last executing test programs: 11m31.081761888s ago: executing program 2 (id=238): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x9, 0x2000000000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) madvise$auto(0x0, 0x1010001, 0x100000003) 11m30.980164721s ago: executing program 2 (id=239): r0 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x25, 0x5, 0x2) (async) r1 = socket(0x848000000015, 0x5, 0x0) (async) bind$auto(0x3, &(0x7f0000000240)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x23}}, 0x6b) connect$auto(0x3, &(0x7f00000002c0)=@generic={0xa, "5457c29004e0b991da88f70ef61b"}, 0x55) (async, rerun: 32) sendmsg$auto_NL80211_CMD_GET_MPATH(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x100000) (rerun: 32) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) (async) ustat$auto(0x801, 0x0) r2 = socket(0xa, 0x1, 0x84) getsockopt$auto(r2, 0x4084, 0xd, 0x0, 0x0) (async, rerun: 64) sendmsg$auto(r0, &(0x7f0000000100)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0xa9, 0x4}, 0x0) (rerun: 64) 11m30.891024559s ago: executing program 2 (id=240): r0 = bpf$auto(0xd, &(0x7f0000000080)=@iter_create={0x1, 0x2}, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000180), 0x400281, 0x0) r2 = getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/dri/vkms/clients\x00', 0x2100, 0x0) pipe2$auto(&(0x7f00000000c0), 0x0) process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0xfff}, 0x5, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) ioctl$auto(r1, 0x40246f4c, 0x38) close_range$auto(0x2, 0x8, 0x0) connect$auto(0xffffffffffffffff, &(0x7f00000000c0)=@in={0x2, 0x0, @local}, 0x55) close_range$auto(0x2, 0xa, 0x0) r3 = socket(0x2b, 0x1, 0x1) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(r3, 0x2, &(0x7f00000000c0), 0x1) socket(0x2, 0x80002, 0x73) ioctl$auto_EXT4_IOC_GETSTATE(r0, 0x40046629, &(0x7f0000000040)=0x8) socket(0x2, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) capset$auto(0x0, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0xb, 0xd, 0xfffffffd, 0x0) 11m30.772466673s ago: executing program 2 (id=241): mmap$auto(0x0, 0x9, 0xfc, 0x1000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0182, 0x0) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) socket(0x1f, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) mremap$auto(0x6, 0x100005, 0x843, 0x3, 0x2) setsockopt$auto_SO_TIMESTAMP_NEW(r0, 0xfffffffe, 0x3f, &(0x7f0000000040)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x6) fsopen$auto(0x0, 0x1) madvise$auto(0xfffffffffffffffa, 0x9, 0x19) setregid$auto(0xffffffffffffffff, 0xfffe) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r2) mmap$auto(0x7, 0xfffffffffffffffb, 0x4000000000de, 0x78, r2, 0x300000000004) r4 = socket(0x1d, 0x3, 0x1) mlockall$auto(0x9) getsockopt$auto(r4, 0x65, 0x6, 0xffffffffffffffff, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) 11m30.20404721s ago: executing program 2 (id=247): mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snd/pcmC1D0c\x00', 0x1, 0x0) pipe$auto(0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xcfk', 0x81) getsockopt$auto_SO_DOMAIN(0xffffffffffffffff, 0xf99, 0x27, &(0x7f0000000040)='-&\x00', &(0x7f0000000100)=0x100203) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) open(0x0, 0x22240, 0x155) sysfs$auto(0x2, 0xe, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:00.0/power_state\x00', 0x40, 0x0) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x80100, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/fcloop/ctl/add_local_port\x00', 0xa001, 0x0) write$auto(r1, &(0x7f0000000280)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\xfc\xc6k\x92\xa3\x99\xc4 \xbcr^\x9f\x8a\a\xd7\x19\xb8k\xa2\xce\xdb\x89B$\x0f\x06\x91\r\x81\b\x1e~\xe0{\x1f\xd2\xc0\xd8\xd2\xd4\xf6^\x92\xdfDn\xff\xc0\xf7I.\xb6\x80Gn\xb1\x0f\xf5\bKS\xe2\xc7\x16]\xd84\xf8\x01I\x03*N\xd2\xfb\xa0\x7f\xc6O\x8cy`\xe0\x9a\xab9\xc2\xe1\xc1s\xcf\xf9\xc1D\x83~D\xab\am\xc8\xbdu\xa9\xa0\x04\xbc\x83\xe79bQ\xe9\v\xc1\xf1\xc6', 0x80) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x40146f2c, 0x0) prctl$auto(0x23, 0xa, 0x2008, 0x0, 0x0) r2 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x4, 0x8000) read$auto(0x3, 0x0, 0x80) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) r3 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r3, 0x403c6f2b, 0x0) socket(0x2, 0x1, 0x106) bind$auto(0x3, 0x0, 0x6a) ioprio_get$auto_IOPRIO_WHO_PROCESS(0x1, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x100000000400008, 0xdf, 0x9b72, 0x2, 0x3) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r4, 0x5404, &(0x7f0000000180)='i}7') syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) 11m29.865906872s ago: executing program 2 (id=248): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = open(0x0, 0x261c3, 0x84) close_range$auto(0x2, 0x8000, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'wg0\x00'}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_7={@prog_id=0x1, 0x9, 0xfd}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9c, 0x7, 0x8}, 0x9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) r3 = socket(0x22, 0x3, 0x0) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) r4 = open(&(0x7f00000004c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x8000, 0x50) read$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x80184947, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0x4, 0x0, 0x4) open(0x0, 0x0, 0x408) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) 11m14.619081844s ago: executing program 32 (id=248): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = open(0x0, 0x261c3, 0x84) close_range$auto(0x2, 0x8000, 0x0) r1 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000280)={'wg0\x00'}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_7={@prog_id=0x1, 0x9, 0xfd}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r1, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r0, 0x0, 0x3}, 0xc) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9c, 0x7, 0x8}, 0x9) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x8, 0x1000000004, 0x9b72, 0x2, 0x8000) r3 = socket(0x22, 0x3, 0x0) mknod$auto(&(0x7f00000003c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5', 0x20e9, 0x103) r4 = open(&(0x7f00000004c0)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x8000, 0x50) read$auto_kernfs_file_fops_kernfs_internal(r4, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x80184947, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0x4, 0x0, 0x4) open(0x0, 0x0, 0x408) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) 9m30.530335251s ago: executing program 3 (id=651): ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f00000000c0)={0x4, &(0x7f0000000080)={0x4, 0x9, 0x1, @raw=0x2}}) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000100)="da518ed75fcc9f1a8be03501757c05ab6f5a5b36148695b3115a77b09872bf8a5e4c18ed50fc7653bb12525189093819ba59de56fb2504684cfb4f2a2fd2f9f6e2b9418bd2758adb0f57e8ddd982db4206c2b33c55455cfc5dfe1ddc725fd46849d1dcb59678cc1f78ecec38868c1f514ed226e66821923de93165e2805e2e89f8c1d14629e9cea74e8bb76297e617accc6b9d824259b5bd3f6c8068692e8580b1ad399ee8818c436111bd3f", 0xac) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000180), 0x7}, 0x4) mmap$auto(0x0, 0x6, 0x1ff, 0x14, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000000)=@can={0x1d, r2}, 0x67) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) unshare$auto(0x40000080) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000b00), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYBLOB="e113b236f00fdd31536c90bcd307283402d0260c6577a8cc88f0bb1b65682cbad2549d454974d3215ea739beebd98b391acc8688f0904017a80beb30701384bc0a1a53db634c8cf451c3f16acf211043e930d72e125e3cd7d31ad512ad1f034509e02d88e88375b50e38295e61fc68672539ef49c280a27e5629c50b3205a02e3de344485266c34edc2ad7dfcac358a6950867d841651bdcd2f26f9c5248051f27a55ca78a124858e8d90baf88b970f3ce78009a6de9c13c25e596946d3bd55af802a8dd16662c3ea93af9d0ff34118788ae2b64b79a4e13c565fde371b941b638b78507c504d64786e61ebc703442c5f49afc04dd348717cdabb4d5c10abb", @ANYRESHEX=r3], 0x38}, 0x1, 0x0, 0x0, 0x20004010}, 0x800) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x3f0000f5) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x62, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x0, 0x0) openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, 0x0, 0x244c02, 0x0) r5 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) close_range$auto(r5, r5, 0x0) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video57\x00', 0xa240, 0x0) ioctl$auto(r6, 0xc0585611, r6) socket$nl_generic(0x10, 0x3, 0x10) 9m28.890446327s ago: executing program 3 (id=658): socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0) (async) sysfs$auto(0x2, 0x4, 0x0) (async) r0 = socket(0xa, 0x5, 0x0) getsockopt$auto(r0, 0x84, 0x12, 0x0, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async) r1 = socket(0x2c, 0x3, 0x0) bind$auto(r1, &(0x7f0000000080)=@xdp={0x2c, 0xc, 0x0, 0x1c}, 0x6b) (async) setsockopt$auto_SO_BROADCAST(r1, 0x5, 0x6, 0x0, 0x74) r2 = socket(0x80000000000000a, 0x2, 0x0) sendto$auto(r2, 0x0, 0x402, 0x101, &(0x7f0000000000)=@generic={0xa, "01e983638bffff4993021400"}, 0x17) (async) socket(0x18, 0x3, 0x2) (async, rerun: 32) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) (rerun: 32) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) (async, rerun: 32) epoll_create$auto(0x4) (async, rerun: 32) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) (async) sendfile$auto(0x1, 0xffffffffffffffff, 0x0, 0x8fb5) (async) fcntl$auto(0x0, 0x408, 0x100000) (async) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) (async) close_range$auto(0x2, 0xa, 0x0) (async) socket(0x18, 0xa, 0x1) (async) socket(0x1a, 0x5, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd13\x00', 0x2c201, 0x0) (async) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) 9m27.669849134s ago: executing program 3 (id=663): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x28, 0x0, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0xfffffffa}]}, 0x28}, 0x1, 0x0, 0x0, 0x44845}, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) write$auto(r0, 0x0, 0x2) getrlimit$auto(0x3, 0x0) fdatasync$auto(r0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r2, 0x127f, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snd/controlC2\x00', 0x400, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)=';') pselect6$auto(0x9, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 9m24.831750949s ago: executing program 3 (id=672): openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, &(0x7f0000000140), 0x121140, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/arp_tables_names\x00', 0x40, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000880)='/dev/input/event0\x00', 0x40100, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) r1 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$auto_RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000280)={0xffffffff, 0x0, 0x3, 0xfffff66e, 0x5, 0x80, 0xcf, 0x6c38, 0xe}) ioctl$auto_EVIOCGMASK(r0, 0x80104592, &(0x7f0000000040)={0x1, 0xffffffff, 0x4000009}) io_uring_setup$auto(0x6, 0x0) shmctl$auto_SHM_LOCK(0x800, 0xb, &(0x7f0000000080)={{0x9, 0xee01, 0xee00, 0x7ff, 0x8, 0x5}, 0xe9f, 0x1, 0x80000001, 0x3, @inferred=0xffffffffffffffff, @inferred, 0x6f4, 0x0, &(0x7f0000000200)="707d0e8bd73d6b8a739300ef983c41c7f17771a017067524991b94b1740de05baba497528cc1d640edaf268ef24803deaa783751598df6706fc4f7451077d57c2adae2f65d860ffbc2e4e5174eea5106ebf7104f4dea3a50f9b7db7806c931ab32a6a4a77c3745e4e9d9bbcecd937205b85f0a8bf81eaf5a2326b0b77dc69e5cc173f07d62608ae76ce7394a63dc04927f794ad66297651c5b524ba0493a5069595406c34f22ebcc1c709d2aac179b8fe556d5a88f34a44ad6524568bb0b2df9074ceba23097a1335f94343e22181ce40896e46eb006b1e27940b7f038c4f4ad82edbfacf0cb88768157"}) shmctl$auto_IPC_SET(0x5, 0x1, &(0x7f0000000380)={{0x7, 0xffffffffffffffff, 0xee00, 0x5ba, 0x4, 0x6f, 0x2d7}, 0x764a, 0x9, 0x67ca, 0x6, @raw=0x8, @raw=0x4, 0x9, 0x0, &(0x7f0000000100)="28d1667d29b7991a5b4db0971b11c86b", &(0x7f0000000300)="d3466cff38ce8370abe8f03501b9a89e727062f70cfb5fdc2606b0a0753c0e9f0aadae453fd0e6aa795a658841bacf2e977ca2d482de072f97f48c8056e643e9d6112e9b3db49205ca024e543762459abc6676181e5045e577795cfd9a1a70d624d41b799c9f3f02f444e3ab60000ba8d0b044aef6eb5795ae815e99d84afd"}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r4 = socket(0x2, 0x1, 0x106) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) open(0x0, 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r5, 0x401c5820, 0x0) fstat$auto(r4, 0x0) lstat$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000400)={0x1, 0x2, 0x2, 0x2, 0x0, 0xee00, 0x0, 0x100000000, 0xfffffffffffffffe, 0x8, 0x8, 0xd0, 0x3, 0x101, 0x8, 0xfff, 0x4}) mremap$auto(0x4, 0xf, 0x27de, 0x10003, 0x552) setresuid$auto(r2, r3, r6) 9m24.624823696s ago: executing program 3 (id=673): mmap$auto(0x0, 0x20009, 0x9e, 0xeb4, 0x401, 0x9) r0 = ioctl$auto_TUNGETVNETLE2(0xffffffffffffffff, 0x800454dd, &(0x7f0000000000)=0x8) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x23, 0xa, 0x3) (async, rerun: 32) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async, rerun: 32) sysfs$auto(0x2, 0x10000000000002c, 0x0) r2 = fsopen$auto(0x0, 0x1) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000180), r1) sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, r3, 0x200, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4000c00}, 0x4000000) (async) mmap$auto(0x0, 0x9, 0x3ff57697, 0x9b72, 0x2, 0x8000000000008000) (async) r4 = io_uring_setup$auto(0x6, 0x0) (async) io_uring_enter$auto(0xffffffffffffffff, 0x7, 0x2, 0x10, 0x0, 0xf2a7214) (async, rerun: 64) sendmsg$auto_NL802154_CMD_SEND_BEACONS(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000540)=ANY=[@ANYBLOB="4002a9a8400580df1dd542417732bfac52834000", @ANYRES16=r3, @ANYBLOB="080927bd7000ffdbdf25260000000600090000040000050012000300000008000500060000006c0002002f7379732f646576696365732f706c6174666f726d2f6d61633830323135345f687773696d2f696565653830323135342f706879312f6e65742f7770616e312f7175657565732f74782d302f627974655f71756575655f6c696d6974732f7374616c6c5f636e740098012b8094016080c100a000f7b8d47c2cab8b748c3625b55aaa5b37f6060585607b18968ae75dbd3cc6c3551137845af8d73fc822388a4109e8a7ae941a569188e7ff9b1d81d7db186b1ef0421264b660012d9059159cfbdba3104e52b3ad85d601c0e61bc342eda0dbb7add69f9cd0a041eadb991435a22f78a5ed898d3fdbff5af9828bae52eb9cc1df35f0b3b0c4b61df5aa27c74eca9f7dca7aa39389a289f067a3f8ff3d2a545c008d56598fa929bcec859a669f2544c964593c8272982290e410cdbb1994b0000000c2008a008ac0a4f3e83b2f11b22c2136b2c397fa1302ed193149f21572e325ab6c199a1523dbb97f41ad05f32cf9aaa7f16bef717c1f29b8a09003522dc3095bc00fc62f33430822d2850d7963cc5eb83df8976cd23955782d47030b1ab321309a09f4aae5f254dede35cb0389b191d84963bf98d08f514294cb222f29be18986d6abca2231d9aacd73c88699d6236b5c296a0cbc40a862367d557e0a10530ecc844fc5c91c7bd30074d9ac977282d788fec0652afbeb095f7e5e24cdd9e48cd79b100000800a2000000000005002400100000000500120050000000"], 0x240}, 0x1, 0x0, 0x0, 0x8080}, 0x80) (async, rerun: 64) r5 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000280), r2) sendmsg$auto_NCSI_CMD_SEND_CMD(r4, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x1c, r5, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@NCSI_ATTR_PACKAGE_MASK={0x8, 0x7, 0x6}]}, 0x1c}}, 0x4020) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/caif0/max_addresses\x00', 0x50400, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/mac802154_hwsim/ieee802154/phy1/net/wpan1/queues/tx-0/byte_queue_limits/stall_cnt\x00', 0x0, 0x0) (async) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/afs/addr_prefs\x00', 0x8f3b7a51b80ebd01, 0x0) write$auto_proc_reg_file_ops_compat_inode(r7, &(0x7f0000000040)="207b202002", 0x5) (async) read$auto(r6, 0x0, 0x20) (async) write$auto(0x3, 0x0, 0xfdef) 9m23.624504462s ago: executing program 3 (id=677): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video7\x00', 0x8200, 0x0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000000)=""/133, 0xfffffffffffffe76) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x110c230000, 0x0, 0x2000101, 0x3, 0xf000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb9, 0xf, 0x1000007, 0x400004, 0xffffffffffffffff, 0x7, "00b09fb7b60000e3ffffffffffffff00", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3, 0xffffffffffffffff, 0xffffffffffffffff}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r1, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0xfffffffe, 0x4}}, 0x92) ioctl$auto_SOUND_MIXER_READ_CAPS(r2, 0x80044dfc, &(0x7f0000000100)="0e92e1887ac6466a0cf8fbdfada31c5dd603ff9404a7dfbe5d1f9f9848d4f7b89359118b89a51915e54498ee6070f2f73db369a4cf6eca4f") 9m8.5457898s ago: executing program 33 (id=677): r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video7\x00', 0x8200, 0x0) read$auto_v4l2_fops_v4l2_dev(r0, &(0x7f0000000000)=""/133, 0xfffffffffffffe76) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x110c230000, 0x0, 0x2000101, 0x3, 0xf000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb9, 0xf, 0x1000007, 0x400004, 0xffffffffffffffff, 0x7, "00b09fb7b60000e3ffffffffffffff00", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3, 0xffffffffffffffff, 0xffffffffffffffff}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r1, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0xfffffffe, 0x4}}, 0x92) ioctl$auto_SOUND_MIXER_READ_CAPS(r2, 0x80044dfc, &(0x7f0000000100)="0e92e1887ac6466a0cf8fbdfada31c5dd603ff9404a7dfbe5d1f9f9848d4f7b89359118b89a51915e54498ee6070f2f73db369a4cf6eca4f") 1m54.418415557s ago: executing program 4 (id=2172): openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f00000006c0), 0x121300, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x80800, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x4cb00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) bind$auto(0x3, 0x0, 0xb) socket(0x1d, 0x2, 0x7) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0\x00', 0x58002, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x4, 0x2000c, 0xde, 0x20eb1, 0x40000000000a5, 0x8000) r1 = memfd_create$auto(0x0, 0x0) r2 = socket(0xa, 0x3, 0x3a) statx$auto(r1, 0x0, 0x1000, 0xbdfc, 0x0) setsockopt$auto(r2, 0x29, 0x14, 0x0, 0x56b) r3 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r3, 0x5, 0xfffffffd, 0x0, 0xb81c) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendfile$auto(r2, r0, &(0x7f0000000100)=0x7, 0x3) socket(0x15, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @host}, 0x55) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) 1m51.178070489s ago: executing program 4 (id=2177): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x81d, 0x1ff, 0x15, 0x8000000000000024, 0x8000) bind$auto(r0, &(0x7f0000000140)=@sco={0x1f, @none}, 0x1006d) close_range$auto(0x2, 0x8, 0x0) socket(0x3, 0x6, 0x4000c) r1 = socket(0x1d, 0x3, 0x1) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(r1, 0x65, 0x1, 0x0, 0x8) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x103080, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)={0x3, 0x0, [{0x1, 0x40008, 0x718c1257}]}) connect$auto(r4, &(0x7f0000000100)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}, 0x85f1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) eventfd$auto(0x4) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) unshare$auto(0x40000080) setsockopt$auto(0x3, 0xa, 0x7b, 0x0, 0xd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r5 = socket(0x2c, 0x1, 0x8000000) bind$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r5, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x9, 0xfffffffd}, 0x1}, 0x5, 0x20000000) openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto(0x3, 0x80108907, 0x38) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40) setsockopt$auto(0x3, 0x6, 0x3, 0x0, 0xd) 1m49.298602963s ago: executing program 4 (id=2180): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = gettid() r1 = getpid() rt_tgsigqueueinfo$auto(r1, r0, 0x5, &(0x7f0000000140)={@siginfo_0_0={0x8, 0x7fffffff, 0x80, @_kill={r1}}}) sched_setaffinity$auto(r1, 0x0, &(0x7f0000000040)=0x1) r2 = bpf$auto(0x8000000, 0x0, 0x438) prctl$auto(0x80003e, 0x51, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xa9) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r2, 0x0, 0x4044) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x4, 0xeb1, 0xffffffffffffffff, 0x6000000000) shmctl$auto_SHM_LOCK(0x2, 0xb, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4c2080, 0x0) unshare$auto(0x40000080) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/net/mcfilter6\x00', 0x121000, 0x0) pread64$auto(r3, 0x0, 0x8, 0xffff) r4 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f00000006c0), 0x20040, 0x0) readv$auto(r4, &(0x7f00000001c0)={0x0, 0x5}, 0x3) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x80800, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x4cb00, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) close_range$auto(r3, 0x8, 0x0) unshare$auto(0x40000080) bind$auto(0x3, 0x0, 0xb) socket(0x1d, 0x2, 0x7) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x8002, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) 1m44.638734818s ago: executing program 4 (id=2193): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000004400), r1) getresuid$auto(0xfffffffffffffffc, 0xfffffffffffffffe, 0xfffffffffffffffc) sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x8840}, 0x0) r2 = socket(0xa, 0x2, 0x73) getsockopt$auto_SO_TIMESTAMPNS_NEW(r2, 0x0, 0x40, 0x0, &(0x7f0000000240)=0x400) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0x401, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x5c5) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) statmount$auto(0x0, &(0x7f0000000180)={0x770, 0xfffffffe, 0x8, 0x4, 0x4006, 0x0, 0x5, 0x3ff, 0x3, 0x100000001, 0x6, 0xe, 0x4, 0x411ffffffbfffb, 0xb2, 0x100000000002, 0x6, 0xd, 0x80, 0x7ff, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x5, 0x0, 0x0, 0x0, 0x694, [0x2, 0x6, 0x0, 0x5, 0x0, 0x0, 0x20000000000, 0x0, 0x200, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7ffffffb, 0xfffffffffffffff8, 0x2, 0x2, 0x2000000, 0xfffffffffffffffe, 0x10000000000, 0x8, 0x0, 0x0, 0xfffffffffffffffc, 0x8000000000000000, 0x0, 0x1, 0x0, 0x8, 0x0, 0xff, 0x20000000000000, 0x0, 0x1000000000000200, 0x0, 0x400, 0x96, 0x8, 0x4, 0x800056ed4b6c, 0x0, 0x6]}, 0x1fe, 0x1) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x480001, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/options/sym-offset\x00', 0x100, 0x0) madvise$auto(0x0, 0x200007, 0x19) unshare$auto(0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x0, 0x4, 0x4, 0x6, 0x5d) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timerfd_gettime$auto(0xffffffffffffffff, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40380, 0x0) pread64$auto(r3, 0x0, 0x10001, 0x2000000000830) 1m40.809453893s ago: executing program 4 (id=2205): r0 = prctl$auto_PR_SET_MM_START_STACK(0x200000, 0x5, 0xffffffffffffffff, 0x2, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, r1, 0x0) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x7, 0xeb2, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) recvfrom$auto(0x3, 0x0, 0x8000000012, 0x100, 0x0, 0xfffffffffffffffd) shutdown$auto(0x200000003, 0x2) r2 = socketpair$auto(0xfffffffe, 0x6, 0xf, 0x0) openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) madvise$auto(0x0, 0x1010001, 0x100000003) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) statx$auto(r2, &(0x7f0000000040)='./file0\x00', 0x2, 0xd7, &(0x7f0000000100)={0x3, 0x2, 0x9, 0x3, 0xee00, 0x0, 0x3e4b, 0xbd5e, 0xd6b, 0x5, 0x9, 0x7, {0xffffffffffffffff, 0x7}, {0x4810c986, 0x1}, {0x5, 0x8000}, {0x8}, 0xc, 0x1ff, 0x3d, 0xfc4c9cf, 0x1, 0x23e1, 0x100, 0x0, 0x1ff, 0x7, 0x4, 0x100, [0x4, 0x0, 0x8, 0x86a, 0xff, 0x3, 0x7, 0x400, 0xc0f8]}) shmctl$auto_SHM_INFO(0xea0, 0xe, &(0x7f0000000440)={{0x9, 0xee00, 0xee01, 0x3, 0x4, 0x8, 0x7d62}, 0x2002, 0x1, 0x8, 0x3, @raw=0x3, @raw=0x8, 0x6, 0x0, &(0x7f0000000340)="9a9072b1825ca8dd4374165e01a729022a9380598dd98ccc3ea524f45fd19e9391c9d0f32e7713b5c2031a444b0320b8680d2653d708b7438964f052d522b5435daf77146c6e90ce9164aa85376fa32038dc863daac4e19968716a91ba2e26f329b88854d505f704cce41a096ee6ee3302a90647c2de21f7a280e32eb26f7639af340a094a661cac90569c0e3210a2a4f2c0cfe5fdaacdae", &(0x7f0000000400)="d0ec372b265b41bd4ca873163e2a947e8519aba5ee23c173cec2f2c8bad7e2f773ed228767b35356fd66ab8e72ac05d1f88a6ce9eb37"}) ioctl$auto_XFS_IOC_FREESP64(r2, 0x40305825, &(0x7f00000004c0)={0x7, 0x1, 0x9, 0x0, 0x7, 0xffffffffffffffff}) shmctl$auto_SHM_STAT(0x9, 0xd, &(0x7f0000000640)={{0x9, r3, r4, 0x3b6, 0x2, 0xffffb9f1, 0x2}, 0x9, 0x81, 0x5, 0xb6d, @raw=0x8, @inferred=r5, 0x5, 0x0, &(0x7f0000000500)="a9fc6c840db02650014f41950371b0152f57d6fc6b97c1f98a620d412e82b57be9a1a29809ee36a577a7617ba6e94a4417c9a9469ff2a206d47633702a9c8bc896f003090954cf4e28b8b247f677139e20c09b1b06a779d3015f7af5078c2af89f0cf9c3c64f6105a830", &(0x7f0000000580)="20c8fdec8d8f6f9a58ee4d41b3fd4dd907826bd6ef5622b0b3acc48a698c1c81c52eb79c86266c8e9abb833774672cf9861d6dfb28e8caa84f1679554a45cc09a948776f369d5c472e4535d4b34c13c84b94dad5a701d203eaef0e3f5ffa057f8fa7f2b624dd8ede34877027ac8cdc2883f817cddc29ce7b89d52e0b8736138c7e2ba6340705e41a0ce2406144c7c46aeae165683b0a6ec896fa1f"}) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="00082abd7000fbdbdf251c00000008"], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="1f000000", @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1m40.542113883s ago: executing program 4 (id=2206): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x18, &(0x7f00000002c0)=@bpf_attr_0={0x0, 0x10, 0x1, 0x6, 0x8, 0xffffffffffffffff, 0x400, "432a8091dac3bd4a0411088194f19cb8", 0x0, 0xffffffffffffffff, 0x400, 0x400, 0xff, 0x64, 0xffffffffffffffff, 0xffffffffffffffff}, 0x9) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event1\x00', 0x101001, 0x0) ioctl$auto_EVIOCSREP(r1, 0x40084503, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/arp\x00', 0x80, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) nanosleep$auto(0x0, &(0x7f0000000100)={0x0, 0x864}) ioctl$auto_BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000040)={0x3, 0x8, 0x4830, 0x7, @compress={0x5, 0xcb}}) pread64$auto(r2, 0x0, 0x200, 0x8) 1m24.838956913s ago: executing program 34 (id=2206): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x18, &(0x7f00000002c0)=@bpf_attr_0={0x0, 0x10, 0x1, 0x6, 0x8, 0xffffffffffffffff, 0x400, "432a8091dac3bd4a0411088194f19cb8", 0x0, 0xffffffffffffffff, 0x400, 0x400, 0xff, 0x64, 0xffffffffffffffff, 0xffffffffffffffff}, 0x9) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event1\x00', 0x101001, 0x0) ioctl$auto_EVIOCSREP(r1, 0x40084503, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/arp\x00', 0x80, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) nanosleep$auto(0x0, &(0x7f0000000100)={0x0, 0x864}) ioctl$auto_BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000040)={0x3, 0x8, 0x4830, 0x7, @compress={0x5, 0xcb}}) pread64$auto(r2, 0x0, 0x200, 0x8) 11.911570902s ago: executing program 5 (id=2372): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) getsockopt$auto_SO_NO_CHECK(r0, 0x1, 0xb, &(0x7f0000000040)='..