0x9e, 0x0, 0x0, @u64}, @typed={0x21, 0x52, 0x0, 0x0, @str='/proc/thread-self/net/psched\x00'}, @nested={0x4, 0xe5}]}, @generic="7eceef93c773da4cfbc7bc547eb7c80efb90960f9b7e0947a38a721d124adfb5674b6914c8341f6e73ebf2b9e0778e89f47ef276d16ea6acac5a7b1483e40d82be018988bc5d9759f43903523d5311c8ce0db240bce3efb9f1d6d39687e4fe686b09bb9ab74e205a8da65e1318a63a88dcb8e8f9814d7bfb3406a85aaf3a7f6ef491cc08f07f6aaba30f2f822511d113072a6a29c988096f801b3d826c222873f9b798605a3d1e2f08b621e58c2f10d6db6316d7388adacca83cda9c88fa97af6298e3b3a29bee3c4d7ef12b0395992e80e87bf716dd56", @nested={0x4, 0x75}]}, @TIPC_NLA_LINK={0x332, 0x4, 0x0, 0x1, [@nested={0x1a1, 0x3f, 0x0, 0x1, [@nested={0x4, 0xb0}, @nested={0x4, 0x67}, @nested={0x4, 0xf5}, @typed={0x8, 0x105, 0x0, 0x0, @u32=0x1}, @generic="64d1eab0b91724fe1c381e2a020453e3fc7b6c0ea5ff29980de6cf35adc390fccb234f0396a14e02d5958cb5daabd3d112a6ff0580fbf78a8b6ad2668e43ef3ff2f40549841428fd6b8612357d0b70398188f67786784c461feb04a9f7bf2daa63", @typed={0x21, 0xa1, 0x0, 0x0, @str='/proc/thread-self/net/psched\x00'}, @generic="4061cc8bcc3acf53be5984f4a668bad984e8a5e8861f2d098d2681e67e01d701ce9f923ed0a3de6de767063320d538a3895d3d8bdda75fd8ad2860f2a415d94980f48a5ce1c545e311dab1e3d377b910384aae1dd61739535814ce0489f1c778bcb2a8c7433912dd0b3b71486e350ce5291709e0e001cc4ce621b2c3c9eecc5afad8c480e1113f4f470b0fcc45904a5947d6f43eeeabdf0ac65405c4330629333017073833205f1cb18e8e00c7a18c99c715b47865e9199032a462182ad613c3a0211711d27c8c07154aab4fe09592cdf4d54486522727e5460bfd3b828a14", @generic="70a0f6f92f48c8eb25a0ccf20a40bb98bbb90bddbe896f4db79fe20352", @nested={0x4, 0xee}, @nested={0x4, 0x7c}]}, @nested={0x106, 0x35, 0x0, 0x1, [@nested={0x4, 0x132}, @generic="20e42fb6f71321efe2ec09cebaf10559729185020f122d965584711ec9c8eb9f2d6b10486bf5e3eeb80d3ea0829842b92e391399a5758188c7bb215222b5dbe2b17d641f9e0d1b114cab840c447004e4b21dbb9d54477ed0145caca16ef6e81512ffd23d43e4e03990b5c08760379ea3b23b311880b7e24b87d107a4bcf3425b71ef42a6683f6095ea48233bf8d0b8eed9849498d49200b1d1acc4634aff1249a0d83308f57e3dbdc23b59718d8652a4ccade07dae93a870ce2532442c09003aa8bf20fb349cace8a10ddb970a6953a6a288408b811a6c19daeee599f420cec10d060cf6489b34a087f41efa26d5c86325942c5ed1fce6c21658", @nested={0x4, 0x24}, @generic]}, @generic="dc960de5258e277625be8400beed671586bf02fa", @nested={0xc, 0x8f, 0x0, 0x1, [@nested={0x4, 0x143}, @nested={0x4, 0xb2}]}, @generic="c8922320c148", @generic="5bd20605134f3121e42896a2ae8fc2597c934b7ca871752a35f622638045f7d745b64f1e95c30d076ed0c0abe5bc79c97585719585e6d5789980616f9c0a9eab0220b1a3b1a8032055096410da98cedb50e17ff6", @typed={0x8, 0x124, 0x0, 0x0, @uid=r5}]}, @TIPC_NLA_MON={0xc4, 0x9, 0x0, 0x1, [@typed={0x8, 0x6d, 0x0, 0x0, @pid}, @nested={0xb8, 0xda, 0x0, 0x1, [@generic="a2c70c295d77f7fc6b858c90bcb27fac422e005204f7046cfbef032c59cae4a33a4a09edf0a80476df9e758daec5af025e2137bc0681171d73a418dbf9944bf3b2d486e79f82be346b28ac17691ab46e937a87827f8afabb7cb9ed4225a0b0e97cc6db186fcaf0bf99344c1854d9e364f27fa5c8e7191f680b2ccb4da6121664bac57e54ce82fc261e8a7036fb77d9603d920b9cb1bc312603e03a96137387fdfa9b894bf2faf571", @nested={0x4, 0xa4}, @typed={0x8, 0xfe, 0x0, 0x0, @pid=r6}]}]}]}, 0x16fc}, 0x1, 0x0, 0x0, 0x4040004}, 0x100000d4) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_add_rule$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/psched\x00', 0x40102, 0x0) pread64$auto(r7, 0x0, 0x100000001, 0x100) close_range$auto(0x0, 0xffffffffffffffff, 0x0) 2.544048328s ago: executing program 4 (id=2434): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video37\x00', 0x8a240, 0x0) mmap$auto(0x0, 0x40000c, 0x45bd, 0x9b72, 0x2, 0x8000) r0 = epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_marker_raw\x00', 0x401, 0x0) write$auto(0x3, 0x0, 0x5c8) statmount$auto(0x0, &(0x7f0000000180)={0x770, 0xfffffffe, 0x8, 0x4, 0x4005, 0x0, 0x3ffde, 0x400, 0x3, 0x9, 0x6, 0x6, 0x4, 0x11ffffffffffb, 0xb2, 0x2, 0x6, 0x10, 0x80, 0x800000029f, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x4, 0x0, 0x0, 0x0, 0x0, [0x2, 0x6, 0x0, 0x4, 0x0, 0x0, 0x20000000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7fffffff, 0xfffffffffffffffb, 0x0, 0x9, 0x2000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x0, 0x20000000000000, 0x0, 0x1000000000000200, 0x0, 0x400, 0x96, 0x9, 0x4, 0xe17, 0x0, 0x6]}, 0x1fe, 0x1) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0) writev$auto(r0, &(0x7f0000000100)={&(0x7f00000000c0)="d2784339a8a16fb9526347efa76ac7fad5255421ebcc7ed0e6b570240df16bf29d8989a5b39272cbf8", 0x80000000}, 0x9) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x480001, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r2, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timerfd_gettime$auto(0xffffffffffffffff, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x19, 0xffffffffffffffff, 0x28000) madvise$auto(0x0, 0x2003f0, 0x15) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffffffffffd03, &(0x7f00000001c0)) socket(0x2, 0x1, 0x106) getsockopt$auto(r0, 0xfffffff4, 0x100004, 0xfffffffffffffffe, 0xfffffffffffffffd) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x41) 1.711224127s ago: executing program 0 (id=2435): r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000001300)='/dev/snd/pcmC0D0c\x00', 0x80, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_XRUN2(r0, 0x4148, 0x0) r1 = eventfd$auto(0x81) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000100), r1) sendmsg$auto_IPVS_CMD_DEL_SERVICE(r2, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2000c090}, 0x10000001) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/workqueue/parameters/default_affinity_scope\x00', 0x1a9242, 0x0) sendfile$auto(r3, r3, 0x0, 0xf) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, &(0x7f0000000800)=0x2) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="130026bd7000fcdbdf8a6600002108000300", @ANYRES32=r6], 0x24}, 0x1, 0x0, 0x0, 0x4004080}, 0x0) sendmsg$auto_NL80211_CMD_ADD_TX_TS(r1, &(0x7f00000007c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB="7c040000", @ANYRES16=r4, @ANYRESOCT=r3], 0x47c}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) setsockopt$auto_SO_NOFCS(0xffffffffffffffff, 0xf1c, 0x2b, 0x0, 0x2) mmap$auto(0x0, 0x200400008, 0x5, 0x9b7e, 0xffffffffffffffff, 0x0) write$auto(0x1, 0x0, 0x80000000) write$auto(0xca, 0x0, 0x2d9) close_range$auto(0x2, 0xa, 0x0) getpgrp(0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, 0x0, 0x40800) r7 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_SET_NOACK_MAP(r7, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000340)={&(0x7f0000001340)={0x1270, 0x0, 0x100, 0x70bd28, 0x25dfdbfe, {}, [@NL80211_ATTR_CQM={0x1228, 0x5e, 0x0, 0x1, [@typed={0x8, 0x14a, 0x0, 0x0, @u32=0x1}, @typed={0x8, 0x47, 0x0, 0x0, @fd}, @typed={0xc, 0x125, 0x0, 0x0, @u64=0x5}, @nested={0x11f1, 0x129, 0x0, 0x1, [@nested={0x4, 0x4}, @generic="1612c4d0e47ee15c8e17c53c65f69a34d5e85068c0c4d87f65f82350ea6d0fff67a2b54465eba924aaf29d4f5ab14d90abd4102b3ffa0772ef6da4ac6cbbb0a62fb51d69aa131d780f98262bb560ea50f7c1eddb96bc2df2f6a81c3cdb418362cbdc2e107b9df1958aa9efd14e570e869e48b5a0f2fe94c285ffce09d860888370649988352a7840ea14f012c8954f128fa430742b7f3325bd011ea5cd3b4d1718b1778387e6aea7d8847f00515f282ace6c516a751085819130687ad41b9e5709757b8758820fcf8cbce453bee0a2e743d117b23f6816078c419adbd20eff91b63204efba27ded8e0ca9ba38ad3c753709049", @generic="0e0f1dbf30f025e234ade78790c035b7bab890f984f4f0a87b3d925b1860be02c749c1e7e6be4df70fc416935393b4e14a2efeab3d208564a77413b8b1da8681bfc10b3a19a36e996361095a09a6c7d9b1d883e1dafd3f5abea4f3465f436379687cf354e868ae6454213cfe053f75fbcbc7accc001ff418ece6cbbe977b91c6d1895e26b0b2dd06045631d5bc830d56f20431a3097d9b47373e934e5a9020b1ae240c9abea6313aa378380a568a45095c89c6b4918846f8ef4f9e996d4f53f3a083c6e934c32190e77e3b7a14be1498bc5a5f7721fbcb47267aa7d520788e5c1b6ebe28e96663afc8b3fcb2792f0997597f033db3971d2ef4863a523af2bad11eb1926d66684e1ad7e6439783dd67ccdff15957a49582e2a1093dfd6435ed9e47e70f5afbc416bea79a1fe5dc288fe6b378065e0b38a18226e231019259e242ffe1939028e546104d6d56ac040e509d8059f647bf681d4038040dba5eb88641748356bf6dfdc18e4ed5b7b81743c244d5f694b8914d5f48982a098c67c6044d7a30bfd01deb8d031853898102fc663aeb7b7bfb760a632a96b02b4201fc7e15c9e272d55075394ced67f3b1b804a43d2abebd33c673061b8a9b3a26e5ed4773fb5231e2f16cc9c95abb2bcda9e8ed45882a2cb6ba821b2f1786c6f11b07bda85b425a2e80fa5b53cb96de405e56a3069d0683ae3ab2fbb3c158582c27a4af3cbd168122e281d36a460d38b1d5c2d86878f736116db8c87745a5529402f9edec4e7021c2d278b02039aa7fb885bdb7fc6ed3a4f4aebaa4b8a6eb6c37971c90a6ed40baa039dd47a014dc1436f14c81c01be0ab2e33b3b80d63befd9f2cb7ce5eac9d182638e54b52ee1f8c9d7a936f41fa047cdab45ea53ccce030cf19d5468a8e96dd7b76df456f0dafbd5d1f1ba84e7c78dbfdf0a25034772c0c3a5b897e25fcf6b6959ee4a4c68b9f0a34e8c8d52fed4cc44dd290d0f8f1e1ad53f41b7d0db91d13a59c75d85b3cc69a3f655be8123aa81f3202e585b6b02679c2483aafbecee750dc6897892086485c8375285eb0ad8ce563ac1c4193915ee538d17e08522baaa141556cec9f2bfa62afb66cad0bc683ca13ab2979c2b9e4a6a50128b578ec3fe06bd58e48b0f5802067531691aa47aee842bd9dc0d79ae1809f31131ad36b2cfc8e5a12696d6ca29ee566a1b3e926f17d6d38560c3b264f2e4f29ab1e9f72ad4d129782ce90f3a756817d9383ae4f06f5bcbcbbc8ec5b2b1df1d26731b729095e789eca1d4cd7ebc60df7a8bbf90294f5e9b317626b513fb04fb6015ea82f0f0804e236b39da1ced81049ac27ff7ff23e76fdbc25dccb985a68ed6f0949b2440c314a941e1fcda899c497b76052044dd6a4f3fbbe70854652010669a86342fa783c1d8fe89d0939a77cbfae759b394ae2c6e7ccc220d0b18b5d80f33d2892206136d9e5692ffa850f9d3c76bb3210e8de67b55b87763a6520489cfde0a95ef766bc8075f3d47ee5b14f8eef6e3ea318f59beef0be5f36bc723b6f10bfededa1dc683d18f08b6d7922dff6d51ab7d9eedb374055c52ac5c4cec58a16de71ffa71360ee0bc152485f00031102149696a9bfbbca5ff91335463c587a6b80d11f71c9c7356cdb0197dbe4a2ae8a649f8bcefd0c324383c33743225e29884ea939bd352fc6fab876486575a19b38c27988db3e3cb89b44175b9e6d04c7180bd49d9819775b480e13fc5735d5fc5db0034e2f1fc090efd0ea00fd78b29add42eee9e2c84c84396acb1f43a3721daeb825db1ef768df6dc460c9157303053dd47291f0df80ab8b924ec0dbe6742555232b74566d34c6aadd5a10a8d804b9b9837550238e7add8db6c43dd4a586a3850f1a517d2969a1052ba3faf7a8f98a3dad3d25f4f55d33771045a8923fe764cec06c7ad30589857eac82ea53b1f45dfe2745627b2f30a32df4f025287384323822a4f4cababf8a68ce7b36ee04022cc67a00d67714944a1310ee9456ae906e0c16c78007b38664f64376e2177b16b5c85ecfcc885c581e9cb0ef66d52889ffdd71749ab72a6d86d236dfc576b59f4dbad73527d6edd6be862b37bfb220eb974bc65ada9255d5322434693f1a49083d2d15d90daca8be8bad3ca8d6c60a705b56d74483decb7c64e6a5bc0ad0925a747b56e735e423d99f920b652fa226bdaf2c3d5364d066dd3cd0685ee61a44d3e32f9fd6708088b8c8e5c9aa03aa6c6fbc1a0c87c326c882769bfd3c0a90d6abf04ce95214caba47f88aa335dca27467a800d8e78707bbdd29f598e1f734efc0dba2f6538cdc09de6eeeada607faf0ee6a1930382e40e2e48b2ba42f564670108212e1809c5b863a347d3c4c61e83e92f19a041e19cb120284097246ab07911da02dfa03685c70f09f5581b1ef04f671eccf8038bda7bf9dade3c676b4349bb39fde4f711cae18197847247e3ec67ac6a161506edee692b835b89a617efb0a9a56171de6cca45a8a420e25cc4424bcf793a1cda0a70bb9db010e7074ebf92434f8aaff1002b80e91771d5ced2180712e9236f5dfc37321db74e3aa67049ca6eed5ba00daeb7e48c2254ae465b51cef40319432ee068f4119a899d0c9a77b5d074dfe08f6698b734cbbe0661d7fae02f35aa871c5710b3299b5bdeb6c4b50a67aa57d726ad767886668bc4358bcdda81516fecd6aaafa10cf884b49be4ee0ffaaa8ee8e815cbdbac07242f0e103fccc1496912c33fec6c428406020374309e2c9d09fd72a120f294579954e1bd9eaeef6eb619974d66de5f66f4bd86c04a1f8546f1415e2b3edd863caa2d4ec9e28b9cdebc283433cd66da28146c35b6d42c9a68d1b6227e6f27addcb46a72fb72d8b78a66cdf9ded7f2abf80868408e4bf3b72c0f17099280463d877b1fed74a148224126a1e99c82c259463adfc2263d71fbee86a6b1cb5b04ae062a01b691924883e399b15db6d40547ae65ab4247ffe252c6e466d3f9bae4dccc6e441a690b2ecb85d24438cd43408d833609d71ee1208766eb090a6a994e5d22bc0221a0f710d55a7e2d0d73b3d44c536d01a2a7201b18c44b6d53eeb33b2d9b452f64c69bb4fbcc4b57651a7243f305b6f7ffa71d9a8bc607fe441fdb80ebdb3e395fddab8718ac9a9865f31cdec533b1177464fc8abca98e2b42650df4c54e41df2df67f590636da04c442296d2648e6ed12b320f393cdfcd43209fc311a21fbe922443acd5ba41923a7cf2f9f4ffe63e8c5236494b2ca6a07047fa5e70ca140238740dda31274241292d41e8a111bb3e28b30ce5c7220361db3b47e0469edc872c3be8de9dc02039d9490248698098fd019a6523bfde565682e180c7cb96880c27f9483bf6b8cd3be6154b548a4edb37592d9fb4e7e4625c344544e2c67ff5904ebff15f409aad648f531acb705ab5d52827b7b55fe310a8bdbc5583006a101a35d0476241e22076a4dbcd2c4c5a72841c9ec8c6c29cbacdabe0dd1b71fb11c18dffa974cd0265d144554d3052c37a9e50e04e803217083c135ec6ba33550f7e6a3323f8ddc1c9664c5f2061afd5a02edb41bf66a03852fc21a801dd5644a67e50d527fe23cfcd0c0041e663ec510340f5d62d2675a55919bc4c8c1c3e6e95355a653d253f368d401546b5e054e016ed6f3c16062fa03b5723dc1b194b6bb3902ac6dbc5b2b2e486a51812b582c7e49fe29a7eb1842bdc8360bf3c7d2535c6402cb8c7f09c654b35f36f61aa864c1d0d140bb983aeb6aa3ed50f19ae2c0200da0ea34122d9f94f81f6fc726a77292df2b2b296101e28051980450464abd3fad13f414b3ff4987f26832afdaafee6c5c53fb4cf6c8eaf288eb63f8a1af9123fb42bac51b47f20c0fe597f15e5f3a45cae327b11b1eb3cb2f578eeea32027e849cb95f525cd6d9f9d8134f9c0b7f6a252aa9dc35d58422779ea43792d23a6327967a45fc0f2364edc84dc9cd410db1b42679c1afd0bb844fb24dfefaf5209f34983ed08e9fb13f4ee078ee1a786f7a800c7baa2ee8efd71842666626023439fd08ccd632a66a9c40879c4672ed7dd9da84bc5cd61501927f28a644db2358a18676c32646536cc6bd16ff53b9307c0b7353926201121d4206bb7ceeced2759b4e558121e5eaabf0f8d46c16f7babfe840288d1a890845dc5b2bbd3edcb80853b1592d9b9033d13f62de63828d6de444d0fb6ba4650a1e4aef010803f1c94087f2ecbe87f0c6255ceb0fa302931469d44998e1cb613899e17cf5449e62db65e835aa6d24db514c98a0424993b95a8db854acc47015b23fe781b79569d39c7590855bfbf03e76b7a5991b7a7164de2dade84434430bbfabdd3198a82be43f3c1f73422522367cd2205694079b2f4cb89b3e84798c50c1b6b97b623e3fa94dcd7ff9ea409fa20ca9b83d65a187c7d5d7d467d9498c3dd2debc9962309d24c83124572a5ae45bfae5cf9e80698da7c7755be27c4cf14cbcf9c6df7a638b6ff89f1241ceb8cf874149aa821c0232ce22b38b88be929828158be6481bb0872f422673796bef69e03bbb2a630043cff35f80ecf294f4ac4c155eadc2c29e9f00b2a2ab84fcb432950170697fe3706aae78155e9406f7780b9e7ccf9bc01ebcb1c0166aaf573c22ed3b32e86372f2b608d90592dbe75d0334fa7a51b120874ef8652e888993ed0fb0094bbe0d05e19313d1823b55c410ca5ccd26e033505b048c5ef16c6213f085f88adf6cdc8a18bd10d8e499cea6bd36d421b88516cf83f1ce32ca3c38f7e4cce8279ab0928fb1db4a28b8f3aaa2c67574272e2157e29d33590238ff6be21e469b6036cc84e72cfedf327ae54ad1ec09b4167e3481ec7f6483c867a9f4204cdb90fdfc47a658687d04df721f1ebc78e7b8771962ede9822834035cb0945594c43e92b1cc6ee4622374ad1c01f835c7c67ee1cd3a520a441ff34c010663b6bb3bffb9db1cc4c21657d07dbe16fe165fb645b2447725fcd13e3d241464b31628dd63b68e75a407d6167771a857933c72c52b33178d1320b1cf6f112db6ec0983ed370539dc3015a315bcdda9fe83f537521ace533abf1609d35c54597527144c0190822a11efd652ee19f6333a0543de52be926c5c6120297b9975c119443bca998820b958c85f623d4c5beb1ee9fc68f97e270e1c6727f88577c0b93d4fa59205ec2bccc83cd154021287b02043a0262a05473e68652d12103d1c51ed2770f322858736d4c98987aeb13b64a52e6eac9c9c46b778aae59811cbd25e6b095f5b1af3622f57c78e704afd0cd8c38adde1d2971d4e4a2e9f8286eca6d1732c521923c063b16cbbbc98ece768a8e382b0a807f7f87fbb96274e854f6f8fffe4b7e6e7f78e5dc693272fa061f0af9d2245af51f2ee9cd791548e06589ee421c282a65201e65d7b8d57f0a42ef0fe1f4be0b5cf0296b3fc9fcfb4a3c85e882efb3828cc548b38d31e3080b84b72b2ee7c1e8c579f0d52c5d10e9303af2f60e2924166cc8df07bd0cf53d732559e089c01a13fff9403726b7950ad5aa27ae375b2d60c1802cae51c2148ba0c56fafb0e025f70efd3120c001897d5e16003f3123334261eb5e4b31af37deb23e921b51f93e5a7c7433e0c4da44c7a55e17c789c9c123a95c437f649075cc1e23a83c6090ed0d4cf422283863965c1ca4d360b44a6a9237d32cee9d3315a9d61b9668c1c45185bcd393f9833593a201bb54e129c04cf8b3805f4402613ffa55364c28eaebc5c9e9e5e10f04ab0164f63a3bda143f2b70aede3a4ba0bbbf37803b374a0dc578a492434cf21af85d176e3", @typed={0x8, 0x113, 0x0, 0x0, @fd=r1}, @generic="6d7e98035dcfef6ebddc60d66605a5fcef0e2e82f6cca8240b745787f41f040791ffa57d8ef1802346438255f4a5848e7705cde0a2811d6569384c79676ae92926e65604a4322b1b1760b06f22224e600172fd23fbd76b86eed7933ef9561286e4b12241153b1cf98499aa3af95b5e7f30e8fd96d5ac0689c7b1cc9a6199040cb9bcd2535e7000e138a2f3c115aea1d6c0fb0eeac0578d67d451fe574ee4ccd329c471364e00446bda7d0a54b48d383be154701461bce1e8d15719f3410bb06c287fbc6cea0cab117025c32d980d177792018e68b8d820604d6f7c812b21d48aa10a31efe9aa3d7a64aa85e8cc2f"]}, @nested={0x14, 0xe, 0x0, 0x1, [@nested={0x4, 0x9d}, @typed={0xc, 0xbb, 0x0, 0x0, @u64=0x8fdfaac}]}]}, @NL80211_ATTR_HE_BSS_COLOR={0x34, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0xff}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x8}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x9}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}]}]}, 0x1270}, 0x1, 0x0, 0x0, 0x41}, 0x4) mbind$auto(0x0, 0x2491d2, 0x4, 0x0, 0x6, 0xb1) mbind$auto(0x0, 0x2091d1, 0x1, 0x0, 0x6, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) 1.656613079s ago: executing program 3 (id=2436): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) madvise$auto(0x2, 0xbd, 0x2) r0 = socket(0x2, 0x1, 0x0) getsockopt$auto(r0, 0x6, 0x7, &(0x7f00000003c0)='/dev/ptys4\x00', &(0x7f0000000000)=0x6) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSA(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0xd0}, 0x2404c084) timer_create$auto(0x0, &(0x7f0000000040)={@sival_ptr=0x0, @raw=0x4, 0x6, @_tid}, 0x0) socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(0x6, 0x0, 0x100000001) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x1, 0x400008, 0xdf, 0x9b74, 0x2, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000540)='/sys/module/ib_srp/parameters/fast_io_fail_tmo\x00', 0xa8282, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/advisor_mode\x00', 0xa0340, 0x0) setsockopt$auto_SO_RCVBUF(r2, 0x80000000, 0x8, &(0x7f0000000040)='/sys/devices/virtual/tty/ttytb/power/runtime_active_time\x00', 0x100) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000580)=""/4102, 0x1006) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/tty/ttytb/power/runtime_active_time\x00', 0x400, 0x0) read$auto(r4, 0x0, 0x20) write$auto(r2, 0x0, 0x4f2d) 1.415197381s ago: executing program 0 (id=2437): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0x5, 0x5d9, 0x0, 0x8) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1002, 0x0, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x2000000) 1.412146775s ago: executing program 3 (id=2438): r0 = open(&(0x7f0000000080)='./file0\x00', 0x108242, 0x106) sendfile$auto(r0, r0, 0x0, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0x2c, 0x3, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) socket(0x2c, 0x6, 0xfffffffe) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x3, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x800000000007, 0xd, 0x1, 0x7, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x8800) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0) write$auto(r3, &(0x7f0000000000)='9\x00d1L\xff\x15\xba\xa17=(\xc1\xf8\xff\xff\v\xb5^\xa1/[', 0x4) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/bond0/bonding/primary_reselect\x00', 0x1e2142, 0x0) sendfile$auto(r1, 0xffffffffffffffff, 0x0, 0x7fff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) r4 = socket(0x10, 0x2, 