last executing test programs: 30.646680938s ago: executing program 1 (id=3680): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x8, 0xffffffff) madvise$auto(0x0, 0x2003f0, 0x15) 29.908130856s ago: executing program 1 (id=3685): rt_sigqueueinfo$auto(0x0, 0x8, &(0x7f0000000240)={@_si_pad}) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) kexec_load$auto(0x0, 0x4, 0x0, 0x1) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x601, 0x0) 29.769435163s ago: executing program 1 (id=3687): mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) symlink$auto(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file0\x00') creat$auto(&(0x7f0000000680)='./file0\x00', 0x3) mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto_BLKPG2(0xffffffffffffffff, 0x1269, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) read$auto(r1, 0x0, 0x20) close_range$auto(0x0, r1, 0x4000000000002) socket(0x2, 0x801, 0x106) socketpair$auto(0x1a, 0x9, 0x8000000000000000, 0x0) r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0) ioctl$auto_BLKPG2(r2, 0x1269, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop1\x00', 0x80600, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0\x00', 0x2080, 0x0) ioctl$auto_BLKIOMIN(r3, 0x1278, 0x1000000000000) 29.53086506s ago: executing program 1 (id=3688): mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) symlink$auto(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file0\x00') creat$auto(&(0x7f0000000680)='./file0\x00', 0x3) mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x1902, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) read$auto(r1, 0x0, 0x20) close_range$auto(0x0, r1, 0x4000000000002) socket(0x2, 0x801, 0x106) socketpair$auto(0x1a, 0x9, 0x8000000000000000, 0x0) r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0) ioctl$auto_BLKPG2(r2, 0x1269, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop1\x00', 0x80600, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0\x00', 0x2080, 0x0) ioctl$auto_BLKIOMIN(r3, 0x1278, 0x1000000000000) 28.686453686s ago: executing program 1 (id=3690): mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) symlink$auto(&(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000240)='./file0\x00') creat$auto(&(0x7f0000000680)='./file0\x00', 0x3) mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x1902, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) read$auto(r1, 0x0, 0x20) close_range$auto(0x0, r1, 0x4000000000002) socket(0x2, 0x801, 0x106) socketpair$auto(0x1a, 0x9, 0x8000000000000000, 0x0) r2 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0) ioctl$auto_BLKPG2(r2, 0x1269, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop1\x00', 0x80600, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0\x00', 0x2080, 0x0) ioctl$auto_BLKIOMIN(r3, 0x1278, 0x1000000000000) 28.134001688s ago: executing program 1 (id=3693): mmap$auto(0x0, 0x800000004, 0x4000000000df, 0x40eb5, 0x4, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1e2142, 0x0) (async) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r0, &(0x7f0000000100)="1100"/17, 0x11) r1 = socket(0x3, 0x0, 0xc59) (async) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x1aa, &(0x7f0000000100)={&(0x7f00000003c0)="4a67d23edb3100000000000000000075210d2de44406c2"}, 0x5, &(0x7f0000000200)="7ed46e021f59dbf023a03f51b0a8880dd6c29f023795a894081fcf1735b038c7856e4483e61984c4148711cd3169248a30fa78aabfe901fc29841b74119bc276032be89d71e893b2a15ab7cb52da17f36dee0b8b2f1e2a8b2db82d647b551434c0cd625861ca5930ebcb3b4f9b53fa8462a0cb403b06ed2f7916b674867a8268d8e63347ee5fa8c800d1c2e5cdb058354bdcd2f87b9570ed4b7d7471ab1d3d247cbaa503762d9ff95d557e601a5302e12b5ec0e9ecfb77a40357a4a82b57efb553680cfe00647965f55af3a7a581b65f", 0x5}, 0x1}, 0x2, 0xfe) 13.126402519s ago: executing program 32 (id=3693): mmap$auto(0x0, 0x800000004, 0x4000000000df, 0x40eb5, 0x4, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1e2142, 0x0) (async) r0 = openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x1c1041, 0x0) write$auto_fuse_dev_operations_fuse_i(r0, &(0x7f0000000100)="1100"/17, 0x11) r1 = socket(0x3, 0x0, 0xc59) (async) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x1aa, &(0x7f0000000100)={&(0x7f00000003c0)="4a67d23edb3100000000000000000075210d2de44406c2"}, 0x5, &(0x7f0000000200)="7ed46e021f59dbf023a03f51b0a8880dd6c29f023795a894081fcf1735b038c7856e4483e61984c4148711cd3169248a30fa78aabfe901fc29841b74119bc276032be89d71e893b2a15ab7cb52da17f36dee0b8b2f1e2a8b2db82d647b551434c0cd625861ca5930ebcb3b4f9b53fa8462a0cb403b06ed2f7916b674867a8268d8e63347ee5fa8c800d1c2e5cdb058354bdcd2f87b9570ed4b7d7471ab1d3d247cbaa503762d9ff95d557e601a5302e12b5ec0e9ecfb77a40357a4a82b57efb553680cfe00647965f55af3a7a581b65f", 0x5}, 0x1}, 0x2, 0xfe) 8.477643718s ago: executing program 3 (id=3777): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = socket(0x10, 0x2, 0x6) r4 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_SET_MAX_CSMA_BACKOFFS(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x28, r4, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@NL802154_ATTR_COORDINATOR={0x14, 0x1e, 0x0, 0x1, [@nested={0x10, 0x122, 0x0, 0x1, [@nested={0x8, 0x46, 0x0, 0x1, [@nested={0x4, 0xf7}]}, @nested={0x4, 0x10}]}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20008000}, 0x8044) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x5014c0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001180)='/dev/input/mice\x00', 0x1a1382, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="2ad2", 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x20, r6, 0x1, 0x70bd2b, 0x25dfdbfa, {}, [@HWSIM_ATTR_PERM_ADDR={0xa, 0x16, "916c4a755364"}]}, 0x20}}, 0x4044820) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcsu\x00', 0x108002, 0x0) r7 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r7, 0x0, 0x0) ioctl$auto_NVRAM_INIT(r7, 0x7040, 0x0) r8 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0880, 0x0) read$auto(r8, &(0x7f0000000040)='/proc/self/net/icmp\x00', 0x80000001) write$auto_proc_mem_operations_base(0xffffffffffffffff, 0x0, 0x0) prctl$auto(0x43, 0x0, 0xffffffffffffffff, 0x0, 0x0) futex$auto(0x0, 0x5, 0x9, 0x0, 0x0, 0xffff7fff) 7.566997359s ago: executing program 0 (id=3778): fanotify_init$auto(0x2000800, 0x10000004) mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/bus/pci/resource_alignment\x00', 0x8ea182, 0x0) ioctl$auto_KVM_CHECK_EXTENSION(0xffffffffffffffff, 0xae03, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) acct$auto(0x0) mmap$auto(0x1, 0x9, 0x81, 0x80000011, 0xffffffffffffffff, 0xfbfffffffffffff7) mremap$auto(0x2def5897, 0x5, 0xd2fd, 0x6, 0x1) socket(0x2, 0xa, 0xe57a) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x240000, 0x0) ioctl$auto(r0, 0x12000008, 0xfffffffffffff4e0) write$auto(0x3, 0x0, 0xfffffdef) 7.100467585s ago: executing program 3 (id=3780): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sda\x00', 0x1cf602, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x1, 0x0) ioctl$auto_SNDCTL_SYNTH_INFO(r0, 0xc08c5102, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/zram-control/hot_remove\x00', 0x8001, 0x0) ioctl$auto_BLKGETSIZE64(r1, 0x80081272, &(0x7f0000000100)=0x17b0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv6/conf/wg0/accept_dad\x00', 0xd00, 0x0) sendfile$auto(r2, r3, 0x0, 0x800048) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) timer_create$auto(0x0, 0x0, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, 0x0, 0x0) mmap$auto(0x6, 0x4, 0x4000000000dd, 0x40eb1, r4, 0x300000000000) sendmsg$auto_IOAM6_CMD_DEL_NAMESPACE(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000004}, 0x4) r5 = open(0x0, 0x14101, 0x7) open_by_handle_at$auto(r5, 0x0, 0xffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0x3000000000010, r3, 0x4) prctl$auto_PR_PAC_RESET_KEYS(0x36, 0x0, 0xffffffffffffffff, 0x9, 0x7) write$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0xfa3, 0x0) modify_ldt$auto(0x1, 0x0, 0x10) modify_ldt$auto(0x1, 0x0, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0x10011, 0xfffffffffffffffa, 0x8000) msgrcv$auto(0xff, 0x0, 0x2400000000, 0x6, 0x6bc2cc7d) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(0x3, 0x0, 0x7ffffdef) write$auto(0x3, 0x0, 0xfffffdef) 4.312342961s ago: executing program 0 (id=3783): madvise$auto(0x4000000, 0xffffffffffff0085, 0x1004) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder1\x00', 0x0, 0x0) dup$auto(r0) socket(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_taskstats(&(0x7f0000000140), 0xffffffffffffffff) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) r1 = clone$auto(0x6db, 0x9, 0x0, 0x0, 0x6) migrate_pages$auto(r1, 0x4, 0x0, &(0x7f0000000180)=0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB=':\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="251729bd7000fcdbc725010000000c0006000400000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x1000}, 0x64810) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x101, 0xffffffffffffffff, 0x3, 0x62, 0x5, 0x7, 0x6d3f, 0x8, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r4, &(0x7f0000000080)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0xa73, 0xd, 0x801, 0x958b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x40008000001f, 0x7, 0x6d3e, 0x6, 0x2, 0x10000]}, 0x0) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0) sysfs$auto(0x2, 0x23, 0x0) r5 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r5, 0x0, 0x4) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) rt_sigaction$auto(0xfffffffe, 0xfffffffffffffffd, 0xfffffffffffffffc, 0xc) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 3.771253652s ago: executing program 3 (id=3784): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) memfd_secret$auto(0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x1a, 0x1, 0x0) epoll_create$auto(0x9) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) keyctl$auto(0x11, 0xfffffffffffffffa, 0x0, 0x4, 0x3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) listmount$auto(&(0x7f0000000100)={0x9, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) socket(0x2b, 0x1, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) msgrcv$auto(0xffff8001, 0x0, 0xff9, 0xfff, 0xb4) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="4c91f2c388274610e12c861bb2bfd9800e9b394b", 0x14) msgsnd$auto(0x0, &(0x7f0000000000)={0x40, 0x5}, 0x8, 0x9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r2, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r3 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) pwrite64$auto(r3, 0x0, 0x400000, 0xc) 3.550486494s ago: executing program 2 (id=3785): unshare$auto(0x40000080) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/controlC2\x00', 0x0, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x5) r1 = fcntl$auto(0x3, 0x4, 0xa553) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0xa, 0x2, 0x3a) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r6 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x2, 0x200c) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f00000001c0)=ANY=[@ANYRES64=r2, @ANYRESHEX=r4, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x4851}, 0x8801) r7 = socket(0xa, 0x2, 0x73) r8 = openat$auto_dvb_dvr_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0) read$auto_dvb_dvr_fops_dmxdev(r8, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYRESOCT=r6, @ANYRES8=0x0, @ANYRESHEX, @ANYRES32=r7], 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x48080) syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000100), r5) close_range$auto(0x2, 0x8, 0x0) write$auto(r6, 0x0, 0xfdef) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000400)={{@inferred, 0x7, 0x800, 0x1, "4941aa833f2fc65b6b3cf7eec76d6778ad8eac3cda2ce09c2b2d4300710100c8dd3500f11581916caa0d3057", @raw=0x8}, 0x8, 0xfffffff9, 0x1, @inferred, @reserved="508b3b56ef830b4adcd085f323c7b98fd819058807ee7ba1092bd17589d7404887082d9b28b4d97b82ef788ecc2370ca89f647b4032aac562a8bf1967eef491321a57c26b019329351175990a247cd65bc7d2c86a9db6d32f032df2c225bdc30ed8e8f784bfdb86478f58ff8f0d576255991e178c3c37bc6d720237029a4bc34", "6cc1888a6393f1b4285854c5368de438f8cc142ef6df1259b05ba1183bedbd31b642b4051bc7955610c61c329794e5311121c760cb8211c78e6947a99807bcc1"}) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0xb) madvise$auto(0x0, 0x5, 0x19) madvise$auto(0x0, 0x2003f0, 0x15) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/pm_test\x00', 0x20461, 0x0) 2.9845588s ago: executing program 4 (id=3758): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x82002, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x8000000002000, 0x128009, 0x8000000000000001, 0x200000eb1, r1, 0x20000018000) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x7fffffff, 0x7f, 0x2eb1, 0x401, 0x2000000000008000) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_percpu_stats_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x40040, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r4], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) r5 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto(r5, &(0x7f0000000200)='ev_\x00\x00\x00\x00\x00`F\xfa\x89\x1a?\xba\x98\xba\xda\x93\xd7\x87\x88\rR\a\x94\a\xc5pd[\xdc\x05c!\xa6\xcc\xb5\xbeoTx\xf1\x96\xc0\x80\xbb\"\x00\xc2\'s\xdd\'\xd0\xc1i\a\xca\x0e\xf8\xc55C_\xfd\xe1\xa3\xeb\xc3\xddf\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) prctl$auto(0x1000000003b, 0x4, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) unshare$auto(0x40000080) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) fallocate$auto(0x8000000000000003, 0x3, 0xf, 0x200000004) 2.031375185s ago: executing program 2 (id=3790): mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1eded0e91b86c61b6b42ed6", 0x2e) creat$auto(&(0x7f0000000680)='./file0\x00', 0x3) mmap$auto(0x0, 0xe983, 0xa3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtd0ro\x00', 0x1902, 0x0) ioctl$auto_BLKPG2(r1, 0x1269, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/workqueue/nf_ft_offload_stats/affinity_scope\x00', 0x8000, 0x0) read$auto(r2, 0x0, 0x20) close_range$auto(0x0, r2, 0x4000000000002) socket(0x2, 0x801, 0x106) socketpair$auto(0x1a, 0x9, 0x8000000000000000, 0x0) r3 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtd0ro\x00', 0x0, 0x0) ioctl$auto_BLKPG2(r3, 0x1269, 0x0) r4 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop1\x00', 0x80600, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mtd0\x00', 0x2080, 0x0) ioctl$auto_BLKIOMIN(r4, 0x1278, 0x1000000000000) 1.895734823s ago: executing program 4 (id=3791): open_tree$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x2) unshare$auto(0x40000080) mmap$auto(0x0, 0x20009, 0x4000000000db, 0x12, 0x400, 0x18002) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x4) close_range$auto(0x2, 0x8, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x2, 0x0) ioctl$auto(0x3, 0x5411, 0x38) futex$auto(&(0x7f0000000080)=0x2948, 0x0, 0x2948, 0x0, 0x0, 0x5) futex$auto(&(0x7f0000000080)=0x3, 0x3, 0x1f, 0x0, &(0x7f0000000100)=0x4, 0x440a48d3) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r2, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) close_range$auto(r2, r1, 0xdf) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x73) io_uring_setup$auto(0x9, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) socketpair$auto(0x809, 0x2, 0x9, 0x0) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd9\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r3, 0x5423, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) 1.500517496s ago: executing program 2 (id=3792): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r2, 0x0) landlock_restrict_self$auto(r1, 0x0) socket(0x1, 0x2, 0x1) mmap$auto(0x0, 0x9, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r0, 0x4c03, 0xfffffffffffffffd) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), r3) shmctl$auto_IPC_INFO(0x3, 0x3, &(0x7f0000000240)={{0xffff, 0xee01, 0xffffffffffffffff, 0x0, 0x5, 0x5, 0x5}, 0x100, 0x100, 0xc5, 0x8, @raw=0x9, @inferred=0xffffffffffffffff, 0x50, 0x0, &(0x7f00000000c0)="63db3dd3a8fe18b9a0e979e4e1b96e19bf330d1518cc4563e03436e7e327abe914dbcc1a1509544c7fb67373bf15bf2923cf7ad1fa61b9541b3a78a6febb79d28a1cb1ec18155d728de96b2bb1789c539ed1cf34c800627b93cb015684df9bc443df0527e3de620f1c5a11db35c92bd9d92c9caa6be6e32ccdfb9d0aa6e28658a325122bf8cdea5de3b36d25a197b2e1870bce7cdd2b273a8862d59126945fd2432c3c0952470231d1721e77a08977c0e874fedbba4a4311fb88221ca3cf78d25b2678c7cbe49c256dfe80cb3fa31a0f8b3848caf2a8414fc0ee9ce30c56a738f15c4df5486ba4831d0a4248", &(0x7f00000001c0)="e9930879b176a5a2da69d69aa4a7bc7d98691b298a4c292cd691865d758b65eedbe676c6100b3647c701ebf958582202351aefd67016da548bb3305c41267a0a4abff8b76f8f5ea33180a11b8576ff6f6e8fcea172008905bf095caa61b222c5b34d3f6a84ae6cf388"}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'hsr0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r3, &(0x7f0000000580)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000540)={&(0x7f0000000300)={0x204, r4, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@ETHTOOL_A_FEC_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}]}, @ETHTOOL_A_FEC_MODES={0x17d, 0x2, 0x0, 0x1, [@nested={0xfe, 0x139, 0x0, 0x1, [@typed={0x8, 0xdb, 0x0, 0x0, @uid=r5}, @typed={0xf, 0x114, 0x0, 0x0, @str='/dev/loop6\x00'}, @generic="ee01f16172196531c59bd00aaedd2f47d933bd058ede74df685da279b88be20381e2acee688ceca21386ebddb84c0f233d91e2bffbe59628e43ddd435fd8664ee1486131f11d0cb285fe8c7ea2c709bb11655c7dd79198f9695e839c911e9ffdfb1d8f1d53583e2c5357e4b01a1209c33c92d5c4e682248dcafeb84fa9ba1444c393329be9d5ca9e1f44e0970a76e5317c700697c074caf7eb7ef51015ae2b7535f94e7bd166610b89fcb27c4e7f654073e2517bda4bfa08c89f4aafd27a8fac26fa667bb71ea35c6d956ac1e89609838aa4ad01651b1611712110b5950daea889d8"]}, @generic="28091f99408b4775a63178b217297d3d2dac85ac29a4764bfcd8cde8e901b7313547c78f42958c27c515acda754ee57f46ceef1d8a6451a307eff2e6295e5946daca17f694f30389023c5c7e78853ed8bb29e45e6ba2b83ad4b52d365dccb4caf0e4a058d62ad9bdd2c1e42674", @typed={0x8, 0x14f, 0x0, 0x0, @ipv4=@multicast2}, @generic='.BdP']}, @ETHTOOL_A_FEC_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}]}]}, 0x204}, 0x1, 0x0, 0x0, 0x8000}, 0x4000080) 1.443195927s ago: executing program 2 (id=3793): open(&(0x7f0000000800)='./file1\x00', 0x105000, 0x0) socket(0x1d, 0x2, 0x7) socket(0x28, 0xa, 