last executing test programs: 15.291084345s ago: executing program 3 (id=264): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/arp\x00', 0x0, 0x0) ioctl$auto_proc_reg_file_ops_compat_inode(r0, 0x1, &(0x7f0000000000)="63bceb") 14.742008846s ago: executing program 3 (id=265): socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f0000000040)=0x2) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x1a, 0x0, 0xfffffffffffffffc, 0x696b}, 0x6}, 0x1, 0x9) r0 = socket(0xa, 0x5, 0x84) sendto$auto(r0, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/bond0/queues/tx-2/xps_cpus\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000100)=""/17, 0x11) 14.079052175s ago: executing program 3 (id=267): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x0, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x4000000000000000, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) madvise$auto(0x1afd, 0x7fffffff, 0x4) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) bpf$auto(0x2, &(0x7f0000000380)=@token_create={0x5315, r1}, 0x1) read$auto(0x3, 0x0, 0x80) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) 11.630492326s ago: executing program 3 (id=277): r0 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) write$auto_cachefiles_daemon_fops_internal(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="1b0026bd7000fbdbdf250300000004000800100003800c00038008000a00", @ANYRES32, @ANYBLOB="12000100898771f1c19f17790485908208000000040002"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) r4 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000080), 0x200040, 0x0) r5 = pidfd_getfd$auto(r0, r4, 0xb8e) sendto$auto(0x3, 0x0, 0x100000000, 0x40000008, 0x0, 0x19) prctl$auto(0x23, 0x7, 0x2008, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vxcan1\x00'}) ioctl$auto_BLKTRACESETUP2(r5, 0xc0481273, &(0x7f0000000180)={"2f5edb89fc0cd51e58dffd6c7da927d17236c22de88306425bf4746a18df4249", 0x8, 0x7, 0x3afe, 0xfffffffffffffe00, 0x0, 0xffffffffffffffff}) fcntl$auto(0x3, 0x4, r6) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) setsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0xeb9, 0x4b, 0x0, 0x7) write$auto(0x3, 0x0, 0xfffffdef) 10.381389319s ago: executing program 3 (id=283): r0 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000080), 0x1c9100, 0x0) mmap$auto(0x0, 0x53, 0xdf, 0x51, r0, 0x100000000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x80003, 0x300) socket(0x23, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x2, 0x1) connect$auto(r1, &(0x7f00000000c0)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x41}}, 0x55) io_uring_setup$auto(0x6, 0x0) connect$auto(r1, &(0x7f0000000000)=@l2tp={0x2, 0x0, @local, 0x1}, 0x7f) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) read$auto(0x3, 0x0, 0xf34) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/dfscache\x00', 0x101a41, 0x0) write$auto(r2, 0x0, 0x6) unshare$auto(0x40000080) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) madvise$auto(0x1afd, 0x7fffffff, 0x4) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) 5.879140674s ago: executing program 1 (id=292): r0 = open(&(0x7f0000000800)='./file1\x00', 0x22240, 0x154) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0x8, 0x2) r1 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x0, 0x0) write$auto(r1, &(0x7f0000008d40)='($}-)#@\x00', 0x3) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x10cc3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x8, 0x3a02, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x9, 0x0, 0x4000000000007, 0xa505}, 0x800}, 0x4, 0x4008) r2 = socket(0xf, 0xa, 0xf) setsockopt$auto(r2, 0x1, 0xc, 0x0, 0x7fffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) open(&(0x7f00000000c0)='./file0\x00', 0x22240, 0x154) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/asound/card1/pcm0c/sub4/sw_params\x00', 0x16240, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000200)=""/53, 0x35) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000300)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw \x96\x9ejh\xad\x9eEc\xae\x1e\x89\x92\x9a\xbbP[B\xae\x9cf)\x15\xac\x90)l\x06\xf0\t\x12\x05zz\xa6\xb3\xce=\x00\x00\x00\xf20/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7BU\xd0\x97\x7f1\x16\x99\x04\xabu/a0\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x84,\x06\xd3j\x99b\xe6\xf6Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12|\x97\xabB4J\xed+-\xf8u0/n\xcf\x8b\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9N:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x02\xfe\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xa2\xdd\xc5{\xfa\xe0\x90\x8f\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5\x94\xd0\xf5\xe7\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00') execveat$auto(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000340)='./file0\x00') arch_prctl$auto_ARCH_MAP_VDSO_64(0x2003, 0x5) write$auto(0xffffffffffffffff, &(0x7f0000000240)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\x03\x00\x00\x00\x00\x00\x00\x00\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x801) 5.765713126s ago: executing program 3 (id=294): socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000080), r0) sendmsg$auto_NL802154_CMD_GET_SEC_KEY(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="a3ff4abd7000fddbdf25160093"], 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x40c0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, 0x0, 0x123000, 0x0) r2 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/dynamic_events\x00', 0x80301, 0x0) write$auto_dynamic_events_ops_trace_dynevent(r2, &(0x7f0000000040)="6524b5aac083b05c1173a1174a", 0xd) setsockopt$auto(0xffffffffffffffff, 0x29, 0xfffffff8, 0x0, 0x808) madvise$auto(0x0, 0x2000040080000004, 0xe) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r3, &(0x7f0000000040)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) shmdt$auto(0x0) socket(0x7, 0x3, 0x2) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) syz_clone(0x2360411, 0x0, 0xf5ff, 0x0, 0x0, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) r7 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) ioctl$auto_TCFLSH2(r7, 0x540b, 0x0) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/uprobe_events\x00', 0x826000, 0x0) mmap$auto(0x0, 0x2004000e, 0x9, 0x9b72, 0x7, 0x28000) inotify_init1$auto(0x3000000000000) 5.68360061s ago: executing program 2 (id=295): socket$nl_generic(0x10, 0x3, 0x10) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2c, 0x800, 0x0) mmap$auto(0x0, 0x2000d, 0x3, 0xeb1, 0x404, 0x10008000) sysfs$auto(0x2, 0x1f, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x4010ae67, r1) close_range$auto(0x2, 0x8, 0x0) r2 = fsopen$auto(0x0, 0x1) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x50b880, 0x0) r3 = openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x8080, 0x0) read$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(r3, 0x0, 0x17) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3dd) mmap$auto(0x0, 0xa, 0xb7ed, 0xeb1, 0x0, 0x8002) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card1/pcm0p/sub0/xrun_injection\x00', 0x0, 0x0) write$auto_qrtr_tun_ops_tun(r2, &(0x7f0000000080)="ffa266dbc20a3734f85dbe070cc139ec3842045a87090700fbc3c3ee24f9c0231e697084e535469378959c6e2709a95df1fc97e9193bf13d6a1abcca4659f10a082b3b6759e200b3fbf0bed27d0020d9cb55a3c141dd4ab2d0eee21afaa5a298c5239d50c611e39c330a64cc33472ff87a3b4d43d1b7a9d8ee986fa652667bacb62ad2f2189e7f3a0b571a1dd3d070", 0x8f) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x6) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0xff) futex$auto(0x0, 0x3, 0x2, 0x0, 0x0, 0x71a8dce0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r4, 0x0, 0x6, 0x1ff) open(0x0, 0x161342, 0x130) 5.341641447s ago: executing program 0 (id=297): mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/ptp/ptp0/max_vclocks\x00', 0x103841, 0x0) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x89c1, 0x0) (async) read$auto(r0, 0x0, 0x20) (async) write$auto(0x3, 0x0, 0x100082) remap_file_pages$auto(0x16a27, 0x1000, 0x4f, 0x3, 0x3e) (async) r1 = open(&(0x7f00000004c0)='./file0\x00', 0x22240, 0x0) r2 = fcntl$auto(r1, 0x400, 0x1) (async, rerun: 64) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/seq/timer\x00', 0x28102, 0x0) (rerun: 64) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000001880)=""/4101, 0x1005) setreuid$auto(0x1, 0x3) (async) sigaltstack$auto(&(0x7f0000000180)={0x0, 0x80000001, 0x40b4}, 0x0) sigaltstack$auto(&(0x7f0000000080)={0x0, 0x401, 0x4}, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000140), r0) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r4, &(0x7f0000000400)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000b00)=ANY=[@ANYBLOB="28010000", @ANYRES16=r5, @ANYBLOB="20002cbd7000fbdbdf25010000001001028009013f8004002280040084800800c7231d32e91ee3593354943829003ef930504a39b1923d629053dce4e5a3b9cf449b60f6ab669faa885e5b2eb2dfe71a51db173a04f274b09e", @ANYRES32, @ANYBLOB="bf72db16836485762d427580c1428950ac74eac82354791aa6f51c3e29c549cb32a2ad1aabf7ed69b5e9d103cd18fdbf9bf90e228d721ca228a8908603841f6655f94468aaf12119720dfefd65fdb4d936cad4f8c7d6d0c7737a05a1a8f06cbcad0ed5e3f14929f65f8c57d729aed8c52812e07965c0d02587729e8cb86efcb9935ef36c949eb73a0f6929554d87a5228ab2242ed0c62f3fabff17a25ffcc44f70c403900d9de93d5d429f4af985588a5ff2df6b6875483b4b05c510eb55895d64456c7a485c21173c561dd59148b39d74a81530b49547237c0bc888323a29703eceb3080e767913c9b44b7a8cece5045f85898c1200000004000300"], 0x128}, 0x1, 0x0, 0x0, 0x200400c0}, 0x4008000) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x1d, 0x805, 0x2) (async) r6 = socket(0x2, 0x2, 0x0) munmap$auto(0xb, 0x1) setsockopt$auto(r6, 0x6638, 0xfffe, 0x0, 0x0) r7 = syz_clone3(&(0x7f0000000640)={0x8004080, &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300), {0x17}, &(0x7f0000000340)=""/33, 0x21, &(0x7f0000000580)=""/171, &(0x7f0000000380)=[0x0, 0xffffffffffffffff, 0x0], 0x3, {r2}}, 0x58) move_pages$auto(r7, 0x0, &(0x7f0000000780)=&(0x7f00000006c0)="e01aaa79af651ea88c97e74674279ef313e1d6a0d1840067e788d92d8de60e95a3c4db63fbeb861df69b47838f842f36664c613de59859b1da69f6c678e633d885501996a074eeb8d48232611d918a4849f019c333ea40b555d5f53cf4f49354db1cb2b3feb299c3e7c4af7c7cc3bc9bb1f65c48b34b7b7196e18dc608db55be4e641ad8e2a2d24eaecfcc7d7fe5b68a6b0dc18ac0c7ea6799e178cdf33208644db10e2158644a1a9887001d86d8ff42c6cb97dca8ec1ade33", &(0x7f00000007c0)=0xd, &(0x7f0000000800)=0x2, 0x1) (async) setgid$auto(0xee00) (async) r8 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/locks\x00', 0x0, 0x0) read$auto_proc_iter_file_ops_compat_inode(r8, &(0x7f0000000180)=""/250, 0xfa) utimes$auto(&(0x7f00000003c0)='./file0\x00', 0x0) 4.909077294s ago: executing program 2 (id=298): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = socket(0x2, 0x2, 0x0) r1 = openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/afs/stats\x00', 0x42500, 0x0) read$auto_proc_reg_file_ops_compat_inode(r2, &(0x7f0000001080)=""/244, 0xf4) mmap$auto(0x5, 0x6, 0x80000001, 0x14, r1, 0x9) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x8, 0xfffffefd, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x3, 0xd08, 0xc, 0xc, 0x4, 0x6d3f, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0xa, 0x2, 0x3a) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x1181, 0x0) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) r3 = socket$nl_generic(0x10, 0x3, 0x10) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x111b80, 0x0) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000100), 0x80, 0x0) ioctl$auto_UI_SET_EVBIT(r4, 0x40045564, &(0x7f00000001c0)) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r3, 0x0, 0x4000000) madvise$auto(0x100000000000000, 0x20499d, 0x9) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0x3, 0x40103e05, r5) r6 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f00000000c0), r0) sendmsg$auto_NFSD_CMD_LISTENER_GET(r5, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x14, r6, 0x400, 0x70bd25, 0x25dfdbff, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20000040}, 0x0) socket(0x11, 0x3, 0x2) 4.506870014s ago: executing program 0 (id=299): mmap$auto(0x0, 0x853, 0x2000000000000002, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000080)="8ce968f6d33e1d1a4f6a2f12f470f8cdb7dfeaf02768589362668247de44a359e8d9c13d4e52cc42ef43f1d4c965d3d505ad05f2c97a5541863adc5154e4028bdf351c0900000421cd3d73083f859a25a8b713916bb90e14883914f1b33ebd88ce433cff55ac") mmap$auto(0x0, 0x4020009, 0xdc, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto(0xffffffffffffffff, 0x4b4e, 0xffffffffffffffff) mmap$auto(0x0, 0x400404, 0xe3, 0x9b72, 0x2, 0x0) madvise$auto(0x110d230000, 0x1, 0x9) r1 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto(r1, 0x0, 0x80000000006) signalfd$auto(r1, 0x0, 0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000cc0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MPATH(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000280)=ANY=[@ANYBLOB="79bfcd14000000855fe3e12598cbc747c12665f5daefd4a29eb0492724f43eb07ab907bababd30da1ad6bb1701c1a618ad86b118b0fce2a7a31027bcc9e4a4d7d6f781f6055b32525a185e51127f2a3196fc536e0abdee", @ANYRES16=r3, @ANYBLOB="01032dbd7000fbdbdf2515000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048094) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="770e0000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf250300000008000600020000000c0014"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1000000000000001, 0x4, 0x5, 0x7fff) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) ioctl$auto_UI_END_FF_ERASE(0xffffffffffffffff, 0x400c55cb, &(0x7f0000000080)={0x130, 0x8, 0x10001}) r6 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) ioctl$auto_FBIOPUT_VSCREENINFO(r6, 0x4601, &(0x7f0000000080)) setgroups$auto(0x8, &(0x7f0000000000)=0x5) setsockopt$auto_SO_SELECT_ERR_QUEUE(r5, 0x8d52, 0x2d, &(0x7f00000004c0)='\"!,\\][-\x00', 0x8) r7 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r7, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)="5f1e00ad0f00c085c640", 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x7) write$auto_proc_mem_operations_base(r4, &(0x7f0000000400)="94c5be883ae7ee95e2bff5f990f6f7249475e8960bf6c1ee8796193bfbd249c19c9460ea0c1c18bb983b84aebb8629e8e9e25558c9bfeb22ed79fdab8065d67eec271b56d08971f043224fe7604598e2506e785c6318c1b7696b10324d1e7db02961facdf9fab2640716f07dd1c617dcb6f1bb648821a53f78be14a6dc8f336e92e389609b991019c180950ed085b91123", 0x91) 4.500314278s ago: executing program 1 (id=300): mmap$auto(0x0, 0x2, 0xe2, 0xeb1, 0x405, 0x8000) socket(0xa, 0x2, 0x73) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000000000008000) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000000c0)=ANY=[@ANYBLOB="361d5a270ea9abb065b5fa59a509ffa4cd58e2b070e1c60624050000000000000066b50f947503eb1c4d80d118ea4f07d6638bce727dc3ff75019212890f117fa40687a028d581e4534a4e065a6cae5855df3ac96e8ff5ad24567631549dd85d7cd17ac71c4dc5e8", @ANYRES16, @ANYBLOB="01002cbd7000fddbdf2502000000080001004a000000080002000b000000"], 0x24}}, 0x4000) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) write$auto(r1, &(0x7f0000000300)='*o\xd3\xa49.