last executing test programs: 4.382170296s ago: executing program 3 (id=408): unshare$auto(0x40000080) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r2 = epoll_create$auto(0x3e) epoll_ctl$auto(r2, 0x1, r1, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x1a1, 0x8, 0x4, 0x940, 0x1ffde, 0x3, 0x2000000000000006, 0x2, 0x5, 0x5, 0x6, 0x8, 0xae, 0xa, 0x2, 0x7, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x80000}, 0x1fe, 0x80) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000", @ANYBLOB='p'], 0x1ac}}, 0x40000) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'dummy0\x00'}) statmount$auto(0x0, &(0x7f0000000180)={0x3, 0x1, 0x9, 0x7352, 0x41, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0xb, 0x3, 0x5, 0x101, 0xb4, 0x9, 0x6, 0x7ff, 0x84, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0xb4, 0x4, 0x0, 0x0, 0x0, 0xfffffff9, [0x7, 0x0, 0x68, 0x0, 0x100000000, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x1000000000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x800000000000000, 0x7e30e0be]}, 0x1fe, 0xf) mmap$auto(0xfffffffffffffffa, 0x3, 0x10000000000000, 0x552, r0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008004) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/zram0/algorithm_params\x00', 0xa001, 0x0) write$auto(r5, &(0x7f0000000000)='\"\x81=\xe2\xad\xff\xf1y\xb3\x1d]\n\xcf\xfa\xee@\"', 0x81) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x2, &(0x7f00000004c0)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008) 3.374217862s ago: executing program 2 (id=411): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0\x00', 0x0, 0x0) ioctl$auto_OTPSELECT(r0, 0x80044d0d, &(0x7f00000000c0)=0x2) connect$auto(r0, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x5b) r1 = prctl$auto(0x20000c, 0xa, 0x0, 0x8000000001, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2, 0x9, 0x13, r1, 0x7) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/clear_refs\x00', 0x101001, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/tty/ptybd/dev\x00', 0x2440, 0x0) read$auto(r3, 0x0, 0x20) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) close_range$auto(0x2, 0xa, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x40200, 0x0) mmap$auto(0xf61, 0x400000000800009, 0x1000, 0x10000000018, 0x2, 0x9) unshare$auto(0x40000080) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) msgctl$auto_IPC_RMID(0x4, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r4, 0x0, 0xb4d3) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), r2) write$auto(0x3, 0x0, 0xffd8) 3.28499705s ago: executing program 3 (id=412): r0 = socket$nl_generic(0x10, 0x3, 0x10) poll$auto(&(0x7f0000003640)={0xffffffffffffffff, 0x5, 0x6}, 0x8, 0x800) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r3, 0x4068aea3, &(0x7f0000000080)={0xdb}) syz_genetlink_get_family_id$auto_netdev(&(0x7f00000000c0), r0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r1, 0x0, 0xc4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, r2, 0x8) read$auto(0x3, 0x0, 0x80) write$auto_hwsim_fops_rx_rssi_(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000200), 0x46ca00, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x82, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae3e, r5) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4140aecd, 0x0) close_range$auto(0x2, r4, 0x6) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000180), 0x80400, 0x0) mmap$auto(0x4, 0x7ffffffffffffffd, 0x7e, 0x80000eb1, r4, 0x1) r6 = socket(0x2, 0x1, 0x0) fcntl$auto(r1, 0x8, 0x0) bind$auto(r6, &(0x7f0000000040)=@in={0x2, 0x4e25, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6d) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f00000001c0), 0x112, 0x0, 0x8, 0x0, 0x0, 0xb}, 0x80000b}, 0x5, 0x20000000) sendmsg$auto_NFSD_CMD_THREADS_SET(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x51}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 3.239606717s ago: executing program 1 (id=413): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x5, 0x805, 0x0) (async) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6b) (async) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0xff, 0x0}}, 0x55) keyctl$auto(0x5, 0xffffffffffffffff, 0x5, 0x5, 0x8) (async) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/keys\x00', 0x1c9802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) open(&(0x7f0000022ff6)='./control\x00', 0x2640, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x3, 0x100df, 0x209b72, 0x4e477f5a, 0x8000) r3 = getsockopt$auto(0x6, 0x1, 0x4d, 0xfffffffffffffffe, 0x0) (async) pread64$auto(r2, &(0x7f0000000380)='/proc/scsi/sg/devices\x00', 0x100000001, 0x100) (async) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, 0x0, 0x0) sendmsg$auto_OVS_FLOW_CMD_GET(r0, 0x0, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/zram0/capability\x00', 0x200000, 0x0) sendfile$auto(r4, r3, 0x0, 0x3) (async) ioctl$auto_XFS_IOC_PATH_TO_FSHANDLE(r3, 0xc0385868, &(0x7f0000000280)={r1, &(0x7f0000000100), 0x0, &(0x7f00000003c0)="0c54893d92c8e14117e7c244a0e9219e586449e72bdc6a0bfb01a1f634512364b048e46d75c95f7795f96638335e65b4cd218823f9da2b006fe9a8df1f0b7fd5a6af69cada86dfdeffac550e0945263002af23b78b424ff4a3f6d591f36f73e0cc9f398b7b8f3b1a79c0", 0x100, &(0x7f0000000200)="9dabc562d54a8c25f5f8b0d1849a1cadfb21967ba4c681dbcd241d57", &(0x7f0000000240)=0x4}) (async) unshare$auto(0x4000007c) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) 2.333989987s ago: executing program 3 (id=415): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0xf) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES64=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) setresuid$auto(0x2, 0x7, 0x8080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) r1 = socket(0xa, 0x3, 0x3b) getsockopt$auto(r1, 0x29, 0x6, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x6) futex_requeue$auto(0x0, 0x0, 0xf, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0) inotify_add_watch$auto(r2, &(0x7f0000000100)='./file0\x00', 0x4) write$auto(0xffffffffffffffff, 0x0, 0x100082) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x100000000000037, 0x0) fsopen$auto(0x0, 0x1) timerfd_gettime$auto(0xffffffffffffffff, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/block/nbd3/queue/iosched/front_merges\x00', 0x2041, 0x0) socket(0x2, 0x1, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x10000, 0x4000000000db, 0xeb1, 0x2, 0x8000) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) r5 = socket(0xa, 0x1, 0x0) getsockopt$auto(r5, 0x6, 0xa, &(0x7f0000000080)='$\xfe\x88\xc8\x91\x8bo\xc6#\x93\x91^\x01<\xc81\xc0\x80\xd6\xdb>f\x8c\xf7\xb6\xca\xcdi\xa6\x91R\x7f\x00B\x93H9\x19\xb4x\xb1\xb7\xd3\xe4\x00'/60, &(0x7f0000000040)=0xaa) ioctl$auto_BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00cf81000000ffffffffffffff291d00", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d}) 2.200200359s ago: executing program 1 (id=416): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r0 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) poll$auto(&(0x7f0000000180)={r0, 0xfff7, 0x9816}, 0x7f, 0x9) r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r2) rename$auto(&(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='./cgroup\x00') ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x0) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000000), 0x2400, 0x0) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) ioctl$auto_VHOST_SET_LOG_FD2(r0, 0x4004af07, &(0x7f00000003c0)) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) mmap$auto(0x0, 0xe983, 0xe2, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) mknod$auto(0x0, 0x63c1, 0x7ff) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r3, 0xc0045516, 0x0) read$auto(r3, 0x0, 0x800) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) readv$auto(0x3, &(0x7f0000000040)={0x0, 0x36a}, 0x6) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x202041, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) sysfs$auto(0x2, 0x1a, 0x0) r4 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00"}, 0x8, 0x966, 0x3, @raw=0x404, @integer={0xfff, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) r5 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x169000, 0x0) ioctl$auto(r5, 0xc0285629, r5) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r6 = openat$auto_tracing_total_entries_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/tracing/buffer_total_size_kb\x00', 0x503000, 0x0) read$auto_tracing_total_entries_fops_trace(r6, 0x0, 0x0) prctl$auto_PR_GET_CHILD_SUBREAPER(0x25, 0x8, 0xfffffffffffffffa, 0x9, 0xfffffffffffffbff) 1.782307958s ago: executing program 2 (id=417): r0 = open_by_handle_at$auto(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x1b}, 0x403) r1 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x6, 0x1000}, 0x5}, 0x2, 0x100) waitid$auto(0x8, r0, &(0x7f0000000300)={@siginfo_0_0={0x5, 0x101, 0x10, @_timer={0x0, 0x2, @sival_int=0x7, 0x2}}}, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x4, 0x8, 0x1, 0x3, 0x7, 0x8000, 0x80000000, 0x7, 0xb7, 0x5d9, 0x5, 0x7ff, 0x2055}) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd14\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r2, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x105003, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0xb0) mmap$auto(0x0, 0x1, 0xfd5, 0x12, r3, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r4, 0x4008af25, 0x0) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x1, 0x7, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c336389cb57a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba34c4a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88cae099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b45843b5aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e687876fa291e38b7c3ef38643e2c49e0d46d0f2d53352da2f184c4ced2305865ab0ad1435644419773ea82336ffdf62dd325a6a8b2d199d96dba8a13bb5a86ff65b80818ceb37ee8a2b2a8813b33e474e5b110e1ed13dbc4f52efabbce38935a8ada53a0ed5a1a01453a254a1dc528492159591aa192ff6cfa0b372caf236c78d1a0c94dc37916746358b4cf3cc1c0132657818ce6465e58936dbf5991dfb74ff97382c066ba0ceb06ac4f0c005e4c9166e94161bc08e1c23df7ed3419b10ae229aa6bafb19e6af003c9e319956723d839dc50a7edd8d80bce971ba504e0aac811d76e65acffdc4f7e9836396ba98b824be6cc704c59f5849642b191437a5cf902fc1ac491e8c59241586c6791b282b5cfae57eb7e6792048c4769b5b3f21987ec5097e530fd001da5d2999db4ded708225e9a53a2b48d2be3401a063da3c19168769eccaef710d7c2e06818bb05c4a9aa0ce2785a5a6d2846bac9836f1905a9b042029dcc59d918450b6affb522fbf78116941c5cef4ecb82a2134ee8e67ea6091170b67bfc3abec9e2cfc8208d4ba3bb732230fe6a9470c1152ebdc31bbce93cb742b4484bc1cef4298ce897a36c7e8b3ef8bd1b0e3d4dfa46da8bf89b06d67d8a5da465e8f68f999ec38ef8d1b7972125d2d8492680f6698419313afb74b5f715c90aa5ca0a6ea5561acd89a25d0fd066234b1752d6535251be347d8e69afea162f0ae84aa08a1a5475e6860af5956babe0530b6349e918fa97f14e6a83f7e2054c85ec37424757c49c6b76a889cde8473eebc495ac1088fda54f5c70bb17ef4873bf7b524ae892cd8267adfcd1e7054ac0c8b904855f816cbab8a6c5332d2221060b97931130187e1f07b0b9fad917c06f56d3f9fbca9d0ad93c300d88a6025359eb609e86c2b604d6834cde1351ccb0ba238715d6a77953f58b23a78db05bc38cf1e47d5336226a966af0a88fa19b4d992fc82310b7fceee45a202bfdf759dedee618361082881f91f85020e5282fd6a4ff376455f09bd1ca73b16549"}, 0x6, 0x3, 0xff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0xdf, 0xeb1, 0x401, 0x0) r5 = socket(0x1e, 0x5, 0x0) openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/netdevsim/netdevsim7/psample/enable\x00', 0x6400, 0x0) ioctl$auto(r5, 0x8941, 0x8) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r7, @ANYBLOB="dbdf250300000000ff0f00000000"], 0x14}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) fcntl$auto_F_UNLCK(0xffffffffffffffff, 0x8, 0x2) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) 1.640208103s ago: executing program 2 (id=418): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x1, 0x84) r0 = socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = eventfd$auto(0x80) readv$auto(r1, &(0x7f0000000380)={0x0, 0x8}, 0x8) read$auto(r1, 0x0, 0xcc9c) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth0_to_bond\x00', 0x0}) bpf$auto_BPF_PROG_LOAD(0x5, &(0x7f0000000080)=@query={@target_ifindex=r2, 0xdcd, 0x200, 0x81, 0x5, @prog_cnt=0x1ff, 0x0, 0x6, 0x4, 0x4}, 0x1) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) timer_create$auto(0x8, 0x0, 0x0) timer_getoverrun$auto(0x0) write$auto(r1, &(0x7f0000000400)='\'\x00', 0x8) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0x2000f, 0x101, &(0x7f0000000000)=@in={0x2, 0x4e22, @loopback}, 0x1c) shutdown$auto(0x200000003, 0x2) listen$auto(0x3, 0xfffffff9) 1.383109034s ago: executing program 0 (id=420): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000380)={0x8, 0x1, 0x9, 0xa, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x5, 0x9, 0x3, 0x5, 0x8000004, 0xb4, 0x9, 0x3, 0x10000, 0x80, 0x7, 0x0, 0x8000007, 0x2000, 0x200, 0x0, 0x40084, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, 0xb8a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x1fe, 0x200c) (async) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x123042, 0x0) ioctl$auto(r0, 0x921064b1, 0x8) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1e00df45"], 0x1ac}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async) recvmmsg$auto(0xffffffffffffffff, 0x0, 0x7, 0x6, 0x0) r1 = socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async) getrlimit$auto(0x8, 0x0) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r2, 0x4, 0x7ff) ptrace$auto_PTRACE_SET_THREAD_AREA(0x1a, r2, 0x3, 0x1) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) (async) r5 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) (async) r6 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000380), 0x80180, 0x0) readv$auto(r6, &(0x7f00000000c0)={0x0, 0x7}, 0x6) sendmsg$auto_NBD_CMD_CONNECT(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x30, r5, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x474d}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x1}]}, 0x30}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) (async) sendmsg$auto_NBD_CMD_RECONFIGURE(r3, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r5, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x2}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xfffffffffffffff3}, @NBD_ATTR_BACKEND_IDENTIFIER={0xe, 0xa, '#!{*-[:!&{'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x14}, 0x8000) (async) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.370130214s ago: executing program 2 (id=421): socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = prctl$auto(0x42, 0x5, 0x0, 0x1, 0x100000000000001) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty20\x00', 0x450000, 0x0) (async) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/tty20\x00', 0x450000, 0x0) ioctl$auto_TIOCSWINSZ2(r1, 0x5414, &(0x7f00000001c0)) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000040), 0xffffffffffffffff) socket(0x1, 0x4, 0x10) (async) socket(0x1, 0x4, 0x10) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) (async) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) (async) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) (async) recvmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) mmap$auto(0x0, 0xc, 0x5, 0x16, 0xffffffffffffffff, 0x6) (async) mmap$auto(0x0, 0xc, 0x5, 0x16, 0xffffffffffffffff, 0x6) mbind$auto(0x0, 0x8, 0x10000000000008, 0x0, 0x2, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x80, 0x77, 0x0) rt_tgsigqueueinfo$auto(0xffffffffffffffff, 0x0, 0x8, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) lstat$auto(&(0x7f0000000140)='./file0\x00', 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) 1.232754579s ago: executing program 3 (id=422): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x3, 0xa) setsockopt$auto(r0, 0x0, 0x6, 0x0, 0x10021) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r4, r3, 0x8, 0xff, r1, @relative_fd, 0xe600}, 0xf) r5 = bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x1}, 0x4) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) read$auto_tomoyo_operations_securityfs_if(r5, &(0x7f0000000180)=""/22, 0x16) 1.231861062s ago: executing program 1 (id=430): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0fee66508c411b43a79907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) close_range$auto(0x2, 0x8, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/031/001\x00', 0x507380, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) socketpair$auto(0x2, 0x2, 0x8000000000000000, 0x0) mmap$auto(0x2b, 0x2000a, 0xdf, 0xeb5, 0xffffffffffffffff, 0xffffffffffffffff) sysfs$auto(0x2, 0x26, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='U'], 0x1ac}}, 0x20000040) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc6}, 0x1, 0x0, 0x2, 0x9}, 0x7}, 0x3, 0x0) 1.07597515s ago: executing program 0 (id=423): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = socket(0xa, 0x5, 0x84) getsockopt$auto(r0, 0x84, 0x14, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0) r1 = socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x200, 0x10000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) ustat$auto(0x801, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0x4038ae7a, r2) listen$auto(0x3, 0x81) ioctl$auto(0x3, 0x8905, 0x38) r4 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x880103, 0x0) ioctl$auto_USB_RAW_IOCTL_EP0_READ(r4, 0xc0085504, &(0x7f0000000040)={0x6, 0x0, 0x80000002}) close_range$auto(0x2, 0x8, 0x0) io_uring_register$auto_IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f0000000100)="4a615db35e49523ada514900ac6b165254c45a3f6bae2fbdbeb38d4667ac4664c3653a13ddae3b10d06196107f4670e91d31750c273f7e81bf0c7cc4e96b5a1e725ead73a172ccfdb5833a44777c5dd08cb486bf6f4fcb6ed82c79c334ccccd20ad6eaed36cae47db5419278037a668c78f538a5be27b08aaa03d41b1b8a0bef586920fd4a20f30b12aaf631f8735f37d37ac4a78660dc7ac8", 0x101) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) 1.075036325s ago: executing program 2 (id=424): timer_settime$auto(0xffffffff, 0x9, &(0x7f00000000c0)={{0x400000000f, 0x10008}, {0x9, 0x2}}, 0x0) (async) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0xa0342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) (async) r1 = openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) semget$auto(0x80000000, 0x13c, 0x3ff) socket(0x10, 0x3, 0x0) (async) r2 = openat$auto_full_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) read$auto_full_fops_mem(r2, 0x0, 0x0) (async) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x6, 0x1) (async) ioctl$auto_FS_IOC_UNRESVSP64(r1, 0x4030582b, 0x4) (async) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) getsockopt$auto_SO_MEMINFO(0xffffffffffffffff, 0x200b, 0x37, 0x0, &(0x7f00000000c0)) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/platform/dummy_hcd.2/usb3/authorized\x00', 0x81, 0x0) write$auto(r3, &(0x7f0000000080)='0\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0x48da548d) (async) getsockopt$auto_SO_ACCEPTCONN(r0, 0x7, 0x1e, 0x0, 0x0) (async) write$auto(0x3, 0x0, 0xffd8) (async) unshare$auto(0x40000080) (async) mmap$auto(0x200000a, 0x8, 0x8000, 0x200009b70, r1, 0x3f2b) (async) unshare$auto(0x40000080) (async) socket(0x1d, 0x1, 0x7fff) (async) r4 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r4, 0x110, 0x1, 0x0, 0x8) (async) socket(0x1f, 0x3, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0x2000040080000004, 0xe) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) (async) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000580)='/sys/power/disk\x00', 0xc0082, 0x0) write$auto(r5, &(0x7f0000000340)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,D\xbf&\x9eb|\n\xee\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbb\xbb\xf9\xcdz\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x1d\x88mr\xfd\xf1\x1b;\xabt\xd1a}\x10\xab\xeb_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:kJr\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL\x15/\xf9\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\aA\xe9(\x00\x00\x00\x00\x00N\xb5J\xc8A\xc7m\xbf\x19\xae\x9d\xcaR\x0f\xa8\xdf\xe4M\xe1>k\x93\x01\xe5\xba(\x96K\xc1=d3\xe00u\"`]\xb3\x11a\x1cSn\xe7\x87\x84\x93\xe4\x90]\x86\x10\xe5\xacK\x99\xc1$\x91\x05\x00\x00\x00O\x01xc\xa8\x9a\x1bK\x00\x00\xf6\xa2\x8a\x7f4\f[BLH$6\xfb,\xd8\xd3\xd0\x8b\xb3yA.