0xffffffff) gettid() getpid() r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x12, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x0) epoll_create$auto(0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x3, r1, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, &(0x7f0000004440)) syz_clone3(0x0, 0x0) r4 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r4, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r4, 0x5501, 0x0) writev$auto(r4, &(0x7f0000000340)={0x0, 0xda7e}, 0x9) mmap$auto(0x0, 0x20005, 0xdf, 0x12, r2, 0x4) r5 = open_by_handle_at$auto(r3, &(0x7f00000002c0)={0x18, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504"}, 0x7d) setsockopt$auto(r5, 0x7, 0x1021, 0x0, 0x4) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r0, 0x0, 0x2004c010) close_range$auto(0x2, 0xa, 0x0) io_submit$auto(0x9, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000200)=ANY=[], 0x14}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0) 883.702682ms ago: executing program 3 (id=3794): socket(0x2, 0x801, 0x106) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @loopback}, 0x66) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x8, 0x311) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, 0x0, 0x0, 0x0) open(0x0, 0x2a4c0, 0x40) execve$auto(0x0, 0x0, 0x0) rename$auto(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./cgroup\x00') get_robust_list$auto(0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x2e810) mmap$auto(0x20000000000, 0xe983, 0x7f, 0xeb1, 0x401, 0x8000) ioctl$auto_SW_SYNC_IOC_INC(0xffffffffffffffff, 0x40045701, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) 316.093823ms ago: executing program 0 (id=3795): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000f80), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_DEL(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x44884) 294.999894ms ago: executing program 4 (id=3796): mmap$auto(0x0, 0x400009, 0x4000000000000df, 0x9b72, 0x2, 0x8000) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, 0x0, 0x103100, 0x0) fsconfig$auto_JFFS2_COMPR_MODE_NONE(r0, 0x9fbc, 0x0, &(0x7f0000000400), 0x0) bpf$auto(0x5, &(0x7f0000000180)=@query={@target_ifindex, 0x1007ff, 0x5, 0x40, 0x10, @count=0x1, 0x0, 0x8001, 0xffff, 0x1f2b, 0x6}, 0x3d) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r2, 0x2, 0x9) ioctl$auto(r2, 0x400c4d01, r2) 271.643104ms ago: executing program 2 (id=3797): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) memfd_secret$auto(0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x1a, 0x1, 0x0) epoll_create$auto(0x9) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) keyctl$auto(0x11, 0xfffffffffffffffa, 0x0, 0x4, 0x3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) listmount$auto(&(0x7f0000000100)={0x9, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) socket(0x2b, 0x1, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) msgrcv$auto(0xffff8001, 0x0, 0xff9, 0xfff, 0xb4) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000000000)="4c91f2c388274610e12c861bb2bfd9800e9b394b", 0x14) msgsnd$auto(0x0, &(0x7f0000000000)={0x40, 0x5}, 0x8, 0x9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r2 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(r2, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r3 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) pwrite64$auto(r3, 0x0, 0x400000, 0xc) 248.413001ms ago: executing program 3 (id=3798): setxattr$auto(0x0, &(0x7f0000000200)='*\x00', 0x0, 0x800000, 0x0) (async) madvise$auto(0x0, 0x2000040080000004, 0xe) (async) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x109c01, 0x0) ioctl$auto(r0, 0x92106411, 0xffffffffffffffff) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x480000, 0x0) (async) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) mmap$auto(0x0, 0x2020009, 0x80000000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) (async) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x8000b) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) ioperm$auto(0x2, 0x3, 0x1) (async) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x185002, 0x0) mmap$auto(0x0, 0xf4, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) close_range$auto(0x2, 0x8, 0x0) (async) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x109b80, 0x0) (async) r2 = socket(0x1a, 0x1, 0x0) (async) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) keyctl$auto_KEYCTL_NEGATE(0xd, 0x0, 0x0, 0x0, 0x2) sendmsg$auto_HWSIM_CMD_DEL_RADIO(r2, 0x0, 0x5) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socket(0x11, 0x80003, 0x300) (async) socket(0x29, 0x5, 0x0) open(&(0x7f00000000c0)='./cgroup\x00', 0x84c01, 0xb5d1af1605322dd2) 57.773051ms ago: executing program 0 (id=3799): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) io_uring_register$auto_IORING_REGISTER_RING_FDS(r0, 0x14, &(0x7f0000000080)="154e369cd43c11510c44bf00507a9ef51a6ed641d9a05196a6c5354eab5c96ab88bea6b924ecb85f64a08643e3b42b606b879fa0d078b567c1e5656b4482e8f7af3044cac4a2dd67152f566c0eaeb2c8b88013ed5062baef5d849988f1096eeb4b5fc007009f192b542740006c62ecb128571b3a49c50af734f1c3a300b3f281c29188469b842ee860b9593be057ec5f6aaa3e7488b8", 0x7) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0xc05, 0x0) writev$auto(r1, &(0x7f0000000140)={0x0, 0x6}, 0x4) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x8, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) set_mempolicy$auto(0x8, &(0x7f0000000180)=0xd0, 0x7) read$auto(r2, 0x0, 0x102) fsopen$auto(&(0x7f00000001c0)='$}+(#!\x00', 0x2) r3 = openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0) ioctl$auto(r3, 0x40246f4c, 0x38) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_net_shaper(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f0, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x1, 0x2, 0x0, 0x8) shutdown$auto(0x200000003, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) 0s ago: executing program 4 (id=3800): futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5, 0x4002, 0x4}, 0x77, 0xfffffffd, 0x0, 0x62bd) r0 = memfd_secret$auto(0xffffffff) fstatfs$auto(r0, &(0x7f00000000c0)={0x4, 0x8000000000, 0x5, 0x7fff, 0x0, 0x4, 0x6, {[0x9, 0x3]}, 0x0, 0x5, 0x7, [0x9, 0x7e5, 0x9, 0x26]}) clock_gettime$auto(0xfffffffffffffbfb, 0xfffffffffffffffc) bpf$auto_BPF_LINK_CREATE(0x1c, &(0x7f0000000040)=@token_create={0x2, 0xffffffffffffffff}, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/platform/vhci_hcd.5/usb19/19-0:1.0/usb19-port8/disable\x00', 0x0, 0x0) sendfile$auto(r2, 0x3, 0x0, 0x40000000c07) r3 = openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe\x00', 0x20a02, 0x0) ppoll$auto(&(0x7f0000000040)={r3, 0x4, 0xa7}, 0x1c, &(0x7f0000000080)={0x2, 0x6}, 0x0, 0x8) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x24, 0xa, 0xfd) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x802, 0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) socket(0xa, 0x1, 0x100) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen\x00', 0x80400, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4008014) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/mem\x00', 0x401, 0x0) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000000240)="cac4382ca5d76e9713c81de949ebceba104cdcb955e642cb2696fcea4b87eb351d9b533ea21b258285354e2dea8f00000000000000000000000000002935e0a3edb4eacf86fff9cbd2fb7cab5fd6147a916c001480336292014b719eaa9d3c855c62838b", 0xfffffffffffffd70) madvise$auto(0x0, 0x20200, 0x15) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r5 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r5, 0xaf01, 0x5) ioctl$auto(r5, 0x4008af04, 0x0) kernel console output (not intermixed with test programs): left promiscuous mode [ 961.074064][ T9053] team0 (unregistering): Port device team_slave_0 removed [ 961.075216][T13681] Bluetooth: hci1: command tx timeout [ 961.319102][T13681] Bluetooth: hci3: command 0x0c1a tx timeout [ 961.455652][T23286] vhci_hcd: invalid port number 16 [ 961.611151][T23291] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3169'. [ 961.748078][T23283] mkiss: ax0: crc mode is auto. [ 961.952633][T23225] bridge0: port 1(bridge_slave_0) entered blocking state [ 961.970571][T23225] bridge0: port 1(bridge_slave_0) entered disabled state [ 961.981213][T23225] bridge_slave_0: entered allmulticast mode [ 961.997601][T23225] bridge_slave_0: entered promiscuous mode [ 962.025522][T23225] bridge0: port 2(bridge_slave_1) entered blocking state [ 962.033442][T23225] bridge0: port 2(bridge_slave_1) entered disabled state [ 962.041507][T23225] bridge_slave_1: entered allmulticast mode [ 962.049311][T23225] bridge_slave_1: entered promiscuous mode [ 962.152941][T23225] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 962.187068][T23225] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 962.374260][T23225] team0: Port device team_slave_0 added [ 962.431000][T23225] team0: Port device team_slave_1 added [ 962.903322][T23225] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 962.923791][T23225] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 962.941324][ T30] audit: type=1800 audit(4294967350.094:32): pid=23315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=110976 res=0 errno=0 [ 962.953569][T23225] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 963.004291][T23225] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 963.054186][T23225] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 963.145921][T13681] Bluetooth: hci1: command tx timeout [ 963.176834][T23225] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 963.426005][T23329] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3174'. [ 963.558705][T23333] EXT4-fs error (device sda1): trigger_test_error:129: comm syz.2.3175: 7 [ 963.625173][T23225] hsr_slave_0: entered promiscuous mode [ 963.654990][T23225] hsr_slave_1: entered promiscuous mode [ 964.029024][T23339] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3176'. [ 964.825398][T23365] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 965.213783][T13681] Bluetooth: hci1: command tx timeout [ 965.326395][T23225] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 965.379751][T23225] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 965.430721][T23225] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 965.484652][T23225] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 965.524787][T13681] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 965.537899][T13681] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0' [ 965.547966][T13681] CPU: 0 UID: 0 PID: 13681 Comm: kworker/u9:1 Tainted: G U syzkaller #0 PREEMPT(full) [ 965.548007][T13681] Tainted: [U]=USER [ 965.548016][T13681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 965.548034][T13681] Workqueue: hci2 hci_rx_work [ 965.548067][T13681] Call Trace: [ 965.548076][T13681] [ 965.548086][T13681] dump_stack_lvl+0x16c/0x1f0 [ 965.548118][T13681] sysfs_warn_dup+0x7f/0xa0 [ 965.548148][T13681] sysfs_create_dir_ns+0x24b/0x2b0 [ 965.548179][T13681] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 965.548206][T13681] ? find_held_lock+0x2b/0x80 [ 965.548238][T13681] ? do_raw_spin_unlock+0x172/0x230 [ 965.548278][T13681] kobject_add_internal+0x2c4/0x9b0 [ 965.548315][T13681] kobject_add+0x16e/0x240 [ 965.548346][T13681] ? __pfx_kobject_add+0x10/0x10 [ 965.548379][T13681] ? do_raw_spin_unlock+0x172/0x230 [ 965.548414][T13681] ? kobject_put+0xab/0x5a0 [ 965.548452][T13681] device_add+0x288/0x1aa0 [ 965.548482][T13681] ? __pfx_dev_set_name+0x10/0x10 [ 965.548517][T13681] ? __pfx_device_add+0x10/0x10 [ 965.548548][T13681] ? mgmt_send_event_skb+0x2fb/0x460 [ 965.548583][T13681] hci_conn_add_sysfs+0x17e/0x230 [ 965.548614][T13681] le_conn_complete_evt+0x1260/0x2150 [ 965.548651][T13681] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 965.548677][T13681] ? bt_warn+0xe4/0x120 [ 965.548699][T13681] ? __pfx_bt_warn+0x10/0x10 [ 965.548730][T13681] hci_le_conn_complete_evt+0x23c/0x370 [ 965.548765][T13681] hci_le_meta_evt+0x354/0x5e0 [ 965.548792][T13681] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 965.548823][T13681] hci_event_packet+0x685/0x11c0 [ 965.548850][T13681] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 965.548881][T13681] ? __pfx_hci_event_packet+0x10/0x10 [ 965.548921][T13681] ? kcov_remote_start+0x3c9/0x6d0 [ 965.548946][T13681] ? lockdep_hardirqs_on+0x7c/0x110 [ 965.548984][T13681] hci_rx_work+0x2c5/0x16b0 [ 965.549012][T13681] ? rcu_is_watching+0x12/0xc0 [ 965.549045][T13681] process_one_work+0x9cf/0x1b70 [ 965.549098][T13681] ? __pfx_process_one_work+0x10/0x10 [ 965.549143][T13681] ? assign_work+0x1a0/0x250 [ 965.549183][T13681] worker_thread+0x6c8/0xf10 [ 965.549232][T13681] ? __kthread_parkme+0x19e/0x250 [ 965.549264][T13681] ? __pfx_worker_thread+0x10/0x10 [ 965.549299][T13681] kthread+0x3c2/0x780 [ 965.549333][T13681] ? __pfx_kthread+0x10/0x10 [ 965.549367][T13681] ? rcu_is_watching+0x12/0xc0 [ 965.549393][T13681] ? __pfx_kthread+0x10/0x10 [ 965.549431][T13681] ret_from_fork+0x675/0x7d0 [ 965.549467][T13681] ? __pfx_kthread+0x10/0x10 [ 965.549502][T13681] ret_from_fork_asm+0x1a/0x30 [ 965.549547][T13681] [ 965.549581][T13681] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory. [ 965.820493][T13681] Bluetooth: hci2: failed to register connection device [ 965.924560][T23225] 8021q: adding VLAN 0 to HW filter on device bond0 [ 965.989048][T23225] 8021q: adding VLAN 0 to HW filter on device team0 [ 966.030945][ T9053] bridge0: port 1(bridge_slave_0) entered blocking state [ 966.038117][ T9053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 966.137017][ T9053] bridge0: port 2(bridge_slave_1) entered blocking state [ 966.144177][ T9053] bridge0: port 2(bridge_slave_1) entered forwarding state [ 966.351387][T23395] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3184'. [ 966.360672][T23225] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 967.147656][T23225] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 967.462027][T23225] veth0_vlan: entered promiscuous mode [ 967.504379][T23225] veth1_vlan: entered promiscuous mode [ 967.682326][T23225] veth0_macvtap: entered promiscuous mode [ 967.702283][T23225] veth1_macvtap: entered promiscuous mode [ 967.732753][T23225] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 967.766153][T23225] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 967.815268][ T9050] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 967.829552][T23440] deleting an unspecified loop device is not supported. [ 967.849867][T13681] Bluetooth: hci2: command 0x0c1a tx timeout [ 967.872091][ T9050] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 968.066510][ T9050] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 968.135688][ T9050] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 968.579301][ T7726] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 968.625973][ T7726] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 968.732666][ T9050] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 968.775441][ T9050] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 970.036023][T23485] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 970.105009][T23490] serio: Serial port pty6 [ 971.073631][T23521] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3197'. [ 971.091415][T23523] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3199'. [ 972.398044][T23552] qrtr: Invalid version 0 [ 972.676310][T23561] serio: Serial port pty6 [ 974.063251][T23582] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3209'. [ 974.098079][T23583] FAULT_INJECTION: forcing a failure. [ 974.098079][T23583] name failslab, interval 1, probability 0, space 0, times 0 [ 974.120614][T23583] CPU: 0 UID: 0 PID: 23583 Comm: syz.3.3209 Tainted: G U syzkaller #0 PREEMPT(full) [ 974.120653][T23583] Tainted: [U]=USER [ 974.120663][T23583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 974.120677][T23583] Call Trace: [ 974.120686][T23583] [ 974.120698][T23583] dump_stack_lvl+0x16c/0x1f0 [ 974.120734][T23583] should_fail_ex+0x512/0x640 [ 974.120755][T23583] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 974.120776][T23583] should_failslab+0xc2/0x120 [ 974.120796][T23583] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 974.120823][T23583] ? __kthread_create_on_node+0x186/0x3f0 [ 974.120846][T23583] ? kvasprintf+0xbc/0x160 [ 974.120866][T23583] kvasprintf+0xbc/0x160 [ 974.120884][T23583] ? __pfx_kvasprintf+0x10/0x10 [ 974.120909][T23583] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 974.120930][T23583] __kthread_create_on_node+0x186/0x3f0 [ 974.120949][T23583] ? __pfx___kthread_create_on_node+0x10/0x10 [ 974.120978][T23583] ? __pfx_tomoyo_gc_thread+0x10/0x10 [ 974.120999][T23583] kthread_create_on_node+0xc7/0x100 [ 974.121017][T23583] ? __pfx_kthread_create_on_node+0x10/0x10 [ 974.121034][T23583] ? kasan_quarantine_put+0x10a/0x240 [ 974.121054][T23583] ? find_held_lock+0x2b/0x80 [ 974.121070][T23583] ? tomoyo_notify_gc+0xc6/0x470 [ 974.121094][T23583] tomoyo_notify_gc+0xea/0x470 [ 974.121114][T23583] ? ima_iint_find+0xea/0x130 [ 974.121133][T23583] ? __pfx_tomoyo_release+0x10/0x10 [ 974.121148][T23583] tomoyo_release+0x31/0x40 [ 974.121162][T23583] __fput+0x3ff/0xb70 [ 974.121185][T23583] task_work_run+0x150/0x240 [ 974.121207][T23583] ? __pfx_task_work_run+0x10/0x10 [ 974.121229][T23583] ? __pfx___do_sys_close_range+0x10/0x10 [ 974.121249][T23583] exit_to_user_mode_loop+0xec/0x130 [ 974.121271][T23583] do_syscall_64+0x426/0xfa0 [ 974.121289][T23583] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 974.121303][T23583] RIP: 0033:0x7f57ee78eec9 [ 974.121316][T23583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 974.121331][T23583] RSP: 002b:00007f57ef63f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 974.121346][T23583] RAX: 0000000000000000 RBX: 00007f57ee9e6090 RCX: 00007f57ee78eec9 [ 974.121355][T23583] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 974.121364][T23583] RBP: 00007f57ee811f91 R08: 0000000000000000 R09: 0000000000000000 [ 974.121372][T23583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 974.121381][T23583] R13: 00007f57ee9e6128 R14: 00007f57ee9e6090 R15: 00007ffd187bea78 [ 974.121401][T23583] [ 974.403309][T23582] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3209'. [ 974.645950][T23592] Falling back ldisc for pty66. [ 975.964989][ T30] audit: type=1804 audit(4294967363.192:33): pid=23617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.3218" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 976.972025][T23641] serio: Serial port pty6 [ 979.520908][T23714] .