last executing test programs: 4m1.318835711s ago: executing program 0 (id=545): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) (async) r0 = eventfd2$auto(0x6, 0x4) close_range$auto(r0, 0x8, 0xfffffffc) (async) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mlockall$auto(0x7) (async) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/pid\x00') ioctl$auto(r1, 0x3cfe8773, 0x1) (async) mmap$auto(0x2, 0x8, 0x3, 0x40eb1, r0, 0x300000000003) madvise$auto(0x2000, 0x20499d, 0x9) r2 = socket(0x10, 0x2, 0x0) (async) mmap$auto(0x0, 0x4000b, 0x7, 0x9b72, 0x7, 0x28000) (async) r3 = open$auto(&(0x7f0000000280)='./file0\x00', 0xfffffffb, 0x4) (async) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r4 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) (async) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) (async) recvmmsg$auto(r5, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200006, 0x7}, 0x803}, 0xfffffff9, 0x3, 0x0) write$auto_proc_clear_refs_operations_internal(r4, 0x0, 0xffffff4b) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) (async) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), r2) sendmsg$auto_NL80211_CMD_GET_SURVEY(r3, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x24, r6, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, "53c7073044ac562e299bea7a"}]}, 0x24}, 0x1, 0x0, 0x0, 0x20040021}, 0x20000000) (async) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x200000, 0x0) (async) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) (async) readv$auto(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000400)="fa4198de77d8ee97911573a53a02737d852d5a197d2110abf52aa43e2f146e238a88e20c543733cd46d01d9edd6108200013c3163584954abbe33945bce8dee6a7f42935d986046a8ba6f578258aa7add67ae96c43b1e03c9e1ac25ddb4b480acbd526d2d1", 0x8}, 0x5) (async) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) open(0x0, 0x22240, 0x55) (async) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x40000, 0x0) ioctl$auto(0x3, 0x80286f4e, r7) 4m1.04881415s ago: executing program 0 (id=548): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/input/event0\x00', 0x3496c2, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) (async) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) (async) ioctl$auto(0x3, 0xae41, r1) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/xfs/xqm\x00', 0x0, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4140aecd, &(0x7f0000000040)={0x7}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0xa02, 0x0) r6 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/controlC1\x00', 0x181102, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r6, 0xc0045516, &(0x7f0000000180)=0x8) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f00000001c0)={{@inferred=0x0, 0x1, 0x40008, 0x7, "aab8e80600080043529f895cf5e8ec8f46cbb766439daa41e1aa00000000001200000000070a00"}, 0x6, 0x8, 0x7, @raw=0x1, @enumerated={0x4, 0xffff, "3a451db75512bd3527fc812ba5063f658f3a83495f2f7e8b4b84d579e75c002e35796b745e9f1f32cbfbdc296577c42c2257f3cdba1288075707bcc50e018166", 0x9e, 0x5}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) socket(0xa, 0x2, 0x0) (async) r8 = socket(0xa, 0x2, 0x0) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) (async) r9 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000080), 0xffffffffffffffff) r10 = setfsuid$auto(0x0) setuid$auto(r10) (async) setuid$auto(r10) setfsuid$auto(0xee01) (async) r11 = setfsuid$auto(0xee01) setresuid$auto(0x0, r11, 0x0) ioctl$auto_BLKPG2(0xffffffffffffffff, 0x1269, 0x0) (async) ioctl$auto_BLKPG2(0xffffffffffffffff, 0x1269, 0x0) sendmsg$auto_TIPC_NL_MEDIA_SET(r8, &(0x7f0000000500)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000100)={&(0x7f0000000580)={0x1e0, r9, 0x1, 0x70bd25, 0x25dfdbff, {}, [@TIPC_NLA_LINK={0x1cb, 0x4, 0x0, 0x1, [@nested={0x4, 0x110}, @nested={0x8, 0x133, 0x0, 0x1, [@nested={0x4, 0xb1}]}, @generic="d11bbf9ae3a870d4032477f3d74a82a9c576f78b7705c1536e18816fffda99b5ae9f4d64c5d888e24935b0573c3f62768f282044b5d7447fe7c6c87e21bbd7e0234005aef3c631fee8ff05058ef523d9ccb2828a98df3605d476c8adc75ae4eee9c889b06c1c46d12b6f9b0aa8f05c0806e362fe1edf3bcf572e4643030cd244d7d6bfffa609e60680d2ed04ab4e727b32c36a636fb9e0dea11c8018daf681d87797a5414117ccbef042a0704a", @nested={0xe5, 0x24, 0x0, 0x1, [@generic="f35e28f45641d9118e9f1c1751e24d6a1580cb82ff878864222f08612c2036b5b12ffded3805deff74c0566c90c7b335f64dd21ac9c606777afb9d82b1", @generic="27472fba12cfd2888afdfc9a01ef134fad91cae30f0cd3230b9010e0e0c0b029a80942cd5cb955b4da5e3d5e8a52981ad57d6c82df47e9fad2c0878bbb399e1c641f7e06700992752f356ce3261a0ddcf47502c306803a3e16b0f2e8cc60cdf2a3bd6da090a1e9d95e8d866077d07d1479b70e7679654ee03893c60a8cedf6e1", @typed={0x8, 0x91, 0x0, 0x0, @uid=r10}, @typed={0x8, 0xff, 0x0, 0x0, @uid=r11}, @nested={0x4, 0x11b}, @typed={0x5, 0x6, 0x0, 0x0, @str='\x00'}, @nested={0x4, 0x8}, @nested={0x4, 0xc7}]}, @typed={0x8, 0xb8, 0x0, 0x0, @str='%,^\x00'}, @typed={0x8, 0x8a, 0x0, 0x0, @ipv4=@empty}, @generic="dbe5cbb0c82ef57aed535027c78a59552757ba95daf9"]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x20000015}, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r6, 0xc0405519, &(0x7f00000000c0)={@inferred=r7, 0x7, 0xd, 0xa4, "e3eabf11dce36a2eac9cb4682c339b3ce615a9b97386d4462bc6553245da56e4978f37368e8493b4a6e0aa4e", @raw=0x200}) sigaltstack$auto(&(0x7f0000000180)={0x0, 0x80000001, 0x40b4}, 0x0) sigaltstack$auto(&(0x7f0000000080)={0x0, 0x401, 0x4}, 0x0) (async) sigaltstack$auto(&(0x7f0000000080)={0x0, 0x401, 0x4}, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x400003, 0x0) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000440)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7400fddbdf25140000000c00018008000100", @ANYRES32=r4, @ANYBLOB='\b\x00\b\x00\x00\x00\x00\''], 0x28}, 0x1, 0x0, 0x0, 0x48c1}, 0x0) 4m0.247468394s ago: executing program 0 (id=552): mmap$auto(0x0, 0x40000c, 0x45bb, 0x9b72, 0x2, 0x8000) r0 = epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r1 = socket(0x2a, 0xa, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x40) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x1000) ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r0, 0x4004550d, &(0x7f0000000180)=0x798) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x9, 0x4e, r1, 0x80100001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0x6, 0x2, 0x1}, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto(0xffffffffffffffff, 0x4018620d, 0x9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3b, 0x0, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0xf08f, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000001ff, 0x4, 0xd, 0x1, 0x3, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0xd, 0xd, 0x1]}, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) close_range$auto(0x2, 0xa, 0x0) 3m59.108166046s ago: executing program 0 (id=555): openat$auto_drm_crtc_crc_data_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb5, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x1e, 0x1, 0x0) r2 = openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, &(0x7f0000000240), 0x8000, 0x0) poll$auto(&(0x7f0000000280)={r2, 0xf06d, 0x4}, 0x84, 0x5) sendmmsg$auto(r1, 0x0, 0x7, 0x4008) mmap$auto(0x3000000001, 0x80000001, 0xdf, 0x9b7f, 0xffffffffffffffff, 0x2000007ffd) r3 = socket(0x2b, 0x1, 0x7ff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb2, r3, 0x8000) r4 = io_uring_setup$auto(0x6, 0x0) getsockopt$auto(r4, 0x6, 0xb, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x0) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r6, &(0x7f0000000200)='6\x00\x8aC\xe8\xcc\xb8K\xc2\xfay!\f(\xd5\xbd\xdb\xe9\xdb\xca\xf3\x9en\xb9\xf7\xf7\x7f\xf8\xf3k.\xa7\x14\xa6[\x9a\x02/\xa3Lm^\x92\x9a\xc6\xd2RIrb\x8dZ}\xec\x92\x8a\xd2q\xdaWE\x7f\x1f\x9a\f{\x19)>\xb8x\n0\xed\x97\xd0\xac\xbfAT\xe7\xf1\xf1}\x86V\xb4\x82\bR\xcb)\xc2\xb5\xc7y\n\xfd\xb7\xdb>\x8an\vQ}q\x9b\x1a\x85&\xd5p,\xb2\x1a\x17\xe3\x8f\x88\x8a\x9c\xc5?\xef\xde\xca\x849\x92\xa7\xdc\xbeH%\x15', 0x85) memfd_secret$auto(0x0) socket(0x2, 0x80002, 0x73) setsockopt$auto_SO_PEEK_OFF(r0, 0x6, 0x2a, &(0x7f00000000c0)='/sys/devices/platform/dummy_udc.5/udc/dummy_udc.5/srp\x00', 0x8000) socket(0xa, 0x1, 0x84) bind$auto(r5, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_udc.5/udc/dummy_udc.5/srp\x00', 0x60301, 0x0) syz_genetlink_get_family_id$auto_net_dm(&(0x7f0000000080), 0xffffffffffffffff) 3m57.857630435s ago: executing program 0 (id=558): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) (async) r0 = socket(0x29, 0x80001, 0xc4) (async) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) (async) r2 = openat$auto_ctl_device_fops_user(0xffffffffffffff9c, &(0x7f0000000280), 0x8002, 0x0) write$auto_ctl_device_fops_user(r2, &(0x7f0000000300)="0afcdf8eb0d50f1dbabf32062d9b3656d7691f92d3a6925d82b8fff1c24df86c272395d09d23aeaad0db6d154e2e41a384b81c367840632b70a433ed3debb564a91d165ebd91e9fa7b564fe5044878a78648bd53b59992bb6177b85bc34f7ffa2bcf61d2f52b1e4f", 0x68) (async) fcntl$auto_F_SETLEASE(r1, 0x400, 0xffffffffffffffff) (async) r3 = io_uring_setup$auto(0xd85, 0x0) (async) setsockopt$auto(r0, 0x10000000084, 0x7f, 0x0, 0xad4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/transparent_hugepage/hugepages-2048kB/enabled\x00', 0x22b42, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) (async) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/devices/virtual/net/erspan0/gro_flush_timeout\x00', 0x100b42, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/platform/dummy_hcd.7/usb8/bConfigurationValue\x00', 0x18b842, 0x0) sendfile$auto(r5, r5, 0x0, 0x2) (async) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) (async) sendfile$auto(r4, r4, 0x0, 0x3) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/platform/vivid.0/video4linux/vbi8/power/runtime_status\x00', 0x298920, 0x0) read$auto(r6, 0x0, 0x20) r7 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/fs/jfs/loglevel\x00', 0x1a9701, 0x0) write$auto(r7, 0x0, 0x9) (async) r8 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x165100, 0x0) ioctl$auto_PPPIOCSMRU(r8, 0xc004743e, 0x0) (async) write$auto(r8, 0x0, 0x0) socket(0xa, 0x2, 0x0) (async) setreuid$auto(0x4, 0x8) (async) tkill$auto(0x80000000000001, 0x7) r9 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_STOP_BEACONS(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="e7babc7b0f0033f22f878dbf083d0f3b3cb64a19b3851f3dd6d311e4c8cc7f2e353e1474c74842098edaec", @ANYRES16=r9, @ANYBLOB="000328bd7000fddbdf25270000000c0006000800000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4000811}, 0x4000004) (async) connect$auto(0x3, &(0x7f00000018c0)=@xdp={0x2c, 0x2, 0x0, 0x35}, 0x1) (async) ioctl$auto(0xc8, 0x400454ce, 0x5c8d) 3m57.085033196s ago: executing program 0 (id=562): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r0) sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x44c0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x40202, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f0000002600)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="411c000930757f00000004000800"/31], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0) 3m56.653117952s ago: executing program 32 (id=562): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r0) sendmsg$auto_SMC_PNETID_ADD(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYRES32=r1], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x44c0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x40202, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000002500), 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f0000002600)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="411c000930757f00000004000800"/31], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0) 1m57.984250621s ago: executing program 3 (id=1069): mmap$auto(0x0, 0x40000c, 0x45bb, 0x9b72, 0x2, 0x8000) r0 = epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x40) ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r0, 0x4004550d, &(0x7f0000000180)=0x798) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x9, 0x4e, 0xffffffffffffffff, 0x80100001, "787d66da4a620eab7f736e854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0x6, 0x2, 0x1}, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r3, 0x4018620d, 0x9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3b, 0x0, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0xf08f, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000001ff, 0x4, 0xd, 0x1, 0x3, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0xd, 0xd, 0x1]}, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) close_range$auto(0x2, 0xa, 0x0) 1m56.956017904s ago: executing program 3 (id=1073): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) (async, rerun: 64) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64) r2 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf2504000000040010"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) r3 = socket(0x15, 0x5, 0x0) getsockopt$auto(r3, 0x114, 0x2716, 0xfffffffffffffffc, 0x0) r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/limits\x00', 0xc8400, 0x0) read$auto_proc_single_file_operations_base(r4, &(0x7f0000000080)=""/112, 0x70) (async) close_range$auto(r0, 0x8, 0x0) (async) brk$auto(0xffffffffffffff66) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async, rerun: 32) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) (rerun: 32) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r5, 0x0, 0x800003, 0x270) (async) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x202, 0x0) personality$auto(0xfffff032) (async, rerun: 32) ppoll$auto(&(0x7f0000001ac0)={0xffffffffffffffff, 0x9, 0x7}, 0x8, &(0x7f0000001b00)={0xf2, 0x9}, &(0x7f00000002c0)={0x10000}, 0x8) (rerun: 32) mprotect$auto(0x110c230000, 0xa588, 0x6) (async) mremap$auto(0x110c231000, 0x0, 0x101, 0x3, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) (async) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_NEW_MPATH(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000dc0)={0x3c, r7, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_MLO_LINKS={0x28, 0x138, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, "7a450fc0c03f8e7b5826b5d627c084be296233ebd5170fd0f3b2"}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4404}, 0x0) (async) move_pages$auto(0x0, 0x9, 0x0, 0x0, 0x0, 0x2) (async) msgctl$auto_IPC_RMID(0x1, 0x0, &(0x7f0000001600)={{0x7b0, 0x0, 0x0, 0xd, 0x3ff, 0x7, 0xb}, &(0x7f0000000400)=0x9, &(0x7f0000000440)=0x10, 0x1, 0xd80, 0x9, 0x0, 0x8000000000000000, 0x6, 0xa, 0xfff9, @raw=0x80, @raw=0x9}) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004c18}, 0x8894) 1m55.808957437s ago: executing program 3 (id=1080): mmap$auto(0x7, 0x1ff, 0x3, 0xeb1, 0xfffffffffffffffa, 0x5) r0 = socket(0x2, 0x3, 0xa) clone3$auto(0x0, 0x9) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(r0, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/sctp/remaddr\x00', 0xd00, 0x0) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) getdents$auto(r1, &(0x7f0000000080)={0x7, 0xd, 0x3ff}, 0x201) socketpair$auto(0x1e, 0x0, 0x7, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa042, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyyb\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x10000000000002f, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv6/conf/nlmon0/accept_ra_from_local\x00', 0x80600, 0x0) read$auto(r4, 0x0, 0x1ff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nbd7\x00', 0x2e6480, 0x0) write$auto(r3, 0x0, 0x2) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) 1m55.597940075s ago: executing program 3 (id=1081): r0 = socket(0x1e, 0x6, 0x47d) sendto$auto(r0, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, 0x0, 0x6b) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) socketpair$auto(0x1, 0x81, 0x8000000000000000, 0x0) socket(0x2, 0x2, 0x1) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4, @broadcast}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) listen$auto(0x3, 0x81) ioctl$auto_KVM_GET_SUPPORTED_CPUID(r1, 0xc008ae05, &(0x7f0000000040)={0x140, 0x0, [{0x0, 0x4, 0x2, 0x6, 0xfff, 0xf6, 0x9}, {0x7ff, 0x101, 0x8, 0xffffffff, 0x2, 0x6, 0xd7e4}]}) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) openat$auto_proc_mountstats_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) close_range$auto(0x2, 0x8, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) write$auto(0x3, 0x0, 0xfffffdef) connect$auto(0x3, 0x0, 0x54) 1m55.409416125s ago: executing program 3 (id=1082): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7) ptrace$auto_PTRACE_SETREGSET(0x4205, r0, 0x5, 0xd) 1m55.186826175s ago: executing program 3 (id=1084): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) ioctl$auto_TIOCGPTPEER2(r0, 0x5441, 0xebffffff) kill$auto(0x0, 0x21) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x0, 0x0) close_range$auto(0x0, 0x5, 0x0) sigaltstack$auto(0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zram0\x00', 0x14f340, 0x0) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x501842, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyac\x00', 0x38b403, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) mmap$auto(0x0, 0x8000000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) msync$auto(0x0, 0x2000000005, 0x6) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) mmap$auto(0x3, 0x40009, 0xdf, 0x12, r1, 0x0) setrlimit$auto(0x1000000007, 0x0) memfd_secret$auto(0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x40000, 0x0) ioctl$auto_BLKDISCARD(r2, 0x1277, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x51d100, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) close_range$auto(0xffffffffffffffff, 0x8, 0x0) r4 = creat$auto(0x0, 0x0) pwritev2$auto(r4, &(0x7f00000000c0)={0x0, 0x8}, 0x100, 0x2, 0x9, 0x43) r5 = socket(0x2, 0xa, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r5, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) 1m40.055702054s ago: executing program 33 (id=1084): socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) ioctl$auto_TIOCGPTPEER2(r0, 0x5441, 0xebffffff) kill$auto(0x0, 0x21) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer2\x00', 0x0, 0x0) close_range$auto(0x0, 0x5, 0x0) sigaltstack$auto(0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zram0\x00', 0x14f340, 0x0) openat$auto_generic(0xffffffffffffff9c, 0x0, 0x501842, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptyac\x00', 0x38b403, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x1, 0x0) mmap$auto(0x0, 0x8000000004, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) msync$auto(0x0, 0x2000000005, 0x6) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x48180, 0x0) mmap$auto(0x3, 0x40009, 0xdf, 0x12, r1, 0x0) setrlimit$auto(0x1000000007, 0x0) memfd_secret$auto(0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x40000, 0x0) ioctl$auto_BLKDISCARD(r2, 0x1277, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x51d100, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) close_range$auto(0xffffffffffffffff, 0x8, 0x0) r4 = creat$auto(0x0, 0x0) pwritev2$auto(r4, &(0x7f00000000c0)={0x0, 0x8}, 0x100, 0x2, 0x9, 0x43) r5 = socket(0x2, 0xa, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r5, @ANYRES8=r3], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) 1m13.924856761s ago: executing program 4 (id=1250): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="0c001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) ptrace$auto_PTRACE_SETREGSET(0x4205, r0, 0x5, 0xd) 1m13.660896227s ago: executing program 4 (id=1253): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x40000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002140)=""/4122, 0xce8) (async) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002140)=""/4122, 0xce8) 1m13.448894646s ago: executing program 4 (id=1254): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) 1m13.3116473s ago: executing program 4 (id=1255): mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x6, 0x17, 0x0, 0x4) getsockopt$auto(0x3, 0x6, 0xb, 0x0, 0x0) socket(0x18, 0x6, 0x8) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x1, 0xf, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0xa, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r1, &(0x7f0000000640)={{&(0x7f0000000000), 0x5ae, &(0x7f0000000100)={0x0, 0x13}, 0x5, 0x0, 0x5, 0x1}, 0x1}, 0x1a000, 0x100) mknod$auto(&(0x7f0000000180)=':,\x00', 0xc9, 0xfffffffa) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40080}, 0x40) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x181881, 0x0) close_range$auto(0x2, 0x8, 0x0) pread64$auto(0xffffffffffffffff, &(0x7f0000000140)='[/]&].%[[[\\&.#}}\x00', 0x9, 0x7f) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast1}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0) poll$auto(&(0x7f0000000480)={r2, 0x8000, 0xff81}, 0x7, 0x54b) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0xfdef) 1m12.301358142s ago: executing program 4 (id=1258): mmap$auto(0x7, 0x1ff, 0x3, 0xeb1, 0xfffffffffffffffa, 0x5) (async) mmap$auto(0x7, 0x1ff, 0x3, 0xeb1, 0xfffffffffffffffa, 0x5) r0 = socket(0x2, 0x3, 0xa) clone3$auto(0x0, 0x9) socketpair$auto(0x1, 0x0, 0xfffffffc, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(r0, 0x8, 0x0) (async) close_range$auto(r0, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/tcp\x00', 0x133c00, 0x0) open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) (async) r1 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) getdents$auto(r1, &(0x7f0000000080)={0x7, 0xc, 0x3ff}, 0x201) socketpair$auto(0x1e, 0x0, 0x7, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa042, 0x0) (async) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttynull\x00', 0xa042, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyyb\x00', 0xc7f16bff2a10ba01, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xebd, 0x401, 0x8001) sysfs$auto(0x2, 0x10000000000002f, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_TIOCVHANGUP2(r3, 0x5437, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) (async) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/ptp/ptp0/n_vclocks\x00', 0x8502, 0x0) mmap$auto(0x10, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/neigh/ipvlan1/anycast_delay\x00', 0x2000, 0x0) read$auto(r5, 0x0, 0x1ff) (async) read$auto(r5, 0x0, 0x1ff) write$auto(r4, 0x0, 0x2) (async) write$auto(r4, 0x0, 0x2) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_RSS_GET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYRESHEX, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4040000) socket(0x10, 0x2, 0xc) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) (async) syz_genetlink_get_family_id$auto_nlctrl(&(0x7f00000002c0), 0xffffffffffffffff) 1m10.281437842s ago: executing program 4 (id=1268): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendto$auto(0x3, 0x0, 0xfffffffffffffdef, 0x101, 0x0, 0x1c) ioctl$auto(0x3, 0x541b, 0x38) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) write$auto(r1, 0x0, 0x5) r2 = set_tid_address$auto(0x0) r3 = syz_open_procfs$namespace(r2, &(0x7f0000000080)) getdents$auto(r3, 0x0, 0x18) getdents$auto(r3, 0x0, 0xa2b0) msync$auto(0x6, 0x2000000007, 0x6) 55.282960844s ago: executing program 34 (id=1268): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendto$auto(0x3, 0x0, 0xfffffffffffffdef, 0x101, 0x0, 0x1c) ioctl$auto(0x3, 0x541b, 0x38) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r1 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) write$auto(r1, 0x0, 0x5) r2 = set_tid_address$auto(0x0) r3 = syz_open_procfs$namespace(r2, &(0x7f0000000080)) getdents$auto(r3, 0x0, 0x18) getdents$auto(r3, 0x0, 0xa2b0) msync$auto(0x6, 0x2000000007, 0x6) 6.41286577s ago: executing program 1 (id=1495): wait4$auto(0x0, 0x0, 0xf, &(0x7f0000000140)={{0x2599}, {0xffffffffffffffff, 0x1000000009}, 0x2, 0x800080000001, 0x1, 0x1000, 0x5, 0x7, 0x5, 0x5, 0xb11c, 0x8, 0xfffffffffffffffd, 0x7, 0xffff, 0x801c0000000}) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) sendfile$auto(r0, r0, 0x0, 0x7dfff001) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x20000001, 0x2, 0x3, 0x0) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) write$auto(0x3, 0x0, 0xfdef) 5.28203245s ago: executing program 5 (id=1505): mmap$auto(0x0, 0x40000c, 0x45bb, 0x9b72, 0x2, 0x8000) r0 = epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) socket(0x2a, 0xa, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x40) ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r0, 0x4004550d, &(0x7f0000000180)=0x798) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) bpf$auto(0x5, 0x0, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40090) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, 0x0, 0x3, 0x0) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r3, 0x4018620d, 0x9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3b, 0x0, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0xf08f, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) close_range$auto(0x2, 0xa, 0x0) 4.834653945s ago: executing program 1 (id=1508): r0 = socket(0x10, 0x2, 0xb) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) timer_create$auto_CLOCK_REALTIME(0x0, &(0x7f0000000180)={@sival_int=0x8, @raw=0x2, 