last executing test programs: 9.659820729s ago: executing program 1 (id=413): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x200, 0x0) mmap$auto(0x0, 0x2000a, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x42e4) r0 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = prctl$auto(0x3b, 0x1, r0, 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) getgid() recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000040), r3) sendmsg$auto_NETDEV_CMD_QSTATS_GET(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010329bd7000fedbdf250c000000080004"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0xc000) r5 = socket(0x2, 0x1, 0x0) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000400)={0x24, 0x0, 0xb11, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x9801) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="010000", @ANYRES16=0x0, @ANYBLOB="080025bd7000fddbdf25020000001400040074756e6c300000000000000000000000050019000000000008000d00ca01000008003100c9bf00000600250002000000080023000a010101060022000200000007000100a67b2b000a0005000180c200000f0000"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x1) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'hsr0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="100026bd7000fedbdf25030000000800040008000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a000100aaaaaaaaaabb00000a000500aaaaaaaaaa3a000008000200", @ANYRES32=r6, @ANYBLOB="eeeeca74f5af6a3e080003000800"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40090) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r7) r9 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_ehash_entries\x00', 0x40100, 0x0) read$auto_proc_sys_file_operations_proc_sysctl(r9, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='?\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="2f212cbd7000fcdbdf252100000008000300", @ANYRES32=r10, @ANYBLOB="0c002d800400df80dd118e6d"], 0x28}}, 0x4000000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth1\x00', 0x0}) sendmsg$auto_NETDEV_CMD_DEV_GET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, r4, 0x300, 0x70bd29, 0x25dfdbfb, {}, [@NETDEV_A_DEV_IFINDEX={0x8}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r6}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r10}, @NETDEV_A_DEV_IFINDEX={0x8, 0x1, r11}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000881}, 0x1) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 6.440473035s ago: executing program 3 (id=422): openat$auto_bdi_debug_stats_fops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/bdi/43:416/stats\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/transparent_hugepage/khugepaged/max_ptes_swap\x00', 0x100042, 0x0) arch_prctl$auto_ARCH_MAP_VDSO_X32(0x2001, 0x40) mmap$auto(0x0, 0x2020009, 0x3, 0x800800000000eb1, 0xfffffffffffffff6, 0x8000) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xfa}, 0x7) 6.279915742s ago: executing program 1 (id=424): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/blkio.throttle.write_iops_device\x00', 0x121002, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x3, 0x3}, 0x18, 0x0) (async) sched_getscheduler$auto(0x0) (async) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) (async) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) (async) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) (async) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) (async) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) (async) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.4/usb18/18-0:1.0/usb18-port4/state\x00', 0x321843, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) (async) r2 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000580), 0x2802, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r2, 0xfffffff7effffd05, &(0x7f00000001c0)) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4c084}, 0x51) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/apparmor/prev\x00', 0x1, 0x0) (async) socketpair$auto(0x1e, 0x3, 0xffffff00, 0x0) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x3}, 0x7}, 0x3, 0xcad7) (async) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) (async) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) (async) write$auto(0x3, 0x0, 0x100085) (async) write$auto_proc_pid_attr_operations_base(0xffffffffffffffff, &(0x7f0000000200)="a597d9", 0x3) (async) bind$auto(0x3, 0x0, 0x6a) (async) semctl$auto(0x80001ff, 0x804, 0x13, 0x4) 6.233753931s ago: executing program 3 (id=425): r0 = socket(0x15, 0x5, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) (async) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000700), r1) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f00000000c0)={0x24, r5, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x10, 0x9, 0x0, 0x1, [@typed={0x9, 0x1, 0x0, 0x0, @str='$!.}\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000010}, 0xc050) (async) sendmsg$auto_TIPC_NL_MON_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001680)={&(0x7f00000000c0)={0x24, r5, 0x1, 0x70bd2d, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0x10, 0x9, 0x0, 0x1, [@typed={0x9, 0x1, 0x0, 0x0, @str='$!.}\x00'}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000010}, 0xc050) ioctl$auto_XFS_IOC_ALLOCSP(0xffffffffffffffff, 0x4030580a, &(0x7f0000000280)={0x3ff, 0xe78, 0x6, 0x100000000, 0x5, 0x0}) io_cancel$auto(0x1000000000, &(0x7f0000000300)={0x6, 0x8, 0x5c, 0xfff5, 0x4, r3, 0x9, 0xeca, 0xb7d, 0x0, 0xfffffffa, r3}, &(0x7f0000000340)={0x8, 0x0, 0x80000001, 0x3}) shmctl$auto_SHM_UNLOCK(0x6, 0xc, &(0x7f0000000440)={{0xb0, 0xee00, 0x0, 0x4, 0xfffffffe, 0xaa, 0x222}, 0x7, 0x7, 0x8, 0x7, @raw=0x13e, @inferred, 0x8000, 0x0, &(0x7f0000000380)="60f23760c804691e44ae1dcc387e7be9dc4861e1a5e814a2b245ad7ae4c6dc70c288cccaa459bdada42e0f0847a1508212a25e015a22aee9b8e61487e6d69620060083ede4e5a3d31126fd0f7822d4e138700c5cbb88b72f83a0aefdbc039cf996cdbcca003ae5a2604e380c5e3944ce037c8239fa", &(0x7f0000000400)="f74aaa372d5d1a82ba537f783af95f3012c3cfdf4b23854039f207a8b9ff015499037f679c515b276ce5d0b05287182a7959ded6fb2c5f1b74fab8c0"}) (async) shmctl$auto_SHM_UNLOCK(0x6, 0xc, &(0x7f0000000440)={{0xb0, 0xee00, 0x0, 0x4, 0xfffffffe, 0xaa, 0x222}, 0x7, 0x7, 0x8, 0x7, @raw=0x13e, @inferred, 0x8000, 0x0, &(0x7f0000000380)="60f23760c804691e44ae1dcc387e7be9dc4861e1a5e814a2b245ad7ae4c6dc70c288cccaa459bdada42e0f0847a1508212a25e015a22aee9b8e61487e6d69620060083ede4e5a3d31126fd0f7822d4e138700c5cbb88b72f83a0aefdbc039cf996cdbcca003ae5a2604e380c5e3944ce037c8239fa", &(0x7f0000000400)="f74aaa372d5d1a82ba537f783af95f3012c3cfdf4b23854039f207a8b9ff015499037f679c515b276ce5d0b05287182a7959ded6fb2c5f1b74fab8c0"}) sendmsg$auto_TIPC_NL_MON_GET(r3, &(0x7f0000000680)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000640)={&(0x7f0000001080)={0x5d8, r5, 0x400, 0x70bd2a, 0x25dfcbfc, {}, [@TIPC_NLA_NAME_TABLE={0x20, 0x8, 0x0, 0x1, [@nested={0x1c, 0xbb, 0x0, 0x1, [@nested={0x4, 0x65}, @typed={0x8, 0xbb, 0x0, 0x0, @ipv4=@empty}, @nested={0x4, 0x91}, @typed={0x8, 0x116, 0x0, 0x0, @pid=r6}]}]}, @TIPC_NLA_NODE={0x418, 0x6, 0x0, 0x1, [@nested={0x412, 0xf3, 0x0, 0x1, [@typed={0x5, 0x40, 0x0, 0x0, @str='\x0f'}, @generic="b05281a85b90378fe24d18adec16242087482fb0f399cf8890b69ed3b02f6be8da3f5fb69258c47a049dbaefb3fe6e09416c48268a77cdbe8d03b1eb136da0a787d09a45f0fbee82c11aa56e733c53d9f413676577bfdb4067c1805a98e33393bd4c9250aa2073a19258f3d3bb008841eab15a091b9206e2cd7daa78b00e90c11897e68e638be49a1939a3070aa871644a8a48da73d4e1a54fd93cab2df73afb8a1b242e83704af204e60008adcff02834f73ac1f06d62980598c92b2506", @typed={0xf3, 0xc1, 0x0, 0x0, @binary="8c6078aecfac56b4492bbbb8859127f062b8cd3c1ddfe386f880d626162a7f7a151da7ef8a8fb44d128d48c8d2ab6e74606283658527be13262e53c3a3f7b20d8424673e07815b5b76bdaa7793c725bb46bc6b1287e8d6c46525fb721e67aa3fcd2e20b7c26fc255311002bb57de4b17fbac03108a283dd7c3c13c62fc331b349225b424b15c594114379b13343a2d9a182ce41b636c3d0c9d16b96e798b9a0485e0c274f3bd36ba8fed13b9c85ed41ebd63cc6d2e912d6405d02c53c3ad2c0e73d53036fb2c26877a3295e828d1eed58da31f48e8d76bb49155d78bc5fa49b39bcdeb6d4ffa5eb4d508d5e6ee0c27"}, @nested={0x4, 0x1b}, @nested={0x24e, 0x30, 0x0, 0x1, [@typed={0x8, 0x11c, 0x0, 0x0, @ipv4=@multicast2}, @typed={0x8, 0xb1, 0x0, 0x0, @uid=r8}, @nested={0x1d4, 0x19, 0x0, 0x1, [@nested={0x4, 0x12a}, @generic="7f8bbeaf17d8fcb7e5d047c73f8eeda21ff172cad27af234b2ac13897fb800f75ab13528fa39f7447218e0b418fc6496a061c7bc86be2ca833065537d4f564ea82ebadda", @typed={0x8, 0xf6, 0x0, 0x0, @ipv4=@loopback}, @generic="cb166866553d608769ea43aec90a27251a17672537f635c38e5ebc949a8b35c6bf47aa5cd74dbec7b304b7d8c870454315f6a58e6805482673cfd8f2c2984a347e4af4917fd4ca324e29501e4829160c147281b6948966a7776628ea66e9bf4597ccf565c336d232e2fa452e473caff4894c43cc8b2db369e0e90da62199d51e04d181edc62c93aac53157a3e0fcd7da024ac06182b0c4d1ba033bbce3902b61bdc3dc3decdf40f38d2923fbf6b997aed6353555c862598687b99414de0bf9b4fe0a65ac40fdb336e285eedd9822f22129831b7c99eb432319d5bc0d04585014b5e4904b5034cff611a633f5625d358905f6dfa8", @nested={0x4, 0x1d}, @nested={0x4, 0x8}, @typed={0x8, 0x4d, 0x0, 0x0, @fd=r4}, @generic="31b3f6dee9f804351385dec7c0ab9cbc980bfb09970de414dc4e0f5d4f6abe8eebaa0b4ca2ddf9539517a33f8dcf75cdb083bf18660b754290262a2f9f4ef12e5c5e62e874d035da0fe36857c72b739645daa1b45629f62587354f5d062625de40d2fc655cbcf31e818ec4fd80bb094cbb8011f0", @typed={0x8, 0xe, 0x0, 0x0, @pid=r6}]}, @nested={0x58, 0x12e, 0x0, 0x1, [@generic="a43d324821fc3a3ff9b9900ebeebd9ea12cd6fc9c216b0c59cd007f8f978ca496843e2f48185dc794b1ca8c9030145b1352195975c5d6ac99aa5d63ec2217db27d545dd63355219bc4e89746bfc82460aafc11c0"]}, @generic="fe158806b73e1d8ae19db40d8775"]}]}]}, @TIPC_NLA_PUBL={0x18b, 0x3, 0x0, 0x1, [@generic="f3a169f9bbc72b69629f5bbb730f69bc37ebad47e82d957c95eb9900b59360d9be86d69d445b87dba759de96877d6b76343276080cab8d318d17101f6e01be151d298a6483501b7af875948f64a0e55a569d97620e1bd799c71ec4167fe43094b56d7fa79a8f1bedc6aa7b78ccb0d0e783975b5bde541a9e298791fe309600e080a5d316b6f4c8d11c0a6ae0e8235cff22a9da3c17768a47fd7c080db7630084d0a0c53d022b27e2f87cd1c6217f5146632513ba29e81f758cd73bfe506df8429fdb7006a2ce59da2d843859cd7c9f4c66834312cc10ed53748e1cae3eaaed0dc4", @typed={0x8, 0x6e, 0x0, 0x0, @str='(!@\x00'}, @typed={0x8, 0x65, 0x0, 0x0, @fd=r7}, @generic="98797551265d1c791d59996779130cb22bd8a3e1e63715da38d21ffe3adf57678ef1d15730b2474ef5addcab55c75b412d9c7fdb1fdf5c666e7b6fcd6ed6f91dde562c9d6c6bcf65b3e434184baf681b7b570a87546ae6b538f1aee9fd9eea44027558455aca8b8a7a042986360d31d3e18401b68f322b1a271570ec322157f35955be89fec08d5fa5d3f3bbd01e07ccbcce6c06a4ab"]}]}, 0x5d8}, 0x1, 0x0, 0x0, 0xc0}, 0x40000c0) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) sysfs$auto(0x2, 0x41, 0x0) (async) sysfs$auto(0x2, 0x41, 0x0) fsopen$auto(0x0, 0x1) (async) r9 = fsopen$auto(0x0, 0x1) fsconfig$auto_SHMEM_HUGE_NEVER(r9, 0x5, &(0x7f0000000180)='+\x00_\xe8\xdb\xff\x0f\\X\xc9#\xa0\xdc\x04\x0f\x99v\xbc\xc3\xf2\x03\xe2T\b\x9c\xe7J\xcd\x00\x00\x00\x00\x00\x00\x00\x00c\x00\x00\x00\x00\x00\x00\x00', 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0d566b3dd008e4edd9650200000000000008"], 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0x200000c4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x183941, 0x0) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/pm_async\x00', 0x183941, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) (async) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20008810) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="18"], 0x1ac}}, 0x40000) r10 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r10, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x6, 0x1}, 0x5}, 0x3, 0x0) (async) sendmmsg$auto(r10, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x6, 0x1}, 0x5}, 0x3, 0x0) sendmsg$auto_OVS_FLOW_CMD_GET(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, r2, 0x1, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x4000800) 4.905277796s ago: executing program 3 (id=429): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS0\x00', 0x101e81, 0x0) rseq$auto(&(0x7f0000000200)={0xe, 0x400, 0xfb82, 0xfc, 0xffffffff, 0x200}, 0x8000, 0x0, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) mmap$auto(0x200000004, 0x400008, 0x2000000000df, 0x9b72, 0xffffffffffffffff, 0x8001) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mincore$auto(0x1000, 0x8003, 0x0) setsockopt$auto(0x3, 0x0, 0x20, 0x0, 0x28) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_urandom_fops_random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0) ioctl$auto_RNDADDENTROPY2(r1, 0x40085203, 0x0) syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000001500), r0) ioctl$auto_BLKGETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f0000001200)=0x7) sendmsg$auto_NET_SHAPER_CMD_GROUP(r0, 0x0, 0x14) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/amidi2\x00', 0x737081, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x81, 0x0, 0x0, &(0x7f0000000300)={[0x1ff, 0x5, 0xd, 0xfffffffffffff4d6, 0x948b, 0x3, 0x15f4da0e, 0x3, 0x0, 0x9, 0x80000001, 0x1000, 0x1, 0x9, 0x3, 0x1]}, 0x0) write$auto(r2, &(0x7f0000000240)='//ev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x5014c0, 0x0) r3 = setfsuid$auto(0xee01) getpriority$auto_PRIO_USER(0x2, r3) lstat$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x6f, 0x1, 0x8, 0x3, r3, 0xee00, 0x0, 0x6, 0x722, 0x9, 0x7, 0x1, 0x3, 0x2c8ebe2a, 0x7c1, 0x1, 0x4}) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) write$auto(r4, 0x0, 0xfffffdef) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/fs/f2fs/features/project_quota\x00', 0x8080, 0x0) 4.647736159s ago: executing program 2 (id=431): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_handshake(&(0x7f0000000040), r1) sendmsg$auto_HANDSHAKE_CMD_DONE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x1, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x400c4}, 0x20040040) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000300), 0x60081, 0x0) statmount$auto(&(0x7f0000000000)={0x6143, @raw=0xfffffffa, 0xfffffffffffffffa, 0x8d, 0x401}, &(0x7f0000000340)={0x101, 0x2, 0xfffffffffffffff8, 0x6, 0x1, 0x0, 0x7, 0x1, 0xfffffffffffffe00, 0xfffffffffffffffb, 0x1ec1, 0x2, 0xe31, 0xcda, 0xfffffffffffffffe, 0x0, 0x8, 0x5, 0x7, 0x5, 0x2, 0x0, 0x0, 0x4, 0x2, 0x8, 0x7d3, 0x0, 0x1000, 0x1, 0x0, [0x4e91f74, 0xfd2, 0x579c, 0x3, 0x0, 0x8, 0x9, 0x2, 0x6, 0x1ff8000, 0xae7, 0x2, 0x7, 0x7, 0x1, 0x9, 0xa, 0x6, 0x10001, 0x100, 0x3, 0x32, 0x80, 0x7, 0x4, 0x9, 0x2, 0x1000000000000005, 0x8, 0x10001, 0x88b, 0x101, 0x9732, 0xffffffffffff8001, 0x7, 0xffffffffffffffff, 0x100000001, 0x4, 0xffffffffffffffff, 0x2, 0x6, 0x7f, 0x2], "e83e67dcd73c68dddc0f692d1010131cac0b93b10233f619b7955248714220c358a7095a93f6539c7a7227ed98903c4ea3119826ee33d9bfb178e63a8ca27e7d7efc2acc837ad85f0856fde657b4807ca74626d9ad544e0b3a8f082ce05fe4d7088629b6efecda"}, 0x4, 0x5) ioctl$auto_PPPIOCATTACH(r3, 0x4004743d, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/amidi2\x00', 0x141000, 0x0) 4.421323362s ago: executing program 1 (id=432): syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_DEL_PMK(0xffffffffffffffff, 0x0, 0x800) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x80401, 0x0) mmap$auto(0xfffffffffffffffe, 0x40, 0x4000000000df, 0xe31, 0x401, 0x8000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) io_uring_setup$auto(0xc, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7, 0x1d, 0x4909b6f5, 0x1, 0x7, 0x3, 0x9, 0x5df, 0x3, 0x4, 0x2, 0xb4, 0x9, 0x208, 0x10003, 0x80, 0x3, 0x80, 0xa, 0x22000, 0x200, 0x7, 0x84, 0x0, 0x9, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1f, 0x0, 0x2, 0x100000000000, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x6, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000, 0x8000000000000000]}, 0x3, 0x800d) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082cbf7000fedbdf25030000000802e700", @ANYRES32=0x0, @ANYBLOB="060007000080000008000400060000000a000500aaaaaaaaaabb00000a00010000000000000000000a0001000180c200000e00000600"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x4}, 0x6}, 0x3, 0x0) 4.272949867s ago: executing program 2 (id=433): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) io_uring_setup$auto(0x1fe, 0x0) r0 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) setgroups$auto(0xe32, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda\x00', 0x100, 0x0) ioctl$auto_BLKRRPART(r1, 0x125f, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0) r2 = openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x80100, 0x0) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x403c6f2b, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) (async) syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) (async) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) (async) io_uring_setup$auto(0x1fe, 0x0) (async) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x8040, 0x0) (async) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) (async) setgroups$auto(0xe32, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda\x00', 0x100, 0x0) (async) ioctl$auto_BLKRRPART(r1, 0x125f, 0x0) (async) ioctl$auto_dvb_demux_fops_dmxdev(r0, 0x403c6f2b, 0x0) (async) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000140), 0x80100, 0x0) (async) ioctl$auto_dvb_demux_fops_dmxdev(r2, 0x403c6f2b, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) (async) 4.144996809s ago: executing program 1 (id=434): syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r1 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x80) fchdir$auto(r1) mkdir$auto(&(0x7f0000000480)='./cgroup\x00', 0x6) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r2 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) syz_clone3(&(0x7f00000003c0)={0x383201180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r2}}, 0x58) rmdir$auto(&(0x7f0000000300)='./cgroup\x00') mmap$auto(0x4, 0x20009, 0x10000000000007, 0x200000011, r0, 0x40000007ffe) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x9, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x2, 0x62, 0x80000000, 0x9, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) getpid() mlockall$auto(0xedfffffd) rt_sigprocmask$auto(0x6, &(0x7f0000000080)={0x6}, 0xffffffffffffffff, 0x8) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x4) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x400, 0x7) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 4.008058637s ago: executing program 0 (id=435): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8003) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000001c0)) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) write$auto(0x3, 0x0, 0x100082) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/trace_pipe\x00', 0x20c01, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20044050}, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x4, 0x3, 0x3, 0x3, 0x1, 0x8000000000000000, 0x8000000000000000, 0x0, 0x6d3c, 0x1, 0x2, 0x8000000000000006]}, 0x0) ioctl$auto_SG_GET_COMMAND_Q2(r2, 0x2270, &(0x7f0000000340)="aa6977bdf7a47540d09e2d187708f81a522bb20bdbb52be4d81f10e617a37e8aa552c101fc914ae2e989aac03598ba01bb625780cde382472812b01b1afc8d7eca152dbe9bef372ea910fd32846bc7bfa9ab6ef770d23e96b1423e154baa7e49001d1f8df6dd5136c79cf9ddc2618c81cbf920201434ae7f7cd8407be355c60caab6cd3a9947cf9d2a33922f43c44e1752a839708db43e2fd2cf3e16750e9c12ca1d54a48a30c63dac012a") close_range$auto(0x2, 0x8, 0x0) openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000040), 0x88080, 0x0) pread64$auto(r1, 0x0, 0xd, 0x7) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/neigh/wg1/retrans_time\x00', 0x82, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x8, 0xffff) mount$auto(0x0, &(0x7f00000001c0)='.