last executing test programs: 8.125087298s ago: executing program 0 (id=214): time$auto(&(0x7f0000000000)=0x9) time$auto(&(0x7f0000000040)=0x3) time$auto(&(0x7f0000000080)=0x7) time$auto(&(0x7f00000000c0)=0x7) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000100), 0x101900, 0x0) sendfile$auto(0xffffffffffffffff, r0, &(0x7f0000000140), 0x7) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/fail-nth\x00', 0xa140, 0x0) futex_wake$auto(&(0x7f00000001c0)="e1d7b8e6c4a1f2aaf01521f5253a1ef7bdcd83b537126c87d5fffcdfcd5ed09bedd839e10e6c10cd85953341b83079b454cd1ad1f831e1cefb70ce8158f966b6d75b1ef3d935f78e5c8bf215913fc5cefa0d58db1982701a1fcac494e670e7060ec0de333595cb9b90a5a68c311ed327191b48783d933f8bc3c772879e4b005c36af0ef34e97767f116b41064504b0e5a4087317dc286a2b56a3fcbd60b347acb93c06df3a9be7d39b1fb6171e3183ffa625926df2d832cf3896beeb5c0d83926502f0666eb6451f02b11d9018c5cb4036556f840596bdd7ed7276adf70a7b7811dc01f0b16ba060fb6859b605b5469791626af67bb5", 0x5, 0x6, 0x0) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f00000002c0), 0x400, 0x0) ioctl$auto_PPPIOCBRIDGECHAN(r1, 0x40047435, &(0x7f0000000300)=0x1) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000340)=0x2) r2 = getsid$auto(0x0) r3 = wait4$auto(0xffffffffffffffff, &(0x7f0000000380)=0x3, 0x81, &(0x7f00000003c0)={{0x9, 0x6e2}, {0x8001, 0x8}, 0x2, 0x34, 0x3, 0xffffffffffff1a4f, 0x7fffffff, 0x9fde, 0xffffffffffffffff, 0xffffffffffff06e9, 0x4, 0x6, 0xa5, 0x4, 0xffffffff, 0x7fffffffffffffff}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000480)={{@raw=0x7, 0x8, 0x9f68, 0x0, "8899e49ae6cf60f04dda53bd9c037fb25697945585fb2e2994b6132bae76eee57cf37a576db514a9c8c3a579", @inferred=r2}, 0x0, 0xfffff7a2, 0x7, @inferred=r3, @integer={0x9, 0x2, 0x10001}, "8345956c8bc429cd45a78d86e43c8473fb29d0733d8d3a301300009cad125e308d26d0be01a8a5e46a9dd2b389487f7abb53cc9302e3f8ca68df9228b9d14e54"}) r5 = bpf$auto_BPF_MAP_CREATE(0x0, &(0x7f00000005c0)=@info={r1, 0x3ff, 0xffffffffffffffff}, 0xfffffae6) r7 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f00000006c0), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_NEW(r6, &(0x7f0000000780)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)={0x30, r7, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x8}, @OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_CLEAR={0x4}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x5}, @OVS_FLOW_ATTR_PROBE={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x408c4}, 0x20000000) madvise$auto(0x5, 0x4, 0x0) r8 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000800), r5) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000840)={'veth1_vlan\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000880)={'wg1\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000008c0)={'macvtap0\x00', 0x0}) sendmsg$auto_NETDEV_CMD_DEV_GET(r5, &(0x7f0000000980)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000940)={&(0x7f0000000900)={0x34, r8, 0x300, 0x70bd29, 0x25dfdbfc, {}, [@NETDEV_A_DEV_IFINDEX={0x8, 0x1, r9}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r10}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r11}, @NETDEV_A_DEV_IFINDEX={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x40805}, 0x800) r12 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000a00), r6) sendmsg$auto_NL80211_CMD_DEAUTHENTICATE(r6, &(0x7f0000000cc0)={&(0x7f00000009c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000c80)={&(0x7f0000000a40)={0x220, r12, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x7d, 0xcd, "233f6732a323cca21cb35e3ea7d19c6ff419a96e41933f1deff5239cd7b2ace52fc4ac6191190a8bc0b8f29ca54b4bf3d2e40a2f5678ed42062c82d8f4ccad8b481fad6e63242cf61dab11e2b287c88136a1daee52b38bab32808b0a91f1dd09878b11d23ea8ba5c0e6464a880644adf7ea5b783054f4d3d25"}, @NL80211_ATTR_STA_FLAGS2={0xad, 0x43, "f3229bd250ed6d8e71104627fba7813498660ce41f8bc47d800376dee926892b23cb7f4c85f8962e62705d66f5bcaba3dca95ea6712863376d79396c24f7bbae11b9d1257433192b7550277e320afb68d9b7f76be9d1808e6fa59759516098ee8f998519d4b0722baafe1ff505aa76c7be43bd7802a907351e4b7d65964a7e4d335c9ca39c73f6676c6bbef0001edb5cd0df4fd3ff72888db634cd08267a049b7aa910b6083083399e"}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "6902ac3930791f171fe41a8b719938e8dcddec764384f98666e0"}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x9}, @NL80211_ATTR_MAC_MASK={0xae, 0xd7, "0cfd3915e2647b45b6b4e9b088ac018babb2d217c7a0e5d64b06f7a94810e84b330e393adbd311bbe8b1b590d2079e71eae51ee8ad8aa74914893bb87a10f54bfa1b9a8593d3b3657b0b4368fb920e9202b64a4e0a0e4bbeca815eba77590f6c9583bd860b60b64e6bfd3a31d71124fe1a021ce9cb7fe4ddf20889ee09077ea4c9ee4ab08e96dc7d2223dc113ee30cee97c1c9941437dcd6e7f8e1f93d07e91215d466a17096861f89b7"}]}, 0x220}}, 0x8004) r13 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_WIPHY(r13, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d40)={0x4c, r12, 0x100, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_TXQ_MEMORY_LIMIT={0x8, 0x10b, 0x4}, @NL80211_ATTR_BSS_BASIC_RATES={0xf, 0x24, "6c05b61fc9ef597aedd8ce"}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8, 0xcb, 0x1f}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0xe}, @NL80211_ATTR_ADMITTED_TIME={0x6, 0xd4, 0x4}, @NL80211_ATTR_TDLS_EXTERNAL_SETUP={0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x14000}, 0x4040000) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r6, &(0x7f0000000f40)={&(0x7f0000000e40)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000f00)={&(0x7f0000000e80)={0x64, 0x0, 0x800, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_MAX_BE={0x5, 0x10, 0x7}, @NL802154_ATTR_SCAN_CHANNELS={0x8, 0x21, 0x1}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, 0x4}, @NL802154_ATTR_LBT_MODE={0x5, 0x13, 0x8}, @NL802154_ATTR_MAX_FRAME_RETRIES={0x5, 0xf, 0x2}, @NL802154_ATTR_SEC_ENABLED={0x5}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x1000}, @NL802154_ATTR_SCAN_CHANNELS={0x8, 0x21, 0x7}, @NL802154_ATTR_EXTENDED_ADDR={0xc, 0x17, 0x4}]}, 0x64}, 0x1, 0x0, 0x0, 0x4001}, 0x20008000) msgctl$auto(0xffffffff, 0xe, &(0x7f0000001040)={{0xd, 0xee00, 0x0, 0x400, 0xdb, 0x7f, 0x3}, &(0x7f0000000fc0)=0x4, &(0x7f0000001000)=0x64, 0x6, 0x6, 0x401, 0x80000000, 0x3, 0x5, 0x66e8, 0x5, @raw=0x5, @inferred=r4}) quotactl$auto(0x3, &(0x7f0000000f80)='nl80211\x00', r14, &(0x7f00000010c0)="48410dae2e3b903d603b4655e9d0c2900b4e95a8180c7645812898038eab9562433b5daac1065c2e810021bcc00240ccce40f946bc146aa46004193526d40dff6148d4c16aaad47ad9") 7.937914908s ago: executing program 0 (id=215): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) read$auto_proc_coredump_filter_operations_base(0xffffffffffffffff, &(0x7f00000000c0)=""/254, 0xfe) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000200)={0x0, 0x9e, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r3, 0x1, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 6.922242984s ago: executing program 0 (id=216): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/write_cache\x00', 0x182b02, 0x0) sendfile$auto(r2, r1, 0x0, 0xe9) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x240007, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/system/node/node1/distance\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000001080)=""/98, 0x62) madvise$auto(0x0, 0x200007, 0x19) close_range$auto(0x2, 0x8, 0x0) userfaultfd$auto(0x1) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) epoll_create$auto(0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/mm/ksm/max_page_sharing\x00', 0x400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000000)=""/112, 0x70) ioctl$auto(0x3, 0xae41, r4) 6.566411218s ago: executing program 3 (id=219): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400002}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x201000, 0x200204, 0x15) 6.233178772s ago: executing program 3 (id=221): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x1fffd) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x4a8c80, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) prctl$auto(0x4d, 0x1, 0x0, 0x0, 0x0) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20904, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x3, 0x1002, 0xfffffffc, 0x5, 0x2}, "654c6dbc7a4d30983899a7e1325b6a29ba1e18441074052a3fa6c3ccf1bf00"}) readv$auto(r0, &(0x7f0000000a80)={0x0, 0x2}, 0x2) ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) socket(0x11, 0x80003, 0x300) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0x18, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) pidfd_open$auto(0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x5, 0x7, 0x6d3f, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0) write$auto_full_fops_mem(0xffffffffffffffff, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x3, 0x3, 0x3, 0x3, 0x3, 0x8003, 0x8000000000000000, 0x2, 0x6d3c, 0x3, 0x2, 0x44a03baf]}, 0x0) clock_gettime$auto(0x80000020, 0x0) unshare$auto(0x40000080) unshare$auto(0x40000080) r2 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) pread64$auto(r2, &(0x7f0000000280)=']{::\x00', 0x1, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x1) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) 5.791913955s ago: executing program 0 (id=223): mmap$auto(0x0, 0x4, 0xdf, 0x9b72, 0xffffffffffffffff, 0x100000000008000) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/controlC2\x00', 0x80, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/wireless\x00', 0x80, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYRES8=r0, @ANYRESOCT=r0], 0x24}, 0x1, 0x0, 0x0, 0x20004800}, 0x20008000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-1024kB/stats/split_failed\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) r2 = socket(0x2, 0x1, 0x106) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) socket(0x29, 0x4, 0x88000006) accept4$auto(r2, &(0x7f0000000080)=@rc={0x1f, @none}, &(0x7f0000000000)=0x3, 0x4) r3 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000008140)='/sys/kernel/debug/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x80100, 0x0) read$auto_tracing_entries_fops_trace(r3, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, 0x0, 0x71a8dce0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r4, 0x0, 0x6, 0x1ff) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) mmap$auto(0xf22, 0x6, 0xfd5, 0x1e, 0xffffffffffffffff, 0x0) writev$auto(0x3, 0x0, 0x3ff) r5 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f00000000c0), 0x80002, 0x0) sendfile$auto(r5, 0x3, 0x0, 0x400000000006) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r2, 0x0, 0x4000001) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) 4.66867542s ago: executing program 1 (id=225): unshare$auto(0x40000080) unshare$auto(0x1) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) socket(0x15, 0x5, 0x0) socket(0xa, 0x1, 0x84) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xa, 0xb8, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'ip6gretap0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1, r1, @relative_id=0x13, 0xe600}, 0xf) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0xe8) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) 4.097925022s ago: executing program 0 (id=227): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) setresuid$auto(0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfbLn\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) timer_create$auto(0x3, 0x0, &(0x7f0000000280)=0x6) timer_gettime$auto(0x0, &(0x7f0000001f80)={{0x9, 0x100000001}, {0x9f9a, 0x401}}) getcwd$auto(&(0x7f0000000080)='\xd5%\xd8]]):\x00', 0x7) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_SET_NOTIFY(r1, 0x7cb, 0x0) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x2, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x7, @local}, 0x50) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:04.0/revision\x00', 0x8a080, 0x0) mmap$auto(0xfffffffffffffffd, 0x729, 0x200, 0x19, 0x401, 0xa7b) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0) mmap$auto(0x0, 0x7, 0xdf, 0x9b73, 0x7, 0x28000) 3.959129153s ago: executing program 2 (id=228): mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x3000000, 0x20200, 0x15) 3.847829938s ago: executing program 3 (id=229): getpgid$auto(0xffffffffffffffff) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1a9402, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_create$auto(0x9, 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000280)={{0x80, 0xee00, 0xee00, 0xca6d, 0x8, 0x4bd6, 0x5}, 0xd21, 0x5, 0x8000000000000000, 0x1, @inferred=0xffffffffffffffff, @raw=0x440, 0x9, 0x0, &(0x7f0000000140)="4f0d6995e943b6bc1919e836e1a6e889b4881e233d3b51e066bb0a054c9e474be535fd29da", &(0x7f0000000200)="e3ac9b01ee8d985b677531eeeee5cb5bf774d2df4d9ae6dccbc98def20b72c7c2826a585ba3a8d67815abade214708a4ade77c6faa2f2889ca3e7989f32645dd597a3ae1b46e8d8c7e03ae6b8aaa49f6bf64cc5fa98e25"}) fsconfig$auto(r0, 0x800, &(0x7f0000000040)='/sys/devices/LNXSYSTM:00/LNXPWRBN:00/power/wakeup_abort_count\x00', 0x0, r1) write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, &(0x7f00000001c0)="624d1bfe595046ab5c98199adf260600de16baef6176e6021e1dce210500e8fdffff0000000000fffffffe00a7ed73de11691c13403c82be", 0x7b) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2, 0x1, 0x106) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) bind$auto(r3, &(0x7f0000000000)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(r3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x23}}, 0x54) clone$auto(0x8ffe, 0xfffffffffffffffa, 0xffffffffffffffff, 0xfffffffffffffffc, 0x8) ioctl$auto(0x3, 0x80000541b, 0x38) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) syz_clone3(&(0x7f0000000380)={0x0, &(0x7f0000000180), &(0x7f00000014c0), &(0x7f0000000340), {0x3b}, &(0x7f0000001500)=""/4097, 0x1001, &(0x7f0000001380)=""/5, &(0x7f0000000300)=[r2, r2, r2, 0x0, 0x0], 0x5}, 0x58) 3.836907617s ago: executing program 2 (id=230): mmap$auto(0x0, 0x420009, 0xfff, 0xeb1, 0x401, 0x7ffd) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r1 = bpf$auto(0x0, &(0x7f00000001c0)=@token_create={0xda86, r0}, 0x6f7) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0xa, 0x1, 0xfffffeff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r3 = openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) pread64$auto(r3, 0x0, 0x2, 0x3) prctl$auto(0x1808, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\x97U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8003) fanotify_mark$auto(0xffffffffffffffff, 0x9, 0x1000000009, r1, 0x0) r4 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x5, 0x0) umount2$auto(&(0x7f0000000000)='.