0x6, @_sigev_thread={&(0x7f0000000140)=&(0x7f0000000100)=0x7, &(0x7f0000000480)="194b2eefaf5d7ba4b169202609101e6c3520af87ae1847cc22b67dcf6fbcf88ec65e72800a3f1c6c102eb8f50564c99ac3d3dec417294df3d567d25835eacde4bbbe33efaca8804f3203f2ff082e5163e6263ec4e9a9364b34607b6311d9ccea7c1401f45841efea2e5b2ecd384d364d391ff65b71f6713a1f590857193ae424466a7bd85d65dbebb4613b5bf6be3bed768b796cd4fbafa1344d1efaeb16330e8d2b1a0df98cadb8d678ff2e83b06d4b35be582a0fc1dd27a717c06ffd4f5358a4546113ca4e9b6b0b475a2e7f44fccca3f49d10fb82084a8ce3eb0d3816ed5b11f7741b2c0ad39385d9b532e78987d92e912ae785fc53f2adec33e39c2fce4a1705039aaaf503c1e984cf64fca5ec0dc5c22c484abad63b53cc0e0909f70a83dccab4cdc29b488b692cb68b61114c8e37fe8114cf91739054c257e525ebb7f68ea31a94599de956348d0b11504bd70001eb7e6c87501da5930e48deb33368755aaeed9e67220c323a8befe0ed3ac5f7bb419699d757a7374127091119289d355c643dacf515afdf990d15f0e7ad6f8eadd279f448601581e646acf56c63d4ac12b2f68b833613c9ff0d784da64ac3c5cb4ec22f7988f4deb6d5b0600497d08c871cc06203fbca94a251e1b8bcba3be8ed326cd2a67092de4e5816230b2c6dc9e308e0b58117e9e4cfa2a648fd9b3393f707041bf5cab7f2dd535ea03f318a14b7f0841391fc99fcc2871fe6c92b80aeba6241d38ebe9d96e7797c76a7da5c8339dd78b2335e0bd316bd27310b108cdde86540fcb68b37742b45f19dc5b28b0d09dbab66b9342ae436b08cf4521373a149a3a1651c9bca991ee8d8997df35cf14c30da2ec903f4cf0eb43551eed1a09e950a369bb6afee2fe8b85b5f9ce5c88b552ec2a1d9f3c3b865f91d0f75e2c360083b2855d6420884476c654adbb4922a4de0c2259dc9af4784d946b523bdc7bbd25076e034ba8148297b71892772343fdacd431a706972223ae4a2e8ae3ae509ac7e7731597536e9edaba9fbf2a0de8252690aca38815c464089b30de24619e4555d75b4b030b81e32ed9c925f31aac0bf1114fda7a3828e6adc82e251ad7cbfd20f1a93d56f24401483f71d361c8325031c760c22292aa9de41a7fbbaa4a70078d6ed73343ba998b701cb5f48f86b9ed45d806c078a1fbc4ee178d9274c8cb99e33c331630c26d7d16a932823215e8aa64d3e4b5a205cb31eed4dd53e690121b3797825e8a03f489b1dbd3e48f8557d6949d7f837ff3a585b9f44bd70e974ff8ad74391324d84187bbddf42fb2dd9510423cf82f3bf993d11527db696b3b59416cc4d4a76ba6e4356cdb7f9e98c33226ac0eede0241ecbcd3195b5ec4ec69f08171661a7118a0b44a43f5bc114b6f416dea2a6d460855d0f6039c91a9612e8c54cc5d532b4d02438dec7e2071b7f32c964be8f9eac4f9b82cab3b43dc22f6750f81418d869b8138631a3d8679213904dc92721e8e9f04c692f63cb3d7710571586fee1c7db4077801f464b327286d8a08588c6f8a1e20783b5e4ac8fa7b8c62a5d8787636be7cfd10ac81b80bb26143a92247552dfc09e95ff0515d54a4d019ede821cc0af8b7432d9a64f4af9aed3aff2b2bab83f4745605c24fc94ed5d53ee2a9458e846f74659e4d3d096ffbf67ddb353dfdc55c31bbc807b132566ece23f5a588eb1ebd59b825eaebfba9f2a402c4f1fa174d6b8a7df78b1ea6cb8a2ac82ca05ca58df170d5752e78f7448c77bf1f4312400e35d006ae67536a9fd4ac787c963f00b04f8d9c3c5c4d77453b8c7c6d17f1fa1ddb94871dd3a1a2de3872c57c0d2c1db36c0c23339d3562b51162d042529cb1f6f9bebb1d0603ecc05e2ae68253c4cc93c588f2723cf12f54b6f457da633a269ddafa4701b50247f9410dc2e77d0c3d9f433c5366d8f0a9f9a53b4b74bad61f19b94ce6d9928fd26587713353c4b51cc4513c1e6d560e877ad8c9d33563f543f634a19584d4951f98579b6511ec9f5fe72d8d2b57d12297c2b973aa9b63154d19a42bc24617276555fcb595b19e67a00aec3402255c30d454b4f9757134f1e20c7a7078a573bf2a65aa14577b3c16e3b88db3259ab5c9679e21079412049993a5c74acc74b9ebe8e0b88c019663d5458d924d4bc38eaa4e977826b09b4c1832c0498c9fefba12e42afbd0a248ba6168b58c1eea55d4cd8b2e115adc856beb2e5f9f28df3c8efbf94e1f02e342a96c0dc997ae08ff12c2153830a097d0adc10ad4e9957ef50ecd9b918342482438b76574a01e873480d573feec6da40ed076f70199fb68fea21bccccf01a4bcdb5475dbb9af2b001171808f39f8c4ec6c6e244bbc818cf14a90ae5f97f492243248072f7fdaca38ae987bc4706e1a3bd9d5b2a7e07a6c98aa2991c124e1c198213d94c0b95a13b6fc8cf3217b6405fb7f8f3949c14d593f376ba847825cee75e9200fbdac3be9e120a676fc452e51383a6e89ad82ce3b9e8e97e173d745fea3d58931e02192de81ab2c35be4d7366737d4609ba2be4d165274c000bd669c1b56233736ef1a01b28adbb5bcd6cffe949342d1afd33f091676747b981559d9877de211781fcf759d0eb4863f86c6df212755ea7b439a9d5c70527d61e9e4a81c2d10ad71596286d2db428513d61dffb0601633d44008283b5bd622b3ab71b2e9b23aed29630dbc2e053404d1de2ec15d9d69673e5679560fb70503d9671e860ea28a92760943ba8a0b06d85e9cedd724867d4b1d4df244ae588c3181fd55c8c921cadafb6dba5a0ca17a4b93c14e9a91d35833f205587c7bcefe9b35ba89ea94236d14b8e6d93242ea01fe345c42f8034b53d6f6307c584372a82900c660b7f6ff2206cfc766583b8a0a8041d1b01efb4d53a5acc22edc740041171958996ce8069e746b87d6c17373824914b4b7dc0d4f480544b16092a7254a051b67ea2679d1aa26893c8665a3cc3fdb19ba1cedec8b1775b6406a9cea57fa9d67f812c87684fc9a770e90e561ea1aa115da0f95436946426ebbe601758dee27b00ea6c0476ac17ee9605ff37d10286151c4064e38559d684cc98cedf8bc012d53f1e01203070a7730d6058255217a1a3b0907b556bc6395675f9fc2af98d8a169e1df36fb5d3de3bfbe6b79782f2e002f6e6bf9d69a98c1db94692359aebd471883dc9967471bb6ee8df7097e92e6068ed546d7b15a06b1d080ffa947ecf4e7f8b3a6653c27cbc6cdf4dc1fe32dfa657106a80475945b4d85d66d2fe2dd2427938feec9a10f279fb141636a4b3cd0742ed099f924e1f933117f5c6ab5e92d07c23a829e3aa05043e0076ffea5b18db9ca6d4dfea920ba44feb620404e8d4b56198e19072b441f3578d06e52b69c1a56823e2f7aff4ae5983c365ca738d6ab1a5e7b772bec66a17d3288bd988c5143aafe7f0d3b548a3c7151296a7569f28bc176ab9e8dcb1a6616881c3e2afcad4341b419d0023958f185bacb7362f2a89fdc0420b224e3666ad5efc9e5719df21eec7887e08f9611901123c8e7a6d54f51e1aca02155ac1087c225e95197298db38f2546453a37d0ae5a0c68e306c18495c06ead5b55793ced7cbb133b8ab44dc45383e68bcaebba72e913bf388b78705e7c63c6cf7225406f57bb40317ad15d29b8e9e1297f9dfa421aa50abede3849d7052eb8ba2d1c92f6b11aebb29f54b6e86163053286e98d7647745c60b3714ddb8d802a2543fecc27890b640f5bca590e8c28c9ad14557eeacbf7a6ace253f7b333af1cab17809ebf501f13f7cf1abb1fc0cf1557857b346ce52e931b65bdd6575e12e9a6860dfeb0c6aed88e0e42a9cea57b93998a19e3901d57f2b82881f64aaa39c6e1468736f369934bb1d44c0d49b4b714b5f58e2aa9d891d5cb5bff8b19cffa1f4728fa5890797283bc65b7fdb0a3a6b2ef5aaa4a79d48cb1d64a542abb0780065848414148df3012ea38283b9ed1ca7663b111dcd154db5ad5eb238def2e35621c8627289d32a77f39b1baa6708eeacec0a50cbe024aec24638b298ea4413cc57b91c6b8b031a79c133c711f5066da758f6c882244c6321994f98b499ee0150a6a6fadb454443b507c43e06bb24c94292e9bd8591aac607893f138ef80a11b16934e237c1e9b0d5b10f71e236be2034815d0f97ad2d1cf7c7eacb947c2e2fa52b49125cb784dec9e92c0174a9021cb5fe74fa7c742ae7dce18dd9b8dffe733959ac4cf381808edc5456fc59c4dcde86941e1906cce309feff3e9aaf828a72f2e40a15c2fa7dc614e6d57ad4236184f085a9bb236cae1a2ddf9255742bf264f4440bb75116002f0cadbd2f7976b6f20500892a133c703aaa374dde1c717a3f17c9b46187bb2c11ec1cc73dd417967b616f1b398b83ac1fa8f250e000c881c2f0c236cb6938027343dbc8d19dc1ec9888100b2627512bd998aa3d5c006dfbf1335cb08a9759fffd96ea34947509d21c6a0d45629209e680474dcf4b33ee71612639b54db47b1d5ec92f3654e62a86a83459630486696c3a6cb3a4941f6299a9abe753262ef2cecbc821bd263a1a926e72dd89d1f9b13ecaa4c51030df2d8114cf1a3e51cce504e138c2ae337aa1928b1e1a9ef43b9030faf9aa7996678d0fce99481c18050bdee4397bf0da5cab8f7bd87b3bbd6c914d66f7cb42b2e04a04801f58e689a62fd78ba31eb3bcf25e73ab9e8cf599e052eb8f5a9f35dc94241a53602978fc8949c5b4e5b78c1eb2a7bceb8a6722971c1544396e91dcbfef7117486fd3eeb0c2832ad45b6f4dc0cb1b02ecf1e66ceb630680cd90a8810b7d5e49ed0e1ca42f4aa5442cf84c3cb105fd7aa3576e7dde57bca7b5aaf59c6d7367fd284e326fc7ec75246e73d26969a24ccd2e4d209a712de929dfa501d1cf3f3a3e430fed65ce9f9973e60ba08ab68915c0410292bfd55a6b65e05517ba71c0181be30529c865274df4e3d2690326fc03e6d3a7b8c7b3f377bb1c7a67d62d3b84b353e442fcd6c6255106bc091c6bcd25bd444fe647a3b52218d6bc143785567acb34a7119d9874e170074013ccb76be256ca8e845362fdc107a47d20f87c8ce0c1bcf54ad9f91b60e1c7d3b18b9fa160f2a0e77e428fb97c43c4b414523b913d2abfdf848cf58189eb5920441ca0e340f607ce199f022d60ad48a3edc4c1fcbd7ff730fd9dbdf173259d7b5dc7fa8234504efd8736b75bcadffe64361a4922803c926d1bdff59983ce83d27223608519e35e87696bfb5b9894cd50c4c27a32240fbde083fc03b9306c6dbb6dd36f911bd2b6630b138d2fbb631c8038fc9b24850703adb32d473f4a68fcca99bc2f7b923485f05a8c6a6f0dce3c3191b437157d651d1d5d068c3f00d6743ba0bccc57b22cf7ad47578330325fbdca609d3bce66df593ba30c76a673edd0f8794a719ff8d94e0220e39749a3ac14dc6044abe4ecf725d4bcd6105802b240671b64631e1f7bdfd7944f05895c6bdb625d47f31ca13f8bf8f396578b98608d30a4feaed720b8f32b1b41e986cef0d32462f6fcfae7d10550b4933521f4fc4067579ab71070691e7436877e00ecf2702cb13a6c1eac87b0786673c001217fc5a5e044dcf0ef7bb6f98fa2ec1addbd2d25af3212e19c624332662a2e7e766ce03cae958d85351101a44d6f6f0a4a0e0d063c7940cddb08d0d3072a6e3263e85b58cce9f298af286e621b8184f3d6f003f256f73f9768ca82b8602278ef936c321e9b0b5673d29bb24da7de346558e07b760d6ffbf685f52cd51315e71cb4186b5e451716419ea7d1fbeb8856d"}}, &(0x7f00000001c0)=0x2) r1 = memfd_create$auto(&(0x7f0000000000)='!\x00', 0x16) r2 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000300), r0) sendmsg$auto_NCSI_CMD_PKG_INFO(r1, &(0x7f00000014c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001480)={&(0x7f0000000340)={0x1c, r2, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x100}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x2, 0x4) r3 = socket(0x10, 0x2, 0x4) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r3, @ANYBLOB="0800fb00", @ANYRES32], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4.432589734s ago: executing program 1 (id=1510): socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000000081, 0x8, 0x2, 0xfffffffffffffff8}) r0 = socket(0x2, 0x3, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8000, 0xe9) prctl$auto_PR_SET_VMA(0x53564d41, 0x20, 0x9, 0x7, 0x2) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_3={0x2, 0x101, 0x3ff, 0xffffffffffffff80, 0x1, 0x1, 0x9, 0x9ce9, 0x1, "e1fd3ac6e88c17d559e8b53bdd94ba79", 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x60b, 0x1, 0x82d, 0x5, 0xd, 0x8000007, @attach_prog_fd, 0x4, 0x4, 0x5, 0x6, 0x8, r0}, 0x12) io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000180), 0x1) r1 = socket(0x9, 0x6, 0xffffeffb) getsockopt$auto(r1, 0x0, 0x30, 0x0, 0x0) getpid() mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) io_uring_register$auto(0x2, 0x0, 0x0, 0x3) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x100002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_0={0x1, 0x7, 0x2817, 0x4, 0x200004, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x8, 0x7, 0x5, 0x8}, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) semctl$auto(0x1, 0xfffffffe, 0x3, 0x5) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r2, 0x0, 0xc3) 4.289872921s ago: executing program 5 (id=1511): openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC0\x00', 0x1c8000, 0x0) r0 = openat$auto_l2cap_debugfs_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x200001, 0x0) ppoll$auto(&(0x7f0000000380)={r0, 0x8, 0x8}, 0x7, &(0x7f00000003c0)={0xc816, 0x7}, &(0x7f0000000400)={0x401}, 0x8) write$auto(r1, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x40) prctl$auto(0x4d, 0x10001, 0x0, 0xffefffffffeffffc, 0x0) r2 = openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000003500), 0x40002, 0x0) write$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(r2, &(0x7f0000003540)='\n', 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) bind$auto(0x3, 0x0, 0x2) modify_ldt$auto(0x1, &(0x7f0000000040)="15ac", 0x20010) 4.119074646s ago: executing program 2 (id=1512): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) 4.052736783s ago: executing program 2 (id=1513): socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000000081, 0x8, 0x2, 0xfffffffffffffff8}) r0 = socket(0x2, 0x3, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8000, 0xe9) prctl$auto_PR_SET_VMA(0x53564d41, 0x20, 0x9, 0x7, 0x2) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_3={0x2, 0x101, 0x3ff, 0xffffffffffffff80, 0x1, 0x1, 0x9, 0x9ce9, 0x1, "e1fd3ac6e88c17d559e8b53bdd94ba79", 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x60b, 0x1, 0x82d, 0x5, 0xd, 0x8000007, @attach_prog_fd, 0x4, 0x4, 0x5, 0x6, 0x8, r0}, 0x12) io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000180), 0x1) r1 = socket(0x9, 0x6, 0xffffeffb) getsockopt$auto(r1, 0x0, 0x30, 0x0, 0x0) getpid() mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) io_uring_register$auto(0x2, 0x0, 0x0, 0x3) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x100002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_0={0x1, 0x7, 0x2817, 0x4, 0x200004, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x8, 0x7, 0x5, 0x8}, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) semctl$auto(0x1, 0xfffffffe, 0x3, 0x5) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r2, 0x0, 0xc3) (fail_nth: 1) 3.602611804s ago: executing program 1 (id=1514): close_range$auto(0x2, 0x8, 0x0) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x62, 0x0, 0x2100000, 0x7fffffff, 0xfffffffffffffffe, 0x1, 0x0, 0x2000000000000e8, 0x0, 0x4, 0x0, 0x8}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/net/hwsim0/addr_len\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab83, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/input/event0\x00', 0x40502, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000001180), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x101042, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4138ae84, &(0x7f0000000040)={0x2, 0x179}) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r2, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r3 = prctl$auto_PR_SET_MM_START_CODE(0x9, 0x1, 0xffffffffffffffff, 0x2, 0x87d) clone$auto(0x8, 0x7, 0x0, 0xffffffffffffffff, 0x80000001) pwrite64$auto(r3, &(0x7f00000001c0)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x89\x06Y\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebz\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\x06\x00\x00\x00\x00\x00\x00\x00\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14\xf8\x10\xdeNH\x1a\xca\xc1kr\x88\x06\xa5\xf30\xd2\x7f \xf6\xd3\xa1J3=\xa3\xb2>/S\x94\xa01{\xeb\xb1\xf2\xe6\x8b`@\xed\xc1\xb8\xc5\x90\xf9\xb6\xc8\x17\xdd\xf4\xd1\xa4\xf6\xaa`\x90\x130\x8a5\x15(\xdd\xaa\xe4wa\x82\xd6\x97\xf5n\xba-\x0f#\xf32_\x0e\r%&\x1d\x85\xff\xe5\x97C\x06A\xf9\xd2\xb2\xf4\xe7\xe8\xe2\xf0=-yMq\xfa\x89\xd0\n\xfc\xb8\x85\x9e\xd8\xfas\xb0\xe7\x9e\xcf\xd9W\xad\\J&\xd0\x7f\xba\xd1\x93\xffB\x9d\x91\xe4\a\xcf\x96#8i\x1ab6\xc0\xc9X\x9d\x02\xb8+-\x88d\x1e\x90\x8a\\\x14\xe1\x172\xcf\xfa\xc8\xd1\xcd\x11\v*g\xa9\xca3\xb3\xde\x135\x122\xf6D\xee[\xcfcVob', 0x10, 0x6) bind$auto(0x3, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x54) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x20080, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x8000000eb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4044010}, 0x40850) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) 3.602272232s ago: executing program 5 (id=1515): socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000000081, 0x8, 0x2, 0xfffffffffffffff8}) r0 = socket(0x2, 0x3, 0x2) socket(0x2, 0x1, 0x106) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D1c\x00', 0x101102, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, &(0x7f0000000440)="0db1") mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x50800, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) setfsuid$auto(0x0) select$auto(0x14, 0x0, 0x0, &(0x7f0000000140)={[0x200, 0x4, 0xd3e, 0x1, 0x948b, 0x10000003, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80040001, 0x50a7, 0x6d3f, 0x8, 0x0, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7f, 0xe, 0x3, 0x948f, 0x1, 0x206, 0x7, 0xfffffffffffffff6, 0x7, 0x70c4, 0x79d, 0x6, 0x100000000000000, 0xfffffffffffffffb, 0xf]}, 0x0) mmap$auto(0x7fffffff, 0x3, 0x8, 0xebe, 0xffffffffffffffff, 0x2) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8000, 0xe9) prctl$auto_PR_SET_VMA(0x53564d41, 0x20, 0x9, 0x7, 0x2) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_3={0x2, 0x101, 0x3ff, 0xffffffffffffff80, 0x1, 0x1, 0x9, 0x9ce9, 0x1, "e1fd3ac6e88c17d559e8b53bdd94ba79", 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x60b, 0x1, 0x82d, 0x5, 0xd, 0x8000007, @attach_prog_fd, 0x4, 0x4, 0x5, 0x6, 0x8, r0}, 0x12) io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000180), 0x1) r2 = socket(0x9, 0x6, 0xffffeffb) getsockopt$auto(r2, 0x0, 0x30, 0x0, 0x0) getpid() mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) io_uring_register$auto(0x2, 0x0, 0x0, 0x3) 3.409936999s ago: executing program 2 (id=1517): wait4$auto(0x0, 0x0, 0xf, &(0x7f0000000140)={{0x2599}, {0xffffffffffffffff, 0x1000000009}, 0x2, 0x800080000001, 0x1, 0x1000, 0x5, 0x7, 0x5, 0x5, 0xb11c, 0x8, 0xfffffffffffffffd, 0x7, 0xffff, 0x801c0000000}) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) sendfile$auto(r0, r0, 0x0, 0x7dfff001) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x20000001, 0x2, 0x3, 0x0) r1 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0) write$auto(0x3, 0x0, 0xfdef) 3.178827132s ago: executing program 2 (id=1518): mmap$auto(0x0, 0x20005, 0xa, 0x200eb1, 0x401, 0x8000) syz_clone(0x11006391, 0x0, 0x0, 0x0, 0x0, 0x0) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, &(0x7f0000000140)="d1807307", 0x4) r0 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r2 = socket(0x15, 0x5, 0x0) r3 = eventfd$auto(0x7f) read$auto_vhci_fops_hci_vhci(r3, &(0x7f0000000200)=""/36, 0x24) close_range$auto(0x2, 0x8, 0x0) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x801, 0x100) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x8, 0x1ff, 0x7c9, 0x27, 0x4909b6f5, 0x1ffe0, 0x7, 0xffffffff, 0x20000009, 0x9, 0x3, 0x4, 0x1, 0x68d, 0x9, 0x8, 0x10003, 0x80, 0x3, 0x0, 0x6, 0x22000, 0x200, 0xffffff28, 0x84, 0x0, 0xffffffff, 0x0, 0x0, 0x0, [0x8000000000000000, 0x101, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x80000, 0x0, 0xffff, 0x10, 0x0, 0x8, 0x10000, 0x0, 0x8, 0x90, 0x6, 0xbdcc, 0x10000, 0xfffffffffffffffe, 0x0, 0x100]}, 0x1fe, 0x9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x20000008}, 0x40000) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1892, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000140), 0xb, 0xa505}, 0x800}, 0x7, 0x4008) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0x848000000015, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xfd}}, 0x6b) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0xff, 0x0}}, 0x55) sendmsg$auto_NL80211_CMD_GET_MPATH(r5, 0x0, 0x100000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) ustat$auto(0x801, 0x0) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r0, 0xffffffffffdffe00, &(0x7f0000000140)) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) 2.670101704s ago: executing program 1 (id=1519): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000080), r1) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/nbd6/queue/iosched/prio_aging_expire\x00', 0x88282, 0x0) sendfile$auto(r4, r4, 0x0, 0x1) r5 = signalfd$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x8}, 0xa) sendmsg$auto_CGROUPSTATS_CMD_GET(r2, &(0x7f00000001c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x54, r3, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r5}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r0}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r1}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r1}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r2}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r0}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r1}, @CGROUPSTATS_CMD_ATTR_FD={0x8, 0x1, r1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4000084}, 0x4000004) io_uring_register$auto_IORING_REGISTER_CLONE_BUFFERS(r1, 0x1e, &(0x7f0000000000)="68e63f3c67d4ac", 0x3d) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) 2.630858595s ago: executing program 5 (id=1520): mmap$auto(0x0, 0x40000c, 0x45bb, 0x9b72, 0x2, 0x8000) r0 = epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) socket(0x2a, 0xa, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x40) ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r0, 0x4004550d, &(0x7f0000000180)=0x798) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) bpf$auto(0x5, 0x0, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40090) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, 0x0, 0x3, 0x0) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r3, 0x4018620d, 0x9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3b, 0x0, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0xf08f, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x180, 0x0) close_range$auto(0x2, 0xa, 0x0) 1.851324146s ago: executing program 6 (id=1521): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0x400a507}, 0x800}, 0xa, 0x8) 1.605035539s ago: executing program 5 (id=1522): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/adsp1\x00', 0x80502, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) (async) madvise$auto(0x0, 0x2000040080000004, 0xe) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) (async) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) (async) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) r0 = gettid() kill$auto(r0, 0x11) (async) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) socket(0x10, 0x2, 0x0) (async) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2000, 0x0) (async) fsconfig$auto_SHMEM_HUGE_FORCE(0xffffffffffffffff, 0x7, &(0x7f0000000100)='@+\\!\x00', &(0x7f00000001c0)="5b0fdf8e7220ade733b697e361a312e8797cf9bc410c090dd180de688ae19ee0f7d3ce7f185fa1b9c9867d234fdb5c62c6e305f1df4ca134c6413371cb668566fc407fc2b99e953d74e9fe557dc0d6dd24b7fd497737dfcd44938915c5131197660e57624aba5b26b726415e50ca4639", 0xfffffffffffffffe) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SET_TUNSRC(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x28, r2, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @loopback}]}, 0x28}, 0x1, 0x0, 0x600, 0x40000}, 0x800) (async) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) (async) write$auto(r3, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) (async) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) (async) r5 = socket(0xa, 0x5, 0x84) sendto$auto(r5, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) (async) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r4, 0xc0045005, &(0x7f0000000300)="8ce22d9a8729b3bb9cc7ee57370b19c28ca531123238fe0417ae12100322ffea5c24929d390b20f12f951f7b117f138501dac919cd57695e5ed50b5eb0ead4abde7e8e60ce166983a84ab190eb5521c85e72ff78bacd8911f21d42fca65d40e5ec14036c165d204492a035e6f8ec64974569629940b46530bfdc2bf9f0587afbde95e2199b0f011e7931f3ea0944213747e127dc80fc06bf0d0e25991c8a02060c8766e99e6e465a949ef2a9b76244e637d399868d799d08b975de71d9e566714cb5aa2eb99c16b132da00aa063ac954ed0a34848eb565da08a93e") (async) read$auto_proc_reg_file_ops_compat_inode(r6, &(0x7f0000000040)=""/9, 0x9) 1.517188133s ago: executing program 6 (id=1523): socket(0x10, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000000081, 0x8, 0x2, 0xfffffffffffffff8}) r0 = socket(0x2, 0x3, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8000, 0xe9) prctl$auto_PR_SET_VMA(0x53564d41, 0x20, 0x9, 0x7, 0x2) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_3={0x2, 0x101, 0x3ff, 0xffffffffffffff80, 0x1, 0x1, 0x9, 0x9ce9, 0x1, "e1fd3ac6e88c17d559e8b53bdd94ba79", 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x60b, 0x1, 0x82d, 0x5, 0xd, 0x8000007, @attach_prog_fd, 0x4, 0x4, 0x5, 0x6, 0x8, r0}, 0x12) io_uring_register$auto(0xffffffffffffffff, 0x1f, &(0x7f0000000180), 0x1) r1 = socket(0x9, 0x6, 0xffffeffb) getsockopt$auto(r1, 0x0, 0x30, 0x0, 0x0) getpid() mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) io_uring_register$auto(0x2, 0x0, 0x0, 0x3) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x100002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_0={0x1, 0x7, 0x2817, 0x4, 0x200004, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x8, 0x7, 0x5, 0x8}, 0x10) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) semctl$auto(0x1, 0xfffffffe, 0x3, 0x5) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r2, 0x0, 0xc3) 1.219122839s ago: executing program 6 (id=1524): r0 = bpf$auto_BPF_BTF_LOAD(0x12, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x7, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x1d, 0x3, 0x1) bind$auto(0x3, &(0x7f0000000040)=@can, 0x6a) setsockopt$auto(r1, 0x65, 0x1, 0x0, 0x0) r2 = socket(0x1e, 0x1, 0x0) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0) ioctl$auto(r3, 0xc0045627, r2) epoll_ctl$auto(r0, 0x8001, r2, &(0x7f0000000000)={0x400, 0xfffffffffffffff7}) 1.076001328s ago: executing program 1 (id=1525): mmap$auto(0x0, 0x40000c, 0x45bb, 0x9b72, 0x2, 0x8000) epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) socket(0x2a, 0xa, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) bpf$auto(0x5, 0x0, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40090) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, 0x0, 0x3, 0x0) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r3, 0x4018620d, 0x9) ioctl$auto(0xffffffffffffffff, 0x4018620d, 0x9) read$auto_kernfs_file_fops_kernfs_internal(r1, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3b, 0x0, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0xf08f, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000001ff, 0x4, 0xd, 0x1, 0x3, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0xd, 0xd, 0x1]}, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) read$auto_v4l2_fops_v4l2_dev(0xffffffffffffffff, &(0x7f0000000000)=""/194, 0xc2) close_range$auto(0x2, 0xa, 0x0) 685.709457ms ago: executing program 6 (id=1526): mmap$auto(0x0, 0x400008, 0xdf, 0x14, 0x2, 0x7) userfaultfd$auto(0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) setgroups$auto(0x3, 0xfffffffffffffffc) r1 = socket$nl_generic(0x10, 0x3, 0x10) splice$auto(r1, 0x0, r1, 0xfffffffffffffffe, 0x5, 0x1) setsockopt$auto(0x3, 0x1, 0x9, 0x0, 0x46) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) timer_create$auto(0x2, 0x0, 0x0) timer_settime$auto(0x0, 