^: entered promiscuous mode [ 979.937017][T13681] Bluetooth: hci1: unexpected event 0x36 length: 122 > 7 [ 980.489662][T23738] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 981.616612][T23768] KVM: debugfs: duplicate directory 23768-4 [ 982.224092][T23781] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3251'. [ 983.108708][T23798] random: crng reseeded on system resumption [ 985.825069][T23868] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3270'. [ 986.465745][T23874] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3271'. [ 987.065505][T23887] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3274'. [ 987.440703][T23901] synth uevent: /module/hid_magicmouse: unknown uevent action string [ 987.899203][T23908] binder: 23906:23908 ioctl 4138ae84 200000000040 returned -22 [ 988.379910][T23918] serio: Serial port pty6 [ 988.616547][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 988.622987][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 990.036186][T23948] netlink: 280 bytes leftover after parsing attributes in process `syz.2.3286'. [ 990.493501][T23962] random: crng reseeded on system resumption [ 992.580049][T19605] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 992.902984][T19605] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 992.976505][T23989] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3305'. [ 993.202126][T19605] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 993.463485][T23999] random: crng reseeded on system resumption [ 993.540194][T19605] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 993.560497][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 993.576379][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 993.585645][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 993.593762][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 993.601415][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 994.432434][ T43] usb usb38-port5: attempt power cycle [ 994.738107][T19605] bridge_slave_1: left allmulticast mode [ 994.769920][T19605] bridge_slave_1: left promiscuous mode [ 994.809913][T19605] bridge0: port 2(bridge_slave_1) entered disabled state [ 994.977024][T19605] bridge_slave_0: left allmulticast mode [ 995.028239][T19605] bridge_slave_0: left promiscuous mode [ 995.035288][ T43] usb usb38-port5: unable to enumerate USB device [ 995.059317][T19605] bridge0: port 1(bridge_slave_0) entered disabled state [ 995.629703][T13681] Bluetooth: hci0: command tx timeout [ 996.516176][T24065] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3310'. [ 997.581904][T19605] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 997.690576][T13681] Bluetooth: hci0: command tx timeout [ 997.744907][T19605] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 997.861299][T19605] bond0 (unregistering): Released all slaves [ 997.881652][T23998] chnl_net:caif_netlink_parms(): no params data found [ 998.358703][T19605] .^: left promiscuous mode [ 999.169439][T23998] bridge0: port 1(bridge_slave_0) entered blocking state [ 999.176663][T23998] bridge0: port 1(bridge_slave_0) entered disabled state [ 999.184432][T23998] bridge_slave_0: entered allmulticast mode [ 999.194404][T23998] bridge_slave_0: entered promiscuous mode [ 999.204892][T23998] bridge0: port 2(bridge_slave_1) entered blocking state [ 999.224249][T23998] bridge0: port 2(bridge_slave_1) entered disabled state [ 999.255350][T23998] bridge_slave_1: entered allmulticast mode [ 999.306463][T23998] bridge_slave_1: entered promiscuous mode [ 999.754899][T13681] Bluetooth: hci0: command tx timeout [ 1000.194802][T24109] serio: Serial port pty6 [ 1000.610168][T23998] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1000.826350][T23998] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1001.829251][T13681] Bluetooth: hci0: command tx timeout [ 1001.910368][T24135] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3321'. [ 1001.951610][T23998] team0: Port device team_slave_0 added [ 1001.970831][T23998] team0: Port device team_slave_1 added [ 1002.238141][T19605] hsr_slave_0: left promiscuous mode [ 1002.283774][T19605] hsr_slave_1: left promiscuous mode [ 1002.289917][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1002.298017][T19605] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1002.321902][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1002.335301][T19605] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1002.404529][T19605] veth1_macvtap: left promiscuous mode [ 1002.412433][T19605] veth0_macvtap: left promiscuous mode [ 1002.422449][T19605] veth1_vlan: left promiscuous mode [ 1002.430141][T19605] veth0_vlan: left promiscuous mode [ 1003.124220][T24145] fanotify: failed to encode fid (type=0, len=0, err=-2) [ 1004.736808][T19605] team0 (unregistering): Port device team_slave_1 removed [ 1004.952571][T19605] team0 (unregistering): Port device team_slave_0 removed [ 1006.935757][T23998] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1006.944550][T23998] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1006.975385][T23998] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1006.989636][T23998] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1007.011538][T23998] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1007.056517][T23998] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1007.736685][T23998] hsr_slave_0: entered promiscuous mode [ 1007.765496][T23998] hsr_slave_1: entered promiscuous mode [ 1007.771862][T23998] debugfs: 'hsr0' already exists in 'hsr' [ 1007.801358][T23998] Cannot create hsr debugfs directory [ 1009.144738][T24200] serio: Serial port pty6 [ 1009.199841][T24203] FAULT_INJECTION: forcing a failure. [ 1009.199841][T24203] name failslab, interval 1, probability 0, space 0, times 0 [ 1009.215323][T24203] CPU: 1 UID: 0 PID: 24203 Comm: syz.1.3331 Tainted: G U syzkaller #0 PREEMPT(full) [ 1009.215361][T24203] Tainted: [U]=USER [ 1009.215369][T24203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1009.215382][T24203] Call Trace: [ 1009.215391][T24203] [ 1009.215400][T24203] dump_stack_lvl+0x16c/0x1f0 [ 1009.215430][T24203] should_fail_ex+0x512/0x640 [ 1009.215455][T24203] ? fs_reclaim_acquire+0xae/0x150 [ 1009.215489][T24203] should_failslab+0xc2/0x120 [ 1009.215520][T24203] __kmalloc_noprof+0xdd/0x880 [ 1009.215556][T24203] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1009.215588][T24203] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1009.215612][T24203] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1009.215641][T24203] ? tomoyo_profile+0x47/0x60 [ 1009.215673][T24203] tomoyo_path_number_perm+0x245/0x580 [ 1009.215708][T24203] ? tomoyo_path_number_perm+0x237/0x580 [ 1009.215746][T24203] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1009.215783][T24203] ? find_held_lock+0x2b/0x80 [ 1009.215839][T24203] ? find_held_lock+0x2b/0x80 [ 1009.215864][T24203] ? hook_file_ioctl_common+0x145/0x410 [ 1009.215909][T24203] ? __fget_files+0x20e/0x3c0 [ 1009.215940][T24203] security_file_ioctl+0x9b/0x240 [ 1009.215979][T24203] __x64_sys_ioctl+0xb7/0x210 [ 1009.216016][T24203] do_syscall_64+0xcd/0xfa0 [ 1009.216047][T24203] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1009.216071][T24203] RIP: 0033:0x7f3994d8eec9 [ 1009.216090][T24203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1009.216112][T24203] RSP: 002b:00007f3995b78038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1009.216143][T24203] RAX: ffffffffffffffda RBX: 00007f3994fe6270 RCX: 00007f3994d8eec9 [ 1009.216159][T24203] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000002 [ 1009.216174][T24203] RBP: 00007f3995b78090 R08: 0000000000000000 R09: 0000000000000000 [ 1009.216189][T24203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1009.216202][T24203] R13: 00007f3994fe6308 R14: 00007f3994fe6270 R15: 00007fff535df398 [ 1009.216239][T24203] [ 1009.217433][T24203] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1010.493782][T24235] 0x000200000001-0xa29656a63616329 : "" [ 1010.501376][T24235] mtd: partition "" is out of reach -- disabled [ 1010.530893][T24235] ftl_cs: FTL header not found. [ 1011.616176][T24241] serio: Serial port pty6 [ 1011.639274][T23998] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1011.659813][T23998] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1011.715710][T23998] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1011.843159][T23998] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1012.968541][T23998] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1013.045766][T23998] 8021q: adding VLAN 0 to HW filter on device team0 [ 1013.077270][T10670] bridge0: port 1(bridge_slave_0) entered blocking state [ 1013.084461][T10670] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1013.211227][T10665] bridge0: port 2(bridge_slave_1) entered blocking state [ 1013.218447][T10665] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1013.370505][T23998] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1013.482673][T23998] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1014.126714][T23998] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1014.559662][T23998] veth0_vlan: entered promiscuous mode [ 1014.615119][T23998] veth1_vlan: entered promiscuous mode [ 1014.838059][T24335] 0x000200000001-0xa29656a63616329 : "" [ 1014.875724][T24335] mtd: partition "" is out of reach -- disabled [ 1014.905417][T24335] ftl_cs: FTL header not found. [ 1015.252698][T19605] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1015.408657][T23998] veth0_macvtap: entered promiscuous mode [ 1015.434722][T23998] veth1_macvtap: entered promiscuous mode [ 1015.481095][T23998] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1015.496869][T23998] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1015.746665][T19605] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1015.918666][T10670] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1015.941866][T10670] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1016.317921][T10670] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1016.402817][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1016.448433][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1016.460319][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1016.469884][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1016.506310][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1016.681643][T19605] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1016.745961][T10670] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1017.001129][T24016] syz.2.3301 (24016) used greatest stack depth: 18824 bytes left [ 1017.010515][T10670] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1017.033324][T10670] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1017.239599][ T9053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1017.253738][ T9053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1017.428442][T19605] bridge_slave_1: left allmulticast mode [ 1017.434412][T19605] bridge_slave_1: left promiscuous mode [ 1017.445485][T19605] bridge0: port 2(bridge_slave_1) entered disabled state [ 1017.490206][T19605] bridge_slave_0: left allmulticast mode [ 1017.542272][T19605] bridge_slave_0: left promiscuous mode [ 1017.548876][T24384] 0x000200000001-0xa29656a63616329 : "" [ 1017.562659][T19605] bridge0: port 1(bridge_slave_0) entered disabled state [ 1017.580872][T24384] mtd: partition "" is out of reach -- disabled [ 1017.593978][T24384] ftl_cs: FTL header not found. [ 1017.864563][T24399] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 1017.988931][T24402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3356'. [ 1018.198241][T24398] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 1018.622792][T13681] Bluetooth: hci1: command tx timeout [ 1018.663614][T19605] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1018.675845][T19605] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1018.687654][T19605] bond0 (unregistering): Released all slaves [ 1019.065761][T24368] chnl_net:caif_netlink_parms(): no params data found [ 1019.386743][T19605] hsr_slave_0: left promiscuous mode [ 1019.436305][T19605] hsr_slave_1: left promiscuous mode [ 1019.457822][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1019.481976][T19605] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1019.561179][T24441] netlink: 302 bytes leftover after parsing attributes in process `syz.1.3363'. [ 1019.585548][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1019.604985][T19605] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1019.677773][T19605] veth1_macvtap: left promiscuous mode [ 1019.785153][T19605] veth0_macvtap: left promiscuous mode [ 1019.801355][T19605] veth1_vlan: left promiscuous mode [ 1019.806839][T19605] veth0_vlan: left promiscuous mode [ 1020.685552][T13681] Bluetooth: hci1: command tx timeout [ 1020.754183][T19605] team0 (unregistering): Port device team_slave_1 removed [ 1020.852755][T19605] team0 (unregistering): Port device team_slave_0 removed [ 1021.600249][T24368] bridge0: port 1(bridge_slave_0) entered blocking state [ 1021.609457][T24368] bridge0: port 1(bridge_slave_0) entered disabled state [ 1021.621118][T24368] bridge_slave_0: entered allmulticast mode [ 1021.640350][T24368] bridge_slave_0: entered promiscuous mode [ 1021.648930][T24368] bridge0: port 2(bridge_slave_1) entered blocking state [ 1021.660456][T24368] bridge0: port 2(bridge_slave_1) entered disabled state [ 1021.667684][T24368] bridge_slave_1: entered allmulticast mode [ 1021.681163][T24368] bridge_slave_1: entered promiscuous mode [ 1021.872004][T24459] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3364'. [ 1021.879115][T24461] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3366'. [ 1021.903244][T24368] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1021.933115][T24368] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1022.235025][T24368] team0: Port device team_slave_0 added [ 1022.291868][T24368] team0: Port device team_slave_1 added [ 1022.433669][T24368] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1022.453988][T24368] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1022.501608][T24368] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1022.515203][T24368] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1022.522668][T24368] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1022.548883][T24368] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1022.755343][T13681] Bluetooth: hci1: command tx timeout [ 1022.994254][T24368] hsr_slave_0: entered promiscuous mode [ 1023.000990][T24368] hsr_slave_1: entered promiscuous mode [ 1024.388179][T24509] net_ratelimit: 367 callbacks suppressed [ 1024.388192][T24509] netlink: zone id is out of range [ 1024.472130][T24509] netlink: zone id is out of range [ 1024.482248][T24509] netlink: zone id is out of range [ 1024.491979][T24509] netlink: zone id is out of range [ 1024.555826][T24509] netlink: zone id is out of range [ 1024.645624][T24509] netlink: zone id is out of range [ 1024.666408][T24509] netlink: zone id is out of range [ 1024.670270][T24517] HfR: entered promiscuous mode [ 1024.676759][T24509] netlink: zone id is out of range [ 1024.762688][T24509] netlink: zone id is out of range [ 1024.824356][T13681] Bluetooth: hci1: command tx timeout [ 1024.846307][T24509] netlink: zone id is out of range [ 1026.583867][T24368] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1026.612789][T24368] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1026.642176][T24368] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1026.691499][T24368] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1027.212804][T24368] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1027.258478][T24368] 8021q: adding VLAN 0 to HW filter on device team0 [ 1027.276156][T10670] bridge0: port 1(bridge_slave_0) entered blocking state [ 1027.283361][T10670] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1028.417846][T19605] bridge0: port 2(bridge_slave_1) entered blocking state [ 1028.424985][T19605] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1028.506182][T24592] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12 [ 1028.534416][T24592] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12 [ 1028.563047][T24592] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 1028.605093][T24603] ptp ptp0: only physical clock in use now [ 1029.176258][T24368] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1029.393037][T24627] 0x000200000001-0xa29656a63616329 : "" [ 1029.399322][T24627] mtd: partition "" is out of reach -- disabled [ 1029.431041][T24627] ftl_cs: FTL header not found. [ 1030.109321][T24368] veth0_vlan: entered promiscuous mode [ 1030.124112][T24368] veth1_vlan: entered promiscuous mode [ 1030.303090][T24368] veth0_macvtap: entered promiscuous mode [ 1030.389803][T24368] veth1_macvtap: entered promiscuous mode [ 1030.510859][T24368] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1030.655884][T24368] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1030.773874][ T7726] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1030.824663][ T7726] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1030.894868][T10665] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1031.164865][ T7724] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1031.184651][T10665] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1031.204172][ T7724] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1031.211697][T10665] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1033.478096][T24712] ptp ptp0: only physical clock in use now [ 1033.906183][T24717] binder: 24715:24717 ioctl c0306201 200000000000 returned -14 [ 1034.119029][T19605] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1034.451216][T19605] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1034.674297][T19605] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1035.049442][T19605] bridge_slave_1: left allmulticast mode [ 1035.086190][T19605] bridge_slave_1: left promiscuous mode [ 1035.118177][T19605] bridge0: port 2(bridge_slave_1) entered disabled state [ 1035.207101][T19605] bridge_slave_0: left allmulticast mode [ 1035.230579][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1035.245797][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1035.255994][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1035.265316][T19605] bridge_slave_0: left promiscuous mode [ 1035.273397][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1035.282726][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1035.296577][T19605] bridge0: port 1(bridge_slave_0) entered disabled state [ 1035.474871][T24737] bcache: register_bcache() error : Not a bcache superblock (bad offset) [ 1035.514156][T24737] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3402'. [ 1036.390808][T24762] net_ratelimit: 95 callbacks suppressed [ 1036.390822][T24762] netlink: zone id is out of range [ 1036.409636][T24762] netlink: zone id is out of range [ 1036.441164][T24762] netlink: zone id is out of range [ 1036.457972][T24762] netlink: zone id is out of range [ 1036.464186][T24762] netlink: zone id is out of range [ 1036.504445][T24762] netlink: zone id is out of range [ 1036.528449][T24762] netlink: zone id is out of range [ 1036.535372][T24762] netlink: zone id is out of range [ 1036.540611][T24762] netlink: zone id is out of range [ 1036.548123][T24762] netlink: zone id is out of range [ 1036.637152][T19605] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1036.667929][T19605] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1036.688639][T19605] bond0 (unregistering): Released all slaves [ 1037.084112][T24767] HfR: entered promiscuous mode [ 1037.318660][T13681] Bluetooth: hci1: command tx timeout [ 1038.174901][ T854] usb usb38-port5: attempt power cycle [ 1038.323115][T24792] serio: Serial port pty6 [ 1038.477351][T19605] hsr_slave_0: left promiscuous mode [ 1038.485122][T19605] hsr_slave_1: left promiscuous mode [ 1038.494232][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1038.504300][T19605] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1038.514483][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1038.540733][T19605] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1038.659794][T19605] veth1_macvtap: left promiscuous mode [ 1038.677391][T19605] veth0_macvtap: left promiscuous mode [ 1038.700603][T19605] veth1_vlan: left promiscuous mode [ 1038.718644][T19605] veth0_vlan: left promiscuous mode [ 1038.742977][ T854] usb usb38-port5: unable to enumerate USB device [ 1039.395671][T13681] Bluetooth: hci1: command tx timeout [ 1040.454544][T19605] team0 (unregistering): Port device team_slave_1 removed [ 1040.551506][T19605] team0 (unregistering): Port device team_slave_0 removed [ 1040.713208][T24827] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(4) [ 1041.090769][T24729] chnl_net:caif_netlink_parms(): no params data found [ 1041.458027][T13681] Bluetooth: hci1: command tx timeout [ 1041.474537][T24729] bridge0: port 1(bridge_slave_0) entered blocking state [ 1041.493415][T24729] bridge0: port 1(bridge_slave_0) entered disabled state [ 1041.511112][T24729] bridge_slave_0: entered allmulticast mode [ 1041.544860][T24729] bridge_slave_0: entered promiscuous mode [ 1041.569404][T24729] bridge0: port 2(bridge_slave_1) entered blocking state [ 1041.587343][T24729] bridge0: port 2(bridge_slave_1) entered disabled state [ 1041.604597][T24729] bridge_slave_1: entered allmulticast mode [ 1041.629139][T24729] bridge_slave_1: entered promiscuous mode [ 1041.702861][T24729] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1041.738092][T24729] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1041.908093][T24846] net_ratelimit: 95 callbacks suppressed [ 1041.908108][T24846] netlink: zone id is out of range [ 1041.941168][T24729] team0: Port device team_slave_0 added [ 1042.007836][T24845] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1042.028886][T24846] netlink: zone id is out of range [ 1042.046630][T24846] netlink: zone id is out of range [ 1042.052210][T24846] netlink: zone id is out of range [ 1042.057654][T24846] netlink: zone id is out of range [ 1042.095383][T24846] netlink: zone id is out of range [ 1042.100511][T24846] netlink: zone id is out of range [ 1042.115690][T24729] team0: Port device team_slave_1 added [ 1042.138387][T24846] netlink: zone id is out of range [ 1042.163422][T24846] netlink: zone id is out of range [ 1042.169570][T24846] netlink: zone id is out of range [ 1042.328411][T24852] HfR: entered promiscuous mode [ 1042.474184][T24729] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1042.505287][T24729] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1042.549146][T24729] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1042.572543][T24729] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1042.579511][T24729] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1042.734333][T24729] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1042.990829][T24729] hsr_slave_0: entered promiscuous mode [ 1043.009637][T24729] hsr_slave_1: entered promiscuous mode [ 1043.239783][T24872] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 1043.526467][T13681] Bluetooth: hci1: command tx timeout [ 1043.537236][T24879] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3427'. [ 1043.550273][T24879] veth0_macvtap: left promiscuous mode [ 1043.562549][T24879] macvtap0: entered promiscuous mode [ 1043.597088][T24879] macvtap0: entered allmulticast mode [ 1044.163489][T24729] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1044.199697][T24729] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1044.278721][T24729] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1044.356661][T24729] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1044.842290][T24729] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1045.006716][T24729] 8021q: adding VLAN 0 to HW filter on device team0 [ 1045.052307][ T9049] bridge0: port 1(bridge_slave_0) entered blocking state [ 1045.059468][ T9049] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1045.095736][ T9049] bridge0: port 2(bridge_slave_1) entered blocking state [ 1045.102976][ T9049] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1045.829964][T24729] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1045.994683][T24729] veth0_vlan: entered promiscuous mode [ 1046.047206][T24729] veth1_vlan: entered promiscuous mode [ 1046.234437][T24729] veth0_macvtap: entered promiscuous mode [ 1046.275572][T24729] veth1_macvtap: entered promiscuous mode [ 1046.344568][T24729] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1046.380160][T24729] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1046.407600][ T9049] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1046.433749][ T9049] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1046.464242][ T9049] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1046.482623][ T9049] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1046.877035][T24953] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1047.029047][T13681] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 1047.256811][T19605] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1047.264910][T19605] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1047.439381][ T9049] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1047.486509][ T9049] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1048.046166][T24983] 0x000200000001-0xa29656a63616329 : "" [ 1048.051814][T24983] mtd: partition "" is out of reach -- disabled [ 1048.188882][T24983] ftl_cs: FTL header not found. [ 1048.879897][ T9049] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1049.499736][ T9049] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1049.617220][T25006] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1049.740297][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1049.779565][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1049.922027][ T9049] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1049.986883][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1050.010691][ T5838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1050.019494][ T5838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1050.027819][ T5838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1050.037753][ T5838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1050.111103][T25025] block nbd9: NBD_DISCONNECT [ 1050.192047][ T9049] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1050.889576][ T43] usb usb38-port5: attempt power cycle [ 1051.139687][ T9049] bridge_slave_1: left allmulticast mode [ 1051.147542][ T9049] bridge_slave_1: left promiscuous mode [ 1051.153236][ T9049] bridge0: port 2(bridge_slave_1) entered disabled state [ 1051.182930][ T9049] bridge_slave_0: left allmulticast mode [ 1051.191094][ T9049] bridge_slave_0: left promiscuous mode [ 1051.207352][ T9049] bridge0: port 1(bridge_slave_0) entered disabled state [ 1051.470661][ T43] usb usb38-port5: unable to enumerate USB device [ 1051.526785][T25048] zswap: compressor not available [ 1051.798379][T25062] 0x000200000001-0xa29656a63616329 : "" [ 1051.813994][T25062] mtd: partition "" is out of reach -- disabled [ 1051.845924][T25062] ftl_cs: FTL header not found. [ 1052.122848][ T5838] Bluetooth: hci0: command tx timeout [ 1052.804015][ T9049] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1052.824878][ T9049] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1052.851033][ T9049] bond0 (unregistering): Released all slaves [ 1052.910979][T25074] FAULT_INJECTION: forcing a failure. [ 1052.910979][T25074] name failslab, interval 1, probability 0, space 0, times 0 [ 1052.951382][T25074] CPU: 1 UID: 0 PID: 25074 Comm: syz.0.3450 Tainted: G U syzkaller #0 PREEMPT(full) [ 1052.951425][T25074] Tainted: [U]=USER [ 1052.951434][T25074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1052.951450][T25074] Call Trace: [ 1052.951459][T25074] [ 1052.951470][T25074] dump_stack_lvl+0x16c/0x1f0 [ 1052.951506][T25074] should_fail_ex+0x512/0x640 [ 1052.951537][T25074] ? __kmalloc_noprof+0xca/0x880 [ 1052.951580][T25074] should_failslab+0xc2/0x120 [ 1052.951614][T25074] __kmalloc_noprof+0xdd/0x880 [ 1052.951653][T25074] ? __register_sysctl_table+0xb3/0x1900 [ 1052.951695][T25074] ? __register_sysctl_table+0xb3/0x1900 [ 1052.951730][T25074] __register_sysctl_table+0xb3/0x1900 [ 1052.951767][T25074] ? is_module_address+0x5f/0xf0 [ 1052.951809][T25074] ? __pfx___register_sysctl_table+0x10/0x10 [ 1052.951843][T25074] ? is_module_address+0x69/0xf0 [ 1052.951877][T25074] ? register_net_sysctl_sz+0x228/0x3e0 [ 1052.951915][T25074] ? __asan_memcpy+0x3c/0x60 [ 1052.951953][T25074] xfrm4_net_init+0xf0/0x1c0 [ 1052.951994][T25074] ? __pfx_xfrm4_net_init+0x10/0x10 [ 1052.952032][T25074] ops_init+0x1df/0x5f0 [ 1052.952067][T25074] setup_net+0x100/0x390 [ 1052.952098][T25074] ? __pfx_setup_net+0x10/0x10 [ 1052.952131][T25074] ? debug_mutex_init+0x37/0x70 [ 1052.952162][T25074] copy_net_ns+0x2f8/0x690 [ 1052.952199][T25074] create_new_namespaces+0x3ea/0xa90 [ 1052.952237][T25074] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1052.952270][T25074] ksys_unshare+0x45b/0xa40 [ 1052.952303][T25074] ? __pfx_ksys_unshare+0x10/0x10 [ 1052.952338][T25074] ? xfd_validate_state+0x61/0x180 [ 1052.952387][T25074] __x64_sys_unshare+0x31/0x40 [ 1052.952419][T25074] do_syscall_64+0xcd/0xfa0 [ 1052.952451][T25074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1052.952478][T25074] RIP: 0033:0x7f7a20d8eec9 [ 1052.952499][T25074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1052.952524][T25074] RSP: 002b:00007f7a1eff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1052.952549][T25074] RAX: ffffffffffffffda RBX: 00007f7a20fe5fa0 RCX: 00007f7a20d8eec9 [ 1052.952567][T25074] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1052.952583][T25074] RBP: 00007f7a20e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1052.952600][T25074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1052.952616][T25074] R13: 00007f7a20fe6038 R14: 00007f7a20fe5fa0 R15: 00007ffd30e47578 [ 1052.952654][T25074] [ 1053.113441][ T9049] HfR: left promiscuous mode [ 1053.318512][T25026] chnl_net:caif_netlink_parms(): no params data found [ 1054.032583][T25026] bridge0: port 1(bridge_slave_0) entered blocking state [ 1054.039706][T25026] bridge0: port 1(bridge_slave_0) entered disabled state [ 1054.069195][T25026] bridge_slave_0: entered allmulticast mode [ 1054.077444][T25026] bridge_slave_0: entered promiscuous mode [ 1054.092663][ T9049] hsr_slave_0: left promiscuous mode [ 1054.106275][ T9049] hsr_slave_1: left promiscuous mode [ 1054.116387][ T9049] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1054.136822][ T9049] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1054.145547][ T9049] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1054.191061][ T5838] Bluetooth: hci0: command tx timeout [ 1054.211420][ T9049] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1054.262234][ T9049] veth1_macvtap: left promiscuous mode [ 1054.275369][ T9049] veth1_vlan: left promiscuous mode [ 1054.283616][ T9049] veth0_vlan: left promiscuous mode [ 1055.353583][ T9049] team0 (unregistering): Port device team_slave_1 removed [ 1055.397271][ T9049] team0 (unregistering): Port device team_slave_0 removed [ 1055.790790][T25026] bridge0: port 2(bridge_slave_1) entered blocking state [ 1055.797996][T25026] bridge0: port 2(bridge_slave_1) entered disabled state [ 1055.807325][T25026] bridge_slave_1: entered allmulticast mode [ 1055.817938][T25026] bridge_slave_1: entered promiscuous mode [ 1055.916533][T25026] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1055.979952][T25026] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1056.131201][T25026] team0: Port device team_slave_0 added [ 1056.143203][T25026] team0: Port device team_slave_1 added [ 1056.260727][ T5838] Bluetooth: hci0: command tx timeout [ 1056.308074][T25026] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1056.320218][T25026] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1056.356573][T25026] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1056.375894][T25026] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1056.389540][T25026] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1056.445403][T25026] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1056.456648][T25143] netlink: 'syz.0.3456': attribute type 35 has an invalid length. [ 1056.583504][T25026] hsr_slave_0: entered promiscuous mode [ 1056.812577][T25026] hsr_slave_1: entered promiscuous mode [ 1056.857172][T25026] debugfs: 'hsr0' already exists in 'hsr' [ 1056.862980][T25026] Cannot create hsr debugfs directory [ 1057.564579][T25171] FAULT_INJECTION: forcing a failure. [ 1057.564579][T25171] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1057.577841][T25171] CPU: 1 UID: 0 PID: 25171 Comm: syz.1.3459 Tainted: G U syzkaller #0 PREEMPT(full) [ 1057.577878][T25171] Tainted: [U]=USER [ 1057.577887][T25171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1057.577900][T25171] Call Trace: [ 1057.577908][T25171] [ 1057.577923][T25171] dump_stack_lvl+0x16c/0x1f0 [ 1057.577957][T25171] should_fail_ex+0x512/0x640 [ 1057.577992][T25171] _copy_from_user+0x2e/0xd0 [ 1057.578024][T25171] do_sock_getsockopt+0x3ca/0x440 [ 1057.578059][T25171] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 1057.578090][T25171] ? __fget_files+0x204/0x3c0 [ 1057.578116][T25171] ? 0xffffffffff600000 [ 1057.578149][T25171] __sys_getsockopt+0x123/0x1b0 [ 1057.578177][T25171] ? 0xffffffffff600000 [ 1057.578201][T25171] __x64_sys_getsockopt+0xbd/0x160 [ 1057.578232][T25171] ? do_syscall_64+0x91/0xfa0 [ 1057.578259][T25171] ? lockdep_hardirqs_on+0x7c/0x110 [ 1057.578286][T25171] do_syscall_64+0xcd/0xfa0 [ 1057.578315][T25171] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1057.578340][T25171] RIP: 0033:0x7f3994d8eec9 [ 1057.578359][T25171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1057.578383][T25171] RSP: 002b:00007f3995bba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 1057.578406][T25171] RAX: ffffffffffffffda RBX: 00007f3994fe6090 RCX: 00007f3994d8eec9 [ 1057.578423][T25171] RDX: 0000000000002713 RSI: 0000000000000114 RDI: 0000000000000009 [ 1057.578437][T25171] RBP: 00007f3995bba090 R08: 0000000000000000 R09: 0000000000000000 [ 1057.578452][T25171] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001 [ 1057.578467][T25171] R13: 00007f3994fe6128 R14: 00007f3994fe6090 R15: 00007fff535df398 [ 1057.578490][T25171] ? 0xffffffffff600000 [ 1057.578520][T25171] [ 1058.247846][T25183] serio: Serial port pty6 [ 1058.339268][ T5838] Bluetooth: hci0: command tx timeout [ 1058.913775][T25026] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1059.104711][T25026] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1059.186141][T25026] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1059.265928][T25026] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1059.497398][T25026] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1059.572601][T25026] 8021q: adding VLAN 0 to HW filter on device team0 [ 1059.597840][ T9053] bridge0: port 1(bridge_slave_0) entered blocking state [ 1059.604983][ T9053] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1059.660319][T25210] 0x000200000001-0xa29656a63616329 : "" [ 1059.674421][T25210] mtd: partition "" is out of reach -- disabled [ 1059.739348][T25210] ftl_cs: FTL header not found. [ 1059.850152][T10670] bridge0: port 2(bridge_slave_1) entered blocking state [ 1059.857378][T10670] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1060.042386][T25026] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1060.505961][T25192] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1061.047042][T25026] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1061.406208][T25026] veth0_vlan: entered promiscuous mode [ 1061.428563][T25026] veth1_vlan: entered promiscuous mode [ 1061.579171][T25026] veth0_macvtap: entered promiscuous mode [ 1061.598497][T25026] veth1_macvtap: entered promiscuous mode [ 1061.675507][T25026] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1061.746064][T25261] FAULT_INJECTION: forcing a failure. [ 1061.746064][T25261] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1061.759334][T25261] CPU: 0 UID: 0 PID: 25261 Comm: syz.2.3469 Tainted: G U syzkaller #0 PREEMPT(full) [ 1061.759361][T25261] Tainted: [U]=USER [ 1061.759366][T25261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1061.759375][T25261] Call Trace: [ 1061.759380][T25261] [ 1061.759386][T25261] dump_stack_lvl+0x16c/0x1f0 [ 1061.759409][T25261] should_fail_ex+0x512/0x640 [ 1061.759432][T25261] _copy_to_user+0x32/0xd0 [ 1061.759455][T25261] simple_read_from_buffer+0xcb/0x170 [ 1061.759485][T25261] proc_fail_nth_read+0x197/0x240 [ 1061.759502][T25261] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1061.759519][T25261] ? rw_verify_area+0xcf/0x6c0 [ 1061.759533][T25261] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1061.759549][T25261] vfs_read+0x1e1/0xcf0 [ 1061.759568][T25261] ? __pfx___mutex_lock+0x10/0x10 [ 1061.759589][T25261] ? __pfx_vfs_read+0x10/0x10 [ 1061.759610][T25261] ? __fget_files+0x20e/0x3c0 [ 1061.759631][T25261] ksys_read+0x12a/0x250 [ 1061.759646][T25261] ? __pfx_ksys_read+0x10/0x10 [ 1061.759661][T25261] ? 