0x6) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/fs/dentry-state\x00', 0x0, 0x0) sendfile$auto(r4, r5, 0x0, 0x3) 1.379918195s ago: executing program 1 (id=2439): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) gettid() set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) r0 = socket(0xf, 0x5, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0xffff}, &(0x7f00000001c0)=0x6, &(0x7f0000000200)=0x1, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r4 = socket(0x10, 0x2, 0x6) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f00000018c0)={&(0x7f0000001800)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000001880)={&(0x7f0000001940)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000401000000ffdbdf25090000000a000800d63d89b97520000008003a00000000007b806e767f79b93179a625778d495fdae8026a88992521e04facde48d111291d156b3a65529c7a46be6ce23a1ee49c20f7c657909501359b0f0498a1a9562042788cd7c4f1ae8cbd12fee6974149baebd68d660efe4735db13723a44a07ea4fb97250e771eb412fb0f7c3c280b74c4ef8524ab41ff708c77ca7a130740fc04c8a51eb58c35d0070a8abf1c3244e91d86c64d33a54641c4af6190aa75b3571f77d4e33f42a494874889ac2ddb1a8bf657b8186291d47b9932128cc4fbb5e53fd7f254c5ec64dd2332a39b5e155e3def79edf4479f4d88e2eb6644bb5e263dd14a7b697ca3d7c86cbe9566b6fd9cfaf85aa255e33524cc64907234fef18c06a50e8e56fbe59be37fda012e34c735dc14a328dca31660bf9c6aa85343c96f2b96d835d4d4d61a482d1a82ba126047178bda3c387ab85ef45e77a05bd8624cdd6365b1683d02ca571c6873a498d8d61af141a60a0e"], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x200400c0) openat$auto_msft_opcode_fops_(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/bluetooth/hci4/msft_opcode\x00', 0x2, 0x0) openat$auto_suspend_stats_fops_(0xffffffffffffff9c, &(0x7f00000003c0), 0x1001, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000340), r3) sendmsg$auto_NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f00000017c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYRES64=r0, @ANYRESDEC=r2, @ANYRESDEC=r1], 0x13d0}, 0x1, 0x0, 0x0, 0x4000}, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r5 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto(r5, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000440)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7fe}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) 1.004253831s ago: executing program 4 (id=2440): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, 0x0, 0x21) connect$auto(0x3, 0x0, 0x54) mmap$auto(0x0, 0x400008, 0xdf, 0x9b7f, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/arp\x00', 0x101000, 0x0) ioprio_set$auto(0x2, 0x800000000, 0x8) read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000100)=""/92, 0x5c) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="810b25bd7000ffdbdf251100000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) sendmsg$auto_NL80211_CMD_STOP_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="98200000edd01987167d38dd9d3d64cde5dec3a7d963ff33829f0200c0dfef8dd92f8aa0d53faa971d5d378265e91ef90bcfb7a8093b022a63f41e590bd9907bd37782077881ad2c410000000000", @ANYRES16=r1, @ANYBLOB="000329bd7000ffdbdf254c0000000800ef00050000000e004e01464f331a451ec8cc768700001e002400e574fe8a8ae4a0667f951e6f2b65936c44c7d6f5300b941fd922000006009c0011ac000044004901324555e6ca7432bd98ad1b202633efbdd1fb06810292c837b89bb5ad85737b3cd4d3617b8e596a92e267fd9706d2a3dcb55115854ef4807b160252df2a4e7a4b"], 0x98}, 0x1, 0x0, 0x0, 0x80}, 0x80c0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r5 = socket(0x1d, 0x2, 0x7) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'vlan0\x00'}) 524.406449ms ago: executing program 4 (id=2441): bpf$auto(0x0, &(0x7f0000000100)=@bpf_attr_4={0x800000000012, 0x4, 0x80000001, 0x8}, 0x6f4) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8402, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0xfffffdef) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) openat$auto_ftrace_avail_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/available_events\x00', 0x2, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r1, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000440)={0x34, r2, 0x201, 0x70bd2c, 0x25dfdbff, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x1c, 0x1, 0x0, 0x1, [@nested={0x15, 0x139, 0x0, 0x1, [@nested={0x4, 0xeb}, @typed={0x8, 0x2d, 0x0, 0x0, @fd}, @generic="5ecb8698ec"]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x44000}, 0x4000048) sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB="00dd0000", @ANYRES16=0x0, @ANYBLOB="000227bd7000fedbdf254b00000008009e00050000000c001b8004000200040003"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x1) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x60d80, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/fib_trie\x00', 0x0, 0x0) r3 = open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) copy_file_range$auto(r3, 0x0, r3, 0x0, 0x2, 0x0) r4 = bpf$auto(0x0, &(0x7f0000000000)=@link_update={0xa, @new_map_fd=0x2, 0x7, @old_prog_fd=0x13b}, 0xa3) bpf$auto(0x2, &(0x7f00000001c0)=@query={@target_fd=r4, 0x1, 0x183, 0x9, 0x63, @prog_cnt=0xfd, 0x0, 0x6, 0x5, 0x4000009, 0x9}, 0xc) 285.356006ms ago: executing program 1 (id=2442): r0 = socket(0x80000000000000a, 0x2, 0x0) sendto$auto(r0, 0x0, 0x402, 0x101, &(0x7f0000000000)=@generic={0xa, "0183638b0800"}, 0x1c) 255.140819ms ago: executing program 3 (id=2443): mmap$auto(0x0, 0x6, 0xfffffffffffffff3, 0x9b73, 0xffffffffffffffff, 0x8000) futex$auto(&(0x7f00000023c0)=0xf6, 0x3, 0x12, 0x0, &(0x7f0000002440)=0x7, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000040e2, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x15, 0x3, 0x8000) connect$auto(0x3, &(0x7f0000000240)=@nl=@unspec, 0x81) mmap$auto(0x0, 0x7, 0x20000000db, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r1, 0x0, 0x400100000001, 0x1ff) readv$auto(0x3, 0x0, 0x4) kexec_load$auto(0x401, 0xf, &(0x7f0000000480)={@buf=&(0x7f0000000400)="88c3d219f8c354c74416a0fe6cf682572527911fa6ada020bfc070f9d4fb1ebee23c99359f515d0f5b58511a7e90ed08819f45d8ab8b17ee3fe194ffab35a913baa2b1a68f7b0c980b995e9c", 0x8000000000000001, 0x8, 0x6}, 0x2) unshare$auto(0x40000080) mmap$auto(0xaa11, 0xfff, 0x3, 0x18, r1, 0x9f0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) socket(0x2, 0x2, 0x0) socketpair$auto(0x8, 0x81, 0x9, &(0x7f0000000040)) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendto$auto(0x3, 0x0, 0xf, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e20, @broadcast}, 0x1d) ptrace$auto(0xf106, 0x0, 0x8, 0x0) clock_settime$auto(0x2, &(0x7f0000000280)={0x1, 0xffffffff}) read$auto_proc_fault_inject_operations_base(r2, &(0x7f00000001c0)=""/69, 0x45) ptrace$auto(0x5, 0x0, 0xfffffffffffffffa, 0x8) mmap$auto(0xf22, 0x6, 0xfd5, 0x1e, r2, 0x0) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) 163.729826ms ago: executing program 0 (id=2444): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_TCP_METRICS_CMD_GET(r1, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) io_setup$auto(0x1, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpagecgroup\x00', 0x60400, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x111, 0xfffffffffffffffa, 0x8000) r2 = ioctl$auto_SIOCGIFHWADDR2(0xffffffffffffffff, 0x8927, &(0x7f0000000000)="55482e12c08af41d5c1d045b1929e55c3b16dbae56105cf8304813dd8e31d03bd98c5e79d3b9ad304b688ebae898706bc0ddf080a6fc351e82f742b5dab5c2747c87934b65b5f69a6fed79e37d019046dfa9eaeb1cfaf543e1b5869637") sendmsg$auto_NL80211_CMD_FRAME_WAIT_CANCEL(r2, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="04002cbd70000200df3f43000000"], 0x14}, 0x1, 0x0, 0x0, 0x8}, 0x10) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) semctl$auto(0x1ff, 0x2, 0x13, 0x1) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_clone3(&(0x7f0000000640)={0x108000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, 0x0, 0x40102, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x108000) r3 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0) ioctl$auto_TUNGETIFF(r3, 0x800454d2, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r1) 151.016764ms ago: executing program 4 (id=2445): select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0x7, 0x8fd3, 0x401, 0x2803, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, 0x0, 0xa00, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/dev\x00', 0x100, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000001080)=""/4092, 0xffc) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) r1 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x77) ioctl$auto_FBIOPUT_VSCREENINFO(r1, 0x4601, &(0x7f0000000080)) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r2, 0x80045010, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r4 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r3, 0x5601, r4) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000001c0)=0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b71, r5, 0x8000) r6 = open_by_handle_at$auto(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x136a}, 0x7d) setsockopt$auto(r6, 0x1, 0x1021, 0x0, 0xd) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x445) geteuid() sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, 0x0, 0x200000c0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8002, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) socket(0xf, 0x5, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 0s ago: executing program 1 (id=2446): mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) madvise$auto(0x8, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0xa00006, 0x1, 0x40eb1, 0x602, 0x300000000000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/nfc/nfc1/rfkill1/persistent\x00', 0x80000, 0x0) pread64$auto(r1, 0x0, 0x4000000800e, 0x3) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000100)={0x8, 0xfffffffd, 0xa, 0x47, 0x42, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x8, 0x200000000006, 0x6, 0x7, 0x2, 0xfffffffffffffffc, 0x80000000, 0xc, 0x2, 0x20fff, 0xa0, 0x7, 0x1, 0x7, 0x0, 0x280, 0x0, 0xffdffff7, 0x40, 0x400, 0x6, 0x6d4c, 0xfffffffe, [0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x8, 0xfffffffffffffffe, 0x8000000000000000, 0x0, 0x40000000, 0x2, 0x0, 0xfffffffffffffffe, 0x8001, 0x4, 0x0, 0x6, 0x0, 0xfffffffffffffffd, 0x4, 0x0, 0x0, 0x6, 0x0, 0x1, 0x0, 0x4000000000000800, 0x0, 0x6, 0x4, 0x4, 0x40004, 0x100000000001, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, 0x8000000000, 0x0, 0x12480]}, 0x1fa, 0x200d) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r3 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x11, 0x80003, 0x304) socket(0x2, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event2\x00', 0x20881, 0x0) write$auto(r4, &(0x7f0000000040)='/dev/input/event1\x00', 0x10001) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_TX_BITRATE_MASK(r3, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000500)={&(0x7f0000000400)={0xf8, r5, 0x200, 0x70bd28, 0x25dfdbfc, {}, [@NL80211_ATTR_STA_EXT_CAPABILITY={0x65, 0xac, "b287b068f3b8de463d48f65b07ab343a4c1aa2833dfbe67b5b0437ac9139aa7e7dfdd1eee66c2a114e300432f234fbaf4124c9c8a75ffd972855891cfd7a885e14d57390b08b5ce7360ebfc129e1135066f970118818e3bf72636ffb5496c6377a"}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x9}, @NL80211_ATTR_EPCS={0x4}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "74c0ed9d90fa2a091e122df14e718bae8e50f1de168715fc"}, @NL80211_ATTR_FILS_ERP_USERNAME={0xa, 0xf9, "e675a18b72f5"}, @NL80211_ATTR_HT_CAPABILITY={0x45, 0x1f, "ab6ea83f05ca40718b1af0a8b45b82997d5be96b0519c461ed949cfa178fcdb36c77c46fd80321e22c0bc539f3c5a964497070f397a776d00f74292adfe08fa22d"}]}, 0xf8}}, 0xc004) semctl$auto(0xf2, 0x80000001, 0x7, 0x8) io_cancel$auto(0x5b37, &(0x7f0000000380)={0x6, 0x8, 0x18, 0x4, 0xf, r2, 0x7ff, 0x7fffffff, 0x5, 0x0, 0xbe, r4}, &(0x7f0000000340)={0x7f, 0x4, 0x400, 0x9}) mmap$auto(0x0, 0x890006, 0x3ff, 0x11, r6, 0x8004) openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2082, 0x0) r7 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x1a1000, 0x0) keyctl$auto(0x15, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1) ioctl$auto_PROCMAP_QUERY(r7, 0xc0686611, &(0x7f0000000080)={0x67, 0x0, 0x7fff, 0x5, 0x80000000007, 0x1, 0x80000001, 0xff, 0x5, 0x7, 0xfbfffffe, 0x5, 0x7fb, 0x7, 0x9}) bpf$auto(0x8, &(0x7f0000000140)=@link_update={0x3, @new_map_fd=0x8, 0x7fffff37, @old_prog_fd=0x6}, 0x9) modify_ldt$auto(0x1, 0x0, 0x10) ioctl$auto(r0, 0x4b40, 0x1) kernel console output (not intermixed with test programs): e_slave_0: entered promiscuous mode [ 85.039583][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.046919][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.054566][ T5838] bridge_slave_1: entered allmulticast mode [ 85.062312][ T5838] bridge_slave_1: entered promiscuous mode [ 85.075506][ T5830] team0: Port device team_slave_1 added [ 85.182393][ T5825] hsr_slave_0: entered promiscuous mode [ 85.188874][ T5825] hsr_slave_1: entered promiscuous mode [ 85.198346][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.207622][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.214892][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.222038][ T5834] bridge_slave_0: entered allmulticast mode [ 85.229407][ T5834] bridge_slave_0: entered promiscuous mode [ 85.237080][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.244026][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.270345][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.282787][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.289819][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.315762][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.329155][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.353508][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.360809][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.368011][ T5834] bridge_slave_1: entered allmulticast mode [ 85.376428][ T5834] bridge_slave_1: entered promiscuous mode [ 85.439489][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.450928][ T5838] team0: Port device team_slave_0 added [ 85.459029][ T5838] team0: Port device team_slave_1 added [ 85.472600][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.570309][ T5834] team0: Port device team_slave_0 added [ 85.577120][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.584568][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.610707][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.615078][ T5150] Bluetooth: hci0: command tx timeout [ 85.633796][ T5830] hsr_slave_0: entered promiscuous mode [ 85.640236][ T5830] hsr_slave_1: entered promiscuous mode [ 85.646518][ T5830] debugfs: 'hsr0' already exists in 'hsr' [ 85.652316][ T5830] Cannot create hsr debugfs directory [ 85.660302][ T5834] team0: Port device team_slave_1 added [ 85.666949][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.674000][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.700827][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.774216][ T5150] Bluetooth: hci3: command tx timeout [ 85.774734][ T5841] Bluetooth: hci1: command tx timeout [ 85.785719][ T5150] Bluetooth: hci2: command tx timeout [ 85.793414][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 85.800884][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.827029][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 85.864574][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 85.871523][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 85.897468][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 85.982210][ T5838] hsr_slave_0: entered promiscuous mode [ 85.988530][ T5838] hsr_slave_1: entered promiscuous mode [ 85.994931][ T5838] debugfs: 'hsr0' already exists in 'hsr' [ 86.000660][ T5838] Cannot create hsr debugfs directory [ 86.120015][ T5834] hsr_slave_0: entered promiscuous mode [ 86.126390][ T5834] hsr_slave_1: entered promiscuous mode [ 86.132390][ T5834] debugfs: 'hsr0' already exists in 'hsr' [ 86.139099][ T5834] Cannot create hsr debugfs directory [ 86.345960][ T5825] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.373333][ T5825] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.383986][ T5825] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.417947][ T5825] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.512951][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 86.524753][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 86.541984][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 86.562657][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 86.636477][ T5838] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 86.651796][ T5838] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 86.662610][ T5838] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 86.675843][ T5838] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 86.829911][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 86.881051][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 86.889695][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 86.914865][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 86.937846][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 86.981686][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.015341][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.051970][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.059278][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.082530][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.099285][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.130223][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.137415][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.181329][ T61] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.188529][ T61] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.198056][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.205201][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.218970][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.266801][ T1017] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.273911][ T1017] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.301592][ T61] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.308721][ T61] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.450116][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.521819][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.576968][ T1017] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.584166][ T1017] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.619911][ T1017] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.627137][ T1017] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.698194][ T5150] Bluetooth: hci0: command tx timeout [ 87.780821][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.854706][ T5150] Bluetooth: hci1: command tx timeout [ 87.856482][ T5837] Bluetooth: hci3: command tx timeout [ 87.866780][ T5841] Bluetooth: hci2: command tx timeout [ 87.902529][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 87.957177][ T5825] veth0_vlan: entered promiscuous mode [ 87.971532][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.019234][ T5825] veth1_vlan: entered promiscuous mode [ 88.072325][ T5830] veth0_vlan: entered promiscuous mode [ 88.111442][ T5838] veth0_vlan: entered promiscuous mode [ 88.123418][ T5830] veth1_vlan: entered promiscuous mode [ 88.143588][ T5825] veth0_macvtap: entered promiscuous mode [ 88.160341][ T5838] veth1_vlan: entered promiscuous mode [ 88.190048][ T5825] veth1_macvtap: entered promiscuous mode [ 88.231319][ T5830] veth0_macvtap: entered promiscuous mode [ 88.243663][ T5830] veth1_macvtap: entered promiscuous mode [ 88.253275][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.283005][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.297208][ T5838] veth0_macvtap: entered promiscuous mode [ 88.318151][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.331651][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.347960][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.357451][ T5838] veth1_macvtap: entered promiscuous mode [ 88.377146][ T3499] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.386731][ T3499] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.407195][ T3499] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.420919][ T61] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.445587][ T61] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.456502][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.470579][ T61] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.480494][ T61] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.494940][ T61] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.509102][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.552950][ T61] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.563104][ T61] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.591698][ T61] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.600704][ T61] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.655416][ T5834] veth0_vlan: entered promiscuous mode [ 88.685563][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.695490][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.696733][ T5834] veth1_vlan: entered promiscuous mode [ 88.762231][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.777197][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.791734][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.793988][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.854074][ T5834] veth0_macvtap: entered promiscuous mode [ 88.871521][ T3499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.877995][ T5834] veth1_macvtap: entered promiscuous mode [ 88.888835][ T5830] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 88.905271][ T3499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 88.995260][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.003104][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.079776][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.122326][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.128899][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.139482][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.183306][ T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.199144][ T3499] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.225758][ T3499] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.243949][ T3499] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.504873][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.515949][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.537064][ T5927] process 'syz.1.5' launched ':,' with NULL argv: empty string added [ 89.577335][ T5927] Zero length message leads to an empty skb [ 89.641002][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.672977][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.775798][ T5841] Bluetooth: hci0: command tx timeout [ 89.935974][ T5841] Bluetooth: hci1: command tx timeout [ 89.941435][ T5841] Bluetooth: hci2: command tx timeout [ 89.947152][ T5837] Bluetooth: hci3: command tx timeout [ 90.117704][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 90.294652][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.563625][ T5947] netlink: 28 bytes leftover after parsing attributes in process `syz.0.8'. [ 91.861969][ T939] cfg80211: failed to load regulatory.db [ 91.881282][ T5841] Bluetooth: hci0: command tx timeout [ 91.967405][ T5958] usb usb2: usbfs: process 5958 (syz.2.11) did not claim interface 4 before use [ 92.017436][ T5841] Bluetooth: hci2: command tx timeout [ 92.018510][ T5150] Bluetooth: hci3: command tx timeout [ 92.028403][ T5837] Bluetooth: hci1: command tx timeout [ 92.425603][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.614219][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 92.724529][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.780030][ T5976] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 92.822708][ T5976] netlink: zone id is out of range [ 92.874536][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.883821][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 92.965336][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.973990][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.374638][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 93.660303][ T5983] Invalid ELF header magic: != ELF [ 95.095611][ T5993] zswap: compressor not available [ 95.452756][ T5996] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 95.821921][ T6012] netlink: zone id is out of range [ 97.290348][ T6034] mmap: syz.3.26 (6034) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 97.400690][ T6027] Unable to find swap-space signature [ 97.912997][ T6043] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 98.131546][ T6046] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 98.315915][ T6044] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 98.358911][ T6024] netlink: zone id is out of range [ 99.387664][ T6062] netlink: zone id is out of range [ 100.006416][ T6074] random: crng reseeded on system resumption [ 100.186789][ T6079] FAULT_INJECTION: forcing a failure. [ 100.186789][ T6079] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 100.238813][ T6079] CPU: 1 UID: 0 PID: 6079 Comm: syz.3.36 Not tainted syzkaller #0 PREEMPT(full) [ 100.238851][ T6079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 100.238863][ T6079] Call Trace: [ 100.238869][ T6079] [ 100.238874][ T6079] dump_stack_lvl+0x16c/0x1f0 [ 100.238894][ T6079] should_fail_ex+0x512/0x640 [ 100.238918][ T6079] _copy_to_user+0x32/0xd0 [ 100.238941][ T6079] simple_read_from_buffer+0xcb/0x170 [ 100.238964][ T6079] proc_fail_nth_read+0x197/0x240 [ 100.238980][ T6079] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 100.238996][ T6079] ? rw_verify_area+0xcf/0x6c0 [ 100.239009][ T6079] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 100.239023][ T6079] vfs_read+0x1e4/0xcf0 [ 100.239041][ T6079] ? __pfx___mutex_lock+0x10/0x10 [ 100.239057][ T6079] ? __pfx_vfs_read+0x10/0x10 [ 100.239076][ T6079] ? __fget_files+0x20e/0x3c0 [ 100.239096][ T6079] ksys_read+0x12a/0x250 [ 100.239110][ T6079] ? __pfx_ksys_read+0x10/0x10 [ 100.239130][ T6079] do_syscall_64+0xcd/0xfa0 [ 100.239146][ T6079] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.239160][ T6079] RIP: 0033:0x7f8991b8d9dc [ 100.239172][ T6079] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 100.239185][ T6079] RSP: 002b:00007f8992955030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 100.239198][ T6079] RAX: ffffffffffffffda RBX: 00007f8991de5fa0 RCX: 00007f8991b8d9dc [ 100.239207][ T6079] RDX: 000000000000000f RSI: 00007f89929550a0 RDI: 0000000000000004 [ 100.239215][ T6079] RBP: 00007f8992955090 R08: 0000000000000000 R09: 0000000000000000 [ 100.239223][ T6079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.239231][ T6079] R13: 00007f8991de6038 R14: 00007f8991de5fa0 R15: 00007ffd45e09e58 [ 100.239250][ T6079] [ 101.647890][ T6073] netlink: zone id is out of range [ 104.316639][ T6167] FAULT_INJECTION: forcing a failure. [ 104.316639][ T6167] name failslab, interval 1, probability 0, space 0, times 1 [ 104.387466][ T6167] CPU: 1 UID: 0 PID: 6167 Comm: syz.1.46 Not tainted syzkaller #0 PREEMPT(full) [ 104.387501][ T6167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 104.387516][ T6167] Call Trace: [ 104.387524][ T6167] [ 104.387533][ T6167] dump_stack_lvl+0x16c/0x1f0 [ 104.387567][ T6167] should_fail_ex+0x512/0x640 [ 104.387604][ T6167] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 104.387635][ T6167] should_failslab+0xc2/0x120 [ 104.387671][ T6167] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 104.387700][ T6167] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 104.387732][ T6167] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 104.387756][ T6167] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 104.387781][ T6167] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 104.387807][ T6167] alloc_inode+0x64/0x240 [ 104.387842][ T6167] new_inode+0x22/0x1c0 [ 104.387873][ T6167] hugetlbfs_get_inode+0x354/0x730 [ 104.387904][ T6167] hugetlb_file_setup+0x15b/0x620 [ 104.387930][ T6167] ksys_mmap_pgoff+0x189/0x5c0 [ 104.387959][ T6167] __x64_sys_mmap+0x125/0x190 [ 104.387999][ T6167] do_syscall_64+0xcd/0xfa0 [ 104.388031][ T6167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.388067][ T6167] RIP: 0033:0x7fd1cdd8efc9 [ 104.388089][ T6167] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.388115][ T6167] RSP: 002b:00007fd1ceca5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 104.388139][ T6167] RAX: ffffffffffffffda RBX: 00007fd1cdfe6270 RCX: 00007fd1cdd8efc9 [ 104.388154][ T6167] RDX: 0000000000000003 RSI: 0000000000000004 RDI: 0000000000000000 [ 104.388169][ T6167] RBP: 00007fd1cde11f91 R08: 0000000000000401 R09: 0000300000000000 [ 104.388185][ T6167] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 104.388199][ T6167] R13: 00007fd1cdfe6308 R14: 00007fd1cdfe6270 R15: 00007fff7d73de38 [ 104.388234][ T6167] [ 107.635948][ T6216] ptrace attach of "./syz-executor exec"[5825] was attempted by "./syz-executor exec"[6216] [ 108.812477][ T6239] netlink: zone id is out of range [ 110.535384][ T6260] netlink: 28 bytes leftover after parsing attributes in process `syz.0.61'. [ 111.086486][ T6269] netlink: 56 bytes leftover after parsing attributes in process `syz.3.62'. [ 111.190476][ T6261] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 111.205522][ T6261] netlink: zone id is out of range [ 111.603399][ T6269] FAULT_INJECTION: forcing a failure. [ 111.603399][ T6269] name failslab, interval 1, probability 0, space 0, times 0 [ 111.616858][ T6269] CPU: 0 UID: 0 PID: 6269 Comm: syz.3.62 Not tainted syzkaller #0 PREEMPT(full) [ 111.616879][ T6269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 111.616888][ T6269] Call Trace: [ 111.616892][ T6269] [ 111.616898][ T6269] dump_stack_lvl+0x16c/0x1f0 [ 111.616919][ T6269] should_fail_ex+0x512/0x640 [ 111.616941][ T6269] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 111.616957][ T6269] should_failslab+0xc2/0x120 [ 111.616975][ T6269] kmem_cache_alloc_noprof+0x75/0x6e0 [ 111.616988][ T6269] ? fasync_helper+0x3d/0xd0 [ 111.617010][ T6269] ? fasync_helper+0x3d/0xd0 [ 111.617026][ T6269] ? lockdep_hardirqs_on+0x7c/0x110 [ 111.617040][ T6269] fasync_helper+0x3d/0xd0 [ 111.617059][ T6269] sock_fasync+0x92/0x140 [ 111.617076][ T6269] ? __pfx_sock_fasync+0x10/0x10 [ 111.617091][ T6269] do_fcntl+0xa3d/0x15a0 [ 111.617109][ T6269] ? __pfx_do_fcntl+0x10/0x10 [ 111.617130][ T6269] ? tomoyo_file_fcntl+0xa5/0xc0 [ 111.617152][ T6269] __x64_sys_fcntl+0x163/0x200 [ 111.617172][ T6269] do_syscall_64+0xcd/0xfa0 [ 111.617189][ T6269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.617203][ T6269] RIP: 0033:0x7f8991b8efc9 [ 111.617214][ T6269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.617227][ T6269] RSP: 002b:00007f898fdd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 111.617241][ T6269] RAX: ffffffffffffffda RBX: 00007f8991de6180 RCX: 00007f8991b8efc9 [ 111.617250][ T6269] RDX: 000000000000a553 RSI: 0000000000000004 RDI: 0000000000000003 [ 111.617259][ T6269] RBP: 00007f8991c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 111.617267][ T6269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.617275][ T6269] R13: 00007f8991de6218 R14: 00007f8991de6180 R15: 00007ffd45e09e58 [ 111.617295][ T6269] [ 112.164756][ T6268] netlink: 342 bytes leftover after parsing attributes in process `syz.0.63'. [ 112.418541][ T6282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.67'. [ 112.831906][ T6286] netlink: 28 bytes leftover after parsing attributes in process `syz.3.68'. [ 113.120086][ T6289] FAULT_INJECTION: forcing a failure. [ 113.120086][ T6289] name failslab, interval 1, probability 0, space 0, times 0 [ 113.132964][ T6289] CPU: 1 UID: 0 PID: 6289 Comm: syz.2.65 Not tainted syzkaller #0 PREEMPT(full) [ 113.132984][ T6289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 113.132992][ T6289] Call Trace: [ 113.132998][ T6289] [ 113.133005][ T6289] dump_stack_lvl+0x16c/0x1f0 [ 113.133026][ T6289] should_fail_ex+0x512/0x640 [ 113.133047][ T6289] ? fs_reclaim_acquire+0xae/0x150 [ 113.133067][ T6289] should_failslab+0xc2/0x120 [ 113.133085][ T6289] __kmalloc_noprof+0xdd/0x880 [ 113.133118][ T6289] ? ima_alloc_init_template+0xb5/0x720 [ 113.133163][ T6289] ? ima_alloc_init_template+0xb5/0x720 [ 113.133192][ T6289] ima_alloc_init_template+0xb5/0x720 [ 113.133213][ T6289] ? take_dentry_name_snapshot+0x319/0x7d0 [ 113.133235][ T6289] ima_store_measurement+0x1eb/0x5c0 [ 113.133257][ T6289] ? __pfx_ima_store_measurement+0x10/0x10 [ 113.133279][ T6289] ? vfs_getxattr_alloc+0xec/0x350 [ 113.133298][ T6289] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 113.133319][ T6289] process_measurement+0x1ddb/0x23e0 [ 113.133343][ T6289] ? __lock_acquire+0x622/0x1c90 [ 113.133362][ T6289] ? __pfx_process_measurement+0x10/0x10 [ 113.133380][ T6289] ? __kasan_slab_alloc+0x89/0x90 [ 113.133396][ T6289] ? security_file_alloc+0x34/0x2b0 [ 113.133410][ T6289] ? alloc_empty_file+0x73/0x1e0 [ 113.133427][ T6289] ? alloc_file_pseudo+0x13a/0x230 [ 113.133469][ T6289] ? find_held_lock+0x2b/0x80 [ 113.133507][ T6289] ima_file_mmap+0x1b1/0x1d0 [ 113.133526][ T6289] ? __pfx_ima_file_mmap+0x10/0x10 [ 113.133551][ T6289] security_mmap_file+0x88c/0x990 [ 113.133566][ T6289] vm_mmap_pgoff+0xec/0x470 [ 113.133586][ T6289] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 113.133601][ T6289] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 113.133621][ T6289] ? hugetlbfs_get_inode+0x31f/0x730 [ 113.133643][ T6289] ksys_mmap_pgoff+0x1c8/0x5c0 [ 113.133663][ T6289] __x64_sys_mmap+0x125/0x190 [ 113.133685][ T6289] do_syscall_64+0xcd/0xfa0 [ 113.133702][ T6289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.133719][ T6289] RIP: 0033:0x7fa7b618efc9 [ 113.133732][ T6289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.133744][ T6289] RSP: 002b:00007fa7b3fb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 113.133757][ T6289] RAX: ffffffffffffffda RBX: 00007fa7b63e6270 RCX: 00007fa7b618efc9 [ 113.133766][ T6289] RDX: 00004000000000df RSI: 0000000000000004 RDI: 000000000000fd01 [ 113.133775][ T6289] RBP: 00007fa7b6211f91 R08: 0000000000000401 R09: 0000300000000000 [ 113.133784][ T6289] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 113.133792][ T6289] R13: 00007fa7b63e6308 R14: 00007fa7b63e6270 R15: 00007ffe6b52b798 [ 113.133812][ T6289] [ 113.398887][ T30] audit: type=1804 audit(1761995924.248:2): pid=6289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.65" name="anon_hugepage" dev="hugetlbfs" ino=8094 res=0 errno=0 [ 113.964765][ T6286] team0 (unregistering): Port device team_slave_0 removed [ 114.025121][ T6286] team0 (unregistering): Port device team_slave_1 removed [ 114.319829][ T6297] capability: warning: `syz.0.71' uses 32-bit capabilities (legacy support in use) [ 115.632596][ T6330] netlink: zone id is out of range [ 116.130731][ T6335] zswap: compressor not available [ 116.456355][ T6350] netlink: 'syz.2.86': attribute type 16 has an invalid length. [ 116.474243][ T6350] netlink: 50 bytes leftover after parsing attributes in process `syz.2.86'. [ 117.156954][ T6367] netlink: 178 bytes leftover after parsing attributes in process `syz.1.90'. [ 118.171565][ T6389] netlink: set zone limit has 8 unknown bytes [ 118.286505][ T6389] Process accounting resumed [ 118.581242][ T6404] netlink: zone id is out of range [ 119.772149][ T6415] nvme_fabrics: missing parameter 'transport=%s' [ 119.792250][ T6415] nvme_fabrics: missing parameter 'nqn=%s' [ 120.401330][ T6433] random: crng reseeded on system resumption [ 120.701135][ T6438] Invalid ELF header magic: != ELF [ 121.868190][ T6459] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 122.014085][ T6465] netlink: 28 bytes leftover after parsing attributes in process `syz.1.116'. [ 122.695969][ T6484] netlink: zone id is out of range [ 123.312933][ T6498] FAULT_INJECTION: forcing a failure. [ 123.312933][ T6498] name failslab, interval 1, probability 0, space 0, times 0 [ 123.362127][ T6498] CPU: 1 UID: 0 PID: 6498 Comm: syz.2.126 Not tainted syzkaller #0 PREEMPT(full) [ 123.362167][ T6498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 123.362184][ T6498] Call Trace: [ 123.362192][ T6498] [ 123.362202][ T6498] dump_stack_lvl+0x16c/0x1f0 [ 123.362238][ T6498] should_fail_ex+0x512/0x640 [ 123.362275][ T6498] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 123.362306][ T6498] should_failslab+0xc2/0x120 [ 123.362342][ T6498] kmem_cache_alloc_noprof+0x75/0x6e0 [ 123.362371][ T6498] ? alloc_empty_file+0x55/0x1e0 [ 123.362411][ T6498] ? alloc_empty_file+0x55/0x1e0 [ 123.362443][ T6498] alloc_empty_file+0x55/0x1e0 [ 123.362478][ T6498] alloc_file_pseudo+0x13a/0x230 [ 123.362515][ T6498] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 123.362553][ T6498] ? alloc_fd+0x471/0x7d0 [ 123.362583][ T6498] sock_alloc_file+0x50/0x210 [ 123.362618][ T6498] __sys_socket+0x1c0/0x260 [ 123.362654][ T6498] ? __pfx___sys_socket+0x10/0x10 [ 123.362689][ T6498] ? xfd_validate_state+0x61/0x180 [ 123.362724][ T6498] ? __pfx_do_writev+0x10/0x10 [ 123.362758][ T6498] __x64_sys_socket+0x72/0xb0 [ 123.362786][ T6498] ? lockdep_hardirqs_on+0x7c/0x110 [ 123.362815][ T6498] do_syscall_64+0xcd/0xfa0 [ 123.362848][ T6498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.362876][ T6498] RIP: 0033:0x7fa7b618efc9 [ 123.362897][ T6498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.362921][ T6498] RSP: 002b:00007fa7b6f59038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 123.362952][ T6498] RAX: ffffffffffffffda RBX: 00007fa7b63e5fa0 RCX: 00007fa7b618efc9 [ 123.362968][ T6498] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 123.362982][ T6498] RBP: 00007fa7b6211f91 R08: 0000000000000000 R09: 