0x6, &(0x7f0000000000)={{0x100000001, 0x3ff}, {0x5a, 0x2}}, 0x0) accept$auto(r0, &(0x7f0000000240)=@l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, &(0x7f00000002c0)=0x7fff) timer_delete$auto(0x0) ioctl$auto(0x3, 0xc018aa3f, 0xc) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r2) r4 = openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/bluetooth/hci2/force_suspend\x00', 0x201, 0x0) write$auto_force_suspend_fops_hci_vhci(r4, &(0x7f0000000280), 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/driver/nvram\x00', 0x20000, 0x0) pread64$auto(r5, 0x0, 0xb, 0xcfc) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000011c0)=ANY=[], 0x1058}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/stat\x00', 0x4000, 0x0) sendmsg$auto_NL80211_CMD_START_AP(r2, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f00000006c0)={0x1090, r3, 0x4, 0x70bd26, 0x25dfdbff, {}, [@NL80211_ATTR_MPATH_NEXT_HOP={0x1004, 0x1a, "84c3cb831264491dc2f8bc984414878217dcccda22e550d72c394dea626d1bf6b7f082ca2e030a2bd1b25b2acf661f52bd4f8923d8282d73007c090a154927e40bf5ba55e89dacfc6a51e4034b65d8dfccf4d40ab69f190da531a2881629852b69b2c7f463f9e5b10efd591db3624b41dd0d824631ea201368fe4bcbe78e8e30fb003e0a6b7d31a945bbf830c4f2fcff5480149637b68f284f41bfc1f50ee299398c7eb1d98b4c9f3bd88dda6ee59b1e6f7230788207e599711f969f6d236bef8e29007c8498710d44745241e0b3b4bfa31a08be595fbf93ce6950408559334c6973059d50ce45448719cdbabf082c639d89e531fc45fbc563cd163311249f15ed9c98ffe380bf1f0c7bd51b0057443b06d4084e17602d0259e51d7ab63abdfc4116bb7479fa2e27dd67d222804d79e5ccae5853ff51a824d993262c54bb7ed825b3d36dfec414b8b0594f325586c4dbc800f09c3b4a7c4c32049f5e1ceb302a0875c0222a1e99a6e5745aa6491f11da14d023fc9afc81ca8c126360382b30dc948a639f628b6d8bbbdb610247e6e21d846276697395a04e2c7dd6a76e1e0f9a790e84fd5e548ee7606b0402bf19c5f6d302cc190eb8ce7868090868c8ab8c03167fc9c46c5de239affa940427aa8b40fe4c9bc8f7f2bad1063e209b4bd11ae2a3ad0037af3c332a076802e97f7031ca52e50530d07ca98eabdd3f59d5f02afa50ee7e4095ba98046baf0708eb3fc6a428c1cdbe1d240f80ac0442c80383eb5825a3f888b96163563f8135b320411dba71d9c6094ff0cab5c7f4b625c03281f2a858a2ca33066ff30e70ba5d37ca53489b626b2ac41576b8b84b623c7de786499f9383030085683f45ef9de373a36e4806d44fe3077bf5c5df335ebd136516c9cb969b52ffa428537de83d32c6577eed2c1eae3bc78ffe6d07c5e5774b6ecbed133eb75e0620910aa01080210c47fedb8f4e183a9c7861341902f31b2c45442ea89bf73013f469dd75c227bbca14ed6a1099c5faaf8d704a38fbc67b93b6da86413c570645299b008dfe6ee48e47d16e63b74338ee3e65826bc62af8f862096b57d097debb1d1be46739b8ae3f710e9a6d806601477a540a23014e742b572e54ce283d51568e3254f4ff46237cb7438e732d6251e878f532c090c2ba0d538d872e777616d8943452cf95af762dec961f7c8d899e102ecbd2c125a4cb81d7e041e433614eab843583348e666393c2228d1ea8e29b642e87c1256369531e309faf5fc149c9dd36a3d22db255df0a8d4be27723ea9aa3a8c901e7a41592ee452fa3a0ff8bac00dc48afc756f73bfe104a93ee04dbf3a9836dc30f3f6f9d0d3d71065150704358361e47a874a93c3a3e2058ffcc97912c95bff5efd8225fe7fbf182f4733828861d182c269afd0d6275d35fe9b8a5ca9be577c87d63a6dc029de24a7de7b5a28c7d26c6ed6fc9ea11bd59dd6d24eaa6968a9583ee70a1815acb74241a3645d35f29b30405b706751eb6972ca169f1354411603892159a92f4979ae63b7365118e1ba3fc9ac279422b3f1ddf6c33a747928123e02f0fef856658e7e60efbcd1e59a8323781c82d8f0a487c0902b2f17e73ba05e18776566ae77e1a473016319bfdc785c7425a1789953ceb118925cb98b9a8ec6ac7e3d816128b7ff33a1aee1da0129bd872a1014c5c428dca050b2a50c2769401fb2a937522845ae9277207dc7911c3b2b3ac22e2407b8577daa13477be4dfcfe7a0731bda15108ebef9b1e973654e83cde2c0be9b765e81da0a2afffb7858a20f10c11497c2d62e69ea117acea2cf018d9fe84b323007972999621521aeeb140c9e18bf62f56ec01796554fd9b00670a46162c6c95483584bde031f560cf74ebffcb33992bf93dd968f86f365ee011ed3700f929d9c506fe9e7fab534ff39d0ec3c4ba71a535aa74b004116364ae668b19e7bd2ef674f3546774fc1499aeb25638cf3c59e6399c4a314003480da50efae0ce99d3222a0d8e7592671914f2f94557051524dc22c31a88ff3ca32deefabb00775a0603a8abfc80c4b8fe4c6ce55cfd166c83243d8472fe675ad5d4f7f9c98f628d263744117892090d6b0a00d2e9161c004113e02ae439246a11ae612029b1d0e63b4aed33800fda35c13f0056cfe1f3befa2ee608881d2c4fb0dbff345276e9470f5ac6c151ea7994c02f57f0ff57489b91f09407cac309d97a8939365ab4721ec63450aeeccd10f680925bf657e36875136786ca2af8f608b81278fc9b86fdd9950eff5926910ec20a1cd6a88f50dddcfcc6bc1083e5542138d076b98b7e8daecc2ffe1318999baaa8eefa3254fbbb6817fa6b990e8bac485b3e4db2b80e3e455b0f7e653db3237548596ddea00f7a608e6abd104802daa4f534b7ef9407d0474063fa02304d3047cf2451ce2acaeffdc05fea8eb9f74ee312a77fa367242aa677cba0468624f0e5ce8fd9d9813fe5cc74a5528c428fc3a50b338fc715432da6957dfff2b30904bd24ba9acce80d8ae7f8c7cae06e9afef8d6d4dbd8c870e23f1b3dbbb10d94477c12277000307c0a5f6994b4b0e9c3f2550dd1f30aa3ac7a2adc0c750ce26bf78198c88537b161e630bf173d3c9e87eba72dd47b98d484ef512c7850a46bcca8f5c03d9d99eda7974655c371e5f7c7a8baad370cee818dd491fffd402ea91907a63b2782b6826c0983de221cff8c7ded9946a85605786b2728fe6030f057eebda1a82bb339b28441d771554d57ce36235ad3286b5b16a009a43a5370bbaec8ae2ef4e9d2c5b359c242ec750e6fb3355f93ac7d8bdce711881ef334533ff62ef4637cc05ad6dc3761848cb168eb78c62838f3749ed3b94fd9b8ef9fb2e102d5f6ddb9fd2dd41f1a595283b841197ab346a8ea12b455cd5f6791eaa072c7603253fc4443b938d6dfdd666459c12eb074ef1c500a213990920a3097aea52d42f2d05d600ea4dc21c0acbb3ebd37594506d6082ffae8afe98247227aac4bbd4b78bdade72d2b4a79c743e9801380d8c1971c58d0c072ef10d7efa7a11c85c2d0715c68ea05280c46ca29668194040af1b2f3812f755edd6bf58acfb82ed108cd9c746e2ca19eade8e0e03a90852a5ae84df775b421274ebfaf5dd7e670ae73e8ddf82e76aad1faabf47c056af664f4a002e9e6ff6aa35d4440078e72ea8927084ee00781a6afe0d8a27aa0195ece61caa37650a1ca7312e41b7cbd940b17a59f9b3c709160523ee234b06723acaffbe3dd79ec1170edc1dcf0629ab67dba7267abfb15cc3be0de20bc5c27f0d52f2cbeae1565a3c4e7215c01855531059f4752a05abdac2ae3a279755f7fd5ea3be8bc0697db90f0d6b9204e6642393dafeb634ac3fac3c9c7d0bd736940e9458db9574a709481c206f3bb5b075f263bc58e6d08132e8040c0a26c1a37583c56cc6e86c2c76a3add10ccb8c0f50573f7a0e676e8348b49b5ad0f3e51254ae7f56b6f8fb844a243a7397232d7320db3e02995279143b7b251ba15f657f6b39b5856a53a9198a6658399528880857c02ab240e0da8a9250e812126ca4dc4e6b18eea15a5f6e726b0d8ab274bffca7900494f265087441e7c5403259626f2ed12e162e5dbc2f50f99fcbb69dfebd8eabb93675ec3910b6dd6e436a01a9e334e10c5ec6ea7c63ea7935818c7f0a8db505c4414255ab3119225fe9ac458be85120699f0180e7bd84d314bfd9cf2532e4e1e88cb3dbdb3e351d9bdc5f5d479a0eafb7a572a9fa9f2ae0d781f9430240553e15c0ceeecaa46b5d73bfadcd399c16bb8e76975035c256439a17a5135764ace07e2840f6056202778deb9318c657c33c2aa51e5ed4df16385326596928673a0f732b2b6e84d652bd06ef2b23a75c1b22133b8ea2d43ea13772440caece5ff97d0201b261797fa82ac8e90df1db1e7071107b516c1002ad99b6d5f8c1b551d7d158296b7b21a6414c74e8694082b3a5afe2ba4387347fcf840a3a3c3d4f4fdd95dc1544bc3d4f06cba6af7675d5cf142e01f870861ad780ad879417be1222da53999ecf5bc87cdc04d4238f06a6b49f4af2ba6dec8d004b35c98107fdfd47b191d1d3f8fb34aec6aae8489e0d0a2ba51fbce83ae1a36a0f5c1c77fa1e636135767b6ecbed59abfbfeaed5740518d4cf5281189cb9c020fea79bf5c57dd58eef370582fbc165d19d28e1c43f3c694f520b842ca4015f832b1184f98d980f3a8b5717196b530b048b52d4c03220afbc75de584eb0a0058e1e7eed661ae0e41d5e7eee7c226f241726a5438c6ace5243e3bee9c8ea1e9de01345fbc5a48a012b75afeb1ee2cfff58b738f487c9ddd419f047380f22670f6bca7bb01c1b86c3b39ed3b27c1cbc9b6ffaf4afab9991acaa89832b3678fdd5b7b56f053bd80e7e2d9f4ed052d95b10bd3868cf99f0cc8a609de3324ae91eba4ad7d99f96a83ef35e4493dfe51f6660def800860bea6a5d2c28efa7f031b52a95a85666aed69cca88d76e5632d473f26a476d9f8679a401985231c542494841441521702b548e92cdda9393d36e37eae9535e81483b416636af58d61703e37efab4a1d8cb93647f5e314a9838087f4f8490c6fdd456c5221dda330c89c355f225f552d4de033470f4fa8baf272d8b4470eb922e9b33547d0ac8dcf585dc58218a5ac0bcf89fb2330f2451d72abeff80a05791319eee7ae1c457a055097db7af15911a6f4de0f2451e197362637da73d5228c15aeb4fb2e2ded5b20f411ee0fb4ca76d38ac5a67e196278b84dda7e26d7dd28e48033da32cee9eafba31bee96dbe56ef3eb86bb61e6241e60cadc60ac50b975cc1f8d73af2990e274e136c53e63062f24ab23929ba2ab204f4ecbc7f0421515f05ed24ac5bdeb6d956d6c8ef4b7307df01b7349bc6dbebfbc0849e11b52d58e954ff220b332208dd5df1bffb38262f2cef9946289927c8813ccf1248923595acea76c89d90147dfe22c319bbe94ed0bd3ee7e2ba2667845591d8771cf1ee14942848d31c0940578b943bd0fdbc33288787f41918d36c41de5ff1473229bea34c84fc350901850ab88e7b3c1e82bbb1dc8abf26edb56d1b7eb9b05c78cc2a6865da916e90aebaec71c2230383355bd1163775cc33d0314dc42e31a042f821e1faf9a37aacabd55501447efc45c270b3de43fc9d3ece929e89bead01be4224f74b6708964fc01eb989f53f14c5768f775778ed7f9aee817cb0a35ad007c3d125029dd443e5c433bddd3b7dea8226b990668addeb92d9eb2d973c3031d9ac83ebd778f273cf0c64bf2e36b9a3586c9cf6e8800d3e255977b5e8b26d6820da3036a528ca039354b20760716e843cde4a9c0c4bc10393266772d420f7371c1630bc6043b88be44278994997eb10b861071f84bf8cc765e9e3d3fb5f0263cbe70f91b9dfc3357f4f82c517f563d4c62cee608c081850a45732df92e096fa7b932382afb0e18458fb8f9028088d064e9eb17d3d33edc5df85a9469b98ffbe57f410edffa16aca493ea90e4349fa89c1dd52e2aee38955adabc0372c3c037e7ce62a11f57d32677ef32632e3832c54a0c3d33f568957faeb5de9921bed62d652279f50d232b8a05269c4338bf1c24bdb447b4e5dbef83c357bfbbf32bae35047f00937d869b8811881688ae7d8eb299f87f3631a8fd4a892314e4acbcbfcb46853f3e9c8d1573820ce57af040c2ec14e514d22716761e3bdce06b70c5d3ddd886e3f9991e9606d5f71ed30d9aae9e6828f2e0fbe17785452c03e6469de35fcc5e5b9f06483e1880a87f2b121fd1f0dabe"}, @NL80211_ATTR_REG_INDOOR={0x4}, @NL80211_ATTR_VENDOR_ID={0x8, 0xc3, 0x400}, @NL80211_ATTR_SAE_PASSWORD={0x47, 0x115, "8d520f2660a42d3ca73d0b197a39bbab07fe531f07f99f83cb345a5860709df1fed24eac769fd6a9b2ca875e3ba73adb580876e34812cb370709f77ab18826732b678b"}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'veth1_macvtap\x00'}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0xa8}, @NL80211_ATTR_TIMEOUT={0x8, 0x110, 0x2}]}, 0x1090}, 0x1, 0x0, 0x0, 0x28044880}, 0x8000) sendmsg$auto_NL80211_CMD_GET_WIPHY(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r3, @ANYBLOB="810b25bd7080fbdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) recvmmsg$auto(r2, &(0x7f0000000180)={{0x0, 0x5, 0x0, 0x0, 0x0, 0x2, 0x6}, 0x803}, 0x10a, 0x6, 0x0) 552.776465ms ago: executing program 5 (id=1527): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x20b02, 0x0) io_uring_register$auto_IORING_UNREGISTER_FILES(r0, 0x3, &(0x7f0000000080)="193f32b995f0ecb4ddf8cd83baeda5c352a745214ad880cc4c561670de2d13131c656d339507302cd18f379f551569932d17bb17195ecfc677eb23ac801128003ef54e78817f1a", 0x3) sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x1000000401000, 0x2020009, 0x2, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r3, 0x0, 0x20) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/fs/cifs/LinuxExtensionsEnabled\x00', 0x48041, 0x0) write$auto(r4, 0x0, 0x6) unshare$auto(0x40000080) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000000)="b2", 0x1) r6 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r1, r6, 0x0, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r7 = socket(0xa, 0x2, 0x73) sendmsg$auto_L2TP_CMD_SESSION_MODIFY(r7, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x24004001) bind$auto(0x3, &(0x7f0000000040), 0x69) select$auto(0x6d0c, 0x0, &(0x7f0000000100)={[0x0, 0x1ff, 0x800000000000008, 0xc, 0x9, 0xfffffffffffffff9, 0x6, 0x1, 0x400040009, 0x5e582972, 0x4000000000000000, 0x14, 0x93, 0xffffffffffffff17, 0x8, 0x8]}, 0x0, 0x0) connect$auto(0x3, &(0x7f0000000140), 0x55) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) setsockopt$auto(0x3, 0x1, 0x48, 0x0, 0x9) socket(0x10, 0x80002, 0x0) 445.146878ms ago: executing program 2 (id=1528): mmap$auto(0x0, 0x20009, 0x7fff, 0xeb1, 0x401, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/irq/12/hwirq\x00', 0x2000, 0x0) read$auto(r0, 0x0, 0x20) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/nbd7/queue/iosched/async_depth\x00', 0x8a601, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/security/tomoyo/domain_policy\x00', 0xa7b71a03f8036820, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x23, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) pidfd_open$auto(0x1, 0x0) socket(0x2, 0x80002, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_tracing_cpumask_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/tracing_cpumask\x00', 0x688480, 0x0) socketpair$auto(0x1, 0x1, 0x4, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12de82, 0x0) ioctl$auto(0x3, 0x40106f52, r1) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="27040000", @ANYRES16=0x0, @ANYBLOB="000225bd7000fcdbdf250300000006000700fe7f0000060006000100000008000300000400000a000500aaaaaaaaaa3600000a000500aaaaaaaaaabb00000a000500000000000000000008000200", @ANYRES32=0x0, @ANYBLOB="060007"], 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x40080) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000140), 0x101400, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004c18}, 0x48880) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='h'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) write$auto(0x3, 0x0, 0x100082) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) 320.062213ms ago: executing program 6 (id=1529): r0 = socket(0x10, 0x2, 0xb) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) timer_create$auto_CLOCK_REALTIME(0x0, &(0x7f0000000180)={@sival_int=0x8, @raw=0x2, 0x6, @_sigev_thread={&(0x7f0000000140)=&(0x7f0000000100)=0x7, &(0x7f0000000480)="194b2eefaf5d7ba4b169202609101e6c3520af87ae1847cc22b67dcf6fbcf88ec65e72800a3f1c6c102eb8f50564c99ac3d3dec417294df3d567d25835eacde4bbbe33efaca8804f3203f2ff082e5163e6263ec4e9a9364b34607b6311d9ccea7c1401f45841efea2e5b2ecd384d364d391ff65b71f6713a1f590857193ae424466a7bd85d65dbebb4613b5bf6be3bed768b796cd4fbafa1344d1efaeb16330e8d2b1a0df98cadb8d678ff2e83b06d4b35be582a0fc1dd27a717c06ffd4f5358a4546113ca4e9b6b0b475a2e7f44fccca3f49d10fb82084a8ce3eb0d3816ed5b11f7741b2c0ad39385d9b532e78987d92e912ae785fc53f2adec33e39c2fce4a1705039aaaf503c1e984cf64fca5ec0dc5c22c484abad63b53cc0e0909f70a83dccab4cdc29b488b692cb68b61114c8e37fe8114cf91739054c257e525ebb7f68ea31a94599de956348d0b11504bd70001eb7e6c87501da5930e48deb33368755aaeed9e67220c323a8befe0ed3ac5f7bb419699d757a7374127091119289d355c643dacf515afdf990d15f0e7ad6f8eadd279f448601581e646acf56c63d4ac12b2f68b833613c9ff0d784da64ac3c5cb4ec22f7988f4deb6d5b0600497d08c871cc06203fbca94a251e1b8bcba3be8ed326cd2a67092de4e5816230b2c6dc9e308e0b58117e9e4cfa2a648fd9b3393f707041bf5cab7f2dd535ea03f318a14b7f0841391fc99fcc2871fe6c92b80aeba6241d38ebe9d96e7797c76a7da5c8339dd78b2335e0bd316bd27310b108cdde86540fcb68b37742b45f19dc5b28b0d09dbab66b9342ae436b08cf4521373a149a3a1651c9bca991ee8d8997df35cf14c30da2ec903f4cf0eb43551eed1a09e950a369bb6afee2fe8b85b5f9ce5c88b552ec2a1d9f3c3b865f91d0f75e2c360083b2855d6420884476c654adbb4922a4de0c2259dc9af4784d946b523bdc7bbd25076e034ba8148297b71892772343fdacd431a706972223ae4a2e8ae3ae509ac7e7731597536e9edaba9fbf2a0de8252690aca38815c464089b30de24619e4555d75b4b030b81e32ed9c925f31aac0bf1114fda7a3828e6adc82e251ad7cbfd20f1a93d56f24401483f71d361c8325031c760c22292aa9de41a7fbbaa4a70078d6ed73343ba998b701cb5f48f86b9ed45d806c078a1fbc4ee178d9274c8cb99e33c331630c26d7d16a932823215e8aa64d3e4b5a205cb31eed4dd53e690121b3797825e8a03f489b1dbd3e48f8557d6949d7f837ff3a585b9f44bd70e974ff8ad74391324d84187bbddf42fb2dd9510423cf82f3bf993d11527db696b3b59416cc4d4a76ba6e4356cdb7f9e98c33226ac0eede0241ecbcd3195b5ec4ec69f08171661a7118a0b44a43f5bc114b6f416dea2a6d460855d0f6039c91a9612e8c54cc5d532b4d02438dec7e2071b7f32c964be8f9eac4f9b82cab3b43dc22f6750f81418d869b8138631a3d8679213904dc92721e8e9f04c692f63cb3d7710571586fee1c7db4077801f464b327286d8a08588c6f8a1e20783b5e4ac8fa7b8c62a5d8787636be7cfd10ac81b80bb26143a92247552dfc09e95ff0515d54a4d019ede821cc0af8b7432d9a64f4af9aed3aff2b2bab83f4745605c24fc94ed5d53ee2a9458e846f74659e4d3d096ffbf67ddb353dfdc55c31bbc807b132566ece23f5a588eb1ebd59b825eaebfba9f2a402c4f1fa174d6b8a7df78b1ea6cb8a2ac82ca05ca58df170d5752e78f7448c77bf1f4312400e35d006ae67536a9fd4ac787c963f00b04f8d9c3c5c4d77453b8c7c6d17f1fa1ddb94871dd3a1a2de3872c57c0d2c1db36c0c23339d3562b51162d042529cb1f6f9bebb1d0603ecc05e2ae68253c4cc93c588f2723cf12f54b6f457da633a269ddafa4701b50247f9410dc2e77d0c3d9f433c5366d8f0a9f9a53b4b74bad61f19b94ce6d9928fd26587713353c4b51cc4513c1e6d560e877ad8c9d33563f543f634a19584d4951f98579b6511ec9f5fe72d8d2b57d12297c2b973aa9b63154d19a42bc24617276555fcb595b19e67a00aec3402255c30d454b4f9757134f1e20c7a7078a573bf2a65aa14577b3c16e3b88db3259ab5c9679e21079412049993a5c74acc74b9ebe8e0b88c019663d5458d924d4bc38eaa4e977826b09b4c1832c0498c9fefba12e42afbd0a248ba6168b58c1eea55d4cd8b2e115adc856beb2e5f9f28df3c8efbf94e1f02e342a96c0dc997ae08ff12c2153830a097d0adc10ad4e9957ef50ecd9b918342482438b76574a01e873480d573feec6da40ed076f70199fb68fea21bccccf01a4bcdb5475dbb9af2b001171808f39f8c4ec6c6e244bbc818cf14a90ae5f97f492243248072f7fdaca38ae987bc4706e1a3bd9d5b2a7e07a6c98aa2991c124e1c198213d94c0b95a13b6fc8cf3217b6405fb7f8f3949c14d593f376ba847825cee75e9200fbdac3be9e120a676fc452e51383a6e89ad82ce3b9e8e97e173d745fea3d58931e02192de81ab2c35be4d7366737d4609ba2be4d165274c000bd669c1b56233736ef1a01b28adbb5bcd6cffe949342d1afd33f091676747b981559d9877de211781fcf759d0eb4863f86c6df212755ea7b439a9d5c70527d61e9e4a81c2d10ad71596286d2db428513d61dffb0601633d44008283b5bd622b3ab71b2e9b23aed29630dbc2e053404d1de2ec15d9d69673e5679560fb70503d9671e860ea28a92760943ba8a0b06d85e9cedd724867d4b1d4df244ae588c3181fd55c8c921cadafb6dba5a0ca17a4b93c14e9a91d35833f205587c7bcefe9b35ba89ea94236d14b8e6d93242ea01fe345c42f8034b53d6f6307c584372a82900c660b7f6ff2206cfc766583b8a0a8041d1b01efb4d53a5acc22edc740041171958996ce8069e746b87d6c17373824914b4b7dc0d4f480544b16092a7254a051b67ea2679d1aa26893c8665a3cc3fdb19ba1cedec8b1775b6406a9cea57fa9d67f812c87684fc9a770e90e561ea1aa115da0f95436946426ebbe601758dee27b00ea6c0476ac17ee9605ff37d10286151c4064e38559d684cc98cedf8bc012d53f1e01203070a7730d6058255217a1a3b0907b556bc6395675f9fc2af98d8a169e1df36fb5d3de3bfbe6b79782f2e002f6e6bf9d69a98c1db94692359aebd471883dc9967471bb6ee8df7097e92e6068ed546d7b15a06b1d080ffa947ecf4e7f8b3a6653c27cbc6cdf4dc1fe32dfa657106a80475945b4d85d66d2fe2dd2427938feec9a10f279fb141636a4b3cd0742ed099f924e1f933117f5c6ab5e92d07c23a829e3aa05043e0076ffea5b18db9ca6d4dfea920ba44feb620404e8d4b56198e19072b441f3578d06e52b69c1a56823e2f7aff4ae5983c365ca738d6ab1a5e7b772bec66a17d3288bd988c5143aafe7f0d3b548a3c7151296a7569f28bc176ab9e8dcb1a6616881c3e2afcad4341b419d0023958f185bacb7362f2a89fdc0420b224e3666ad5efc9e5719df21eec7887e08f9611901123c8e7a6d54f51e1aca02155ac1087c225e95197298db38f2546453a37d0ae5a0c68e306c18495c06ead5b55793ced7cbb133b8ab44dc45383e68bcaebba72e913bf388b78705e7c63c6cf7225406f57bb40317ad15d29b8e9e1297f9dfa421aa50abede3849d7052eb8ba2d1c92f6b11aebb29f54b6e86163053286e98d7647745c60b3714ddb8d802a2543fecc27890b640f5bca590e8c28c9ad14557eeacbf7a6ace253f7b333af1cab17809ebf501f13f7cf1abb1fc0cf1557857b346ce52e931b65bdd6575e12e9a6860dfeb0c6aed88e0e42a9cea57b93998a19e3901d57f2b82881f64aaa39c6e1468736f369934bb1d44c0d49b4b714b5f58e2aa9d891d5cb5bff8b19cffa1f4728fa5890797283bc65b7fdb0a3a6b2ef5aaa4a79d48cb1d64a542abb0780065848414148df3012ea38283b9ed1ca7663b111dcd154db5ad5eb238def2e35621c8627289d32a77f39b1baa6708eeacec0a50cbe024aec24638b298ea4413cc57b91c6b8b031a79c133c711f5066da758f6c882244c6321994f98b499ee0150a6a6fadb454443b507c43e06bb24c94292e9bd8591aac607893f138ef80a11b16934e237c1e9b0d5b10f71e236be2034815d0f97ad2d1cf7c7eacb947c2e2fa52b49125cb784dec9e92c0174a9021cb5fe74fa7c742ae7dce18dd9b8dffe733959ac4cf381808edc5456fc59c4dcde86941e1906cce309feff3e9aaf828a72f2e40a15c2fa7dc614e6d57ad4236184f085a9bb236cae1a2ddf9255742bf264f4440bb75116002f0cadbd2f7976b6f20500892a133c703aaa374dde1c717a3f17c9b46187bb2c11ec1cc73dd417967b616f1b398b83ac1fa8f250e000c881c2f0c236cb6938027343dbc8d19dc1ec9888100b2627512bd998aa3d5c006dfbf1335cb08a9759fffd96ea34947509d21c6a0d45629209e680474dcf4b33ee71612639b54db47b1d5ec92f3654e62a86a83459630486696c3a6cb3a4941f6299a9abe753262ef2cecbc821bd263a1a926e72dd89d1f9b13ecaa4c51030df2d8114cf1a3e51cce504e138c2ae337aa1928b1e1a9ef43b9030faf9aa7996678d0fce99481c18050bdee4397bf0da5cab8f7bd87b3bbd6c914d66f7cb42b2e04a04801f58e689a62fd78ba31eb3bcf25e73ab9e8cf599e052eb8f5a9f35dc94241a53602978fc8949c5b4e5b78c1eb2a7bceb8a6722971c1544396e91dcbfef7117486fd3eeb0c2832ad45b6f4dc0cb1b02ecf1e66ceb630680cd90a8810b7d5e49ed0e1ca42f4aa5442cf84c3cb105fd7aa3576e7dde57bca7b5aaf59c6d7367fd284e326fc7ec75246e73d26969a24ccd2e4d209a712de929dfa501d1cf3f3a3e430fed65ce9f9973e60ba08ab68915c0410292bfd55a6b65e05517ba71c0181be30529c865274df4e3d2690326fc03e6d3a7b8c7b3f377bb1c7a67d62d3b84b353e442fcd6c6255106bc091c6bcd25bd444fe647a3b52218d6bc143785567acb34a7119d9874e170074013ccb76be256ca8e845362fdc107a47d20f87c8ce0c1bcf54ad9f91b60e1c7d3b18b9fa160f2a0e77e428fb97c43c4b414523b913d2abfdf848cf58189eb5920441ca0e340f607ce199f022d60ad48a3edc4c1fcbd7ff730fd9dbdf173259d7b5dc7fa8234504efd8736b75bcadffe64361a4922803c926d1bdff59983ce83d27223608519e35e87696bfb5b9894cd50c4c27a32240fbde083fc03b9306c6dbb6dd36f911bd2b6630b138d2fbb631c8038fc9b24850703adb32d473f4a68fcca99bc2f7b923485f05a8c6a6f0dce3c3191b437157d651d1d5d068c3f00d6743ba0bccc57b22cf7ad47578330325fbdca609d3bce66df593ba30c76a673edd0f8794a719ff8d94e0220e39749a3ac14dc6044abe4ecf725d4bcd6105802b240671b64631e1f7bdfd7944f05895c6bdb625d47f31ca13f8bf8f396578b98608d30a4feaed720b8f32b1b41e986cef0d32462f6fcfae7d10550b4933521f4fc4067579ab71070691e7436877e00ecf2702cb13a6c1eac87b0786673c001217fc5a5e044dcf0ef7bb6f98fa2ec1addbd2d25af3212e19c624332662a2e7e766ce03cae958d85351101a44d6f6f0a4a0e0d063c7940cddb08d0d3072a6e3263e85b58cce9f298af286e621b8184f3d6f003f256f73f9768ca82b8602278ef936c321e9b0b5673d29bb24da7de346558e07b760d6ffbf685f52cd51315e71cb4186b5e451716419ea7d1fbeb8856d"}}, &(0x7f00000001c0)=0x2) r1 = memfd_create$auto(&(0x7f0000000000)='!\x00', 0x16) r2 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000300), r0) sendmsg$auto_NCSI_CMD_PKG_INFO(r1, &(0x7f00000014c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001480)={&(0x7f0000000340)={0x1c, r2, 0x400, 0x70bd2c, 0x25dfdbff, {}, [@NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x100}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x40000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x10, 0x3, 0x6) r3 = socket(0x10, 0x2, 0x4) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="f0020000", @ANYRES16=r4, @ANYBLOB="01002dbd7000fedbdf2505000000da0203800800c000e000000204002a000400110008002e00", @ANYRES32, @ANYBLOB="d152e64e22695352dd73864415aa8a78c65e6ab752fb4d469a47a092ae7d5061cdd9690cac4138553ecfbb1b32dd7c33b14cc842bc1e2a5da4203e64ceaa9db5223aa655b6313c011b3e73a75f1aa1f7b2ea43344b15bd494886e355cf6d92c8fe670a42bc677830013e9c4aa4fa30c3e6630bf0ed13206d5a18f6813c6fb03466112aedf5d67bb5b99fe96a6dcd279916b0bce029925b63c48d41ca8a76e46c6014100005800c00c50003000000000000000c02368008027a8087010c800800e800", @ANYRES32=r3, @ANYBLOB="0800fb00", @ANYRES32], 0x2f0}, 0x1, 0x0, 0x0, 0x40000}, 0x50) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 29.714496ms ago: executing program 2 (id=1530): r0 = io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x8, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x52, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x151640, 0x0) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000000)=""/7, 0x7) r2 = openat$auto_proc_auxv_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/auxv\x00', 0x400, 0x0) pwrite64$auto(r1, &(0x7f00000000c0)=')\x8e:\x00', 0x4, 0xffffffff) fadvise64$auto_POSIX_FADV_DONTNEED(r2, 0x9, 0x8, 0x4) io_uring_register$auto(r0, 0x15, 0x0, 0x9) io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x8, 0x1, 0x80000000, 0x100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x52, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) (async) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x151640, 0x0) (async) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000000)=""/7, 0x7) (async) openat$auto_proc_auxv_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/auxv\x00', 0x400, 0x0) (async) pwrite64$auto(r1, &(0x7f00000000c0)=')\x8e:\x00', 0x4, 0xffffffff) (async) fadvise64$auto_POSIX_FADV_DONTNEED(r2, 0x9, 0x8, 0x4) (async) io_uring_register$auto(r0, 0x15, 0x0, 0x9) (async) 0s ago: executing program 6 (id=1531): mmap$auto(0x0, 0x40000c, 0x45bb, 0x9b72, 0x2, 0x8000) r0 = epoll_create$auto(0x4) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) socket(0x2a, 0xa, 0x106) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdc, 0xeb5, 0x401, 0x40) ioctl$auto_USB_RAW_IOCTL_EP_SET_HALT(r0, 0x4004550d, &(0x7f0000000180)=0x798) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) bpf$auto(0x5, 0x0, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40090) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, 0x0, 0x3, 0x0) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r3, 0x4018620d, 0x9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3b, 0x0, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0xf08f, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x180, 0x0) close_range$auto(0x2, 0xa, 0x0) kernel console output (not intermixed with test programs): 0712][ T9759] RIP: 0033:0x7fa8caf8f7c9 [ 285.870724][ T9759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 285.870738][ T9759] RSP: 002b:00007fa8cbe3f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 285.870753][ T9759] RAX: ffffffffffffffda RBX: 00007fa8cb1e5fa0 RCX: 00007fa8caf8f7c9 [ 285.870762][ T9759] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 285.870770][ T9759] RBP: 00007fa8cb013f91 R08: 0000000000000000 R09: 0000000000000000 [ 285.870778][ T9759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 285.870786][ T9759] R13: 00007fa8cb1e6038 