0xffffffffff600000 [ 1061.759679][T25261] do_syscall_64+0xcd/0xfa0 [ 1061.759699][T25261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1061.759715][T25261] RIP: 0033:0x7fa5d098d8dc [ 1061.759727][T25261] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1061.759740][T25261] RSP: 002b:00007fa5cebf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1061.759754][T25261] RAX: ffffffffffffffda RBX: 00007fa5d0be6090 RCX: 00007fa5d098d8dc [ 1061.759763][T25261] RDX: 000000000000000f RSI: 00007fa5cebf60a0 RDI: 000000000000000a [ 1061.759772][T25261] RBP: 00007fa5cebf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1061.759780][T25261] R10: ffffffffff600000 R11: 0000000000000246 R12: 0000000000000001 [ 1061.759789][T25261] R13: 00007fa5d0be6128 R14: 00007fa5d0be6090 R15: 00007ffd1bcefb78 [ 1061.759802][T25261] ? 0xffffffffff600000 [ 1061.759818][T25261] [ 1062.071832][T25026] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1062.121044][T25264] vivid-003: ================= START STATUS ================= [ 1062.128768][T25264] vivid-003: Radio HW Seek Mode: Bounded [ 1062.135414][T25264] vivid-003: Radio Programmable HW Seek: false [ 1062.142044][T25264] vivid-003: RDS Rx I/O Mode: Block I/O [ 1062.147634][T25264] vivid-003: Generate RBDS Instead of RDS: false [ 1062.156186][T25264] vivid-003: RDS Reception: true [ 1062.161198][T25264] vivid-003: RDS Program Type: 0 inactive [ 1062.167025][T25264] vivid-003: RDS PS Name: inactive [ 1062.171250][ T9053] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1062.172312][T25264] vivid-003: RDS Radio Text: inactive [ 1062.187648][T25264] vivid-003: RDS Traffic Announcement: false inactive [ 1062.194506][T25264] vivid-003: RDS Traffic Program: false inactive [ 1062.201351][T25264] vivid-003: RDS Music: false inactive [ 1062.206910][T25264] vivid-003: ================== END STATUS ================== [ 1062.217603][ T7724] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1062.460970][ T7724] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1062.645520][ T7724] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1062.759261][T25283] program syz.1.3475 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1062.815275][T25285] block2mtd: parameter too long [ 1063.397359][T13681] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1063.407894][T13681] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1063.416210][T13681] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1063.425174][T13681] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1063.432655][T13681] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1063.598032][ T9049] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.685778][ T7726] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1063.719384][ T7726] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1063.823416][ T9049] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1063.995485][ T9049] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1064.043707][T10670] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1064.076009][T10670] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1064.688096][ T9049] bridge_slave_1: left allmulticast mode [ 1064.694680][ T9049] bridge_slave_1: left promiscuous mode [ 1064.712116][ T9049] bridge0: port 2(bridge_slave_1) entered disabled state [ 1064.758667][ T9049] bridge_slave_0: left allmulticast mode [ 1064.780881][ T9049] bridge_slave_0: left promiscuous mode [ 1064.796378][ T9049] bridge0: port 1(bridge_slave_0) entered disabled state [ 1064.863254][T25336] FAULT_INJECTION: forcing a failure. [ 1064.863254][T25336] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1064.906248][T25336] CPU: 1 UID: 0 PID: 25336 Comm: syz.2.3479 Tainted: G U syzkaller #0 PREEMPT(full) [ 1064.906290][T25336] Tainted: [U]=USER [ 1064.906299][T25336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1064.906313][T25336] Call Trace: [ 1064.906322][T25336] [ 1064.906332][T25336] dump_stack_lvl+0x16c/0x1f0 [ 1064.906368][T25336] should_fail_ex+0x512/0x640 [ 1064.906405][T25336] should_fail_alloc_page+0xe7/0x130 [ 1064.906441][T25336] prepare_alloc_pages+0x3c2/0x610 [ 1064.906480][T25336] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1064.906513][T25336] ? stack_trace_save+0x8e/0xc0 [ 1064.906541][T25336] ? __pfx_stack_trace_save+0x10/0x10 [ 1064.906571][T25336] ? stack_depot_save_flags+0x29/0x9c0 [ 1064.906608][T25336] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1064.906636][T25336] ? __lock_acquire+0x62e/0x1ce0 [ 1064.906679][T25336] ? __lock_acquire+0x62e/0x1ce0 [ 1064.906727][T25336] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1064.906772][T25336] ? policy_nodemask+0xea/0x4e0 [ 1064.906809][T25336] alloc_pages_mpol+0x1fb/0x550 [ 1064.906841][T25336] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1064.906874][T25336] ? __memcg_slab_post_alloc_hook+0x47c/0x940 [ 1064.906910][T25336] alloc_pages_noprof+0x131/0x390 [ 1064.906942][T25336] pgd_alloc+0x4b/0x600 [ 1064.906972][T25336] mm_init+0x726/0x1380 [ 1064.907005][T25336] copy_process+0x3eee/0x76a0 [ 1064.907036][T25336] ? __pfx___futex_wait+0x10/0x10 [ 1064.907088][T25336] ? __pfx_copy_process+0x10/0x10 [ 1064.907118][T25336] ? futex_private_hash_put+0x176/0x300 [ 1064.907155][T25336] ? futex_private_hash_put+0x18a/0x300 [ 1064.907194][T25336] kernel_clone+0xfc/0x930 [ 1064.907228][T25336] ? __pfx_kernel_clone+0x10/0x10 [ 1064.907276][T25336] __do_sys_clone+0xce/0x120 [ 1064.907307][T25336] ? __pfx___do_sys_clone+0x10/0x10 [ 1064.907355][T25336] ? xfd_validate_state+0x61/0x180 [ 1064.907388][T25336] ? __pfx_do_writev+0x10/0x10 [ 1064.907423][T25336] do_syscall_64+0xcd/0xfa0 [ 1064.907455][T25336] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1064.907482][T25336] RIP: 0033:0x7fa5d098eec9 [ 1064.907503][T25336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1064.907530][T25336] RSP: 002b:00007fa5d1745038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1064.907555][T25336] RAX: ffffffffffffffda RBX: 00007fa5d0be5fa0 RCX: 00007fa5d098eec9 [ 1064.907574][T25336] RDX: 0000000000000000 RSI: 0000000100000000 RDI: 0000000000000007 [ 1064.907590][T25336] RBP: 00007fa5d0a11f91 R08: 0000000000000006 R09: 0000000000000000 [ 1064.907606][T25336] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000000 [ 1064.907623][T25336] R13: 00007fa5d0be6038 R14: 00007fa5d0be5fa0 R15: 00007ffd1bcefb78 [ 1064.907660][T25336] [ 1065.497248][T13681] Bluetooth: hci1: command tx timeout [ 1066.352441][ T9049] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1066.381004][ T9049] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1066.394696][ T9049] bond0 (unregistering): Released all slaves [ 1066.884387][T25376] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 1067.142902][T25300] chnl_net:caif_netlink_parms(): no params data found [ 1067.240122][ T9049] hsr_slave_0: left promiscuous mode [ 1067.263885][ T9049] hsr_slave_1: left promiscuous mode [ 1067.269998][ T9049] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1067.279265][ T9049] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1067.291017][ T9049] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1067.302263][ T9049] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1067.352537][ T9049] veth1_macvtap: left promiscuous mode [ 1067.358202][ T9049] veth0_macvtap: left promiscuous mode [ 1067.372580][ T9049] veth1_vlan: left promiscuous mode [ 1067.381325][ T9049] veth0_vlan: left promiscuous mode [ 1067.563410][T13681] Bluetooth: hci1: command tx timeout [ 1068.066606][T25395] serio: Serial port pty6 [ 1068.190912][ T5838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1068.206601][T25402] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1068.215126][T25402] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1068.224032][T25402] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1068.236113][T25402] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1068.727327][ T9049] team0 (unregistering): Port device team_slave_1 removed [ 1068.821154][ T9049] team0 (unregistering): Port device team_slave_0 removed [ 1069.630716][T25402] Bluetooth: hci1: command tx timeout [ 1069.901439][T25300] bridge0: port 1(bridge_slave_0) entered blocking state [ 1069.908748][T25300] bridge0: port 1(bridge_slave_0) entered disabled state [ 1069.917247][T25300] bridge_slave_0: entered allmulticast mode [ 1069.936527][T25300] bridge_slave_0: entered promiscuous mode [ 1069.974124][T25300] bridge0: port 2(bridge_slave_1) entered blocking state [ 1069.982556][T25300] bridge0: port 2(bridge_slave_1) entered disabled state [ 1070.008003][T25300] bridge_slave_1: entered allmulticast mode [ 1070.023997][T25300] bridge_slave_1: entered promiscuous mode [ 1070.095738][T25300] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1070.160084][T25300] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1070.222065][T25300] team0: Port device team_slave_0 added [ 1070.278264][T25402] Bluetooth: hci0: command tx timeout [ 1070.315389][T25300] team0: Port device team_slave_1 added [ 1070.405696][T25300] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1070.414991][T25300] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1070.466300][T25300] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1070.488386][T25400] chnl_net:caif_netlink_parms(): no params data found [ 1070.615878][ T9049] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1070.659023][T25300] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1070.677010][T25300] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1070.747715][T25300] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1070.976550][ T9049] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1071.135549][ T9049] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1071.155218][T25427] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1071.212081][T25300] hsr_slave_0: entered promiscuous mode [ 1071.220670][T25300] hsr_slave_1: entered promiscuous mode [ 1071.249697][ T9049] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1071.304216][T25400] bridge0: port 1(bridge_slave_0) entered blocking state [ 1071.311420][T25400] bridge0: port 1(bridge_slave_0) entered disabled state [ 1071.319363][T25400] bridge_slave_0: entered allmulticast mode [ 1071.328659][T25400] bridge_slave_0: entered promiscuous mode [ 1071.372795][T25400] bridge0: port 2(bridge_slave_1) entered blocking state [ 1071.380070][T25400] bridge0: port 2(bridge_slave_1) entered disabled state [ 1071.389584][T25400] bridge_slave_1: entered allmulticast mode [ 1071.397528][T25400] bridge_slave_1: entered promiscuous mode [ 1071.508268][T25400] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1071.554162][T25400] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1071.657682][T25400] team0: Port device team_slave_0 added [ 1071.696915][T25400] team0: Port device team_slave_1 added [ 1071.702850][T25402] Bluetooth: hci1: command tx timeout [ 1071.825761][T25400] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1071.834955][T25400] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1071.897895][T25400] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1071.966744][T25400] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1071.975097][T25400] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1072.003402][T25400] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1072.057014][ T9049] bridge_slave_1: left allmulticast mode [ 1072.077882][ T9049] bridge_slave_1: left promiscuous mode [ 1072.085320][ T9049] bridge0: port 2(bridge_slave_1) entered disabled state [ 1072.109306][ T9049] bridge_slave_0: left allmulticast mode [ 1072.115046][ T9049] bridge_slave_0: left promiscuous mode [ 1072.122625][ T9049] bridge0: port 1(bridge_slave_0) entered disabled state [ 1072.349163][T25402] Bluetooth: hci0: command tx timeout [ 1072.636059][ T9049] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1072.650008][ T9049] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1072.662574][ T9049] bond0 (unregistering): Released all slaves [ 1073.051118][T25400] hsr_slave_0: entered promiscuous mode [ 1073.058926][T25400] hsr_slave_1: entered promiscuous mode [ 1073.065706][T25400] debugfs: 'hsr0' already exists in 'hsr' [ 1073.071440][T25400] Cannot create hsr debugfs directory [ 1073.276653][ T9049] hsr_slave_0: left promiscuous mode [ 1073.289699][ T9049] hsr_slave_1: left promiscuous mode [ 1073.297237][ T9049] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1073.304976][ T9049] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1073.312841][ T9049] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1073.320241][ T9049] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1073.344318][ T9049] veth1_macvtap: left promiscuous mode [ 1073.349874][ T9049] veth0_macvtap: left promiscuous mode [ 1073.356030][ T9049] veth1_vlan: left promiscuous mode [ 1073.361487][ T9049] veth0_vlan: left promiscuous mode [ 1073.943936][ T9049] team0 (unregistering): Port device team_slave_1 removed [ 1073.993782][ T9049] team0 (unregistering): Port device team_slave_0 removed [ 1074.406774][T25402] Bluetooth: hci0: command tx timeout [ 1074.454218][T25475] Invalid ELF header magic: != ELF [ 1074.542539][T25475] Invalid ELF header magic: != ELF [ 1074.698060][T25475] Invalid ELF header magic: != ELF [ 1074.743679][T25475] Invalid ELF header magic: != ELF [ 1074.792693][T25300] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1074.818417][T25475] Invalid ELF header magic: != ELF [ 1074.835402][T25300] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1074.846931][T25475] Invalid ELF header magic: != ELF [ 1074.869291][T25475] Invalid ELF header magic: != ELF [ 1074.912257][T25300] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1074.932238][T25300] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1074.985705][T25475] Invalid ELF header magic: != ELF [ 1075.071130][T25475] Invalid ELF header magic: != ELF [ 1075.165689][T25475] Invalid ELF header magic: != ELF [ 1075.377636][T25300] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1075.456249][T25300] 8021q: adding VLAN 0 to HW filter on device team0 [ 1075.513806][ T7724] bridge0: port 1(bridge_slave_0) entered blocking state [ 1075.521036][ T7724] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1075.611465][ T9049] bridge0: port 2(bridge_slave_1) entered blocking state [ 1075.618677][ T9049] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1075.649835][T25400] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1075.663993][T25400] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1075.679973][T25400] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1075.693748][T25400] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1075.974325][T25400] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1076.016806][T25400] 8021q: adding VLAN 0 to HW filter on device team0 [ 1076.075574][T10665] bridge0: port 1(bridge_slave_0) entered blocking state [ 1076.082788][T10665] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1076.116501][T10665] bridge0: port 2(bridge_slave_1) entered blocking state [ 1076.123722][T10665] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1076.477164][T25402] Bluetooth: hci0: command tx timeout [ 1076.679279][T25300] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1076.819274][T25300] veth0_vlan: entered promiscuous mode [ 1076.964450][T25300] veth1_vlan: entered promiscuous mode [ 1077.048257][T25400] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1077.080259][T25402] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 1077.080297][T25402] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 1077.095535][T25402] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 1077.095569][T25402] Bluetooth: hci2: adv larger than maximum supported [ 1077.098154][T25300] veth0_macvtap: entered promiscuous mode [ 1077.112817][T25402] Bluetooth: hci2: Malformed LE Event: 0x0d [ 1077.151243][T25300] veth1_macvtap: entered promiscuous mode [ 1077.297643][T25300] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1077.396920][T25300] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1077.447684][T25400] veth0_vlan: entered promiscuous mode [ 1077.488582][T10670] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1077.519117][T10670] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1077.541123][T10670] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1077.566302][T10670] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1077.614209][T25400] veth1_vlan: entered promiscuous mode [ 1078.039843][T25574] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1078.195753][T25400] veth0_macvtap: entered promiscuous mode [ 1078.222458][T10665] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1078.234137][T10665] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1078.461658][T25400] veth1_macvtap: entered promiscuous mode [ 1078.827463][T25400] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1078.947228][T10665] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1078.955340][T10665] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1078.977732][T25400] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1079.068684][ T9049] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1079.187870][ T9049] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1079.244517][ T9049] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1079.308732][ T9049] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1079.496078][T10665] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1079.539074][T10665] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1079.631986][T10670] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1079.668139][T10670] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1079.688980][T25611] FAULT_INJECTION: forcing a failure. [ 1079.688980][T25611] name failslab, interval 1, probability 0, space 0, times 0 [ 1079.710126][T25611] CPU: 1 UID: 0 PID: 25611 Comm: syz.2.3502 Tainted: G U syzkaller #0 PREEMPT(full) [ 1079.710169][T25611] Tainted: [U]=USER [ 1079.710178][T25611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1079.710195][T25611] Call Trace: [ 1079.710204][T25611] [ 1079.710216][T25611] dump_stack_lvl+0x16c/0x1f0 [ 1079.710251][T25611] should_fail_ex+0x512/0x640 [ 1079.710282][T25611] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1079.710327][T25611] should_failslab+0xc2/0x120 [ 1079.710366][T25611] __kmalloc_cache_noprof+0x72/0x780 [ 1079.710405][T25611] ? resv_map_alloc+0x46/0x400 [ 1079.710443][T25611] ? resv_map_alloc+0x46/0x400 [ 1079.710473][T25611] resv_map_alloc+0x46/0x400 [ 1079.710509][T25611] hugetlbfs_get_inode+0x33f/0x730 [ 1079.710535][T25611] ? security_capable+0x7e/0x260 [ 1079.710573][T25611] hugetlb_file_setup+0x38d/0x620 [ 1079.710607][T25611] newseg+0xa74/0xe60 [ 1079.710639][T25611] ? __pfx_newseg+0x10/0x10 [ 1079.710661][T25611] ? find_held_lock+0x2b/0x80 [ 1079.710689][T25611] ? ipcget+0xa98/0xfa0 [ 1079.710720][T25611] ipcget+0xaf0/0xfa0 [ 1079.710758][T25611] ? __pfx___might_resched+0x10/0x10 [ 1079.710785][T25611] ? __pfx_ipcget+0x10/0x10 [ 1079.710813][T25611] ? __x64_sys_futex+0x1e0/0x4c0 [ 1079.710846][T25611] ? __x64_sys_futex+0x1e9/0x4c0 [ 1079.710886][T25611] __x64_sys_shmget+0x13b/0x1b0 [ 1079.710913][T25611] ? __pfx___x64_sys_shmget+0x10/0x10 [ 1079.710945][T25611] ? rcu_is_watching+0x12/0xc0 [ 1079.710983][T25611] do_syscall_64+0xcd/0xfa0 [ 1079.711017][T25611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1079.711043][T25611] RIP: 0033:0x7fa5d098eec9 [ 1079.711062][T25611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1079.711086][T25611] RSP: 002b:00007fa5cebf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 1079.711111][T25611] RAX: ffffffffffffffda RBX: 00007fa5d0be6090 RCX: 00007fa5d098eec9 [ 1079.711129][T25611] RDX: 000000000000ffff RSI: 0000000000000006 RDI: 0000000000000004 [ 1079.711143][T25611] RBP: 00007fa5d0a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1079.711157][T25611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1079.711171][T25611] R13: 00007fa5d0be6128 R14: 00007fa5d0be6090 R15: 00007ffd1bcefb78 [ 1079.711209][T25611] [ 1080.624746][T25631] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1081.058469][T25627] random: crng reseeded on system resumption [ 1081.073272][T25627] Restarting kernel threads ... [ 1081.078574][T25627] Done restarting kernel threads. [ 1081.876912][T25664] serio: Serial port pty6 [ 1082.467701][T25681] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3514'. [ 1083.938118][T25725] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3524'. [ 1084.477105][T25725] bridge0: port 2(bridge_slave_1) entered disabled state [ 1084.805227][T25725] bridge_slave_1 (unregistering): left allmulticast mode [ 1084.831689][T25725] bridge_slave_1 (unregistering): left promiscuous mode [ 1084.852416][T25725] bridge0: port 2(bridge_slave_1) entered disabled state [ 1087.442109][T25779] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3538'. [ 1088.618908][T25787] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1091.291802][T25840] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3549'. [ 1091.374962][T25827] zswap: compressor not available [ 1091.516627][T25833] zswap: compressor not available [ 1092.981960][T19605] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1093.262840][T19605] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1093.290295][T25864] net_ratelimit: 95 callbacks suppressed [ 1093.290321][T25864] openvswitch: netlink: Key type 29 is not supported [ 1093.399640][T19605] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1093.792780][T13681] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1093.804500][T13681] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1093.816838][T13681] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1093.864759][T13681] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1093.877021][T13681] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1094.092649][T19605] bridge_slave_0: left allmulticast mode [ 1094.100511][T19605] bridge_slave_0: left promiscuous mode [ 1094.107279][T19605] bridge0: port 1(bridge_slave_0) entered disabled state [ 1095.311799][T25886] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1095.558004][T19605] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1095.573301][T19605] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1095.585493][T19605] bond0 (unregistering): Released all slaves [ 1095.763269][T25907] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3568'. [ 1095.974989][T13681] Bluetooth: hci1: command tx timeout [ 1096.130113][T19605] hsr_slave_0: left promiscuous mode [ 1096.138263][T19605] hsr_slave_1: left promiscuous mode [ 1096.157828][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1096.212747][T19605] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1096.221432][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1096.229448][T19605] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1096.254919][T19605] veth1_macvtap: left promiscuous mode [ 1096.260690][T19605] veth0_macvtap: left promiscuous mode [ 1096.391694][T19605] veth1_vlan: left promiscuous mode [ 1096.444638][T19605] veth0_vlan: left promiscuous mode [ 1098.042944][T13681] Bluetooth: hci1: command tx timeout [ 1098.164591][T19605] team0 (unregistering): Port device team_slave_1 removed [ 1098.276625][T19605] team0 (unregistering): Port device team_slave_0 removed [ 1099.430874][T25872] chnl_net:caif_netlink_parms(): no params data found [ 1099.691051][T13681] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5 [ 1099.888362][T19605] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1099.945889][T25872] bridge0: port 1(bridge_slave_0) entered blocking state [ 1099.969204][T25872] bridge0: port 1(bridge_slave_0) entered disabled state [ 1099.991115][T25872] bridge_slave_0: entered allmulticast mode [ 1100.011582][T25872] bridge_slave_0: entered promiscuous mode [ 1100.041094][T25872] bridge0: port 2(bridge_slave_1) entered blocking state [ 1100.066744][T25872] bridge0: port 2(bridge_slave_1) entered disabled state [ 1100.082470][T25872] bridge_slave_1: entered allmulticast mode [ 1100.099798][T25872] bridge_slave_1: entered promiscuous mode [ 1100.113079][T13681] Bluetooth: hci1: command tx timeout [ 1100.210039][T19605] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1100.267215][T25402] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1100.279445][T25402] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1100.287656][T25402] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1100.309590][T25402] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1100.321191][T25402] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1100.379281][T25872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1100.405568][T25872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1100.473556][T19605] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1100.569053][T25998] usb usb24: check_ctrlrecip: process 25998 (syz.1.3582) requesting ep 01 but needs 81 [ 1100.588147][T25872] team0: Port device team_slave_0 added [ 1100.608461][T25872] team0: Port device team_slave_1 added [ 1100.616499][T25998] usb usb24: usbfs: process 25998 (syz.1.3582) did not claim interface 0 before use [ 1100.764039][T25402] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 1100.764064][T25402] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 1100.779022][T25402] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 1100.779070][T25402] Bluetooth: hci3: adv larger than maximum supported [ 1100.786566][T25402] Bluetooth: hci3: Malformed LE Event: 0x0d [ 1100.931371][T19605] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1101.102245][T25872] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1101.110698][T25872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1101.169118][T25872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1101.209616][T25872] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1101.239441][T25872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1101.281311][T25872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1101.474274][T25872] hsr_slave_0: entered promiscuous mode [ 1101.487153][T25872] hsr_slave_1: entered promiscuous mode [ 1101.743464][T19605] bridge_slave_1: left allmulticast mode [ 1101.749421][T19605] bridge_slave_1: left promiscuous mode [ 1101.756169][T19605] bridge0: port 2(bridge_slave_1) entered disabled state [ 1101.765571][T19605] bridge_slave_0: left allmulticast mode [ 1101.771208][T19605] bridge_slave_0: left promiscuous mode [ 1101.777785][T19605] bridge0: port 1(bridge_slave_0) entered disabled state [ 1102.191356][T25402] Bluetooth: hci1: command tx timeout [ 1102.344732][T25402] Bluetooth: hci0: command tx timeout [ 1102.881533][T19605] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1102.893979][T19605] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1102.911539][T19605] bond0 (unregistering): Released all slaves [ 1104.063502][T19605] hsr_slave_0: left promiscuous mode [ 1104.081539][T19605] hsr_slave_1: left promiscuous mode [ 1104.094197][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1104.114184][T19605] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1104.136846][T19605] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1104.152970][T19605] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1104.240684][T19605] veth1_macvtap: left promiscuous mode [ 1104.250735][T19605] veth0_macvtap: left promiscuous mode [ 1104.270608][T19605] veth1_vlan: left promiscuous mode [ 1104.276246][T19605] veth0_vlan: left promiscuous mode [ 1104.339397][T26075] serio: Serial port pty6 [ 1104.411125][T25402] Bluetooth: hci0: command tx timeout [ 1104.466886][T26070] netlink: 122 bytes leftover after parsing attributes in process `syz.1.3590'. [ 1105.473089][T19605] team0 (unregistering): Port device team_slave_1 removed [ 1105.518369][T19605] team0 (unregistering): Port device team_slave_0 removed [ 1105.948175][T25993] chnl_net:caif_netlink_parms(): no params data found [ 1106.168845][T26098] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 1106.493000][T25402] Bluetooth: hci0: command tx timeout [ 1106.533436][T25993] bridge0: port 1(bridge_slave_0) entered blocking state [ 1106.543492][T25993] bridge0: port 1(bridge_slave_0) entered disabled state [ 1106.577375][T25993] bridge_slave_0: entered allmulticast mode [ 1106.595262][T25993] bridge_slave_0: entered promiscuous mode [ 1106.618495][T25993] bridge0: port 2(bridge_slave_1) entered blocking state [ 1106.629438][T25993] bridge0: port 2(bridge_slave_1) entered disabled state [ 1106.637116][T25993] bridge_slave_1: entered allmulticast mode [ 1106.646096][T25993] bridge_slave_1: entered promiscuous mode [ 1106.773177][T25993] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1106.793008][T25993] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1106.880510][T25872] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1106.965043][T25993] team0: Port device team_slave_0 added [ 1106.978976][T25872] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1107.028981][T25993] team0: Port device team_slave_1 added [ 1107.213887][T25872] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1107.396125][T25872] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1107.465982][T25993] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1107.472975][T25993] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1107.573548][T25993] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1107.586305][T25993] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1107.593362][T25993] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1107.692896][T25993] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1107.730627][T26132] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 1107.764824][T26132] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 1107.791501][T26132] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 1107.800649][T26132] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 1107.810351][T26132] page dumped because: unmovable page [ 1107.816118][T26132] page_owner info is not present (never set?) [ 1108.029671][T25993] hsr_slave_0: entered promiscuous mode [ 1108.059748][T25993] hsr_slave_1: entered promiscuous mode [ 1108.075323][T26139] random: crng reseeded on system resumption [ 1108.086941][T25993] debugfs: 'hsr0' already exists in 'hsr' [ 1108.108470][T25993] Cannot create hsr debugfs directory [ 1108.456721][T25872] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1108.508204][T25872] 8021q: adding VLAN 0 to HW filter on device team0 [ 1108.545758][ T7726] bridge0: port 1(bridge_slave_0) entered blocking state [ 1108.552892][ T7726] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1108.558200][T25402] Bluetooth: hci0: command tx timeout [ 1108.612192][ T7726] bridge0: port 2(bridge_slave_1) entered blocking state [ 1108.619417][ T7726] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1109.250256][T26170] FAULT_INJECTION: forcing a failure. [ 1109.250256][T26170] name failslab, interval 1, probability 0, space 0, times 0 [ 1109.331032][T26170] CPU: 0 UID: 0 PID: 26170 Comm: syz.1.3604 Tainted: G U syzkaller #0 PREEMPT(full) [ 1109.331066][T26170] Tainted: [U]=USER [ 1109.331073][T26170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1109.331088][T26170] Call Trace: [ 1109.331094][T26170] [ 1109.331101][T26170] dump_stack_lvl+0x16c/0x1f0 [ 1109.331129][T26170] should_fail_ex+0x512/0x640 [ 1109.331154][T26170] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 1109.331183][T26170] should_failslab+0xc2/0x120 [ 1109.331215][T26170] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1109.331240][T26170] ? __alloc_skb+0x2b2/0x380 [ 1109.331273][T26170] ? __alloc_skb+0x2b2/0x380 [ 1109.331296][T26170] __alloc_skb+0x2b2/0x380 [ 1109.331322][T26170] ? __pfx___alloc_skb+0x10/0x10 [ 1109.331351][T26170] ? __pfx___might_resched+0x10/0x10 [ 1109.331385][T26170] netlink_alloc_large_skb+0x69/0x140 [ 1109.331419][T26170] netlink_sendmsg+0x698/0xdd0 [ 1109.331455][T26170] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1109.331489][T26170] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1109.331533][T26170] sock_write_iter+0x563/0x610 [ 1109.331568][T26170] ? __pfx_sock_write_iter+0x10/0x10 [ 1109.331615][T26170] ? bpf_lsm_file_permission+0x9/0x10 [ 1109.331643][T26170] ? security_file_permission+0x71/0x210 [ 1109.331668][T26170] ? rw_verify_area+0xcf/0x6c0 [ 1109.331695][T26170] vfs_write+0x7d3/0x11d0 [ 1109.331723][T26170] ? __pfx_sock_write_iter+0x10/0x10 [ 1109.331760][T26170] ? __pfx_vfs_write+0x10/0x10 [ 1109.331784][T26170] ? find_held_lock+0x2b/0x80 [ 1109.331832][T26170] ksys_write+0x1f8/0x250 [ 1109.331858][T26170] ? __pfx_ksys_write+0x10/0x10 [ 1109.331901][T26170] do_syscall_64+0xcd/0xfa0 [ 1109.331931][T26170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1109.331955][T26170] RIP: 0033:0x7f3994d8eec9 [ 1109.331975][T26170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1109.331999][T26170] RSP: 002b:00007f3995bdb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1109.332022][T26170] RAX: ffffffffffffffda RBX: 00007f3994fe5fa0 RCX: 00007f3994d8eec9 [ 1109.332039][T26170] RDX: 00000000000002fb RSI: 0000200000000000 RDI: 0000000000000003 [ 1109.332055][T26170] RBP: 00007f3995bdb090 R08: 0000000000000000 R09: 0000000000000000 [ 1109.332070][T26170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1109.332085][T26170] R13: 00007f3994fe6038 R14: 00007f3994fe5fa0 R15: 00007fff535df398 [ 1109.332122][T26170] [ 1109.688634][T25993] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1109.710641][T25993] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1109.738476][T25993] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1109.766434][T25993] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1109.894732][T25872] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1110.023123][T25872] veth0_vlan: entered promiscuous mode [ 1110.230684][T25872] veth1_vlan: entered promiscuous mode [ 1110.251122][T25993] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1110.336463][T26192] zswap: compressor not available [ 1110.365987][T25993] 8021q: adding VLAN 0 to HW filter on device team0 [ 1110.566994][T25872] veth0_macvtap: entered promiscuous mode [ 1110.725261][T19605] bridge0: port 1(bridge_slave_0) entered blocking state [ 1110.732839][T19605] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1110.777464][T19605] bridge0: port 2(bridge_slave_1) entered blocking state [ 1110.784611][T19605] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1110.825327][T25872] veth1_macvtap: entered promiscuous mode [ 1110.868474][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1110.878436][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1111.150578][T25993] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1111.446373][T25872] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1111.483417][T25872] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1111.586228][ T7724] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1111.609313][ T7724] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1111.665703][ T7724] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1111.737835][ T7724] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1111.777056][T25993] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1111.953721][ T7724] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1111.955972][T25993] veth0_vlan: entered promiscuous mode [ 1111.968737][ T7724] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1112.048935][T25993] veth1_vlan: entered promiscuous mode [ 1112.081400][ T9053] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1112.089261][ T9053] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1112.184952][T25993] veth0_macvtap: entered promiscuous mode [ 