0000000000000000 [ 123.362995][ T6498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.363008][ T6498] R13: 00007fa7b63e6038 R14: 00007fa7b63e5fa0 R15: 00007ffe6b52b798 [ 123.363049][ T6498] [ 124.003356][ T6512] netlink: 28 bytes leftover after parsing attributes in process `syz.2.130'. [ 127.214506][ T6581] netlink: zone id is out of range [ 128.053911][ T6579] netlink: zone id is out of range [ 128.068217][ T6602] netlink: 16 bytes leftover after parsing attributes in process `syz.1.154'. [ 130.060926][ T6652] syz.2.171 uses obsolete (PF_INET,SOCK_PACKET) [ 130.647122][ T6656] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 132.114854][ T6683] netlink: 28 bytes leftover after parsing attributes in process `syz.2.182'. [ 132.761354][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.767930][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 135.618833][ T6750] netlink: 28 bytes leftover after parsing attributes in process `syz.1.198'. [ 136.497789][ T5837] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 136.763959][ T6782] netlink: 28 bytes leftover after parsing attributes in process `syz.2.210'. [ 137.040030][ T6793] netlink: 28 bytes leftover after parsing attributes in process `syz.2.212'. [ 137.296678][ T6795] netlink: zone id is out of range [ 137.777004][ T6818] netlink: 28 bytes leftover after parsing attributes in process `syz.3.221'. [ 137.887933][ T6822] netlink: zone id is out of range [ 138.136883][ T6831] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 139.275238][ T6861] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 139.404712][ T6865] netlink: zone id is out of range [ 140.127565][ T6873] delete_channel: no stack [ 141.023609][ T6917] netlink: 334 bytes leftover after parsing attributes in process `syz.1.244'. [ 141.547914][ T6943] netlink: 25 bytes leftover after parsing attributes in process `syz.1.252'. [ 143.537515][ T6997] netlink: 28 bytes leftover after parsing attributes in process `syz.1.266'. [ 144.351177][ T6957] kexec: Could not allocate control_code_buffer [ 144.383941][ T7007] netlink: zone id is out of range [ 146.983508][ T7073] netlink: 'syz.3.288': attribute type 11 has an invalid length. [ 146.991627][ T7073] netlink: 'syz.3.288': attribute type 11 has an invalid length. [ 146.999450][ T7073] netlink: 'syz.3.288': attribute type 11 has an invalid length. [ 147.007345][ T7073] netlink: 'syz.3.288': attribute type 11 has an invalid length. [ 147.017306][ T7073] netlink: 'syz.3.288': attribute type 11 has an invalid length. [ 147.448722][ T7077] netlink: zone id is out of range [ 148.415745][ T7088] netlink: zone id is out of range [ 148.567951][ T7103] netlink: 28 bytes leftover after parsing attributes in process `syz.1.296'. [ 148.926054][ T7106] netlink: zone id is out of range [ 149.355833][ T7134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.304'. [ 149.727959][ T7146] netlink: 28 bytes leftover after parsing attributes in process `syz.2.308'. [ 150.017604][ T7148] netlink: zone id is out of range [ 150.958844][ T7181] netlink: 28 bytes leftover after parsing attributes in process `syz.2.318'. [ 151.157540][ T5837] Bluetooth: hci3: unexpected subevent 0x04 length: 122 > 11 [ 151.760270][ T7197] Invalid ELF header magic: != ELF [ 152.564143][ T7231] netlink: 28 bytes leftover after parsing attributes in process `syz.1.329'. [ 153.370244][ T7250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.335'. [ 153.439705][ T7254] futex_wake_op: syz.3.337 tries to shift op by -2048; fix this program [ 153.478723][ T7255] syz.3.337(7255): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 153.711039][ T7270] syz.0.341 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 153.829195][ T7272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.342'. [ 155.273085][ T7313] tipc: Started in network mode [ 155.279484][ T7313] tipc: Node identity ee00, cluster identity 4711 [ 155.290645][ T7313] tipc: Node number set to 60928 [ 156.466869][ T7343] netlink: 25 bytes leftover after parsing attributes in process `syz.3.361'. [ 157.128177][ T7362] netlink: 338 bytes leftover after parsing attributes in process `syz.3.365'. [ 157.831804][ T7365] netlink: 8 bytes leftover after parsing attributes in process `syz.1.367'. [ 160.462391][ T7408] netlink: 28 bytes leftover after parsing attributes in process `syz.3.379'. [ 161.826898][ T7437] netlink: 28 bytes leftover after parsing attributes in process `syz.3.389'. [ 162.017046][ T7448] netlink: 28 bytes leftover after parsing attributes in process `syz.3.394'. [ 162.027108][ T7448] bridge_slave_1: left allmulticast mode [ 162.040026][ T7448] bridge_slave_1: left promiscuous mode [ 162.047803][ T7448] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.063561][ T7448] bridge_slave_0: left allmulticast mode [ 162.077345][ T7448] bridge_slave_0: left promiscuous mode [ 162.088793][ T7448] bridge0: port 1(bridge_slave_0) entered disabled state [ 163.618607][ T7495] svc: failed to register nfsdv3 RPC service (errno 111). [ 163.650790][ T7495] svc: failed to register nfsaclv3 RPC service (errno 111). [ 164.979005][ T7513] netlink: 28 bytes leftover after parsing attributes in process `syz.1.415'. [ 165.268136][ T7521] netlink: 28 bytes leftover after parsing attributes in process `syz.3.418'. [ 165.400946][ T7523] tipc: Started in network mode [ 165.406120][ T7523] tipc: Node identity 45e5412, cluster identity 4711 [ 165.413044][ T7523] tipc: Node number set to 73290770 [ 165.421530][ T7523] delete_channel: no stack [ 166.173975][ T7559] netlink: 28 bytes leftover after parsing attributes in process `syz.0.427'. [ 167.759656][ T7599] netlink: 28 bytes leftover after parsing attributes in process `syz.1.438'. [ 168.434564][ T5837] Bluetooth: hci1: unexpected event 0x3e length: 0 < 1 [ 172.051076][ T7692] netlink: 28 bytes leftover after parsing attributes in process `syz.2.463'. [ 175.394197][ T7753] netlink: 28 bytes leftover after parsing attributes in process `syz.0.479'. [ 175.857049][ T30] audit: type=1800 audit(4294967307.805:3): pid=7764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.482" name="SYSV00007fff" dev="hugetlbfs" ino=0 res=0 errno=0 [ 176.004360][ T7769] block nbd0: not configured, cannot reconfigure [ 178.322087][ T30] audit: type=1804 audit(4294967310.288:4): pid=7810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.495" name="file0" dev="tmpfs" ino=728 res=1 errno=0 [ 178.384546][ T30] audit: type=1804 audit(4294967310.349:5): pid=7807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.495" name="file0" dev="tmpfs" ino=728 res=1 errno=0 [ 178.405088][ T30] audit: type=1800 audit(4294967310.359:6): pid=7810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.495" name="file0" dev="tmpfs" ino=728 res=0 errno=0 [ 178.850392][ T7825] netlink: 648 bytes leftover after parsing attributes in process `syz.0.499'. [ 184.171031][ T7922] netlink: 342 bytes leftover after parsing attributes in process `syz.1.530'. [ 184.200759][ T7922] netlink: 342 bytes leftover after parsing attributes in process `syz.1.530'. [ 184.536830][ T30] audit: type=1800 audit(4294967316.531:7): pid=7941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.534" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 184.885659][ T7948] netlink: set zone limit has 8 unknown bytes [ 187.704224][ T8016] Invalid ELF header magic: != ELF [ 188.461360][ T8032] netlink: zone id is out of range [ 188.702380][ T8038] netlink: 28 bytes leftover after parsing attributes in process `syz.1.564'. [ 191.030132][ T8084] netlink: 330 bytes leftover after parsing attributes in process `syz.3.580'. [ 191.051786][ T8084] : renamed from hsr0 [ 191.062973][ T8084] : entered allmulticast mode [ 191.079922][ T8084] hsr_slave_0: entered allmulticast mode [ 191.094015][ T8084] hsr_slave_1: entered allmulticast mode [ 191.367261][ T8092] Â: entered promiscuous mode [ 192.715338][ T8119] netlink: 28 bytes leftover after parsing attributes in process `syz.0.590'. [ 193.881768][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.888142][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.775546][ T8172] netlink: 28 bytes leftover after parsing attributes in process `syz.2.602'. [ 194.864472][ T8163] netlink: zone id is out of range [ 195.702248][ T8183] netlink: del zone limit has 4 unknown bytes [ 197.070778][ T8202] Invalid ELF header magic: != ELF [ 198.513690][ T8231] netlink: zone id is out of range [ 198.518910][ T8231] netlink: del zone limit has 4 unknown bytes [ 199.929245][ T8264] netlink: 28 bytes leftover after parsing attributes in process `syz.2.626'. [ 200.428129][ T8270] netlink: zone id is out of range [ 200.433568][ T8270] netlink: del zone limit has 4 unknown bytes [ 201.686910][ T8300] netlink: 28 bytes leftover after parsing attributes in process `syz.2.635'. [ 202.206666][ T8313] netlink: zone id is out of range [ 202.216716][ T8313] netlink: del zone limit has 4 unknown bytes [ 204.825539][ T8368] netlink: zone id is out of range [ 204.859211][ T8368] netlink: del zone limit has 4 unknown bytes [ 206.132713][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 206.135175][ T5835] Bluetooth: hci3: command 0x0406 tx timeout [ 206.138875][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 206.145299][ T5835] Bluetooth: hci2: command 0x0406 tx timeout [ 208.701089][ T8413] netlink: 28 bytes leftover after parsing attributes in process `syz.0.670'. [ 208.928986][ T8413] bond0: (slave bond_slave_1): Releasing backup interface [ 208.939876][ T8420] netlink: 186 bytes leftover after parsing attributes in process `syz.1.668'. [ 209.064751][ T8421] netlink: 'syz.2.671': attribute type 33 has an invalid length. [ 210.298654][ T8430] netlink: zone id is out of range [ 210.315830][ T8430] netlink: del zone limit has 4 unknown bytes [ 213.096574][ T8472] netlink: zone id is out of range [ 213.124565][ T8472] netlink: del zone limit has 4 unknown bytes [ 214.286125][ T8493] bridge0: port 3(syz_tun) entered blocking state [ 214.293703][ T8493] bridge0: port 3(syz_tun) entered disabled state [ 214.300539][ T8493] syz_tun: entered allmulticast mode [ 214.317179][ T8493] syz_tun: entered promiscuous mode [ 214.333649][ T8493] bridge0: port 3(syz_tun) entered blocking state [ 214.340304][ T8493] bridge0: port 3(syz_tun) entered forwarding state [ 214.534503][ T8497] netlink: zone id is out of range [ 214.540207][ T8497] netlink: del zone limit has 4 unknown bytes [ 214.563900][ T30] audit: type=1800 audit(4294967300.146:8): pid=8489 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.689" name="file0" dev="tmpfs" ino=940 res=0 errno=0 [ 215.588995][ T8500] netlink: zone id is out of range [ 215.608493][ T8500] netlink: del zone limit has 4 unknown bytes [ 216.434596][ T8528] netlink: zone id is out of range [ 216.457650][ T8528] netlink: del zone limit has 8 unknown bytes [ 217.997055][ T8559] netlink: zone id is out of range [ 218.035753][ T8559] netlink: del zone limit has 8 unknown bytes [ 218.665236][ T8577] netlink: 326 bytes leftover after parsing attributes in process `syz.3.715'. [ 219.833305][ T8600] netlink: zone id is out of range [ 219.871669][ T8600] netlink: del zone limit has 8 unknown bytes [ 220.270897][ T8606] netlink: 25 bytes leftover after parsing attributes in process `syz.3.721'. [ 220.373483][ T8609] netlink: 326 bytes leftover after parsing attributes in process `syz.1.722'. [ 220.906628][ T8599] netlink: zone id is out of range [ 220.911765][ T8599] netlink: del zone limit has 8 unknown bytes [ 221.074381][ T8618] netlink: 342 bytes leftover after parsing attributes in process `syz.1.725'. [ 221.093347][ T8618] netlink: 342 bytes leftover after parsing attributes in process `syz.1.725'. [ 221.604041][ T8621] netlink: zone id is out of range [ 221.609312][ T8621] netlink: del zone limit has 4 unknown bytes [ 222.337999][ T8638] netlink: zone id is out of range [ 222.344429][ T8638] netlink: del zone limit has 8 unknown bytes [ 223.207217][ T8659] netlink: 28 bytes leftover after parsing attributes in process `syz.2.729'. [ 223.322303][ T30] audit: type=1800 audit(4294967298.447:9): pid=8658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.737" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 223.825420][ T8662] netlink: 28 bytes leftover after parsing attributes in process `syz.2.738'. [ 223.908082][ T8662] veth0_macvtap: left promiscuous mode [ 223.913918][ T8662] macvtap0: entered promiscuous mode [ 223.919281][ T8662] macvtap0: entered allmulticast mode [ 223.979082][ T8672] netlink: 'syz.0.741': attribute type 3 has an invalid length. [ 224.418189][ T8679] netlink: zone id is out of range [ 224.423462][ T8679] netlink: del zone limit has 8 unknown bytes [ 224.491009][ T8681] openvswitch: netlink: Duplicate or invalid key (type 0). [ 226.372960][ T8715] netlink: 8 bytes leftover after parsing attributes in process `syz.0.754'. [ 227.410072][ T8733] netlink: 4 bytes leftover after parsing attributes in process `syz.3.757'. [ 229.467622][ T8762] netlink: 326 bytes leftover after parsing attributes in process `syz.0.766'. [ 229.477257][ T8762] veth1_macvtap: left promiscuous mode [ 229.917756][ T8771] netlink: 28 bytes leftover after parsing attributes in process `syz.0.770'. [ 230.665256][ T30] audit: type=1800 audit(4294967302.709:10): pid=8786 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.775" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 231.243413][ T8796] netlink: 28 bytes leftover after parsing attributes in process `syz.1.779'. [ 231.277261][ T8798] netlink: 28 bytes leftover after parsing attributes in process `syz.3.778'. [ 232.003495][ T8816] netlink: zone id is out of range [ 232.019015][ T8816] netlink: del zone limit has 4 unknown bytes [ 232.704158][ T8843] netlink: 146 bytes leftover after parsing attributes in process `syz.0.789'. [ 233.289589][ T8859] netlink: zone id is out of range [ 233.305592][ T8859] netlink: del zone limit has 8 unknown bytes [ 234.466104][ T8874] netlink: 28 bytes leftover after parsing attributes in process `syz.0.796'. [ 235.135626][ T8884] netlink: 28 bytes leftover after parsing attributes in process `syz.2.798'. [ 236.031255][ T8906] netlink: 28 bytes leftover after parsing attributes in process `syz.3.799'. [ 236.148234][ T8911] netlink: zone id is out of range [ 236.153388][ T8911] netlink: del zone limit has 8 unknown bytes [ 236.181061][ T52] Bluetooth: hci0: unexpected event 0x1d length: 6 > 5 [ 236.225332][ T8906] : left allmulticast mode [ 236.247010][ T8906] hsr_slave_0: left allmulticast mode [ 236.262563][ T8906] hsr_slave_1: left allmulticast mode [ 238.155115][ T8938] netlink: zone id is out of range [ 238.170269][ T8938] netlink: del zone limit has 4 unknown bytes [ 239.333584][ T8948] sctp: [Deprecated]: syz.1.814 (pid 8948) Use of struct sctp_assoc_value in delayed_ack socket option. [ 239.333584][ T8948] Use struct sctp_sack_info instead [ 240.100524][ T8968] netlink: zone id is out of range [ 240.105762][ T8968] netlink: del zone limit has 8 unknown bytes [ 240.697100][ T8978] netlink: 16 bytes leftover after parsing attributes in process `syz.1.821'. [ 245.135005][ T9066] netlink: 28 bytes leftover after parsing attributes in process `syz.3.843'. [ 245.567778][ T9077] futex_wake_op: syz.0.846 tries to shift op by -9; fix this program [ 246.661341][ T9098] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 249.848056][ T9162] netlink: 'syz.3.867': attribute type 11 has an invalid length. [ 249.855888][ T9162] netlink: 'syz.3.867': attribute type 11 has an invalid length. [ 249.868011][ T9161] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 250.035799][ T9166] netlink: 28 bytes leftover after parsing attributes in process `syz.3.868'. [ 252.694813][ T9238] netlink: zone id is out of range [ 252.760530][ T52] Bluetooth: hci3: unexpected event 0x3e length: 508 > 260 [ 252.760565][ T52] Bluetooth: hci3: unexpected subevent 0x02 length: 507 > 260 [ 252.775995][ T52] Bluetooth: hci3: Dropping invalid advertising data [ 252.783744][ T52] Bluetooth: hci3: unknown advertising packet type: 0xe9 [ 252.783782][ T52] Bluetooth: hci3: Dropping invalid advertising data [ 252.797753][ T52] Bluetooth: hci3: Malformed LE Event: 0x02 [ 253.710009][ T9264] netlink: 'syz.0.892': attribute type 5 has an invalid length. [ 253.818065][ T9273] netlink: 28 bytes leftover after parsing attributes in process `syz.3.896'. [ 254.977987][ T9308] netlink: 28 bytes leftover after parsing attributes in process `syz.3.907'. [ 255.006268][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.012805][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.256758][ T52] Bluetooth: hci3: unexpected subevent 0x06 length: 123 > 10 [ 255.911227][ T9346] netlink: 28 bytes leftover after parsing attributes in process `syz.1.917'. [ 257.306531][ T52] Bluetooth: hci3: command 0x0406 tx timeout [ 259.456542][ T9402] openvswitch: netlink: Key type 327 is out of range max 32 [ 259.577203][ T9404] netlink: 28 bytes leftover after parsing attributes in process `syz.1.934'. [ 259.849931][ T9405] can: request_module (can-proto-5) failed. [ 260.683965][ T9404] team0 (unregistering): Port device team_slave_0 removed [ 260.779974][ T9404] team0 (unregistering): Port device team_slave_1 removed [ 262.685040][ T9445] nbd: must specify a device to reconfigure [ 263.283064][ T9433] kexec: Could not allocate control_code_buffer [ 263.353370][ T9453] netlink: 28 bytes leftover after parsing attributes in process `syz.2.947'. [ 265.031601][ T9481] netlink: zone id is out of range [ 267.370020][ T9498] netlink: zone id is out of range [ 267.912268][ T9527] __vm_enough_memory: pid: 9527, comm: syz.3.966, bytes: 4398046511104 not enough memory for the allocation [ 270.289950][ T9589] netlink: 28 bytes leftover after parsing attributes in process `syz.0.984'. [ 270.469726][ T9594] netlink: zone id is out of range [ 272.191684][ T9619] futex_wake_op: syz.0.993 tries to shift op by -9; fix this program [ 273.249402][ T52] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 273.249426][ T52] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 273.264433][ T52] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 273.264469][ T52] Bluetooth: hci2: adv larger than maximum supported [ 273.272170][ T52] Bluetooth: hci2: Malformed LE Event: 0x0d [ 273.289007][ T52] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 273.289037][ T52] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 273.304176][ T52] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 273.304197][ T52] Bluetooth: hci2: adv larger than maximum supported [ 273.311293][ T52] Bluetooth: hci2: Malformed LE Event: 0x0d [ 274.150667][ T9667] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1004'. [ 277.862202][ T9738] __vm_enough_memory: pid: 9738, comm: syz.2.1019, bytes: 4398046511104 not enough memory for the allocation [ 277.880328][ T9736] netlink: zone id is out of range [ 279.476458][ T9772] netlink: zone id is out of range [ 280.292724][ T9784] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1036'. [ 282.108568][ T9817] netlink: zone id is out of range [ 283.766629][ T9849] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1053'. [ 286.038783][ T9879] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1063'. [ 286.073000][ T9873] netlink: zone id is out of range [ 286.135060][ T9879] veth1_macvtap: left promiscuous mode [ 286.589358][ T30] audit: type=1804 audit(4294967315.385:11): pid=9876 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1062" name="file0" dev="tmpfs" ino=1535 res=1 errno=0 [ 287.457237][ T9910] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1071'. [ 287.506181][ T9915] netlink: 186 bytes leftover after parsing attributes in process `syz.0.1072'. [ 290.108152][ T9968] netlink: 'syz.3.1089': attribute type 1 has an invalid length. [ 292.350866][ T9996] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1099'. [ 292.422257][T10000] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 292.936127][T10010] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 293.631948][T10016] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1106'. [ 294.601318][T10033] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 294.684191][T10034] netlink: 'syz.1.1111': attribute type 11 has an invalid length. [ 298.981737][T10101] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1129'. [ 301.159841][T10136] netlink: zone id is out of range [ 302.074654][T10156] netlink: zone id is out of range [ 308.094935][T10251] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1171'. [ 308.373562][ T5150] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 308.393250][ T5150] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 308.410890][ T5150] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 308.421750][ T5150] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 308.430908][ T5150] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 309.185940][ T9260] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.409185][ T9260] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.622301][ T9260] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 309.727301][T10278] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1176'. [ 309.829403][ T9260] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 310.033829][T10258] chnl_net:caif_netlink_parms(): no params data found [ 310.375804][T10258] bridge0: port 1(bridge_slave_0) entered blocking state [ 310.391972][T10258] bridge0: port 1(bridge_slave_0) entered disabled state [ 310.399648][T10258] bridge_slave_0: entered allmulticast mode [ 310.420500][T10258] bridge_slave_0: entered promiscuous mode [ 310.444053][T10258] bridge0: port 2(bridge_slave_1) entered blocking state [ 310.462980][T10258] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.480252][T10258] bridge_slave_1: entered allmulticast mode [ 310.498654][T10258] bridge_slave_1: entered promiscuous mode [ 310.549714][ T5150] Bluetooth: hci4: command tx timeout [ 310.616704][T10258] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 310.660737][T10258] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 310.679514][ T9260] bridge_slave_1: left allmulticast mode [ 310.689928][ T9260] bridge_slave_1: left promiscuous mode [ 310.700804][ T9260] bridge0: port 2(bridge_slave_1) entered disabled state [ 310.721594][ T9260] bridge_slave_0: left allmulticast mode [ 310.728388][ T9260] bridge_slave_0: left promiscuous mode [ 310.735946][ T9260] bridge0: port 1(bridge_slave_0) entered disabled state [ 311.285165][ T9260] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 311.300827][ T9260] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 311.320117][ T9260] bond0 (unregistering): Released all slaves [ 311.326864][T10308] futex_wake_op: syz.3.1184 tries to shift op by -2048; fix this program [ 311.406415][T10311] netlink: 'syz.3.1185': attribute type 2 has an invalid length. [ 311.831554][T10258] team0: Port device team_slave_0 added [ 311.964746][T10258] team0: Port device team_slave_1 added [ 312.410664][T10258] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 312.417999][T10258] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 312.500827][T10258] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 312.529228][T10258] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 312.536191][T10258] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 312.640591][ T5150] Bluetooth: hci4: command tx timeout [ 312.691262][T10258] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 312.929739][ T9260] hsr_slave_0: left promiscuous mode [ 312.954533][ T9260] hsr_slave_1: left promiscuous mode [ 312.987251][ T9260] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 313.016342][ T9260] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 313.034252][ T9260] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 313.052071][ T9260] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 313.148620][ T9260] veth1_macvtap: left promiscuous mode [ 313.178614][ T9260] veth1_vlan: left promiscuous mode [ 313.184012][ T9260] veth0_vlan: left promiscuous mode [ 314.005769][ T9260] team0 (unregistering): Port device team_slave_1 removed [ 314.023676][T10367] netlink: zone id is out of range [ 314.083797][ T9260] team0 (unregistering): Port device team_slave_0 removed [ 314.688237][ T5150] Bluetooth: hci4: command tx timeout [ 314.764941][T10379] netlink: zone id is out of range [ 314.811032][T10258] hsr_slave_0: entered promiscuous mode [ 314.828507][T10258] hsr_slave_1: entered promiscuous mode [ 314.842630][T10258] debugfs: 'hsr0' already exists in 'hsr' [ 314.855069][T10258] Cannot create hsr debugfs directory [ 315.753627][T10258] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 315.789380][T10258] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 315.846594][T10258] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 315.885102][T10258] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 315.916743][T10394] Invalid ELF header magic: != ELF [ 316.127154][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.133633][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 316.761060][ T5150] Bluetooth: hci4: command tx timeout [ 317.072061][T10258] 8021q: adding VLAN 0 to HW filter on device bond0 [ 317.169116][T10258] 8021q: adding VLAN 0 to HW filter on device team0 [ 317.244464][ T9260] bridge0: port 1(bridge_slave_0) entered blocking state [ 317.251664][ T9260] bridge0: port 1(bridge_slave_0) entered forwarding state [ 317.326902][ T8826] bridge0: port 2(bridge_slave_1) entered blocking state [ 317.334093][ T8826] bridge0: port 2(bridge_slave_1) entered forwarding state [ 317.620914][T10425] netlink: zone id is out of range [ 317.664570][T10258] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 318.579082][T10258] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 319.571767][T10258] veth0_vlan: entered promiscuous mode [ 319.649940][T10258] veth1_vlan: entered promiscuous mode [ 319.750541][T10258] veth0_macvtap: entered promiscuous mode [ 319.759728][T10258] veth1_macvtap: entered promiscuous mode [ 319.819169][T10258] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 319.868363][T10258] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 319.928359][ T8826] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.958995][ T8826] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.968364][ T8826] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 319.993376][ T8826] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 320.137462][ T8826] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 320.155608][ T8826] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 320.205805][ T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 320.234810][ T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 320.552388][ T30] audit: type=1800 audit(4294967349.531:12): pid=10515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1168" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 323.817741][T10557] netlink: zone id is out of range [ 327.002942][T10611] mkiss: ax0: crc mode is auto. [ 330.212452][T10674] netlink: zone id is out of range [ 331.141283][T10676] kexec: Could not allocate control_code_buffer [ 331.913632][T10691] netlink: 'syz.1.1263': attribute type 16 has an invalid length. [ 331.921528][T10691] netlink: 194 bytes leftover after parsing attributes in process `syz.1.1263'. [ 334.674913][T10769] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 337.528503][T10861] netlink: zone id is out of range [ 338.934561][T10880] netlink: zone id is out of range [ 341.766275][T10933] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1309'. [ 342.961189][T10944] netlink: zone id is out of range [ 343.014990][T10955] netlink: zone id is out of range [ 344.058169][T10965] netlink: zone id is out of range [ 345.689325][T11013] netlink: zone id is out of range [ 349.036409][T11071] futex_wake_op: syz.3.1342 tries to shift op by -2048; fix this program [ 349.056419][T11071] futex_wake_op: syz.3.1342 tries to shift op by -2048; fix this program [ 350.247150][T11094] ptrace attach of "./syz-executor exec"[5834] was attempted by ""[11094] [ 351.901057][T11119] netlink: zone id is out of range [ 352.852055][T11127] netlink: zone id is out of range [ 354.519373][T11175] netlink: zone id is out of range [ 355.193643][T11187] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1372'. [ 355.579132][T11190] warning: `syz.4.1373' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 356.569293][T11228] ======================================================= [ 356.569293][T11228] WARNING: The mand mount option has been deprecated and [ 356.569293][T11228] and is ignored by this kernel. Remove the mand [ 356.569293][T11228] option from the mount to silence this warning. [ 356.569293][T11228] ======================================================= [ 359.702656][T11307] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1404'. [ 362.616787][T11364] ubi31: attaching mtd0 [ 362.628358][T11364] ubi31: scanning is finished [ 362.718519][T11364] ubi31: empty MTD device detected [ 363.361397][T11364] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 363.399495][T11364] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3518 bytes [ 363.429844][T11364] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 363.464437][T11364] ubi31: VID header offset: 514 (aligned 514), data offset: 578 [ 363.482355][T11364] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 363.524563][T11364] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 20 [ 363.563959][T11364] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3526286821 [ 363.603656][T11364] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 363.639287][T11380] ubi31: background thread "ubi_bgt31d" started, PID 11380 [ 364.989410][T11413] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1429'. [ 365.757224][T11423] netlink: zone id is out of range [ 367.893777][T11458] netlink: zone id is out of range [ 368.527304][T11478] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1448'. [ 368.567605][T11478] syz_tun: left allmulticast mode [ 368.573443][T11478] syz_tun: left promiscuous mode [ 368.579518][T11478] bridge0: port 3(syz_tun) entered disabled state [ 368.619014][T11478] bridge_slave_1: left allmulticast mode [ 368.635571][T11478] bridge_slave_1: left promiscuous mode [ 368.649821][T11478] bridge0: port 2(bridge_slave_1) entered disabled state [ 368.715830][T11478] bridge_slave_0: left allmulticast mode [ 368.723258][T11478] bridge_slave_0: left promiscuous mode [ 368.730673][T11478] bridge0: port 1(bridge_slave_0) entered disabled state [ 369.825375][T11501] netlink: zone id is out of range [ 370.328066][T11505] can: request_module (can-proto-0) failed. [ 370.459244][T11514] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1455'. [ 370.531195][T11515] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1455'. [ 377.249224][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 377.255643][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 377.569657][T11651] phram: not enough arguments [ 377.996114][T11665] capability: warning: `syz.3.1494' uses deprecated v2 capabilities in a way that may be insecure [ 378.235223][T11654] netlink: zone id is out of range [ 380.900876][T11738] svc: failed to register nfsdv3 RPC service (errno 111). [ 380.916834][T11738] svc: failed to register nfsaclv3 RPC service (errno 111). [ 381.710435][T11749] netlink: zone id is out of range [ 381.718964][T11714] kexec: Could not allocate control_code_buffer [ 384.811076][T11833] sock: sock_set_timeout: `syz.3.1536' (pid 11833) tries to set negative timeout [ 386.060926][ T8825] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 386.418202][T11867] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1546'. [ 388.783116][T11908] Invalid ELF header magic: != ELF [ 389.382400][ T30] audit: type=1800 audit(4294967325.417:13): pid=11922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1562" name="lu_gp_id" dev="configfs" ino=31449 res=0 errno=0 [ 391.540630][T11971] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1576'. [ 391.961008][T11971] team0 (unregistering): Port device team_slave_0 removed [ 392.050420][T11971] team0 (unregistering): Port device team_slave_1 removed [ 394.009877][T12006] netlink: zone id is out of range [ 395.386225][ T30] audit: type=1804 audit(4294967331.448:14): pid=12039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1589" name="/newroot/sys/kernel/tracing/dynamic_events" dev="tracefs" ino=24 res=1 errno=0 [ 395.487152][T12034] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 395.493758][T12034] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 395.541081][T12034] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 395.574061][T12034] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 395.655382][T12034] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 395.704648][T12034] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 395.797483][T12034] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 395.812804][T12034] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 395.838681][T12017] netlink: zone id is out of range [ 395.987795][T12034] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 396.010369][T12051] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1595'. [ 396.020898][T12051] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 396.085106][T12051] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 396.191037][T12051] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 396.198961][T12051] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 396.774155][T12071] netlink: zone id is out of range [ 397.080410][T12075] erspan0: entered allmulticast mode [ 397.537304][ T5150] Bluetooth: hci0: command 0x0406 tx timeout [ 397.616905][ T5150] Bluetooth: hci1: command 0x0406 tx timeout [ 397.696440][ T5150] Bluetooth: hci2: command 0x0406 tx timeout [ 397.860709][ T5150] Bluetooth: hci4: command 0x0c1a tx timeout [ 398.125497][T12091] netlink: zone id is out of range [ 398.659981][T12099] cougar: G6 mapped to space [ 399.606573][ T5150] Bluetooth: hci0: command 0x0406 tx timeout [ 399.687077][ T5150] Bluetooth: hci1: command 0x0406 tx timeout [ 399.765698][ T5150] Bluetooth: hci2: command 0x0406 tx timeout [ 399.901611][T12124] netlink: zone id is out of range [ 399.927911][ T5150] Bluetooth: hci4: command 0x0c1a tx timeout [ 400.741969][T12129] zswap: compressor not available [ 400.781232][T12132] Setting dangerous option i915.mitigations - tainting kernel [ 401.630872][T12162] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1623'. [ 401.998841][ T5150] Bluetooth: hci4: command 0x0c1a tx timeout [ 402.537006][ T30] audit: type=1400 audit(4294967338.635:15): apparmor="DENIED" operation="setprocattr" info="invalid" error=-22 profile="unconfined" pid=12173 comm="syz.4.1626" [ 402.985222][T12185] phram: not enough arguments [ 404.022692][T12215] netlink: zone id is out of range [ 404.858048][T12228] netlink: zone id is out of range [ 405.301572][T12249] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1643'. [ 405.312276][T12249] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1643'. [ 408.060593][T12301] netlink: zone id is out of range [ 408.566196][T12312] tipc: Started in network mode [ 408.618574][T12312] tipc: Node identity ee00, cluster identity 4711 [ 408.640076][T12312] tipc: Node number set to 60928 [ 410.545523][T12350] netlink: zone id is out of range [ 410.817683][ T5150] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 412.125363][T12377] netlink: zone id is out of range [ 413.354546][T12401] ovs_: entered promiscuous mode [ 413.681710][T12413] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1689'. [ 413.795765][T12413] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1689'. [ 413.906040][T12402] netlink: zone id is out of range [ 418.758011][T12488] netlink: zone id is out of range [ 419.337386][T12508] netlink: zone id is out of range [ 419.949581][T12510] Invalid ELF header magic: != ELF [ 420.802847][T12522] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1716'. [ 420.895247][T12522] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1716'. [ 421.726033][T12543] netlink: zone id is out of range [ 427.147896][T12621] ovs_: entered promiscuous mode [ 427.565490][T12631] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1743'. [ 428.375350][T12649] netlink: zone id is out of range [ 428.644010][T12663] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1753'. [ 428.995693][T12671] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1756'. [ 429.483154][T12685] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1757'. [ 429.605348][T12688] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 430.164099][T12703] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1763'. [ 430.204205][T12705] netlink: zone id is out of range [ 430.445023][T12715] openvswitch: netlink: Key 5 has unexpected len 4 expected 2 [ 431.539270][T12755] netlink: zone id is out of range [ 433.168334][T12783] netlink: zone id is out of range [ 433.614584][T12785] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1789'. [ 433.637918][T12785] veth0_macvtap: left promiscuous mode [ 433.649822][T12785] macvtap0: entered promiscuous mode [ 433.677739][T12785] macvtap0: entered allmulticast mode [ 435.706567][T12828] netlink: zone id is out of range [ 436.047016][T12839] netlink: zone id is out of range [ 436.383617][T12849] netlink: zone id is out of range [ 437.507224][T12883] FAULT_INJECTION: forcing a failure. [ 437.507224][T12883] name failslab, interval 1, probability 0, space 0, times 0 [ 437.522459][T12883] CPU: 1 UID: 0 PID: 12883 Comm: syz.4.1813 