\x00', 0x0, 0x104000, 0x0) r4 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x203c2, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000140)="3318cb") r5 = pipe2$auto(0x0, 0x80) ioctl$auto_SNDCTL_DSP_CHANNELS(r5, 0xc0045006, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000002480)='/dev/midi2\x00', 0x2c40, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0xfffffffffffffffc, 0x100000000, 0xe3, 0x12, 0x2, 0x8000) 3.777524468s ago: executing program 2 (id=436): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = socketpair$auto(0x2c29c000, 0x9, 0x6, 0x0) close_range$auto(0x2, r0, 0x0) open(0x0, 0x22040, 0x75) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0) ioctl$auto(0x3, 0xc0485619, 0x38) 3.722010378s ago: executing program 3 (id=437): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket(0x2, 0x1, 0x106) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r1, &(0x7f0000000400), 0x100000a3d9) sysfs$auto(0x2, 0x23, 0x0) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r2, 0x0, 0x4) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_IOC_PR_RELEASE(r3, 0x401070ca, 0x0) rseq$auto(0x0, 0x8000, 0x0, 0x6) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/scsi/sg/def_reserved_size\x00', 0xc8000, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) sigaltstack$auto(0x0, &(0x7f0000000140)={&(0x7f0000000440)="f5b02af123815905b964327959d8c95cbc19112206921c82f521203454474766d9065fabed2d10cb53a9683f6e7961a55d1810c6ddaefa05da53de79fd1671dc292ed755e6d9a99f91159031ddd44d26e80aea77411f72961af2f59042c4ff2d2bfe3cf933ff9ded1709d0ac4fbd5d50b973a80659156bb216de78f4d4550298509e33742a26c815e03144a6886b3fda191ebd9fe9795233cf84645870d78d6845b9c2a9cdff1c424f2752f8791cd13e3bb69b569cd437d332ae47fa0c12fc74e1c02d1539793f704b1a92a894b09f2bbecde610f83ccf416b9bb054d385caeac43e696366a165b89806ebb1d207d0874d423e5b6ac7f3046544de6fe141d1870e41c475ce967d11008255356105257d38eab8ee323d297c6781a322c2265ae7f188e4601a571778b2aa4e097707ed61d28274b6fb0bbb3aea2711b6b27dd293a5548712c534ab343ae38c0a320b23823d987e3def9fb2a8b8cd1e0dca503b8fc4d1151e329736f2bdd8f8502c170fac5887f3d2f8c4fda84fbf7c97bc12c667bd615a9870199f37dec8c819b71345f9b005f18c205f03d15f874cd9aa4518d635ce7e6cd4574be9c7c7b91904c5e5a74adfe3e86709da86481686622e9210da24c000aeea662450735fd55ef471c923f4ab09f09a9cef225ffa52d43ace7b6d6fbd393e2058f71dfd9203d80f200e3a8539c27e62ac4051fea1fd19ac9f95e8bad5255b7867f3d857cb1b0252f719f07f15faa7239ad35cf6f4257d69d1d6d591d3caecf3bed4fb1c25ec677ae8b72218381e68cf3a3228e6eab01e946cdfa16ff510c5b01758a8a41927a5f5995a52abd80fd149c9635cb164ab73f5e7d31833678aa1be49a46b0dea4678e693adf8a8d6f41cb04f192b14dd0d4c98737de8b2b832e1ff088f5052b8feeb101db7237fce2738466a1e798abc42c52f29ef6e27875ad865c9ff94e7f0b829adf76c01e12045c08c47ee65dcbc57fcdd04f210a686d816e704f7f19019c2d51f8be2c94eccc65ac455183a2eec53aab4f6091ac2271f341662b1cf54a3a1da3f7aa9948b2c5d22b8728bc6a162ea73af9d8953f447e2907e7fef8f79519a76367dded19e562bc22faf3a26879ec528144f6bfbb1ac2a3420630b1f76899db92e09fc94a278e3c229c2ff3f97cd7abfec45d37b60829b850934f2ca2ed19c832665f32de3ad507a8ca41cbeed838908e6c62168936f4ede68c6da63de06990d791a640c03ec56bddfe8c50bedb10c089e407b9e808d360f73c7c7ccd663e7845485d54f6b276e2eedbb437a78636eb068e3b05d7806e1ed6df29e595d17c774d152ac2c07a6c54a771872b76106fe827ae98730d2f63e7857c239ab3ed40d8313edb04b989a59d0dbe4ad47b10cb07fe8e6f3a02aa8643673638cf603f7050bbdf9f0ba20b3b43f931a341057a07c4b1f5851df620a983179035c538d5b7bef399545d332d72f4a9a580538a600b3c809465802929f0415285300ae855cfdba9ade735fa6ba9dc4d010866a19c85dd788a9766c51dcb6041a20e0fdd29aa58ae0fb8058b42201fd324986f06c2ceb4823bc4eae030909c8e1807d73890885dbff00b6a17d8e1771783c22d158048303df4feff5e0cdd84a7bb4e3e231d91887f0556294d69ff50649a5efaeb787817cf1342645447bec1f464663e7949f08634ac2355c3587d82ab7d04e4fbd098abc5ba46bdf94924884931b8480a2a77ee41628e13006c712eec771ee4e894b21a5f791d66303cb7c58d96b35ffffaff8c19c9f09726e52e1aba192dd17b345bc3534ad6817427b8b1a0992af1b010fca2a438b5932ffa8ca257867683810e55759f42ba5eb5a0bee174e914a955169d6d354eb10a6ce59f9c86b418e2e9bd807b1b1a4f83587c6eeb42782dfdb0dbaa39d52323d0298affe6e77a6e6825fbd0e5527694e74a096b37f7c21d9ff4206a221c5018dec042ecb39781ca604124f31992b6bfb684da8c338d5835b995bf6beb20ddbe3926ec390010c7bf47bafab9905cdc3d0c2167224fe3b3b701e7f530aa8e2e4620af395f679c46204506a1da8ef296c2bc9cc836540f192342d56571603d7bfb16fcbeb4f286c58277131afaf1c2491c762bd3dd686b68f3ec5b171d0752acce1418a72f969141ce5ad636d6060a44dfc81794f404e9d3feb3a2e7ab98d88e0da70be08c502327c4a1121ff924413cabc2c293e2022e8b213a60d1d696b46a5773e86b3dcc9fcfcd8fba201e8beb9478b3b4f33906d2cf7389125a1e3c4aba15f19e93c0582ce5b93367c8906c3f6a311a00d31e17872d3fa74dedaac47ea6c3c814bd0e04dd8825a7ffff6cfab681e041f8c0944f48d78cb2b611009cb779ecaa123eb6d93485ced7461b9cd475b8347356e25c8ab21ed78c616553679004d1c85e518705648c12cdd4a6b9b2e6430926513fc5ed7f941d68e59f0f8a8efe00da957e3f5de7c13648d32d95bf552c7b5913ca435cadc503a584a4a36a07287269e01b3431f2ca63df54c33edc1aa511226bc77923faf77047a4d6cd1aa23d9a93209517af71eec8fa943b8371532f4c06e02068c581eb6fcecb89fe3a96cf5fbc2f33b2ce893d7019cf22ec261fc1c087b09020cb63531fbd7aa9ac2845ec3b9fa8e30de31ff090eebd7e2d6187114b8a19474570f147d77944646b4494f4fd51049d8565ae0da0c0a5a3533a1739058968c39e72fde2217abe8d5c9239778c4d27886d2af361ba7660468c2ba7070d45267119f94162837fb2f055620799986e0e46d943f520870d88324aa5de24fc1bc1b9897ec7821c16ee3ed8d612ff21d9794df35d6f4a046e9dd8a892413ea495b511a1bcb62d8adbf83f08b68d1355a2355cda54245d0cbea04e34f0364434a3c1025b27f5b9dc4bd4857dbd0a60c5b05bbb2f056a2b4c86f97f65bfb174fa276b56e926b8a521ae50059bc0ed5e3638c59512ef9b145282d9b68bc083b3457b900c9c2e378d19cb30dc2a4ed2ede5d93ed026b20d31bdf5e450bfb66d25b443249ce7e7c71ea433d6691705ff84b8476aa5a77898b5f8e9893d98bc7140b7cfe4e6afa3e0df4811a28c4a17a46eacede4a6803e32bb71ebaadd094836a22b4140508f3fea76eadcd08e82c6e5bcf89bd8f6d936df0a95fb38536c84dc38a3a9411c5e606134c7d4eb3306b94ca1fd00d8dfce6706fd2a1c164b299f57f3412a9a0d8d4c24fbfcca8f9e75601c3de8c6c46bfae64274f4d0f795138e7ec196bc8481d79c730be97e13f3a5d505081c82f55807cfa41877a0f29e485400038726f01198aea987942215f909e4bdc24f8fa59aa4c0f7feedf4cbf5b4f0fd68a75a0308f1c0b49ec9e7277d1092f8f61d2596c43e9ef89b6c7e8e6fb834f3e40041a0a7f421b97d7952cca16b51f407c8d4d84c4c69d68009386f69da6a353b9ba867d36b39540884b47387783f8bd0fce6f3a7b538d150e907349eb259d964e65d7e0561e3915278fc8557055f246231c4244e43af307b65a85afde009e8214711e32e67ca8eb673da5f93980179c999b836c671fc7e01f57d884e6d1de2422b65c46742cc592877e89972ed6306e44068a2f72880adef626d110bca2c7719731f37ee553c48c5e4b7c14d071b18172f94f36dc5ccbd0a0961a06e9983f9f123ee4c8ec6df51c02f65efcb645b5321dcf064f37f07f8bde6320ace9b4b23525804a157576aee72cae623d4bc4214530aeca6dd6d162db15d6a356c7d56e72da9ee27f1fc3448c4e730f3fc2cb295c9a45bfcdfbd5e5cf60472c222611cc6ee3f243bc162f50ef82e594e0b2ac7b86b64514d8ab3064da68b5e6b0f580be2c15c8ce39fd5fcb5fb1c19e35eed8537cf4e253da4c76f154f485d4d351d7274d8b566610c360abde4bf3c016203df9e9068b1b78a97008077a00d17f850094231998eaee66a62cbb62397f9c256117c9f30100c54a58587cb0412b5a2cb2405223590c93237030798cc32eb93d2afd97fb55c0611253436eeb12d0b3dd1d353cbb060b151ce36f184def4a4a717e635f701fcbe1af5ddcc8bdc45b1196acc5e944c770df23fa3f3f57865d0703ea7791c291c609c4da9dfe343b27b47532b03ab0f9f7e7e69d012072f715deb31826ef3b0af362fb1a04cc075d9df4c503cb62ce0947d958e56e5e1281a7bcc171edf167dd4bee0925af3fcfcfa5f030c18206fb5675a3f4b7795179db2db8ba250f20fe6e351223ede881269aa89ab83d1693800fecd21c670ec9ea2050eb897017a3dbd9db2ad760c9ab72d1ea5dbdc391b2a48d08522c3eb19053c23848027dbea4f189d36641f4bc3b4cd5836ac1c3f8662fcae257e4846d7f0b79979bb01ef8646f659df1ce1678e6d311730dbadcac12081987a7ddba3fabac910b0933f4bacfd73f727335e4c38f6f2573301b50a38616cd663f0d74ef6346475c89e7c61b0af0cff6e2672ed83665289719a9ca5c0fc3b510ac5d8967fb4ab150f72526b32334002fd344b26da2b78dfdff76f3b8392e20d2e0d0f13607c2655a533a7a35e932d4597ecad7704cc2322e917074a71371b1f3c164b80cdbed320cf0b45106b2b4c6c44b7557938f271c32f58e2898eabee0ed54d5687936f536da6b66e299b1d940dde8a802376e11164377fd56dffa951e95f15a27504b9106b29c09394a47f8b865b48290191a463a722ec8c1a9d36cc0c3d1c50c536efdea0b7143153fec4882a42ecdd6d86105e04de872d86c84bbd676615179f4c3da9427934bb3c6b39d24923117e6c2b9ab7d11900ac718d367c22dd919629f26c9efc29892331996871792b19865f0a0a571a2883b27193e63fd631a5398a864f994e2d543a7615764841622ffa1f7530e1a642d145a636f293f154cb6b3cabb9101d86e7ed9532859f901813dacb9f4cb1d76f000ff637ab0a2b37d790a16c8d31f3a317ce80669a538bbb79b01b7411714e68122648cb6acacadabe9767805863dfae50db518d3f4b243e96fd9348094922a9f6e324467bb201a36cd17614af0b9d305e8eb4846d8e10d9f170967201a36f6e35e8c3f469e6e5b5a6bfce292f573f22c53d8e1a742a2d2e6bead8e7a08a585c4ae59a8bffc3555c196dba0c28255ccd758897c485d96004dc11a256695c4f1e457dc666a40a676be6fc877157be4c6140ec86b095c3b286fcdd69eecfb4c59835c8a994861696e773505e4fc1a3c0c53a7348c88a301ee3130cb7e7b766da29cb1f0b96a71ec2bf4dd3e4ca3e419239822ce293aae9cb34b307a4339e10532f3be215f69f5c0390ef62d10ff3c28a65eb71b0a5449a7841bab51407cf16b38e3fcd8f7c91fb5e4184003fd01f2680c0ca8d687c0b7db80f25d57182f93833d71d9c5ee46f3c69213daa5e0f6e6efe66419a31b763c149fe40d3d63237c1e4a447a90febaf7cba3715724e554522727aa34653ff40c62b9d0b1fe8b09af28688155ebc3a08830f7a74e38e483b0e210eba6480b8200da1dfec4cd4ab1d9c6ccc92e37841267f3875a751266b76d4761fb1ea1235f22a55bf94f89e2bd50ee128fd5b79cd8ca1f0ced7c20449bd606bd9d999b77e2ca05983b4d0e67e9dd68247f2b14b9475e1a623fab258f590f9d01ed5077a3578e031d42db9ff8f721f6aa2d5f3aa291fddc76cdadd0a00c29a39ec527d8b7e7808871d174e7ceb570dfb0e286d0596d51adc1", 0x3, 0x1}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) setsockopt$auto(r0, 0x6, 0x6, 0x0, 0x4) 3.04079334s ago: executing program 2 (id=438): socket(0xa, 0x4, 0x0) r0 = open(&(0x7f0000000240)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0xa6) r1 = open_by_handle_at$auto(r0, &(0x7f0000000040)={0x8, 0x2, '\a\x00\x00\x00\x00\x00\x00\x00'}, 0x2) write$auto(r1, 0x0, 0x1) 2.929398054s ago: executing program 0 (id=439): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) read$auto(0x3, 0x0, 0x18) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) mkdir$auto(&(0x7f0000000040)='./file0\x00', 0x2) getsockopt$auto_SO_PEERPIDFD(r0, 0x8, 0x4d, &(0x7f0000000080)='}\xdd\x00', &(0x7f00000000c0)=0x1ff) r1 = socket(0x15, 0x5, 0x0) setsockopt$auto_SO_BUSY_POLL_BUDGET(r1, 0x1, 0x46, &(0x7f0000000000)='/proc/sys/vm/dirty_background_ratio\x00', 0x94) r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x8000, 0x70) mknodat$auto(r2, &(0x7f00000003c0)='./file0\x00', 0xfff, 0xfffffff8) 2.657324699s ago: executing program 2 (id=440): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = pidfd_open$auto(0x1, 0x0) mmap$auto(0x0, 0x2, 0x3, 0x20eb3, r0, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8d2a, 0x3, 0x0, 0x1, 0x6) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x1000000000008000) lsm_set_self_attr$auto(0x9, 0x0, 0x80, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/dmmidi2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) socket(0x1e, 0x1, 0x0) socket(0x2c, 0x3, 0x9) r2 = socket(0xb21d5b881d12d8, 0x4, 0xfffff94b) getsockopt$auto(r2, 0x114, 0x2713, 0xfffffffffffffffc, 0x0) write$auto(0x1, 0x0, 0x80000000) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/options/blk_cgname\x00', 0x68c002, 0x0) preadv$auto(0x3, &(0x7f0000000280)={0x0, 0x200000000000f91}, 0x3, 0x10000, 0x1000000000010) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vhci_hcd.7/usb23/23-0:1.0/usb23-port2/uevent\x00', 0x466081, 0x0) write$auto(r3, &(0x7f00000005c0)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) fcntl$auto(0x0, 0x407, 0x100000) setns(r0, 0x60020000) umount2$auto(&(0x7f0000000000)='.\x00', 0x8) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x40, 0x0) socket(0x1, 0x1, 0x0) 2.433535615s ago: executing program 0 (id=441): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2, 0x0) socket(0xa, 0x2, 0x88) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x20002, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.093407866s ago: executing program 1 (id=442): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mknod$auto(0x0, 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r0 = pidfd_open$auto(0x1, 0x0) mmap$auto(0x0, 0x2, 0x3, 0x20eb3, r0, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x6, 0x3, 0x0, 0x1, 0x6) socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x1000000000008000) lsm_set_self_attr$auto(0x9, 0x0, 0x80, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000240)='/dev/binderfs/binder0\x00', 0x800, 0x0) socket(0xa, 0x1, 0x100) socket(0x1e, 0x1, 0x0) socket(0x2c, 0x3, 0x9) r2 = socket(0x15, 0x5, 0x0) getsockopt$auto(r2, 0x114, 0x2713, 0xfffffffffffffffc, 0x0) write$auto(0x1, 0x0, 0x80000000) openat$auto_trace_options_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/options/blk_cgname\x00', 0x68c002, 0x0) preadv$auto(0x3, &(0x7f0000000080)={0x0, 0xf94}, 0x3, 0x10000, 0x1000000000010) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vhci_hcd.7/usb23/23-0:1.0/usb23-port2/uevent\x00', 0xa001, 0x0) write$auto(r3, &(0x7f00000005c0)='0\x81=\"\xad/\x8d\b\x00\x18\xa4\xb0\xb4\xd9\x82=~\x17\xfb&L\xeb=j\a\xf1y\xb3\"\xeb\a\xdd\xf4\xf4Ry\xee\xd7\x1e\x1c\x86\x0f\xcf\x7f\xbf\xab\x12{\xc2\xc2*\xc1M+6/v8\xea\xe9\x85s4\xfe\xe5\t\x7fc\xfb7^\xb86J_\x1d1s!\x01\xff\xff\xff\xff\xff\xff\xff\x1dF\xe6\xf6\x17\x10+\xc0\xb0\xafc\x99\xd4\x150Y~\x1e\xe2\xd6x4fW\x13\xc4U`\x9e-X\xd7\xe2H^\fLS`\xfc\xbb\r\f\x00\xeaN\xa5\xd2\x82;\x7f\xa0.\x9a\xfb\x8d\xf3l\xf2\xd3\x95\xc1M5\xcb\xa6I\x067\xe36\xea\xe9\xe3\xf44oT_`8\xb3\xef\x04 \x05K\xf9\x87pl\xac\x86\nE\xc7e\xc5Q\x89\xcd@\x1c\x92\x00\x87\x976\x9f>\xa2\xcfm\xec\r\x11\x7f\x00\x00\x00\xb1\xde@\x02\xce\x03\xb7\xb1\xfb\x9fr\v\xb2\xe3\xc7\b\x85K /zm\x7f\x8fg,p\a\xc8\x7f\xa5\x87\x02\x87\xbbR=A\x00\x1f\x8a\xa7/Q\"J\xbb\xb0m\xf2SP\x84\x84S\xf0\xba\x9a\xf6\xb6`WI\xba\xba*8\x9f\xea\xe8K/\x98\xbc7~>\x12\x9buB\xcb\xe4\x8aKf\xba\x8c\x19m\xe6I\x02\xde\x80\x9d\x87}\xf4\xbd9\xaa\xd6\xdb1]\xde\xa0r\x14\xca56^\x94\xd2\xd8\xe6}9\x91\xb6\xf7\xa1=\x96\x11\xf1\\\xa91\x0e\xd1\xe4z\xc1;Pw!\x8b\xf5{\xc7Xd\xf1\xf2}\x96EVf\xc9\xa8\xcd\xe4\xc9\x8d\x1d7\xd5\x94\\\xb5\r\xd2\xaa\xe6H\xfe)\xb3a\x04\x1eRMl\xa3F\xa8W0\x90\xc9Ky#\x03\xf5~\xd2Z\xe9(\x99\b\x00M\xde\x01]\r\xd09k\xc2\x84\xc1\xabN\x96\x8a6\x98@\xd3\xab\xa8m\xdf\x8d\x1d\b\x82\xfcP\x87\x93\x80\x97Q\x86\x8a\x9c\xf8L\x0f\xa8@VE2\x9d\x1e`#\xd8\xd7M\xd4k1\xe6\x13Y\\\x83E\xd0e\x0eM\xa9Q\xac\x0e\x1d]\a\x19H\x81\xd2\xccF\xc6\xd4\xe2R$\xfa\xd6}\xbdsN\x18\xdf\xf5\xffP\xf5\f\xccL\xef\x83\xb3$\xd4\xf4\xb5\xe6\xd0 \xb9\xa7\x8e6\t\x83q\xef\b\xd2\xdb', 0x1) fcntl$auto(0x0, 0x407, 0x100000) setns(r0, 0x60020000) umount2$auto(&(0x7f0000000000)='.\x00', 0x8) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x1, 0x0) 1.525648773s ago: executing program 3 (id=443): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/rxrpc/stats\x00', 0xaa102, 0x0) write$auto(r0, 0x0, 0x6) r1 = socket(0x2, 0x1, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = ioctl$auto_XFS_IOC_OPEN_BY_HANDLE(0xffffffffffffffff, 0xc038586b, &(0x7f00000003c0)={r1, &(0x7f0000000180)="1f08f05b6bba4039e62add28c0476ffe919607171c7f17c9f2920df82bd2d0830b78ed3a308d72c5a93e7e2b04eee396da21bf33433745acc4cc48ed74ae094ef4718694ba49e64b54e6e5f25488d5b0fe81f65280a0a8f5050da8d0f87a8e1ec808bbaf11fc0b3f103b8dc8", 0xfffffffe, &(0x7f0000000200), 0x4, &(0x7f00000002c0)="1d953cba052ea87526a3928387f7b25b08aaa63531ed96763234037653bcd10df25a7a970e839375c0105e7462455d281e6b3d88", &(0x7f0000000300)=0xd}) ioctl$auto_TUNGETIFF2(r3, 0x800454d2, &(0x7f0000000480)=0xffffffff) r4 = prctl$auto_PR_SCHED_CORE_GET(0x1, 0x0, 0xffffffffffffffff, 0x7, 0x2172) readahead$auto(r4, 0xe, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/adsp1\x00', 0x46c600, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/orangefs/dcache_timeout_msecs\x00', 0x400183, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/oom_adj\x00', 0x2002, 0x0) read$auto(r5, 0x0, 0x1f40) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8802, 0x0) writev$auto(r6, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) preadv2$auto(r7, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) mmap$auto(0x0, 0x2020009, 0x1, 0x200000000eb1, r6, 0x8000) r8 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETTRIGGER(r8, 0x40045010, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0xb, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) 1.498436092s ago: executing program 0 (id=444): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000200), 0xa802, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000000240)="350600fa610c0bcf83a4ebdb040000000000000021cb244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296ebe6f598901d632a206d9b0056d8c890065b9018bc58939193d5dce9d3c7765a1bd89e4dd9fb4b5f58940c87162e1531cd41e0003d1861cc83", 0x67) sendmsg$auto_NETDEV_CMD_NAPI_GET(0xffffffffffffffff, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x84) ustat$auto(0x801, 0x0) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) pread64$auto(0xffffffffffffffff, 0x0, 0x1080000001fc, 0x8800000000) write$auto(0xffffffffffffffff, 0x0, 0x100000080000000) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000340)="a1613e3b7121767e0f53a6f082a71629949ec37041defd7c9ee7242ccd90141e7df70000c4a2174ab17af617a5425700752d2928bdfa70f92e42399564cdd320116524dde6ba9e5201", 0x101}, 0x6, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) 914.312077ms ago: executing program 2 (id=445): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/hid/drivers/asus/unbind\x00', 0x8000, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) mmap$auto(0x5, 0x9644, 0xdf, 0x16, 0x2, 0x2d4a29c0) pivot_root$auto(0x0, 0x0) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) (async) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) epoll_ctl$auto_EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f0000000140)={0x4, 0x80000001}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) (async) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, 0x0, 0x400, 0x0) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) mmap$auto(0x7, 0x400028, 0xdf, 0x100000010, 0x2, 0x8000) (async) mmap$auto(0x7, 0x400028, 0xdf, 0x100000010, 0x2, 0x8000) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f00000002c0)="0935fecaea9c6848f7b69a585e", 0xd) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) (async) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(0xffffffffffffffff, 0x40104d01, r2) (async) ioctl$auto(0xffffffffffffffff, 0x40104d01, r2) getcwd$auto(&(0x7f0000000080)=',-*:$[\x00', 0x8) (async) getcwd$auto(&(0x7f0000000080)=',-*:$[\x00', 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) (async) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x7f, 0x82020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x4) unshare$auto(0x40000080) (async) unshare$auto(0x40000080) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) (async) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) r3 = openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000100), 0x80840, 0x0) lseek$auto(r0, 0x0, 0x2) readv$auto(r3, &(0x7f0000000a80)={0x0, 0x5b54}, 