\x00', 0x4) getdents$auto(r4, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) r5 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001b80)=ANY=[@ANYBLOB="14000800", @ANYRES16=r5, @ANYBLOB="010727bd7000fbdbdf250b000000"], 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x40000) writev$auto(0xffffffffffffffff, 0x0, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) openat$auto_hsr_node_table_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x189280, 0x0) 3.479458142s ago: executing program 1 (id=231): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/pcrypt/pencrypt/serial_cpumask\x00', 0xa001, 0x0) write$auto(r0, &(0x7f0000000040)=',\x00^\xa2\x02\x00\x05\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xee\x0f_o\xc0\xee?\xce\xa3\x04\x95Hq\xf4\x00\x00\x00\x00\x00\x00\x006\xe0\xb1d)X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x80000000000) 3.324355201s ago: executing program 1 (id=232): mmap$auto(0x20, 0x400008, 0x4, 0x40009b72, 0xffffffffffffffff, 0x8080) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x8000, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0xffffffffffffffff, 0x300000000000) r2 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/proc/slabinfo\x00', 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(r2, 0x0, 0x7f) close_range$auto(0x0, 0xffffffffffffffff, 0x2) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) r3 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, 0x0) r4 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r4, 0x40383d0c, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) getcwd$auto(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x3, 0x5, 0xffffffff) r5 = inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(0x4, 0x0, 0xe6e) chmod$auto(0x0, 0x10fe) readv$auto(r5, &(0x7f0000000240)={0x0, 0x5}, 0xf5) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000040)=""/252, 0xfc) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0) r6 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000001c80), 0x1, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_GSTATUS(r6, 0xc0505405, &(0x7f0000001cc0)={{0x800, 0x10000, 0x5, 0x591, 0x7}, 0x6, 0x2, 0x6, "58e5218f9678796f35bf2803b1e21a54bddb4e340bb83340b899e51485a51568"}) ioctl$auto_PPPIOCATTACH(r0, 0x4004743d, 0x0) 2.87948897s ago: executing program 0 (id=233): ioctl$auto_BLKROTATIONAL(0xffffffffffffffff, 0x127e, 0x0) (async) mmap$auto(0x0, 0x20009, 0x7ff, 0x40000000000eb1, 0x401, 0x8000) (async) socket(0x2, 0x2, 0x0) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) mount$auto(0x0, &(0x7f0000000140)='.\x00', &(0x7f00000001c0)='nfsd\x00\xee\x1a\x8f\xa2~?\xe2\x82fg\xb3G\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\tI\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd_\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xe1\xa8\xda\x80\xc5\x8f\xb41\x81\xf0\xa3\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14', 0x7, 0x0) (async) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) (async) sendmsg$auto_OVS_METER_CMD_DEL(r0, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x80a, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) (async) r2 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x7f, 0x1d2d, 0x6, 0xffff, 0x15f4da0e, 0x6, 0xc, 0xfffffffffffffffd, 0x8, 0x4, 0xfca, 0x9, 0xfffffffffffffffe, 0x4000000000000d]}, 0x0) (async) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0xfffffffffffffff7, 0x5, 0x19, r1, 0x7) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7f, 0x0) (async) ioctl$auto_FS_IOC_READ_VERITY_METADATA2(r2, 0xc0286687, &(0x7f0000000340)="2c54d6f875e75e0b926d922dd0e8a179cea3a66cb8fb2c8d10e963ad43fb403f18bcbe4272313741628814249001795e7cb9c057b6db68d1fa8590b6f8af0f536d898aebe6d4e3c87c03ac35a09ed2f9de3c509362c68ff54f4f46adf7dd67b5") (async) unshare$auto(0x40000080) (async) settimeofday$auto(0x0, &(0x7f0000000100)={0x0, 0x40c}) (async) getsockopt$auto(0xffffffffffffffff, 0x10002, 0x4, 0x0, &(0x7f0000000040)=0x2000000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) 2.754850749s ago: executing program 2 (id=234): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) socket(0x80000000000000a, 0x2, 0x0) r1 = socket(0xa, 0x801, 0x84) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x5, 0x0) getsockopt$auto(r1, 0x84, 0x71, 0x0, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b3c", 0xfdef) 2.387888676s ago: executing program 3 (id=235): r0 = io_uring_setup$auto(0x1, &(0x7f0000000000)={0x3, 0x10002, 0x7f, 0x5, 0x6, 0x5, 0xffffffffffffffff, [], {0x2, 0x2005, 0x2, 0x8, 0x400, 0xb533, 0x7, 0x5, 0x80000000}, {0x7, 0xd, 0x6e68, 0x8, 0x4, 0x86fe, 0x0, 0x0, 0xb1}}) r1 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) read$auto_userio_fops_userio(r3, 0x0, 0x0) mmap$auto(0x0, 0xa00005, 0x200009, 0x40abe, r0, 0x80000001) r4 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/platform/dummy_hcd.1/usb2/2-0:1.0/usb2-port1/disable\x00', 0x102, 0x0) write$auto(0x3, 0x0, 0x7fffffff) r5 = gettid() kill$auto(r5, 0x11) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = socket(0xa, 0x2, 0x88) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r9, r8, 0x4, 0x1, r7, @relative_id=0x13, 0xe600}, 0xf) open(0x0, 0x221c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@test={r1, 0x1, 0xfff, 0x3, 0x7, 0x6, 0x4, 0x1000, 0x5, 0x7, 0x2, 0x182, 0x401, 0x80, 0x1}, 0xfffffffa) bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc) r10 = fcntl$auto_F_GETOWN(r1, 0x9, 0x9) rt_tgsigqueueinfo$auto(r5, r10, 0x5, &(0x7f00000001c0)={@_si_pad}) ioctl$auto_BTRFS_IOC_SNAP_DESTROY(r2, 0x5000940f, &(0x7f0000000380)={@inferred=r4, "a7e320012bf986c7a02b7db394b4d5a66de72df4aad16727a7c22da6794aaf6245b15d9fb112e05963fae5eb38c2f2c712d85cb877b603fb83d18e96f0bca8a26226ec23634f27ae9989fd92dfdd4630941034606623207b0ec83ad6f4498057f0a3858763af07fc2c9d9f14fd1072d80df666a2bc2c020f66e008f7ca73707cb7741a692ed421dcf18eaae55e0de24a74922b4e305da7364dd5b50f12dada8b77ab0058c4b448fd60a5bdfa8e5b2a83788c781137269099635f623046791d0e8a58bb995a9d1dd929dd9bbb99ccc17418ff222fab6b0a39e78ad4c0b32338c6f8ad99ab7eec28464fb29413cb685ac53bcf3112737ad701199b2e4cafb9768ced3ef29f99aae2a751679e3a91c67b7fe809a5f3fda8c123d71800d83a02ff717f5036f316727803182bb247b223836dac89343684712ab91c1e9020a8ed4d5d54347095a0300e3d39015d797264df41f5fac825c3746cd925419ecf0114c4f3340aa3221910f9bf6fa2005b30f25d61c80193e2adac96bb452a4853e1a1f5aa79736dc30ef0fe9b68b2dcb18d7103d8a0d024f88723699107ba2436bbefee1013fa6d3cd57828800aa44a5bb19447e1d6d5cb77b232f6efae2b2cfaafdc27fae7da90a38f4fe07d553875cb6a5116b2ce63797f21a4bc90b3a041abca681678899331cd310938d72b64871bbdee14fdf4afc2c5f0e057bcfd0ed3d229b45565a4ce82f6ee207ece8df16b000051fc46d208735fa138a076c6eb1b963c880f06c9261b3c87c2d440f42d785e36f4f0dca9d7475c8bc2b1c639a3c7201b456898445f30b0c023129fdf209b8f25c7660dd27febe3ed492a6c6b462ee761158d862416fbf31f493c0d05a2f43384d6ba32da62fe4df48037a1819d4979a6df55a21225a145f48d05fab52a158115d3690782d62be57a12eb816cf749cc6d351365fe8df48748afd2021b044c0414021f8220475bd45ff5f33749447b3ea531ec37855b5c2e26b92f238d4e3f290a22b534f04d7d4cd0915f465e5e2f3f3fdacece27e8cca8544381ae1f5d859fb8adb38a0bb4e2622bd93f86ade07399f5987a8ba9f408877a38ddb861ba08612d5338cdf11de0ba1d7eb9e22ef022b27a1d60869f8ea1cefdbe12ca5362a7b463fefc2806eb56c7a892fbbccbc9ed2b826fbae8894282c549b4080078ceb69289750ba3687671a42b97252c3a0d6c4b499c53544cc41f858ed0f07cd40a81c0aedd947690c909f89ce06c1325057b2f3583483a82115614c06d834fcd34e4fc9d294c012c465c25b71f472118464bbd6e6330bd3cf36bcc1688502583ca70bb314c77095fc6b2b7fcb589f744bad44e18d8f6548dc36a74e459b563d9499fab300392b439183d0adbbd74754dd5a121ca00cc2ea85e118c3dce2dc7f93b0fbdb142b36f9f4ce154cbbdd488694393418fa6bdc78579f1b7da5459492bf73c242e3d7a5061746bbaba70288ce48eb5b83e554e1fa882c16f09fdfc0f1ba3bb8d0490d02ee9190ec272b94ec56a950d711d797785bc38b988d0e16a262052e4ab1a966cae984c0873a6a071060f4ba0df46dedbb072ea6c60c5aa65b21ea60e6c9d45e3265cbf24c0be2f46b668f0a0bd48bee35e9cab0691ba712161409e64b123255ff211ca6de2d67133bdf39454004105c191605cf71c48cabe2742b4d67085d571033d27d7591541f5bb6bb2b1d2d1bed39b1f5abad20139c28e9939ed5825d20ad0b78b105ff41cfa370023c3468a86a5a5dada5e3298e1b72aa06357b7f433084f05d4448b9f29509abe42077df3c4a8b1fc94d429039ec0ef8db547a744af29dd0fe04d50adce8ba28ea635e2561b75ffabbda39274e994b5da23b7c0daf38a3f6c25ce910169435b6d4be2fb67d25ff717b6c16205f3686d22f034c51fd104823a9e9ae4610f67170794ecda44942115a3a1d382ac8359d3c118adcd337eabcccd52a589df7f8d94a24158888afecc82b4fe8d217ed0fa9a180fa404bb44e6ea49f373ae23b52dec2b2ec9e620de0ee935948fb796df72ac8ba926dd754da92a08d20123b36ef6f935af00200dd829bdc75cac662a05becac5ec7260af65346365295257b26d4ce893156822db6e0c8de10ea0d1cc786cc86be51f606fd788d1ec36001552e003d071eb20c51a25f1454270a15a13ef4ed3642ffe39ca6acd0778af4bd1de8c9504a961045f803a04b6a17a5431a9633165ec2e5166e5e9cfae18e9c87e4fe95fe18b7c4481c1a722339d7db20b5f2e313c967d08933e1b41fe44f90a8d1fda7cd1b0b632c46cdc988afb2b557538ba59920e43b91b17bee482890f5b8ef3d4103d6177d0eb23829d534f8ec2af86dc8ea8375ece5c195a2db69cc2c100dbcd95642f2581c27d32caa223037b438f8edc4d3f10dae37d8d8ca7353e07355707e681f72c896cbc50fd1b147433c7ce1921159f431c9d65f0ff867cec1c6a9571bc26ba66aaba1e93c3d10f6cba0dc8d4cf8d86f8c78c483b601e574ff07742ff365f5cc0e561663169e82ee45249df10074585475ca59a8b282e6c19cab69b09abba851601cff79e06ed6233814c0aa11b2f3e96b92a328a0bbb41b2d9494ea49a3288af74dced8a8ea989761c605f0713ff44e23439b5caf62707e2095135afc8ef7f9efbfb58e6cd3e9319220e2be0ca0a87f85e767395baa86a487b0343c35de73944260f368cbe90402da1cf78878aea611838abdfadc10a791d1fc318ca37fcf31a5a362f7852446c5d24c7f4443ab85464eba09382b50441bde7dd53f7a5e3e22cea1e789ea2304809c0b3b9b1daa799a5fabdeb671dca6db9fe12465badc456f8cba69b3272b3850a0e9b3b8f0bd5355e6a66ff057d0dc4821adec2f5c0fbbc4fdee86a562595b2e7068756b5acc209829e5bae0f5b71bb300706b7d6093cf48567697ec449f08a197ff4bc5ad371a7f876b1352b016c16b48a34ba5789ae44a7b995983f17ecc9e283a5c2ba6c0618a70fe3b4755c7bdf898b6e4163d785ea65a84e5ea60f3998a83d1c4083832d1f7dd7c66526ed45eddeea019bc1e5746b8c57deb1784c5c22bf7a2566752849158aaa0bf8063bd67909acf1b8d7691567a69af95201e05f882b297ef24907ce79fbae98517077963d77eb44a27016eb6e8729577d2c0cb13096331f97ac8ab3279b4802dd5c212c3fa398b487c9ee3b1f6a901d3f88bb6c592f6885eed403e5222454e400c8e80e76460ae968d0f43bfbb621e898c9a7a01040c6aa6c9e43000b96335b75f7fd5bd3ba1c5e8e3d36a3ee92ef5aabab2a70e6eef7d61fd8eba97f1023cd597d4bc5dca784156579808dd851b29444f9fd10d8d1c253088ae50fa70c3301d1f95d6e3bba59c6a5f819c9c7fe0876141d5d8a5f32d36b7e48a85ccd460b43da86d57c53625fd926ec3d0943214dce646b134f796f2bf5a2b6f0230b25b68969bc338d0efb08c9c901a8b1f88967979687afc54c956a0cf8ccd6aef89bdf4fc44929e841917c5e2eba39866c75f7067e1eae0ab0608516256c7b9ee3cdfd9ced38d477f9ab9a76e3f493c3f74dab7e8f9bec625ae173103c12b44f54571570cb0092348a78f3815026d0f7007d5b835c520d546c9b0efe2ea28949a0e657b46b4ecde95ef81d19a21182252cf6b5abfa18274664946dd60f69e4d048e850dac2c976982ae5003d31cd9c41a14ab6be00cc31d0d0ea42c0a5704eb5ec43b7b299c106c292f3af8449c985a15f86f49e58f68f0f554241b07b51bb224c6659b785708e19ba67388a4188859de235af8a0724766096d3561c33f95ee501bad282fa65d72a0404a3e64d2b6535cac4bb4fc880a9fd7091a1cb833608c058086c1b0cf2038f4fd803ab6fcf52c113a0ea3df6d482c1917eadbde2b1e75804443b5d2d6c649ce99a6120d70ae0e62a3aacaf143994f73674d100ec0c3ea84ea258a385cb71666c06d22ce8a5281cf5ee516772ab5f1a60b3f7e5ca57f54af3ae15adf4d4e94bcb57dfb06f448df8d0c93ed4e178fffd809118b5c52dc5a9c174f993081c4467e9fd49f5a0fda5043bd9068f637d35d0c8926aef1235b3bf66f52eb787e8dba717dad4aa9099ac496c0d2b507b41621702599d1c238cc9913893e16995565163c972a0d0edb2f5aab53bc10562b0e07407b23d57632c3104ae0503090853ea53071be9bb95b3863636b44e167bf776b0fcc657ac70323a0c41fec68c4825efe4b8c95747c49dffcfbe617e81386a7c62c1224382f4182c1f071fe3c5c4cb50d623f058d3a920ba2b795113a0c841bbde0b149003d7c82eec0ce1c4156b48c7a3f23f3d9a0294bd3631b53aef2b3490befcd612caf9be5320b8d43d15b19b94a1acdc1226a004de61bfeab594cba3de99ab516e041ceae271c5ce662b0db5eff9a91a08fbaa58f1bdf76cf3882ef57f9f485d0d8507554cf95b504ad190f6b2bf48bb14bb16e32cb33cc2798b0a953d474325d8024d19e34c30c4c2979e492ac0102072402ea6b2f587ee3fdc81bd9cb6f83749af3ad1833e93051683ced9480a5a08ef6f25006ed24f65c303d53923ba3d49db8e2ce3697279ed66e8d782ba09a3ac4ba075f6d49992359c1e83d7354527fa79d3987fc04b36171803f2c78437caf9ad840b79b50e54b7a9ebe93a2be7a97a0c8bcd0805bce54cd30d05a06bc0e2aefadd2f3cfdf8b0c7308d9514463735940ac1d10a54163f9ed046e12ec4e0960082819a4b7f67c1a21234e9345c2520599af4d7875de2a6fb47e200303fc7340d72460ffdd10cac717d7a64a1ac256d7b1bf407e8013f5f50107854a05beba51a89f62b2f7142e8acb8bc7df011127340a1df120b2d1f62526f6e5ff3e1099f22d54746db12b3156e98a30f9d47aa5228d6376df34f746a808147f9c62486b4412de9ade0d6be189995790104a9119dc4f802a4d9bfd5c87d1c4becb0e13b9412f46c28d82cd680a53ee22a399abc6240c86e2d3e870c2c749f3274d53affb8c8cb66858e2a7587f71c7bb3d23c8be9085110b13d7e631358c0b23ed38d33029335a23f533e3b7034624e057c5068873a5b6b0f69493ff7775479b385f9fe008ddbcf5ed0d91278bd2009b15e918502d9837699c76a8787a468d6ff3a0a8016782d441492b3d733b99b1023bc0e4bdcc411490f3de9ddee7086e9c32b459f65ab151d88c51f33f5993f3bade45e57c2b8e582b47f50291626c26a571191bdef866641e3f16ded0a17e63b123d8d8c5a0e27f232294cd7817b99a659fe96f1c55a2480905eb047e05d09b03d78656de3c2c7353efad9310f626a2570b4c4f2cdb17f0ee5d18cfc97420926e129f824616d1441860b255d9a423cdc2b55faaaddd481f615e0340ffb6c5120ef118c32370178053808ccbd7b9d7aeb55fcdd9694d97777111f10cdc8d75b95ec628dcb7dde216285a8c6b729d71d3ad1bf85f314d2dad061e303db749395d850e9ca21f97a60744f1f1c0f2a90c112d035955c7fb05e8ef04fd6bf3f319052112b21b4fa2204fb4c194e982307c7a1b18f7df1fad7a140860c369aa51efe1cfe0a627a34706de727dddb5ed2c6e0206a71c5f558443a80cd34e611cc295aab9eb436b2178a7a3ec940d313e851fae76b5105c19acd5437f00336f849fff6fd470624046ce04f2c69919e1097f1d55d5198640b876db8f264b03cc2dec81ee71581c638336e90921a13f0ef4f06b1681ac233974737b55b1c98bf3bcb33e54c7a72004cd3b30ceeea64549e8f7cb34ae71497407464eb25e50ec6e5"}) r11 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci7/hci7:201\x00', 0x400, 0x0) ioctl$auto_VHOST_SET_LOG_FD2(r4, 0x4004af07, &(0x7f0000000040)=r11) ioctl$auto_FIONREAD(r1, 0x541b, 0x5) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop6\x00', 0x903203, 0x0) 2.359591119s ago: executing program 1 (id=236): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={0x0, 