\xa9\xe4\xe17\x12\xb3Z\x17I\x82\xdc\xbeiw\xc1\xd1\x8d\x9b\r\x9aR\xe7\x9f\xd8\xab\x16`f\nT\xaa\xfap \xe6\xdaV\xdeD\x8dR5\xd2\xe58\n\xff\x19+\xeb\xb3+\xf1A\xa5\x95\x1fk\x1f\xff\x99gP\x9e\x88\x97]\x93\x01\xff\xff\xffp\x0e\xd4C\xdc\x84\v\xafz\xfd\r\xa3\xb2\xbb\xa4\xd9\xf2P\xa8\xe9\x8f\x13\xa7\x98\x85\xf8\v\aB\xfc\xfa\x14E\xb8y\x884<\xa7\xffyb\x8a\b\xbb\x1b\x13W\xe3\xf7\xd8\x83\xc9\xd7\x8c', 0x9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) getpid() sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000028c0)={0x0, 0x0, 0x0}, 0xc0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) 3.575658938s ago: executing program 2 (id=301): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/bdi/43:352/strict_limit\x00', 0x100b02, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) r1 = openat$auto_event_inject_fops_trace(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/inject\x00', 0x40482, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0xa, 0x2, 0x0) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_NEW_KEY(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000024c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="13042bbd7000fbdbdf650600000008000300", @ANYRES32=r6], 0x1c}, 0x1, 0x0, 0x0, 0x4804}, 0x80) r7 = setfsuid$auto(0xee00) setreuid$auto(r7, 0x0) r8 = getegid() r9 = waitid$auto_P_PGID(0x2, 0x0, &(0x7f0000000280)={@_si_pad}, 0x3, &(0x7f0000000440)={{0x8, 0x6}, {0x8, 0xc5e}, 0x100000001, 0x3, 0x1, 0xf9, 0xfffffffffffffffc, 0x5, 0x6274, 0x9, 0x0, 0xb, 0x35d, 0x439c, 0x9, 0x7}) shmctl$auto_SHM_STAT_ANY(0x0, 0xf, &(0x7f00000006c0)={{0x7, r7, r8, 0x4, 0x6, 0x81, 0x48d}, 0x1, 0x5, 0x8, 0x2, @inferred=r9, @raw=0x5, 0x5, 0x0, &(0x7f0000000500)="4f98c640887224e1536d4e40a39d3c81a9c6e8ae66bc479f7d92b6c649f07587e8084d4fd558d54a2ddca9c318eb050342e0fbb295dd58250b8d185616881413c9b3a8bbc9cb6f3059624b9d64d81f5b347672273ff0eac474a4fce025de7972a1b178c920727aab101d7741be7f42a7acc5ee4675ca2c96a2d08ca9a74b323f548afca84b63a71fb65c71061963f9693b6afa898480b20dc6d2e4f35f2381eabde6ac3f3b34948a7014878f346459ef0a11d7cb4fe7732d8d9e", 0x0}) sendmsg$auto_NL80211_CMD_TDLS_CHANNEL_SWITCH(r2, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000080)={&(0x7f0000000280)={0x590, r5, 0x20, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_BEACON_INTERVAL={0x8, 0xc, 0x7}, @NL80211_ATTR_BSS_SELECT={0x1c5, 0xe3, 0x0, 0x1, [@generic="739fcd5c1c9f17e9fb8e0a4d26536fe29777376899d6b71e47c19c511ced7db277096d676fd9052c96798cabd21bced7adad88df7219f7ec8dacc87d6950cb00b1029dd4830c30b72ef5d501a6eca3d06869ae68e32d9376539d8532f2a46d336d8251216f598d9fe9517fea6d00e197c450419819702150e7dad59b19eb1846694dffc718ddd7a0b9eedcd874924827dccdd908bbf3e48d2ec05f5c9b276829721759970e2f5db17a2dec1eeaaa4cf2f7a7563f4d5d5ad171ccb5ed810d942880f5377d4d308202", @generic="2c4083becff1482fb67ddc3a0e39e1cbf2d7036d3e7be8420037c687a342a990807ced9709cb17f1900e1d9f1210684ce1dd60506dc0b0d13d7c1a1ea049677b0ca54574b8f4bf4d89fe4f1d2dbff0acd4", @nested={0x76, 0x138, 0x0, 0x1, [@generic="77829c0386b1d00ef9c44c8eb341776914c8756091c570b8a188d0f5085e5f88a4fcc8bb8b9cfd095782a7808997ce064f1be9cf48b822a31a97bb173b32cfe0f8373464efa86d544600f1c9249da90bdc2c411c812d9836151e96df416a4f7d966e8a9d1fbf9a732b638531b945", @nested={0x4, 0x107}]}, @typed={0x8, 0x14e, 0x0, 0x0, @uid=r7}, @typed={0x14, 0xa7, 0x0, 0x0, @ipv6=@loopback}, @typed={0xc, 0xcc, 0x0, 0x0, @u64=0xa}, @typed={0x8, 0xdf, 0x0, 0x0, @u32=0x2b}]}, @NL80211_ATTR_MEASUREMENT_DURATION={0x6, 0xeb, 0xfffb}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x4}, @NL80211_ATTR_IE_ASSOC_RESP={0x399, 0x80, "9b313707840588f7e815f7c205be5fd2019a137f0e24318838159a9cc353c6e69fa934d0d0e745809ca99e9e3edde1c18187d04a9613ab50184d06e9d6ce4796988d49fc9604797a1a3614411d77fcb32be85c1345cc1b689c76e4edcfd565d4d429ebd07e83880ba14a1f45ecf993ad1499c63c573b67db9afe52687422fda13b96869a62848f0a454341e0379dce483a39cb58bb3111428951d87c4bdcd2aca56f8947dce62fc35629e7cae116e58926c775e421f5b70a4cfb33d0e11b6eff5d3d2abf5fa13905d3788744719703b0e8d445d7f2a03f73664e77bb1570ace502694005de830ba5130b96cb92e702a3879e824e372e8b2db28d2d9457a00acd1d2ffd780aa8f7797056a4ab65cb58685ecf1c8ab15b28bfa1830252dc88096c051fd312d4bcb70961e05f87bfa05de9e5737cf0b155271332d2641fd895a83a7e8803f6d4a65eaf6b83eb4dd40860f5902182bac20954b7448c6c61b46daceb2475c00349ef04db8efaf37619d104a9215897f33670c4a1ec5f5ad50db8b81257a7ef506dc9cf23783a0f70878d538125b1920a8ffb33d3dffc22223b5f8efb2ca1e521a7d8dc7a6cb327197c4b20c5e760a41ca9ebcd0068dddda7127b16af61866288c644234a67f02e68239a8ebf4d6b00e3e1bd39dde94b31782c94d20811e5c0e53636ce214cac1fd53d257a36140231b91fcdceb727d4ab9f8b6f323ee0d578a919e55d63ea2129854d5ba5d499daef521dcccd9517bcb4977aa9e50ce916502537fd4955ad399652d2bce453a78d277f297db9195a21aa4572549720ecd196bb12fcdc028dc3d198dfef966db4d6190612f05848d32b37969e1359fb27c82907c04b013dcd3c4f7120143fad8537f4cf287a783df12996b6c9e0b7a352562868db7cf0614a8afe99b3ee793a9928f185631919e7717e24e53ece24eb0f6fad290f09754e0af33e409a3712bae388b42beec34178f050a0f6efe21ff4eed331229f31f76f4b8723c9a1a6292b4828c2b9c42d1fbe48ba59a38a203bc955d406626871c77f212a2c6815fbdc0d42dd3d7c174778587224286ab110d220a69e4a0d9f4e9024e10e9f8cb670f9580555ba999fd0f0a95e1ef10ba1bb5a0212c49a4ff456d2a10d9f00262f7e5acde12fed43c67771b0a424f5abc27fa1e6bce79306023523cc25f0ec3d2d74f71fbf6e20ceea9d2a8f90bb582838e9bdb39cb24e24ae0969c89e78d79c61f67cb8cb4352da62e90aa2c1cf8e2bf92a8145cd594ac98cdf83d91d51b1555727c99d17cf46d9bd"}]}, 0x590}, 0x1, 0x0, 0x0, 0x10}, 0x4004001) writev$auto(r1, &(0x7f0000000000)={&(0x7f0000000000), 0x4}, 0x2) 3.498427991s ago: executing program 1 (id=302): ioctl$auto_SNAPSHOT_SET_SWAP_AREA(0xffffffffffffffff, 0x400c330d, &(0x7f0000000000)={0x6}) mmap$auto(0x0, 0x40000400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0x1a3002, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket(0x11, 0x3, 0x9) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, 0x0, 0x8402, 0x0) read$auto(r0, 0x0, 0x3cde) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) write$auto_seq_oss_f_ops_seq_oss(r1, &(0x7f0000000040)="5f74ab2fc43781e047140a5cbc3ac5229b90633d9cddda9efb1f2c3d5d1e63f3fb5acf079b9336319d009cb514679a42eaca52b81c166d19625dfd3c26ece6542f2fb29712f4fb9072fc432b4cf3e6f5a7f3c9f91ee88ba5fa11d48fd3658e8f44f8423b4cd02bbec912ed34f9f4b19b03d4c62b24ede44c0c76c34edf7bde061903c2ee4c64110ac668239fa53ba42933ae74c3d173663248ff0945dd2e405e0d378b5a8e4643a7bc3b35a7248431450ca8901467ea6dc5d86de1e90f869f6a04ac10043676f3b2c7f1339b2d7468133fb8447d17846b6b78079ecc31d7d0f74caa4a3db1ac4d312bfdb34bd331f1f771a2396108561a52153d63a7b2a3a077a7e4c1a22bcb23e1f3e511fee310baa67904d2aad4d6671e8b77c7720e37e84e0efecb60a35f188cbe8b8b2fb3967b78aa482aabb103f23083baa9b2ae653731d5993db4054233dea4af25795e12eb4d6b046bdeea6adce8626e0def15dd32b0ec16a85d93e1dea980794033f4b46973062c64c0209f9d3efc6ea7704c8e8dfea8cdfbe2cb1e367bf634a1952190e0660994f79f0c622d47ee8f93ce1c2852db907ae68a29bcc960b26e0e634173287fd012c4bb3063c41d35c92e896b44080bc5a98e90907cd1d01cc0708019cc1c93c71f29bfe841c873ad2aa0565dfaeb86c8b8e58ea2075de2a562ba1b5dc4ca452df21f25453b7c7f9a3e31547f4e803cefbac3b94715f2ab1f9fc66570244472f2f29deb9bdf6dc5b18d54e3c2264f9598f2ea749d170a66d351acf003c3f37fe74a09a8a964ce2818e4b4efd1eb0e3bca5dfd2a053eeb5735b96d282d2e03866bd6581b5e5e541c74f0b92b932b234ac117342f156b4b23fc6dcbc92ada00ce404f54443b6e7fdac9acb79e5258a865ced633ff5356d13a3e9923bcd8e6d177c9fb8618f9393798d90d70c78207e40f95bb2b0a9308f29f4331bbdfc1021dface5a740473b462c47286fee1c9d0036c78134e108b5b218d3022fd277e1cdf0cdf8cd4b37d74c8dd47e00e50fcf8d336978a0e7624f94b8fdcd1c9459201231f343c7cb602083aa5e1aea8974a9e22d77cb94cae6c89e239bacfe656d9b0948de480ce2ba3b4dbcb180089d5eb0f8f481e02f7d4628e9134b6e52881572a398e4edd6f01f90983826d721dddc7d4ba3f293288ba54f696fa25cc2f8721c3e380dd04bf05801f90019498601fcbcea6aa6a2d7983e6823f480185ef9c3b4ed19c4f94c108067c89d69bc4e0da0112280ecd0caff8a454fb3e6655dc6a35cdd053aef882e403458754f5e84bd2210f18a61106af8c5a2c18dc48ff87cfda6d545014009a167570f0550e5121d0bdf4b20a1177b708e5515ee33db3baf29633440999ddd36eb0299a1efcd8934ab60c1a88d9db6fa0d2b3f0bf12e87630e0dc5eddca8f291ad85141391e6f9fe56ee4ddb39a1ac7a573cb69ec14f012ea0b721df3ea40747d1130a61802e859519ae1bc5a3673105fa87485f88b8981a3a208a3576848c2df152a023f5e573c867b43b10247336b110956eb28e5288d7aa19219e8324857cdf6d17530385720afd5a1ffd23aa1bd061b73caafa05afdd1441040989d081814635347f1d55669b1c38be4698e3a085e2010e35d2747b4e39ef4920f58d6b4585d737c13221a44ad5543099bb0ab228722ef9cbc0d621178012495837d6a220eeaaf498ccc01", 0xfe04) 3.192687395s ago: executing program 2 (id=303): syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) waitid$auto_P_ALL(0x0, 0x3b000, &(0x7f0000000280)={@siginfo_0_0={0x200, 0x0, 0x6, @_rt={0xffffffffffffffff, 0xee00, @sival_ptr=&(0x7f0000000200)="d6d36a9264dc4e5dc34083c1e1737f8d450996c3"}}}, 0x3, 0x0) ioctl$auto_FS_IOC_RESVSP64(r1, 0x4030582a, 0xc35) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0x2003f2, 0x13) madvise$auto(0x0, 0x200007, 0x1d) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x29, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram0\x00', 0x60782, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7, 0x21, 0x4909b6f5, 0x1, 0x7, 0x3, 0x9, 0x6, 0x3, 0x4, 0x2, 0xb4, 0x9, 0x208, 0x10003, 0x80, 0x3, 0x80, 0xa, 0x22000, 0x200, 0x7, 0x84, 0x0, 0x9, 0xfffbffff, 0x0, 0x0, [0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1f, 0x0, 0x2, 0x100000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x0, 0x2, 0x0, 0x0, 0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000000]}, 0x3, 0xd) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYBLOB='^\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_BLKZEROOUT(r3, 0x127f, 0x0) 2.255078286s ago: executing program 0 (id=304): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) ioctl$auto(r0, 0x5646, r0) readv$auto(0x3, &(0x7f0000000600)={0x0, 0x4}, 0x1da) 2.175819611s ago: executing program 1 (id=305): mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0) read$auto(r0, 0x0, 0x20) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f00000001c0), 0x40100, 0x0) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0x2) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto(r2, 0xc10c5541, r1) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) r4 = landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) setsockopt$auto_SO_RCVBUF(r0, 0x5, 0x8, 0x0, 0x8ee) landlock_restrict_self$auto(r4, 0x3) close_range$auto(0x2, 0xa, 0x0) 1.915151613s ago: executing program 1 (id=306): r0 = openat$auto_fops_atomic_t_ro_(0xffffffffffffff9c, &(0x7f0000000180), 0xe0142, 0x0) bpf$auto_BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000340)=@iter_create={r0, 0x89ce}, 0x0) getdents64$auto(0x0, 0x0, 0x7ff) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) mmap$auto(0x0, 0x800000020009, 0x4000000000df, 0x7f, 0x1, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x48041, 0x0) lseek$auto(0x3, 0x4000000000008, 0x1) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x1a6b75d63882a712, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x82102, 0x0) openat$auto_tracing_free_buffer_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/tracing/free_buffer\x00', 0x0, 0xebff) close_range$auto(0x2, 0x8, 0x0) 1.306432836s ago: executing program 1 (id=307): statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0xb5f0, 0x7352, 0x3a, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0x9, 0x7, 0x80000006, 0x4, 0xb4, 0x3, 0x9, 0x10003, 0x80, 0x8, 0x0, 0x7, 0x2000, 0x3, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, [0xc, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x1fe, 0xd) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x2, 0x801, 0x84) mmap$auto(0x0, 0x3, 0xb, 0x3132, 0x4008df3, 0x0) r1 = socket(0x2, 0x3, 0x1) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x7, @local}, 0x55) capget$auto(0x0, 0xfffffffffffffffe) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x8) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = socket(0x10, 0x2, 0x0) r3 = syz_genetlink_get_family_id$auto_nl80211(0x0, r0) sendmsg$auto_NL80211_CMD_GET_KEY(r1, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="a4000000", @ANYRES16=r3, @ANYBLOB="000429bd7000ffdbdf25090000007900cd00f799a40fad1cd8d134795cffe581b698902b96aa3aad38ade877ba07662eb821c3ae9bcfb91bb0c4cd81204e9be6649f7486d50b6aaccd55f861080ba40dabebe47f61cfb1ba1d08d2b6b3d16bde8e14f02680aae1c9eaa9754c4e3093e57d347a734d52010d1726ea8d44602a740f363c089666870000000c00328005000100020000000600120103000000b6e6bc3109b280652cd9727e79f785cf7615757abfa84c9b7573d35a3767fba2f2e04ac30cd8f624cb6c3889eeada745664a40173cfb3147b4b5804e35854563cf62b192103f30b22fb5e954addfb96d0b27478a7a04dbfb2c490a5abf7cd29d641bced737ed787cabd645603f50054771"], 0xa4}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/007/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r4, 0x802c550a, &(0x7f0000000300)=ANY=[@ANYBLOB="020000060000e6ff040000000100400008"]) ioctl$auto(r4, 0x4008550c, 0xffffffffffffffff) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1f, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) socket(0x10, 0x2, 0x0) prctl$auto(0x1000000001c, 0x5, 0x100000000, 0x400000000009, 0x3fffffffff) setresuid$auto(0x8, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/saved_tgids\x00', 0x0, 0x0) inotify_init1$auto(0x3000000000000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x2c, 0x940, 0x7ff, 0x3, 0x6, 0x2, 0x9, 0x5, 0x2, 0x4, 0xb0, 0x7, 0x2, 0x3, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400]}, 0x1fe, 0x7) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/event2\x00', 0x300, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) socket(0x10, 0x2, 0x0) 1.052756803s ago: executing program 0 (id=308): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000001c0), 0xffffffffffffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) getsockopt$auto_SO_SNDBUF(r0, 0xfffffffc, 0x7, &(0x7f0000000080)='\x00', &(0x7f00000000c0)=0x4) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) open(0x0, 0xceec2, 0xe9) move_pages$auto(0x0, 0x5, 0xfffffffffffffffe, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, r1, 0x8000) r2 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r3 = getsockopt$auto(0x3, 0x200000000001, 0x1d, 0x0, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000140), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1bf60000", @ANYRES16=r4, @ANYBLOB="010029bd7000fedbdf250400000006000b002c290000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000060}, 0x0) syz_genetlink_get_family_id$auto_ioam6(0x0, r5) r6 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), r2) sendmsg$auto_BATADV_CMD_GET_MCAST_FLAGS(r3, &(0x7f0000000340)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x54, r6, 0x312, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x8000}, @BATADV_ATTR_BANDWIDTH_UP={0x8, 0x1b, 0x200}, @BATADV_ATTR_DAT_CACHE_VID={0x6, 0x25, 0x7}, @BATADV_ATTR_TT_ADDRESS={0xa, 0x10, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2f}}, @BATADV_ATTR_BLA_BACKBONE={0xa}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0xd79}, @BATADV_ATTR_TT_FLAGS={0x8, 0x15, 0x1dc1}]}, 0x54}, 0x1, 0x0, 0x0, 0x64000000}, 0x8804) timer_create$auto(0xa, 0x0, 0x0) unshare$auto(0x40000080) 572.803935ms ago: executing program 2 (id=309): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x9) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) munmap$auto(0x1, 0x9) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x0, 0x30, 0x0, 0x10001) capset$auto(&(0x7f00000000c0)={0x6, 0x0}, &(0x7f0000000100)={0x8, 0x9, 0x2}) prctl$auto(0x400, 0x101, r0, 0x80000000, 0x2) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="000029bd7000dcdbdf25040000000800060006000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000060}, 0x0) sendmsg$auto_NL80211_CMD_SET_FILS_AAD(r2, 0x0, 0x1) epoll_ctl$auto(0xffffffffffffffff, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) prctl$auto(0x16, 0x2, 0x2, 0x4000000d, 0x100) socket(0x1, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6b) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 234.974017ms ago: executing program 0 (id=310): syz_genetlink_get_family_id$auto_smc_pnetid(0xfffffffffffffffc, 0xffffffffffffffff) r0 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000008140)='/sys/kernel/debug/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x80100, 0x0) read$auto_tracing_entries_fops_trace(r0, 0x0, 0x0) r1 = openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000008140)='/sys/kernel/debug/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x80100, 0x0) read$auto_tracing_entries_fops_trace(r1, 0x0, 0x0) 101.608165ms ago: executing program 0 (id=311): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b4d", 0x7) 0s ago: executing program 2 (id=312): mmap$auto(0x0, 0x20005, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008", @ANYRES32=0x0, @ANYBLOB="04001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="1100"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x1f, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.2' (ED25519) to the list of known hosts. [ 84.498847][ T5817] cgroup: Unknown subsys name 'net' [ 84.669600][ T5817] cgroup: Unknown subsys name 'cpuset' [ 84.681114][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 86.937534][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 90.052570][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 90.063724][ T5846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 90.080777][ T5845] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 90.086423][ T5846] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 90.111470][ T5848] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 90.120593][ T5846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 90.129107][ T5845] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 90.130484][ T5846] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 90.144321][ T5848] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 90.153260][ T5845] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 90.154202][ T5846] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 90.168916][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 90.178232][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 90.186399][ T5850] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 90.195608][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 90.204060][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 90.213398][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 90.222076][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 90.237772][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 90.248775][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 90.796823][ T5836] chnl_net:caif_netlink_parms(): no params data found [ 90.875105][ T5834] chnl_net:caif_netlink_parms(): no params data found [ 91.082553][ T5836] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.094331][ T5836] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.103166][ T5836] bridge_slave_0: entered allmulticast mode [ 91.112387][ T5836] bridge_slave_0: entered promiscuous mode [ 91.126747][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 91.160357][ T5836] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.168671][ T5836] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.177072][ T5836] bridge_slave_1: entered allmulticast mode [ 91.184834][ T5836] bridge_slave_1: entered promiscuous mode [ 91.220056][ T5834] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.227896][ T5834] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.236351][ T5834] bridge_slave_0: entered allmulticast mode [ 91.245031][ T5834] bridge_slave_0: entered promiscuous mode [ 91.271641][ T5833] chnl_net:caif_netlink_parms(): no params data found [ 91.283305][ T5834] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.292792][ T5834] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.301849][ T5834] bridge_slave_1: entered allmulticast mode [ 91.310362][ T5834] bridge_slave_1: entered promiscuous mode [ 91.366528][ T5836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.412938][ T5836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.448352][ T5834] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 91.490635][ T5834] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 91.549589][ T5836] team0: Port device team_slave_0 added [ 91.600810][ T5836] team0: Port device team_slave_1 added [ 91.610806][ T5834] team0: Port device team_slave_0 added [ 91.618706][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.628590][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.639560][ T5835] bridge_slave_0: entered allmulticast mode [ 91.647413][ T5835] bridge_slave_0: entered promiscuous mode [ 91.693983][ T5834] team0: Port device team_slave_1 added [ 91.701646][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.710860][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.718415][ T5835] bridge_slave_1: entered allmulticast mode [ 91.726750][ T5835] bridge_slave_1: entered promiscuous mode [ 91.793322][ T5833] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.801054][ T5833] bridge0: port 1(bridge_slave_0) entered disabled state [ 91.808594][ T5833] bridge_slave_0: entered allmulticast mode [ 91.816550][ T5833] bridge_slave_0: entered promiscuous mode [ 91.824689][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 91.831938][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.862368][ T5836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 91.902694][ T5833] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.911386][ T5833] bridge0: port 2(bridge_slave_1) entered disabled state [ 91.920287][ T5833] bridge_slave_1: entered allmulticast mode [ 91.927712][ T5833] bridge_slave_1: entered promiscuous mode [ 91.937851][ T5836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 91.946281][ T5836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 91.984526][ T5836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.002621][ T1072] cfg80211: failed to load regulatory.db [ 92.013330][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.023024][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.061664][ T5834] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.077121][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.118771][ T5834] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.126425][ T5834] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.157638][ T5834] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.174178][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.189087][ T5833] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 92.203453][ T5833] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 92.236400][ T5840] Bluetooth: hci3: command tx timeout [ 92.305860][ T5150] Bluetooth: hci2: command tx timeout [ 92.311956][ T5150] Bluetooth: hci1: command tx timeout [ 92.315184][ T5840] Bluetooth: hci0: command tx timeout [ 92.339685][ T5833] team0: Port device team_slave_0 added [ 92.348317][ T5835] team0: Port device team_slave_0 added [ 92.356992][ T5833] team0: Port device team_slave_1 added [ 92.370385][ T5836] hsr_slave_0: entered promiscuous mode [ 92.380189][ T5836] hsr_slave_1: entered promiscuous mode [ 92.430578][ T5835] team0: Port device team_slave_1 added [ 92.460935][ T5834] hsr_slave_0: entered promiscuous mode [ 92.467917][ T5834] hsr_slave_1: entered promiscuous mode [ 92.478726][ T5834] debugfs: 'hsr0' already exists in 'hsr' [ 92.487597][ T5834] Cannot create hsr debugfs directory [ 92.496805][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.504509][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.536986][ T5833] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.554039][ T5833] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.562850][ T5833] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.591451][ T5833] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.644382][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 92.653412][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.693101][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 92.759384][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 92.768055][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 92.802740][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 92.930086][ T5833] hsr_slave_0: entered promiscuous mode [ 92.939345][ T5833] hsr_slave_1: entered promiscuous mode [ 92.948108][ T5833] debugfs: 'hsr0' already exists in 'hsr' [ 92.954595][ T5833] Cannot create hsr debugfs directory [ 93.069844][ T5835] hsr_slave_0: entered promiscuous mode [ 93.078429][ T5835] hsr_slave_1: entered promiscuous mode [ 93.085376][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 93.091860][ T5835] Cannot create hsr debugfs directory [ 93.397334][ T5836] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 93.419158][ T5836] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 93.456955][ T5836] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 93.469056][ T5836] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 93.527551][ T5834] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 93.549642][ T5834] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 93.563347][ T5834] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 93.586857][ T5834] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 93.688832][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 93.712287][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 93.736634][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 93.749812][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 93.867165][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 93.882404][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 93.900375][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 93.917534][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 93.945160][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.039943][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.074511][ T5834] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.084545][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.093512][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.106261][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.114160][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.187275][ T5834] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.229207][ T1011] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.236686][ T1011] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.257959][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.272421][ T3568] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.282782][ T3568] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.305711][ T5840] Bluetooth: hci3: command tx timeout [ 94.359795][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.385621][ T5840] Bluetooth: hci1: command tx timeout [ 94.386326][ T5150] Bluetooth: hci2: command tx timeout [ 94.396263][ T5840] Bluetooth: hci0: command tx timeout [ 94.402187][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 94.429242][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.436821][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.448692][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.458808][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.608882][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 94.677336][ T1152] bridge0: port 1(bridge_slave_0) entered blocking state [ 94.693575][ T1152] bridge0: port 1(bridge_slave_0) entered forwarding state [ 94.741102][ T1152] bridge0: port 2(bridge_slave_1) entered blocking state [ 94.749121][ T1152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 94.908876][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.070694][ T5834] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.080299][ T5836] veth0_vlan: entered promiscuous mode [ 95.108095][ T5836] veth1_vlan: entered promiscuous mode [ 95.177617][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.284837][ T5834] veth0_vlan: entered promiscuous mode [ 95.295822][ T5836] veth0_macvtap: entered promiscuous mode [ 95.334774][ T5836] veth1_macvtap: entered promiscuous mode [ 95.368247][ T5834] veth1_vlan: entered promiscuous mode [ 95.380647][ T5833] veth0_vlan: entered promiscuous mode [ 95.404938][ T5833] veth1_vlan: entered promiscuous mode [ 95.422752][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 95.490286][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.522004][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.530595][ T5834] veth0_macvtap: entered promiscuous mode [ 95.562453][ T1011] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.573770][ T1011] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.591886][ T5834] veth1_macvtap: entered promiscuous mode [ 95.603301][ T1011] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.614163][ T1011] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.650347][ T5833] veth0_macvtap: entered promiscuous mode [ 95.676901][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.689112][ T5833] veth1_macvtap: entered promiscuous mode [ 95.702443][ T5835] veth0_vlan: entered promiscuous mode [ 95.728093][ T5834] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.750331][ T5835] veth1_vlan: entered promiscuous mode [ 95.803983][ T1152] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.830914][ T1152] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.842160][ T1152] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.869772][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 95.884189][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 95.893680][ T1152] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.908578][ T1152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 95.923983][ T1152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 95.933217][ T1011] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.963229][ T1011] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 95.977878][ T1011] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.018655][ T1011] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.064587][ T5835] veth0_macvtap: entered promiscuous mode [ 96.084792][ T1011] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.096411][ T5835] veth1_macvtap: entered promiscuous mode [ 96.104095][ T1011] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.124918][ T1011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.139405][ T1011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.221642][ T1011] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.237635][ T1011] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.292492][ T5836] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 96.314681][ T3568] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.336702][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 96.344995][ T3568] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.383548][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 96.400859][ T5840] Bluetooth: hci3: command tx timeout [ 96.466288][ T5840] Bluetooth: hci2: command tx timeout [ 96.470448][ T1011] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.471991][ T5840] Bluetooth: hci0: command tx timeout [ 96.482188][ T5150] Bluetooth: hci1: command tx timeout [ 96.516570][ T1011] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.599794][ T1011] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.618417][ T1152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.635362][ T1152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 96.643881][ T1011] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 96.942412][ T1152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 96.965862][ T1152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.073530][ T5939] FAULT_INJECTION: forcing a failure. [ 97.073530][ T5939] name failslab, interval 1, probability 0, space 0, times 1 [ 97.089274][ T5939] CPU: 0 UID: 0 PID: 5939 Comm: syz.3.7 Not tainted syzkaller #0 PREEMPT(full) [ 97.089308][ T5939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 97.089327][ T5939] Call Trace: [ 97.089336][ T5939] [ 97.089346][ T5939] dump_stack_lvl+0x16c/0x1f0 [ 97.089386][ T5939] should_fail_ex+0x512/0x640 [ 97.089421][ T5939] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 97.089450][ T5939] should_failslab+0xc2/0x120 [ 97.089483][ T5939] kmem_cache_alloc_noprof+0x75/0x6e0 [ 97.089508][ T5939] ? acpi_ut_create_generic_state+0x61/0xc0 [ 97.089553][ T5939] ? acpi_ut_create_generic_state+0x61/0xc0 [ 97.089588][ T5939] acpi_ut_create_generic_state+0x61/0xc0 [ 97.089624][ T5939] acpi_ps_init_scope+0x3a/0x240 [ 97.089649][ T5939] acpi_ds_init_aml_walk+0x1f6/0x680 [ 97.089692][ T5939] acpi_ds_call_control_method+0x3a2/0xab0 [ 97.089731][ T5939] acpi_ps_parse_aml+0xab3/0x1170 [ 97.089775][ T5939] acpi_ps_execute_method+0x5c4/0xe90 [ 97.089809][ T5939] acpi_ns_evaluate+0x98c/0x16d0 [ 97.089846][ T5939] acpi_evaluate_object+0x4ca/0xdf0 [ 97.089888][ T5939] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 97.089922][ T5939] ? __mutex_trylock_common+0xe9/0x250 [ 97.089963][ T5939] acpi_evaluate_integer+0xdd/0x200 [ 97.089993][ T5939] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 97.090039][ T5939] ? __pfx_status_show+0x10/0x10 [ 97.090071][ T5939] status_show+0xa0/0x120 [ 97.090103][ T5939] ? __pfx_status_show+0x10/0x10 [ 97.090146][ T5939] dev_attr_show+0x56/0xe0 [ 97.090190][ T5939] ? __pfx_dev_attr_show+0x10/0x10 [ 97.090221][ T5939] sysfs_kf_seq_show+0x216/0x3e0 [ 97.090257][ T5939] seq_read_iter+0x50e/0x12d0 [ 97.090312][ T5939] kernfs_fop_read_iter+0x46c/0x610 [ 97.090337][ T5939] ? rw_verify_area+0xcf/0x6c0 [ 97.090365][ T5939] vfs_read+0x8bf/0xcf0 [ 97.090396][ T5939] ? __pfx___mutex_lock+0x10/0x10 [ 97.090427][ T5939] ? __pfx_vfs_read+0x10/0x10 [ 97.090479][ T5939] ksys_read+0x12a/0x250 [ 97.090505][ T5939] ? __pfx_ksys_read+0x10/0x10 [ 97.090543][ T5939] do_syscall_64+0xcd/0xfa0 [ 97.090576][ T5939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.090601][ T5939] RIP: 0033:0x7f27a7f8f749 [ 97.090627][ T5939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.090648][ T5939] RSP: 002b:00007f27a8dea038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 97.090673][ T5939] RAX: ffffffffffffffda RBX: 00007f27a81e5fa0 RCX: 00007f27a7f8f749 [ 97.090689][ T5939] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000003 [ 97.090703][ T5939] RBP: 00007f27a8dea090 R08: 0000000000000000 R09: 0000000000000000 [ 97.090717][ T5939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 97.090731][ T5939] R13: 00007f27a81e6038 R14: 00007f27a81e5fa0 R15: 00007ffed8397118 [ 97.090785][ T5939] [ 97.091040][ T5939] ACPI Error: [ 97.173281][ T3568] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 97.328702][ T5939] Aborting method [ 97.338293][ T3568] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 97.357459][ T5939] \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250807/psparse-529) [ 97.502819][ T5944] Zero length message leads to an empty skb [ 97.509676][ T5850] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 97.509711][ T5850] Bluetooth: hci3: unexpected subevent 0x0e length: 725 > 15 [ 97.536125][ T5850] Bluetooth: hci3: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 97.539057][ T5943] process 'syz.1.2' launched './file0' with NULL argv: empty string added [ 98.475353][ T5850] Bluetooth: hci3: command tx timeout [ 98.561747][ T5850] Bluetooth: hci0: command tx timeout [ 98.561768][ T5150] Bluetooth: hci2: command tx timeout [ 98.567651][ T5850] Bluetooth: hci1: command tx timeout [ 98.668135][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 98.854303][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 99.059174][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 99.161251][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 99.186369][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 99.520877][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.533226][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.543652][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.553774][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 99.949349][ T5980] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 100.055692][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.400032][ T5975] ubi0: attaching mtd0 [ 100.407353][ T5987] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 100.429772][ T5975] ubi0: scanning is finished [ 100.438354][ T5975] ubi0: empty MTD device detected [ 100.452130][ T5987] FAULT_INJECTION: forcing a failure. [ 100.452130][ T5987] name failslab, interval 1, probability 0, space 0, times 0 [ 100.473622][ T5987] CPU: 0 UID: 0 PID: 5987 Comm: syz.2.18 Not tainted syzkaller #0 PREEMPT(full) [ 100.473656][ T5987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 100.473671][ T5987] Call Trace: [ 100.473681][ T5987] [ 100.473691][ T5987] dump_stack_lvl+0x16c/0x1f0 [ 100.473727][ T5987] should_fail_ex+0x512/0x640 [ 100.473773][ T5987] ? fs_reclaim_acquire+0xae/0x150 [ 100.473824][ T5987] should_failslab+0xc2/0x120 [ 100.473854][ T5987] __kmalloc_noprof+0xdd/0x880 [ 100.473890][ T5987] ? tomoyo_encode2+0x100/0x3e0 [ 100.473922][ T5987] ? tomoyo_encode2+0x100/0x3e0 [ 100.473946][ T5987] tomoyo_encode2+0x100/0x3e0 [ 100.473976][ T5987] tomoyo_encode+0x29/0x50 [ 100.474000][ T5987] tomoyo_realpath_from_path+0x18f/0x6e0 [ 100.474037][ T5987] tomoyo_path_number_perm+0x245/0x580 [ 100.474063][ T5987] ? tomoyo_path_number_perm+0x237/0x580 [ 100.474098][ T5987] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 100.474122][ T5987] ? find_held_lock+0x2b/0x80 [ 100.474178][ T5987] ? find_held_lock+0x2b/0x80 [ 100.474201][ T5987] ? hook_file_ioctl_common+0x145/0x410 [ 100.474233][ T5987] ? __fget_files+0x20e/0x3c0 [ 100.474262][ T5987] security_file_ioctl+0x9b/0x240 [ 100.474288][ T5987] __x64_sys_ioctl+0xb7/0x210 [ 100.474324][ T5987] do_syscall_64+0xcd/0xfa0 [ 100.474355][ T5987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.474379][ T5987] RIP: 0033:0x7fc7c118f749 [ 100.474399][ T5987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.474420][ T5987] RSP: 002b:00007fc7c2012038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 100.474443][ T5987] RAX: ffffffffffffffda RBX: 00007fc7c13e5fa0 RCX: 00007fc7c118f749 [ 100.474459][ T5987] RDX: 0000200000000100 RSI: 000000008038550a RDI: 0000000000000005 [ 100.474480][ T5987] RBP: 00007fc7c2012090 R08: 0000000000000000 R09: 0000000000000000 [ 100.474493][ T5987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 100.474505][ T5987] R13: 00007fc7c13e6038 R14: 00007fc7c13e5fa0 R15: 00007fffb255fcd8 [ 100.474539][ T5987] [ 100.474569][ T5987] ERROR: Out of memory at tomoyo_realpath_from_path. [ 100.955587][ T5990] netlink: 8 bytes leftover after parsing attributes in process `syz.2.19'. [ 100.998827][ T5975] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 101.037409][ T5975] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 101.050709][ T5975] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 101.061113][ T5975] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 101.069454][ T5975] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 101.076997][ T5975] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 101.098401][ T5975] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 811349016 [ 101.125760][ T5975] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 101.178992][ T5995] ovs_: entered promiscuous mode [ 101.188236][ T5980] ubi0: detaching mtd0 [ 101.193750][ T5991] ubi0: background thread "ubi_bgt0d" started, PID 5991 [ 101.250123][ T5980] ubi0: mtd0 is detached [ 101.754430][ T30] audit: type=1800 audit(1763779154.353:2): pid=6005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.23" name="dbroot" dev="configfs" ino=8434 res=0 errno=0 [ 101.803650][ T6005] db_root: not a directory: /dev/audio1 [ 102.606691][ T6019] ovs_: entered promiscuous mode [ 105.420127][ T6058] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 105.635079][ T6063] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 105.761632][ T6073] mmap: syz.0.37 (6073) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 106.161617][ T6054] warning: `syz.1.33' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 106.381112][ T6068] syz.3.36 (6068) used greatest stack depth: 18968 bytes left [ 106.444475][ T6076] zswap: compressor - not available [ 106.685441][ T6085] zswap: compressor not available [ 106.769748][ T6094] ICMPv6: process `syz.2.42' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 106.791592][ T6076] FAULT_INJECTION: forcing a failure. [ 106.791592][ T6076] name failslab, interval 1, probability 0, space 0, times 0 [ 106.817564][ T6076] CPU: 1 UID: 0 PID: 6076 Comm: syz.0.38 Not tainted syzkaller #0 PREEMPT(full) [ 106.817694][ T6076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 106.817714][ T6076] Call Trace: [ 106.817727][ T6076] [ 106.817740][ T6076] dump_stack_lvl+0x16c/0x1f0 [ 106.817771][ T6076] should_fail_ex+0x512/0x640 [ 106.817797][ T6076] ? __kmalloc_noprof+0xca/0x880 [ 106.817827][ T6076] should_failslab+0xc2/0x120 [ 106.817850][ T6076] __kmalloc_noprof+0xdd/0x880 [ 106.817872][ T6076] ? __register_sysctl_table+0xb3/0x1900 [ 106.817899][ T6076] ? __register_sysctl_table+0xb3/0x1900 [ 106.817919][ T6076] __register_sysctl_table+0xb3/0x1900 [ 106.817940][ T6076] ? is_module_address+0x5f/0xf0 [ 106.817969][ T6076] ? __pfx___register_sysctl_table+0x10/0x10 [ 106.817990][ T6076] ? is_module_address+0x69/0xf0 [ 106.818008][ T6076] ? register_net_sysctl_sz+0x228/0x3e0 [ 106.818035][ T6076] __devinet_sysctl_register+0x1b9/0x360 [ 106.818068][ T6076] ? rcu_is_watching+0x12/0xc0 [ 106.818086][ T6076] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 106.818108][ T6076] ? __kmalloc_node_track_caller_noprof+0x362/0x8a0 [ 106.818133][ T6076] ? __asan_memcpy+0x3c/0x60 [ 106.818150][ T6076] devinet_init_net+0x315/0x910 [ 106.818170][ T6076] ? __pfx_devinet_init_net+0x10/0x10 [ 106.818187][ T6076] ops_init+0x1e2/0x5f0 [ 106.818207][ T6076] setup_net+0x100/0x390 [ 106.818223][ T6076] ? __pfx_setup_net+0x10/0x10 [ 106.818239][ T6076] ? debug_mutex_init+0x37/0x70 [ 106.818257][ T6076] copy_net_ns+0x2f8/0x690 [ 106.818283][ T6076] create_new_namespaces+0x3ea/0xa90 [ 106.818309][ T6076] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 106.818465][ T6076] ksys_unshare+0x45b/0xa40 [ 106.818499][ T6076] ? __pfx_ksys_unshare+0x10/0x10 [ 106.818520][ T6076] ? xfd_validate_state+0x61/0x180 [ 106.818547][ T6076] __x64_sys_unshare+0x31/0x40 [ 106.818566][ T6076] do_syscall_64+0xcd/0xfa0 [ 106.818587][ T6076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 106.818602][ T6076] RIP: 0033:0x7fcea938f749 [ 106.818616][ T6076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 106.818629][ T6076] RSP: 002b:00007fceaa1ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 106.818643][ T6076] RAX: ffffffffffffffda RBX: 00007fcea95e5fa0 RCX: 00007fcea938f749 [ 106.818653][ T6076] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 106.818661][ T6076] RBP: 00007fcea9413f91 R08: 0000000000000000 R09: 0000000000000000 [ 106.818669][ T6076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 106.818678][ T6076] R13: 00007fcea95e6038 R14: 00007fcea95e5fa0 R15: 00007ffcd31e49d8 [ 106.818697][ T6076] [ 107.875059][ T6108] netlink: 330 bytes leftover after parsing attributes in process `syz.3.45'. [ 109.205044][ T6135] ======================================================= [ 109.205044][ T6135] WARNING: The mand mount option has been deprecated and [ 109.205044][ T6135] and is ignored by this kernel. Remove the mand [ 109.205044][ T6135] option from the mount to silence this warning. [ 109.205044][ T6135] ======================================================= [ 109.255871][ T6136] Console: switching to colour VGA+ 80x25 [ 109.351039][ T6135] nfsd: Unknown parameter 'TšR‚Ð' [ 109.452738][ T6138] Console: switching to colour frame buffer device 128x48 [ 109.992634][ T6107] kexec: Could not allocate control_code_buffer [ 110.339542][ T6152] FAULT_INJECTION: forcing a failure. [ 110.339542][ T6152] name failslab, interval 1, probability 0, space 0, times 0 [ 110.395671][ T6152] CPU: 1 UID: 0 PID: 6152 Comm: syz.0.56 Not tainted syzkaller #0 PREEMPT(full) [ 110.395706][ T6152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 110.395722][ T6152] Call Trace: [ 110.395731][ T6152] [ 110.395740][ T6152] dump_stack_lvl+0x16c/0x1f0 [ 110.395781][ T6152] should_fail_ex+0x512/0x640 [ 110.395818][ T6152] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 110.395851][ T6152] should_failslab+0xc2/0x120 [ 110.395886][ T6152] kmem_cache_alloc_noprof+0x75/0x6e0 [ 110.395913][ T6152] ? __proc_create+0x2ce/0x8e0 [ 110.396074][ T6152] ? __proc_create+0x2ce/0x8e0 [ 110.396114][ T6152] __proc_create+0x2ce/0x8e0 [ 110.396148][ T6152] ? __pfx___proc_create+0x10/0x10 [ 110.396189][ T6152] ? _raw_write_unlock+0x28/0x50 [ 110.396218][ T6152] ? proc_register+0x559/0x8b0 [ 110.396262][ T6152] proc_create_reg+0x7d/0x180 [ 110.396304][ T6152] proc_create_net_data+0x8e/0x1c0 [ 110.396343][ T6152] ? __pfx_proc_create_net_data+0x10/0x10 [ 110.396379][ T6152] ? __pfx_ndisc_net_init+0x10/0x10 [ 110.396423][ T6152] ? __pfx_udplite6_proc_init_net+0x10/0x10 [ 110.396455][ T6152] udplite6_proc_init_net+0x57/0x80 [ 110.396495][ T6152] ops_init+0x1e2/0x5f0 [ 110.396530][ T6152] setup_net+0x100/0x390 [ 110.396560][ T6152] ? __pfx_setup_net+0x10/0x10 [ 110.396590][ T6152] ? debug_mutex_init+0x37/0x70 [ 110.396624][ T6152] copy_net_ns+0x2f8/0x690 [ 110.396662][ T6152] create_new_namespaces+0x3ea/0xa90 [ 110.396873][ T6152] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 110.396912][ T6152] ksys_unshare+0x45b/0xa40 [ 110.396946][ T6152] ? __pfx_ksys_unshare+0x10/0x10 [ 110.396995][ T6152] ? xfd_validate_state+0x61/0x180 [ 110.397045][ T6152] __x64_sys_unshare+0x31/0x40 [ 110.397076][ T6152] do_syscall_64+0xcd/0xfa0 [ 110.397110][ T6152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.397136][ T6152] RIP: 0033:0x7fcea938f749 [ 110.397159][ T6152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.397184][ T6152] RSP: 002b:00007fceaa1de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 110.397209][ T6152] RAX: ffffffffffffffda RBX: 00007fcea95e6090 RCX: 00007fcea938f749 [ 110.397227][ T6152] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 110.397243][ T6152] RBP: 00007fcea9413f91 R08: 0000000000000000 R09: 0000000000000000 [ 110.397259][ T6152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 110.397274][ T6152] R13: 00007fcea95e6128 R14: 00007fcea95e6090 R15: 00007ffcd31e49d8 [ 110.397312][ T6152] [ 110.692043][ C1] vkms_vblank_simulate: vblank timer overrun [ 111.094010][ T6164] openvswitch: ovs_: Dropping previously announced user features [ 111.814000][ T6171] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 111.981307][ T6171] ubi0: attaching mtd0 [ 112.027255][ T6171] ubi0: scanning is finished [ 112.069190][ T6175] ima: Unable to open file: /surit‹¯Ròy/integrity?iqa/policy (-2) [ 112.164066][ T6175] ima: policy update failed [ 112.194809][ T30] audit: type=1802 audit(110489606.440:3): pid=6175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.61" res=0 errno=0 [ 112.248036][ T6171] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 112.276204][ T6171] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 112.285789][ T6171] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 112.325500][ T6171] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 112.354261][ T6180] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 112.366197][ T6171] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 112.374238][ T6171] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 112.395700][ T6171] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 811349016 [ 112.420514][ T6171] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 112.450812][ T6178] ubi0: background thread "ubi_bgt0d" started, PID 6178 [ 112.459574][ T6173] ubi0: detaching mtd0 [ 112.497147][ T6173] ubi0: mtd0 is detached [ 113.093744][ T6189] ubi0: attaching mtd0 [ 113.104164][ T6189] ubi0: scanning is finished [ 113.320356][ T6189] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 113.335366][ T6189] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 113.345853][ T6189] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 113.366055][ T6189] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 113.374296][ T6189] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 113.383016][ T6197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.67'. [ 113.391841][ T6189] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 113.391890][ T6189] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 811349016 [ 113.391912][ T6189] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 113.392019][ T6190] ubi0: detaching mtd0 [ 113.441910][ T6190] ubi0: mtd0 is detached [ 113.459883][ T6197] netlink: 5 bytes leftover after parsing attributes in process `syz.0.67'. [ 113.491125][ T6197] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 113.734555][ T6202] binder: 6201:6202 ioctl 5380 2000000000c0 returned -22 [ 113.769805][ T6202] capability: warning: `syz.0.68' uses 32-bit capabilities (legacy support in use) [ 113.786414][ T6202] sd 0:0:1:0: PR command failed: 1026 [ 113.791896][ T6202] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 113.799791][ T6202] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 114.176498][ T6212] Invalid ELF header magic: != ELF [ 116.030855][ T6240] input: f¬ as /devices/virtual/input/input5 [ 117.489268][ T6263] openvswitch: ovs_: Dropping previously announced user features [ 118.572920][ T6280] netlink: 342 bytes leftover after parsing attributes in process `syz.3.86'. [ 118.743564][ T5840] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 118.751559][ T5840] Bluetooth: hci3: Invalid handle: 0x3a4a > 0x0eff [ 119.389449][ T6305] syz.3.95 uses obsolete (PF_INET,SOCK_PACKET) [ 119.414200][ T6305] input: 00 [ 119.414200][ T6305] as /devices/virtual/input/input6 [ 119.447029][ T6305] FAULT_INJECTION: forcing a failure. [ 119.447029][ T6305] name failslab, interval 1, probability 0, space 0, times 0 [ 119.501337][ T6305] CPU: 1 UID: 0 PID: 6305 Comm: syz.3.95 Not tainted syzkaller #0 PREEMPT(full) [ 119.501374][ T6305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 119.501389][ T6305] Call Trace: [ 119.501398][ T6305] [ 119.501409][ T6305] dump_stack_lvl+0x16c/0x1f0 [ 119.501449][ T6305] should_fail_ex+0x512/0x640 [ 119.501484][ T6305] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 119.501516][ T6305] should_failslab+0xc2/0x120 [ 119.501544][ T6305] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 119.501570][ T6305] ? kasprintf+0xc7/0x100 [ 119.501596][ T6305] ? kvasprintf+0xbc/0x160 [ 119.501616][ T6305] kvasprintf+0xbc/0x160 [ 119.501639][ T6305] ? __pfx_kvasprintf+0x10/0x10 [ 119.501676][ T6305] kasprintf+0xc7/0x100 [ 119.501698][ T6305] ? __pfx_kasprintf+0x10/0x10 [ 119.501735][ T6305] ? __pfx_input_devnode+0x10/0x10 [ 119.501768][ T6305] device_get_devnode+0x166/0x2c0 [ 119.501795][ T6305] devtmpfs_create_node+0xf1/0x230 [ 119.501830][ T6305] ? __pfx_devtmpfs_create_node+0x10/0x10 [ 119.501867][ T6305] ? up_write+0x1b2/0x520 [ 119.501914][ T6305] ? kernfs_create_link+0x1bd/0x240 [ 119.501938][ T6305] ? kernfs_put+0x35/0x60 [ 119.501969][ T6305] ? sysfs_do_create_link_sd+0xbb/0x140 [ 119.502004][ T6305] device_add+0x10bd/0x1aa0 [ 119.502031][ T6305] ? __pfx_device_add+0x10/0x10 [ 119.502049][ T6305] ? __pfx_exact_lock+0x10/0x10 [ 119.502078][ T6305] ? kobject_get+0xbb/0x150 [ 119.502110][ T6305] cdev_device_add+0xc2/0x1e0 [ 119.502137][ T6305] evdev_connect+0x3a4/0x4c0 [ 119.502166][ T6305] input_attach_handler.isra.0+0x176/0x250 [ 119.502214][ T6305] input_register_device+0xab9/0x1180 [ 119.502254][ T6305] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 119.502291][ T6305] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 119.502324][ T6305] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 119.502363][ T6305] ? find_held_lock+0x2b/0x80 [ 119.502403][ T6305] ? __pfx_uinput_ioctl+0x10/0x10 [ 119.502436][ T6305] __x64_sys_ioctl+0x18e/0x210 [ 119.502472][ T6305] do_syscall_64+0xcd/0xfa0 [ 119.502503][ T6305] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.502526][ T6305] RIP: 0033:0x7f27a7f8f749 [ 119.502548][ T6305] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 119.502569][ T6305] RSP: 002b:00007f27a8dea038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 119.502604][ T6305] RAX: ffffffffffffffda RBX: 00007f27a81e5fa0 RCX: 00007f27a7f8f749 [ 119.502622][ T6305] RDX: 000000001f000000 RSI: 0000000000005501 RDI: 0000000000000008 [ 119.502637][ T6305] RBP: 00007f27a8013f91 R08: 0000000000000000 R09: 0000000000000000 [ 119.502653][ T6305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 119.502666][ T6305] R13: 00007f27a81e6038 R14: 00007f27a81e5fa0 R15: 00007ffed8397118 [ 119.502702][ T6305] [ 119.793501][ C1] vkms_vblank_simulate: vblank timer overrun [ 120.080774][ T6313] zswap: compressor Ø not available [ 120.550162][ T6330] netlink: 16 bytes leftover after parsing attributes in process `syz.0.103'. [ 121.567940][ T6321] FAULT_INJECTION: forcing a failure. [ 121.567940][ T6321] name failslab, interval 1, probability 0, space 0, times 0 [ 121.655988][ T6321] CPU: 1 UID: 0 PID: 6321 Comm: syz.2.100 Not tainted syzkaller #0 PREEMPT(full) [ 121.656017][ T6321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 121.656028][ T6321] Call Trace: [ 121.656033][ T6321] [ 121.656041][ T6321] dump_stack_lvl+0x16c/0x1f0 [ 121.656067][ T6321] should_fail_ex+0x512/0x640 [ 121.656093][ T6321] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 121.656118][ T6321] should_failslab+0xc2/0x120 [ 121.656149][ T6321] kmem_cache_alloc_noprof+0x75/0x6e0 [ 121.656164][ T6321] ? ptlock_alloc+0x1f/0x70 [ 121.656194][ T6321] ? ptlock_alloc+0x1f/0x70 [ 121.656344][ T6321] ptlock_alloc+0x1f/0x70 [ 121.656380][ T6321] pte_alloc_one+0x84/0x350 [ 121.656404][ T6321] __pte_alloc+0x6d/0x380 [ 121.656423][ T6321] ? __pfx___pte_alloc+0x10/0x10 [ 121.656442][ T6321] ? __pfx___might_resched+0x10/0x10 [ 121.656461][ T6321] ? copy_page_range+0x1c69/0x6930 [ 121.656485][ T6321] copy_page_range+0x44a1/0x6930 [ 121.656534][ T6321] ? __pfx_copy_page_range+0x10/0x10 [ 121.656563][ T6321] ? __pfx___might_resched+0x10/0x10 [ 121.656576][ T6321] ? __pfx_mas_store+0x10/0x10 [ 121.656595][ T6321] ? __vma_enter_locked+0x163/0x3f0 [ 121.656622][ T6321] ? dup_mmap+0xe30/0x2280 [ 121.656640][ T6321] ? down_write+0x14d/0x200 [ 121.656662][ T6321] ? up_write+0x1b2/0x520 [ 121.656686][ T6321] dup_mmap+0xe80/0x2280 [ 121.656712][ T6321] ? __pfx_dup_mmap+0x10/0x10 [ 121.656745][ T6321] copy_process+0x3f0c/0x76a0 [ 121.656763][ T6321] ? __pfx___futex_wait+0x10/0x10 [ 121.656785][ T6321] ? __pfx_copy_process+0x10/0x10 [ 121.656801][ T6321] ? find_held_lock+0x2b/0x80 [ 121.656821][ T6321] ? futex_private_hash_put+0xd5/0x190 [ 121.656994][ T6321] kernel_clone+0xfc/0x930 [ 121.657019][ T6321] ? __pfx_kernel_clone+0x10/0x10 [ 121.657051][ T6321] __do_sys_clone+0xce/0x120 [ 121.657071][ T6321] ? __pfx___do_sys_clone+0x10/0x10 [ 121.657100][ T6321] ? xfd_validate_state+0x61/0x180 [ 121.657126][ T6321] ? __pfx_do_writev+0x10/0x10 [ 121.657333][ T6321] do_syscall_64+0xcd/0xfa0 [ 121.657360][ T6321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.657376][ T6321] RIP: 0033:0x7fc7c118f749 [ 121.657391][ T6321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.657407][ T6321] RSP: 002b:00007fc7c2011fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 121.657423][ T6321] RAX: ffffffffffffffda RBX: 00007fc7c13e5fa0 RCX: 00007fc7c118f749 [ 121.657434][ T6321] RDX: 0000000000000000 RSI: 000000000000f400 RDI: 0000000002360411 [ 121.657443][ T6321] RBP: 00007fc7c1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 121.657453][ T6321] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 121.657463][ T6321] R13: 00007fc7c13e6038 R14: 00007fc7c13e5fa0 R15: 00007fffb255fcd8 [ 121.657486][ T6321] [ 121.987603][ C1] vkms_vblank_simulate: vblank timer overrun [ 123.006940][ T6378] FAULT_INJECTION: forcing a failure. [ 123.006940][ T6378] name failslab, interval 1, probability 0, space 0, times 0 [ 123.056569][ T6378] CPU: 0 UID: 0 PID: 6378 Comm: syz.2.116 Not tainted syzkaller #0 PREEMPT(full) [ 123.056605][ T6378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 123.056617][ T6378] Call Trace: [ 123.056625][ T6378] [ 123.056634][ T6378] dump_stack_lvl+0x16c/0x1f0 [ 123.056672][ T6378] should_fail_ex+0x512/0x640 [ 123.056707][ T6378] ? __kmalloc_noprof+0xca/0x880 [ 123.056748][ T6378] should_failslab+0xc2/0x120 [ 123.056907][ T6378] __kmalloc_noprof+0xdd/0x880 [ 123.056948][ T6378] ? memcg_list_lru_alloc+0x4e9/0x740 [ 123.056981][ T6378] ? memcg_list_lru_alloc+0x4e9/0x740 [ 123.057009][ T6378] memcg_list_lru_alloc+0x4e9/0x740 [ 123.057045][ T6378] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 123.057090][ T6378] __memcg_slab_post_alloc_hook+0x133/0x940 [ 123.057126][ T6378] ? kasan_save_track+0x14/0x30 [ 123.057153][ T6378] kmem_cache_alloc_lru_noprof+0x556/0x6e0 [ 123.057176][ T6378] ? __d_alloc+0x32/0xae0 [ 123.057204][ T6378] ? __pfx_mqueue_fill_super+0x10/0x10 [ 123.057236][ T6378] ? __d_alloc+0x32/0xae0 [ 123.057259][ T6378] __d_alloc+0x32/0xae0 [ 123.057283][ T6378] ? mqueue_get_inode+0x285/0xdd0 [ 123.057315][ T6378] ? __pfx_mqueue_fill_super+0x10/0x10 [ 123.057345][ T6378] d_make_root+0x3e/0x90 [ 123.057373][ T6378] mqueue_fill_super+0x175/0x260 [ 123.057405][ T6378] get_tree_nodev+0xdd/0x190 [ 123.057433][ T6378] mqueue_get_tree+0xf1/0x130 [ 123.057464][ T6378] vfs_get_tree+0x8e/0x340 [ 123.057499][ T6378] fc_mount_longterm+0x1a/0x270 [ 123.057535][ T6378] mq_init_ns+0x426/0x620 [ 123.057574][ T6378] copy_ipcs+0x2d6/0x550 [ 123.057654][ T6378] create_new_namespaces+0x20a/0xa90 [ 123.057683][ T6378] ? security_capable+0x7e/0x260 [ 123.057720][ T6378] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 123.057751][ T6378] ksys_unshare+0x45b/0xa40 [ 123.057784][ T6378] ? __pfx_ksys_unshare+0x10/0x10 [ 123.057815][ T6378] ? xfd_validate_state+0x61/0x180 [ 123.057859][ T6378] __x64_sys_unshare+0x31/0x40 [ 123.057888][ T6378] do_syscall_64+0xcd/0xfa0 [ 123.057921][ T6378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.057945][ T6378] RIP: 0033:0x7fc7c118f749 [ 123.057967][ T6378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.057988][ T6378] RSP: 002b:00007fc7c1fd0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 123.058008][ T6378] RAX: ffffffffffffffda RBX: 00007fc7c13e6180 RCX: 00007fc7c118f749 [ 123.058024][ T6378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000 [ 123.058038][ T6378] RBP: 00007fc7c1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 123.058051][ T6378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.058065][ T6378] R13: 00007fc7c13e6218 R14: 00007fc7c13e6180 R15: 00007fffb255fcd8 [ 123.058100][ T6378] [ 123.546757][ T6384] ovs_: entered promiscuous mode [ 124.298286][ T6401] usb usb38: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 124.317161][ T6401] vhci_hcd: invalid port number 47 [ 124.325136][ T6401] vhci_hcd: default hub control req: 2f73 v7379 i002f l29285 [ 124.407615][ T6402] ubi0: attaching mtd0 [ 124.424249][ T6402] ubi0: scanning is finished [ 124.745106][ T6413] futex_wake_op: syz.1.124 tries to shift op by -2048; fix this program [ 124.775276][ T6402] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 124.808292][ T6402] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 124.836608][ T6402] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 124.868487][ T6402] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 124.905312][ T6402] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 124.912478][ T6402] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 124.953416][ T6402] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 811349016 [ 125.018000][ T6402] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 125.071295][ T6408] ubi0: detaching mtd0 [ 125.077570][ T6421] ubi0: background thread "ubi_bgt0d" started, PID 6421 [ 125.123879][ T6408] ubi0: mtd0 is detached [ 126.048735][ T6436] ubi0: attaching mtd0 [ 126.055082][ T6436] ubi0: scanning is finished [ 126.245293][ T6436] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 126.253019][ T6436] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 126.335545][ T6436] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 126.371892][ T6436] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 126.374882][ T6440] can: request_module (can-proto-4) failed. [ 126.433026][ T6436] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 126.485987][ T6436] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 126.495179][ T6436] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 811349016 [ 126.565673][ T6436] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 126.623912][ T6444] ubi0: background thread "ubi_bgt0d" started, PID 6444 [ 126.625589][ T6441] ubi0: detaching mtd0 [ 126.659084][ T6441] ubi0: mtd0 is detached [ 127.035159][ T6452] netlink: 146 bytes leftover after parsing attributes in process `syz.0.130'. [ 127.338455][ T6457] FAULT_INJECTION: forcing a failure. [ 127.338455][ T6457] name failslab, interval 1, probability 0, space 0, times 0 [ 127.357141][ T6457] CPU: 1 UID: 0 PID: 6457 Comm: syz.2.132 Not tainted syzkaller #0 PREEMPT(full) [ 127.357181][ T6457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 127.357195][ T6457] Call Trace: [ 127.357203][ T6457] [ 127.357214][ T6457] dump_stack_lvl+0x16c/0x1f0 [ 127.357250][ T6457] should_fail_ex+0x512/0x640 [ 127.357285][ T6457] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 127.357312][ T6457] should_failslab+0xc2/0x120 [ 127.357345][ T6457] kmem_cache_alloc_noprof+0x75/0x6e0 [ 127.357371][ T6457] ? skb_clone+0x190/0x3f0 [ 127.357402][ T6457] ? skb_clone+0x190/0x3f0 [ 127.357424][ T6457] skb_clone+0x190/0x3f0 [ 127.357450][ T6457] netlink_deliver_tap+0xabd/0xd30 [ 127.357485][ T6457] netlink_unicast+0x64c/0x870 [ 127.357524][ T6457] ? __pfx_netlink_unicast+0x10/0x10 [ 127.357564][ T6457] netlink_sendmsg+0x8c8/0xdd0 [ 127.357596][ T6457] ? __pfx_netlink_sendmsg+0x10/0x10 [ 127.357628][ T6457] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 127.357669][ T6457] ____sys_sendmsg+0xa98/0xc70 [ 127.357701][ T6457] ? copy_msghdr_from_user+0x10a/0x160 [ 127.357724][ T6457] ? __pfx_____sys_sendmsg+0x10/0x10 [ 127.357770][ T6457] ___sys_sendmsg+0x134/0x1d0 [ 127.357797][ T6457] ? __pfx____sys_sendmsg+0x10/0x10 [ 127.357818][ T6457] ? __lock_acquire+0x622/0x1c90 [ 127.357897][ T6457] __sys_sendmsg+0x16d/0x220 [ 127.357923][ T6457] ? __pfx___sys_sendmsg+0x10/0x10 [ 127.357970][ T6457] do_syscall_64+0xcd/0xfa0 [ 127.358007][ T6457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.358032][ T6457] RIP: 0033:0x7fc7c118f749 [ 127.358051][ T6457] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.358073][ T6457] RSP: 002b:00007fc7c2012038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 127.358096][ T6457] RAX: ffffffffffffffda RBX: 00007fc7c13e5fa0 RCX: 00007fc7c118f749 [ 127.358112][ T6457] RDX: 0000000002000000 RSI: 0000200000000080 RDI: 0000000000000003 [ 127.358127][ T6457] RBP: 00007fc7c2012090 R08: 0000000000000000 R09: 0000000000000000 [ 127.358141][ T6457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 127.358155][ T6457] R13: 00007fc7c13e6038 R14: 00007fc7c13e5fa0 R15: 00007fffb255fcd8 [ 127.358189][ T6457] [ 127.835564][ T6457] ovs_: entered promiscuous mode [ 128.077529][ T6463] FAULT_INJECTION: forcing a failure. [ 128.077529][ T6463] name failslab, interval 1, probability 0, space 0, times 0 [ 128.133602][ T6463] CPU: 0 UID: 0 PID: 6463 Comm: syz.0.133 Not tainted syzkaller #0 PREEMPT(full) [ 128.133625][ T6463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 128.133634][ T6463] Call Trace: [ 128.133640][ T6463] [ 128.133645][ T6463] dump_stack_lvl+0x16c/0x1f0 [ 128.133670][ T6463] should_fail_ex+0x512/0x640 [ 128.133704][ T6463] ? __kmalloc_noprof+0xca/0x880 [ 128.133745][ T6463] should_failslab+0xc2/0x120 [ 128.133779][ T6463] __kmalloc_noprof+0xdd/0x880 [ 128.133805][ T6463] ? __register_sysctl_table+0xea2/0x1900 [ 128.133830][ T6463] ? __register_sysctl_table+0xea2/0x1900 [ 128.133850][ T6463] __register_sysctl_table+0xea2/0x1900 [ 128.133875][ T6463] ? __pfx___register_sysctl_table+0x10/0x10 [ 128.133894][ T6463] ? is_module_address+0x69/0xf0 [ 128.133915][ T6463] ? register_net_sysctl_sz+0x228/0x3e0 [ 128.133937][ T6463] ? __asan_memcpy+0x3c/0x60 [ 128.133954][ T6463] xfrm6_net_init+0xf0/0x1c0 [ 128.133970][ T6463] ? __pfx_xfrm6_net_init+0x10/0x10 [ 128.133986][ T6463] ops_init+0x1e2/0x5f0 [ 128.134003][ T6463] setup_net+0x100/0x390 [ 128.134018][ T6463] ? __pfx_setup_net+0x10/0x10 [ 128.134034][ T6463] ? debug_mutex_init+0x37/0x70 [ 128.134052][ T6463] copy_net_ns+0x2f8/0x690 [ 128.134070][ T6463] create_new_namespaces+0x3ea/0xa90 [ 128.134091][ T6463] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 128.134109][ T6463] ksys_unshare+0x45b/0xa40 [ 128.134127][ T6463] ? __pfx_ksys_unshare+0x10/0x10 [ 128.134146][ T6463] ? xfd_validate_state+0x61/0x180 [ 128.134172][ T6463] __x64_sys_unshare+0x31/0x40 [ 128.134192][ T6463] do_syscall_64+0xcd/0xfa0 [ 128.134211][ T6463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.134225][ T6463] RIP: 0033:0x7fcea938f749 [ 128.134238][ T6463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.134251][ T6463] RSP: 002b:00007fceaa1de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 128.134264][ T6463] RAX: ffffffffffffffda RBX: 00007fcea95e6090 RCX: 00007fcea938f749 [ 128.134273][ T6463] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 128.134281][ T6463] RBP: 00007fcea9413f91 R08: 0000000000000000 R09: 0000000000000000 [ 128.134289][ T6463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.134297][ T6463] R13: 00007fcea95e6128 R14: 00007fcea95e6090 R15: 00007ffcd31e49d8 [ 128.134317][ T6463] [ 128.134324][ T6463] sysctl could not get directory: [ 128.336335][ T6465] Line length is too long: Should be less than 4094 [ 128.337217][ T6463] /net/ipv6 -12 [ 128.848876][ T6473] openvswitch: ovs_: Dropping previously announced user features [ 128.912149][ T5840] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 129.835498][ T6465] FAULT_INJECTION: forcing a failure. [ 129.835498][ T6465] name failslab, interval 1, probability 0, space 0, times 0 [ 129.937760][ T6465] CPU: 1 UID: 0 PID: 6465 Comm: syz.3.134 Not tainted syzkaller #0 PREEMPT(full) [ 129.937795][ T6465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 129.937809][ T6465] Call Trace: [ 129.937817][ T6465] [ 129.937826][ T6465] dump_stack_lvl+0x16c/0x1f0 [ 129.937862][ T6465] should_fail_ex+0x512/0x640 [ 129.937897][ T6465] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 129.937940][ T6465] should_failslab+0xc2/0x120 [ 129.937975][ T6465] kmem_cache_alloc_noprof+0x75/0x6e0 [ 129.938001][ T6465] ? ptlock_alloc+0x1f/0x70 [ 129.938042][ T6465] ? ptlock_alloc+0x1f/0x70 [ 129.938074][ T6465] ptlock_alloc+0x1f/0x70 [ 129.938109][ T6465] pte_alloc_one+0x84/0x350 [ 129.938136][ T6465] __pte_alloc+0x6d/0x380 [ 129.938167][ T6465] ? __pfx___pte_alloc+0x10/0x10 [ 129.938204][ T6465] ? __pfx___might_resched+0x10/0x10 [ 129.938233][ T6465] ? copy_page_range+0x1c69/0x6930 [ 129.938278][ T6465] copy_page_range+0x44a1/0x6930 [ 129.938360][ T6465] ? __pfx_copy_page_range+0x10/0x10 [ 129.938411][ T6465] ? __pfx___might_resched+0x10/0x10 [ 129.938435][ T6465] ? __pfx_mas_store+0x10/0x10 [ 129.938466][ T6465] ? __vma_enter_locked+0x163/0x3f0 [ 129.938507][ T6465] ? dup_mmap+0xe30/0x2280 [ 129.938539][ T6465] ? down_write+0x14d/0x200 [ 129.938583][ T6465] ? up_write+0x1b2/0x520 [ 129.938623][ T6465] dup_mmap+0xe80/0x2280 [ 129.938673][ T6465] ? __pfx_dup_mmap+0x10/0x10 [ 129.938734][ T6465] copy_process+0x3f0c/0x76a0 [ 129.938762][ T6465] ? preempt_schedule_thunk+0x16/0x30 [ 129.938816][ T6465] ? __pfx_copy_process+0x10/0x10 [ 129.938846][ T6465] ? find_held_lock+0x2b/0x80 [ 129.938877][ T6465] ? futex_private_hash_put+0xd5/0x190 [ 129.938916][ T6465] kernel_clone+0xfc/0x930 [ 129.938957][ T6465] ? __pfx_futex_wake+0x10/0x10 [ 129.938995][ T6465] ? __pfx_kernel_clone+0x10/0x10 [ 129.939024][ T6465] ? __pfx_vfs_writev+0x10/0x10 [ 129.939071][ T6465] __do_sys_clone+0xce/0x120 [ 129.939101][ T6465] ? __pfx___do_sys_clone+0x10/0x10 [ 129.939149][ T6465] ? xfd_validate_state+0x61/0x180 [ 129.939180][ T6465] ? __pfx_do_writev+0x10/0x10 [ 129.939216][ T6465] do_syscall_64+0xcd/0xfa0 [ 129.939250][ T6465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.939275][ T6465] RIP: 0033:0x7f27a7f8f749 [ 129.939296][ T6465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.939319][ T6465] RSP: 002b:00007f27a8de9fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 129.939343][ T6465] RAX: ffffffffffffffda RBX: 00007f27a81e5fa0 RCX: 00007f27a7f8f749 [ 129.939360][ T6465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 129.939375][ T6465] RBP: 00007f27a8013f91 R08: 0000000000000000 R09: 0000000000000000 [ 129.939390][ T6465] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 129.939405][ T6465] R13: 00007f27a81e6038 R14: 00007f27a81e5fa0 R15: 00007ffed8397118 [ 129.939442][ T6465] [ 130.414166][ T6500] openvswitch: ovs_: Dropping previously announced user features [ 130.603603][ T6495] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 131.748563][ T6522] binder: 6521:6522 ioctl 5380 2000000000c0 returned -22 [ 131.788454][ T6522] sd 0:0:1:0: PR command failed: 1026 [ 131.805286][ T6522] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 131.812175][ T6522] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 131.961920][ T6525] ubi0: attaching mtd0 [ 131.995078][ T6525] ubi0: scanning is finished [ 132.463502][ T6525] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 132.678487][ T6538] zswap: compressor - not available [ 134.005901][ T6573] binder: 6572:6573 ioctl 5380 2000000000c0 returned -22 [ 134.056708][ T6573] sd 0:0:1:0: PR command failed: 1026 [ 134.073296][ T6573] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 134.113895][ T6573] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 134.441645][ C0] vkms_vblank_simulate: vblank timer overrun [ 134.527137][ T6580] sp0: Synchronizing with TNC [ 135.586574][ T6588] ubi0: attaching mtd0 [ 135.592913][ T6588] ubi0: scanning is finished [ 136.043483][ T6582] kexec: Could not allocate control_code_buffer [ 136.090033][ T6588] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 136.098573][ T6588] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 136.117408][ T6588] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 136.138451][ T6588] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 136.200000][ T6588] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 136.282269][ T6588] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 136.320234][ T6588] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 811349016 [ 136.365358][ T6588] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 136.377392][ T6600] ubi0: background thread "ubi_bgt0d" started, PID 6600 [ 136.415060][ T6596] ubi0: detaching mtd0 [ 136.514796][ T6596] ubi0: mtd0 is detached [ 136.520657][ T6607] mkiss: ax0: crc mode is auto. [ 136.801189][ T6612] FAULT_INJECTION: forcing a failure. [ 136.801189][ T6612] name failslab, interval 1, probability 0, space 0, times 0 [ 136.875429][ T6612] CPU: 1 UID: 0 PID: 6612 Comm: syz.0.175 Not tainted syzkaller #0 PREEMPT(full) [ 136.875473][ T6612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 136.875490][ T6612] Call Trace: [ 136.875500][ T6612] [ 136.875511][ T6612] dump_stack_lvl+0x16c/0x1f0 [ 136.875557][ T6612] should_fail_ex+0x512/0x640 [ 136.875595][ T6612] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 136.875638][ T6612] should_failslab+0xc2/0x120 [ 136.875686][ T6612] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 136.875724][ T6612] ? fib_rules_register+0x30/0x500 [ 136.875764][ T6612] ? __pfx_fib6_rules_net_init+0x10/0x10 [ 136.875804][ T6612] ? kmemdup_noprof+0x29/0x60 [ 136.875830][ T6612] kmemdup_noprof+0x29/0x60 [ 136.875858][ T6612] fib_rules_register+0x30/0x500 [ 136.875888][ T6612] ? __pfx_fib6_rules_net_init+0x10/0x10 [ 136.875921][ T6612] fib6_rules_net_init+0x1f/0x140 [ 136.875955][ T6612] ops_init+0x1e2/0x5f0 [ 136.875987][ T6612] setup_net+0x100/0x390 [ 136.876015][ T6612] ? __pfx_setup_net+0x10/0x10 [ 136.876044][ T6612] ? debug_mutex_init+0x37/0x70 [ 136.876080][ T6612] copy_net_ns+0x2f8/0x690 [ 136.876115][ T6612] create_new_namespaces+0x3ea/0xa90 [ 136.876153][ T6612] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 136.876186][ T6612] ksys_unshare+0x45b/0xa40 [ 136.876220][ T6612] ? __pfx_ksys_unshare+0x10/0x10 [ 136.876254][ T6612] ? xfd_validate_state+0x61/0x180 [ 136.876301][ T6612] __x64_sys_unshare+0x31/0x40 [ 136.876331][ T6612] do_syscall_64+0xcd/0xfa0 [ 136.876365][ T6612] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.876391][ T6612] RIP: 0033:0x7fcea938f749 [ 136.877119][ T6612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 136.877151][ T6612] RSP: 002b:00007fceaa1de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 136.877184][ T6612] RAX: ffffffffffffffda RBX: 00007fcea95e6090 RCX: 00007fcea938f749 [ 136.877203][ T6612] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 136.877220][ T6612] RBP: 00007fcea9413f91 R08: 0000000000000000 R09: 0000000000000000 [ 136.877237][ T6612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.877254][ T6612] R13: 00007fcea95e6128 R14: 00007fcea95e6090 R15: 00007ffcd31e49d8 [ 136.877297][ T6612] [ 137.350183][ T6618] binder: 6615:6618 ioctl 5380 2000000000c0 returned -22 [ 137.428457][ T6618] sd 0:0:1:0: PR command failed: 1026 [ 137.444115][ T6618] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 137.479181][ T6618] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 138.081814][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.090692][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.637010][ T6661] sp0: Synchronizing with TNC [ 139.945805][ T6671] binder: 6670:6671 ioctl 5380 2000000000c0 returned -22 [ 139.987421][ T6671] sd 0:0:1:0: PR command failed: 1026 [ 139.993921][ T6671] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 140.011371][ T6671] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 140.415775][ T6676] ptp ptp0: new virtual clock ptp1 [ 140.435508][ T6676] ptp ptp0: new virtual clock ptp2 [ 140.451386][ T6676] ptp ptp0: new virtual clock ptp3 [ 140.486101][ T6676] ptp ptp0: guarantee physical clock free running [ 141.091154][ T6702] FAULT_INJECTION: forcing a failure. [ 141.091154][ T6702] name failslab, interval 1, probability 0, space 0, times 0 [ 141.176624][ T6702] CPU: 0 UID: 0 PID: 6702 Comm: syz.2.197 Not tainted syzkaller #0 PREEMPT(full) [ 141.176665][ T6702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 141.176680][ T6702] Call Trace: [ 141.176690][ T6702] [ 141.176700][ T6702] dump_stack_lvl+0x16c/0x1f0 [ 141.176747][ T6702] should_fail_ex+0x512/0x640 [ 141.176790][ T6702] ? __kmalloc_cache_noprof+0x5f/0x780 [ 141.176819][ T6702] should_failslab+0xc2/0x120 [ 141.176854][ T6702] __kmalloc_cache_noprof+0x72/0x780 [ 141.176878][ T6702] ? _raw_write_unlock+0x28/0x50 [ 141.176907][ T6702] ? ip6addrlbl_add+0xbb/0xc40 [ 141.176950][ T6702] ? ip6addrlbl_add+0xbb/0xc40 [ 141.176984][ T6702] ip6addrlbl_add+0xbb/0xc40 [ 141.177023][ T6702] ? lockdep_init_map_type+0x5c/0x280 [ 141.177063][ T6702] ip6addrlbl_net_init+0x10a/0x380 [ 141.177355][ T6702] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 141.177400][ T6702] ops_init+0x1e2/0x5f0 [ 141.177433][ T6702] setup_net+0x100/0x390 [ 141.177466][ T6702] ? __pfx_setup_net+0x10/0x10 [ 141.177499][ T6702] ? debug_mutex_init+0x37/0x70 [ 141.177534][ T6702] copy_net_ns+0x2f8/0x690 [ 141.177567][ T6702] create_new_namespaces+0x3ea/0xa90 [ 141.177604][ T6702] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 141.177635][ T6702] ksys_unshare+0x45b/0xa40 [ 141.177668][ T6702] ? __pfx_ksys_unshare+0x10/0x10 [ 141.177702][ T6702] ? xfd_validate_state+0x61/0x180 [ 141.178188][ T6702] __x64_sys_unshare+0x31/0x40 [ 141.178225][ T6702] do_syscall_64+0xcd/0xfa0 [ 141.178272][ T6702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.178300][ T6702] RIP: 0033:0x7fc7c118f749 [ 141.178322][ T6702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.178345][ T6702] RSP: 002b:00007fc7c1ff1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 141.178371][ T6702] RAX: ffffffffffffffda RBX: 00007fc7c13e6090 RCX: 00007fc7c118f749 [ 141.178388][ T6702] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 141.178403][ T6702] RBP: 00007fc7c1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 141.178419][ T6702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.178434][ T6702] R13: 00007fc7c13e6128 R14: 00007fc7c13e6090 R15: 00007fffb255fcd8 [ 141.178471][ T6702] [ 141.720732][ T6707] hub 8-0:1.0: USB hub found [ 141.757652][ T6707] hub 8-0:1.0: 1 port detected [ 142.506941][ T6724] openvswitch: ovs_: Dropping previously announced user features [ 143.728197][ T6749] ubi0: attaching mtd0 [ 143.734598][ T6749] ubi0: scanning is finished [ 144.317169][ T6749] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 144.405534][ T6749] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 144.464203][ T6749] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 144.472172][ T6749] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 144.480668][ T6749] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 144.504624][ T6749] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 144.585505][ T6749] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 811349016 [ 144.600911][ T6764] usb usb5: usbfs: process 6764 (syz.2.207) did not claim interface 0 before use [ 144.659255][ T6749] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 144.715486][ T6761] ubi0: background thread "ubi_bgt0d" started, PID 6761 [ 144.722999][ T6751] ubi0: detaching mtd0 [ 144.741539][ T6751] ubi0: mtd0 is detached [ 145.602349][ T6778] openvswitch: ovs_: Dropping previously announced user features [ 145.676630][ T5840] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 145.684936][ T5840] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0' [ 145.694731][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) [ 145.694770][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 145.694786][ T5840] Workqueue: hci3 hci_rx_work [ 145.694954][ T5840] Call Trace: [ 145.694970][ T5840] [ 145.694983][ T5840] dump_stack_lvl+0x16c/0x1f0 [ 145.695020][ T5840] sysfs_warn_dup+0x7f/0xa0 [ 145.695054][ T5840] sysfs_create_dir_ns+0x24b/0x2b0 [ 145.695091][ T5840] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 145.695119][ T5840] ? find_held_lock+0x2b/0x80 [ 145.695150][ T5840] ? do_raw_spin_unlock+0x172/0x230 [ 145.695179][ T5840] kobject_add_internal+0x2c4/0x9b0 [ 145.695218][ T5840] kobject_add+0x16e/0x240 [ 145.695245][ T5840] ? __pfx_kobject_add+0x10/0x10 [ 145.695276][ T5840] ? do_raw_spin_unlock+0x172/0x230 [ 145.695295][ T5840] ? kobject_put+0xab/0x5a0 [ 145.695328][ T5840] device_add+0x288/0x1aa0 [ 145.695351][ T5840] ? __pfx_dev_set_name+0x10/0x10 [ 145.695379][ T5840] ? __pfx_device_add+0x10/0x10 [ 145.695400][ T5840] ? mgmt_send_event_skb+0x2fb/0x460 [ 145.695433][ T5840] hci_conn_add_sysfs+0x17e/0x230 [ 145.695464][ T5840] le_conn_complete_evt+0x1260/0x2150 [ 145.695497][ T5840] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 145.695521][ T5840] ? bt_warn+0xe4/0x120 [ 145.695554][ T5840] ? __pfx_bt_warn+0x10/0x10 [ 145.695587][ T5840] hci_le_conn_complete_evt+0x23c/0x370 [ 145.695617][ T5840] hci_le_meta_evt+0x357/0x5e0 [ 145.695641][ T5840] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 145.695667][ T5840] hci_event_packet+0x685/0x11c0 [ 145.695693][ T5840] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 145.695728][ T5840] ? __pfx_hci_event_packet+0x10/0x10 [ 145.695761][ T5840] ? kcov_remote_start+0x3c9/0x6d0 [ 145.695784][ T5840] ? lockdep_hardirqs_on+0x7c/0x110 [ 145.695818][ T5840] hci_rx_work+0x2c5/0x16b0 [ 145.695848][ T5840] ? rcu_is_watching+0x12/0xc0 [ 145.695880][ T5840] process_one_work+0x9cf/0x1b70 [ 145.695935][ T5840] ? __pfx_process_one_work+0x10/0x10 [ 145.695989][ T5840] ? assign_work+0x1a0/0x250 [ 145.696029][ T5840] worker_thread+0x6c8/0xf10 [ 145.696062][ T5840] ? __kthread_parkme+0x19e/0x250 [ 145.696095][ T5840] ? __pfx_worker_thread+0x10/0x10 [ 145.696118][ T5840] kthread+0x3c5/0x780 [ 145.696152][ T5840] ? __pfx_kthread+0x10/0x10 [ 145.696188][ T5840] ? rcu_is_watching+0x12/0xc0 [ 145.696211][ T5840] ? __pfx_kthread+0x10/0x10 [ 145.696242][ T5840] ret_from_fork+0x675/0x7d0 [ 145.696272][ T5840] ? __pfx_kthread+0x10/0x10 [ 145.696304][ T5840] ret_from_fork_asm+0x1a/0x30 [ 145.696356][ T5840] [ 145.973766][ T5840] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 145.992555][ T5840] Bluetooth: hci3: failed to register connection device [ 146.810618][ T6801] FAULT_INJECTION: forcing a failure. [ 146.810618][ T6801] name failslab, interval 1, probability 0, space 0, times 0 [ 146.895009][ T6801] CPU: 0 UID: 0 PID: 6801 Comm: syz.1.215 Not tainted syzkaller #0 PREEMPT(full) [ 146.895044][ T6801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 146.895056][ T6801] Call Trace: [ 146.895063][ T6801] [ 146.895074][ T6801] dump_stack_lvl+0x16c/0x1f0 [ 146.895111][ T6801] should_fail_ex+0x512/0x640 [ 146.895150][ T6801] ? fs_reclaim_acquire+0xae/0x150 [ 146.895191][ T6801] should_failslab+0xc2/0x120 [ 146.898368][ T6801] kmem_cache_alloc_noprof+0x75/0x6e0 [ 146.898408][ T6801] ? __pfx_map_id_range_down+0x10/0x10 [ 146.898426][ T6801] ? security_inode_alloc+0x3b/0x2b0 [ 146.898493][ T6801] ? security_inode_alloc+0x3b/0x2b0 [ 146.898514][ T6801] security_inode_alloc+0x3b/0x2b0 [ 146.898540][ T6801] inode_init_always_gfp+0xce4/0x1030 [ 146.898563][ T6801] alloc_inode+0x86/0x240 [ 146.898582][ T6801] sock_alloc+0x40/0x280 [ 146.898601][ T6801] __sock_create+0xc1/0x8d0 [ 146.898621][ T6801] ? _raw_write_unlock+0x28/0x50 [ 146.898641][ T6801] inet_ctl_sock_create+0x94/0x230 [ 146.898664][ T6801] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 146.898688][ T6801] ? proc_create_net_data+0x155/0x1c0 [ 146.898732][ T6801] ndisc_net_init+0x89/0x250 [ 146.898759][ T6801] ? __pfx_ndisc_net_init+0x10/0x10 [ 146.898782][ T6801] ? __pfx_ip6mr_net_init+0x10/0x10 [ 146.898801][ T6801] ? ip6mr_net_init+0x2d8/0x4e0 [ 146.898817][ T6801] ? __pfx_ndisc_net_init+0x10/0x10 [ 146.898839][ T6801] ops_init+0x1e2/0x5f0 [ 146.898857][ T6801] setup_net+0x100/0x390 [ 146.898872][ T6801] ? __pfx_setup_net+0x10/0x10 [ 146.898892][ T6801] ? debug_mutex_init+0x37/0x70 [ 146.898911][ T6801] copy_net_ns+0x2f8/0x690 [ 146.898930][ T6801] create_new_namespaces+0x3ea/0xa90 [ 146.898958][ T6801] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 146.898977][ T6801] ksys_unshare+0x45b/0xa40 [ 146.898997][ T6801] ? __pfx_ksys_unshare+0x10/0x10 [ 146.899015][ T6801] ? xfd_validate_state+0x61/0x180 [ 146.899046][ T6801] __x64_sys_unshare+0x31/0x40 [ 146.899065][ T6801] do_syscall_64+0xcd/0xfa0 [ 146.899085][ T6801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.899101][ T6801] RIP: 0033:0x7f459558f749 [ 146.899115][ T6801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.899130][ T6801] RSP: 002b:00007f459645b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 146.899145][ T6801] RAX: ffffffffffffffda RBX: 00007f45957e6090 RCX: 00007f459558f749 [ 146.899154][ T6801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 146.899163][ T6801] RBP: 00007f4595613f91 R08: 0000000000000000 R09: 0000000000000000 [ 146.899173][ T6801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.899182][ T6801] R13: 00007f45957e6128 R14: 00007f45957e6090 R15: 00007ffe6de58898 [ 146.899203][ T6801] [ 147.204470][ T6801] socket: no more sockets [ 147.209632][ T6801] ICMPv6: NDISC: Failed to initialize the control socket (err -23) [ 147.433794][ T6806] netlink: 'syz.2.216': attribute type 1 has an invalid length. [ 148.844650][ T6833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.225'. [ 149.808321][ T6845] zswap: compressor - not available [ 150.298094][ T6849] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 150.923663][ T6862] ubi0: attaching mtd0 [ 150.991585][ T6862] ubi0: scanning is finished [ 151.313095][ T6862] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 151.424785][ T6862] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 151.490413][ T6862] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 151.541733][ T6862] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 151.576529][ T6862] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 151.584078][ T6862] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 151.598399][ T6862] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 811349016 [ 151.608610][ T6862] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 151.618967][ T6877] ubi0: background thread "ubi_bgt0d" started, PID 6877 [ 151.626398][ T6869] ubi0: detaching mtd0 [ 151.634789][ T6869] ubi0: mtd0 is detached [ 151.785519][ T6882] openvswitch: netlink: Multiple metadata blocks provided [ 151.914454][ T6876] ubi0: attaching mtd0 [ 151.948001][ T6876] ubi0: scanning is finished [ 152.121157][ T6876] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 152.129053][ T6876] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 152.144418][ T6876] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 152.186757][ T6876] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 152.212825][ T6876] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 152.257203][ T6876] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 152.257237][ T6876] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 811349016 [ 152.257262][ T6876] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 152.257366][ T6878] ubi0: detaching mtd0 [ 152.269817][ T6878] ubi0: mtd0 is detached [ 152.297856][ T6892] FAULT_INJECTION: forcing a failure. [ 152.297856][ T6892] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 152.302428][ T6892] CPU: 0 UID: 0 PID: 6892 Comm: syz.0.241 Not tainted syzkaller #0 PREEMPT(full) [ 152.302465][ T6892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 152.302480][ T6892] Call Trace: [ 152.302487][ T6892] [ 152.302498][ T6892] dump_stack_lvl+0x16c/0x1f0 [ 152.302535][ T6892] should_fail_ex+0x512/0x640 [ 152.302578][ T6892] should_fail_alloc_page+0xe7/0x130 [ 152.302612][ T6892] prepare_alloc_pages+0x3c2/0x610 [ 152.302640][ T6892] ? rcu_is_watching+0x12/0xc0 [ 152.302669][ T6892] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 152.302693][ T6892] ? css_rstat_updated+0x1c2/0x510 [ 152.302723][ T6892] ? __pfx_css_rstat_updated+0x10/0x10 [ 152.302757][ T6892] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 152.302801][ T6892] ? __lock_acquire+0x622/0x1c90 [ 152.302843][ T6892] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 152.302886][ T6892] ? policy_nodemask+0xea/0x4e0 [ 152.302923][ T6892] alloc_pages_mpol+0x1fb/0x550 [ 152.302958][ T6892] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 152.303008][ T6892] folio_alloc_mpol_noprof+0x36/0x2f0 [ 152.303049][ T6892] vma_alloc_folio_noprof+0xed/0x1e0 [ 152.303087][ T6892] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 152.303136][ T6892] do_pte_missing+0x2202/0x3ba0 [ 152.303174][ T6892] ? find_held_lock+0x2b/0x80 [ 152.303207][ T6892] __handle_mm_fault+0x1556/0x2aa0 [ 152.303255][ T6892] ? __pfx___handle_mm_fault+0x10/0x10 [ 152.303292][ T6892] ? __pte_offset_map_lock+0x174/0x310 [ 152.303320][ T6892] ? find_held_lock+0x2b/0x80 [ 152.303364][ T6892] ? follow_page_pte+0x5cf/0x1390 [ 152.303405][ T6892] handle_mm_fault+0x589/0xd10 [ 152.303447][ T6892] __get_user_pages+0x54e/0x3530 [ 152.303496][ T6892] ? __pfx___get_user_pages+0x10/0x10 [ 152.303540][ T6892] populate_vma_page_range+0x267/0x3f0 [ 152.303576][ T6892] ? __pfx_populate_vma_page_range+0x10/0x10 [ 152.303610][ T6892] ? __pfx_find_vma_intersection+0x10/0x10 [ 152.303643][ T6892] ? do_mmap+0x69c/0x1210 [ 152.303675][ T6892] __mm_populate+0x1d8/0x380 [ 152.303712][ T6892] ? __pfx___mm_populate+0x10/0x10 [ 152.303747][ T6892] ? up_write+0x1b2/0x520 [ 152.303786][ T6892] vm_mmap_pgoff+0x37f/0x470 [ 152.303823][ T6892] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 152.303859][ T6892] ? __x64_sys_futex+0x1e0/0x4c0 [ 152.303888][ T6892] ? __x64_sys_futex+0x1e9/0x4c0 [ 152.303921][ T6892] ksys_mmap_pgoff+0x7d/0x5c0 [ 152.303949][ T6892] ? xfd_validate_state+0x61/0x180 [ 152.303986][ T6892] __x64_sys_mmap+0x125/0x190 [ 152.304035][ T6892] do_syscall_64+0xcd/0xfa0 [ 152.304069][ T6892] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.304094][ T6892] RIP: 0033:0x7fcea938f749 [ 152.304116][ T6892] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.304139][ T6892] RSP: 002b:00007fceaa1ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 152.304162][ T6892] RAX: ffffffffffffffda RBX: 00007fcea95e5fa0 RCX: 00007fcea938f749 [ 152.304180][ T6892] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 152.304194][ T6892] RBP: 00007fcea9413f91 R08: 0000000000000002 R09: 0000000000008000 [ 152.304210][ T6892] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 152.304224][ T6892] R13: 00007fcea95e6038 R14: 00007fcea95e5fa0 R15: 00007ffcd31e49d8 [ 152.304262][ T6892] [ 152.612591][ T6900] binder: 6899:6900 ioctl 5380 2000000000c0 returned -22 [ 152.980367][ C0] vkms_vblank_simulate: vblank timer overrun [ 154.074809][ T6917] FAULT_INJECTION: forcing a failure. [ 154.074809][ T6917] name failslab, interval 1, probability 0, space 0, times 0 [ 154.119732][ T6917] CPU: 1 UID: 0 PID: 6917 Comm: syz.0.247 Not tainted syzkaller #0 PREEMPT(full) [ 154.119771][ T6917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 154.119787][ T6917] Call Trace: [ 154.119796][ T6917] [ 154.119806][ T6917] dump_stack_lvl+0x16c/0x1f0 [ 154.119853][ T6917] should_fail_ex+0x512/0x640 [ 154.119895][ T6917] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 154.119934][ T6917] should_failslab+0xc2/0x120 [ 154.119968][ T6917] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 154.120000][ T6917] ? __pfx_proc_create_net_data+0x10/0x10 [ 154.120039][ T6917] ? __ip_vs_lblc_init+0x77/0x340 [ 154.120076][ T6917] ? lockdep_init_map_type+0x5c/0x280 [ 154.120115][ T6917] ? __pfx___ip_vs_lblc_init+0x10/0x10 [ 154.120154][ T6917] ? kmemdup_noprof+0x29/0x60 [ 154.120180][ T6917] kmemdup_noprof+0x29/0x60 [ 154.120208][ T6917] __ip_vs_lblc_init+0x77/0x340 [ 154.120248][ T6917] ? __pfx___ip_vs_lblc_init+0x10/0x10 [ 154.120286][ T6917] ops_init+0x1e2/0x5f0 [ 154.120319][ T6917] setup_net+0x100/0x390 [ 154.120347][ T6917] ? __pfx_setup_net+0x10/0x10 [ 154.120376][ T6917] ? debug_mutex_init+0x37/0x70 [ 154.120408][ T6917] copy_net_ns+0x2f8/0x690 [ 154.120442][ T6917] create_new_namespaces+0x3ea/0xa90 [ 154.120481][ T6917] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 154.120518][ T6917] ksys_unshare+0x45b/0xa40 [ 154.120553][ T6917] ? __pfx_ksys_unshare+0x10/0x10 [ 154.120589][ T6917] ? xfd_validate_state+0x61/0x180 [ 154.120637][ T6917] __x64_sys_unshare+0x31/0x40 [ 154.120671][ T6917] do_syscall_64+0xcd/0xfa0 [ 154.120707][ T6917] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.120734][ T6917] RIP: 0033:0x7fcea938f749 [ 154.120754][ T6917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.120778][ T6917] RSP: 002b:00007fceaa1ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 154.120802][ T6917] RAX: ffffffffffffffda RBX: 00007fcea95e5fa0 RCX: 00007fcea938f749 [ 154.120819][ T6917] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 154.120834][ T6917] RBP: 00007fcea9413f91 R08: 0000000000000000 R09: 0000000000000000 [ 154.120858][ T6917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.120873][ T6917] R13: 00007fcea95e6038 R14: 00007fcea95e5fa0 R15: 00007ffcd31e49d8 [ 154.120911][ T6917] [ 155.608267][ C0] vkms_vblank_simulate: vblank timer overrun [ 155.636768][ T6929] ubi0: attaching mtd0 [ 155.643806][ T6929] ubi0: scanning is finished [ 155.913266][ T6929] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 155.921605][ T6929] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 155.937139][ T6929] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 155.945797][ T6929] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 155.953523][ T6929] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 155.961971][ T6929] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 155.980944][ T6929] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 811349016 [ 156.018787][ T6929] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 156.045783][ T6941] ubi0: detaching mtd0 [ 156.163664][ T6941] ubi0: mtd0 is detached [ 156.969089][ T6936] kexec: Could not allocate control_code_buffer [ 157.927392][ T6972] vivid-003: ================= START STATUS ================= [ 157.974567][ T6972] vivid-003: Radio HW Seek Mode: Bounded [ 157.986127][ T6972] vivid-003: Radio Programmable HW Seek: false [ 157.992534][ T6972] vivid-003: RDS Rx I/O Mode: Block I/O [ 158.040524][ T6972] vivid-003: Generate RBDS Instead of RDS: false [ 158.048877][ T6972] vivid-003: RDS Reception: true [ 158.055887][ T6972] vivid-003: RDS Program Type: 0 inactive [ 158.062119][ T6972] vivid-003: RDS PS Name: inactive [ 158.069927][ T6972] vivid-003: RDS Radio Text: inactive [ 158.077061][ T6972] vivid-003: RDS Traffic Announcement: false inactive [ 158.086966][ T6972] vivid-003: RDS Traffic Program: false inactive [ 158.094252][ T6972] vivid-003: RDS Music: false inactive [ 158.101129][ T6972] vivid-003: ================== END STATUS ================== [ 160.214686][ T7001] vivid-007: ================= START STATUS ================= [ 160.227914][ T7001] vivid-007: Generate PTS: true [ 160.239179][ T7001] vivid-007: Generate SCR: true [ 160.325670][ T7001] tpg source WxH: 320x240 (Y'CbCr) [ 160.355695][ T7001] tpg field: 1 [ 160.360294][ T7001] tpg crop: (0,0)/320x240 [ 160.365760][ T7001] tpg compose: (0,0)/320x240 [ 160.370485][ T7001] tpg colorspace: 8 [ 160.375151][ T7001] tpg transfer function: 0/0 [ 160.395368][ T7001] tpg Y'CbCr encoding: 0/0 [ 160.408163][ T7001] tpg quantization: 0/0 [ 160.412796][ T7001] tpg RGB range: 0/2 [ 160.446022][ T7001] vivid-007: ================== END STATUS ================== [ 161.280854][ T7024] netlink: 12 bytes leftover after parsing attributes in process `syz.1.272'. [ 161.390158][ T7019] Process accounting resumed [ 161.673431][ T7012] kexec: Could not allocate control_code_buffer [ 162.263374][ T7030] busy [ 162.363865][ T7035] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 162.764876][ T7044] busy [ 162.862365][ T7046] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 163.033277][ T7049] input: 00 [ 163.033277][ T7049] as /devices/virtual/input/input12 [ 163.076099][ T7049] FAULT_INJECTION: forcing a failure. [ 163.076099][ T7049] name failslab, interval 1, probability 0, space 0, times 0 [ 163.147155][ T7049] CPU: 0 UID: 0 PID: 7049 Comm: syz.0.280 Not tainted syzkaller #0 PREEMPT(full) [ 163.147195][ T7049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 163.147213][ T7049] Call Trace: [ 163.147221][ T7049] [ 163.147232][ T7049] dump_stack_lvl+0x16c/0x1f0 [ 163.147273][ T7049] should_fail_ex+0x512/0x640 [ 163.147312][ T7049] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 163.147350][ T7049] should_failslab+0xc2/0x120 [ 163.147386][ T7049] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 163.147422][ T7049] ? kstrdup_const+0x63/0x80 [ 163.147456][ T7049] ? kstrdup+0x53/0x100 [ 163.147485][ T7049] kstrdup+0x53/0x100 [ 163.147517][ T7049] kstrdup_const+0x63/0x80 [ 163.147545][ T7049] __kernfs_new_node+0x9b/0x8e0 [ 163.147583][ T7049] ? __pfx___kernfs_new_node+0x10/0x10 [ 163.147626][ T7049] ? find_held_lock+0x2b/0x80 [ 163.147654][ T7049] ? kernfs_root+0xee/0x2a0 [ 163.147708][ T7049] kernfs_new_node+0x13c/0x1e0 [ 163.147752][ T7049] kernfs_create_link+0xcc/0x240 [ 163.147779][ T7049] sysfs_do_create_link_sd+0x90/0x140 [ 163.147811][ T7049] sysfs_create_link+0x61/0xc0 [ 163.147840][ T7049] device_add+0xb14/0x1aa0 [ 163.147868][ T7049] ? __pfx_device_add+0x10/0x10 [ 163.147891][ T7049] ? __pfx_exact_lock+0x10/0x10 [ 163.147926][ T7049] ? kobject_get+0xbb/0x150 [ 163.147962][ T7049] cdev_device_add+0xc2/0x1e0 [ 163.148005][ T7049] evdev_connect+0x3a4/0x4c0 [ 163.148044][ T7049] input_attach_handler.isra.0+0x176/0x250 [ 163.148079][ T7049] input_register_device+0xab9/0x1180 [ 163.148116][ T7049] uinput_ioctl_handler.isra.0+0x1357/0x1df0 [ 163.148161][ T7049] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 163.148198][ T7049] ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10 [ 163.148242][ T7049] ? find_held_lock+0x2b/0x80 [ 163.148286][ T7049] ? __pfx_uinput_ioctl+0x10/0x10 [ 163.148321][ T7049] __x64_sys_ioctl+0x18e/0x210 [ 163.148360][ T7049] do_syscall_64+0xcd/0xfa0 [ 163.148394][ T7049] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.148418][ T7049] RIP: 0033:0x7fcea938f749 [ 163.148439][ T7049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.148461][ T7049] RSP: 002b:00007fceaa1ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 163.148487][ T7049] RAX: ffffffffffffffda RBX: 00007fcea95e5fa0 RCX: 00007fcea938f749 [ 163.148507][ T7049] RDX: 00000000ffffffe4 RSI: 0000000000005501 RDI: 0000000000000008 [ 163.148522][ T7049] RBP: 00007fcea9413f91 R08: 0000000000000000 R09: 0000000000000000 [ 163.148538][ T7049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.148553][ T7049] R13: 00007fcea95e6038 R14: 00007fcea95e5fa0 R15: 00007ffcd31e49d8 [ 163.148590][ T7049] [ 163.467599][ T7049] input: failed to attach handler evdev to device input12, error: -12 [ 164.153658][ T7051] FAULT_INJECTION: forcing a failure. [ 164.153658][ T7051] name failslab, interval 1, probability 0, space 0, times 0 [ 164.170770][ T7051] CPU: 1 UID: 0 PID: 7051 Comm: syz.1.281 Not tainted syzkaller #0 PREEMPT(full) [ 164.170808][ T7051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 164.170823][ T7051] Call Trace: [ 164.170832][ T7051] [ 164.170843][ T7051] dump_stack_lvl+0x16c/0x1f0 [ 164.170882][ T7051] should_fail_ex+0x512/0x640 [ 164.170920][ T7051] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 164.170952][ T7051] should_failslab+0xc2/0x120 [ 164.170985][ T7051] kmem_cache_alloc_noprof+0x75/0x6e0 [ 164.171010][ T7051] ? vm_area_dup+0x27/0x8d0 [ 164.171040][ T7051] ? vm_area_dup+0x27/0x8d0 [ 164.171061][ T7051] vm_area_dup+0x27/0x8d0 [ 164.171087][ T7051] dup_mmap+0x86f/0x2280 [ 164.171135][ T7051] ? __pfx_dup_mmap+0x10/0x10 [ 164.171194][ T7051] copy_process+0x3f0c/0x76a0 [ 164.171243][ T7051] ? __pfx_copy_process+0x10/0x10 [ 164.171283][ T7051] ? _copy_from_user+0x59/0xd0 [ 164.171331][ T7051] kernel_clone+0xfc/0x930 [ 164.171365][ T7051] ? __pfx_kernel_clone+0x10/0x10 [ 164.171392][ T7051] ? futex_private_hash_put+0xd5/0x190 [ 164.171431][ T7051] ? __pfx_futex_wait+0x10/0x10 [ 164.171466][ T7051] __do_sys_clone3+0x212/0x290 [ 164.171499][ T7051] ? __pfx___do_sys_clone3+0x10/0x10 [ 164.171582][ T7051] do_syscall_64+0xcd/0xfa0 [ 164.171615][ T7051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.171641][ T7051] RIP: 0033:0x7f459558f749 [ 164.171956][ T7051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.171976][ T7051] RSP: 002b:00007f459647bf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3 [ 164.172001][ T7051] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f459558f749 [ 164.172019][ T7051] RDX: 00007f459647bf20 RSI: 0000000000000058 RDI: 00007f459647bf20 [ 164.172035][ T7051] RBP: 00007f4595613f91 R08: 0000000000000000 R09: 0000000000000058 [ 164.172051][ T7051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.172066][ T7051] R13: 00007f45957e6038 R14: 00007f45957e5fa0 R15: 00007ffe6de58898 [ 164.172106][ T7051] [ 165.302364][ T7071] FAULT_INJECTION: forcing a failure. [ 165.302364][ T7071] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 165.395275][ T7071] CPU: 1 UID: 0 PID: 7071 Comm: syz.0.287 Not tainted syzkaller #0 PREEMPT(full) [ 165.395307][ T7071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 165.395319][ T7071] Call Trace: [ 165.395325][ T7071] [ 165.395334][ T7071] dump_stack_lvl+0x16c/0x1f0 [ 165.395367][ T7071] should_fail_ex+0x512/0x640 [ 165.395407][ T7071] _copy_to_user+0x32/0xd0 [ 165.395434][ T7071] simple_read_from_buffer+0xcb/0x170 [ 165.395474][ T7071] proc_fail_nth_read+0x197/0x240 [ 165.395503][ T7071] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 165.395533][ T7071] ? rw_verify_area+0xcf/0x6c0 [ 165.395564][ T7071] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 165.395591][ T7071] vfs_read+0x1e4/0xcf0 [ 165.395623][ T7071] ? __pfx___mutex_lock+0x10/0x10 [ 165.395654][ T7071] ? __pfx_vfs_read+0x10/0x10 [ 165.395690][ T7071] ? __fget_files+0x20e/0x3c0 [ 165.395726][ T7071] ksys_read+0x12a/0x250 [ 165.395750][ T7071] ? __pfx_ksys_read+0x10/0x10 [ 165.395776][ T7071] ? fput+0x9b/0xd0 [ 165.395812][ T7071] do_syscall_64+0xcd/0xfa0 [ 165.395843][ T7071] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.395868][ T7071] RIP: 0033:0x7fcea938e15c [ 165.395887][ T7071] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 165.395908][ T7071] RSP: 002b:00007fceaa1ff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 165.395934][ T7071] RAX: ffffffffffffffda RBX: 00007fcea95e5fa0 RCX: 00007fcea938e15c [ 165.395949][ T7071] RDX: 000000000000000f RSI: 00007fceaa1ff0a0 RDI: 0000000000000006 [ 165.395963][ T7071] RBP: 00007fceaa1ff090 R08: 0000000000000000 R09: 0000000000000000 [ 165.395977][ T7071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.395990][ T7071] R13: 00007fcea95e6038 R14: 00007fcea95e5fa0 R15: 00007ffcd31e49d8 [ 165.396027][ T7071] [ 166.112202][ T7081] netlink: 8 bytes leftover after parsing attributes in process `syz.0.289'. [ 166.145966][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 166.152856][ T7060] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 166.479186][ T7087] busy [ 167.229753][ T7060] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 167.315808][ T7060] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 167.370969][ T7060] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 167.386866][ T7060] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 167.419562][ T7060] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 167.441117][ T7060] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 167.471341][ T7060] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 167.491714][ T7060] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 167.503915][ T7060] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 167.518498][ T7060] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 167.538183][ T7060] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 167.558870][ T7060] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 167.579993][ T7060] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 168.225589][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 169.426824][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 169.434075][ T7125] busy [ 169.505361][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 169.512609][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout [ 170.275544][ T7104] FAULT_INJECTION: forcing a failure. [ 170.275544][ T7104] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 170.305363][ T5850] Bluetooth: hci2: command 0x0c1a tx timeout [ 170.475607][ T7104] CPU: 0 UID: 0 PID: 7104 Comm: syz.3.294 Not tainted syzkaller #0 PREEMPT(full) [ 170.475643][ T7104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 170.475656][ T7104] Call Trace: [ 170.475667][ T7104] [ 170.475678][ T7104] dump_stack_lvl+0x16c/0x1f0 [ 170.475716][ T7104] should_fail_ex+0x512/0x640 [ 170.475760][ T7104] should_fail_alloc_page+0xe7/0x130 [ 170.475796][ T7104] prepare_alloc_pages+0x3c2/0x610 [ 170.475829][ T7104] ? __lock_acquire+0xb8a/0x1c90 [ 170.475865][ T7104] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 170.475903][ T7104] ? lock_acquire+0x179/0x350 [ 170.475935][ T7104] ? find_held_lock+0x2b/0x80 [ 170.475964][ T7104] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 170.475990][ T7104] ? finish_task_switch.isra.0+0x221/0xc10 [ 170.476024][ T7104] ? __lock_acquire+0x622/0x1c90 [ 170.476096][ T7104] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 170.476146][ T7104] ? policy_nodemask+0xea/0x4e0 [ 170.476183][ T7104] alloc_pages_mpol+0x1fb/0x550 [ 170.476218][ T7104] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 170.476266][ T7104] alloc_pages_noprof+0x131/0x390 [ 170.476301][ T7104] pte_alloc_one+0x1e/0x350 [ 170.476327][ T7104] __pte_alloc+0x6d/0x380 [ 170.476357][ T7104] ? __pfx___pte_alloc+0x10/0x10 [ 170.476386][ T7104] ? __pfx___might_resched+0x10/0x10 [ 170.476411][ T7104] ? copy_page_range+0x1c69/0x6930 [ 170.476453][ T7104] copy_page_range+0x44a1/0x6930 [ 170.476536][ T7104] ? __pfx_copy_page_range+0x10/0x10 [ 170.476586][ T7104] ? __pfx___might_resched+0x10/0x10 [ 170.476611][ T7104] ? __pfx_mas_store+0x10/0x10 [ 170.476642][ T7104] ? __vma_enter_locked+0x163/0x3f0 [ 170.476681][ T7104] ? dup_mmap+0xe30/0x2280 [ 170.476706][ T7104] ? down_write+0x14d/0x200 [ 170.476739][ T7104] ? up_write+0x1b2/0x520 [ 170.476771][ T7104] dup_mmap+0xe80/0x2280 [ 170.476815][ T7104] ? __pfx_dup_mmap+0x10/0x10 [ 170.476875][ T7104] copy_process+0x3f0c/0x76a0 [ 170.476906][ T7104] ? __pfx___futex_wait+0x10/0x10 [ 170.476945][ T7104] ? __pfx_copy_process+0x10/0x10 [ 170.476975][ T7104] ? find_held_lock+0x2b/0x80 [ 170.477006][ T7104] ? futex_private_hash_put+0xd5/0x190 [ 170.477055][ T7104] kernel_clone+0xfc/0x930 [ 170.477091][ T7104] ? __pfx_kernel_clone+0x10/0x10 [ 170.477146][ T7104] __do_sys_clone+0xce/0x120 [ 170.477179][ T7104] ? __pfx___do_sys_clone+0x10/0x10 [ 170.477230][ T7104] ? xfd_validate_state+0x61/0x180 [ 170.477263][ T7104] ? __pfx_do_writev+0x10/0x10 [ 170.477300][ T7104] do_syscall_64+0xcd/0xfa0 [ 170.477331][ T7104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.477352][ T7104] RIP: 0033:0x7f27a7f8f749 [ 170.477373][ T7104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.477396][ T7104] RSP: 002b:00007f27a8de9fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 170.477419][ T7104] RAX: ffffffffffffffda RBX: 00007f27a81e5fa0 RCX: 00007f27a7f8f749 [ 170.477435][ T7104] RDX: 0000000000000000 RSI: 000000000000f5f0 RDI: 0000000002360411 [ 170.477450][ T7104] RBP: 00007f27a8013f91 R08: 0000000000000000 R09: 0000000000000000 [ 170.477464][ T7104] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 170.477479][ T7104] R13: 00007f27a81e6038 R14: 00007f27a81e5fa0 R15: 00007ffed8397118 [ 170.477518][ T7104] [ 170.842497][ C0] vkms_vblank_simulate: vblank timer overrun [ 171.505392][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 171.585549][ T5850] Bluetooth: hci1: command 0x0c1a tx timeout [ 171.592058][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 171.692597][ T7144] netlink: 342 bytes leftover after parsing attributes in process `syz.1.306'. [ 171.729117][ T7146] vivid-003: ================= START STATUS ================= [ 171.802405][ T7146] vivid-003: Radio HW Seek Mode: Bounded [ 171.935690][ T7146] vivid-003: Radio Programmable HW Seek: false [ 171.946884][ T7146] vivid-003: RDS Rx I/O Mode: Block I/O [ 172.050174][ T7146] vivid-003: Generate RBDS Instead of RDS: false [ 172.189606][ T7146] vivid-003: RDS Reception: true [ 172.329627][ T7146] vivid-003: RDS Program Type: 0 inactive [ 172.395218][ T7146] vivid-003: RDS PS Name: inactive [ 172.401573][ T7146] vivid-003: RDS Radio Text: inactive [ 172.442215][ T7146] vivid-003: RDS Traffic Announcement: false inactive [ 172.464468][ T7146] vivid-003: RDS Traffic Program: false inactive [ 172.483462][ T7146] vivid-003: RDS Music: false inactive [ 172.495501][ T7146] vivid-003: ================== END STATUS ================== [ 172.860070][ T7151] netlink: 28 bytes leftover after parsing attributes in process `syz.1.307'. [ 173.585397][ T5850] Bluetooth: hci0: command 0x0c1a tx timeout [ 173.665391][ T5840] Bluetooth: hci1: command 0x0c1a tx timeout [ 173.676910][ T5850] Bluetooth: hci3: command 0x0c1a tx timeout [ 173.681860][ T7165] ================================================================== [ 173.681878][ T7165] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x15d4/0x17b0 [ 173.681919][ T7165] Write of size 8 at addr ffffc90003cf9000 by task syz.0.311/7165 [ 173.681949][ T7165] [ 173.681961][ T7165] CPU: 0 UID: 0 PID: 7165 Comm: syz.0.311 Not tainted syzkaller #0 PREEMPT(full) [ 173.681992][ T7165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 173.682008][ T7165] Call Trace: [ 173.682017][ T7165] [ 173.682027][ T7165] dump_stack_lvl+0x116/0x1f0 [ 173.682061][ T7165] print_report+0xcd/0x630 [ 173.682093][ T7165] ? __virt_addr_valid+0x81/0x610 [ 173.682127][ T7165] ? sys_fillrect+0x15d4/0x17b0 [ 173.682155][ T7165] kasan_report+0xe0/0x110 [ 173.682188][ T7165] ? sys_fillrect+0x15d4/0x17b0 [ 173.682221][ T7165] sys_fillrect+0x15d4/0x17b0 [ 173.682251][ T7165] ? irqentry_exit+0x3b/0x90 [ 173.682280][ T7165] ? lockdep_hardirqs_on+0x7c/0x110 [ 173.682309][ T7165] ? __pfx_sys_fillrect+0x10/0x10 [ 173.682344][ T7165] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 173.682374][ T7165] bit_clear+0x17d/0x220 [ 173.682410][ T7165] ? __pfx_bit_clear+0x10/0x10 [ 173.682449][ T7165] ? __pfx___might_resched+0x10/0x10 [ 173.682474][ T7165] ? fb_get_color_depth+0x120/0x250 [ 173.682508][ T7165] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 173.682551][ T7165] ? __pfx_bit_clear+0x10/0x10 [ 173.682586][ T7165] __fbcon_clear+0x603/0x720 [ 173.682624][ T7165] fbcon_scroll+0x48b/0x640 [ 173.682661][ T7165] con_scroll+0x45f/0x690 [ 173.682689][ T7165] do_con_write+0x5575/0x8290 [ 173.682712][ T7165] ? srcu_barrier+0x2f0/0x7a0 [ 173.682762][ T7165] ? __pfx___mutex_lock+0x10/0x10 [ 173.682796][ T7165] ? __pfx_do_con_write+0x10/0x10 [ 173.682834][ T7165] con_write+0x23/0xb0 [ 173.682863][ T7165] n_tty_write+0x41e/0x11e0 [ 173.682904][ T7165] ? __pfx_n_tty_write+0x10/0x10 [ 173.682944][ T7165] ? trace_kmalloc+0x2b/0xd0 [ 173.682976][ T7165] ? __pfx_woken_wake_function+0x10/0x10 [ 173.683003][ T7165] ? kfree+0x252/0x6d0 [ 173.683026][ T7165] ? __pfx_n_tty_write+0x10/0x10 [ 173.683059][ T7165] file_tty_write.constprop.0+0x503/0x9b0 [ 173.683093][ T7165] redirected_tty_write+0xd4/0x150 [ 173.683119][ T7165] vfs_write+0x7d3/0x11d0 [ 173.683147][ T7165] ? __pfx_redirected_tty_write+0x10/0x10 [ 173.683178][ T7165] ? __pfx_vfs_write+0x10/0x10 [ 173.683203][ T7165] ? find_held_lock+0x2b/0x80 [ 173.683240][ T7165] ksys_write+0x12a/0x250 [ 173.683266][ T7165] ? __pfx_ksys_write+0x10/0x10 [ 173.683302][ T7165] do_syscall_64+0xcd/0xfa0 [ 173.683332][ T7165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.683360][ T7165] RIP: 0033:0x7fcea938f749 [ 173.683381][ T7165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.683404][ T7165] RSP: 002b:00007fceaa1ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 173.683433][ T7165] RAX: ffffffffffffffda RBX: 00007fcea95e5fa0 RCX: 00007fcea938f749 [ 173.683450][ T7165] RDX: 0000000000000007 RSI: 0000200000000000 RDI: 0000000000000003 [ 173.683465][ T7165] RBP: 00007fcea9413f91 R08: 0000000000000000 R09: 0000000000000000 [ 173.683481][ T7165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.683497][ T7165] R13: 00007fcea95e6038 R14: 00007fcea95e5fa0 R15: 00007ffcd31e49d8 [ 173.683524][ T7165] [ 173.683533][ T7165] [ 173.683540][ T7165] The buggy address belongs to a vmalloc virtual mapping [ 173.683560][ T7165] Memory state around the buggy address: [ 173.683574][ T7165] ffffc90003cf8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 173.683593][ T7165] ffffc90003cf8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 173.683612][ T7165] >ffffc90003cf9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 173.683627][ T7165] ^ [ 173.683644][ T7165] ffffc90003cf9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 173.683662][ T7165] ffffc90003cf9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 173.683676][ T7165] ================================================================== [ 173.683690][ T7165] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 173.683706][ T7165] CPU: 0 UID: 0 PID: 7165 Comm: syz.0.311 Not tainted syzkaller #0 PREEMPT(full) [ 173.683738][ T7165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 173.683753][ T7165] Call Trace: [ 173.683762][ T7165] [ 173.683772][ T7165] dump_stack_lvl+0x3d/0x1f0 [ 173.683803][ T7165] vpanic+0x640/0x6f0 [ 173.683838][ T7165] panic+0xca/0xd0 [ 173.683870][ T7165] ? __pfx_panic+0x10/0x10 [ 173.683912][ T7165] check_panic_on_warn+0xab/0xb0 [ 173.683956][ T7165] end_report+0x107/0x170 [ 173.683989][ T7165] kasan_report+0xee/0x110 [ 173.684024][ T7165] ? sys_fillrect+0x15d4/0x17b0 [ 173.684057][ T7165] sys_fillrect+0x15d4/0x17b0 [ 173.684087][ T7165] ? irqentry_exit+0x3b/0x90 [ 173.684116][ T7165] ? lockdep_hardirqs_on+0x7c/0x110 [ 173.684146][ T7165] ? __pfx_sys_fillrect+0x10/0x10 [ 173.684181][ T7165] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 173.684212][ T7165] bit_clear+0x17d/0x220 [ 173.684249][ T7165] ? __pfx_bit_clear+0x10/0x10 [ 173.684290][ T7165] ? __pfx___might_resched+0x10/0x10 [ 173.684316][ T7165] ? fb_get_color_depth+0x120/0x250 [ 173.684350][ T7165] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 173.684393][ T7165] ? __pfx_bit_clear+0x10/0x10 [ 173.684429][ T7165] __fbcon_clear+0x603/0x720 [ 173.684468][ T7165] fbcon_scroll+0x48b/0x640 [ 173.684504][ T7165] con_scroll+0x45f/0x690 [ 173.684534][ T7165] do_con_write+0x5575/0x8290 [ 173.684564][ T7165] ? srcu_barrier+0x2f0/0x7a0 [ 173.684604][ T7165] ? __pfx___mutex_lock+0x10/0x10 [ 173.684636][ T7165] ? __pfx_do_con_write+0x10/0x10 [ 173.684673][ T7165] con_write+0x23/0xb0 [ 173.684700][ T7165] n_tty_write+0x41e/0x11e0 [ 173.684740][ T7165] ? __pfx_n_tty_write+0x10/0x10 [ 173.684773][ T7165] ? trace_kmalloc+0x2b/0xd0 [ 173.684804][ T7165] ? __pfx_woken_wake_function+0x10/0x10 [ 173.684829][ T7165] ? kfree+0x252/0x6d0 [ 173.684853][ T7165] ? __pfx_n_tty_write+0x10/0x10 [ 173.684887][ T7165] file_tty_write.constprop.0+0x503/0x9b0 [ 173.684921][ T7165] redirected_tty_write+0xd4/0x150 [ 173.684957][ T7165] vfs_write+0x7d3/0x11d0 [ 173.684987][ T7165] ? __pfx_redirected_tty_write+0x10/0x10 [ 173.685012][ T7165] ? __pfx_vfs_write+0x10/0x10 [ 173.685036][ T7165] ? find_held_lock+0x2b/0x80 [ 173.685073][ T7165] ksys_write+0x12a/0x250 [ 173.685100][ T7165] ? __pfx_ksys_write+0x10/0x10 [ 173.685131][ T7165] do_syscall_64+0xcd/0xfa0 [ 173.685165][ T7165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.685187][ T7165] RIP: 0033:0x7fcea938f749 [ 173.685204][ T7165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.685223][ T7165] RSP: 002b:00007fceaa1ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 173.685243][ T7165] RAX: ffffffffffffffda RBX: 00007fcea95e5fa0 RCX: 00007fcea938f749 [ 173.685258][ T7165] RDX: 0000000000000007 RSI: 0000200000000000 RDI: 0000000000000003 [ 173.685271][ T7165] RBP: 00007fcea9413f91 R08: 0000000000000000 R09: 0000000000000000 [ 173.685284][ T7165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.685296][ T7165] R13: 00007fcea95e6038 R14: 00007fcea95e5fa0 R15: 00007ffcd31e49d8 [ 173.685317][ T7165] [ 173.685816][ T7165] Kernel Offset: disabled