0x1) socket(0x2, 0x2, 0x1) getsockopt$auto(r1, 0x1, 0x2, &(0x7f0000000040)='/dev/cec27\x00', 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 861.605481ms ago: executing program 0 (id=446): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = socketpair$auto(0x2c29c000, 0x9, 0x6, 0x0) close_range$auto(0x2, r0, 0x0) open(0x0, 0x22040, 0x75) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto(0x3, 0xc0485619, 0x38) 115.437567ms ago: executing program 1 (id=447): unshare$auto(0x40000080) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4004) (async) setsockopt$auto(0xffffffffffffffff, 0x10000000084, 0x23, 0x0, 0x8) (async) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e0027617c36720add70ab0343990f7d0bbc96dc0b"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/bus/pci/drivers/ahci/bind\x00', 0xa001, 0x0) (async) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r3, &(0x7f0000003900)='\t', 0x1) (async) r4 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x40000, 0x0) ioctl$auto(r4, 0xc0045627, r4) (async) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kfence/parameters/sample_interval\x00', 0x102, 0x0) sendfile$auto(r5, r5, 0x0, 0x3) (async) write$auto(r2, &(0x7f0000000040)=',\x00^\xa2\x02\x00\x05\x00\x00\x00\xd8l\x00\x00\x00\x00\x00\x00\xb2s\x83\xbd\xc5_%\xc1\xa3\xd0\x95Hq\xf4zG\x01[{\x17\x05I\xe0\xb1d)\x06z8L\xe6&[\xa9X6\x7f\xec\x94\xdal\xa1\xbb\x86\x9c\xc2\xef\x02\r9%\x06\xc5\'b%m_\x96A\"\xdd\xe40\xa7\xc3\x9ah\xf3B\xc2\xec\xf8\r\f[\xe5\x9dK\xe1\x99\x86\xfc\xac\x9f\x8a', 0x1000) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000004440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip6gre0\x00'}) read$auto(r0, &(0x7f0000000040)='\x00', 0x10001) 180.63µs ago: executing program 0 (id=448): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r0, 0x0, 0x7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket(0x11, 0x3, 0x6) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_REGISTER(r2, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0) keyctl$auto(0x4, 0x0, 0x0, 0xffffffffffffffff, 0x8000000e) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) ioctl$auto_BLKFLSBUF(r4, 0x1261, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) unshare$auto(0x101) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000000)="b2", 0x1) r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r3, r6, 0x0, 0x1) r7 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xebe, 0x401, 0x8001) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000000), r7) setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x9) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) 0s ago: executing program 3 (id=449): r0 = openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000300), 0x62080, 0x0) ioctl$auto_RTC_ALM_READ(r0, 0x541b, 0x0) io_uring_register$auto_IORING_REGISTER_SYNC_CANCEL(0xffffffffffffffff, 0x18, &(0x7f0000000140)="7db0eec91e797d558928200e173c78ad6c1a5754fcf4f747e74f4b0a888754a5781ff243b0eef5a1c77b85fcb79316767f68cb77efb41ac209d140", 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = seccomp$auto(0x8, 0x0, &(0x7f00000000c0)="d9e10c0d689163542145adc8b5cc97e70992e9df7b7fb5b195eebade7e4db8a507a515bcd64a3f928a392e3824221e9f9d2942e0805d2b3b92f65f63de") ioctl$auto_UDF_GETVOLIDENT(r1, 0x80086c42, &(0x7f0000000040)=&(0x7f0000000240)="13c49db3d2b455903e0c5e0967ec904a7205e6b4e1736436a9b7dc326d7fc6b43ea47c935926a6cb09daf8fe35d47605f021ce8536af62364a9fdf38bf9f18faecaa1d1d7055ed4c580806a372211a1b3e4cd55ac7d966282dc9b4b89b5cfe832e36e251a16ff2bf799155a2e1c768ac6c01e7a0824e59cabfd58c59845ddce6eb8b19a146fc7ad644900f2962723365565e36df1247b2a8a560") r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) r3 = socket(0x2, 0x1, 0x106) setsockopt$auto(r3, 0x6, 0x6, &(0x7f0000000180)='\b\x00\x00\x00\xe4\x15\rq\tW\x9d=\x1e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe7\x9b\xdd\x1cp\x19\xa0\x9dHN\xb4\x7f\x7f\xa0\xeaI\xa1\x0f/\xfc\x8e\xf9\xa6x\xa0\xdeo\t\x826Xe(\x0e\xffr\r\x8d\xefh\xdbG\x8b\xde\xfd$\'\a ]\x91YP\x94\xd0\xd0\x02\x10\xb1_z\xa2Ql\x8c\x91\xca4\x118\xcd\xc3\x97\xdaJ:\x1e\xe5f\xcaq\xdf`\x01;\xf9{D2\xc9WV)\xa3JH\xf5\xf9\x16\xac\xa4\x155\x80\x01I\xd9\xa5\xd0\xf1\xbd\xa0\xa4\xa5q\xc6F\x940\x00\xf8\xef\xa4\xfd\xd2z\xf5\x91z<\x9f\xf0\x8f/\x81\x84\xed J&\x8f\xd9\xab-\xf8\xd0\xd3\xcea\x91pM0\xcd\x18\xb4\xe0u\x99\b', 0x7) bpf$auto(0x80000400, &(0x7f0000000000)=@bpf_attr_3={0x9, 0x9, 0x6, 0x5, 0x1fe, 0x2, 0x1, 0x4, 0x4007, "0108a5172d53c2dc73bf58e1423b2178", 0x0, 0x9, 0xffffffffffffffff, 0x81, 0x7fffffffffffffff, 0x89, 0x9, 0xffff, 0x3ff, 0x7, @attach_btf_obj_fd, 0x440, 0xa, 0x7, 0x1ff, 0x9}, 0x9) r4 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'}) sendmmsg$auto(r4, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000040), 0x10}, 0x2, &(0x7f0000000140), 0x8, 0x1}, 0x5}, 0x2, 0x101) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001a80)='/sys/kernel/tracing/events/vmalloc/filter\x00', 0x2, 0x0) io_uring_register$auto_IORING_REGISTER_CLONE_BUFFERS(r3, 0x1e, &(0x7f0000000440)="5242d0c45fb7fcdd972d0ca72120e6be805190e05e40208c0eca597836958b6c73a3d8405729fbafdc1295f75a70e541bff7dbbb50729ee2452e05e1604429ead5342f2824", 0x9) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) ioctl$auto(r2, 0x40084d05, 0x7) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x80800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x42880, 0x0) read$auto_configfs_file_operations_configfs_internal(r1, &(0x7f0000000340)=""/183, 0xb7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0xd, 0x0) r5 = fsopen$auto(0x0, 0x1) fsconfig$auto(r5, 0x8, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.6' (ED25519) to the list of known hosts. [ 98.339731][ T5816] cgroup: Unknown subsys name 'net' [ 98.453673][ T5816] cgroup: Unknown subsys name 'cpuset' [ 98.463176][ T5816] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 100.382230][ T5816] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 102.429624][ T939] cfg80211: failed to load regulatory.db [ 102.815132][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 102.824394][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 102.833117][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 102.841653][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 102.842239][ T5837] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 102.857121][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 102.860581][ T5837] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 102.872420][ T5837] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 102.880966][ T5837] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 102.888880][ T5837] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 102.919596][ T52] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 102.928952][ T52] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 102.937142][ T52] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 102.949668][ T52] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 102.957724][ T52] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 102.996472][ T52] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.005307][ T52] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.015508][ T52] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.025910][ T52] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.034422][ T52] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.580828][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 103.682924][ T5841] chnl_net:caif_netlink_parms(): no params data found [ 103.796186][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 103.813793][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 103.933466][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.940866][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.948710][ T5838] bridge_slave_0: entered allmulticast mode [ 103.957635][ T5838] bridge_slave_0: entered promiscuous mode [ 104.002380][ T5841] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.009866][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.017151][ T5841] bridge_slave_0: entered allmulticast mode [ 104.025026][ T5841] bridge_slave_0: entered promiscuous mode [ 104.033831][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.041283][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.049330][ T5838] bridge_slave_1: entered allmulticast mode [ 104.056745][ T5838] bridge_slave_1: entered promiscuous mode [ 104.096664][ T5841] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.104230][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.111627][ T5841] bridge_slave_1: entered allmulticast mode [ 104.119180][ T5841] bridge_slave_1: entered promiscuous mode [ 104.197330][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.230528][ T5841] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.242999][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.266277][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.274099][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.281451][ T5831] bridge_slave_0: entered allmulticast mode [ 104.288873][ T5831] bridge_slave_0: entered promiscuous mode [ 104.298925][ T5841] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.333949][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.341402][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.348852][ T5831] bridge_slave_1: entered allmulticast mode [ 104.356631][ T5831] bridge_slave_1: entered promiscuous mode [ 104.390351][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.397591][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.405700][ T5834] bridge_slave_0: entered allmulticast mode [ 104.413452][ T5834] bridge_slave_0: entered promiscuous mode [ 104.450522][ T5838] team0: Port device team_slave_0 added [ 104.458544][ T5841] team0: Port device team_slave_0 added [ 104.469610][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.476756][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.484626][ T5834] bridge_slave_1: entered allmulticast mode [ 104.492526][ T5834] bridge_slave_1: entered promiscuous mode [ 104.515156][ T5838] team0: Port device team_slave_1 added [ 104.522877][ T5841] team0: Port device team_slave_1 added [ 104.545611][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.600118][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.655388][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.682099][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.689382][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 104.715584][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.728622][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.735872][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 104.762531][ T5841] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.777035][ T5841] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.784356][ T5841] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 104.810635][ T5841] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.824245][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.836330][ T5831] team0: Port device team_slave_0 added [ 104.843234][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.850492][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 104.876648][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.925702][ T5831] team0: Port device team_slave_1 added [ 104.942295][ T5834] team0: Port device team_slave_0 added [ 104.980210][ T5833] Bluetooth: hci1: command tx timeout [ 104.980213][ T5149] Bluetooth: hci0: command tx timeout [ 104.991993][ T52] Bluetooth: hci2: command tx timeout [ 105.002796][ T5834] team0: Port device team_slave_1 added [ 105.009691][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.016783][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.043791][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.059550][ T5149] Bluetooth: hci3: command tx timeout [ 105.098170][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.105302][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.131651][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.149335][ T5841] hsr_slave_0: entered promiscuous mode [ 105.156027][ T5841] hsr_slave_1: entered promiscuous mode [ 105.207660][ T5838] hsr_slave_0: entered promiscuous mode [ 105.214178][ T5838] hsr_slave_1: entered promiscuous mode [ 105.220970][ T5838] debugfs: 'hsr0' already exists in 'hsr' [ 105.226967][ T5838] Cannot create hsr debugfs directory [ 105.233633][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 105.240644][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.266843][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 105.321038][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 105.328046][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 105.354386][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 105.394547][ T5831] hsr_slave_0: entered promiscuous mode [ 105.401100][ T5831] hsr_slave_1: entered promiscuous mode [ 105.407348][ T5831] debugfs: 'hsr0' already exists in 'hsr' [ 105.413182][ T5831] Cannot create hsr debugfs directory [ 105.576904][ T5834] hsr_slave_0: entered promiscuous mode [ 105.583542][ T5834] hsr_slave_1: entered promiscuous mode [ 105.590456][ T5834] debugfs: 'hsr0' already exists in 'hsr' [ 105.596245][ T5834] Cannot create hsr debugfs directory [ 105.962798][ T5841] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 105.989998][ T5841] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 106.002217][ T5841] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 106.024524][ T5841] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 106.094372][ T5838] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 106.108493][ T5838] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 106.121733][ T5838] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 106.149998][ T5838] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 106.230715][ T5831] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 106.243525][ T5831] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 106.256035][ T5831] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 106.267577][ T5831] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 106.363574][ T5834] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 106.375716][ T5834] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 106.401242][ T5834] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 106.414852][ T5834] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 106.476915][ T5841] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.573307][ T5841] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.605253][ T4533] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.612630][ T4533] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.651993][ T4533] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.659376][ T4533] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.675107][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.707809][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.766917][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.781898][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.795998][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 106.820804][ T4533] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.827963][ T4533] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.851830][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.859010][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.885994][ T4533] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.893175][ T4533] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.906519][ T4533] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.913701][ T4533] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.935351][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 106.956920][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 106.964145][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 106.990933][ T80] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.998086][ T80] bridge0: port 2(bridge_slave_1) entered forwarding state [ 107.065643][ T5149] Bluetooth: hci2: command tx timeout [ 107.065662][ T52] Bluetooth: hci0: command tx timeout [ 107.072291][ T5149] Bluetooth: hci1: command tx timeout [ 107.139271][ T5149] Bluetooth: hci3: command tx timeout [ 107.479705][ T5841] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.574100][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.661418][ T5841] veth0_vlan: entered promiscuous mode [ 107.717464][ T5841] veth1_vlan: entered promiscuous mode [ 107.767993][ T5831] veth0_vlan: entered promiscuous mode [ 107.826893][ T5831] veth1_vlan: entered promiscuous mode [ 107.837264][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.874037][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 107.892152][ T5841] veth0_macvtap: entered promiscuous mode [ 107.905785][ T5841] veth1_macvtap: entered promiscuous mode [ 107.963837][ T5831] veth0_macvtap: entered promiscuous mode [ 107.987613][ T5831] veth1_macvtap: entered promiscuous mode [ 108.008250][ T5838] veth0_vlan: entered promiscuous mode [ 108.030092][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.042262][ T5838] veth1_vlan: entered promiscuous mode [ 108.061517][ T5841] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.088497][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.117396][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.126478][ T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.136514][ T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.161902][ T4533] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.171645][ T4533] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.188089][ T5834] veth0_vlan: entered promiscuous mode [ 108.223290][ T4533] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.232709][ T4533] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.250298][ T5834] veth1_vlan: entered promiscuous mode [ 108.261192][ T4533] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.270519][ T4533] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.295276][ T5838] veth0_macvtap: entered promiscuous mode [ 108.324230][ T5838] veth1_macvtap: entered promiscuous mode [ 108.402144][ T5834] veth0_macvtap: entered promiscuous mode [ 108.436795][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.447801][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.453731][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.483121][ T5834] veth1_macvtap: entered promiscuous mode [ 108.521371][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.531559][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.535024][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 108.546862][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.557261][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.637097][ T80] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.645994][ T80] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.661951][ T4533] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.673710][ T4533] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.674558][ T80] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.691457][ T80] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.705723][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.714149][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.731739][ T80] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.740943][ T80] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.763821][ T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.798043][ T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.876072][ T5841] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 108.947105][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.955890][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.110581][ T4533] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.118517][ T4533] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.144063][ T5149] Bluetooth: hci1: command tx timeout [ 109.144614][ T52] Bluetooth: hci0: command tx timeout [ 109.149620][ T5149] Bluetooth: hci2: command tx timeout [ 109.219494][ T52] Bluetooth: hci3: command tx timeout [ 109.274451][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.276577][ T80] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 109.293315][ T80] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.303034][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 109.609975][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.848885][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 110.286138][ T5931] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 110.336170][ T5940] process 'syz.3.6' launched ':,' with NULL argv: empty string added [ 110.340026][ T5931] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 110.761091][ T5939] netlink: 326 bytes leftover after parsing attributes in process `syz.2.5'. [ 110.781011][ T5939] Zero length message leads to an empty skb [ 110.922999][ T5944] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 111.222905][ T52] Bluetooth: hci2: command tx timeout [ 111.228449][ T5833] Bluetooth: hci1: command tx timeout [ 111.228534][ T5149] Bluetooth: hci0: command tx timeout [ 111.300251][ T5149] Bluetooth: hci3: command tx timeout [ 111.869529][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.169875][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 112.264479][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 112.604424][ T5965] netlink: ct_mark mask cannot be 0 [ 112.961875][ T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.293660][ T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.686452][ T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 113.785460][ T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 114.288858][ T5969] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 114.301336][ T5969] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 114.309730][ T5969] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 114.321101][ T5969] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 114.329315][ T5969] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 114.630552][ T12] bridge_slave_1: left allmulticast mode [ 114.647787][ T12] bridge_slave_1: left promiscuous mode [ 114.670309][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 114.720522][ T12] bridge_slave_0: left allmulticast mode [ 114.726244][ T12] bridge_slave_0: left promiscuous mode [ 114.748057][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 115.072015][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 115.268014][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.399843][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.534667][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 115.871742][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 115.885313][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 115.928158][ T12] bond0 (unregistering): Released all slaves [ 116.455187][ T6013] futex_wake_op: syz.2.18 tries to shift op by -2048; fix this program [ 116.480411][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 116.510099][ T5969] Bluetooth: hci3: command tx timeout [ 117.225826][ T6018] netlink: 28 bytes leftover after parsing attributes in process `syz.2.18'. [ 117.341733][ T12] hsr_slave_0: left promiscuous mode [ 117.343266][ T6028] zswap: compressor 5þÊêœhH÷¶šX^rRO–ת•²WCn#ТڪeBH±VÐÐóãúQ.VÒdl‚…Mð©_ not available [ 117.387961][ T12] hsr_slave_1: left promiscuous mode [ 117.404909][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 117.436214][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 117.455093][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 117.464166][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 117.488827][ T12] veth1_macvtap: left promiscuous mode [ 117.494779][ T12] veth0_macvtap: left promiscuous mode [ 117.520396][ T12] veth1_vlan: left promiscuous mode [ 117.526187][ T12] veth0_vlan: left promiscuous mode [ 117.865652][ T5976] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 117.877302][ T5976] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 117.893993][ T5976] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 117.922179][ T5976] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 117.930169][ T5976] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 118.581112][ T5976] Bluetooth: hci3: command tx timeout [ 118.994861][ T12] team0 (unregistering): Port device team_slave_1 removed [ 119.057036][ T12] team0 (unregistering): Port device team_slave_0 removed [ 119.922598][ T5986] chnl_net:caif_netlink_parms(): no params data found [ 120.023128][ T5976] Bluetooth: hci1: command tx timeout [ 120.617797][ T5986] bridge0: port 1(bridge_slave_0) entered blocking state [ 120.625290][ T5986] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.633239][ T5986] bridge_slave_0: entered allmulticast mode [ 120.662202][ T5976] Bluetooth: hci3: command tx timeout [ 120.664010][ T5986] bridge_slave_0: entered promiscuous mode [ 120.720781][ T5986] bridge0: port 2(bridge_slave_1) entered blocking state [ 120.728053][ T5986] bridge0: port 2(bridge_slave_1) entered disabled state [ 120.741773][ T5986] bridge_slave_1: entered allmulticast mode [ 120.787527][ T5986] bridge_slave_1: entered promiscuous mode [ 121.169378][ T5986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 121.342555][ T5986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 121.577757][ T5986] team0: Port device team_slave_0 added [ 121.638495][ T5986] team0: Port device team_slave_1 added [ 122.103009][ T5976] Bluetooth: hci1: command tx timeout [ 122.225074][ T6079] svc: failed to register nfsdv3 RPC service (errno 111). [ 122.270499][ T6079] svc: failed to register nfsaclv3 RPC service (errno 111). [ 122.355462][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 122.362514][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 122.450998][ T5986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 122.533465][ T6001] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 122.603589][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 122.614766][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 122.641170][ T5986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 122.682403][ T6035] chnl_net:caif_netlink_parms(): no params data found [ 122.743778][ T5976] Bluetooth: hci3: command tx timeout [ 123.229163][ T6001] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.644841][ T6001] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 123.785384][ T6105] Console: switching to colour VGA+ 80x25 [ 123.829448][ T5986] hsr_slave_0: entered promiscuous mode [ 123.832684][ T5986] hsr_slave_1: entered promiscuous mode [ 124.001204][ T6001] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 124.165811][ T6109] Console: switching to colour frame buffer device 128x48 [ 124.188045][ T5976] Bluetooth: hci1: command tx timeout [ 124.217018][ T6035] bridge0: port 1(bridge_slave_0) entered blocking state [ 124.217197][ T6035] bridge0: port 1(bridge_slave_0) entered disabled state [ 124.217387][ T6035] bridge_slave_0: entered allmulticast mode [ 124.219189][ T6035] bridge_slave_0: entered promiscuous mode [ 124.279547][ T6035] bridge0: port 2(bridge_slave_1) entered blocking state [ 124.344093][ T30] audit: type=1800 audit(1762427379.659:2): pid=6104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.28" name="dbroot" dev="configfs" ino=8944 res=0 errno=0 [ 124.371431][ T6035] bridge0: port 2(bridge_slave_1) entered disabled state [ 124.379796][ T6035] bridge_slave_1: entered allmulticast mode [ 124.389465][ T6035] bridge_slave_1: entered promiscuous mode [ 124.577548][ T6035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 124.617154][ T6035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 124.625265][ T6115] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 124.801073][ T6035] team0: Port device team_slave_0 added [ 124.823881][ T6117] netlink: 28 bytes leftover after parsing attributes in process `syz.0.29'. syzkaller syzkaller login: [ 124.886431][ T6035] team0: Port device team_slave_1 added [ 124.896575][ T6117] vlan1: entered promiscuous mode [ 124.902770][ T6117] vlan1: entered allmulticast mode [ 124.914665][ T6117] veth0_vlan: entered allmulticast mode [ 125.025521][ T6035] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 125.033410][ T6035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 125.059767][ T6035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 125.095096][ T6035] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 125.109034][ T6035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 125.138489][ T6035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 125.200163][ T6001] bridge_slave_1: left allmulticast mode [ 125.206128][ T6001] bridge_slave_1: left promiscuous mode [ 125.211980][ T6001] bridge0: port 2(bridge_slave_1) entered disabled state [ 125.242039][ T6001] bridge_slave_0: left allmulticast mode [ 125.248748][ T6001] bridge_slave_0: left promiscuous mode [ 125.255101][ T6001] bridge0: port 1(bridge_slave_0) entered disabled state [ 125.765259][ T6125] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 125.799389][ T6001] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 125.813388][ T6001] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 125.825170][ T6001] bond0 (unregistering): Released all slaves [ 125.988290][ T6128] netlink: 'syz.0.31': attribute type 1 has an invalid length. [ 125.989497][ T6035] hsr_slave_0: entered promiscuous mode [ 126.016237][ T6035] hsr_slave_1: entered promiscuous mode [ 126.022921][ T6035] debugfs: 'hsr0' already exists in 'hsr' [ 126.030044][ T6035] Cannot create hsr debugfs directory [ 126.265183][ T5976] Bluetooth: hci1: command tx timeout [ 126.979814][ T6001] hsr_slave_0: left promiscuous mode [ 126.996413][ T6001] hsr_slave_1: left promiscuous mode [ 127.006796][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 127.024651][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 127.042917][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 127.051865][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 127.110096][ T6001] veth1_macvtap: left promiscuous mode [ 127.118180][ T6001] veth0_macvtap: left promiscuous mode [ 127.124871][ T6001] veth1_vlan: left promiscuous mode [ 127.131064][ T6001] veth0_vlan: left promiscuous mode [ 127.266474][ T6148] capability: warning: `syz.2.33' uses 32-bit capabilities (legacy support in use) [ 127.583499][ T6001] team0 (unregistering): Port device team_slave_1 removed [ 127.618621][ T6001] team0 (unregistering): Port device team_slave_0 removed [ 127.726316][ T6142] slcan: can't register candev [ 127.734610][ T6142] Falling back ldisc for ptm0. [ 128.541878][ T5986] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 128.669720][ T5986] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 128.803643][ T5986] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 128.839319][ T5986] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 129.755632][ T6035] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 129.907790][ T6035] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 129.999983][ T5986] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.016132][ T6035] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 130.068475][ T6035] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 130.235713][ T5986] 8021q: adding VLAN 0 to HW filter on device team0 [ 130.313347][ T5968] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.320653][ T5968] bridge0: port 1(bridge_slave_0) entered forwarding state [ 130.374043][ T5968] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.381400][ T5968] bridge0: port 2(bridge_slave_1) entered forwarding state [ 130.744263][ T6035] 8021q: adding VLAN 0 to HW filter on device bond0 [ 130.935332][ T6035] 8021q: adding VLAN 0 to HW filter on device team0 [ 131.004601][ T5972] bridge0: port 1(bridge_slave_0) entered blocking state [ 131.011884][ T5972] bridge0: port 1(bridge_slave_0) entered forwarding state [ 131.075982][ T5972] bridge0: port 2(bridge_slave_1) entered blocking state [ 131.083245][ T5972] bridge0: port 2(bridge_slave_1) entered forwarding state [ 131.335181][ T5986] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 131.435362][ T5986] veth0_vlan: entered promiscuous mode [ 131.651622][ T5973] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.870821][ T5986] veth1_vlan: entered promiscuous mode [ 132.093239][ T5973] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.209033][ T5973] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.301264][ T5986] veth0_macvtap: entered promiscuous mode [ 132.392673][ T5973] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.452464][ T5986] veth1_macvtap: entered promiscuous mode [ 132.543310][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 132.649386][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 132.683095][ T5972] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.709494][ T5972] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.760143][ T5972] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.780678][ T5972] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.890247][ T6035] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 132.919093][ T6228] netlink: 334 bytes leftover after parsing attributes in process `syz.2.43'. [ 132.941219][ T5973] bridge_slave_1: left allmulticast mode [ 132.947011][ T5973] bridge_slave_1: left promiscuous mode [ 132.970018][ T5973] bridge0: port 2(bridge_slave_1) entered disabled state [ 132.982826][ T5973] bridge_slave_0: left allmulticast mode [ 132.989672][ T5973] bridge_slave_0: left promiscuous mode [ 132.997749][ T5969] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 133.014949][ T5969] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 133.024516][ T5969] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 133.032690][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state [ 133.041372][ T5969] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 133.049347][ T5969] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 133.375466][ T5973] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 133.386937][ T5973] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 133.398631][ T5973] bond0 (unregistering): Released all slaves [ 133.670925][ T6223] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.698650][ T6223] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 133.843239][ T6223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.856079][ T6223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 134.065346][ T6035] veth0_vlan: entered promiscuous mode [ 134.169727][ T5973] hsr_slave_0: left promiscuous mode [ 134.232198][ T5973] hsr_slave_1: left promiscuous mode [ 134.256428][ T5973] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 134.278238][ T5973] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 134.330310][ T5973] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 134.367799][ T5973] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 134.485677][ T6257] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 134.579776][ T5973] veth1_macvtap: left promiscuous mode [ 134.651038][ T5973] veth0_macvtap: left promiscuous mode [ 134.657134][ T5973] veth1_vlan: left promiscuous mode [ 135.070726][ T5969] Bluetooth: hci2: command tx timeout [ 135.623898][ T5973] team0 (unregistering): Port device team_slave_1 removed [ 135.723876][ T5973] team0 (unregistering): Port device team_slave_0 removed [ 136.560918][ T6268] svc: failed to register nfsdv3 RPC service (errno 111). [ 136.572718][ T6268] svc: failed to register nfsaclv3 RPC service (errno 111). [ 136.788076][ T6035] veth1_vlan: entered promiscuous mode [ 137.126195][ T6035] veth0_macvtap: entered promiscuous mode [ 137.145911][ T6035] veth1_macvtap: entered promiscuous mode [ 137.152154][ T5969] Bluetooth: hci2: command tx timeout [ 137.196010][ T6229] chnl_net:caif_netlink_parms(): no params data found [ 137.374546][ T6035] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 137.507509][ T6035] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 137.763501][ T6223] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.793263][ T6223] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 137.826594][ T6229] bridge0: port 1(bridge_slave_0) entered blocking state [ 137.840844][ T6229] bridge0: port 1(bridge_slave_0) entered disabled state [ 137.865632][ T6229] bridge_slave_0: entered allmulticast mode [ 137.883881][ T6229] bridge_slave_0: entered promiscuous mode [ 137.904137][ T6229] bridge0: port 2(bridge_slave_1) entered blocking state [ 137.938979][ T6229] bridge0: port 2(bridge_slave_1) entered disabled state [ 137.965520][ T6229] bridge_slave_1: entered allmulticast mode [ 137.976601][ T6229] bridge_slave_1: entered promiscuous mode [ 137.984917][ T6223] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.014049][ T6223] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 138.147821][ T6229] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 138.219347][ T6229] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 138.737177][ T6229] team0: Port device team_slave_0 added [ 138.789231][ T6229] team0: Port device team_slave_1 added [ 138.813524][ T5972] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 138.840475][ T5972] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 138.930921][ T6229] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 138.941784][ T6229] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 138.969913][ T6229] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 139.089283][ T6229] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 139.097891][ T6229] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 139.124606][ T6229] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 139.162353][ T5971] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 139.180496][ T5971] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 139.232396][ T5969] Bluetooth: hci2: command tx timeout [ 139.471121][ T6229] hsr_slave_0: entered promiscuous mode [ 139.498050][ T6229] hsr_slave_1: entered promiscuous mode [ 139.512769][ T6229] debugfs: 'hsr0' already exists in 'hsr' [ 139.530088][ T6229] Cannot create hsr debugfs directory [ 140.319830][ T6334] Invalid ELF header magic: != ELF [ 140.565063][ T6351] warning: `syz.2.52' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 141.312925][ T5969] Bluetooth: hci2: command tx