Tainted: G U syzkaller #0 PREEMPT(full) [ 437.522501][T12883] Tainted: [U]=USER [ 437.522510][T12883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 437.522526][T12883] Call Trace: [ 437.522535][T12883] [ 437.522545][T12883] dump_stack_lvl+0x16c/0x1f0 [ 437.522579][T12883] should_fail_ex+0x512/0x640 [ 437.522616][T12883] ? fs_reclaim_acquire+0xae/0x150 [ 437.522649][T12883] should_failslab+0xc2/0x120 [ 437.522681][T12883] __kmalloc_noprof+0xdd/0x880 [ 437.522714][T12883] ? ima_alloc_init_template+0xb5/0x720 [ 437.522775][T12883] ? ima_alloc_init_template+0xb5/0x720 [ 437.522815][T12883] ima_alloc_init_template+0xb5/0x720 [ 437.522859][T12883] ? take_dentry_name_snapshot+0x319/0x7d0 [ 437.522901][T12883] ima_store_measurement+0x1eb/0x5c0 [ 437.522945][T12883] ? __pfx_ima_store_measurement+0x10/0x10 [ 437.522987][T12883] ? vfs_getxattr_alloc+0xec/0x350 [ 437.523025][T12883] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 437.523067][T12883] process_measurement+0x1ddb/0x23e0 [ 437.523114][T12883] ? __lock_acquire+0x622/0x1c90 [ 437.523151][T12883] ? __pfx_process_measurement+0x10/0x10 [ 437.523184][T12883] ? __kasan_slab_alloc+0x89/0x90 [ 437.523216][T12883] ? security_file_alloc+0x34/0x2b0 [ 437.523243][T12883] ? alloc_empty_file+0x73/0x1e0 [ 437.523275][T12883] ? alloc_file_pseudo+0x13a/0x230 [ 437.523318][T12883] ? find_held_lock+0x2b/0x80 [ 437.523382][T12883] ima_file_mmap+0x1b1/0x1d0 [ 437.523417][T12883] ? __pfx_ima_file_mmap+0x10/0x10 [ 437.523461][T12883] security_mmap_file+0x88c/0x990 [ 437.523494][T12883] vm_mmap_pgoff+0xec/0x470 [ 437.523533][T12883] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 437.523564][T12883] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 437.523604][T12883] ? hugetlbfs_get_inode+0x31f/0x730 [ 437.523646][T12883] ksys_mmap_pgoff+0x1c8/0x5c0 [ 437.523686][T12883] __x64_sys_mmap+0x125/0x190 [ 437.523729][T12883] do_syscall_64+0xcd/0xfa0 [ 437.523769][T12883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.523797][T12883] RIP: 0033:0x7f860818efc9 [ 437.523819][T12883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 437.523844][T12883] RSP: 002b:00007f8609080038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 437.523868][T12883] RAX: ffffffffffffffda RBX: 00007f86083e6180 RCX: 00007f860818efc9 [ 437.523887][T12883] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000003 [ 437.523903][T12883] RBP: 00007f8608211f91 R08: ffffffffffffffff R09: 0000000000008000 [ 437.523921][T12883] R10: 0000000000049b72 R11: 0000000000000246 R12: 0000000000000000 [ 437.523937][T12883] R13: 00007f86083e6218 R14: 00007f86083e6180 R15: 00007ffdded4a4b8 [ 437.523975][T12883] [ 437.525073][ T30] audit: type=1804 audit(4294967373.807:16): pid=12883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.4.1813" name="anon_hugepage" dev="hugetlbfs" ino=35398 res=0 errno=0 [ 438.249614][T12897] netlink: zone id is out of range [ 438.372420][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 438.380635][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 438.518138][T12898] openvswitch: ovs_: Dropping previously announced user features [ 440.443709][T12947] netlink: zone id is out of range [ 441.826690][T12969] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1838'. [ 441.948573][T12969] veth1_macvtap: left promiscuous mode [ 442.278639][T12989] netlink: zone id is out of range [ 443.680788][T13003] netlink: zone id is out of range [ 444.199537][T13005] netlink: zone id is out of range [ 445.661837][T13026] netlink: zone id is out of range [ 445.683476][T13009] nvme_fabrics: missing parameter 'transport=%s' [ 445.691996][T13009] nvme_fabrics: missing parameter 'nqn=%s' [ 446.477095][T13056] netlink: zone id is out of range [ 447.006934][T13069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1863'. [ 447.651351][T13074] netlink: zone id is out of range [ 452.576543][T13165] FAULT_INJECTION: forcing a failure. [ 452.576543][T13165] name failslab, interval 1, probability 0, space 0, times 0 [ 452.590358][T13165] CPU: 1 UID: 0 PID: 13165 Comm: syz.4.1885 Tainted: G U syzkaller #0 PREEMPT(full) [ 452.590398][T13165] Tainted: [U]=USER [ 452.590407][T13165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 452.590421][T13165] Call Trace: [ 452.590429][T13165] [ 452.590455][T13165] dump_stack_lvl+0x16c/0x1f0 [ 452.590495][T13165] should_fail_ex+0x512/0x640 [ 452.590531][T13165] ? __kmalloc_cache_noprof+0x5f/0x780 [ 452.590572][T13165] should_failslab+0xc2/0x120 [ 452.590605][T13165] __kmalloc_cache_noprof+0x72/0x780 [ 452.590647][T13165] ? slhc_init+0x7d/0x570 [ 452.590691][T13165] ? slhc_init+0x7d/0x570 [ 452.590725][T13165] slhc_init+0x7d/0x570 [ 452.590756][T13165] ? kasan_save_track+0x14/0x30 [ 452.590786][T13165] slip_open+0x8ee/0x1150 [ 452.590821][T13165] ? __pfx_n_tty_close+0x10/0x10 [ 452.590851][T13165] ? __pfx_slip_open+0x10/0x10 [ 452.590883][T13165] ? down_write+0x14d/0x200 [ 452.590914][T13165] ? __pfx_slip_open+0x10/0x10 [ 452.590950][T13165] tty_ldisc_open+0x9f/0x120 [ 452.590990][T13165] tty_set_ldisc+0x32b/0x780 [ 452.591018][T13165] tty_ioctl+0xc2d/0x1680 [ 452.591046][T13165] ? __pfx_tty_ioctl+0x10/0x10 [ 452.591083][T13165] ? find_held_lock+0x2b/0x80 [ 452.591109][T13165] ? hook_file_ioctl_common+0x145/0x410 [ 452.591145][T13165] ? __fget_files+0x20e/0x3c0 [ 452.591179][T13165] ? __pfx_tty_ioctl+0x10/0x10 [ 452.591211][T13165] __x64_sys_ioctl+0x18e/0x210 [ 452.591247][T13165] do_syscall_64+0xcd/0xfa0 [ 452.591278][T13165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 452.591305][T13165] RIP: 0033:0x7f860818efc9 [ 452.591327][T13165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 452.591352][T13165] RSP: 002b:00007f86090c2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 452.591375][T13165] RAX: ffffffffffffffda RBX: 00007f86083e5fa0 RCX: 00007f860818efc9 [ 452.591391][T13165] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000b [ 452.591405][T13165] RBP: 00007f8608211f91 R08: 0000000000000000 R09: 0000000000000000 [ 452.591419][T13165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 452.591433][T13165] R13: 00007f86083e6038 R14: 00007f86083e5fa0 R15: 00007ffdded4a4b8 [ 452.591467][T13165] [ 453.427243][T13172] netlink: 206 bytes leftover after parsing attributes in process `syz.1.1887'. [ 453.717415][T13174] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1889'. [ 453.957035][T13177] svc: failed to register nfsdv3 RPC service (errno 111). [ 453.976402][T13177] svc: failed to register nfsaclv3 RPC service (errno 111). [ 454.682848][T13182] netlink: zone id is out of range [ 455.739489][T13205] netlink: zone id is out of range [ 455.981992][T13199] netlink: zone id is out of range [ 456.301557][T13215] IPVS: length: 131 != 8 [ 458.519819][T13257] netlink: zone id is out of range [ 459.140291][T13277] netlink: zone id is out of range [ 460.465911][T13300] netlink: zone id is out of range [ 465.359215][T13399] netlink: zone id is out of range [ 466.996702][T13428] : Can't lookup blockdev [ 467.065754][T13428] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1950'. [ 469.545636][T13460] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1958'. [ 469.555506][T13460] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1958'. [ 469.777578][T13464] netlink: zone id is out of range [ 470.032338][T13470] tipc: Started in network mode [ 470.037216][T13470] tipc: Node identity ee00, cluster identity 4711 [ 470.069588][T13470] tipc: Node number set to 60928 [ 471.939138][T13476] netlink: zone id is out of range [ 473.269421][T13513] netlink: zone id is out of range [ 474.130098][T13526] netlink: zone id is out of range [ 475.810256][T13561] netlink: 268 bytes leftover after parsing attributes in process `syz.0.1985'. [ 476.418408][T13576] netlink: zone id is out of range [ 477.179004][T13591] netlink: 'syz.0.1991': attribute type 1 has an invalid length. [ 483.306119][T13696] netlink: zone id is out of range [ 483.812185][T13710] syz.3.2023 (13710): attempted to duplicate a private mapping with mremap. This is not supported. [ 483.825091][ T5150] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 488.452108][T13839] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2053'. [ 498.607552][T14003] netlink: zone id is out of range [ 499.011970][T14026] syz.0.2101 (14026) used greatest stack depth: 19256 bytes left [ 499.494276][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 499.500838][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 500.626006][T14072] netlink: 146 bytes leftover after parsing attributes in process `syz.4.2112'. [ 504.311653][ T5150] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 504.711162][T14150] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2130'. [ 504.770733][T14150] netlink: 352 bytes leftover after parsing attributes in process `syz.3.2130'. [ 505.805027][T14166] netlink: 'syz.4.2135': attribute type 2 has an invalid length. [ 507.986533][T14209] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2147'. [ 508.038876][T14209] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2147'. [ 509.061620][T14251] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2158'. [ 509.071440][T14251] netlink: 352 bytes leftover after parsing attributes in process `syz.0.2158'. [ 510.011438][T14279] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2168'. [ 510.021340][T14279] netlink: 352 bytes leftover after parsing attributes in process `syz.1.2168'. [ 510.452031][T14293] overlayfs: missing 'lowerdir' [ 515.021902][T14373] netlink: 186 bytes leftover after parsing attributes in process `syz.4.2191'. [ 515.253709][T14378] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2194'. [ 515.265413][T14375] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2192'. [ 515.302372][T14375] netlink: 352 bytes leftover after parsing attributes in process `syz.1.2192'. [ 515.669137][ T5150] Bluetooth: hci0: unexpected event 0x03 length: 725 > 11 [ 515.697600][T14385] can: request_module (can-proto-3) failed. [ 516.410195][T14402] netlink: zone id is out of range [ 516.972011][T14414] netlink: 'syz.0.2206': attribute type 1 has an invalid length. [ 517.097774][T14419] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2208'. [ 517.120034][T14419] netlink: 352 bytes leftover after parsing attributes in process `syz.0.2208'. [ 519.527960][ T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 519.542265][ T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 519.550851][ T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 519.560892][ T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 519.569248][ T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 519.878999][T14467] chnl_net:caif_netlink_parms(): no params data found [ 520.030120][T14467] bridge0: port 1(bridge_slave_0) entered blocking state [ 520.038078][T14467] bridge0: port 1(bridge_slave_0) entered disabled state [ 520.051082][T14467] bridge_slave_0: entered allmulticast mode [ 520.061864][T14467] bridge_slave_0: entered promiscuous mode [ 520.085973][T14467] bridge0: port 2(bridge_slave_1) entered blocking state [ 520.094552][T14467] bridge0: port 2(bridge_slave_1) entered disabled state [ 520.108183][T14467] bridge_slave_1: entered allmulticast mode [ 520.117140][T14467] bridge_slave_1: entered promiscuous mode [ 521.003217][T14467] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 521.097376][T14467] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 521.497178][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 521.611982][ T5150] Bluetooth: hci3: command tx timeout [ 521.825340][T14467] team0: Port device team_slave_0 added [ 521.942112][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.004921][T14467] team0: Port device team_slave_1 added [ 522.184479][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.571848][T14525] netlink: zone id is out of range [ 522.595220][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 522.742520][T14467] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 522.764681][T14467] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 522.814857][T14467] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 522.843672][T14467] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 522.856862][T14467] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 522.884513][T14467] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 522.925204][T14531] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2234'. [ 522.972775][T14467] hsr_slave_0: entered promiscuous mode [ 522.987540][T14467] hsr_slave_1: entered promiscuous mode [ 523.002631][T14467] debugfs: 'hsr0' already exists in 'hsr' [ 523.012946][T14467] Cannot create hsr debugfs directory [ 523.528546][ T12] bridge_slave_1: left allmulticast mode [ 523.535166][ T12] bridge_slave_1: left promiscuous mode [ 523.541086][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 523.552348][ T12] bridge_slave_0: left allmulticast mode [ 523.568051][ T12] bridge_slave_0: left promiscuous mode [ 523.575118][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 523.683882][ T5150] Bluetooth: hci3: command tx timeout [ 524.225139][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 524.275495][ T12] bond0 (unregistering): Released all slaves [ 524.579982][ T12] tipc: Left network mode [ 525.406720][ T12] hsr_slave_0: left promiscuous mode [ 525.475609][ T12] hsr_slave_1: left promiscuous mode [ 525.492783][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 525.500197][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 525.575169][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 525.589255][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 525.636407][ T12] veth0_macvtap: left promiscuous mode [ 525.660423][ T12] veth1_vlan: left promiscuous mode [ 525.686234][ T12] veth0_vlan: left promiscuous mode [ 525.751178][ T5150] Bluetooth: hci3: command tx timeout [ 527.007539][T14588] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2244'. [ 527.035553][T14467] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 527.108437][T14467] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 527.181283][T14467] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 527.198990][T14467] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 527.442271][T14467] 8021q: adding VLAN 0 to HW filter on device bond0 [ 527.819610][ T5150] Bluetooth: hci3: command tx timeout [ 527.965655][T14467] 8021q: adding VLAN 0 to HW filter on device team0 [ 528.021687][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 528.028890][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 528.075952][ T8829] bridge0: port 2(bridge_slave_1) entered blocking state [ 528.083091][ T8829] bridge0: port 2(bridge_slave_1) entered forwarding state [ 528.562369][T14467] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 528.575401][T14631] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2250'. [ 528.949825][T14641] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2252'. [ 528.977378][T14641] netlink: 13 bytes leftover after parsing attributes in process `syz.1.2252'. [ 529.339050][T14467] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 529.485442][T14467] veth0_vlan: entered promiscuous mode [ 529.536173][T14467] veth1_vlan: entered promiscuous mode [ 529.855743][T14467] veth0_macvtap: entered promiscuous mode [ 529.899713][T14467] veth1_macvtap: entered promiscuous mode [ 529.952668][T14467] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 529.985792][T14467] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 530.015883][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 530.072332][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 530.221673][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 530.302492][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 530.629102][ T8829] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 530.696585][ T8829] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 530.786711][ T6526] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 530.817960][ T6526] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 532.015959][T14705] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2267'. [ 532.068012][T14705] netlink: 352 bytes leftover after parsing attributes in process `syz.3.2267'. [ 532.758454][ T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 532.767488][ T52] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 532.775543][ T52] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 532.784745][ T52] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 532.792137][ T52] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 533.602789][T14735] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2276'. [ 533.661841][T14738] netlink: 93 bytes leftover after parsing attributes in process `syz.4.2276'. [ 534.304061][T14716] chnl_net:caif_netlink_parms(): no params data found [ 534.823211][ T52] Bluetooth: hci1: command tx timeout [ 534.924460][T14716] bridge0: port 1(bridge_slave_0) entered blocking state [ 534.950402][T14716] bridge0: port 1(bridge_slave_0) entered disabled state [ 534.969703][T14716] bridge_slave_0: entered allmulticast mode [ 534.984336][T14716] bridge_slave_0: entered promiscuous mode [ 535.080354][T14716] bridge0: port 2(bridge_slave_1) entered blocking state [ 535.097793][T14716] bridge0: port 2(bridge_slave_1) entered disabled state [ 535.111890][T14716] bridge_slave_1: entered allmulticast mode [ 535.125454][T14716] bridge_slave_1: entered promiscuous mode [ 535.238521][T14716] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 535.303255][T14716] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 535.435560][T14716] team0: Port device team_slave_0 added [ 535.472912][T14716] team0: Port device team_slave_1 added [ 535.631460][T14716] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 535.649140][T14716] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 535.798196][T14716] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 535.865732][T14716] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 535.885128][T14716] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 535.942389][T14716] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 536.082933][T14716] hsr_slave_0: entered promiscuous mode [ 536.100317][T14716] hsr_slave_1: entered promiscuous mode [ 536.119689][T14716] debugfs: 'hsr0' already exists in 'hsr' [ 536.133283][T14716] Cannot create hsr debugfs directory [ 536.892592][ T52] Bluetooth: hci1: command tx timeout [ 536.998526][T14716] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 537.501720][T14716] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.313938][T14716] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.784725][T14716] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 538.962733][ T52] Bluetooth: hci1: command tx timeout [ 539.054584][T14716] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 