*(%-/\\*--\x00', &(0x7f0000000080)=0xc3e4) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) getsockopt$auto_SO_TIMESTAMPNS_NEW(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x8, 0x2e) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0x401, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, 0x0, 0x2000c055) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r5, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000100)={0x30, r6, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0xd, 0x4, 0x0, 0x1, [@nested={0x4, 0x45}, @generic="141fc94af8"]}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x48000}, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c0000b1", @ANYRES16=r4, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0a3765c9b0ff8fbbff63336633bec215ead541e5766cb7e6a546c58ddbc3cbd84697b73ae550f26f7eb", @ANYRES16=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000001140)={0xbc, r4, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x9}, @NL80211_ATTR_STA_SUPPORTED_RATES={0xfffffd32, 0x13, "13c366f9244357d432f6e44cc4bf4e5878fe5d"}, @NL80211_ATTR_WIPHY_NAME={0x8, 0x2, '/${\x00'}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x8}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x2}, @NL80211_ATTR_HT_CAPABILITY={0x45, 0x1f, "ff8ddbe0dca3a0c40b31575a0fc89a052ad1070f85525f215dde201061c7ecbce4e876ab8d9dd571ee3b51789e3654f47243f6e34471afffdadef51ab57ef583e9"}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@typed={0xc, 0x140, 0x0, 0x0, @u64=0x3}]}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x8}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x7}]}, 0xbc}, 0x1, 0x0, 0x0, 0x91}, 0x10) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) mlockall$auto(0x7) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) 10.014713605s ago: executing program 0 (id=2378): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r2, 0x29, 0x1d, &(0x7f0000000040)='!\x00', 0x1ff) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ptrace$auto(0x4206, 0x1, 0x100000000, 0xe855) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) setsockopt$auto(0x3, 0x10000000084, 0x10, 0x0, 0x8) ioctl$auto_RTC_RD_TIME(0xffffffffffffffff, 0x80247009, 0x0) socket(0xa, 0x2, 0x3a) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r5 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00", @ANYRES32=r5, @ANYBLOB="0c002e00f2"], 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000180)={@siginfo_0_0={0x1ff, 0x0, 0x5, @_sigchld={0xffffffffffffffff, 0xee01, 0x4, 0x10, 0x57ab}}}, 0x8, &(0x7f0000000340)={{0x400, 0x7}, {0x1, 0x9}, 0x9, 0xf, 0x9137, 0x200, 0xffffffff, 0x1, 0x7, 0x1, 0xe, 0x3, 0x71, 0x5, 0x8, 0x10001}) shmctl$auto_IPC_STAT(0x7, 0x2, &(0x7f0000000200)={{0x9, 0x0, 0x0, 0xffff, 0x200, 0x3bf8, 0xe}, 0x7, 0xbaf, 0xd, 0x5c64, @inferred=0xffffffffffffffff, @inferred, 0xe, 0x0, &(0x7f0000000400)="a28f595cd659fd0c6913b03e69cf194a1d125f748cfdbf532bfdd7d2afe1173e9b5feb529720f90c80af0fc03dab21d6052c3a21ebfc09c1cf05724cacf01ee04cfd4722ad742401459a027b4e66192f6456249c87755ee7fad4f88e4f87523d55520b8c0a49550d4f655c2ae5b58d6dcff78d138d8b1d18353241b7a838b01cc9d1e41864b392d1bcc61e9de09e61abd521af27d7d79e888959f9b1f9d07919d6baa7feba94caeb275a8df0d916e65b34b381cbe055ed8f1da5c8a7032e13c52fa1791881d4390b4d3910fba4c018193cb1c0e12078a799bf5abe21751939f8743f65277a631a9c427fb7eaafe76e5dd6b73ac5e8bd08848583f72d377e92", &(0x7f0000000500)="9dba49a7efa79f9360e9598b1be09c823fe3c0388996ae406565767d17b45e95e46562e05b0f8c879dbcaef7b8983d0a35653ca88172347ecabc9cc392e0e2a81b7c422c7b9b9f59cb23d1ecfd57daaf6c3444dd6905f73e4380280e41a38c644deb4e3ee4979f84a623495e9255a799df5dfd59510e90555cfc8284f8fdfdb90c8cf9e1d6d0a8e6cb14d898ff403e5ea52c3e3c290f3fe171aaa6e8fa6e179460b80c5dd2312b17a9b9cddab086764b3f68411f586a5226101c0f2434ee00b1ead4b93820c00abcae234b9a9672fb78bd0124359141"}) sendmsg$auto_NL80211_CMD_DEL_KEY(r1, &(0x7f0000000ac0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000a80)={&(0x7f0000000600)=ANY=[@ANYBLOB="54040000", @ANYRES16=r4, @ANYBLOB="04002cbd7000fcdbdf250c00000008005d00ffff00000800a000070000206c02268008000200ef09000008000200080000002600030097154cbdf0aa8e3b1dd7d02f13b3574e19f7ed97c31363a16ba8d1eb7425a28622f00000c7000300d01d3ce1ebe572c2fb1fa39f585322c90c2f2c1eb3a049cf7783f5a122d7797616b10904d8e9d6a40444c7eb36053b03e74265787ce787962259510923df22572fb9e1dd1213de592b6bee00aab9acb17027470b1d2c6172ee64a49739996b0c8629cb72f2da0ba51d297640852eceac2c745c8a5bf4bbb6a046baa2a309701fb7342888db5389f47b90981b7a434a219faff40c5eb3a8c1dfb46e770e273055455ed765cee7636e742b8b76b8ce81fb0a3502e68c88ffa38a1b59a8e5a6b3dfbbded500080001000300000008000200bee8000088000300b26d668ba840d2647d95b4a361a07d68fb5728d0aea515b7e8e4ab1f8b7f72630d110f7a97f8d4aaadd250fca734fa724b42d1ace16bbf56869fb1cba1de7e25350c1a1e213270db2cceb413a92991e83045723241f10844fbc877542eb57ae1bc20bb099d4e80e99d77fef74ec0b20ac7abe458786644f2868a2c93f8fc24ad495ca16bc7000300520cb42a0ba0b06c548ba6718aa1982e45e6eae1b652b1134a499afef04db9db791ef9dfae18f26bcf1ae84c6d255e37d6b869ad1041f59771c31d818d548829531ac346d81c0bd56081dca014e06ee3221151fe2a3abff4e6b3d9e0d73eaf3e68029cffa727ddd1ccfbc08c5e230dad8f98c64fb0b0f90d59931926390e5b1f70a3bbe9860c7d45dcc7f7736875d2ff14f833cd885ea41f55f5ed906d0918b00b07e76154192ad5eab618a8ea1506d993ba0519ef13153845b73570dcefd9f5cccb82000800020009000000040041000600020170040000b8014580ab001b8004001000854b37975478cf1268d19899948166133bd602564ce2d926830595ab4974783d3289add617bb8eb4fa8daf127ad7d450fdd26f02028e3b499b89fcc55e8004b76341a7690400c100894c4f92eeec13014c88918359086b205a0f643bccf966deafbd3fa2b098fd8801244968b1ad01291f30e2caf4fb1bad08882585edb71cfe241232f8ad3cd38a3b9f5c4250d940744083a98657e09f298bf7d31df509bc3a26618f00c9003880c7c4bdbceee456903b788b7aa4b6ca593e89436f0546521b003de9edf2c66adece1593a03b11ef1828eca047696eefb429869f55d9245caf346f79dc204123345a13f8dd375d6c54b0d8ca1614272ab5bd8985ea308a040875c14f1a27e400933e06284c59c4f69ef0453df091613e28b7d4dc49be97db2ffc174fd3484b93220cca3a1fb7e40a314b5b3ecc17a0258f12837beb45e37d0907cce1cafb2fdfdba302fad7f02a1d31f9ec2d3ee3356c52b5bb5900b2f5a77384d78e6c57951c6717704d926e000000160006002f6465762f736e642f6f696469433244300000001c008d800800ac00", @ANYRES32=r6, @ANYBLOB="0e003300265e7d242e7b265e5d00000008004300", @ANYRES32=r7, @ANYBLOB], 0x454}, 0x1, 0x0, 0x0, 0x48000}, 0x80c0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x1, 0x0, 0x0, &(0x7f00000002c0)={[0x3, 0x3, 0xd, 0x5, 0x409489, 0xd74a, 0x15f4da0a, 0x6, 0xc930, 0x64, 0x7d0, 0x9, 0x400000000000000b, 0x9, 0x5, 0x7]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x800, 0x3, 0x2a, 0x8, 0x400000000007, 0x3, 0x0, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) 8.455754595s ago: executing program 0 (id=2381): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_CQM(r0, 0x0, 0x8000000) r1 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NLBL_UNLABEL_C_STATICADDDEF(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x74, r1, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x89}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x28}}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @rand_addr=' \x01\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @private1={0xfc, 0x1, '\x00', 0x1}}]}, 0x74}, 0x1, 0x0, 0x0, 0x4008804}, 0x40094) socket(0xa, 0x1, 0x84) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/pcrypt/pencrypt/serial_cpumask\x00', 0xa001, 0x0) write$auto(r2, &(0x7f0000000040)=',\x00^\xa2\x02\x00\x05\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xee\x0f_o\xc0\xee?\xce\xa3\x04\x95Hq\xf4\x00\x00\x00\x00\x00\x00\x006\xe0\xb1d)X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x80000000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_THREADS_SET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000100)={0x24, r4, 0x1, 0x70bd2c, 0x25dfdc01, {}, [@NFSD_A_SERVER_LEASETIME={0x8, 0x3, 0x2}, @NFSD_A_SERVER_GRACETIME={0x8, 0x2, 0xa}]}, 0x24}}, 0xc000) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) pipe2$auto(0x0, 0x80) io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000280), 0x1) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xa, 0x0) io_uring_register$auto(0x2, 0x2, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0x6b, 0xfffffffd, 0x0, 0xfb3) madvise$auto(0x0, 0xffffffffffff0005, 0xb) execve$auto(&(0x7f0000000080)='./cgroup\x00', 0x0, 0x0) 8.027495161s ago: executing program 0 (id=2383): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/suspend_stats/failed_suspend_late\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000840)=""/4087, 0xff7) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d55745eff6aa689e859dcaeff39bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af59108c8b2f569d4ba227c754f294fdc1e6b383fd89861a203f4d4ee33814aeb21ee411a0d6918533aa2450b1e35c97ab6f01f3829c8a4c33fe0fbc81dd579bbdb44eda4f335d2bc512ca7f38f603c29033c94df2c9533f4422432f574a021e90a0fe3a4cf54de46e25986315b30956face49e26e8dcbcc9e1363627a9f38a2ee8304307dab4013d77f4c337551e2a6ac230788513cdd15e734263e4973c75757d9809c510977adc3be6c5b110597b09c7dad1f54e4506744710b53221e4a7982ac4c59bfae6370258b5af7864a4ca680addd736e35da579cc0e975e6cdefa3d082c8b4b10b205415c32797d9450c00289", 0xd4c) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) close_range$auto(r1, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40280, 0x0) r2 = socket(0x1d, 0x2, 0x6) bind$auto(r2, 0x0, 0x13) r3 = socket(0xa, 0x3, 0x100) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="010329bf700002dcdf2505000000feabb1471aa987110c00010005000000000000000c0001"], 0x38}, 0x1, 0x0, 0x0, 0x20008810}, 0x880) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082cbd7000fedbdf250300000008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) socket(0x23, 0x80805, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2400c804}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x2}, 0x1, 0x0, 0x0, 0x9}, 0xa}, 0x7, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/rt_cache\x00', 0x2000, 0x0) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0x1800000, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x400, 0x40000000000003, 0x462, 0x80000001, 0x50a7, 0x6d3f, 0x5, 0x1, 0x2]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7f, 0xd, 0x1, 0x948f, 0x1005, 0x20a, 0x6, 0xfffffffffffffff6, 0x7, 0x9, 0x79c, 0x6, 0x100000000000000, 0xfffffffffffffffe, 0x400000000000f]}, 0x0) 7.842968523s ago: executing program 5 (id=2384): mmap$auto(0x0, 0x202000a, 0x3, 0xeb3, 0xffffffffffffffff, 0x8000) mmap$auto(0x81, 0x20008, 0xdf, 0x12, 0x401, 0x8000) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000400), 0x80001, 0x0) lsm_list_modules$auto(0x0, &(0x7f0000000100)=0xbefc, 0x0) ioctl$auto(0x3, 0x3b83, 0x38) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x7f) r0 = epoll_create$auto(0x6) r1 = socket(0x1e, 0x1, 0x0) epoll_ctl$auto(r0, 0x1, r1, 0x0) bpf$auto_BPF_LINK_GET_NEXT_ID(0x1f, &(0x7f0000000140)=@iter_create={0xffffffffffffffff, 0x2c}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x40000085, 0x400, 0x718c1257}]}) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x400140, 0x0) mmap$auto(0x0, 0x9, 0x40, 0x8000000008012, 0x3, 0x8000) ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000105, 0x400, 0x9}]}) r5 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000880)='/dev/input/event0\x00', 0x40100, 0x0) ioctl$auto_EVIOCGMASK(r5, 0x80104592, &(0x7f0000000200)={0x2003, 0x7d3a, 0x7}) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) 7.085546381s ago: executing program 5 (id=2387): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000004400), r1) getresuid$auto(0xfffffffffffffffc, 0xfffffffffffffffe, 0xfffffffffffffffc) sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x8840}, 0x0) r2 = socket(0xa, 0x2, 0x73) getsockopt$auto_SO_TIMESTAMPNS_NEW(r2, 0x0, 0x40, 0x0, &(0x7f0000000240)=0x400) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0x401, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x5c5) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) statmount$auto(0x0, &(0x7f0000000180)={0x770, 0xfffffffe, 0x8, 0x4, 0x4006, 0x0, 0x5, 0x3ff, 0x3, 0x100000001, 0x6, 0xe, 0x4, 0x411ffffffbfffb, 0xb2, 0x100000000002, 0x6, 0xd, 0x80, 0x7ff, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x5, 0x0, 0x0, 0x0, 0x694, [0x2, 0x6, 0x0, 0x5, 0x0, 0x0, 0x20000000000, 0x0, 0x200, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7ffffffb, 0xfffffffffffffff8, 0x2, 0x2, 0x2000000, 0xfffffffffffffffe, 0x10000000000, 0x8, 0x0, 0x0, 0xfffffffffffffffc, 0x8000000000000000, 0x0, 0x1, 0x0, 0x8, 0x0, 0xff, 0x20000000000000, 0x0, 0x1000000000000200, 0x0, 0x400, 0x96, 0x8, 0x4, 0x800056ed4b6c, 0x0, 0x6]}, 0x1fe, 0x1) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x480001, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/options/sym-offset\x00', 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) unshare$auto(0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x0, 0x4, 0x4, 0x6, 0x5d) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timerfd_gettime$auto(0xffffffffffffffff, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40380, 0x0) pread64$auto(r3, 0x0, 0x10001, 0x2000000000830) 6.275123221s ago: executing program 0 (id=2388): ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) ioctl$auto_BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xffff6888, 0x0, 0x0, 0xfffffffffffffffd, 0x4ea, 0x1, 0x6, 0x0, 0x1, 0x0, 0x962, {0x2000100000000, 0x10000}, 0x5, 0x6, 0xffffffffffeffffb, 0x6, 0x0, 0x80000004, 0x81, 0xffffffffffff628e, 0x20000a747, 0xdeb1, 0x804}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) select$auto(0x1000000d, 0x0, 0x0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL802154_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000700)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x24008890) r2 = prctl$auto_PR_SET_VMA_ANON_NAME(0xfffffff9, 0x0, 0x0, 0xf, 0x4) close_range$auto(r2, r2, 0x5) r3 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) recvmmsg$auto(r1, &(0x7f0000000300)={{0x0, 0x10000, &(0x7f0000000280)={0x0, 0x1ff}, 0xe, &(0x7f0000000000), 0x6, 0xa}, 0x5a57}, 0xd, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r4, 0x0, 0xfffffdf1) linkat$auto(r4, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mknod$auto(&(0x7f0000000040)='&&\x00', 0xcb, 0x6862) utimes$auto(&(0x7f00000000c0)=':,\x00', 0x0) ioctl$auto_RNDRESEEDCRNG2(r3, 0x5207, 0x0) mmap$auto(0x800000, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) io_uring_register$auto(r0, 0x3ff, &(0x7f0000000000)="e039d76c4ff5cf07cc22d34e1696e3a21577c77fb2cc8a345c19aa642527cad6ac1ca767b271deda223e94a0d6c26a00237c0ad7cefa0e8532b5fa13", 0x10000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x1, 0x0, 0x80000000) mprotect$auto(0x0, 0x8000000000000001, 0x8) 6.274812894s ago: executing program 1 (id=2389): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) (async) close_range$auto(r0, r0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) (async) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) ioctl$auto(r1, 0xc0585611, r1) (async) ioctl$auto(r1, 0xc0585611, r1) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x43, 0x8000000000000000, 0x1ffde, 0x3, 0x3, 0x2, 0x9, 0x3, 0x80005, 0x4, 0x3200, 0xb, 0x6, 0x410003, 0x83, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1edffbe8, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0xd) (async) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x43, 0x8000000000000000, 0x1ffde, 0x3, 0x3, 0x2, 0x9, 0x3, 0x80005, 0x4, 0x3200, 0xb, 0x6, 0x410003, 0x83, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x82, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1edffbe8, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0xd) r2 = socket(0x10, 0x2, 0x0) socketpair$auto(0x4004, 0x5, 0xfffffffc, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}, 0x3}, 0x55) (async) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}, 0x3}, 0x55) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40844) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r3 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8880, 0x0) read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r3, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x70ed581b) (async) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x70ed581b) 5.924227382s ago: executing program 1 (id=2391): r0 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd11/sched/batching\x00', 0x101480, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) fadvise64$auto(r0, 0x0, 0x0, 0x8) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/block/nbd11/sched/batching\x00', 0x101480, 0x0) (async) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) (async) fadvise64$auto(r0, 0x0, 0x0, 0x8) (async) 5.706362337s ago: executing program 1 (id=2393): r0 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0) write$auto(r0, 0x0, 0xfdef) r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy8/wep_iv\x00', 0x183400, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(r1, 0x0, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x34d802, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vbi19\x00', 0x8654092f478cae21, 0x0) getitimer$auto(0x3, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, 0x0, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x42942, 0x0) writev$auto(r2, &(0x7f0000000100)={&(0x7f0000000140), 0x9}, 0x8) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2b, 0x5, 0x20) mlock$auto(0x112, 0x80006) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) sendfile$auto(r4, r4, 0x0, 0x2) ioctl$auto_SNAPSHOT_FREE(r3, 0x3314, 0x0) socket(0xa, 0x3, 0x3a) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) setresgid$auto(0x81, 0x800000a0, 0x8) setgroups$auto(0xc00000000, 0xfffffffffffffffc) keyctl$auto(0xb, 0xfffffffd, 0x7, 0x0, 0x6) 5.067157441s ago: executing program 1 (id=2394): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) getsockopt$auto_SO_NO_CHECK(r0, 0x1, 0xb, &(0x7f0000000040)='..*(%-/\\*--\x00', &(0x7f0000000080)=0xc3e4) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) getsockopt$auto_SO_TIMESTAMPNS_NEW(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x8, 0x2e) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0x401, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, 0x0, 0x2000c055) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r3) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r5, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000100)={0x30, r6, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_BANDS={0xd, 0x4, 0x0, 0x1, [@nested={0x4, 0x45}, @generic="141fc94af8"]}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x5}]}, 0x30}, 0x1, 0x0, 0x0, 0x48000}, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r3, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000001300)=ANY=[@ANYBLOB="1c0000b1", @ANYRES16=r4, @ANYBLOB="05082dbd7000fbdbdf257e0000000800db00ab29dc931f0e02b7745be74fb8e8255f614f85f94bc5ef8facda4b1cb3e135ef23203752a9a06f5adc02fe10fd6059eb5ec860fbb39453d7ba92bd5a73e0e45ce2d585cccf203901d41ed36536bffcadc5fa27dbe72d209b4c922ee03aba35fb65731b21d405c9def0a3765c9b0ff8fbbff63336633bec215ead541e5766cb7e6a546c58ddbc3cbd84697b73ae550f26f7eb", @ANYRES16=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_ADD_TX_TS(0xffffffffffffffff, &(0x7f00000012c0)={&(0x7f0000001100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000002c0)={&(0x7f0000001140)={0xbc, r4, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x9}, @NL80211_ATTR_MLO_RECONF_REM_LINKS={0x6, 0x14f, 0x9}, @NL80211_ATTR_STA_SUPPORTED_RATES={0xfffffd32, 0x13, "13c366f9244357d432f6e44cc4bf4e5878fe5d"}, @NL80211_ATTR_WIPHY_NAME={0x8, 0x2, '/${\x00'}, @NL80211_ATTR_AP_ISOLATE={0x5, 0x60, 0x8}, @NL80211_ATTR_P2P_OPPPS={0x5, 0xa3, 0x2}, @NL80211_ATTR_HT_CAPABILITY={0x45, 0x1f, "ff8ddbe0dca3a0c40b31575a0fc89a052ad1070f85525f215dde201061c7ecbce4e876ab8d9dd571ee3b51789e3654f47243f6e34471afffdadef51ab57ef583e9"}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@typed={0xc, 0x140, 0x0, 0x0, @u64=0x3}]}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x8}, @NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x7}]}, 0xbc}, 0x1, 0x0, 0x0, 0x91}, 0x10) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) mlockall$auto(0x7) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0xc, 0x92f1, 0x4}, 0xa) 4.545586332s ago: executing program 0 (id=2396): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000004400), r1) getresuid$auto(0xfffffffffffffffc, 0xfffffffffffffffe, 0xfffffffffffffffc) sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x8840}, 0x0) r2 = socket(0xa, 0x2, 0x73) getsockopt$auto_SO_TIMESTAMPNS_NEW(r2, 0x0, 0x40, 0x0, &(0x7f0000000240)=0x400) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0x401, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x5c5) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) statmount$auto(0x0, &(0x7f0000000180)={0x770, 0xfffffffe, 0x8, 0x4, 0x4006, 0x0, 0x5, 0x3ff, 0x3, 0x100000001, 0x6, 0xe, 0x4, 0x411ffffffbfffb, 0xb2, 0x100000000002, 0x6, 0xd, 0x80, 0x7ff, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x5, 0x0, 0x0, 0x0, 0x694, [0x2, 0x6, 0x0, 0x5, 0x0, 0x0, 0x20000000000, 0x0, 0x200, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7ffffffb, 0xfffffffffffffff8, 0x2, 0x2, 0x2000000, 0xfffffffffffffffe, 0x10000000000, 0x8, 0x0, 0x0, 0xfffffffffffffffc, 0x8000000000000000, 0x0, 0x1, 0x0, 0x8, 0x0, 0xff, 0x20000000000000, 0x0, 0x1000000000000200, 0x0, 0x400, 0x96, 0x8, 0x4, 0x800056ed4b6c, 0x0, 0x6]}, 0x1fe, 0x1) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x480001, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/options/sym-offset\x00', 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) unshare$auto(0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x0, 