\xb4\xbc\td\x9d\\\xd0\xff\xd2Y\xc4\x9fT\xb2\xd5\r\xf1#\xd5\xf2\x9cU\xd1:+\xb63\xae\xc1\xf7\xe1\xd4\x879?\xdd\xd6\xd4\xa3\xc7\xd8 S\xfc:\xe1{\x16\\h\x9d\xbc#KEC\x1a\xf9KH`\x82e:_\x9b\xf1\xc1\x8e\xf0\xc46\x98\xd6u\x90\x18\x8f\xe8\xc3%\x8e9\xab\x7f\x0e\n\xb2\xa4\xef\x90\xb16\x04\xbc\xc9\xdc\xad,\xcc\xad}DY\x1d\x1fv\x90\x97u\xa1\xfb\x13\xa93\xb6XJ\x84\xe3\xc1)\x98\xae5q\xa5L\x87\x1aq\x1d0\xf1\xcb\xe5\xf4F!*\xf9\xb3,w\"\xf2\xd0\xd1Vj\xd0\x06\xcc\xbc\xee0\x98.\xd9dC\x8e9\xfdM\\\xc5&\\\x9b\x81\x88t\xa4\x9f\xd1P\xd2e\x9c\xf9\xd2\xaf\x00\x00\x00\x00\x00\x00\x00 \x00'/478, 0x8000000000b) 869.985895ms ago: executing program 0 (id=425): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20005, 0xdf, 0x13, r0, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4, 0x4000000000df, 0x78, 0xffffffffffffffff, 0x300000000000) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@nl=@proc={0x10, 0x0, 0x25dfdbfd, 0x2000}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x4, 0xeb1, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x6) madvise$auto(0x0, 0x240007, 0x19) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) madvise$auto(0x0, 0xffffffffffff0005, 0x19) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x1, 0x0) socket(0xa, 0x3, 0x3a) epoll_create$auto(0x2) epoll_pwait2$auto(r1, 0x0, 0x7, 0x0, 0x0, 0x8) sysfs$auto(0x2, 0x0, 0xffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r2, 0x0) socket(0x2, 0x1, 0x800) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x64842, 0x0) openat$auto_dfs_global_fops_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ubifs/chk_lprops\x00', 0x40aa2, 0x0) 866.97801ms ago: executing program 1 (id=426): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000cc0), 0xffffffffffffffff) mremap$auto(0xb6a3, 0x4, 0xfffffffffffffffe, 0x3, 0x100000000) timer_settime$auto(0xeffffe00, 0x100, &(0x7f0000000200)={{0x20000007, 0x10007}, {0x5, 0x32}}, 0x0) sendmsg$auto_NL80211_CMD_GET_MPATH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="010325ed855bea5a5fb5a36838f3850f73bd7000fbdbdf2515000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000895}, 0x20008890) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r1 = socket(0xa, 0x3, 0x3a) semctl$auto_IPC_INFO(0x9000, 0x9, 0x3, 0xb) ioctl$auto(r1, 0x8916, 0x1) r2 = socket(0x2, 0x5, 0x0) sendmmsg$auto(r2, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x400000, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) close_range$auto(0x2, 0x8, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x8000000007f, 0x7f, 0xe2, 0xeb1, r2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/module/au0828/version\x00', 0x200, 0x0) openat$auto_bm_register_operations_binfmt_misc(0xffffffffffffff9c, &(0x7f0000000640), 0x401, 0x0) write$auto(r3, 0x0, 0x2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3a) mmap$auto(0x4, 0x20007, 0x200000000000de, 0xeb1, 0x40000000000a5, 0x8002) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/dummy_hcd.3/usb4/bNumConfigurations\x00', 0x80400, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/pids.peak\x00', 0x8000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = socket(0x29, 0x2, 0x0) setsockopt$auto(r5, 0x118, 0x7cfe7caf, 0x0, 0x8) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x0, 0x9644, 0xdf, 0x9b72, 0x2, 0x2d4a29c0) pivot_root$auto(0x0, 0x0) 691.628125ms ago: executing program 0 (id=427): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/net2272/parameters/fifo_mode\x00', 0x24103, 0x0) 577.165894ms ago: executing program 0 (id=428): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto(0xc8, 0x800454d7, 0x5c8d) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) r1 = prctl$auto_PR_SET_MM_ENV_END(0x7, 0xb, r0, 0x5, 0x1ff) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/psaux\x00', 0x40000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2, 0x1, 0x0) getsockopt$auto(r3, 0x6, 0x23, 0x0, &(0x7f0000000100)=0x3b) poll$auto(&(0x7f0000000000)={r2, 0x3, 0x4}, 0xb, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), r1) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x1000, 0x6) mlockall$auto(0x800000000000005) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r5 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_GINFO(r5, 0xc0f85403, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'netdevsim0\x00'}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r6, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x70, r7, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_TX_PROFILE={0x4c, 0x1e, 0x0, 0x1, [@ETHTOOL_A_PROFILE_IRQ_MODERATION={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x1}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x8}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8, 0x3, 0x90}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x200}, @ETHTOOL_A_IRQ_MODERATION_PKTS={0x8, 0x2, 0x7}]}, @ETHTOOL_A_PROFILE_IRQ_MODERATION={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0x6}, @ETHTOOL_A_IRQ_MODERATION_USEC={0x8, 0x1, 0xffffd383}, @ETHTOOL_A_IRQ_MODERATION_COMPS={0x8}]}]}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5, 0x19, 0x1}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_HIGH={0x8, 0x16, 0xd}]}, 0x70}, 0x1, 0x0, 0x0, 0x1}, 0x810) mmap$auto(0x15dc70e3, 0x402000d, 0x6, 0xfb9, 0x401, 0x10000000008000) r8 = socket(0xa, 0x1, 0x84) getsockopt$auto(r8, 0x84, 0xe, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_PSE_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)={0x2c, r4, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@ETHTOOL_A_PSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gre0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x400c0c4) 542.866808ms ago: executing program 1 (id=429): r0 = fanotify_init$auto(0x5, 0x2000000000002) socket(0x3, 0x3, 0x1) unshare$auto(0x40000080) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r0) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)={0x158, r1, 0x10, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_FTM_RESPONDER={0x144, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_LCI={0xdf, 0x2, "a1dd103c2198b6e230700d26d57f81acad4d2d00aebf51b3e2957c642c9d65ad05516685fa5f20cbad851e524c2b191105f4e0d3ec4d303247465983c451565eee2da7d0ba26e1fd44b84b3d7b1f8cc19430e5571a53a04e48fe4222c044ed301a391f67ec3394d86b7f20e598a2f9b544c84dc75014ff79c4ea378c9d00ab954b620ec82e6faa80cf1c81f93467b4b1d5ea0ae15da62165729bccc548cf8f5e1e891a2d5929ac58c9fe7348ff4c116963f972ec0726d1da2defe95ed396115863f12af8dc80e7e88d8c9849576c93fa641ffece82447bf7170a81"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0x58, 0x3, "6352f8010cbc750b1d87dfb59806e60c806be5f8487a8a8f242573602d3e27f768a4d5fd72f77eb982f0f3d5c83a0f314bd60ce870932bb0eb7c613275222196246347a085b8421ae3473588a4c4521f3b10dd5b"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}]}, 0x158}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000c800) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="e5b724bd7000fcdbdd251900000018000180140002006d616376746170300008000000"], 0x2c}, 0x1, 0x0, 0x0, 0x4010}, 0x4048800) pidfd_getfd$auto(0x3, 0x1, 0x100000000) 399.855823ms ago: executing program 0 (id=431): r0 = prctl$auto_PR_SET_MM_START_CODE(0x0, 0x1, 0xffffffffffffffff, 0x3, 0xffff) r1 = ioctl$auto_TUNSETSNDBUF2(r0, 0x400454d4, &(0x7f00000003c0)=0xd) unshare$auto(0x40000080) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r2) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'dummy0\x00'}) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000100)={0x7, 0x7030, 0x4, 0x80, 0x5, 0xffffffffffffffff}) sendmsg$auto_NL80211_CMD_SET_BSS(r2, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f0000000500)={0x124c, r3, 0x2, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_TX_RATES={0x1218, 0x5a, 0x0, 0x1, [@nested={0x10e0, 0xbd, 0x0, 0x1, [@typed={0x8, 0x57, 0x0, 0x0, @fd=r2}, @nested={0x4, 0x7}, @nested={0x4, 0xb1}, @generic="ab677631cc1a4056c5f908b063d0e38fc7405f9ea0d3e444839f81e44c8f5f45762ef37f784f0a127a9aa335a55fc2b49a5c3e6b3f4bf14bdaea23f63251b8820ce47abdcb70cae867d11146260dd43f333871a6e1c538c991989f300a3dacb477aabeb8ce34b5e05e589733118e78e566641a86730537769825553ee3efd633c7b4b88fe798854690f10d228924b30b46d26d769463307e3165e1df2f11c574f47c45f4914198593dc69481ee41b108b89515fe784781e6", @typed={0x8, 0x3a, 0x0, 0x0, @pid=r4}, @typed={0xc, 0x7e, 0x0, 0x0, @u64=0x7}, @generic="5fdd7749e790aed2feac76266aa7ffb452b976b0c0776828c16d571c5fa22c3b8ce66cfde9d456312a178835f8acd777d81e884fd5b0dcaa93756a40b7ca717c21a18a248c78e520e9cd16538206cc585826e20333daadf94a86288ba04b55e50a8e8acb84b052a814e6874fb9a2810e6635a78505d3261bd2c3643cf97398ba7882938721012936a54343927b423ffe68a31ad53b21fc9b5a906bbbdf6dcd6e063f892f863243a0ef67f5610848b46a84c4d3091663a3556b08c929b578fce84d4b9b3e5189d7246b276934c50eaba63b848c79a58dc816140139028e498db34f03de4461a65dbcf17eab71ecd1ab19c1969c39b47b1eb7b38c8b87237e543ffaca4f1b8718bdf07bd010db7799c2e1fdfcc3a372d628c4ba4f94e7cdd8e47fc8e85363931bc5e2ab1b71a206fbafe9d28912de19268076fa25756136176717c949d52e2e91bc5a3fb2db0014142e4a5edb447e0e45234c961b993094d8cbc660098ab3e7c3a2ed58e927fc6fe4cef566efda192bca26809b945ed65acb1c1cb29cda0748ba6e825a3e03af2d444d83de6eb4e43fa30e0eb1630eb35d64a91010afc927a97a55350d017130f4a9fe660e3749c6dc3aa9ee5fa7362917e9a70c02b7d56181fcc9086ff17ccf612b11223e8c2e8b1485518cddfb0f01b90c9e9cb45e0eb12db0d49b838a959c320d7af2952e33ef0ad69ad901e60fec0a450e72ae4285deebbc34b3ccb104d3090a6768f54e4ac841095cb994440eb20444cc641df392f60a1e477a0b72b5d43ca702a87d8eb018361f99a3d1842652dfcd67b9852a1ca65b121cd59f7ec3f33a384bcae7026059a191d9a35ad9ec4b05a6798e27d5252c0ebc1722f90d4104d8938c1d80d6ba4b2a50eb635baf05879e9c1f5adbd2ecc4ee81fb519824c956823143f53b3aebafb7246501f7c57ebb7a9fc16e246893415c24c3f7dcc7b790b929bc0237f2b2fd015773a0bb368c127b4a8e08f49903ce772ee2bed4e6f7efcc98f80e42aa3cdb35a7179bccd42e7542f9e689a4d113508d3ebbf7cf208e8a43f80a073fcf3349d32a4c2e2bef457509007c81321f5eb9224e768941f7471835bfb09336814b9b418e119fbc96dab94b05f3b5b3918c9c52182ec8e1fd78d4c0afeb08e8aa6d3784d2345b7c4475441dc95b52ac5bd312bf93dc8a217cf612238be7284f2264d0217ac9cf612b05e7728f784695371de7715e8255736bb463e5c787778aea7997023680d1728df50edcbd125506d33a4d67f033967fcc520c824e86f2e4edb105eb6ef8f5770e85006eea490d3f11681941737fa4b4d3c592cfa9e9204a69e7a18680715a1275f84b6985f01d0cc2a69ac0a445cc89e332fbf74a3ff5f7cfb32e989eaf7e5232bd52bbe9b5aaaa1cb18496a32a72d9cf835cba907dc4f858b653f39b4c6d5bded4ebefec091ab609f6ddc3285f5a2f9d203a1e07668ab97be63af3cb3cd53177215e01dccbb34a0ce3cd970a97819139653be55d273142e21ca121a3a50bc3f1fe32e05f4ca066f75b9be8586eb8e512e0a85298bcf081df4bdde9596dde713169005832fd956bd4004f8c562e968066fe0ef2d9f76d95e0ff5ef0ce181699821db9a8b12ba56b1ce183b649b18b44276131b6df668fe3b7ec716d0093041ba51f32dae9070c1d00940d18074497743a01c039bab5300f9f6a0aaa1b16da7da01ecb39493711f66f95f55e9da36a675379d1dff6a370f4c60ed1ebac07a07c8f6ad19816a41ac8e494a1b094ef48a21c894083fedff1e595cc68a9fba52137588afdfb7cffa22d8b991378b7932834136f8e15acef410d6907f83437c91b91bbb09b84ad105b23bc4a5d69d68a10bc2966edf7f9ea0e5d87e81875afa56355bfafa835cbe6cc025532a9dfdd9b752c517c412beb668c6f9a402ec535879aa72b88eaa8ce1aee0fdf986d2c60e3afd5b9499ebf09c53417b77041de9ef5ea2c5b204a14e58eaafe217c51771f96f9131256de6894ba144fd8546556eaa52ed0b96c7ffb113112ebb7caab054a8bb58011b843bdc112562e81d1b687e2d6a6c27922734fb1004a672d87db682c708a4532040392c1c0c2fb6f07982bde6f15f85c62568ff14ba9442f1475c11e42876ccf9ced1f1e09880879e97f10a98a6656281df82acc0b1e024eaf0edc299f59f4fdea5aa6e59c490b142d2093e911a59e2d5ed81305c9fb04b403c89c7a0452fec3b7a7e6c4a2082ad7ebe2fb1954dc43797b21d7ada4942a0e0c7ebc9f217f33d81b6938b290de25b9a925452b4af653013d6b2e34061c9666770457248fb637c766a7f20e58d36af61a8c3968361526f6174b7a8bbc1040fb84084b751f8623919705a73c16d08d1bc39ef51d2a59ea1144373eb535200bab733dbec5a28a40b162be18b801b2f13694b3057329fce7e9121075bb567d2b2ed05e0cb578560cc088144c461f952a678c78a98043090c63ebacb5be662bdeddf3bde2dd6ab33d598e1835f5812f6031a0827655225e2d8b0176d7262a26899c8701865441fea157e856b3dffd1bbe6c585a29f3031dfa12c824a3def692b8a10a8bbd375479f918fe3eceb675bdc21285ee74a41a80e2699550be8bdf6aecbe789b77ea62f7f9cdb9ff20b69e892af777b57961c059d7bed617e63854bd6abfcc21ddd8547f0ac28f52171d7514859d5eac3c203f2072e763ea5403697c8fb4538462c379f33e8de40f4565991a982814f9b7f1d97446d23acdd18e081926bfc5a27c919257ab67536f22a541a4ba4cda3872455f4ab6c89c0a8c32a711928aa4c014e822ffb53187d21a3bef6e349c70aefc01a0a4b22d0b9df9dbf11eb7a7b903973f7a561b634254416fd3b60433424aa8870b3a6da9d9892a67076de62adca6cc010aa270e5cebf38e97d59a85b520ee45cfa0378c3cb3708b32a64484547c086997d494fff165ae563a0f201bf3935692c4c4dd55b6e8d2f1a60baecd688460cb72c864f7f57b46fc714e7e4d63d88450151b81f16c6e4cc2cd5a0d7d90553df18bbb556c2187dfc828160d297df5f0bee7ef2ad699ba357e1197ac88965fb2640733de42a8f49aff70b94537b974f9db7a0bd6cbaafbbbce9f9c429a4a7d099d9710c4d613c7380616c2ed3d0e50acec788e658e8d282a429c1d80b3250325d02fc97121c6f8e19e5051107ac16dd294afe49f6cd7c025dd74c3069b8a4bc241c88c4364933b2d910ac7e3a7a46ae21c2996468609a80097690de627870000f4b124becd068f1422b19f9a37bdee219f6fdf28c82f6447a8f67a98878b95fc45cb307c400d7177e284954ccd5bef140caa389ac3aabcb194b8f7fcff57d1c12d4e089a66474a483b14ac1eb8d58fe9c2f15591251f52fdb9aee9d836bd8c4dd86fff210086d79c4c948940c2f332f46e235b5c81ee6bb5cf3143a01dc229c966067770baca76959cd9edb8c4e78d9a041c056a77a7b4dd58e61f753cc170f3900ae998b26b9d0725b7224bca05a20325a3248ca237822abd51fd7ed9ff1c2e2224792a8e73beaa0193d47756adf8c529c236f7f7507c491836195c65b3079a0a33d3cd7daddc267f7f1e4587db25baefd90ce9771170440e22ad23eff1dc240b31945cbbccfbd254b1b4b2b3cb1e2466e95c91388daf523e93dab83483cf2ca3cf5b323145410806afd9b45f827b66065016534cf9ed1f3704701fc85d95531ba21bfecef8eed3bec0294b3123f25a31d0f4e3380ee9e0b8a1e31ecc83325ffa7d2853fe1102e1959f397f8d67abc20d78a77b6db40762dee2d91d954f0bac8c42b85b5de79cb1ffce516fa3b128cc9e3ad3dd3793ad684ba888bb214958490cdc810d5ff2eea15e97645cd91545c108bb9ceb0510b85fc47fb4afdc2f43939ed0f890be2a174a52c35f16eccfffdb16115f4fb438a92cbb99405d1db6606ccc6da079a0ebfb6bb9d17b5105eaace314061aaf787969aab61bc1a88004d4c351f09de30d3e49765ad10fea32409eb8ac899712d9e3e73e6e723267d7b6f0ee54306a7e58317f3da29fb45589a25653dc986eb81a016b2e7cc9a6654e9b44bd2e92938af678278e29fef817c4234fa17cb1f891f87709863cbcb640c23134e70b669fb1e9c7130ca2584c2accaaa4d1cfd995e0736268bbd80027b0fb2353e18d4de4e788ef3be9e7643f966974631856b4dd8bf60aa9317af7cb50b77572561aa6d54a1481ebd87ce7b73180b1231b4a626da62cb2e0a840486fab1a55531e2107ec9d61dcacf4f44db077a31f13a1b6fa3d8a7f19efd68ba6737ce9169965e18d921a1a2ade4606994205349b406478d1c8181155b94451c946a81286de4cedfdaecd1b15708f51e8578bbe32080a66868d301a8f68f6c8484fe9d95e7ec0ed15a42596888de8d232f99905d08c1aa08b2851ded47a8763cbfc1a18814c6097b055dc55e627ea9d9b1f3e40745624963b7c0a9c66bc25b0d722d80990574ad3010eb46ef4496e37e16f6a1bd065abd057f7d83f991951a08d1080ae9bd758a11b0bc725c46a6f5ba1b4873376996a31a3a131e175fe62ee578407f3fed77eba62a3ac74e4ee57f19432fc84b9dfb4370f9a0d490e62948a500673c4c3011d8862b66bc73f94764789b7fd02b6176096d8834a51693f7bd7cd6b55c6aecb9fe47f458b721bdbefa4dd06173e11e32790b56ad9bdb78329ee9f54635e9ce45d30f9ef180b000707dbb6262fbd6847e7087ae8a3ddc375450f068833aaf1c5a6db6f173b6a31d9cbca176f3ca9c92984d24c65586e3fb539821290074f663d588840f4d94dca402458ef2cf204b5645076a25fde45cf80edf66f33af332537b825241e8948d5dd1706b0b15528a85903c47a23e8a84622a7d07a4947210cbeb9dc3ad65019aed6cbe154e29a2304ffa3e10fc325d890f2e738f21703228833c80cd52ea7ba08f42851d67f483b33904430b2f4ac137e6b1b14b7e4f53db990db1ac6b173c46c0b14ecc68ad32e79a4c0e71e4339ce2feb6c766f3ab3206697a4ae8bc01c299d5326e01763c4da29b71254c1fb4b961b4d46e7703dcd9ca067fdde660f8f5b99900001a5c0d51471a82ebfaea00bcafbb857504b513085008678eee5184a708ab86992cf8e3b42bea38c9108e996455a1855623d944853332f1b1274568f734c85cbd2d427d4929fdaa63a4069162ef71ea1fdaf873f88d302525e156f6ae3c64ed2c64deaf1d13b2fae3ea2643908b1dca55f469a9aa39769462968afba71263f04eada135f17bd276f35048ca53484363a97dd7efb2b7f75875446dc290bf07b80724830577778bcca0388dfbb1e763ea50f74be78d8827e73553f7763906cdca2fc8421f0d59355613312aef11cedbdbb91fd57296ef5c245ebf2e578fe389f470e3ae67e29c9d0d9485fcda18227f0317e641f67b3b1a87175087e702074734edb1a7cb2876c649efd6873588dce2e1a60082995a8259f2081761a673b5f61ffd1084863e6ac712d41622f79b3bff69036fe2554da1e5e980bd6945bb21149cd327854c25a366acfd08d4e04370666745b2747766176fd1ba019687426260efa5823df44a7c0ba0acd36c94d2e690b5de95e7185e3a6d1fb0d55edde7ae27d96bcce834453dd2c4b829eb10dfa266fb1278ad162c55505afb039ddca7f74b89f29b4df73b09fcfec29b41521e89cde61ffb5f7637cbf30e1fe22022890fb8d3565c0d9d721319632fd79181fa9c314bd1d45db530d845d21ac0972b8afe3b9af0074977a3e5ea9b345af18ce09f11fc839153e0"]}, @typed={0x8, 0xdb, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x14, 0x46, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}}, @nested={0x98, 0x43, 0x0, 0x1, [@typed={0xc, 0x8c, 0x0, 0x0, @u64=0x2}, @nested={0x4, 0x50}, @generic="6d6e6a7aab2ff7e8120a359f7122a76ff68213d7035f172c2343935d00ca99dd716781a2c0c5bf80995bcca4025337fee7d5f35b95454453e49a8efe58139c7e6c29e1d6789c44487337303f6ec33388347dfd45116d68782e84ebfe91e344a7ff242854f5f73f2affb3ff029500cc19", @typed={0x14, 0x14f, 0x0, 0x0, @ipv6=@local}]}, @generic="8ae9c5d6f84625b1ada6d90ec8c005b7d7e8a77bf9b9d339945e8c7ff8730a4e30024f3923638bea74ce62e418c7f7fb2f9a3d60dfa21d824be85719210696cb581c32785568e2205edf92b5fd6d67684dd09c75b18abdd34fecb2e8c1c28b0e54dc1897a9214bff9357244751838144a4dd182d289344dae01266dc", @typed={0x4, 0x12c}]}, @NL80211_ATTR_MBSSID_ELEMS={0x4}, @NL80211_ATTR_CENTER_FREQ1_OFFSET={0x8, 0x123, 0x7ff9}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0xffffffff}, @NL80211_ATTR_FILS_NONCES={0x8, 0xf3, "3b1a4819"}, @NL80211_ATTR_HANDLE_DFS={0x4}]}, 0x124c}, 0x1, 0x0, 0x0, 0x24040850}, 0x24000090) statmount$auto(0x0, &(0x7f0000000180)={0x3, 0x1, 0x9, 0x7352, 0x41, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0xb, 0x3, 0x5, 0x101, 0xb4, 0x9, 0x6, 0x7ff, 0x84, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0xb4, 0x4, 0x0, 0x0, 0x0, 0xfffffff9, [0x7, 0x0, 0x68, 0x0, 