R14: 00007fa8cb1e5fa0 R15: 00007ffd72640cf8 [ 285.870804][ T9759] [ 286.100084][ C0] vkms_vblank_simulate: vblank timer overrun [ 286.521138][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 286.593846][ T9763] netlink: 342 bytes leftover after parsing attributes in process `syz.1.826'. [ 286.747604][ T9770] netlink: 8 bytes leftover after parsing attributes in process `syz.1.828'. [ 287.160941][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 287.167000][ T5150] Bluetooth: hci3: command 0x0c1a tx timeout [ 287.840694][ T9787] netlink: 28 bytes leftover after parsing attributes in process `syz.2.829'. [ 288.458727][ T9797] netlink: 342 bytes leftover after parsing attributes in process `syz.4.833'. [ 288.600262][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 289.089145][ T9827] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 289.239606][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 289.246334][ T5150] Bluetooth: hci3: command 0x0c1a tx timeout [ 289.476800][ T9843] program syz.1.840 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 289.695670][ T9843] Invalid ELF header magic: != ELF [ 290.223896][ T9851] netlink: 28 bytes leftover after parsing attributes in process `syz.4.841'. [ 290.313982][ T9851] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 290.333483][ T9851] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 290.381827][ T9851] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 290.403472][ T9851] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 290.555238][ T9872] netlink: 342 bytes leftover after parsing attributes in process `syz.3.845'. [ 291.293104][ T9887] zero sized request [ 291.320602][ T52] Bluetooth: hci0: command 0x0c1a tx timeout [ 292.105032][ T9905] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(4) [ 292.301147][ T9916] sd 0:0:1:0: PR command failed: 1026 [ 292.331397][ T9916] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 292.394416][ T9916] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 293.928301][ T9948] zswap: compressor not available [ 295.291219][ T9978] FAULT_INJECTION: forcing a failure. [ 295.291219][ T9978] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 295.366599][ T9978] CPU: 0 UID: 0 PID: 9978 Comm: syz.2.870 Not tainted syzkaller #0 PREEMPT(full) [ 295.366621][ T9978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 295.366630][ T9978] Call Trace: [ 295.366635][ T9978] [ 295.366641][ T9978] dump_stack_lvl+0x16c/0x1f0 [ 295.366664][ T9978] should_fail_ex+0x512/0x640 [ 295.366688][ T9978] _copy_from_user+0x2e/0xd0 [ 295.366710][ T9978] move_addr_to_kernel+0x65/0x170 [ 295.366730][ T9978] __sys_bind+0x11b/0x260 [ 295.366749][ T9978] ? __pfx___sys_bind+0x10/0x10 [ 295.366773][ T9978] ? xfd_validate_state+0x61/0x180 [ 295.366797][ T9978] __x64_sys_bind+0x72/0xb0 [ 295.366814][ T9978] ? lockdep_hardirqs_on+0x7c/0x110 [ 295.366830][ T9978] do_syscall_64+0xcd/0xfa0 [ 295.366847][ T9978] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.366861][ T9978] RIP: 0033:0x7f2e0978f7c9 [ 295.366873][ T9978] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.366886][ T9978] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 295.366899][ T9978] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 295.366908][ T9978] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000005 [ 295.366916][ T9978] RBP: 00007f2e09813f91 R08: 0000000000000000 R09: 0000000000000000 [ 295.366925][ T9978] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.366932][ T9978] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 295.366951][ T9978] [ 296.186550][ T9988] netlink: 8 bytes leftover after parsing attributes in process `syz.3.873'. [ 297.423207][T10011] FAULT_INJECTION: forcing a failure. [ 297.423207][T10011] name failslab, interval 1, probability 0, space 0, times 0 [ 297.486596][T10011] CPU: 0 UID: 0 PID: 10011 Comm: syz.4.877 Not tainted syzkaller #0 PREEMPT(full) [ 297.486619][T10011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 297.486628][T10011] Call Trace: [ 297.486634][T10011] [ 297.486640][T10011] dump_stack_lvl+0x16c/0x1f0 [ 297.486663][T10011] should_fail_ex+0x512/0x640 [ 297.486685][T10011] ? __kmalloc_noprof+0xca/0x880 [ 297.486700][T10011] should_failslab+0xc2/0x120 [ 297.486719][T10011] __kmalloc_noprof+0xdd/0x880 [ 297.486732][T10011] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 297.486750][T10011] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 297.486764][T10011] apply_wqattrs_prepare+0xf8/0xbd0 [ 297.486792][T10011] apply_workqueue_attrs_locked+0x64/0xe0 [ 297.486809][T10011] __alloc_workqueue+0xf3f/0x1810 [ 297.486831][T10011] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 297.486850][T10011] alloc_workqueue_noprof+0xd2/0x200 [ 297.486868][T10011] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 297.486892][T10011] ? __pfx___debug_object_init+0x10/0x10 [ 297.486914][T10011] nci_register_device+0x511/0xb80 [ 297.486929][T10011] ? __pfx_nci_register_device+0x10/0x10 [ 297.486945][T10011] ? lockdep_init_map_type+0x5c/0x280 [ 297.486967][T10011] virtual_ncidev_open+0x141/0x220 [ 297.486984][T10011] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 297.486998][T10011] misc_open+0x26d/0x450 [ 297.487018][T10011] ? __pfx_misc_open+0x10/0x10 [ 297.487037][T10011] chrdev_open+0x234/0x6a0 [ 297.487052][T10011] ? __pfx_apparmor_file_open+0x10/0x10 [ 297.487072][T10011] ? __pfx_chrdev_open+0x10/0x10 [ 297.487089][T10011] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 297.487109][T10011] do_dentry_open+0x982/0x1530 [ 297.487125][T10011] ? __pfx_chrdev_open+0x10/0x10 [ 297.487145][T10011] vfs_open+0x82/0x3f0 [ 297.487166][T10011] path_openat+0x1de4/0x2cb0 [ 297.487187][T10011] ? __pfx_path_openat+0x10/0x10 [ 297.487203][T10011] ? __lock_acquire+0xb8a/0x1c90 [ 297.487223][T10011] do_filp_open+0x20b/0x470 [ 297.487238][T10011] ? __pfx_do_filp_open+0x10/0x10 [ 297.487266][T10011] ? alloc_fd+0x471/0x7d0 [ 297.487285][T10011] do_sys_openat2+0x11b/0x1d0 [ 297.487304][T10011] ? __pfx_do_sys_openat2+0x10/0x10 [ 297.487324][T10011] ? __fput+0x68d/0xb70 [ 297.487346][T10011] __x64_sys_openat+0x174/0x210 [ 297.487365][T10011] ? __pfx___x64_sys_openat+0x10/0x10 [ 297.487392][T10011] do_syscall_64+0xcd/0xfa0 [ 297.487409][T10011] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.487424][T10011] RIP: 0033:0x7fa8caf8f7c9 [ 297.487436][T10011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 297.487449][T10011] RSP: 002b:00007fa8cbe3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 297.487463][T10011] RAX: ffffffffffffffda RBX: 00007fa8cb1e5fa0 RCX: 00007fa8caf8f7c9 [ 297.487473][T10011] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 297.487482][T10011] RBP: 00007fa8cb013f91 R08: 0000000000000000 R09: 0000000000000000 [ 297.487491][T10011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 297.487499][T10011] R13: 00007fa8cb1e6038 R14: 00007fa8cb1e5fa0 R15: 00007ffd72640cf8 [ 297.487519][T10011] [ 298.325101][T10023] Invalid ELF header magic: != ELF [ 298.854961][T10035] FAULT_INJECTION: forcing a failure. [ 298.854961][T10035] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 298.912064][T10035] CPU: 0 UID: 0 PID: 10035 Comm: syz.2.883 Not tainted syzkaller #0 PREEMPT(full) [ 298.912087][T10035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 298.912096][T10035] Call Trace: [ 298.912101][T10035] [ 298.912107][T10035] dump_stack_lvl+0x16c/0x1f0 [ 298.912131][T10035] should_fail_ex+0x512/0x640 [ 298.912155][T10035] should_fail_alloc_page+0xe7/0x130 [ 298.912175][T10035] prepare_alloc_pages+0x3c2/0x610 [ 298.912197][T10035] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 298.912211][T10035] ? stack_trace_save+0x8e/0xc0 [ 298.912227][T10035] ? __pfx_stack_trace_save+0x10/0x10 [ 298.912243][T10035] ? stack_depot_save_flags+0x29/0x9c0 [ 298.912264][T10035] ? trace_mm_page_alloc+0x11f/0x1a0 [ 298.912291][T10035] ? kasan_save_stack+0x42/0x60 [ 298.912305][T10035] ? kasan_save_stack+0x33/0x60 [ 298.912319][T10035] ? kasan_save_track+0x14/0x30 [ 298.912333][T10035] ? __kasan_slab_alloc+0x89/0x90 [ 298.912350][T10035] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 298.912363][T10035] ? copy_vma_and_data+0x24e/0x790 [ 298.912376][T10035] ? mremap_to+0x1b7/0x450 [ 298.912388][T10035] ? __do_sys_mremap+0x119/0x170 [ 298.912400][T10035] ? do_syscall_64+0xcd/0xfa0 [ 298.912415][T10035] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.912437][T10035] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 298.912460][T10035] ? policy_nodemask+0xea/0x4e0 [ 298.912480][T10035] alloc_pages_mpol+0x1fb/0x550 [ 298.912498][T10035] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 298.912521][T10035] alloc_pages_noprof+0x131/0x390 [ 298.912539][T10035] pte_alloc_one+0x1e/0x350 [ 298.912555][T10035] __pte_alloc+0x6d/0x380 [ 298.912570][T10035] ? __pfx___pte_alloc+0x10/0x10 [ 298.912587][T10035] ? _raw_spin_unlock+0x28/0x50 [ 298.912601][T10035] ? __pmd_alloc+0x64f/0x8b0 [ 298.912620][T10035] move_page_tables+0x2372/0x4230 [ 298.912637][T10035] ? __pfx_copy_vma+0x10/0x10 [ 298.912654][T10035] ? __pfx_move_page_tables+0x10/0x10 [ 298.912690][T10035] copy_vma_and_data+0x24e/0x790 [ 298.912707][T10035] ? __pfx_copy_vma_and_data+0x10/0x10 [ 298.912726][T10035] ? __vma_enter_locked+0x163/0x3f0 [ 298.912749][T10035] ? find_held_lock+0x2b/0x80 [ 298.912765][T10035] ? move_vma+0x52e/0x1770 [ 298.912777][T10035] ? __vm_enough_memory+0x184/0x3f0 [ 298.912800][T10035] move_vma+0x540/0x1770 [ 298.912816][T10035] ? __pfx_move_vma+0x10/0x10 [ 298.912832][T10035] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 298.912850][T10035] ? cap_mmap_addr+0x4b/0x120 [ 298.912868][T10035] ? bpf_lsm_mmap_addr+0x9/0x10 [ 298.912882][T10035] ? security_mmap_addr+0x6c/0x1e0 [ 298.912897][T10035] ? __get_unmapped_area+0x267/0x440 [ 298.912915][T10035] ? vrm_set_new_addr+0x208/0x290 [ 298.912930][T10035] mremap_to+0x1b7/0x450 [ 298.912944][T10035] do_mremap+0x13a8/0x2020 [ 298.912959][T10035] ? futex_private_hash_put+0x50/0x190 [ 298.912981][T10035] ? __pfx_do_mremap+0x10/0x10 [ 298.912999][T10035] ? ksys_write+0x190/0x250 [ 298.913018][T10035] __do_sys_mremap+0x119/0x170 [ 298.913031][T10035] ? __pfx___do_sys_mremap+0x10/0x10 [ 298.913053][T10035] ? __x64_sys_futex+0x1e0/0x4c0 [ 298.913082][T10035] do_syscall_64+0xcd/0xfa0 [ 298.913099][T10035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.913113][T10035] RIP: 0033:0x7f2e0978f7c9 [ 298.913125][T10035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.913139][T10035] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 298.913153][T10035] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 298.913163][T10035] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 298.913171][T10035] RBP: 00007f2e09813f91 R08: 0000000100000000 R09: 0000000000000000 [ 298.913180][T10035] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 298.913188][T10035] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 298.913207][T10035] [ 299.373947][T10039] FAULT_INJECTION: forcing a failure. [ 299.373947][T10039] name fail_futex, interval 1, probability 0, space 0, times 0 [ 299.386806][T10039] CPU: 0 UID: 0 PID: 10039 Comm: syz.1.884 Not tainted syzkaller #0 PREEMPT(full) [ 299.386827][T10039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 299.386835][T10039] Call Trace: [ 299.386840][T10039] [ 299.386846][T10039] dump_stack_lvl+0x16c/0x1f0 [ 299.386867][T10039] should_fail_ex+0x512/0x640 [ 299.386891][T10039] get_futex_key+0x293/0x1560 [ 299.386913][T10039] ? __pfx_get_futex_key+0x10/0x10 [ 299.386930][T10039] ? __mutex_trylock_common+0xe9/0x250 [ 299.386955][T10039] futex_wake+0xea/0x530 [ 299.386977][T10039] ? __pfx_futex_wake+0x10/0x10 [ 299.386996][T10039] ? __lock_acquire+0xb8a/0x1c90 [ 299.387022][T10039] do_futex+0x1e3/0x350 [ 299.387041][T10039] ? __pfx_do_futex+0x10/0x10 [ 299.387057][T10039] ? __might_fault+0xe3/0x190 [ 299.387076][T10039] mm_release+0x24e/0x300 [ 299.387092][T10039] do_exit+0x68e/0x2bf0 [ 299.387115][T10039] ? __pfx_do_exit+0x10/0x10 [ 299.387133][T10039] ? do_raw_spin_lock+0x12c/0x2b0 [ 299.387153][T10039] ? find_held_lock+0x2b/0x80 [ 299.387170][T10039] do_group_exit+0xd3/0x2a0 [ 299.387189][T10039] get_signal+0x2671/0x26d0 [ 299.387207][T10039] ? kmem_cache_free+0x2d4/0x6c0 [ 299.387226][T10039] ? __pfx_get_signal+0x10/0x10 [ 299.387241][T10039] ? do_futex+0x122/0x350 [ 299.387259][T10039] ? __pfx_do_futex+0x10/0x10 [ 299.387279][T10039] arch_do_signal_or_restart+0x8f/0x790 [ 299.387298][T10039] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 299.387318][T10039] ? bpf_lsm_capable+0x9/0x10 [ 299.387343][T10039] exit_to_user_mode_loop+0x85/0x130 [ 299.387365][T10039] do_syscall_64+0x426/0xfa0 [ 299.387383][T10039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.387398][T10039] RIP: 0033:0x7f1ba118f7c9 [ 299.387409][T10039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 299.387423][T10039] RSP: 002b:00007f1ba20700e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 299.387437][T10039] RAX: fffffffffffffe00 RBX: 00007f1ba13e6098 RCX: 00007f1ba118f7c9 [ 299.387446][T10039] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1ba13e6098 [ 299.387455][T10039] RBP: 00007f1ba13e6090 R08: 0000000000000000 R09: 0000000000000000 [ 299.387463][T10039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 299.387471][T10039] R13: 00007f1ba13e6128 R14: 00007ffde8810900 R15: 00007ffde88109e8 [ 299.387489][T10039] [ 299.663770][T10042] sp0: Synchronizing with TNC [ 299.686321][T10044] netlink: 20 bytes leftover after parsing attributes in process `syz.2.885'. [ 299.733488][T10045] ptp ptp0: only physical clock in use now [ 301.376849][T10080] blktrace: Concurrent blktraces are not allowed on loop2 [ 301.384039][T10080] blktrace: Concurrent blktraces are not allowed on loop2 [ 301.987941][T10080] blktrace: Concurrent blktraces are not allowed on loop2 [ 302.008236][T10093] netlink: 342 bytes leftover after parsing attributes in process `syz.3.898'. [ 302.046273][T10080] blktrace: Concurrent blktraces are not allowed on loop2 [ 302.087205][T10080] blktrace: Concurrent blktraces are not allowed on loop2 [ 302.482383][T10107] ip6_vti0: entered allmulticast mode [ 302.881003][T10120] FAULT_INJECTION: forcing a failure. [ 302.881003][T10120] name failslab, interval 1, probability 0, space 0, times 0 [ 302.965840][T10120] CPU: 0 UID: 0 PID: 10120 Comm: syz.3.905 Not tainted syzkaller #0 PREEMPT(full) [ 302.965864][T10120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 302.965873][T10120] Call Trace: [ 302.965878][T10120] [ 302.965889][T10120] dump_stack_lvl+0x16c/0x1f0 [ 302.965912][T10120] should_fail_ex+0x512/0x640 [ 302.965932][T10120] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 302.965949][T10120] should_failslab+0xc2/0x120 [ 302.965969][T10120] kmem_cache_alloc_noprof+0x75/0x6e0 [ 302.965982][T10120] ? alloc_empty_file+0x55/0x1e0 [ 302.966009][T10120] ? alloc_empty_file+0x55/0x1e0 [ 302.966025][T10120] ? _raw_spin_unlock+0x28/0x50 [ 302.966039][T10120] alloc_empty_file+0x55/0x1e0 [ 302.966058][T10120] alloc_file_pseudo+0x13a/0x230 [ 302.966077][T10120] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 302.966097][T10120] ? security_inode_init_security_anon+0x79/0x240 [ 302.966122][T10120] secretmem_file_create.constprop.0+0x89/0x290 [ 302.966140][T10120] __x64_sys_memfd_secret+0xc1/0x150 [ 302.966156][T10120] do_syscall_64+0xcd/0xfa0 [ 302.966173][T10120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.966187][T10120] RIP: 0033:0x7f4059d8f7c9 [ 302.966199][T10120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 302.966211][T10120] RSP: 002b:00007f405abd9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 302.966225][T10120] RAX: ffffffffffffffda RBX: 00007f4059fe5fa0 RCX: 00007f4059d8f7c9 [ 302.966234][T10120] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 302.966242][T10120] RBP: 00007f4059e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 302.966253][T10120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 302.966261][T10120] R13: 00007f4059fe6038 R14: 00007f4059fe5fa0 R15: 00007ffe398b69c8 [ 302.966280][T10120] [ 303.149549][ C0] vkms_vblank_simulate: vblank timer overrun [ 304.289352][T10180] netlink: 29 bytes leftover after parsing attributes in process `syz.1.913'. [ 304.337639][ T52] Bluetooth: hci1: unexpected event 0x02 length: 726 > 260 [ 304.605975][T10184] netlink: 342 bytes leftover after parsing attributes in process `syz.3.914'. [ 306.598734][T10220] netlink: 342 bytes leftover after parsing attributes in process `syz.1.922'. [ 307.512051][T10241] netlink: 4 bytes leftover after parsing attributes in process `syz.4.925'. [ 307.596624][T10241] netlink: 334 bytes leftover after parsing attributes in process `syz.4.925'. [ 307.646831][T10241] netlink: 334 bytes leftover after parsing attributes in process `syz.4.925'. [ 307.837501][T10244] FAULT_INJECTION: forcing a failure. [ 307.837501][T10244] name failslab, interval 1, probability 0, space 0, times 0 [ 307.929334][T10244] CPU: 0 UID: 0 PID: 10244 Comm: syz.1.926 Not tainted syzkaller #0 PREEMPT(full) [ 307.929356][T10244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 307.929366][T10244] Call Trace: [ 307.929371][T10244] [ 307.929377][T10244] dump_stack_lvl+0x16c/0x1f0 [ 307.929399][T10244] should_fail_ex+0x512/0x640 [ 307.929420][T10244] ? __kmalloc_noprof+0xca/0x880 [ 307.929435][T10244] should_failslab+0xc2/0x120 [ 307.929454][T10244] __kmalloc_noprof+0xdd/0x880 [ 307.929466][T10244] ? memcg_list_lru_alloc+0x4e9/0x740 [ 307.929488][T10244] ? memcg_list_lru_alloc+0x4e9/0x740 [ 307.929501][T10244] memcg_list_lru_alloc+0x4e9/0x740 [ 307.929520][T10244] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 307.929544][T10244] __memcg_slab_post_alloc_hook+0x133/0x940 [ 307.929567][T10244] ? kasan_save_track+0x14/0x30 [ 307.929586][T10244] kmem_cache_alloc_lru_noprof+0x556/0x6e0 [ 307.929600][T10244] ? rcu_is_watching+0x12/0xc0 [ 307.929615][T10244] ? __d_alloc+0x32/0xae0 [ 307.929634][T10244] ? __d_alloc+0x32/0xae0 [ 307.929647][T10244] __d_alloc+0x32/0xae0 [ 307.929664][T10244] d_alloc_pseudo+0x1c/0xc0 [ 307.929682][T10244] alloc_file_pseudo+0xcf/0x230 [ 307.929702][T10244] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 307.929722][T10244] ? security_inode_init_security_anon+0x79/0x240 [ 307.929747][T10244] secretmem_file_create.constprop.0+0x89/0x290 [ 307.929765][T10244] __x64_sys_memfd_secret+0xc1/0x150 [ 307.929781][T10244] do_syscall_64+0xcd/0xfa0 [ 307.929799][T10244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.929813][T10244] RIP: 0033:0x7f1ba118f7c9 [ 307.929825][T10244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 307.929838][T10244] RSP: 002b:00007f1ba2091038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 307.929851][T10244] RAX: ffffffffffffffda RBX: 00007f1ba13e5fa0 RCX: 00007f1ba118f7c9 [ 307.929861][T10244] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 307.929869][T10244] RBP: 00007f1ba1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 307.929877][T10244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 307.929885][T10244] R13: 00007f1ba13e6038 R14: 00007f1ba13e5fa0 R15: 00007ffde88109e8 [ 307.929903][T10244] [ 308.161240][ C0] vkms_vblank_simulate: vblank timer overrun [ 309.556674][ T52] Bluetooth: hci2: unexpected event 0x35 length: 13 > 6 [ 310.278813][T10297] futex_wake_op: syz.1.938 tries to shift op by -2048; fix this program [ 310.652944][T10303] sp0: Synchronizing with TNC [ 310.749819][T10303] ptp ptp0: only physical clock in use now [ 311.010247][T10313] QAT: Stopping all acceleration devices. [ 311.146741][T10317] program syz.4.944 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 311.966562][T10331] FAULT_INJECTION: forcing a failure. [ 311.966562][T10331] name failslab, interval 1, probability 0, space 0, times 0 [ 312.009606][T10331] CPU: 0 UID: 0 PID: 10331 Comm: syz.2.949 Not tainted syzkaller #0 PREEMPT(full) [ 312.009630][T10331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 312.009639][T10331] Call Trace: [ 312.009645][T10331] [ 312.009651][T10331] dump_stack_lvl+0x16c/0x1f0 [ 312.009675][T10331] should_fail_ex+0x512/0x640 [ 312.009696][T10331] ? __kmalloc_noprof+0xca/0x880 [ 312.009711][T10331] should_failslab+0xc2/0x120 [ 312.009731][T10331] __kmalloc_noprof+0xdd/0x880 [ 312.009743][T10331] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 312.009763][T10331] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 312.009778][T10331] apply_wqattrs_prepare+0xf8/0xbd0 [ 312.009800][T10331] apply_workqueue_attrs_locked+0x64/0xe0 [ 312.009816][T10331] __alloc_workqueue+0xf3f/0x1810 [ 312.009836][T10331] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 312.009854][T10331] alloc_workqueue_noprof+0xd2/0x200 [ 312.009871][T10331] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 312.009893][T10331] ? __pfx___debug_object_init+0x10/0x10 [ 312.009914][T10331] nci_register_device+0x511/0xb80 [ 312.009930][T10331] ? __pfx_nci_register_device+0x10/0x10 [ 312.009946][T10331] ? lockdep_init_map_type+0x5c/0x280 [ 312.009969][T10331] virtual_ncidev_open+0x141/0x220 [ 312.009985][T10331] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 312.010000][T10331] misc_open+0x26d/0x450 [ 312.010020][T10331] ? __pfx_misc_open+0x10/0x10 [ 312.010038][T10331] chrdev_open+0x234/0x6a0 [ 312.010054][T10331] ? __pfx_apparmor_file_open+0x10/0x10 [ 312.010075][T10331] ? __pfx_chrdev_open+0x10/0x10 [ 312.010092][T10331] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 312.010112][T10331] do_dentry_open+0x982/0x1530 [ 312.010128][T10331] ? __pfx_chrdev_open+0x10/0x10 [ 312.010148][T10331] vfs_open+0x82/0x3f0 [ 312.010169][T10331] path_openat+0x1de4/0x2cb0 [ 312.010190][T10331] ? __pfx_path_openat+0x10/0x10 [ 312.010206][T10331] ? __lock_acquire+0xb8a/0x1c90 [ 312.010226][T10331] do_filp_open+0x20b/0x470 [ 312.010241][T10331] ? __pfx_do_filp_open+0x10/0x10 [ 312.010269][T10331] ? alloc_fd+0x471/0x7d0 [ 312.010288][T10331] do_sys_openat2+0x11b/0x1d0 [ 312.010307][T10331] ? __pfx_do_sys_openat2+0x10/0x10 [ 312.010327][T10331] ? __fput+0x68d/0xb70 [ 312.010348][T10331] __x64_sys_openat+0x174/0x210 [ 312.010367][T10331] ? __pfx___x64_sys_openat+0x10/0x10 [ 312.010394][T10331] do_syscall_64+0xcd/0xfa0 [ 312.010412][T10331] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 312.010426][T10331] RIP: 0033:0x7f2e0978f7c9 [ 312.010439][T10331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 312.010453][T10331] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 312.010467][T10331] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 312.010476][T10331] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 312.010484][T10331] RBP: 00007f2e09813f91 R08: 0000000000000000 R09: 0000000000000000 [ 312.010492][T10331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 312.010500][T10331] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 312.010519][T10331] [ 312.317023][ C0] vkms_vblank_simulate: vblank timer overrun [ 313.211879][T10363] netlink: 20 bytes leftover after parsing attributes in process `syz.3.955'. [ 313.582815][T10374] netlink: 8 bytes leftover after parsing attributes in process `syz.3.959'. [ 313.763112][T10377] blktrace: Concurrent blktraces are not allowed on loop2 [ 313.860740][T10377] ima: Unable to open file: /surit‹¯Ròy/integrity?iqa/policy (-2) [ 314.545945][T10384] netlink: 342 bytes leftover after parsing attributes in process `syz.4.961'. [ 314.583046][T10373] ima: policy update failed [ 314.602515][ T30] audit: type=1802 audit(4294970570.591:9): pid=10373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.959" res=0 errno=0 [ 315.403649][T10402] kvm_intel: kvm [10401]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0x2 [ 315.979432][T10423] sp0: Synchronizing with TNC [ 316.106365][T10424] ptp ptp0: only physical clock in use now [ 316.133265][T10427] FAULT_INJECTION: forcing a failure. [ 316.133265][T10427] name failslab, interval 1, probability 0, space 0, times 0 [ 316.201236][T10427] CPU: 0 UID: 0 PID: 10427 Comm: syz.2.971 Not tainted syzkaller #0 PREEMPT(full) [ 316.201259][T10427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 316.201267][T10427] Call Trace: [ 316.201273][T10427] [ 316.201279][T10427] dump_stack_lvl+0x16c/0x1f0 [ 316.201303][T10427] should_fail_ex+0x512/0x640 [ 316.201323][T10427] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 316.201341][T10427] should_failslab+0xc2/0x120 [ 316.201359][T10427] kmem_cache_alloc_noprof+0x75/0x6e0 [ 316.201374][T10427] ? alloc_empty_file+0x55/0x1e0 [ 316.201397][T10427] ? alloc_empty_file+0x55/0x1e0 [ 316.201414][T10427] ? _raw_spin_unlock+0x28/0x50 [ 316.201427][T10427] alloc_empty_file+0x55/0x1e0 [ 316.201446][T10427] alloc_file_pseudo+0x13a/0x230 [ 316.201466][T10427] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 316.201485][T10427] ? security_inode_init_security_anon+0x79/0x240 [ 316.201510][T10427] secretmem_file_create.constprop.0+0x89/0x290 [ 316.201529][T10427] __x64_sys_memfd_secret+0xc1/0x150 [ 316.201545][T10427] do_syscall_64+0xcd/0xfa0 [ 316.201561][T10427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 316.201576][T10427] RIP: 0033:0x7f2e0978f7c9 [ 316.201587][T10427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 