last executing test programs: 1m2.079620157s ago: executing program 3 (id=236): unshare$auto(0x40000080) write$auto(0xffffffffffffffff, 0x0, 0x81) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000280), r0) r2 = syz_genetlink_get_family_id$auto_net_dm(&(0x7f0000000080), r0) sendmsg$auto_NET_DM_CMD_CONFIG(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="00000beb", @ANYRES16=r2, @ANYBLOB="000429bd7000fbdbdf250200000005000100060000000400150008000900100000000500010005000000050001007f000000"], 0x38}, 0x1, 0x0, 0x0, 0x4048880}, 0x2000040) sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="14480000", @ANYRES16=r1, @ANYBLOB="000827bd7000fbdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4c044) mmap$auto(0x0, 0x404008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/dev_snmp6/ipvlan0\x00', 0x8000, 0x0) pread64$auto(r3, 0x0, 0x4, 0xff) r4 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r4, 0x43403d07, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/node/node0/hugepages/hugepages-1048576kB/demote\x00', 0x1, 0x0) mmap$auto(0x1, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x200000000007ffe) io_uring_setup$auto(0x1, 0x0) adjtimex$auto(0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/wg1/accept_ra_defrtr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) 1m1.800016428s ago: executing program 3 (id=241): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = io_uring_setup$auto(0x1, 0x0) r2 = socket(0xa, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = io_uring_setup$auto(0x6, 0x0) r4 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy7/netdev:wlan0/txpower\x00', 0x0, 0x0) close_range$auto(0x0, 0xffffeffe, 0x2) sendmsg$auto_TIPC_NL_BEARER_ADD(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)={0x148, 0x0, 0x8, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_UNSPEC={0x37, 0x0, "0506e2a082088983448e5b3331169e398befc713600ea4106e2bf2455c5681fbf002d2f5ba7dc2529e4cd6d6bc3007d260a76a"}, @TIPC_NLA_UNSPEC={0xfc, 0x0, "19fcfe6248d827ad33f5fb77cc8cd60f206fc9b4a0476a457d0a13df6b048a7af6d323b071095985e7ee1ad21c6dc09cf30018f808a619a20d56c7dfd91f6da96c33d4b94e0bd23cc9773a6bb9d7f7f22b24d3b0636cb58c5e00607d036e80f310f47d53423b6db793e23bb1687d7d9c4331d0941e62820684cef04692e79bb2c80cf07e6a455a883115fd8a19d6adb8120ef9f5e146a34bd25c8d59b03e2638e751099463a004144bbf7cd14064729d7196c4167779ebce32b40073508c6faa290a8747507c78d696f98f0515c08ac13d22e664f6d8b316c82b3cf558b4493259ca4938deb1358c73cb21965cd14dd00c667fbd57dc3f0a"}]}, 0x148}}, 0x80) ioctl$auto_BLKTRACESETUP2(r3, 0xc0481273, &(0x7f00000005c0)={"59e977be391c0caa10177176b755a3c3b83c569c8f236d59aa2fd682c0beab5b", 0x1, 0x1, 0x7, 0xffffffffffffff01, 0x1, 0x0}) msgctl$auto_MSG_STAT(0x8001, 0xb, &(0x7f00000006c0)={{0x9, 0xee00, 0xffffffffffffffff, 0x4, 0x165f, 0x7, 0x5}, &(0x7f0000000640)=0x9, &(0x7f0000000680)=0x9, 0xfffffffffffffffe, 0x5d4, 0x800, 0x4, 0x6, 0x2, 0x0, 0x3, @raw=0x65, @raw=0x2}) sendmsg$auto_TIPC_NL_BEARER_ADD(r4, &(0x7f00000012c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001280)={&(0x7f0000000740)={0xb28, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@nested={0x10, 0x2f, 0x0, 0x1, [@nested={0x4, 0xf3}, @typed={0x5, 0xb5, 0x0, 0x0, @str='\x00'}]}, @nested={0x8, 0xc, 0x0, 0x1, [@nested={0x4, 0xc9}]}]}, @TIPC_NLA_LINK={0x20, 0x4, 0x0, 0x1, [@typed={0x14, 0x129, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x11}}}, @typed={0x8, 0x57, 0x0, 0x0, @fd=r0}]}, @TIPC_NLA_MEDIA={0x1e9, 0x5, 0x0, 0x1, [@generic="68a7d808eeacff6d9a5f15691656e6f45ba1418e0cd01d9d2f62b5cd2b7d546a3047698aee03ad59", @typed={0x8, 0xfd, 0x0, 0x0, @pid}, @nested={0x9b, 0xf6, 0x0, 0x1, [@nested={0x4, 0x54}, @nested={0x4, 0xb5}, @generic="7b90dd35c48ffdd6cff6e800ac9087c7e72bbdd3b208bc97b7e9e4e3c285aaac75c474f37ac6ca5d68bde7fe106b4c1ecb01dd0137c8bda4825a84b1bbc9a0d805e4c49077806675090f0c81a03c7831d27b72b2923a1a1182ddb6ff7783d58d64dd46a62efb59349d005d74a8e1b64443a6361b44b660c733dd698301af0b0114ed3b02608948701db52a6cbb8bea"]}, @typed={0xc, 0x132, 0x0, 0x0, @u64=0x4}, @generic="da0dd32c30bd83f796ecb6b746188caba4902ceb2e842a487b89a89373dab572c02f7194d0960ecf835d3d", @typed={0x8, 0x2e, 0x0, 0x0, @pid}, @generic="f84a8fe9651ab044cb5b7b755fc10c1fa3521b675fed18b6bf2a80ef8e9aa06d5e1a5f5b02bcbcf5f6f346ad187a8da14ec4b820b40af07e4d36d0bc20b6c36d000d6df01b546718ea41b598a88392a8918d292ae0b2581c2f4bf48667f1939bbc56e2efe29cd555a37ad0ecb77ebd4269f2091cb1b8f8692d1f067d7618df7a75821c86a53aef02d35ef1dcf71207ea733ee5815c1046a06dfa366021a662c6ea4abca1788e0aecc72c87b0f1b63d4a6709c8dd65716e4b9360d4fb238ae0e95ac6c5f2ac523fe3c752a2ade8aa74c1a4efba639df3e762630d", @generic]}, @TIPC_NLA_NET={0x430, 0x7, 0x0, 0x1, [@generic="986497f4eeb4c220c3c43a033a490c5159290fecd77a7710f3897e2b8d5caedb5fe9ddc6516c5ef473864f3a0eb4a6404b0f0ce50de988467c5f3c81582046e5b35848fe29b56ff23cf47c0ed490fd87e2456ffa8734dec9354b28fab7206102110ea97a46a178723d57bead6e9f0f4adfe9bd6682014f5924d6fe19878da45a405c30df6077f925d479474725bca952f577f02232f660c9ed434c3f40c2ff05b26588f1f407323b4acbe8370d39056a88fc74ad80d4b650eb8ccdb5d0a7a3695a21b2ed8cc6383e22dd2a848fcd16", @typed={0x85, 0x118, 0x0, 0x0, @binary="2dbdb1dd13d8eae611abc4c533506ed61c1a036b49a2a8accac3b955b77ff48ed9701bd98dbbc1129bc919a85102041ca781d64a12a278539914a3f602a1fd22234e827458fe37bd14b5fa138556fdb8cd88c36ccf30430cf13d1388289e94204d9422663f712937e2fbc39d530115f121f0686d87a4712d2fe2f0929d8f2564fd"}, @typed={0xb4, 0xd4, 0x0, 0x0, @binary="b0102b5db17714e9227730870dea8e149027184f083c58042afb23b518e1f760116543795034efec9273f71c5b60500693c542d861a681be650eeb6ee368e00edb578e9110f860760af631b2bfc1b128e8ffb7cbf5a5fd555ad2a0e6b662197c39e2931e5bdefb8755c17751fde2132e2ad2be9a81677eafb3fa7eec4f5d8ce9ea31c497b0baf9c491e2503ecaca43a9694d51929d1ff1efdc97af9d21ab31ae92fb794cae005ae9cb07b309c44f0973"}, @generic="ec8b30824061412aa7f4583a6d8b574b51be6fa509a816ce0fa8e1dda1274e895e7c8383f0b890b536104908e1f283ddcadd65109a46091f6a5464e068a4ce2e7c573dd6c524d0a554bd53e99e015e37b0f6803566527a26a028a33a8f56ea0d25ef480b54f6d97a4882881777525dbce2984f390809c2026a3edc71a2c4d1717bd4a0ebbbf54510d04243884250acf2a308a0", @generic="f51846a943277f8949315a6388189facf8613a23663fbd643a94b54834448f0769b7b272a110e0ada5e88356c8b1f257b175dc3902a31905bf3d10d0a42beba11e45be56d62d7e04d772baff77f66b4133d1fc7ff33435889fd7255c77d90c5c1ef561819a1ec92e1d55a3c444edb9a1968a8847968791672199a912b57a57cd0272961b7686f81f686a233ca48050cd6d491f7d7ffdf8a493982b06284d46aa0d47352a9f2278fdcb11988cef00d9b3ee5b216f700c613fefe1d1f4aad7ea681bd34751e076372175b735e7b495ea6066ff7d9ee171c252c3b93e68fb3949677f0119dca2", @generic="b99c2e0bd03235cba616037f2ffd610b315916ec02cfcdac88e3a0f5a741ab31f4511aaf5f064e2a0e0ec9f7ba6e8430005d1a7cdab9a0ad968675cb4b7e8fc5a09299df4357f9a8e96117c3d8e48931e295d516c9bfcd4db7017c70ff447b7bac40fb76df8f99cf09ff5399ae65be8efc38e9c4f5a8a92b03e4f9e47eab002b2d9d2c7f2e18c0c2be37729b632d3d240d18ddf985bc3eb684", @typed={0xd, 0xce, 0x0, 0x0, @str='/dev/kvm\x00'}]}, @TIPC_NLA_NET={0x7a, 0x7, 0x0, 0x1, [@typed={0x8, 0xdd, 0x0, 0x0, @uid}, @nested={0x4, 0x3e}, @generic="990c80da75c1d691110aa25b2aad300f71992e816a1767b7c19d8bfc30cf27c0c9ce4d18def49c88287d8e489dd296307a41baacd38e5c8a89b08efb1b4e1706d2aed2cef29686dbb4b94a6c45cf313ef5fe7eeb00a473897988ffa8a37087839eb147620545", @nested={0x4, 0xf0}]}, @TIPC_NLA_LINK={0x4}, @TIPC_NLA_NAME_TABLE={0x40b, 0x8, 0x0, 0x1, [@nested={0x69, 0x3c, 0x0, 0x1, [@nested={0x4, 0xa3}, @typed={0x8, 0x3, 0x0, 0x0, @uid}, @generic="574e54b53ad6e678ad92bd2b87cc98690f18a26cf240d15124be231353a45a9a70fa9003c84ae03d59b9747989610fd9fb56e275e4cbfbaa2a78432e47cd2945220ee3f9225b3dd7bdf9ec09ebb0310fc535fa9bec3f181a06"]}, @typed={0x8, 0x1b, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @generic="63dac4d13939bbcf6ca7d47e364218b96ecf5635722cc99b760578a95e3e7a3590abb3e68da39f309bbdd30f0344aa66938d02173d16326694c7bf89650d0d34396d831b96f1", @generic="aedb2ec223e46efd39d833d51e78accbb49d14b23e5ca5dcf76bc93100eb15afa08333f941dc751879105c2a8669fda18f1a1be259aabc1b8a23533567c92495f91e56", @generic="adf2b1af2f2dd644c287751a91c97836eca3f64177df469de9a1f8ea6ab2f82dcd38cce663eae5fd699a0621e5130045e80d7f2f292d9b938d1355c968d2fd61f32b6860ceb12e58f6b7384adc2fd0f0ad45d6e6b68b2494bd521c75d59131f16f6904faa200a900f510800021a579c7f1503ebcac9c", @nested={0x112, 0xf9, 0x0, 0x1, [@nested={0x4, 0xa}, @generic="44191aa5289a893dc2a2b07fd1bc4eaccb90cd06c63e28fbb22ffee4206dd8a084fa270e97178bf33d26d8ca2cc037bb6448de1c49175c7599fa6f79babe54b396bd02a680edfc6c4853dd1aa2fadb2e3c0c72ac84ded379713a2a33c2f45d2a8d1f4bbe2ff97900837c44d3654e9f79ed598022d221686e981f73a656148ce635764f61768fdb8a2176daf46540a3b42e8e1e4480322550ea52c6432cdbb0ea34415778976cde31e0577f058d4a65bcaed971d7fa109b643d197715bd237a83bb0aec9f5145c6c550f2664f35861f44637faccd2e39b751e9d9e90d3ea14994dc5b45cbf42468240864255abc157457f519899ce9f6", @typed={0x4, 0x147}, @typed={0x8, 0x148, 0x0, 0x0, @pid}, @nested={0x4, 0xc3}, @nested={0x4, 0x140}]}, @nested={0x17f, 0x5a, 0x0, 0x1, [@nested={0x4, 0x12e}, @generic="79a5bbd278c282ecf374d34a897372c0fd3b591c2f6bdaf0f2ff50230f6f3745492d776d5bf0b88f3788d561600dc84305a9e07282d9e7707416143053ab1c734d35ca3a8389200da9257fef3ca73fbe8a8c33c1e680ab9a5750446b48d4f06d85bf850950c963449e82ff0169", @generic="72615e37078146d22da63fc435305e5b70e2fe33d16c356b39197696084d3a6a842fc76c73c23ba5f78c14cb22584ad3449b066b6f8160c3be2fb1f18d022b2a49385a02fd82d72542b7387c8398f3feda09c35f4a21d3bfb11ca2f0cfa7dbba61d59b9952a421d71c007c11a3e692bc83e41381065b4d425ad09021c2199d7f548eb320b5cab5f151f45b11a92f74990aeef6602f063a0e16c88fb64625a1bed2fcf523c9bcdb9d921b0f5d874b162240cef7a7c9fbfca8f6b93e791fc19e362a699a500ee0eadf9ecfa061559d34a00e316a182ee722c68dbe2e70a6eda68ced07f41fed194722b42a137c5c84fa1cd92d870eef228c1d46db", @nested={0x4, 0x21}, @typed={0xc, 0x140, 0x0, 0x0, @u64=0x8}]}]}, @TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@typed={0x8, 0x108, 0x0, 0x0, @pid=r5}, @nested={0x14, 0x11b, 0x0, 0x1, [@typed={0xb, 0x8a, 0x0, 0x0, @str='@&+(,&\x00'}, @nested={0x4, 0x54}]}, @nested={0x10, 0x8a, 0x0, 0x1, [@nested={0x4, 0x8c}, @typed={0x8, 0x135, 0x0, 0x0, @uid=r6}]}]}]}, 0xb28}, 0x1, 0x0, 0x0, 0x11}, 0x4008) pipe$auto(0x0) unshare$auto(0x40000080) setsockopt$auto(r1, 0x10000000084, 0x7b, 0x0, 0xd) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r7, 0x4048aecb, 0x0) 1m1.104559642s ago: executing program 3 (id=246): sendmsg$auto_NL802154_CMD_SET_LBT_MODE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40080}, 0x20000000) ioctl$auto_USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000380)={0x8, 0x9, 0x6, 0x8, &(0x7f0000000080)="f0b0d3f83d1a2f0689de2fd158ea2829787467a2bbd4d235431e73842096e0c4fc57ab42a159f7a10234ae312c1dd0e31f09fccb084eb311ed59a02a056d60f290c96d12f7052d745d6d8f91178a26357b8d86ca769e2de27374bbed9ddb", 0xfffffffb, 0x42, 0x4, @stream_id=0x8, 0xd, 0x800005, &(0x7f0000000280)="766c937b0d23d3fe1dd1825c33730aedecb69b09c89ae6b0d9de1ad310dcab9b8b76510801f02bdaa34076d5ce6150f8bca6c3b583ee7ea9e90b12a0ab28e69a1d9ea7e5009767c1b5d9acb16876b35ffb351bdb2d3f23c84c605d725b425287c001adaa0300e5237e0a4e7e35685a3040f5fb26d26c0b10c689a153ee5ac5611bec0026d7d597394b448263d00299857265ea68f6ee333e3dec949591", [{0x10001, 0x101, 0x8001}, {0x5, 0xb, 0x6}, {0x100, 0x1618}, {0x3, 0x0, 0x3}, {0xffffff23, 0x2, 0x6}, {0x1, 0x552, 0x8}, {0x8666, 0x7f, 0x8}, {0x4, 0xd5d, 0x4}, {0xfffffff9, 0x5ff, 0xaad}]}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/mtd/mtd0/mtdblock0/queue/write_cache\x00', 0x182b02, 0x0) landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x8, 0x0) sendfile$auto(r0, r0, 0x0, 0xea) socket(0xa, 0xa, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x2003f2, 0x15) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/system/node/node1/distance\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x19) close_range$auto(0x2, 0x8, 0x0) userfaultfd$auto(0x1) epoll_create$auto(0x0) r2 = socket(0x15, 0x5, 0x0) setsockopt$auto(r2, 0x114, 0x1, 0x0, 0x1b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xffffffffffffffff, 0x8000) seccomp$auto(0x1, 0x0, &(0x7f0000000100)="740fb5dc698e7ba7e41f") mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x2c4081, 0x0) 1m0.695515322s ago: executing program 3 (id=250): write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0xf34) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) r0 = getpid() pipe2$auto(0x0, 0x0) process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01012bbd7000fddbdf250d00000005000700f9"], 0x1c}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8, @ANYRES8], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 1m0.553119891s ago: executing program 3 (id=253): r0 = openat$auto_show_traces_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/available_tracers\x00', 0x4000, 0x0) msgctl$auto_MSG_INFO(0xfffffff9, 0xc, &(0x7f00000001c0)={{0xffff8001, 0xee01, 0xee00, 0x6, 0xfffffff7, 0x101, 0x7}, &(0x7f0000000140), &(0x7f0000000180)=0x5, 0x2ef1268b, 0x2, 0x100000000, 0x7fffffff, 0x60000, 0x5, 0x7fff, 0x7, @inferred, @inferred=0xffffffffffffffff}) fsconfig$auto_FSCONFIG_SET_FD(r0, 0x5, &(0x7f0000000240)='/sys/kernel/debug/ieee80211/phy1/ht40allow_map\x00', &(0x7f00000000c0)="461c0000e5ed75d68a3f7cde61f832a39815ef98cf0a1cba1ff191d01066e87e8fa7c68708fec5a66cbdccc697e8c33fe861c2b9a8821b0b55b45e18f4ee90", r1) prctl$auto(0x4d, 0x1, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) timer_create$auto(0x9, 0x0, 0x0) r2 = openat$auto_ht40allow_map_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy1/ht40allow_map\x00', 0xc9400, 0x0) read$auto(r2, &(0x7f0000000040)='^{-!S\x84\x00', 0x9) 1m0.144543573s ago: executing program 3 (id=255): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x88102, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000006, 0x0, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0x400454ca, 0x38) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/sctp/snmp\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x8, 0x8000) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x22, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x80044944, 0x0) r3 = openat$auto_tracing_thresh_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_thresh\x00', 0x20080, 0x0) write$auto_tracing_thresh_fops_trace(r3, &(0x7f0000000080)="1b9b6e9b8faa0ce88a5261051373305de68765291e6d3b30ad1d707659794f4a4dfe6463", 0x24) 44.339313931s ago: executing program 32 (id=255): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) mmap$auto(0x0, 0xc, 0x4000000000df, 0x44eb2, 0x10006, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x80002, 0x73) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x88102, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_DROP(r0, 0x40045730, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000006, 0x0, 0x0, 0x0, 0x2) ioctl$auto(0x3, 0x400454ca, 0x38) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/sctp/snmp\x00', 0x0, 0x0) pread64$auto(r1, 0x0, 0x8, 0x8000) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x22, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x80044944, 0x0) r3 = openat$auto_tracing_thresh_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/tracing_thresh\x00', 0x20080, 0x0) write$auto_tracing_thresh_fops_trace(r3, &(0x7f0000000080)="1b9b6e9b8faa0ce88a5261051373305de68765291e6d3b30ad1d707659794f4a4dfe6463", 0x24) 5.144548367s ago: executing program 2 (id=502): setreuid$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(0x0, &(0x7f0000000000)={0x7b, 0x1, 0x4c}) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d529b39", 0xfdef) 5.071441698s ago: executing program 1 (id=503): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002fbd7000fddbdf250c00000014000380100003800c00058008000100", @ANYRES32=0x0, @ANYBLOB="0c00018008000100", @ANYRES32=r2], 0x34}, 0x1, 0x0, 0x300}, 0x24048084) 4.913099938s ago: executing program 4 (id=505): setreuid$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(0x0, &(0x7f0000000080)={0xe789, 0x1, 0x4c}) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_CTX_GET_CPT_STATE(r1, 0x7b1, 0x0) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x8, 0x5, 0x8) keyctl$auto(0x11, 0xdfffffffffffffff, 0x69c9, 0x0, 0xbcd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0xffffffffffffffff, 0xab01, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe880, 0xdf, 0xeb1, 0x401, 0x7ffc) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r2, 0x5425, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x88b02, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4000000) read$auto(r3, 0x0, 0x1ff) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/vhci_hcd.15/usb39/remove\x00', 0x243702, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0xa, 0x2, 0x3a) setsockopt$auto(r6, 0x29, 0x13, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000240)=""/122, 0x7a) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy7/aqm\x00', 0x800, 0x0) 4.786625913s ago: executing program 2 (id=506): r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bus/usb/002/001\x00', 0x4000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) futex$auto(&(0x7f00000033c0)=0x4, 0x8b, 0x4, &(0x7f0000003400)={0x0, 