0x4, 0x4, 0x6, 0x5d) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timerfd_gettime$auto(0xffffffffffffffff, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40380, 0x0) pread64$auto(r3, 0x0, 0x10001, 0x2000000000830) 4.545187369s ago: executing program 6 (id=2397): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) getsockopt$auto_SO_TIMESTAMPNS_NEW(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) mmap$auto(0x0, 0x100000000, 0x4000000000df, 0x15, 0x401, 0x6) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) read$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffffff, &(0x7f0000000200)=""/238, 0xee) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/all/accept_source_route\x00', 0x2200, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc) setsockopt$auto_SO_PEEK_OFF(r0, 0x85690000, 0x2a, &(0x7f0000000040)='/dev/nullb0\x00', 0x5) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0x401, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 3.781212804s ago: executing program 6 (id=2398): ioctl$auto_BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0) ioctl$auto_BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) select$auto(0x1000000d, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x7, 0x40009, 0xe3, 0x9b72, 0x7, 0x1) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x18b202, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r0 = syz_clone(0x20011, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x4206, r0, 0x0, 0x200005) read$auto(0x3, 0x0, 0x8080) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_DEL_RXSA(r1, 0x0, 0x80) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101002, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40100, 0x0) pread64$auto(r3, 0x0, 0x10001, 0x830) writev$auto(r2, 0x0, 0x3) syz_genetlink_get_family_id$auto_ovs_flow(0x0, r1) pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0x101, 0x39) 3.699956059s ago: executing program 5 (id=2399): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f00, 0x0) r2 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r2, 0x0, 0x400018) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mremap$auto(0x1ff000, 0x100005, 0x843, 0x3, 0x2) mremap$auto(0xfffffffffffffffa, 0x4, 0x4, 0x7, 0x1001ff000) fsopen$auto(0x0, 0x1) prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0x7) madvise$auto(0xfffffffffffffffa, 0x9, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) mmap$auto(0x7, 0xfffffffffffffffb, 0x4000000000de, 0x78, r1, 0x300000000004) r3 = socket(0x1d, 0x3, 0x1) getsockopt$auto(r3, 0x65, 0x6, 0xffffffffffffffff, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) fadvise64$auto_POSIX_FADV_NORMAL(r2, 0x1, 0xb, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x4) bpf$auto(0x0, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0xb, 0xfffff0b6, 0xffff, 0x84, 0xac1, 0x2, 0x3624239c, 0xfffff5b2, 0x3bb, 0x8000007, 0xffff, 0x6, 0x81, 0x68198}, 0x6f3) 2.431262722s ago: executing program 6 (id=2400): splice$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x8a5b, 0x401) close_range$auto(0x2, 0xa, 0x0) mremap$auto(0x110c230000, 0x0, 0x101, 0x3, 0x0) r0 = openat$auto_nsim_dev_max_vfs_fops_dev(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim3/max_vfs\x00', 0x48002, 0x0) write$auto(r0, 0x0, 0x1) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x4, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x2, 0x100, 0x7ffffffb, 0x101, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x5, 0x2, 0x40, 0x76c5, 0x5, 0x100000000}}) mmap$auto(0x0, 0x400008, 0xdf, 0x8009b72, 0x2, 0x9000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/acpi/wakeup\x00', 0x48041, 0x0) io_uring_register$auto_IORING_UNREGISTER_RING_FDS(r1, 0x15, &(0x7f0000000000)="0b2b09dd6f6b129be2875e5793360cbc2a02e477886125ce7a37eae9425e8b45f887921e5be23186236c4a367cbdbb74e774885a2582cd11c5040fb8a74b01ebaff0df7f665126d6ba8f", 0x8) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) socket(0xf, 0x0, 0x94e) socket(0xa, 0x1, 0x84) r2 = fcntl$auto(0xffffffffffffffff, 0xffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/class/firmware/timeout\x00', 0x1a1942, 0x0) mmap$auto(0x0, 0xffffffff7ffffff1, 0x1, 0x17, 0xffffffffffffffff, 0x7ffc) r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x8}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) ioctl$auto_SNDRV_TIMER_IOCTL_STATUS32(r3, 0x80585414, &(0x7f0000000000)={0x675d529c, 0x9f7d, 0xfffffff1, 0x101, 0x6, 0x4, "1ec4c2336d0d5d8a5db102d8cd84eca696782c75e0cb2d4b8c400f6fdc12a84264800d00000035a29c7c1ebbdcd2fe5c88e17422928a5110f6e9fef8cac28588"}) move_pages$auto(0x0, 0x1002, 0x0, &(0x7f0000001140), 0x0, 0x2) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/dev/cdrom/info\x00', 0x2000, 0x0) read$auto(r4, &(0x7f0000000140)='\x00\xd8\x1ed.\x0e\x92\x19\xa0\xedP\xaf\xce-\xa9\x86\xc5\x97\xdcLG\xb7\x85L\xd3\x98\x18l\x9d\xddv\xa1\fM\x92\x89\xe71j\x8b\xdf\xcd%\x9fQ\x8f\x91\xd8\b\a\xf3\xe2\xd8<\xe4\x94\xa9\xb3\xff54\xec\x1b>\xce\x95\x9aN\xe3\xe7\xe8', 0xc0ec) socket(0x1e, 0x3, 0x3b) socket(0x29, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r5, &(0x7f0000000040)='7\x00\\\xa0\xa5$\x03\xcb\x12\xfa\b\x1c\tk', 0x81) fstatfs$auto(r2, &(0x7f00000000c0)={0x391, 0x4, 0x6, 0x1, 0x4, 0x999, 0x4, {[0x9, 0x3]}, 0x8, 0xfffffffffffffffe, 0x0, [0x1000, 0x6b24002f, 0x7, 0xfffffffffffffffb]}) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x20009, 0x1e4, 0x15, 0x405, 0x8000) io_uring_setup$auto(0x356800, 0x0) 1.17847223s ago: executing program 6 (id=2401): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ipvlan1\x00'}) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0xfffffffffffffe1e, r1, 0x1b, 0x74bd26, 0x25dfdbfd}, 0x34}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f00000000c0), 0x26003, 0x0) ioctl$auto_PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000140)={0x1, &(0x7f0000000100)={0x18, 0x9, 0x7, @raw=0x4f32}}) 989.78012ms ago: executing program 6 (id=2402): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/saved_cmdlines_size\x00', 0x90001, 0x0) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="010026bd7000fddbdf2507"], 0x20}, 0x1, 0x0, 0x0, 0x800}, 0x4000800) r1 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16, @ANYBLOB="010027bd7000fddbdf250a"], 0x24}, 0x1, 0x0, 0x0, 0x4088}, 0x20000010) r2 = socket(0x29, 0x2, 0x0) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/oom_adj\x00', 0xa402, 0x0) read$auto(r4, 0x0, 0x1f40) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000004c0)='/sys/devices/virtual/net/nr8/queues/rx-0/rps_flow_cnt\x00', 0xc2061, 0x0) write$auto(r5, 0x0, 0x80) execveat$auto(r0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)=&(0x7f0000000140)='\'}\xce**,\x00', &(0x7f0000000340)=&(0x7f0000000280)='/sys/kernel/tracing/saved_cmdlines_size\x00', 0x4) recvmmsg$auto(r3, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x6}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r2, 0x89f0, 0x24) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c00"], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 716.23196ms ago: executing program 5 (id=2403): r0 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0xa0042, 0x0) write$auto(r0, 0x0, 0xfdef) r1 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy8/wep_iv\x00', 0x183400, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(r1, 0x0, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x34d802, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vbi19\x00', 0x8654092f478cae21, 0x0) getitimer$auto(0x3, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, 0x0, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x42942, 0x0) writev$auto(r2, &(0x7f0000000100)={&(0x7f0000000140), 0x9}, 0x8) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2b, 0x5, 0x20) mlock$auto(0x112, 0x80006) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/bConfigurationValue\x00', 0x63102, 0x0) sendfile$auto(r4, r4, 0x0, 0x2) ioctl$auto_SNAPSHOT_FREE(r3, 0x3314, 0x0) socket(0xa, 0x3, 0x3a) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) setresgid$auto(0x81, 0x800000a0, 0x8) setgroups$auto(0xc00000000, 0xfffffffffffffffc) 618.705454ms ago: executing program 6 (id=2404): close_range$auto(0x2, 0x8, 0x0) getpid() mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) socket(0xa, 0x801, 0x84) r0 = syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c349813d3eed18775d2c317601df5cca4a9e05e2fde000000", @ANYRES16=r0, @ANYBLOB="79a327bd7000fbdbdf252000000005000f0050000000"], 0x1c}, 0x1, 0x0, 0x0, 0x2404c000}, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) inotify_add_watch$auto(0xffffffffffffffff, 0x0, 0x1000e6e) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/scsi/sg/debug\x00', 0x400e42, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r2, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r2, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r3, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x6, 0x3, 0xeb1, 0x7, 0x8000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80000000) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0) mmap$auto(0x0, 0x402000b, 0x4af, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x81, 0x8000000000001, 0x6}, 0xb, 0x1) 508.636715ms ago: executing program 1 (id=2405): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x8340, 0x0) r0 = socket(0x2, 0x1, 0x106) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1a5001, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) ioctl$auto(0x3, 0x400454ca, 0xffffffffffffffff) r1 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0) r2 = setfsuid$auto(0xee00) r3 = setfsuid$auto(0x0) msgctl$auto_MSG_STAT(0x80, 0xb, &(0x7f0000000180)={{0x2, r2, 0x0, 0x1, 0x1, 0x1000, 0x40}, &(0x7f0000000040)=0x1, &(0x7f0000000080)=0x3, 0x1, 0x0, 0x3c22, 0x2643, 0x600000, 0x0, 0x20b, 0xce80, @raw=0x9, @inferred=0xffffffffffffffff}) r5 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x4000, 0x0) read$auto_state_fops_(r5, &(0x7f0000000240)=""/230, 0xe6) r6 = setfsuid$auto(0xee00) sendmsg$auto_NFC_CMD_START_POLL(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x88, 0x0, 0x601, 0x70bd28, 0x25dfdbfb, {}, [@NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x7}, @NFC_ATTR_VENDOR_DATA={0x19, 0x1f, "2ad192b9bfd8062666e7710d514a06448939b7102b"}, @NFC_ATTR_FIRMWARE_NAME={0x11, 0x14, '/dev/net/tun\x00'}, @NFC_ATTR_SE_APDU={0x12, 0x19, "c8867de6343f78c25513225ccacb"}, @NFC_ATTR_COMM_MODE={0x5, 0xa, 0x8}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x3}, @NFC_ATTR_LLC_SDP={0x18, 0x13, 0x0, 0x1, [@nested={0x14, 0x11, 0x0, 0x1, [@nested={0x4, 0x101}, @nested={0x4, 0x66}, @nested={0x4, 0xfe}, @nested={0x4, 0x10a}]}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4c0d0}, 0x1) setreuid$auto(r6, 0x0) setresuid$auto(r2, r3, r4) ioctl$auto_RTC_SET_TIME(r1, 0x4024700a, 0x0) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6, 0x9, 0x34, 0x1ff, 0x6, 0x4, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8e, 0x9, 0x10001]}, 0x0, 0x0, 0x0) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x8340, 0x0) (async) socket(0x2, 0x1, 0x106) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1a5001, 0x0) (async) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) (async) ioctl$auto(0x3, 0x400454ca, 0xffffffffffffffff) (async) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0xa00, 0x0) (async) setfsuid$auto(0xee00) (async) setfsuid$auto(0x0) (async) msgctl$auto_MSG_STAT(0x80, 0xb, &(0x7f0000000180)={{0x2, r2, 0x0, 0x1, 0x1, 0x1000, 0x40}, &(0x7f0000000040)=0x1, &(0x7f0000000080)=0x3, 0x1, 0x0, 0x3c22, 0x2643, 0x600000, 0x0, 0x20b, 0xce80, @raw=0x9, @inferred=0xffffffffffffffff}) (async) openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000200), 0x4000, 0x0) (async) read$auto_state_fops_(r5, &(0x7f0000000240)=""/230, 0xe6) (async) setfsuid$auto(0xee00) (async) sendmsg$auto_NFC_CMD_START_POLL(r0, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000380)={0x88, 0x0, 0x601, 0x70bd28, 0x25dfdbfb, {}, [@NFC_ATTR_VENDOR_SUBCMD={0x8, 0x1e, 0x7}, @NFC_ATTR_VENDOR_DATA={0x19, 0x1f, "2ad192b9bfd8062666e7710d514a06448939b7102b"}, @NFC_ATTR_FIRMWARE_NAME={0x11, 0x14, '/dev/net/tun\x00'}, @NFC_ATTR_SE_APDU={0x12, 0x19, "c8867de6343f78c25513225ccacb"}, @NFC_ATTR_COMM_MODE={0x5, 0xa, 0x8}, @NFC_ATTR_TM_PROTOCOLS={0x8, 0xe, 0x3}, @NFC_ATTR_LLC_SDP={0x18, 0x13, 0x0, 0x1, [@nested={0x14, 0x11, 0x0, 0x1, [@nested={0x4, 0x101}, @nested={0x4, 0x66}, @nested={0x4, 0xfe}, @nested={0x4, 0x10a}]}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x4c0d0}, 0x1) (async) setreuid$auto(r6, 0x0) (async) setresuid$auto(r2, r3, r4) (async) ioctl$auto_RTC_SET_TIME(r1, 0x4024700a, 0x0) (async) select$auto(0x8, &(0x7f00000000c0)={[0xeeda, 0x7, 0x6, 0x9, 0x34, 0x1ff, 0x6, 0x4, 0x4, 0x4618ecd2, 0x3, 0x42ff, 0x6, 0x9a8e, 0x9, 0x10001]}, 0x0, 0x0, 0x0) (async) 122.048947ms ago: executing program 0 (id=2406): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000004400), r1) getresuid$auto(0xfffffffffffffffc, 0xfffffffffffffffe, 0xfffffffffffffffc) sendmsg$auto_NFSD_CMD_VERSION_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x8840}, 0x0) r2 = socket(0xa, 0x2, 0x73) getsockopt$auto_SO_TIMESTAMPNS_NEW(r2, 0x0, 0x40, 0x0, &(0x7f0000000240)=0x400) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0x401, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) statmount$auto(0x0, &(0x7f0000000180)={0x770, 0xfffffffe, 0x8, 0x4, 0x4006, 0x0, 0x5, 0x3ff, 0x3, 0x100000001, 0x6, 0xe, 0x4, 0x411ffffffbfffb, 0xb2, 0x100000000002, 0x6, 0xd, 0x80, 0x7ff, 0x8000, 0x1, 0x1, 0x202, 0x9, 0xbca7, 0x5, 0x0, 0x0, 0x0, 0x694, [0x2, 0x6, 0x0, 0x5, 0x0, 0x0, 0x20000000000, 0x0, 0x200, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffc01, 0x7ffffffb, 0xfffffffffffffff8, 0x2, 0x2, 0x2000000, 0xfffffffffffffffe, 0x10000000000, 0x8, 0x0, 0x0, 0xfffffffffffffffc, 0x8000000000000000, 0x0, 0x1, 0x0, 0x8, 0x0, 0xff, 0x20000000000000, 0x0, 0x1000000000000200, 0x0, 0x400, 0x96, 0x8, 0x4, 0x800056ed4b6c, 0x0, 0x6]}, 0x1fe, 0x1) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x480001, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/options/sym-offset\x00', 0x100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x200007, 0x19) unshare$auto(0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x0, 0x4, 0x4, 0x6, 0x5d) madvise$auto(0x0, 0xffffffffffff0005, 0x19) timerfd_gettime$auto(0xffffffffffffffff, 0x0) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/scsi/device_info\x00', 0x40380, 0x0) pread64$auto(r3, 0x0, 0x10001, 0x2000000000830) 78.604824ms ago: executing program 5 (id=2407): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) getsockopt$auto_SO_TIMESTAMPNS_NEW(0xffffffffffffffff, 0x0, 0x40, 0x0, 0x0) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) mmap$auto(0x0, 0x100000000, 0x4000000000df, 0x15, 0x401, 0x6) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) read$auto_nsim_dev_trap_fa_cookie_fops_dev(0xffffffffffffffff, &(0x7f0000000200)=""/238, 0xee) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/all/accept_source_route\x00', 0x2200, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0xfffffffffffffffc) setsockopt$auto_SO_PEEK_OFF(r0, 0x85690000, 0x2a, &(0x7f0000000040)='/dev/nullb0\x00', 0x5) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0x401, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 0s ago: executing program 1 (id=2408): setitimer$auto(0x1, &(0x7f0000000000)={{0x802, 0x1000007f}, {0x800100004, 0x3}}, 0x0) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r0, 0x20, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_TIMEOUT_REASON={0x8, 0xf8, 0x40}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0x45}, @NL80211_ATTR_MLO_LINKS={0x10, 0x138, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_MAX_CRIT_PROT_DURATION={0x6, 0xb4, 0x5}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000850}, 0xc08c) setitimer$auto(0x9, &(0x7f0000000140)={{0x3, 0x1}, {0xfffffffffffffffc, 0x8}}, &(0x7f0000000180)={{0x7, 0x230d}, {0x5, 0x148}}) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000001380)={{&(0x7f00000001c0)="42fec9aa31b66eeefac2fa60d1fb88f54548003b7ea1b730954eea5613ea2c991197cef4c972974fea195fa735dbb4db8ec7a87ccbadb565a60147deda00070bda661a4609c0f74ac8a88ece34d6d2bcf939e269344cb881230882297ea4c46c226ba9ea15a2606931f3ccd936c6a05812020b164d3aeeb7e41766971de14b88f5f56336d15125a9f0978f7fc4d549287e298b9a8bfc85342989420cc78565af54dee0e32c67345f26d2e064c3bd11d3ca12be459dedb7991764b77f153773c429f4841305070206a95e84f6a4dbd0426d314120d800132ff91749e5bbfce96473b60945982a3a5fc60885eaf0c24404343b18d1af8d7c451d3ce3d22f60ac9ed10cbd63feb07c74f4fbb3e467c761e25e626056d02a4e5105d457db53022bc771bbcbbbcf522788bbc76c33802a3475225fca29b3075ccbeb1b123cd5e1eea6bd226cb24c1adcd0833571a40bd0f15c5b3960255061069275ba3760bb07322c8ceb62c4c40d326bc493a1dafc33bc56b7432b63cb25384aed509799dc119932afe0c435a4ceebc1c4833aaa201e1d82bd632a6f64bba84464c316467abd94c4e792f3b9acc5af052854d45a9036db563e9d1bd17d22f53e0ec810f5540fc5de835739ed5d3c8c6842457b0ea9681648baa98a8ee61eedfb01be401e8071bff115baf5a47e0d883e5c11a2b5688d0fd0deb2a5b26edbbd55952163d67b5998253c341b4543cf4a477f4e7f97c77c326c4cb7870e9d497e08a1e5733d1e912ab4a91622d7d52764448aef0a562a9ab1f0d44a6623b0e15a9ef23f784fb28987f8e263ea53ea472748fd7b8afeec97427906c72154e6cf7c6270a105e1059b50345a24e491dcbe500154701b085c43fc78748c27e0667b3ec7baaeeab5c429ccceee8637f5d5627522644df7cd7590ed28fa585c8fe2593391c30b6215ab2829f7e8d8a9332f5c0570ecf3924b1c4c798dfecafc27056547d30daa7d52ff55a3fdc1e7873174de8b2731dba147bbf568d8e08e6d87274bf3707fa9dd99f0f5f00b3e1ee05ce00cc8de92913d05f3c9993e1aa05581a00442b2c89f1d693acd3d64afbe95d119a23be327768627938d2d6237fb7ab932fa6862ab37cd94cf3a405c61d1ca8d15a04f286626dc1818eed497e5ea37fad7e8575d5bd4d4c65213fe24a6dd90ff4deb4121a6782a6912f68ebb34fa3599e0678c4484e04db95f98361485c42a20046244705d23866da8667eae96bb7ab4bc2a0f55d6ab4b6e0b880a6d333f48f6328d03f98e26e26adff99eef2db9afebfc312e613e7689cdaf6337aa4a670aa9aabf2ab6c634b06ee59c84843148fdfa9536ee7a2a24544d524f790678608fc03537d00b66af857986bbab5a40ed4b5357ac297977c9747d58552817b8a5c41255130cb8f4ba53fdb70d77ae6f688d451788502da2a9d7b8c3888e81d10d5a024650096b069cfaaea016247b01ca9012f40fe049ab386bdb37596bb0ba71e8d7f5bf62aba7274577fde683fa06ec60b1ac029b51e6a7455c8ad8dfe952db8fb5086027b36ffe893d5361e4dcd74c8ffedb0a40d6420a4ea6c2aa1bcbf04f4078692bae0c9203771535920482cb0dd2c869836ae556d160a5fed31b27c5b89250dc206f9a45e0017509bd79dfb89a63f8d88c2bf639077694f466f28152180c9a32237a2bdcc8757564f1dd3e726cbbf07826219a58cc15b50935d0dfa915dadab8e53743eb462db0914fc8ed939f40f53c73ff8bb951644aa2538a99e078e220b5cccf8dc66f96ea0e467e236f1534a66b89a4d0c457cffe26e1046086199cbca11df83c2134f4f4053c158c4bce3460678e23171683eff9034314e66389fc04f17f3612244c7f26d09f314c3e28f81022e930e25484c0356ceef2c218e64840bd74e02ee224ac39262416fa8aa75d30ba4b13ef528d67c40b91c6939b6c1ea9a116ee684cc931e233ef0d53c66a087373d18d5a436098474f76ee6654969ae768b8abd10c32ea7993d26b0112fcb36a39337eca6f1aa6548908e120bc4999b1e419aed26e6370888a8322267b88b2ec02bf68fe0b2981d40d9a0663029d8cc053bc977fbdde39be1c87e4669a24c99604c83b0dee36b438389cbcfc2ddb967383406c8db19cbc43434142b8529064de52e42d0d03503c454d46f1c88a7abedf66953f6b0474c5b59baa6536a9841331f290972361758147447e438decdb8e699838998ac79cfd75b5af9d55d3aedc53b01af8addb99cad87cf9b7e9f1023a4e232fa1259ca7827742e49c612aa62b60c80ea282d8badc6fc1b4a5e707e5aaa481c4b6198b4c3b08db2f0dc75e2b7f12b8815f9aa0b7a4683b9f9fc7c4af41fd32d57d348189d8952dd370f552b44746ea04099278518f745173bcbddda2b2bbcb60e7eec8f958fab66ee5b96c4c4774bc24f0f0dcbd093333a64e1275bc011b17b1ccfb02833eb766121dd170d565f543bda2ee511d83379138afaa1f2d74a6b7746380edf0acbdf6b17b759691d46e00af36a6942730b1aa36c295d05e2b9702cd0f0ad678c5a0372a846435456b3606883098371a29cfea6b8a0f4b845ecc172ad383698e2513970c6cd62d2dd0cadd97c453dc2ce6a0c93f497eceb6cf921f80a7bf1c7283d91ffa1c27ff26a9a6d7c8ff657c6ca6a8584744227ac762cc7dc04ac3b6cdafe2acd640f1b53c451232a5dbcd9d7a453f4bef1671515a2f7091ee9484e720de74086debdef0bdc064e763b7d1b942be44841f9589db9af405bbca33ecb6258ab699686d47653ad26d07de4f3a7b30bd638c7c0180258af6e88aaa8c3dba0d9f3d2340f9157c7e2f74eca50b0f5b9bcb8e2d557871680abcceaeef8faf213b96170afc39c2a7d297adda363fd29b944436c6d7d238be3042b888ae81a50a05b0bb34cd5c3e1d824b2d566acb1b33574dd33a3d8d8701c105bef39e07ed7670d94657cfd22433151a63945337c1b91ec75eaf53099ab1c3a0530a4a2575ef996f2ae10bf79c0f329522764d8dab0f58b8d11f10c2a7a1bd050f3c173404d942214153be7deea68df8555d15e4ac393814f360ef632dcc44a6dd4bcb30a2699af0fbeee944ea1f2dade08b8a9c701db2f95a6ebf57dce12a0be493888854793bba01282080c02f06fbbc135d4d0ba793954b6a3e50752c0fde5331bef7db86b739989399435faba49dae6aea452df45e76dbdcc308bec5be7b624a69da8d993331f8629e4acb25b050a7d3b8810700b0b0e88bc6ba16655a8e620dc12408ccf38efaa4ab913e8406a5fedc789f5e621338e36183e0d2fa1f9d63de2266ce9f720fb3e6580ffe5c67b6497c968c590bfaa86b7e0779f152a7bbd2d7f8d425b266dcbd102ac9a02c8631a10241f0ba9d204a1a60a4a0c7fb3ac998ef86576423d5f9effca474f8ec0df40c986caf6b1e03120cadddcdc9720559108030984d3a5e4bab00cdc6915a9d0f83750f1f0cce4f3ab93a376712a0eebfcd60324ab9e2a08b18548ae656028ad1e2ad92ee05c01fe413496d43fb8792d3787d5e2103d856754221ab3006b1722110f90c8b9555ccf68488a90a94b9db152e9dff6e2c4dd2d27e48c7a1f97b862263c5023b93cf5778b518f827266619b50b7107a4382d8b664950f90e1f5137c795415dfba03889561b76a62bb6c97aef30a969b5596c02515b245a995c502a938a08e932c1696a013c095ec97808193664390b45ad94a212b368b8ca21c3e954960916cb6fbaf69ca295e26387d06e3fb94f84e7fabf4ddb7fe7bce3be4a46672002baa28bbb71a9342d8a2b76b9f2cce7aa9f5a26dcf8496adb7f0200de8d68ee64b7f1526c02bdfaff09687754fbf01acd9a840fa63e791cc431d476453610361beede59129a72aa2917318813089a0ef9e197c847e26138d1c75cea8980e8308d610a5a3ced4ad63185d8fd4b57506cdc29aff42f46c7e56dcc932ac267bba1b93a6f8bde472d413da0a38224866ab5ec4e57b4cf8959a1d699b8572c61d6c969bf124ccbc2d7d188a16e3a2e2f8bf853393882577122eab4ba05d75b6629591aef96aab7e2de2d1e2c185e1bcb8cdef4e276cbf59b6364db542aef2859c00a1cba13465e448a9e7a22cf2f7b514c62572e1e976248f1414d2621e88d766d1c32efe24a0ef7303d03c78ededde8aa4543688941fecb248f8c3d8887dd703c497e37f965208563c871557054a89a5f3fe638dda4b848bfce25c8aa94fe859cf35cbe54212ff059dac165f9cfb10fceffbc7252022f0b8a6e4f9d0f1e950815327aa84cb5cc5aee0e159f90ceefe391686025af45b987994ba3f716339a5adac57bfc367e446aff021cd5df341982341cd403f3522c6a5f81cb24f6a60df5681748da5317d4b39ca30f19943fea00d953278bc3eba24004f97cb8a720ac50408404dece8e4f4df6aa94bf4fbfb27195c758891ce47d8a6127f4c02693e43d2f52e0307645236e507b5c037a9009dd653211c1f240d2c58ddb978842206742e78ebf53ce5720b96468e779dcea627ca61785e8494f4c5f5354989c24de087173b32f752af3ac00082eee56b590a014d57555c3e48d073338cb803c76343efc306956b2a8979b55eb55b088507b033d3fec7843b8146e0b704196a42444161830d1ba5ffe0e73d83fb8f87a13c81162f0bfd2d5ce29ae15c4c98d18a06f5b57d1f52052771b47768298540c6f6b2e8b75a860ff0bdcbdbe87c433f04c256a29b84f0bb25d05ed9f148898fdac0aaea70362f8dfa39afa36eb6e6a6b041dc0d33167b532e6ffd8ed17367f55b6f277fcbc1dadb4d3fed41732647728ea11276d124f01c815fb2baacb9fc798424a1a4ff31ba037e546cf7c0f2614145ba7f1dfa6cff1240dbe03a996167d06c37150f33a3ac7f8d626c943a41923ec5038518cd6c1071c9300312b8d7281b0fb40aa954f6895a641208e0f64e3821845ddea611ef230680a42d292d1b3ee4f6bf1858b5f889774490be08c96387bd270def1705972dc5b8ec60c9f4873092583012cc05e733a44a0fdda9867cbf68102f1394eab6ef6cb3aefae11de351efe6d4809bb97b82efef630640744a761ffa06ef1cb7fd266b5213acc169849292dc0fd35382975c25db48c10770d6326a81c4213c3d97e0a45956ff4e844010dfb39f4", 0x6c8, &(0x7f00000012c0)={0x0, 0x3}, 0x9, &(0x7f0000001300)="482a874b65633079386472e0b428b04510966e62503eaec1779ed700559aa2368c170439f5b461a3b2fbfeb16f5835041dd6edeb8909f1a0151f8e14a4e723ac4616b7454b", 0xf55c, 0xffffffff}, 0xa00}, 0x7, 0x1) openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001000)='/sys/kernel/tracing/set_event_pid\x00', 0x100, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) kernel console output (not intermixed with test programs): io_pin_pages+0xc3/0x1e0 [ 429.563355][T12255] io_pin_pages+0xc3/0x1e0 [ 429.563374][T12255] io_sqe_buffer_register+0x1e8/0x2000 [ 429.563403][T12255] ? rcu_is_watching+0x12/0xc0 [ 429.563425][T12255] ? trace_kmalloc+0x101/0x130 [ 429.563438][T12255] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 429.563458][T12255] ? io_rsrc_data_alloc+0x2c/0xa0 [ 429.563480][T12255] ? copy_iovec_from_user+0x102/0x140 [ 429.563503][T12255] ? iovec_from_user+0xda/0x140 [ 429.563528][T12255] io_sqe_buffers_register.cold+0x345/0x4c2 [ 