539.103503][T14716] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 539.137770][T14716] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 539.155875][T14716] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 539.274072][T14794] netlink: 342 bytes leftover after parsing attributes in process `syz.3.2290'. [ 539.442063][T14716] 8021q: adding VLAN 0 to HW filter on device bond0 [ 539.502923][T14716] 8021q: adding VLAN 0 to HW filter on device team0 [ 539.530592][ T9253] bridge0: port 1(bridge_slave_0) entered blocking state [ 539.537741][ T9253] bridge0: port 1(bridge_slave_0) entered forwarding state [ 539.581908][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 539.589097][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 539.700414][T14716] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 540.316264][T14716] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 540.608673][T14716] veth0_vlan: entered promiscuous mode [ 540.629959][T14819] netlink: zone id is out of range [ 540.678138][T14716] veth1_vlan: entered promiscuous mode [ 541.040901][ T5150] Bluetooth: hci1: command tx timeout [ 541.313901][T14716] veth0_macvtap: entered promiscuous mode [ 541.387657][T14716] veth1_macvtap: entered promiscuous mode [ 541.425232][T14822] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 541.523648][T14822] netlink: zone id is out of range [ 541.556153][T14716] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 541.639826][T14716] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 541.723294][ T1017] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.737392][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.756916][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 541.831096][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 542.047846][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 542.070196][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 542.135348][T13754] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 542.173053][T13754] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 543.540606][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 543.552851][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 543.561516][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 543.569982][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 543.577431][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 545.028995][T14854] chnl_net:caif_netlink_parms(): no params data found [ 545.048073][T14871] FAULT_INJECTION: forcing a failure. [ 545.048073][T14871] name failslab, interval 1, probability 0, space 0, times 0 [ 545.063049][T14871] CPU: 0 UID: 0 PID: 14871 Comm: syz.1.2306 Tainted: G U syzkaller #0 PREEMPT(full) [ 545.063090][T14871] Tainted: [U]=USER [ 545.063099][T14871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 545.063114][T14871] Call Trace: [ 545.063123][T14871] [ 545.063133][T14871] dump_stack_lvl+0x16c/0x1f0 [ 545.063168][T14871] should_fail_ex+0x512/0x640 [ 545.063213][T14871] should_failslab+0xc2/0x120 [ 545.063258][T14871] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 545.063289][T14871] ? xas_split_alloc+0x11c/0x490 [ 545.063323][T14871] ? xas_split_alloc+0x11c/0x490 [ 545.063350][T14871] xas_split_alloc+0x11c/0x490 [ 545.063389][T14871] __folio_split+0xd73/0x4d80 [ 545.063445][T14871] ? __pfx_try_to_unmap_one+0x10/0x10 [ 545.063488][T14871] ? __mem_cgroup_try_charge_swap+0x8c/0x400 [ 545.063528][T14871] ? __pfx___folio_split+0x10/0x10 [ 545.063580][T14871] ? folio_alloc_swap+0x8af/0xd00 [ 545.063618][T14871] split_folio_to_list+0x9b/0x180 [ 545.063660][T14871] shmem_writeout+0x42e/0x1140 [ 545.063706][T14871] ? __pfx_shmem_writeout+0x10/0x10 [ 545.063744][T14871] ? __pfx_try_to_unmap+0x10/0x10 [ 545.063782][T14871] ? find_held_lock+0x2b/0x80 [ 545.063806][T14871] ? inode_to_bdi+0x9e/0x160 [ 545.063830][T14871] ? folio_clear_dirty_for_io+0x112/0x790 [ 545.063861][T14871] shrink_folio_list+0x2f45/0x4800 [ 545.063909][T14871] ? __pfx_shrink_folio_list+0x10/0x10 [ 545.063948][T14871] ? __lock_acquire+0x622/0x1c90 [ 545.063984][T14871] ? __lock_acquire+0x622/0x1c90 [ 545.064019][T14871] ? lock_acquire+0x179/0x350 [ 545.064081][T14871] ? unwind_get_return_address+0x59/0xa0 [ 545.064108][T14871] ? __kernel_text_address+0xd/0x40 [ 545.064131][T14871] ? unwind_get_return_address+0x59/0xa0 [ 545.064168][T14871] reclaim_folio_list+0xda/0x5d0 [ 545.064226][T14871] ? __pfx_css_rstat_updated+0x10/0x10 [ 545.064261][T14871] ? __pfx_reclaim_folio_list+0x10/0x10 [ 545.064316][T14871] ? lru_gen_update_size+0x543/0xe10 [ 545.064362][T14871] ? lru_gen_del_folio+0x32b/0x540 [ 545.064401][T14871] reclaim_pages+0x3ec/0x570 [ 545.064430][T14871] ? __pfx_reclaim_pages+0x10/0x10 [ 545.064454][T14871] ? madvise_cold_or_pageout_pte_range+0x1e2f/0x20d0 [ 545.064499][T14871] madvise_cold_or_pageout_pte_range+0x14d1/0x20d0 [ 545.064553][T14871] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 545.064592][T14871] ? __lock_acquire+0x622/0x1c90 [ 545.064630][T14871] ? __pfx_stack_trace_save+0x10/0x10 [ 545.064661][T14871] ? stack_depot_save_flags+0x29/0x9c0 [ 545.064701][T14871] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 545.064740][T14871] walk_pgd_range+0xc05/0x1f50 [ 545.064794][T14871] ? __pfx_walk_pgd_range+0x10/0x10 [ 545.064833][T14871] __walk_page_range+0x163/0x820 [ 545.064865][T14871] ? __lock_acquire+0xb8a/0x1c90 [ 545.064907][T14871] walk_page_range_vma+0x2c7/0xa20 [ 545.064940][T14871] ? __pfx_walk_page_range_vma+0x10/0x10 [ 545.064969][T14871] ? find_held_lock+0x2b/0x80 [ 545.065010][T14871] madvise_pageout+0x257/0x540 [ 545.065046][T14871] ? __pfx_madvise_pageout+0x10/0x10 [ 545.065079][T14871] ? finish_task_switch.isra.0+0x21c/0xc10 [ 545.065135][T14871] madvise_vma_behavior+0xb14/0x2d50 [ 545.065176][T14871] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 545.065206][T14871] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 545.065253][T14871] ? mas_prev+0x9b/0xf0 [ 545.065284][T14871] ? __pfx_mas_prev+0x10/0x10 [ 545.065324][T14871] ? find_vma_prev+0xd3/0x150 [ 545.065355][T14871] ? find_held_lock+0x2b/0x80 [ 545.065380][T14871] ? __pfx_find_vma_prev+0x10/0x10 [ 545.065426][T14871] ? __futex_wait+0x24b/0x2f0 [ 545.065470][T14871] madvise_walk_vmas+0x31f/0x9c0 [ 545.065513][T14871] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 545.065559][T14871] madvise_do_behavior+0x1e2/0x530 [ 545.065594][T14871] ? futex_private_hash_put+0x18a/0x300 [ 545.065628][T14871] ? __pfx_madvise_do_behavior+0x10/0x10 [ 545.065667][T14871] ? down_read+0x13d/0x480 [ 545.065716][T14871] do_madvise+0x176/0x240 [ 545.065752][T14871] ? __pfx_do_madvise+0x10/0x10 [ 545.065786][T14871] ? do_futex+0x122/0x350 [ 545.065845][T14871] ? xfd_validate_state+0x61/0x180 [ 545.065879][T14871] ? __pfx_ksys_write+0x10/0x10 [ 545.065914][T14871] __x64_sys_madvise+0xa9/0x110 [ 545.065949][T14871] ? lockdep_hardirqs_on+0x7c/0x110 [ 545.065978][T14871] do_syscall_64+0xcd/0xfa0 [ 545.066009][T14871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 545.066036][T14871] RIP: 0033:0x7f4fc178efc9 [ 545.066058][T14871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 545.066082][T14871] RSP: 002b:00007f4fbf9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 545.066107][T14871] RAX: ffffffffffffffda RBX: 00007f4fc19e5fa0 RCX: 00007f4fc178efc9 [ 545.066125][T14871] RDX: 0000000000000015 RSI: 00000000002003f0 RDI: 0000000000000000 [ 545.066141][T14871] RBP: 00007f4fc1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 545.066157][T14871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 545.066172][T14871] R13: 00007f4fc19e6038 R14: 00007f4fc19e5fa0 R15: 00007fffa9622aa8 [ 545.066210][T14871] [ 545.648010][T14857] Bluetooth: hci0: command tx timeout [ 546.375330][T14868] netlink: zone id is out of range [ 546.395710][T14854] bridge0: port 1(bridge_slave_0) entered blocking state [ 546.402870][T14854] bridge0: port 1(bridge_slave_0) entered disabled state [ 546.430178][T14854] bridge_slave_0: entered allmulticast mode [ 546.444554][T14854] bridge_slave_0: entered promiscuous mode [ 546.462947][T14854] bridge0: port 2(bridge_slave_1) entered blocking state [ 546.471545][T14854] bridge0: port 2(bridge_slave_1) entered disabled state [ 546.511716][T14854] bridge_slave_1: entered allmulticast mode [ 546.519351][T14854] bridge_slave_1: entered promiscuous mode [ 546.766512][T14854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 546.781360][T14854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 546.841620][T14897] FAULT_INJECTION: forcing a failure. [ 546.841620][T14897] name failslab, interval 1, probability 0, space 0, times 0 [ 546.860691][T14897] CPU: 1 UID: 0 PID: 14897 Comm: syz.0.2311 Tainted: G U syzkaller #0 PREEMPT(full) [ 546.860733][T14897] Tainted: [U]=USER [ 546.860742][T14897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 546.860757][T14897] Call Trace: [ 546.860765][T14897] [ 546.860775][T14897] dump_stack_lvl+0x16c/0x1f0 [ 546.860810][T14897] should_fail_ex+0x512/0x640 [ 546.860848][T14897] ? fs_reclaim_acquire+0xae/0x150 [ 546.860886][T14897] should_failslab+0xc2/0x120 [ 546.860921][T14897] kmem_cache_alloc_noprof+0x75/0x6e0 [ 546.860947][T14897] ? __pfx_map_id_range_down+0x10/0x10 [ 546.860987][T14897] ? security_inode_alloc+0x3b/0x2b0 [ 546.861032][T14897] ? security_inode_alloc+0x3b/0x2b0 [ 546.861079][T14897] security_inode_alloc+0x3b/0x2b0 [ 546.861120][T14897] inode_init_always_gfp+0xce4/0x1030 [ 546.861155][T14897] alloc_inode+0x86/0x240 [ 546.861189][T14897] new_inode+0x22/0x1c0 [ 546.861226][T14897] debugfs_create_symlink+0xd3/0x320 [ 546.861255][T14897] drm_debugfs_clients_add+0x195/0x200 [ 546.861290][T14897] drm_file_alloc+0x5c6/0xb40 [ 546.861330][T14897] drm_open_helper+0x204/0x550 [ 546.861371][T14897] drm_open+0x1a0/0x3e0 [ 546.861408][T14897] ? __pfx_drm_open+0x10/0x10 [ 546.861444][T14897] drm_stub_open+0x20f/0x380 [ 546.861481][T14897] ? __pfx_drm_stub_open+0x10/0x10 [ 546.861516][T14897] chrdev_open+0x234/0x6a0 [ 546.861545][T14897] ? __pfx_apparmor_file_open+0x10/0x10 [ 546.861582][T14897] ? __pfx_chrdev_open+0x10/0x10 [ 546.861614][T14897] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 546.861650][T14897] do_dentry_open+0x982/0x1530 [ 546.861680][T14897] ? __pfx_chrdev_open+0x10/0x10 [ 546.861718][T14897] vfs_open+0x82/0x3f0 [ 546.861759][T14897] path_openat+0x1de4/0x2cb0 [ 546.861800][T14897] ? __pfx_path_openat+0x10/0x10 [ 546.861830][T14897] ? __lock_acquire+0xb8a/0x1c90 [ 546.861879][T14897] do_filp_open+0x20b/0x470 [ 546.861909][T14897] ? __pfx_do_filp_open+0x10/0x10 [ 546.861966][T14897] ? alloc_fd+0x471/0x7d0 [ 546.862002][T14897] do_sys_openat2+0x11b/0x1d0 [ 546.862039][T14897] ? __pfx_do_sys_openat2+0x10/0x10 [ 546.862086][T14897] ? __pfx___might_resched+0x10/0x10 [ 546.862130][T14897] __x64_sys_openat+0x174/0x210 [ 546.862170][T14897] ? __pfx___x64_sys_openat+0x10/0x10 [ 546.862224][T14897] do_syscall_64+0xcd/0xfa0 [ 546.862257][T14897] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.862284][T14897] RIP: 0033:0x7ff3f798efc9 [ 546.862305][T14897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 546.862329][T14897] RSP: 002b:00007ff3f8815038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 546.862354][T14897] RAX: ffffffffffffffda RBX: 00007ff3f7be6090 RCX: 00007ff3f798efc9 [ 546.862372][T14897] RDX: 0000000000109a00 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 546.862389][T14897] RBP: 00007ff3f7a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 546.862405][T14897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 546.862420][T14897] R13: 00007ff3f7be6128 R14: 00007ff3f7be6090 R15: 00007fff2b2f2878 [ 546.862458][T14897] [ 546.862502][T14897] debugfs: out of free dentries, can not create symlink 'device' [ 547.279119][T14854] team0: Port device team_slave_0 added [ 547.313816][T14854] team0: Port device team_slave_1 added [ 547.570057][T14854] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 547.586827][T14854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 547.616309][T14854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 547.724862][T14857] Bluetooth: hci0: command tx timeout [ 547.734991][T14854] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 547.750950][T14854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 547.875356][T14854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 548.341821][T14854] hsr_slave_0: entered promiscuous mode [ 548.348735][T14854] hsr_slave_1: entered promiscuous mode [ 548.355578][T14854] debugfs: 'hsr0' already exists in 'hsr' [ 548.361319][T14854] Cannot create hsr debugfs directory [ 548.759611][T14854] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 548.922258][T14854] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 549.042400][T14854] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 549.132456][T14854] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 549.787237][T14857] Bluetooth: hci0: command tx timeout [ 549.939374][T14933] cifs: Unknown parameter '‰ƒ´ÕéŒ)¬ Up†µÌ¢{´¼V ]7ž62']ßΨÉú!²gÉÊ®Ë7ú9½ófM¸<*y¢sEéhîé”' [ 550.480845][T14854] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 550.510598][T14854] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 550.520462][T14854] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 550.534636][T14854] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 550.722301][T14854] 8021q: adding VLAN 0 to HW filter on device bond0 [ 550.745717][T14854] 8021q: adding VLAN 0 to HW filter on device team0 [ 550.748352][T14943] FAULT_INJECTION: forcing a failure. [ 550.748352][T14943] name failslab, interval 1, probability 0, space 0, times 0 [ 550.797660][T14943] CPU: 1 UID: 0 PID: 14943 Comm: syz.0.2318 Tainted: G U syzkaller #0 PREEMPT(full) [ 550.797685][T14943] Tainted: [U]=USER [ 550.797689][T14943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 550.797697][T14943] Call Trace: [ 550.797702][T14943] [ 550.797708][T14943] dump_stack_lvl+0x16c/0x1f0 [ 550.797729][T14943] should_fail_ex+0x512/0x640 [ 550.797751][T14943] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 550.797769][T14943] should_failslab+0xc2/0x120 [ 550.797788][T14943] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 550.797809][T14943] ? set_normalized_timespec64+0x69/0xc0 [ 550.797827][T14943] ? __d_alloc+0x32/0xae0 [ 550.797846][T14943] ? __d_alloc+0x32/0xae0 [ 550.797859][T14943] __d_alloc+0x32/0xae0 [ 550.797876][T14943] d_alloc_pseudo+0x1c/0xc0 [ 550.797895][T14943] alloc_file_pseudo+0xcf/0x230 [ 550.797915][T14943] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 550.797935][T14943] ? hugetlbfs_get_inode+0x31f/0x730 [ 550.797953][T14943] hugetlb_file_setup+0x4ce/0x620 [ 550.797969][T14943] ksys_mmap_pgoff+0x189/0x5c0 [ 550.797990][T14943] __x64_sys_mmap+0x125/0x190 [ 550.798012][T14943] do_syscall_64+0xcd/0xfa0 [ 550.798028][T14943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.798042][T14943] RIP: 0033:0x7ff3f798efc9 [ 550.798054][T14943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 550.798067][T14943] RSP: 002b:00007ff3f8836038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 550.798081][T14943] RAX: ffffffffffffffda RBX: 00007ff3f7be5fa0 RCX: 00007ff3f798efc9 [ 550.798090][T14943] RDX: 0000000000400002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 550.798098][T14943] RBP: 00007ff3f7a11f91 R08: 0000000000000602 R09: 0000300000000000 [ 550.798106][T14943] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 550.798114][T14943] R13: 00007ff3f7be6038 R14: 00007ff3f7be5fa0 R15: 00007fff2b2f2878 [ 550.798132][T14943] [ 551.001313][ T8835] bridge0: port 1(bridge_slave_0) entered blocking state [ 551.008455][ T8835] bridge0: port 1(bridge_slave_0) entered forwarding state [ 551.018726][ T8835] bridge0: port 2(bridge_slave_1) entered blocking state [ 551.025876][ T8835] bridge0: port 2(bridge_slave_1) entered forwarding state [ 551.716870][T14965] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 551.854693][T14857] Bluetooth: hci0: command tx timeout [ 552.103713][T14965] netlink: zone id is out of range [ 552.552952][T14854] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 552.706558][T14973] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2323'. [ 552.788815][T14974] netlink: 352 bytes leftover after parsing attributes in process `syz.4.2323'. [ 553.033232][T14854] veth0_vlan: entered promiscuous mode [ 553.070979][T14854] veth1_vlan: entered promiscuous mode [ 553.156944][T14854] veth0_macvtap: entered promiscuous mode [ 553.194755][T14854] veth1_macvtap: entered promiscuous mode [ 553.239579][T14854] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 553.250038][T14854] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 553.290795][T13756] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.323400][T13754] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.370095][T13754] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.418957][T13754] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 553.953409][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 554.006015][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 554.142060][ T1017] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 554.180948][ T1017] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 554.524119][T14857] Bluetooth: hci3: unexpected event 0x3c length: 728 > 7 [ 554.942966][T15001] netlink: zone id is out of range [ 556.371759][T15016] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 557.502021][T15045] FAULT_INJECTION: forcing a failure. [ 557.502021][T15045] name failslab, interval 1, probability 0, space 0, times 0 [ 557.542971][T15045] CPU: 0 UID: 0 PID: 15045 Comm: syz.1.2334 Tainted: G U syzkaller #0 PREEMPT(full) [ 557.543014][T15045] Tainted: [U]=USER [ 557.543023][T15045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 557.543038][T15045] Call Trace: [ 557.543048][T15045] [ 557.543058][T15045] dump_stack_lvl+0x16c/0x1f0 [ 557.543093][T15045] should_fail_ex+0x512/0x640 [ 557.543130][T15045] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 557.543159][T15045] should_failslab+0xc2/0x120 [ 557.543190][T15045] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 557.543218][T15045] ? __d_alloc+0x32/0xae0 [ 557.543250][T15045] ? __d_alloc+0x32/0xae0 [ 557.543273][T15045] __d_alloc+0x32/0xae0 [ 557.543300][T15045] ? stack_trace_save+0x8e/0xc0 [ 557.543351][T15045] d_alloc_parallel+0x111/0x1510 [ 557.543393][T15045] ? kasan_save_stack+0x42/0x60 [ 557.543419][T15045] ? kasan_save_track+0x14/0x30 [ 557.543443][T15045] ? __kasan_kmalloc+0xaa/0xb0 [ 557.543470][T15045] ? __kmalloc_node_track_caller_noprof+0x345/0x8a0 [ 557.543498][T15045] ? kstrdup+0x53/0x100 [ 557.543520][T15045] ? debugfs_create_symlink+0x29/0x320 [ 557.543543][T15045] ? drm_debugfs_clients_add+0x195/0x200 [ 557.543574][T15045] ? __pfx_d_alloc_parallel+0x10/0x10 [ 