0x2}, 0x0, 0x8) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r3 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r2, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r3}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2, @ANYBLOB], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r4, 0x80004507, 0x10000000000402) madvise$auto(0x8000, 0x87fff, 0xc) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r5 = socket(0x2a, 0x2, 0x1) connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55) syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7) 4.75288105s ago: executing program 1 (id=507): write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) sendmsg$auto_NL802154_CMD_SET_CCA_MODE(0xffffffffffffffff, &(0x7f0000000dc0)={0x0, 0x0, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01012bbd7000fddbdf250d00000005000700f9"], 0x1c}, 0x1, 0x0, 0x0, 0x60040440}, 0x800) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r1, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef) 4.167958113s ago: executing program 1 (id=510): capget$auto(0x0, 0xfffffffffffffffe) ioctl$auto(0xffffffffffffffff, 0x4bfa, 0xffffffffffffffff) write$auto_drm_edid_fops_drm_debugfs(0xffffffffffffffff, &(0x7f0000000580)="b7a53caf1b305860206af11a0ec35e7e5c46caffe279de8e9945d6e37dfaf9058103dbe387321e23d5f21c271069baa482db442a5748c1fec17e92c29d2df967f9c1ce0bd79ec3d67c9f0aff55674e238d4b83e2372ae3a03950aaa641f736e6f9065e5b9af9e2de49f8a01693aa28b5e53dd7d970575e42c6720cff2f6f9bf902791bf83abd9acf9dc3968a36b1851ffc6497e410d51f340b92b74f972cd68de180f42bcfc5ac64a8977e242b9ca63c58d603fea4fad558f0071db6e24de9bda2b835957f69a06c0d0000000000000000d4b8db86be62388110e03ef34b1fadaffc761c3fa220dac9bf9e94d03a0fe70ca30710a7", 0xf5) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) madvise$auto(0x2, 0x2000040080000004, 0xe) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0xfffffc96) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r1 = syz_clone(0xa00c2000, 0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=0xffffffffffffffff, @ANYBLOB="010329bf700002dcdf2505000000feabb1471aa987110c00010005000000000000000c0001"], 0x38}, 0x1, 0x0, 0x0, 0x20008810}, 0x880) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYRES8=r1, @ANYRES8=r2, @ANYRES32=0x0, @ANYBLOB="f621fef335f38e4976e61dd45c4eb9ae014836a4f5cb840d3ec4e326ae88a8fb491bb3d60b2aa83273e1b291f92d479b81cf14eb4d3b78186c41f9947b2fedb6081bbcd52b0906da7b7e34d629b7c4013d85e076dfb628", @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f000000"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) r3 = memfd_create$auto(&(0x7f00000014c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x7) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x23, 0x80805, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) preadv2$auto(r4, &(0x7f0000000040)={0x0, 0x6}, 0x2, 0x1000, 0x3, 0x8) close_range$auto(0x2, 0x8, 0x0) setxattr$auto(&(0x7f0000001580)='./file0\x00', &(0x7f00000015c0)='/dev/tty43\x00', &(0x7f0000001600)="872668e74673dc43d0ab4f033ebac743a89e4d415e2f0ca152e13f793f0a83b0cec8997b2dfec33b1ee869eb8373b7e38d222fed75e160e834113e89a05eea97a341319f0a8b861abeed08dc8f7039ebd4a34936c7a52009ed04803a13d4ca211526ffdabcd28cefca10f480b81d14706040c2ad7bd3a12b932c6f5f3a524647d0b43fb5c81e35b60cb24b10b547ab8ffc26a41810fa45e5db90c9467313996ade7b783e5a86475b0bb71667f06a3b8f", 0x5, 0x4) mmap$auto(0x0, 0x2020006, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) sendmsg$auto_WG_CMD_GET_DEVICE(r3, &(0x7f0000000500)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000004c0)={&(0x7f0000000240)={0x104, 0x0, 0x20, 0x70bd2b, 0x25dfdbfb, {}, [@WGDEVICE_A_PUBLIC_KEY={0xe6, 0x4, "77e8474c6aa105e64869aafa07316abacb3008f16605d3a82cc58fc1cfbac28aeed91a936bca032b8c8b694a291f90f59773e573f7367ceac0e7bf337678237356e762bdf39b5e57084da3f08bee6a2d8e963d7fbd1925a9a38c360f8d92d747c1ad8a6b57e1ca444ce2758bfffc49c09544a223616bf57dcbaa2d0484a2cb61c0b7e40add380473c0402d69fe9d75f8a2ada163fc2bed816e021f0194a4f3e60a57f97608f14c113a46e745e4d1b192cba59e2b5a5aa98a1cb57011b331fd1f99bf275e5860b22034a11d7d53fa8479cb40447926211799889b7929c81293e4c1b7"}, @WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}]}, 0x104}, 0x1, 0x0, 0x0, 0x800}, 0x4) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r6 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r7 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f00000003c0), 0x1741, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r7, 0xfffffffffffffd03, &(0x7f00000001c0)) connect$auto(0x3, &(0x7f0000000080)=@l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}, 0x8) syz_genetlink_get_family_id$auto_vdpa(0x0, r6) 3.914789044s ago: executing program 4 (id=512): r0 = openat$auto_tomoyo_self_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180), 0x21c900, 0x0) setsockopt$auto_SO_SNDTIMEO_NEW(r0, 0x6, 0x43, &(0x7f00000000c0)='/proc/fs/cifs/LheE\xc7\x00bled\x00', 0x5) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x48041, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/caif_serial/parameters/ser_write_chunk\x00', 0x280, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) madvise$auto(0x110c230000, 0x1, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_vm_readv$auto(0x0, 0x0, 0x1, 0x0, 0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x1010001, 0x100000003) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x23, 0x4, 0xfffffffe) socket(0xa, 0x3, 0x84) r1 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/kvm/halt_poll_fail_hist\x00', 0xa2500, 0x0) read$auto_stat_fops_per_vm_kvm_main(r1, 0x0, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000001a00)='/dev/binderfs/binder0\x00', 0x0, 0x0) ioctl$auto_BINDER_GET_NODE_INFO_FOR_REF(r2, 0xc018620c, 0x0) mmap$auto(0x0, 0x20009, 0xfffffffffffffffd, 0xeb1, 0x6, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) socket(0x2b, 0x3, 0x4007fff) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/usb/drivers/dvb_usb_af9015/bind\x00', 0xc6441, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x9e6, 0x0) 3.673183244s ago: executing program 0 (id=513): io_uring_register$auto_IORING_UNREGISTER_PBUF_RING(0xffffffffffffffff, 0x17, &(0x7f0000000000)="dc558b01bfe1f1957e00d110c3204d68c55bd243b681b36891ef0572df64b86b2063ea05d46bff4ef846a3ad40f85c8ff695403a70345886a1d0f8ee6877156957ac7bfae8", 0x13) mmap$auto(0x0, 0x1, 0x8000000000000001, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2d, 0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x80002, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x149800, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) sendmsg$auto_MACSEC_CMD_GET_TXSC(r0, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000200)={0x2a4, 0x0, 0xc, 0x70bd28, 0x25dfdbfc, {}, [@MACSEC_ATTR_SA_CONFIG={0x28d, 0x3, 0x0, 0x1, [@typed={0x8, 0x2c, 0x0, 0x0, @u32=0x7}, @generic="11b92d141ecb62da7fdbb749457ac81e2ada1211bf986c6c06d4ac7d1f4939c9e0a69b3284271e97b526d630090fcef7947905693f123f5c9a24fe12bd03d4706477c94bc016a3ebf79cd2e54d10061f03ebb8aaacd8f5c54cb0618d1bb733ec57ee302aa37c29ea0610a5591095df9e8d6fd34541b81ec420b0519015541441ed2b6345129f9c2f2c60c65602402ffe32e2dc2c5fe2fb3ef676efaef725fb7c9888810f0ec0d2de2d85bc6c8cbbd326bfc94de6011094ec20e7ab154fdc611901a4c014c76338c93a89", @generic="fbac75838f12fa2a9e5662f07fd3d3727c80e6b316a53d061eefd58ec356d7d9f77fd0ec701d1e276996417f15d2132e00ae20f148b5e96a6ff24492b8465d0df57585e36d8cd4c13cfdb1a214eebd3668eaeee45010fa5eb962b6140ae93fe55ef99f3314686eb390fdd45091a47cc5606b904eca3ff017ac613b92c9e62ec8efd05925945d4b0b74e8863d3052ebdc14f934bc4853279bd95c0668551e5d59f4ce726e03016015c5c3b2cc686b7aacb49b8ad7af663087d765a5bdcc794b3ffd7c650a61836e85a41e66c6086ff0924340d67939ff2c00f398ad5fcb1127d3d7ebc067b2ff", @nested={0x8, 0x5a, 0x0, 0x1, [@nested={0x4, 0xff}]}, @generic="08929332ec1b33d4bf902b48d2f2c0e83441d1f7170fa8f91f9cd9f3b63627f9d037bfd4d543666cb0f580bfacfa226d4a4aa6f43b998950ce06dcafece15024f91176606946aa4b27abe70e3a911f9254ecd5d53949b94d973e6bd7457784c928fe9dd98595c6f8658fa5cc40cec7bf367873f23bfd15334a16589c54410247f8745ac4cf64821cd6129fbc621266fa41bae11352a87c176e4e6761f5", @nested={0x2c, 0x141, 0x0, 0x1, [@generic="8673902d93f47dede621d211ba390ae387f7e52f4cda68faca634584f209e5faa07d99a9f285a73c"]}]}]}, 0x2a4}, 0x1, 0x0, 0x0, 0x4}, 0x44) close_range$auto(0x2, 0x8, 0x0) r3 = socketcall$auto(0x8000, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0x4400ae8f, &(0x7f00000000c0)={0xdd}) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0) r6 = setfsuid$auto(0xee00) r7 = setfsuid$auto(0xee01) setresuid$auto(r6, r7, r6) r8 = getegid() setregid$auto(r8, r8) msgctl$auto(0x2, 0xa5, &(0x7f0000000280)={{0x0, r7, r8, 0x1, 0x7fff, 0x1, 0x8}, 0x0, &(0x7f0000000240)=0x7f, 0xfffe0, 0x8e, 0x7, 0x6, 0x8000000000000000, 0x7, 0x7, 0xe5e, @raw=0x4}) ioctl$auto_KVM_GET_DEVICE_ATTR(r5, 0x4018aee2, &(0x7f0000000340)={0x100, r8, 0x1, 0x80000000}) 3.423748036s ago: executing program 2 (id=514): r0 = openat$auto_dmaengine_summary_fops_(0xffffffffffffff9c, 0x0, 0x464980, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) (async) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/013/001\x00', 0xa901, 0x0) (async) kexec_load$auto(0x8134a6c, 0x1, 0x0, 0xff) (async) mmap$auto(0x0, 0x7, 0x3, 0xeb1, r0, 0x9000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) (async) write$auto(0x1, 0x0, 0x0) mmap$auto(0x0, 0xfff, 0xdf, 0x9b72, 0x400, 0x28000) prctl$auto(0x1000000003b, 0x100001, 0x0, 0xfffffffffffffffd, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket(0x26, 0x2, 0x0) (async) r1 = clone$auto(0x20003b43, 0x2, 0x0, 0x0, 0x2) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x3c41, 0x0) (async) r2 = getpid() (async) r3 = gettid() (async) r4 = open(0x0, 0x240100, 0x120) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000100), 0x3bc400, 0x0) (async) read$auto_lowpan_enable_fops_(r4, &(0x7f0000000000)=""/110, 0x6e) rt_tgsigqueueinfo$auto(r2, r3, 0x21, &(0x7f0000000140)={@siginfo_0_0={0x6, 0x4, 0x2, @_rt={r1, 0x0, @sival_int=0x5}}}) (async) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x1000, 0x0) (async) sysfs$auto(0x12, 0xe, 0x3) (async) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(0xffffffffffffffff, 0x0, 0x20000004) (async) lsm_list_modules$auto(0x0, 0x0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) 3.41587325s ago: executing program 0 (id=515): setreuid$auto(0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(0x0, &(0x7f0000000000)={0x7b, 0x1, 0x4c}) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d5b9b39", 0xfdef) 3.128298025s ago: executing program 1 (id=516): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r1) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/rpc/nfsd.fh/flush\x00', 0x4a141, 0x0) writev$auto(r3, &(0x7f0000000240)={0x0, 0x5}, 0xa) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x401bf, 0x7352, 0x31, 0x8000, 0x1ffde, 0x1, 0x2, 0x1, 0x9, 0x3, 0x5, 0x8, 0x3002, 0x9, 0xb, 0x80010002, 0x80, 0xd8f9, 0x0, 0x7, 0x2, 0x203, 0x400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008000) mmap$auto(0x0, 0xfb1, 0xffffffff, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) socket(0x23, 0x5, 0x0) open(&(0x7f0000000040)='./cgroup\x00', 0x80, 0xb5d1af1605322de0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x0, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff011) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0xfc, &(0x7f0000000100)={0x0, 0xfc6}, 0x2, 0x0, 0x7, 0x3}, 0x800}, 0x7, 0x4008) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a0000000", @ANYRES16=r2, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8107cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0cd5aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61376e88d8ab4d6b0a3bb684a743392999179e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a"], 0xa0}}, 0x4000) mmap$auto(0xfffffffffffffffd, 0x68fd, 0x400, 0x9b72, 0xffffffffffffffff, 0x8000) socket(0x2b, 0x1, 0x1) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x440, 0x0) socket(0x29, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b82, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x14) 2.972611301s ago: executing program 2 (id=517): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) r1 = socket(0x2, 0x3, 0xff) setsockopt$auto(r1, 0xff, 0x1, 0x0, 0x7) r2 = socket(0x15, 0x5, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) bind$auto(r2, &(0x7f0000000100)=@generic={0xa, "986d17a55d9b07bcc94c4e3770c4"}, 0x4) socket(0x1e, 0x5, 0x0) socket(0xa, 0x2, 0x73) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0xc0002, 0x0) write$auto(r4, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) 2.952596284s ago: executing program 0 (id=518): r0 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) acct$auto(&(0x7f0000000380)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc') fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fallocate$auto(r0, 0x1, 0x820, 0x7fff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14fa02, 0x0) mmap$auto(0x0, 0xb9f, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xd0, 0x0, 0x4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) memfd_secret$auto(0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) bpf$auto(0x8, &(0x7f0000000280)=@bpf_attr_7={@btf_id=0x2, 0x6, 0x40000023}, 0x96) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r2, r2, 0x4, 0x34c, r1, @relative_id=0x3, 0xe600}, 0xf) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x4}, 0xc) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/sound/ctl-led/speaker/card2/reset\x00', 0xa001, 0x0) write$auto(r3, 0x0, 0x1) 2.845253426s ago: executing program 4 (id=519): mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x999, 0x0) r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r1, 0xfffffffffffffffc, 0x45) ustat$auto(0x801, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r2 = socket(0x2, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0xb21064a7, 0x20000a) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) accept$auto(r0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 2.299460052s ago: executing program 4 (id=520): unshare$auto(0x40000080) write$auto(0xffffffffffffffff, 0x0, 0x81) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000280), r0) r2 = syz_genetlink_get_family_id$auto_net_dm(&(0x7f0000000080), r0) sendmsg$auto_NET_DM_CMD_CONFIG(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="00000beb", @ANYRES16=r2, @ANYBLOB="000429bd7000fbdbdf250200000005000100060000000400150008000900100000000500010005000000050001007f000000"], 0x38}, 0x1, 0x0, 0x0, 0x4048880}, 0x2000040) sendmsg$auto_TCP_METRICS_CMD_DEL(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000000)=ANY=[@ANYBLOB="14480000", @ANYRES16=r1, @ANYBLOB="000827bd7000fbdbdf2502000000"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4c044) mmap$auto(0x0, 0x404008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/net/dev_snmp6/ipvlan0\x00', 0x8000, 0x0) pread64$auto(r3, 0x0, 0x4, 0xff) ioctl$auto_posix_clock_file_operations_posix_clock(0xffffffffffffffff, 0x43403d07, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/system/node/node0/hugepages/hugepages-1048576kB/demote\x00', 0x1, 0x0) mmap$auto(0x1, 0x402000a, 0xffffffffffffffff, 0x400eb1, 0x401, 0x200000000007ffe) io_uring_setup$auto(0x1, 0x0) adjtimex$auto(0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/platform/vivid.0/video4linux/v4l-touch5/dev_debug\x00', 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/graphics/fbcon/rotate_all\x00', 0xa001, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv6/conf/wg1/accept_ra_defrtr\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) 1.986290883s ago: executing program 2 (id=521): mmap$auto(0x0, 0x400005, 0xe2, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x999, 0x0) r1 = open(&(0x7f0000000100)='.