429.563555][T12255] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 429.563581][T12255] ? __fget_files+0x215/0x3d0 [ 429.563606][T12255] ? __fget_files+0x21f/0x3d0 [ 429.563633][T12255] __do_sys_io_uring_register+0x12f9/0x1ac0 [ 429.563655][T12255] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 429.563673][T12255] ? __fget_files+0x21f/0x3d0 [ 429.563698][T12255] ? fput+0x79/0x100 [ 429.563713][T12255] ? ksys_write+0x1ac/0x250 [ 429.563735][T12255] ? __pfx_ksys_write+0x10/0x10 [ 429.563761][T12255] do_syscall_64+0x106/0xf80 [ 429.563777][T12255] ? clear_bhb_loop+0x40/0x90 [ 429.563796][T12255] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 429.563811][T12255] RIP: 0033:0x7f427719c629 [ 429.563824][T12255] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 429.563838][T12255] RSP: 002b:00007f427806a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 429.563853][T12255] RAX: ffffffffffffffda RBX: 00007f4277416090 RCX: 00007f427719c629 [ 429.563863][T12255] RDX: 0000200000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 429.563871][T12255] RBP: 00007f427806a090 R08: 0000000000000000 R09: 0000000000000000 [ 429.563880][T12255] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000001 [ 429.563888][T12255] R13: 00007f4277416128 R14: 00007f4277416090 R15: 00007ffc43a09d98 [ 429.563907][T12255] [ 430.271785][ T5824] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 432.149178][T12296] [ 433.583937][ T5824] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 434.461825][T12340] netlink: 'syz.4.1268': attribute type 27 has an invalid length. [ 434.520151][T12335] netlink: 'syz.4.1268': attribute type 27 has an invalid length. [ 434.587211][T12335] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1268'. [ 434.633612][T12340] netlink: 146 bytes leftover after parsing attributes in process `syz.4.1268'. [ 437.015546][T12383] FAULT_INJECTION: forcing a failure. [ 437.015546][T12383] name failslab, interval 1, probability 0, space 0, times 0 [ 437.087856][T12383] CPU: 0 UID: 0 PID: 12383 Comm: syz.0.1287 Tainted: G U L syzkaller #0 PREEMPT(full) [ 437.087887][T12383] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 437.087893][T12383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 437.087903][T12383] Call Trace: [ 437.087909][T12383] [ 437.087914][T12383] dump_stack_lvl+0x100/0x190 [ 437.087942][T12383] should_fail_ex.cold+0x5/0xa [ 437.087961][T12383] should_failslab+0xc2/0x120 [ 437.087977][T12383] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 437.087998][T12383] ? alloc_empty_file+0x55/0x1c0 [ 437.088021][T12383] alloc_empty_file+0x55/0x1c0 [ 437.088039][T12383] alloc_file_pseudo+0x13a/0x230 [ 437.088063][T12383] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 437.088083][T12383] ? __lock_acquire+0x4a5/0x2630 [ 437.088103][T12383] __shmem_file_setup+0x221/0x490 [ 437.088123][T12383] ? __pfx___shmem_file_setup+0x10/0x10 [ 437.088142][T12383] ? do_raw_spin_lock+0x128/0x260 [ 437.088162][T12383] ? find_held_lock+0x2b/0x80 [ 437.088175][T12383] ? alloc_fd+0x476/0x790 [ 437.088196][T12383] ? alloc_fd+0x476/0x790 [ 437.088219][T12383] memfd_alloc_file+0x247/0x620 [ 437.088238][T12383] ? _raw_spin_unlock+0x28/0x50 [ 437.088261][T12383] ? __pfx_memfd_alloc_file+0x10/0x10 [ 437.088284][T12383] __do_sys_memfd_create+0x236/0x3d0 [ 437.088305][T12383] do_syscall_64+0x106/0xf80 [ 437.088321][T12383] ? clear_bhb_loop+0x40/0x90 [ 437.088339][T12383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.088354][T12383] RIP: 0033:0x7f2fedd9c629 [ 437.088368][T12383] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 437.088382][T12383] RSP: 002b:00007f2feec41028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 437.088397][T12383] RAX: ffffffffffffffda RBX: 00007f2fee015fa0 RCX: 00007f2fedd9c629 [ 437.088407][T12383] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 437.088415][T12383] RBP: 00007f2fede32b39 R08: 0000000000000000 R09: 0000000000000000 [ 437.088424][T12383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 437.088433][T12383] R13: 00007f2fee016038 R14: 00007f2fee015fa0 R15: 00007fff842a3878 [ 437.088453][T12383] [ 438.812888][T12413] FAULT_INJECTION: forcing a failure. [ 438.812888][T12413] name failslab, interval 1, probability 0, space 0, times 0 [ 438.918368][T12413] CPU: 0 UID: 0 PID: 12413 Comm: syz.1.1286 Tainted: G U L syzkaller #0 PREEMPT(full) [ 438.918398][T12413] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 438.918404][T12413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 438.918414][T12413] Call Trace: [ 438.918420][T12413] [ 438.918427][T12413] dump_stack_lvl+0x100/0x190 [ 438.918455][T12413] should_fail_ex.cold+0x5/0xa [ 438.918474][T12413] should_failslab+0xc2/0x120 [ 438.918489][T12413] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 438.918510][T12413] ? __ksm_enter+0x3c/0x650 [ 438.918533][T12413] __ksm_enter+0x3c/0x650 [ 438.918555][T12413] ksm_enable_merge_any+0xbf/0x120 [ 438.918577][T12413] __do_sys_prctl+0xef9/0x2330 [ 438.918605][T12413] ? __pfx___do_sys_prctl+0x10/0x10 [ 438.918632][T12413] do_syscall_64+0x106/0xf80 [ 438.918649][T12413] ? clear_bhb_loop+0x40/0x90 [ 438.918667][T12413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.918682][T12413] RIP: 0033:0x7f349ad9c629 [ 438.918696][T12413] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 438.918711][T12413] RSP: 002b:00007f349bc33028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 438.918726][T12413] RAX: ffffffffffffffda RBX: 00007f349b015fa0 RCX: 00007f349ad9c629 [ 438.918736][T12413] RDX: 0000000000000000 RSI: 0000000000000017 RDI: 0000000000000043 [ 438.918745][T12413] RBP: 00007f349ae32b39 R08: 0000000000000000 R09: 0000000000000000 [ 438.918753][T12413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 438.918762][T12413] R13: 00007f349b016038 R14: 00007f349b015fa0 R15: 00007fffbed1aaf8 [ 438.918781][T12413] [ 439.902861][T12430] FAULT_INJECTION: forcing a failure. [ 439.902861][T12430] name failslab, interval 1, probability 0, space 0, times 0 [ 439.902894][T12430] CPU: 0 UID: 0 PID: 12430 Comm: syz.1.1291 Tainted: G U L syzkaller #0 PREEMPT(full) [ 439.902918][T12430] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 439.902923][T12430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 439.902932][T12430] Call Trace: [ 439.902937][T12430] [ 439.902944][T12430] dump_stack_lvl+0x100/0x190 [ 439.902971][T12430] should_fail_ex.cold+0x5/0xa [ 439.902989][T12430] should_failslab+0xc2/0x120 [ 439.903004][T12430] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 439.903024][T12430] ? do_getname+0x35/0x390 [ 439.903048][T12430] do_getname+0x35/0x390 [ 439.903066][T12430] do_sys_openat2+0xc5/0x1e0 [ 439.903084][T12430] ? __pfx_do_sys_openat2+0x10/0x10 [ 439.903108][T12430] __x64_sys_openat+0x12d/0x210 [ 439.903127][T12430] ? __pfx___x64_sys_openat+0x10/0x10 [ 439.903152][T12430] do_syscall_64+0x106/0xf80 [ 439.903169][T12430] ? clear_bhb_loop+0x40/0x90 [ 439.903187][T12430] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.903202][T12430] RIP: 0033:0x7f349ad9c629 [ 439.903215][T12430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 439.903229][T12430] RSP: 002b:00007f349bc33028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 439.903243][T12430] RAX: ffffffffffffffda RBX: 00007f349b015fa0 RCX: 00007f349ad9c629 [ 439.903253][T12430] RDX: 0000000000080080 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 439.903262][T12430] RBP: 00007f349ae32b39 R08: 0000000000000000 R09: 0000000000000000 [ 439.903271][T12430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 439.903279][T12430] R13: 00007f349b016038 R14: 00007f349b015fa0 R15: 00007fffbed1aaf8 [ 439.903299][T12430] [ 439.953145][T12430] input: f¬ as /devices/virtual/input/input80 [ 440.198330][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.198390][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.883763][ T5824] Bluetooth: hci1: unexpected subevent 0x05 length: 123 > 12 [ 446.649787][T12563] FAULT_INJECTION: forcing a failure. [ 446.649787][T12563] name failslab, interval 1, probability 0, space 0, times 0 [ 446.771460][T12563] CPU: 0 UID: 0 PID: 12563 Comm: syz.1.1308 Tainted: G U L syzkaller #0 PREEMPT(full) [ 446.771489][T12563] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 446.771495][T12563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 446.771505][T12563] Call Trace: [ 446.771510][T12563] [ 446.771516][T12563] dump_stack_lvl+0x100/0x190 [ 446.771544][T12563] should_fail_ex.cold+0x5/0xa [ 446.771562][T12563] should_failslab+0xc2/0x120 [ 446.771577][T12563] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 446.771598][T12563] ? __d_alloc+0x34/0xa80 [ 446.771617][T12563] __d_alloc+0x34/0xa80 [ 446.771634][T12563] d_alloc_pseudo+0x1c/0xc0 [ 446.771654][T12563] alloc_file_pseudo+0xcf/0x230 [ 446.771672][T12563] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 446.771690][T12563] ? __lock_acquire+0x4a5/0x2630 [ 446.771711][T12563] __shmem_file_setup+0x221/0x490 [ 446.771730][T12563] ? __pfx___shmem_file_setup+0x10/0x10 [ 446.771750][T12563] ? do_raw_spin_lock+0x128/0x260 [ 446.771769][T12563] ? find_held_lock+0x2b/0x80 [ 446.771782][T12563] ? alloc_fd+0x476/0x790 [ 446.771803][T12563] ? alloc_fd+0x476/0x790 [ 446.771826][T12563] memfd_alloc_file+0x247/0x620 [ 446.771844][T12563] ? _raw_spin_unlock+0x28/0x50 [ 446.771868][T12563] ? __pfx_memfd_alloc_file+0x10/0x10 [ 446.771891][T12563] __do_sys_memfd_create+0x236/0x3d0 [ 446.771911][T12563] do_syscall_64+0x106/0xf80 [ 446.771936][T12563] ? clear_bhb_loop+0x40/0x90 [ 446.771956][T12563] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.771972][T12563] RIP: 0033:0x7f349ad9c629 [ 446.771987][T12563] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 446.772001][T12563] RSP: 002b:00007f349bc33028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 446.772016][T12563] RAX: ffffffffffffffda RBX: 00007f349b015fa0 RCX: 00007f349ad9c629 [ 446.772025][T12563] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 446.772034][T12563] RBP: 00007f349ae32b39 R08: 0000000000000000 R09: 0000000000000000 [ 446.772043][T12563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 446.772052][T12563] R13: 00007f349b016038 R14: 00007f349b015fa0 R15: 00007fffbed1aaf8 [ 446.772072][T12563] [ 447.265804][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 447.546770][T12572] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 451.180651][T12643] Console: switching to colour VGA+ 80x25 [ 454.717263][T12687] vivid-007: ================= START STATUS ================= [ 454.776916][T12687] vivid-007: Generate PTS: true [ 454.811813][T12687] vivid-007: Generate SCR: true [ 454.879901][T12687] tpg source WxH: 320x240 (Y'CbCr) [ 454.885706][T12687] tpg field: 1 [ 454.889072][T12687] tpg crop: (0,0)/320x240 [ 455.030046][T12687] tpg compose: (0,0)/320x240 [ 455.034687][T12687] tpg colorspace: 8 [ 455.038475][T12687] tpg transfer function: 0/0 [ 455.115593][T12687] tpg Y'CbCr encoding: 0/0 [ 455.153129][T12687] tpg quantization: 0/0 [ 455.245681][T12687] tpg RGB range: 0/2 [ 455.264568][T12687] vivid-007: ================== END STATUS ================== [ 460.244432][ T5824] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 460.268409][T12800] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1363'. [ 461.878990][T12827] zswap: compressor not available [ 462.284268][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 464.368171][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 465.812015][T12885] vivid-007: ================= START STATUS ================= [ 465.887277][T12885] vivid-007: Generate PTS: true [ 465.892202][T12885] vivid-007: Generate SCR: true [ 465.975590][T12885] tpg source WxH: 320x240 (Y'CbCr) [ 465.980751][T12885] tpg field: 1 [ 465.984316][T12885] tpg crop: (0,0)/320x240 [ 466.078539][T12885] tpg compose: (0,0)/320x240 [ 466.182624][T12885] tpg colorspace: 8 [ 466.210856][T12885] tpg transfer function: 0/0 [ 466.285166][T12885] tpg Y'CbCr encoding: 0/0 [ 466.351025][T12885] tpg quantization: 0/0 [ 466.445652][T12885] tpg RGB range: 0/2 [ 466.449618][T12885] vivid-007: ================== END STATUS ================== [ 466.488586][T12894] netlink: 'syz.4.1382': attribute type 3 has an invalid length. [ 468.640823][T12941] zswap: compressor not available [ 468.696422][T12940] delete_channel: no stack [ 469.127729][T12963] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 470.861577][T12996] random: crng reseeded on system resumption [ 471.493417][T13003] vivid-007: ================= START STATUS ================= [ 471.550156][T13003] vivid-007: Generate PTS: true [ 471.590169][T13003] vivid-007: Generate SCR: true [ 471.595074][T13003] tpg source WxH: 320x240 (Y'CbCr) [ 471.678366][T13003] tpg field: 1 [ 471.681856][T13003] tpg crop: (0,0)/320x240 [ 471.758081][T13003] tpg compose: (0,0)/320x240 [ 471.806273][T13003] tpg colorspace: 8 [ 471.880506][T13003] tpg transfer function: 0/0 [ 471.928291][T13003] tpg Y'CbCr encoding: 0/0 [ 471.996089][T13003] tpg quantization: 0/0 [ 472.116299][T13003] tpg RGB range: 0/2 [ 472.253829][T13003] vivid-007: ================== END STATUS ================== [ 474.701297][ T29] audit: type=1326 audit(6066781622.559:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13061 comm="syz.4.1409" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7fe179c629 code=0x0 [ 476.277640][ T29] audit: type=1804 audit(6066781624.129:15): pid=13088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1420" name="/newroot/367/file0" dev="tmpfs" ino=1958 res=1 errno=0 [ 477.566905][T13108] netlink: 246 bytes leftover after parsing attributes in process `syz.5.1417'. [ 478.554619][T13136] zswap: compressor not available [ 479.287254][T13165] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 479.323596][ T29] audit: type=1804 audit(6066781627.177:16): pid=13166 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1428" name="/newroot/377/file0" dev="tmpfs" ino=2022 res=1 errno=0 [ 479.442643][T13165] FAULT_INJECTION: forcing a failure. [ 479.442643][T13165] name failslab, interval 1, probability 0, space 0, times 0 [ 479.645043][T13165] CPU: 0 UID: 0 PID: 13165 Comm: syz.1.1431 Tainted: G U L syzkaller #0 PREEMPT(full) [ 479.645073][T13165] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 479.645080][T13165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 479.645090][T13165] Call Trace: [ 479.645096][T13165] [ 479.645102][T13165] dump_stack_lvl+0x100/0x190 [ 479.645131][T13165] should_fail_ex.cold+0x5/0xa [ 479.645149][T13165] ? sk_prot_alloc+0x10b/0x2a0 [ 479.645169][T13165] should_failslab+0xc2/0x120 [ 479.645184][T13165] __kmalloc_noprof+0xe0/0x850 [ 479.645208][T13165] sk_prot_alloc+0x10b/0x2a0 [ 479.645229][T13165] sk_alloc+0x36/0xe80 [ 479.645244][T13165] __netlink_create+0x5e/0x2c0 [ 479.645259][T13165] ? __wake_up+0x3f/0x60 [ 479.645276][T13165] netlink_create+0x293/0x610 [ 479.645292][T13165] ? __pfx_genl_bind+0x10/0x10 [ 479.645309][T13165] ? __pfx_genl_unbind+0x10/0x10 [ 479.645326][T13165] ? __pfx_genl_release+0x10/0x10 [ 479.645347][T13165] __sock_create+0x339/0x860 [ 479.645372][T13165] __sys_socket+0x14d/0x260 [ 479.645393][T13165] ? __pfx___sys_socket+0x10/0x10 [ 479.645419][T13165] __x64_sys_socket+0x72/0xb0 [ 479.645439][T13165] ? lockdep_hardirqs_on+0x78/0x100 [ 479.645456][T13165] do_syscall_64+0x106/0xf80 [ 479.645471][T13165] ? clear_bhb_loop+0x40/0x90 [ 479.645489][T13165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.645504][T13165] RIP: 0033:0x7f349ad9c629 [ 479.645518][T13165] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 479.645533][T13165] RSP: 002b:00007f349bc33028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 479.645548][T13165] RAX: ffffffffffffffda RBX: 00007f349b015fa0 RCX: 00007f349ad9c629 [ 479.645558][T13165] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 479.645566][T13165] RBP: 00007f349ae32b39 R08: 0000000000000000 R09: 0000000000000000 [ 479.645575][T13165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 479.645583][T13165] R13: 00007f349b016038 R14: 00007f349b015fa0 R15: 00007fffbed1aaf8 [ 479.645602][T13165] [ 481.548789][T13198] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1437'. [ 481.569641][T13182] zswap: compressor not available [ 481.728100][T13198] team0 (unregistering): Port device team_slave_0 removed [ 481.808248][T13198] team0 (unregistering): Port device team_slave_1 removed [ 484.357970][T13237] zswap: compressor not available [ 487.393945][T13284] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1453'. [ 488.772923][T13285] kexec: Could not allocate control_code_buffer [ 488.810470][T13303] zswap: compressor not available [ 489.539199][T13316] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 491.055902][T13343] vivid-007: ================= START STATUS ================= [ 491.261554][T13343] vivid-007: Generate PTS: true [ 491.311607][T13343] vivid-007: Generate SCR: true [ 491.340241][T13348] zswap: compressor not available [ 491.453629][T13343] tpg source WxH: 320x240 (Y'CbCr) [ 491.516811][T13343] tpg field: 1 [ 491.572802][T13343] tpg crop: (0,0)/320x240 [ 491.669280][T13343] tpg compose: (0,0)/320x240 [ 491.685345][T13358] futex_wake_op: syz.4.1465 tries to shift op by -2048; fix this program [ 491.751278][T13343] tpg colorspace: 8 [ 491.755121][T13343] tpg transfer function: 0/0 [ 491.765630][T13358] futex_wake_op: syz.4.1465 tries to shift op by -2048; fix this program [ 491.899346][T13343] tpg Y'CbCr encoding: 0/0 [ 491.903846][T13343] tpg quantization: 0/0 [ 492.020480][T13343] tpg RGB range: 0/2 [ 492.024504][T13343] vivid-007: ================== END STATUS ================== [ 494.988350][T13427] vivid-007: ================= START STATUS ================= [ 495.043706][T13427] vivid-007: Generate PTS: true [ 495.081974][T13427] vivid-007: Generate SCR: true [ 495.143496][T13427] tpg source WxH: 320x240 (Y'CbCr) [ 495.213548][T13427] tpg field: 1 [ 495.253087][T13427] tpg crop: (0,0)/320x240 [ 495.279647][T13427] tpg compose: (0,0)/320x240 [ 495.321683][T13427] tpg colorspace: 8 [ 495.341980][T13427] tpg transfer function: 0/0 [ 495.381751][T13427] tpg Y'CbCr encoding: 0/0 [ 495.423458][T13427] tpg quantization: 0/0 [ 495.449692][T13427] tpg RGB range: 0/2 [ 495.481292][T13427] vivid-007: ================== END STATUS ================== [ 496.403252][T13450] ima: policy update failed [ 496.408025][ T29] audit: type=1802 audit(6066781644.249:17): pid=13450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1481" res=0 errno=0 [ 496.536871][T13450] serio: Serial port pty6 [ 496.621026][ T5831] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 498.425383][T13488] vivid-007: ================= START STATUS ================= [ 498.479744][T13488] vivid-007: Generate PTS: true [ 498.527014][T13488] vivid-007: Generate SCR: true [ 498.559499][T13488] tpg source WxH: 320x240 (Y'CbCr) [ 498.594265][T13488] tpg field: 1 [ 498.615287][T13488] tpg crop: (0,0)/320x240 [ 498.661199][T13488] tpg compose: (0,0)/320x240 [ 498.691586][T13488] tpg colorspace: 8 [ 498.725491][T13488] tpg transfer function: 0/0 [ 498.761554][T13488] tpg Y'CbCr encoding: 0/0 [ 498.791239][T13488] tpg quantization: 0/0 [ 498.821548][T13488] tpg RGB range: 0/2 [ 498.840491][T13488] vivid-007: ================== END STATUS ================== [ 499.033570][T13498] netlink: 122 bytes leftover after parsing attributes in process `syz.4.1489'. [ 499.453097][T13508] sd 0:0:1:0: PR command failed: 1026 [ 499.503057][T13508] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 499.547984][T13508] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 500.008521][T13504] Setting dangerous option i915.mitigations - tainting kernel [ 500.595687][T13503] zswap: compressor û not available [ 501.666110][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.673103][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 503.193249][T13553] vivid-007: ================= START STATUS ================= [ 503.317463][T13553] vivid-007: Generate PTS: true [ 503.368039][T13553] vivid-007: Generate SCR: true [ 503.433767][ T5831] Bluetooth: hci2: unexpected subevent 0x03 length: 253 > 9 [ 503.549113][T13553] tpg source WxH: 320x240 (Y'CbCr) [ 503.628639][T13553] tpg field: 1 [ 503.728730][T13553] tpg crop: (0,0)/320x240 [ 503.864967][T13553] tpg compose: (0,0)/320x240 [ 503.938594][T13553] tpg colorspace: 8 [ 504.082286][T13553] tpg transfer function: 0/0 [ 504.184888][T13553] tpg Y'CbCr encoding: 0/0 [ 504.189357][T13553] tpg quantization: 0/0 [ 504.458133][T13553] tpg RGB range: 0/2 [ 504.462073][T13553] vivid-007: ================== END STATUS ================== [ 504.955984][T13589] netlink: 'syz.4.1505': attribute type 27 has an invalid length. [ 505.049896][T13589] netlink: 334 bytes leftover after parsing attributes in process `syz.4.1505'. [ 505.437872][T13593] netlink: 92 bytes leftover after parsing attributes in process `syz.5.1506'. [ 507.574345][T13626] vivid-007: ================= START STATUS ================= [ 507.637109][T13626] vivid-007: Generate PTS: true [ 507.642465][T13626] vivid-007: Generate SCR: true [ 507.725906][T13626] tpg source WxH: 320x240 (Y'CbCr) [ 507.787360][T13626] tpg field: 1 [ 507.816792][T13626] tpg crop: (0,0)/320x240 [ 507.846106][T13626] tpg compose: (0,0)/320x240 [ 507.878146][T13626] tpg colorspace: 8 [ 507.905173][T13626] tpg transfer function: 0/0 [ 507.941825][T13626] tpg Y'CbCr encoding: 0/0 [ 507.967800][T13626] tpg quantization: 0/0 [ 507.990858][T13626] tpg RGB range: 0/2 [ 508.010037][T13626] vivid-007: ================== END STATUS ================== [ 509.881130][T13665] netlink: 326 bytes leftover after parsing attributes in process `syz.5.1525'. [ 513.287073][ T29] audit: type=1807 audit(6066781661.120:18): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 513.318713][T13707] ima: policy update failed [ 513.397348][ T29] audit: type=1802 audit(6066781661.150:19): pid=13707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.1533" res=0 errno=0 [ 513.420828][T13707] serio: Serial port pty6 [ 513.565853][ T29] audit: type=1802 audit(6066781661.220:20): pid=13707 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1533" res=0 errno=0 [ 514.723224][T13738] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 514.776311][T13738] random: crng reseeded on system resumption [ 516.737675][T13764] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1550'. [ 518.830360][T13791] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1558'. [ 522.654453][T13848] netlink: 146 bytes leftover after parsing attributes in process `syz.0.1570'. [ 523.719287][T13857] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1573'. [ 527.700351][T13911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1594'. [ 529.648759][T13946] netlink: 'syz.5.1592': attribute type 1 has an invalid length. [ 531.179357][T13971] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1599'. [ 532.098541][T13980] netlink: 338 bytes leftover after parsing attributes in process `syz.5.1600'. [ 534.251923][T14017] cifs: Unknown parameter 'T.ŸÜÛæ¨Å¼c[ŸÐê€$âæµÈ)ü±UóÑnEó-Ê™¾l®öÚ-ºŒ -¾_€™¯Ôåáª5Z äoåé¢mžÐfwYÍhº*/ÿxDlÝ©Š×ígÕkÇAí³ùÏ7ÍØØ9’ôXöa/fê_ÿAR£ˆ™‘ÈxM ‚v¬—pÿ±$^;ôØq‡3±«£n졵-6©+e„k„¾ñÇ<°kœcÔ)n.üeMÍ÷Na¨t®ÐSMÎÆ1,™úuÍê*Ù‹1‡4M++j³ˆ×¹ç:|:/³+'Šm/úC [ 534.251923][T14017] Ö!‰÷S»—gƒ‡ŒÐ@ΪMLîÝT¾w.