0x300, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r2, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) 2.020454484s ago: executing program 2 (id=237): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xa2102, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x20) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) bind$auto(r0, &(0x7f0000000140)=@generic={0x1a, "9300000004000000000000000091"}, 0x6a) ioctl$auto_IOC_PR_CLEAR(r0, 0x401070cd, &(0x7f0000000040)={0x3, 0x1}) io_uring_setup$auto(0xe, 0x0) bpf$auto(0x12, 0x0, 0x26) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='./cgroup.cpu/memory.numa_stat\x00', 0xe2080, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) unshare$auto(0x40000080) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x1000) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) fstatfs$auto(0x3, 0x0) ioctl$auto(r3, 0x4b66, 0x1) 1.317484601s ago: executing program 1 (id=238): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x3, 0x40eb2, 0x401, 0x300000000000) mmap$auto(0x0, 0x1, 0x3642, 0x9b72, 0xffffffffffffffff, 0x1000000008000) syz_clone3(0x0, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) io_uring_setup$auto(0xa, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000001c0), r0) sendmsg$auto_CTRL_CMD_GETPOLICY(r0, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x20, r1, 0x301, 0x4070bd25, 0x25dfdbff, {}, [@CTRL_ATTR_FAMILY_NAME={0xc, 0x2, 'nl80211\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x30000881}, 0xc040810) read$auto(0x4, 0x0, 0xfdef) setuid$auto(0xe) ioctl$auto(0xffffffffffffffff, 0x4b66, 0x1) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000200)={{@raw=0x7, 0x1, 0xfffffffb, 0x480008, "3112d58500a8b47148e22af9ffb683dbede3d0bf828bbf100000e5e2f96ee50484b075ad15e48d00", @raw=0xfffffffe}, 0x2, 0x80, 0x4, @inferred, @integer64={0x5, 0x0, 0xd}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090d70925450ece0bb32777702b07552d000000000000000000ebff0000000000000059a200"}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x10, 0x2, 0x14) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cec2\x00', 0x40, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x0) socket(0x10, 0x2, 0x0) socket(0x1e, 0x2, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(0x0, 0x6) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000002fc0)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r2], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4010}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x2}, 0x3, 0x0) rt_sigqueueinfo$auto(0x0, 0xffff7b6f, &(0x7f0000000000)={@siginfo_0_0={0xf9, 0x14, 0x1, @_sigpoll={0xd}}}) socket(0x11, 0x3, 0x9) 1.112808653s ago: executing program 2 (id=239): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01eb"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x6) setsockopt$auto(r0, 0x104000000000010e, 0xb, 0x0, 0x400) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/nbd12\x00', 0x6600, 0x0) setresuid$auto(0x8, 0x8, 0x0) ioctl$auto_BLKPG(r1, 0x1269, 0x300) 1.087407045s ago: executing program 3 (id=240): mmap$auto(0x3, 0x20009, 0x2000000df, 0x19, 0x401, 0x8004) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) vmsplice$auto(0x2, &(0x7f00000000c0)={0x0, 0x7ff}, 0x8000000000000001, 0x1000000) ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/md_mod/parameters/new_array\x00', 0xa001, 0x0) r1 = socket(0x10, 0x2, 0x0) recvmmsg$auto(r1, &(0x7f0000000180)={{0x0, 0x1, &(0x7f00000000c0)={&(0x7f0000000340), 0xfff}, 0x4, 0x0, 0x8, 0x7}, 0x7}, 0x5, 0x66a6, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="010025bd7000f7dbdf"], 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x0) 974.203128ms ago: executing program 1 (id=241): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x1fffd) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x4a8c80, 0x0) statx$auto(0xffffff9c, 0x0, 0x1000, 0x803, 0x0) prctl$auto(0x4d, 0x1, 0x0, 0x0, 0x0) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x20904, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x3, 0x1002, 0xfffffffc, 0x5, 0x2}, "654c6dbc7a4d30983899a7e1325b6a29ba1e18441074052a3fa6c3ccf1bf00"}) readv$auto(r0, &(0x7f0000000a80)={0x0, 0x2}, 0x2) ioctl$auto_SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) socket(0x11, 0x80003, 0x300) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0x18, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) pidfd_open$auto(0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) fsconfig$auto_FSCONFIG_SET_PATH(0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x95f4da0a, 0x6, 0x3, 0x62, 0x5, 0x7, 0x6d3f, 0x9, 0x6, 0xfffffffffffffffe]}, 0x0) write$auto_full_fops_mem(0xffffffffffffffff, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x3, 0x3, 0x3, 0x3, 0x3, 0x8003, 0x8000000000000000, 0x2, 0x6d3c, 0x3, 0x2, 0x44a03baf]}, 0x0) clock_gettime$auto(0x80000020, 0x0) unshare$auto(0x40000080) unshare$auto(0x40000080) r2 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) pread64$auto(r2, 0x0, 0x1, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x2, 0x1) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) 842.193027ms ago: executing program 2 (id=242): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r3, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001280)={&(0x7f0000001140)={0x14, r3, 0x8, 0x70bd27, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x91}, 0x10) ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0x1d, 0x92f1, 0x4}, 0xa) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card1/pcm1p/sub4/xrun_injection\x00', 0x8880, 0x0) setitimer$auto(0x0, &(0x7f0000001a00)={{0x80, 0x9}, {0x6, 0x100}}, 0x0) getitimer$auto_ITIMER_REAL(0x0, &(0x7f0000001bc0)={{0x2, 0x7fffffffffffffff}, {0x7, 0x1000}}) r5 = fcntl$auto_F_DUPFD_CLOEXEC(r4, 0x406, r4) ioctl$auto_BTRFS_IOC_SUBVOL_CREATE_V2(r5, 0x50009418, &(0x7f0000000100)={@inferred=r4, 0x8, 0xfffffffd, @btrfs_ioctl_vol_args_v2_3_0={0x68, &(0x7f0000000080)={0x8000000000000000, 0xada, 0x8000000000000001, 0x9, {0x101, 0x6, 0x4, 0x0, 0x8000000000000001}}}, @subvolid=0x8d}) read$auto(r4, 0x0, 0x102) 0s ago: executing program 3 (id=243): ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, &(0x7f0000000680)={{0xffffffffffffffff, &(0x7f0000000200)="4d7fe11b", 0x0, 0x0, 0xfffffff8, 0x0, 0x0}, {[0x1, 0xf6, 0x7, 0x7]}, 0xb02, 0xfff, 0x0}) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) (fail_nth: 8) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.255' (ED25519) to the list of known hosts. [ 82.190400][ T5820] cgroup: Unknown subsys name 'net' [ 82.338494][ T5820] cgroup: Unknown subsys name 'cpuset' [ 82.347016][ T5820] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.839147][ T5820] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.512256][ T5843] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.521891][ T5843] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.529961][ T5843] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.543289][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.551815][ T5843] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.552230][ T5844] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.559803][ T5843] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.574924][ T5843] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.575715][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.583170][ T5843] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.591124][ T5845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.597957][ T5843] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.604410][ T5845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.619074][ T5843] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.626666][ T5845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.634486][ T5843] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.635396][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.650304][ T5843] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.651970][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.657568][ T5843] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 86.190425][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 86.204461][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 86.313837][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 86.334544][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 86.461357][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.469155][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.476879][ T5832] bridge_slave_0: entered allmulticast mode [ 86.483880][ T5832] bridge_slave_0: entered promiscuous mode [ 86.497639][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.504761][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.512177][ T5834] bridge_slave_0: entered allmulticast mode [ 86.519927][ T5834] bridge_slave_0: entered promiscuous mode [ 86.537895][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.545138][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.552286][ T5832] bridge_slave_1: entered allmulticast mode [ 86.559501][ T5832] bridge_slave_1: entered promiscuous mode [ 86.571906][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.579393][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.586654][ T5834] bridge_slave_1: entered allmulticast mode [ 86.593586][ T5834] bridge_slave_1: entered promiscuous mode [ 86.676300][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.683607][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.691076][ T5833] bridge_slave_0: entered allmulticast mode [ 86.698144][ T5833] bridge_slave_0: entered promiscuous mode [ 86.708936][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.718235][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.726117][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.733382][ T5831] bridge_slave_0: entered allmulticast mode [ 86.741205][ T5831] bridge_slave_0: entered promiscuous mode [ 86.751368][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.760857][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.768311][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.775576][ T5833] bridge_slave_1: entered allmulticast mode [ 86.782616][ T5833] bridge_slave_1: entered promiscuous mode [ 86.791415][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.800693][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.807988][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.815456][ T5831] bridge_slave_1: entered allmulticast mode [ 86.822371][ T5831] bridge_slave_1: entered promiscuous mode [ 86.830981][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.920270][ T5834] team0: Port device team_slave_0 added [ 86.928509][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.940368][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.951695][ T5832] team0: Port device team_slave_0 added [ 86.959190][ T5834] team0: Port device team_slave_1 added [ 86.967471][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.978382][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.989109][ T5832] team0: Port device team_slave_1 added [ 87.099949][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.107365][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.134597][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.149091][ T5831] team0: Port device team_slave_0 added [ 87.157361][ T5833] team0: Port device team_slave_0 added [ 87.164804][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.172734][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.199402][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.223383][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.230699][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.258033][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.272338][ T5833] team0: Port device team_slave_1 added [ 87.286156][ T5831] team0: Port device team_slave_1 added [ 87.292507][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.299906][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.326884][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.400077][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.407249][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.433490][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.445520][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.452526][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.478979][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.510565][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.519198][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.546686][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.558447][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.565684][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.592060][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.639222][ T5834] hsr_slave_0: entered promiscuous mode [ 87.645861][ T5834] hsr_slave_1: entered promiscuous mode [ 87.657538][ T5832] hsr_slave_0: entered promiscuous mode [ 87.663780][ T5832] hsr_slave_1: entered promiscuous mode [ 87.670602][ T5832] debugfs: 'hsr0' already exists in 'hsr' [ 87.676720][ T5832] Cannot create hsr debugfs directory [ 87.746013][ T5838] Bluetooth: hci3: command tx timeout [ 87.746543][ T52] Bluetooth: hci2: command tx timeout [ 87.751841][ T5843] Bluetooth: hci1: command tx timeout [ 87.757601][ T5844] Bluetooth: hci0: command tx timeout [ 87.798354][ T5833] hsr_slave_0: entered promiscuous mode [ 87.804640][ T5833] hsr_slave_1: entered promiscuous mode [ 87.810965][ T5833] debugfs: 'hsr0' already exists in 'hsr' [ 87.816984][ T5833] Cannot create hsr debugfs directory [ 87.837511][ T5831] hsr_slave_0: entered promiscuous mode [ 87.843745][ T5831] hsr_slave_1: entered promiscuous mode [ 87.850021][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 87.855866][ T5831] Cannot create hsr debugfs directory [ 88.246792][ T5832] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 88.260122][ T5832] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 88.278730][ T5832] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 88.289845][ T5832] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 88.337920][ T5833] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.350851][ T5833] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.367106][ T5833] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 88.380227][ T5833] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.462544][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 88.473677][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 88.488670][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 88.504017][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 88.631514][ T5831] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.650785][ T5831] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.663402][ T5831] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.682067][ T5831] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.736482][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.760434][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.793790][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.813772][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.821089][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.844452][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.851647][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.873043][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.899462][ T1311] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.906650][ T1311] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.926133][ T1311] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.933238][ T1311] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.964715][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.028753][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.059278][ T3534] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.066445][ T3534] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.102993][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.110156][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.155713][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.240952][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.272547][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.279917][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.311036][ T1311] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.318259][ T1311] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.491628][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.591913][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.661419][ T5832] veth0_vlan: entered promiscuous mode [ 89.730833][ T5832] veth1_vlan: entered promiscuous mode [ 89.816532][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.827064][ T5844] Bluetooth: hci0: command tx timeout [ 89.827142][ T5838] Bluetooth: hci3: command tx timeout [ 89.838503][ T5843] Bluetooth: hci1: command tx timeout [ 89.843245][ T5832] veth0_macvtap: entered promiscuous mode [ 89.844004][ T52] Bluetooth: hci2: command tx timeout [ 89.858920][ T5833] veth0_vlan: entered promiscuous mode [ 89.884511][ T5832] veth1_macvtap: entered promiscuous mode [ 89.910764][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.926277][ T5833] veth1_vlan: entered promiscuous mode [ 89.961868][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.987886][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.020055][ T5834] veth0_vlan: entered promiscuous mode [ 90.039405][ T5831] veth0_vlan: entered promiscuous mode [ 90.055720][ T3473] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.068424][ T5831] veth1_vlan: entered promiscuous mode [ 90.075950][ T3473] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.088664][ T3473] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.098561][ T3473] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.111345][ T5834] veth1_vlan: entered promiscuous mode [ 90.131437][ T5833] veth0_macvtap: entered promiscuous mode [ 90.161286][ T5833] veth1_macvtap: entered promiscuous mode [ 90.219382][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.262453][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.270996][ T5831] veth0_macvtap: entered promiscuous mode [ 90.294427][ T4130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.310419][ T4130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.324977][ T5834] veth0_macvtap: entered promiscuous mode [ 90.332243][ T5831] veth1_macvtap: entered promiscuous mode [ 90.340976][ T1318] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.351663][ T1318] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.360866][ T1318] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.372856][ T1318] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.397385][ T5834] veth1_macvtap: entered promiscuous mode [ 90.430326][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.446463][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.463904][ T1318] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.476472][ T1318] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.503120][ T4130] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.533077][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.544449][ T4130] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.556771][ T4130] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.570494][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 90.595644][ T4130] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.631846][ T4130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.647983][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.668633][ T4130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.736567][ T1318] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.760394][ T1318] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.790182][ T1318] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.801005][ T3473] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.818293][ T1318] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.823366][ T3473] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.863509][ T4130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.903607][ T4130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.997928][ T3534] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.031962][ T3534] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.090500][ T1841] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.115825][ T1841] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.211408][ T4130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.240682][ T4130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.374417][ T5939] process 'syz.1.6' launched ':,' with NULL argv: empty string added [ 91.731130][ T5947] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 91.905644][ T5843] Bluetooth: hci1: command tx timeout [ 91.911144][ T5843] Bluetooth: hci0: command tx timeout [ 91.916690][ T5838] Bluetooth: hci3: command tx timeout [ 91.922273][ T52] Bluetooth: hci2: command tx timeout [ 91.935602][ T5952] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8'. [ 92.084029][ T5945] FAULT_INJECTION: forcing a failure. [ 92.084029][ T5945] name failslab, interval 1, probability 0, space 0, times 1 [ 92.125165][ T5945] CPU: 1 UID: 0 PID: 5945 Comm: syz.1.7 Not tainted syzkaller #0 PREEMPT(full) [ 92.125200][ T5945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 92.125218][ T5945] Call Trace: [ 92.125226][ T5945] [ 92.125239][ T5945] dump_stack_lvl+0x16c/0x1f0 [ 92.125284][ T5945] should_fail_ex+0x512/0x640 [ 92.125311][ T5945] ? fs_reclaim_acquire+0xae/0x150 [ 92.125350][ T5945] should_failslab+0xc2/0x120 [ 92.125388][ T5945] kmem_cache_alloc_noprof+0x83/0x770 [ 92.125417][ T5945] ? __pfx_map_id_range_down+0x10/0x10 [ 92.125449][ T5945] ? security_inode_alloc+0x3b/0x2b0 [ 92.125486][ T5945] ? security_inode_alloc+0x3b/0x2b0 [ 92.125510][ T5945] security_inode_alloc+0x3b/0x2b0 [ 92.125537][ T5945] inode_init_always_gfp+0xced/0x1040 [ 92.125579][ T5945] alloc_inode+0x86/0x240 [ 92.125606][ T5945] new_inode+0x22/0x1c0 [ 92.125636][ T5945] proc_pid_make_inode+0x22/0x160 [ 92.125667][ T5945] proc_pident_instantiate+0x85/0x310 [ 92.125700][ T5945] proc_pident_lookup+0x1f5/0x270 [ 92.125736][ T5945] __lookup_slow+0x251/0x460 [ 92.125764][ T5945] ? __pfx___lookup_slow+0x10/0x10 [ 92.125821][ T5945] lookup_slow+0x50/0x70 [ 92.125848][ T5945] link_path_walk+0x12d8/0x1c70 [ 92.125892][ T5945] path_openat+0x1bd/0x3140 [ 92.125925][ T5945] ? do_syscall_64+0xcd/0xf80 [ 92.125944][ T5945] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.125981][ T5945] ? __pfx_path_openat+0x10/0x10 [ 92.126027][ T5945] do_filp_open+0x20b/0x470 [ 92.126063][ T5945] ? __pfx_do_filp_open+0x10/0x10 [ 92.126119][ T5945] ? __pfx_kfree_link+0x10/0x10 [ 92.126160][ T5945] ? alloc_fd+0x471/0x7d0 [ 92.126207][ T5945] do_sys_openat2+0x121/0x290 [ 92.126234][ T5945] ? __pfx_do_sys_openat2+0x10/0x10 [ 92.126263][ T5945] ? count_memcg_events+0x122/0x290 [ 92.126305][ T5945] __x64_sys_openat+0x174/0x210 [ 92.126333][ T5945] ? __pfx___x64_sys_openat+0x10/0x10 [ 92.126362][ T5945] ? syscall_user_dispatch+0x78/0x140 [ 92.126402][ T5945] do_syscall_64+0xcd/0xf80 [ 92.126426][ T5945] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.126450][ T5945] RIP: 0033:0x7fae3158e010 [ 92.126477][ T5945] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 92.126501][ T5945] RSP: 002b:00007fae32510f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 92.126526][ T5945] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fae3158e010 [ 92.126542][ T5945] RDX: 0000000000000002 RSI: 00007fae32510fa0 RDI: 00000000ffffff9c [ 92.126557][ T5945] RBP: 00007fae32510fa0 R08: 0000000000000000 R09: 0000000000000000 [ 92.126572][ T5945] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 92.126587][ T5945] R13: 00007fae317e6038 R14: 00007fae317e5fa0 R15: 00007ffe469e2398 [ 92.126622][ T5945] [ 92.541211][ T24] cfg80211: failed to load regulatory.db [ 93.356921][ T5974] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 93.955877][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.985707][ T5838] Bluetooth: hci3: command tx timeout [ 93.986208][ T5844] Bluetooth: hci1: command tx timeout [ 93.991187][ T52] Bluetooth: hci2: command tx timeout [ 94.002140][ T5843] Bluetooth: hci0: command tx timeout [ 94.130741][ T5981] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 94.372538][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.438420][ T5988] FAULT_INJECTION: forcing a failure. [ 94.438420][ T5988] name fail_futex, interval 1, probability 0, space 0, times 1 [ 94.452526][ T5988] CPU: 0 UID: 0 PID: 5988 Comm: syz.3.14 Not tainted syzkaller #0 PREEMPT(full) [ 94.452557][ T5988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 94.452570][ T5988] Call Trace: [ 94.452577][ T5988] [ 94.452586][ T5988] dump_stack_lvl+0x16c/0x1f0 [ 94.452626][ T5988] should_fail_ex+0x512/0x640 [ 94.452658][ T5988] should_fail_futex+0x4c/0x60 [ 94.452682][ T5988] futex_lock_pi_atomic+0x127/0xc50 [ 94.452718][ T5988] futex_lock_pi+0x23f/0x7c0 [ 94.452753][ T5988] ? __pfx_futex_lock_pi+0x10/0x10 [ 94.452782][ T5988] ? __lock_acquire+0x436/0x2890 [ 94.452879][ T5988] ? __pfx_futex_wake_mark+0x10/0x10 [ 94.452916][ T5988] ? find_held_lock+0x2b/0x80 [ 94.452947][ T5988] ? ksys_write+0x190/0x250 [ 94.452985][ T5988] do_futex+0x33e/0x350 [ 94.453012][ T5988] ? __pfx_do_futex+0x10/0x10 [ 94.453047][ T5988] __x64_sys_futex+0x1e0/0x4c0 [ 94.453076][ T5988] ? fput+0x70/0xf0 [ 94.453101][ T5988] ? __pfx___x64_sys_futex+0x10/0x10 [ 94.453132][ T5988] ? ksys_write+0x1ac/0x250 [ 94.453162][ T5988] ? __pfx_ksys_write+0x10/0x10 [ 94.453203][ T5988] do_syscall_64+0xcd/0xf80 [ 94.453228][ T5988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.453252][ T5988] RIP: 0033:0x7f48d158f7c9 [ 94.453271][ T5988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.453291][ T5988] RSP: 002b:00007f48d2508038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 94.453313][ T5988] RAX: ffffffffffffffda RBX: 00007f48d17e5fa0 RCX: 00007f48d158f7c9 [ 94.453328][ T5988] RDX: 0000000000000007 RSI: 0000000000000008 RDI: 0000200000001e00 [ 94.453342][ T5988] RBP: 00007f48d2508090 R08: 0000000000000000 R09: 0000000000000004 [ 94.453355][ T5988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.453368][ T5988] R13: 00007f48d17e6038 R14: 00007f48d17e5fa0 R15: 00007fffe64ab278 [ 94.453402][ T5988] [ 94.537676][ T5989] FAULT_INJECTION: forcing a failure. [ 94.537676][ T5989] name failslab, interval 1, probability 0, space 0, times 0 [ 94.775325][ T5989] CPU: 1 UID: 0 PID: 5989 Comm: syz.2.15 Not tainted syzkaller #0 PREEMPT(full) [ 94.775357][ T5989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 94.775370][ T5989] Call Trace: [ 94.775377][ T5989] [ 94.775386][ T5989] dump_stack_lvl+0x16c/0x1f0 [ 94.775427][ T5989] should_fail_ex+0x512/0x640 [ 94.775453][ T5989] ? __kmalloc_cache_noprof+0x5f/0x800 [ 94.775483][ T5989] should_failslab+0xc2/0x120 [ 94.775516][ T5989] __kmalloc_cache_noprof+0x80/0x800 [ 94.775542][ T5989] ? __pfx_trace_seq_printf+0x10/0x10 [ 94.775567][ T5989] ? tracing_log_err+0x4bc/0x6d0 [ 94.775603][ T5989] ? tracing_log_err+0x4bc/0x6d0 [ 94.775632][ T5989] tracing_log_err+0x4bc/0x6d0 [ 94.775671][ T5989] append_filter_err+0x399/0x610 [ 94.775706][ T5989] apply_subsystem_event_filter+0x75a/0x17e0 [ 94.775748][ T5989] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 94.775787][ T5989] ? _copy_from_user+0x59/0xd0 [ 94.775817][ T5989] subsystem_filter_write+0x95/0x120 [ 94.775862][ T5989] ? __pfx_subsystem_filter_write+0x10/0x10 [ 94.775891][ T5989] vfs_write+0x2a0/0x11d0 [ 94.775925][ T5989] ? __pfx___mutex_lock+0x10/0x10 [ 94.775952][ T5989] ? __pfx_vfs_write+0x10/0x10 [ 94.775994][ T5989] ? __fget_files+0x20e/0x3c0 [ 94.776036][ T5989] ksys_write+0x12a/0x250 [ 94.776067][ T5989] ? __pfx_ksys_write+0x10/0x10 [ 94.776109][ T5989] do_syscall_64+0xcd/0xf80 [ 94.776133][ T5989] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.776156][ T5989] RIP: 0033:0x7fbea478f7c9 [ 94.776175][ T5989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.776195][ T5989] RSP: 002b:00007fbea55c8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 94.776216][ T5989] RAX: ffffffffffffffda RBX: 00007fbea49e6090 RCX: 00007fbea478f7c9 [ 94.776231][ T5989] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 94.776244][ T5989] RBP: 00007fbea55c8090 R08: 0000000000000000 R09: 0000000000000000 [ 94.776257][ T5989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 94.776270][ T5989] R13: 