\x00', 0x0, 0x408) getdents$auto(r1, 0xfffffffffffffffc, 0x45) ustat$auto(0x801, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r2 = socket(0x2, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0xb21064a7, 0x20000a) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) accept$auto(r0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.979601369s ago: executing program 1 (id=522): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = io_uring_setup$auto(0x1, 0x0) r2 = socket(0xa, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = io_uring_setup$auto(0x6, 0x0) r4 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/ieee80211/phy7/netdev:wlan0/txpower\x00', 0x0, 0x0) close_range$auto(0x0, 0xffffeffe, 0x2) sendmsg$auto_TIPC_NL_BEARER_ADD(r1, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)={0x148, 0x0, 0x8, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_UNSPEC={0x37, 0x0, "0506e2a082088983448e5b3331169e398befc713600ea4106e2bf2455c5681fbf002d2f5ba7dc2529e4cd6d6bc3007d260a76a"}, @TIPC_NLA_UNSPEC={0xfc, 0x0, "19fcfe6248d827ad33f5fb77cc8cd60f206fc9b4a0476a457d0a13df6b048a7af6d323b071095985e7ee1ad21c6dc09cf30018f808a619a20d56c7dfd91f6da96c33d4b94e0bd23cc9773a6bb9d7f7f22b24d3b0636cb58c5e00607d036e80f310f47d53423b6db793e23bb1687d7d9c4331d0941e62820684cef04692e79bb2c80cf07e6a455a883115fd8a19d6adb8120ef9f5e146a34bd25c8d59b03e2638e751099463a004144bbf7cd14064729d7196c4167779ebce32b40073508c6faa290a8747507c78d696f98f0515c08ac13d22e664f6d8b316c82b3cf558b4493259ca4938deb1358c73cb21965cd14dd00c667fbd57dc3f0a"}]}, 0x148}}, 0x80) ioctl$auto_BLKTRACESETUP2(r3, 0xc0481273, &(0x7f00000005c0)={"59e977be391c0caa10177176b755a3c3b83c569c8f236d59aa2fd682c0beab5b", 0x1, 0x1, 0x7, 0xffffffffffffff01, 0x1, 0x0}) msgctl$auto_MSG_STAT(0x8001, 0xb, &(0x7f00000006c0)={{0x9, 0xee00, 0xffffffffffffffff, 0x4, 0x165f, 0x7, 0x5}, &(0x7f0000000640)=0x9, &(0x7f0000000680)=0x9, 0xfffffffffffffffe, 0x5d4, 0x800, 0x4, 0x6, 0x2, 0x0, 0x3, @raw=0x65, @raw=0x2}) sendmsg$auto_TIPC_NL_BEARER_ADD(r4, &(0x7f00000012c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001280)={&(0x7f0000000740)={0xb28, 0x0, 0x800, 0x70bd28, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x1c, 0x2, 0x0, 0x1, [@nested={0x10, 0x2f, 0x0, 0x1, [@nested={0x4, 0xf3}, @typed={0x5, 0xb5, 0x0, 0x0, @str='\x00'}]}, @nested={0x8, 0xc, 0x0, 0x1, [@nested={0x4, 0xc9}]}]}, @TIPC_NLA_LINK={0x20, 0x4, 0x0, 0x1, [@typed={0x14, 0x129, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x11}}}, @typed={0x8, 0x57, 0x0, 0x0, @fd=r0}]}, @TIPC_NLA_MEDIA={0x1e9, 0x5, 0x0, 0x1, [@generic="68a7d808eeacff6d9a5f15691656e6f45ba1418e0cd01d9d2f62b5cd2b7d546a3047698aee03ad59", @typed={0x8, 0xfd, 0x0, 0x0, @pid}, @nested={0x9b, 0xf6, 0x0, 0x1, [@nested={0x4, 0x54}, @nested={0x4, 0xb5}, @generic="7b90dd35c48ffdd6cff6e800ac9087c7e72bbdd3b208bc97b7e9e4e3c285aaac75c474f37ac6ca5d68bde7fe106b4c1ecb01dd0137c8bda4825a84b1bbc9a0d805e4c49077806675090f0c81a03c7831d27b72b2923a1a1182ddb6ff7783d58d64dd46a62efb59349d005d74a8e1b64443a6361b44b660c733dd698301af0b0114ed3b02608948701db52a6cbb8bea"]}, @typed={0xc, 0x132, 0x0, 0x0, @u64=0x4}, @generic="da0dd32c30bd83f796ecb6b746188caba4902ceb2e842a487b89a89373dab572c02f7194d0960ecf835d3d", @typed={0x8, 0x2e, 0x0, 0x0, @pid}, @generic="f84a8fe9651ab044cb5b7b755fc10c1fa3521b675fed18b6bf2a80ef8e9aa06d5e1a5f5b02bcbcf5f6f346ad187a8da14ec4b820b40af07e4d36d0bc20b6c36d000d6df01b546718ea41b598a88392a8918d292ae0b2581c2f4bf48667f1939bbc56e2efe29cd555a37ad0ecb77ebd4269f2091cb1b8f8692d1f067d7618df7a75821c86a53aef02d35ef1dcf71207ea733ee5815c1046a06dfa366021a662c6ea4abca1788e0aecc72c87b0f1b63d4a6709c8dd65716e4b9360d4fb238ae0e95ac6c5f2ac523fe3c752a2ade8aa74c1a4efba639df3e762630d", @generic]}, @TIPC_NLA_NET={0x430, 0x7, 0x0, 0x1, [@generic="986497f4eeb4c220c3c43a033a490c5159290fecd77a7710f3897e2b8d5caedb5fe9ddc6516c5ef473864f3a0eb4a6404b0f0ce50de988467c5f3c81582046e5b35848fe29b56ff23cf47c0ed490fd87e2456ffa8734dec9354b28fab7206102110ea97a46a178723d57bead6e9f0f4adfe9bd6682014f5924d6fe19878da45a405c30df6077f925d479474725bca952f577f02232f660c9ed434c3f40c2ff05b26588f1f407323b4acbe8370d39056a88fc74ad80d4b650eb8ccdb5d0a7a3695a21b2ed8cc6383e22dd2a848fcd16", @typed={0x85, 0x118, 0x0, 0x0, @binary="2dbdb1dd13d8eae611abc4c533506ed61c1a036b49a2a8accac3b955b77ff48ed9701bd98dbbc1129bc919a85102041ca781d64a12a278539914a3f602a1fd22234e827458fe37bd14b5fa138556fdb8cd88c36ccf30430cf13d1388289e94204d9422663f712937e2fbc39d530115f121f0686d87a4712d2fe2f0929d8f2564fd"}, @typed={0xb4, 0xd4, 0x0, 0x0, @binary="b0102b5db17714e9227730870dea8e149027184f083c58042afb23b518e1f760116543795034efec9273f71c5b60500693c542d861a681be650eeb6ee368e00edb578e9110f860760af631b2bfc1b128e8ffb7cbf5a5fd555ad2a0e6b662197c39e2931e5bdefb8755c17751fde2132e2ad2be9a81677eafb3fa7eec4f5d8ce9ea31c497b0baf9c491e2503ecaca43a9694d51929d1ff1efdc97af9d21ab31ae92fb794cae005ae9cb07b309c44f0973"}, @generic="ec8b30824061412aa7f4583a6d8b574b51be6fa509a816ce0fa8e1dda1274e895e7c8383f0b890b536104908e1f283ddcadd65109a46091f6a5464e068a4ce2e7c573dd6c524d0a554bd53e99e015e37b0f6803566527a26a028a33a8f56ea0d25ef480b54f6d97a4882881777525dbce2984f390809c2026a3edc71a2c4d1717bd4a0ebbbf54510d04243884250acf2a308a0", @generic="f51846a943277f8949315a6388189facf8613a23663fbd643a94b54834448f0769b7b272a110e0ada5e88356c8b1f257b175dc3902a31905bf3d10d0a42beba11e45be56d62d7e04d772baff77f66b4133d1fc7ff33435889fd7255c77d90c5c1ef561819a1ec92e1d55a3c444edb9a1968a8847968791672199a912b57a57cd0272961b7686f81f686a233ca48050cd6d491f7d7ffdf8a493982b06284d46aa0d47352a9f2278fdcb11988cef00d9b3ee5b216f700c613fefe1d1f4aad7ea681bd34751e076372175b735e7b495ea6066ff7d9ee171c252c3b93e68fb3949677f0119dca2", @generic="b99c2e0bd03235cba616037f2ffd610b315916ec02cfcdac88e3a0f5a741ab31f4511aaf5f064e2a0e0ec9f7ba6e8430005d1a7cdab9a0ad968675cb4b7e8fc5a09299df4357f9a8e96117c3d8e48931e295d516c9bfcd4db7017c70ff447b7bac40fb76df8f99cf09ff5399ae65be8efc38e9c4f5a8a92b03e4f9e47eab002b2d9d2c7f2e18c0c2be37729b632d3d240d18ddf985bc3eb684", @typed={0xd, 0xce, 0x0, 0x0, @str='/dev/kvm\x00'}]}, @TIPC_NLA_NET={0x7a, 0x7, 0x0, 0x1, [@typed={0x8, 0xdd, 0x0, 0x0, @uid}, @nested={0x4, 0x3e}, @generic="990c80da75c1d691110aa25b2aad300f71992e816a1767b7c19d8bfc30cf27c0c9ce4d18def49c88287d8e489dd296307a41baacd38e5c8a89b08efb1b4e1706d2aed2cef29686dbb4b94a6c45cf313ef5fe7eeb00a473897988ffa8a37087839eb147620545", @nested={0x4, 0xf0}]}, @TIPC_NLA_LINK={0x4}, @TIPC_NLA_NAME_TABLE={0x40b, 0x8, 0x0, 0x1, [@nested={0x69, 0x3c, 0x0, 0x1, [@nested={0x4, 0xa3}, @typed={0x8, 0x3, 0x0, 0x0, @uid}, @generic="574e54b53ad6e678ad92bd2b87cc98690f18a26cf240d15124be231353a45a9a70fa9003c84ae03d59b9747989610fd9fb56e275e4cbfbaa2a78432e47cd2945220ee3f9225b3dd7bdf9ec09ebb0310fc535fa9bec3f181a06"]}, @typed={0x8, 0x1b, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}}, @generic="63dac4d13939bbcf6ca7d47e364218b96ecf5635722cc99b760578a95e3e7a3590abb3e68da39f309bbdd30f0344aa66938d02173d16326694c7bf89650d0d34396d831b96f1", @generic="aedb2ec223e46efd39d833d51e78accbb49d14b23e5ca5dcf76bc93100eb15afa08333f941dc751879105c2a8669fda18f1a1be259aabc1b8a23533567c92495f91e56", @generic="adf2b1af2f2dd644c287751a91c97836eca3f64177df469de9a1f8ea6ab2f82dcd38cce663eae5fd699a0621e5130045e80d7f2f292d9b938d1355c968d2fd61f32b6860ceb12e58f6b7384adc2fd0f0ad45d6e6b68b2494bd521c75d59131f16f6904faa200a900f510800021a579c7f1503ebcac9c", @nested={0x112, 0xf9, 0x0, 0x1, [@nested={0x4, 0xa}, @generic="44191aa5289a893dc2a2b07fd1bc4eaccb90cd06c63e28fbb22ffee4206dd8a084fa270e97178bf33d26d8ca2cc037bb6448de1c49175c7599fa6f79babe54b396bd02a680edfc6c4853dd1aa2fadb2e3c0c72ac84ded379713a2a33c2f45d2a8d1f4bbe2ff97900837c44d3654e9f79ed598022d221686e981f73a656148ce635764f61768fdb8a2176daf46540a3b42e8e1e4480322550ea52c6432cdbb0ea34415778976cde31e0577f058d4a65bcaed971d7fa109b643d197715bd237a83bb0aec9f5145c6c550f2664f35861f44637faccd2e39b751e9d9e90d3ea14994dc5b45cbf42468240864255abc157457f519899ce9f6", @typed={0x4, 0x147}, @typed={0x8, 0x148, 0x0, 0x0, @pid}, @nested={0x4, 0xc3}, @nested={0x4, 0x140}]}, @nested={0x17f, 0x5a, 0x0, 0x1, [@nested={0x4, 0x12e}, @generic="79a5bbd278c282ecf374d34a897372c0fd3b591c2f6bdaf0f2ff50230f6f3745492d776d5bf0b88f3788d561600dc84305a9e07282d9e7707416143053ab1c734d35ca3a8389200da9257fef3ca73fbe8a8c33c1e680ab9a5750446b48d4f06d85bf850950c963449e82ff0169", @generic="72615e37078146d22da63fc435305e5b70e2fe33d16c356b39197696084d3a6a842fc76c73c23ba5f78c14cb22584ad3449b066b6f8160c3be2fb1f18d022b2a49385a02fd82d72542b7387c8398f3feda09c35f4a21d3bfb11ca2f0cfa7dbba61d59b9952a421d71c007c11a3e692bc83e41381065b4d425ad09021c2199d7f548eb320b5cab5f151f45b11a92f74990aeef6602f063a0e16c88fb64625a1bed2fcf523c9bcdb9d921b0f5d874b162240cef7a7c9fbfca8f6b93e791fc19e362a699a500ee0eadf9ecfa061559d34a00e316a182ee722c68dbe2e70a6eda68ced07f41fed194722b42a137c5c84fa1cd92d870eef228c1d46db", @nested={0x4, 0x21}, @typed={0xc, 0x140, 0x0, 0x0, @u64=0x8}]}]}, @TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@typed={0x8, 0x108, 0x0, 0x0, @pid=r5}, @nested={0x14, 0x11b, 0x0, 0x1, [@typed={0xb, 0x8a, 0x0, 0x0, @str='@&+(,&\x00'}, @nested={0x4, 0x54}]}, @nested={0x10, 0x8a, 0x0, 0x1, [@nested={0x4, 0x8c}, @typed={0x8, 0x135, 0x0, 0x0, @uid=r6}]}]}]}, 0xb28}, 0x1, 0x0, 0x0, 0x11}, 0x4008) pipe$auto(0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x800, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r8 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r8, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r7, 0x4048aecb, 0x0) 1.56269677s ago: executing program 4 (id=523): shmctl$auto_SHM_LOCK(0x1dbc7b96, 0xb, &(0x7f0000000200)={{0xf11, 0xee01, 0x0, 0x7, 0x3, 0x7, 0x3}, 0x6, 0x9, 0x7fffffffffffffff, 0x6dd, @inferred=0xffffffffffffffff, @raw=0x5, 0x76, 0x0, &(0x7f0000000080)="1e7a1de2bd17c0788ee7dfae3ff6158bbb4700e4238ea1ddf596d6b75e4f2258e7b3966f0f77fdb753985a2db6160f44fada7871b4dedd9079936dc3119e5a222274a557428b8d177422fcc9a231b616ca4ce63046ba98e35f13d2e383686cf381f23dc8e4f938dfd0a7e38550dffb46f0e41dc763ce303bbaf49904e22812ee8a8369e802fb5d88d73c315811b592e7752dab342a7ac8bdb70941f597b8ba", &(0x7f0000000140)="871c4198d580c925f9b8fb940b7814a3a215ad5a7aa14e0e33cd94174e835ed1084b0430af72113a6a65086b41c3e4830174badd2d868182b7b8834d0fd7b85cca68bd8e1a303635daef9a0a1a7961f413144d7cd0baa57cc279a318f4eec441e2ad7b91b141d5c82aaeaaa09b708c90be643c4550190beb33e8c10a6d4e62d7247fec3b7009301733f22e273b7c218febc78411d4328b1491a1100c47543767a738cef1"}) r1 = socket(0x1d, 0x3, 0x1) r2 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r3}, 0x6a) write$auto(r1, &(0x7f00000002c0)='@*\x00', 0xf) setreuid$auto(r0, 0x0) madvise$auto(0x110c230000, 0x8031ca, 0x9) mmap$auto(0x0, 0x202000c, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capset$auto(0x0, &(0x7f0000000000)={0x7b, 0x1, 0x4c}) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) ioctl$auto_VHOST_SET_VRING_BASE2(0xffffffffffffffff, 0x4008af12, &(0x7f0000000040)={0x56, 0xfffffff9}) r5 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/ieee80211/phy1/aql_txq_limit\x00', 0x822, 0x0) write$auto(r5, 0x0, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xffffdffd}, 0x6, 0x400000000000008, 0x5) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto(0x3, 0x400caed0, r6) r8 = openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x20401, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x4605, 0x0) write$auto_console_fops_tty_io(r4, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) 1.453461118s ago: executing program 2 (id=524): r0 = pidfd_open$auto(0x1, 0x0) setns(r0, 0x60020000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bus/usb/002/001\x00', 0x4000, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) futex$auto(&(0x7f00000033c0)=0x4, 0x8b, 0x4, &(0x7f0000003400)={0x0, 0x2}, 0x0, 0x8) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r1) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) r3 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, r2, 0x805, 0x70bd2d, 0x25dfdbfb, {}, [@NL80211_ATTR_NETNS_FD={0x8, 0xdb, r3}, @NL80211_ATTR_OBSS_COLOR_BITMAP={0xc, 0x12e, 0x1000}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004044}, 0x8000) sendmsg$auto_NL80211_CMD_GET_WIPHY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r2, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0x5f, 0x9b72, 0x2, 0x8000) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event0\x00', 0x2000, 0x0) ioctl$auto(r4, 0x80004507, 0x10000000000402) madvise$auto(0x8000, 0x87fff, 0xc) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x6) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffe000) mmap$auto(0x100000000000000, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2a, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r5 = socket(0x2a, 0x2, 0x1) connect$auto(r5, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0x4001}, 0x55) syz_clone3(&(0x7f0000000300)={0x153326100, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0xa7) 946.010348ms ago: executing program 0 (id=525): mmap$auto(0x0, 0x1, 0x8000000000000001, 0x10000000eb1, 0xfffffffffffffffa, 0x8002) r0 = socket(0x2d, 0x2, 0x0) ioctl$auto_VHOST_SET_VRING_ERR2(0xffffffffffffffff, 0x4008af22, &(0x7f0000000000)={0x10, r0}) write$auto_snd_seq_f_ops_seq_clientmgr(r1, &(0x7f0000000040)="e2b38bcaf615371bd18c9d67828b87d7c7437d7ac421ecda749f4518a579bc836d585a5484040eb9a987a3b0c8cde66acaa76f90e982de269fc5584263e0", 0x3e) ioctl$auto(0x3, 0x89e0, 0x91) timer_create$auto(0x93a, 0x0, &(0x7f0000000080)=0x6) timer_settime$auto(0x0, 0x801, &(0x7f0000000100)={{0xa6, 0x7}, {0x0, 0x3}}, 0x0) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{}, {0x0, 0x83}}, 0x0) mmap$auto(0x6, 0x4020009, 0x100df, 0x210, 0x401, 0x8001) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r2) sendmsg$auto_ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000180)={0x40, r3, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_TSINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}]}, @ETHTOOL_A_TSINFO_HWTSTAMP_PROVIDER={0x14, 0x7, 0x0, 0x1, [@ETHTOOL_A_TS_HWTSTAMP_PROVIDER_INDEX={0x8, 0x1, 0xa7}, @ETHTOOL_A_TS_HWTSTAMP_PROVIDER_QUALIFIER={0x8, 0x2, 0x1}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x802}, 0x4000000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/firmware/acpi/interrupts/gpe_all\x00', 0x103042, 0x0) sendfile$auto(r4, r4, 0x0, 0x1000000000001bf) socket(0x28, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0xd, 0x0, 0x8) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) wait4$auto(0x0, 0x0, 0x4, 0x0) fallocate$auto(r1, 0x4, 0x240b91d3, 0x3) 553.446659ms ago: executing program 1 (id=526): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snd/controlC0\x00', 0x100, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x49ce57, 0x6, 0x0, 0x1, 0x0) setresuid$auto(0xffffffffffffffff, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x5) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC1\x00', 0x20480, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26fddb7b62b67bd764f9"}, 0x0, @integer64=@value_ptr=0x0, "72ad000cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925a872857fd2f672f85343275f80200000000000000ab45f7259ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c200"}) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x801) madvise$auto(0x0, 0x200007, 0x19) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) mmap$auto(0x20000000000, 0x1000000020009, 0x40, 0xeb1, r1, 0x9) mmap$auto(0x0, 0x400008, 0xdf, 0x4000000000009b72, 0x2, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000002040)='/dev/snd/pcmC1D1c\x00', 0x80, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/class/devcoredump/disabled\x00', 0xe3102, 0x0) madvise$auto(0xb41a, 0x1, 0xe3fc) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000280)='/proc/self/pagemap\x00', 0x715243, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0x10, 0x0, 0x0, 0x0, 0x0) userfaultfd$auto(0x2) 139.931506ms ago: executing program 0 (id=527): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000004c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002fbd7000fddbdf250c00000014000380100003800c00058008000100", @ANYRES32=0x0, @ANYBLOB="0c00018008000100", @ANYRES32=r2], 0x34}, 0x1, 0x0, 0x900}, 0x24048084) 80.063524ms ago: executing program 4 (id=528): mknod$auto(&(0x7f0000000040)='./file0\x00', 0x7, 0x809) r0 = openat$auto_trace_time_stamp_mode_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/timestamp_mode\x00', 0x101402, 0x0) mmap$auto(0x200000, 0x400007, 0x9, 0x56, r0, 0x8000) socket(0x2, 0x801, 0x107) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_GET_RADIO(r1, &(0x7f0000001900)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="cf5728bd7020fedbdf2506000000"], 0x14}, 0x1, 0x0, 0x0, 0x884}, 0x8020) mmap$auto(0x0, 0x400008, 0x20000000df, 0x9b72, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r3, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) read$auto(r1, 0x0, 0x3) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) rename$auto(&(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='./file0\x00') r5 = open(&(0x7f0000000040)='./file0\x00', 0x1e9e02, 0x61) r6 = eventfd$auto(0x80) read$auto(r6, 0x0, 0xcc9c) fallocate$auto(0x3, 0x8, 0x200000000000b, 0x1) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), r6) sendmsg$auto_NL80211_CMD_GET_SCAN(r5, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f00000014c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="02002cbd7000fedbdf258812ca9dfd7621ae2b30b00c1daa090000000000000091e7b333fbb130b400080000000500d200050000001000b000aedf577b77"], 0x44}, 0x1, 0x0, 0x0, 0x400080c0}, 0x20000000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(r6, 0x2000009, 0xfffffffd, 0x0, 0x800008) close_range$auto(0xffffffffffffffff, r0, 0x0) madvise$auto(0x2, 0x80, 0x1) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00\x00\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e#\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfdef, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) acct$auto(&(0x7f00000001c0)='/dev/sg0\x00') 0s ago: executing program 0 (id=529): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffff004, 0x2) mmap$auto(0x4, 0x2020009, 0x4, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x48c100, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) socket(0x25, 0x1, 