timeout [ 142.024883][ T6368] binder: BINDER_SET_CONTEXT_MGR already set [ 142.031056][ T6368] binder: 6367:6368 ioctl 4018620d 9 returned -16 [ 142.583081][ T6229] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 142.629011][ T6229] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 142.675464][ T6229] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 142.717181][ T6229] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 143.131176][ T6229] 8021q: adding VLAN 0 to HW filter on device bond0 [ 143.310412][ T6229] 8021q: adding VLAN 0 to HW filter on device team0 [ 143.402001][ T6223] bridge0: port 1(bridge_slave_0) entered blocking state [ 143.410341][ T6223] bridge0: port 1(bridge_slave_0) entered forwarding state [ 143.460340][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.467458][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.511659][ T6223] bridge0: port 2(bridge_slave_1) entered blocking state [ 143.518888][ T6223] bridge0: port 2(bridge_slave_1) entered forwarding state [ 144.173389][ T6229] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 144.262919][ T6229] veth0_vlan: entered promiscuous mode [ 144.266222][ T6421] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 144.275194][ T6421] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 144.281744][ T6229] veth1_vlan: entered promiscuous mode [ 144.330925][ T6421] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 144.411086][ T6421] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 144.419297][ T6229] veth0_macvtap: entered promiscuous mode [ 144.446477][ T6421] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 144.467990][ T6229] veth1_macvtap: entered promiscuous mode [ 144.485450][ T6421] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 144.533169][ T6421] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 144.556838][ T6229] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 144.583088][ T6421] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 144.611505][ T6229] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 144.639084][ T6421] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 144.678793][ T5971] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.693144][ T6421] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 144.713382][ T6421] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 144.713809][ T5971] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.752421][ T6421] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 144.787356][ T5971] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 144.835602][ T5971] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.162495][ T6296] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.183182][ T6296] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.497259][ T6223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 145.514377][ T6223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 145.875868][ T5969] Bluetooth: hci0: command 0x0c1a tx timeout [ 146.448495][ T5969] Bluetooth: hci3: command 0x0c1a tx timeout [ 146.607727][ T5969] Bluetooth: hci1: command 0x0c1a tx timeout [ 146.755502][ T5969] Bluetooth: hci2: command 0x0c1a tx timeout [ 147.093144][ T6493] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 147.533989][ T6493] ieee80211 !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]: Failed to add default virtual iface [ 147.579527][ T6510] netlink: 28 bytes leftover after parsing attributes in process `syz.3.72'. [ 147.865843][ T6520] netlink: 4 bytes leftover after parsing attributes in process `syz.2.74'. [ 147.874912][ T6520] netlink: 4 bytes leftover after parsing attributes in process `syz.2.74'. [ 147.961265][ T6520] netlink: 4 bytes leftover after parsing attributes in process `syz.2.74'. [ 147.972337][ T5969] Bluetooth: hci0: command 0x0c1a tx timeout [ 148.527422][ T5969] Bluetooth: hci3: command 0x0c1a tx timeout [ 148.691105][ T5969] Bluetooth: hci1: command 0x0c1a tx timeout [ 148.836862][ T5969] Bluetooth: hci2: command 0x0c1a tx timeout [ 149.248176][ T6567] hub 1-0:1.0: USB hub found [ 149.276513][ T6567] hub 1-0:1.0: 1 port detected [ 149.330872][ T6564] syz.2.81 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 149.392679][ T6570] netlink: 342 bytes leftover after parsing attributes in process `syz.2.81'. [ 150.041476][ T5969] Bluetooth: hci0: command 0x0c1a tx timeout [ 150.124424][ T6001] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.294345][ T6001] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.449644][ T6001] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.720633][ T6001] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 150.761439][ T5969] Bluetooth: hci1: command 0x0c1a tx timeout [ 150.920342][ T5969] Bluetooth: hci2: command 0x0c1a tx timeout [ 151.119121][ T6001] bridge_slave_1: left allmulticast mode [ 151.124881][ T6001] bridge_slave_1: left promiscuous mode [ 151.201885][ T6001] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.270485][ T6001] bridge_slave_0: left allmulticast mode [ 151.276734][ T6001] bridge_slave_0: left promiscuous mode [ 151.341290][ T5976] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 151.354146][ T5976] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 151.362973][ T5976] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 151.372167][ T5976] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 151.384544][ T5976] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 151.394485][ T6001] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.572812][ T6655] mmap: syz.1.98 (6655) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 152.792087][ T6001] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 152.842199][ T6001] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 152.879228][ T6001] bond0 (unregistering): Released all slaves [ 153.479548][ T5976] Bluetooth: hci3: command tx timeout [ 153.820010][ T30] audit: type=1800 audit(1762427409.145:3): pid=6667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.101" name="discovery_nqn" dev="configfs" ino=13409 res=0 errno=0 [ 153.909185][ T6001] hsr_slave_0: left promiscuous mode [ 153.921912][ T6001] hsr_slave_1: left promiscuous mode [ 153.930081][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 153.937526][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 153.960892][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 153.968354][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 154.008361][ T6001] veth1_macvtap: left promiscuous mode [ 154.014083][ T6001] veth0_macvtap: left promiscuous mode [ 154.027208][ T6001] veth1_vlan: left promiscuous mode [ 154.043926][ T6001] veth0_vlan: left promiscuous mode [ 154.284882][ T6678] netlink: 'syz.1.103': attribute type 2 has an invalid length. [ 154.370391][ T6680] netlink: 'syz.1.103': attribute type 2 has an invalid length. [ 154.653845][ T5969] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 154.663698][ T5969] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 154.679417][ T5969] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 154.688561][ T5969] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 154.700788][ T5969] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 155.245254][ T6696] delete_channel: no stack [ 155.434838][ T6700] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 155.560647][ T5969] Bluetooth: hci3: command tx timeout [ 155.658077][ T6001] team0 (unregistering): Port device team_slave_1 removed [ 155.743588][ T6001] team0 (unregistering): Port device team_slave_0 removed [ 156.441276][ T6712] ubi31: attaching mtd0 [ 156.475766][ T6712] ubi31: scanning is finished [ 156.507224][ T6712] ubi31: empty MTD device detected [ 156.774780][ T5969] Bluetooth: hci2: command tx timeout [ 156.800175][ T6712] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 156.848028][ T6712] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3518 bytes [ 156.880185][ T6712] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 156.920285][ T6712] ubi31: VID header offset: 514 (aligned 514), data offset: 578 [ 156.954047][ T6621] chnl_net:caif_netlink_parms(): no params data found [ 156.970305][ T6712] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 157.025280][ T6712] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 20 [ 157.080457][ T6712] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1776399846 [ 157.106562][ T6712] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 157.139698][ T6716] ubi31: background thread "ubi_bgt31d" started, PID 6716 [ 157.214223][ T6723] netlink: 4 bytes leftover after parsing attributes in process `syz.2.110'. [ 157.640967][ T5969] Bluetooth: hci3: command tx timeout [ 157.709157][ T6621] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.718128][ T6621] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.718376][ T6621] bridge_slave_0: entered allmulticast mode [ 157.722683][ T6621] bridge_slave_0: entered promiscuous mode [ 157.731615][ T6621] bridge0: port 2(bridge_slave_1) entered blocking state [ 157.780760][ T6621] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.788073][ T6621] bridge_slave_1: entered allmulticast mode [ 157.812742][ T6621] bridge_slave_1: entered promiscuous mode [ 158.241029][ T6689] chnl_net:caif_netlink_parms(): no params data found [ 158.266466][ T6621] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 158.318464][ T6621] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 158.587255][ T6621] team0: Port device team_slave_0 added [ 158.599144][ T6621] team0: Port device team_slave_1 added [ 158.677257][ T6001] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 158.852698][ T5969] Bluetooth: hci2: command tx timeout [ 159.114569][ T6689] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.131474][ T6689] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.138782][ T6689] bridge_slave_0: entered allmulticast mode [ 159.164317][ T6689] bridge_slave_0: entered promiscuous mode [ 159.184075][ T6689] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.191580][ T6689] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.209073][ T6689] bridge_slave_1: entered allmulticast mode [ 159.225385][ T6689] bridge_slave_1: entered promiscuous mode [ 159.288134][ T6621] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 159.297695][ T6621] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 159.327962][ T6621] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 159.357917][ T6001] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.422720][ T6621] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 159.430177][ T6621] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 159.459123][ T6621] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 159.484759][ T6689] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 159.560396][ T6001] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.595318][ T6689] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 159.725226][ T5969] Bluetooth: hci3: command tx timeout [ 159.786315][ T6001] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 159.856216][ T6621] hsr_slave_0: entered promiscuous mode [ 159.874036][ T6621] hsr_slave_1: entered promiscuous mode [ 159.889548][ T6689] team0: Port device team_slave_0 added [ 159.951524][ T6689] team0: Port device team_slave_1 added [ 160.174791][ T6689] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 160.192395][ T6689] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 160.252167][ T6689] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 160.286799][ T6689] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 160.304088][ T6689] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 160.379401][ T6689] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 160.922749][ T5969] Bluetooth: hci2: command tx timeout [ 161.028290][ T6689] hsr_slave_0: entered promiscuous mode [ 161.062285][ T6689] hsr_slave_1: entered promiscuous mode [ 161.071885][ T6689] debugfs: 'hsr0' already exists in 'hsr' [ 161.093726][ T6689] Cannot create hsr debugfs directory [ 161.221555][ T6001] bridge_slave_1: left allmulticast mode [ 161.229177][ T6001] bridge_slave_1: left promiscuous mode [ 161.235726][ T6001] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.262141][ T6001] bridge_slave_0: left allmulticast mode [ 161.275739][ T6001] bridge_slave_0: left promiscuous mode [ 161.287738][ T6001] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.848368][ T6801] Invalid ELF header magic: != ELF [ 161.863550][ T6001] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 161.892042][ T6001] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 161.904258][ T6001] bond0 (unregistering): Released all slaves [ 163.003683][ T5969] Bluetooth: hci2: command tx timeout [ 163.545343][ T6824] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 163.590661][ T6001] hsr_slave_0: left promiscuous mode [ 163.599403][ T6001] hsr_slave_1: left promiscuous mode [ 163.607351][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.616467][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.635428][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.656801][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.693362][ T6001] veth1_macvtap: left promiscuous mode [ 163.701075][ T6001] veth0_macvtap: left promiscuous mode [ 163.708364][ T6001] veth1_vlan: left promiscuous mode [ 163.715016][ T6001] veth0_vlan: left promiscuous mode [ 164.545817][ T6001] team0 (unregistering): Port device team_slave_1 removed [ 164.605909][ T6001] team0 (unregistering): Port device team_slave_0 removed [ 165.994305][ T6851] FAULT_INJECTION: forcing a failure. [ 165.994305][ T6851] name failslab, interval 1, probability 0, space 0, times 1 [ 166.008674][ T6851] CPU: 0 UID: 0 PID: 6851 Comm: syz.1.126 Not tainted syzkaller #0 PREEMPT(full) [ 166.008712][ T6851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 166.008730][ T6851] Call Trace: [ 166.008741][ T6851] [ 166.008752][ T6851] dump_stack_lvl+0x16c/0x1f0 [ 166.008796][ T6851] should_fail_ex+0x512/0x640 [ 166.008845][ T6851] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 166.008883][ T6851] should_failslab+0xc2/0x120 [ 166.008925][ T6851] kmem_cache_alloc_noprof+0x75/0x6e0 [ 166.008957][ T6851] ? vm_area_alloc+0x1f/0x160 [ 166.009010][ T6851] ? vm_area_alloc+0x1f/0x160 [ 166.009053][ T6851] vm_area_alloc+0x1f/0x160 [ 166.009103][ T6851] create_init_stack_vma+0x29/0x700 [ 166.009146][ T6851] alloc_bprm+0x420/0x710 [ 166.009182][ T6851] do_execveat_common.isra.0+0x1ce/0x610 [ 166.009223][ T6851] __x64_sys_execve+0x8e/0xb0 [ 166.009256][ T6851] do_syscall_64+0xcd/0xfa0 [ 166.009304][ T6851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.009336][ T6851] RIP: 0033:0x7f7b7278f6c9 [ 166.009358][ T6851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.009387][ T6851] RSP: 002b:00007f7b736d8038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 166.009418][ T6851] RAX: ffffffffffffffda RBX: 00007f7b729e5fa0 RCX: 00007f7b7278f6c9 [ 166.009439][ T6851] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 166.009458][ T6851] RBP: 00007f7b72811f91 R08: 0000000000000000 R09: 0000000000000000 [ 166.009478][ T6851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.009497][ T6851] R13: 00007f7b729e6038 R14: 00007f7b729e5fa0 R15: 00007ffeff5ce378 [ 166.009539][ T6851] [ 166.453327][ T6858] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 166.778027][ T6621] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 166.816109][ T6621] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 166.848437][ T6621] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 166.906558][ T6621] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 167.131286][ T6689] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 167.171133][ T6689] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 167.239672][ T6689] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 167.327591][ T6689] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 167.650472][ T6621] 8021q: adding VLAN 0 to HW filter on device bond0 [ 167.712557][ T6621] 8021q: adding VLAN 0 to HW filter on device team0 [ 167.764567][ T6556] bridge0: port 1(bridge_slave_0) entered blocking state [ 167.771814][ T6556] bridge0: port 1(bridge_slave_0) entered forwarding state [ 167.873086][ T6296] bridge0: port 2(bridge_slave_1) entered blocking state [ 167.880384][ T6296] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.058574][ T6689] 8021q: adding VLAN 0 to HW filter on device bond0 [ 168.076517][ T6621] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 168.168565][ T6689] 8021q: adding VLAN 0 to HW filter on device team0 [ 168.222235][ T6296] bridge0: port 1(bridge_slave_0) entered blocking state [ 168.229546][ T6296] bridge0: port 1(bridge_slave_0) entered forwarding state [ 168.295467][ T6296] bridge0: port 2(bridge_slave_1) entered blocking state [ 168.302734][ T6296] bridge0: port 2(bridge_slave_1) entered forwarding state [ 168.992953][ T6621] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 169.324155][ T6689] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 169.584766][ T6621] veth0_vlan: entered promiscuous mode [ 169.776501][ T6621] veth1_vlan: entered promiscuous mode [ 170.176323][ T6689] veth0_vlan: entered promiscuous mode [ 170.240441][ T6689] veth1_vlan: entered promiscuous mode [ 170.261626][ T6621] veth0_macvtap: entered promiscuous mode [ 170.293449][ T6621] veth1_macvtap: entered promiscuous mode [ 170.472783][ T6689] veth0_macvtap: entered promiscuous mode [ 170.487361][ T6621] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 170.521493][ T6689] veth1_macvtap: entered promiscuous mode [ 170.542691][ T6621] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 170.621976][ T6514] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.651660][ T6514] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.669211][ T6514] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.699404][ T6296] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 170.739225][ T6689] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 170.776278][ T6689] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 170.841337][ T5972] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.055328][ T5972] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.078353][ T5972] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.108469][ T5972] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 171.351396][ T6001] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.420782][ T6296] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.431651][ T6296] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.539806][ T6001] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.655771][ T6514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.687872][ T6514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 171.752602][ T6001] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 171.831588][ T6511] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 171.841083][ T6511] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.052924][ T6001] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.195058][ T6511] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 172.217316][ T6511] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 172.394608][ T30] audit: type=1800 audit(1762427427.705:4): pid=6968 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.139" name="features" dev="configfs" ino=15859 res=0 errno=0 [ 172.532189][ T6968] netlink: 330 bytes leftover after parsing attributes in process `syz.2.139'. [ 172.548890][ T5976] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 172.569754][ T5976] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 172.582280][ T5976] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 172.600707][ T5976] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 172.611564][ T5976] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 172.866313][ T6001] bridge_slave_1: left allmulticast mode [ 172.878351][ T6001] bridge_slave_1: left promiscuous mode [ 172.884363][ T6001] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.971453][ T6001] bridge_slave_0: left allmulticast mode [ 172.977766][ T6001] bridge_slave_0: left promiscuous mode [ 172.994781][ T6001] bridge0: port 1(bridge_slave_0) entered disabled state [ 173.497753][ T6988] zswap: compressor 000 not available [ 174.681779][ T6001] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 174.698596][ T5976] Bluetooth: hci1: command tx timeout [ 174.792893][ T6001] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 174.811230][ T6001] bond0 (unregistering): Released all slaves [ 175.315454][ T30] audit: type=1800 audit(1762427430.624:5): pid=7032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.144" name="lu_gp_id" dev="configfs" ino=16075 res=0 errno=0 [ 175.769132][ T7039] netlink: 8 bytes leftover after parsing attributes in process `syz.2.146'. [ 176.186727][ T6001] hsr_slave_0: left promiscuous mode [ 176.217224][ T6001] hsr_slave_1: left promiscuous mode [ 176.227241][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 176.240029][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 176.272656][ T6001] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 176.282493][ T6001] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 176.331925][ T6001] veth1_macvtap: left promiscuous mode [ 176.338806][ T6001] veth0_macvtap: left promiscuous mode [ 176.345694][ T6001] veth1_vlan: left promiscuous mode [ 176.351263][ T6001] veth0_vlan: left promiscuous mode [ 176.770184][ T5976] Bluetooth: hci1: command tx timeout [ 177.246931][ T6001] team0 (unregistering): Port device team_slave_1 removed [ 177.382448][ T6001] team0 (unregistering): Port device team_slave_0 removed [ 178.335711][ T6972] chnl_net:caif_netlink_parms(): no params data found [ 178.851258][ T5976] Bluetooth: hci1: command tx timeout [ 179.090429][ T6972] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.108780][ T6972] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.119536][ T6972] bridge_slave_0: entered allmulticast mode [ 179.152962][ T6972] bridge_slave_0: entered promiscuous mode [ 179.162474][ T6972] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.177149][ T6972] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.191602][ T6972] bridge_slave_1: entered allmulticast mode [ 179.214603][ T6972] bridge_slave_1: entered promiscuous mode [ 179.377141][ T6972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.426548][ T6972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.613483][ T6972] team0: Port device team_slave_0 added [ 179.623175][ T6972] team0: Port device team_slave_1 added [ 179.753435][ T6972] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 179.760888][ T6972] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 179.876108][ T6972] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 179.922720][ T6972] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 179.943505][ T6972] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 180.052749][ T6972] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.419408][ T6972] hsr_slave_0: entered promiscuous mode [ 180.443413][ T6972] hsr_slave_1: entered promiscuous mode [ 180.449983][ T6972] debugfs: 'hsr0' already exists in 'hsr' [ 180.509443][ T6972] Cannot create hsr debugfs directory [ 180.729322][ T7123] random: crng reseeded on system resumption [ 180.938908][ T5976] Bluetooth: hci1: command tx timeout [ 181.848854][ T7142] Console: switching to colour VGA+ 80x25 [ 182.110877][ T7142] Console: switching to colour frame buffer device 128x48 [ 182.977843][ T7158] syz.3.165 uses obsolete (PF_INET,SOCK_PACKET) [ 183.045777][ T6972] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 183.097459][ T6972] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 183.127481][ T6972] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 183.167265][ T6972] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 183.803368][ T6972] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.878303][ T7174] Invalid ELF header len 5 [ 183.926016][ T6972] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.986678][ T6296] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.994064][ T6296] bridge0: port 1(bridge_slave_0) entered forwarding state [ 184.058234][ T6296] bridge0: port 2(bridge_slave_1) entered blocking state [ 184.065518][ T6296] bridge0: port 2(bridge_slave_1) entered forwarding state [ 184.950174][ T6972] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 185.162622][ T6972] veth0_vlan: entered promiscuous mode [ 185.230494][ T6972] veth1_vlan: entered promiscuous mode [ 185.595417][ T6972] veth0_macvtap: entered promiscuous mode [ 185.647567][ T6972] veth1_macvtap: entered promiscuous mode [ 185.851536][ T6972] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 185.900340][ T6972] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 185.991271][ T6556] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.017553][ T6556] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.072885][ T7222] ptrace attach of "./syz-executor exec"[6621] was attempted by ""[7222] [ 186.109271][ T6556] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.154931][ T6556] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 186.481850][ T6787] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.518859][ T6787] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.611874][ T6787] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 186.638857][ T6787] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 186.899127][ T7231] Console: switching to colour VGA+ 80x25 [ 187.515145][ T7242] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. syzkaller syzkaller login: [ 188.457633][ T7239] sd 0:0:1:0: PR command failed: 1026 [ 188.463122][ T7239] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 188.470442][ T7239] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 189.458495][ T7267] netlink: 12 bytes leftover after parsing attributes in process `syz.0.179'. [ 190.131720][ T7278] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 192.906077][ T7308] can: request_module (can-proto-0) failed. [ 196.015671][ T7345] netlink: 342 bytes leftover after parsing attributes in process `syz.0.195'. [ 196.897319][ T7362] ubi: mtd0 is already attached to ubi31 [ 200.022602][ T7420] netlink: 8 bytes leftover after parsing attributes in process `syz.1.207'. [ 200.207766][ T7432] __vm_enough_memory: pid: 7432, comm: syz.2.209, bytes: 4398046511104 not enough memory for the allocation [ 202.701468][ T7461] random: crng reseeded on system resumption [ 203.662304][ T7479] netlink: 'syz.3.219': attribute type 1 has an invalid length. [ 204.335761][ T7499] nbd: couldn't find device at index 33904 [ 204.720212][ T7505] netlink: 28 bytes leftover after parsing attributes in process `syz.2.226'. [ 204.798738][ T7507] netlink: 4 bytes leftover after parsing attributes in process `syz.3.225'. [ 204.873390][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.884201][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 206.298270][ T7525] mkiss: ax0: crc mode is auto. [ 206.390883][ T7534] netlink: 342 bytes leftover after parsing attributes in process `syz.3.233'. [ 206.992932][ T7543] netlink: 8 bytes leftover after parsing attributes in process `syz.3.235'. [ 207.053454][ T7537] netlink: 5 bytes leftover after parsing attributes in process `syz.2.234'. [ 208.120023][ T7552] Invalid ELF header magic: != ELF [ 209.897917][ T7578] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 209.910453][ T7578] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 209.945294][ T7578] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 210.070973][ T7578] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 210.134949][ T7578] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 210.167606][ T7578] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 210.219695][ T7578] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 210.246686][ T7578] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 210.252975][ T7578] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 210.308883][ T7578] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 211.187401][ T5976] Bluetooth: hci0: command 0x0c1a tx timeout [ 211.911376][ T5976] Bluetooth: hci3: command 0x0c1a tx timeout [ 212.148053][ T5976] Bluetooth: hci2: command 0x0c1a tx timeout [ 212.324799][ T5976] Bluetooth: hci1: command 0x0c1a tx timeout [ 212.593266][ T7626] netlink: 13 bytes leftover after parsing attributes in process `syz.1.251'. [ 213.988736][ T5976] Bluetooth: hci3: command 0x0c1a tx timeout [ 214.229019][ T5976] Bluetooth: hci2: command 0x0c1a tx timeout [ 214.389112][ T5976] Bluetooth: hci1: command 0x0c1a tx timeout [ 214.747972][ T7659] netlink: 12 bytes leftover after parsing attributes in process `syz.2.259'. [ 216.069784][ T5976] Bluetooth: hci3: command 0x0c1a tx timeout [ 216.179203][ T7678] mkiss: ax0: crc mode is auto. [ 216.318470][ T5976] Bluetooth: hci2: command 0x0c1a tx timeout [ 216.470244][ T5969] Bluetooth: hci1: command 0x0c1a tx timeout [ 217.029508][ T5897] Process accounting resumed [ 218.161245][ T7693] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 218.205629][ T7693] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 218.477766][ T7693] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 218.544155][ T7693] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 218.876779][ T7708] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 220.256539][ T5969] Bluetooth: hci3: command 0x0c1a tx timeout [ 220.262719][ T5976] Bluetooth: hci0: command 0x0c1a tx timeout [ 220.567449][ T5969] Bluetooth: hci2: command 0x0c1a tx timeout [ 220.643993][ T5969] Bluetooth: hci1: command 0x0c1a tx timeout [ 221.498412][ T7741] netlink: 8 bytes leftover after parsing attributes in process `syz.0.278'. [ 222.223696][ T7761] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 222.938931][ T7772] netlink: 342 bytes leftover after parsing attributes in process `syz.0.284'. [ 225.026724][ T7788] netlink: 330 bytes leftover after parsing attributes in process `syz.3.292'. [ 225.241072][ T6556] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.437495][ T6556] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.721364][ T6556] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.938777][ T6556] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 226.498757][ T6556] bridge_slave_1: left allmulticast mode [ 226.525085][ T6556] bridge_slave_1: left promiscuous mode [ 226.530986][ T6556] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.690337][ T6556] bridge_slave_0: left allmulticast mode [ 226.705172][ T6556] bridge_slave_0: left promiscuous mode [ 226.713196][ T6556] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.938200][ T5976] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 226.958029][ T5976] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 226.969012][ T5976] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 226.985376][ T5976] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 226.994526][ T5976] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 227.178813][ T7830] FAULT_INJECTION: forcing a failure. [ 227.178813][ T7830] name failslab, interval 1, probability 0, space 0, times 0 [ 227.231468][ T7828] svc: failed to register nfsdv3 RPC service (errno 111). [ 227.327944][ T7828] svc: failed to register nfsaclv3 RPC service (errno 111). [ 227.354461][ T7830] CPU: 1 UID: 0 PID: 7830 Comm: syz.1.299 Not tainted syzkaller #0 PREEMPT(full) [ 227.354507][ T7830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 227.354525][ T7830] Call Trace: [ 227.354536][ T7830] [ 227.354550][ T7830] dump_stack_lvl+0x16c/0x1f0 [ 227.354593][ T7830] should_fail_ex+0x512/0x640 [ 227.354642][ T7830] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 227.354680][ T7830] should_failslab+0xc2/0x120 [ 227.354723][ T7830] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 227.354755][ T7830] ? stack_trace_save+0x8e/0xc0 [ 227.354794][ T7830] ? __d_alloc+0x32/0xae0 [ 227.354838][ T7830] ? __d_alloc+0x32/0xae0 [ 227.354869][ T7830] __d_alloc+0x32/0xae0 [ 227.354909][ T7830] d_alloc_parallel+0x111/0x1510 [ 227.354967][ T7830] ? find_held_lock+0x2b/0x80 [ 227.355029][ T7830] ? __pfx_d_alloc_parallel+0x10/0x10 [ 227.355081][ T7830] ? __d_lookup+0x266/0x4a0 [ 227.355136][ T7830] lookup_open.isra.0+0x665/0x1580 [ 227.355197][ T7830] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 227.355258][ T7830] ? find_held_lock+0x2b/0x80 [ 227.355306][ T7830] ? __pfx_down_write+0x10/0x10 [ 227.355358][ T7830] path_openat+0x893/0x2cb0 [ 227.355406][ T7830] ? __pfx_path_openat+0x10/0x10 [ 227.355453][ T7830] do_filp_open+0x20b/0x470 [ 227.355489][ T7830] ? __pfx_do_filp_open+0x10/0x10 [ 227.355554][ T7830] ? _raw_spin_unlock+0x28/0x50 [ 227.355583][ T7830] ? alloc_fd+0x471/0x7d0 [ 227.355627][ T7830] do_sys_openat2+0x11b/0x1d0 [ 227.355674][ T7830] ? __pfx_do_sys_openat2+0x10/0x10 [ 227.355739][ T7830] __x64_sys_open+0x153/0x1e0 [ 227.355787][ T7830] ? __pfx___x64_sys_open+0x10/0x10 [ 227.355845][ T7830] ? rcu_is_watching+0x12/0xc0 [ 227.355884][ T7830] do_syscall_64+0xcd/0xfa0 [ 227.355924][ T7830] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.355956][ T7830] RIP: 0033:0x7f8506f8f6c9 [ 227.355982][ T7830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 227.356020][ T7830] RSP: 002b:00007f8507eda038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 227.356051][ T7830] RAX: ffffffffffffffda RBX: 00007f85071e5fa0 RCX: 00007f8506f8f6c9 [ 227.356072][ T7830] RDX: 0000000000000055 RSI: 0000000000022240 RDI: 0000000000000000 [ 227.356092][ T7830] RBP: 00007f8507011f91 R08: 0000000000000000 R09: 0000000000000000 [ 227.356112][ T7830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.356132][ T7830] R13: 00007f85071e6038 R14: 00007f85071e5fa0 R15: 00007ffccd912be8 [ 227.356177][ T7830] [ 228.766702][ T6556] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 228.793279][ T6556] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 228.808185][ T6556] bond0 (unregistering): Released all slaves [ 229.041452][ T5976] Bluetooth: hci2: command tx timeout [ 230.416994][ T6556] hsr_slave_0: left promiscuous mode [ 230.518253][ T6556] hsr_slave_1: left promiscuous mode [ 230.534940][ T6556] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 230.569356][ T6556] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 230.607863][ T6556] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 230.616347][ T6556] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 230.743824][ T6556] veth1_macvtap: left promiscuous mode [ 230.749939][ T6556] veth0_macvtap: left promiscuous mode [ 230.755760][ T6556] veth1_vlan: left promiscuous mode [ 230.782459][ T6556] veth0_vlan: left promiscuous mode [ 231.119637][ T5976] Bluetooth: hci2: command tx timeout [ 231.866491][ T7900] zswap: compressor not available [ 231.998385][ T6556] team0 (unregistering): Port device team_slave_1 removed [ 232.054279][ T6556] team0 (unregistering): Port device team_slave_0 removed [ 232.481706][ T7823] chnl_net:caif_netlink_parms(): no params data found [ 233.198588][ T5976] Bluetooth: hci2: command tx timeout [ 233.274878][ T7823] bridge0: port 1(bridge_slave_0) entered blocking state [ 233.291614][ T7823] bridge0: port 1(bridge_slave_0) entered disabled state [ 233.321743][ T7823] bridge_slave_0: entered allmulticast mode [ 233.333194][ T7823] bridge_slave_0: entered promiscuous mode [ 233.563974][ T7823] bridge0: port 2(bridge_slave_1) entered blocking state [ 233.578707][ T7823] bridge0: port 2(bridge_slave_1) entered disabled state [ 233.586119][ T7823] bridge_slave_1: entered allmulticast mode [ 233.607994][ T7823] bridge_slave_1: entered promiscuous mode [ 233.688646][ T7823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 233.712310][ T7823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 233.860565][ T7823] team0: Port device team_slave_0 added [ 233.887339][ T7823] team0: Port device team_slave_1 added [ 233.965828][ T7823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 233.975206][ T7823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 234.002864][ T7823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 234.017759][ T7823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 234.025279][ T7823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 234.054489][ T7823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 234.269351][ T7823] hsr_slave_0: entered promiscuous mode [ 234.276397][ T7823] hsr_slave_1: entered promiscuous mode [ 234.302541][ T7823] debugfs: 'hsr0' already exists in 'hsr' [ 234.321473][ T7823] Cannot create hsr debugfs directory [ 235.281077][ T5976] Bluetooth: hci2: command tx timeout [ 237.393046][ T7823] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 237.531366][ T7823] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 237.672520][ T7823] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 237.815494][ T7823] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 238.325326][ T7823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 238.500717][ T7823] 8021q: adding VLAN 0 to HW filter on device team0 [ 238.624295][ T6511] bridge0: port 1(bridge_slave_0) entered blocking state [ 238.631556][ T6511] bridge0: port 1(bridge_slave_0) entered forwarding state [ 238.786598][ T5972] bridge0: port 2(bridge_slave_1) entered blocking state [ 238.793849][ T5972] bridge0: port 2(bridge_slave_1) entered forwarding state [ 239.220405][ T8029] hub 8-0:1.0: USB hub found [ 239.225575][ T8029] hub 8-0:1.0: 1 port detected [ 239.569750][ T8043] FAULT_INJECTION: forcing a failure. [ 239.569750][ T8043] name failslab, interval 1, probability 0, space 0, times 0 [ 239.582660][ T8043] CPU: 1 UID: 0 PID: 8043 Comm: syz.3.326 Not tainted syzkaller #0 PREEMPT(full) [ 239.582705][ T8043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 239.582724][ T8043] Call Trace: [ 239.582734][ T8043] [ 239.582743][ T8043] dump_stack_lvl+0x16c/0x1f0 [ 239.582776][ T8043] should_fail_ex+0x512/0x640 [ 239.582813][ T8043] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 239.582865][ T8043] should_failslab+0xc2/0x120 [ 239.582899][ T8043] kmem_cache_alloc_noprof+0x75/0x6e0 [ 239.582924][ T8043] ? alloc_empty_file+0x55/0x1e0 [ 239.582964][ T8043] ? alloc_empty_file+0x55/0x1e0 [ 239.582997][ T8043] alloc_empty_file+0x55/0x1e0 [ 239.583033][ T8043] path_openat+0xda/0x2cb0 [ 239.583069][ T8043] ? __pfx_path_openat+0x10/0x10 [ 239.583098][ T8043] ? __lock_acquire+0xb8a/0x1c90 [ 239.583134][ T8043] do_filp_open+0x20b/0x470 [ 239.583161][ T8043] ? __pfx_do_filp_open+0x10/0x10 [ 239.583208][ T8043] ? alloc_fd+0x471/0x7d0 [ 239.583240][ T8043] do_sys_openat2+0x11b/0x1d0 [ 239.583276][ T8043] ? __pfx_do_sys_openat2+0x10/0x10 [ 239.583324][ T8043] __x64_sys_openat+0x174/0x210 [ 239.583361][ T8043] ? __pfx___x64_sys_openat+0x10/0x10 [ 239.583409][ T8043] do_syscall_64+0xcd/0xfa0 [ 239.583439][ T8043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.583464][ T8043] RIP: 0033:0x7f6577b8df10 [ 239.583482][ T8043] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 239.583505][ T8043] RSP: 002b:00007f65759f3f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 239.583528][ T8043] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f6577b8df10 [ 239.583543][ T8043] RDX: 0000000000000002 RSI: 00007f65759f3fa0 RDI: 00000000ffffff9c [ 239.583558][ T8043] RBP: 00007f65759f3fa0 R08: 0000000000000000 R09: 0000000000000000 [ 239.583572][ T8043] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 239.583587][ T8043] R13: 00007f6577de6308 R14: 00007f6577de6270 R15: 00007ffe51c856e8 [ 239.583619][ T8043] [ 240.600006][ T7823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 240.824642][ T7823] veth0_vlan: entered promiscuous mode [ 240.899563][ T7823] veth1_vlan: entered promiscuous mode [ 240.955402][ T7823] veth0_macvtap: entered promiscuous mode [ 240.981475][ T7823] veth1_macvtap: entered promiscuous mode [ 241.080219][ T7823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 241.106276][ T7823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 241.145043][ T6511] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.157955][ T6511] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.233717][ T6511] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.252447][ T6511] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 241.285118][ T8051] syz.1.328 (8051) used greatest stack depth: 19720 bytes left [ 241.522070][ T6787] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.561359][ T6787] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 241.661641][ T6514] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 241.702998][ T6514] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 242.312620][ T8095] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 245.643864][ T8180] ======================================================= [ 245.643864][ T8180] WARNING: The mand mount option has been deprecated and [ 245.643864][ T8180] and is ignored by this kernel. Remove the mand [ 245.643864][ T8180] option from the mount to silence this warning. [ 245.643864][ T8180] ======================================================= [ 248.495548][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 248.709887][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 248.719620][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 248.730019][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 248.740047][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 248.750258][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 248.760069][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 248.770390][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 248.823783][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 248.833360][ T8242] netlink: 28 bytes leftover after parsing attributes in process `syz.0.357'. [ 250.748860][ T8292] binder: 8290:8292 ioctl 40046210 0 returned -14 [ 251.843255][ T8315] FAULT_INJECTION: forcing a failure. [ 251.843255][ T8315] name failslab, interval 1, probability 0, space 0, times 0 [ 251.891400][ T8315] CPU: 1 UID: 0 PID: 8315 Comm: syz.1.376 Not tainted syzkaller #0 PREEMPT(full) [ 251.891437][ T8315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 251.891451][ T8315] Call Trace: [ 251.891459][ T8315] [ 251.891467][ T8315] dump_stack_lvl+0x16c/0x1f0 [ 251.891502][ T8315] should_fail_ex+0x512/0x640 [ 251.891540][ T8315] ? fs_reclaim_acquire+0xae/0x150 [ 251.891575][ T8315] should_failslab+0xc2/0x120 [ 251.891608][ T8315] __kmalloc_noprof+0xdd/0x880 [ 251.891648][ T8315] ? tomoyo_encode2+0x100/0x3e0 [ 251.891680][ T8315] ? tomoyo_encode2+0x100/0x3e0 [ 251.891711][ T8315] tomoyo_encode2+0x100/0x3e0 [ 251.891756][ T8315] tomoyo_encode+0x29/0x50 [ 251.891792][ T8315] tomoyo_realpath_from_path+0x18f/0x6e0 [ 251.891841][ T8315] tomoyo_check_open_permission+0x2ab/0x3c0 [ 251.891898][ T8315] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 251.891972][ T8315] ? do_raw_spin_lock+0x12c/0x2b0 [ 251.892018][ T8315] tomoyo_file_open+0x6b/0x90 [ 251.892050][ T8315] security_file_open+0x84/0x1e0 [ 251.892076][ T8315] do_dentry_open+0x596/0x1530 [ 251.892112][ T8315] vfs_open+0x82/0x3f0 [ 251.892156][ T8315] path_openat+0x1de4/0x2cb0 [ 251.892193][ T8315] ? __pfx_path_openat+0x10/0x10 [ 251.892221][ T8315] ? __lock_acquire+0xb8a/0x1c90 [ 251.892258][ T8315] do_filp_open+0x20b/0x470 [ 251.892285][ T8315] ? __pfx_do_filp_open+0x10/0x10 [ 251.892333][ T8315] ? alloc_fd+0x471/0x7d0 [ 251.892365][ T8315] do_sys_openat2+0x11b/0x1d0 [ 251.892401][ T8315] ? __pfx_do_sys_openat2+0x10/0x10 [ 251.892449][ T8315] __x64_sys_openat+0x174/0x210 [ 251.892487][ T8315] ? __pfx___x64_sys_openat+0x10/0x10 [ 251.892537][ T8315] do_syscall_64+0xcd/0xfa0 [ 251.892567][ T8315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.892592][ T8315] RIP: 0033:0x7f8506f8f6c9 [ 251.892611][ T8315] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.892634][ T8315] RSP: 002b:00007f8507eda038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 251.892656][ T8315] RAX: ffffffffffffffda RBX: 00007f85071e5fa0 RCX: 00007f8506f8f6c9 [ 251.892672][ T8315] RDX: 0000000000105800 RSI: 0000200000000ac0 RDI: ffffffffffffff9c [ 251.892687][ T8315] RBP: 00007f8507011f91 R08: 0000000000000000 R09: 0000000000000000 [ 251.892702][ T8315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 251.892716][ T8315] R13: 00007f85071e6038 R14: 00007f85071e5fa0 R15: 00007ffccd912be8 [ 251.892756][ T8315] [ 251.892780][ T8315] ERROR: Out of memory at tomoyo_realpath_from_path. [ 251.988310][ T8317] syz.1.376 (8317): attempted to duplicate a private mapping with mremap. This is not supported. [ 253.689641][ T8349] snd_aloop snd_aloop.0: control 7:257:7:ª¸è:0 is already present [ 253.961678][ T30] audit: type=1800 audit(33704.858:6): pid=8339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.381" name="discovery_nqn" dev="configfs" ino=23381 res=0 errno=0 [ 254.551400][ T8360] binder: 8356:8360 ioctl 40046205 0 returned -22 [ 254.591980][ T5976] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 254.838350][ T8365] __nla_validate_parse: 58 callbacks suppressed [ 254.838369][ T8365] netlink: 4 bytes leftover after parsing attributes in process `syz.1.387'. [ 255.039407][ T8367] netlink: 25 bytes leftover after parsing attributes in process `syz.1.387'. [ 255.227158][ T8371] netlink: 28 bytes leftover after parsing attributes in process `syz.2.388'. [ 255.357439][ T8371] hsr_slave_0: left promiscuous mode [ 255.366311][ T8371] hsr_slave_1: left promiscuous mode [ 256.372089][ T8395] netlink: 98 bytes leftover after parsing attributes in process `syz.1.393'. [ 257.040839][ T8411] __vm_enough_memory: pid: 8411, comm: syz.3.396, bytes: 4398046511104 not enough memory for the allocation [ 257.185144][ T30] audit: type=1326 audit(33707.966:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8410 comm="syz.3.396" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6577b8f6c9 code=0x0 [ 257.607043][ T8435] random: crng reseeded on system resumption [ 257.687497][ T8437] FAULT_INJECTION: forcing a failure. [ 257.687497][ T8437] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 257.734732][ T8437] CPU: 0 UID: 0 PID: 8437 Comm: syz.2.401 Not tainted syzkaller #0 PREEMPT(full) [ 257.734766][ T8437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 257.734780][ T8437] Call Trace: [ 257.734788][ T8437] [ 257.734797][ T8437] dump_stack_lvl+0x16c/0x1f0 [ 257.734829][ T8437] should_fail_ex+0x512/0x640 [ 257.734870][ T8437] should_fail_alloc_page+0xe7/0x130 [ 257.734905][ T8437] prepare_alloc_pages+0x3c2/0x610 [ 257.734936][ T8437] ? is_bpf_text_address+0x94/0x1a0 [ 257.734977][ T8437] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 257.735002][ T8437] ? arch_stack_walk+0xa6/0x100 [ 257.735037][ T8437] ? stack_trace_save+0x8e/0xc0 [ 257.735064][ T8437] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 257.735088][ T8437] ? rcu_is_watching+0x12/0xc0 [ 257.735121][ T8437] ? kasan_save_track+0x14/0x30 [ 257.735147][ T8437] ? __kasan_slab_alloc+0x89/0x90 [ 257.735176][ T8437] ? kmem_cache_alloc_noprof+0x250/0x6e0 [ 257.735198][ T8437] ? __pmd_alloc+0xbf/0x8b0 [ 257.735234][ T8437] ? __handle_mm_fault+0xada/0x2aa0 [ 257.735270][ T8437] ? handle_mm_fault+0x589/0xd10 [ 257.735305][ T8437] ? __get_user_pages+0x54e/0x3530 [ 257.735337][ T8437] ? populate_vma_page_range+0x267/0x3f0 [ 257.735372][ T8437] ? __mm_populate+0x1d8/0x380 [ 257.735405][ T8437] ? vm_mmap_pgoff+0x37f/0x470 [ 257.735434][ T8437] ? ksys_mmap_pgoff+0x7d/0x5c0 [ 257.735463][ T8437] ? __x64_sys_mmap+0x125/0x190 [ 257.735497][ T8437] ? do_syscall_64+0xcd/0xfa0 [ 257.735523][ T8437] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 257.735568][ T8437] ? policy_nodemask+0xea/0x4e0 [ 257.735604][ T8437] alloc_pages_mpol+0x1fb/0x550 [ 257.735638][ T8437] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 257.735680][ T8437] alloc_pages_noprof+0x131/0x390 [ 257.735718][ T8437] pte_alloc_one+0x1e/0x350 [ 257.735746][ T8437] __pte_alloc+0x6d/0x380 [ 257.735775][ T8437] ? __pfx___pte_alloc+0x10/0x10 [ 257.735807][ T8437] ? do_raw_spin_lock+0x12c/0x2b0 [ 257.735849][ T8437] do_pte_missing+0x282c/0x3ba0 [ 257.735889][ T8437] ? do_raw_spin_unlock+0x172/0x230 [ 257.735929][ T8437] ? _raw_spin_unlock+0x28/0x50 [ 257.735951][ T8437] ? __pmd_alloc+0x64f/0x8b0 [ 257.735988][ T8437] __handle_mm_fault+0x1556/0x2aa0 [ 257.736035][ T8437] ? __pfx___handle_mm_fault+0x10/0x10 [ 257.736099][ T8437] handle_mm_fault+0x589/0xd10 [ 257.736144][ T8437] __get_user_pages+0x54e/0x3530 [ 257.736190][ T8437] ? __pfx___get_user_pages+0x10/0x10 [ 257.736238][ T8437] populate_vma_page_range+0x267/0x3f0 [ 257.736275][ T8437] ? __pfx_populate_vma_page_range+0x10/0x10 [ 257.736311][ T8437] ? __pfx_find_vma_intersection+0x10/0x10 [ 257.736344][ T8437] ? do_mmap+0x69c/0x1210 [ 257.736381][ T8437] __mm_populate+0x1d8/0x380 [ 257.736418][ T8437] ? __pfx___mm_populate+0x10/0x10 [ 257.736455][ T8437] ? up_write+0x1b2/0x520 [ 257.736495][ T8437] vm_mmap_pgoff+0x37f/0x470 [ 257.736529][ T8437] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 257.736573][ T8437] ? __x64_sys_futex+0x1e0/0x4c0 [ 257.736606][ T8437] ? __x64_sys_futex+0x1e9/0x4c0 [ 257.736643][ T8437] ksys_mmap_pgoff+0x7d/0x5c0 [ 257.736673][ T8437] ? xfd_validate_state+0x61/0x180 [ 257.736708][ T8437] ? __pfx_ksys_write+0x10/0x10 [ 257.736738][ T8437] __x64_sys_mmap+0x125/0x190 [ 257.736778][ T8437] do_syscall_64+0xcd/0xfa0 [ 257.736808][ T8437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.736832][ T8437] RIP: 0033:0x7f8f1998f6c9 [ 257.736851][ T8437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.736874][ T8437] RSP: 002b:00007f8f1a845038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 257.736896][ T8437] RAX: ffffffffffffffda RBX: 00007f8f19be5fa0 RCX: 00007f8f1998f6c9 [ 257.736912][ T8437] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 257.736927][ T8437] RBP: 00007f8f19a11f91 R08: 0000000000000002 R09: 0000000000008000 [ 257.736941][ T8437] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 257.736955][ T8437] R13: 00007f8f19be6038 R14: 00007f8f19be5fa0 R15: 00007ffcfd5584c8 [ 257.736987][ T8437] [ 258.954254][ T8460] netlink: 342 bytes leftover after parsing attributes in process `syz.1.407'. [ 259.031507][ T8463] FAULT_INJECTION: forcing a failure. [ 259.031507][ T8463] name failslab, interval 1, probability 0, space 0, times 0 [ 259.069010][ T8463] CPU: 0 UID: 0 PID: 8463 Comm: syz.0.408 Not tainted syzkaller #0 PREEMPT(full) [ 259.069056][ T8463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 259.069077][ T8463] Call Trace: [ 259.069088][ T8463] [ 259.069101][ T8463] dump_stack_lvl+0x16c/0x1f0 [ 259.069145][ T8463] should_fail_ex+0x512/0x640 [ 259.069193][ T8463] ? __kmalloc_cache_noprof+0x5f/0x780 [ 259.069250][ T8463] should_failslab+0xc2/0x120 [ 259.069293][ T8463] __kmalloc_cache_noprof+0x72/0x780 [ 259.069346][ T8463] ? alloc_pipe_info+0x10e/0x590 [ 259.069383][ T8463] ? security_inode_alloc+0xcf/0x2b0 [ 259.069435][ T8463] ? alloc_pipe_info+0x10e/0x590 [ 259.069472][ T8463] alloc_pipe_info+0x10e/0x590 [ 259.069514][ T8463] create_pipe_files+0x8c/0x9a0 [ 259.069558][ T8463] do_pipe2+0xaf/0x1c0 [ 259.069595][ T8463] ? __pfx_do_pipe2+0x10/0x10 [ 259.069633][ T8463] ? xfd_validate_state+0x61/0x180 [ 259.069678][ T8463] ? __pfx___x64_sys_chdir+0x10/0x10 [ 259.069728][ T8463] __x64_sys_pipe+0x33/0x50 [ 259.069766][ T8463] do_syscall_64+0xcd/0xfa0 [ 259.069805][ T8463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.069846][ T8463] RIP: 0033:0x7f433078f6c9 [ 259.069872][ T8463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.069903][ T8463] RSP: 002b:00007f433159f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 259.069933][ T8463] RAX: ffffffffffffffda RBX: 00007f43309e5fa0 RCX: 00007f433078f6c9 [ 259.069954][ T8463] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 259.069972][ T8463] RBP: 00007f4330811f91 R08: 0000000000000000 R09: 0000000000000000 [ 259.069991][ T8463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.070009][ T8463] R13: 00007f43309e6038 R14: 00007f43309e5fa0 R15: 00007fffa5f4a988 [ 259.070052][ T8463] [ 259.257472][ C0] vkms_vblank_simulate: vblank timer overrun [ 259.286492][ T8463] FAULT_INJECTION: forcing a failure. [ 259.286492][ T8463] name failslab, interval 1, probability 0, space 0, times 0 [ 259.361582][ T8463] CPU: 1 UID: 0 PID: 8463 Comm: syz.0.408 Not tainted syzkaller #0 PREEMPT(full) [ 259.361628][ T8463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 259.361647][ T8463] Call Trace: [ 259.361657][ T8463] [ 259.361670][ T8463] dump_stack_lvl+0x16c/0x1f0 [ 259.361712][ T8463] should_fail_ex+0x512/0x640 [ 259.361762][ T8463] ? __kmalloc_node_noprof+0xcd/0x8a0 [ 259.361813][ T8463] should_failslab+0xc2/0x120 [ 259.361858][ T8463] __kmalloc_node_noprof+0xe0/0x8a0 [ 259.361894][ T8463] ? lockdep_init_map_type+0x5c/0x280 [ 259.361940][ T8463] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 259.361988][ T8463] ? blk_mq_alloc_tag_set+0x46f/0x12e0 [ 259.362025][ T8463] blk_mq_alloc_tag_set+0x46f/0x12e0 [ 259.362065][ T8463] ? __pfx_idr_alloc+0x10/0x10 [ 259.362109][ T8463] loop_add+0x3b2/0xb70 [ 259.362145][ T8463] ? __pfx_loop_add+0x10/0x10 [ 259.362212][ T8463] ? find_held_lock+0x2b/0x80 [ 259.362251][ T8463] loop_control_ioctl+0x13e/0x630 [ 259.362286][ T8463] ? __pfx_loop_control_ioctl+0x10/0x10 [ 259.362326][ T8463] ? __pfx_loop_control_ioctl+0x10/0x10 [ 259.362363][ T8463] __x64_sys_ioctl+0x18e/0x210 [ 259.362413][ T8463] do_syscall_64+0xcd/0xfa0 [ 259.362452][ T8463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.362484][ T8463] RIP: 0033:0x7f433078f6c9 [ 259.362509][ T8463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.362539][ T8463] RSP: 002b:00007f433159f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 259.362571][ T8463] RAX: ffffffffffffffda RBX: 00007f43309e5fa0 RCX: 00007f433078f6c9 [ 259.362592][ T8463] RDX: fffffffffffffffd RSI: 0000000000004c80 RDI: 0000000000000008 [ 259.362611][ T8463] RBP: 00007f4330811f91 R08: 0000000000000000 R09: 0000000000000000 [ 259.362630][ T8463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 259.362649][ T8463] R13: 00007f43309e6038 R14: 00007f43309e5fa0 R15: 00007fffa5f4a988 [ 259.362692][ T8463] [ 259.967937][ T8482] tipc: Started in network mode [ 259.973343][ T8482] tipc: Node identity ee00, cluster identity 4711 [ 259.979798][ T8482] tipc: Node number set to 60928 [ 259.997331][ T8466] FAULT_INJECTION: forcing a failure. [ 259.997331][ T8466] name failslab, interval 1, probability 0, space 0, times 0 [ 260.010179][ T8466] CPU: 1 UID: 0 PID: 8466 Comm: syz.1.409 Not tainted syzkaller #0 PREEMPT(full) [ 260.010224][ T8466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 260.010244][ T8466] Call Trace: [ 260.010255][ T8466] [ 260.010268][ T8466] dump_stack_lvl+0x16c/0x1f0 [ 260.010313][ T8466] should_fail_ex+0x512/0x640 [ 260.010362][ T8466] ? fs_reclaim_acquire+0xae/0x150 [ 260.010409][ T8466] should_failslab+0xc2/0x120 [ 260.010452][ T8466] __kmalloc_noprof+0xdd/0x880 [ 260.010502][ T8466] ? tomoyo_encode2+0x100/0x3e0 [ 260.010544][ T8466] ? tomoyo_encode2+0x100/0x3e0 [ 260.010577][ T8466] tomoyo_encode2+0x100/0x3e0 [ 260.010618][ T8466] tomoyo_encode+0x29/0x50 [ 260.010652][ T8466] tomoyo_realpath_from_path+0x18f/0x6e0 [ 260.010703][ T8466] tomoyo_check_open_permission+0x2ab/0x3c0 [ 260.010760][ T8466] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 260.010856][ T8466] ? do_raw_spin_lock+0x12c/0x2b0 [ 260.010920][ T8466] tomoyo_file_open+0x6b/0x90 [ 260.010964][ T8466] security_file_open+0x84/0x1e0 [ 260.011008][ T8466] do_dentry_open+0x596/0x1530 [ 260.011065][ T8466] vfs_open+0x82/0x3f0 [ 260.011119][ T8466] path_openat+0x1de4/0x2cb0 [ 260.011168][ T8466] ? __pfx_path_openat+0x10/0x10 [ 260.011206][ T8466] ? __lock_acquire+0xb8a/0x1c90 [ 260.011256][ T8466] do_filp_open+0x20b/0x470 [ 260.011293][ T8466] ? __pfx_do_filp_open+0x10/0x10 [ 260.011359][ T8466] ? alloc_fd+0x471/0x7d0 [ 260.011403][ T8466] do_sys_openat2+0x11b/0x1d0 [ 260.011449][ T8466] ? __pfx_do_sys_openat2+0x10/0x10 [ 260.011514][ T8466] __x64_sys_openat+0x174/0x210 [ 260.011561][ T8466] ? __pfx___x64_sys_openat+0x10/0x10 [ 260.011629][ T8466] do_syscall_64+0xcd/0xfa0 [ 260.011669][ T8466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.011702][ T8466] RIP: 0033:0x7f8506f8f6c9 [ 260.011728][ T8466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.011760][ T8466] RSP: 002b:00007f8507eda038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 260.011792][ T8466] RAX: ffffffffffffffda RBX: 00007f85071e5fa0 RCX: 00007f8506f8f6c9 [ 260.011814][ T8466] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 260.011834][ T8466] RBP: 00007f8507011f91 R08: 0000000000000000 R09: 0000000000000000 [ 260.011854][ T8466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.011872][ T8466] R13: 00007f85071e6038 R14: 00007f85071e5fa0 R15: 00007ffccd912be8 [ 260.011918][ T8466] [ 260.375300][ T8466] ERROR: Out of memory at tomoyo_realpath_from_path. [ 260.874533][ T8500] block2mtd: illegal erase size [ 260.960483][ T5969] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 261.253828][ T8506] netlink: 8 bytes leftover after parsing attributes in process `syz.2.415'. [ 261.951694][ T8523] FAULT_INJECTION: forcing a failure. [ 261.951694][ T8523] name failslab, interval 1, probability 0, space 0, times 0 [ 261.969110][ T8523] CPU: 1 UID: 0 PID: 8523 Comm: syz.3.418 Not tainted syzkaller #0 PREEMPT(full) [ 261.969155][ T8523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 