0x100000000, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x1000000000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x800000000000000, 0x7e30e0be]}, 0x1fe, 0xf) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r5 = socket(0x10, 0x2, 0x0) msgctl$auto_IPC_SET(0xd, 0x1, &(0x7f0000001780)={{0x6, 0xee00, 0xee00, 0x1, 0x5, 0x7}, &(0x7f0000000440)=0x1f, &(0x7f0000000480)=0x72, 0x3, 0x6b9, 0x6, 0x8, 0x8, 0x0, 0x4, 0x40, @raw=0x3, @raw=0xa2}) msgctl$auto_IPC_RMID(0x3, 0x0, &(0x7f0000001880)={{0x86, 0x0, 0xee01, 0xb20e, 0xe, 0x10001, 0x800}, &(0x7f0000001800)=0x9, &(0x7f0000001840)=0x3, 0x1, 0x3, 0x8, 0x6, 0x7, 0x2, 0x8, 0x10, @raw=0x2, @raw}) sendmsg$auto_NL80211_CMD_SET_MESH_CONFIG(r1, &(0x7f0000001b80)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001b40)={&(0x7f0000001900)={0x22c, r3, 0x2, 0x70bd25, 0x25dfdbff, {}, [@NL80211_ATTR_WIPHY_RETRY_LONG={0x5, 0x3e, 0x2}, @NL80211_ATTR_SCAN_FREQ_KHZ={0x1a0, 0x124, 0x0, 0x1, [@nested={0x65, 0x4e, 0x0, 0x1, [@generic="807dce974b2a525a768b6c2f17b3e8110a0ad97b66", @generic="430cb870803784bd1e78bbe79aaf3358404cd5fdcef2144f9afb24298f784d88191f2579f20fea6ef616e9032b489160066de7d86c1596042e7119dcaa700371f505a55ce3e8245035b549ed"]}, @nested={0x2a, 0x11c, 0x0, 0x1, [@typed={0x8, 0x5, 0x0, 0x0, @uid=r6}, @nested={0x4, 0x115}, @nested={0x4, 0x11}, @typed={0x8, 0xc5, 0x0, 0x0, @uid=r7}, @generic="b456b5f99c95d8415eff5a6a5e36"]}, @nested={0x24, 0x62, 0x0, 0x1, [@typed={0x8, 0x39, 0x0, 0x0, @u32=0x101}, @typed={0x14, 0x2c, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, @nested={0x4, 0xa9}]}, @typed={0x6, 0x53, 0x0, 0x0, @str='\xff\xff'}, @typed={0xda, 0x93, 0x0, 0x0, @binary="a92339544b175d1dea6ed4aa0e42c6c8f2e9a2f7daa54e8bcab4ffc1d3ce7abd8d860d924d012c9d61b78c6f8387134ed2589c719bf8d681ff112a1b801093d6180c7ffbb333719b799a565868ec7ae5e1a985dd4822b16ed258ba2f88ff1485af55e47953331c0e4412251e446c649ae839d4c99389c95f962ba4d6394b3eda8f0440590bcc99ecce84ed1275cec38bf811fef53abf84ee1843aee1c56ebac49cd209aa6f468d70744609a622ec852ac037ca06620f34a9cbc213da46b735b12be666a3df05904ddfc0c42629d93a1f7d1767db9706"}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xc}, @NL80211_ATTR_FILS_ERP_REALM={0x28, 0xfa, "5db9edb28b9169dddb69f37a9fe2c487663ea0d946e4b6bee4cbfa078d834b28558323bc"}, @NL80211_ATTR_MAC_HINT={0x40, 0xc8, "512d9a444197140045e88f2612d52dea1107ae1de51de02ffb89e89414231a5f0fd7ed4bfa24daba09e1bddd5d2c33bbf58fe6744a60b55f78cde253"}]}, 0x22c}, 0x1, 0x0, 0x0, 0x810}, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008004) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r5, &(0x7f0000000200)={{0x0, 0x2, &(0x7f00000004c0)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008) 318.234ms ago: executing program 1 (id=432): mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) r0 = socket(0xa, 0x801, 0x84) r1 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x100, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vhci_hcd.1/usb11/11-0:1.0/usb11-port5/power/control\x00', 0xc2942, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x189401, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) sendmsg$auto_NL80211_CMD_CHANGE_NAN_CONFIG(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x14, 0x0, 0x200, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20000044) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r2, 0xae80, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@llc={0x1a, 0x5, 0x2, 0x1, 0x0, 0x12, @remote}, 0x54) getsockopt$auto(r0, 0x84, 0x6c, 0x0, &(0x7f0000000280)=0x1000c0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) 282.09201ms ago: executing program 3 (id=433): r0 = fanotify_init$auto(0x5, 0x2000000000002) (async) r1 = open(&(0x7f0000000080)='./cgroup\x00', 0x18d37e, 0x45) fanotify_mark$auto(r0, 0x451, 0x800000a, r1, 0x0) (async) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8740, 0x0) socket(0x1d, 0x808, 0x1) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/queues\x00', 0x20000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000000e80)=""/215, 0xd7) (async) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00') 443.399µs ago: executing program 2 (id=434): mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) r0 = socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000007c0)='/sys/devices/virtual/block/loop15/queue/zoned\x00', 0x20000, 0x0) syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000040)='ns/pid_for_children\x00') sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0xcb}, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x6, 0x0) socket(0x1e, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fsopen$auto(0x0, 0x1) sendmsg$auto_NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x0, 0x6b8c90062c2a8195, 0x70bd2d, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/nbd12\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) fstat$auto(r1, &(0x7f00000002c0)={0x2, 0x1, 0xe8da, 0x41, 0xee00, 0x0, 0x0, 0x4, 0x1, 0xec0e, 0x0, 0x4, 0x8, 0x5, 0x4, 0x8000000000000001}) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x710f}, 0xa) statmount$auto(0x0, &(0x7f0000000180)={0x7d4, 0x1, 0x401c2, 0x2081, 0x3f, 0x7ffc, 0x1ffde, 0x8001, 0x2, 0x4, 0x9, 0x3, 0x5, 0x8, 0x3004, 0x9, 0x6, 0x10002, 0x80, 0x400, 0xa9, 0x7, 0x1ffc, 0x8203, 0x400, 0x2, 0x1, 0x0, 0x40, 0x5, 0x2, [0x7249, 0xa9f, 0x0, 0x1000000000000000, 0x0, 0x180, 0x2, 0x0, 0x0, 0x200000000000000, 0xfc6a, 0x1000000, 0x10000, 0x40000000000, 0x0, 0x400000000000, 0x80000000000000, 0x0, 0xffffffffff7ffffc, 0x5, 0x0, 0x2, 0xfff, 0x0, 0xfffffffffffffffd, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x400000000000002, 0xfffffffffffffffc, 0x3, 0x1, 0x5, 0xfffffffffffffffc, 0x4]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20048810}, 0x40000) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0xfe, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 0s ago: executing program 3 (id=435): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/audio1\x00', 0x101001, 0x0) ioctl$auto_SNDCTL_DSP_NONBLOCK(r0, 0x500e, 0x0) r1 = openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000001640), 0x40, 0x0) ppoll$auto(&(0x7f0000001cc0)={r1, 0x7, 0x6}, 0x1, 0x0, 0x0, 0x8) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r2) r4 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x24, r4, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_GW_SEL_CLASS={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) sendmsg$auto_ETHTOOL_MSG_MODULE_SET(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x94, r3, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@ETHTOOL_A_MODULE_POWER_MODE_POLICY={0x5, 0x2, 0x80}, @ETHTOOL_A_MODULE_POWER_MODE_POLICY={0x5, 0x2, 0x2}, @ETHTOOL_A_MODULE_POWER_MODE_POLICY={0x5, 0x2, 0x6}, @ETHTOOL_A_MODULE_POWER_MODE_POLICY={0x5, 0x2, 0xf6}, @ETHTOOL_A_MODULE_HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}]}]}, 0x94}, 0x1, 0x0, 0x0, 0x8080}, 0x888) r7 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x3, 0xeb1, r7, 0x3) r8 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsa1\x00', 0x101041, 0x0) write$auto(r8, &(0x7f0000000140)='\x1c\x91\xb4F\xe2hsF!\xcd\n\xf8dA\x19\b{\xef;\xbdX\xbaCu\xcb\xfc\xd5\xd9\xf4\x1c\xff/x\xbc2\x8a)\x85=\x95\xf4\xbb\x1d\xd2\x1a\xf6\t\xbf\xbd\xbc\xd1\xe7\xc8\x9b\x99\xa7\x9d \x7f\xdd\xfa\"@\xa8\xc6\xa8\xf0A\x00\xaa\x12G\\u\xca\xc0\xd3<\xe5\xaa\xaf\x03\xa8\xc1|?\x0e\xb4)H\xf0\x13:\x98\x9a/\x85\x01\x004s\xabt\x9d\x18S7\x8e\xdc\x85B\xef@&h0m\x16\xa9\xd2\x15\xb5y\xec\x14F\f\xce\xc7\x83\xe8\xb1\xfa\xd0\xa5p^j\xd7', 0x5) mbind$auto(0x0, 0xfa9d, 0x5, &(0x7f0000000040)=0xfb, 0x400, 0x3) set_mempolicy_home_node$auto(0x0, 0x10001, 0x0, 0x0) semctl$auto_SEM_INFO(0x5, 0x4, 0x13, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.239' (ED25519) to the list of known hosts. [ 91.674721][ T5817] cgroup: Unknown subsys name 'net' [ 91.830121][ T5817] cgroup: Unknown subsys name 'cpuset' [ 91.839604][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 93.693981][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 95.559401][ T5841] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 95.569585][ T5841] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 95.578721][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 95.589040][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 95.590195][ T5841] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 95.597134][ T5846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 95.612218][ T5841] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 95.613042][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 95.619649][ T5841] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 95.628418][ T5846] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 95.635677][ T5841] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 95.642439][ T5846] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 95.653610][ T5841] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 95.662889][ T5841] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 95.668355][ T5846] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 95.673225][ T5841] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 95.683169][ T5846] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 95.688351][ T5841] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 95.696333][ T5846] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 95.698660][ T5841] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 96.237561][ T5832] chnl_net:caif_netlink_parms(): no params data found [ 96.320874][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 96.387236][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 96.482684][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 96.540930][ T5832] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.549454][ T5832] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.556932][ T5832] bridge_slave_0: entered allmulticast mode [ 96.564305][ T5832] bridge_slave_0: entered promiscuous mode [ 96.606087][ T5832] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.613537][ T5832] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.621412][ T5832] bridge_slave_1: entered allmulticast mode [ 96.628759][ T5832] bridge_slave_1: entered promiscuous mode [ 96.684023][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.691406][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.698643][ T5833] bridge_slave_0: entered allmulticast mode [ 96.705858][ T5833] bridge_slave_0: entered promiscuous mode [ 96.740552][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.747981][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.755166][ T5833] bridge_slave_1: entered allmulticast mode [ 96.762677][ T5833] bridge_slave_1: entered promiscuous mode [ 96.769851][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.777378][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.784542][ T5830] bridge_slave_0: entered allmulticast mode [ 96.791800][ T5830] bridge_slave_0: entered promiscuous mode [ 96.802695][ T5832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.850261][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 96.857465][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.864608][ T5830] bridge_slave_1: entered allmulticast mode [ 96.872449][ T5830] bridge_slave_1: entered promiscuous mode [ 96.881600][ T5832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 96.933372][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 96.940719][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.948013][ T5831] bridge_slave_0: entered allmulticast mode [ 96.955453][ T5831] bridge_slave_0: entered promiscuous mode [ 96.966456][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 96.988519][ T9] cfg80211: failed to load regulatory.db [ 97.004032][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 97.011669][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 97.018965][ T5831] bridge_slave_1: entered allmulticast mode [ 97.026708][ T5831] bridge_slave_1: entered promiscuous mode [ 97.039106][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.052486][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.066697][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.078066][ T5832] team0: Port device team_slave_0 added [ 97.127140][ T5832] team0: Port device team_slave_1 added [ 97.182785][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 97.193983][ T5833] team0: Port device team_slave_0 added [ 97.201709][ T5830] team0: Port device team_slave_0 added [ 97.220592][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 97.231308][ T5833] team0: Port device team_slave_1 added [ 97.238970][ T5830] team0: Port device team_slave_1 added [ 97.245577][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.252635][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.279159][ T5832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.323699][ T5832] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.330980][ T5832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.357008][ T5832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.411507][ T5831] team0: Port device team_slave_0 added [ 97.418199][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.425182][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.451584][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.468511][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.475494][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.501983][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.515041][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.522070][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.548094][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.560921][ T5831] team0: Port device team_slave_1 added [ 97.567510][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.574460][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.600822][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.680990][ T5832] hsr_slave_0: entered promiscuous mode [ 97.687605][ T5832] hsr_slave_1: entered promiscuous mode [ 97.696606][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 97.703565][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.729724][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 97.766244][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 97.773789][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 97.786866][ T5839] Bluetooth: hci3: command tx timeout [ 97.800174][ T5845] Bluetooth: hci2: command tx timeout [ 97.805429][ T5839] Bluetooth: hci1: command tx timeout [ 97.811251][ T5846] Bluetooth: hci0: command tx timeout [ 97.822177][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 97.882450][ T5830] hsr_slave_0: entered promiscuous mode [ 97.889092][ T5830] hsr_slave_1: entered promiscuous mode [ 97.895234][ T5830] debugfs: 'hsr0' already exists in 'hsr' [ 97.901106][ T5830] Cannot create hsr debugfs directory [ 97.920584][ T5833] hsr_slave_0: entered promiscuous mode [ 97.927358][ T5833] hsr_slave_1: entered promiscuous mode [ 97.934295][ T5833] debugfs: 'hsr0' already exists in 'hsr' [ 97.940776][ T5833] Cannot create hsr debugfs directory [ 98.063782][ T5831] hsr_slave_0: entered promiscuous mode [ 98.070502][ T5831] hsr_slave_1: entered promiscuous mode [ 98.077288][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 98.083041][ T5831] Cannot create hsr debugfs directory [ 98.475642][ T5832] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.489079][ T5832] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.503097][ T5832] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.523353][ T5832] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.583042][ T5830] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 98.603814][ T5830] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 98.619524][ T5830] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 98.648566][ T5830] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 98.730241][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 98.748966][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 98.760742][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 98.773545][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 98.881513][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 98.900817][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 98.914138][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 98.925932][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 98.959194][ T5832] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.007204][ T5832] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.043834][ T3524] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.051233][ T3524] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.065020][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.112658][ T3524] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.119842][ T3524] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.136081][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.173205][ T4478] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.180400][ T4478] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.205681][ T4478] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.212922][ T4478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.249196][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.314133][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.349405][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 99.369467][ T1340] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.376669][ T1340] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.402789][ T4478] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.410020][ T4478] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.491316][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.525903][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.533221][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.552695][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.559957][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.728925][ T5832] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.860317][ T5845] Bluetooth: hci3: command tx timeout [ 99.861368][ T5841] Bluetooth: hci2: command tx timeout [ 99.865824][ T5846] Bluetooth: hci1: command tx timeout [ 99.872178][ T5839] Bluetooth: hci0: command tx timeout [ 99.916537][ T5832] veth0_vlan: entered promiscuous mode [ 99.979454][ T5832] veth1_vlan: entered promiscuous mode [ 100.013514][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.059484][ T5832] veth0_macvtap: entered promiscuous mode [ 100.083445][ T5832] veth1_macvtap: entered promiscuous mode [ 100.150754][ T5830] veth0_vlan: entered promiscuous mode [ 100.192197][ T5830] veth1_vlan: entered promiscuous mode [ 100.205598][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.235866][ T5832] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.262896][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.285756][ T3524] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.299185][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 100.310499][ T3524] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.323859][ T3524] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.340215][ T3524] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.390290][ T5830] veth0_macvtap: entered promiscuous mode [ 100.412332][ T5830] veth1_macvtap: entered promiscuous mode [ 100.487044][ T5833] veth0_vlan: entered promiscuous mode [ 100.522181][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.545830][ T1340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.547391][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 100.561950][ T1340] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.570681][ T5833] veth1_vlan: entered promiscuous mode [ 100.594795][ T5831] veth0_vlan: entered promiscuous mode [ 100.631521][ T3524] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.640586][ T3524] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.650618][ T3524] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.662954][ T1340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.671964][ T3524] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.675692][ T1340] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.695917][ T5831] veth1_vlan: entered promiscuous mode [ 100.763814][ T5832] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 100.763931][ T5833] veth0_macvtap: entered promiscuous mode [ 100.804445][ T5833] veth1_macvtap: entered promiscuous mode [ 100.855381][ T5831] veth0_macvtap: entered promiscuous mode [ 100.933535][ T5831] veth1_macvtap: entered promiscuous mode [ 100.942441][ T1340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 100.961309][ T1340] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 100.968496][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 100.983320][ T5924] Zero length message leads to an empty skb [ 101.019886][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.034921][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.045283][ T3524] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.054036][ T3524] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.073885][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.085802][ T3524] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.108544][ T3524] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.136073][ T3524] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.145526][ T5924] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4'. [ 101.160325][ T5924] veth0_macvtap: left promiscuous mode [ 101.167940][ T5924] macvtap0: entered promiscuous mode [ 101.173265][ T5924] macvtap0: entered allmulticast mode [ 101.183997][ T3524] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.208428][ T3524] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.224691][ T3524] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.263670][ T3524] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.286413][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.463664][ T1138] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.482569][ T1138] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.488784][ T5928] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1'. [ 101.528436][ T1340] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.539894][ T1340] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.763031][ T1340] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.783119][ T1340] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.832419][ T4478] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 101.860690][ T4478] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 101.936793][ T5846] Bluetooth: hci0: command tx timeout [ 101.939179][ T5845] Bluetooth: hci3: command tx timeout [ 101.949171][ T5839] Bluetooth: hci2: command tx timeout [ 101.954670][ T5841] Bluetooth: hci1: command tx timeout [ 102.341219][ T5944] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2'. [ 102.413901][ T5947] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3'. [ 102.527900][ T5944] veth0_macvtap: left promiscuous mode [ 102.535857][ T5944] macvtap0: entered promiscuous mode [ 102.546533][ T5944] macvtap0: entered allmulticast mode [ 102.665346][ T5947] veth0_macvtap: left promiscuous mode [ 102.686406][ T5947] macvtap0: entered promiscuous mode [ 102.692247][ T5952] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 102.710366][ T5947] macvtap0: entered allmulticast mode [ 102.907705][ T5955] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8'. [ 103.406527][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.414864][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.423449][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.632566][ T5968] netlink: 28 bytes leftover after parsing attributes in process `syz.0.10'. [ 103.797114][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 103.918438][ T5968] veth0_macvtap: left promiscuous mode [ 103.926783][ T5968] macvtap0: entered promiscuous mode [ 103.932376][ T5968] macvtap0: entered allmulticast mode [ 104.016648][ T5839] Bluetooth: hci2: command tx timeout [ 104.018295][ T5846] Bluetooth: hci0: command tx timeout [ 104.022136][ T5845] Bluetooth: hci3: command tx timeout [ 104.033163][ T5841] Bluetooth: hci1: command tx timeout [ 104.479573][ T5974] kAFS: Invalid Command on /proc/fs/afs/cells file [ 104.566837][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.703438][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.716814][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.805862][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 104.826786][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 104.841040][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 105.227830][ T5973] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 105.234112][ T5973] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 105.267028][ T5973] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 105.318074][ T5973] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 105.324282][ T5973] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 105.446603][ T5973] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 105.521214][ T5973] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 105.567674][ T5973] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 105.646959][ T5973] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 105.729376][ T30] audit: type=1800 audit(1766023985.352:2): pid=5996 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.14" name="dbroot" dev="configfs" ino=8750 res=0 errno=0 [ 105.752328][ T5973] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 105.770098][ T5996] db_root: not a directory: /dev/audio1 [ 105.793554][ T5973] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 105.837311][ T5973] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 105.929363][ T5996] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14'. [ 106.003525][ T5996] FAULT_INJECTION: forcing a failure. [ 106.003525][ T5996] name failslab, interval 1, probability 0, space 0, times 1 [ 106.025745][ T5996] CPU: 1 UID: 0 PID: 5996 Comm: syz.3.14 Not tainted syzkaller #0 PREEMPT(full) [ 106.025785][ T5996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 106.025810][ T5996] Call Trace: [ 106.025820][ T5996] [ 106.025832][ T5996] dump_stack_lvl+0x16c/0x1f0 [ 106.025885][ T5996] should_fail_ex+0x512/0x640 [ 106.025917][ T5996] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 106.025966][ T5996] should_failslab+0xc2/0x120 [ 106.026011][ T5996] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 106.026055][ T5996] ? proc_create_data+0xbe/0x110 [ 106.026096][ T5996] ? cache_create_net+0x2b/0x220 [ 106.026142][ T5996] ? __pfx_proc_create_data+0x10/0x10 [ 106.026192][ T5996] ? kmemdup_noprof+0x29/0x60 [ 106.026225][ T5996] kmemdup_noprof+0x29/0x60 [ 106.026278][ T5996] cache_create_net+0x2b/0x220 [ 106.026323][ T5996] nfsd_idmap_init+0x11f/0x250 [ 106.026356][ T5996] ? __pfx_nfsd_net_init+0x10/0x10 [ 106.026403][ T5996] nfsd_net_init+0x69/0x3d0 [ 106.026448][ T5996] ? __pfx_nfsd_net_init+0x10/0x10 [ 106.026493][ T5996] ops_init+0x1e2/0x5f0 [ 106.026539][ T5996] setup_net+0x11d/0x3a0 [ 106.026582][ T5996] ? __pfx_setup_net+0x10/0x10 [ 106.026621][ T5996] ? lockdep_init_map_type+0x5c/0x270 [ 106.026661][ T5996] ? mutex_init_lockep+0x110/0x150 [ 106.026697][ T5996] copy_net_ns+0x351/0x7c0 [ 106.026747][ T5996] create_new_namespaces+0x3ea/0xab0 [ 106.026800][ T5996] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 106.026853][ T5996] ksys_unshare+0x45b/0xa40 [ 106.026903][ T5996] ? __pfx_ksys_unshare+0x10/0x10 [ 106.026952][ T5996] ? xfd_validate_state+0x61/0x180 [ 106.026993][ T5996] __x64_sys_unshare+0x31/0x40 [ 106.027020][ T5996] do_syscall_64+0xcd/0xf80 [ 106.027069][ T5996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.027101][ T5996] RIP: 0033:0x7f20f3d8f7c9 [ 106.027132][ T5996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.027162][ T5996] RSP: 002b:00007f20f4b8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 106.027191][ T5996] RAX: ffffffffffffffda RBX: 00007f20f3fe5fa0 RCX: 00007f20f3d8f7c9 [ 106.027211][ T5996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 106.027230][ T5996] RBP: 00007f20f3e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 106.027248][ T5996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 106.027266][ T5996] R13: 00007f20f3fe6038 R14: 00007f20f3fe5fa0 R15: 00007ffe98471c68 [ 106.027309][ T5996] [ 106.901029][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 107.076343][ T6021] netlink: 8 bytes leftover after parsing attributes in process `syz.3.18'. [ 107.386317][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 107.546947][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 107.796166][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 107.956963][ T6039] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 108.083481][ T30] audit: type=1804 audit(1766023987.702:3): pid=6039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.19" name="/newroot/6/file0" dev="tmpfs" ino=51 res=1 errno=0 [ 108.313371][ T6042] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20'. [ 108.554879][ T6048] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22'. [ 108.976345][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 109.456385][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 109.623211][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 109.824819][ T6068] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 109.863708][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 110.020006][ T6076] FAULT_INJECTION: forcing a failure. [ 110.020006][ T6076] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 110.062510][ T6076] CPU: 0 UID: 0 PID: 6076 Comm: syz.3.25 Not tainted syzkaller #0 PREEMPT(full) [ 110.062553][ T6076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 110.062571][ T6076] Call Trace: [ 110.062581][ T6076] [ 110.062593][ T6076] dump_stack_lvl+0x16c/0x1f0 [ 110.062646][ T6076] should_fail_ex+0x512/0x640 [ 110.062689][ T6076] should_fail_alloc_page+0xe7/0x130 [ 110.062741][ T6076] prepare_alloc_pages+0x401/0x670 [ 110.062796][ T6076] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 110.062839][ T6076] ? lock_acquire+0x179/0x330 [ 110.062867][ T6076] ? find_held_lock+0x2b/0x80 [ 110.062908][ T6076] ? finish_task_switch.isra.0+0x202/0xbd0 [ 110.062954][ T6076] ? rcu_is_watching+0x12/0xc0 [ 110.062996][ T6076] ? finish_task_switch.isra.0+0x207/0xbd0 [ 110.063039][ T6076] ? lockdep_hardirqs_on+0x7c/0x110 [ 110.063083][ T6076] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 110.063135][ T6076] ? trace_sched_exit_tp+0xd1/0x110 [ 110.063349][ T6076] ? __schedule+0x10b9/0x6150 [ 110.063400][ T6076] ? __lock_acquire+0x436/0x2890 [ 110.063441][ T6076] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 110.063494][ T6076] ? policy_nodemask+0xea/0x4e0 [ 110.063548][ T6076] alloc_pages_mpol+0x1fb/0x550 [ 110.063600][ T6076] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 110.063661][ T6076] folio_alloc_mpol_noprof+0x36/0x2f0 [ 110.063698][ T6076] vma_alloc_folio_noprof+0xed/0x1e0 [ 110.063731][ T6076] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 110.063779][ T6076] do_anonymous_page+0xc81/0x2190 [ 110.063829][ T6076] __handle_mm_fault+0x1ecf/0x2bb0 [ 110.063869][ T6076] ? reacquire_held_locks+0xcd/0x1f0 [ 110.063902][ T6076] ? __pfx___handle_mm_fault+0x10/0x10 [ 110.063941][ T6076] ? lock_vma_under_rcu+0x176/0x580 [ 110.063999][ T6076] handle_mm_fault+0x3fe/0xad0 [ 110.064041][ T6076] do_user_addr_fault+0x60c/0x1370 [ 110.064085][ T6076] ? rcu_is_watching+0x12/0xc0 [ 110.064134][ T6076] exc_page_fault+0x64/0xc0 [ 110.064180][ T6076] asm_exc_page_fault+0x26/0x30 [ 110.064224][ T6076] RIP: 0033:0x7f20f3c5a65b [ 110.064248][ T6076] Code: 00 00 00 48 8d 3d dd 5a 19 00 48 89 c1 31 c0 e8 2b 39 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 11 5b 19 00 48 89 34 24 48 8b 14 24 48 8b [ 110.064276][ T6076] RSP: 002b:00007f20f4b8afb0 EFLAGS: 00010202 [ 110.064299][ T6076] RAX: 0000000000000000 RBX: 00007f20f3fe5fa0 RCX: 0000000000000000 [ 110.064317][ T6076] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000180 [ 110.064335][ T6076] RBP: 00007f20f3e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 110.064353][ T6076] R10: 0000200000000180 R11: 0000000000000000 R12: 0000000000000000 [ 110.064370][ T6076] R13: 00007f20f3fe6038 R14: 00007f20f3fe5fa0 R15: 00007ffe98471c68 [ 110.064409][ T6076] [ 110.331363][ T6076] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF syzkaller syzkaller login: [ 110.497472][ T6079] netlink: 28 bytes leftover after parsing attributes in process `syz.2.27'. [ 110.725905][ T6094] random: crng reseeded on system resumption [ 110.856819][ T5845] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5 [ 111.062022][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 111.393119][ T6105] process 'syz.2.30' launched '/dev/fd/5' with NULL argv: empty string added [ 111.536243][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 111.696750][ T5845] Bluetooth: hci3: command 0x0c1a tx timeout [ 111.872829][ T6115] netlink: 28 bytes leftover after parsing attributes in process `syz.0.31'. [ 111.936978][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 112.334058][ T6128] netlink: 8 bytes leftover after parsing attributes in process `syz.3.35'. [ 113.030203][ T6130] FAULT_INJECTION: forcing a failure. [ 113.030203][ T6130] name failslab, interval 1, probability 0, space 0, times 0 [ 113.046337][ T6130] CPU: 1 UID: 0 PID: 6130 Comm: syz.0.34 Not tainted syzkaller #0 PREEMPT(full) [ 113.046376][ T6130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 113.046395][ T6130] Call Trace: [ 113.046406][ T6130] [ 113.046417][ T6130] dump_stack_lvl+0x16c/0x1f0 [ 113.046482][ T6130] should_fail_ex+0x512/0x640 [ 113.046514][ T6130] ? __kmalloc_noprof+0xca/0x910 [ 113.046548][ T6130] should_failslab+0xc2/0x120 [ 113.046593][ T6130] __kmalloc_noprof+0xeb/0x910 [ 113.046625][ T6130] ? sk_prot_alloc+0x1a8/0x2a0 [ 113.046673][ T6130] ? sk_prot_alloc+0x1a8/0x2a0 [ 113.046713][ T6130] sk_prot_alloc+0x1a8/0x2a0 [ 113.046758][ T6130] sk_alloc+0x36/0xe30 [ 113.046788][ T6130] pppol2tp_create+0x32/0x250 [ 113.046820][ T6130] pppox_create+0x15c/0x2c0 [ 113.046859][ T6130] __sock_create+0x339/0x8a0 [ 113.046912][ T6130] __sys_socket+0x14d/0x260 [ 113.046950][ T6130] ? __pfx___sys_socket+0x10/0x10 [ 113.046978][ T6130] ? xfd_validate_state+0x61/0x180 [ 113.047013][ T6130] __x64_sys_socket+0x72/0xb0 [ 113.047032][ T6130] ? lockdep_hardirqs_on+0x7c/0x110 [ 113.047063][ T6130] do_syscall_64+0xcd/0xf80 [ 113.047096][ T6130] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.047117][ T6130] RIP: 0033:0x7f667f38f7c9 [ 113.047133][ T6130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.047153][ T6130] RSP: 002b:00007f66801a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 113.047172][ T6130] RAX: ffffffffffffffda RBX: 00007f667f5e6090 RCX: 00007f667f38f7c9 [ 113.047185][ T6130] RDX: 0000000000000001 RSI: 000000000000000a RDI: 0000000000000018 [ 113.047197][ T6130] RBP: 00007f667f413f91 R08: 0000000000000000 R09: 0000000000000000 [ 113.047209][ T6130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.047221][ T6130] R13: 00007f667f5e6128 R14: 00007f667f5e6090 R15: 00007ffd655263b8 [ 113.047248][ T6130] [ 113.779338][ T6147] netlink: 4 bytes leftover after parsing attributes in process `syz.3.38'. [ 113.790325][ T6147] netlink: 13 bytes leftover after parsing attributes in process `syz.3.38'. [ 114.151656][ T6150] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 114.456841][ T6160] FAULT_INJECTION: forcing a failure. [ 114.456841][ T6160] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 114.486850][ T6160] CPU: 1 UID: 0 PID: 6160 Comm: syz.2.42 Not tainted syzkaller #0 PREEMPT(full) [ 114.486884][ T6160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 114.486899][ T6160] Call Trace: [ 114.486906][ T6160] [ 114.486916][ T6160] dump_stack_lvl+0x16c/0x1f0 [ 114.486959][ T6160] should_fail_ex+0x512/0x640 [ 114.486991][ T6160] should_fail_alloc_page+0xe7/0x130 [ 114.487032][ T6160] prepare_alloc_pages+0x401/0x670 [ 114.487084][ T6160] __alloc_frozen_pages_noprof+0x18b/0x2430 [ 114.487117][ T6160] ? lock_acquire+0x179/0x330 [ 114.487139][ T6160] ? find_held_lock+0x2b/0x80 [ 114.487171][ T6160] ? finish_task_switch.isra.0+0x202/0xbd0 [ 114.487207][ T6160] ? rcu_is_watching+0x12/0xc0 [ 114.487239][ T6160] ? finish_task_switch.isra.0+0x207/0xbd0 [ 114.487271][ T6160] ? lockdep_hardirqs_on+0x7c/0x110 [ 114.487307][ T6160] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 114.487341][ T6160] ? trace_sched_exit_tp+0xd1/0x110 [ 114.487375][ T6160] ? __schedule+0x10b9/0x6150 [ 114.487410][ T6160] ? __lock_acquire+0x436/0x2890 [ 114.487439][ T6160] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 114.487477][ T6160] ? policy_nodemask+0xea/0x4e0 [ 114.487516][ T6160] alloc_pages_mpol+0x1fb/0x550 [ 114.487554][ T6160] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 114.487599][ T6160] folio_alloc_mpol_noprof+0x36/0x2f0 [ 114.487627][ T6160] vma_alloc_folio_noprof+0xed/0x1e0 [ 114.487651][ T6160] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 114.487685][ T6160] do_anonymous_page+0xc81/0x2190 [ 114.487723][ T6160] __handle_mm_fault+0x1ecf/0x2bb0 [ 114.487754][ T6160] ? reacquire_held_locks+0xcd/0x1f0 [ 114.487778][ T6160] ? __pfx___handle_mm_fault+0x10/0x10 [ 114.487812][ T6160] ? lock_vma_under_rcu+0x176/0x580 [ 114.487894][ T6160] handle_mm_fault+0x3fe/0xad0 [ 114.487946][ T6160] do_user_addr_fault+0x60c/0x1370 [ 114.487984][ T6160] ? rcu_is_watching+0x12/0xc0 [ 114.488053][ T6160] exc_page_fault+0x64/0xc0 [ 114.488099][ T6160] asm_exc_page_fault+0x26/0x30 [ 114.488128][ T6160] RIP: 0033:0x7f39ac85a65b [ 114.488162][ T6160] Code: 00 00 00 48 8d 3d dd 5a 19 00 48 89 c1 31 c0 e8 2b 39 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 11 5b 19 00 48 89 34 24 48 8b 14 24 48 8b [ 114.488188][ T6160] RSP: 002b:00007f39ad898fb0 EFLAGS: 00010202 [ 114.488209][ T6160] RAX: 0000000000000000 RBX: 00007f39acbe5fa0 RCX: 0000000000000000 [ 114.488225][ T6160] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000180 [ 114.488242][ T6160] RBP: 00007f39aca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 114.488258][ T6160] R10: 0000200000000180 R11: 0000000000000000 R12: 0000000000000000 [ 114.488273][ T6160] R13: 00007f39acbe6038 R14: 00007f39acbe5fa0 R15: 00007ffd74b2b838 [ 114.488310][ T6160] [ 114.488327][ T6160] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 115.152531][ T6139] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 115.163851][ T6139] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 115.185572][ T6139] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 115.203640][ T6139] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 115.728496][ T6182] netlink: 28 bytes leftover after parsing attributes in process `syz.3.45'. [ 116.010442][ T6188] netlink: 8 bytes leftover after parsing attributes in process `syz.1.47'. [ 116.418195][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 116.634421][ T6195] netlink: 28 bytes leftover after parsing attributes in process `syz.3.48'. syzkaller syzkaller login: [ 117.229351][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout [ 117.235503][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 117.241653][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 118.141810][ T6220] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 118.633458][ T6242] netlink: 28 bytes leftover after parsing attributes in process `syz.1.56'. [ 119.156747][ T6225] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 119.195259][ T6225] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 119.226009][ T6225] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 119.255621][ T6225] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 119.799864][ T6261] netlink: 28 bytes leftover after parsing attributes in process `syz.3.60'. [ 120.167898][ T6276] db_root: not a directory: /dev/audio1 [ 120.176721][ T30] audit: type=1800 audit(1766023999.782:4): pid=6276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.62" name="dbroot" dev="configfs" ino=9463 res=0 errno=0 [ 120.240589][ T6276] netlink: 4 bytes leftover after parsing attributes in process `syz.3.62'. [ 120.328999][ T6276] FAULT_INJECTION: forcing a failure. [ 120.328999][ T6276] name failslab, interval 1, probability 0, space 0, times 0 [ 120.382808][ T6276] CPU: 0 UID: 0 PID: 6276 Comm: syz.3.62 Not tainted syzkaller #0 PREEMPT(full) [ 120.382853][ T6276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 120.382881][ T6276] Call Trace: [ 120.382892][ T6276] [ 120.382905][ T6276] dump_stack_lvl+0x16c/0x1f0 [ 120.382975][ T6276] should_fail_ex+0x512/0x640 [ 120.383011][ T6276] ? __kmalloc_noprof+0xca/0x910 [ 120.383052][ T6276] should_failslab+0xc2/0x120 [ 120.383101][ T6276] __kmalloc_noprof+0xeb/0x910 [ 120.383137][ T6276] ? sk_prot_alloc+0x1a8/0x2a0 [ 120.383193][ T6276] ? sk_prot_alloc+0x1a8/0x2a0 [ 120.383240][ T6276] sk_prot_alloc+0x1a8/0x2a0 [ 120.383292][ T6276] sk_alloc+0x36/0xe30 [ 120.383330][ T6276] __netlink_create+0x5e/0x2c0 [ 120.383386][ T6276] __netlink_kernel_create+0xed/0x750 [ 120.383432][ T6276] ? __pfx___netlink_kernel_create+0x10/0x10 [ 120.383493][ T6276] ? __pfx_crypto_netlink_init+0x10/0x10 [ 120.383525][ T6276] crypto_netlink_init+0xb7/0x140 [ 120.383552][ T6276] ? cpus_read_unlock+0x83/0x150 [ 120.383596][ T6276] ? __pfx_crypto_netlink_init+0x10/0x10 [ 120.383627][ T6276] ? __nf_register_net_hook+0x371/0x730 [ 120.383679][ T6276] ? __pfx_crypto_netlink_rcv+0x10/0x10 [ 120.383733][ T6276] ? nf_register_net_hook+0x117/0x160 [ 120.383778][ T6276] ? nf_register_net_hooks+0xb1/0xd0 [ 120.383832][ T6276] ops_init+0x1e2/0x5f0 [ 120.383877][ T6276] setup_net+0x11d/0x3a0 [ 120.383920][ T6276] ? __pfx_setup_net+0x10/0x10 [ 120.383960][ T6276] ? lockdep_init_map_type+0x5c/0x270 [ 120.383993][ T6276] ? mutex_init_lockep+0x110/0x150 [ 120.384030][ T6276] copy_net_ns+0x351/0x7c0 [ 120.384079][ T6276] create_new_namespaces+0x3ea/0xab0 [ 120.384152][ T6276] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 120.384201][ T6276] ksys_unshare+0x45b/0xa40 [ 120.384253][ T6276] ? __pfx_ksys_unshare+0x10/0x10 [ 120.384307][ T6276] ? xfd_validate_state+0x61/0x180 [ 120.384349][ T6276] __x64_sys_unshare+0x31/0x40 [ 120.384378][ T6276] do_syscall_64+0xcd/0xf80 [ 120.384430][ T6276] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.384462][ T6276] RIP: 0033:0x7f20f3d8f7c9 [ 120.384496][ T6276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.384526][ T6276] RSP: 002b:00007f20f4b8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 120.384557][ T6276] RAX: ffffffffffffffda RBX: 00007f20f3fe5fa0 RCX: 00007f20f3d8f7c9 [ 120.384577][ T6276] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 120.384596][ T6276] RBP: 00007f20f3e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 120.384614][ T6276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 120.384632][ T6276] R13: 00007f20f3fe6038 R14: 00007f20f3fe5fa0 R15: 00007ffe98471c68 [ 120.384689][ T6276] [ 120.678869][ T5845] Bluetooth: hci0: command 0x0c1a tx timeout [ 121.236199][ T5845] Bluetooth: hci2: command 0x0c1a tx timeout [ 121.297093][ T5845] Bluetooth: hci1: command 0x0c1a tx timeout [ 121.297186][ T5841] Bluetooth: hci3: command 0x0c1a tx timeout [ 121.451866][ T6299] netlink: zone id is out of range [ 121.758145][ T6299] netlink: set zone limit has 8 unknown bytes [ 121.775830][ T6306] FAULT_INJECTION: forcing a failure. [ 121.775830][ T6306] name failslab, interval 1, probability 0, space 0, times 0 [ 121.788609][ T6306] CPU: 1 UID: 0 PID: 6306 Comm: syz.1.64 Not tainted syzkaller #0 PREEMPT(full) [ 121.788635][ T6306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 121.788648][ T6306] Call Trace: [ 121.788654][ T6306] [ 121.788662][ T6306] dump_stack_lvl+0x16c/0x1f0 [ 121.788698][ T6306] should_fail_ex+0x512/0x640 [ 121.788720][ T6306] ? __kmalloc_noprof+0xca/0x910 [ 121.788745][ T6306] should_failslab+0xc2/0x120 [ 121.788777][ T6306] __kmalloc_noprof+0xeb/0x910 [ 121.788800][ T6306] ? lsm_blob_alloc+0x68/0x90 [ 121.788838][ T6306] ? lsm_blob_alloc+0x68/0x90 [ 121.788867][ T6306] lsm_blob_alloc+0x68/0x90 [ 121.788897][ T6306] security_sk_alloc+0x2f/0x270 [ 121.788919][ T6306] sk_prot_alloc+0x1c7/0x2a0 [ 121.788953][ T6306] sk_alloc+0x36/0xe30 [ 121.788995][ T6306] pppol2tp_create+0x32/0x250 [ 121.789020][ T6306] pppox_create+0x15c/0x2c0 [ 121.789050][ T6306] __sock_create+0x339/0x8a0 [ 121.789091][ T6306] __sys_socket+0x14d/0x260 [ 121.789111][ T6306] ? __pfx___sys_socket+0x10/0x10 [ 121.789132][ T6306] ? xfd_validate_state+0x61/0x180 [ 121.789159][ T6306] __x64_sys_socket+0x72/0xb0 [ 121.789179][ T6306] ? lockdep_hardirqs_on+0x7c/0x110 [ 121.789212][ T6306] do_syscall_64+0xcd/0xf80 [ 121.789246][ T6306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.789278][ T6306] RIP: 0033:0x7fa9abf8f7c9 [ 121.789295][ T6306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.789316][ T6306] RSP: 002b:00007fa9acd9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 121.789336][ T6306] RAX: ffffffffffffffda RBX: 00007fa9ac1e6180 RCX: 00007fa9abf8f7c9 [ 121.789351][ T6306] RDX: 0000000000000001 RSI: 000000000000000a RDI: 0000000000000018 [ 121.789363][ T6306] RBP: 00007fa9ac013f91 R08: 0000000000000000 R09: 0000000000000000 [ 121.789376][ T6306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 121.789389][ T6306] R13: 00007fa9ac1e6218 R14: 00007fa9ac1e6180 R15: 00007ffda0d16218 [ 121.789417][ T6306] [ 124.511132][ T6345] netlink: 28 bytes leftover after parsing attributes in process `syz.1.71'. [ 124.727274][ T6345] ipvlan0: entered promiscuous mode [ 124.794392][ T6345] ipvlan0: entered allmulticast mode [ 124.836795][ T6345] veth0_vlan: entered allmulticast mode [ 124.888984][ T6356] netlink: 28 bytes leftover after parsing attributes in process `syz.2.73'. [ 125.042712][ T30] audit: type=1800 audit(1766024004.662:5): pid=6360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.74" name="dbroot" dev="configfs" ino=9615 res=0 errno=0 [ 125.082291][ T6360] db_root: not a directory: /dev/audio1 [ 125.135585][ T6360] netlink: 4 bytes leftover after parsing attributes in process `syz.0.74'. [ 125.536703][ T6360] FAULT_INJECTION: forcing a failure. [ 125.536703][ T6360] name failslab, interval 1, probability 0, space 0, times 0 [ 125.596399][ T6360] CPU: 0 UID: 0 PID: 6360 Comm: syz.0.74 Not tainted syzkaller #0 PREEMPT(full) [ 125.596458][ T6360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 125.596476][ T6360] Call Trace: [ 125.596486][ T6360] [ 125.596498][ T6360] dump_stack_lvl+0x16c/0x1f0 [ 125.596567][ T6360] should_fail_ex+0x512/0x640 [ 125.596620][ T6360] ? kmem_cache_alloc_noprof+0x62/0x770 [ 125.596668][ T6360] should_failslab+0xc2/0x120 [ 125.596733][ T6360] kmem_cache_alloc_noprof+0x83/0x770 [ 125.596772][ T6360] ? __kernfs_new_node+0xd2/0x990 [ 125.596841][ T6360] ? __kernfs_new_node+0xd2/0x990 [ 125.596877][ T6360] __kernfs_new_node+0xd2/0x990 [ 125.596921][ T6360] ? __pfx___kernfs_new_node+0x10/0x10 [ 125.596976][ T6360] ? find_held_lock+0x2b/0x80 [ 125.597021][ T6360] ? kernfs_root+0xee/0x2a0 [ 125.597067][ T6360] kernfs_new_node+0x13c/0x1e0 [ 125.597132][ T6360] __kernfs_create_file+0x53/0x350 [ 125.597189][ T6360] sysfs_add_file_mode_ns+0x207/0x3c0 [ 125.597242][ T6360] sysfs_create_file_ns+0x13d/0x1d0 [ 125.597276][ T6360] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 125.597323][ T6360] ? class_to_subsys+0x10f/0x160 [ 125.597371][ T6360] ? do_raw_spin_unlock+0x172/0x230 [ 125.597419][ T6360] class_create_file_ns+0x3d/0x60 [ 125.597465][ T6360] bond_create_sysfs+0x13b/0x220 [ 125.597505][ T6360] bond_net_init+0x178/0x360 [ 125.597541][ T6360] ? __pfx_bond_net_init+0x10/0x10 [ 125.597572][ T6360] ops_init+0x1e2/0x5f0 [ 125.597619][ T6360] setup_net+0x11d/0x3a0 [ 125.597663][ T6360] ? __pfx_setup_net+0x10/0x10 [ 125.597703][ T6360] ? lockdep_init_map_type+0x5c/0x270 [ 125.597736][ T6360] ? mutex_init_lockep+0x110/0x150 [ 125.597774][ T6360] copy_net_ns+0x351/0x7c0 [ 125.597825][ T6360] create_new_namespaces+0x3ea/0xab0 [ 125.597878][ T6360] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 125.597927][ T6360] ksys_unshare+0x45b/0xa40 [ 125.597993][ T6360] ? __pfx_ksys_unshare+0x10/0x10 [ 125.598043][ T6360] ? xfd_validate_state+0x61/0x180 [ 125.598085][ T6360] __x64_sys_unshare+0x31/0x40 [ 125.598112][ T6360] do_syscall_64+0xcd/0xf80 [ 125.598162][ T6360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.598194][ T6360] RIP: 0033:0x7f667f38f7c9 [ 125.598218][ T6360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.598248][ T6360] RSP: 002b:00007f66801c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 125.598277][ T6360] RAX: ffffffffffffffda RBX: 00007f667f5e5fa0 RCX: 00007f667f38f7c9 [ 125.598305][ T6360] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 125.598323][ T6360] RBP: 00007f667f413f91 R08: 0000000000000000 R09: 0000000000000000 [ 125.598341][ T6360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 125.598358][ T6360] R13: 00007f667f5e6038 R14: 00007f667f5e5fa0 R15: 00007ffd655263b8 [ 125.598401][ T6360] [ 126.304352][ T6378] FAULT_INJECTION: forcing a failure. [ 126.304352][ T6378] name failslab, interval 1, probability 0, space 0, times 0 [ 126.318856][ T6378] CPU: 0 UID: 0 PID: 6378 Comm: syz.2.77 Not tainted syzkaller #0 PREEMPT(full) [ 126.318892][ T6378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 126.318910][ T6378] Call Trace: [ 126.318920][ T6378] [ 126.318931][ T6378] dump_stack_lvl+0x16c/0x1f0 [ 126.319003][ T6378] should_fail_ex+0x512/0x640 [ 126.319034][ T6378] ? __kmalloc_noprof+0xca/0x910 [ 126.319069][ T6378] should_failslab+0xc2/0x120 [ 126.319114][ T6378] __kmalloc_noprof+0xeb/0x910 [ 126.319144][ T6378] ? lsm_blob_alloc+0x68/0x90 [ 126.319192][ T6378] ? lsm_blob_alloc+0x68/0x90 [ 126.319233][ T6378] lsm_blob_alloc+0x68/0x90 [ 126.319276][ T6378] security_sk_alloc+0x2f/0x270 [ 126.319306][ T6378] sk_prot_alloc+0x1c7/0x2a0 [ 126.319353][ T6378] sk_alloc+0x36/0xe30 [ 126.319387][ T6378] pppol2tp_create+0x32/0x250 [ 126.319430][ T6378] pppox_create+0x15c/0x2c0 [ 126.319467][ T6378] __sock_create+0x339/0x8a0 [ 126.319534][ T6378] __sys_socket+0x14d/0x260 [ 126.319562][ T6378] ? __pfx___sys_socket+0x10/0x10 [ 126.319589][ T6378] ? xfd_validate_state+0x61/0x180 [ 126.319626][ T6378] __x64_sys_socket+0x72/0xb0 [ 126.319652][ T6378] ? lockdep_hardirqs_on+0x7c/0x110 [ 126.319694][ T6378] do_syscall_64+0xcd/0xf80 [ 126.319737][ T6378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.319766][ T6378] RIP: 0033:0x7f39ac98f7c9 [ 126.319790][ T6378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 126.319817][ T6378] RSP: 002b:00007f39ad879038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 126.319843][ T6378] RAX: ffffffffffffffda RBX: 00007f39acbe6090 RCX: 00007f39ac98f7c9 [ 126.319862][ T6378] RDX: 0000000000000001 RSI: 000000000000000a RDI: 0000000000000018 [ 126.319879][ T6378] RBP: 00007f39aca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 126.319894][ T6378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 126.319909][ T6378] R13: 00007f39acbe6128 R14: 00007f39acbe6090 R15: 00007ffd74b2b838 [ 126.319953][ T6378] [ 126.774706][ T6394] random: crng reseeded on system resumption [ 128.286966][ T6418] mmap: syz.1.83 (6418) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 129.175034][ T30] audit: type=1800 audit(1766024008.792:6): pid=6446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.92" name="dbroot" dev="configfs" ino=10691 res=0 errno=0 [ 129.207405][ T6446] db_root: not a directory: /dev/audio1 [ 129.259706][ T6447] netlink: 4 bytes leftover after parsing attributes in process `syz.0.92'. [ 129.293332][ T6446] FAULT_INJECTION: forcing a failure. [ 129.293332][ T6446] name failslab, interval 1, probability 0, space 0, times 0 [ 129.329186][ T6446] CPU: 0 UID: 0 PID: 6446 Comm: syz.0.92 Not tainted syzkaller #0 PREEMPT(full) [ 129.329225][ T6446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 129.329242][ T6446] Call Trace: [ 129.329251][ T6446] [ 129.329263][ T6446] dump_stack_lvl+0x16c/0x1f0 [ 129.329313][ T6446] should_fail_ex+0x512/0x640 [ 129.329345][ T6446] ? __kmalloc_noprof+0xca/0x910 [ 129.329382][ T6446] should_failslab+0xc2/0x120 [ 129.329428][ T6446] __kmalloc_noprof+0xeb/0x910 [ 129.329459][ T6446] ? lockdep_init_map_type+0x5c/0x270 [ 129.329488][ T6446] ? ops_init+0x77/0x5f0 [ 129.329532][ T6446] ? ops_init+0x77/0x5f0 [ 129.329568][ T6446] ops_init+0x77/0x5f0 [ 129.329610][ T6446] setup_net+0x11d/0x3a0 [ 129.329651][ T6446] ? __pfx_setup_net+0x10/0x10 [ 129.329688][ T6446] ? lockdep_init_map_type+0x5c/0x270 [ 129.329717][ T6446] ? mutex_init_lockep+0x110/0x150 [ 129.329753][ T6446] copy_net_ns+0x351/0x7c0 [ 129.329800][ T6446] create_new_namespaces+0x3ea/0xab0 [ 129.329850][ T6446] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 129.329894][ T6446] ksys_unshare+0x45b/0xa40 [ 129.329940][ T6446] ? __pfx_ksys_unshare+0x10/0x10 [ 129.330000][ T6446] __x64_sys_unshare+0x31/0x40 [ 129.330032][ T6446] do_syscall_64+0xcd/0xf80 [ 129.330079][ T6446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.330108][ T6446] RIP: 0033:0x7f667f38f7c9 [ 129.330131][ T6446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.330158][ T6446] RSP: 002b:00007f66801c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 129.330184][ T6446] RAX: ffffffffffffffda RBX: 00007f667f5e5fa0 RCX: 00007f667f38f7c9 [ 129.330203][ T6446] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 129.330219][ T6446] RBP: 00007f667f413f91 R08: 0000000000000000 R09: 0000000000000000 [ 129.330235][ T6446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.330251][ T6446] R13: 00007f667f5e6038 R14: 00007f667f5e5fa0 R15: 00007ffd655263b8 [ 129.330290][ T6446] [ 130.776108][ T6484] netlink: 28 bytes leftover after parsing attributes in process `syz.3.103'. [ 131.403401][ T6508] netlink: 28 bytes leftover after parsing attributes in process `syz.3.107'. [ 132.258406][ T5845] Bluetooth: hci4: command 0x1003 tx timeout [ 132.265387][ T5841] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 132.729316][ T6532] openvswitch: netlink: Key type 1539 is out of range max 32 [ 132.788562][ T6532] nfs: Unknown parameter 'w`_I+; HY Lu>>uh*C<+ ' [ 133.597066][ T6555] netlink: 28 bytes leftover after parsing attributes in process `syz.0.119'. [ 133.825679][ T6570] FAULT_INJECTION: forcing a failure. [ 133.825679][ T6570] name fail_futex, interval 1, probability 0, space 0, times 1 [ 133.846820][ T6570] CPU: 0 UID: 0 PID: 6570 Comm: syz.2.123 Not tainted syzkaller #0 PREEMPT(full) [ 133.846862][ T6570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 133.846880][ T6570] Call Trace: [ 133.846891][ T6570] [ 133.846902][ T6570] dump_stack_lvl+0x16c/0x1f0 [ 133.846953][ T6570] should_fail_ex+0x512/0x640 [ 133.846994][ T6570] get_futex_key+0x1d0/0x15f0 [ 133.847033][ T6570] ? __pfx_get_futex_key+0x10/0x10 [ 133.847082][ T6570] futex_wake+0xea/0x530 [ 133.847126][ T6570] ? kasan_quarantine_put+0x10a/0x240 [ 133.847177][ T6570] ? __pfx_futex_wake+0x10/0x10 [ 133.847225][ T6570] ? putname+0xf5/0x1a0 [ 133.847265][ T6570] do_futex+0x1e3/0x350 [ 133.847305][ T6570] ? __pfx_do_futex+0x10/0x10 [ 133.847352][ T6570] __x64_sys_futex+0x1e0/0x4c0 [ 133.847391][ T6570] ? __x64_sys_openat+0x174/0x210 [ 133.847426][ T6570] ? __pfx___x64_sys_futex+0x10/0x10 [ 133.847479][ T6570] do_syscall_64+0xcd/0xf80 [ 133.847526][ T6570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.847557][ T6570] RIP: 0033:0x7f39ac98f7c9 [ 133.847581][ T6570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.847613][ T6570] RSP: 002b:00007f39ad8790e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 133.847641][ T6570] RAX: ffffffffffffffda RBX: 00007f39acbe6098 RCX: 00007f39ac98f7c9 [ 133.847662][ T6570] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f39acbe609c [ 133.847688][ T6570] RBP: 00007f39acbe6090 R08: 00007f39ad89b000 R09: 0000000000000000 [ 133.847707][ T6570] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 133.847725][ T6570] R13: 00007f39acbe6128 R14: 00007ffd74b2b750 R15: 00007ffd74b2b838 [ 133.847765][ T6570] [ 134.032138][ T6574] FAULT_INJECTION: forcing a failure. [ 134.032138][ T6574] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 134.065175][ T6574] CPU: 1 UID: 0 PID: 6574 Comm: syz.1.125 Not tainted syzkaller #0 PREEMPT(full) [ 134.065213][ T6574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 134.065230][ T6574] Call Trace: [ 134.065239][ T6574] [ 134.065250][ T6574] dump_stack_lvl+0x16c/0x1f0 [ 134.065309][ T6574] should_fail_ex+0x512/0x640 [ 134.065356][ T6574] _copy_from_user+0x2e/0xd0 [ 134.065385][ T6574] __sys_bpf+0x248/0x4980 [ 134.065422][ T6574] ? __pfx___sys_bpf+0x10/0x10 [ 134.065445][ T6574] ? find_held_lock+0x2b/0x80 [ 134.065487][ T6574] ? find_held_lock+0x2b/0x80 [ 134.065530][ T6574] ? __mutex_unlock_slowpath+0x161/0x790 [ 134.065592][ T6574] ? fput+0x70/0xf0 [ 134.065636][ T6574] ? ksys_write+0x1ac/0x250 [ 134.065673][ T6574] ? __pfx_ksys_write+0x10/0x10 [ 134.065720][ T6574] __x64_sys_bpf+0x78/0xc0 [ 