0x3) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r0, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e", @ANYRES32, @ANYBLOB='\b'], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) io_uring_setup$auto(0x5d, &(0x7f00000004c0)={0x52, 0xd, 0x6, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x1, 0x6, 0x8c48, 0x29f, 0x100, 0x2, 0xb831, 0x5, 0x2}, {0x100, 0x20001, 0x52, 0x5, 0xfffffffe, 0x0, 0x76c5, 0x8, 0x100000000}}) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x7}, 0x7}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c001b"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x7}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=0xffffffffffffffff, r2, 0x8, 0xff, r1, @relative_fd, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x1}, 0x4) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xb) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0xfffffffd, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_I2C_RDWR(r3, 0x707, &(0x7f0000000580)="5f267bd9ea025d43887943d4e6df3a34e0fc17bf4268b6d99edb33396dd0353af78a4b1955f3570c21c810eac3cef284c2a76b86d3ce857f8089fc8d664145f2b407e1f60dd6bdbabd8a13d3086b73533ffc1241bd3852913ade687f5c44597c5b2b7ae47cfdfcc2de81dd957b8bb18d8abe26ccabdd46aa18249d7f7684e4f1ba9f74bcdcb6560600f83027cee23333ea256dc9f78f0bf3ce45cb27887e98284ac136701969a3ffaf0f76eea5ec30a00b6bcf56eca147bb353d1e3a327a82b4fea5f6fd355c535ec459bdef1ba61e61d64a4d512b1f48bef40d85e1b84bce211310aa71") kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.182' (ED25519) to the list of known hosts. [ 81.317567][ T5812] cgroup: Unknown subsys name 'net' [ 81.433391][ T5812] cgroup: Unknown subsys name 'cpuset' [ 81.442122][ T5812] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 82.827456][ T5812] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 84.646679][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 84.658505][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 84.668075][ T5832] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 84.678348][ T5832] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 84.678943][ T5839] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 84.687085][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 84.701989][ T5832] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 84.702061][ T5838] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 84.710538][ T5832] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 84.723840][ T5840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 84.728300][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 84.732562][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 84.740319][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 84.748989][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 84.755614][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 84.763037][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 84.775472][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 84.776842][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 84.792961][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 84.801336][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.277193][ T5824] chnl_net:caif_netlink_parms(): no params data found [ 85.342737][ T5823] chnl_net:caif_netlink_parms(): no params data found [ 85.462746][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 85.506365][ T5825] chnl_net:caif_netlink_parms(): no params data found [ 85.573090][ T5824] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.580495][ T5824] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.588281][ T5824] bridge_slave_0: entered allmulticast mode [ 85.595731][ T5824] bridge_slave_0: entered promiscuous mode [ 85.651783][ T5824] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.659145][ T5824] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.666918][ T5824] bridge_slave_1: entered allmulticast mode [ 85.674430][ T5824] bridge_slave_1: entered promiscuous mode [ 85.682143][ T5823] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.689368][ T5823] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.697334][ T5823] bridge_slave_0: entered allmulticast mode [ 85.704711][ T5823] bridge_slave_0: entered promiscuous mode [ 85.748787][ T5823] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.756449][ T5823] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.764171][ T5823] bridge_slave_1: entered allmulticast mode [ 85.771340][ T5823] bridge_slave_1: entered promiscuous mode [ 85.825894][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 85.833261][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 85.842218][ T5826] bridge_slave_0: entered allmulticast mode [ 85.849819][ T5826] bridge_slave_0: entered promiscuous mode [ 85.860770][ T5824] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.890697][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 85.898037][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 85.905423][ T5826] bridge_slave_1: entered allmulticast mode [ 85.912880][ T5826] bridge_slave_1: entered promiscuous mode [ 85.922347][ T5824] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 85.948280][ T5823] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 85.998118][ T5823] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.007385][ T5825] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.014865][ T5825] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.024079][ T5825] bridge_slave_0: entered allmulticast mode [ 86.031547][ T5825] bridge_slave_0: entered promiscuous mode [ 86.051327][ T5824] team0: Port device team_slave_0 added [ 86.060781][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.081048][ T5825] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.088345][ T5825] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.096027][ T5825] bridge_slave_1: entered allmulticast mode [ 86.105412][ T5825] bridge_slave_1: entered promiscuous mode [ 86.115971][ T5824] team0: Port device team_slave_1 added [ 86.135168][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.179123][ T5823] team0: Port device team_slave_0 added [ 86.218388][ T5823] team0: Port device team_slave_1 added [ 86.225405][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.232691][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.258919][ T5824] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.279558][ T5826] team0: Port device team_slave_0 added [ 86.288695][ T5825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.308917][ T5824] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.316754][ T5824] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.343934][ T5824] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.357271][ T5826] team0: Port device team_slave_1 added [ 86.380797][ T5825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.437112][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.444337][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.471054][ T5823] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.483604][ T5823] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.490662][ T5823] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.517366][ T5823] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.529085][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.536131][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.562787][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.601867][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.609051][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.636202][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.649188][ T5825] team0: Port device team_slave_0 added [ 86.670977][ T5824] hsr_slave_0: entered promiscuous mode [ 86.677865][ T5824] hsr_slave_1: entered promiscuous mode [ 86.693390][ T5825] team0: Port device team_slave_1 added [ 86.737084][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.744482][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.772741][ T5825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.818460][ T5829] Bluetooth: hci1: command tx timeout [ 86.818539][ T5832] Bluetooth: hci2: command tx timeout [ 86.837424][ T5825] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.845260][ T5825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.873020][ T5825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.897945][ T5832] Bluetooth: hci3: command tx timeout [ 86.897950][ T5829] Bluetooth: hci0: command tx timeout [ 86.915758][ T5823] hsr_slave_0: entered promiscuous mode [ 86.923231][ T5823] hsr_slave_1: entered promiscuous mode [ 86.930002][ T5823] debugfs: 'hsr0' already exists in 'hsr' [ 86.935820][ T5823] Cannot create hsr debugfs directory [ 87.026663][ T5826] hsr_slave_0: entered promiscuous mode [ 87.035519][ T5826] hsr_slave_1: entered promiscuous mode [ 87.043475][ T5826] debugfs: 'hsr0' already exists in 'hsr' [ 87.049852][ T5826] Cannot create hsr debugfs directory [ 87.108840][ T5825] hsr_slave_0: entered promiscuous mode [ 87.115675][ T5825] hsr_slave_1: entered promiscuous mode [ 87.123755][ T5825] debugfs: 'hsr0' already exists in 'hsr' [ 87.130596][ T5825] Cannot create hsr debugfs directory [ 87.552097][ T5824] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 87.565657][ T5824] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 87.576727][ T5824] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 87.594798][ T5824] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 87.662932][ T5823] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.674900][ T5823] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.686369][ T5823] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.713985][ T5823] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.780819][ T5826] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.795661][ T5826] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.810336][ T5826] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.825736][ T5826] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.935952][ T5825] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.953835][ T5825] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.965406][ T5825] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.982829][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.991996][ T5825] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 88.054128][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.105611][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.113388][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.124956][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.132501][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.163993][ T5823] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.192184][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.255266][ T5823] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.271523][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.295363][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.302780][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.312687][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.320257][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.348009][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.355291][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.379256][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.386422][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.404565][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.474701][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.523949][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.531204][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.570857][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.578062][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.763718][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.875647][ T5824] veth0_vlan: entered promiscuous mode [ 88.902111][ T5829] Bluetooth: hci1: command tx timeout [ 88.902117][ T5832] Bluetooth: hci2: command tx timeout [ 88.920608][ T5824] veth1_vlan: entered promiscuous mode [ 88.979554][ T5829] Bluetooth: hci0: command tx timeout [ 88.980187][ T5832] Bluetooth: hci3: command tx timeout [ 89.005417][ T5823] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.061327][ T5824] veth0_macvtap: entered promiscuous mode [ 89.085549][ T5824] veth1_macvtap: entered promiscuous mode [ 89.149691][ T5823] veth0_vlan: entered promiscuous mode [ 89.173748][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.188400][ T5823] veth1_vlan: entered promiscuous mode [ 89.202557][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.226481][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.263695][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.273538][ T3531] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.283193][ T3531] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.313682][ T3531] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.323356][ T3531] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.376942][ T5823] veth0_macvtap: entered promiscuous mode [ 89.413091][ T5826] veth0_vlan: entered promiscuous mode [ 89.424645][ T5823] veth1_macvtap: entered promiscuous mode [ 89.482524][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.490208][ T5825] veth0_vlan: entered promiscuous mode [ 89.500202][ T5826] veth1_vlan: entered promiscuous mode [ 89.508191][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.529764][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.562206][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.567764][ T5823] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.579712][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.625050][ T5825] veth1_vlan: entered promiscuous mode [ 89.640451][ T1101] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.669339][ T1101] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.682361][ T5824] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.688834][ T1101] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.721554][ T5826] veth0_macvtap: entered promiscuous mode [ 89.735928][ T1101] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.768710][ T5826] veth1_macvtap: entered promiscuous mode [ 89.847032][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.876749][ T5825] veth0_macvtap: entered promiscuous mode [ 89.889288][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.921496][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.951404][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.962349][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.978791][ T5825] veth1_macvtap: entered promiscuous mode [ 89.995560][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.004297][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.023351][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.089236][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.146168][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.170711][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.180806][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.224243][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.242677][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.281856][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.294046][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.336510][ T3531] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.360546][ T3531] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.518267][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.526130][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.555150][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.555202][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.565481][ T5922] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 90.647075][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.665740][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.980439][ T5832] Bluetooth: hci2: command tx timeout [ 90.980445][ T5829] Bluetooth: hci1: command tx timeout [ 91.057970][ T5829] Bluetooth: hci0: command tx timeout [ 91.061993][ T5832] Bluetooth: hci3: command tx timeout [ 91.949576][ T10] cfg80211: failed to load regulatory.db [ 92.000044][ T30] audit: type=1800 audit(1770873556.202:2): pid=5952 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.7" name="lu_gp_id" dev="configfs" ino=8361 res=0 errno=0 [ 92.020710][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.088009][ T5954] process 'syz.1.10' launched ':,' with NULL argv: empty string added [ 92.628212][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.768084][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.798464][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.058907][ T5832] Bluetooth: hci2: command tx timeout [ 93.080054][ T5832] Bluetooth: hci1: command tx timeout [ 93.138640][ T5832] Bluetooth: hci3: command tx timeout [ 93.139585][ T5829] Bluetooth: hci0: command tx timeout [ 93.197786][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 93.584851][ T5957] syz.3.11 (5957) used greatest stack depth: 18600 bytes left [ 93.597944][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 