1112.199500][T26239] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 1112.219018][T26239] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 1112.224549][T25993] veth1_macvtap: entered promiscuous mode [ 1112.270282][T26239] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 1112.287530][T26239] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 1112.306655][T26239] page dumped because: unmovable page [ 1112.311817][T25993] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1112.394019][T26239] page_owner info is not present (never set?) [ 1112.420409][T25993] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1112.509022][T26252] serio: Serial port pty6 [ 1112.569388][T19605] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1112.595772][T19605] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1112.640227][T19605] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1112.668301][ T7726] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1112.718567][T26253] random: crng reseeded on system resumption [ 1113.074778][T10670] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1113.128918][T10670] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1113.270010][ T7726] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1113.344931][ T7726] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1113.558837][T26268] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1114.625646][T26300] zero sized request [ 1114.804787][T26302] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3614'. [ 1114.931330][T26307] 0x000200000001-0xa29656a63616329 : "" [ 1114.937127][T26307] mtd: partition "" is out of reach -- disabled [ 1114.981561][T26307] ftl_cs: FTL header not found. [ 1115.800824][T26348] FAULT_INJECTION: forcing a failure. [ 1115.800824][T26348] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1115.850121][T26331] sd 0:0:1:0: PR command failed: 1026 [ 1115.855750][T26348] CPU: 1 UID: 0 PID: 26348 Comm: syz.2.3624 Tainted: G U syzkaller #0 PREEMPT(full) [ 1115.855788][T26348] Tainted: [U]=USER [ 1115.855796][T26348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1115.855810][T26348] Call Trace: [ 1115.855818][T26348] [ 1115.855828][T26348] dump_stack_lvl+0x16c/0x1f0 [ 1115.855862][T26348] should_fail_ex+0x512/0x640 [ 1115.855897][T26348] _copy_from_iter+0x29f/0x1720 [ 1115.855932][T26348] ? __alloc_skb+0x200/0x380 [ 1115.855959][T26348] ? __pfx__copy_from_iter+0x10/0x10 [ 1115.855993][T26348] ? __pfx___might_resched+0x10/0x10 [ 1115.856031][T26348] netlink_sendmsg+0x820/0xdd0 [ 1115.856069][T26348] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1115.856104][T26348] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1115.856144][T26348] sock_write_iter+0x563/0x610 [ 1115.856180][T26348] ? __pfx_sock_write_iter+0x10/0x10 [ 1115.856226][T26348] ? bpf_lsm_file_permission+0x9/0x10 [ 1115.856254][T26348] ? security_file_permission+0x71/0x210 [ 1115.856278][T26348] ? rw_verify_area+0xcf/0x6c0 [ 1115.856305][T26348] vfs_write+0x7d3/0x11d0 [ 1115.856333][T26348] ? __pfx_sock_write_iter+0x10/0x10 [ 1115.856370][T26348] ? __pfx_vfs_write+0x10/0x10 [ 1115.856393][T26348] ? find_held_lock+0x2b/0x80 [ 1115.856442][T26348] ksys_write+0x1f8/0x250 [ 1115.856468][T26348] ? __pfx_ksys_write+0x10/0x10 [ 1115.856504][T26348] do_syscall_64+0xcd/0xfa0 [ 1115.856541][T26348] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1115.856567][T26348] RIP: 0033:0x7fa5d098eec9 [ 1115.856587][T26348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1115.856609][T26348] RSP: 002b:00007fa5d1745038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1115.856634][T26348] RAX: ffffffffffffffda RBX: 00007fa5d0be5fa0 RCX: 00007fa5d098eec9 [ 1115.856651][T26348] RDX: 00000000000002fb RSI: 0000200000000000 RDI: 0000000000000003 [ 1115.856666][T26348] RBP: 00007fa5d1745090 R08: 0000000000000000 R09: 0000000000000000 [ 1115.856681][T26348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1115.856696][T26348] R13: 00007fa5d0be6038 R14: 00007fa5d0be5fa0 R15: 00007ffd1bcefb78 [ 1115.856731][T26348] [ 1116.107246][T26331] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 1116.115454][T26331] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 1117.388098][T26383] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 1118.623035][T26421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3633'. [ 1118.985871][T26433] FAULT_INJECTION: forcing a failure. [ 1118.985871][T26433] name failslab, interval 1, probability 0, space 0, times 0 [ 1119.039792][T26433] CPU: 0 UID: 0 PID: 26433 Comm: syz.3.3635 Tainted: G U syzkaller #0 PREEMPT(full) [ 1119.039831][T26433] Tainted: [U]=USER [ 1119.039839][T26433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1119.039853][T26433] Call Trace: [ 1119.039863][T26433] [ 1119.039873][T26433] dump_stack_lvl+0x16c/0x1f0 [ 1119.039907][T26433] should_fail_ex+0x512/0x640 [ 1119.039935][T26433] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 1119.039970][T26433] should_failslab+0xc2/0x120 [ 1119.040003][T26433] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1119.040029][T26433] ? skb_clone+0x190/0x3f0 [ 1119.040064][T26433] ? skb_clone+0x190/0x3f0 [ 1119.040090][T26433] skb_clone+0x190/0x3f0 [ 1119.040120][T26433] netlink_deliver_tap+0xabd/0xd30 [ 1119.040158][T26433] netlink_unicast+0x64c/0x870 [ 1119.040201][T26433] ? __pfx_netlink_unicast+0x10/0x10 [ 1119.040231][T26433] ? __pfx___might_resched+0x10/0x10 [ 1119.040271][T26433] netlink_sendmsg+0x8c8/0xdd0 [ 1119.040307][T26433] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1119.040343][T26433] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1119.040383][T26433] sock_write_iter+0x563/0x610 [ 1119.040419][T26433] ? __pfx_sock_write_iter+0x10/0x10 [ 1119.040468][T26433] ? bpf_lsm_file_permission+0x9/0x10 [ 1119.040494][T26433] ? security_file_permission+0x71/0x210 [ 1119.040521][T26433] ? rw_verify_area+0xcf/0x6c0 [ 1119.040547][T26433] vfs_write+0x7d3/0x11d0 [ 1119.040575][T26433] ? __pfx_sock_write_iter+0x10/0x10 [ 1119.040613][T26433] ? __pfx_vfs_write+0x10/0x10 [ 1119.040636][T26433] ? find_held_lock+0x2b/0x80 [ 1119.040686][T26433] ksys_write+0x1f8/0x250 [ 1119.040712][T26433] ? __pfx_ksys_write+0x10/0x10 [ 1119.040750][T26433] do_syscall_64+0xcd/0xfa0 [ 1119.040781][T26433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1119.040806][T26433] RIP: 0033:0x7fb792b8eec9 [ 1119.040830][T26433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1119.040854][T26433] RSP: 002b:00007fb7939af038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1119.040878][T26433] RAX: ffffffffffffffda RBX: 00007fb792de5fa0 RCX: 00007fb792b8eec9 [ 1119.040895][T26433] RDX: 00000000000002fb RSI: 0000200000000000 RDI: 0000000000000003 [ 1119.040911][T26433] RBP: 00007fb7939af090 R08: 0000000000000000 R09: 0000000000000000 [ 1119.040926][T26433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1119.040941][T26433] R13: 00007fb792de6038 R14: 00007fb792de5fa0 R15: 00007fffcb772668 [ 1119.040978][T26433] [ 1119.314458][T26439] 0x000200000001-0xa29656a63616329 : "" [ 1119.320055][T26439] mtd: partition "" is out of reach -- disabled [ 1119.356263][T26439] ftl_cs: FTL header not found. [ 1120.024865][T26462] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3640'. [ 1120.317765][T26477] sock: sock_timestamping_bind_phc: sock not bind to device [ 1121.380841][T26507] FAULT_INJECTION: forcing a failure. [ 1121.380841][T26507] name failslab, interval 1, probability 0, space 0, times 0 [ 1121.461176][T26507] CPU: 1 UID: 0 PID: 26507 Comm: syz.1.3651 Tainted: G U syzkaller #0 PREEMPT(full) [ 1121.461219][T26507] Tainted: [U]=USER [ 1121.461229][T26507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1121.461245][T26507] Call Trace: [ 1121.461255][T26507] [ 1121.461265][T26507] dump_stack_lvl+0x16c/0x1f0 [ 1121.461301][T26507] should_fail_ex+0x512/0x640 [ 1121.461334][T26507] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1121.461365][T26507] should_failslab+0xc2/0x120 [ 1121.461399][T26507] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1121.461426][T26507] ? __anon_vma_prepare+0xae/0x5e0 [ 1121.461473][T26507] ? __anon_vma_prepare+0xae/0x5e0 [ 1121.461508][T26507] __anon_vma_prepare+0xae/0x5e0 [ 1121.461547][T26507] ? __filemap_get_folio+0x32b/0xc30 [ 1121.461579][T26507] __vmf_anon_prepare+0x11c/0x240 [ 1121.461616][T26507] hugetlb_fault+0x1ba4/0x2f40 [ 1121.461648][T26507] ? __pfx_hugetlb_fault+0x10/0x10 [ 1121.461685][T26507] ? find_vma+0xbf/0x140 [ 1121.461716][T26507] ? __pfx_find_vma+0x10/0x10 [ 1121.461752][T26507] handle_mm_fault+0xbfa/0xd10 [ 1121.461793][T26507] ? __pkru_allows_pkey+0x11/0xb0 [ 1121.461833][T26507] do_user_addr_fault+0x7a6/0x1370 [ 1121.461862][T26507] ? rcu_is_watching+0x12/0xc0 [ 1121.461901][T26507] exc_page_fault+0x64/0xc0 [ 1121.461934][T26507] asm_exc_page_fault+0x26/0x30 [ 1121.461960][T26507] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 1121.461997][T26507] Code: c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f [ 1121.462024][T26507] RSP: 0018:ffffc900047ffda0 EFLAGS: 00050206 [ 1121.462046][T26507] RAX: 000000000000002f RBX: 0000000000000005 RCX: 0000000000000005 [ 1121.462063][T26507] RDX: ffffed100c577640 RSI: ffff888062bbb1fb RDI: 0000000000000000 [ 1121.462080][T26507] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100c57763f [ 1121.462097][T26507] R10: ffff888062bbb1ff R11: 0000000000000000 R12: ffff888062bbb1fb [ 1121.462114][T26507] R13: 0000000000000005 R14: 00007ffffffff000 R15: 0000000000000000 [ 1121.462152][T26507] _copy_to_user+0xbb/0xd0 [ 1121.462189][T26507] __do_sys_getcwd+0x483/0x930 [ 1121.462221][T26507] ? rcu_is_watching+0x12/0xc0 [ 1121.462258][T26507] ? __pfx___do_sys_getcwd+0x10/0x10 [ 1121.462289][T26507] ? __pfx___rseq_handle_notify_resume+0x10/0x10 [ 1121.462323][T26507] ? xfd_validate_state+0x61/0x180 [ 1121.462357][T26507] ? __pfx_ksys_write+0x10/0x10 [ 1121.462396][T26507] do_syscall_64+0xcd/0xfa0 [ 1121.462429][T26507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1121.462455][T26507] RIP: 0033:0x7f3994d8eec9 [ 1121.462476][T26507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1121.462500][T26507] RSP: 002b:00007f3995bdb038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f [ 1121.462523][T26507] RAX: ffffffffffffffda RBX: 00007f3994fe5fa0 RCX: 00007f3994d8eec9 [ 1121.462541][T26507] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000 [ 1121.462557][T26507] RBP: 00007f3994e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1121.462574][T26507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1121.462589][T26507] R13: 00007f3994fe6038 R14: 00007f3994fe5fa0 R15: 00007fff535df398 [ 1121.462629][T26507] [ 1122.139623][T26516] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3653'. [ 1122.877318][T26543] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 1123.188898][T26543] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3659'. [ 1123.329366][T26551] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub [ 1123.967095][T26572] WARNING! power/level is deprecated; use power/control instead [ 1124.611458][ T30] audit: type=1800 audit(4294967322.039:34): pid=26616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3677" name="dbroot" dev="configfs" ino=131249 res=0 errno=0 [ 1124.751608][T26626] 0x000200000001-0xa29656a63616329 : "" [ 1124.757611][T26626] mtd: partition "" is out of reach -- disabled [ 1124.778713][T26626] ftl_cs: FTL header not found. [ 1124.931366][T26611] FAULT_INJECTION: forcing a failure. [ 1124.931366][T26611] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1125.008570][T26611] CPU: 0 UID: 0 PID: 26611 Comm: syz.2.3673 Tainted: G U syzkaller #0 PREEMPT(full) [ 1125.008613][T26611] Tainted: [U]=USER [ 1125.008623][T26611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1125.008639][T26611] Call Trace: [ 1125.008649][T26611] [ 1125.008659][T26611] dump_stack_lvl+0x16c/0x1f0 [ 1125.008697][T26611] should_fail_ex+0x512/0x640 [ 1125.008737][T26611] get_futex_key+0x1d0/0x1560 [ 1125.008776][T26611] ? __pfx_get_futex_key+0x10/0x10 [ 1125.008824][T26611] futex_wake+0xea/0x530 [ 1125.008869][T26611] ? __pfx_futex_wake+0x10/0x10 [ 1125.008912][T26611] ? __get_user_nocheck_8+0x20/0x20 [ 1125.008954][T26611] ? do_vfs_ioctl+0x128/0x14f0 [ 1125.008996][T26611] do_futex+0x1e3/0x350 [ 1125.009032][T26611] ? __pfx_do_futex+0x10/0x10 [ 1125.009069][T26611] ? find_held_lock+0x2b/0x80 [ 1125.009101][T26611] __x64_sys_futex+0x1e0/0x4c0 [ 1125.009139][T26611] ? __fget_files+0x20e/0x3c0 [ 1125.009165][T26611] ? __pfx___x64_sys_futex+0x10/0x10 [ 1125.009205][T26611] ? fput+0x9b/0xd0 [ 1125.009244][T26611] do_syscall_64+0xcd/0xfa0 [ 1125.009277][T26611] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1125.009303][T26611] RIP: 0033:0x7fa5d098eec9 [ 1125.009325][T26611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1125.009351][T26611] RSP: 002b:00007fa5cebf60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1125.009376][T26611] RAX: ffffffffffffffda RBX: 00007fa5d0be6098 RCX: 00007fa5d098eec9 [ 1125.009395][T26611] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa5d0be609c [ 1125.009412][T26611] RBP: 00007fa5d0be6090 R08: 00007fa5d1746000 R09: 0000000000000000 [ 1125.009429][T26611] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1125.009445][T26611] R13: 00007fa5d0be6128 R14: 00007ffd1bcefa90 R15: 00007ffd1bcefb78 [ 1125.009483][T26611] [ 1125.511852][T25402] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1125.906395][T26654] 0x000200000001-0xa29656a63616329 : "" [ 1125.912177][T26654] mtd: partition "" is out of reach -- disabled [ 1125.925290][T26654] ftl_cs: FTL header not found. [ 1126.208242][T26661] FAULT_INJECTION: forcing a failure. [ 1126.208242][T26661] name failslab, interval 1, probability 0, space 0, times 0 [ 1126.221178][T26661] CPU: 1 UID: 0 PID: 26661 Comm: syz.3.3689 Tainted: G U syzkaller #0 PREEMPT(full) [ 1126.221220][T26661] Tainted: [U]=USER [ 1126.221230][T26661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1126.221246][T26661] Call Trace: [ 1126.221256][T26661] [ 1126.221268][T26661] dump_stack_lvl+0x16c/0x1f0 [ 1126.221305][T26661] should_fail_ex+0x512/0x640 [ 1126.221338][T26661] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1126.221370][T26661] should_failslab+0xc2/0x120 [ 1126.221405][T26661] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1126.221433][T26661] ? __anon_vma_prepare+0xae/0x5e0 [ 1126.221489][T26661] ? __anon_vma_prepare+0xae/0x5e0 [ 1126.221527][T26661] __anon_vma_prepare+0xae/0x5e0 [ 1126.221565][T26661] ? __filemap_get_folio+0x32b/0xc30 [ 1126.221597][T26661] __vmf_anon_prepare+0x11c/0x240 [ 1126.221634][T26661] hugetlb_fault+0x1ba4/0x2f40 [ 1126.221668][T26661] ? __pfx_hugetlb_fault+0x10/0x10 [ 1126.221710][T26661] ? find_vma+0xbf/0x140 [ 1126.221740][T26661] ? __pfx_find_vma+0x10/0x10 [ 1126.221774][T26661] handle_mm_fault+0xbfa/0xd10 [ 1126.221814][T26661] ? __pkru_allows_pkey+0x11/0xb0 [ 1126.221857][T26661] do_user_addr_fault+0x7a6/0x1370 [ 1126.221886][T26661] ? rcu_is_watching+0x12/0xc0 [ 1126.221919][T26661] exc_page_fault+0x64/0xc0 [ 1126.221950][T26661] asm_exc_page_fault+0x26/0x30 [ 1126.221976][T26661] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 1126.222013][T26661] Code: c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f [ 1126.222039][T26661] RSP: 0018:ffffc90004667da0 EFLAGS: 00050202 [ 1126.222062][T26661] RAX: 000000000000002f RBX: 0000000000000004 RCX: 0000000000000004 [ 1126.222079][T26661] RDX: ffffed100edfb200 RSI: ffff888076fd8ffc RDI: 0000000000000000 [ 1126.222097][T26661] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100edfb1ff [ 1126.222114][T26661] R10: ffff888076fd8fff R11: 0000000000000000 R12: ffff888076fd8ffc [ 1126.222131][T26661] R13: 0000000000000004 R14: 00007ffffffff000 R15: 0000000000000000 [ 1126.222185][T26661] _copy_to_user+0xbb/0xd0 [ 1126.222225][T26661] __do_sys_getcwd+0x483/0x930 [ 1126.222260][T26661] ? rcu_is_watching+0x12/0xc0 [ 1126.222297][T26661] ? __pfx___do_sys_getcwd+0x10/0x10 [ 1126.222328][T26661] ? __pfx___rseq_handle_notify_resume+0x10/0x10 [ 1126.222362][T26661] ? xfd_validate_state+0x61/0x180 [ 1126.222396][T26661] ? __pfx_ksys_write+0x10/0x10 [ 1126.222443][T26661] do_syscall_64+0xcd/0xfa0 [ 1126.222477][T26661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1126.222504][T26661] RIP: 0033:0x7fb792b8eec9 [ 1126.222526][T26661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1126.222550][T26661] RSP: 002b:00007fb7939af038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f [ 1126.222574][T26661] RAX: ffffffffffffffda RBX: 00007fb792de5fa0 RCX: 00007fb792b8eec9 [ 1126.222592][T26661] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000 [ 1126.222609][T26661] RBP: 00007fb792c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1126.222625][T26661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1126.222642][T26661] R13: 00007fb792de6038 R14: 00007fb792de5fa0 R15: 00007fffcb772668 [ 1126.222681][T26661] [ 1126.571047][T26660] 0x000200000001-0xa29656a63616329 : "" [ 1126.576722][T26660] mtd: partition "" is out of reach -- disabled [ 1126.587167][T26660] ftl_cs: FTL header not found. [ 1127.137333][T26667] 0x000200000001-0xa29656a63616329 : "" [ 1127.164382][T26667] mtd: partition "" is out of reach -- disabled [ 1127.201467][T26667] ftl_cs: FTL header not found. [ 1127.569713][T13681] Bluetooth: hci1: command tx timeout [ 1128.793905][T26700] ovs_: entered promiscuous mode [ 1129.985831][T26706] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3700'. [ 1130.005921][T26711] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3697'. [ 1130.057388][T26713] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1131.101468][T26730] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3706'. [ 1131.111247][T26730] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1131.121488][T26730] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1131.129707][T26730] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1131.137377][T26730] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1131.273464][T26734] snd_aloop snd_aloop.0: control 7:-2147483391:4::2 is already present [ 1132.000271][T13681] Bluetooth: hci1: ACL packet for unknown connection handle 2 [ 1132.154572][T26757] program syz.0.3713 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 