316.201600][T10427] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 316.201623][T10427] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 316.201633][T10427] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 316.201641][T10427] RBP: 00007f2e09813f91 R08: 0000000000000000 R09: 0000000000000000 [ 316.201650][T10427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 316.201658][T10427] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 316.201678][T10427] [ 316.386175][ C0] vkms_vblank_simulate: vblank timer overrun [ 317.109307][T10450] FAULT_INJECTION: forcing a failure. [ 317.109307][T10450] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 317.167312][T10450] CPU: 0 UID: 0 PID: 10450 Comm: syz.2.976 Not tainted syzkaller #0 PREEMPT(full) [ 317.167334][T10450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 317.167342][T10450] Call Trace: [ 317.167347][T10450] [ 317.167353][T10450] dump_stack_lvl+0x16c/0x1f0 [ 317.167375][T10450] should_fail_ex+0x512/0x640 [ 317.167399][T10450] _copy_to_iter+0x29f/0x1710 [ 317.167414][T10450] ? chacha_block_generic+0x211/0x330 [ 317.167428][T10450] ? __pfx__copy_to_iter+0x10/0x10 [ 317.167443][T10450] ? lockdep_hardirqs_on+0x7c/0x110 [ 317.167460][T10450] ? crng_make_state+0x48e/0x6d0 [ 317.167481][T10450] get_random_bytes_user+0x17f/0x3c0 [ 317.167501][T10450] ? __pfx_get_random_bytes_user+0x10/0x10 [ 317.167524][T10450] ? do_futex+0x122/0x350 [ 317.167547][T10450] ? import_ubuf+0x1b6/0x220 [ 317.167569][T10450] __x64_sys_getrandom+0x183/0x290 [ 317.167589][T10450] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 317.167617][T10450] do_syscall_64+0xcd/0xfa0 [ 317.167635][T10450] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.167649][T10450] RIP: 0033:0x7f2e0978f7c9 [ 317.167660][T10450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 317.167673][T10450] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 317.167687][T10450] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 317.167696][T10450] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 317.167705][T10450] RBP: 00007f2e09813f91 R08: 0000000000000000 R09: 0000000000000000 [ 317.167713][T10450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.167721][T10450] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 317.167739][T10450] [ 317.349301][ C0] vkms_vblank_simulate: vblank timer overrun [ 317.513381][T10456] input: f¬ as /devices/virtual/input/input17 [ 317.522046][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.528377][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.316511][T10476] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 318.458047][T10480] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 318.538304][T10480] netlink: 342 bytes leftover after parsing attributes in process `syz.4.984'. [ 319.055134][T10477] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 320.177117][T10503] xs_local_setup_socket: unhandled error (13) connecting to /var/run/rpcbind.sock [ 320.558808][ T30] audit: type=1806 audit(4294970576.548:10): xattr=01 res=-22 [ 320.590015][T10511] __vm_enough_memory: pid: 10511, comm: syz.2.990, bytes: 4398046511104 not enough memory for the allocation [ 321.258960][T10536] blktrace: Concurrent blktraces are not allowed on loop5 [ 322.896497][T10562] zswap: compressor - not available [ 323.292658][T10562] FAULT_INJECTION: forcing a failure. [ 323.292658][T10562] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 323.345219][T10562] CPU: 0 UID: 0 PID: 10562 Comm: syz.2.1001 Not tainted syzkaller #0 PREEMPT(full) [ 323.345241][T10562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 323.345251][T10562] Call Trace: [ 323.345256][T10562] [ 323.345262][T10562] dump_stack_lvl+0x16c/0x1f0 [ 323.345284][T10562] should_fail_ex+0x512/0x640 [ 323.345308][T10562] should_fail_alloc_page+0xe7/0x130 [ 323.345329][T10562] prepare_alloc_pages+0x3c2/0x610 [ 323.345347][T10562] ? rcu_is_watching+0x12/0xc0 [ 323.345364][T10562] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 323.345384][T10562] ? __lock_acquire+0x622/0x1c90 [ 323.345405][T10562] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 323.345427][T10562] ? __lock_acquire+0x622/0x1c90 [ 323.345448][T10562] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 323.345472][T10562] ? policy_nodemask+0xea/0x4e0 [ 323.345492][T10562] alloc_pages_mpol+0x1fb/0x550 [ 323.345510][T10562] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 323.345533][T10562] folio_alloc_mpol_noprof+0x36/0x2f0 [ 323.345554][T10562] vma_alloc_folio_noprof+0xed/0x1e0 [ 323.345574][T10562] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 323.345599][T10562] do_pte_missing+0x2202/0x3ba0 [ 323.345620][T10562] ? find_held_lock+0x2b/0x80 [ 323.345639][T10562] __handle_mm_fault+0x1556/0x2aa0 [ 323.345664][T10562] ? __pfx___handle_mm_fault+0x10/0x10 [ 323.345686][T10562] ? __pte_offset_map_lock+0x174/0x310 [ 323.345703][T10562] ? find_held_lock+0x2b/0x80 [ 323.345722][T10562] ? follow_page_pte+0x5cf/0x1390 [ 323.345743][T10562] handle_mm_fault+0x589/0xd10 [ 323.345767][T10562] __get_user_pages+0x54e/0x3530 [ 323.345793][T10562] ? __pfx___get_user_pages+0x10/0x10 [ 323.345816][T10562] populate_vma_page_range+0x267/0x3f0 [ 323.345836][T10562] ? __pfx_populate_vma_page_range+0x10/0x10 [ 323.345854][T10562] ? __pfx_find_vma_intersection+0x10/0x10 [ 323.345872][T10562] ? do_mmap+0x69c/0x1210 [ 323.345890][T10562] __mm_populate+0x1d8/0x380 [ 323.345910][T10562] ? __pfx___mm_populate+0x10/0x10 [ 323.345930][T10562] ? up_write+0x1b2/0x520 [ 323.345950][T10562] vm_mmap_pgoff+0x37f/0x470 [ 323.345978][T10562] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 323.346001][T10562] ? __x64_sys_futex+0x1e0/0x4c0 [ 323.346019][T10562] ? __x64_sys_futex+0x1e9/0x4c0 [ 323.346040][T10562] ksys_mmap_pgoff+0x7d/0x5c0 [ 323.346057][T10562] ? xfd_validate_state+0x61/0x180 [ 323.346075][T10562] ? __sys_setsockopt+0x140/0x1a0 [ 323.346097][T10562] __x64_sys_mmap+0x125/0x190 [ 323.346119][T10562] do_syscall_64+0xcd/0xfa0 [ 323.346137][T10562] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.346151][T10562] RIP: 0033:0x7f2e0978f7c9 [ 323.346164][T10562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 323.346178][T10562] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 323.346193][T10562] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 323.346203][T10562] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 323.346211][T10562] RBP: 00007f2e09813f91 R08: 0000000000000002 R09: 0000000000008000 [ 323.346220][T10562] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 323.346229][T10562] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 323.346248][T10562] [ 324.219302][T10575] FAULT_INJECTION: forcing a failure. [ 324.219302][T10575] name failslab, interval 1, probability 0, space 0, times 0 [ 324.256849][T10575] CPU: 0 UID: 0 PID: 10575 Comm: syz.3.1004 Not tainted syzkaller #0 PREEMPT(full) [ 324.256872][T10575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 324.256882][T10575] Call Trace: [ 324.256887][T10575] [ 324.256897][T10575] dump_stack_lvl+0x16c/0x1f0 [ 324.256920][T10575] should_fail_ex+0x512/0x640 [ 324.256942][T10575] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 324.256959][T10575] should_failslab+0xc2/0x120 [ 324.256976][T10575] kmem_cache_alloc_noprof+0x75/0x6e0 [ 324.256991][T10575] ? alloc_empty_file+0x55/0x1e0 [ 324.257014][T10575] ? alloc_empty_file+0x55/0x1e0 [ 324.257032][T10575] ? _raw_spin_unlock+0x28/0x50 [ 324.257045][T10575] alloc_empty_file+0x55/0x1e0 [ 324.257064][T10575] alloc_file_pseudo+0x13a/0x230 [ 324.257084][T10575] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 324.257103][T10575] ? security_inode_init_security_anon+0x79/0x240 [ 324.257128][T10575] secretmem_file_create.constprop.0+0x89/0x290 [ 324.257147][T10575] __x64_sys_memfd_secret+0xc1/0x150 [ 324.257163][T10575] do_syscall_64+0xcd/0xfa0 [ 324.257180][T10575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.257193][T10575] RIP: 0033:0x7f4059d8f7c9 [ 324.257205][T10575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 324.257219][T10575] RSP: 002b:00007f405abd9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 324.257233][T10575] RAX: ffffffffffffffda RBX: 00007f4059fe5fa0 RCX: 00007f4059d8f7c9 [ 324.257242][T10575] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 324.257250][T10575] RBP: 00007f4059e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 324.257258][T10575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 324.257266][T10575] R13: 00007f4059fe6038 R14: 00007f4059fe5fa0 R15: 00007ffe398b69c8 [ 324.257284][T10575] [ 325.789700][T10596] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1009'. [ 325.992205][T10606] sp0: Synchronizing with TNC [ 326.091059][T10607] ptp ptp0: only physical clock in use now [ 326.374016][T10611] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1013'. [ 326.394651][T10617] netlink: 326 bytes leftover after parsing attributes in process `syz.4.1015'. [ 326.489811][T10617] bridge0: port 2(bridge_slave_1) entered disabled state [ 326.497753][T10617] bridge0: port 1(bridge_slave_0) entered disabled state [ 327.159356][T10624] bond0: option packets_per_slave: invalid value ( Xµn‘pæ) [ 327.166913][T10624] bond0: option packets_per_slave: allowed values 0 - 65535 [ 327.271933][T10624] Invalid ELF header magic: != ELF [ 328.701841][T10661] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1026'. [ 328.752444][T10666] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1028'. [ 328.828611][T10670] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1028'. [ 328.884088][T10666] netlink: 134 bytes leftover after parsing attributes in process `syz.3.1028'. [ 330.277989][T10710] FAULT_INJECTION: forcing a failure. [ 330.277989][T10710] name failslab, interval 1, probability 0, space 0, times 0 [ 330.428449][T10710] CPU: 0 UID: 0 PID: 10710 Comm: syz.1.1040 Not tainted syzkaller #0 PREEMPT(full) [ 330.428471][T10710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 330.428480][T10710] Call Trace: [ 330.428485][T10710] [ 330.428491][T10710] dump_stack_lvl+0x16c/0x1f0 [ 330.428514][T10710] should_fail_ex+0x512/0x640 [ 330.428535][T10710] ? __kmalloc_noprof+0xca/0x880 [ 330.428550][T10710] should_failslab+0xc2/0x120 [ 330.428568][T10710] __kmalloc_noprof+0xdd/0x880 [ 330.428580][T10710] ? __lock_acquire+0x622/0x1c90 [ 330.428597][T10710] ? sk_prot_alloc+0x1a8/0x2a0 [ 330.428617][T10710] ? sk_prot_alloc+0x1a8/0x2a0 [ 330.428631][T10710] sk_prot_alloc+0x1a8/0x2a0 [ 330.428648][T10710] sk_alloc+0x36/0xc20 [ 330.428668][T10710] pppoe_create+0x32/0x360 [ 330.428685][T10710] pppox_create+0x15c/0x2c0 [ 330.428702][T10710] __sock_create+0x338/0x8d0 [ 330.428721][T10710] __sys_socket+0x14d/0x260 [ 330.428738][T10710] ? __fget_files+0x20e/0x3c0 [ 330.428752][T10710] ? __pfx___sys_socket+0x10/0x10 [ 330.428769][T10710] ? xfd_validate_state+0x61/0x180 [ 330.428792][T10710] __x64_sys_socket+0x72/0xb0 [ 330.428808][T10710] ? lockdep_hardirqs_on+0x7c/0x110 [ 330.428824][T10710] do_syscall_64+0xcd/0xfa0 [ 330.428841][T10710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 330.428855][T10710] RIP: 0033:0x7f1ba118f7c9 [ 330.428867][T10710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 330.428880][T10710] RSP: 002b:00007f1ba2070038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 330.428894][T10710] RAX: ffffffffffffffda RBX: 00007f1ba13e6090 RCX: 00007f1ba118f7c9 [ 330.428903][T10710] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000018 [ 330.428911][T10710] RBP: 00007f1ba1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 330.428919][T10710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 330.428927][T10710] R13: 00007f1ba13e6128 R14: 00007f1ba13e6090 R15: 00007ffde88109e8 [ 330.428945][T10710] [ 330.650465][T10721] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1042'. [ 331.339621][T10727] netlink: 'syz.2.1045': attribute type 12 has an invalid length. [ 331.475593][T10737] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1047'. [ 332.239263][T10754] block2mtd: error: cannot open device çinX‘©¼Ëò¨±ÂÚjFBçB>U»;߸³Ilk¬ [ 332.306691][T10754] ptp ptp0: only physical clock in use now [ 334.690764][T10806] ovs_: entered promiscuous mode [ 336.011482][T10838] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1069'. [ 336.259978][T10847] warning: `syz.4.1068' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 337.721959][T10884] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1078'. [ 337.790618][T10884] nbd: must specify an index to disconnect [ 337.947809][T10888] sp0: Synchronizing with TNC [ 338.028227][T10888] ptp ptp0: only physical clock in use now [ 338.489312][T10890] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.067907][T10899] wlan1: mtu less than device minimum [ 339.478184][T10890] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 339.621188][T10913] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1087'. [ 339.898673][T10890] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 340.178069][T10890] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 342.119010][T10961] usb usb2: usbfs: process 10961 (syz.2.1098) did not claim interface 4 before use [ 342.268296][T10962] sg_write: data in/out 8156/1 bytes for SCSI command 0x0-- guessing data in; [ 342.268296][T10962] program syz.2.1098 not setting count and/or reply_len properly [ 342.793654][T10975] netlink: 252 bytes leftover after parsing attributes in process `syz.4.1101'. [ 342.851534][T10975] unsupported nla_type 65535 [ 343.075428][T10977] netlink: 330 bytes leftover after parsing attributes in process `syz.4.1102'. [ 343.121607][T10977] mac80211_hwsim hwsim17 ›: renamed from wlan0 (while UP) [ 345.476748][T11028] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1115'. [ 346.250777][T11040] FAULT_INJECTION: forcing a failure. [ 346.250777][T11040] name failslab, interval 1, probability 0, space 0, times 0 [ 346.300663][T11040] CPU: 0 UID: 0 PID: 11040 Comm: syz.4.1118 Not tainted syzkaller #0 PREEMPT(full) [ 346.300684][T11040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 346.300696][T11040] Call Trace: [ 346.300701][T11040] [ 346.300707][T11040] dump_stack_lvl+0x16c/0x1f0 [ 346.300728][T11040] should_fail_ex+0x512/0x640 [ 346.300749][T11040] ? fs_reclaim_acquire+0xae/0x150 [ 346.300769][T11040] should_failslab+0xc2/0x120 [ 346.300788][T11040] __kmalloc_noprof+0xdd/0x880 [ 346.300800][T11040] ? kfree+0x252/0x6d0 [ 346.300811][T11040] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 346.300831][T11040] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 346.300847][T11040] tomoyo_realpath_from_path+0xc2/0x6e0 [ 346.300868][T11040] tomoyo_get_exe+0x63/0xa0 [ 346.300887][T11040] tomoyo_write_control+0x689/0x1430 [ 346.300924][T11040] ? __pfx_tomoyo_write_control+0x10/0x10 [ 346.300948][T11040] ? __pfx_tomoyo_write+0x10/0x10 [ 346.300963][T11040] vfs_write+0x2a0/0x11d0 [ 346.300982][T11040] ? __pfx___mutex_lock+0x10/0x10 [ 346.301000][T11040] ? __pfx_vfs_write+0x10/0x10 [ 346.301020][T11040] ? __fget_files+0x20e/0x3c0 [ 346.301040][T11040] ksys_write+0x12a/0x250 [ 346.301055][T11040] ? __pfx_ksys_write+0x10/0x10 [ 346.301076][T11040] do_syscall_64+0xcd/0xfa0 [ 346.301095][T11040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.301109][T11040] RIP: 0033:0x7fa8caf8f7c9 [ 346.301121][T11040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 346.301134][T11040] RSP: 002b:00007fa8cbe3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 346.301147][T11040] RAX: ffffffffffffffda RBX: 00007fa8cb1e5fa0 RCX: 00007fa8caf8f7c9 [ 346.301156][T11040] RDX: 00000000000004d1 RSI: 0000000000000000 RDI: 0000000000000003 [ 346.301164][T11040] RBP: 00007fa8cbe3f090 R08: 0000000000000000 R09: 0000000000000000 [ 346.301173][T11040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 346.301181][T11040] R13: 00007fa8cb1e6038 R14: 00007fa8cb1e5fa0 R15: 00007ffd72640cf8 [ 346.301200][T11040] [ 346.301248][T11040] ERROR: Out of memory at tomoyo_realpath_from_path. [ 350.110360][T11109] zswap: compressor - not available [ 350.165579][T11115] nbd: must specify a size in bytes for the device [ 351.530177][T11135] overlayfs: missing 'lowerdir' [ 352.932018][T11151] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 352.938082][T11151] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 353.011676][T11151] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 353.043060][T11151] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 354.880709][ T52] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 354.890133][ T52] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 354.898287][ T52] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 354.912889][ T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 354.925917][ T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 354.957218][ T5150] Bluetooth: hci2: command 0x0c1a tx timeout [ 354.963390][ T52] Bluetooth: hci1: command 0x0c1a tx timeout [ 355.038962][ T5150] Bluetooth: hci3: command 0x0c1a tx timeout [ 355.121657][ T5150] Bluetooth: hci0: command 0x0c1a tx timeout [ 355.366433][T11212] FAULT_INJECTION: forcing a failure. [ 355.366433][T11212] name failslab, interval 1, probability 0, space 0, times 0 [ 355.452675][T11212] CPU: 0 UID: 0 PID: 11212 Comm: syz.2.1154 Not tainted syzkaller #0 PREEMPT(full) [ 355.452697][T11212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 355.452706][T11212] Call Trace: [ 355.452711][T11212] [ 355.452717][T11212] dump_stack_lvl+0x16c/0x1f0 [ 355.452741][T11212] should_fail_ex+0x512/0x640 [ 355.452762][T11212] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 355.452779][T11212] should_failslab+0xc2/0x120 [ 355.452798][T11212] kmem_cache_alloc_noprof+0x75/0x6e0 [ 355.452812][T11212] ? mpol_new+0x11b/0x2d0 [ 355.452831][T11212] ? mpol_new+0x11b/0x2d0 [ 355.452846][T11212] mpol_new+0x11b/0x2d0 [ 355.452863][T11212] do_set_mempolicy+0x83/0x480 [ 355.452880][T11212] ? __pfx_do_set_mempolicy+0x10/0x10 [ 355.452898][T11212] ? __x64_sys_futex+0x1e0/0x4c0 [ 355.452919][T11212] kernel_set_mempolicy+0x1c4/0x1e0 [ 355.452937][T11212] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 355.452960][T11212] do_syscall_64+0xcd/0xfa0 [ 355.452978][T11212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 355.452992][T11212] RIP: 0033:0x7f2e0978f7c9 [ 355.453004][T11212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 355.453017][T11212] RSP: 002b:00007f2e0a675038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ee [ 355.453030][T11212] RAX: ffffffffffffffda RBX: 00007f2e099e6090 RCX: 00007f2e0978f7c9 [ 355.453039][T11212] RDX: 0000000000000007 RSI: 0000200000000000 RDI: 0000000000004006 [ 355.453047][T11212] RBP: 00007f2e09813f91 R08: 0000000000000000 R09: 0000000000000000 [ 355.453055][T11212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 355.453063][T11212] R13: 00007f2e099e6128 R14: 00007f2e099e6090 R15: 00007ffc1a5a95e8 [ 355.453081][T11212] [ 356.152221][T11221] chnl_net:caif_netlink_parms(): no params data found [ 356.431676][T11221] bridge0: port 1(bridge_slave_0) entered blocking state [ 356.466556][T11221] bridge0: port 1(bridge_slave_0) entered disabled state [ 356.496702][T11221] bridge_slave_0: entered allmulticast mode [ 356.530848][T11221] bridge_slave_0: entered promiscuous mode [ 356.568739][T11221] bridge0: port 2(bridge_slave_1) entered blocking state [ 356.605264][T11221] bridge0: port 2(bridge_slave_1) entered disabled state [ 356.639881][T11221] bridge_slave_1: entered allmulticast mode [ 356.673680][T11221] bridge_slave_1: entered promiscuous mode [ 356.837231][T11221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 356.896364][T11221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 357.033723][ T5150] Bluetooth: hci4: command tx timeout [ 357.186712][T11221] team0: Port device team_slave_0 added [ 357.213122][T11221] team0: Port device team_slave_1 added [ 357.342429][T11221] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 357.371925][T11221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 357.483385][T11271] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1164'. [ 357.509464][T11221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 357.558855][T11221] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 357.598417][T11221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 357.732459][T11221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 358.106905][T11221] hsr_slave_0: entered promiscuous mode [ 358.154882][T11221] hsr_slave_1: entered promiscuous mode [ 358.160900][T11221] debugfs: 'hsr0' already exists in 'hsr' [ 358.232746][T11221] Cannot create hsr debugfs directory [ 358.715622][T11286] ubi: mtd0 is already attached to ubi1 [ 359.118533][ T5150] Bluetooth: hci4: command tx timeout [ 359.351041][T11221] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 359.400172][T11221] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 359.498110][T11221] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 359.538517][T11221] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 359.747896][T11303] FAULT_INJECTION: forcing a failure. [ 359.747896][T11303] name failslab, interval 1, probability 0, space 0, times 0 [ 359.808209][T11303] CPU: 0 UID: 0 PID: 11303 Comm: syz.1.1171 Not tainted syzkaller #0 PREEMPT(full) [ 359.808236][T11303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 359.808246][T11303] Call Trace: [ 359.808251][T11303] [ 359.808257][T11303] dump_stack_lvl+0x16c/0x1f0 [ 359.808280][T11303] should_fail_ex+0x512/0x640 [ 359.808304][T11303] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 359.808323][T11303] should_failslab+0xc2/0x120 [ 359.808344][T11303] kmem_cache_alloc_noprof+0x75/0x6e0 [ 359.808360][T11303] ? alloc_empty_file+0x55/0x1e0 [ 359.808385][T11303] ? alloc_empty_file+0x55/0x1e0 [ 359.808405][T11303] ? _raw_spin_unlock+0x28/0x50 [ 359.808420][T11303] alloc_empty_file+0x55/0x1e0 [ 359.808449][T11303] alloc_file_pseudo+0x13a/0x230 [ 359.808472][T11303] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 359.808494][T11303] ? security_inode_init_security_anon+0x79/0x240 [ 359.808522][T11303] secretmem_file_create.constprop.0+0x89/0x290 [ 359.808543][T11303] __x64_sys_memfd_secret+0xc1/0x150 [ 359.808561][T11303] do_syscall_64+0xcd/0xfa0 [ 359.808581][T11303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 359.808597][T11303] RIP: 0033:0x7f1ba118f7c9 [ 359.808611][T11303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 359.808626][T11303] RSP: 002b:00007f1ba2091038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 359.808641][T11303] RAX: ffffffffffffffda RBX: 00007f1ba13e5fa0 RCX: 00007f1ba118f7c9 [ 359.808651][T11303] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 359.808661][T11303] RBP: 00007f1ba1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 359.808670][T11303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 359.808679][T11303] R13: 00007f1ba13e6038 R14: 00007f1ba13e5fa0 R15: 00007ffde88109e8 [ 359.808699][T11303] [ 360.480609][T11307] FAULT_INJECTION: forcing a failure. [ 360.480609][T11307] name failslab, interval 1, probability 0, space 0, times 0 [ 360.519655][T11309] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1173'. [ 360.667198][T11307] CPU: 0 UID: 0 PID: 11307 Comm: syz.4.1172 Not tainted syzkaller #0 PREEMPT(full) [ 360.667221][T11307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 360.667229][T11307] Call Trace: [ 360.667234][T11307] [ 360.667240][T11307] dump_stack_lvl+0x16c/0x1f0 [ 360.667261][T11307] should_fail_ex+0x512/0x640 [ 360.667283][T11307] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 360.667299][T11307] should_failslab+0xc2/0x120 [ 360.667318][T11307] kmem_cache_alloc_noprof+0x75/0x6e0 [ 360.667332][T11307] ? security_file_alloc+0x34/0x2b0 [ 360.667350][T11307] ? security_file_alloc+0x34/0x2b0 [ 360.667364][T11307] security_file_alloc+0x34/0x2b0 [ 360.667379][T11307] init_file+0x93/0x4c0 [ 360.667398][T11307] alloc_empty_file+0x73/0x1e0 [ 360.667418][T11307] path_openat+0xda/0x2cb0 [ 360.667439][T11307] ? __pfx_path_openat+0x10/0x10 [ 360.667455][T11307] ? __lock_acquire+0xb8a/0x1c90 [ 360.667476][T11307] do_filp_open+0x20b/0x470 [ 360.667492][T11307] ? __pfx_do_filp_open+0x10/0x10 [ 360.667519][T11307] ? alloc_fd+0x471/0x7d0 [ 360.667538][T11307] do_sys_openat2+0x11b/0x1d0 [ 360.667559][T11307] ? __pfx_do_sys_openat2+0x10/0x10 [ 360.667585][T11307] __x64_sys_openat+0x174/0x210 [ 360.667606][T11307] ? __pfx___x64_sys_openat+0x10/0x10 [ 360.667633][T11307] do_syscall_64+0xcd/0xfa0 [ 360.667651][T11307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 360.667666][T11307] RIP: 0033:0x7fa8caf8e010 [ 360.667677][T11307] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 360.667691][T11307] RSP: 002b:00007fa8cbe3efe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 360.667704][T11307] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fa8caf8e010 [ 360.667713][T11307] RDX: 0000000000000002 RSI: 00007fa8cb01424b RDI: 00000000ffffff9c [ 360.667721][T11307] RBP: 00007fa8cb01424b R08: 0000000000000000 R09: 00007fa8cbe40000 [ 360.667730][T11307] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 360.667738][T11307] R13: 00007fa8cb1e6038 R14: 00007fa8cb1e5fa0 R15: 00007ffd72640cf8 [ 360.667756][T11307] [ 