134.065746][ T6574] ? lockdep_hardirqs_on+0x7c/0x110 [ 134.065787][ T6574] do_syscall_64+0xcd/0xf80 [ 134.065832][ T6574] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.065861][ T6574] RIP: 0033:0x7fa9abf8f7c9 [ 134.065882][ T6574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.065909][ T6574] RSP: 002b:00007fa9acde1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 134.065934][ T6574] RAX: ffffffffffffffda RBX: 00007fa9ac1e5fa0 RCX: 00007fa9abf8f7c9 [ 134.065951][ T6574] RDX: 00000000000006f4 RSI: 0000200000000380 RDI: 0000000000000000 [ 134.065967][ T6574] RBP: 00007fa9acde1090 R08: 0000000000000000 R09: 0000000000000000 [ 134.065983][ T6574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 134.065998][ T6574] R13: 00007fa9ac1e6038 R14: 00007fa9ac1e5fa0 R15: 00007ffda0d16218 [ 134.066035][ T6574] [ 134.426068][ T6579] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input9 [ 136.252427][ T6633] netlink: 28 bytes leftover after parsing attributes in process `syz.0.137'. [ 136.514889][ T6643] netlink: 334 bytes leftover after parsing attributes in process `syz.1.140'. [ 137.503794][ T6660] zswap: compressor not available [ 137.941327][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.948271][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 138.410290][ T6683] netlink: 28 bytes leftover after parsing attributes in process `syz.1.153'. [ 139.142131][ T6702] zswap: compressor not available [ 139.297291][ T6711] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 139.332963][ T6721] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 139.413237][ T6728] syz.1.160 uses obsolete (PF_INET,SOCK_PACKET) [ 140.277974][ T6743] ptrace attach of "./syz-executor exec"[5833] was attempted by ""[6743] [ 140.987375][ T6748] FAULT_INJECTION: forcing a failure. [ 140.987375][ T6748] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.008824][ T6748] CPU: 1 UID: 0 PID: 6748 Comm: syz.0.167 Not tainted syzkaller #0 PREEMPT(full) [ 141.008854][ T6748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 141.008867][ T6748] Call Trace: [ 141.008875][ T6748] [ 141.008883][ T6748] dump_stack_lvl+0x16c/0x1f0 [ 141.008949][ T6748] should_fail_ex+0x512/0x640 [ 141.008980][ T6748] _copy_from_user+0x2e/0xd0 [ 141.009006][ T6748] kstrtouint_from_user+0xd6/0x1d0 [ 141.009040][ T6748] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 141.009071][ T6748] ? __lock_acquire+0x436/0x2890 [ 141.009099][ T6748] ? lock_acquire+0x179/0x330 [ 141.009127][ T6748] proc_fail_nth_write+0x83/0x220 [ 141.009163][ T6748] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 141.009262][ T6748] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 141.009287][ T6748] vfs_write+0x2a0/0x11d0 [ 141.009326][ T6748] ? __pfx___mutex_lock+0x10/0x10 [ 141.009369][ T6748] ? __pfx_vfs_write+0x10/0x10 [ 141.009414][ T6748] ? __fget_files+0x20e/0x3c0 [ 141.009458][ T6748] ksys_write+0x12a/0x250 [ 141.009492][ T6748] ? __pfx_ksys_write+0x10/0x10 [ 141.009538][ T6748] do_syscall_64+0xcd/0xf80 [ 141.009577][ T6748] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.009603][ T6748] RIP: 0033:0x7f667f38e27f [ 141.009623][ T6748] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 141.009648][ T6748] RSP: 002b:00007f66801c6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 141.009671][ T6748] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f667f38e27f [ 141.009686][ T6748] RDX: 0000000000000001 RSI: 00007f66801c60a0 RDI: 0000000000000003 [ 141.009700][ T6748] RBP: 00007f66801c6090 R08: 0000000000000000 R09: 0000000000000000 [ 141.009713][ T6748] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 141.009727][ T6748] R13: 00007f667f5e6038 R14: 00007f667f5e5fa0 R15: 00007ffd655263b8 [ 141.009761][ T6748] [ 141.447141][ T6756] netlink: 28 bytes leftover after parsing attributes in process `syz.1.169'. [ 141.932560][ T6763] zswap: compressor not available [ 143.266234][ T6817] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 143.312603][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 143.355610][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 143.379557][ T6821] vhci_hcd vhci_hcd.2: default hub control req: 0000 v0000 i0000 l0 [ 143.404527][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 143.467472][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 143.487921][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 143.594327][ T6812] netlink: 28 bytes leftover after parsing attributes in process `syz.2.182'. [ 143.603431][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 143.659778][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 143.706298][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 143.714503][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 143.756186][ T6819] futex_wake_op: syz.3.184 tries to shift op by -1; fix this program [ 144.571395][ T6862] ptrace attach of "./syz-executor exec"[5832] was attempted by ""[6862] [ 145.524085][ T6872] netlink: 342 bytes leftover after parsing attributes in process `syz.0.193'. [ 146.363421][ T6899] dlm: non-version read from control device 1 [ 146.659796][ T6862] kexec: Could not allocate control_code_buffer [ 146.941663][ T6914] random: crng reseeded on system resumption [ 147.147910][ T6923] netlink: 206 bytes leftover after parsing attributes in process `syz.3.203'. [ 147.547700][ T6919] bond0: Unable to set down delay as MII monitoring is disabled [ 147.888911][ T30] audit: type=1800 audit(1766024027.512:7): pid=6967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.204" name="dbroot" dev="configfs" ino=11846 res=0 errno=0 [ 147.917927][ T6967] db_root: not a directory: /dev/audio1 [ 147.943072][ T6967] netlink: 4 bytes leftover after parsing attributes in process `syz.2.204'. [ 147.988142][ T6967] FAULT_INJECTION: forcing a failure. [ 147.988142][ T6967] name failslab, interval 1, probability 0, space 0, times 0 [ 148.057238][ T6967] CPU: 1 UID: 0 PID: 6967 Comm: syz.2.204 Tainted: G L syzkaller #0 PREEMPT(full) [ 148.057285][ T6967] Tainted: [L]=SOFTLOCKUP [ 148.057295][ T6967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 148.057311][ T6967] Call Trace: [ 148.057320][ T6967] [ 148.057331][ T6967] dump_stack_lvl+0x16c/0x1f0 [ 148.057379][ T6967] should_fail_ex+0x512/0x640 [ 148.057409][ T6967] ? __kmalloc_cache_noprof+0x5f/0x800 [ 148.057463][ T6967] should_failslab+0xc2/0x120 [ 148.057507][ T6967] __kmalloc_cache_noprof+0x80/0x800 [ 148.057538][ T6967] ? find_held_lock+0x2b/0x80 [ 148.057573][ T6967] ? pedit_init_net+0x135/0x500 [ 148.057612][ T6967] ? pedit_init_net+0xf6/0x500 [ 148.057658][ T6967] ? pedit_init_net+0x135/0x500 [ 148.057703][ T6967] pedit_init_net+0x135/0x500 [ 148.057742][ T6967] ? __pfx_pedit_init_net+0x10/0x10 [ 148.057779][ T6967] ops_init+0x1e2/0x5f0 [ 148.057822][ T6967] setup_net+0x11d/0x3a0 [ 148.057862][ T6967] ? __pfx_setup_net+0x10/0x10 [ 148.057898][ T6967] ? lockdep_init_map_type+0x5c/0x270 [ 148.057928][ T6967] ? mutex_init_lockep+0x110/0x150 [ 148.057962][ T6967] copy_net_ns+0x351/0x7c0 [ 148.058009][ T6967] create_new_namespaces+0x3ea/0xab0 [ 148.058058][ T6967] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 148.058101][ T6967] ksys_unshare+0x45b/0xa40 [ 148.058146][ T6967] ? __pfx_ksys_unshare+0x10/0x10 [ 148.058194][ T6967] ? xfd_validate_state+0x61/0x180 [ 148.058232][ T6967] __x64_sys_unshare+0x31/0x40 [ 148.058262][ T6967] do_syscall_64+0xcd/0xf80 [ 148.058309][ T6967] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.058337][ T6967] RIP: 0033:0x7f39ac98f7c9 [ 148.058359][ T6967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.058385][ T6967] RSP: 002b:00007f39ad89a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 148.058412][ T6967] RAX: ffffffffffffffda RBX: 00007f39acbe5fa0 RCX: 00007f39ac98f7c9 [ 148.058430][ T6967] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 148.058446][ T6967] RBP: 00007f39aca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 148.058461][ T6967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.058477][ T6967] R13: 00007f39acbe6038 R14: 00007f39acbe5fa0 R15: 00007ffd74b2b838 [ 148.058515][ T6967] [ 149.987218][ T6999] netlink: 28 bytes leftover after parsing attributes in process `syz.0.208'. [ 150.289340][ T7003] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 150.316213][ T7003] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 150.354255][ T7003] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 150.363888][ T7003] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 150.402856][ T7003] page dumped because: unmovable page [ 150.411853][ T7003] page_owner info is not present (never set?) [ 151.227722][ T7036] db_root: not a directory: /dev/audio1 [ 151.233387][ T30] audit: type=1800 audit(1766024030.842:8): pid=7036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.214" name="dbroot" dev="configfs" ino=13170 res=0 errno=0 [ 151.334606][ T7036] netlink: 4 bytes leftover after parsing attributes in process `syz.0.214'. [ 151.834103][ T7051] FAULT_INJECTION: forcing a failure. [ 151.834103][ T7051] name failslab, interval 1, probability 0, space 0, times 0 [ 151.896203][ T7051] CPU: 0 UID: 0 PID: 7051 Comm: syz.2.216 Tainted: G L syzkaller #0 PREEMPT(full) [ 151.896251][ T7051] Tainted: [L]=SOFTLOCKUP [ 151.896262][ T7051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 151.896279][ T7051] Call Trace: [ 151.896289][ T7051] [ 151.896301][ T7051] dump_stack_lvl+0x16c/0x1f0 [ 151.896350][ T7051] should_fail_ex+0x512/0x640 [ 151.896380][ T7051] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 151.896435][ T7051] should_failslab+0xc2/0x120 [ 151.896480][ T7051] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 151.896522][ T7051] ? drm_open_helper+0x204/0x550 [ 151.896554][ T7051] ? kasprintf+0xc7/0x100 [ 151.896582][ T7051] ? chrdev_open+0x234/0x6a0 [ 151.896632][ T7051] ? kvasprintf+0xbc/0x150 [ 151.896662][ T7051] kvasprintf+0xbc/0x150 [ 151.896693][ T7051] ? __pfx_kvasprintf+0x10/0x10 [ 151.896740][ T7051] kasprintf+0xc7/0x100 [ 151.896771][ T7051] ? __pfx_kasprintf+0x10/0x10 [ 151.896811][ T7051] ? lockdep_init_map_type+0x5c/0x270 [ 151.896847][ T7051] drm_debugfs_clients_add+0x48/0x200 [ 151.896879][ T7051] drm_file_alloc+0x5c6/0xb40 [ 151.896916][ T7051] drm_open_helper+0x204/0x550 [ 151.896954][ T7051] drm_open+0x1a0/0x3e0 [ 151.896986][ T7051] ? __pfx_drm_open+0x10/0x10 [ 151.897017][ T7051] drm_stub_open+0x20f/0x380 [ 151.897051][ T7051] ? __pfx_drm_stub_open+0x10/0x10 [ 151.897082][ T7051] chrdev_open+0x234/0x6a0 [ 151.897127][ T7051] ? __pfx_chrdev_open+0x10/0x10 [ 151.897190][ T7051] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 151.897244][ T7051] do_dentry_open+0x748/0x1590 [ 151.897287][ T7051] ? __pfx_chrdev_open+0x10/0x10 [ 151.897359][ T7051] vfs_open+0x82/0x3f0 [ 151.897402][ T7051] path_openat+0x2078/0x3140 [ 151.897462][ T7051] ? __pfx_path_openat+0x10/0x10 [ 151.897523][ T7051] do_filp_open+0x20b/0x470 [ 151.897571][ T7051] ? __pfx_do_filp_open+0x10/0x10 [ 151.897648][ T7051] ? alloc_fd+0x471/0x7d0 [ 151.897705][ T7051] do_sys_openat2+0x121/0x290 [ 151.897740][ T7051] ? __pfx_do_sys_openat2+0x10/0x10 [ 151.897790][ T7051] __x64_sys_openat+0x174/0x210 [ 151.897827][ T7051] ? __pfx___x64_sys_openat+0x10/0x10 [ 151.897879][ T7051] do_syscall_64+0xcd/0xf80 [ 151.897928][ T7051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.897959][ T7051] RIP: 0033:0x7f39ac98f7c9 [ 151.897984][ T7051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.898013][ T7051] RSP: 002b:00007f39ad89a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 151.898043][ T7051] RAX: ffffffffffffffda RBX: 00007f39acbe5fa0 RCX: 00007f39ac98f7c9 [ 151.898063][ T7051] RDX: 0000000000000040 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 151.898082][ T7051] RBP: 00007f39aca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 151.898101][ T7051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.898119][ T7051] R13: 00007f39acbe6038 R14: 00007f39acbe5fa0 R15: 00007ffd74b2b838 [ 151.898162][ T7051] [ 153.373977][ T7080] netlink: 28 bytes leftover after parsing attributes in process `syz.3.219'. [ 154.723252][ T7113] capability: warning: `syz.1.227' uses 32-bit capabilities (legacy support in use) [ 156.374510][ T7139] netlink: 28 bytes leftover after parsing attributes in process `syz.3.235'. [ 156.583875][ T7145] FAULT_INJECTION: forcing a failure. [ 156.583875][ T7145] name failslab, interval 1, probability 0, space 0, times 0 [ 156.616652][ T7147] db_root: not a directory: /dev/audio1 [ 156.623534][ T30] audit: type=1800 audit(1766024036.222:9): pid=7147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.238" name="dbroot" dev="configfs" ino=13318 res=0 errno=0 [ 156.631622][ T7145] CPU: 0 UID: 0 PID: 7145 Comm: syz.0.237 Tainted: G L syzkaller #0 PREEMPT(full) [ 156.631669][ T7145] Tainted: [L]=SOFTLOCKUP [ 156.631680][ T7145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 156.631698][ T7145] Call Trace: [ 156.631708][ T7145] [ 156.631720][ T7145] dump_stack_lvl+0x16c/0x1f0 [ 156.631772][ T7145] should_fail_ex+0x512/0x640 [ 156.631805][ T7145] ? kmem_cache_alloc_noprof+0x62/0x770 [ 156.631865][ T7145] should_failslab+0xc2/0x120 [ 156.631915][ T7145] kmem_cache_alloc_noprof+0x83/0x770 [ 156.631955][ T7145] ? acpi_ut_create_control_state+0x6a/0x100 [ 156.632005][ T7145] ? acpi_ut_create_control_state+0x6a/0x100 [ 156.632045][ T7145] acpi_ut_create_control_state+0x6a/0x100 [ 156.632092][ T7145] acpi_ds_exec_begin_control_op+0x180/0x520 [ 156.632146][ T7145] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 156.632199][ T7145] acpi_ds_exec_begin_op+0x209/0x9c0 [ 156.632240][ T7145] acpi_ps_create_op+0x7cb/0xd30 [ 156.632282][ T7145] ? __pfx_acpi_ps_create_op+0x10/0x10 [ 156.632321][ T7145] ? __pfx_acpi_ut_trace_ptr+0x10/0x10 [ 156.632363][ T7145] ? acpi_ut_value_exit+0xff/0x180 [ 156.632412][ T7145] acpi_ps_parse_loop+0xf06/0x2470 [ 156.632456][ T7145] ? acpi_ns_get_normalized_pathname+0x95/0x250 [ 156.632510][ T7145] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 156.632548][ T7145] ? acpi_ut_status_exit+0x103/0x1c0 [ 156.632593][ T7145] ? acpi_ds_call_control_method+0x435/0xab0 [ 156.632653][ T7145] acpi_ps_parse_aml+0x817/0x1170 [ 156.632700][ T7145] acpi_ps_execute_method+0x5c4/0xe90 [ 156.632763][ T7145] acpi_ns_evaluate+0x98c/0x16d0 [ 156.632814][ T7145] acpi_evaluate_object+0x4ca/0xdf0 [ 156.632847][ T7145] ? ksys_read+0x12a/0x250 [ 156.632897][ T7145] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 156.632933][ T7145] ? __pfx___might_resched+0x10/0x10 [ 156.632999][ T7145] acpi_evaluate_integer+0xdd/0x230 [ 156.633049][ T7145] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 156.633133][ T7145] ? __pfx_status_show+0x10/0x10 [ 156.633163][ T7145] status_show+0xa0/0x120 [ 156.633194][ T7145] ? __pfx_status_show+0x10/0x10 [ 156.633237][ T7145] dev_attr_show+0x56/0xe0 [ 156.633278][ T7145] ? __pfx_dev_attr_show+0x10/0x10 [ 156.633316][ T7145] sysfs_kf_seq_show+0x216/0x3e0 [ 156.633355][ T7145] seq_read_iter+0x50e/0x12d0 [ 156.633417][ T7145] kernfs_fop_read_iter+0x46c/0x610 [ 156.633468][ T7145] ? rw_verify_area+0xcf/0x6c0 [ 156.633510][ T7145] vfs_read+0x8bf/0xcf0 [ 156.633561][ T7145] ? __pfx_vfs_read+0x10/0x10 [ 156.633630][ T7145] ksys_read+0x12a/0x250 [ 156.633673][ T7145] ? __pfx_ksys_read+0x10/0x10 [ 156.633729][ T7145] do_syscall_64+0xcd/0xf80 [ 156.633778][ T7145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.633809][ T7145] RIP: 0033:0x7f667f38f7c9 [ 156.633833][ T7145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.633861][ T7145] RSP: 002b:00007f66801c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 156.633889][ T7145] RAX: ffffffffffffffda RBX: 00007f667f5e5fa0 RCX: 00007f667f38f7c9 [ 156.633910][ T7145] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 156.633929][ T7145] RBP: 00007f667f413f91 R08: 0000000000000000 R09: 0000000000000000 [ 156.633948][ T7145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.633966][ T7145] R13: 00007f667f5e6038 R14: 00007f667f5e5fa0 R15: 00007ffd655263b8 [ 156.634010][ T7145] [ 156.634303][ T7145] ACPI Error: [ 156.741625][ T7147] netlink: 4 bytes leftover after parsing attributes in process `syz.1.238'. [ 156.937831][ T7145] Aborting method \_SB.IQST due to previous error (AE_NO_MEMORY) (20250807/psparse-529) [ 156.938065][ T7145] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250807/psparse-529) [ 157.042951][ T7154] db_root: not a directory: /dev/audio1 [ 157.083805][ T7154] netlink: 4 bytes leftover after parsing attributes in process `syz.3.239'. [ 157.651430][ T7167] netlink: 28 bytes leftover after parsing attributes in process `syz.0.242'. [ 157.677142][ T7167] bridge_slave_1: left allmulticast mode [ 157.695891][ T7167] bridge_slave_1: left promiscuous mode [ 157.733725][ T7167] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.041086][ T7167] bridge_slave_0: left allmulticast mode [ 158.072497][ T7167] bridge_slave_0: left promiscuous mode [ 158.548328][ T7167] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.195267][ T7181] binder: 7180:7181 ioctl c0104d08 200000000040 returned -22 [ 159.255114][ T7181] binder: 7180:7181 ioctl c0306201 0 returned -14 [ 160.233429][ T7209] binder: 7208:7209 ioctl c0306201 0 returned -14 [ 163.729075][ T7272] ubi8: attaching mtd0 [ 163.735893][ T7272] ubi8: scanning is finished [ 163.761801][ T7272] ubi8: empty MTD device detected [ 164.053441][ T7272] ubi8: attached mtd0 (name "mtdram test device", size 0 MiB) [ 164.072121][ T7272] ubi8: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 164.116855][ T7272] ubi8: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 164.166512][ T7272] ubi8: VID header offset: 64 (aligned 64), data offset: 128 [ 164.224495][ T7272] ubi8: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 164.236694][ T7272] ubi8: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 164.265373][ T7272] ubi8: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4010384061 [ 164.327595][ T7272] ubi8: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 164.367002][ T7286] ubi8: background thread "ubi_bgt8d" started, PID 7286 [ 165.297514][ T7308] sp0: Synchronizing with TNC [ 165.581878][ T7315] random: crng reseeded on system resumption [ 165.800471][ T7326] MTRR 1 not used [ 165.866537][ T7325] nbd: failed to add new device [ 166.034688][ T7337] netlink: 4 bytes leftover after parsing attributes in process `syz.3.282'. [ 166.065414][ T7337] netlink: 13 bytes leftover after parsing attributes in process `syz.3.282'. [ 166.411344][ T30] audit: type=1800 audit(1766024046.032:10): pid=7348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.285" name="dbroot" dev="configfs" ino=13931 res=0 errno=0 [ 167.175988][ T7367] netlink: 4 bytes leftover after parsing attributes in process `syz.0.289'. [ 167.219565][ T7361] bond0: option all_slaves_active: invalid value () [ 168.557968][ T30] audit: type=1800 audit(1766024048.182:11): pid=7395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.295" name="dbroot" dev="configfs" ino=14096 res=0 errno=0 [ 168.582944][ T7395] db_root: not a directory: /dev/audio1 [ 168.639731][ T7397] MTRR 1 not used [ 168.658518][ T7398] netlink: 4 bytes leftover after parsing attributes in process `syz.0.295'. [ 168.768546][ T7395] FAULT_INJECTION: forcing a failure. [ 168.768546][ T7395] name failslab, interval 1, probability 0, space 0, times 0 [ 168.844434][ T7395] CPU: 1 UID: 0 PID: 7395 Comm: syz.0.295 Tainted: G L syzkaller #0 PREEMPT(full) [ 168.844480][ T7395] Tainted: [L]=SOFTLOCKUP [ 168.844489][ T7395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 168.844505][ T7395] Call Trace: [ 168.844514][ T7395] [ 168.844524][ T7395] dump_stack_lvl+0x16c/0x1f0 [ 168.844573][ T7395] should_fail_ex+0x512/0x640 [ 168.844605][ T7395] ? __kmalloc_cache_noprof+0x5f/0x800 [ 168.844641][ T7395] should_failslab+0xc2/0x120 [ 168.844686][ T7395] __kmalloc_cache_noprof+0x80/0x800 [ 168.844717][ T7395] ? net_generic+0xea/0x2a0 [ 168.844746][ T7395] ? ctinfo_init_net+0x56/0x270 [ 168.844783][ T7395] ? ctinfo_init_net+0x56/0x270 [ 168.844813][ T7395] ? __pfx_ctinfo_init_net+0x10/0x10 [ 168.844843][ T7395] ctinfo_init_net+0x56/0x270 [ 168.844875][ T7395] ops_init+0x1e2/0x5f0 [ 168.844912][ T7395] setup_net+0x11d/0x3a0 [ 168.844951][ T7395] ? __pfx_setup_net+0x10/0x10 [ 168.844988][ T7395] ? lockdep_init_map_type+0x5c/0x270 [ 168.845020][ T7395] ? mutex_init_lockep+0x110/0x150 [ 168.845059][ T7395] copy_net_ns+0x351/0x7c0 [ 168.845109][ T7395] create_new_namespaces+0x3ea/0xab0 [ 168.845160][ T7395] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 168.845203][ T7395] ksys_unshare+0x45b/0xa40 [ 168.845259][ T7395] ? __pfx_ksys_unshare+0x10/0x10 [ 168.845307][ T7395] ? xfd_validate_state+0x61/0x180 [ 168.845355][ T7395] __x64_sys_unshare+0x31/0x40 [ 168.845379][ T7395] do_syscall_64+0xcd/0xf80 [ 168.845424][ T7395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.845451][ T7395] RIP: 0033:0x7f667f38f7c9 [ 168.845472][ T7395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.845499][ T7395] RSP: 002b:00007f66801c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 168.845525][ T7395] RAX: ffffffffffffffda RBX: 00007f667f5e5fa0 RCX: 00007f667f38f7c9 [ 168.845542][ T7395] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 168.845557][ T7395] RBP: 00007f667f413f91 R08: 0000000000000000 R09: 0000000000000000 [ 168.845572][ T7395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.845586][ T7395] R13: 00007f667f5e6038 R14: 00007f667f5e5fa0 R15: 00007ffd655263b8 [ 168.845622][ T7395] [ 169.251419][ T7399] NFSD: Failed to start, no listeners configured. [ 169.678635][ T7423] FAULT_INJECTION: forcing a failure. [ 169.678635][ T7423] name fail_futex, interval 1, probability 0, space 0, times 0 [ 169.839109][ T7423] CPU: 1 UID: 0 PID: 7423 Comm: syz.3.299 Tainted: G L syzkaller #0 PREEMPT(full) [ 169.839153][ T7423] Tainted: [L]=SOFTLOCKUP [ 169.839163][ T7423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 169.839186][ T7423] Call Trace: [ 169.839195][ T7423] [ 169.839206][ T7423] dump_stack_lvl+0x16c/0x1f0 [ 169.839251][ T7423] should_fail_ex+0x512/0x640 [ 169.839288][ T7423] get_futex_key+0x1d0/0x15f0 [ 169.839322][ T7423] ? __pfx_get_futex_key+0x10/0x10 [ 169.839352][ T7423] ? kmem_cache_free+0x2d8/0x770 [ 169.839386][ T7423] ? kernel_setlease+0x10d/0x140 [ 169.839424][ T7423] ? do_fcntl_add_lease+0x400/0x550 [ 169.839473][ T7423] futex_wake+0xea/0x530 [ 169.839507][ T7423] ? __pfx_futex_wake+0x10/0x10 [ 169.839542][ T7423] ? fcntl_setlease+0x103/0x180 [ 169.839576][ T7423] do_futex+0x1e3/0x350 [ 169.839602][ T7423] ? __pfx_do_futex+0x10/0x10 [ 169.839626][ T7423] ? do_fcntl+0x268/0x1660 [ 169.839654][ T7423] __x64_sys_futex+0x1e0/0x4c0 [ 169.839683][ T7423] ? __pfx___x64_sys_futex+0x10/0x10 [ 169.839708][ T7423] ? tomoyo_file_fcntl+0x6c/0xc0 [ 169.839743][ T7423] ? fput+0x70/0xf0 [ 169.839769][ T7423] do_syscall_64+0xcd/0xf80 [ 169.839822][ T7423] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.839845][ T7423] RIP: 0033:0x7f20f3d8f7c9 [ 169.839864][ T7423] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.839887][ T7423] RSP: 002b:00007f20f4b8c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 169.839920][ T7423] RAX: ffffffffffffffda RBX: 00007f20f3fe5fa8 RCX: 00007f20f3d8f7c9 [ 169.839935][ T7423] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f20f3fe5fac [ 169.839950][ T7423] RBP: 00007f20f3fe5fa0 R08: 00007f20f4b8d000 R09: 0000000000000000 [ 169.839964][ T7423] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 169.839976][ T7423] R13: 00007f20f3fe6038 R14: 00007ffe98471b80 R15: 00007ffe98471c68 [ 169.840006][ T7423] [ 170.364434][ T7439] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 170.431734][ T7438] hub 8-0:1.0: USB hub found [ 170.436913][ T7438] hub 8-0:1.0: 1 port detected [ 170.551449][ T7446] overlayfs: missing 'lowerdir' [ 171.067738][ T7463] ovs_: entered promiscuous mode [ 171.078206][ T7467] netlink: 28 bytes leftover after parsing attributes in process `syz.3.306'. [ 171.363035][ T30] audit: type=1800 audit(1766024050.982:12): pid=7479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=050820 name="lu_gp_id" dev="configfs" ino=15370 res=0 errno=0 [ 172.753978][ T7515] FAULT_INJECTION: forcing a failure. [ 172.753978][ T7515] name failslab, interval 1, probability 0, space 0, times 0 [ 172.771816][ T7515] CPU: 0 UID: 0 PID: 7515 Comm: syz.2.316 Tainted: G L syzkaller #0 PREEMPT(full) [ 172.771859][ T7515] Tainted: [L]=SOFTLOCKUP [ 172.771869][ T7515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 172.771885][ T7515] Call Trace: [ 172.771894][ T7515] [ 172.771906][ T7515] dump_stack_lvl+0x16c/0x1f0 [ 172.771955][ T7515] should_fail_ex+0x512/0x640 [ 172.771986][ T7515] ? kmem_cache_alloc_noprof+0x62/0x770 [ 172.772024][ T7515] should_failslab+0xc2/0x120 [ 172.772069][ T7515] kmem_cache_alloc_noprof+0x83/0x770 [ 172.772105][ T7515] ? __kernfs_new_node+0xd2/0x990 [ 172.772148][ T7515] ? __kernfs_new_node+0xd2/0x990 [ 172.772181][ T7515] __kernfs_new_node+0xd2/0x990 [ 172.772222][ T7515] ? __pfx___kernfs_new_node+0x10/0x10 [ 172.772264][ T7515] ? find_held_lock+0x2b/0x80 [ 172.772306][ T7515] ? kernfs_root+0xee/0x2a0 [ 172.772349][ T7515] kernfs_new_node+0x13c/0x1e0 [ 172.772395][ T7515] __kernfs_create_file+0x53/0x350 [ 172.772458][ T7515] sysfs_add_file_mode_ns+0x207/0x3c0 [ 172.772499][ T7515] internal_create_group+0x597/0xf70 [ 172.772541][ T7515] ? __pfx_internal_create_group+0x10/0x10 [ 172.772580][ T7515] ? kernfs_create_link+0x1bd/0x240 [ 172.772623][ T7515] internal_create_groups+0x9d/0x150 [ 172.772656][ T7515] device_add+0xf56/0x1980 [ 172.772714][ T7515] ? __pfx_device_add+0x10/0x10 [ 172.772753][ T7515] ? lockdep_init_map_type+0x5c/0x270 [ 172.772784][ T7515] ? __init_waitqueue_head+0xca/0x150 [ 172.772828][ T7515] netdev_register_kobject+0x1a9/0x3d0 [ 172.772877][ T7515] register_netdevice+0x13ac/0x21d0 [ 172.772926][ T7515] ? __pfx_register_netdevice+0x10/0x10 [ 172.772979][ T7515] internal_dev_create+0x2d3/0x520 [ 172.773030][ T7515] ovs_vport_add+0x147/0x4d0 [ 172.773075][ T7515] new_vport+0x16/0x1d0 [ 172.773107][ T7515] ovs_dp_cmd_new+0x6ba/0xe60 [ 172.773150][ T7515] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 172.773189][ T7515] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 172.773235][ T7515] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 172.773284][ T7515] genl_family_rcv_msg_doit+0x209/0x2f0 [ 172.773326][ T7515] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 172.773371][ T7515] ? genl_get_cmd+0x194/0x580 [ 172.773419][ T7515] ? bpf_lsm_capable+0x9/0x10 [ 172.773456][ T7515] ? security_capable+0x7e/0x260 [ 172.773502][ T7515] ? ns_capable+0xd7/0x110 [ 172.773540][ T7515] genl_rcv_msg+0x55c/0x800 [ 172.773569][ T7515] ? __pfx_genl_rcv_msg+0x10/0x10 [ 172.773595][ T7515] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 172.773643][ T7515] netlink_rcv_skb+0x158/0x420 [ 172.773681][ T7515] ? __pfx_genl_rcv_msg+0x10/0x10 [ 172.773718][ T7515] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 172.773773][ T7515] ? netlink_deliver_tap+0x1ae/0xd30 [ 172.773815][ T7515] genl_rcv+0x28/0x40 [ 172.773854][ T7515] netlink_unicast+0x5aa/0x870 [ 172.773899][ T7515] ? __pfx_netlink_unicast+0x10/0x10 [ 172.773952][ T7515] netlink_sendmsg+0x8c8/0xdd0 [ 172.774017][ T7515] ? __pfx_netlink_sendmsg+0x10/0x10 [ 172.774065][ T7515] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 172.774120][ T7515] ____sys_sendmsg+0xa5d/0xc30 [ 172.774184][ T7515] ? copy_msghdr_from_user+0x10a/0x160 [ 172.774223][ T7515] ? __pfx_____sys_sendmsg+0x10/0x10 [ 172.774281][ T7515] ? __pfx_futex_wake_mark+0x10/0x10 [ 172.774329][ T7515] ___sys_sendmsg+0x134/0x1d0 [ 172.774372][ T7515] ? __pfx____sys_sendmsg+0x10/0x10 [ 172.774411][ T7515] ? futex_private_hash_put+0x160/0x1b0 [ 172.774494][ T7515] __sys_sendmsg+0x16d/0x220 [ 172.774536][ T7515] ? __pfx___sys_sendmsg+0x10/0x10 [ 172.774577][ T7515] ? __x64_sys_futex+0x1e0/0x4c0 [ 172.774623][ T7515] ? syscall_user_dispatch+0x78/0x140 [ 172.774675][ T7515] do_syscall_64+0xcd/0xf80 [ 172.774734][ T7515] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.774764][ T7515] RIP: 0033:0x7f39ac98f7c9 [ 172.774787][ T7515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.774815][ T7515] RSP: 002b:00007f39ad89a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 172.774843][ T7515] RAX: ffffffffffffffda RBX: 00007f39acbe5fa0 RCX: 00007f39ac98f7c9 [ 172.774862][ T7515] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 000000000000000a [ 172.774879][ T7515] RBP: 00007f39aca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 172.774896][ T7515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 172.774913][ T7515] R13: 00007f39acbe6038 R14: 00007f39acbe5fa0 R15: 00007ffd74b2b838 [ 172.774951][ T7515] [ 173.328050][ T7515] vhci_hcd vhci_hcd.2: default hub control req: 3132 v0a38 i0000 l0 [ 173.716163][ T30] audit: type=1800 audit(1766024053.332:13): pid=7540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.319" name="dbroot" dev="configfs" ino=15156 res=0 errno=0 [ 173.752189][ T7540] db_root: not a directory: /dev/audio1 [ 173.794307][ T7541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.319'. [ 173.943852][ T7517] FAULT_INJECTION: forcing a failure. [ 173.943852][ T7517] name fail_futex, interval 1, probability 0, space 0, times 0 [ 173.957773][ T7517] CPU: 0 UID: 0 PID: 7517 Comm: syz.0.317 Tainted: G L syzkaller #0 PREEMPT(full) [ 173.957816][ T7517] Tainted: [L]=SOFTLOCKUP [ 173.957826][ T7517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 173.957842][ T7517] Call Trace: [ 173.957851][ T7517] [ 173.957861][ T7517] dump_stack_lvl+0x16c/0x1f0 [ 173.957908][ T7517] should_fail_ex+0x512/0x640 [ 173.957953][ T7517] get_futex_key+0x1d0/0x15f0 [ 173.957988][ T7517] ? __pfx_get_futex_key+0x10/0x10 [ 173.958051][ T7517] futex_wait_setup+0x9d/0x570 [ 173.958104][ T7517] __futex_wait+0x193/0x2f0 [ 173.958147][ T7517] ? __pfx___futex_wait+0x10/0x10 [ 173.958194][ T7517] ? __pfx_futex_wake_mark+0x10/0x10 [ 173.958251][ T7517] ? find_held_lock+0x2b/0x80 [ 173.958293][ T7517] ? futex_private_hash_put+0x160/0x1b0 [ 173.958325][ T7517] futex_wait+0xe8/0x380 [ 173.958365][ T7517] ? __pfx_futex_wait+0x10/0x10 [ 173.958413][ T7517] ? putname+0xf5/0x1a0 [ 173.958447][ T7517] do_futex+0x229/0x350 [ 173.958480][ T7517] ? __pfx_do_futex+0x10/0x10 [ 173.958523][ T7517] __x64_sys_futex+0x1e0/0x4c0 [ 173.958560][ T7517] ? __x64_sys_openat+0x174/0x210 [ 173.958592][ T7517] ? __pfx___x64_sys_futex+0x10/0x10 [ 173.958625][ T7517] ? xfd_validate_state+0x61/0x180 [ 173.958663][ T7517] do_syscall_64+0xcd/0xf80 [ 173.958710][ T7517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.958756][ T7517] RIP: 0033:0x7f667f38f7c9 [ 173.958780][ T7517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.958808][ T7517] RSP: 002b:00007f66801c60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 173.958836][ T7517] RAX: ffffffffffffffda RBX: 00007f667f5e5fa8 RCX: 00007f667f38f7c9 [ 173.958855][ T7517] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f667f5e5fa8 [ 173.958872][ T7517] RBP: 00007f667f5e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 173.958889][ T7517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.958906][ T7517] R13: 00007f667f5e6038 R14: 00007ffd655262d0 R15: 00007ffd655263b8 [ 173.958966][ T7517] [ 174.225679][ T7547] db_root: not a directory: /dev/audio1 [ 174.250942][ T7540] FAULT_INJECTION: forcing a failure. [ 174.250942][ T7540] name failslab, interval 1, probability 0, space 0, times 0 [ 174.259622][ T7547] netlink: 4 bytes leftover after parsing attributes in process `syz.1.321'. [ 174.269032][ T7540] CPU: 1 UID: 0 PID: 7540 Comm: syz.2.319 Tainted: G L syzkaller #0 PREEMPT(full) [ 174.269081][ T7540] Tainted: [L]=SOFTLOCKUP [ 174.269092][ T7540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 174.269110][ T7540] Call Trace: [ 174.269122][ T7540] [ 174.269133][ T7540] dump_stack_lvl+0x16c/0x1f0 [ 174.269185][ T7540] should_fail_ex+0x512/0x640 [ 174.269222][ T7540] ? kmem_cache_alloc_noprof+0x62/0x770 [ 174.269265][ T7540] should_failslab+0xc2/0x120 [ 174.269319][ T7540] kmem_cache_alloc_noprof+0x83/0x770 [ 174.269359][ T7540] ? __proc_create+0x2c8/0x8d0 [ 174.269419][ T7540] ? __proc_create+0x2c8/0x8d0 [ 174.269457][ T7540] __proc_create+0x2c8/0x8d0 [ 174.269500][ T7540] ? __pfx___proc_create+0x10/0x10 [ 174.269556][ T7540] proc_create_reg+0x7d/0x180 [ 174.269602][ T7540] proc_create_net_data+0x8e/0x1c0 [ 174.269645][ T7540] ? __pfx_proc_create_net_data+0x10/0x10 [ 174.269689][ T7540] ? lockdep_init_map_type+0x5c/0x270 [ 174.269727][ T7540] nfnl_queue_net_init+0xdd/0x120 [ 174.269767][ T7540] ? __pfx_nfnl_queue_net_init+0x10/0x10 [ 174.269806][ T7540] ops_init+0x1e2/0x5f0 [ 174.269851][ T7540] setup_net+0x11d/0x3a0 [ 174.269898][ T7540] ? __pfx_setup_net+0x10/0x10 [ 174.269938][ T7540] ? lockdep_init_map_type+0x5c/0x270 [ 174.269970][ T7540] ? mutex_init_lockep+0x110/0x150 [ 174.270009][ T7540] copy_net_ns+0x351/0x7c0 [ 174.270062][ T7540] create_new_namespaces+0x3ea/0xab0 [ 174.270113][ T7540] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 174.270160][ T7540] ksys_unshare+0x45b/0xa40 [ 174.270211][ T7540] ? __pfx_ksys_unshare+0x10/0x10 [ 174.270260][ T7540] ? xfd_validate_state+0x61/0x180 [ 174.270299][ T7540] __x64_sys_unshare+0x31/0x40 [ 174.270325][ T7540] do_syscall_64+0xcd/0xf80 [ 174.270374][ T7540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.270406][ T7540] RIP: 0033:0x7f39ac98f7c9 [ 174.270429][ T7540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 174.270458][ T7540] RSP: 002b:00007f39ad89a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 174.270486][ T7540] RAX: ffffffffffffffda RBX: 00007f39acbe5fa0 RCX: 00007f39ac98f7c9 [ 174.270505][ T7540] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 174.270524][ T7540] RBP: 00007f39aca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 174.270542][ T7540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 174.270559][ T7540] R13: 00007f39acbe6038 R14: 00007f39acbe5fa0 R15: 00007ffd74b2b838 [ 174.270601][ T7540] [ 175.043331][ T7572] netlink: 338 bytes leftover after parsing attributes in process `syz.3.323'. [ 175.058103][ T7568] netlink: 342 bytes leftover after parsing attributes in process `syz.3.323'. [ 175.069036][ T7573] netlink: 338 bytes leftover after parsing attributes in process `syz.3.323'. [ 175.318835][ T7587] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 175.765517][ T7591] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 175.773824][ T7598] FAULT_INJECTION: forcing a failure. [ 175.773824][ T7598] name failslab, interval 1, probability 0, space 0, times 0 [ 175.846185][ T7598] CPU: 1 UID: 0 PID: 7598 Comm: syz.0.331 Tainted: G L syzkaller #0 PREEMPT(full) [ 175.846234][ T7598] Tainted: [L]=SOFTLOCKUP [ 175.846245][ T7598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 175.846262][ T7598] Call Trace: [ 175.846272][ T7598] [ 175.846283][ T7598] dump_stack_lvl+0x16c/0x1f0 [ 175.846332][ T7598] should_fail_ex+0x512/0x640 [ 175.846363][ T7598] ? kmem_cache_alloc_lru_noprof+0x66/0x770 [ 175.846404][ T7598] should_failslab+0xc2/0x120 [ 175.846449][ T7598] kmem_cache_alloc_lru_noprof+0x87/0x770 [ 175.846487][ T7598] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 175.846540][ T7598] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 175.846584][ T7598] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 175.846631][ T7598] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 175.846679][ T7598] alloc_inode+0x64/0x240 [ 175.846711][ T7598] new_inode+0x22/0x1c0 [ 175.846754][ T7598] hugetlbfs_get_inode+0x354/0x700 [ 175.846789][ T7598] hugetlb_file_setup+0x15b/0x620 [ 175.846823][ T7598] ksys_mmap_pgoff+0x189/0x5c0 [ 175.846871][ T7598] __x64_sys_mmap+0x125/0x190 [ 175.846904][ T7598] do_syscall_64+0xcd/0xf80 [ 175.846950][ T7598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.846978][ T7598] RIP: 0033:0x7f667f38f7c9 [ 175.847001][ T7598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.847028][ T7598] RSP: 002b:00007f66801a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 175.847055][ T7598] RAX: ffffffffffffffda RBX: 00007f667f5e6090 RCX: 00007f667f38f7c9 [ 175.847073][ T7598] RDX: 0000000000000081 RSI: 0000000000000003 RDI: 0000000008000004 [ 175.847089][ T7598] RBP: 00007f667f413f91 R08: 0000000000000602 R09: 0000300000000000 [ 175.847106][ T7598] R10: 0000000000044eb1 R11: 0000000000000246 R12: 0000000000000000 [ 175.847122][ T7598] R13: 00007f667f5e6128 R14: 00007f667f5e6090 R15: 00007ffd655263b8 [ 175.847161][ T7598] [ 176.126253][ T7592] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 176.132613][ T7592] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 176.276811][ T7592] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 176.322641][ T7592] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 176.653038][ T7609] netlink: 8 bytes leftover after parsing attributes in process `syz.1.334'. [ 177.204856][ T7619] zswap: compressor not available [ 177.248346][ T7629] __vm_enough_memory: pid: 7629, comm: syz.3.339, bytes: 4398046511104 not enough memory for the allocation [ 177.662088][ T7632] bond0: option all_slaves_active: invalid value () [ 177.866378][ T7311] Bluetooth: hci0: command 0x0c1a tx timeout [ 177.963412][ T7642] blktrace: Concurrent blktraces are not allowed on ram7 [ 178.336690][ T7311] Bluetooth: hci1: command 0x0c1a tx timeout [ 178.342828][ T7655] Bluetooth: hci3: command 0x0c1a tx timeout [ 178.349307][ T7311] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.937201][ T7669] netlink: 16 bytes leftover after parsing attributes in process `syz.1.343'. [ 179.460397][ T7695] netlink: 28 bytes leftover after parsing attributes in process `syz.0.347'. [ 179.524419][ T7311] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 179.524458][ T7311] Bluetooth: hci1: unexpected subevent 0x0e length: 725 > 15 [ 179.539982][ T7311] Bluetooth: hci1: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 179.644421][ T7685] program syz.2.346 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 