94.263427][ T5982] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(6143.4096.0), cmd(3) [ 94.659574][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 94.698478][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.878605][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.329966][ T5998] netlink: 4 bytes leftover after parsing attributes in process `syz.2.20'. [ 95.374234][ T5998] netlink: 'syz.2.20': attribute type 7 has an invalid length. [ 95.837966][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 96.219745][ T6009] Zero length message leads to an empty skb [ 96.385851][ T5832] Bluetooth: hci2: unexpected subevent 0x04 length: 122 > 11 [ 96.788856][ T5829] block nbd0: Receive control failed (result -32) [ 97.477041][ T6030] Process accounting resumed [ 99.532474][ T30] audit: type=1800 audit(1770873563.732:3): pid=6072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.37" name="lu_gp_id" dev="configfs" ino=9081 res=0 errno=0 [ 99.739545][ T6061] ecryptfs_miscdev_write: Invalid packet size [192] [ 100.990416][ T6082] Process accounting resumed [ 102.372758][ T6094] syz.0.43 uses obsolete (PF_INET,SOCK_PACKET) [ 104.630664][ T6145] Process accounting resumed [ 107.642652][ T30] audit: type=1800 audit(1770873571.842:4): pid=6181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.62" name="lu_gp_id" dev="configfs" ino=9936 res=0 errno=0 [ 107.691567][ T6204] FAULT_INJECTION: forcing a failure. [ 107.691567][ T6204] name failslab, interval 1, probability 0, space 0, times 1 [ 107.727944][ T6204] CPU: 0 UID: 0 PID: 6204 Comm: syz.1.66 Not tainted syzkaller #0 PREEMPT(full) [ 107.727968][ T6204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 107.727988][ T6204] Call Trace: [ 107.727994][ T6204] [ 107.728000][ T6204] dump_stack_lvl+0x100/0x190 [ 107.728028][ T6204] should_fail_ex.cold+0x5/0xa [ 107.728045][ T6204] should_failslab+0xc2/0x120 [ 107.728063][ T6204] kmem_cache_alloc_noprof+0x83/0x780 [ 107.728080][ T6204] ? copy_process+0x27a4/0x79b0 [ 107.728098][ T6204] ? copy_process+0x27a4/0x79b0 [ 107.728111][ T6204] copy_process+0x27a4/0x79b0 [ 107.728133][ T6204] ? __pfx_copy_process+0x10/0x10 [ 107.728163][ T6204] kernel_clone+0xfc/0x930 [ 107.728185][ T6204] ? __pfx_futex_wait+0x10/0x10 [ 107.728215][ T6204] ? __pfx_kernel_clone+0x10/0x10 [ 107.728239][ T6204] __do_sys_clone+0xd9/0x120 [ 107.728253][ T6204] ? __pfx___do_sys_clone+0x10/0x10 [ 107.728275][ T6204] ? xfd_validate_state+0x129/0x190 [ 107.728298][ T6204] do_syscall_64+0x106/0xf80 [ 107.728312][ T6204] ? clear_bhb_loop+0x40/0x90 [ 107.728329][ T6204] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.728345][ T6204] RIP: 0033:0x7f96de79bf79 [ 107.728357][ T6204] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 107.728371][ T6204] RSP: 002b:00007f96df68d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 107.728385][ T6204] RAX: ffffffffffffffda RBX: 00007f96dea15fa0 RCX: 00007f96de79bf79 [ 107.728395][ T6204] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 107.728403][ T6204] RBP: 00007f96de8327e0 R08: 0000000000000000 R09: 0000000000000000 [ 107.728411][ T6204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 107.728419][ T6204] R13: 00007f96dea16038 R14: 00007f96dea15fa0 R15: 00007ffe1a0f15a8 [ 107.728438][ T6204] [ 108.734099][ T30] audit: type=1800 audit(1770873572.932:5): pid=6216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.67" name="lu_gp_id" dev="configfs" ino=10555 res=0 errno=0 [ 110.602253][ T6242] FAULT_INJECTION: forcing a failure. [ 110.602253][ T6242] name failslab, interval 1, probability 0, space 0, times 0 [ 110.659284][ T6242] CPU: 0 UID: 0 PID: 6242 Comm: syz.0.74 Not tainted syzkaller #0 PREEMPT(full) [ 110.659307][ T6242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 110.659317][ T6242] Call Trace: [ 110.659323][ T6242] [ 110.659329][ T6242] dump_stack_lvl+0x100/0x190 [ 110.659355][ T6242] should_fail_ex.cold+0x5/0xa [ 110.659372][ T6242] should_failslab+0xc2/0x120 [ 110.659390][ T6242] __kmalloc_cache_noprof+0x80/0x810 [ 110.659410][ T6242] ? __pfx_inc_ucount+0x10/0x10 [ 110.659425][ T6242] ? copy_utsname+0x388/0x690 [ 110.659440][ T6242] ? copy_ipcs+0x10d/0x7e0 [ 110.659452][ T6242] ? copy_utsname+0x388/0x690 [ 110.659471][ T6242] ? copy_ipcs+0x10d/0x7e0 [ 110.659484][ T6242] copy_ipcs+0x10d/0x7e0 [ 110.659498][ T6242] create_new_namespaces+0x20a/0xac0 [ 110.659520][ T6242] ? security_capable+0x80/0x260 [ 110.659542][ T6242] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 110.659565][ T6242] ksys_unshare+0x455/0xab0 [ 110.659581][ T6242] ? __pfx_ksys_unshare+0x10/0x10 [ 110.659596][ T6242] ? xfd_validate_state+0x129/0x190 [ 110.659621][ T6242] __x64_sys_unshare+0x31/0x40 [ 110.659636][ T6242] do_syscall_64+0x106/0xf80 [ 110.659651][ T6242] ? clear_bhb_loop+0x40/0x90 [ 110.659668][ T6242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.659682][ T6242] RIP: 0033:0x7fc80c39bf79 [ 110.659695][ T6242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 110.659709][ T6242] RSP: 002b:00007fc80d183028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 110.659723][ T6242] RAX: ffffffffffffffda RBX: 00007fc80c615fa0 RCX: 00007fc80c39bf79 [ 110.659733][ T6242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 110.659741][ T6242] RBP: 00007fc80c4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 110.659749][ T6242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 110.659757][ T6242] R13: 00007fc80c616038 R14: 00007fc80c615fa0 R15: 00007ffd3cc74358 [ 110.659776][ T6242] [ 111.794003][ T6256] Process accounting resumed [ 111.970862][ T6265] netlink: 342 bytes leftover after parsing attributes in process `syz.0.82'. [ 112.002958][ T6265] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 112.374868][ T6274] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 115.111835][ T6316] netlink: 12 bytes leftover after parsing attributes in process `syz.1.92'. [ 115.151210][ T6313] HfR: entered promiscuous mode [ 115.242021][ T6316] HfR: left promiscuous mode [ 115.548028][ T6316] ecryptfs_miscdev_write: Invalid packet size [192] [ 116.421972][ T6337] netlink: 342 bytes leftover after parsing attributes in process `syz.3.97'. [ 116.547895][ T6337] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 116.637899][ T6341] mmap: syz.3.97 (6341) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 116.860382][ T6334] [U] ^\ [ 117.580452][ T6334] nvme_fabrics: missing parameter 'transport=%s' [ 117.603424][ T6334] nvme_fabrics: missing parameter 'nqn=%s' [ 118.101443][ T30] audit: type=1800 audit(1770873582.302:6): pid=6351 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.100" name="lu_gp_id" dev="configfs" ino=11025 res=0 errno=0 [ 118.304788][ T6364] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 118.316893][ T30] audit: type=1800 audit(1770873582.502:7): pid=6364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.101" name="features" dev="configfs" ino=11049 res=0 errno=0 [ 118.596895][ T6369] netlink: 12 bytes leftover after parsing attributes in process `syz.2.103'. [ 121.858159][ T5829] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 122.101896][ T6414] NFSD: Failed to start, no listeners configured. [ 122.148091][ T6421] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 122.727540][ T6423] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 122.744070][ T49] netdevsim netdevsim1335 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.149816][ T6432] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 123.335093][ T6437] netlink: 'syz.2.118': attribute type 4 has an invalid length. [ 123.385734][ T6437] netlink: 314 bytes leftover after parsing attributes in process `syz.2.118'. [ 123.422741][ T6437] IPv6: NLM_F_CREATE should be specified when creating new route [ 126.811804][ T30] audit: type=1800 audit(1770873591.012:8): pid=6483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.126" name="lu_gp_id" dev="configfs" ino=12461 res=0 errno=0 [ 128.153936][ T6491] Process accounting paused [ 129.021468][ T6529] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 129.830123][ T30] audit: type=1800 audit(1770873594.022:9): pid=6522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.141" name="lu_gp_id" dev="configfs" ino=12049 res=0 errno=0 [ 130.123538][ T30] audit: type=1326 audit(1770873594.322:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6539 comm="syz.1.144" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f96de79bf79 code=0x0 [ 130.333468][ T6544] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 130.333468][ T6544] The task syz.1.144 (6544) triggered the difference, watch for misbehavior. [ 131.370187][ T30] audit: type=1800 audit(1770873595.572:11): pid=6558 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.146" name="lu_gp_id" dev="configfs" ino=12684 res=0 errno=0 [ 135.159798][ T6595] Process accounting paused [ 135.982534][ T6610] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 138.031371][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 138.044481][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 140.699850][ T30] audit: type=1800 audit(1770873604.892:12): pid=6677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.163" name="lu_gp_id" dev="configfs" ino=13461 res=0 errno=0 [ 141.579804][ T30] audit: type=1800 audit(1770873605.772:13): pid=6686 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.167" name="lu_gp_id" dev="configfs" ino=12942 res=0 errno=0 [ 142.652247][ T6641] Process accounting paused [ 145.018983][ T30] audit: type=1800 audit(1770873609.222:14): pid=6735 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.173" name="lu_gp_id" dev="configfs" ino=13586 res=0 errno=0 [ 147.065322][ T30] audit: type=1800 audit(1770873611.262:15): pid=6764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.180" name="lu_gp_id" dev="configfs" ino=13059 res=0 errno=0 [ 148.030342][ T6779] netlink: 8 bytes leftover after parsing attributes in process `syz.1.185'. [ 148.092137][ T6779] netlink: 28 bytes leftover after parsing attributes in process `syz.1.185'. [ 148.119875][ T30] audit: type=1800 audit(1770873612.312:16): pid=6783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.186" name="dbroot" dev="configfs" ino=13859 res=0 errno=0 [ 149.302845][ T6801] netlink: 12 bytes leftover after parsing attributes in process `syz.3.192'. [ 149.662022][ T6810] futex_wake_op: syz.1.194 tries to shift op by -2048; fix this program [ 149.692440][ T6810] futex_wake_op: syz.1.194 tries to shift op by -2048; fix this program [ 152.408247][ T30] audit: type=1800 audit(1770873616.582:17): pid=6851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.201" name="dbroot" dev="configfs" ino=14106 res=0 errno=0 [ 153.349444][ T6866] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1714434096.808466533.540028976), cmd(3) [ 157.127650][ T6917] Process accounting resumed [ 157.169088][ T6924] FAULT_INJECTION: forcing a failure. [ 157.169088][ T6924] name failslab, interval 1, probability 0, space 0, times 0 [ 157.182686][ T6924] CPU: 0 UID: 0 PID: 6924 Comm: syz.2.221 Tainted: G L syzkaller #0 PREEMPT(full) [ 157.182724][ T6924] Tainted: [L]=SOFTLOCKUP [ 157.182733][ T6924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 157.182747][ T6924] Call Trace: [ 157.182755][ T6924] [ 157.182764][ T6924] dump_stack_lvl+0x100/0x190 [ 157.182823][ T6924] should_fail_ex.cold+0x5/0xa [ 157.182851][ T6924] should_failslab+0xc2/0x120 [ 157.182882][ T6924] __kvmalloc_node_noprof+0x101/0xac0 [ 157.182909][ T6924] ? __lock_acquire+0x4a5/0x2630 [ 157.182934][ T6924] ? dm_create+0x9f/0x15a0 [ 157.182973][ T6924] ? dm_create+0x9f/0x15a0 [ 157.183002][ T6924] dm_create+0x9f/0x15a0 [ 157.183037][ T6924] dev_create+0x121/0x2a0 [ 157.183073][ T6924] ? __pfx_dev_create+0x10/0x10 [ 157.183118][ T6924] ctl_ioctl+0x4db/0xcd0 [ 157.183153][ T6924] ? __pfx_dev_create+0x10/0x10 [ 157.183190][ T6924] ? __pfx_ctl_ioctl+0x10/0x10 [ 157.183259][ T6924] ? __fget_files+0x21f/0x3d0 [ 157.183292][ T6924] dm_ctl_ioctl+0x22/0x30 [ 157.183324][ T6924] ? __pfx_dm_ctl_ioctl+0x10/0x10 [ 157.183359][ T6924] __x64_sys_ioctl+0x18e/0x210 [ 157.183399][ T6924] do_syscall_64+0x106/0xf80 [ 157.183456][ T6924] ? clear_bhb_loop+0x40/0x90 [ 157.183486][ T6924] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.183512][ T6924] RIP: 0033:0x7f37a399bf79 [ 157.183537][ T6924] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 157.183560][ T6924] RSP: 002b:00007f37a47f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 157.183589][ T6924] RAX: ffffffffffffffda RBX: 00007f37a3c16090 RCX: 00007f37a399bf79 [ 157.183605][ T6924] RDX: 00002000000001c0 RSI: fffffffffffffd03 RDI: 0000000000000003 [ 157.183621][ T6924] RBP: 00007f37a47f2090 R08: 0000000000000000 R09: 0000000000000000 [ 157.183636][ T6924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 157.183650][ T6924] R13: 00007f37a3c16128 R14: 00007f37a3c16090 R15: 00007fff798a21a8 [ 157.183684][ T6924] [ 157.183702][ T6924] device-mapper: core: unable to allocate device, out of memory. [ 157.432779][ T6916] Process accounting resumed [ 158.282851][ T6944] Process accounting resumed [ 159.787497][ T49] netdevsim netdevsim100 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 160.047833][ T6991] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 160.077334][ T6991] netlink: 12 bytes leftover after parsing attributes in process `syz.1.238'. [ 160.708012][ T7014] FAULT_INJECTION: forcing a failure. [ 160.708012][ T7014] name failslab, interval 1, probability 0, space 0, times 0 [ 160.721492][ T7014] CPU: 0 UID: 0 PID: 7014 Comm: syz.2.244 Tainted: G L syzkaller #0 PREEMPT(full) [ 160.721529][ T7014] Tainted: [L]=SOFTLOCKUP [ 160.721536][ T7014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 160.721550][ T7014] Call Trace: [ 160.721557][ T7014] [ 160.721565][ T7014] dump_stack_lvl+0x100/0x190 [ 160.721602][ T7014] should_fail_ex.cold+0x5/0xa [ 160.721626][ T7014] should_failslab+0xc2/0x120 [ 160.721650][ T7014] ? tomoyo_realpath_from_path+0xb6/0x690 [ 160.721681][ T7014] __kmalloc_noprof+0xf6/0x9c0 [ 160.721715][ T7014] ? kfree+0x2a9/0x690 [ 160.721757][ T7014] ? tomoyo_realpath_from_path+0xb6/0x690 [ 160.721787][ T7014] tomoyo_realpath_from_path+0xb6/0x690 [ 160.721823][ T7014] tomoyo_path_number_perm+0x23c/0x580 [ 160.721846][ T7014] ? tomoyo_path_number_perm+0x22e/0x580 [ 160.721872][ T7014] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 160.721931][ T7014] ? find_held_lock+0x2b/0x80 [ 160.721963][ T7014] ? __fget_files+0x215/0x3d0 [ 160.721986][ T7014] ? hook_file_ioctl_common+0x146/0x410 [ 160.722018][ T7014] ? __fget_files+0x21f/0x3d0 [ 160.722050][ T7014] security_file_ioctl+0xd3/0x230 [ 160.722079][ T7014] __x64_sys_ioctl+0xb7/0x210 [ 160.722118][ T7014] do_syscall_64+0x106/0xf80 [ 160.722142][ T7014] ? clear_bhb_loop+0x40/0x90 [ 160.722174][ T7014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.722200][ T7014] RIP: 0033:0x7f37a399bf79 [ 160.722220][ T7014] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 160.722244][ T7014] RSP: 002b:00007f37a4813028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 160.722276][ T7014] RAX: ffffffffffffffda RBX: 00007f37a3c15fa0 RCX: 00007f37a399bf79 [ 160.722293][ T7014] RDX: 0000000000000000 RSI: 00000000000007a4 RDI: 0000000000000004 [ 160.722308][ T7014] RBP: 00007f37a4813090 R08: 0000000000000000 R09: 0000000000000000 [ 160.722323][ T7014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 160.722338][ T7014] R13: 00007f37a3c16038 R14: 00007f37a3c15fa0 R15: 00007fff798a21a8 [ 160.722374][ T7014] [ 160.722385][ T7014] ERROR: Out of memory at tomoyo_realpath_from_path. [ 161.482391][ T7038] FAULT_INJECTION: forcing a failure. [ 161.482391][ T7038] name failslab, interval 1, probability 0, space 0, times 0 [ 161.505885][ T7038] CPU: 1 UID: 0 PID: 7038 Comm: syz.0.252 Tainted: G L syzkaller #0 PREEMPT(full) [ 161.505925][ T7038] Tainted: [L]=SOFTLOCKUP [ 161.505933][ T7038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 161.505947][ T7038] Call Trace: [ 161.505955][ T7038] [ 161.505964][ T7038] dump_stack_lvl+0x100/0x190 [ 161.506002][ T7038] should_fail_ex.cold+0x5/0xa [ 161.506028][ T7038] should_failslab+0xc2/0x120 [ 161.506062][ T7038] __kmalloc_cache_noprof+0x80/0x810 [ 161.506101][ T7038] ? ht40allow_map_read+0x7b/0x430 [ 161.506145][ T7038] ? ht40allow_map_read+0x7b/0x430 [ 161.506181][ T7038] ht40allow_map_read+0x7b/0x430 [ 161.506218][ T7038] ? __pfx___debugfs_file_get+0x10/0x10 [ 161.506256][ T7038] ? common_file_perm+0x1ab/0x4f0 [ 161.506291][ T7038] full_proxy_read+0x135/0x1a0 [ 161.506327][ T7038] ? __pfx_full_proxy_read+0x10/0x10 [ 161.506365][ T7038] vfs_read+0x1e4/0xb30 [ 161.506395][ T7038] ? __pfx_vfs_read+0x10/0x10 [ 161.506418][ T7038] ? __fget_files+0x215/0x3d0 [ 161.506450][ T7038] ? __fget_files+0x21f/0x3d0 [ 161.506486][ T7038] ksys_read+0x12a/0x250 [ 161.506509][ T7038] ? __pfx_ksys_read+0x10/0x10 [ 161.506545][ T7038] do_syscall_64+0x106/0xf80 [ 161.506569][ T7038] ? clear_bhb_loop+0x40/0x90 [ 161.506599][ T7038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.506624][ T7038] RIP: 0033:0x7fc80c39bf79 [ 161.506644][ T7038] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 161.506667][ T7038] RSP: 002b:00007fc80d183028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 161.506690][ T7038] RAX: ffffffffffffffda RBX: 00007fc80c615fa0 RCX: 00007fc80c39bf79 [ 161.506705][ T7038] RDX: 0000000000000009 RSI: 0000200000000040 RDI: 0000000000000003 [ 161.506718][ T7038] RBP: 00007fc80d183090 R08: 0000000000000000 R09: 0000000000000000 [ 161.506729][ T7038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 161.506740][ T7038] R13: 00007fc80c616038 R14: 00007fc80c615fa0 R15: 00007ffd3cc74358 [ 161.506775][ T7038] [ 164.596340][ T30] audit: type=1800 audit(1770873628.782:18): pid=7092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.260" name="lu_gp_id" dev="configfs" ino=16257 res=0 errno=0 [ 164.733547][ T7095] Process accounting resumed [ 165.319273][ T7107] FAULT_INJECTION: forcing a failure. [ 165.319273][ T7107] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 165.354752][ T7107] CPU: 0 UID: 0 PID: 7107 Comm: syz.1.266 Tainted: G L syzkaller #0 PREEMPT(full) [ 165.354793][ T7107] Tainted: [L]=SOFTLOCKUP [ 165.354801][ T7107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 165.354815][ T7107] Call Trace: [ 165.354823][ T7107] [ 165.354832][ T7107] dump_stack_lvl+0x100/0x190 [ 165.354874][ T7107] should_fail_ex.cold+0x5/0xa [ 165.354903][ T7107] _copy_to_user+0x32/0xd0 [ 165.354933][ T7107] simple_read_from_buffer+0xcb/0x170 [ 165.354977][ T7107] proc_fail_nth_read+0x1af/0x230 [ 165.355007][ T7107] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 165.355037][ T7107] ? rw_verify_area+0xce/0x6d0 [ 165.355075][ T7107] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 165.355103][ T7107] vfs_read+0x1e4/0xb30 [ 165.355132][ T7107] ? __pfx_vfs_read+0x10/0x10 [ 165.355156][ T7107] ? __fget_files+0x215/0x3d0 [ 165.355190][ T7107] ? __fget_files+0x21f/0x3d0 [ 165.355226][ T7107] ksys_read+0x12a/0x250 [ 165.355250][ T7107] ? __pfx_ksys_read+0x10/0x10 [ 165.355276][ T7107] ? fput+0x79/0x100 [ 165.355311][ T7107] do_syscall_64+0x106/0xf80 [ 165.355336][ T7107] ? clear_bhb_loop+0x40/0x90 [ 165.355367][ T7107] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.355393][ T7107] RIP: 0033:0x7f96de75c84e [ 165.355413][ T7107] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 165.355436][ T7107] RSP: 002b:00007f96df66bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 165.355460][ T7107] RAX: ffffffffffffffda RBX: 00007f96df66c6c0 RCX: 00007f96de75c84e [ 165.355476][ T7107] RDX: 000000000000000f RSI: 00007f96df66c0a0 RDI: 0000000000000004 [ 165.355491][ T7107] RBP: 00007f96df66c090 R08: 0000000000000000 R09: 0000000000000000 [ 165.355506][ T7107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 165.355520][ T7107] R13: 00007f96dea16128 R14: 00007f96dea16090 R15: 00007ffe1a0f15a8 [ 165.355556][ T7107] [ 168.012020][ T7148] FAULT_INJECTION: forcing a failure. [ 168.012020][ T7148] name failslab, interval 1, probability 0, space 0, times 0 [ 168.047887][ T7148] CPU: 0 UID: 0 PID: 7148 Comm: syz.1.279 Tainted: G L syzkaller #0 PREEMPT(full) [ 168.047928][ T7148] Tainted: [L]=SOFTLOCKUP [ 168.047937][ T7148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 168.047951][ T7148] Call Trace: [ 168.047959][ T7148] [ 168.047968][ T7148] dump_stack_lvl+0x100/0x190 [ 168.048010][ T7148] should_fail_ex.cold+0x5/0xa [ 168.048039][ T7148] should_failslab+0xc2/0x120 [ 168.048070][ T7148] ? tomoyo_encode2+0xfb/0x3c0 [ 168.048099][ T7148] __kmalloc_noprof+0xf6/0x9c0 [ 168.048147][ T7148] ? tomoyo_encode2+0xfb/0x3c0 [ 168.048176][ T7148] tomoyo_encode2+0xfb/0x3c0 [ 168.048222][ T7148] tomoyo_encode+0x29/0x50 [ 168.048250][ T7148] tomoyo_realpath_from_path+0x18c/0x690 [ 168.048291][ T7148] tomoyo_path_number_perm+0x23c/0x580 [ 168.048316][ T7148] ? tomoyo_path_number_perm+0x22e/0x580 [ 168.048345][ T7148] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 168.048409][ T7148] ? find_held_lock+0x2b/0x80 [ 168.048441][ T7148] ? __fget_files+0x215/0x3d0 [ 168.048465][ T7148] ? hook_file_ioctl_common+0x146/0x410 [ 168.048500][ T7148] ? __fget_files+0x21f/0x3d0 [ 168.048530][ T7148] security_file_ioctl+0xd3/0x230 [ 168.048558][ T7148] __x64_sys_ioctl+0xb7/0x210 [ 168.048597][ T7148] do_syscall_64+0x106/0xf80 [ 168.048622][ T7148] ? clear_bhb_loop+0x40/0x90 [ 168.048654][ T7148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.048679][ T7148] RIP: 0033:0x7f96de79bf79 [ 168.048700][ T7148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 168.048723][ T7148] RSP: 002b:00007f96df68d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 168.048748][ T7148] RAX: ffffffffffffffda RBX: 00007f96dea15fa0 RCX: 00007f96de79bf79 [ 168.048765][ T7148] RDX: 0000000000000091 RSI: 00000000000089e0 RDI: 0000000000000003 [ 168.048780][ T7148] RBP: 00007f96df68d090 R08: 0000000000000000 R09: 0000000000000000 [ 168.048796][ T7148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 168.048821][ T7148] R13: 00007f96dea16038 R14: 00007f96dea15fa0 R15: 00007ffe1a0f15a8 [ 168.048858][ T7148] [ 168.048880][ T7148] ERROR: Out of memory at tomoyo_realpath_from_path. [ 169.882784][ T7168] netlink: 12 bytes leftover after parsing attributes in process `syz.2.288'. [ 170.092231][ T7177] netlink: 'syz.0.289': attribute type 219 has an invalid length. [ 170.169857][ T7177] netlink: 8 bytes leftover after parsing attributes in process `syz.0.289'. [ 176.021623][ T7258] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 176.070984][ T7258] netlink: 12 bytes leftover after parsing attributes in process `syz.0.308'. [ 177.727667][ T7278] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 177.733872][ T7278] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 177.775785][ T7278] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 178.203687][ T5832] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 178.205687][ T5832] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 178.206415][ T5832] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 178.207464][ T5832] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 178.213719][ T5832] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 178.613539][ T7285] chnl_net:caif_netlink_parms(): no params data found [ 178.649377][ T7295] FAULT_INJECTION: forcing a failure. [ 178.649377][ T7295] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 178.649431][ T7295] CPU: 1 UID: 0 PID: 7295 Comm: syz.1.318 Tainted: G L syzkaller #0 PREEMPT(full) [ 178.649466][ T7295] Tainted: [L]=SOFTLOCKUP [ 178.649474][ T7295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 178.649493][ T7295] Call Trace: [ 178.649501][ T7295] [ 178.649511][ T7295] dump_stack_lvl+0x100/0x190 [ 178.649551][ T7295] should_fail_ex.cold+0x5/0xa [ 178.649579][ T7295] _copy_from_user+0x2e/0xd0 [ 178.649608][ T7295] mctp_ioctl_tag_copy_from_user+0xad/0x340 [ 178.649638][ T7295] ? __pfx_mctp_ioctl_tag_copy_from_user+0x10/0x10 [ 178.649664][ T7295] ? kasan_quarantine_put+0x104/0x240 [ 178.649690][ T7295] ? lockdep_hardirqs_on+0x78/0x100 [ 178.649722][ T7295] mctp_ioctl+0x3de/0x6e0 [ 178.649751][ T7295] ? __pfx_mctp_ioctl+0x10/0x10 [ 178.649778][ T7295] ? tomoyo_path_number_perm+0x188/0x580 [ 178.649807][ T7295] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 178.649840][ T7295] sock_do_ioctl+0x118/0x280 [ 178.649877][ T7295] ? __pfx_sock_do_ioctl+0x10/0x10 [ 178.649921][ T7295] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 178.649966][ T7295] sock_ioctl+0x599/0x6b0 [ 178.649991][ T7295] ? __pfx_sock_ioctl+0x10/0x10 [ 178.650013][ T7295] ? hook_file_ioctl_common+0x146/0x410 [ 178.650047][ T7295] ? __fget_files+0x21f/0x3d0 [ 178.650077][ T7295] ? __pfx_sock_ioctl+0x10/0x10 [ 178.650103][ T7295] __x64_sys_ioctl+0x18e/0x210 [ 178.650144][ T7295] do_syscall_64+0x106/0xf80 [ 178.650168][ T7295] ? clear_bhb_loop+0x40/0x90 [ 178.650204][ T7295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 178.650230][ T7295] RIP: 0033:0x7f96de79bf79 [ 178.650251][ T7295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 178.650274][ T7295] RSP: 002b:00007f96df68d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 178.650298][ T7295] RAX: ffffffffffffffda RBX: 00007f96dea15fa0 RCX: 00007f96de79bf79 [ 178.650315][ T7295] RDX: 0000000000000091 RSI: 00000000000089e0 RDI: 0000000000000003 [ 178.650330][ T7295] RBP: 00007f96df68d090 R08: 0000000000000000 R09: 0000000000000000 [ 178.650345][ T7295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 178.650360][ T7295] R13: 00007f96dea16038 R14: 00007f96dea15fa0 R15: 00007ffe1a0f15a8 [ 178.650394][ T7295] [ 179.296201][ T7285] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.296317][ T7285] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.296507][ T7285] bridge_slave_0: entered allmulticast mode [ 179.310234][ T7285] bridge_slave_0: entered promiscuous mode [ 179.322184][ T7285] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.623747][ T7285] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.623971][ T7285] bridge_slave_1: entered allmulticast mode [ 179.625908][ T7285] bridge_slave_1: entered promiscuous mode [ 179.782326][ T7285] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 180.022452][ T7285] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 180.213495][ T7285] team0: Port device team_slave_0 added [ 180.234892][ T7285] team0: Port device team_slave_1 added [ 180.267772][ T5829] Bluetooth: hci4: command tx timeout [ 180.362376][ T7285] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 180.410217][ T7285] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 180.483213][ T7285] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.514773][ T7285] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 180.530971][ T7285] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 180.598620][ T7285] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 180.928866][ T7285] hsr_slave_0: entered promiscuous mode [ 180.944763][ T7285] hsr_slave_1: entered promiscuous mode [ 180.962894][ T7285] debugfs: 'hsr0' already exists in 'hsr' [ 180.971377][ T7285] Cannot create hsr debugfs directory [ 181.130105][ T7323] capability: warning: `syz.2.326' uses 32-bit capabilities (legacy support in use) [ 181.940219][ T7285] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 182.025487][ T7285] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 182.042181][ T7285] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 182.057080][ T7285] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 182.086372][ T7348] sg_write: data in/out 220/90 bytes for SCSI command 0x0-- guessing data in; [ 182.086372][ T7348] program syz.1.331 not setting count and/or reply_len properly [ 182.345890][ T5829] Bluetooth: hci4: command tx timeout [ 182.532795][ T7368] FAULT_INJECTION: forcing a failure. [ 182.532795][ T7368] name failslab, interval 1, probability 0, space 0, times 0 [ 182.547520][ T7368] CPU: 0 UID: 0 PID: 7368 Comm: syz.1.336 Tainted: G L syzkaller #0 PREEMPT(full) [ 182.547574][ T7368] Tainted: [L]=SOFTLOCKUP [ 182.547582][ T7368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 182.547594][ T7368] Call Trace: [ 182.547601][ T7368] [ 182.547610][ T7368] dump_stack_lvl+0x100/0x190 [ 182.547648][ T7368] should_fail_ex.cold+0x5/0xa [ 182.547677][ T7368] should_failslab+0xc2/0x120 [ 182.547708][ T7368] kmem_cache_alloc_noprof+0x83/0x780 [ 182.547737][ T7368] ? __pmd_alloc+0xbf/0x9c0 [ 182.547773][ T7368] ? __pmd_alloc+0xbf/0x9c0 [ 182.547898][ T7368] __pmd_alloc+0xbf/0x9c0 [ 182.547939][ T7368] __handle_mm_fault+0xa99/0x2b50 [ 182.547978][ T7368] ? mt_find+0x45e/0x8e0 [ 182.548006][ T7368] ? __pfx___handle_mm_fault+0x10/0x10 [ 182.548036][ T7368] ? __pfx_mt_find+0x10/0x10 [ 182.548077][ T7368] ? find_vma+0xbf/0x140 [ 182.548100][ T7368] ? __pfx_find_vma+0x10/0x10 [ 182.548127][ T7368] handle_mm_fault+0x36d/0xa20 [ 182.548168][ T7368] do_user_addr_fault+0x74c/0x12f0 [ 182.548210][ T7368] exc_page_fault+0x6f/0xd0 [ 182.548233][ T7368] asm_exc_page_fault+0x26/0x30 [ 182.548257][ T7368] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 182.548290][ T7368] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 3d 86 04 00 66 66 [ 182.548313][ T7368] RSP: 0018:ffffc9000ae7fb00 EFLAGS: 00050202 [ 182.548332][ T7368] RAX: 0000000000000001 RBX: 0000000000000091 RCX: 0000000000000004 [ 182.548348][ T7368] RDX: 0000000000000001 RSI: 0000000000000091 RDI: ffffc9000ae7fb58 [ 182.548365][ T7368] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff520015cff6b [ 182.548379][ T7368] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 182.548393][ T7368] R13: ffffc9000ae7fb58 R14: 0000000000000000 R15: 0000000000000004 [ 182.548425][ T7368] _copy_from_user+0x98/0xd0 [ 182.548456][ T7368] mctp_ioctl_tag_copy_from_user+0xad/0x340 [ 182.548488][ T7368] ? __pfx_mctp_ioctl_tag_copy_from_user+0x10/0x10 [ 182.548516][ T7368] ? kasan_quarantine_put+0x104/0x240 [ 182.548542][ T7368] ? lockdep_hardirqs_on+0x78/0x100 [ 182.548621][ T7368] mctp_ioctl+0x3de/0x6e0 [ 182.548653][ T7368] ? __pfx_mctp_ioctl+0x10/0x10 [ 182.548680][ T7368] ? tomoyo_path_number_perm+0x188/0x580 [ 182.548711][ T7368] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 182.548743][ T7368] sock_do_ioctl+0x118/0x280 [ 182.548783][ T7368] ? __pfx_sock_do_ioctl+0x10/0x10 [ 182.548830][ T7368] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 182.549065][ T7368] sock_ioctl+0x599/0x6b0 [ 182.549090][ T7368] ? __pfx_sock_ioctl+0x10/0x10 [ 182.549110][ T7368] ? hook_file_ioctl_common+0x146/0x410 [ 182.549145][ T7368] ? __fget_files+0x21f/0x3d0 [ 182.549177][ T7368] ? __pfx_sock_ioctl+0x10/0x10 [ 182.549203][ T7368] __x64_sys_ioctl+0x18e/0x210 [ 182.549244][ T7368] do_syscall_64+0x106/0xf80 [ 182.549268][ T7368] ? clear_bhb_loop+0x40/0x90 [ 182.549296][ T7368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.549319][ T7368] RIP: 0033:0x7f96de79bf79 [ 182.549339][ T7368] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 182.549360][ T7368] RSP: 002b:00007f96df68d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 182.549382][ T7368] RAX: ffffffffffffffda RBX: 00007f96dea15fa0 RCX: 00007f96de79bf79 [ 182.549399][ T7368] RDX: 0000000000000091 RSI: 00000000000089e0 RDI: 0000000000000003 [ 182.549413][ T7368] RBP: 00007f96df68d090 R08: 0000000000000000 R09: 0000000000000000 [ 182.549428][ T7368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 182.549443][ T7368] R13: 00007f96dea16038 R14: 00007f96dea15fa0 R15: 00007ffe1a0f15a8 [ 182.549487][ T7368] [ 183.014755][ T7285] 8021q: adding VLAN 0 to HW filter on device bond0 [ 183.031848][ T7285] 8021q: adding VLAN 0 to HW filter on device team0 [ 183.061742][ T7285] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 183.072217][ T7285] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 183.206203][ T3531] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.213681][ T3531] bridge0: port 1(bridge_slave_0) entered forwarding state [ 183.290051][ T3531] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.297156][ T3531] bridge0: port 2(bridge_slave_1) entered forwarding state [ 183.835075][ T7285] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 184.417840][ T5829] Bluetooth: hci4: command tx timeout [ 184.603920][ T7428] netlink: 12 bytes leftover after parsing attributes in process `syz.0.341'. [ 184.801547][ T7285] veth0_vlan: entered promiscuous mode [ 184.852957][ T7285] veth1_vlan: entered promiscuous mode [ 184.992498][ T7285] veth0_macvtap: entered promiscuous mode [ 185.027404][ T7285] veth1_macvtap: entered promiscuous mode [ 185.079756][ T7285] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 185.101868][ T7285] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 185.117484][ T7381] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.120917][ T7388] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.120968][ T7388] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.121004][ T7388] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 185.335881][ T7384] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.335907][ T7384] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.418347][ T3531] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 185.426320][ T3531] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 185.973604][ T7450] Process accounting resumed [ 186.498037][ T5829] Bluetooth: hci4: command tx timeout [ 186.782913][ T7470] random: crng reseeded on system resumption [ 186.880934][ T7465] netlink: 334 bytes leftover after parsing attributes in process `syz.1.350'. [ 186.941793][ T7465] FAULT_INJECTION: forcing a failure. [ 186.941793][ T7465] name failslab, interval 1, probability 0, space 0, times 0 [ 186.955876][ T7465] CPU: 1 UID: 0 PID: 7465 Comm: syz.1.350 Tainted: G L syzkaller #0 PREEMPT(full) [ 186.955923][ T7465] Tainted: [L]=SOFTLOCKUP [ 186.955933][ T7465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 186.955949][ T7465] Call Trace: [ 186.955958][ T7465] [ 