361.212638][ T5150] Bluetooth: hci4: command tx timeout [ 361.267724][T11221] 8021q: adding VLAN 0 to HW filter on device bond0 [ 361.323442][T11221] 8021q: adding VLAN 0 to HW filter on device team0 [ 361.374701][ T9808] bridge0: port 1(bridge_slave_0) entered blocking state [ 361.381879][ T9808] bridge0: port 1(bridge_slave_0) entered forwarding state [ 361.479711][ T9808] bridge0: port 2(bridge_slave_1) entered blocking state [ 361.486870][ T9808] bridge0: port 2(bridge_slave_1) entered forwarding state [ 361.623407][T11221] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 361.688712][T11221] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 361.993293][T11342] binder: 11341:11342 ioctl 4018620d 9 returned -22 [ 362.087603][T11344] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1177'. [ 362.251270][T11221] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 362.861841][T11344] overlayfs: missing 'lowerdir' [ 363.051829][T11221] veth0_vlan: entered promiscuous mode [ 363.107764][T11221] veth1_vlan: entered promiscuous mode [ 363.224810][T11221] veth0_macvtap: entered promiscuous mode [ 363.279673][ T5150] Bluetooth: hci4: command tx timeout [ 363.329341][T11221] veth1_macvtap: entered promiscuous mode [ 363.347237][T11367] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [1048706]. [ 363.414737][T11221] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 363.546137][T11221] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 363.666094][ T9800] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.706808][ T9800] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.766833][ T9800] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 363.775622][ T9800] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 364.170679][ T9808] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 364.217018][ T9808] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 364.333387][ T9808] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 364.365299][ T9808] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 364.593018][T11380] netlink: 342 bytes leftover after parsing attributes in process `syz.4.1185'. [ 365.770019][T11415] FAULT_INJECTION: forcing a failure. [ 365.770019][T11415] name failslab, interval 1, probability 0, space 0, times 0 [ 365.887893][T11415] CPU: 0 UID: 0 PID: 11415 Comm: syz.5.1192 Not tainted syzkaller #0 PREEMPT(full) [ 365.887918][T11415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 365.887928][T11415] Call Trace: [ 365.887933][T11415] [ 365.887939][T11415] dump_stack_lvl+0x16c/0x1f0 [ 365.887964][T11415] should_fail_ex+0x512/0x640 [ 365.887988][T11415] ? __kmalloc_noprof+0xca/0x880 [ 365.888004][T11415] should_failslab+0xc2/0x120 [ 365.888025][T11415] __kmalloc_noprof+0xdd/0x880 [ 365.888040][T11415] ? memcg_list_lru_alloc+0x4e9/0x740 [ 365.888060][T11415] ? memcg_list_lru_alloc+0x4e9/0x740 [ 365.888075][T11415] memcg_list_lru_alloc+0x4e9/0x740 [ 365.888096][T11415] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 365.888122][T11415] __memcg_slab_post_alloc_hook+0x133/0x940 [ 365.888147][T11415] ? kasan_save_track+0x14/0x30 [ 365.888167][T11415] kmem_cache_alloc_lru_noprof+0x556/0x6e0 [ 365.888182][T11415] ? rcu_is_watching+0x12/0xc0 [ 365.888200][T11415] ? __d_alloc+0x32/0xae0 [ 365.888220][T11415] ? __d_alloc+0x32/0xae0 [ 365.888236][T11415] __d_alloc+0x32/0xae0 [ 365.888255][T11415] d_alloc_pseudo+0x1c/0xc0 [ 365.888277][T11415] alloc_file_pseudo+0xcf/0x230 [ 365.888300][T11415] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 365.888323][T11415] ? security_inode_init_security_anon+0x79/0x240 [ 365.888351][T11415] secretmem_file_create.constprop.0+0x89/0x290 [ 365.888393][T11415] __x64_sys_memfd_secret+0xc1/0x150 [ 365.888417][T11415] do_syscall_64+0xcd/0xfa0 [ 365.888438][T11415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 365.888456][T11415] RIP: 0033:0x7f79adb8f7c9 [ 365.888470][T11415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 365.888485][T11415] RSP: 002b:00007f79aea25038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 365.888502][T11415] RAX: ffffffffffffffda RBX: 00007f79adde5fa0 RCX: 00007f79adb8f7c9 [ 365.888512][T11415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 365.888521][T11415] RBP: 00007f79adc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 365.888531][T11415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 365.888539][T11415] R13: 00007f79adde6038 R14: 00007f79adde5fa0 R15: 00007fff55146ee8 [ 365.888559][T11415] [ 366.899892][T11424] zswap: compressor 000 not available [ 366.951576][ T5150] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 367.204389][T11425] zswap: compressor not available [ 369.041723][ T5839] Bluetooth: hci0: command 0x0c1a tx timeout [ 371.233297][T11518] zswap: compressor not available [ 372.053791][T11539] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1219'. [ 372.938359][T11559] FAULT_INJECTION: forcing a failure. [ 372.938359][T11559] name failslab, interval 1, probability 0, space 0, times 0 [ 373.029162][T11559] CPU: 0 UID: 0 PID: 11559 Comm: syz.1.1223 Not tainted syzkaller #0 PREEMPT(full) [ 373.029184][T11559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 373.029193][T11559] Call Trace: [ 373.029198][T11559] [ 373.029204][T11559] dump_stack_lvl+0x16c/0x1f0 [ 373.029227][T11559] should_fail_ex+0x512/0x640 [ 373.029249][T11559] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 373.029265][T11559] should_failslab+0xc2/0x120 [ 373.029284][T11559] kmem_cache_alloc_noprof+0x75/0x6e0 [ 373.029298][T11559] ? alloc_empty_file+0x55/0x1e0 [ 373.029320][T11559] ? alloc_empty_file+0x55/0x1e0 [ 373.029337][T11559] ? _raw_spin_unlock+0x28/0x50 [ 373.029350][T11559] alloc_empty_file+0x55/0x1e0 [ 373.029369][T11559] alloc_file_pseudo+0x13a/0x230 [ 373.029388][T11559] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 373.029407][T11559] ? security_inode_init_security_anon+0x79/0x240 [ 373.029433][T11559] secretmem_file_create.constprop.0+0x89/0x290 [ 373.029452][T11559] __x64_sys_memfd_secret+0xc1/0x150 [ 373.029468][T11559] do_syscall_64+0xcd/0xfa0 [ 373.029485][T11559] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 373.029499][T11559] RIP: 0033:0x7f1ba118f7c9 [ 373.029510][T11559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 373.029523][T11559] RSP: 002b:00007f1ba2091038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 373.029536][T11559] RAX: ffffffffffffffda RBX: 00007f1ba13e5fa0 RCX: 00007f1ba118f7c9 [ 373.029545][T11559] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 373.029553][T11559] RBP: 00007f1ba1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 373.029561][T11559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 373.029569][T11559] R13: 00007f1ba13e6038 R14: 00007f1ba13e5fa0 R15: 00007ffde88109e8 [ 373.029587][T11559] [ 374.799488][T11586] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 375.563558][T11596] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 375.651365][T11599] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1230'. [ 376.314208][ T5839] Bluetooth: hci2: unknown advertising packet type: 0xea [ 376.315181][ T5839] Bluetooth: hci2: unknown advertising packet type: 0xea [ 376.898008][T11620] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1233'. [ 378.273040][T11643] netlink: 350 bytes leftover after parsing attributes in process `syz.5.1241'. [ 378.519390][T11654] binder: 11653:11654 ioctl 4018620d 9 returned -22 [ 378.727457][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.734105][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.071213][T11684] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 380.157769][T11684] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1251'. [ 380.203862][T11684] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1251'. [ 380.327870][T11688] FAULT_INJECTION: forcing a failure. [ 380.327870][T11688] name failslab, interval 1, probability 0, space 0, times 0 [ 380.500607][T11693] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 380.547344][T11698] bond0: invalid ARP target specified [ 380.586861][T11688] CPU: 0 UID: 0 PID: 11688 Comm: syz.5.1252 Not tainted syzkaller #0 PREEMPT(full) [ 380.586882][T11688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 380.586891][T11688] Call Trace: [ 380.586896][T11688] [ 380.586902][T11688] dump_stack_lvl+0x16c/0x1f0 [ 380.586925][T11688] should_fail_ex+0x512/0x640 [ 380.586951][T11688] ? __kmalloc_cache_node_noprof+0x62/0x7a0 [ 380.586970][T11688] should_failslab+0xc2/0x120 [ 380.586989][T11688] __kmalloc_cache_node_noprof+0x75/0x7a0 [ 380.587005][T11688] ? init_rescuer+0x1a4/0x640 [ 380.587025][T11688] ? __alloc_workqueue+0xcda/0x1810 [ 380.587045][T11688] ? init_rescuer+0x1a4/0x640 [ 380.587063][T11688] init_rescuer+0x1a4/0x640 [ 380.587081][T11688] ? __pfx_init_rescuer+0x10/0x10 [ 380.587105][T11688] ? wq_adjust_max_active+0x39d/0x4a0 [ 380.587127][T11688] __alloc_workqueue+0xda1/0x1810 [ 380.587147][T11688] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 380.587172][T11688] alloc_workqueue_noprof+0xd2/0x200 [ 380.587191][T11688] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 380.587215][T11688] ? __pfx___debug_object_init+0x10/0x10 [ 380.587237][T11688] nci_register_device+0x511/0xb80 [ 380.587254][T11688] ? __pfx_nci_register_device+0x10/0x10 [ 380.587270][T11688] ? lockdep_init_map_type+0x5c/0x280 [ 380.587293][T11688] virtual_ncidev_open+0x141/0x220 [ 380.587310][T11688] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 380.587324][T11688] misc_open+0x26d/0x450 [ 380.587344][T11688] ? __pfx_misc_open+0x10/0x10 [ 380.587363][T11688] chrdev_open+0x234/0x6a0 [ 380.587379][T11688] ? __pfx_apparmor_file_open+0x10/0x10 [ 380.587399][T11688] ? __pfx_chrdev_open+0x10/0x10 [ 380.587416][T11688] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 380.587436][T11688] do_dentry_open+0x982/0x1530 [ 380.587452][T11688] ? __pfx_chrdev_open+0x10/0x10 [ 380.587471][T11688] vfs_open+0x82/0x3f0 [ 380.587492][T11688] path_openat+0x1de4/0x2cb0 [ 380.587514][T11688] ? __pfx_path_openat+0x10/0x10 [ 380.587530][T11688] ? __lock_acquire+0xb8a/0x1c90 [ 380.587549][T11688] do_filp_open+0x20b/0x470 [ 380.587565][T11688] ? __pfx_do_filp_open+0x10/0x10 [ 380.587593][T11688] ? alloc_fd+0x471/0x7d0 [ 380.587612][T11688] do_sys_openat2+0x11b/0x1d0 [ 380.587631][T11688] ? __pfx_do_sys_openat2+0x10/0x10 [ 380.587651][T11688] ? __fput+0x68d/0xb70 [ 380.587673][T11688] __x64_sys_openat+0x174/0x210 [ 380.587692][T11688] ? __pfx___x64_sys_openat+0x10/0x10 [ 380.587719][T11688] do_syscall_64+0xcd/0xfa0 [ 380.587737][T11688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 380.587750][T11688] RIP: 0033:0x7f79adb8f7c9 [ 380.587763][T11688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 380.587776][T11688] RSP: 002b:00007f79aea25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 380.587789][T11688] RAX: ffffffffffffffda RBX: 00007f79adde5fa0 RCX: 00007f79adb8f7c9 [ 380.587798][T11688] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 380.587807][T11688] RBP: 00007f79adc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 380.587815][T11688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 380.587824][T11688] R13: 00007f79adde6038 R14: 00007f79adde5fa0 R15: 00007fff55146ee8 [ 380.587843][T11688] [ 380.592021][T11688] workqueue: Failed to allocate a rescuer for wq "nfc2_nci_tx_wq" [ 382.739258][T11736] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1265'. [ 383.634392][T11750] binder: 11749:11750 ioctl 4018620d 9 returned -22 [ 384.210071][T11758] FAULT_INJECTION: forcing a failure. [ 384.210071][T11758] name fail_futex, interval 1, probability 0, space 0, times 0 [ 384.304105][T11760] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1272'. [ 384.397284][T11758] CPU: 0 UID: 0 PID: 11758 Comm: syz.5.1271 Not tainted syzkaller #0 PREEMPT(full) [ 384.397308][T11758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 384.397317][T11758] Call Trace: [ 384.397322][T11758] [ 384.397328][T11758] dump_stack_lvl+0x16c/0x1f0 [ 384.397352][T11758] should_fail_ex+0x512/0x640 [ 384.397376][T11758] get_futex_key+0x1d0/0x1560 [ 384.397397][T11758] ? __pfx_get_futex_key+0x10/0x10 [ 384.397420][T11758] futex_wake+0xea/0x530 [ 384.397442][T11758] ? __pfx_futex_wake+0x10/0x10 [ 384.397463][T11758] ? rcu_is_watching+0x12/0xc0 [ 384.397485][T11758] do_futex+0x1e3/0x350 [ 384.397503][T11758] ? __pfx_do_futex+0x10/0x10 [ 384.397521][T11758] ? __fput+0x68d/0xb70 [ 384.397538][T11758] ? __pfx___might_resched+0x10/0x10 [ 384.397555][T11758] __x64_sys_futex+0x1e0/0x4c0 [ 384.397575][T11758] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 384.397592][T11758] ? __pfx___x64_sys_futex+0x10/0x10 [ 384.397609][T11758] ? ksys_mmap_pgoff+0x85/0x5c0 [ 384.397625][T11758] ? xfd_validate_state+0x61/0x180 [ 384.397643][T11758] ? __pfx_ksys_write+0x10/0x10 [ 384.397663][T11758] do_syscall_64+0xcd/0xfa0 [ 384.397680][T11758] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 384.397694][T11758] RIP: 0033:0x7f79adb8f7c9 [ 384.397707][T11758] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 384.397720][T11758] RSP: 002b:00007f79aea250e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 384.397733][T11758] RAX: ffffffffffffffda RBX: 00007f79adde5fa8 RCX: 00007f79adb8f7c9 [ 384.397743][T11758] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f79adde5fac [ 384.397751][T11758] RBP: 00007f79adde5fa0 R08: 00007f79aea26000 R09: 0000000000000000 [ 384.397760][T11758] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 384.397768][T11758] R13: 00007f79adde6038 R14: 00007fff55146e00 R15: 00007fff55146ee8 [ 384.397786][T11758] [ 385.923633][T11771] netlink: 346 bytes leftover after parsing attributes in process `syz.5.1276'. [ 386.662177][T11787] FAULT_INJECTION: forcing a failure. [ 386.662177][T11787] name failslab, interval 1, probability 0, space 0, times 0 [ 386.848302][T11787] CPU: 0 UID: 0 PID: 11787 Comm: syz.1.1280 Not tainted syzkaller #0 PREEMPT(full) [ 386.848328][T11787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 386.848338][T11787] Call Trace: [ 386.848343][T11787] [ 386.848349][T11787] dump_stack_lvl+0x16c/0x1f0 [ 386.848371][T11787] should_fail_ex+0x512/0x640 [ 386.848391][T11787] ? __kmalloc_noprof+0xca/0x880 [ 386.848407][T11787] should_failslab+0xc2/0x120 [ 386.848425][T11787] __kmalloc_noprof+0xdd/0x880 [ 386.848438][T11787] ? sk_prot_alloc+0x1a8/0x2a0 [ 386.848458][T11787] ? sk_prot_alloc+0x1a8/0x2a0 [ 386.848472][T11787] sk_prot_alloc+0x1a8/0x2a0 [ 386.848489][T11787] sk_alloc+0x36/0xc20 [ 386.848510][T11787] __netlink_create+0x5e/0x2c0 [ 386.848532][T11787] __netlink_kernel_create+0xed/0x750 [ 386.848548][T11787] ? __pfx___netlink_kernel_create+0x10/0x10 [ 386.848562][T11787] ? find_held_lock+0x2b/0x80 [ 386.848576][T11787] ? audit_net_init+0x190/0x440 [ 386.848596][T11787] audit_net_init+0x1ae/0x440 [ 386.848614][T11787] ? __pfx_audit_net_init+0x10/0x10 [ 386.848631][T11787] ? rcu_is_watching+0x12/0xc0 [ 386.848645][T11787] ? __pfx_audit_receive+0x10/0x10 [ 386.848664][T11787] ? __pfx_audit_multicast_bind+0x10/0x10 [ 386.848683][T11787] ? __pfx_audit_multicast_unbind+0x10/0x10 [ 386.848703][T11787] ? __pfx_genl_unbind+0x10/0x10 [ 386.848722][T11787] ? ops_init+0x77/0x5f0 [ 386.848739][T11787] ? __pfx_audit_net_init+0x10/0x10 [ 386.848755][T11787] ops_init+0x1e2/0x5f0 [ 386.848772][T11787] setup_net+0x100/0x390 [ 386.848787][T11787] ? __pfx_setup_net+0x10/0x10 [ 386.848803][T11787] ? debug_mutex_init+0x37/0x70 [ 386.848820][T11787] copy_net_ns+0x2f8/0x690 [ 386.848838][T11787] create_new_namespaces+0x3ea/0xa90 [ 386.848859][T11787] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 386.848876][T11787] ksys_unshare+0x45b/0xa40 [ 386.848894][T11787] ? __pfx_ksys_unshare+0x10/0x10 [ 386.848912][T11787] ? xfd_validate_state+0x61/0x180 [ 386.848936][T11787] __x64_sys_unshare+0x31/0x40 [ 386.848953][T11787] do_syscall_64+0xcd/0xfa0 [ 386.848970][T11787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 386.848985][T11787] RIP: 0033:0x7f1ba118f7c9 [ 386.848997][T11787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 386.849011][T11787] RSP: 002b:00007f1ba2070038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 386.849026][T11787] RAX: ffffffffffffffda RBX: 00007f1ba13e6090 RCX: 00007f1ba118f7c9 [ 386.849035][T11787] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 386.849043][T11787] RBP: 00007f1ba1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 386.849051][T11787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 386.849059][T11787] R13: 00007f1ba13e6128 R14: 00007f1ba13e6090 R15: 00007ffde88109e8 [ 386.849079][T11787] [ 386.851341][T11787] audit: cannot initialize netlink socket in namespace [ 387.439806][T11792] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1283'. [ 387.489334][T11793] FAULT_INJECTION: forcing a failure. [ 387.489334][T11793] name failslab, interval 1, probability 0, space 0, times 0 [ 387.631179][T11793] CPU: 0 UID: 0 PID: 11793 Comm: syz.5.1282 Not tainted syzkaller #0 PREEMPT(full) [ 387.631201][T11793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 387.631211][T11793] Call Trace: [ 387.631216][T11793] [ 387.631222][T11793] dump_stack_lvl+0x16c/0x1f0 [ 387.631245][T11793] should_fail_ex+0x512/0x640 [ 387.631267][T11793] ? __kmalloc_noprof+0xca/0x880 [ 387.631282][T11793] should_failslab+0xc2/0x120 [ 387.631300][T11793] __kmalloc_noprof+0xdd/0x880 [ 387.631312][T11793] ? rcu_is_watching+0x12/0xc0 [ 387.631326][T11793] ? sk_prot_alloc+0x1a8/0x2a0 [ 387.631345][T11793] ? sk_prot_alloc+0x1a8/0x2a0 [ 387.631359][T11793] sk_prot_alloc+0x1a8/0x2a0 [ 387.631376][T11793] sk_alloc+0x36/0xc20 [ 387.631397][T11793] caif_create+0x10b/0x430 [ 387.631413][T11793] __sock_create+0x338/0x8d0 [ 387.631434][T11793] __sys_socket+0x14d/0x260 [ 387.631452][T11793] ? __pfx___sys_socket+0x10/0x10 [ 387.631470][T11793] ? xfd_validate_state+0x61/0x180 [ 387.631494][T11793] __x64_sys_socket+0x72/0xb0 [ 387.631510][T11793] ? lockdep_hardirqs_on+0x7c/0x110 [ 387.631526][T11793] do_syscall_64+0xcd/0xfa0 [ 387.631543][T11793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 387.631557][T11793] RIP: 0033:0x7f79adb8f7c9 [ 387.631568][T11793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 387.631581][T11793] RSP: 002b:00007f79aea25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 387.631595][T11793] RAX: ffffffffffffffda RBX: 00007f79adde5fa0 RCX: 00007f79adb8f7c9 [ 387.631605][T11793] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000025 [ 387.631613][T11793] RBP: 00007f79adc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 387.631621][T11793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 387.631629][T11793] R13: 00007f79adde6038 R14: 00007f79adde5fa0 R15: 00007fff55146ee8 [ 387.631647][T11793] [ 387.631986][T11795] random: crng reseeded on system resumption [ 388.543783][T11802] FAULT_INJECTION: forcing a failure. [ 388.543783][T11802] name failslab, interval 1, probability 0, space 0, times 0 [ 388.602701][T11802] CPU: 0 UID: 0 PID: 11802 Comm: syz.1.1285 Not tainted syzkaller #0 PREEMPT(full) [ 388.602724][T11802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 388.602734][T11802] Call Trace: [ 388.602739][T11802] [ 388.602745][T11802] dump_stack_lvl+0x16c/0x1f0 [ 388.602767][T11802] should_fail_ex+0x512/0x640 [ 388.602789][T11802] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 388.602806][T11802] should_failslab+0xc2/0x120 [ 388.602825][T11802] kmem_cache_alloc_noprof+0x75/0x6e0 [ 388.602839][T11802] ? alloc_empty_file+0x55/0x1e0 [ 388.602862][T11802] ? alloc_empty_file+0x55/0x1e0 [ 388.602879][T11802] ? _raw_spin_unlock+0x28/0x50 [ 388.602892][T11802] alloc_empty_file+0x55/0x1e0 [ 388.602911][T11802] alloc_file_pseudo+0x13a/0x230 [ 388.602931][T11802] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 388.602950][T11802] ? security_inode_init_security_anon+0x79/0x240 [ 388.602976][T11802] secretmem_file_create.constprop.0+0x89/0x290 [ 388.602994][T11802] __x64_sys_memfd_secret+0xc1/0x150 [ 388.603010][T11802] do_syscall_64+0xcd/0xfa0 [ 388.603027][T11802] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 388.603041][T11802] RIP: 0033:0x7f1ba118f7c9 [ 388.603053][T11802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 388.603066][T11802] RSP: 002b:00007f1ba2091038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 388.603081][T11802] RAX: ffffffffffffffda RBX: 00007f1ba13e5fa0 RCX: 00007f1ba118f7c9 [ 388.603091][T11802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 388.603099][T11802] RBP: 00007f1ba1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 388.603107][T11802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 388.603115][T11802] R13: 00007f1ba13e6038 R14: 00007f1ba13e5fa0 R15: 00007ffde88109e8 [ 388.603134][T11802] [ 389.609263][T11813] FAULT_INJECTION: forcing a failure. [ 389.609263][T11813] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 389.642934][T11816] FAULT_INJECTION: forcing a failure. [ 389.642934][T11816] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 389.709963][T11813] CPU: 0 UID: 0 PID: 11813 Comm: syz.1.1287 Not tainted syzkaller #0 PREEMPT(full) [ 389.709984][T11813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 389.709993][T11813] Call Trace: [ 389.709998][T11813] [ 389.710004][T11813] dump_stack_lvl+0x16c/0x1f0 [ 389.710026][T11813] should_fail_ex+0x512/0x640 [ 389.710049][T11813] should_fail_alloc_page+0xe7/0x130 [ 389.710070][T11813] prepare_alloc_pages+0x3c2/0x610 [ 389.710092][T11813] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 389.710109][T11813] ? find_held_lock+0x2b/0x80 [ 389.710124][T11813] ? process_measurement+0x4a6/0x23e0 [ 389.710145][T11813] ? down_write+0x14d/0x200 [ 389.710166][T11813] ? up_write+0x1b2/0x520 [ 389.710186][T11813] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 389.710201][T11813] ? process_measurement+0x1e6/0x23e0 [ 389.710228][T11813] ? __lock_acquire+0x622/0x1c90 [ 389.710247][T11813] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 389.710271][T11813] ? policy_nodemask+0xea/0x4e0 [ 389.710292][T11813] alloc_pages_mpol+0x1fb/0x550 [ 389.710310][T11813] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 389.710334][T11813] alloc_pages_noprof+0x131/0x390 [ 389.710353][T11813] __pmd_alloc+0x3b/0x8b0 [ 389.710373][T11813] __handle_mm_fault+0xada/0x2aa0 [ 389.710396][T11813] ? mt_find+0x3e2/0xa20 [ 389.710414][T11813] ? __pfx___handle_mm_fault+0x10/0x10 [ 389.710434][T11813] ? __pfx_mt_find+0x10/0x10 [ 389.710461][T11813] ? find_vma+0xbf/0x140 [ 389.710476][T11813] ? __pfx_find_vma+0x10/0x10 [ 389.710500][T11813] handle_mm_fault+0x589/0xd10 [ 389.710521][T11813] ? __pkru_allows_pkey+0x21/0xb0 [ 389.710544][T11813] do_user_addr_fault+0x7a6/0x1370 [ 389.710559][T11813] ? rcu_is_watching+0x12/0xc0 [ 389.710576][T11813] exc_page_fault+0x64/0xc0 [ 389.710592][T11813] asm_exc_page_fault+0x26/0x30 [ 389.710606][T11813] RIP: 0010:__get_user_nocheck_8+0x6/0x20 [ 389.710620][T11813] Code: ca e9 3e 34 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb 0f ae e8 <48> 8b 10 31 c0 0f 01 ca e9 0d 34 04 00 66 66 2e 0f 1f 84 00 00 00 [ 389.710633][T11813] RSP: 0018:ffffc90004c47d08 EFLAGS: 00050293 [ 389.710645][T11813] RAX: 000000000000000d RBX: ffff888027d49e40 RCX: ffffffff817e55c0 [ 389.710654][T11813] RDX: ffff888050ea1e40 RSI: ffffffff817e55ce RDI: 0000000000000006 [ 389.710663][T11813] RBP: 1ffff92000988fa4 R08: 0000000000000006 R09: 000000000000000d [ 389.710671][T11813] R10: 00007ffffffff000 R11: 0000000000000001 R12: 0000000000004205 [ 389.710679][T11813] R13: ffffc90004c47d90 R14: 00007ffffffff000 R15: 000000000000000d [ 389.710693][T11813] ? ptrace_request+0x180/0x1290 [ 389.710711][T11813] ? ptrace_request+0x18e/0x1290 [ 389.710730][T11813] ptrace_request+0x19a/0x1290 [ 389.710747][T11813] ? __pfx_ptrace_request+0x10/0x10 [ 389.710762][T11813] ? find_held_lock+0x2b/0x80 [ 389.710778][T11813] ? rcu_is_watching+0x12/0xc0 [ 389.710791][T11813] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 389.710808][T11813] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 389.710823][T11813] ? wait_task_inactive+0x486/0x760 [ 389.710846][T11813] ? ptrace_check_attach+0x2c5/0x3f0 [ 389.710862][T11813] ? mark_held_locks+0x49/0x80 [ 389.710881][T11813] arch_ptrace+0x31d/0x650 [ 389.710904][T11813] __x64_sys_ptrace+0x17c/0x2a0 [ 389.710922][T11813] do_syscall_64+0xcd/0xfa0 [ 389.710940][T11813] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.710953][T11813] RIP: 0033:0x7f1ba118f7c9 [ 389.710964][T11813] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 389.710976][T11813] RSP: 002b:00007f1ba2091038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 389.710991][T11813] RAX: ffffffffffffffda RBX: 00007f1ba13e5fa0 RCX: 00007f1ba118f7c9 [ 389.711000][T11813] RDX: 0000000000000005 RSI: 0000000000000537 RDI: 0000000000004205 [ 389.711009][T11813] RBP: 00007f1ba2091090 R08: 0000000000000000 R09: 0000000000000000 [ 389.711017][T11813] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001 [ 389.711025][T11813] R13: 00007f1ba13e6038 R14: 00007f1ba13e5fa0 R15: 00007ffde88109e8 [ 389.711043][T11813] [ 390.520240][T11816] CPU: 0 UID: 0 PID: 11816 Comm: syz.2.1288 Not tainted syzkaller #0 PREEMPT(full) [ 