‡œlÉ;Õ_-:Q÷y•K¶N½ïMz>‘l*[çG˜§ÜC°ŠH‚ž¸®Fx^ÉÄ’©’Pktkëyÿøývû¼e' [ 534.610349][T14019] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1609'. [ 535.094580][T14032] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1612'. [ 535.798078][T14024] Console: switching to colour frame buffer device 128x48 [ 537.634725][T14057] vivid-007: ================= START STATUS ================= [ 537.685811][T14057] vivid-007: Generate PTS: true [ 537.715903][T14057] vivid-007: Generate SCR: true [ 537.751980][T14057] tpg source WxH: 320x240 (Y'CbCr) [ 537.800415][T14057] tpg field: 1 [ 537.838268][T14057] tpg crop: (0,0)/320x240 [ 537.863510][T14057] tpg compose: (0,0)/320x240 [ 537.890585][T14057] tpg colorspace: 8 [ 537.933622][T14057] tpg transfer function: 0/0 [ 537.958974][T14057] tpg Y'CbCr encoding: 0/0 [ 537.984398][T14057] tpg quantization: 0/0 [ 538.007503][T14057] tpg RGB range: 0/2 [ 538.035330][T14057] vivid-007: ================== END STATUS ================== [ 538.091227][T14058] vivid-007: ================= START STATUS ================= [ 538.123244][T14058] vivid-007: Generate PTS: true [ 538.137855][T14058] vivid-007: Generate SCR: true [ 538.167479][T14058] tpg source WxH: 320x240 (Y'CbCr) [ 538.195583][T14058] tpg field: 1 [ 538.221925][T14058] tpg crop: (0,0)/320x240 [ 538.245451][T14058] tpg compose: (0,0)/320x240 [ 538.280552][T14058] tpg colorspace: 8 [ 538.309502][T14058] tpg transfer function: 0/0 [ 538.332587][T14058] tpg Y'CbCr encoding: 0/0 [ 538.374265][T14058] tpg quantization: 0/0 [ 538.401406][T14058] tpg RGB range: 0/2 [ 538.408907][T14058] vivid-007: ================== END STATUS ================== [ 538.453658][T14060] FAULT_INJECTION: forcing a failure. [ 538.453658][T14060] name fail_futex, interval 1, probability 0, space 0, times 0 [ 538.531310][T14060] CPU: 0 UID: 0 PID: 14060 Comm: syz.1.1618 Tainted: G U L syzkaller #0 PREEMPT(full) [ 538.531339][T14060] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 538.531345][T14060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 538.531354][T14060] Call Trace: [ 538.531358][T14060] [ 538.531364][T14060] dump_stack_lvl+0x100/0x190 [ 538.531392][T14060] should_fail_ex.cold+0x5/0xa [ 538.531410][T14060] get_futex_key+0x1d2/0x1620 [ 538.531436][T14060] ? __pfx_get_futex_key+0x10/0x10 [ 538.531452][T14060] ? lock_acquire+0x1cf/0x380 [ 538.531476][T14060] futex_wake+0xea/0x530 [ 538.531499][T14060] ? __pfx_futex_wake+0x10/0x10 [ 538.531520][T14060] ? exit_mm_release+0x19/0x30 [ 538.531544][T14060] do_futex+0x32b/0x350 [ 538.531562][T14060] ? __pfx_do_futex+0x10/0x10 [ 538.531579][T14060] ? __might_fault+0xc5/0x140 [ 538.531603][T14060] mm_release+0x24a/0x2f0 [ 538.531618][T14060] do_exit+0x675/0x2aa0 [ 538.531639][T14060] ? __pfx_do_exit+0x10/0x10 [ 538.531657][T14060] ? do_raw_spin_lock+0x128/0x260 [ 538.531677][T14060] ? find_held_lock+0x2b/0x80 [ 538.531690][T14060] ? get_signal+0x7e0/0x21e0 [ 538.531707][T14060] do_group_exit+0xd5/0x2a0 [ 538.531727][T14060] get_signal+0x1ec7/0x21e0 [ 538.531748][T14060] ? __pfx_get_signal+0x10/0x10 [ 538.531764][T14060] ? __pfx_vfs_read+0x10/0x10 [ 538.531784][T14060] ? find_held_lock+0x2b/0x80 [ 538.531797][T14060] ? __fget_files+0x215/0x3d0 [ 538.531821][T14060] arch_do_signal_or_restart+0x91/0x770 [ 538.531840][T14060] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 538.531863][T14060] ? ksys_read+0x1ac/0x250 [ 538.531893][T14060] exit_to_user_mode_loop+0x86/0x4a0 [ 538.531914][T14060] do_syscall_64+0x668/0xf80 [ 538.531930][T14060] ? clear_bhb_loop+0x40/0x90 [ 538.531948][T14060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.531963][T14060] RIP: 0033:0x7f349ad9c629 [ 538.531977][T14060] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 538.531992][T14060] RSP: 002b:00007f349bc12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 538.532006][T14060] RAX: fffffffffffffe00 RBX: 00007f349b016090 RCX: 00007f349ad9c629 [ 538.532016][T14060] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 538.532024][T14060] RBP: 00007f349bc12090 R08: 0000000000000000 R09: 0000000000000000 [ 538.532032][T14060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 538.532041][T14060] R13: 00007f349b016128 R14: 00007f349b016090 R15: 00007fffbed1aaf8 [ 538.532060][T14060] [ 539.250899][T14073] vivid-007: ================= START STATUS ================= [ 539.279008][T14073] vivid-007: Generate PTS: true [ 539.289135][T14073] vivid-007: Generate SCR: true [ 539.310134][T14073] tpg source WxH: 320x240 (Y'CbCr) [ 539.334187][T14073] tpg field: 1 [ 539.337785][T14073] tpg crop: (0,0)/320x240 [ 539.366642][T14073] tpg compose: (0,0)/320x240 [ 539.391511][T14073] tpg colorspace: 8 [ 539.411537][T14073] tpg transfer function: 0/0 [ 539.421514][T14073] tpg Y'CbCr encoding: 0/0 [ 539.437790][T14073] tpg quantization: 0/0 [ 539.451732][T14073] tpg RGB range: 0/2 [ 539.471614][T14073] vivid-007: ================== END STATUS ================== [ 540.857962][T14115] cifs: Unknown parameter 'T.ŸÜÛæ¨Å¼c[ŸÐê€$âæµÈ)ü±UóÑnEó-Ê™¾l®öÚ-ºŒ -¾_€™¯Ôåáª5Z äoåé¢mžÐfwYÍhº*/ÿxDlÝ©Š×ígÕkÇAí³ùÏ7ÍØØ9’ôXöa/fê_ÿAR£ˆ™‘ÈxM ‚v¬—pÿ±$^;ôØq‡3±«£n졵-6©+e„k„¾ñÇ<°kœcÔ)n.üeMÍ÷Na¨t®ÐSMÎÆ1,™úuÍê*Ù‹1‡4M++j³ˆ×¹ç:|:/³+'Šm/úC [ 540.857962][T14115] Ö!‰÷S»—gƒ‡ŒÐ@ΪMLîÝT¾w.‡œlÉ;Õ_-:Q÷y•K¶N½ïMz>‘l*[çG˜§ÜC°ŠH‚ž¸®Fx^ÉÄ’©’Pktkëyÿøývû¼e' [ 540.916113][T14091] FAULT_INJECTION: forcing a failure. [ 540.916113][T14091] name fail_futex, interval 1, probability 0, space 0, times 0 [ 540.977655][T14091] CPU: 0 UID: 0 PID: 14091 Comm: syz.0.1624 Tainted: G U L syzkaller #0 PREEMPT(full) [ 540.977683][T14091] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 540.977689][T14091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 540.977698][T14091] Call Trace: [ 540.977703][T14091] [ 540.977709][T14091] dump_stack_lvl+0x100/0x190 [ 540.977753][T14091] should_fail_ex.cold+0x5/0xa [ 540.977768][T14091] ? rcu_is_watching+0x12/0xc0 [ 540.977792][T14091] get_futex_key+0x1d2/0x1620 [ 540.977815][T14091] ? __pfx_get_futex_key+0x10/0x10 [ 540.977831][T14091] ? lock_acquire+0x1cf/0x380 [ 540.977856][T14091] futex_wake+0xea/0x530 [ 540.977879][T14091] ? __pfx_futex_wake+0x10/0x10 [ 540.977900][T14091] ? exit_mm_release+0x19/0x30 [ 540.977923][T14091] do_futex+0x32b/0x350 [ 540.977941][T14091] ? __pfx_do_futex+0x10/0x10 [ 540.977958][T14091] ? __might_fault+0xc5/0x140 [ 540.977982][T14091] mm_release+0x24a/0x2f0 [ 540.977997][T14091] do_exit+0x675/0x2aa0 [ 540.978018][T14091] ? __pfx_do_exit+0x10/0x10 [ 540.978036][T14091] ? do_raw_spin_lock+0x128/0x260 [ 540.978056][T14091] ? find_held_lock+0x2b/0x80 [ 540.978069][T14091] ? get_signal+0x7e0/0x21e0 [ 540.978086][T14091] do_group_exit+0xd5/0x2a0 [ 540.978106][T14091] get_signal+0x1ec7/0x21e0 [ 540.978130][T14091] ? __pfx_get_signal+0x10/0x10 [ 540.978146][T14091] ? do_futex+0x192/0x350 [ 540.978166][T14091] arch_do_signal_or_restart+0x91/0x770 [ 540.978186][T14091] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 540.978209][T14091] ? __pfx___x64_sys_futex+0x10/0x10 [ 540.978238][T14091] exit_to_user_mode_loop+0x86/0x4a0 [ 540.978259][T14091] do_syscall_64+0x668/0xf80 [ 540.978275][T14091] ? clear_bhb_loop+0x40/0x90 [ 540.978293][T14091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 540.978308][T14091] RIP: 0033:0x7f2fedd9c629 [ 540.978321][T14091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 540.978335][T14091] RSP: 002b:00007f2feec200e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 540.978351][T14091] RAX: fffffffffffffe00 RBX: 00007f2fee016098 RCX: 00007f2fedd9c629 [ 540.978361][T14091] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2fee016098 [ 540.978380][T14091] RBP: 00007f2fee016090 R08: 0000000000000000 R09: 0000000000000000 [ 540.978389][T14091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 540.978397][T14091] R13: 00007f2fee016128 R14: 00007fff842a3790 R15: 00007fff842a3878 [ 540.978416][T14091] [ 541.694538][T14122] vivid-007: ================= START STATUS ================= [ 541.722717][T14122] vivid-007: Generate PTS: true [ 541.727887][T14122] vivid-007: Generate SCR: true [ 541.759114][T14122] tpg source WxH: 320x240 (Y'CbCr) [ 541.793404][T14122] tpg field: 1 [ 541.797218][T14122] tpg crop: (0,0)/320x240 [ 541.842774][T14122] tpg compose: (0,0)/320x240 [ 541.850213][T14122] tpg colorspace: 8 [ 541.882863][T14122] tpg transfer function: 0/0 [ 541.887886][T14122] tpg Y'CbCr encoding: 0/0 [ 541.919125][T14122] tpg quantization: 0/0 [ 541.934278][T14122] tpg RGB range: 0/2 [ 541.951719][T14122] vivid-007: ================== END STATUS ================== [ 542.932451][T14137] [U] [ 544.013885][T14175] vivid-007: ================= START STATUS ================= [ 544.137807][T14175] vivid-007: Generate PTS: true [ 544.142790][T14175] vivid-007: Generate SCR: true [ 544.289029][T14175] tpg source WxH: 320x240 (Y'CbCr) [ 544.372334][T14175] tpg field: 1 [ 544.443476][T14175] tpg crop: (0,0)/320x240 [ 544.489344][T14175] tpg compose: (0,0)/320x240 [ 544.623844][T14175] tpg colorspace: 8 [ 544.678525][T14175] tpg transfer function: 0/0 [ 544.856297][T14175] tpg Y'CbCr encoding: 0/0 [ 544.937582][T14175] tpg quantization: 0/0 [ 544.941774][T14175] tpg RGB range: 0/2 [ 545.054539][T14175] vivid-007: ================== END STATUS ================== [ 545.789406][T14202] vivid-007: ================= START STATUS ================= [ 545.864840][T14202] vivid-007: Generate PTS: true [ 545.869933][T14202] vivid-007: Generate SCR: true [ 545.948514][T14202] tpg source WxH: 320x240 (Y'CbCr) [ 546.003567][T14202] tpg field: 1 [ 546.020350][T14202] tpg crop: (0,0)/320x240 [ 546.051557][T14202] tpg compose: (0,0)/320x240 [ 546.070532][T14202] tpg colorspace: 8 [ 546.116871][T14202] tpg transfer function: 0/0 [ 546.145222][T14202] tpg Y'CbCr encoding: 0/0 [ 546.181068][T14202] tpg quantization: 0/0 [ 546.214548][T14202] tpg RGB range: 0/2 [ 546.242540][T14202] vivid-007: ================== END STATUS ================== [ 549.127311][T14258] netlink: zone id is out of range [ 549.182564][T14258] netlink: zone id is out of range [ 549.281217][T14258] netlink: zone id is out of range [ 549.371889][T14258] netlink: zone id is out of range [ 549.456937][T14258] netlink: zone id is out of range [ 549.517067][T14258] netlink: zone id is out of range [ 549.636624][T14258] netlink: zone id is out of range [ 549.686705][T14258] netlink: zone id is out of range [ 549.756717][T14258] netlink: zone id is out of range [ 549.761881][T14258] netlink: zone id is out of range [ 553.079688][T14324] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1677'. [ 553.566136][T14324] team_slave_0 (unregistering): left promiscuous mode [ 553.684370][T14324] team_slave_0 (unregistering): left allmulticast mode [ 553.854635][T14324] team0: Port device team_slave_0 removed [ 555.501241][T14348] vivid-007: ================= START STATUS ================= [ 555.615056][T14348] vivid-007: Generate PTS: true [ 555.701031][T14348] vivid-007: Generate SCR: true [ 555.759228][T14348] tpg source WxH: 320x240 (Y'CbCr) [ 555.854509][T14348] tpg field: 1 [ 555.916774][T14348] tpg crop: (0,0)/320x240 [ 555.977224][T14348] tpg compose: (0,0)/320x240 [ 556.073218][T14348] tpg colorspace: 8 [ 556.133343][T14348] tpg transfer function: 0/0 [ 556.189652][T14348] tpg Y'CbCr encoding: 0/0 [ 556.285382][T14348] tpg quantization: 0/0 [ 556.360202][T14348] tpg RGB range: 0/2 [ 556.365127][T14348] vivid-007: ================== END STATUS ================== [ 558.662739][T14388] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1693'. [ 558.839160][T14388] hsr_slave_0 (unregistering): left promiscuous mode [ 558.968773][T14394] program syz.5.1696 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 559.059351][ T29] audit: type=1807 audit(6066781706.867:21): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 559.119938][ T29] audit: type=1802 audit(6066781706.867:22): pid=14395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.5.1696" res=0 errno=0 [ 559.159432][T14392] ima: policy update failed [ 559.193797][T14402] FAULT_INJECTION: forcing a failure. [ 559.193797][T14402] name failslab, interval 1, probability 0, space 0, times 0 [ 559.277862][ T29] audit: type=1802 audit(6066781706.997:23): pid=14392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.1696" res=0 errno=0 [ 559.354524][T14402] CPU: 0 UID: 0 PID: 14402 Comm: syz.1.1698 Tainted: G U L syzkaller #0 PREEMPT(full) [ 559.354552][T14402] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 559.354557][T14402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 559.354566][T14402] Call Trace: [ 559.354572][T14402] [ 559.354578][T14402] dump_stack_lvl+0x100/0x190 [ 559.354605][T14402] should_fail_ex.cold+0x5/0xa [ 559.354623][T14402] should_failslab+0xc2/0x120 [ 559.354637][T14402] __kmalloc_cache_noprof+0x7a/0x6f0 [ 559.354656][T14402] ? snd_seq_port_connect+0x61/0x560 [ 559.354675][T14402] ? snd_seq_port_use_ptr+0x14d/0x1b0 [ 559.354693][T14402] ? snd_seq_port_use_ptr+0x14d/0x1b0 [ 559.354714][T14402] snd_seq_port_connect+0x61/0x560 [ 559.354733][T14402] ? _raw_read_unlock+0x28/0x50 [ 559.354747][T14402] ? check_subscription_permission.isra.0+0x146/0x240 [ 559.354770][T14402] snd_seq_ioctl_subscribe_port+0x219/0x490 [ 559.354793][T14402] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 559.354815][T14402] ? do_raw_spin_lock+0x128/0x260 [ 559.354842][T14402] call_seq_client_ctl+0xa3/0x130 [ 559.354862][T14402] snd_seq_kernel_client_ctl+0x77/0xd0 [ 559.354881][T14402] snd_seq_oss_midi_open+0x48b/0x6b0 [ 559.354898][T14402] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 559.354912][T14402] ? snd_seq_oss_midi_reset+0x11a/0x4c0 [ 559.354932][T14402] ? __mutex_lock+0x26a/0x1b90 [ 559.354953][T14402] snd_seq_oss_synth_reset+0x439/0x8e0 [ 559.354977][T14402] ? __pfx___mutex_lock+0x10/0x10 [ 559.354994][T14402] ? __pfx_snd_seq_oss_synth_reset+0x10/0x10 [ 559.355019][T14402] ? __pfx___fsnotify_parent+0x10/0x10 [ 559.355047][T14402] snd_seq_oss_reset+0x73/0x290 [ 559.355067][T14402] ? __pfx_odev_release+0x10/0x10 [ 559.355086][T14402] snd_seq_oss_release+0x7c/0x180 [ 559.355106][T14402] ? __pfx_odev_release+0x10/0x10 [ 559.355123][T14402] odev_release+0x56/0xa0 [ 559.355140][T14402] __fput+0x3ff/0xb40 [ 559.355161][T14402] task_work_run+0x150/0x240 [ 559.355183][T14402] ? __pfx_task_work_run+0x10/0x10 [ 559.355209][T14402] exit_to_user_mode_loop+0x100/0x4a0 [ 559.355237][T14402] do_syscall_64+0x668/0xf80 [ 559.355253][T14402] ? clear_bhb_loop+0x40/0x90 [ 559.355271][T14402] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.355287][T14402] RIP: 0033:0x7f349ad9c629 [ 559.355300][T14402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 559.355314][T14402] RSP: 002b:00007f349bc33028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 559.355329][T14402] RAX: 0000000000000000 RBX: 00007f349b015fa0 RCX: 00007f349ad9c629 [ 559.355339][T14402] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 559.355347][T14402] RBP: 00007f349ae32b39 R08: 0000000000000000 R09: 0000000000000000 [ 559.355356][T14402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 559.355364][T14402] R13: 00007f349b016038 R14: 00007f349b015fa0 R15: 00007fffbed1aaf8 [ 559.355384][T14402] [ 561.909560][T14452] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1707'. [ 563.137482][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.144600][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 568.447901][T14564] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 569.030203][T14583] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1735'. [ 572.639786][T14623] netlink: 186 bytes leftover after parsing attributes in process `syz.5.1743'. [ 572.866287][T14622] netlink: 186 bytes leftover after parsing attributes in process `syz.5.1743'. [ 574.716839][T14667] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1754'. [ 576.937715][T14704] vivid-007: ================= START STATUS ================= [ 577.006370][T14704] vivid-007: Generate PTS: true [ 577.035303][T14704] vivid-007: Generate SCR: true [ 577.073642][T14704] tpg source WxH: 320x240 (Y'CbCr) [ 577.112577][T14704] tpg field: 1 [ 577.115988][T14704] tpg crop: (0,0)/320x240 [ 577.180604][T14704] tpg compose: (0,0)/320x240 [ 577.213380][T14704] tpg colorspace: 8 [ 577.249674][T14704] tpg transfer function: 0/0 [ 577.281384][T14704] tpg Y'CbCr encoding: 0/0 [ 577.332307][T14704] tpg quantization: 0/0 [ 577.364234][T14704] tpg RGB range: 0/2 [ 577.406752][T14704] vivid-007: ================== END STATUS ================== [ 579.337942][T14739] futex_wake_op: syz.0.1770 tries to shift op by -2048; fix this program [ 579.401804][T14739] futex_wake_op: syz.0.1770 tries to shift op by -2048; fix this program [ 579.453273][T14737] 0x000000000001-0x000000020000 : "" [ 579.647461][T14737] ftl_cs: FTL header corrupt! [ 580.477340][T14746] zswap: compressor not available [ 580.670708][T14756] hub 1-0:1.0: USB hub found [ 580.752298][T14756] hub 1-0:1.0: 1 port detected [ 580.985565][T14750] zswap: compressor /sys/k not available [ 581.742327][T14754] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 581.775050][T14754] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 581.830692][T14754] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 581.873215][T14754] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 582.584651][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout [ 583.787466][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 583.863756][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout [ 583.943839][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 585.670824][T14817] Invalid ELF header magic: != ELF [ 587.019550][T14849] futex_wake_op: syz.4.1789 tries to shift op by -2048; fix this program [ 587.095741][T14849] futex_wake_op: syz.4.1789 tries to shift op by -2048; fix this program [ 587.158622][T14847] 0x000000000001-0x000000020000 : "" [ 587.223659][T14847] ftl_cs: FTL header corrupt! [ 589.126071][T14881] vivid-007: ================= START STATUS ================= [ 589.227348][T14881] vivid-007: Generate PTS: true [ 589.232371][T14881] vivid-007: Generate SCR: true [ 589.258814][T14875] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1795'. [ 589.379481][T14881] tpg source WxH: 320x240 (Y'CbCr) [ 589.458736][T14881] tpg field: 1 [ 589.503398][T14881] tpg crop: (0,0)/320x240 [ 589.573650][T14881] tpg compose: (0,0)/320x240 [ 589.652433][T14881] tpg colorspace: 8 [ 589.722657][T14881] tpg transfer function: 0/0 [ 589.779039][T14881] tpg Y'CbCr encoding: 0/0 [ 589.854542][T14881] tpg quantization: 0/0 [ 589.938819][T14881] tpg RGB range: 0/2 [ 589.942783][T14881] vivid-007: ================== END STATUS ================== [ 590.287729][T14876] zswap: compressor not available [ 590.428624][T14886] zswap: compressor not available [ 590.952111][T14905] zswap: compressor not available [ 591.386407][T14909] hub 1-0:1.0: USB hub found [ 591.468856][T14907] zswap: compressor /sys/k not available [ 591.500660][T14918] vhci_hcd vhci_hcd.2: invalid port number 16 [ 591.547986][T14918] vhci_hcd vhci_hcd.2: USB_PORT_FEAT_LINK_STATE req not supported for USB 2.0 roothub [ 591.590993][T14909] hub 1-0:1.0: 1 port detected [ 593.250833][T14905] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 593.277340][T14905] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 593.316963][T14905] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 593.362842][T14905] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 595.094851][T14951] vivid-007: ================= START STATUS ================= [ 595.135361][T14942] Setting dangerous option i915.mitigations - tainting kernel [ 595.144868][T14951] vivid-007: Generate PTS: true [ 595.174538][T14951] vivid-007: Generate SCR: true [ 595.247443][T14951] tpg source WxH: 320x240 (Y'CbCr) [ 595.269630][T14951] tpg field: 1 [ 595.273038][T14951] tpg crop: (0,0)/320x240 [ 595.309701][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout [ 595.315976][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 595.391092][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout [ 595.397255][ T5831] Bluetooth: hci4: command 0x0c1a tx timeout [ 595.437266][T14951] tpg compose: (0,0)/320x240 [ 595.538032][T14951] tpg colorspace: 8 [ 595.601036][T14951] tpg transfer function: 0/0 [ 595.605815][T14951] tpg Y'CbCr encoding: 0/0 [ 595.665182][T14951] tpg quantization: 0/0 [ 595.703323][T14951] tpg RGB range: 0/2 [ 595.707544][T14951] vivid-007: ================== END STATUS ================== [ 596.665614][T14973] hub 1-0:1.0: USB hub found [ 596.731021][T14973] hub 1-0:1.0: 1 port detected [ 596.785042][T14966] zswap: compressor not available [ 597.403380][T14968] zswap: compressor /sys/k not available [ 597.727526][T14971] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 597.764459][T14971] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 597.822037][T14971] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 597.828205][T14971] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 598.671138][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 599.792250][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 599.872066][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 599.872106][ T5824] Bluetooth: hci4: command 0x0c1a tx timeout [ 600.935757][T15059] vivid-007: ================= START STATUS ================= [ 600.978816][T15060] hub 1-0:1.0: USB hub found [ 601.013253][T15059] vivid-007: Generate PTS: true [ 601.055699][T15060] hub 1-0:1.0: 1 port detected [ 601.064382][T15059] vivid-007: Generate SCR: true [ 601.105320][T15046] zswap: compressor not available [ 601.110568][T15059] tpg source WxH: 320x240 (Y'CbCr) [ 601.154100][T15059] tpg field: 1 [ 601.217828][T15059] tpg crop: (0,0)/320x240 [ 601.322671][T15059] tpg compose: (0,0)/320x240 [ 601.398322][T15059] tpg colorspace: 8 [ 601.510155][T15049] zswap: compressor /sys/k not available [ 601.525704][T15059] tpg transfer function: 0/0 [ 601.560283][T15059] tpg Y'CbCr encoding: 0/0 [ 601.731035][T15059] tpg quantization: 0/0 [ 601.782851][T15059] tpg RGB range: 0/2 [ 601.852885][T15059] vivid-007: ================== END STATUS ================== [ 602.049153][T15057] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 602.083481][T15057] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 602.135002][T15057] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 602.142015][T15057] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 603.153504][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 603.668470][T15113] zswap: compressor not available [ 603.687980][T15114] zswap: compressor not available [ 604.115541][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 604.193881][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 604.200370][ T5824] Bluetooth: hci4: command 0x0c1a tx timeout [ 604.452168][T15130] vivid-007: ================= START STATUS ================= [ 604.534260][T15130] vivid-007: Generate PTS: true [ 604.539396][T15130] vivid-007: Generate SCR: true [ 604.735236][T15130] tpg source WxH: 320x240 (Y'CbCr) [ 604.740467][T15130] tpg field: 1 [ 604.743966][T15130] tpg crop: (0,0)/320x240 [ 605.108422][T15130] tpg compose: (0,0)/320x240 [ 605.204387][T15130] tpg colorspace: 8 [ 605.208457][T15130] tpg transfer function: 0/0 [ 605.435116][T15130] tpg Y'CbCr encoding: 0/0 [ 605.465533][T15144] netlink: 'syz.4.1847': attribute type 4 has an invalid length. [ 605.534677][T15130] tpg quantization: 0/0 [ 605.538870][T15130] tpg RGB range: 0/2 [ 605.542780][T15130] vivid-007: ================== END STATUS ================== [ 605.923215][T15145] kexec: Could not allocate control_code_buffer [ 607.309655][ T29] audit: type=1800 audit(6066781755.103:24): pid=15169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1852" name="version" dev="configfs" ino=204106 res=0 errno=0 [ 609.512831][T15197] FAULT_INJECTION: forcing a failure. [ 609.512831][T15197] name failslab, interval 1, probability 0, space 0, times 0 [ 609.988203][T15197] CPU: 0 UID: 0 PID: 15197 Comm: syz.5.1856 Tainted: G U L syzkaller #0 PREEMPT(full) [ 609.988247][T15197] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 609.988257][T15197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 609.988294][T15197] Call Trace: [ 609.988300][T15197] [ 609.988307][T15197] dump_stack_lvl+0x100/0x190 [ 609.988337][T15197] should_fail_ex.cold+0x5/0xa [ 609.988355][T15197] should_failslab+0xc2/0x120 [ 609.988370][T15197] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 609.988391][T15197] ? security_inode_alloc+0x3b/0x2c0 [ 609.988487][T15197] ? lockdep_init_map_type+0x5c/0x250 [ 609.988511][T15197] security_inode_alloc+0x3b/0x2c0 [ 609.988533][T15197] inode_init_always_gfp+0xced/0x1040 [ 609.988559][T15197] alloc_inode+0x8e/0x250 [ 609.988577][T15197] sock_alloc+0x44/0x280 [ 609.988594][T15197] ? security_socket_create+0x7f/0x250 [ 609.988636][T15197] __sock_create+0xc2/0x860 [ 609.988661][T15197] __sys_socket+0x14d/0x260 [ 609.988682][T15197] ? exc_page_fault+0x6f/0xd0 [ 609.988697][T15197] ? __pfx___sys_socket+0x10/0x10 [ 609.988720][T15197] ? do_user_addr_fault+0x8d6/0x12f0 [ 609.988747][T15197] __x64_sys_socket+0x72/0xb0 [ 609.988768][T15197] ? lockdep_hardirqs_on+0x78/0x100 [ 609.988784][T15197] do_syscall_64+0x106/0xf80 [ 609.988799][T15197] ? clear_bhb_loop+0x40/0x90 [ 609.988817][T15197] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 609.988833][T15197] RIP: 0033:0x7f427719dec7 [ 