186.955969][ T7465] dump_stack_lvl+0x100/0x190 [ 186.956016][ T7465] should_fail_ex.cold+0x5/0xa [ 186.956056][ T7465] should_failslab+0xc2/0x120 [ 186.956092][ T7465] ? tomoyo_encode2+0xfb/0x3c0 [ 186.956125][ T7465] __kmalloc_noprof+0xf6/0x9c0 [ 186.956177][ T7465] ? tomoyo_encode2+0xfb/0x3c0 [ 186.956209][ T7465] tomoyo_encode2+0xfb/0x3c0 [ 186.956249][ T7465] tomoyo_encode+0x29/0x50 [ 186.956280][ T7465] tomoyo_realpath_from_path+0x18c/0x690 [ 186.956322][ T7465] tomoyo_check_open_permission+0x2af/0x3c0 [ 186.956355][ T7465] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 186.956388][ T7465] ? do_syscall_64+0x106/0xf80 [ 186.956451][ T7465] ? do_raw_spin_lock+0x128/0x260 [ 186.956487][ T7465] ? path_get+0x61/0x80 [ 186.956524][ T7465] tomoyo_file_open+0x6b/0x90 [ 186.956565][ T7465] security_file_open+0xb5/0x1e0 [ 186.956598][ T7465] do_dentry_open+0x5aa/0x1660 [ 186.956630][ T7465] ? security_inode_permission+0xbf/0x250 [ 186.956666][ T7465] vfs_open+0x82/0x3f0 [ 186.956707][ T7465] path_openat+0x208c/0x31a0 [ 186.956750][ T7465] ? __pfx_path_openat+0x10/0x10 [ 186.956795][ T7465] do_file_open+0x20e/0x430 [ 186.956829][ T7465] ? __pfx_do_file_open+0x10/0x10 [ 186.956885][ T7465] ? _raw_spin_unlock+0x28/0x50 [ 186.956925][ T7465] ? alloc_fd+0x476/0x790 [ 186.956964][ T7465] do_sys_openat2+0x10d/0x1e0 [ 186.957002][ T7465] ? __pfx_do_sys_openat2+0x10/0x10 [ 186.957060][ T7465] __x64_sys_open+0xfe/0x1d0 [ 186.957100][ T7465] ? __pfx___x64_sys_open+0x10/0x10 [ 186.957137][ T7465] ? xfd_validate_state+0x129/0x190 [ 186.957185][ T7465] do_syscall_64+0x106/0xf80 [ 186.957211][ T7465] ? clear_bhb_loop+0x40/0x90 [ 186.957245][ T7465] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.957273][ T7465] RIP: 0033:0x7f96de79bf79 [ 186.957296][ T7465] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.957322][ T7465] RSP: 002b:00007f96df68d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 186.957349][ T7465] RAX: ffffffffffffffda RBX: 00007f96dea15fa0 RCX: 00007f96de79bf79 [ 186.957368][ T7465] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 00002000000000c0 [ 186.957385][ T7465] RBP: 00007f96de8327e0 R08: 0000000000000000 R09: 0000000000000000 [ 186.957401][ T7465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.957417][ T7465] R13: 00007f96dea16038 R14: 00007f96dea15fa0 R15: 00007ffe1a0f15a8 [ 186.957455][ T7465] [ 186.957521][ T7465] ERROR: Out of memory at tomoyo_realpath_from_path. [ 187.641605][ T7474] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 187.721906][ T7458] Process accounting paused [ 187.831844][ T7474] netlink: 12 bytes leftover after parsing attributes in process `syz.4.351'. [ 188.611898][ T7489] Process accounting paused [ 188.929500][ T7496] FAULT_INJECTION: forcing a failure. [ 188.929500][ T7496] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 188.985353][ T7496] CPU: 1 UID: 0 PID: 7496 Comm: syz.0.358 Tainted: G L syzkaller #0 PREEMPT(full) [ 188.985392][ T7496] Tainted: [L]=SOFTLOCKUP [ 188.985401][ T7496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 188.985414][ T7496] Call Trace: [ 188.985423][ T7496] [ 188.985432][ T7496] dump_stack_lvl+0x100/0x190 [ 188.985473][ T7496] should_fail_ex.cold+0x5/0xa [ 188.985496][ T7496] ? prepare_alloc_pages+0x16d/0x5f0 [ 188.985533][ T7496] should_fail_alloc_page+0xeb/0x140 [ 188.985565][ T7496] prepare_alloc_pages+0x1f0/0x5f0 [ 188.985604][ T7496] __alloc_frozen_pages_noprof+0x193/0x2410 [ 188.985641][ T7496] ? kasan_save_stack+0x3f/0x50 [ 188.985665][ T7496] ? kasan_save_stack+0x30/0x50 [ 188.985688][ T7496] ? kasan_save_track+0x14/0x30 [ 188.985712][ T7496] ? __kasan_slab_alloc+0x89/0x90 [ 188.985738][ T7496] ? kmem_cache_alloc_noprof+0x2ad/0x780 [ 188.985764][ T7496] ? __pmd_alloc+0xbf/0x9c0 [ 188.985795][ T7496] ? __handle_mm_fault+0xa99/0x2b50 [ 188.985836][ T7496] ? handle_mm_fault+0x36d/0xa20 [ 188.985872][ T7496] ? do_user_addr_fault+0x74c/0x12f0 [ 188.985908][ T7496] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 188.985934][ T7496] ? _copy_from_user+0x98/0xd0 [ 188.985960][ T7496] ? mctp_ioctl+0x3de/0x6e0 [ 188.985985][ T7496] ? sock_ioctl+0x599/0x6b0 [ 188.986007][ T7496] ? __x64_sys_ioctl+0x18e/0x210 [ 188.986043][ T7496] ? do_syscall_64+0x106/0xf80 [ 188.986066][ T7496] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.986110][ T7496] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 188.986147][ T7496] ? policy_nodemask+0xed/0x4f0 [ 188.986181][ T7496] alloc_pages_mpol+0x1fb/0x550 [ 188.986214][ T7496] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 188.986257][ T7496] alloc_pages_noprof+0x131/0x390 [ 188.986290][ T7496] pte_alloc_one+0x1e/0x3e0 [ 188.986315][ T7496] do_fault+0x8cc/0x1990 [ 188.986348][ T7496] ? __pmd_alloc+0x6aa/0x9c0 [ 188.986384][ T7496] __handle_mm_fault+0x1807/0x2b50 [ 188.986429][ T7496] ? mt_find+0x45e/0x8e0 [ 188.986458][ T7496] ? __pfx___handle_mm_fault+0x10/0x10 [ 188.986495][ T7496] ? __pfx_mt_find+0x10/0x10 [ 188.986543][ T7496] ? find_vma+0xbf/0x140 [ 188.986572][ T7496] ? __pfx_find_vma+0x10/0x10 [ 188.986605][ T7496] handle_mm_fault+0x36d/0xa20 [ 188.986652][ T7496] do_user_addr_fault+0x74c/0x12f0 [ 188.986698][ T7496] exc_page_fault+0x6f/0xd0 [ 188.986723][ T7496] asm_exc_page_fault+0x26/0x30 [ 188.986748][ T7496] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 188.986781][ T7496] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 3d 86 04 00 66 66 [ 188.986805][ T7496] RSP: 0018:ffffc90003eafb00 EFLAGS: 00050202 [ 188.986831][ T7496] RAX: 0000000000000001 RBX: 0000000000000091 RCX: 0000000000000004 [ 188.986847][ T7496] RDX: 0000000000000001 RSI: 0000000000000091 RDI: ffffc90003eafb58 [ 188.986863][ T7496] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff520007d5f6b [ 188.986878][ T7496] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 188.986893][ T7496] R13: ffffc90003eafb58 R14: 0000000000000000 R15: 0000000000000004 [ 188.986928][ T7496] _copy_from_user+0x98/0xd0 [ 188.986956][ T7496] mctp_ioctl_tag_copy_from_user+0xad/0x340 [ 188.986986][ T7496] ? __pfx_mctp_ioctl_tag_copy_from_user+0x10/0x10 [ 188.987012][ T7496] ? kasan_quarantine_put+0x104/0x240 [ 188.987037][ T7496] ? lockdep_hardirqs_on+0x78/0x100 [ 188.987070][ T7496] mctp_ioctl+0x3de/0x6e0 [ 188.987100][ T7496] ? __pfx_mctp_ioctl+0x10/0x10 [ 188.987127][ T7496] ? tomoyo_path_number_perm+0x188/0x580 [ 188.987157][ T7496] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 188.987190][ T7496] sock_do_ioctl+0x118/0x280 [ 188.987227][ T7496] ? __pfx_sock_do_ioctl+0x10/0x10 [ 188.987273][ T7496] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 188.987318][ T7496] sock_ioctl+0x599/0x6b0 [ 188.987344][ T7496] ? __pfx_sock_ioctl+0x10/0x10 [ 188.987366][ T7496] ? hook_file_ioctl_common+0x146/0x410 [ 188.987401][ T7496] ? __fget_files+0x21f/0x3d0 [ 188.987433][ T7496] ? __pfx_sock_ioctl+0x10/0x10 [ 188.987460][ T7496] __x64_sys_ioctl+0x18e/0x210 [ 188.987500][ T7496] do_syscall_64+0x106/0xf80 [ 188.987524][ T7496] ? clear_bhb_loop+0x40/0x90 [ 188.987555][ T7496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.987582][ T7496] RIP: 0033:0x7fc80c39bf79 [ 188.987600][ T7496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 188.987620][ T7496] RSP: 002b:00007fc80d183028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 188.987640][ T7496] RAX: ffffffffffffffda RBX: 00007fc80c615fa0 RCX: 00007fc80c39bf79 [ 188.987654][ T7496] RDX: 0000000000000091 RSI: 00000000000089e0 RDI: 0000000000000003 [ 188.987666][ T7496] RBP: 00007fc80d183090 R08: 0000000000000000 R09: 0000000000000000 [ 188.987679][ T7496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 188.987692][ T7496] R13: 00007fc80c616038 R14: 00007fc80c615fa0 R15: 00007ffd3cc74358 [ 188.987721][ T7496] [ 190.285896][ T30] audit: type=1800 audit(1770873654.482:19): pid=7517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.357" name="lu_gp_id" dev="configfs" ino=19828 res=0 errno=0 [ 191.224090][ T7530] netlink: 8 bytes leftover after parsing attributes in process `syz.1.365'. [ 191.247275][ T7530] netlink: 8 bytes leftover after parsing attributes in process `syz.1.365'. [ 192.058900][ T7540] Process accounting resumed [ 192.334414][ T7555] netlink: 12 bytes leftover after parsing attributes in process `syz.2.373'. [ 194.005642][ T7588] netlink: 12 bytes leftover after parsing attributes in process `syz.4.383'. [ 194.007477][ T7586] netlink: 4 bytes leftover after parsing attributes in process `syz.1.380'. [ 194.065931][ T7591] netlink: 'syz.1.380': attribute type 7 has an invalid length. [ 195.049404][ T7570] Process accounting paused [ 195.668287][ T7612] Process accounting resumed [ 195.942312][ T7630] netlink: 4 bytes leftover after parsing attributes in process `syz.1.393'. [ 196.054392][ T7633] netlink: 'syz.1.393': attribute type 7 has an invalid length. [ 196.454407][ T7639] netlink: 12 bytes leftover after parsing attributes in process `syz.1.395'. [ 196.689471][ T7645] FAULT_INJECTION: forcing a failure. [ 196.689471][ T7645] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 196.761045][ T7645] CPU: 0 UID: 0 PID: 7645 Comm: syz.0.397 Tainted: G L syzkaller #0 PREEMPT(full) [ 196.761085][ T7645] Tainted: [L]=SOFTLOCKUP [ 196.761093][ T7645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 196.761107][ T7645] Call Trace: [ 196.761115][ T7645] [ 196.761124][ T7645] dump_stack_lvl+0x100/0x190 [ 196.761162][ T7645] should_fail_ex.cold+0x5/0xa [ 196.761185][ T7645] ? prepare_alloc_pages+0x16d/0x5f0 [ 196.761218][ T7645] should_fail_alloc_page+0xeb/0x140 [ 196.761250][ T7645] prepare_alloc_pages+0x1f0/0x5f0 [ 196.761283][ T7645] ? stack_depot_save_flags+0x27/0x9d0 [ 196.761316][ T7645] __alloc_frozen_pages_noprof+0x193/0x2410 [ 196.761349][ T7645] ? __lock_acquire+0x4a5/0x2630 [ 196.761384][ T7645] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 196.761428][ T7645] ? find_held_lock+0x2b/0x80 [ 196.761460][ T7645] ? is_bpf_text_address+0x8a/0x1a0 [ 196.761489][ T7645] ? is_bpf_text_address+0x8a/0x1a0 [ 196.761517][ T7645] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 196.761553][ T7645] ? policy_nodemask+0xed/0x4f0 [ 196.761586][ T7645] alloc_pages_mpol+0x1fb/0x550 [ 196.761618][ T7645] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 196.761659][ T7645] folio_alloc_mpol_noprof+0x36/0x340 [ 196.761696][ T7645] shmem_alloc_folio+0x135/0x160 [ 196.761734][ T7645] shmem_alloc_and_add_folio+0x371/0xd40 [ 196.761770][ T7645] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 196.761799][ T7645] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 196.761834][ T7645] shmem_get_folio_gfp+0x6ab/0x1900 [ 196.761868][ T7645] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 196.761896][ T7645] ? filemap_map_pages+0x9e0/0x2110 [ 196.761929][ T7645] shmem_fault+0x1f9/0xa20 [ 196.761961][ T7645] ? __lock_acquire+0x4a5/0x2630 [ 196.761985][ T7645] ? __pfx_shmem_fault+0x10/0x10 [ 196.762015][ T7645] ? __pfx_filemap_map_pages+0x10/0x10 [ 196.762049][ T7645] __do_fault+0x10d/0x550 [ 196.762080][ T7645] do_fault+0xaf9/0x1990 [ 196.762107][ T7645] ? __pmd_alloc+0x6aa/0x9c0 [ 196.762139][ T7645] __handle_mm_fault+0x1807/0x2b50 [ 196.762182][ T7645] ? mt_find+0x45e/0x8e0 [ 196.762210][ T7645] ? __pfx___handle_mm_fault+0x10/0x10 [ 196.762246][ T7645] ? __pfx_mt_find+0x10/0x10 [ 196.762292][ T7645] ? find_vma+0xbf/0x140 [ 196.762320][ T7645] ? __pfx_find_vma+0x10/0x10 [ 196.762353][ T7645] handle_mm_fault+0x36d/0xa20 [ 196.762399][ T7645] do_user_addr_fault+0x74c/0x12f0 [ 196.762446][ T7645] exc_page_fault+0x6f/0xd0 [ 196.762471][ T7645] asm_exc_page_fault+0x26/0x30 [ 196.762495][ T7645] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 196.762528][ T7645] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 3d 86 04 00 66 66 [ 196.762551][ T7645] RSP: 0018:ffffc90003c7fb00 EFLAGS: 00050202 [ 196.762571][ T7645] RAX: 0000000000000001 RBX: 0000000000000091 RCX: 0000000000000004 [ 196.762586][ T7645] RDX: 0000000000000001 RSI: 0000000000000091 RDI: ffffc90003c7fb58 [ 196.762602][ T7645] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff5200078ff6b [ 196.762617][ T7645] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 196.762632][ T7645] R13: ffffc90003c7fb58 R14: 0000000000000000 R15: 0000000000000004 [ 196.762665][ T7645] _copy_from_user+0x98/0xd0 [ 196.762694][ T7645] mctp_ioctl_tag_copy_from_user+0xad/0x340 [ 196.762724][ T7645] ? __pfx_mctp_ioctl_tag_copy_from_user+0x10/0x10 [ 196.762750][ T7645] ? kasan_quarantine_put+0x104/0x240 [ 196.762775][ T7645] ? lockdep_hardirqs_on+0x78/0x100 [ 196.762807][ T7645] mctp_ioctl+0x3de/0x6e0 [ 196.762837][ T7645] ? __pfx_mctp_ioctl+0x10/0x10 [ 196.762863][ T7645] ? tomoyo_path_number_perm+0x188/0x580 [ 196.762892][ T7645] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 196.762924][ T7645] sock_do_ioctl+0x118/0x280 [ 196.762968][ T7645] ? __pfx_sock_do_ioctl+0x10/0x10 [ 196.763013][ T7645] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 196.763058][ T7645] sock_ioctl+0x599/0x6b0 [ 196.763084][ T7645] ? __pfx_sock_ioctl+0x10/0x10 [ 196.763104][ T7645] ? hook_file_ioctl_common+0x146/0x410 [ 196.763135][ T7645] ? __fget_files+0x21f/0x3d0 [ 196.763164][ T7645] ? __pfx_sock_ioctl+0x10/0x10 [ 196.763190][ T7645] __x64_sys_ioctl+0x18e/0x210 [ 196.763227][ T7645] do_syscall_64+0x106/0xf80 [ 196.763251][ T7645] ? clear_bhb_loop+0x40/0x90 [ 196.763282][ T7645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.763306][ T7645] RIP: 0033:0x7fc80c39bf79 [ 196.763324][ T7645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 196.763344][ T7645] RSP: 002b:00007fc80d183028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 196.763365][ T7645] RAX: ffffffffffffffda RBX: 00007fc80c615fa0 RCX: 00007fc80c39bf79 [ 196.763381][ T7645] RDX: 0000000000000091 RSI: 00000000000089e0 RDI: 0000000000000003 [ 196.763396][ T7645] RBP: 00007fc80d183090 R08: 0000000000000000 R09: 0000000000000000 [ 196.763410][ T7645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 196.763422][ T7645] R13: 00007fc80c616038 R14: 00007fc80c615fa0 R15: 00007ffd3cc74358 [ 196.763457][ T7645] [ 198.486249][ T7670] netlink: 4 bytes leftover after parsing attributes in process `syz.1.404'. [ 198.496283][ T7670] netlink: 'syz.1.404': attribute type 7 has an invalid length. [ 199.123191][ T7640] Process accounting resumed [ 199.201229][ T7684] netlink: 12 bytes leftover after parsing attributes in process `syz.1.407'. [ 199.461633][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.468193][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 199.966965][ T7707] netlink: 330 bytes leftover after parsing attributes in process `syz.2.412'. [ 200.532925][ T7720] block2mtd: illegal erase size [ 200.612284][ T7718] netlink: 4 bytes leftover after parsing attributes in process `syz.1.415'. [ 200.622252][ T7718] netlink: 'syz.1.415': attribute type 7 has an invalid length. [ 201.559018][ T7730] Process accounting resumed [ 205.499737][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.1.436'. [ 205.511083][ T7801] netlink: 'syz.1.436': attribute type 7 has an invalid length. [ 207.425554][ T7835] FAULT_INJECTION: forcing a failure. [ 207.425554][ T7835] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 207.637774][ T7835] CPU: 0 UID: 0 PID: 7835 Comm: syz.4.443 Tainted: G L syzkaller #0 PREEMPT(full) [ 207.637800][ T7835] Tainted: [L]=SOFTLOCKUP [ 207.637804][ T7835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 207.637812][ T7835] Call Trace: [ 207.637818][ T7835] [ 207.637823][ T7835] dump_stack_lvl+0x100/0x190 [ 207.637847][ T7835] should_fail_ex.cold+0x5/0xa [ 207.637863][ T7835] _copy_to_user+0x32/0xd0 [ 207.637880][ T7835] simple_read_from_buffer+0xcb/0x170 [ 207.637903][ T7835] proc_fail_nth_read+0x1af/0x230 [ 207.637919][ T7835] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 207.637936][ T7835] ? rw_verify_area+0xce/0x6d0 [ 207.637955][ T7835] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 207.637976][ T7835] vfs_read+0x1e4/0xb30 [ 207.637993][ T7835] ? __pfx_vfs_read+0x10/0x10 [ 207.638005][ T7835] ? __fget_files+0x215/0x3d0 [ 207.638023][ T7835] ? __fget_files+0x21f/0x3d0 [ 207.638041][ T7835] ksys_read+0x12a/0x250 [ 207.638054][ T7835] ? __pfx_ksys_read+0x10/0x10 [ 207.638068][ T7835] ? fput+0x79/0x100 [ 207.638087][ T7835] do_syscall_64+0x106/0xf80 [ 207.638101][ T7835] ? clear_bhb_loop+0x40/0x90 [ 207.638117][ T7835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.638131][ T7835] RIP: 0033:0x7fcb5055c84e [ 207.638143][ T7835] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 207.638156][ T7835] RSP: 002b:00007fcb514dffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 207.638170][ T7835] RAX: ffffffffffffffda RBX: 00007fcb514e06c0 RCX: 00007fcb5055c84e [ 207.638179][ T7835] RDX: 000000000000000f RSI: 00007fcb514e00a0 RDI: 0000000000000004 [ 207.638187][ T7835] RBP: 00007fcb514e0090 R08: 0000000000000000 R09: 0000000000000000 [ 207.638195][ T7835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 207.638203][ T7835] R13: 00007fcb50816038 R14: 00007fcb50815fa0 R15: 