00007fbea49e6128 R14: 00007fbea49e6090 R15: 00007ffdbc370518 [ 94.776306][ T5989] [ 95.165996][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 95.186250][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 95.739622][ T5982] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 95.845419][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.476302][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 96.520088][ T6008] Zero length message leads to an empty skb [ 96.634347][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 96.643110][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.651691][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.660563][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 97.280950][ T6012] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 98.088512][ T6023] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 98.345208][ T6014] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 99.370089][ T6031] FAULT_INJECTION: forcing a failure. [ 99.370089][ T6031] name failslab, interval 1, probability 0, space 0, times 0 [ 99.383540][ T6031] CPU: 1 UID: 0 PID: 6031 Comm: syz.1.26 Not tainted syzkaller #0 PREEMPT(full) [ 99.383576][ T6031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 99.383591][ T6031] Call Trace: [ 99.383599][ T6031] [ 99.383608][ T6031] dump_stack_lvl+0x16c/0x1f0 [ 99.383654][ T6031] should_fail_ex+0x512/0x640 [ 99.383682][ T6031] ? __kmalloc_cache_noprof+0x5f/0x800 [ 99.383713][ T6031] should_failslab+0xc2/0x120 [ 99.383752][ T6031] __kmalloc_cache_noprof+0x80/0x800 [ 99.383780][ T6031] ? snd_timer_user_open+0x6b/0x180 [ 99.383813][ T6031] ? snd_timer_user_open+0x6b/0x180 [ 99.383836][ T6031] ? __pfx_snd_timer_user_open+0x10/0x10 [ 99.383862][ T6031] snd_timer_user_open+0x6b/0x180 [ 99.383890][ T6031] snd_open+0x22d/0x4c0 [ 99.383915][ T6031] ? __pfx_snd_open+0x10/0x10 [ 99.383936][ T6031] chrdev_open+0x234/0x6a0 [ 99.383971][ T6031] ? __pfx_chrdev_open+0x10/0x10 [ 99.384008][ T6031] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 99.384052][ T6031] do_dentry_open+0x748/0x1590 [ 99.384085][ T6031] ? __pfx_chrdev_open+0x10/0x10 [ 99.384129][ T6031] vfs_open+0x82/0x3f0 [ 99.384159][ T6031] path_openat+0x2078/0x3140 [ 99.384200][ T6031] ? __pfx_path_openat+0x10/0x10 [ 99.384246][ T6031] do_filp_open+0x20b/0x470 [ 99.384281][ T6031] ? __pfx_do_filp_open+0x10/0x10 [ 99.384341][ T6031] ? alloc_fd+0x471/0x7d0 [ 99.384384][ T6031] do_sys_openat2+0x121/0x290 [ 99.384411][ T6031] ? __pfx_do_sys_openat2+0x10/0x10 [ 99.384451][ T6031] __x64_sys_openat+0x174/0x210 [ 99.384478][ T6031] ? __pfx___x64_sys_openat+0x10/0x10 [ 99.384528][ T6031] do_syscall_64+0xcd/0xf80 [ 99.384555][ T6031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.384579][ T6031] RIP: 0033:0x7fae3158f7c9 [ 99.384600][ T6031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.384622][ T6031] RSP: 002b:00007fae32511038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 99.384645][ T6031] RAX: ffffffffffffffda RBX: 00007fae317e5fa0 RCX: 00007fae3158f7c9 [ 99.384662][ T6031] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 99.384678][ T6031] RBP: 00007fae31613f91 R08: 0000000000000000 R09: 0000000000000000 [ 99.384692][ T6031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 99.384706][ T6031] R13: 00007fae317e6038 R14: 00007fae317e5fa0 R15: 00007ffe469e2398 [ 99.384740][ T6031] [ 100.097703][ T6038] FAULT_INJECTION: forcing a failure. [ 100.097703][ T6038] name failslab, interval 1, probability 0, space 0, times 0 [ 100.152969][ T6038] CPU: 0 UID: 0 PID: 6038 Comm: syz.1.27 Not tainted syzkaller #0 PREEMPT(full) [ 100.153002][ T6038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 100.153015][ T6038] Call Trace: [ 100.153022][ T6038] [ 100.153031][ T6038] dump_stack_lvl+0x16c/0x1f0 [ 100.153072][ T6038] should_fail_ex+0x512/0x640 [ 100.153098][ T6038] ? __kvmalloc_node_noprof+0x129/0xa40 [ 100.153133][ T6038] should_failslab+0xc2/0x120 [ 100.153168][ T6038] __kvmalloc_node_noprof+0x14a/0xa40 [ 100.153201][ T6038] ? seq_read_iter+0x830/0x12d0 [ 100.153238][ T6038] ? seq_read_iter+0x830/0x12d0 [ 100.153265][ T6038] seq_read_iter+0x830/0x12d0 [ 100.153310][ T6038] proc_reg_read_iter+0x220/0x310 [ 100.153341][ T6038] vfs_read+0x8bf/0xcf0 [ 100.153379][ T6038] ? __pfx_vfs_read+0x10/0x10 [ 100.153433][ T6038] ksys_read+0x12a/0x250 [ 100.153463][ T6038] ? __pfx_ksys_read+0x10/0x10 [ 100.153503][ T6038] do_syscall_64+0xcd/0xf80 [ 100.153527][ T6038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.153550][ T6038] RIP: 0033:0x7fae3158f7c9 [ 100.153568][ T6038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.153589][ T6038] RSP: 002b:00007fae32511038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 100.153617][ T6038] RAX: ffffffffffffffda RBX: 00007fae317e5fa0 RCX: 00007fae3158f7c9 [ 100.153633][ T6038] RDX: 00000000000000b2 RSI: 0000200000000180 RDI: 0000000000000003 [ 100.153647][ T6038] RBP: 00007fae32511090 R08: 0000000000000000 R09: 0000000000000000 [ 100.153660][ T6038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.153674][ T6038] R13: 00007fae317e6038 R14: 00007fae317e5fa0 R15: 00007ffe469e2398 [ 100.153708][ T6038] [ 100.520025][ T6041] FAULT_INJECTION: forcing a failure. [ 100.520025][ T6041] name failslab, interval 1, probability 0, space 0, times 0 [ 100.555150][ T6041] CPU: 1 UID: 0 PID: 6041 Comm: syz.2.28 Not tainted syzkaller #0 PREEMPT(full) [ 100.555184][ T6041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 100.555199][ T6041] Call Trace: [ 100.555207][ T6041] [ 100.555218][ T6041] dump_stack_lvl+0x16c/0x1f0 [ 100.555263][ T6041] should_fail_ex+0x512/0x640 [ 100.555290][ T6041] ? __lock_acquire+0x436/0x2890 [ 100.555317][ T6041] should_failslab+0xc2/0x120 [ 100.555353][ T6041] __kmalloc_cache_noprof+0x80/0x800 [ 100.555375][ T6041] ? tipc_sub_subscribe+0x150/0x870 [ 100.555413][ T6041] ? tipc_sub_subscribe+0x150/0x870 [ 100.555447][ T6041] tipc_sub_subscribe+0x150/0x870 [ 100.555484][ T6041] tipc_conn_rcv_sub+0x1fa/0x400 [ 100.555518][ T6041] tipc_topsrv_kern_subscr+0x20b/0x3c0 [ 100.555555][ T6041] ? __pfx_tipc_topsrv_kern_subscr+0x10/0x10 [ 100.555601][ T6041] ? net_generic+0xea/0x2a0 [ 100.555645][ T6041] tipc_group_create+0x4ab/0x660 [ 100.555686][ T6041] tipc_setsockopt+0x7c5/0xe00 [ 100.555716][ T6041] ? __pfx_tipc_setsockopt+0x10/0x10 [ 100.555755][ T6041] ? __pfx_tipc_setsockopt+0x10/0x10 [ 100.555783][ T6041] do_sock_setsockopt+0xf3/0x1d0 [ 100.555825][ T6041] __sys_setsockopt+0x120/0x1a0 [ 100.555860][ T6041] __x64_sys_setsockopt+0xbd/0x160 [ 100.555888][ T6041] ? do_syscall_64+0x91/0xf80 [ 100.555914][ T6041] ? lockdep_hardirqs_on+0x7c/0x110 [ 100.556010][ T6041] do_syscall_64+0xcd/0xf80 [ 100.556034][ T6041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.556061][ T6041] RIP: 0033:0x7fbea478f7c9 [ 100.556083][ T6041] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.556108][ T6041] RSP: 002b:00007fbea55e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 100.556132][ T6041] RAX: ffffffffffffffda RBX: 00007fbea49e5fa0 RCX: 00007fbea478f7c9 [ 100.556149][ T6041] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 100.556165][ T6041] RBP: 00007fbea4813f91 R08: 0000000000000014 R09: 0000000000000000 [ 100.556180][ T6041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 100.556193][ T6041] R13: 00007fbea49e6038 R14: 00007fbea49e5fa0 R15: 00007ffdbc370518 [ 100.556230][ T6041] [ 100.556326][ T6041] tipc: Subscription rejected, no memory [ 101.123160][ T6049] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 103.338795][ T6066] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 103.433655][ T6078] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 104.960184][ T6077] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 105.625903][ T6101] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 106.787871][ T6102] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 106.975329][ T6126] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 107.997564][ T6136] netlink: 'syz.3.47': attribute type 1 has an invalid length. [ 108.399255][ T6133] FAULT_INJECTION: forcing a failure. [ 108.399255][ T6133] name failslab, interval 1, probability 0, space 0, times 0 [ 108.422445][ T6133] CPU: 1 UID: 0 PID: 6133 Comm: syz.3.47 Not tainted syzkaller #0 PREEMPT(full) [ 108.422477][ T6133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 108.422500][ T6133] Call Trace: [ 108.422508][ T6133] [ 108.422517][ T6133] dump_stack_lvl+0x16c/0x1f0 [ 108.422568][ T6133] should_fail_ex+0x512/0x640 [ 108.422606][ T6133] ? __kmalloc_noprof+0xca/0x910 [ 108.422635][ T6133] should_failslab+0xc2/0x120 [ 108.422670][ T6133] __kmalloc_noprof+0xeb/0x910 [ 108.422695][ T6133] ? alloc_pipe_info+0x1ec/0x590 [ 108.422731][ T6133] ? alloc_pipe_info+0x1ec/0x590 [ 108.422773][ T6133] alloc_pipe_info+0x1ec/0x590 [ 108.422818][ T6133] splice_direct_to_actor+0x77d/0xa30 [ 108.422859][ T6133] ? __lock_acquire+0x436/0x2890 [ 108.422880][ T6133] ? __pfx_direct_splice_actor+0x10/0x10 [ 108.422919][ T6133] ? __pfx_aa_file_perm+0x10/0x10 [ 108.422951][ T6133] ? find_held_lock+0x2b/0x80 [ 108.422986][ T6133] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 108.423016][ T6133] ? get_pid_task+0xfc/0x250 [ 108.423047][ T6133] do_splice_direct+0x174/0x240 [ 108.423079][ T6133] ? __pfx_do_splice_direct+0x10/0x10 [ 108.423112][ T6133] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 108.423145][ T6133] ? bpf_lsm_file_permission+0x9/0x10 [ 108.423170][ T6133] ? security_file_permission+0x71/0x210 [ 108.423201][ T6133] ? rw_verify_area+0xcf/0x6c0 [ 108.423231][ T6133] do_sendfile+0xb06/0xe50 [ 108.423267][ T6133] ? __pfx_do_sendfile+0x10/0x10 [ 108.423298][ T6133] ? __fget_files+0x20e/0x3c0 [ 108.423337][ T6133] __x64_sys_sendfile64+0x1d8/0x220 [ 108.423359][ T6133] ? ksys_write+0x1ac/0x250 [ 108.423388][ T6133] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 108.423428][ T6133] do_syscall_64+0xcd/0xf80 [ 108.423451][ T6133] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.423475][ T6133] RIP: 0033:0x7f48d158f7c9 [ 108.423494][ T6133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.423515][ T6133] RSP: 002b:00007f48d24e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 108.423536][ T6133] RAX: ffffffffffffffda RBX: 00007f48d17e6090 RCX: 00007f48d158f7c9 [ 108.423551][ T6133] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 108.423564][ T6133] RBP: 00007f48d24e7090 R08: 0000000000000000 R09: 0000000000000000 [ 108.423577][ T6133] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 108.423591][ T6133] R13: 00007f48d17e6128 R14: 00007f48d17e6090 R15: 00007fffe64ab278 [ 108.423630][ T6133] [ 109.428178][ T6147] FAULT_INJECTION: forcing a failure. [ 109.428178][ T6147] name failslab, interval 1, probability 0, space 0, times 0 [ 109.448332][ T6147] CPU: 0 UID: 0 PID: 6147 Comm: syz.3.51 Not tainted syzkaller #0 PREEMPT(full) [ 109.448368][ T6147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 109.448382][ T6147] Call Trace: [ 109.448390][ T6147] [ 109.448400][ T6147] dump_stack_lvl+0x16c/0x1f0 [ 109.448445][ T6147] should_fail_ex+0x512/0x640 [ 109.448472][ T6147] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 109.448518][ T6147] should_failslab+0xc2/0x120 [ 109.448558][ T6147] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 109.448588][ T6147] ? dquot_alloc_inode+0x51b/0xb90 [ 109.448615][ T6147] ? __dquot_initialize+0x299/0xd50 [ 109.448640][ T6147] ? __d_alloc+0x35/0xa80 [ 109.448668][ T6147] ? __d_alloc+0x35/0xa80 [ 109.448688][ T6147] __d_alloc+0x35/0xa80 [ 109.448714][ T6147] d_alloc_pseudo+0x1c/0xc0 [ 109.448742][ T6147] alloc_file_pseudo+0xcf/0x230 [ 109.448771][ T6147] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 109.448808][ T6147] __shmem_file_setup+0x1a8/0x350 [ 109.448850][ T6147] shmem_zero_setup+0x93/0x1b0 [ 109.448881][ T6147] __mmap_region+0x2271/0x2a00 [ 109.448913][ T6147] ? __lock_acquire+0x436/0x2890 [ 109.448936][ T6147] ? __pfx___mmap_region+0x10/0x10 [ 109.448976][ T6147] ? lock_acquire+0x179/0x330 [ 109.449012][ T6147] ? finish_task_switch.isra.0+0x2e0/0xbd0 [ 109.449114][ T6147] ? rcu_is_watching+0x12/0xc0 [ 109.449156][ T6147] mmap_region+0x1ab/0x3f0 [ 109.449191][ T6147] ? __get_unmapped_area+0x267/0x3f0 [ 109.449232][ T6147] do_mmap+0xa3e/0x1210 [ 109.449275][ T6147] ? __pfx_do_mmap+0x10/0x10 [ 109.449310][ T6147] ? __pfx_down_write_killable+0x10/0x10 [ 109.449344][ T6147] vm_mmap_pgoff+0x29e/0x470 [ 109.449379][ T6147] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 109.449415][ T6147] ? __x64_sys_futex+0x1e0/0x4c0 [ 109.449436][ T6147] ? __x64_sys_futex+0x1e9/0x4c0 [ 109.449461][ T6147] ksys_mmap_pgoff+0x7d/0x5c0 [ 109.449495][ T6147] ? __pfx_ksys_write+0x10/0x10 [ 109.449529][ T6147] __x64_sys_mmap+0x125/0x190 [ 109.449558][ T6147] do_syscall_64+0xcd/0xf80 [ 109.449583][ T6147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.449607][ T6147] RIP: 0033:0x7f48d158f7c9 [ 109.449629][ T6147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.449651][ T6147] RSP: 002b:00007f48d2508038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 109.449673][ T6147] RAX: ffffffffffffffda RBX: 00007f48d17e5fa0 RCX: 00007f48d158f7c9 [ 109.449699][ T6147] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 109.449714][ T6147] RBP: 00007f48d1613f91 R08: 0000000000000401 R09: 0000000000008000 [ 109.449729][ T6147] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 109.449743][ T6147] R13: 00007f48d17e6038 R14: 00007f48d17e5fa0 R15: 00007fffe64ab278 [ 109.449779][ T6147] [ 109.978496][ T6146] FAULT_INJECTION: forcing a failure. [ 109.978496][ T6146] name fail_futex, interval 1, probability 0, space 0, times 0 [ 110.053138][ T6155] random: crng reseeded on system resumption [ 110.125717][ T6146] CPU: 0 UID: 0 PID: 6146 Comm: syz.3.51 Not tainted syzkaller #0 PREEMPT(full) [ 110.125751][ T6146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 110.125763][ T6146] Call Trace: [ 110.125771][ T6146] [ 110.125780][ T6146] dump_stack_lvl+0x16c/0x1f0 [ 110.125827][ T6146] should_fail_ex+0x512/0x640 [ 110.125858][ T6146] get_futex_key+0x1d0/0x15f0 [ 110.125885][ T6146] ? __lock_acquire+0x436/0x2890 [ 110.125907][ T6146] ? __pfx_get_futex_key+0x10/0x10 [ 110.125934][ T6146] ? trace_sched_set_need_resched_tp+0xf3/0x130 [ 110.125975][ T6146] futex_wait_setup+0x9d/0x570 [ 110.126017][ T6146] __futex_wait+0x193/0x2f0 [ 110.126047][ T6146] ? __pfx___futex_wait+0x10/0x10 [ 110.126083][ T6146] ? __pfx_futex_wake_mark+0x10/0x10 [ 110.126123][ T6146] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 110.126149][ T6146] ? __hrtimer_setup+0x176/0x280 [ 110.126179][ T6146] ? ktime_add_safe+0x60/0x70 [ 110.126210][ T6146] futex_wait+0xe8/0x380 [ 110.126238][ T6146] ? __pfx_futex_wait+0x10/0x10 [ 110.126262][ T6146] ? __lock_acquire+0x436/0x2890 [ 110.126283][ T6146] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 110.126322][ T6146] do_futex+0x229/0x350 [ 110.126347][ T6146] ? __pfx_do_futex+0x10/0x10 [ 110.126369][ T6146] ? rcu_is_watching+0x12/0xc0 [ 110.126394][ T6146] ? ktime_get+0x200/0x310 [ 110.126413][ T6146] ? lockdep_hardirqs_on+0x7c/0x110 [ 110.126447][ T6146] ? read_tsc+0x9/0x20 [ 110.126480][ T6146] __x64_sys_futex+0x1e0/0x4c0 [ 110.126509][ T6146] ? __pfx___x64_sys_futex+0x10/0x10 [ 110.126534][ T6146] ? xfd_validate_state+0x61/0x180 [ 110.126566][ T6146] do_syscall_64+0xcd/0xf80 [ 110.126586][ T6146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.126607][ T6146] RIP: 0033:0x7f48d158f7c9 [ 110.126624][ T6146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.126643][ T6146] RSP: 002b:00007fffe64ab3d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 110.126665][ T6146] RAX: ffffffffffffffda RBX: 000000000001ad6d RCX: 00007f48d158f7c9 [ 110.126679][ T6146] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f48d17e609c [ 110.126691][ T6146] RBP: 0000000000000032 R08: 00007f48d2509000 R09: 00000010e64ab6cf [ 110.126703][ T6146] R10: 00007fffe64ab4d0 R11: 0000000000000246 R12: 00007f48d17e609c [ 110.126717][ T6146] R13: 00007fffe64ab4d0 R14: 000000000001ad9f R15: 00007fffe64ab4f0 [ 110.126749][ T6146] [ 110.153004][ T6156] Unrecognized hibernate image header format! [ 110.369814][ T6158] __vm_enough_memory: pid: 6158, comm: syz.3.51, bytes: 4398046511104 not enough memory for the allocation [ 110.394344][ T6156] PM: hibernation: Image mismatch: architecture specific data [ 111.170263][ T6171] netlink: 2468 bytes leftover after parsing attributes in process `syz.0.55'. [ 111.646578][ T6190] random: crng reseeded on system resumption [ 111.686646][ T6190] futex_wake_op: syz.0.60 tries to shift op by -2048; fix this program [ 111.842359][ T6192] size and base must be multiples of 4 kiB [ 111.873736][ T6192] CPU: 0 UID: 0 PID: 6192 Comm: syz.0.60 Not tainted syzkaller #0 PREEMPT(full) [ 111.873770][ T6192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 111.873784][ T6192] Call Trace: [ 111.873793][ T6192] [ 111.873802][ T6192] dump_stack_lvl+0x16c/0x1f0 [ 111.873846][ T6192] mtrr_add+0xdf/0x110 [ 111.873882][ T6192] mtrr_ioctl+0x7ef/0xcf0 [ 111.873904][ T6192] ? __pfx_mtrr_ioctl+0x10/0x10 [ 111.873932][ T6192] ? find_held_lock+0x2b/0x80 [ 111.873971][ T6192] ? __fget_files+0x20e/0x3c0 [ 111.874003][ T6192] ? __pfx_mtrr_ioctl+0x10/0x10 [ 111.874024][ T6192] proc_reg_unlocked_ioctl+0x229/0x320 [ 111.874053][ T6192] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 111.874084][ T6192] __x64_sys_ioctl+0x18e/0x210 [ 111.874114][ T6192] do_syscall_64+0xcd/0xf80 [ 111.874138][ T6192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.874162][ T6192] RIP: 0033:0x7f0258b8f7c9 [ 111.874180][ T6192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 111.874200][ T6192] RSP: 002b:00007f0259a52038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 111.874221][ T6192] RAX: ffffffffffffffda RBX: 00007f0258de6090 RCX: 00007f0258b8f7c9 [ 111.874237][ T6192] RDX: 0000000000000000 RSI: 0000000040104d01 RDI: 0000000000000000 [ 111.874250][ T6192] RBP: 00007f0258c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 111.874263][ T6192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.874276][ T6192] R13: 00007f0258de6128 R14: 00007f0258de6090 R15: 00007ffd84fbc878 [ 111.874308][ T6192] [ 112.990187][ T6199] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 113.926381][ T6211] FAULT_INJECTION: forcing a failure. [ 113.926381][ T6211] name failslab, interval 1, probability 0, space 0, times 0 [ 114.016219][ T6211] CPU: 0 UID: 0 PID: 6211 Comm: syz.2.64 Not tainted syzkaller #0 PREEMPT(full) [ 114.016251][ T6211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 114.016264][ T6211] Call Trace: [ 114.016272][ T6211] [ 114.016282][ T6211] dump_stack_lvl+0x16c/0x1f0 [ 114.016321][ T6211] should_fail_ex+0x512/0x640 [ 114.016347][ T6211] ? fs_reclaim_acquire+0xae/0x150 [ 114.016391][ T6211] should_failslab+0xc2/0x120 [ 114.016425][ T6211] __kmalloc_noprof+0xeb/0x910 [ 114.016452][ T6211] ? tomoyo_encode2+0x100/0x3e0 [ 114.016487][ T6211] ? tomoyo_encode2+0x100/0x3e0 [ 114.016515][ T6211] tomoyo_encode2+0x100/0x3e0 [ 114.016557][ T6211] tomoyo_encode+0x29/0x50 [ 114.016586][ T6211] tomoyo_realpath_from_path+0x18f/0x6e0 [ 114.016627][ T6211] tomoyo_path_number_perm+0x245/0x580 [ 114.016652][ T6211] ? tomoyo_path_number_perm+0x237/0x580 [ 114.016681][ T6211] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 114.016710][ T6211] ? find_held_lock+0x2b/0x80 [ 114.016769][ T6211] ? find_held_lock+0x2b/0x80 [ 114.016797][ T6211] ? hook_file_ioctl_common+0x144/0x410 [ 114.016832][ T6211] ? __fget_files+0x20e/0x3c0 [ 114.016869][ T6211] security_file_ioctl+0x9b/0x240 [ 114.016898][ T6211] __x64_sys_ioctl+0xb7/0x210 [ 114.016928][ T6211] do_syscall_64+0xcd/0xf80 [ 114.016952][ T6211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.016976][ T6211] RIP: 0033:0x7fbea478f7c9 [ 114.017001][ T6211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.017022][ T6211] RSP: 002b:00007fbea55e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 114.017044][ T6211] RAX: ffffffffffffffda RBX: 00007fbea49e5fa0 RCX: 00007fbea478f7c9 [ 114.017060][ T6211] RDX: 0000200000000140 RSI: 00000000c1105517 RDI: 0000000000000003 [ 114.017074][ T6211] RBP: 00007fbea55e9090 R08: 0000000000000000 R09: 0000000000000000 [ 114.017087][ T6211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 114.017109][ T6211] R13: 00007fbea49e6038 R14: 00007fbea49e5fa0 R15: 00007ffdbc370518 [ 114.017147][ T6211] [ 114.017196][ T6211] ERROR: Out of memory at tomoyo_realpath_from_path. [ 114.717105][ T6222] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 116.447705][ T6237] netlink: 'syz.3.68': attribute type 1 has an invalid length. [ 118.955391][ T6249] syz.1.70 (6249) used greatest stack depth: 19688 bytes left [ 119.354597][ T6269] netlink: 28 bytes leftover after parsing attributes in process `syz.1.76'. [ 119.403487][ T6269] veth1_macvtap: left promiscuous mode [ 120.053239][ T6284] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 120.053239][ T6284] The task syz.2.74 (6284) triggered the difference, watch for misbehavior. [ 120.808284][ T6302] FAULT_INJECTION: forcing a failure. [ 120.808284][ T6302] name failslab, interval 1, probability 0, space 0, times 0 [ 120.861281][ T6302] CPU: 1 UID: 0 PID: 6302 Comm: syz.2.81 Not tainted syzkaller #0 PREEMPT(full) [ 120.861313][ T6302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 120.861326][ T6302] Call Trace: [ 120.861334][ T6302] [ 120.861343][ T6302] dump_stack_lvl+0x16c/0x1f0 [ 120.861383][ T6302] should_fail_ex+0x512/0x640 [ 120.861409][ T6302] ? kmem_cache_alloc_noprof+0x62/0x770 [ 120.861439][ T6302] should_failslab+0xc2/0x120 [ 120.861474][ T6302] kmem_cache_alloc_noprof+0x83/0x770 [ 120.861501][ T6302] ? getname_flags.part.0+0x4c/0x550 [ 120.861531][ T6302] ? getname_flags.part.0+0x4c/0x550 [ 120.861552][ T6302] getname_flags.part.0+0x4c/0x550 [ 120.861581][ T6302] getname_flags+0x93/0xf0 [ 120.861611][ T6302] do_sys_openat2+0xb9/0x290 [ 120.861637][ T6302] ? __pfx_do_sys_openat2+0x10/0x10 [ 120.861667][ T6302] ? __fget_files+0x20e/0x3c0 [ 120.861705][ T6302] __x64_sys_openat+0x174/0x210 [ 120.861731][ T6302] ? __pfx___x64_sys_openat+0x10/0x10 [ 120.861756][ T6302] ? ksys_write+0x1ac/0x250 [ 120.861796][ T6302] do_syscall_64+0xcd/0xf80 [ 120.861815][ T6302] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.861841][ T6302] RIP: 0033:0x7fbea478f7c9 [ 120.861858][ T6302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.861878][ T6302] RSP: 002b:00007fbea55e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 120.861900][ T6302] RAX: ffffffffffffffda RBX: 00007fbea49e5fa0 RCX: 00007fbea478f7c9 [ 120.861915][ T6302] RDX: 0000000000080102 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 120.861930][ T6302] RBP: 00007fbea55e9090 R08: 0000000000000000 R09: 0000000000000000 [ 120.861944][ T6302] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.861957][ T6302] R13: 00007fbea49e6038 R14: 00007fbea49e5fa0 R15: 00007ffdbc370518 [ 120.861990][ T6302] [ 122.510374][ T6322] netlink: 338 bytes leftover after parsing attributes in process `syz.0.87'. [ 122.654715][ T6322] veth1_macvtap: left promiscuous mode [ 122.790453][ T6322] macsec0: entered allmulticast mode [ 126.188429][ T6393] __vm_enough_memory: pid: 6393, comm: syz.0.99, bytes: 8589938688 not enough memory for the allocation [ 127.493333][ T6410] netlink: 'syz.0.103': attribute type 1 has an invalid length. [ 131.578332][ T6457] FAULT_INJECTION: forcing a failure. [ 131.578332][ T6457] name fail_futex, interval 1, probability 0, space 0, times 0 [ 131.795476][ T6457] CPU: 0 UID: 0 PID: 6457 Comm: syz.1.113 Not tainted syzkaller #0 PREEMPT(full) [ 131.795496][ T6457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 131.795504][ T6457] Call Trace: [ 131.795510][ T6457] [ 131.795515][ T6457] dump_stack_lvl+0x16c/0x1f0 [ 131.795540][ T6457] should_fail_ex+0x512/0x640 [ 131.795559][ T6457] get_futex_key+0x293/0x15f0 [ 131.795584][ T6457] ? __pfx_get_futex_key+0x10/0x10 [ 131.795603][ T6457] futex_wake+0xea/0x530 [ 131.795623][ T6457] ? __pfx_futex_wake+0x10/0x10 [ 131.795648][ T6457] do_futex+0x1e3/0x350 [ 131.795663][ T6457] ? __pfx_do_futex+0x10/0x10 [ 131.795676][ T6457] ? __might_fault+0xe3/0x190 [ 131.795696][ T6457] mm_release+0x24e/0x300 [ 131.795715][ T6457] do_exit+0x69e/0x2bd0 [ 131.795730][ T6457] ? __pfx_do_exit+0x10/0x10 [ 131.795742][ T6457] ? do_raw_spin_lock+0x12c/0x2b0 [ 131.795757][ T6457] ? find_held_lock+0x2b/0x80 [ 131.795776][ T6457] do_group_exit+0xd3/0x2a0 [ 131.795790][ T6457] get_signal+0x2671/0x26d0 [ 131.795812][ T6457] ? __fget_files+0x204/0x3c0 [ 131.795832][ T6457] ? __pfx_get_signal+0x10/0x10 [ 131.795851][ T6457] ? do_futex+0x122/0x350 [ 131.795867][ T6457] arch_do_signal_or_restart+0x8f/0x7a0 [ 131.795886][ T6457] ? fdget+0x187/0x210 [ 131.795903][ T6457] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 131.795927][ T6457] ? __pfx___x64_sys_futex+0x10/0x10 [ 131.795945][ T6457] exit_to_user_mode_loop+0x8c/0x540 [ 131.795963][ T6457] do_syscall_64+0x4ee/0xf80 [ 131.795977][ T6457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.795990][ T6457] RIP: 0033:0x7fae3158f7c9 [ 131.796001][ T6457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.796014][ T6457] RSP: 002b:00007fae324cf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 131.796027][ T6457] RAX: fffffffffffffe00 RBX: 00007fae317e6188 RCX: 00007fae3158f7c9 [ 131.796035][ T6457] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fae317e6188 [ 131.796043][ T6457] RBP: 00007fae317e6180 R08: 0000000000000000 R09: 0000000000000000 [ 131.796050][ T6457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.796058][ T6457] R13: 00007fae317e6218 R14: 00007ffe469e22b0 R15: 00007ffe469e2398 [ 131.796075][ T6457] [ 132.041004][ T6445] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 132.048126][ T6445] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 132.413284][ T6445] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 132.637591][ T6445] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 132.692855][ T6445] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 132.812655][ T6445] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 132.905350][ T6474] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 133.242388][ T6445] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 133.245525][ T6479] syz.2.116 uses obsolete (PF_INET,SOCK_PACKET) [ 133.301001][ T6445] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 133.329971][ T6473] netlink: 28 bytes leftover after parsing attributes in process `syz.3.114'. [ 133.345229][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 133.357151][ T6479] can0: slcan on ttyS2. [ 133.447875][ T6473] veth1_macvtap: left promiscuous mode [ 133.497367][ T6445] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 133.552991][ T6445] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 133.582483][ T6445] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 133.660373][ T6445] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 134.026234][ T6480] can0 (unregistered): slcan off ttyS2. [ 134.705536][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 135.265279][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 135.430527][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 135.587321][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 136.795181][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 137.346447][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 137.505155][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 137.665140][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 137.998772][ T6564] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 138.242275][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.255203][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.559128][ T6574] Invalid ELF header magic: != ELF [ 138.783949][ T6587] netlink: 4 bytes leftover after parsing attributes in process `syz.1.132'. [ 138.831452][ T6587] netlink: 4 bytes leftover after parsing attributes in process `syz.1.132'. [ 138.865097][ T5838] Bluetooth: hci1: command 0x0c1a tx timeout [ 139.425294][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 139.745378][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 140.266919][ T6598] FAULT_INJECTION: forcing a failure. [ 140.266919][ T6598] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 140.315878][ T6598] CPU: 0 UID: 0 PID: 6598 Comm: syz.2.135 Not tainted syzkaller #0 PREEMPT(full) [ 140.315914][ T6598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 140.315926][ T6598] Call Trace: [ 140.315934][ T6598] [ 140.315943][ T6598] dump_stack_lvl+0x16c/0x1f0 [ 140.315985][ T6598] should_fail_ex+0x512/0x640 [ 140.316016][ T6598] should_fail_alloc_page+0xe7/0x130 [ 140.316052][ T6598] prepare_alloc_pages+0x401/0x670 [ 140.316076][ T6598] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 140.316093][ T6598] ? trace_mm_page_alloc+0x11b/0x180 [ 140.316115][ T6598] ? kasan_save_stack+0x42/0x60 [ 140.316132][ T6598] ? kasan_save_stack+0x33/0x60 [ 140.316147][ T6598] ? kasan_save_track+0x14/0x30 [ 140.316163][ T6598] ? __kasan_slab_alloc+0x89/0x90 [ 140.316180][ T6598] ? kmem_cache_alloc_noprof+0x25e/0x770 [ 140.316195][ T6598] ? __pmd_alloc+0xbf/0x9c0 [ 140.316213][ T6598] ? __handle_mm_fault+0xbeb/0x2bb0 [ 140.316226][ T6598] ? handle_mm_fault+0x3fe/0xad0 [ 140.316237][ T6598] ? __get_user_pages+0x54e/0x3590 [ 140.316257][ T6598] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 140.316272][ T6598] ? ksys_mmap_pgoff+0x32c/0x5c0 [ 140.316289][ T6598] ? do_syscall_64+0xcd/0xf80 [ 140.316316][ T6598] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 140.316349][ T6598] ? policy_nodemask+0xea/0x4e0 [ 140.316380][ T6598] alloc_pages_mpol+0x1fb/0x550 [ 140.316412][ T6598] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 140.316437][ T6598] alloc_pages_noprof+0x131/0x390 [ 140.316457][ T6598] pte_alloc_one+0x1e/0x3d0 [ 140.316476][ T6598] do_fault+0x8b8/0x1ad0 [ 140.316494][ T6598] ? __pfx_filemap_map_pages+0x10/0x10 [ 140.316510][ T6598] ? __pmd_alloc+0x6aa/0x9c0 [ 140.316531][ T6598] __handle_mm_fault+0x1919/0x2bb0 [ 140.316549][ T6598] ? __pfx___handle_mm_fault+0x10/0x10 [ 140.316579][ T6598] handle_mm_fault+0x3fe/0xad0 [ 140.316596][ T6598] __get_user_pages+0x54e/0x3590 [ 140.316623][ T6598] ? __pfx___get_user_pages+0x10/0x10 [ 140.316648][ T6598] populate_vma_page_range+0x267/0x3f0 [ 140.316669][ T6598] ? __pfx_populate_vma_page_range+0x10/0x10 [ 140.316689][ T6598] ? __pfx_find_vma_intersection+0x10/0x10 [ 140.316708][ T6598] ? do_mmap+0x69c/0x1210 [ 140.316729][ T6598] __mm_populate+0x1d8/0x380 [ 140.316749][ T6598] ? __pfx___mm_populate+0x10/0x10 [ 140.316771][ T6598] ? up_write+0x282/0x4e0 [ 140.316789][ T6598] vm_mmap_pgoff+0x37f/0x470 [ 140.316810][ T6598] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 140.316832][ T6598] ? __fget_files+0x20e/0x3c0 [ 140.316854][ T6598] ksys_mmap_pgoff+0x32c/0x5c0 [ 140.316872][ T6598] ? __pfx_ksys_write+0x10/0x10 [ 140.316893][ T6598] __x64_sys_mmap+0x125/0x190 [ 140.316909][ T6598] do_syscall_64+0xcd/0xf80 [ 140.316922][ T6598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.316936][ T6598] RIP: 0033:0x7fbea478f7c9 [ 140.316948][ T6598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.316960][ T6598] RSP: 002b:00007fbea55e9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 140.316973][ T6598] RAX: ffffffffffffffda RBX: 00007fbea49e5fa0 RCX: 00007fbea478f7c9 [ 140.316981][ T6598] RDX: 0000400000000ffb RSI: 0000000000810004 RDI: 0000000000000000 [ 140.316989][ T6598] RBP: 00007fbea55e9090 R08: 0000000000000003 R09: 0000000000008000 [ 140.316997][ T6598] R10: 0008000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 140.317004][ T6598] R13: 00007fbea49e6038 R14: 00007fbea49e5fa0 R15: 00007ffdbc370518 [ 140.317022][ T6598] [ 141.170390][ T6607] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 141.516513][ T6613] ======================================================= [ 141.516513][ T6613] WARNING: The mand mount option has been deprecated and [ 141.516513][ T6613] and is ignored by this kernel. Remove the mand [ 141.516513][ T6613] option from the mount to silence this warning. [ 141.516513][ T6613] ======================================================= [ 141.574237][ T6617] FAULT_INJECTION: forcing a failure. [ 141.574237][ T6617] name failslab, interval 1, probability 0, space 0, times 0 [ 141.623939][ T6617] CPU: 0 UID: 0 PID: 6617 Comm: syz.1.139 Not tainted syzkaller #0 PREEMPT(full) [ 141.623971][ T6617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 141.623984][ T6617] Call Trace: [ 141.623991][ T6617] [ 141.624000][ T6617] dump_stack_lvl+0x16c/0x1f0 [ 141.624042][ T6617] should_fail_ex+0x512/0x640 [ 141.624069][ T6617] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 141.624103][ T6617] should_failslab+0xc2/0x120 [ 141.624133][ T6617] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 141.624159][ T6617] ? __d_lookup+0x25c/0x4a0 [ 141.624181][ T6617] ? __d_alloc+0x35/0xa80 [ 141.624204][ T6617] ? __d_alloc+0x35/0xa80 [ 141.624220][ T6617] __d_alloc+0x35/0xa80 [ 141.624243][ T6617] d_alloc+0x4a/0x1e0 [ 141.624263][ T6617] lookup_one_qstr_excl+0x175/0x250 [ 141.624291][ T6617] start_dirop+0x59/0xb0 [ 141.624319][ T6617] simple_start_creating+0xf4/0x100 [ 141.624347][ T6617] ? __pfx_simple_start_creating+0x10/0x10 [ 141.624376][ T6617] ? do_raw_spin_unlock+0x172/0x230 [ 141.624407][ T6617] ? simple_pin_fs+0xa3/0x190 [ 141.624434][ T6617] debugfs_start_creating.part.0+0x86/0x1c0 [ 141.624472][ T6617] __debugfs_create_file+0xb3/0x530 [ 141.624500][ T6617] debugfs_create_file_full+0x41/0x60 [ 141.624527][ T6617] kvm_dev_ioctl+0x1708/0x1a80 [ 141.624567][ T6617] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 141.624607][ T6617] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 141.624637][ T6617] __x64_sys_ioctl+0x18e/0x210 [ 141.624665][ T6617] do_syscall_64+0xcd/0xf80 [ 141.624689][ T6617] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.624712][ T6617] RIP: 0033:0x7fae3158f7c9 [ 141.624731][ T6617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.624753][ T6617] RSP: 002b:00007fae324f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 141.624777][ T6617] RAX: ffffffffffffffda RBX: 00007fae317e6090 RCX: 00007fae3158f7c9 [ 141.624794][ T6617] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008 [ 141.624809][ T6617] RBP: 00007fae31613f91 R08: 0000000000000000 R09: 0000000000000000 [ 141.624821][ T6617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.624833][ T6617] R13: 00007fae317e6128 R14: 00007fae317e6090 R15: 00007ffe469e2398 [ 141.624863][ T6617] [ 146.078618][ T6689] HfR: entered promiscuous mode [ 146.692464][ T6693] can: request_module (can-proto-5) failed. [ 146.735966][ T6693] netlink: 186 bytes leftover after parsing attributes in process `syz.1.156'. [ 147.413457][ T6710] mmap: syz.0.158 (6710) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 148.393637][ T6727] netlink: 'syz.2.163': attribute type 2 has an invalid length. [ 150.530497][ T6752] input: jJǸ-9%v as /devices/virtual/input/input16 [ 151.463815][ T6774] FAULT_INJECTION: forcing a failure. [ 151.463815][ T6774] name failslab, interval 1, probability 0, space 0, times 0 [ 151.476975][ T6774] CPU: 0 UID: 0 PID: 6774 Comm: syz.0.173 Not tainted syzkaller #0 PREEMPT(full) [ 151.477016][ T6774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 151.477030][ T6774] Call Trace: [ 151.477039][ T6774] [ 151.477049][ T6774] dump_stack_lvl+0x16c/0x1f0 [ 151.477093][ T6774] should_fail_ex+0x512/0x640 [ 151.477126][ T6774] should_failslab+0xc2/0x120 [ 151.477163][ T6774] __kmalloc_cache_noprof+0x80/0x800 [ 151.477193][ T6774] ? tipc_conn_alloc+0x48/0x590 [ 151.477230][ T6774] ? tipc_conn_alloc+0x48/0x590 [ 151.477259][ T6774] tipc_conn_alloc+0x48/0x590 [ 151.477292][ T6774] tipc_topsrv_kern_subscr+0x11c/0x3c0 [ 151.477328][ T6774] ? __pfx_tipc_topsrv_kern_subscr+0x10/0x10 [ 151.477366][ T6774] ? net_generic+0xea/0x2a0 [ 151.477405][ T6774] tipc_group_create+0x4ab/0x660 [ 151.477440][ T6774] tipc_setsockopt+0x7c5/0xe00 [ 151.477466][ T6774] ? __pfx_tipc_setsockopt+0x10/0x10 [ 151.477506][ T6774] ? __pfx_tipc_setsockopt+0x10/0x10 [ 151.477533][ T6774] do_sock_setsockopt+0xf3/0x1d0 [ 151.477578][ T6774] __sys_setsockopt+0x120/0x1a0 [ 151.477614][ T6774] __x64_sys_setsockopt+0xbd/0x160 [ 151.477645][ T6774] ? do_syscall_64+0x91/0xf80 [ 151.477666][ T6774] ? lockdep_hardirqs_on+0x7c/0x110 [ 151.477702][ T6774] do_syscall_64+0xcd/0xf80 [ 151.477726][ T6774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.477751][ T6774] RIP: 0033:0x7f0258b8f7c9 [ 151.477771][ T6774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.477793][ T6774] RSP: 002b:00007f0259a73038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 151.477815][ T6774] RAX: ffffffffffffffda RBX: 00007f0258de5fa0 RCX: 00007f0258b8f7c9 [ 151.477832][ T6774] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 151.477846][ T6774] RBP: 00007f0258c13f91 R08: 0000000000000014 R09: 0000000000000000 [ 151.477861][ T6774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.477876][ T6774] R13: 00007f0258de6038 R14: 00007f0258de5fa0 R15: 00007ffd84fbc878 [ 151.477912][ T6774] [ 153.349297][ T30] audit: type=1800 audit(1768397962.050:2): pid=6808 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.181" name="dbroot" dev="configfs" ino=12879 res=0 errno=0 [ 153.533731][ T6813] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 153.726909][ T6815] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 153.884538][ T6813] netlink: 8 bytes leftover after parsing attributes in process `syz.3.182'. [ 156.358931][ T30] audit: type=1800 audit(1768397965.060:3): pid=6871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.194" name="lu_gp_id" dev="configfs" ino=13153 res=0 errno=0 [ 157.168100][ T6879] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 158.875256][ T6898] netlink: 'syz.1.199': attribute type 1 has an invalid length. [ 160.477985][ T6912] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 160.866071][ T6927] netlink: 8 bytes leftover after parsing attributes in process `syz.3.205'. [ 161.678783][ T6912] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 163.278276][ T6957] FAULT_INJECTION: forcing a failure. [ 163.278276][ T6957] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 163.293281][ T6957] CPU: 0 UID: 0 PID: 6957 Comm: syz.0.210 Not tainted syzkaller #0 PREEMPT(full) [ 163.293311][ T6957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 163.293324][ T6957] Call Trace: [ 163.293332][ T6957] [ 163.293341][ T6957] dump_stack_lvl+0x16c/0x1f0 [ 163.293381][ T6957] should_fail_ex+0x512/0x640 [ 163.293412][ T6957] should_fail_alloc_page+0xe7/0x130 [ 163.293448][ T6957] prepare_alloc_pages+0x401/0x670 [ 163.293488][ T6957] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 163.293518][ T6957] ? is_bpf_text_address+0x8a/0x1a0 [ 163.293548][ T6957] ? bpf_ksym_find+0x124/0x1c0 [ 163.293572][ T6957] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 163.293608][ T6957] ? desc_read+0x2ae/0x370 [ 163.293632][ T6957] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 163.293661][ T6957] ? __asan_memcpy+0x3c/0x60 [ 163.293700][ T6957] ? panic_on_this_cpu+0x32/0x40 [ 163.293722][ T6957] ? _prb_read_valid+0x73c/0x890 [ 163.293750][ T6957] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 163.293785][ T6957] ? policy_nodemask+0xea/0x4e0 [ 163.293821][ T6957] alloc_pages_mpol+0x1fb/0x550 [ 163.293855][ T6957] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 163.293898][ T6957] alloc_pages_noprof+0x131/0x390 [ 163.293932][ T6957] __pmd_alloc+0x3b/0x9c0 [ 163.293968][ T6957] __handle_mm_fault+0xbeb/0x2bb0 [ 163.294002][ T6957] ? __pfx___handle_mm_fault+0x10/0x10 [ 163.294047][ T6957] ? find_vma+0xbf/0x140 [ 163.294075][ T6957] ? __pfx_find_vma+0x10/0x10 [ 163.294107][ T6957] handle_mm_fault+0x3fe/0xad0 [ 163.294135][ T6957] do_user_addr_fault+0x7a6/0x1370 [ 163.294163][ T6957] ? rcu_is_watching+0x12/0xc0 [ 163.294194][ T6957] exc_page_fault+0x64/0xc0 [ 163.294225][ T6957] asm_exc_page_fault+0x26/0x30 [ 163.294246][ T6957] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 163.294272][ T6957] Code: cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 163.294290][ T6957] RSP: 0018:ffffc900030a7968 EFLAGS: 00050206 [ 163.294305][ T6957] RAX: 0000000000000001 RBX: 0000000000000100 RCX: 0000000000000100 [ 163.294316][ T6957] RDX: fffff52000614f5d RSI: ffffc900030a79e8 RDI: 0000000000000001 [ 163.294327][ T6957] RBP: 0000000000000001 R08: 0000000000000000 R09: fffff52000614f5c [ 163.294338][ T6957] R10: ffffc900030a7ae7 R11: 0000000000000000 R12: ffffc900030a79e8 [ 163.294350][ T6957] R13: 0000000000000101 R14: 00007ffffffff000 R15: 0000000000000000 [ 163.294377][ T6957] _copy_to_user+0xbb/0xd0 [ 163.294403][ T6957] con_get_trans_old+0x1e9/0x2b0 [ 163.294427][ T6957] ? __pfx_con_get_trans_old+0x10/0x10 [ 163.294470][ T6957] ? apparmor_capable+0x1d7/0x4e0 [ 163.294495][ T6957] ? bpf_lsm_capable+0x9/0x10 [ 163.294522][ T6957] ? security_capable+0x7e/0x260 [ 163.294559][ T6957] vt_ioctl+0x585/0x30a0 [ 163.294588][ T6957] ? __pfx_vt_ioctl+0x10/0x10 [ 163.294611][ T6957] ? tomoyo_path_number_perm+0x295/0x580 [ 163.294644][ T6957] ? tomoyo_path_number_perm+0x18d/0x580 [ 163.294671][ T6957] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 163.294706][ T6957] ? find_held_lock+0x2b/0x80 [ 163.294734][ T6957] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 163.294768][ T6957] ? tty_jobctrl_ioctl+0x152/0xe00 [ 163.294794][ T6957] ? __pfx_vt_ioctl+0x10/0x10 [ 163.294816][ T6957] tty_ioctl+0x661/0x1650 [ 163.294848][ T6957] ? __pfx_tty_ioctl+0x10/0x10 [ 163.294887][ T6957] ? find_held_lock+0x2b/0x80 [ 163.294913][ T6957] ? hook_file_ioctl_common+0x144/0x410 [ 163.294945][ T6957] ? __fget_files+0x20e/0x3c0 [ 163.294983][ T6957] ? __pfx_tty_ioctl+0x10/0x10 [ 163.295011][ T6957] __x64_sys_ioctl+0x18e/0x210 [ 163.295038][ T6957] do_syscall_64+0xcd/0xf80 [ 163.295060][ T6957] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.295082][ T6957] RIP: 0033:0x7f0258b8f7c9 [ 163.295101][ T6957] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.295120][ T6957] RSP: 002b:00007f0259a73038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 163.295140][ T6957] RAX: ffffffffffffffda RBX: 00007f0258de5fa0 RCX: 00007f0258b8f7c9 [ 163.295154][ T6957] RDX: 0000000000000001 RSI: 0000000000004b40 RDI: 0000000000000003 [ 163.295167][ T6957] RBP: 00007f0259a73090 R08: 0000000000000000 R09: 0000000000000000 [ 163.295179][ T6957] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 163.295192][ T6957] R13: 00007f0258de6038 R14: 00007f0258de5fa0 R15: 00007ffd84fbc878 [ 163.295230][ T6957] [ 164.296562][ T6965] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 164.345284][ T6965] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 164.392753][ T6965] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 164.423420][ T6965] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 164.528968][ T6975] FAULT_INJECTION: forcing a failure. [ 164.528968][ T6975] name failslab, interval 1, probability 0, space 0, times 0 [ 164.544055][ T6975] CPU: 1 UID: 0 PID: 6975 Comm: syz.0.215 Not tainted syzkaller #0 PREEMPT(full) [ 164.544086][ T6975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 164.544099][ T6975] Call Trace: [ 164.544107][ T6975] [ 164.544117][ T6975] dump_stack_lvl+0x16c/0x1f0 [ 164.544158][ T6975] should_fail_ex+0x512/0x640 [ 164.544184][ T6975] ? kmem_cache_alloc_noprof+0x62/0x770 [ 164.544214][ T6975] should_failslab+0xc2/0x120 [ 164.544245][ T6975] kmem_cache_alloc_noprof+0x83/0x770 [ 164.544268][ T6975] ? __asan_memcpy+0x3c/0x60 [ 164.544293][ T6975] ? __kernfs_new_node+0xd2/0x9b0 [ 164.544326][ T6975] ? __kernfs_new_node+0xd2/0x9b0 [ 164.544351][ T6975] __kernfs_new_node+0xd2/0x9b0 [ 164.544384][ T6975] ? __pfx___kernfs_new_node+0x10/0x10 [ 164.544420][ T6975] ? find_held_lock+0x2b/0x80 [ 164.544452][ T6975] ? kernfs_root+0xee/0x2a0 [ 164.544487][ T6975] kernfs_new_node+0x13c/0x1e0 [ 164.544526][ T6975] kernfs_create_link+0xcc/0x240 [ 164.544574][ T6975] sysfs_do_create_link_sd+0x90/0x140 [ 164.544608][ T6975] sysfs_create_link+0x61/0xc0 [ 164.544636][ T6975] device_add+0x652/0x1980 [ 164.544675][ T6975] ? __pfx_device_add+0x10/0x10 [ 164.544715][ T6975] ? kfree_const+0x55/0x60 [ 164.544747][ T6975] device_create_groups_vargs+0x1f8/0x270 [ 164.544787][ T6975] device_create+0xed/0x130 [ 164.544822][ T6975] ? __pfx_device_create+0x10/0x10 [ 164.544859][ T6975] ? do_init_timer+0xc9/0x110 [ 164.544897][ T6975] ? ieee80211_roc_setup+0x136/0x270 [ 164.544931][ T6975] ? ieee80211_alloc_hw_nm+0x231/0x22b0 [ 164.544966][ T6975] mac80211_hwsim_new_radio+0x36a/0x5150 [ 164.545006][ T6975] ? __asan_memset+0x23/0x50 [ 164.545034][ T6975] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 164.545068][ T6975] hwsim_new_radio_nl+0xba2/0x1330 [ 164.545100][ T6975] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 164.545140][ T6975] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 164.545166][ T6975] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 164.545201][ T6975] genl_family_rcv_msg_doit+0x209/0x2f0 [ 164.545228][ T6975] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 164.545259][ T6975] ? genl_get_cmd+0x194/0x580 [ 164.545290][ T6975] ? bpf_lsm_capable+0x9/0x10 [ 164.545320][ T6975] ? security_capable+0x7e/0x260 [ 164.545359][ T6975] ? ns_capable+0xd7/0x110 [ 164.545391][ T6975] genl_rcv_msg+0x55c/0x800 [ 164.545419][ T6975] ? __pfx_genl_rcv_msg+0x10/0x10 [ 164.545444][ T6975] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 164.545486][ T6975] netlink_rcv_skb+0x158/0x420 [ 164.545521][ T6975] ? __pfx_genl_rcv_msg+0x10/0x10 [ 164.545546][ T6975] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 164.545600][ T6975] ? netlink_deliver_tap+0x1ae/0xd30 [ 164.545642][ T6975] genl_rcv+0x28/0x40 [ 164.545663][ T6975] netlink_unicast+0x5aa/0x870 [ 164.545704][ T6975] ? __pfx_netlink_unicast+0x10/0x10 [ 164.545753][ T6975] netlink_sendmsg+0x8c8/0xdd0 [ 164.545793][ T6975] ? __pfx_netlink_sendmsg+0x10/0x10 [ 164.545832][ T6975] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 164.545878][ T6975] ____sys_sendmsg+0xa5d/0xc30 [ 164.545903][ T6975] ? copy_msghdr_from_user+0x10a/0x160 [ 164.545934][ T6975] ? __pfx_____sys_sendmsg+0x10/0x10 [ 164.545954][ T6975] ? preempt_schedule_thunk+0x16/0x30 [ 164.545984][ T6975] ? try_to_wake_up+0xa67/0x1860 [ 164.546020][ T6975] ___sys_sendmsg+0x134/0x1d0 [ 164.546054][ T6975] ? __pfx____sys_sendmsg+0x10/0x10 [ 164.546085][ T6975] ? futex_private_hash_put+0x160/0x1b0 [ 164.546152][ T6975] __sys_sendmsg+0x16d/0x220 [ 164.546183][ T6975] ? __pfx___sys_sendmsg+0x10/0x10 [ 164.546214][ T6975] ? __x64_sys_futex+0x1e0/0x4c0 [ 164.546263][ T6975] do_syscall_64+0xcd/0xf80 [ 164.546286][ T6975] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.546311][ T6975] RIP: 0033:0x7f0258b8f7c9 [ 164.546330][ T6975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.546353][ T6975] RSP: 002b:00007f0259a73038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 164.546374][ T6975] RAX: ffffffffffffffda RBX: 00007f0258de5fa0 RCX: 00007f0258b8f7c9 [ 164.546388][ T6975] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000006 [ 164.546401][ T6975] RBP: 00007f0258c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 164.546416][ T6975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.546429][ T6975] R13: 00007f0258de6038 R14: 00007f0258de5fa0 R15: 00007ffd84fbc878 [ 164.546465][ T6975] [ 166.305099][ T5843] Bluetooth: hci0: command 0x0c1a tx timeout [ 166.386023][ T5843] Bluetooth: hci1: command 0x0c1a tx timeout [ 166.465681][ T5843] Bluetooth: hci2: command 0x0c1a tx timeout [ 166.465808][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 167.887158][ T7022] FAULT_INJECTION: forcing a failure. [ 167.887158][ T7022] name failslab, interval 1, probability 0, space 0, times 0 [ 167.900030][ T7022] CPU: 1 UID: 0 PID: 7022 Comm: syz.1.225 Not tainted syzkaller #0 PREEMPT(full) [ 167.900064][ T7022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 167.900078][ T7022] Call Trace: [ 167.900087][ T7022] [ 167.900097][ T7022] dump_stack_lvl+0x16c/0x1f0 [ 167.900141][ T7022] should_fail_ex+0x512/0x640 [ 167.900168][ T7022] ? fs_reclaim_acquire+0xae/0x150 [ 167.900239][ T7022] should_failslab+0xc2/0x120 [ 167.900277][ T7022] kmem_cache_alloc_noprof+0x83/0x770 [ 167.900306][ T7022] ? __pfx_map_id_range_down+0x10/0x10 [ 167.900339][ T7022] ? security_inode_alloc+0x3b/0x2b0 [ 167.900372][ T7022] ? security_inode_alloc+0x3b/0x2b0 [ 167.900396][ T7022] security_inode_alloc+0x3b/0x2b0 [ 167.900423][ T7022] inode_init_always_gfp+0xced/0x1040 [ 167.900463][ T7022] alloc_inode+0x86/0x240 [ 167.900491][ T7022] new_inode+0x22/0x1c0 [ 167.900521][ T7022] __debugfs_create_file+0x105/0x530 [ 167.900551][ T7022] debugfs_create_file_full+0x41/0x60 [ 167.900579][ T7022] kvm_dev_ioctl+0x1708/0x1a80 [ 167.900622][ T7022] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 167.900661][ T7022] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 167.900689][ T7022] __x64_sys_ioctl+0x18e/0x210 [ 167.900717][ T7022] do_syscall_64+0xcd/0xf80 [ 167.900739][ T7022] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.900758][ T7022] RIP: 0033:0x7fae3158f7c9 [ 167.900770][ T7022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.900783][ T7022] RSP: 002b:00007fae324f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 167.900796][ T7022] RAX: ffffffffffffffda RBX: 00007fae317e6090 RCX: 00007fae3158f7c9 [ 167.900805][ T7022] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000008 [ 167.900813][ T7022] RBP: 00007fae31613f91 R08: 0000000000000000 R09: 0000000000000000 [ 167.900820][ T7022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.900828][ T7022] R13: 00007fae317e6128 R14: 00007fae317e6090 R15: 00007ffe469e2398 [ 167.900847][ T7022] [ 167.900898][ T7022] debugfs: out of free dentries, can not create file 'halt_attempted_poll' [ 171.339833][ T7087] netlink: 4 bytes leftover after parsing attributes in process `syz.1.238'. [ 171.411744][ T7089] netlink: 354 bytes leftover after parsing attributes in process `syz.2.239'. [ 172.479010][ T7105] ================================================================== [ 172.479028][ T7105] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x15d4/0x17b0 [ 172.479073][ T7105] Write of size 8 at addr ffffc90003979000 by task syz.3.243/7105 [ 172.479092][ T7105] [ 172.479107][ T7105] CPU: 1 UID: 0 PID: 7105 Comm: syz.3.243 Tainted: G L syzkaller #0 PREEMPT(full) [ 172.479139][ T7105] Tainted: [L]=SOFTLOCKUP [ 172.479147][ T7105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 172.479160][ T7105] Call Trace: [ 172.479168][ T7105] [ 172.479177][ T7105] dump_stack_lvl+0x116/0x1f0 [ 172.479212][ T7105] print_report+0xcd/0x630 [ 172.479244][ T7105] ? __virt_addr_valid+0x81/0x610 [ 172.479279][ T7105] ? sys_fillrect+0x15d4/0x17b0 [ 172.479308][ T7105] kasan_report+0xe0/0x110 [ 172.479341][ T7105] ? sys_fillrect+0x15d4/0x17b0 [ 172.479375][ T7105] sys_fillrect+0x15d4/0x17b0 [ 172.479409][ T7105] ? __pfx_sys_fillrect+0x10/0x10 [ 172.479446][ T7105] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 172.479482][ T7105] bit_clear+0x17d/0x220 [ 172.479508][ T7105] ? __pfx_bit_clear+0x10/0x10 [ 172.479534][ T7105] ? fb_get_color_depth+0x120/0x250 [ 172.479558][ T7105] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 172.479593][ T7105] ? __pfx_bit_clear+0x10/0x10 [ 172.479618][ T7105] __fbcon_clear+0x679/0x7d0 [ 172.479646][ T7105] fbcon_scroll+0x48b/0x640 [ 172.479672][ T7105] con_scroll+0x45f/0x690 [ 172.479705][ T7105] do_con_write+0x5565/0x8280 [ 172.479752][ T7105] ? __pfx_do_con_write+0x10/0x10 [ 172.479803][ T7105] con_write+0x23/0xb0 [ 172.479833][ T7105] n_tty_write+0x434/0x1280 [ 172.479863][ T7105] ? __pfx_n_tty_write+0x10/0x10 [ 172.479886][ T7105] ? __pfx_woken_wake_function+0x10/0x10 [ 172.479914][ T7105] ? file_tty_write.constprop.0+0x6f3/0x9b0 [ 172.479952][ T7105] ? __pfx_n_tty_write+0x10/0x10 [ 172.479975][ T7105] file_tty_write.constprop.0+0x503/0x9b0 [ 172.480012][ T7105] redirected_tty_write+0xd4/0x120 [ 172.480049][ T7105] vfs_write+0x7d3/0x11d0 [ 172.480081][ T7105] ? __pfx_redirected_tty_write+0x10/0x10 [ 172.480114][ T7105] ? __pfx_vfs_write+0x10/0x10 [ 172.480143][ T7105] ? find_held_lock+0x2b/0x80 [ 172.480181][ T7105] ksys_write+0x12a/0x250 [ 172.480211][ T7105] ? __pfx_ksys_write+0x10/0x10 [ 172.480246][ T7105] do_syscall_64+0xcd/0xf80 [ 172.480267][ T7105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.480290][ T7105] RIP: 0033:0x7f48d158f7c9 [ 172.480310][ T7105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.480330][ T7105] RSP: 002b:00007f48d2508038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 172.480352][ T7105] RAX: ffffffffffffffda RBX: 00007f48d17e5fa0 RCX: 00007f48d158f7c9 [ 172.480368][ T7105] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 172.480382][ T7105] RBP: 00007f48d2508090 R08: 0000000000000000 R09: 0000000000000000 [ 172.480396][ T7105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 172.480409][ T7105] R13: 00007f48d17e6038 R14: 00007f48d17e5fa0 R15: 00007fffe64ab278 [ 172.480433][ T7105] [ 172.480441][ T7105] [ 172.480447][ T7105] The buggy address belongs to a vmalloc virtual mapping [ 172.480463][ T7105] Memory state around the buggy address: [ 172.480475][ T7105] ffffc90003978f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 172.480491][ T7105] ffffc90003978f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 172.480506][ T7105] >ffffc90003979000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 172.480518][ T7105] ^ [ 172.480530][ T7105] ffffc90003979080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 172.480546][ T7105] ffffc90003979100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 172.480558][ T7105] ================================================================== [ 172.480999][ T7105] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 172.481018][ T7105] CPU: 1 UID: 0 PID: 7105 Comm: syz.3.243 Tainted: G L syzkaller #0 PREEMPT(full) [ 172.481056][ T7105] Tainted: [L]=SOFTLOCKUP [ 172.481064][ T7105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 172.481077][ T7105] Call Trace: [ 172.481085][ T7105] [ 172.481093][ T7105] dump_stack_lvl+0x3d/0x1f0 [ 172.481130][ T7105] vpanic+0x640/0x6f0 [ 172.481153][ T7105] panic+0xca/0xd0 [ 172.481171][ T7105] ? __pfx_panic+0x10/0x10 [ 172.481193][ T7105] ? sys_fillrect+0x15d4/0x17b0 [ 172.481222][ T7105] ? preempt_schedule_common+0x44/0xc0 [ 172.481254][ T7105] ? preempt_schedule_thunk+0x16/0x30 [ 172.481275][ T7105] ? check_panic_on_warn+0x1f/0xb0 [ 172.481297][ T7105] check_panic_on_warn+0xab/0xb0 [ 172.481320][ T7105] end_report+0x107/0x160 [ 172.481351][ T7105] kasan_report+0xee/0x110 [ 172.481383][ T7105] ? sys_fillrect+0x15d4/0x17b0 [ 172.481417][ T7105] sys_fillrect+0x15d4/0x17b0 [ 172.481451][ T7105] ? __pfx_sys_fillrect+0x10/0x10 [ 172.481487][ T7105] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 172.481522][ T7105] bit_clear+0x17d/0x220 [ 172.481548][ T7105] ? __pfx_bit_clear+0x10/0x10 [ 172.481574][ T7105] ? fb_get_color_depth+0x120/0x250 [ 172.481598][ T7105] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 172.481639][ T7105] ? __pfx_bit_clear+0x10/0x10 [ 172.481665][ T7105] __fbcon_clear+0x679/0x7d0 [ 172.481694][ T7105] fbcon_scroll+0x48b/0x640 [ 172.481720][ T7105] con_scroll+0x45f/0x690 [ 172.481753][ T7105] do_con_write+0x5565/0x8280 [ 172.481793][ T7105] ? __pfx_do_con_write+0x10/0x10 [ 172.481831][ T7105] con_write+0x23/0xb0 [ 172.481862][ T7105] n_tty_write+0x434/0x1280 [ 172.481893][ T7105] ? __pfx_n_tty_write+0x10/0x10 [ 172.481917][ T7105] ? __pfx_woken_wake_function+0x10/0x10 [ 172.481945][ T7105] ? file_tty_write.constprop.0+0x6f3/0x9b0 [ 172.481979][ T7105] ? __pfx_n_tty_write+0x10/0x10 [ 172.482003][ T7105] file_tty_write.constprop.0+0x503/0x9b0 [ 172.482046][ T7105] redirected_tty_write+0xd4/0x120 [ 172.482078][ T7105] vfs_write+0x7d3/0x11d0 [ 172.482109][ T7105] ? __pfx_redirected_tty_write+0x10/0x10 [ 172.482144][ T7105] ? __pfx_vfs_write+0x10/0x10 [ 172.482172][ T7105] ? find_held_lock+0x2b/0x80 [ 172.482210][ T7105] ksys_write+0x12a/0x250 [ 172.482241][ T7105] ? __pfx_ksys_write+0x10/0x10 [ 172.482277][ T7105] do_syscall_64+0xcd/0xf80 [ 172.482299][ T7105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.482322][ T7105] RIP: 0033:0x7f48d158f7c9 [ 172.482341][ T7105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.482361][ T7105] RSP: 002b:00007f48d2508038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 172.482384][ T7105] RAX: ffffffffffffffda RBX: 00007f48d17e5fa0 RCX: 00007f48d158f7c9 [ 172.482401][ T7105] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 172.482415][ T7105] RBP: 00007f48d2508090 R08: 0000000000000000 R09: 0000000000000000 [ 172.482429][ T7105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 172.482443][ T7105] R13: 00007f48d17e6038 R14: 00007f48d17e5fa0 R15: 00007fffe64ab278 [ 172.482467][ T7105] [ 172.482806][ T7105] Kernel Offset: disabled