609.988847][T15197] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 609.988862][T15197] RSP: 002b:00007f4278005f98 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 609.988877][T15197] RAX: ffffffffffffffda RBX: 00007f4277416360 RCX: 00007f427719dec7 [ 609.988887][T15197] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 609.988896][T15197] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 609.988905][T15197] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000000000000 [ 609.988914][T15197] R13: 00007f42774163f8 R14: 00007f4277416360 R15: 00007ffc43a09d98 [ 609.988934][T15197] [ 609.988960][T15197] net_ratelimit: 4 callbacks suppressed [ 609.988969][T15197] socket: no more sockets [ 611.317820][T15209] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input82 [ 612.763422][T15233] Invalid ELF header magic: != ELF [ 614.054761][T15248] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1866'. [ 614.151598][T15249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1866'. [ 614.241069][T15250] cougar: G6 mapped to space [ 616.129292][T15287] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1872'. [ 616.377801][T15281] zswap: compressor not available [ 618.538580][T15304] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1876'. [ 619.299607][T15306] zswap: compressor not available [ 621.620067][T15345] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1885'. [ 621.693259][T15345] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1885'. [ 621.798477][T15346] cougar: G6 mapped to space [ 624.538076][T15372] zswap: compressor not available [ 624.615725][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 624.624071][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 626.479167][T15394] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1897'. [ 626.548133][T15395] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1897'. [ 626.635361][T15394] cougar: G6 mapped to space [ 627.126840][T15405] bond0: invalid ARP target specified [ 627.606354][T15420] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1901'. [ 627.773296][T15411] zswap: compressor not available [ 632.478035][T15463] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1909'. [ 632.539619][T15463] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1909'. [ 632.637451][T15470] cougar: G6 mapped to space [ 635.480038][T15511] random: crng reseeded on system resumption [ 636.546739][T15530] Console: switching to colour VGA+ 80x25 [ 637.989908][T15541] bond0: invalid ARP target specified [ 638.052762][T15540] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1931'. [ 638.412544][T15550] vivid-007: ================= START STATUS ================= [ 638.473863][T15550] vivid-007: Generate PTS: true [ 638.521091][T15550] vivid-007: Generate SCR: true [ 638.549632][T15550] tpg source WxH: 320x240 (Y'CbCr) [ 638.582888][T15550] tpg field: 1 [ 638.606715][T15550] tpg crop: (0,0)/320x240 [ 638.636840][T15550] tpg compose: (0,0)/320x240 [ 638.680469][T15550] tpg colorspace: 8 [ 638.711484][T15550] tpg transfer function: 0/0 [ 638.751192][T15550] tpg Y'CbCr encoding: 0/0 [ 638.761603][T15550] tpg quantization: 0/0 [ 638.801280][T15550] tpg RGB range: 0/2 [ 638.831935][T15550] vivid-007: ================== END STATUS ================== [ 639.814074][T15574] openvswitch: HfR: Dropping previously announced user features [ 639.870122][T15574] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1940'. [ 639.991536][T15574] HfR: left promiscuous mode [ 640.744572][T15587] FAULT_INJECTION: forcing a failure. [ 640.744572][T15587] name failslab, interval 1, probability 0, space 0, times 0 [ 640.855067][T15587] CPU: 0 UID: 0 PID: 15587 Comm: syz.5.1943 Tainted: G U L syzkaller #0 PREEMPT(full) [ 640.855097][T15587] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 640.855103][T15587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 640.855112][T15587] Call Trace: [ 640.855118][T15587] [ 640.855125][T15587] dump_stack_lvl+0x100/0x190 [ 640.855155][T15587] should_fail_ex.cold+0x5/0xa [ 640.855174][T15587] should_failslab+0xc2/0x120 [ 640.855189][T15587] __kmalloc_cache_noprof+0x7a/0x6f0 [ 640.855207][T15587] ? do_eventfd+0x67/0x2b0 [ 640.855231][T15587] do_eventfd+0x67/0x2b0 [ 640.855250][T15587] __x64_sys_eventfd+0x32/0x50 [ 640.855270][T15587] do_syscall_64+0x106/0xf80 [ 640.855287][T15587] ? clear_bhb_loop+0x40/0x90 [ 640.855305][T15587] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 640.855321][T15587] RIP: 0033:0x7f427719c629 [ 640.855336][T15587] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 640.855350][T15587] RSP: 002b:00007f427808b028 EFLAGS: 00000246 ORIG_RAX: 000000000000011c [ 640.855365][T15587] RAX: ffffffffffffffda RBX: 00007f4277415fa0 RCX: 00007f427719c629 [ 640.855375][T15587] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 640.855383][T15587] RBP: 00007f4277232b39 R08: 0000000000000000 R09: 0000000000000000 [ 640.855392][T15587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 640.855401][T15587] R13: 00007f4277416038 R14: 00007f4277415fa0 R15: 00007ffc43a09d98 [ 640.855420][T15587] [ 643.231479][T15625] zswap: compressor not available [ 644.250914][T15654] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1956'. [ 644.388868][T15658] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1956'. [ 644.440537][T15660] cougar: G6 mapped to space [ 646.961608][T15703] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1967'. [ 647.020533][T15700] i2c i2c-0: delete_device: Can't find device in list [ 647.033660][T15703] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1967'. [ 647.102381][T15706] cougar: G6 mapped to space [ 648.618559][T15751] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1976'. [ 648.699344][T15756] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1976'. [ 648.816490][T15751] cougar: G6 mapped to space [ 650.390544][T15786] Invalid ELF header magic: != ELF [ 651.578940][T15802] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1985'. [ 651.751985][T15806] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1987'. [ 651.928129][T15811] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1987'. [ 651.958929][T15806] cougar: G6 mapped to space [ 652.175667][T15815] Invalid ELF header magic: != ELF [ 652.463895][T15809] FAULT_INJECTION: forcing a failure. [ 652.463895][T15809] name failslab, interval 1, probability 0, space 0, times 0 [ 652.848167][T15809] CPU: 0 UID: 0 PID: 15809 Comm: syz.5.1988 Tainted: G U L syzkaller #0 PREEMPT(full) [ 652.848196][T15809] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 652.848201][T15809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 652.848210][T15809] Call Trace: [ 652.848216][T15809] [ 652.848223][T15809] dump_stack_lvl+0x100/0x190 [ 652.848249][T15809] should_fail_ex.cold+0x5/0xa [ 652.848267][T15809] should_failslab+0xc2/0x120 [ 652.848282][T15809] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 652.848303][T15809] ? __kernfs_new_node+0xd2/0x960 [ 652.848326][T15809] __kernfs_new_node+0xd2/0x960 [ 652.848351][T15809] ? __pfx___kernfs_new_node+0x10/0x10 [ 652.848375][T15809] ? find_held_lock+0x2b/0x80 [ 652.848388][T15809] ? kernfs_root+0xee/0x2a0 [ 652.848406][T15809] ? kernfs_root+0xee/0x2a0 [ 652.848429][T15809] kernfs_new_node+0x11b/0x1a0 [ 652.848453][T15809] __kernfs_create_file+0x53/0x350 [ 652.848471][T15809] sysfs_add_file_mode_ns+0x207/0x3c0 [ 652.848494][T15809] internal_create_group+0x593/0xf40 [ 652.848519][T15809] ? __pfx_internal_create_group+0x10/0x10 [ 652.848542][T15809] ? kernfs_create_link+0x1bd/0x240 [ 652.848560][T15809] internal_create_groups+0x9d/0x150 [ 652.848582][T15809] device_add+0x71a/0x1950 [ 652.848697][T15809] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 652.848721][T15809] ? __pfx_device_add+0x10/0x10 [ 652.848744][T15809] ? lockdep_init_map_type+0x5c/0x250 [ 652.848763][T15809] ? __init_waitqueue_head+0xca/0x150 [ 652.848795][T15809] netdev_register_kobject+0x1a9/0x3d0 [ 652.848818][T15809] register_netdevice+0x12e0/0x2210 [ 652.848840][T15809] ? __pfx_register_netdevice+0x10/0x10 [ 652.848862][T15809] ? __pfx_loopback_net_init+0x10/0x10 [ 652.848906][T15809] register_netdev+0x34/0x50 [ 652.848923][T15809] loopback_net_init+0x7a/0x170 [ 652.848943][T15809] ? __pfx_loopback_net_init+0x10/0x10 [ 652.848962][T15809] ops_init+0x1e2/0x5f0 [ 652.848981][T15809] setup_net+0x118/0x3a0 [ 652.848998][T15809] ? __pfx_setup_net+0x10/0x10 [ 652.849014][T15809] ? lockdep_init_map_type+0x5c/0x250 [ 652.849033][T15809] ? mutex_init_lockep+0x110/0x150 [ 652.849055][T15809] copy_net_ns+0x46f/0x7c0 [ 652.849076][T15809] create_new_namespaces+0x3ea/0xac0 [ 652.849096][T15809] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 652.849113][T15809] ksys_unshare+0x455/0xab0 [ 652.849133][T15809] ? __pfx_ksys_unshare+0x10/0x10 [ 652.849158][T15809] __x64_sys_unshare+0x31/0x40 [ 652.849175][T15809] do_syscall_64+0x106/0xf80 [ 652.849191][T15809] ? clear_bhb_loop+0x40/0x90 [ 652.849210][T15809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.849225][T15809] RIP: 0033:0x7f427719c629 [ 652.849239][T15809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 652.849253][T15809] RSP: 002b:00007f427806a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 652.849268][T15809] RAX: ffffffffffffffda RBX: 00007f4277416090 RCX: 00007f427719c629 [ 652.849278][T15809] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 652.849286][T15809] RBP: 00007f4277232b39 R08: 0000000000000000 R09: 0000000000000000 [ 652.849295][T15809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 652.849303][T15809] R13: 00007f4277416128 R14: 00007f4277416090 R15: 00007ffc43a09d98 [ 652.849322][T15809] [ 654.531007][T15842] sd 0:0:1:0: PR command failed: 1026 [ 654.536471][T15842] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 654.587561][T15842] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 654.705110][T15839] Invalid ELF header magic: != ELF [ 654.712639][T15842] FAULT_INJECTION: forcing a failure. [ 654.712639][T15842] name failslab, interval 1, probability 0, space 0, times 0 [ 654.785701][T15842] CPU: 0 UID: 0 PID: 15842 Comm: syz.0.1994 Tainted: G U L syzkaller #0 PREEMPT(full) [ 654.785728][T15842] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 654.785734][T15842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 654.785744][T15842] Call Trace: [ 654.785749][T15842] [ 654.785756][T15842] dump_stack_lvl+0x100/0x190 [ 654.785784][T15842] should_fail_ex.cold+0x5/0xa [ 654.785804][T15842] should_failslab+0xc2/0x120 [ 654.785819][T15842] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 654.785839][T15842] ? mas_alloc_nodes+0x280/0x390 [ 654.785874][T15842] mas_alloc_nodes+0x280/0x390 [ 654.785899][T15842] mas_preallocate+0x39c/0xf10 [ 654.785921][T15842] ? __pfx_mas_preallocate+0x10/0x10 [ 654.785945][T15842] ? __asan_memset+0x23/0x50 [ 654.785965][T15842] ? init_multi_vma_prep+0x33c/0x650 [ 654.785985][T15842] commit_merge+0x3e3/0xbd0 [ 654.786006][T15842] ? __pfx_commit_merge+0x10/0x10 [ 654.786024][T15842] ? __pfx_free_pgtables+0x10/0x10 [ 654.786056][T15842] vma_expand+0x7df/0xcf0 [ 654.786077][T15842] ? __pfx_vma_expand+0x10/0x10 [ 654.786096][T15842] ? can_vma_merge_right+0xa5/0x530 [ 654.786117][T15842] vma_merge_new_range+0x2ce/0xa30 [ 654.786141][T15842] __mmap_region+0x900/0x29e0 [ 654.786163][T15842] ? __pfx___mmap_region+0x10/0x10 [ 654.786214][T15842] ? lockdep_hardirqs_on+0x78/0x100 [ 654.786230][T15842] ? finish_task_switch.isra.0+0x205/0xb80 [ 654.786247][T15842] ? rcu_is_watching+0x12/0xc0 [ 654.786291][T15842] ? rcu_is_watching+0x12/0xc0 [ 654.786312][T15842] ? cap_capable+0x107/0x460 [ 654.786405][T15842] mmap_region+0x180/0x3e0 [ 654.786429][T15842] do_mmap+0xc63/0x12f0 [ 654.786448][T15842] ? __pfx_do_mmap+0x10/0x10 [ 654.786463][T15842] ? __pfx_down_write_killable+0x10/0x10 [ 654.786486][T15842] vm_mmap_pgoff+0x29e/0x470 [ 654.786506][T15842] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 654.786522][T15842] ? do_futex+0x192/0x350 [ 654.786541][T15842] ? __pfx_do_futex+0x10/0x10 [ 654.786558][T15842] ? do_mlock+0x33a/0x7f0 [ 654.786579][T15842] ksys_mmap_pgoff+0xe1/0x650 [ 654.786593][T15842] ? __x64_sys_futex+0x34f/0x4d0 [ 654.786610][T15842] ? __x64_sys_futex+0x358/0x4d0 [ 654.786629][T15842] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 654.786643][T15842] ? xfd_validate_state+0x129/0x190 [ 654.786667][T15842] __x64_sys_mmap+0x125/0x190 [ 654.786690][T15842] do_syscall_64+0x106/0xf80 [ 654.786706][T15842] ? clear_bhb_loop+0x40/0x90 [ 654.786724][T15842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 654.786739][T15842] RIP: 0033:0x7f2fedd9c629 [ 654.786753][T15842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 654.786767][T15842] RSP: 002b:00007f2feec41028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 654.786782][T15842] RAX: ffffffffffffffda RBX: 00007f2fee015fa0 RCX: 00007f2fedd9c629 [ 654.786793][T15842] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 654.786802][T15842] RBP: 00007f2fede32b39 R08: 0000000000000007 R09: 0000000000028000 [ 654.786811][T15842] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 654.786821][T15842] R13: 00007f2fee016038 R14: 00007f2fee015fa0 R15: 00007fff842a3878 [ 654.786841][T15842] [ 656.163769][T15849] zswap: compressor not available [ 659.004824][T15879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2001'. [ 659.065948][T15879] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2001'. [ 659.130938][T15882] cougar: G6 mapped to space [ 659.337436][T15881] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 660.193121][T15898] netlink: 'syz.0.2004': attribute type 33 has an invalid length. [ 660.280446][T15898] netlink: 322 bytes leftover after parsing attributes in process `syz.0.2004'. [ 661.272879][T15915] netlink: 21 bytes leftover after parsing attributes in process `syz.4.2009'. [ 662.286616][T15934] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2013'. [ 662.327284][T15934] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2013'. [ 662.403768][T15934] cougar: G6 mapped to space [ 662.889039][T15946] netlink: 'syz.4.2015': attribute type 21 has an invalid length. [ 663.124239][ T5824] Bluetooth: hci0: unexpected event 0x32 length: 727 > 9 [ 663.193433][T15946] netlink: 326 bytes leftover after parsing attributes in process `syz.4.2015'. [ 663.210767][T15953] netlink: zone id is out of range [ 663.269425][T15953] netlink: zone id is out of range [ 663.295429][T15954] netlink: set zone limit has 8 unknown bytes [ 663.347567][T15953] netlink: zone id is out of range [ 663.390147][T15953] netlink: zone id is out of range [ 663.428004][T15953] netlink: zone id is out of range [ 663.553650][T15953] netlink: zone id is out of range [ 663.607020][T15953] netlink: zone id is out of range [ 663.648734][T15953] netlink: zone id is out of range [ 669.117491][T15996] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input84 [ 669.325879][T16005] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2025'. [ 669.389845][T16005] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2025'. [ 669.472751][T16009] cougar: G6 mapped to space [ 672.342437][T16057] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2035'. [ 672.402817][T16057] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2035'. [ 672.482216][T16058] cougar: G6 mapped to space [ 672.797152][T16064] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2037'. [ 673.715271][T16059] net_ratelimit: 6 callbacks suppressed [ 673.715289][T16059] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 676.652476][T16106] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 676.765808][T16106] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 676.815308][T16106] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 676.900409][T16106] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 678.235594][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 678.715933][ T5824] Bluetooth: hci2: command 0x0c1a tx timeout [ 678.871563][ T5824] Bluetooth: hci4: command 0x0c1a tx timeout [ 678.951320][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 680.157402][T16169] Invalid ELF header magic: != ELF [ 681.329947][T16207] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2069'. [ 681.416456][T16207] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2069'. [ 681.494089][T16210] cougar: G6 mapped to space [ 683.495500][T16245] FAULT_INJECTION: forcing a failure. [ 683.495500][T16245] name failslab, interval 1, probability 0, space 0, times 0 [ 683.793710][T16245] CPU: 0 UID: 0 PID: 16245 Comm: syz.5.2076 Tainted: G U L syzkaller #0 PREEMPT(full) [ 683.793740][T16245] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 683.793746][T16245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 683.793756][T16245] Call Trace: [ 683.793761][T16245] [ 683.793768][T16245] dump_stack_lvl+0x100/0x190 [ 683.793796][T16245] should_fail_ex.cold+0x5/0xa [ 683.793815][T16245] should_failslab+0xc2/0x120 [ 683.793830][T16245] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 683.793850][T16245] ? __anon_vma_prepare+0xae/0x5e0 [ 683.793874][T16245] __anon_vma_prepare+0xae/0x5e0 [ 683.793897][T16245] __vmf_anon_prepare+0x11f/0x250 [ 683.793915][T16245] do_anonymous_page+0x552/0x1fb0 [ 683.793943][T16245] ? __handle_mm_fault+0x17a4/0x2b60 [ 683.793966][T16245] __handle_mm_fault+0x1d42/0x2b60 [ 683.793991][T16245] ? __pfx___handle_mm_fault+0x10/0x10 [ 683.794012][T16245] ? pte_offset_map_lock+0x174/0x320 [ 683.794035][T16245] ? find_held_lock+0x2b/0x80 [ 683.794055][T16245] ? follow_page_pte+0x5b3/0x1400 [ 683.794075][T16245] handle_mm_fault+0x36d/0xa20 [ 683.794096][T16245] __get_user_pages+0xf9c/0x34d0 [ 683.794119][T16245] ? __pfx___get_user_pages+0x10/0x10 [ 683.794140][T16245] populate_vma_page_range+0x267/0x3f0 [ 683.794159][T16245] ? __pfx_populate_vma_page_range+0x10/0x10 [ 683.794175][T16245] ? __pfx_find_vma_intersection+0x10/0x10 [ 683.794200][T16245] ? do_mmap+0x93f/0x12f0 [ 683.794216][T16245] __mm_populate+0x107/0x3a0 [ 683.794233][T16245] ? __pfx___mm_populate+0x10/0x10 [ 683.794251][T16245] ? up_write+0x290/0x4f0 [ 683.794272][T16245] vm_mmap_pgoff+0x37f/0x470 [ 683.794290][T16245] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 683.794306][T16245] ? do_futex+0x192/0x350 [ 683.794325][T16245] ? __pfx_do_futex+0x10/0x10 [ 683.794346][T16245] ksys_mmap_pgoff+0xe1/0x650 [ 683.794361][T16245] ? __x64_sys_futex+0x34f/0x4d0 [ 683.794378][T16245] ? __x64_sys_futex+0x358/0x4d0 [ 683.794397][T16245] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 683.794411][T16245] ? xfd_validate_state+0x129/0x190 [ 683.794435][T16245] __x64_sys_mmap+0x125/0x190 [ 683.794458][T16245] do_syscall_64+0x106/0xf80 [ 683.794474][T16245] ? clear_bhb_loop+0x40/0x90 [ 683.794493][T16245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.794508][T16245] RIP: 0033:0x7f427719c629 [ 683.794522][T16245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 683.794537][T16245] RSP: 002b:00007f427806a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 683.794552][T16245] RAX: ffffffffffffffda RBX: 00007f4277416090 RCX: 00007f427719c629 [ 683.794562][T16245] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 683.794571][T16245] RBP: 00007f4277232b39 R08: 0000000000000007 R09: 0000000000028000 [ 683.794580][T16245] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 683.794589][T16245] R13: 00007f4277416128 R14: 00007f4277416090 R15: 00007ffc43a09d98 [ 683.794610][T16245] [ 684.675200][T16265] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2080'. [ 684.721644][T16265] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2080'. [ 684.760318][T16265] cougar: G6 mapped to space [ 685.335859][T16275] netlink: 'syz.0.2082': attribute type 1 has an invalid length. [ 686.078616][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 686.087273][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 687.413336][T16301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2090'. [ 687.463238][T16301] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2090'. [ 687.522835][T16302] cougar: G6 mapped to space [ 690.567386][T16330] synth uevent: /module/orangefs: unknown uevent action string [ 692.667139][T16346] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2100'. [ 692.741319][T16346] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2100'. [ 692.821423][T16350] cougar: G6 mapped to space [ 693.180806][T16358] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2102'. [ 696.781636][T16397] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2119'. [ 696.835140][T16397] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2119'. [ 696.967721][T16400] cougar: G6 mapped to space [ 699.499011][T16425] Invalid ELF header magic: != ELF [ 701.703715][T16462] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2123'. [ 701.819854][T16467] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2123'. [ 701.887118][T16468] cougar: G6 mapped to space [ 703.686139][T16486] netlink: 62 bytes leftover after parsing attributes in process `syz.4.2128'. [ 703.792457][T16490] FAULT_INJECTION: forcing a failure. [ 703.792457][T16490] name failslab, interval 1, probability 0, space 0, times 0 [ 703.839931][T16492] netlink: 62 bytes leftover after parsing attributes in process `syz.4.2128'. [ 703.962728][T16492] netlink: 62 bytes leftover after parsing attributes in process `syz.4.2128'. [ 703.984524][T16490] CPU: 0 UID: 0 PID: 16490 Comm: syz.5.2129 Tainted: G U L syzkaller #0 PREEMPT(full) [ 703.984553][T16490] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 703.984559][T16490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 703.984568][T16490] Call Trace: [ 703.984573][T16490] [ 703.984580][T16490] dump_stack_lvl+0x100/0x190 [ 703.984610][T16490] should_fail_ex.cold+0x5/0xa [ 703.984629][T16490] ? process_preds+0x4c2/0x1d90 [ 703.984650][T16490] should_failslab+0xc2/0x120 [ 703.984665][T16490] __kmalloc_noprof+0xe0/0x850 [ 703.984690][T16490] process_preds+0x4c2/0x1d90 [ 703.984715][T16490] ? create_filter_start.constprop.0+0x134/0x310 [ 703.984739][T16490] create_filter+0x140/0x210 [ 703.984761][T16490] ? __pfx_create_filter+0x10/0x10 [ 703.984784][T16490] ? find_held_lock+0x2b/0x80 [ 703.984801][T16490] apply_event_filter+0x220/0x500 [ 703.984824][T16490] ? __pfx_apply_event_filter+0x10/0x10 [ 703.984851][T16490] event_filter_write+0x16d/0x290 [ 703.984869][T16490] vfs_write+0x2aa/0x1070 [ 703.984891][T16490] ? __pfx_event_filter_write+0x10/0x10 [ 703.984909][T16490] ? __pfx_vfs_write+0x10/0x10 [ 703.984930][T16490] ? __fget_files+0x215/0x3d0 [ 703.984956][T16490] ? __fget_files+0x21f/0x3d0 [ 703.984982][T16490] ksys_write+0x12a/0x250 [ 703.985003][T16490] ? __pfx_ksys_write+0x10/0x10 [ 703.985030][T16490] do_syscall_64+0x106/0xf80 [ 703.985047][T16490] ? clear_bhb_loop+0x40/0x90 [ 703.985075][T16490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.985091][T16490] RIP: 0033:0x7f427719c629 [ 703.985106][T16490] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 703.985120][T16490] RSP: 002b:00007f427808b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 703.985136][T16490] RAX: ffffffffffffffda RBX: 00007f4277415fa0 RCX: 00007f427719c629 [ 703.985146][T16490] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 703.985155][T16490] RBP: 00007f4277232b39 R08: 0000000000000000 R09: 0000000000000000 [ 703.985164][T16490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 703.985173][T16490] R13: 00007f4277416038 R14: 00007f4277415fa0 R15: 00007ffc43a09d98 [ 703.985194][T16490] [ 704.712284][T16492] netlink: 62 bytes leftover after parsing attributes in process `syz.4.2128'. [ 704.745315][T16492] netlink: 62 bytes leftover after parsing attributes in process `syz.4.2128'. [ 704.779390][T16492] netlink: 62 bytes leftover after parsing attributes in process `syz.4.2128'. [ 704.897492][T16492] netlink: 62 bytes leftover after parsing attributes in process `syz.4.2128'. [ 704.909134][T16492] netlink: 62 bytes leftover after parsing attributes in process `syz.4.2128'. [ 707.586236][T16547] __nla_validate_parse: 10 callbacks suppressed [ 707.586252][T16547] netlink: 206 bytes leftover after parsing attributes in process `syz.4.2142'. [ 709.765295][ T29] audit: type=1800 audit(4294967357.384:25): pid=16563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.2146" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 