179.881937][ T7685] syz.2.346 (7685) used greatest stack depth: 19688 bytes left [ 180.255952][ T7707] netlink: 28 bytes leftover after parsing attributes in process `syz.2.348'. [ 180.300732][ T7711] netlink: 4 bytes leftover after parsing attributes in process `syz.3.350'. [ 180.327082][ T7711] netlink: 'syz.3.350': attribute type 1 has an invalid length. [ 180.343830][ T7711] netlink: 'syz.3.350': attribute type 6 has an invalid length. [ 180.450067][ T7718] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 180.658621][ T7725] FAULT_INJECTION: forcing a failure. [ 180.658621][ T7725] name failslab, interval 1, probability 0, space 0, times 0 [ 180.720501][ T7715] zswap: compressor not available [ 180.728221][ T7725] CPU: 0 UID: 0 PID: 7725 Comm: syz.3.352 Tainted: G L syzkaller #0 PREEMPT(full) [ 180.728266][ T7725] Tainted: [L]=SOFTLOCKUP [ 180.728276][ T7725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 180.728293][ T7725] Call Trace: [ 180.728303][ T7725] [ 180.728313][ T7725] dump_stack_lvl+0x16c/0x1f0 [ 180.728362][ T7725] should_fail_ex+0x512/0x640 [ 180.728401][ T7725] ? kmem_cache_alloc_noprof+0x62/0x770 [ 180.728441][ T7725] should_failslab+0xc2/0x120 [ 180.728487][ T7725] kmem_cache_alloc_noprof+0x83/0x770 [ 180.728522][ T7725] ? __kernfs_new_node+0xd2/0x990 [ 180.728563][ T7725] ? __kernfs_new_node+0xd2/0x990 [ 180.728593][ T7725] __kernfs_new_node+0xd2/0x990 [ 180.728632][ T7725] ? __pfx___kernfs_new_node+0x10/0x10 [ 180.728676][ T7725] ? find_held_lock+0x2b/0x80 [ 180.728715][ T7725] ? kernfs_root+0xee/0x2a0 [ 180.728755][ T7725] kernfs_new_node+0x13c/0x1e0 [ 180.728795][ T7725] ? current_in_userns+0xc0/0x190 [ 180.728841][ T7725] __kernfs_create_file+0x53/0x350 [ 180.728890][ T7725] sysfs_add_file_mode_ns+0x207/0x3c0 [ 180.728931][ T7725] internal_create_group+0x597/0xf70 [ 180.728974][ T7725] ? kobject_init_and_add+0x123/0x190 [ 180.729003][ T7725] ? __pfx_internal_create_group+0x10/0x10 [ 180.729037][ T7725] ? __pfx_kobject_init_and_add+0x10/0x10 [ 180.729065][ T7725] ? __x64_sys_ioctl+0x18e/0x210 [ 180.729114][ T7725] internal_create_groups+0x9d/0x150 [ 180.729153][ T7725] netdev_queue_update_kobjects+0x115/0x710 [ 180.729212][ T7725] netdev_register_kobject+0x2b3/0x3d0 [ 180.729263][ T7725] register_netdevice+0x13ac/0x21d0 [ 180.729314][ T7725] ? __pfx_register_netdevice+0x10/0x10 [ 180.729368][ T7725] ppp_dev_configure+0xa1e/0xd40 [ 180.729429][ T7725] ppp_ioctl+0x170e/0x2880 [ 180.729476][ T7725] ? find_held_lock+0x2b/0x80 [ 180.729513][ T7725] ? __pfx_ppp_ioctl+0x10/0x10 [ 180.729560][ T7725] ? __fget_files+0x20e/0x3c0 [ 180.729609][ T7725] ? __pfx_ppp_ioctl+0x10/0x10 [ 180.729653][ T7725] __x64_sys_ioctl+0x18e/0x210 [ 180.729691][ T7725] do_syscall_64+0xcd/0xf80 [ 180.729737][ T7725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.729770][ T7725] RIP: 0033:0x7f20f3d8f7c9 [ 180.729793][ T7725] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 180.729821][ T7725] RSP: 002b:00007f20f4b8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 180.729848][ T7725] RAX: ffffffffffffffda RBX: 00007f20f3fe5fa0 RCX: 00007f20f3d8f7c9 [ 180.729867][ T7725] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000006 [ 180.729884][ T7725] RBP: 00007f20f3e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 180.729902][ T7725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.729919][ T7725] R13: 00007f20f3fe6038 R14: 00007f20f3fe5fa0 R15: 00007ffe98471c68 [ 180.729958][ T7725] [ 181.439423][ T7736] nvme_fcloop: unknown parameter or missing value '7' [ 181.727993][ T7739] netlink: 326 bytes leftover after parsing attributes in process `syz.2.354'. [ 181.818498][ T7747] FAULT_INJECTION: forcing a failure. [ 181.818498][ T7747] name fail_futex, interval 1, probability 0, space 0, times 0 [ 181.902181][ T7747] CPU: 1 UID: 0 PID: 7747 Comm: syz.0.355 Tainted: G L syzkaller #0 PREEMPT(full) [ 181.902224][ T7747] Tainted: [L]=SOFTLOCKUP [ 181.902233][ T7747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 181.902259][ T7747] Call Trace: [ 181.902268][ T7747] [ 181.902282][ T7747] dump_stack_lvl+0x16c/0x1f0 [ 181.902327][ T7747] should_fail_ex+0x512/0x640 [ 181.902361][ T7747] get_futex_key+0x1d0/0x15f0 [ 181.902395][ T7747] ? __pfx_get_futex_key+0x10/0x10 [ 181.902429][ T7747] ? rds_info_getsockopt+0x2fa/0x4f0 [ 181.902471][ T7747] futex_wake+0xea/0x530 [ 181.902505][ T7747] ? __pfx_rds_info_getsockopt+0x10/0x10 [ 181.902544][ T7747] ? find_held_lock+0x2b/0x80 [ 181.902578][ T7747] ? __pfx_futex_wake+0x10/0x10 [ 181.902645][ T7747] do_futex+0x1e3/0x350 [ 181.902692][ T7747] ? __pfx_do_futex+0x10/0x10 [ 181.902719][ T7747] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 181.902764][ T7747] ? 0xffffffffff600000 [ 181.902789][ T7747] __x64_sys_futex+0x1e0/0x4c0 [ 181.902825][ T7747] ? __pfx___x64_sys_futex+0x10/0x10 [ 181.902856][ T7747] ? xfd_validate_state+0x61/0x180 [ 181.902891][ T7747] do_syscall_64+0xcd/0xf80 [ 181.902934][ T7747] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.902961][ T7747] RIP: 0033:0x7f667f38f7c9 [ 181.902980][ T7747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.903005][ T7747] RSP: 002b:00007f66801c60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 181.903030][ T7747] RAX: ffffffffffffffda RBX: 00007f667f5e5fa8 RCX: 00007f667f38f7c9 [ 181.903047][ T7747] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f667f5e5fac [ 181.903063][ T7747] RBP: 00007f667f5e5fa0 R08: 00007f66801c7000 R09: 0000000000000000 [ 181.903078][ T7747] R10: 0000000000000032 R11: 0000000000000246 R12: 0000000000000000 [ 181.903099][ T7747] R13: 00007f667f5e6038 R14: 00007ffd655262d0 R15: 00007ffd655263b8 [ 181.903135][ T7747] [ 184.588367][ T7814] netlink: 28 bytes leftover after parsing attributes in process `syz.0.368'. [ 185.655507][ T30] audit: type=1800 audit(1766024065.272:14): pid=7838 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.374" name="dbroot" dev="configfs" ino=17704 res=0 errno=0 [ 185.689431][ T7838] db_root: not a directory: /dev/audio1 [ 185.736318][ T7838] netlink: 4 bytes leftover after parsing attributes in process `syz.2.374'. [ 185.760557][ T7838] FAULT_INJECTION: forcing a failure. [ 185.760557][ T7838] name failslab, interval 1, probability 0, space 0, times 0 [ 185.773538][ T7838] CPU: 1 UID: 0 PID: 7838 Comm: syz.2.374 Tainted: G L syzkaller #0 PREEMPT(full) [ 185.773583][ T7838] Tainted: [L]=SOFTLOCKUP [ 185.773594][ T7838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 185.773610][ T7838] Call Trace: [ 185.773620][ T7838] [ 185.773630][ T7838] dump_stack_lvl+0x16c/0x1f0 [ 185.773679][ T7838] should_fail_ex+0x512/0x640 [ 185.773710][ T7838] ? __kmalloc_noprof+0xca/0x910 [ 185.773745][ T7838] should_failslab+0xc2/0x120 [ 185.773789][ T7838] __kmalloc_noprof+0xeb/0x910 [ 185.773819][ T7838] ? lockdep_init_map_type+0x5c/0x270 [ 185.773848][ T7838] ? ops_init+0x77/0x5f0 [ 185.773892][ T7838] ? ops_init+0x77/0x5f0 [ 185.773925][ T7838] ops_init+0x77/0x5f0 [ 185.773965][ T7838] setup_net+0x11d/0x3a0 [ 185.774005][ T7838] ? __pfx_setup_net+0x10/0x10 [ 185.774041][ T7838] ? lockdep_init_map_type+0x5c/0x270 [ 185.774070][ T7838] ? mutex_init_lockep+0x110/0x150 [ 185.774112][ T7838] copy_net_ns+0x351/0x7c0 [ 185.774157][ T7838] create_new_namespaces+0x3ea/0xab0 [ 185.774225][ T7838] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 185.774272][ T7838] ksys_unshare+0x45b/0xa40 [ 185.774321][ T7838] ? __pfx_ksys_unshare+0x10/0x10 [ 185.774371][ T7838] ? xfd_validate_state+0x61/0x180 [ 185.774410][ T7838] __x64_sys_unshare+0x31/0x40 [ 185.774437][ T7838] do_syscall_64+0xcd/0xf80 [ 185.774486][ T7838] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.774517][ T7838] RIP: 0033:0x7f39ac98f7c9 [ 185.774547][ T7838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.774576][ T7838] RSP: 002b:00007f39ad89a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 185.774606][ T7838] RAX: ffffffffffffffda RBX: 00007f39acbe5fa0 RCX: 00007f39ac98f7c9 [ 185.774626][ T7838] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 185.774645][ T7838] RBP: 00007f39aca13f91 R08: 0000000000000000 R09: 0000000000000000 [ 185.774664][ T7838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.774683][ T7838] R13: 00007f39acbe6038 R14: 00007f39acbe5fa0 R15: 00007ffd74b2b838 [ 185.774726][ T7838] [ 186.212072][ T30] audit: type=1804 audit(1766024065.832:15): pid=7850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.378" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 186.500279][ T7862] netlink: 28 bytes leftover after parsing attributes in process `syz.3.382'. [ 186.629474][ T7869] netlink: 28 bytes leftover after parsing attributes in process `syz.0.384'. [ 187.718145][ T7893] netlink: 74 bytes leftover after parsing attributes in process `syz.0.390'. [ 188.444385][ T7903] netlink: 28 bytes leftover after parsing attributes in process `syz.1.392'. [ 188.465191][ T7903] veth0_macvtap: entered promiscuous mode [ 188.482670][ T7903] veth0_macvtap: entered allmulticast mode [ 188.491238][ T7903] macvtap0: left promiscuous mode [ 188.503415][ T7903] macvtap0: left allmulticast mode [ 188.510223][ T7903] veth0_macvtap: left allmulticast mode [ 188.959931][ T7917] zero sized request [ 189.000061][ T7919] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 190.350780][ T7920] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 191.212625][ T30] audit: type=1800 audit(1766024070.832:16): pid=7956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.402" name="lu_gp_id" dev="configfs" ino=17180 res=0 errno=0 [ 191.630092][ T7962] FAULT_INJECTION: forcing a failure. [ 191.630092][ T7962] name fail_futex, interval 1, probability 0, space 0, times 0 [ 191.645068][ T7962] CPU: 1 UID: 0 PID: 7962 Comm: syz.2.405 Tainted: G L syzkaller #0 PREEMPT(full) [ 191.645101][ T7962] Tainted: [L]=SOFTLOCKUP [ 191.645108][ T7962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 191.645121][ T7962] Call Trace: [ 191.645128][ T7962] [ 191.645136][ T7962] dump_stack_lvl+0x16c/0x1f0 [ 191.645174][ T7962] should_fail_ex+0x512/0x640 [ 191.645202][ T7962] get_futex_key+0x1d0/0x15f0 [ 191.645228][ T7962] ? fput+0x70/0xf0 [ 191.645249][ T7962] ? __pfx_get_futex_key+0x10/0x10 [ 191.645281][ T7962] ? bpf_map_do_batch+0x309/0x680 [ 191.645307][ T7962] ? bpf_lsm_bpf+0x9/0x10 [ 191.645336][ T7962] ? __sys_bpf+0x175/0x4980 [ 191.645357][ T7962] futex_wake+0xea/0x530 [ 191.645408][ T7962] ? __pfx___sys_bpf+0x10/0x10 [ 191.645444][ T7962] ? __pfx_futex_wait+0x10/0x10 [ 191.645472][ T7962] ? __pfx_futex_wake+0x10/0x10 [ 191.645512][ T7962] do_futex+0x1e3/0x350 [ 191.645536][ T7962] ? __pfx_do_futex+0x10/0x10 [ 191.645566][ T7962] __x64_sys_futex+0x1e0/0x4c0 [ 191.645612][ T7962] ? fput+0x70/0xf0 [ 191.645637][ T7962] ? __pfx___x64_sys_futex+0x10/0x10 [ 191.645666][ T7962] ? xfd_validate_state+0x61/0x180 [ 191.645688][ T7962] ? __pfx_ksys_write+0x10/0x10 [ 191.645758][ T7962] do_syscall_64+0xcd/0xf80 [ 191.645805][ T7962] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.645833][ T7962] RIP: 0033:0x7f39ac98f7c9 [ 191.645854][ T7962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.645879][ T7962] RSP: 002b:00007f39ad8790e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 191.645905][ T7962] RAX: ffffffffffffffda RBX: 00007f39acbe6098 RCX: 00007f39ac98f7c9 [ 191.645924][ T7962] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f39acbe609c [ 191.645941][ T7962] RBP: 00007f39acbe6090 R08: 00007f39ad89b000 R09: 0000000000000000 [ 191.645956][ T7962] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 191.645973][ T7962] R13: 00007f39acbe6128 R14: 00007ffd74b2b750 R15: 00007ffd74b2b838 [ 191.646009][ T7962] [ 192.262424][ T7981] netlink: 28 bytes leftover after parsing attributes in process `syz.3.408'. [ 195.150103][ T8051] netlink: 342 bytes leftover after parsing attributes in process `syz.0.420'. [ 196.072864][ T8087] netlink: 28 bytes leftover after parsing attributes in process `syz.0.431'. [ 196.368260][ T8095] ================================================================== [ 196.368276][ T8095] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 196.368330][ T8095] Write of size 8 at addr ffffc90003db9be0 by task syz.3.435/8095 [ 196.368356][ T8095] [ 196.368373][ T8095] CPU: 1 UID: 0 PID: 8095 Comm: syz.3.435 Tainted: G L syzkaller #0 PREEMPT(full) [ 196.368415][ T8095] Tainted: [L]=SOFTLOCKUP [ 196.368426][ T8095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 196.368444][ T8095] Call Trace: [ 196.368454][ T8095] [ 196.368465][ T8095] dump_stack_lvl+0x116/0x1f0 [ 196.368513][ T8095] print_report+0xcd/0x630 [ 196.368560][ T8095] ? __virt_addr_valid+0x81/0x610 [ 196.368609][ T8095] ? sys_imageblit+0x1a6f/0x1e60 [ 196.368647][ T8095] kasan_report+0xe0/0x110 [ 196.368697][ T8095] ? sys_imageblit+0x1a6f/0x1e60 [ 196.368746][ T8095] sys_imageblit+0x1a6f/0x1e60 [ 196.368796][ T8095] ? __pfx_sys_imageblit+0x10/0x10 [ 196.368845][ T8095] ? preempt_schedule_notrace_thunk+0x16/0x30 [ 196.368882][ T8095] ? queue_work_on+0x12a/0x1f0 [ 196.368920][ T8095] ? drm_fb_helper_damage_area+0xaa/0xd0 [ 196.368959][ T8095] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 196.369009][ T8095] soft_cursor+0x524/0xa10 [ 196.369059][ T8095] ? fb_get_color_depth+0x120/0x250 [ 196.369096][ T8095] bit_cursor+0xe8c/0x17e0 [ 196.369139][ T8095] ? __pfx_bit_cursor+0x10/0x10 [ 196.369183][ T8095] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 196.369231][ T8095] ? get_color+0x1da/0x450 [ 196.369270][ T8095] ? __pfx_bit_cursor+0x10/0x10 [ 196.369314][ T8095] fbcon_cursor+0x437/0x5d0 [ 196.369339][ T8095] ? add_softcursor+0x11/0x290 [ 196.369370][ T8095] ? hide_cursor+0x99/0x220 [ 196.369402][ T8095] set_cursor+0x1db/0x250 [ 196.369434][ T8095] vcs_write+0xbbc/0xdb0 [ 196.369471][ T8095] ? __pfx_vcs_write+0x10/0x10 [ 196.369501][ T8095] ? bpf_lsm_file_permission+0x9/0x10 [ 196.369533][ T8095] ? security_file_permission+0x71/0x210 [ 196.369568][ T8095] ? rw_verify_area+0xcf/0x6c0 [ 196.369603][ T8095] ? __pfx_vcs_write+0x10/0x10 [ 196.369632][ T8095] vfs_write+0x2a0/0x11d0 [ 196.369673][ T8095] ? __pfx_vfs_write+0x10/0x10 [ 196.369709][ T8095] ? find_held_lock+0x2b/0x80 [ 196.369744][ T8095] ? __fget_files+0x204/0x3c0 [ 196.369784][ T8095] ? __fget_files+0x20e/0x3c0 [ 196.369827][ T8095] ksys_write+0x12a/0x250 [ 196.369863][ T8095] ? __pfx_ksys_write+0x10/0x10 [ 196.369906][ T8095] do_syscall_64+0xcd/0xf80 [ 196.369956][ T8095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.369983][ T8095] RIP: 0033:0x7f20f3d8f7c9 [ 196.370003][ T8095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.370037][ T8095] RSP: 002b:00007f20f4b8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 196.370062][ T8095] RAX: ffffffffffffffda RBX: 00007f20f3fe5fa0 RCX: 00007f20f3d8f7c9 [ 196.370079][ T8095] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000007 [ 196.370094][ T8095] RBP: 00007f20f3e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 196.370110][ T8095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.370124][ T8095] R13: 00007f20f3fe6038 R14: 00007f20f3fe5fa0 R15: 00007ffe98471c68 [ 196.370151][ T8095] [ 196.370159][ T8095] [ 196.370166][ T8095] The buggy address belongs to a vmalloc virtual mapping [ 196.370184][ T8095] Memory state around the buggy address: [ 196.370198][ T8095] ffffc90003db9a80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 196.370217][ T8095] ffffc90003db9b00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 196.370237][ T8095] >ffffc90003db9b80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 196.370253][ T8095] ^ [ 196.370267][ T8095] ffffc90003db9c00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 196.370286][ T8095] ffffc90003db9c80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 196.370300][ T8095] ================================================================== [ 196.370702][ T8095] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 196.370726][ T8095] CPU: 1 UID: 0 PID: 8095 Comm: syz.3.435 Tainted: G L syzkaller #0 PREEMPT(full) [ 196.370767][ T8095] Tainted: [L]=SOFTLOCKUP [ 196.370777][ T8095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 196.370793][ T8095] Call Trace: [ 196.370801][ T8095] [ 196.370812][ T8095] dump_stack_lvl+0x3d/0x1f0 [ 196.370855][ T8095] vpanic+0x640/0x6f0 [ 196.370883][ T8095] panic+0xca/0xd0 [ 196.370908][ T8095] ? __pfx_panic+0x10/0x10 [ 196.370944][ T8095] ? sys_imageblit+0x1a6f/0x1e60 [ 196.370984][ T8095] ? preempt_schedule_common+0x44/0xc0 [ 196.371030][ T8095] ? preempt_schedule_thunk+0x16/0x30 [ 196.371060][ T8095] check_panic_on_warn+0xab/0xb0 [ 196.371089][ T8095] end_report+0x107/0x160 [ 196.371129][ T8095] kasan_report+0xee/0x110 [ 196.371170][ T8095] ? sys_imageblit+0x1a6f/0x1e60 [ 196.371213][ T8095] sys_imageblit+0x1a6f/0x1e60 [ 196.371257][ T8095] ? __pfx_sys_imageblit+0x10/0x10 [ 196.371298][ T8095] ? preempt_schedule_notrace_thunk+0x16/0x30 [ 196.371330][ T8095] ? queue_work_on+0x12a/0x1f0 [ 196.371362][ T8095] ? drm_fb_helper_damage_area+0xaa/0xd0 [ 196.371396][ T8095] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 196.371438][ T8095] soft_cursor+0x524/0xa10 [ 196.371473][ T8095] ? fb_get_color_depth+0x120/0x250 [ 196.371504][ T8095] bit_cursor+0xe8c/0x17e0 [ 196.371540][ T8095] ? __pfx_bit_cursor+0x10/0x10 [ 196.371576][ T8095] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 196.371618][ T8095] ? get_color+0x1da/0x450 [ 196.371644][ T8095] ? __pfx_bit_cursor+0x10/0x10 [ 196.371674][ T8095] fbcon_cursor+0x437/0x5d0 [ 196.371701][ T8095] ? add_softcursor+0x11/0x290 [ 196.371731][ T8095] ? hide_cursor+0x99/0x220 [ 196.371764][ T8095] set_cursor+0x1db/0x250 [ 196.371796][ T8095] vcs_write+0xbbc/0xdb0 [ 196.371834][ T8095] ? __pfx_vcs_write+0x10/0x10 [ 196.371866][ T8095] ? bpf_lsm_file_permission+0x9/0x10 [ 196.371897][ T8095] ? security_file_permission+0x71/0x210 [ 196.371932][ T8095] ? rw_verify_area+0xcf/0x6c0 [ 196.371974][ T8095] ? __pfx_vcs_write+0x10/0x10 [ 196.372004][ T8095] vfs_write+0x2a0/0x11d0 [ 196.372052][ T8095] ? __pfx_vfs_write+0x10/0x10 [ 196.372090][ T8095] ? find_held_lock+0x2b/0x80 [ 196.372125][ T8095] ? __fget_files+0x204/0x3c0 [ 196.372168][ T8095] ? __fget_files+0x20e/0x3c0 [ 196.372210][ T8095] ksys_write+0x12a/0x250 [ 196.372248][ T8095] ? __pfx_ksys_write+0x10/0x10 [ 196.372292][ T8095] do_syscall_64+0xcd/0xf80 [ 196.372334][ T8095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.372361][ T8095] RIP: 0033:0x7f20f3d8f7c9 [ 196.372381][ T8095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.372407][ T8095] RSP: 002b:00007f20f4b8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 196.372433][ T8095] RAX: ffffffffffffffda RBX: 00007f20f3fe5fa0 RCX: 00007f20f3d8f7c9 [ 196.372452][ T8095] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000007 [ 196.372469][ T8095] RBP: 00007f20f3e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 196.372487][ T8095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.372504][ T8095] R13: 00007f20f3fe6038 R14: 00007f20f3fe5fa0 R15: 00007ffe98471c68 [ 196.372532][ T8095] [ 196.372909][ T8095] Kernel Offset: disabled