390.520262][T11816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 390.520270][T11816] Call Trace: [ 390.520275][T11816] [ 390.520281][T11816] dump_stack_lvl+0x16c/0x1f0 [ 390.520303][T11816] should_fail_ex+0x512/0x640 [ 390.520327][T11816] should_fail_alloc_page+0xe7/0x130 [ 390.520348][T11816] prepare_alloc_pages+0x3c2/0x610 [ 390.520370][T11816] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 390.520392][T11816] ? find_held_lock+0x2b/0x80 [ 390.520407][T11816] ? process_measurement+0x4a6/0x23e0 [ 390.520428][T11816] ? down_write+0x14d/0x200 [ 390.520448][T11816] ? up_write+0x1b2/0x520 [ 390.520469][T11816] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 390.520483][T11816] ? process_measurement+0x1e6/0x23e0 [ 390.520511][T11816] ? __lock_acquire+0x622/0x1c90 [ 390.520529][T11816] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 390.520553][T11816] ? policy_nodemask+0xea/0x4e0 [ 390.520573][T11816] alloc_pages_mpol+0x1fb/0x550 [ 390.520592][T11816] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 390.520615][T11816] alloc_pages_noprof+0x131/0x390 [ 390.520634][T11816] __pmd_alloc+0x3b/0x8b0 [ 390.520655][T11816] __handle_mm_fault+0xada/0x2aa0 [ 390.520678][T11816] ? mt_find+0x3e2/0xa20 [ 390.520697][T11816] ? __pfx___handle_mm_fault+0x10/0x10 [ 390.520716][T11816] ? __pfx_mt_find+0x10/0x10 [ 390.520743][T11816] ? find_vma+0xbf/0x140 [ 390.520758][T11816] ? __pfx_find_vma+0x10/0x10 [ 390.520776][T11816] handle_mm_fault+0x589/0xd10 [ 390.520798][T11816] ? __pkru_allows_pkey+0x21/0xb0 [ 390.520820][T11816] do_user_addr_fault+0x7a6/0x1370 [ 390.520835][T11816] ? rcu_is_watching+0x12/0xc0 [ 390.520852][T11816] exc_page_fault+0x64/0xc0 [ 390.520868][T11816] asm_exc_page_fault+0x26/0x30 [ 390.520882][T11816] RIP: 0010:__get_user_nocheck_8+0x6/0x20 [ 390.520896][T11816] Code: ca e9 3e 34 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb 0f ae e8 <48> 8b 10 31 c0 0f 01 ca e9 0d 34 04 00 66 66 2e 0f 1f 84 00 00 00 [ 390.520909][T11816] RSP: 0018:ffffc90004c27d08 EFLAGS: 00050293 [ 390.520921][T11816] RAX: 000000000000000d RBX: ffff8880256e0000 RCX: ffffffff817e55c0 [ 390.520930][T11816] RDX: ffff88802cd8bc80 RSI: ffffffff817e55ce RDI: 0000000000000006 [ 390.520939][T11816] RBP: 1ffff92000984fa4 R08: 0000000000000006 R09: 000000000000000d [ 390.520947][T11816] R10: 00007ffffffff000 R11: 0000000000000001 R12: 0000000000004205 [ 390.520956][T11816] R13: ffffc90004c27d90 R14: 00007ffffffff000 R15: 000000000000000d [ 390.520969][T11816] ? ptrace_request+0x180/0x1290 [ 390.520986][T11816] ? ptrace_request+0x18e/0x1290 [ 390.521005][T11816] ptrace_request+0x19a/0x1290 [ 390.521022][T11816] ? __pfx_ptrace_request+0x10/0x10 [ 390.521038][T11816] ? find_held_lock+0x2b/0x80 [ 390.521053][T11816] ? rcu_is_watching+0x12/0xc0 [ 390.521066][T11816] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 390.521083][T11816] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 390.521098][T11816] ? wait_task_inactive+0x486/0x760 [ 390.521121][T11816] ? ptrace_check_attach+0x2c5/0x3f0 [ 390.521136][T11816] ? mark_held_locks+0x49/0x80 [ 390.521156][T11816] arch_ptrace+0x31d/0x650 [ 390.521178][T11816] __x64_sys_ptrace+0x17c/0x2a0 [ 390.521196][T11816] do_syscall_64+0xcd/0xfa0 [ 390.521214][T11816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.521227][T11816] RIP: 0033:0x7f2e0978f7c9 [ 390.521240][T11816] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 390.521253][T11816] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065 [ 390.521265][T11816] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 390.521274][T11816] RDX: 0000000000000005 RSI: 00000000000004e5 RDI: 0000000000004205 [ 390.521282][T11816] RBP: 00007f2e0a696090 R08: 0000000000000000 R09: 0000000000000000 [ 390.521290][T11816] R10: 000000000000000d R11: 0000000000000246 R12: 0000000000000001 [ 390.521298][T11816] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 390.521316][T11816] [ 391.882982][T11819] zswap: compressor not available [ 394.232812][T11860] FAULT_INJECTION: forcing a failure. [ 394.232812][T11860] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 394.340306][T11860] CPU: 0 UID: 0 PID: 11860 Comm: syz.1.1299 Not tainted syzkaller #0 PREEMPT(full) [ 394.340328][T11860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 394.340337][T11860] Call Trace: [ 394.340342][T11860] [ 394.340348][T11860] dump_stack_lvl+0x16c/0x1f0 [ 394.340370][T11860] should_fail_ex+0x512/0x640 [ 394.340394][T11860] _copy_from_user+0x2e/0xd0 [ 394.340416][T11860] get_timespec64+0x8b/0x1b0 [ 394.340434][T11860] ? __pfx_get_timespec64+0x10/0x10 [ 394.340450][T11860] ? find_held_lock+0x2b/0x80 [ 394.340469][T11860] __x64_sys_futex+0x288/0x4c0 [ 394.340490][T11860] ? __pfx___x64_sys_futex+0x10/0x10 [ 394.340509][T11860] ? xfd_validate_state+0x61/0x180 [ 394.340535][T11860] do_syscall_64+0xcd/0xfa0 [ 394.340553][T11860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.340567][T11860] RIP: 0033:0x7f1ba118f7c9 [ 394.340579][T11860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.340592][T11860] RSP: 002b:00007ffde8810b48 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 394.340605][T11860] RAX: ffffffffffffffda RBX: 000000000006037e RCX: 00007f1ba118f7c9 [ 394.340614][T11860] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1ba13e5fac [ 394.340622][T11860] RBP: 0000000000000032 R08: 00007f1ba2092000 R09: 00000013e8810e3f [ 394.340631][T11860] R10: 00007ffde8810c40 R11: 0000000000000246 R12: 00007f1ba13e5fac [ 394.340640][T11860] R13: 00007ffde8810c40 R14: 00000000000603b0 R15: 00007ffde8810c60 [ 394.340658][T11860] [ 395.300297][T11874] FAULT_INJECTION: forcing a failure. [ 395.300297][T11874] name fail_futex, interval 1, probability 0, space 0, times 0 [ 395.363046][T11874] CPU: 0 UID: 0 PID: 11874 Comm: syz.2.1302 Not tainted syzkaller #0 PREEMPT(full) [ 395.363068][T11874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 395.363077][T11874] Call Trace: [ 395.363081][T11874] [ 395.363087][T11874] dump_stack_lvl+0x16c/0x1f0 [ 395.363108][T11874] should_fail_ex+0x512/0x640 [ 395.363132][T11874] get_futex_key+0x1d0/0x1560 [ 395.363153][T11874] ? __pfx_get_futex_key+0x10/0x10 [ 395.363173][T11874] ? stack_trace_save+0x8e/0xc0 [ 395.363190][T11874] futex_wait_setup+0x9d/0x550 [ 395.363208][T11874] __futex_wait+0x193/0x2f0 [ 395.363221][T11874] ? __pfx___futex_wait+0x10/0x10 [ 395.363237][T11874] ? __pfx_futex_wake_mark+0x10/0x10 [ 395.363260][T11874] ? futex_hash+0x2c5/0x380 [ 395.363279][T11874] ? futex_private_hash_put+0xd5/0x190 [ 395.363297][T11874] futex_wait+0xe8/0x380 [ 395.363309][T11874] ? __pfx_futex_wait+0x10/0x10 [ 395.363331][T11874] do_futex+0x229/0x350 [ 395.363349][T11874] ? __pfx_do_futex+0x10/0x10 [ 395.363367][T11874] ? __fput+0x68d/0xb70 [ 395.363385][T11874] ? __pfx___might_resched+0x10/0x10 [ 395.363402][T11874] __x64_sys_futex+0x1e0/0x4c0 [ 395.363421][T11874] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 395.363438][T11874] ? __pfx___x64_sys_futex+0x10/0x10 [ 395.363457][T11874] ? __pfx___do_sys_close_range+0x10/0x10 [ 395.363478][T11874] do_syscall_64+0xcd/0xfa0 [ 395.363496][T11874] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.363510][T11874] RIP: 0033:0x7f2e0978f7c9 [ 395.363521][T11874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.363535][T11874] RSP: 002b:00007f2e0a6960e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 395.363549][T11874] RAX: ffffffffffffffda RBX: 00007f2e099e5fa8 RCX: 00007f2e0978f7c9 [ 395.363558][T11874] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2e099e5fa8 [ 395.363566][T11874] RBP: 00007f2e099e5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 395.363578][T11874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 395.363586][T11874] R13: 00007f2e099e6038 R14: 00007ffc1a5a9500 R15: 00007ffc1a5a95e8 [ 395.363604][T11874] [ 397.337054][T11906] nbd: must specify at least one socket [ 397.403364][T11909] nbd: must specify at least one socket [ 399.468775][ T5150] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 399.480126][ T5150] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 399.488422][ T5150] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 399.496695][ T5150] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 399.507204][ T5150] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 400.352007][T11949] chnl_net:caif_netlink_parms(): no params data found [ 400.636267][T11979] FAULT_INJECTION: forcing a failure. [ 400.636267][T11979] name failslab, interval 1, probability 0, space 0, times 0 [ 400.720127][T11979] CPU: 0 UID: 0 PID: 11979 Comm: syz.5.1329 Not tainted syzkaller #0 PREEMPT(full) [ 400.720150][T11979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 400.720159][T11979] Call Trace: [ 400.720164][T11979] [ 400.720170][T11979] dump_stack_lvl+0x16c/0x1f0 [ 400.720193][T11979] should_fail_ex+0x512/0x640 [ 400.720214][T11979] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 400.720231][T11979] should_failslab+0xc2/0x120 [ 400.720251][T11979] kmem_cache_alloc_noprof+0x75/0x6e0 [ 400.720265][T11979] ? alloc_empty_file+0x55/0x1e0 [ 400.720288][T11979] ? alloc_empty_file+0x55/0x1e0 [ 400.720306][T11979] ? _raw_spin_unlock+0x28/0x50 [ 400.720319][T11979] alloc_empty_file+0x55/0x1e0 [ 400.720346][T11979] alloc_file_pseudo+0x13a/0x230 [ 400.720367][T11979] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 400.720387][T11979] ? security_inode_init_security_anon+0x79/0x240 [ 400.720413][T11979] secretmem_file_create.constprop.0+0x89/0x290 [ 400.720432][T11979] __x64_sys_memfd_secret+0xc1/0x150 [ 400.720448][T11979] do_syscall_64+0xcd/0xfa0 [ 400.720465][T11979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.720479][T11979] RIP: 0033:0x7f79adb8f7c9 [ 400.720496][T11979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 400.720514][T11979] RSP: 002b:00007f79aea25038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 400.720528][T11979] RAX: ffffffffffffffda RBX: 00007f79adde5fa0 RCX: 00007f79adb8f7c9 [ 400.720537][T11979] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 400.720545][T11979] RBP: 00007f79adc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 400.720568][T11979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 400.720581][T11979] R13: 00007f79adde6038 R14: 00007f79adde5fa0 R15: 00007fff55146ee8 [ 400.720600][T11979] [ 400.908506][ C0] vkms_vblank_simulate: vblank timer overrun [ 400.925615][T11949] bridge0: port 1(bridge_slave_0) entered blocking state [ 400.932726][T11949] bridge0: port 1(bridge_slave_0) entered disabled state [ 400.940561][T11949] bridge_slave_0: entered allmulticast mode [ 400.947555][T11949] bridge_slave_0: entered promiscuous mode [ 400.955030][T11949] bridge0: port 2(bridge_slave_1) entered blocking state [ 400.962147][T11949] bridge0: port 2(bridge_slave_1) entered disabled state [ 400.969319][T11949] bridge_slave_1: entered allmulticast mode [ 400.976373][T11949] bridge_slave_1: entered promiscuous mode [ 400.999718][T11949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 401.011059][T11949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 401.037237][T11949] team0: Port device team_slave_0 added [ 401.045469][T11949] team0: Port device team_slave_1 added [ 401.066967][T11949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 401.073923][T11949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 401.099806][ C0] vkms_vblank_simulate: vblank timer overrun [ 401.105960][T11949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 401.137232][T11949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 401.144816][T11949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 401.207120][T11949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 401.559592][ T5150] Bluetooth: hci5: command tx timeout [ 401.944433][T11949] hsr_slave_0: entered promiscuous mode [ 402.005319][T11949] hsr_slave_1: entered promiscuous mode [ 402.049174][T11949] debugfs: 'hsr0' already exists in 'hsr' [ 402.054919][T11949] Cannot create hsr debugfs directory [ 402.347941][T12009] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1338'. [ 402.661435][T12011] block2mtd: error: cannot open device çinX‘©¼Ëò¨±ÂÚjFBçB>U»;߸³Ilk¬ [ 402.785316][T12011] ptp ptp0: only physical clock in use now [ 402.920599][T11949] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 403.311118][T12018] netlink: 'syz.1.1340': attribute type 4 has an invalid length. [ 403.378887][T12018] netlink: 314 bytes leftover after parsing attributes in process `syz.1.1340'. [ 403.616771][ T5150] Bluetooth: hci5: command tx timeout [ 404.437464][T11949] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 404.563628][T11949] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 404.648581][T11949] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 405.077225][T11949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 405.196177][T11949] 8021q: adding VLAN 0 to HW filter on device team0 [ 405.288643][ T1173] bridge0: port 1(bridge_slave_0) entered blocking state [ 405.295753][ T1173] bridge0: port 1(bridge_slave_0) entered forwarding state [ 405.398097][ T1173] bridge0: port 2(bridge_slave_1) entered blocking state [ 405.405265][ T1173] bridge0: port 2(bridge_slave_1) entered forwarding state [ 405.492450][T12056] FAULT_INJECTION: forcing a failure. [ 405.492450][T12056] name failslab, interval 1, probability 0, space 0, times 0 [ 405.678572][T12056] CPU: 0 UID: 0 PID: 12056 Comm: syz.1.1346 Not tainted syzkaller #0 PREEMPT(full) [ 405.678594][T12056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 405.678604][T12056] Call Trace: [ 405.678609][T12056] [ 405.678615][T12056] dump_stack_lvl+0x16c/0x1f0 [ 405.678636][T12056] should_fail_ex+0x512/0x640 [ 405.678657][T12056] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 405.678674][T12056] should_failslab+0xc2/0x120 [ 405.678693][T12056] kmem_cache_alloc_noprof+0x75/0x6e0 [ 405.678707][T12056] ? create_new_namespaces+0x30/0xa90 [ 405.678727][T12056] ? create_new_namespaces+0x30/0xa90 [ 405.678745][T12056] create_new_namespaces+0x30/0xa90 [ 405.678764][T12056] __do_sys_setns+0x210/0x1920 [ 405.678779][T12056] ? fput+0x9b/0xd0 [ 405.678796][T12056] ? __pfx___do_sys_setns+0x10/0x10 [ 405.678817][T12056] do_syscall_64+0xcd/0xfa0 [ 405.678835][T12056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 405.678849][T12056] RIP: 0033:0x7f1ba118f7c9 [ 405.678861][T12056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 405.678874][T12056] RSP: 002b:00007f1ba2091038 EFLAGS: 00000246 ORIG_RAX: 0000000000000134 [ 405.678888][T12056] RAX: ffffffffffffffda RBX: 00007f1ba13e5fa0 RCX: 00007f1ba118f7c9 [ 405.678897][T12056] RDX: 0000000000000000 RSI: 0000000060020000 RDI: 000000000000000a [ 405.678905][T12056] RBP: 00007f1ba1213f91 R08: 0000000000000000 R09: 0000000000000000 [ 405.678913][T12056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 405.678921][T12056] R13: 00007f1ba13e6038 R14: 00007f1ba13e5fa0 R15: 00007ffde88109e8 [ 405.678939][T12056] [ 406.147960][ T5150] Bluetooth: hci5: command tx timeout [ 406.211026][T12060] netlink: 186 bytes leftover after parsing attributes in process `syz.5.1348'. [ 407.619160][T11949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 408.180149][ T5150] Bluetooth: hci5: command tx timeout [ 408.565156][T11949] veth0_vlan: entered promiscuous mode [ 408.651193][T11949] veth1_vlan: entered promiscuous mode [ 408.669047][T12094] netlink: 'syz.2.1353': attribute type 1 has an invalid length. [ 408.729599][T12094] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1353'. [ 408.800084][T11949] veth0_macvtap: entered promiscuous mode [ 408.882024][T11949] veth1_macvtap: entered promiscuous mode [ 408.946809][T11949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 409.031017][T11949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 409.057528][T12068] kvm: kvm [12067]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010058) = 0x2 [ 409.104342][T12100] FAULT_INJECTION: forcing a failure. [ 409.104342][T12100] name failslab, interval 1, probability 0, space 0, times 0 [ 409.172413][ T1092] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.199659][ T1092] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.208377][ T1092] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 409.218715][T12100] CPU: 0 UID: 0 PID: 12100 Comm: syz.5.1354 Not tainted syzkaller #0 PREEMPT(full) [ 409.218736][T12100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 409.218745][T12100] Call Trace: [ 409.218750][T12100] [ 409.218756][T12100] dump_stack_lvl+0x16c/0x1f0 [ 409.218779][T12100] should_fail_ex+0x512/0x640 [ 409.218800][T12100] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 409.218818][T12100] should_failslab+0xc2/0x120 [ 409.218838][T12100] kmem_cache_alloc_noprof+0x75/0x6e0 [ 409.218851][T12100] ? security_file_alloc+0x34/0x2b0 [ 409.218869][T12100] ? security_file_alloc+0x34/0x2b0 [ 409.218882][T12100] security_file_alloc+0x34/0x2b0 [ 409.218897][T12100] init_file+0x93/0x4c0 [ 409.218927][T12100] alloc_empty_file+0x73/0x1e0 [ 409.218947][T12100] alloc_file_pseudo+0x13a/0x230 [ 409.218969][T12100] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 409.218989][T12100] ? security_inode_init_security_anon+0x79/0x240 [ 409.219015][T12100] secretmem_file_create.constprop.0+0x89/0x290 [ 409.219033][T12100] __x64_sys_memfd_secret+0xc1/0x150 [ 409.219050][T12100] do_syscall_64+0xcd/0xfa0 [ 409.219067][T12100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 409.219081][T12100] RIP: 0033:0x7f79adb8f7c9 [ 409.219093][T12100] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 409.219105][T12100] RSP: 002b:00007f79aea04038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 409.219119][T12100] RAX: ffffffffffffffda RBX: 00007f79adde6090 RCX: 00007f79adb8f7c9 [ 409.219128][T12100] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 409.219136][T12100] RBP: 00007f79adc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 409.219144][T12100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 409.219151][T12100] R13: 00007f79adde6128 R14: 00007f79adde6090 R15: 00007fff55146ee8 [ 409.219169][T12100] [ 410.473252][ T1092] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 410.659254][ T1173] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 410.714015][ T1173] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 410.804039][ T7411] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 410.859394][ T7411] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 411.334904][T12126] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1361'. [ 411.347836][T12125] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1316'. [ 411.414320][T12128] netlink: 25 bytes leftover after parsing attributes in process `syz.6.1316'. [ 411.515059][ T30] audit: type=1806 audit(4294970667.452:11): xattr="." res=0 [ 411.537829][T12126] bridge0: port 2(bridge_slave_1) entered disabled state [ 411.936790][T12125] zswap: compressor û not available [ 412.176278][T12126] bridge_slave_1 (unregistering): left allmulticast mode [ 412.319542][T12126] bridge_slave_1 (unregistering): left promiscuous mode [ 412.521421][T12126] bridge0: port 2(bridge_slave_1) entered disabled state [ 413.699056][T12152] FAULT_INJECTION: forcing a failure. [ 413.699056][T12152] name failslab, interval 1, probability 0, space 0, times 0 [ 413.785802][T12152] CPU: 0 UID: 0 PID: 12152 Comm: syz.5.1367 Not tainted syzkaller #0 PREEMPT(full) [ 413.785825][T12152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 413.785834][T12152] Call Trace: [ 413.785839][T12152] [ 413.785845][T12152] dump_stack_lvl+0x16c/0x1f0 [ 413.785868][T12152] should_fail_ex+0x512/0x640 [ 413.785889][T12152] ? __kmalloc_noprof+0xca/0x880 [ 413.785904][T12152] should_failslab+0xc2/0x120 [ 413.785924][T12152] __kmalloc_noprof+0xdd/0x880 [ 413.785936][T12152] ? lsm_blob_alloc+0x68/0x90 [ 413.785956][T12152] ? lsm_blob_alloc+0x68/0x90 [ 413.785972][T12152] lsm_blob_alloc+0x68/0x90 [ 413.785988][T12152] security_sk_alloc+0x30/0x270 [ 413.786009][T12152] sk_prot_alloc+0x1c7/0x2a0 [ 413.786027][T12152] sk_alloc+0x36/0xc20 [ 413.786048][T12152] __netlink_create+0x5e/0x2c0 [ 413.786068][T12152] ? __wake_up+0x3f/0x60 [ 413.786084][T12152] netlink_create+0x39e/0x620 [ 413.786096][T12152] ? __pfx_genl_bind+0x10/0x10 [ 413.786110][T12152] ? __pfx_genl_unbind+0x10/0x10 [ 413.786123][T12152] ? __pfx_genl_release+0x10/0x10 [ 413.786140][T12152] __sock_create+0x338/0x8d0 [ 413.786161][T12152] __sys_socket+0x14d/0x260 [ 413.786178][T12152] ? __pfx___sys_socket+0x10/0x10 [ 413.786195][T12152] ? xfd_validate_state+0x61/0x180 [ 413.786213][T12152] ? __pfx_ksys_write+0x10/0x10 [ 413.786232][T12152] __x64_sys_socket+0x72/0xb0 [ 413.786248][T12152] ? lockdep_hardirqs_on+0x7c/0x110 [ 413.786264][T12152] do_syscall_64+0xcd/0xfa0 [ 413.786281][T12152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.786294][T12152] RIP: 0033:0x7f79adb8f7c9 [ 413.786306][T12152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 413.786319][T12152] RSP: 002b:00007f79aea25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 413.786333][T12152] RAX: ffffffffffffffda RBX: 00007f79adde5fa0 RCX: 00007f79adb8f7c9 [ 413.786342][T12152] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 413.786350][T12152] RBP: 00007f79adc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 413.786358][T12152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 413.786366][T12152] R13: 00007f79adde6038 R14: 00007f79adde5fa0 R15: 00007fff55146ee8 [ 413.786385][T12152] [ 414.924828][T12174] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 415.087750][ T30] audit: type=1800 audit(4294970671.000:12): pid=12183 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=050820 name="lu_gp_id" dev="configfs" ino=41000 res=0 errno=0 [ 419.840818][T12204] bond0: no command found in slaves file - use +ifname or -ifname [ 419.950291][T12210] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1379'. [ 420.336087][T12221] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 420.967594][ T5150] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 421.181271][T12244] netlink: zone id is out of range [ 421.186534][T12244] netlink: del zone limit has 4 unknown bytes [ 422.986514][ T5839] Bluetooth: hci4: command tx timeout [ 423.059463][T12279] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1392'. [ 423.539469][T12282] FAULT_INJECTION: forcing a failure. [ 423.539469][T12282] name failslab, interval 1, probability 0, space 0, times 0 [ 423.552352][T12282] CPU: 1 UID: 8 PID: 12282 Comm: syz.1.1394 Not tainted syzkaller #0 PREEMPT(full) [ 423.552387][T12282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 423.552404][T12282] Call Trace: [ 423.552413][T12282] [ 423.552423][T12282] dump_stack_lvl+0x16c/0x1f0 [ 423.552460][T12282] should_fail_ex+0x512/0x640 [ 423.552512][T12282] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 423.552553][T12282] should_failslab+0xc2/0x120 [ 423.552596][T12282] kmem_cache_alloc_noprof+0x75/0x6e0 [ 423.552625][T12282] ? key_alloc+0x3e0/0x1330 [ 423.552659][T12282] ? key_alloc+0x3e0/0x1330 [ 423.552686][T12282] key_alloc+0x3e0/0x1330 [ 423.552722][T12282] ? rcu_is_watching+0x12/0xc0 [ 423.552753][T12282] ? __pfx_key_alloc+0x10/0x10 [ 423.552784][T12282] ? lsm_blob_alloc+0x68/0x90 [ 423.552824][T12282] keyring_alloc+0x44/0xc0 [ 423.552858][T12282] install_thread_keyring_to_cred+0xc1/0x140 [ 423.552903][T12282] keyctl_set_reqkey_keyring+0xcf/0x1c0 [ 423.552944][T12282] __do_sys_keyctl+0x6d/0x590 [ 423.552986][T12282] do_syscall_64+0xcd/0xfa0 [ 423.553020][T12282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.553046][T12282] RIP: 0033:0x7f1ba118f7c9 [ 423.553075][T12282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.553101][T12282] RSP: 002b:00007f1ba2091038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 423.553128][T12282] RAX: ffffffffffffffda RBX: 00007f1ba13e5fa0 RCX: 00007f1ba118f7c9 [ 423.553147][T12282] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000000e [ 423.553163][T12282] RBP: 00007f1ba1213f91 R08: 0000000000000008 R09: 0000000000000000 [ 423.553179][T12282] R10: 0000000000005eaf R11: 0000000000000246 R12: 0000000000000000 [ 423.553196][T12282] R13: 00007f1ba13e6038 R14: 00007f1ba13e5fa0 R15: 00007ffde88109e8 [ 423.553233][T12282] [ 423.740369][ C1] vkms_vblank_simulate: vblank timer overrun [ 423.825917][T12282] FAULT_INJECTION: forcing a failure. [ 423.825917][T12282] name failslab, interval 1, probability 0, space 0, times 0 [ 423.838654][T12282] CPU: 1 UID: 8 PID: 12282 Comm: syz.1.1394 Not tainted syzkaller #0 PREEMPT(full) [ 423.838692][T12282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 423.838737][T12282] Call Trace: [ 423.838747][T12282] [ 423.838757][T12282] dump_stack_lvl+0x16c/0x1f0 [ 423.838796][T12282] should_fail_ex+0x512/0x640 [ 423.838836][T12282] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 423.838870][T12282] should_failslab+0xc2/0x120 [ 423.838906][T12282] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 423.838938][T12282] ? __d_alloc+0x32/0xae0 [ 423.838975][T12282] ? __d_alloc+0x32/0xae0 [ 423.839003][T12282] __d_alloc+0x32/0xae0 [ 423.839043][T12282] d_alloc_pseudo+0x1c/0xc0 [ 423.839082][T12282] alloc_file_pseudo+0xcf/0x230 [ 423.839123][T12282] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 