710.455392][T16580] usb usb2: usbfs: process 16580 (syz.5.2149) did not claim interface 4 before use [ 711.859556][T16603] bond0: option fail_over_mac: invalid value () [ 713.105908][T16627] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2158'. [ 713.164507][T16627] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2158'. [ 713.222387][T16630] cougar: G6 mapped to space [ 713.641207][T16637] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 713.800333][T16636] ima: policy update failed [ 713.868458][ T29] audit: type=1802 audit(4294967361.482:26): pid=16636 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.4.2162" res=0 errno=0 [ 714.554495][T16660] sg_write: data in/out 50331612/1048664 bytes for SCSI command 0x0-- guessing data in; [ 714.554495][T16660] program syz.4.2165 not setting count and/or reply_len properly [ 715.509033][T16672] device-mapper: ioctl: Invalid ioctl structure: name , dev 3ff [ 715.768101][T16674] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2170'. [ 715.864947][T16674] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2170'. [ 715.939714][T16678] cougar: G6 mapped to space [ 721.898866][T16738] sg_write: data in/out 50331612/1048664 bytes for SCSI command 0x0-- guessing data in; [ 721.898866][T16738] program syz.5.2179 not setting count and/or reply_len properly [ 723.476690][T16762] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2188'. [ 723.599566][T16763] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2188'. [ 723.674449][T16764] cougar: G6 mapped to space [ 727.580099][T16810] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2198'. [ 727.691458][T16816] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2198'. [ 727.844000][T16818] cougar: G6 mapped to space [ 728.449517][T16822] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2201'. [ 729.203003][T16827] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2202'. [ 731.388005][T16860] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2209'. [ 731.438083][T16858] FAULT_INJECTION: forcing a failure. [ 731.438083][T16858] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 731.571357][T16860] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2209'. [ 731.628773][T16864] cougar: G6 mapped to space [ 731.919527][T16858] CPU: 0 UID: 0 PID: 16858 Comm: syz.0.2208 Tainted: G U L syzkaller #0 PREEMPT(full) [ 731.919574][T16858] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 731.919581][T16858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 731.919591][T16858] Call Trace: [ 731.919596][T16858] [ 731.919603][T16858] dump_stack_lvl+0x100/0x190 [ 731.919633][T16858] should_fail_ex.cold+0x5/0xa [ 731.919649][T16858] ? prepare_alloc_pages+0x16d/0x5f0 [ 731.919667][T16858] should_fail_alloc_page+0xeb/0x140 [ 731.919683][T16858] prepare_alloc_pages+0x1f0/0x5f0 [ 731.919702][T16858] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 731.919736][T16858] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 731.919770][T16858] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 731.919795][T16858] ? policy_nodemask+0xed/0x4f0 [ 731.919811][T16858] alloc_pages_mpol+0x1fb/0x550 [ 731.919826][T16858] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 731.919846][T16858] alloc_pages_noprof+0x131/0x390 [ 731.919861][T16858] pte_alloc_one+0x1e/0x3e0 [ 731.919878][T16858] do_huge_pmd_anonymous_page+0x835/0x1a60 [ 731.919904][T16858] __handle_mm_fault+0x1e9e/0x2b60 [ 731.919925][T16858] ? mt_find+0x45e/0x8e0 [ 731.919943][T16858] ? __pfx___handle_mm_fault+0x10/0x10 [ 731.919960][T16858] ? __pfx_mt_find+0x10/0x10 [ 731.919992][T16858] handle_mm_fault+0x36d/0xa20 [ 731.920014][T16858] __get_user_pages+0xf9c/0x34d0 [ 731.920036][T16858] ? down_read_killable+0x30e/0x4c0 [ 731.920054][T16858] ? __lock_acquire+0x4a5/0x2630 [ 731.920072][T16858] ? __pfx___get_user_pages+0x10/0x10 [ 731.920086][T16858] ? __lock_acquire+0x4a5/0x2630 [ 731.920109][T16858] __gup_longterm_locked+0x87d/0x16f0 [ 731.920130][T16858] ? __pfx___gup_longterm_locked+0x10/0x10 [ 731.920148][T16858] ? try_get_folio+0x262/0x750 [ 731.920169][T16858] ? pmd_write+0xd3/0x150 [ 731.920191][T16858] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 731.920209][T16858] gup_fast_fallback+0x18c6/0x2460 [ 731.920239][T16858] ? __pfx_gup_fast_fallback+0x10/0x10 [ 731.920254][T16858] ? kasan_save_stack+0x30/0x50 [ 731.920274][T16858] ? kasan_save_track+0x14/0x30 [ 731.920294][T16858] ? __kasan_slab_alloc+0x89/0x90 [ 731.920315][T16858] ? mempool_alloc_noprof+0x1b7/0x310 [ 731.920329][T16858] ? bvec_alloc+0x197/0x210 [ 731.920429][T16858] ? bio_alloc_bioset+0x59e/0x850 [ 731.920449][T16858] ? blkdev_direct_IO+0xeae/0x1fb0 [ 731.920465][T16858] ? blkdev_write_iter+0x703/0xd70 [ 731.920481][T16858] ? vfs_write+0x6ac/0x1070 [ 731.920503][T16858] ? ksys_write+0x12a/0x250 [ 731.920522][T16858] ? do_syscall_64+0x106/0xf80 [ 731.920537][T16858] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.920556][T16858] pin_user_pages_fast+0xa7/0xf0 [ 731.920573][T16858] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 731.920590][T16858] ? iov_iter_advance+0xac/0x6d0 [ 731.920640][T16858] iov_iter_extract_pages+0xa0d/0x1ef0 [ 731.920671][T16858] ? __pfx_iov_iter_extract_pages+0x10/0x10 [ 731.920699][T16858] ? iov_iter_revert+0x252/0x5b0 [ 731.920720][T16858] ? bio_associate_blkg_from_css+0x394/0x13f0 [ 731.920763][T16858] iov_iter_extract_bvecs+0x10e/0xf40 [ 731.920795][T16858] ? __pfx_iov_iter_extract_bvecs+0x10/0x10 [ 731.920821][T16858] ? bio_init+0x404/0x610 [ 731.920842][T16858] bio_iov_iter_get_pages+0x26a/0x970 [ 731.920871][T16858] blkdev_direct_IO+0x1302/0x1fb0 [ 731.920897][T16858] ? __pfx_blkdev_direct_IO+0x10/0x10 [ 731.920923][T16858] blkdev_write_iter+0x703/0xd70 [ 731.920944][T16858] vfs_write+0x6ac/0x1070 [ 731.920966][T16858] ? __pfx_blkdev_write_iter+0x10/0x10 [ 731.920984][T16858] ? __pfx_vfs_write+0x10/0x10 [ 731.921004][T16858] ? find_held_lock+0x2b/0x80 [ 731.921030][T16858] ksys_write+0x12a/0x250 [ 731.921051][T16858] ? __pfx_ksys_write+0x10/0x10 [ 731.921078][T16858] do_syscall_64+0x106/0xf80 [ 731.921093][T16858] ? clear_bhb_loop+0x40/0x90 [ 731.921112][T16858] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.921127][T16858] RIP: 0033:0x7f2fedd9c629 [ 731.921142][T16858] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 731.921157][T16858] RSP: 002b:00007f2feeb9c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 731.921172][T16858] RAX: ffffffffffffffda RBX: 00007f2fee016450 RCX: 00007f2fedd9c629 [ 731.921182][T16858] RDX: 000000100000a3d9 RSI: 00002000000000c0 RDI: 0000000000000004 [ 731.921191][T16858] RBP: 00007f2fede32b39 R08: 0000000000000000 R09: 0000000000000000 [ 731.921200][T16858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 731.921209][T16858] R13: 00007f2fee0164e8 R14: 00007f2fee016450 R15: 00007fff842a3878 [ 731.921230][T16858] [ 736.975811][T16899] NFSD: Failed to start, no listeners configured. [ 737.291740][T16902] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(12) [ 741.876960][T16945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2227'. [ 741.975423][T16945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2227'. [ 742.053774][T16947] cougar: G6 mapped to space [ 746.600422][T16972] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 746.615493][T16972] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 746.626381][T16972] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 746.634872][T16972] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 746.671411][T16972] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 747.570227][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.577658][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.132516][T16971] chnl_net:caif_netlink_parms(): no params data found [ 748.685717][T16971] bridge0: port 1(bridge_slave_0) entered blocking state [ 748.779077][T16972] Bluetooth: hci3: command tx timeout [ 748.819181][T17002] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2237'. [ 748.849377][T16971] bridge0: port 1(bridge_slave_0) entered disabled state [ 748.916339][T16971] bridge_slave_0: entered allmulticast mode [ 748.967286][T17010] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2237'. [ 748.981579][T16971] bridge_slave_0: entered promiscuous mode [ 749.026680][T17011] cougar: G6 mapped to space [ 749.111416][T16971] bridge0: port 2(bridge_slave_1) entered blocking state [ 749.202905][T16971] bridge0: port 2(bridge_slave_1) entered disabled state [ 749.268815][T16971] bridge_slave_1: entered allmulticast mode [ 749.365927][T16971] bridge_slave_1: entered promiscuous mode [ 749.652400][T16971] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 749.763683][T16971] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 750.096185][T16971] team0: Port device team_slave_0 added [ 750.171263][T16971] team0: Port device team_slave_1 added [ 750.572074][T17030] sg_write: data in/out 1635018057/64965 bytes for SCSI command 0xf2-- guessing data in; [ 750.572074][T17030] program syz.1.2240 not setting count and/or reply_len properly [ 750.667112][T16971] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 750.674101][T16971] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 750.833923][T16972] Bluetooth: hci3: command tx timeout [ 750.992382][T16971] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 751.096483][T16971] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 751.171358][T16971] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 751.309590][T17030] netlink: 'syz.1.2240': attribute type 1 has an invalid length. [ 751.369287][T16971] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 751.910219][T16971] hsr_slave_0: entered promiscuous mode [ 751.972978][T16971] hsr_slave_1: entered promiscuous mode [ 752.028548][T16971] debugfs: 'hsr0' already exists in 'hsr' [ 752.035077][T16971] Cannot create hsr debugfs directory [ 752.389799][T17049] random: crng reseeded on system resumption [ 752.811081][T17049] hub 1-0:1.0: USB hub found [ 752.852410][T17049] hub 1-0:1.0: 1 port detected [ 752.912911][T16972] Bluetooth: hci3: command tx timeout [ 754.658679][T17073] nbd: socks must be embedded in a SOCK_ITEM attr [ 754.791129][T17073] block nbd0: shutting down sockets [ 754.885418][T16971] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 754.970034][T17081] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2245'. [ 754.991394][T16972] Bluetooth: hci3: command tx timeout [ 755.071577][T16971] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 755.150464][T17085] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2246'. [ 755.233199][T17086] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2246'. [ 755.325812][T16971] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 755.343762][T17085] cougar: G6 mapped to space [ 755.443508][T16971] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 756.181573][T16971] 8021q: adding VLAN 0 to HW filter on device bond0 [ 756.314989][T16971] 8021q: adding VLAN 0 to HW filter on device team0 [ 756.404193][T10138] bridge0: port 1(bridge_slave_0) entered blocking state [ 756.412180][T10138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 756.435668][T17118] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2249'. [ 756.673433][T10138] bridge0: port 2(bridge_slave_1) entered blocking state [ 756.680598][T10138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 758.104993][T16971] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 758.582086][T17162] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2256'. [ 758.758727][T17172] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2256'. [ 758.986508][T17162] cougar: G6 mapped to space [ 761.773443][T17216] futex_wake_op: syz.5.2262 tries to shift op by -2048; fix this program [ 761.828275][T17217] misc userio: No port type given on /dev/userio [ 761.893931][T17216] futex_wake_op: syz.5.2262 tries to shift op by -2048; fix this program [ 762.309629][T10135] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 762.961971][T10135] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 763.151442][T16971] veth0_vlan: entered promiscuous mode [ 763.216710][T16971] veth1_vlan: entered promiscuous mode [ 763.568947][T10135] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 763.706872][T16971] veth0_macvtap: entered promiscuous mode [ 763.857135][T10135] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.160366][T16971] veth1_macvtap: entered promiscuous mode [ 764.254745][T16971] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 764.306021][T16971] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 764.379057][ T8213] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 764.443940][ T8213] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 764.565579][ T8213] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 764.632084][T17232] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2266'. [ 764.641197][ T8213] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 764.742583][T17238] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2266'. [ 764.800295][T17232] cougar: G6 mapped to space [ 765.224406][T10138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 765.232261][T10138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 765.342565][T10135] bridge_slave_1: left allmulticast mode [ 765.396037][T10135] bridge_slave_1: left promiscuous mode [ 765.434548][T10135] bridge0: port 2(bridge_slave_1) entered disabled state [ 765.667313][T10135] bridge_slave_0: left allmulticast mode [ 765.673048][T10135] bridge_slave_0: left promiscuous mode [ 765.754912][T10135] bridge0: port 1(bridge_slave_0) entered disabled state [ 767.160687][T10135] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 767.228295][T10135] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 767.337686][T10135] bond0 (unregistering): Released all slaves [ 767.647707][T10138] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 767.718707][T10138] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 768.476847][T17291] random: crng reseeded on system resumption [ 769.177519][T17307] zswap: compressor not available [ 769.319461][T17291] hub 1-0:1.0: USB hub found [ 769.444419][T17291] hub 1-0:1.0: 1 port detected [ 769.796413][T17323] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2273'. [ 772.240127][T10135] hsr_slave_1: left promiscuous mode [ 772.284219][T10135] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 772.380263][T10135] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 772.498586][T10135] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 772.506040][T10135] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 772.669913][T10135] veth1_macvtap: left promiscuous mode [ 772.713242][T10135] veth0_macvtap: left promiscuous mode [ 772.737048][T10135] veth1_vlan: left promiscuous mode [ 773.658095][T10135] team_slave_1 (unregistering): left promiscuous mode [ 773.704839][T10135] team_slave_1 (unregistering): left allmulticast mode [ 773.750730][T10135] team0 (unregistering): Port device team_slave_1 removed [ 775.422882][T17395] FAULT_INJECTION: forcing a failure. [ 775.422882][T17395] name failslab, interval 1, probability 0, space 0, times 0 [ 775.567878][T17395] CPU: 0 UID: 0 PID: 17395 Comm: syz.1.2282 Tainted: G U L syzkaller #0 PREEMPT(full) [ 775.567907][T17395] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 775.567914][T17395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 775.567924][T17395] Call Trace: [ 775.567929][T17395] [ 775.567936][T17395] dump_stack_lvl+0x100/0x190 [ 775.567965][T17395] should_fail_ex.cold+0x5/0xa [ 775.567984][T17395] should_failslab+0xc2/0x120 [ 775.567999][T17395] __kmalloc_cache_noprof+0x7a/0x6f0 [ 775.568017][T17395] ? io_uring_alloc_task_context+0xa7/0x54b [ 775.568044][T17395] io_uring_alloc_task_context+0xa7/0x54b [ 775.568067][T17395] ? file_init_path+0x48e/0x670 [ 775.568083][T17395] ? __pfx_io_uring_alloc_task_context+0x10/0x10 [ 775.568106][T17395] ? alloc_file_pseudo+0x1a5/0x230 [ 775.568126][T17395] __io_uring_add_tctx_node.cold+0x10/0x195 [ 775.568149][T17395] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 775.568237][T17395] ? __anon_inode_getfile+0x17c/0x280 [ 775.568256][T17395] io_uring_setup.cold+0x1a25/0x1d09 [ 775.568281][T17395] ? __pfx_io_uring_setup+0x10/0x10 [ 775.568300][T17395] ? __pfx_do_futex+0x10/0x10 [ 775.568328][T17395] ? xfd_validate_state+0x129/0x190 [ 775.568358][T17395] __x64_sys_io_uring_setup+0xc2/0x170 [ 775.568375][T17395] do_syscall_64+0x106/0xf80 [ 775.568392][T17395] ? clear_bhb_loop+0x40/0x90 [ 775.568411][T17395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 775.568427][T17395] RIP: 0033:0x7f349ad9c629 [ 775.568441][T17395] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 775.568456][T17395] RSP: 002b:00007f349bc33028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 775.568471][T17395] RAX: ffffffffffffffda RBX: 00007f349b015fa0 RCX: 00007f349ad9c629 [ 775.568481][T17395] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 775.568489][T17395] RBP: 00007f349ae32b39 R08: 0000000000000000 R09: 0000000000000000 [ 775.568498][T17395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 775.568506][T17395] R13: 00007f349b016038 R14: 00007f349b015fa0 R15: 00007fffbed1aaf8 [ 775.568526][T17395] [ 776.373444][T17402] random: crng reseeded on system resumption [ 776.590781][T17402] hub 1-0:1.0: USB hub found [ 776.671345][T17402] hub 1-0:1.0: 1 port detected [ 777.463999][T17420] FAULT_INJECTION: forcing a failure. [ 777.463999][T17420] name failslab, interval 1, probability 0, space 0, times 0 [ 777.587160][T17420] CPU: 0 UID: 0 PID: 17420 Comm: syz.6.2287 Tainted: G U L syzkaller #0 PREEMPT(full) [ 777.587189][T17420] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 777.587195][T17420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 777.587204][T17420] Call Trace: [ 777.587210][T17420] [ 777.587216][T17420] dump_stack_lvl+0x100/0x190 [ 777.587253][T17420] should_fail_ex.cold+0x5/0xa [ 777.587272][T17420] should_failslab+0xc2/0x120 [ 777.587292][T17420] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 777.587315][T17420] ? __d_alloc+0x34/0xa80 [ 777.587334][T17420] __d_alloc+0x34/0xa80 [ 777.587351][T17420] d_alloc_pseudo+0x1c/0xc0 [ 777.587370][T17420] alloc_file_pseudo+0xcf/0x230 [ 777.587389][T17420] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 777.587411][T17420] __shmem_file_setup+0x221/0x490 [ 777.587431][T17420] ? __pfx___shmem_file_setup+0x10/0x10 [ 777.587452][T17420] ? vm_area_alloc+0x1f/0x160 [ 777.587472][T17420] shmem_zero_setup+0x96/0x1b0 [ 777.587495][T17420] __mmap_region+0x2198/0x29e0 [ 777.587518][T17420] ? __pfx___mmap_region+0x10/0x10 [ 777.587539][T17420] ? __lock_acquire+0x4a5/0x2630 [ 777.587559][T17420] ? set_next_entity+0x11b/0x9c0 [ 777.587583][T17420] ? __lock_acquire+0x4a5/0x2630 [ 777.587600][T17420] ? find_held_lock+0x2b/0x80 [ 777.587632][T17420] ? find_held_lock+0x2b/0x80 [ 777.587645][T17420] ? finish_task_switch.isra.0+0x200/0xb80 [ 777.587662][T17420] ? finish_task_switch.isra.0+0x200/0xb80 [ 777.587685][T17420] ? trace_sched_exit_tp+0x13a/0x180 [ 777.587702][T17420] ? __schedule+0x1000/0x60e0 [ 777.587742][T17420] ? rcu_is_watching+0x12/0xc0 [ 777.587767][T17420] ? cap_capable+0x107/0x460 [ 777.587789][T17420] mmap_region+0x180/0x3e0 [ 777.587813][T17420] do_mmap+0xc63/0x12f0 [ 777.587832][T17420] ? __pfx_do_mmap+0x10/0x10 [ 777.587847][T17420] ? __pfx_down_write_killable+0x10/0x10 [ 777.587871][T17420] vm_mmap_pgoff+0x29e/0x470 [ 777.587890][T17420] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 777.587906][T17420] ? do_futex+0x192/0x350 [ 777.587924][T17420] ? __pfx_do_futex+0x10/0x10 [ 777.587946][T17420] ksys_mmap_pgoff+0xe1/0x650 [ 777.587960][T17420] ? __x64_sys_futex+0x34f/0x4d0 [ 777.587977][T17420] ? __x64_sys_futex+0x358/0x4d0 [ 777.587996][T17420] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 777.588010][T17420] ? xfd_validate_state+0x129/0x190 [ 777.588038][T17420] __x64_sys_mmap+0x125/0x190 [ 777.588061][T17420] do_syscall_64+0x106/0xf80 [ 777.588077][T17420] ? clear_bhb_loop+0x40/0x90 [ 777.588095][T17420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 777.588114][T17420] RIP: 0033:0x7f5591f9c629 [ 777.588128][T17420] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 777.588142][T17420] RSP: 002b:00007f5592e47028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 777.588157][T17420] RAX: ffffffffffffffda RBX: 00007f5592215fa0 RCX: 00007f5591f9c629 [ 777.588167][T17420] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 777.588183][T17420] RBP: 00007f5592032b39 R08: ffffffffffffffff R09: 0000000000008000 [ 777.588193][T17420] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 777.588202][T17420] R13: 00007f5592216038 R14: 00007f5592215fa0 R15: 00007fff63e8d878 [ 777.588223][T17420] [ 779.542675][ T5824] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 779.556261][ T5824] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 779.571766][ T5824] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 779.583545][ T5824] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 779.591894][ T5824] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 780.255835][T17447] chnl_net:caif_netlink_parms(): no params data found [ 780.897359][T17464] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2293'. [ 780.938092][T17447] bridge0: port 1(bridge_slave_0) entered blocking state [ 781.009910][T17447] bridge0: port 1(bridge_slave_0) entered disabled state [ 781.034165][T17466] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2293'. [ 781.052382][T17447] bridge_slave_0: entered allmulticast mode [ 781.085294][T17447] bridge_slave_0: entered promiscuous mode [ 781.102841][T17467] cougar: G6 mapped to space [ 781.131014][T17447] bridge0: port 2(bridge_slave_1) entered blocking state [ 781.179048][T17447] bridge0: port 2(bridge_slave_1) entered disabled state [ 781.216726][T17447] bridge_slave_1: entered allmulticast mode [ 781.258699][T17447] bridge_slave_1: entered promiscuous mode [ 781.407264][T17447] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 781.500630][T17447] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 781.642892][T16972] Bluetooth: hci4: command tx timeout [ 781.680093][T17447] team0: Port device team_slave_0 added [ 781.735311][T17447] team0: Port device team_slave_1 added [ 781.868251][T17447] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 781.908178][T17447] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 782.033155][T17447] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 782.094392][T17447] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 782.101703][T17447] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 782.273067][T17447] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 782.611174][T17280] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 782.698898][T17447] hsr_slave_0: entered promiscuous mode [ 782.735066][T17447] hsr_slave_1: entered promiscuous mode [ 782.773192][T17447] debugfs: 'hsr0' already exists in 'hsr' [ 782.778957][T17447] Cannot create hsr debugfs directory [ 782.870308][T17280] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.014968][T17280] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.214372][T17280] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.637476][T17280] team0: left allmulticast mode [ 783.642748][T17280] team_slave_0: left allmulticast mode [ 783.703549][T17280] team_slave_1: left allmulticast mode [ 783.709107][T17280] team0: left promiscuous mode [ 783.724771][T16972] Bluetooth: hci4: command tx timeout [ 783.748817][T17280] team_slave_0: left promiscuous mode [ 783.779354][T17280] team_slave_1: left promiscuous mode [ 783.815382][T17280] bridge0: port 3(team0) entered disabled state [ 783.833159][T17280] bridge_slave_1: left allmulticast mode [ 783.863754][T17280] bridge_slave_1: left promiscuous mode [ 783.869536][T17280] bridge0: port 2(bridge_slave_1) entered disabled state [ 783.947438][T17280] bridge_slave_0: left allmulticast mode [ 783.953262][T17280] bridge_slave_0: left promiscuous mode [ 783.996291][T17280] bridge0: port 1(bridge_slave_0) entered disabled state [ 784.549109][T17280] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 784.578998][T17280] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 