557.543611][T15045] ? lockdep_init_map_type+0x5c/0x280 [ 557.543647][T15045] ? lockdep_init_map_type+0x5c/0x280 [ 557.543687][T15045] __lookup_slow+0x193/0x460 [ 557.543724][T15045] ? __pfx___lookup_slow+0x10/0x10 [ 557.543765][T15045] ? __next_zones_zonelist+0x10/0x150 [ 557.543809][T15045] ? __next_zones_zonelist+0x10/0x150 [ 557.543844][T15045] ? d_lookup+0xe7/0x190 [ 557.543884][T15045] lookup_noperm+0xe1/0x110 [ 557.543918][T15045] simple_start_creating+0xd1/0x1b0 [ 557.543963][T15045] debugfs_start_creating.part.0+0x82/0x190 [ 557.544003][T15045] debugfs_create_symlink+0x81/0x320 [ 557.544029][T15045] drm_debugfs_clients_add+0x195/0x200 [ 557.544062][T15045] drm_file_alloc+0x5c6/0xb40 [ 557.544101][T15045] drm_open_helper+0x204/0x550 [ 557.544148][T15045] drm_open+0x1a0/0x3e0 [ 557.544185][T15045] ? __pfx_drm_open+0x10/0x10 [ 557.544221][T15045] drm_stub_open+0x20f/0x380 [ 557.544257][T15045] ? __pfx_drm_stub_open+0x10/0x10 [ 557.544291][T15045] chrdev_open+0x234/0x6a0 [ 557.544320][T15045] ? __pfx_apparmor_file_open+0x10/0x10 [ 557.544366][T15045] ? __pfx_chrdev_open+0x10/0x10 [ 557.544399][T15045] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 557.544435][T15045] do_dentry_open+0x982/0x1530 [ 557.544465][T15045] ? __pfx_chrdev_open+0x10/0x10 [ 557.544504][T15045] vfs_open+0x82/0x3f0 [ 557.544544][T15045] path_openat+0x1de4/0x2cb0 [ 557.544584][T15045] ? __pfx_path_openat+0x10/0x10 [ 557.544615][T15045] ? __lock_acquire+0xb8a/0x1c90 [ 557.544653][T15045] do_filp_open+0x20b/0x470 [ 557.544683][T15045] ? __pfx_do_filp_open+0x10/0x10 [ 557.544740][T15045] ? alloc_fd+0x471/0x7d0 [ 557.544781][T15045] do_sys_openat2+0x11b/0x1d0 [ 557.544817][T15045] ? __pfx_do_sys_openat2+0x10/0x10 [ 557.544857][T15045] ? __pfx___might_resched+0x10/0x10 [ 557.544896][T15045] __x64_sys_openat+0x174/0x210 [ 557.544931][T15045] ? __pfx___x64_sys_openat+0x10/0x10 [ 557.544979][T15045] do_syscall_64+0xcd/0xfa0 [ 557.545012][T15045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.545039][T15045] RIP: 0033:0x7f4fc178efc9 [ 557.545061][T15045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.545086][T15045] RSP: 002b:00007f4fbf9d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 557.545110][T15045] RAX: ffffffffffffffda RBX: 00007f4fc19e6090 RCX: 00007f4fc178efc9 [ 557.545126][T15045] RDX: 0000000000109a00 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 557.545143][T15045] RBP: 00007f4fc1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 557.545159][T15045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.545174][T15045] R13: 00007f4fc19e6128 R14: 00007f4fc19e6090 R15: 00007fffa9622aa8 [ 557.545211][T15045] [ 559.141557][T15062] netlink: zone id is out of range [ 559.355616][ T30] audit: type=1800 audit(4294967407.119:17): pid=15049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2340" name="dbroot" dev="configfs" ino=48390 res=0 errno=0 [ 559.560243][T15068] random: crng reseeded on system resumption [ 560.626433][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 560.632853][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 562.299241][T15116] bond0: option packets_per_slave: invalid value ( Xµn‘pæ) [ 562.308244][T15116] bond0: option packets_per_slave: allowed values 0 - 65535 [ 562.490517][T15119] ubi: mtd0 is already attached to ubi31 [ 563.624408][T15150] FAULT_INJECTION: forcing a failure. [ 563.624408][T15150] name failslab, interval 1, probability 0, space 0, times 0 [ 563.651342][T15150] CPU: 1 UID: 0 PID: 15150 Comm: syz.3.2361 Tainted: G U syzkaller #0 PREEMPT(full) [ 563.651385][T15150] Tainted: [U]=USER [ 563.651393][T15150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 563.651405][T15150] Call Trace: [ 563.651411][T15150] [ 563.651416][T15150] dump_stack_lvl+0x16c/0x1f0 [ 563.651438][T15150] should_fail_ex+0x512/0x640 [ 563.651459][T15150] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 563.651476][T15150] should_failslab+0xc2/0x120 [ 563.651496][T15150] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 563.651511][T15150] ? __d_alloc+0x32/0xae0 [ 563.651530][T15150] ? __d_alloc+0x32/0xae0 [ 563.651544][T15150] __d_alloc+0x32/0xae0 [ 563.651558][T15150] ? stack_trace_save+0x8e/0xc0 [ 563.651576][T15150] d_alloc_parallel+0x111/0x1510 [ 563.651595][T15150] ? __lock_acquire+0x622/0x1c90 [ 563.651615][T15150] ? kasan_save_stack+0x42/0x60 [ 563.651631][T15150] ? kasan_save_track+0x14/0x30 [ 563.651645][T15150] ? __kasan_kmalloc+0xaa/0xb0 [ 563.651658][T15150] ? __kmalloc_node_track_caller_noprof+0x345/0x8a0 [ 563.651674][T15150] ? kstrdup+0x53/0x100 [ 563.651687][T15150] ? debugfs_create_symlink+0x29/0x320 [ 563.651699][T15150] ? drm_debugfs_clients_add+0x195/0x200 [ 563.651717][T15150] ? __pfx_d_alloc_parallel+0x10/0x10 [ 563.651738][T15150] ? lockdep_init_map_type+0x5c/0x280 [ 563.651757][T15150] ? lockdep_init_map_type+0x5c/0x280 [ 563.651779][T15150] __lookup_slow+0x193/0x460 [ 563.651799][T15150] ? __pfx___lookup_slow+0x10/0x10 [ 563.651820][T15150] ? __next_zones_zonelist+0x10/0x150 [ 563.651843][T15150] ? __next_zones_zonelist+0x10/0x150 [ 563.651861][T15150] ? d_lookup+0xe7/0x190 [ 563.651883][T15150] lookup_noperm+0xe1/0x110 [ 563.651902][T15150] simple_start_creating+0xd1/0x1b0 [ 563.651929][T15150] debugfs_start_creating.part.0+0x82/0x190 [ 563.651951][T15150] debugfs_create_symlink+0x81/0x320 [ 563.651966][T15150] drm_debugfs_clients_add+0x195/0x200 [ 563.651984][T15150] drm_file_alloc+0x5c6/0xb40 [ 563.652005][T15150] drm_open_helper+0x204/0x550 [ 563.652026][T15150] drm_open+0x1a0/0x3e0 [ 563.652044][T15150] ? __pfx_drm_open+0x10/0x10 [ 563.652061][T15150] drm_stub_open+0x20f/0x380 [ 563.652080][T15150] ? __pfx_drm_stub_open+0x10/0x10 [ 563.652099][T15150] chrdev_open+0x234/0x6a0 [ 563.652114][T15150] ? __pfx_apparmor_file_open+0x10/0x10 [ 563.652134][T15150] ? __pfx_chrdev_open+0x10/0x10 [ 563.652152][T15150] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 563.652178][T15150] do_dentry_open+0x982/0x1530 [ 563.652195][T15150] ? __pfx_chrdev_open+0x10/0x10 [ 563.652215][T15150] vfs_open+0x82/0x3f0 [ 563.652237][T15150] path_openat+0x1de4/0x2cb0 [ 563.652259][T15150] ? __pfx_path_openat+0x10/0x10 [ 563.652274][T15150] ? __lock_acquire+0xb8a/0x1c90 [ 563.652294][T15150] do_filp_open+0x20b/0x470 [ 563.652312][T15150] ? __pfx_do_filp_open+0x10/0x10 [ 563.652341][T15150] ? alloc_fd+0x471/0x7d0 [ 563.652360][T15150] do_sys_openat2+0x11b/0x1d0 [ 563.652379][T15150] ? __pfx_do_sys_openat2+0x10/0x10 [ 563.652400][T15150] ? __pfx___might_resched+0x10/0x10 [ 563.652420][T15150] __x64_sys_openat+0x174/0x210 [ 563.652439][T15150] ? __pfx___x64_sys_openat+0x10/0x10 [ 563.652467][T15150] do_syscall_64+0xcd/0xfa0 [ 563.652484][T15150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 563.652498][T15150] RIP: 0033:0x7f671d38efc9 [ 563.652511][T15150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 563.652525][T15150] RSP: 002b:00007f671e2bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 563.652539][T15150] RAX: ffffffffffffffda RBX: 00007f671d5e6090 RCX: 00007f671d38efc9 [ 563.652548][T15150] RDX: 0000000000109a00 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 563.652557][T15150] RBP: 00007f671d411f91 R08: 0000000000000000 R09: 0000000000000000 [ 563.652566][T15150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 563.652575][T15150] R13: 00007f671d5e6128 R14: 00007f671d5e6090 R15: 00007ffd9014a598 [ 563.652595][T15150] [ 564.958147][T15164] netlink: zone id is out of range [ 565.946180][ T30] audit: type=1800 audit(4294967413.804:18): pid=15187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2369" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 567.796708][T15215] can: request_module (can-proto-5) failed. [ 568.313032][T15211] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 568.321502][T15211] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 568.384680][T15211] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 568.430324][T15211] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 568.458492][T15211] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 568.478912][T15211] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 568.523945][T15211] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 568.555767][T15211] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 568.586216][T15211] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 568.611123][T15211] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 569.006409][T15239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2380'. [ 569.056427][T15239] netlink: 352 bytes leftover after parsing attributes in process `syz.3.2380'. [ 570.153130][T15260] netlink: zone id is out of range [ 570.249179][T14857] Bluetooth: hci4: command 0x0c1a tx timeout [ 570.319548][T14857] Bluetooth: hci3: command 0x0c1a tx timeout [ 570.479947][T14857] Bluetooth: hci1: command 0x0c1a tx timeout [ 570.557516][T14857] Bluetooth: hci0: command 0x0c1a tx timeout [ 571.286990][T15275] netlink: zone id is out of range [ 572.059062][T15293] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2395'. [ 572.111356][T15293] netlink: 352 bytes leftover after parsing attributes in process `syz.1.2395'. [ 572.388361][T14857] Bluetooth: hci3: command 0x0c1a tx timeout [ 572.547238][T14857] Bluetooth: hci1: command 0x0c1a tx timeout [ 572.643271][T14857] Bluetooth: hci0: command 0x0c1a tx timeout [ 572.767378][T15305] netlink: zone id is out of range [ 572.847719][T15308] netlink: 334 bytes leftover after parsing attributes in process `syz.3.2400'. [ 574.179704][T15337] FAULT_INJECTION: forcing a failure. [ 574.179704][T15337] name failslab, interval 1, probability 0, space 0, times 0 [ 574.228918][T15337] CPU: 0 UID: 0 PID: 15337 Comm: syz.1.2408 Tainted: G U syzkaller #0 PREEMPT(full) [ 574.228944][T15337] Tainted: [U]=USER [ 574.228949][T15337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 574.228957][T15337] Call Trace: [ 574.228962][T15337] [ 574.228968][T15337] dump_stack_lvl+0x16c/0x1f0 [ 574.228989][T15337] should_fail_ex+0x512/0x640 [ 574.229010][T15337] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 574.229027][T15337] should_failslab+0xc2/0x120 [ 574.229046][T15337] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 574.229061][T15337] ? __d_alloc+0x32/0xae0 [ 574.229081][T15337] ? __d_alloc+0x32/0xae0 [ 574.229095][T15337] __d_alloc+0x32/0xae0 [ 574.229109][T15337] ? stack_trace_save+0x8e/0xc0 [ 574.229127][T15337] d_alloc_parallel+0x111/0x1510 [ 574.229149][T15337] ? kasan_save_stack+0x42/0x60 [ 574.229164][T15337] ? kasan_save_track+0x14/0x30 [ 574.229178][T15337] ? __kasan_kmalloc+0xaa/0xb0 [ 574.229192][T15337] ? __kmalloc_node_track_caller_noprof+0x345/0x8a0 [ 574.229208][T15337] ? kstrdup+0x53/0x100 [ 574.229221][T15337] ? debugfs_create_symlink+0x29/0x320 [ 574.229234][T15337] ? drm_debugfs_clients_add+0x195/0x200 [ 574.229251][T15337] ? __pfx_d_alloc_parallel+0x10/0x10 [ 574.229273][T15337] ? lockdep_init_map_type+0x5c/0x280 [ 574.229293][T15337] ? lockdep_init_map_type+0x5c/0x280 [ 574.229325][T15337] __lookup_slow+0x193/0x460 [ 574.229347][T15337] ? __pfx___lookup_slow+0x10/0x10 [ 574.229369][T15337] ? __next_zones_zonelist+0x10/0x150 [ 574.229393][T15337] ? __next_zones_zonelist+0x10/0x150 [ 574.229412][T15337] ? d_lookup+0xe7/0x190 [ 574.229434][T15337] lookup_noperm+0xe1/0x110 [ 574.229454][T15337] simple_start_creating+0xd1/0x1b0 [ 574.229478][T15337] debugfs_start_creating.part.0+0x82/0x190 [ 574.229501][T15337] debugfs_create_symlink+0x81/0x320 [ 574.229515][T15337] drm_debugfs_clients_add+0x195/0x200 [ 574.229534][T15337] drm_file_alloc+0x5c6/0xb40 [ 574.229555][T15337] drm_open_helper+0x204/0x550 [ 574.229576][T15337] drm_open+0x1a0/0x3e0 [ 574.229594][T15337] ? __pfx_drm_open+0x10/0x10 [ 574.229611][T15337] drm_stub_open+0x20f/0x380 [ 574.229631][T15337] ? __pfx_drm_stub_open+0x10/0x10 [ 574.229649][T15337] chrdev_open+0x234/0x6a0 [ 574.229665][T15337] ? __pfx_apparmor_file_open+0x10/0x10 [ 574.229685][T15337] ? __pfx_chrdev_open+0x10/0x10 [ 574.229702][T15337] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 574.229720][T15337] do_dentry_open+0x982/0x1530 [ 574.229736][T15337] ? __pfx_chrdev_open+0x10/0x10 [ 574.229756][T15337] vfs_open+0x82/0x3f0 [ 574.229777][T15337] path_openat+0x1de4/0x2cb0 [ 574.229798][T15337] ? __pfx_path_openat+0x10/0x10 [ 574.229814][T15337] ? __lock_acquire+0xb8a/0x1c90 [ 574.229834][T15337] do_filp_open+0x20b/0x470 [ 574.229849][T15337] ? __pfx_do_filp_open+0x10/0x10 [ 574.229877][T15337] ? alloc_fd+0x471/0x7d0 [ 574.229896][T15337] do_sys_openat2+0x11b/0x1d0 [ 574.229915][T15337] ? __pfx_do_sys_openat2+0x10/0x10 [ 574.229935][T15337] ? __pfx___might_resched+0x10/0x10 [ 574.229955][T15337] __x64_sys_openat+0x174/0x210 [ 574.229974][T15337] ? __pfx___x64_sys_openat+0x10/0x10 [ 574.230002][T15337] do_syscall_64+0xcd/0xfa0 [ 574.230019][T15337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.230034][T15337] RIP: 0033:0x7f4fc178efc9 [ 574.230046][T15337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 574.230060][T15337] RSP: 002b:00007f4fbf9d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 574.230074][T15337] RAX: ffffffffffffffda RBX: 00007f4fc19e6090 RCX: 00007f4fc178efc9 [ 574.230083][T15337] RDX: 0000000000109a00 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 574.230092][T15337] RBP: 00007f4fc1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 574.230101][T15337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 574.230109][T15337] R13: 00007f4fc19e6128 R14: 00007f4fc19e6090 R15: 00007fffa9622aa8 [ 574.230129][T15337] [ 574.649530][T14857] Bluetooth: hci3: command 0x0c1a tx timeout [ 574.656877][T14857] Bluetooth: hci1: command 0x0c1a tx timeout [ 574.799015][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 575.119006][T15338] netlink: zone id is out of range [ 576.545835][T15371] netlink: zone id is out of range [ 578.272391][T15403] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2420'. [ 579.622777][T15425] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2428'. [ 579.694722][T15425] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 579.821582][T15425] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 579.984980][T15431] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 581.355073][T15456] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2435'. [ 582.723648][T15483] netlink: zone id is out of range [ 583.096716][T15495] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 583.104538][T15495] #PF: supervisor instruction fetch in kernel mode [ 583.111021][T15495] #PF: error_code(0x0010) - not-present page [ 583.116982][T15495] PGD 80000000758d1067 P4D 80000000758d1067 PUD 77e95067 PMD 0 [ 583.124635][T15495] Oops: Oops: 0010 [#1] SMP KASAN PTI [ 583.129994][T15495] CPU: 1 UID: 0 PID: 15495 Comm: syz.1.2446 Tainted: G U syzkaller #0 PREEMPT(full) [ 583.140911][T15495] Tainted: [U]=USER [ 583.144696][T15495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 583.154734][T15495] RIP: 0010:0x0 [ 583.158186][T15495] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 583.165527][T15495] RSP: 0018:ffffc90003aff9a0 EFLAGS: 00010283 [ 583.171577][T15495] RAX: 00000000000008e6 RBX: 0000000000000000 RCX: ffffc9000cf5e000 [ 583.179527][T15495] RDX: 0000000000080000 RSI: ffffea00021ef880 RDI: ffff88807be07c00 [ 583.187481][T15495] RBP: ffffea00021ef880 R08: 0000000000000007 R09: 0000000000000000 [ 583.195435][T15495] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff9200075ff35 [ 583.203387][T15495] R13: ffff88807be07c00 R14: 0000000000000000 R15: dffffc0000000000 [ 583.211341][T15495] FS: 00007f4fbf9f66c0(0000) GS:ffff888124b10000(0000) knlGS:0000000000000000 [ 583.220262][T15495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 583.226837][T15495] CR2: ffffffffffffffd6 CR3: 000000006ce88000 CR4: 00000000003526f0 [ 583.234795][T15495] Call Trace: [ 583.238056][T15495] [ 583.240967][T15495] filemap_read_folio+0xc8/0x2a0 [ 583.245891][T15495] ? __pfx_filemap_read_folio+0x10/0x10 [ 583.251428][T15495] ? __filemap_get_folio+0x32b/0xc30 [ 583.256725][T15495] ? down_read+0x13d/0x480 [ 583.261172][T15495] do_read_cache_folio+0x263/0x5c0 [ 583.266302][T15495] freader_get_folio+0x337/0x930 [ 583.271246][T15495] freader_fetch+0xc2/0x5e0 [ 583.275745][T15495] ? query_matching_vma+0x345/0x7d0 [ 583.280952][T15495] __build_id_parse.isra.0+0xec/0x7a0 [ 583.286321][T15495] ? query_matching_vma+0x48e/0x7d0 [ 583.291526][T15495] ? __pfx___build_id_parse.isra.0+0x10/0x10 [ 583.297515][T15495] do_procmap_query+0xb0e/0x1080 [ 583.302465][T15495] ? __pfx_do_procmap_query+0x10/0x10 [ 583.307866][T15495] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 583.313855][T15495] ? do_vfs_ioctl+0x128/0x14f0 [ 583.318644][T15495] ? __fget_files+0x20e/0x3c0 [ 583.323325][T15495] procfs_procmap_ioctl+0x9d/0xe0 [ 583.328358][T15495] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 583.334081][T15495] __x64_sys_ioctl+0x18e/0x210 [ 583.338852][T15495] do_syscall_64+0xcd/0xfa0 [ 583.343355][T15495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.349242][T15495] RIP: 0033:0x7f4fc178efc9 [ 583.353651][T15495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.373256][T15495] RSP: 002b:00007f4fbf9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 583.381665][T15495] RAX: ffffffffffffffda RBX: 00007f4fc19e5fa0 RCX: 00007f4fc178efc9 [ 583.389630][T15495] RDX: 0000200000000080 RSI: 00000000c0686611 RDI: 0000000000000006 [ 583.397593][T15495] RBP: 00007f4fc1811f91 R08: 0000000000000000 R09: 0000000000000000 [ 583.405564][T15495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.413530][T15495] R13: 00007f4fc19e6038 R14: 00007f4fc19e5fa0 R15: 00007fffa9622aa8 [ 583.421502][T15495] [ 583.424511][T15495] Modules linked in: [ 583.428397][T15495] CR2: 0000000000000000 [ 583.432553][T15495] ---[ end trace 0000000000000000 ]--- [ 583.437995][T15495] RIP: 0010:0x0 [ 583.441455][T15495] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 583.448808][T15495] RSP: 0018:ffffc90003aff9a0 EFLAGS: 00010283 [ 583.454867][T15495] RAX: 00000000000008e6 RBX: 0000000000000000 RCX: ffffc9000cf5e000 [ 583.462831][T15495] RDX: 0000000000080000 RSI: ffffea00021ef880 RDI: ffff88807be07c00 [ 583.470795][T15495] RBP: ffffea00021ef880 R08: 0000000000000007 R09: 0000000000000000 [ 583.478759][T15495] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff9200075ff35 [ 583.486730][T15495] R13: ffff88807be07c00 R14: 0000000000000000 R15: dffffc0000000000 [ 583.494703][T15495] FS: 00007f4fbf9f66c0(0000) GS:ffff888124b10000(0000) knlGS:0000000000000000 [ 583.503634][T15495] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 583.510224][T15495] CR2: ffffffffffffffd6 CR3: 000000006ce88000 CR4: 00000000003526f0 [ 583.518197][T15495] Kernel panic - not syncing: Fatal exception [ 583.524501][T15495] Kernel Offset: disabled [ 583.528809][T15495] Rebooting in 86400 seconds..