261.969175][ T8523] Call Trace: [ 261.969185][ T8523] [ 261.969198][ T8523] dump_stack_lvl+0x16c/0x1f0 [ 261.969242][ T8523] should_fail_ex+0x512/0x640 [ 261.969293][ T8523] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 261.969330][ T8523] should_failslab+0xc2/0x120 [ 261.969373][ T8523] kmem_cache_alloc_noprof+0x75/0x6e0 [ 261.969406][ T8523] ? alloc_empty_file+0x55/0x1e0 [ 261.969458][ T8523] ? alloc_empty_file+0x55/0x1e0 [ 261.969501][ T8523] ? _raw_spin_unlock+0x28/0x50 [ 261.969529][ T8523] alloc_empty_file+0x55/0x1e0 [ 261.969586][ T8523] alloc_file_pseudo+0x13a/0x230 [ 261.969636][ T8523] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 261.969680][ T8523] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 261.969737][ T8523] create_pipe_files+0x364/0x9a0 [ 261.969785][ T8523] do_pipe2+0xaf/0x1c0 [ 261.969823][ T8523] ? __pfx_do_pipe2+0x10/0x10 [ 261.969862][ T8523] ? xfd_validate_state+0x61/0x180 [ 261.969906][ T8523] ? __pfx_ksys_write+0x10/0x10 [ 261.969952][ T8523] __x64_sys_pipe+0x33/0x50 [ 261.969990][ T8523] do_syscall_64+0xcd/0xfa0 [ 261.970030][ T8523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 261.970063][ T8523] RIP: 0033:0x7f6577b8f6c9 [ 261.970090][ T8523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 261.970120][ T8523] RSP: 002b:00007f6578983038 EFLAGS: 00000246 ORIG_RAX: 0000000000000016 [ 261.970151][ T8523] RAX: ffffffffffffffda RBX: 00007f6577de5fa0 RCX: 00007f6577b8f6c9 [ 261.970172][ T8523] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 261.970192][ T8523] RBP: 00007f6577c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 261.970211][ T8523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 261.970230][ T8523] R13: 00007f6577de6038 R14: 00007f6577de5fa0 R15: 00007ffe51c856e8 [ 261.970274][ T8523] [ 264.091126][ T8550] ubi: mtd0 is already attached to ubi31 [ 264.190145][ T8551] netlink: 'syz.3.425': attribute type 1 has an invalid length. [ 264.234749][ T8553] netlink: 'syz.3.425': attribute type 1 has an invalid length. [ 264.275258][ T8554] random: crng reseeded on system resumption [ 264.641559][ T8551] netlink: 342 bytes leftover after parsing attributes in process `syz.3.425'. [ 264.681652][ T8553] netlink: 342 bytes leftover after parsing attributes in process `syz.3.425'. [ 264.815648][ T8563] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(101.0.0), cmd(5) [ 265.896294][ T8591] netlink: 338 bytes leftover after parsing attributes in process `syz.1.432'. [ 266.337648][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 266.344225][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 268.083369][ T8633] FAULT_INJECTION: forcing a failure. [ 268.083369][ T8633] name failslab, interval 1, probability 0, space 0, times 0 [ 268.145130][ T8633] CPU: 1 UID: 0 PID: 8633 Comm: syz.0.441 Not tainted syzkaller #0 PREEMPT(full) [ 268.145185][ T8633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 268.145204][ T8633] Call Trace: [ 268.145213][ T8633] [ 268.145226][ T8633] dump_stack_lvl+0x16c/0x1f0 [ 268.145267][ T8633] should_fail_ex+0x512/0x640 [ 268.145315][ T8633] ? __kmalloc_cache_noprof+0x5f/0x780 [ 268.145381][ T8633] should_failslab+0xc2/0x120 [ 268.145424][ T8633] __kmalloc_cache_noprof+0x72/0x780 [ 268.145478][ T8633] ? snd_timer_instance_new+0x47/0x2e0 [ 268.145526][ T8633] ? snd_timer_instance_new+0x47/0x2e0 [ 268.145564][ T8633] snd_timer_instance_new+0x47/0x2e0 [ 268.145605][ T8633] snd_seq_timer_open+0x1cc/0x600 [ 268.145639][ T8633] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 268.145677][ T8633] ? find_held_lock+0x2b/0x80 [ 268.145714][ T8633] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 268.145747][ T8633] ? lockdep_hardirqs_on+0x7c/0x110 [ 268.145781][ T8633] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 268.145820][ T8633] queue_use+0xe3/0x250 [ 268.145867][ T8633] snd_seq_queue_alloc+0x2e5/0x5a0 [ 268.145921][ T8633] snd_seq_ioctl_create_queue+0xa9/0x390 [ 268.145965][ T8633] call_seq_client_ctl+0x9f/0x110 [ 268.146002][ T8633] snd_seq_kernel_client_ctl+0x77/0xd0 [ 268.146039][ T8633] alloc_seq_queue+0xda/0x180 [ 268.146077][ T8633] ? __pfx_alloc_seq_queue+0x10/0x10 [ 268.146135][ T8633] ? mark_held_locks+0x49/0x80 [ 268.146176][ T8633] ? _raw_spin_unlock_irq+0x23/0x50 [ 268.146206][ T8633] ? lockdep_hardirqs_on+0x7c/0x110 [ 268.146245][ T8633] snd_seq_oss_open+0x38c/0xa20 [ 268.146292][ T8633] odev_open+0x79/0xc0 [ 268.146333][ T8633] ? __pfx_odev_open+0x10/0x10 [ 268.146370][ T8633] soundcore_open+0x40c/0x580 [ 268.146413][ T8633] ? __pfx_soundcore_open+0x10/0x10 [ 268.146449][ T8633] chrdev_open+0x234/0x6a0 [ 268.146486][ T8633] ? __pfx_apparmor_file_open+0x10/0x10 [ 268.146531][ T8633] ? __pfx_chrdev_open+0x10/0x10 [ 268.146573][ T8633] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 268.146616][ T8633] do_dentry_open+0x982/0x1530 [ 268.146653][ T8633] ? __pfx_chrdev_open+0x10/0x10 [ 268.146699][ T8633] vfs_open+0x82/0x3f0 [ 268.146761][ T8633] path_openat+0x1de4/0x2cb0 [ 268.146812][ T8633] ? __pfx_path_openat+0x10/0x10 [ 268.146850][ T8633] ? __lock_acquire+0xb8a/0x1c90 [ 268.146899][ T8633] do_filp_open+0x20b/0x470 [ 268.146934][ T8633] ? __pfx_do_filp_open+0x10/0x10 [ 268.147002][ T8633] ? alloc_fd+0x471/0x7d0 [ 268.147045][ T8633] do_sys_openat2+0x11b/0x1d0 [ 268.147090][ T8633] ? __pfx_do_sys_openat2+0x10/0x10 [ 268.147156][ T8633] __x64_sys_openat+0x174/0x210 [ 268.147204][ T8633] ? __pfx___x64_sys_openat+0x10/0x10 [ 268.147273][ T8633] do_syscall_64+0xcd/0xfa0 [ 268.147312][ T8633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.147353][ T8633] RIP: 0033:0x7f433078f6c9 [ 268.147379][ T8633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.147408][ T8633] RSP: 002b:00007f433159f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 268.147439][ T8633] RAX: ffffffffffffffda RBX: 00007f43309e5fa0 RCX: 00007f433078f6c9 [ 268.147460][ T8633] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 268.147479][ T8633] RBP: 00007f4330811f91 R08: 0000000000000000 R09: 0000000000000000 [ 268.147498][ T8633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.147517][ T8633] R13: 00007f43309e6038 R14: 00007f43309e5fa0 R15: 00007fffa5f4a988 [ 268.147562][ T8633] [ 269.972368][ T8650] futex_wake_op: syz.2.445 tries to shift op by -2048; fix this program [ 269.980859][ T8651] futex_wake_op: syz.2.445 tries to shift op by -2048; fix this program [ 270.844704][ T8668] ================================================================== [ 270.844720][ T8668] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 270.844812][ T8668] Read of size 256 at addr ffff88805d33f860 by task syz.0.448/8668 [ 270.844833][ T8668] [ 270.844844][ T8668] CPU: 1 UID: 0 PID: 8668 Comm: syz.0.448 Not tainted syzkaller #0 PREEMPT(full) [ 270.844871][ T8668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 270.844886][ T8668] Call Trace: [ 270.844893][ T8668] [ 270.844901][ T8668] dump_stack_lvl+0x116/0x1f0 [ 270.844928][ T8668] print_report+0xcd/0x630 [ 270.844959][ T8668] ? __virt_addr_valid+0x81/0x610 [ 270.844989][ T8668] ? __phys_addr+0xe8/0x180 [ 270.845025][ T8668] ? fbcon_prepare_logo+0xa03/0xc70 [ 270.845060][ T8668] kasan_report+0xe0/0x110 [ 270.845092][ T8668] ? fbcon_prepare_logo+0xa03/0xc70 [ 270.845132][ T8668] kasan_check_range+0x100/0x1b0 [ 270.845174][ T8668] __asan_memcpy+0x23/0x60 [ 270.845198][ T8668] fbcon_prepare_logo+0xa03/0xc70 [ 270.845240][ T8668] fbcon_init+0xd77/0x1900 [ 270.845276][ T8668] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 270.845314][ T8668] visual_init+0x320/0x620 [ 270.845355][ T8668] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 270.845385][ T8668] store_bind+0x61d/0x760 [ 270.845410][ T8668] ? sysfs_file_kobj+0xe4/0x290 [ 270.845437][ T8668] ? __pfx_store_bind+0x10/0x10 [ 270.845460][ T8668] dev_attr_store+0x58/0x80 [ 270.845495][ T8668] ? __pfx_dev_attr_store+0x10/0x10 [ 270.845530][ T8668] sysfs_kf_write+0xf2/0x150 [ 270.845556][ T8668] kernfs_fop_write_iter+0x3af/0x570 [ 270.845595][ T8668] ? __pfx_sysfs_kf_write+0x10/0x10 [ 270.845623][ T8668] iter_file_splice_write+0xa24/0x12e0 [ 270.845657][ T8668] ? __pfx_iter_file_splice_write+0x10/0x10 [ 270.845685][ T8668] ? __pfx_copy_splice_read+0x10/0x10 [ 270.845733][ T8668] ? __pfx_iter_file_splice_write+0x10/0x10 [ 270.845766][ T8668] direct_splice_actor+0x192/0x6c0 [ 270.845791][ T8668] splice_direct_to_actor+0x345/0xa30 [ 270.845823][ T8668] ? __pfx_direct_splice_actor+0x10/0x10 [ 270.845850][ T8668] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 270.845878][ T8668] do_splice_direct+0x174/0x240 [ 270.845902][ T8668] ? __pfx_do_splice_direct+0x10/0x10 [ 270.845925][ T8668] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 270.845968][ T8668] ? rw_verify_area+0xcf/0x6c0 [ 270.845991][ T8668] do_sendfile+0xb06/0xe50 [ 270.846019][ T8668] ? __pfx_do_sendfile+0x10/0x10 [ 270.846046][ T8668] ? __x64_sys_futex+0x1e0/0x4c0 [ 270.846079][ T8668] ? __x64_sys_futex+0x1e9/0x4c0 [ 270.846114][ T8668] __x64_sys_sendfile64+0x1d8/0x220 [ 270.846146][ T8668] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 270.846184][ T8668] do_syscall_64+0xcd/0xfa0 [ 270.846212][ T8668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.846237][ T8668] RIP: 0033:0x7f433078f6c9 [ 270.846255][ T8668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.846278][ T8668] RSP: 002b:00007f433155d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 270.846301][ T8668] RAX: ffffffffffffffda RBX: 00007f43309e6180 RCX: 00007f433078f6c9 [ 270.846317][ T8668] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000007 [ 270.846332][ T8668] RBP: 00007f4330811f91 R08: 0000000000000000 R09: 0000000000000000 [ 270.846347][ T8668] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 270.846362][ T8668] R13: 00007f43309e6218 R14: 00007f43309e6180 R15: 00007fffa5f4a988 [ 270.846386][ T8668] [ 270.846394][ T8668] [ 270.846400][ T8668] Allocated by task 8656: [ 270.846412][ T8668] kasan_save_stack+0x33/0x60 [ 270.846444][ T8668] kasan_save_track+0x14/0x30 [ 270.846470][ T8668] __kasan_kmalloc+0xaa/0xb0 [ 270.846495][ T8668] __kmalloc_noprof+0x32f/0x880 [ 270.846532][ T8668] __register_sysctl_table+0xea2/0x1900 [ 270.846567][ T8668] neigh_sysctl_register+0x31f/0x670 [ 270.846589][ T8668] devinet_sysctl_register+0xb6/0x200 [ 270.846619][ T8668] inetdev_init+0x2b8/0x5a0 [ 270.846646][ T8668] inetdev_event+0xc5f/0x18a0 [ 270.846674][ T8668] notifier_call_chain+0xbc/0x410 [ 270.846705][ T8668] call_netdevice_notifiers_info+0xbe/0x140 [ 270.846734][ T8668] register_netdevice+0x182e/0x2270 [ 270.846764][ T8668] register_netdev+0x34/0x50 [ 270.846788][ T8668] vti6_init_net+0x28f/0x490 [ 270.846819][ T8668] ops_init+0x1e2/0x5f0 [ 270.846840][ T8668] setup_net+0x100/0x390 [ 270.846861][ T8668] copy_net_ns+0x2f8/0x690 [ 270.846886][ T8668] create_new_namespaces+0x3ea/0xa90 [ 270.846910][ T8668] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 270.846937][ T8668] ksys_unshare+0x45b/0xa40 [ 270.846967][ T8668] __x64_sys_unshare+0x31/0x40 [ 270.846998][ T8668] do_syscall_64+0xcd/0xfa0 [ 270.847055][ T8668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.847085][ T8668] [ 270.847093][ T8668] Last potentially related work creation: [ 270.847103][ T8668] kasan_save_stack+0x33/0x60 [ 270.847135][ T8668] kasan_record_aux_stack+0xa7/0xc0 [ 270.847175][ T8668] kvfree_call_rcu+0x86/0x520 [ 270.847212][ T8668] drop_sysctl_table+0x355/0x5f0 [ 270.847250][ T8668] unregister_sysctl_table+0x41/0x60 [ 270.847284][ T8668] neigh_sysctl_unregister+0x5f/0x80 [ 270.847306][ T8668] inetdev_event+0xefc/0x18a0 [ 270.847335][ T8668] notifier_call_chain+0xbc/0x410 [ 270.847365][ T8668] call_netdevice_notifiers_info+0xbe/0x140 [ 270.847394][ T8668] unregister_netdevice_many_notify+0xf5c/0x25c0 [ 270.847427][ T8668] ops_undo_list+0x8fc/0xab0 [ 270.847450][ T8668] setup_net+0x1e2/0x390 [ 270.847471][ T8668] copy_net_ns+0x2f8/0x690 [ 270.847495][ T8668] create_new_namespaces+0x3ea/0xa90 [ 270.847520][ T8668] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 270.847546][ T8668] ksys_unshare+0x45b/0xa40 [ 270.847576][ T8668] __x64_sys_unshare+0x31/0x40 [ 270.847606][ T8668] do_syscall_64+0xcd/0xfa0 [ 270.847631][ T8668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.847653][ T8668] [ 270.847658][ T8668] The buggy address belongs to the object at ffff88805d33f800 [ 270.847658][ T8668] which belongs to the cache kmalloc-256 of size 256 [ 270.847677][ T8668] The buggy address is located 96 bytes inside of [ 270.847677][ T8668] allocated 193-byte region [ffff88805d33f800, ffff88805d33f8c1) [ 270.847702][ T8668] [ 270.847707][ T8668] The buggy address belongs to the physical page: [ 270.847734][ T8668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5d33e [ 270.847764][ T8668] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 270.847783][ T8668] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 270.847804][ T8668] page_type: f5(slab) [ 270.847825][ T8668] raw: 00fff00000000040 ffff88813ffa6b40 ffffea0000cbbb80 dead000000000004 [ 270.847847][ T8668] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 270.847870][ T8668] head: 00fff00000000040 ffff88813ffa6b40 ffffea0000cbbb80 dead000000000004 [ 270.847892][ T8668] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 270.847914][ T8668] head: 00fff00000000001 ffffea000174cf81 00000000ffffffff 00000000ffffffff [ 270.847936][ T8668] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 270.847950][ T8668] page dumped because: kasan: bad access detected [ 270.847966][ T8668] page_owner tracks the page as allocated [ 270.847974][ T8668] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5834, tgid 5834 (syz-executor), ts 104901243630, free_ts 36607339559 [ 270.848017][ T8668] post_alloc_hook+0x1c0/0x230 [ 270.848055][ T8668] get_page_from_freelist+0x10a3/0x3a30 [ 270.848077][ T8668] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 270.848100][ T8668] alloc_pages_mpol+0x1fb/0x550 [ 270.848130][ T8668] new_slab+0x24a/0x360 [ 270.848164][ T8668] ___slab_alloc+0xdae/0x1a60 [ 270.848199][ T8668] __slab_alloc.constprop.0+0x63/0x110 [ 270.848237][ T8668] __kmalloc_noprof+0x501/0x880 [ 270.848274][ T8668] __register_sysctl_table+0xea2/0x1900 [ 270.848308][ T8668] neigh_sysctl_register+0x31f/0x670 [ 270.848329][ T8668] devinet_sysctl_register+0xb6/0x200 [ 270.848359][ T8668] inetdev_init+0x2b8/0x5a0 [ 270.848386][ T8668] inetdev_event+0xc5f/0x18a0 [ 270.848414][ T8668] notifier_call_chain+0xbc/0x410 [ 270.848444][ T8668] call_netdevice_notifiers_info+0xbe/0x140 [ 270.848473][ T8668] register_netdevice+0x182e/0x2270 [ 270.848498][ T8668] page last free pid 1 tgid 1 stack trace: [ 270.848510][ T8668] __free_frozen_pages+0x7df/0x1160 [ 270.848551][ T8668] free_contig_range+0x183/0x4b0 [ 270.848585][ T8668] destroy_args+0xb69/0x12e0 [ 270.848612][ T8668] debug_vm_pgtable+0x1a32/0x3640 [ 270.848639][ T8668] do_one_initcall+0x123/0x6e0 [ 270.848670][ T8668] kernel_init_freeable+0x5c8/0x920 [ 270.848702][ T8668] kernel_init+0x1c/0x2b0 [ 270.848735][ T8668] ret_from_fork+0x675/0x7d0 [ 270.848774][ T8668] ret_from_fork_asm+0x1a/0x30 [ 270.848806][ T8668] [ 270.848811][ T8668] Memory state around the buggy address: [ 270.848823][ T8668] ffff88805d33f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 270.848840][ T8668] ffff88805d33f800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 270.848857][ T8668] >ffff88805d33f880: 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc fc [ 270.848870][ T8668] ^ [ 270.848883][ T8668] ffff88805d33f900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 270.848903][ T8668] ffff88805d33f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 270.848916][ T8668] ================================================================== [ 270.864588][ T8668] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 270.864615][ T8668] CPU: 0 UID: 0 PID: 8668 Comm: syz.0.448 Not tainted syzkaller #0 PREEMPT(full) [ 270.864653][ T8668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 270.864672][ T8668] Call Trace: [ 270.864681][ T8668] [ 270.864693][ T8668] dump_stack_lvl+0x3d/0x1f0 [ 270.864735][ T8668] vpanic+0x640/0x6f0 [ 270.864792][ T8668] panic+0xca/0xd0 [ 270.864838][ T8668] ? __pfx_panic+0x10/0x10 [ 270.864885][ T8668] ? fbcon_prepare_logo+0xa03/0xc70 [ 270.864934][ T8668] ? preempt_schedule_common+0x44/0xc0 [ 270.864970][ T8668] ? preempt_schedule_thunk+0x16/0x30 [ 270.865023][ T8668] check_panic_on_warn+0xab/0xb0 [ 270.865075][ T8668] end_report+0x107/0x170 [ 270.865116][ T8668] kasan_report+0xee/0x110 [ 270.865166][ T8668] ? fbcon_prepare_logo+0xa03/0xc70 [ 270.865222][ T8668] kasan_check_range+0x100/0x1b0 [ 270.865273][ T8668] __asan_memcpy+0x23/0x60 [ 270.865308][ T8668] fbcon_prepare_logo+0xa03/0xc70 [ 270.865363][ T8668] fbcon_init+0xd77/0x1900 [ 270.865413][ T8668] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 270.865465][ T8668] visual_init+0x320/0x620 [ 270.865515][ T8668] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 270.865556][ T8668] store_bind+0x61d/0x760 [ 270.865590][ T8668] ? sysfs_file_kobj+0xe4/0x290 [ 270.865627][ T8668] ? __pfx_store_bind+0x10/0x10 [ 270.865658][ T8668] dev_attr_store+0x58/0x80 [ 270.865703][ T8668] ? __pfx_dev_attr_store+0x10/0x10 [ 270.865750][ T8668] sysfs_kf_write+0xf2/0x150 [ 270.865796][ T8668] kernfs_fop_write_iter+0x3af/0x570 [ 270.865850][ T8668] ? __pfx_sysfs_kf_write+0x10/0x10 [ 270.865889][ T8668] iter_file_splice_write+0xa24/0x12e0 [ 270.865935][ T8668] ? __pfx_iter_file_splice_write+0x10/0x10 [ 270.865973][ T8668] ? __pfx_copy_splice_read+0x10/0x10 [ 270.866039][ T8668] ? __pfx_iter_file_splice_write+0x10/0x10 [ 270.866076][ T8668] direct_splice_actor+0x192/0x6c0 [ 270.866110][ T8668] splice_direct_to_actor+0x345/0xa30 [ 270.866144][ T8668] ? __pfx_direct_splice_actor+0x10/0x10 [ 270.866180][ T8668] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 270.866230][ T8668] do_splice_direct+0x174/0x240 [ 270.866261][ T8668] ? __pfx_do_splice_direct+0x10/0x10 [ 270.866293][ T8668] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 270.866346][ T8668] ? rw_verify_area+0xcf/0x6c0 [ 270.866376][ T8668] do_sendfile+0xb06/0xe50 [ 270.866412][ T8668] ? __pfx_do_sendfile+0x10/0x10 [ 270.866450][ T8668] ? __x64_sys_futex+0x1e0/0x4c0 [ 270.866494][ T8668] ? __x64_sys_futex+0x1e9/0x4c0 [ 270.866539][ T8668] __x64_sys_sendfile64+0x1d8/0x220 [ 270.866584][ T8668] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 270.866634][ T8668] do_syscall_64+0xcd/0xfa0 [ 270.866673][ T8668] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.866706][ T8668] RIP: 0033:0x7f433078f6c9 [ 270.866733][ T8668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 270.866773][ T8668] RSP: 002b:00007f433155d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 270.866804][ T8668] RAX: ffffffffffffffda RBX: 00007f43309e6180 RCX: 00007f433078f6c9 [ 270.866825][ T8668] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000007 [ 270.866844][ T8668] RBP: 00007f4330811f91 R08: 0000000000000000 R09: 0000000000000000 [ 270.866865][ T8668] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 270.866886][ T8668] R13: 00007f43309e6218 R14: 00007f43309e6180 R15: 00007fffa5f4a988 [ 270.866918][ T8668] [ 270.867355][ T8668] Kernel Offset: disabled