784.610674][T17280] bond0 (unregistering): Released all slaves [ 785.805166][T16972] Bluetooth: hci4: command tx timeout [ 785.853270][T17447] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 785.927014][T17447] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 785.987315][T17280] hsr_slave_0: left promiscuous mode [ 786.014992][T17280] hsr_slave_1: left promiscuous mode [ 786.034833][T17280] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 786.042233][T17280] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 786.105509][T17280] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 786.113116][T17280] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 786.180791][T17280] veth1_macvtap: left promiscuous mode [ 786.206497][T17280] veth1_vlan: left promiscuous mode [ 786.211929][T17280] veth0_vlan: left promiscuous mode [ 786.806899][T17280] team0 (unregistering): Port device team_slave_1 removed [ 786.851437][T17280] team0 (unregistering): Port device team_slave_0 removed [ 787.093427][T17447] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 787.129224][T17447] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 787.502208][T17447] 8021q: adding VLAN 0 to HW filter on device bond0 [ 787.583833][T17447] 8021q: adding VLAN 0 to HW filter on device team0 [ 787.659264][T17280] bridge0: port 1(bridge_slave_0) entered blocking state [ 787.666540][T17280] bridge0: port 1(bridge_slave_0) entered forwarding state [ 787.732084][T17280] bridge0: port 2(bridge_slave_1) entered blocking state [ 787.739247][T17280] bridge0: port 2(bridge_slave_1) entered forwarding state [ 787.887656][T16972] Bluetooth: hci4: command tx timeout [ 788.295185][T17447] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 788.482335][T17447] veth0_vlan: entered promiscuous mode [ 788.525038][T17447] veth1_vlan: entered promiscuous mode [ 788.668707][T17447] veth0_macvtap: entered promiscuous mode [ 788.714277][T17447] veth1_macvtap: entered promiscuous mode [ 788.794881][T17447] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 788.852025][T17447] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 788.900650][T17280] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 788.966023][T17280] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.002955][T17280] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.062108][T17280] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.247644][T17275] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 789.255604][T17275] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 789.345190][T10135] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 789.377104][T10135] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 790.118564][ T5824] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 790.138186][ T5824] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 790.149286][ T5824] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 790.174333][ T5824] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 790.185884][ T5824] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 790.213987][T17553] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2297'. [ 790.252990][T17550] random: crng reseeded on system resumption [ 790.591680][T17550] hub 1-0:1.0: USB hub found [ 790.642855][T17550] hub 1-0:1.0: 1 port detected [ 791.319409][T17570] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2298'. [ 791.366394][T17549] chnl_net:caif_netlink_parms(): no params data found [ 792.287876][T16972] Bluetooth: hci0: command tx timeout [ 792.319135][T17549] bridge0: port 1(bridge_slave_0) entered blocking state [ 792.392712][T17549] bridge0: port 1(bridge_slave_0) entered disabled state [ 792.460040][T17549] bridge_slave_0: entered allmulticast mode [ 792.519930][T17549] bridge_slave_0: entered promiscuous mode [ 792.571091][T17549] bridge0: port 2(bridge_slave_1) entered blocking state [ 792.617236][T17549] bridge0: port 2(bridge_slave_1) entered disabled state [ 792.660529][T17549] bridge_slave_1: entered allmulticast mode [ 792.712863][T17549] bridge_slave_1: entered promiscuous mode [ 793.066794][T17549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 793.116604][T17607] NFSD: Failed to start, no listeners configured. [ 793.241376][T17549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 793.545210][T17549] team0: Port device team_slave_0 added [ 793.636497][T17549] team0: Port device team_slave_1 added [ 793.868958][T17549] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 793.875922][T17549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 794.098810][T17549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 794.302872][T17549] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 794.350003][T17549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 794.399913][T16972] Bluetooth: hci0: command tx timeout [ 794.556649][T17549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 794.915770][T17549] hsr_slave_0: entered promiscuous mode [ 794.963734][T17549] hsr_slave_1: entered promiscuous mode [ 795.013582][T17549] debugfs: 'hsr0' already exists in 'hsr' [ 795.066074][T17549] Cannot create hsr debugfs directory [ 796.450421][T16972] Bluetooth: hci0: command tx timeout [ 796.486933][T17549] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 797.046722][T17549] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 797.292807][T17549] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 797.656609][T17549] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 798.425771][T17549] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 798.531315][T16972] Bluetooth: hci0: command tx timeout [ 798.634232][T17549] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 798.735689][T17549] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 798.840129][T17549] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 799.333322][T17549] 8021q: adding VLAN 0 to HW filter on device bond0 [ 799.418799][T17549] 8021q: adding VLAN 0 to HW filter on device team0 [ 799.558921][T17275] bridge0: port 1(bridge_slave_0) entered blocking state [ 799.566085][T17275] bridge0: port 1(bridge_slave_0) entered forwarding state [ 799.754115][T17275] bridge0: port 2(bridge_slave_1) entered blocking state [ 799.761279][T17275] bridge0: port 2(bridge_slave_1) entered forwarding state [ 801.276585][T17734] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2318'. [ 801.570577][T17549] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 801.904369][T17549] veth0_vlan: entered promiscuous mode [ 801.978850][T17549] veth1_vlan: entered promiscuous mode [ 802.155262][T17549] veth0_macvtap: entered promiscuous mode [ 802.210280][T17549] veth1_macvtap: entered promiscuous mode [ 802.270805][T17744] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2319'. [ 802.291238][T17549] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 802.372345][T17744] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2319'. [ 802.390554][T17549] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 802.476418][T17275] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.507774][T17275] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.556603][T17275] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 802.774776][T17275] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 803.350631][T17765] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2323'. [ 803.405372][T17275] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 803.460065][T17275] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 803.468031][T17766] FAULT_INJECTION: forcing a failure. [ 803.468031][T17766] name failslab, interval 1, probability 0, space 0, times 0 [ 803.559781][T17766] CPU: 0 UID: 0 PID: 17766 Comm: syz.0.2323 Tainted: G U L syzkaller #0 PREEMPT(full) [ 803.559816][T17766] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 803.559821][T17766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 803.559830][T17766] Call Trace: [ 803.559835][T17766] [ 803.559841][T17766] dump_stack_lvl+0x100/0x190 [ 803.559868][T17766] should_fail_ex.cold+0x5/0xa [ 803.559889][T17766] should_failslab+0xc2/0x120 [ 803.559904][T17766] __kmalloc_cache_noprof+0x7a/0x6f0 [ 803.559922][T17766] ? call_usermodehelper_setup+0xaf/0x360 [ 803.559952][T17766] ? __pfx_free_modprobe_argv+0x10/0x10 [ 803.559975][T17766] call_usermodehelper_setup+0xaf/0x360 [ 803.560000][T17766] __request_module+0x3c7/0x6c0 [ 803.560021][T17766] ? __pfx___request_module+0x10/0x10 [ 803.560054][T17766] ? find_held_lock+0x2b/0x80 [ 803.560067][T17766] ? inet_create+0xa72/0x1060 [ 803.560092][T17766] inet_create+0xd45/0x1060 [ 803.560114][T17766] ? inet_create+0x94/0x1060 [ 803.560136][T17766] __sock_create+0x339/0x860 [ 803.560160][T17766] __sys_socket+0x14d/0x260 [ 803.560181][T17766] ? __pfx___sys_socket+0x10/0x10 [ 803.560207][T17766] __x64_sys_socket+0x72/0xb0 [ 803.560227][T17766] ? lockdep_hardirqs_on+0x78/0x100 [ 803.560245][T17766] do_syscall_64+0x106/0xf80 [ 803.560264][T17766] ? clear_bhb_loop+0x40/0x90 [ 803.560282][T17766] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 803.560297][T17766] RIP: 0033:0x7f35d239c629 [ 803.560311][T17766] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 803.560325][T17766] RSP: 002b:00007f35d324c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 803.560339][T17766] RAX: ffffffffffffffda RBX: 00007f35d2616090 RCX: 00007f35d239c629 [ 803.560349][T17766] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 803.560357][T17766] RBP: 00007f35d2432b39 R08: 0000000000000000 R09: 0000000000000000 [ 803.560366][T17766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 803.560374][T17766] R13: 00007f35d2616128 R14: 00007f35d2616090 R15: 00007fff728d0318 [ 803.560393][T17766] [ 804.360115][T17283] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 804.393842][T17283] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 806.182143][T17806] NFSD: Failed to start, no listeners configured. [ 806.431613][T17810] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2329'. [ 806.527763][T17814] program syz.0.2330 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 806.919180][ T29] audit: type=1326 audit(4294967454.496:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17817 comm="syz.5.2331" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f427719c629 code=0x0 [ 807.618637][T17831] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2333'. [ 807.761580][T17831] veth1_macvtap: left promiscuous mode [ 808.409469][T17842] random: crng reseeded on system resumption [ 809.020701][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 809.027279][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 809.968631][T17855] random: crng reseeded on system resumption [ 811.873154][T17891] random: crng reseeded on system resumption [ 812.480854][T17884] zswap: compressor not available [ 813.121170][T17909] program syz.1.2352 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 813.407517][T17909] FAULT_INJECTION: forcing a failure. [ 813.407517][T17909] name failslab, interval 1, probability 0, space 0, times 0 [ 813.470888][T17909] CPU: 0 UID: 0 PID: 17909 Comm: syz.1.2352 Tainted: G U L syzkaller #0 PREEMPT(full) [ 813.470919][T17909] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 813.470925][T17909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 813.471004][T17909] Call Trace: [ 813.471010][T17909] [ 813.471016][T17909] dump_stack_lvl+0x100/0x190 [ 813.471045][T17909] should_fail_ex.cold+0x5/0xa [ 813.471065][T17909] should_failslab+0xc2/0x120 [ 813.471080][T17909] __kvmalloc_node_noprof+0xfa/0xa00 [ 813.471108][T17909] ? sbitmap_init_node+0x1cc/0x720 [ 813.471204][T17909] sbitmap_init_node+0x1cc/0x720 [ 813.471227][T17909] sbitmap_queue_init_node+0x40/0x4a0 [ 813.471248][T17909] blk_mq_init_tags+0x184/0x300 [ 813.471314][T17909] blk_mq_alloc_map_and_rqs+0x218/0xeb0 [ 813.471341][T17909] blk_mq_alloc_sched_tags+0x1de/0x350 [ 813.471361][T17909] blk_mq_alloc_sched_res+0x8e/0x250 [ 813.471380][T17909] elevator_change+0x136/0x530 [ 813.471407][T17909] elv_iosched_store+0x3dc/0x480 [ 813.471423][T17909] ? __pfx_elv_iosched_store+0x10/0x10 [ 813.471437][T17909] ? kasan_save_track+0x14/0x30 [ 813.471467][T17909] ? __pfx_elv_iosched_store+0x10/0x10 [ 813.471483][T17909] queue_attr_store+0x25f/0x2f0 [ 813.471542][T17909] ? __pfx_queue_attr_store+0x10/0x10 [ 813.471568][T17909] ? __lock_acquire+0x4a5/0x2630 [ 813.471595][T17909] ? find_held_lock+0x2b/0x80 [ 813.471608][T17909] ? sysfs_file_kobj+0xe4/0x290 [ 813.471625][T17909] ? sysfs_file_kobj+0xe4/0x290 [ 813.471645][T17909] ? __pfx_queue_attr_store+0x10/0x10 [ 813.471666][T17909] sysfs_kf_write+0xf2/0x150 [ 813.471685][T17909] kernfs_fop_write_iter+0x3e0/0x5f0 [ 813.471699][T17909] ? __pfx_sysfs_kf_write+0x10/0x10 [ 813.471718][T17909] iter_file_splice_write+0x830/0x10a0 [ 813.471753][T17909] ? __pfx_iter_file_splice_write+0x10/0x10 [ 813.471779][T17909] ? __pfx_copy_splice_read+0x10/0x10 [ 813.471812][T17909] ? __pfx_iter_file_splice_write+0x10/0x10 [ 813.471837][T17909] direct_splice_actor+0x192/0x6c0 [ 813.471861][T17909] splice_direct_to_actor+0x345/0xa30 [ 813.471885][T17909] ? __pfx_direct_splice_actor+0x10/0x10 [ 813.471915][T17909] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 813.471952][T17909] do_splice_direct+0x174/0x240 [ 813.471977][T17909] ? __pfx_do_splice_direct+0x10/0x10 [ 813.472001][T17909] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 813.472027][T17909] ? rw_verify_area+0xce/0x6d0 [ 813.472049][T17909] do_sendfile+0xadc/0xe20 [ 813.472074][T17909] ? __pfx_do_sendfile+0x10/0x10 [ 813.472098][T17909] ? __x64_sys_futex+0x34f/0x4d0 [ 813.472116][T17909] ? __x64_sys_futex+0x358/0x4d0 [ 813.472136][T17909] __x64_sys_sendfile64+0x1d8/0x220 [ 813.472153][T17909] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 813.472175][T17909] do_syscall_64+0x106/0xf80 [ 813.472191][T17909] ? clear_bhb_loop+0x40/0x90 [ 813.472210][T17909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 813.472226][T17909] RIP: 0033:0x7f612fb9c629 [ 813.472241][T17909] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 813.472256][T17909] RSP: 002b:00007f6130a27028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 813.472271][T17909] RAX: ffffffffffffffda RBX: 00007f612fe16090 RCX: 00007f612fb9c629 [ 813.472285][T17909] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008 [ 813.472293][T17909] RBP: 00007f612fc32b39 R08: 0000000000000000 R09: 0000000000000000 [ 813.472302][T17909] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000000 [ 813.472310][T17909] R13: 00007f612fe16128 R14: 00007f612fe16090 R15: 00007fff13fd5508 [ 813.472332][T17909] [ 817.119081][T17970] program syz.5.2365 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 817.614712][T17973] FAULT_INJECTION: forcing a failure. [ 817.614712][T17973] name failslab, interval 1, probability 0, space 0, times 0 [ 817.707480][T17973] CPU: 0 UID: 0 PID: 17973 Comm: syz.0.2367 Tainted: G U L syzkaller #0 PREEMPT(full) [ 817.707512][T17973] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 817.707518][T17973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 817.707532][T17973] Call Trace: [ 817.707538][T17973] [ 817.707545][T17973] dump_stack_lvl+0x100/0x190 [ 817.707578][T17973] should_fail_ex.cold+0x5/0xa [ 817.707597][T17973] should_failslab+0xc2/0x120 [ 817.707613][T17973] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 817.707634][T17973] ? sk_prot_alloc+0x60/0x2a0 [ 817.707658][T17973] sk_prot_alloc+0x60/0x2a0 [ 817.707678][T17973] sk_alloc+0x36/0xe80 [ 817.707693][T17973] inet6_create+0x385/0x12b0 [ 817.707711][T17973] ? inet6_create+0x7f/0x12b0 [ 817.707729][T17973] __sock_create+0x339/0x860 [ 817.707754][T17973] __sys_socket+0x14d/0x260 [ 817.707775][T17973] ? __pfx___sys_socket+0x10/0x10 [ 817.707802][T17973] __x64_sys_socket+0x72/0xb0 [ 817.707822][T17973] ? lockdep_hardirqs_on+0x78/0x100 [ 817.707839][T17973] do_syscall_64+0x106/0xf80 [ 817.707855][T17973] ? clear_bhb_loop+0x40/0x90 [ 817.707873][T17973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.707888][T17973] RIP: 0033:0x7f35d239c629 [ 817.707902][T17973] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 817.707916][T17973] RSP: 002b:00007f35d326d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 817.707930][T17973] RAX: ffffffffffffffda RBX: 00007f35d2615fa0 RCX: 00007f35d239c629 [ 817.707940][T17973] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a [ 817.707949][T17973] RBP: 00007f35d2432b39 R08: 0000000000000000 R09: 0000000000000000 [ 817.707958][T17973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 817.707966][T17973] R13: 00007f35d2616038 R14: 00007f35d2615fa0 R15: 00007fff728d0318 [ 817.707986][T17973] [ 822.723709][T18047] program syz.1.2382 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 822.723790][T18046] program syz.1.2382 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 822.739333][ T29] audit: type=1807 audit(4294967470.298:28): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 822.739366][ T29] audit: type=1802 audit(4294967470.298:29): pid=18046 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.2382" res=0 errno=0 [ 822.764116][T18045] ima: policy update failed [ 822.764515][ T29] audit: type=1802 audit(4294967470.338:30): pid=18045 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2382" res=0 errno=0 [ 823.004597][T18053] kvm: kvm [18052]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000085) [ 823.258980][T18056] netlink: 318 bytes leftover after parsing attributes in process `syz.0.2383'. [ 824.442499][T18070] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2390'. [ 824.514680][T18070] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2390'. [ 825.077534][T18091] random: crng reseeded on system resumption [ 825.236314][T18091] hub 1-0:1.0: USB hub found [ 825.276739][T18091] hub 1-0:1.0: 1 port detected [ 825.704285][T18099] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 825.805826][T18104] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 828.747123][T18137] FAULT_INJECTION: forcing a failure. [ 828.747123][T18137] name failslab, interval 1, probability 0, space 0, times 0 [ 828.836945][T18137] CPU: 0 UID: 0 PID: 18137 Comm: syz.6.2400 Tainted: G U L syzkaller #0 PREEMPT(full) [ 828.836976][T18137] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 828.836982][T18137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 828.836991][T18137] Call Trace: [ 828.836997][T18137] [ 828.837004][T18137] dump_stack_lvl+0x100/0x190 [ 828.837037][T18137] should_fail_ex.cold+0x5/0xa [ 828.837059][T18137] should_failslab+0xc2/0x120 [ 828.837074][T18137] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 828.837095][T18137] ? sk_prot_alloc+0x60/0x2a0 [ 828.837118][T18137] sk_prot_alloc+0x60/0x2a0 [ 828.837138][T18137] sk_alloc+0x36/0xe80 [ 828.837153][T18137] inet6_create+0x385/0x12b0 [ 828.837172][T18137] ? inet6_create+0x7f/0x12b0 [ 828.837194][T18137] __sock_create+0x339/0x860 [ 828.837220][T18137] __sys_socket+0x14d/0x260 [ 828.837240][T18137] ? __pfx___sys_socket+0x10/0x10 [ 828.837288][T18137] __x64_sys_socket+0x72/0xb0 [ 828.837310][T18137] ? lockdep_hardirqs_on+0x78/0x100 [ 828.837328][T18137] do_syscall_64+0x106/0xf80 [ 828.837344][T18137] ? clear_bhb_loop+0x40/0x90 [ 828.837363][T18137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 828.837381][T18137] RIP: 0033:0x7f5591f9c629 [ 828.837395][T18137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 828.837410][T18137] RSP: 002b:00007f5592e47028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 828.837426][T18137] RAX: ffffffffffffffda RBX: 00007f5592215fa0 RCX: 00007f5591f9c629 [ 828.837436][T18137] RDX: 0000000000000084 RSI: 0000000000000801 RDI: 000000000000000a [ 828.837445][T18137] RBP: 00007f5592032b39 R08: 0000000000000000 R09: 0000000000000000 [ 828.837454][T18137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 828.837463][T18137] R13: 00007f5592216038 R14: 00007f5592215fa0 R15: 00007fff63e8d878 [ 828.837483][T18137] [ 830.049722][T18147] random: crng reseeded on system resumption [ 830.192437][T18152] netlink: 330 bytes leftover after parsing attributes in process `syz.6.2404'. [ 830.245986][T18153] binder: 18151:18153 ioctl 400454ca ffffffffffffffff returned -22 [ 830.267656][T18147] hub 1-0:1.0: USB hub found [ 830.292513][T18147] hub 1-0:1.0: 1 port detected [ 830.298354][T18152] mac80211_hwsim hwsim34 ›: renamed from wlan0 (while UP) [ 830.954392][T18170] Oops: general protection fault, probably for non-canonical address 0xdffffc000000001e: 0000 [#1] SMP KASAN PTI [ 830.966853][T18170] KASAN: null-ptr-deref in range [0x00000000000000f0-0x00000000000000f7] [ 830.975355][T18170] CPU: 0 UID: 0 PID: 18170 Comm: syz.0.2406 Tainted: G U L syzkaller #0 PREEMPT(full) [ 830.986580][T18170] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 830.991989][T18170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 831.003353][T18170] RIP: 0010:grab_requested_root+0xde/0x3c0 [ 831.010385][T18170] Code: 02 00 00 49 39 5d 18 0f 84 cd 01 00 00 e8 ba c8 76 ff 48 8d bb 08 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 82 02 00 00 48 8b 83 08 01 00 00 48 85 c0 0f 84 [ 831.031889][T18170] RSP: 0018:ffffc90003c07d88 EFLAGS: 00010206 [ 831.038052][T18170] RAX: dffffc0000000000 RBX: ffffffffffffffea RCX: ffffc90018cc2000 [ 831.046650][T18170] RDX: 000000000000001e RSI: ffffffff82913286 RDI: 00000000000000f2 [ 831.055142][T18170] RBP: ffffc90003c07db0 R08: 0000000000000005 R09: 0000000000000000 [ 831.063681][T18170] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88807ee01e40 [ 831.072196][T18170] R13: ffff88801eaa9000 R14: ffff88807dc85028 R15: ffff88807dc85010 [ 831.081681][T18170] FS: 00007f35d320a6c0(0000) GS:ffff888124351000(0000) knlGS:0000000000000000 [ 831.090798][T18170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 831.097448][T18170] CR2: 00007f35d3209ff8 CR3: 00000000694c4000 CR4: 00000000003526f0 [ 831.105418][T18170] Call Trace: [ 831.108695][T18170] [ 831.111723][T18170] __do_sys_statmount+0x359/0x2440 [ 831.117130][T18170] ? do_raw_spin_lock+0x128/0x260 [ 831.122198][T18170] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 831.128323][T18170] ? __pfx___do_sys_statmount+0x10/0x10 [ 831.133885][T18170] do_syscall_64+0x106/0xf80 [ 831.138564][T18170] ? clear_bhb_loop+0x40/0x90 [ 831.143236][T18170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 831.149126][T18170] RIP: 0033:0x7f35d239c629 [ 831.153735][T18170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 831.173361][T18170] RSP: 002b:00007f35d320a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001c9 [ 831.181866][T18170] RAX: ffffffffffffffda RBX: 00007f35d2616270 RCX: 00007f35d239c629 [ 831.189825][T18170] RDX: 00000000000001fe RSI: 0000200000000180 RDI: 0000000000000000 [ 831.197867][T18170] RBP: 00007f35d2432b39 R08: 0000000000000000 R09: 0000000000000000 [ 831.205838][T18170] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 831.213792][T18170] R13: 00007f35d2616308 R14: 00007f35d2616270 R15: 00007fff728d0318 [ 831.221751][T18170] [ 831.224759][T18170] Modules linked in: [ 831.229440][T18170] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 832.035676][T18170] RIP: 0010:grab_requested_root+0xde/0x3c0 [ 832.058949][T18170] Code: 02 00 00 49 39 5d 18 0f 84 cd 01 00 00 e8 ba c8 76 ff 48 8d bb 08 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 82 02 00 00 48 8b 83 08 01 00 00 48 85 c0 0f 84 [ 832.129993][T18170] RSP: 0018:ffffc90003c07d88 EFLAGS: 00010206 [ 832.154446][T18170] RAX: dffffc0000000000 RBX: ffffffffffffffea RCX: ffffc90018cc2000 [ 832.180010][T18170] RDX: 000000000000001e RSI: ffffffff82913286 RDI: 00000000000000f2 [ 832.206977][T18170] RBP: ffffc90003c07db0 R08: 0000000000000005 R09: 0000000000000000 [ 832.232341][T18170] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88807ee01e40 [ 832.279253][T18170] R13: ffff88801eaa9000 R14: ffff88807dc85028 R15: ffff88807dc85010 [ 832.287285][T18170] FS: 00007f35d320a6c0(0000) GS:ffff888124351000(0000) knlGS:0000000000000000 [ 832.338580][T18170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 832.359409][T18170] CR2: 0000000000811000 CR3: 00000000694c4000 CR4: 00000000003526f0 [ 832.367450][T18170] Kernel panic - not syncing: Fatal exception [ 832.373582][T18170] Kernel Offset: disabled [ 832.377892][T18170] Rebooting in 86400 seconds..