1132.561376][T26772] vivid-007: ================= START STATUS ================= [ 1132.575121][T26772] vivid-007: Enable Output Cropping: true [ 1132.580906][T26772] vivid-007: Enable Output Composing: true [ 1132.587154][T26772] vivid-007: Enable Output Scaler: true [ 1132.595177][T26772] vivid-007: Tx RGB Quantization Range: Automatic [ 1132.611430][T26772] vivid-007: Transmit Mode: HDMI [ 1132.634188][T26772] vivid-007: Hotplug Present: 0x00000000 [ 1132.639874][T26772] vivid-007: RxSense Present: 0x00000000 [ 1132.711856][T26772] vivid-007: EDID Present: 0x00000000 [ 1132.717430][T26772] vivid-007: ================== END STATUS ================== [ 1134.310622][T26796] netlink: 5 bytes leftover after parsing attributes in process `syz.2.3724'. [ 1135.460592][T26826] netlink: 'syz.3.3732': attribute type 11 has an invalid length. [ 1135.500298][T26827] netlink: 'syz.3.3732': attribute type 11 has an invalid length. [ 1135.583896][T26829] ubi0: attaching mtd0 [ 1135.617061][T26829] ubi0: scanning is finished [ 1135.621849][T26829] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 1135.874629][T26829] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 1136.920968][T26858] zswap: compressor not available [ 1136.926488][T26857] Setting dangerous option i915.mitigations - tainting kernel [ 1137.224803][T26875] zero sized request [ 1137.606733][T26881] 0x000200000001-0xa29656a63616329 : "" [ 1137.621644][T26881] mtd: partition "" is out of reach -- disabled [ 1137.649886][T26881] ftl_cs: FTL header not found. [ 1138.040020][T26893] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3743'. [ 1138.155010][T26894] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3742'. [ 1138.744423][T26909] ovs_: entered promiscuous mode [ 1139.821717][T26923] zero sized request [ 1140.028519][T26925] 0x000200000001-0xa29656a63616329 : "" [ 1140.034195][T26925] mtd: partition "" is out of reach -- disabled [ 1140.043860][T26925] ftl_cs: FTL header not found. [ 1141.469703][T26942] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 1142.579588][T26956] FAULT_INJECTION: forcing a failure. [ 1142.579588][T26956] name failslab, interval 1, probability 0, space 0, times 0 [ 1142.646372][T26956] CPU: 1 UID: 0 PID: 26956 Comm: syz.0.3759 Tainted: G U syzkaller #0 PREEMPT(full) [ 1142.646411][T26956] Tainted: [U]=USER [ 1142.646419][T26956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1142.646434][T26956] Call Trace: [ 1142.646443][T26956] [ 1142.646453][T26956] dump_stack_lvl+0x16c/0x1f0 [ 1142.646486][T26956] should_fail_ex+0x512/0x640 [ 1142.646515][T26956] ? fs_reclaim_acquire+0xae/0x150 [ 1142.646549][T26956] should_failslab+0xc2/0x120 [ 1142.646579][T26956] __kmalloc_noprof+0xdd/0x880 [ 1142.646616][T26956] ? tomoyo_encode2+0x100/0x3e0 [ 1142.646647][T26956] ? tomoyo_encode2+0x100/0x3e0 [ 1142.646671][T26956] tomoyo_encode2+0x100/0x3e0 [ 1142.646702][T26956] tomoyo_encode+0x29/0x50 [ 1142.646726][T26956] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1142.646775][T26956] tomoyo_path_number_perm+0x245/0x580 [ 1142.646809][T26956] ? tomoyo_path_number_perm+0x237/0x580 [ 1142.646847][T26956] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1142.646885][T26956] ? find_held_lock+0x2b/0x80 [ 1142.646943][T26956] ? find_held_lock+0x2b/0x80 [ 1142.646967][T26956] ? hook_file_ioctl_common+0x145/0x410 [ 1142.647011][T26956] ? __fget_files+0x20e/0x3c0 [ 1142.647040][T26956] ? 0xffffffff81000000 [ 1142.647058][T26956] ? 0xffffffff81000000 [ 1142.647076][T26956] security_file_ioctl+0x9b/0x240 [ 1142.647115][T26956] __x64_sys_ioctl+0xb7/0x210 [ 1142.647151][T26956] do_syscall_64+0xcd/0xfa0 [ 1142.647181][T26956] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1142.647206][T26956] RIP: 0033:0x7fc88838eec9 [ 1142.647224][T26956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1142.647245][T26956] RSP: 002b:00007fc889173038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1142.647268][T26956] RAX: ffffffffffffffda RBX: 00007fc8885e5fa0 RCX: 00007fc88838eec9 [ 1142.647283][T26956] RDX: ffffffff81000000 RSI: 0000000000004c03 RDI: 0000000000000003 [ 1142.647298][T26956] RBP: 00007fc889173090 R08: 0000000000000000 R09: 0000000000000000 [ 1142.647314][T26956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1142.647328][T26956] R13: 00007fc8885e6038 R14: 00007fc8885e5fa0 R15: 00007ffed23a3608 [ 1142.647356][T26956] ? 0xffffffff81000000 [ 1142.647382][T26956] [ 1142.647412][T26956] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1143.074707][T25402] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1143.085451][T25402] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1143.095365][T25402] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1143.111438][T25402] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1143.128773][T25402] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1144.673762][T26957] chnl_net:caif_netlink_parms(): no params data found [ 1144.795344][T26986] FAULT_INJECTION: forcing a failure. [ 1144.795344][T26986] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1144.823127][T26986] CPU: 0 UID: 0 PID: 26986 Comm: syz.3.3768 Tainted: G U syzkaller #0 PREEMPT(full) [ 1144.823167][T26986] Tainted: [U]=USER [ 1144.823176][T26986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1144.823191][T26986] Call Trace: [ 1144.823200][T26986] [ 1144.823210][T26986] dump_stack_lvl+0x16c/0x1f0 [ 1144.823243][T26986] should_fail_ex+0x512/0x640 [ 1144.823288][T26986] _copy_to_user+0x32/0xd0 [ 1144.823322][T26986] simple_read_from_buffer+0xcb/0x170 [ 1144.823362][T26986] proc_fail_nth_read+0x197/0x240 [ 1144.823391][T26986] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1144.823420][T26986] ? rw_verify_area+0xcf/0x6c0 [ 1144.823444][T26986] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1144.823470][T26986] vfs_read+0x1e1/0xcf0 [ 1144.823502][T26986] ? __pfx___mutex_lock+0x10/0x10 [ 1144.823532][T26986] ? __pfx_vfs_read+0x10/0x10 [ 1144.823568][T26986] ? __fget_files+0x20e/0x3c0 [ 1144.823604][T26986] ksys_read+0x12a/0x250 [ 1144.823630][T26986] ? __pfx_ksys_read+0x10/0x10 [ 1144.823656][T26986] ? fput+0x9b/0xd0 [ 1144.823694][T26986] do_syscall_64+0xcd/0xfa0 [ 1144.823724][T26986] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1144.823749][T26986] RIP: 0033:0x7fb792b8d8dc [ 1144.823770][T26986] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1144.823793][T26986] RSP: 002b:00007fb7939af030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1144.823816][T26986] RAX: ffffffffffffffda RBX: 00007fb792de5fa0 RCX: 00007fb792b8d8dc [ 1144.823834][T26986] RDX: 000000000000000f RSI: 00007fb7939af0a0 RDI: 0000000000000004 [ 1144.823849][T26986] RBP: 00007fb7939af090 R08: 0000000000000000 R09: 0000000000000000 [ 1144.823865][T26986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1144.823880][T26986] R13: 00007fb792de6038 R14: 00007fb792de5fa0 R15: 00007fffcb772668 [ 1144.823917][T26986] [ 1145.248078][T25402] Bluetooth: hci4: command tx timeout [ 1145.787019][T26957] bridge0: port 1(bridge_slave_0) entered blocking state [ 1145.835910][T26957] bridge0: port 1(bridge_slave_0) entered disabled state [ 1145.846407][T26957] bridge_slave_0: entered allmulticast mode [ 1145.856246][T26957] bridge_slave_0: entered promiscuous mode [ 1145.904196][T26957] bridge0: port 2(bridge_slave_1) entered blocking state [ 1145.911323][T26957] bridge0: port 2(bridge_slave_1) entered disabled state [ 1145.935091][T26957] bridge_slave_1: entered allmulticast mode [ 1145.947194][T26957] bridge_slave_1: entered promiscuous mode [ 1146.358815][T26957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1146.406681][T26957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1146.553743][T26957] team0: Port device team_slave_0 added [ 1146.592521][T26957] team0: Port device team_slave_1 added [ 1146.686241][T26957] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1146.693533][T26957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1146.727581][T26957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1146.802362][T27014] netlink: 252 bytes leftover after parsing attributes in process `syz.2.3773'. [ 1146.826560][T27014] netlink: 346 bytes leftover after parsing attributes in process `syz.2.3773'. [ 1146.868004][T26957] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1146.888635][T26957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1146.945989][T26957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1147.134747][T26957] hsr_slave_0: entered promiscuous mode [ 1147.183732][T26957] hsr_slave_1: entered promiscuous mode [ 1147.232615][T27023] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 1147.275811][T26957] debugfs: 'hsr0' already exists in 'hsr' [ 1147.282313][T26957] Cannot create hsr debugfs directory [ 1147.306805][T25402] Bluetooth: hci4: command tx timeout [ 1147.604095][T27026] futex_wake_op: syz.3.3777 tries to shift op by -9; fix this program [ 1148.175656][T26957] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1148.398227][T26957] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1148.488798][T26957] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1148.548183][T26957] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1148.588421][T27036] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3779'. [ 1148.994554][T26957] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1149.035626][T26957] 8021q: adding VLAN 0 to HW filter on device team0 [ 1149.153633][T26957] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 1149.164233][T26957] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1149.294511][T10665] bridge0: port 1(bridge_slave_0) entered blocking state [ 1149.301741][T10665] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1149.375963][T25402] Bluetooth: hci4: command tx timeout [ 1149.441296][T10665] bridge0: port 2(bridge_slave_1) entered blocking state [ 1149.448528][T10665] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1149.984894][T27051] zero sized request [ 1150.093889][T26957] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1150.924624][T26957] veth0_vlan: entered promiscuous mode [ 1151.014928][T26957] veth1_vlan: entered promiscuous mode [ 1151.085897][T26957] veth0_macvtap: entered promiscuous mode [ 1151.100778][T26957] veth1_macvtap: entered promiscuous mode [ 1151.115000][T26957] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1151.125065][T26957] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1151.264493][T10665] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1151.347675][T13382] usb usb38-port5: attempt power cycle [ 1151.458373][T25402] Bluetooth: hci4: command tx timeout [ 1151.474113][T10665] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1151.513324][T10665] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1151.560732][T10665] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1151.857303][T19605] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1151.908498][T19605] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1151.935376][T13382] usb usb38-port5: unable to enumerate USB device [ 1152.284518][T10665] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1152.358149][T10665] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1153.057945][T27088] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3758'. [ 1153.120971][T27091] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1153.361506][T27092] zero sized request [ 1153.766440][T27100] 0x000200000001-0xa29656a63616329 : "" [ 1153.780774][T27100] mtd: partition "" is out of reach -- disabled [ 1153.810016][T27100] ftl_cs: FTL header not found. [ 1153.869345][T27097] ptrace attach of "./syz-executor exec"[27102] was attempted by "./syz-executor exec"[27097] [ 1154.296777][T27119] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input21 [ 1155.475366][T27133] zero sized request [ 1155.805539][T27146] ------------[ cut here ]------------ [ 1155.811628][T27146] memcpy: detected field-spanning write (size 6) of single field "&entry->id" at kernel/trace/trace.c:7458 (size 4) [ 1155.824433][T27146] WARNING: CPU: 0 PID: 27146 at kernel/trace/trace.c:7458 write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1155.835857][T27146] Modules linked in: [ 1155.840138][T27146] CPU: 0 UID: 0 PID: 27146 Comm: syz.0.3799 Tainted: G U syzkaller #0 PREEMPT(full) [ 1155.851433][T27146] Tainted: [U]=USER [ 1155.855604][T27146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1155.865717][T27146] RIP: 0010:write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1155.873006][T27146] Code: ff e8 30 74 fa ff c6 05 b4 7e aa 0e 01 90 b9 04 00 00 00 48 c7 c2 e0 1e 93 8b 4c 89 e6 48 c7 c7 40 1f 93 8b e8 6d fc b8 ff 90 <0f> 0b 90 90 e9 d7 fe ff ff e8 6e 04 62 00 e9 da fd ff ff e8 64 04 [ 1155.892721][T27146] RSP: 0018:ffffc9000479fb98 EFLAGS: 00010286 [ 1155.898791][T27146] RAX: 0000000000000000 RBX: ffff88813ff34014 RCX: ffffc9000d17d000 [ 1155.906789][T27146] RDX: 0000000000080000 RSI: ffffffff817a5e65 RDI: 0000000000000001 [ 1155.914796][T27146] RBP: ffff88813ff34010 R08: 0000000000000001 R09: 0000000000000000 [ 1155.923156][T27146] R10: 0000000000000000 R11: 000000000002f340 R12: 0000000000000006 [ 1155.931118][T27146] R13: ffff88813ff18c00 R14: 0000000000000000 R15: 0000000000000000 [ 1155.939393][T27146] FS: 00007fc8891736c0(0000) GS:ffff8881249e6000(0000) knlGS:0000000000000000 [ 1155.948634][T27146] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1155.955424][T27146] CR2: 0000000000000000 CR3: 0000000031ef8000 CR4: 00000000003526f0 [ 1155.963432][T27146] Call Trace: [ 1155.966699][T27146] [ 1155.969617][T27146] tracing_mark_raw_write+0x2da/0x4a0 [ 1155.975003][T27146] ? __pfx_tracing_mark_raw_write+0x10/0x10 [ 1155.980890][T27146] ? __pfx_tracing_mark_raw_write+0x10/0x10 [ 1155.986848][T27146] vfs_writev+0x5dc/0xde0 [ 1155.991194][T27146] ? __pfx_vfs_writev+0x10/0x10 [ 1155.996107][T27146] ? kmem_cache_free+0x2d4/0x6c0 [ 1156.001083][T27146] ? putname+0x154/0x1a0 [ 1156.005468][T27146] ? __fget_files+0x20e/0x3c0 [ 1156.010183][T27146] ? do_writev+0x28c/0x340 [ 1156.014653][T27146] do_writev+0x28c/0x340 [ 1156.018920][T27146] ? __pfx_do_writev+0x10/0x10 [ 1156.025691][T27146] do_syscall_64+0xcd/0xfa0 [ 1156.025735][T27146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1156.025751][T27146] RIP: 0033:0x7fc88838eec9 [ 1156.025766][T27146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1156.025781][T27146] RSP: 002b:00007fc889173038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1156.025797][T27146] RAX: ffffffffffffffda RBX: 00007fc8885e5fa0 RCX: 00007fc88838eec9 [ 1156.025807][T27146] RDX: 0000000000000004 RSI: 0000200000000140 RDI: 0000000000000004 [ 1156.025817][T27146] RBP: 00007fc888411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1156.025827][T27146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1156.025836][T27146] R13: 00007fc8885e6038 R14: 00007fc8885e5fa0 R15: 00007ffed23a3608 [ 1156.025858][T27146] [ 1156.025866][T27146] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1156.025879][T27146] CPU: 0 UID: 0 PID: 27146 Comm: syz.0.3799 Tainted: G U syzkaller #0 PREEMPT(full) [ 1156.025899][T27146] Tainted: [U]=USER [ 1156.025905][T27146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1156.025914][T27146] Call Trace: [ 1156.025919][T27146] [ 1156.025925][T27146] dump_stack_lvl+0x3d/0x1f0 [ 1156.025943][T27146] vpanic+0x640/0x6f0 [ 1156.025964][T27146] ? write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1156.025981][T27146] panic+0xca/0xd0 [ 1156.026000][T27146] ? __pfx_panic+0x10/0x10 [ 1156.026029][T27146] check_panic_on_warn+0xab/0xb0 [ 1156.026050][T27146] __warn+0xf6/0x3c0 [ 1156.026070][T27146] ? write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1156.026088][T27146] report_bug+0x3c3/0x580 [ 1156.026103][T27146] ? write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1156.026128][T27146] handle_bug+0x184/0x210 [ 1156.026147][T27146] exc_invalid_op+0x17/0x50 [ 1156.026165][T27146] asm_exc_invalid_op+0x1a/0x20 [ 1156.026178][T27146] RIP: 0010:write_raw_marker_to_buffer.isra.0+0x2d4/0x330 [ 1156.026196][T27146] Code: ff e8 30 74 fa ff c6 05 b4 7e aa 0e 01 90 b9 04 00 00 00 48 c7 c2 e0 1e 93 8b 4c 89 e6 48 c7 c7 40 1f 93 8b e8 6d fc b8 ff 90 <0f> 0b 90 90 e9 d7 fe ff ff e8 6e 04 62 00 e9 da fd ff ff e8 64 04 [ 1156.026210][T27146] RSP: 0018:ffffc9000479fb98 EFLAGS: 00010286 [ 1156.026221][T27146] RAX: 0000000000000000 RBX: ffff88813ff34014 RCX: ffffc9000d17d000 [ 1156.026231][T27146] RDX: 0000000000080000 RSI: ffffffff817a5e65 RDI: 0000000000000001 [ 1156.026240][T27146] RBP: ffff88813ff34010 R08: 0000000000000001 R09: 0000000000000000 [ 1156.026249][T27146] R10: 0000000000000000 R11: 000000000002f340 R12: 0000000000000006 [ 1156.026258][T27146] R13: ffff88813ff18c00 R14: 0000000000000000 R15: 0000000000000000 [ 1156.026273][T27146] ? __warn_printk+0x1a5/0x350 [ 1156.026295][T27146] ? write_raw_marker_to_buffer.isra.0+0x2d3/0x330 [ 1156.026314][T27146] tracing_mark_raw_write+0x2da/0x4a0 [ 1156.026331][T27146] ? __pfx_tracing_mark_raw_write+0x10/0x10 [ 1156.026353][T27146] ? __pfx_tracing_mark_raw_write+0x10/0x10 [ 1156.026369][T27146] vfs_writev+0x5dc/0xde0 [ 1156.026389][T27146] ? __pfx_vfs_writev+0x10/0x10 [ 1156.026404][T27146] ? kmem_cache_free+0x2d4/0x6c0 [ 1156.026419][T27146] ? putname+0x154/0x1a0 [ 1156.026448][T27146] ? __fget_files+0x20e/0x3c0 [ 1156.026469][T27146] ? do_writev+0x28c/0x340 [ 1156.026481][T27146] do_writev+0x28c/0x340 [ 1156.026495][T27146] ? __pfx_do_writev+0x10/0x10 [ 1156.026515][T27146] do_syscall_64+0xcd/0xfa0 [ 1156.026533][T27146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1156.026547][T27146] RIP: 0033:0x7fc88838eec9 [ 1156.026558][T27146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1156.026572][T27146] RSP: 002b:00007fc889173038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1156.026585][T27146] RAX: ffffffffffffffda RBX: 00007fc8885e5fa0 RCX: 00007fc88838eec9 [ 1156.026595][T27146] RDX: 0000000000000004 RSI: 0000200000000140 RDI: 0000000000000004 [ 1156.026603][T27146] RBP: 00007fc888411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1156.026612][T27146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1156.026621][T27146] R13: 00007fc8885e6038 R14: 00007fc8885e5fa0 R15: 00007ffed23a3608 [ 1156.026641][T27146] [ 1156.026928][T27146] Kernel Offset: disabled