423.839162][T12282] ? alloc_fd+0x471/0x7d0 [ 423.839196][T12282] sock_alloc_file+0x50/0x210 [ 423.839227][T12282] __sys_socket+0x1c0/0x260 [ 423.839263][T12282] ? __pfx___sys_socket+0x10/0x10 [ 423.839299][T12282] ? do_user_addr_fault+0x843/0x1370 [ 423.839332][T12282] __x64_sys_socket+0x72/0xb0 [ 423.839365][T12282] ? lockdep_hardirqs_on+0x7c/0x110 [ 423.839397][T12282] do_syscall_64+0xcd/0xfa0 [ 423.839431][T12282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.839458][T12282] RIP: 0033:0x7f1ba11916e7 [ 423.839480][T12282] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.839505][T12282] RSP: 002b:00007f1ba208ffa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 423.839531][T12282] RAX: ffffffffffffffda RBX: 00007f1ba13e5fa0 RCX: 00007f1ba11916e7 [ 423.839551][T12282] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 423.839567][T12282] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 423.839585][T12282] R10: 0000200000000180 R11: 0000000000000286 R12: 0000000000000000 [ 423.839602][T12282] R13: 00007f1ba13e6038 R14: 00007f1ba13e5fa0 R15: 00007ffde88109e8 [ 423.839640][T12282] [ 424.044641][ C1] vkms_vblank_simulate: vblank timer overrun [ 426.892457][T12328] FAULT_INJECTION: forcing a failure. [ 426.892457][T12328] name failslab, interval 1, probability 0, space 0, times 0 [ 426.920128][T12330] netlink: 330 bytes leftover after parsing attributes in process `syz.1.1406'. [ 426.948414][T12328] CPU: 1 UID: 8 PID: 12328 Comm: syz.2.1407 Not tainted syzkaller #0 PREEMPT(full) [ 426.948453][T12328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 426.948470][T12328] Call Trace: [ 426.948481][T12328] [ 426.948492][T12328] dump_stack_lvl+0x16c/0x1f0 [ 426.948530][T12328] should_fail_ex+0x512/0x640 [ 426.948571][T12328] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 426.948602][T12328] should_failslab+0xc2/0x120 [ 426.948638][T12328] kmem_cache_alloc_noprof+0x75/0x6e0 [ 426.948666][T12328] ? key_alloc+0x3e0/0x1330 [ 426.948700][T12328] ? key_alloc+0x3e0/0x1330 [ 426.948726][T12328] key_alloc+0x3e0/0x1330 [ 426.948762][T12328] ? rcu_is_watching+0x12/0xc0 [ 426.948792][T12328] ? __pfx_key_alloc+0x10/0x10 [ 426.948825][T12328] ? lsm_blob_alloc+0x68/0x90 [ 426.948866][T12328] keyring_alloc+0x44/0xc0 [ 426.948902][T12328] install_thread_keyring_to_cred+0xc1/0x140 [ 426.948949][T12328] keyctl_set_reqkey_keyring+0xcf/0x1c0 [ 426.948991][T12328] __do_sys_keyctl+0x6d/0x590 [ 426.949031][T12328] do_syscall_64+0xcd/0xfa0 [ 426.949067][T12328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 426.949094][T12328] RIP: 0033:0x7f2e0978f7c9 [ 426.949115][T12328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 426.949141][T12328] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 426.949167][T12328] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 426.949186][T12328] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000000e [ 426.949201][T12328] RBP: 00007f2e09813f91 R08: 0000000000000008 R09: 0000000000000000 [ 426.949218][T12328] R10: 0000000000005eaf R11: 0000000000000246 R12: 0000000000000000 [ 426.949235][T12328] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 426.949273][T12328] [ 427.142204][ C1] vkms_vblank_simulate: vblank timer overrun [ 427.244980][T12330] –õ\­: renamed from lo (while UP) [ 427.544428][T12328] FAULT_INJECTION: forcing a failure. [ 427.544428][T12328] name failslab, interval 1, probability 0, space 0, times 0 [ 427.598764][T12328] CPU: 1 UID: 8 PID: 12328 Comm: syz.2.1407 Not tainted syzkaller #0 PREEMPT(full) [ 427.598804][T12328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 427.598820][T12328] Call Trace: [ 427.598829][T12328] [ 427.598839][T12328] dump_stack_lvl+0x16c/0x1f0 [ 427.598875][T12328] should_fail_ex+0x512/0x640 [ 427.598916][T12328] ? __kmalloc_noprof+0xca/0x880 [ 427.598945][T12328] should_failslab+0xc2/0x120 [ 427.598980][T12328] __kmalloc_noprof+0xdd/0x880 [ 427.599008][T12328] ? sk_prot_alloc+0x1a8/0x2a0 [ 427.599047][T12328] ? sk_prot_alloc+0x1a8/0x2a0 [ 427.599076][T12328] sk_prot_alloc+0x1a8/0x2a0 [ 427.599112][T12328] sk_alloc+0x36/0xc20 [ 427.599155][T12328] __netlink_create+0x5e/0x2c0 [ 427.599191][T12328] ? __wake_up+0x3f/0x60 [ 427.599223][T12328] netlink_create+0x39e/0x620 [ 427.599246][T12328] ? __pfx_genl_bind+0x10/0x10 [ 427.599273][T12328] ? __pfx_genl_unbind+0x10/0x10 [ 427.599302][T12328] ? __pfx_genl_release+0x10/0x10 [ 427.599336][T12328] __sock_create+0x338/0x8d0 [ 427.599377][T12328] __sys_socket+0x14d/0x260 [ 427.599412][T12328] ? __pfx___sys_socket+0x10/0x10 [ 427.599449][T12328] ? do_user_addr_fault+0x843/0x1370 [ 427.599480][T12328] __x64_sys_socket+0x72/0xb0 [ 427.599513][T12328] ? lockdep_hardirqs_on+0x7c/0x110 [ 427.599544][T12328] do_syscall_64+0xcd/0xfa0 [ 427.599579][T12328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.599607][T12328] RIP: 0033:0x7f2e097916e7 [ 427.599629][T12328] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.599655][T12328] RSP: 002b:00007f2e0a694fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 427.599680][T12328] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e097916e7 [ 427.599699][T12328] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 427.599715][T12328] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 427.599738][T12328] R10: 0000200000000180 R11: 0000000000000286 R12: 0000000000000000 [ 427.599756][T12328] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 427.599795][T12328] [ 427.818991][ C1] vkms_vblank_simulate: vblank timer overrun [ 427.897980][ T3489] bridge_slave_1: left allmulticast mode [ 427.903774][ T3489] bridge_slave_1: left promiscuous mode [ 427.919102][ T3489] bridge0: port 2(bridge_slave_1) entered disabled state [ 427.929542][ T3489] bridge_slave_0: left allmulticast mode [ 427.935219][ T3489] bridge_slave_0: left promiscuous mode [ 428.159353][ T3489] bridge0: port 1(bridge_slave_0) entered disabled state [ 428.479616][T12353] FAULT_INJECTION: forcing a failure. [ 428.479616][T12353] name failslab, interval 1, probability 0, space 0, times 0 [ 428.509775][T12353] CPU: 0 UID: 0 PID: 12353 Comm: syz.6.1412 Not tainted syzkaller #0 PREEMPT(full) [ 428.509814][T12353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 428.509831][T12353] Call Trace: [ 428.509840][T12353] [ 428.509850][T12353] dump_stack_lvl+0x16c/0x1f0 [ 428.509887][T12353] should_fail_ex+0x512/0x640 [ 428.509926][T12353] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 428.509958][T12353] should_failslab+0xc2/0x120 [ 428.509993][T12353] kmem_cache_alloc_noprof+0x75/0x6e0 [ 428.510021][T12353] ? mpol_new+0x11b/0x2d0 [ 428.510057][T12353] ? mpol_new+0x11b/0x2d0 [ 428.510085][T12353] mpol_new+0x11b/0x2d0 [ 428.510117][T12353] do_set_mempolicy+0x83/0x480 [ 428.510149][T12353] ? __pfx_do_set_mempolicy+0x10/0x10 [ 428.510186][T12353] ? __x64_sys_futex+0x1e0/0x4c0 [ 428.510226][T12353] kernel_set_mempolicy+0x1c4/0x1e0 [ 428.510261][T12353] ? __pfx_kernel_set_mempolicy+0x10/0x10 [ 428.510306][T12353] do_syscall_64+0xcd/0xfa0 [ 428.510351][T12353] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.510380][T12353] RIP: 0033:0x7f7bd538f7c9 [ 428.510400][T12353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 428.510426][T12353] RSP: 002b:00007f7bd61c1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ee [ 428.510452][T12353] RAX: ffffffffffffffda RBX: 00007f7bd55e6090 RCX: 00007f7bd538f7c9 [ 428.510470][T12353] RDX: 0000000000000007 RSI: 0000200000000000 RDI: 0000000000004006 [ 428.510486][T12353] RBP: 00007f7bd5413f91 R08: 0000000000000000 R09: 0000000000000000 [ 428.510502][T12353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 428.510518][T12353] R13: 00007f7bd55e6128 R14: 00007f7bd55e6090 R15: 00007ffe05d9b0b8 [ 428.510554][T12353] [ 430.927144][ T3489] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 431.006650][ T3489] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 431.020068][ T3489] bond0 (unregistering): Released all slaves [ 432.544512][ T3489] hsr_slave_0: left promiscuous mode [ 432.583372][ T3489] hsr_slave_1: left promiscuous mode [ 432.626577][T12413] FAULT_INJECTION: forcing a failure. [ 432.626577][T12413] name failslab, interval 1, probability 0, space 0, times 0 [ 432.639461][T12413] CPU: 1 UID: 0 PID: 12413 Comm: syz.2.1426 Not tainted syzkaller #0 PREEMPT(full) [ 432.639494][T12413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 432.639509][T12413] Call Trace: [ 432.639517][T12413] [ 432.639527][T12413] dump_stack_lvl+0x16c/0x1f0 [ 432.639562][T12413] should_fail_ex+0x512/0x640 [ 432.639598][T12413] ? __kmalloc_noprof+0xca/0x880 [ 432.639626][T12413] should_failslab+0xc2/0x120 [ 432.639659][T12413] __kmalloc_noprof+0xdd/0x880 [ 432.639680][T12413] ? __asan_memcpy+0x3c/0x60 [ 432.639706][T12413] ? __alloc_workqueue+0x112/0x1810 [ 432.639743][T12413] ? __alloc_workqueue+0x112/0x1810 [ 432.639772][T12413] __alloc_workqueue+0x112/0x1810 [ 432.639803][T12413] ? __pfx_vsnprintf+0x10/0x10 [ 432.639831][T12413] ? lockdep_hardirqs_on+0x7c/0x110 [ 432.639860][T12413] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 432.639893][T12413] alloc_workqueue_noprof+0xd2/0x200 [ 432.639926][T12413] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 432.639968][T12413] ? __pfx___debug_object_init+0x10/0x10 [ 432.640008][T12413] nci_register_device+0x21e/0xb80 [ 432.640036][T12413] ? __pfx_nci_register_device+0x10/0x10 [ 432.640066][T12413] ? lockdep_init_map_type+0x5c/0x280 [ 432.640108][T12413] virtual_ncidev_open+0x141/0x220 [ 432.640138][T12413] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 432.640165][T12413] misc_open+0x26d/0x450 [ 432.640201][T12413] ? __pfx_misc_open+0x10/0x10 [ 432.640235][T12413] chrdev_open+0x234/0x6a0 [ 432.640264][T12413] ? __pfx_apparmor_file_open+0x10/0x10 [ 432.640301][T12413] ? __pfx_chrdev_open+0x10/0x10 [ 432.640338][T12413] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 432.640374][T12413] do_dentry_open+0x982/0x1530 [ 432.640404][T12413] ? __pfx_chrdev_open+0x10/0x10 [ 432.640441][T12413] vfs_open+0x82/0x3f0 [ 432.640479][T12413] path_openat+0x1de4/0x2cb0 [ 432.640520][T12413] ? __pfx_path_openat+0x10/0x10 [ 432.640550][T12413] ? __lock_acquire+0xb8a/0x1c90 [ 432.640586][T12413] do_filp_open+0x20b/0x470 [ 432.640615][T12413] ? __pfx_do_filp_open+0x10/0x10 [ 432.640668][T12413] ? alloc_fd+0x471/0x7d0 [ 432.640704][T12413] do_sys_openat2+0x11b/0x1d0 [ 432.640739][T12413] ? __pfx_do_sys_openat2+0x10/0x10 [ 432.640788][T12413] __x64_sys_openat+0x174/0x210 [ 432.640824][T12413] ? __pfx___x64_sys_openat+0x10/0x10 [ 432.640874][T12413] do_syscall_64+0xcd/0xfa0 [ 432.640907][T12413] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.640933][T12413] RIP: 0033:0x7f2e0978f7c9 [ 432.640953][T12413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.640977][T12413] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 432.641001][T12413] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 432.641018][T12413] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 432.641033][T12413] RBP: 00007f2e09813f91 R08: 0000000000000000 R09: 0000000000000000 [ 432.641049][T12413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.641064][T12413] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 432.641101][T12413] [ 432.946586][ C1] vkms_vblank_simulate: vblank timer overrun [ 432.972384][ T3489] veth1_macvtap: left promiscuous mode [ 432.978003][ T3489] veth0_macvtap: left promiscuous mode [ 432.983733][ T3489] veth1_vlan: left promiscuous mode [ 432.989066][ T3489] veth0_vlan: left promiscuous mode [ 434.074061][T12429] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1428'. [ 434.093953][T12425] can: request_module (can-proto-3) failed. [ 434.162760][T12425] netlink: 146 bytes leftover after parsing attributes in process `syz.5.1428'. [ 434.618655][ T3489] team0 (unregistering): Port device team_slave_1 removed [ 434.723314][ T3489] team0 (unregistering): Port device team_slave_0 removed [ 437.662020][ T30] audit: type=1800 audit(4294970693.589:13): pid=12491 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=050820 name="lu_gp_id" dev="configfs" ino=42511 res=0 errno=0 [ 438.592421][T12515] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1451'. [ 438.897782][T12521] netlink: 252 bytes leftover after parsing attributes in process `syz.6.1460'. [ 439.909028][T12546] binder: 12545:12546 ioctl 4018620d 9 returned -22 [ 440.054563][T12554] binder: 12551:12554 ioctl c018620c 0 returned -22 [ 440.199049][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.205422][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.008346][T12566] random: crng reseeded on system resumption [ 442.635822][T12603] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1473'. [ 443.371918][T12615] netlink: 62 bytes leftover after parsing attributes in process `syz.2.1476'. [ 446.561484][T12674] random: crng reseeded on system resumption [ 448.280693][T12708] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 449.697569][T12742] FAULT_INJECTION: forcing a failure. [ 449.697569][T12742] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 449.879566][T12742] CPU: 0 UID: 0 PID: 12742 Comm: syz.2.1513 Not tainted syzkaller #0 PREEMPT(full) [ 449.879602][T12742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 449.879616][T12742] Call Trace: [ 449.879624][T12742] [ 449.879634][T12742] dump_stack_lvl+0x16c/0x1f0 [ 449.879678][T12742] should_fail_ex+0x512/0x640 [ 449.879721][T12742] _copy_from_user+0x2e/0xd0 [ 449.879756][T12742] ucma_write+0x128/0x330 [ 449.879788][T12742] ? __pfx_ucma_write+0x10/0x10 [ 449.879818][T12742] ? bpf_lsm_file_permission+0x9/0x10 [ 449.879846][T12742] ? security_file_permission+0x71/0x210 [ 449.879873][T12742] ? rw_verify_area+0xcf/0x6c0 [ 449.879898][T12742] ? __pfx_ucma_write+0x10/0x10 [ 449.879928][T12742] vfs_write+0x2a0/0x11d0 [ 449.879962][T12742] ? __pfx_vfs_write+0x10/0x10 [ 449.879986][T12742] ? find_held_lock+0x2b/0x80 [ 449.880012][T12742] ? __fget_files+0x204/0x3c0 [ 449.880043][T12742] ? __fget_files+0x20e/0x3c0 [ 449.880077][T12742] ksys_write+0x1f8/0x250 [ 449.880112][T12742] ? __pfx_ksys_write+0x10/0x10 [ 449.880149][T12742] do_syscall_64+0xcd/0xfa0 [ 449.880181][T12742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.880207][T12742] RIP: 0033:0x7f2e0978f7c9 [ 449.880227][T12742] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.880251][T12742] RSP: 002b:00007f2e0a696038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 449.880276][T12742] RAX: ffffffffffffffda RBX: 00007f2e099e5fa0 RCX: 00007f2e0978f7c9 [ 449.880293][T12742] RDX: 00000000000000c3 RSI: 0000000000000000 RDI: 0000000000000003 [ 449.880308][T12742] RBP: 00007f2e0a696090 R08: 0000000000000000 R09: 0000000000000000 [ 449.880323][T12742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 449.880338][T12742] R13: 00007f2e099e6038 R14: 00007f2e099e5fa0 R15: 00007ffc1a5a95e8 [ 449.880374][T12742] [ 450.067485][ C0] vkms_vblank_simulate: vblank timer overrun [ 450.801649][T12763] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1518'. [ 451.113009][T12763] team0: Port device team_slave_1 removed [ 453.486517][T12802] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 453.669571][T12800] ================================================================== [ 453.669594][T12800] BUG: KASAN: use-after-free in fbcon_prepare_logo+0xa03/0xc70 [ 453.669650][T12800] Read of size 256 at addr ffff888039aea3c0 by task syz.5.1527/12800 [ 453.669676][T12800] [ 453.669688][T12800] CPU: 0 UID: 0 PID: 12800 Comm: syz.5.1527 Not tainted syzkaller #0 PREEMPT(full) [ 453.669720][T12800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 453.669737][T12800] Call Trace: [ 453.669746][T12800] [ 453.669756][T12800] dump_stack_lvl+0x116/0x1f0 [ 453.669790][T12800] print_report+0xcd/0x630 [ 453.669823][T12800] ? __virt_addr_valid+0x81/0x610 [ 453.669856][T12800] ? __phys_addr+0xe8/0x180 [ 453.669890][T12800] ? fbcon_prepare_logo+0xa03/0xc70 [ 453.669925][T12800] kasan_report+0xe0/0x110 [ 453.669960][T12800] ? fbcon_prepare_logo+0xa03/0xc70 [ 453.670000][T12800] kasan_check_range+0x100/0x1b0 [ 453.670038][T12800] __asan_memcpy+0x23/0x60 [ 453.670066][T12800] fbcon_prepare_logo+0xa03/0xc70 [ 453.670113][T12800] fbcon_init+0xd77/0x1900 [ 453.670150][T12800] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 453.670191][T12800] visual_init+0x320/0x620 [ 453.670231][T12800] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 453.670263][T12800] store_bind+0x61d/0x760 [ 453.670291][T12800] ? sysfs_file_kobj+0xe4/0x290 [ 453.670320][T12800] ? __pfx_store_bind+0x10/0x10 [ 453.670346][T12800] dev_attr_store+0x58/0x80 [ 453.670382][T12800] ? __pfx_dev_attr_store+0x10/0x10 [ 453.670416][T12800] sysfs_kf_write+0xf2/0x150 [ 453.670444][T12800] kernfs_fop_write_iter+0x3af/0x570 [ 453.670469][T12800] ? __pfx_sysfs_kf_write+0x10/0x10 [ 453.670500][T12800] iter_file_splice_write+0xa24/0x12e0 [ 453.670539][T12800] ? __pfx_iter_file_splice_write+0x10/0x10 [ 453.670570][T12800] ? __pfx_copy_splice_read+0x10/0x10 [ 453.670612][T12800] ? __pfx_iter_file_splice_write+0x10/0x10 [ 453.670642][T12800] direct_splice_actor+0x192/0x6c0 [ 453.670671][T12800] splice_direct_to_actor+0x345/0xa30 [ 453.670700][T12800] ? __pfx_direct_splice_actor+0x10/0x10 [ 453.670733][T12800] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 453.670767][T12800] do_splice_direct+0x174/0x240 [ 453.670793][T12800] ? __pfx_do_splice_direct+0x10/0x10 [ 453.670820][T12800] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 453.670864][T12800] ? rw_verify_area+0xcf/0x6c0 [ 453.670891][T12800] do_sendfile+0xb06/0xe50 [ 453.670921][T12800] ? __pfx_do_sendfile+0x10/0x10 [ 453.670951][T12800] ? __x64_sys_futex+0x1e0/0x4c0 [ 453.670986][T12800] ? __x64_sys_futex+0x1e9/0x4c0 [ 453.671022][T12800] __x64_sys_sendfile64+0x1d8/0x220 [ 453.671057][T12800] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 453.671096][T12800] do_syscall_64+0xcd/0xfa0 [ 453.671129][T12800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.671157][T12800] RIP: 0033:0x7f79adb8f7c9 [ 453.671179][T12800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 453.671205][T12800] RSP: 002b:00007f79aea04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 453.671230][T12800] RAX: ffffffffffffffda RBX: 00007f79adde6090 RCX: 00007f79adb8f7c9 [ 453.671249][T12800] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004 [ 453.671266][T12800] RBP: 00007f79adc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 453.671282][T12800] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 453.671299][T12800] R13: 00007f79adde6128 R14: 00007f79adde6090 R15: 00007fff55146ee8 [ 453.671327][T12800] [ 453.671336][T12800] [ 453.671343][T12800] The buggy address belongs to the physical page: [ 453.671361][T12800] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x39aea [ 453.671387][T12800] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 453.671421][T12800] raw: 00fff00000000000 0000000000000000 ffffea0000e6ba90 0000000000000000 [ 453.671445][T12800] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 453.671460][T12800] page dumped because: kasan: bad access detected [ 453.671472][T12800] page_owner tracks the page as freed [ 453.671480][T12800] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 12287, tgid 12284 (syz.2.1396), ts 424607568590, free_ts 437966426893 [ 453.671531][T12800] post_alloc_hook+0x1af/0x220 [ 453.671570][T12800] get_page_from_freelist+0x10a3/0x3a30 [ 453.671594][T12800] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 453.671622][T12800] alloc_pages_mpol+0x1fb/0x550 [ 453.671652][T12800] new_slab+0x24a/0x360 [ 453.671682][T12800] ___slab_alloc+0xd79/0x1a50 [ 453.671711][T12800] __slab_alloc.constprop.0+0x63/0x110 [ 453.671741][T12800] kmem_cache_alloc_node_noprof+0x43c/0x770 [ 453.671762][T12800] kmalloc_reserve+0x18b/0x2c0 [ 453.671797][T12800] __alloc_skb+0x166/0x380 [ 453.671833][T12800] __pskb_copy_fclone+0xef/0xb50 [ 453.671860][T12800] tipc_sk_mcast_rcv+0x52d/0xfa0 [ 453.671884][T12800] tipc_mcast_xmit+0x711/0xfe0 [ 453.671921][T12800] tipc_send_group_bcast+0x803/0xa50 [ 453.671953][T12800] __tipc_sendmsg+0x4ab/0x19a0 [ 453.671974][T12800] tipc_sendmsg+0x4f/0x70 [ 453.671995][T12800] page last free pid 7407 tgid 7407 stack trace: [ 453.672010][T12800] __free_frozen_pages+0x7df/0x1160 [ 453.672044][T12800] qlist_free_all+0x4d/0x120 [ 453.672070][T12800] kasan_quarantine_reduce+0x195/0x1e0 [ 453.672098][T12800] __kasan_slab_alloc+0x69/0x90 [ 453.672127][T12800] kmem_cache_alloc_node_noprof+0x28a/0x770 [ 453.672153][T12800] __alloc_skb+0x2b2/0x380 [ 453.672187][T12800] inet_netconf_notify_devconf+0x8b/0x1f0 [ 453.672219][T12800] inetdev_event+0xed5/0x18a0 [ 453.672248][T12800] notifier_call_chain+0xbc/0x410 [ 453.672280][T12800] call_netdevice_notifiers_info+0xbe/0x140 [ 453.672311][T12800] unregister_netdevice_many_notify+0xf5c/0x25c0 [ 453.672341][T12800] ops_undo_list+0x8fc/0xab0 [ 453.672363][T12800] cleanup_net+0x41b/0x8b0 [ 453.672389][T12800] process_one_work+0x9cf/0x1b70 [ 453.672423][T12800] worker_thread+0x6c8/0xf10 [ 453.672443][T12800] kthread+0x3c5/0x780 [ 453.672476][T12800] [ 453.672481][T12800] Memory state around the buggy address: [ 453.672495][T12800] ffff888039aea280: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 453.672515][T12800] ffff888039aea300: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 453.672533][T12800] >ffff888039aea380: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 453.672548][T12800] ^ [ 453.672562][T12800] ffff888039aea400: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 453.672581][T12800] ffff888039aea480: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 453.672595][T12800] ================================================================== [ 453.741745][T12800] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 453.741770][T12800] CPU: 1 UID: 0 PID: 12800 Comm: syz.5.1527 Not tainted syzkaller #0 PREEMPT(full) [ 453.741804][T12800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 453.741822][T12800] Call Trace: [ 453.741832][T12800] [ 453.741843][T12800] dump_stack_lvl+0x3d/0x1f0 [ 453.741876][T12800] vpanic+0x640/0x6f0 [ 453.741912][T12800] panic+0xca/0xd0 [ 453.741948][T12800] ? __pfx_panic+0x10/0x10 [ 453.741980][T12800] ? fbcon_prepare_logo+0xa03/0xc70 [ 453.742018][T12800] ? preempt_schedule_common+0x44/0xc0 [ 453.742049][T12800] ? preempt_schedule_thunk+0x16/0x30 [ 453.742093][T12800] check_panic_on_warn+0xab/0xb0 [ 453.742132][T12800] end_report+0x107/0x170 [ 453.742164][T12800] kasan_report+0xee/0x110 [ 453.742199][T12800] ? fbcon_prepare_logo+0xa03/0xc70 [ 453.742242][T12800] kasan_check_range+0x100/0x1b0 [ 453.742281][T12800] __asan_memcpy+0x23/0x60 [ 453.742307][T12800] fbcon_prepare_logo+0xa03/0xc70 [ 453.742360][T12800] fbcon_init+0xd77/0x1900 [ 453.742398][T12800] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 453.742438][T12800] visual_init+0x320/0x620 [ 453.742477][T12800] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 453.742512][T12800] store_bind+0x61d/0x760 [ 453.742540][T12800] ? sysfs_file_kobj+0xe4/0x290 [ 453.742570][T12800] ? __pfx_store_bind+0x10/0x10 [ 453.742594][T12800] dev_attr_store+0x58/0x80 [ 453.742630][T12800] ? __pfx_dev_attr_store+0x10/0x10 [ 453.742666][T12800] sysfs_kf_write+0xf2/0x150 [ 453.742696][T12800] kernfs_fop_write_iter+0x3af/0x570 [ 453.742721][T12800] ? __pfx_sysfs_kf_write+0x10/0x10 [ 453.742752][T12800] iter_file_splice_write+0xa24/0x12e0 [ 453.742792][T12800] ? __pfx_iter_file_splice_write+0x10/0x10 [ 453.742822][T12800] ? __pfx_copy_splice_read+0x10/0x10 [ 453.742856][T12800] ? __pfx_iter_file_splice_write+0x10/0x10 [ 453.742886][T12800] direct_splice_actor+0x192/0x6c0 [ 453.742915][T12800] splice_direct_to_actor+0x345/0xa30 [ 453.742943][T12800] ? __pfx_direct_splice_actor+0x10/0x10 [ 453.742974][T12800] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 453.743006][T12800] do_splice_direct+0x174/0x240 [ 453.743033][T12800] ? __pfx_do_splice_direct+0x10/0x10 [ 453.743060][T12800] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 453.743104][T12800] ? rw_verify_area+0xcf/0x6c0 [ 453.743132][T12800] do_sendfile+0xb06/0xe50 [ 453.743162][T12800] ? __pfx_do_sendfile+0x10/0x10 [ 453.743193][T12800] ? __x64_sys_futex+0x1e0/0x4c0 [ 453.743226][T12800] ? __x64_sys_futex+0x1e9/0x4c0 [ 453.743263][T12800] __x64_sys_sendfile64+0x1d8/0x220 [ 453.743298][T12800] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 453.743337][T12800] do_syscall_64+0xcd/0xfa0 [ 453.743377][T12800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.743405][T12800] RIP: 0033:0x7f79adb8f7c9 [ 453.743427][T12800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 453.743455][T12800] RSP: 002b:00007f79aea04038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 453.743481][T12800] RAX: ffffffffffffffda RBX: 00007f79adde6090 RCX: 00007f79adb8f7c9 [ 453.743501][T12800] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000004 [ 453.743517][T12800] RBP: 00007f79adc13f91 R08: 0000000000000000 R09: 0000000000000000 [ 453.743534][T12800] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 453.743551][T12800] R13: 00007f79adde6128 R14: 00007f79adde6090 R15: 00007fff55146ee8 [ 453.743580][T12800] [ 453.743912][T12800] Kernel Offset: disabled