00007ffdf98b76d8 [ 207.638221][ T7835] [ 208.053380][ T7832] netlink: 330 bytes leftover after parsing attributes in process `syz.0.442'. [ 208.107836][ T7832] : renamed from ip6tnl0 (while UP) [ 208.541485][ T7849] netlink: 'syz.4.448': attribute type 1 has an invalid length. [ 211.780755][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 211.787198][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 211.793315][ T5836] Bluetooth: hci0: command 0x0406 tx timeout [ 212.192958][ T7907] netlink: 74 bytes leftover after parsing attributes in process `syz.4.465'. [ 212.330251][ T7914] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1152.8192.108), cmd(3) [ 212.342096][ T7914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.467'. [ 212.421756][ T7914] netlink: 354 bytes leftover after parsing attributes in process `syz.2.467'. [ 212.442186][ T7916] netlink: 12 bytes leftover after parsing attributes in process `syz.4.469'. [ 213.202163][ T5145] Bluetooth: hci4: ISO packet for unknown connection handle 0 [ 213.379123][ T7920] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 213.385451][ T7920] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 213.461816][ T7920] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 213.478800][ T7920] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 213.496946][ T7920] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 213.526195][ T7920] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 213.552911][ T7920] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 213.571846][ T7920] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 213.606425][ T7920] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 214.237403][ T7963] FAULT_INJECTION: forcing a failure. [ 214.237403][ T7963] name failslab, interval 1, probability 0, space 0, times 0 [ 214.278943][ T7965] netlink: 12 bytes leftover after parsing attributes in process `syz.2.482'. [ 214.288553][ T7963] CPU: 0 UID: 0 PID: 7963 Comm: syz.1.480 Tainted: G L syzkaller #0 PREEMPT(full) [ 214.288594][ T7963] Tainted: [L]=SOFTLOCKUP [ 214.288602][ T7963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 214.288619][ T7963] Call Trace: [ 214.288629][ T7963] [ 214.288640][ T7963] dump_stack_lvl+0x100/0x190 [ 214.288685][ T7963] should_fail_ex.cold+0x5/0xa [ 214.288714][ T7963] should_failslab+0xc2/0x120 [ 214.288745][ T7963] ? acpi_ns_get_normalized_pathname+0x95/0x250 [ 214.288779][ T7963] __kmalloc_noprof+0xf6/0x9c0 [ 214.288817][ T7963] ? __pfx_acpi_ns_build_normalized_path+0x10/0x10 [ 214.288863][ T7963] ? acpi_ns_get_normalized_pathname+0x95/0x250 [ 214.288898][ T7963] acpi_ns_get_normalized_pathname+0x95/0x250 [ 214.288936][ T7963] acpi_ds_call_control_method+0x5d4/0xab0 [ 214.288994][ T7963] acpi_ps_parse_aml+0xacd/0x1120 [ 214.289027][ T7963] acpi_ps_execute_method+0x5c4/0xe90 [ 214.289062][ T7963] acpi_ns_evaluate+0x640/0x1670 [ 214.289100][ T7963] acpi_evaluate_object+0x420/0xe00 [ 214.289133][ T7963] ? seq_read_iter+0x819/0x1270 [ 214.289155][ T7963] ? kernfs_fop_read_iter+0x46c/0x610 [ 214.289188][ T7963] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 214.289230][ T7963] ? __pfx___might_resched+0x10/0x10 [ 214.289267][ T7963] acpi_evaluate_integer+0xdf/0x220 [ 214.289300][ T7963] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 214.289348][ T7963] ? __pfx_status_show+0x10/0x10 [ 214.289382][ T7963] status_show+0xa0/0x120 [ 214.289415][ T7963] ? __pfx_status_show+0x10/0x10 [ 214.289458][ T7963] dev_attr_show+0x52/0xa0 [ 214.289497][ T7963] ? __pfx_dev_attr_show+0x10/0x10 [ 214.289531][ T7963] sysfs_kf_seq_show+0x217/0x3a0 [ 214.289554][ T7963] seq_read_iter+0x32f/0x1270 [ 214.289576][ T7963] kernfs_fop_read_iter+0x46c/0x610 [ 214.289592][ T7963] ? rw_verify_area+0xce/0x6d0 [ 214.289613][ T7963] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 214.289629][ T7963] vfs_read+0x825/0xb30 [ 214.289645][ T7963] ? __pfx_vfs_read+0x10/0x10 [ 214.289672][ T7963] ksys_read+0x12a/0x250 [ 214.289685][ T7963] ? __pfx_ksys_read+0x10/0x10 [ 214.289705][ T7963] do_syscall_64+0x106/0xf80 [ 214.289719][ T7963] ? clear_bhb_loop+0x40/0x90 [ 214.289737][ T7963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.289752][ T7963] RIP: 0033:0x7f96de79bf79 [ 214.289764][ T7963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 214.289778][ T7963] RSP: 002b:00007f96df68d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 214.289792][ T7963] RAX: ffffffffffffffda RBX: 00007f96dea15fa0 RCX: 00007f96de79bf79 [ 214.289802][ T7963] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000007 [ 214.289810][ T7963] RBP: 00007f96de8327e0 R08: 0000000000000000 R09: 0000000000000000 [ 214.289819][ T7963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 214.289827][ T7963] R13: 00007f96dea16038 R14: 00007f96dea15fa0 R15: 00007ffe1a0f15a8 [ 214.289846][ T7963] [ 214.289923][ T7963] ACPI Error: [ 214.657710][ T5145] Bluetooth: hci0: command 0x0406 tx timeout [ 214.704273][ T7963] Could not allocate 10 bytes (20251212/nsnames-308) [ 215.540534][ T5145] Bluetooth: hci1: command 0x0406 tx timeout [ 215.540551][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 215.617653][ T5145] Bluetooth: hci4: command 0x0c1a tx timeout [ 216.205022][ T8011] netlink: 4 bytes leftover after parsing attributes in process `syz.4.496'. [ 216.288651][ T8012] netlink: 'syz.4.496': attribute type 7 has an invalid length. [ 216.374444][ T8012] Process accounting paused [ 216.622885][ T8019] netlink: 12 bytes leftover after parsing attributes in process `syz.4.499'. [ 216.748221][ T5145] Bluetooth: hci0: command 0x0406 tx timeout [ 217.166293][ T8034] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 217.195069][ T8037] FAULT_INJECTION: forcing a failure. [ 217.195069][ T8037] name failslab, interval 1, probability 0, space 0, times 0 [ 217.231364][ T8037] CPU: 1 UID: 0 PID: 8037 Comm: syz.4.505 Tainted: G L syzkaller #0 PREEMPT(full) [ 217.231410][ T8037] Tainted: [L]=SOFTLOCKUP [ 217.231419][ T8037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 217.231434][ T8037] Call Trace: [ 217.231443][ T8037] [ 217.231452][ T8037] dump_stack_lvl+0x100/0x190 [ 217.231497][ T8037] should_fail_ex.cold+0x5/0xa [ 217.231527][ T8037] should_failslab+0xc2/0x120 [ 217.231560][ T8037] kmem_cache_alloc_noprof+0x83/0x780 [ 217.231600][ T8037] ? acpi_ut_create_generic_state+0x61/0xc0 [ 217.231651][ T8037] ? acpi_ut_create_generic_state+0x61/0xc0 [ 217.231692][ T8037] acpi_ut_create_generic_state+0x61/0xc0 [ 217.231731][ T8037] acpi_ds_scope_stack_push+0x70/0x790 [ 217.231778][ T8037] acpi_ds_init_aml_walk+0x2d8/0x680 [ 217.231809][ T8037] acpi_ps_execute_method+0x39d/0xe90 [ 217.231845][ T8037] acpi_ns_evaluate+0x640/0x1670 [ 217.231882][ T8037] acpi_evaluate_object+0x420/0xe00 [ 217.231921][ T8037] ? seq_read_iter+0x819/0x1270 [ 217.231945][ T8037] ? kernfs_fop_read_iter+0x46c/0x610 [ 217.231980][ T8037] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 217.232020][ T8037] ? __pfx___might_resched+0x10/0x10 [ 217.232054][ T8037] acpi_evaluate_integer+0xdf/0x220 [ 217.232089][ T8037] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 217.232142][ T8037] ? __pfx_status_show+0x10/0x10 [ 217.232182][ T8037] status_show+0xa0/0x120 [ 217.232222][ T8037] ? __pfx_status_show+0x10/0x10 [ 217.232273][ T8037] dev_attr_show+0x52/0xa0 [ 217.232316][ T8037] ? __pfx_dev_attr_show+0x10/0x10 [ 217.232356][ T8037] sysfs_kf_seq_show+0x217/0x3a0 [ 217.232396][ T8037] seq_read_iter+0x32f/0x1270 [ 217.232440][ T8037] kernfs_fop_read_iter+0x46c/0x610 [ 217.232469][ T8037] ? rw_verify_area+0xce/0x6d0 [ 217.232511][ T8037] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 217.232542][ T8037] vfs_read+0x825/0xb30 [ 217.232574][ T8037] ? __pfx_vfs_read+0x10/0x10 [ 217.232720][ T8037] ksys_read+0x12a/0x250 [ 217.232750][ T8037] ? __pfx_ksys_read+0x10/0x10 [ 217.232792][ T8037] do_syscall_64+0x106/0xf80 [ 217.232819][ T8037] ? clear_bhb_loop+0x40/0x90 [ 217.232853][ T8037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.232929][ T8037] RIP: 0033:0x7fcb5059bf79 [ 217.232955][ T8037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 217.232982][ T8037] RSP: 002b:00007fcb514bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 217.233009][ T8037] RAX: ffffffffffffffda RBX: 00007fcb50816090 RCX: 00007fcb5059bf79 [ 217.233029][ T8037] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000009 [ 217.233047][ T8037] RBP: 00007fcb506327e0 R08: 0000000000000000 R09: 0000000000000000 [ 217.233065][ T8037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 217.233081][ T8037] R13: 00007fcb50816128 R14: 00007fcb50816090 R15: 00007ffdf98b76d8 [ 217.233116][ T8037] [ 217.233506][ T8037] ACPI Error: [ 217.487841][ T8046] netlink: 4 bytes leftover after parsing attributes in process `syz.1.507'. [ 217.564107][ T8037] ffff88807c587000 walk still has a scope list (20251212/dswstate-694) [ 217.617720][ T5145] Bluetooth: hci1: command 0x0406 tx timeout [ 217.617769][ T5145] Bluetooth: hci2: command 0x0406 tx timeout [ 217.643901][ T8044] netlink: 'syz.1.507': attribute type 7 has an invalid length. [ 217.698126][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 218.349775][ T8063] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(16.0.2048), cmd(3) [ 218.574198][ T8062] binder: 8059:8062 ioctl c018620c 0 returned -1 [ 219.140572][ T8077] netlink: 28 bytes leftover after parsing attributes in process `syz.1.516'. [ 219.195044][ T8083] netlink: 8 bytes leftover after parsing attributes in process `syz.1.516'. [ 219.199483][ T8080] FAULT_INJECTION: forcing a failure. [ 219.199483][ T8080] name failslab, interval 1, probability 0, space 0, times 0 [ 219.224369][ T8077] hsr_slave_0: left promiscuous mode [ 219.256331][ T8077] hsr_slave_1: left promiscuous mode [ 219.273274][ T8080] CPU: 1 UID: 0 PID: 8080 Comm: syz.2.517 Tainted: G L syzkaller #0 PREEMPT(full) [ 219.273321][ T8080] Tainted: [L]=SOFTLOCKUP [ 219.273331][ T8080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 219.273348][ T8080] Call Trace: [ 219.273357][ T8080] [ 219.273367][ T8080] dump_stack_lvl+0x100/0x190 [ 219.273423][ T8080] should_fail_ex.cold+0x5/0xa [ 219.273456][ T8080] should_failslab+0xc2/0x120 [ 219.273490][ T8080] __kmalloc_cache_noprof+0x80/0x810 [ 219.273533][ T8080] ? kvm_uevent_notify_change.part.0+0x2a6/0x450 [ 219.273579][ T8080] ? kvm_uevent_notify_change.part.0+0x2a6/0x450 [ 219.273613][ T8080] kvm_uevent_notify_change.part.0+0x2a6/0x450 [ 219.273649][ T8080] ? __pfx_kvm_vm_release+0x10/0x10 [ 219.273683][ T8080] kvm_put_kvm+0xe4/0xb10 [ 219.273710][ T8080] ? lockdep_hardirqs_on+0x78/0x100 [ 219.273738][ T8080] ? _raw_spin_unlock_irq+0x2e/0x50 [ 219.273780][ T8080] ? __pfx_kvm_vm_release+0x10/0x10 [ 219.273810][ T8080] kvm_vm_release+0x3c/0x50 [ 219.273837][ T8080] __fput+0x3ff/0xb40 [ 219.273874][ T8080] ? _raw_spin_unlock_irq+0x23/0x50 [ 219.273916][ T8080] task_work_run+0x150/0x240 [ 219.273951][ T8080] ? __pfx_task_work_run+0x10/0x10 [ 219.273994][ T8080] exit_to_user_mode_loop+0x100/0x4a0 [ 219.274022][ T8080] ? rcu_is_watching+0x12/0xc0 [ 219.274057][ T8080] do_syscall_64+0x668/0xf80 [ 219.274083][ T8080] ? clear_bhb_loop+0x40/0x90 [ 219.274116][ T8080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.274144][ T8080] RIP: 0033:0x7f37a399bf79 [ 219.274167][ T8080] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 219.274193][ T8080] RSP: 002b:00007f37a4813028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 219.274219][ T8080] RAX: 0000000000000000 RBX: 00007f37a3c15fa0 RCX: 00007f37a399bf79 [ 219.274237][ T8080] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 219.274253][ T8080] RBP: 00007f37a3a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 219.274269][ T8080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 219.274285][ T8080] R13: 00007f37a3c16038 R14: 00007f37a3c15fa0 R15: 00007fff798a21a8 [ 219.274321][ T8080] [ 219.778543][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 222.040762][ T8118] netlink: 12 bytes leftover after parsing attributes in process `syz.4.528'. [ 222.337871][ T10] ================================================================== [ 222.337892][ T10] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60 [ 222.337929][ T10] Write of size 8 at addr ffffc9000360d180 by task kworker/0:1/10 [ 222.337947][ T10] [ 222.337962][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G L syzkaller #0 PREEMPT(full) [ 222.337997][ T10] Tainted: [L]=SOFTLOCKUP [ 222.338005][ T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 222.338025][ T10] Workqueue: events_power_efficient fb_flashcursor [ 222.338071][ T10] Call Trace: [ 222.338079][ T10] [ 222.338088][ T10] dump_stack_lvl+0x100/0x190 [ 222.338123][ T10] print_report+0x156/0x4c9 [ 222.338157][ T10] ? __virt_addr_valid+0x81/0x620 [ 222.338185][ T10] ? sys_imageblit+0x19fb/0x1d60 [ 222.338214][ T10] kasan_report+0xdf/0x1a0 [ 222.338244][ T10] ? sys_imageblit+0x19fb/0x1d60 [ 222.338277][ T10] sys_imageblit+0x19fb/0x1d60 [ 222.338311][ T10] ? __pfx_sys_imageblit+0x10/0x10 [ 222.338347][ T10] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 222.338382][ T10] soft_cursor+0x524/0xa10 [ 222.338413][ T10] bit_cursor+0xe58/0x16f0 [ 222.338439][ T10] ? __pfx_bit_cursor+0x10/0x10 [ 222.338468][ T10] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 222.338502][ T10] ? get_color+0x1da/0x450 [ 222.338536][ T10] ? __pfx_bit_cursor+0x10/0x10 [ 222.338570][ T10] fb_flashcursor+0x338/0x430 [ 222.338605][ T10] process_one_work+0x9c2/0x1840 [ 222.338641][ T10] ? __pfx_process_one_work+0x10/0x10 [ 222.338673][ T10] ? assign_work+0x19c/0x250 [ 222.338699][ T10] worker_thread+0x5da/0xe40 [ 222.338731][ T10] ? __pfx_worker_thread+0x10/0x10 [ 222.338759][ T10] ? kthread+0x13a/0x450 [ 222.338783][ T10] ? __pfx_worker_thread+0x10/0x10 [ 222.338810][ T10] kthread+0x370/0x450 [ 222.338834][ T10] ? __pfx_kthread+0x10/0x10 [ 222.338861][ T10] ret_from_fork+0x754/0xd80 [ 222.338893][ T10] ? __pfx_ret_from_fork+0x10/0x10 [ 222.338924][ T10] ? __switch_to+0x7b4/0x10c0 [ 222.338946][ T10] ? __pfx_kthread+0x10/0x10 [ 222.338972][ T10] ret_from_fork_asm+0x1a/0x30 [ 222.339005][ T10] [ 222.339014][ T10] [ 222.339020][ T10] The buggy address belongs to a vmalloc virtual mapping [ 222.339037][ T10] Memory state around the buggy address: [ 222.339049][ T10] ffffc9000360d080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 222.339076][ T10] ffffc9000360d100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 222.339093][ T10] >ffffc9000360d180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 222.339106][ T10] ^ [ 222.339119][ T10] ffffc9000360d200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 222.339136][ T10] ffffc9000360d280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 222.339148][ T10] ================================================================== [ 222.339199][ T10] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 222.339216][ T10] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Tainted: G L syzkaller #0 PREEMPT(full) [ 222.339251][ T10] Tainted: [L]=SOFTLOCKUP [ 222.339260][ T10] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 222.339276][ T10] Workqueue: events_power_efficient fb_flashcursor [ 222.339310][ T10] Call Trace: [ 222.339318][ T10] [ 222.339327][ T10] dump_stack_lvl+0x100/0x190 [ 222.339360][ T10] vpanic+0x20d/0x630 [ 222.339385][ T10] panic+0xd1/0xd1 [ 222.339407][ T10] ? __pfx_panic+0x10/0x10 [ 222.339432][ T10] ? sys_imageblit+0x19fb/0x1d60 [ 222.339460][ T10] ? preempt_schedule_common+0x42/0xc0 [ 222.339502][ T10] ? check_panic_on_warn+0x1f/0x90 [ 222.339534][ T10] check_panic_on_warn.cold+0x19/0x34 [ 222.339561][ T10] end_report.part.0+0x3a/0x90 [ 222.339594][ T10] kasan_report.cold+0xe/0x18 [ 222.339628][ T10] ? sys_imageblit+0x19fb/0x1d60 [ 222.339662][ T10] sys_imageblit+0x19fb/0x1d60 [ 222.339694][ T10] ? __pfx_sys_imageblit+0x10/0x10 [ 222.339731][ T10] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 222.339765][ T10] soft_cursor+0x524/0xa10 [ 222.339792][ T10] bit_cursor+0xe58/0x16f0 [ 222.339818][ T10] ? __pfx_bit_cursor+0x10/0x10 [ 222.339844][ T10] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 222.339873][ T10] ? get_color+0x1da/0x450 [ 222.339907][ T10] ? __pfx_bit_cursor+0x10/0x10 [ 222.339929][ T10] fb_flashcursor+0x338/0x430 [ 222.339962][ T10] process_one_work+0x9c2/0x1840 [ 222.339998][ T10] ? __pfx_process_one_work+0x10/0x10 [ 222.340032][ T10] ? assign_work+0x19c/0x250 [ 222.340066][ T10] worker_thread+0x5da/0xe40 [ 222.340099][ T10] ? __pfx_worker_thread+0x10/0x10 [ 222.340129][ T10] ? kthread+0x13a/0x450 [ 222.340154][ T10] ? __pfx_worker_thread+0x10/0x10 [ 222.340181][ T10] kthread+0x370/0x450 [ 222.340206][ T10] ? __pfx_kthread+0x10/0x10 [ 222.340233][ T10] ret_from_fork+0x754/0xd80 [ 222.340266][ T10] ? __pfx_ret_from_fork+0x10/0x10 [ 222.340299][ T10] ? __switch_to+0x7b4/0x10c0 [ 222.340321][ T10] ? __pfx_kthread+0x10/0x10 [ 222.340348][ T10] ret_from_fork_asm+0x1a/0x30 [ 222.340382][ T10] [ 222.340770][ T10] Kernel Offset: disabled