last executing test programs: 6.13789558s ago: executing program 3 (id=313): mmap$auto(0xb, 0x800000000000003, 0xffffffff, 0x12, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/usb/drivers/viperboard/bind\x00', 0x100, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/card0/pcm0p/info\x00', 0x1b04, 0x0) socket(0xa, 0x5, 0x0) fstat$auto(0x2, 0x0) socket(0x11, 0x3, 0x6) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x80004, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x8, 0x2000000000002) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r0) mkdir$auto(&(0x7f0000000040)='./cgroup\x00', 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/cgroup.type\x00', 0x103042, 0x0) rmdir$auto(&(0x7f0000000080)='./cgroup\x00') sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 6.039189128s ago: executing program 2 (id=314): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bdi/1:1/uevent\x00', 0x0, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x149041, 0x0) writev$auto(r0, &(0x7f00000001c0)={0x0, 0x4}, 0x3611) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0xffffffffffffffff, 0x2020009, 0x3, 0xeb1, r1, 0xac4) mbind$auto(0x2000, 0x100000008, 0x2100000000, 0x0, 0x6, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x40004) io_uring_setup$auto(0x1, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000140)={0x1045100, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0) lseek$auto(r2, 0x4, 0x0) r3 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r3, 0x0, 0x39b8) pipe2$auto(0x0, 0x80) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) keyctl$auto(0x200000000000020, 0xffffffffffffffff, 0x5, 0x5, 0x8) close_range$auto(0x2, 0xa, 0x0) socket(0x11, 0x6, 0x9) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_nsim_psample_enable_fops_psample(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/netdevsim/netdevsim1/psample/enable\x00', 0x169a02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2a, 0x6, 0x101) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) 5.911213313s ago: executing program 3 (id=315): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_create$auto(0x9, 0x0, 0x0) shmctl$auto_SHM_STAT_ANY(0xfffffffd, 0xf, &(0x7f0000000440)={{0xade, 0xee01, 0xee01, 0x7, 0x8, 0x0, 0x1601}, 0x8, 0x6000000000, 0x4, 0x4, @raw=0x3, @raw=0x7, 0x1, 0x0, &(0x7f0000000100)="0977b20d5258eca826a4544a5db3bfa5deebdf9b9919b9debef90d4b64633f0eb8162aa93f55d0d56687a5be1110194fbd48a603d4cb3949f65f2366e35b294c41b7069e8a0c60a7c9acaedacf5068e6d0aa1d05292bd70540e52ba410720cdbb0", &(0x7f0000000340)="5f9fe49db3b478eb5aa112d00517c1aa957d9e0f2852dad7f5c236bf8371d3b0f6d518edeaa6493a608fb25d5e4ef247c283343a661cf945418dfa1d90930d85eb4cde61cfe640e7f1d181f7939b2f542198986127b4853ed7e3309866acb8cd226f097b6b0469e947ae99d1fe614f2f7d0972073a12204d10f259ae7c3e05bc290d17e2460cdc91ea9f95b5a74077d7861c8b9c4b44d916a186054543c18576525484367482cb2e8aa1c6b42c5d1d2699904715cfce7fea171e426b886b482af2d6098cf74c3c4e"}) fsconfig$auto(r0, 0x8, &(0x7f0000000080)='[\x00', &(0x7f00000000c0)="7cc7218f60cf6b6c6ecd41b9ff6d831ea118f07fb6024b67301d9be695d494e55c", r1) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCGDEV2(r2, 0x5429, 0x0) process_mrelease$auto(0xffffffffffffffff, 0xa) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x9, 0xfffffffffffffffe) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) keyctl$auto(0xa, 0xfffffffffffffffd, 0x0, 0x0, 0xfffffffe) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) mmap$auto(0x1000000000, 0x100000400008, 0x1000000000000df, 0x4000009b73, r3, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x40080, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) close_range$auto(0x2, 0x8, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x400}, 0x7f) shmget$auto(0x100000000, 0x3, 0x79e56dc9) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 5.291740848s ago: executing program 0 (id=317): mmap$auto(0x0, 0x2020009, 0x3, 0x10, 0xfffffffffffffffa, 0x8000) futex$auto(0x0, 0x5, 0x4, 0x0, &(0x7f0000000080)=0x9, 0x1000000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)={0x40, r1, 0x1b, 0x74bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x6, 0x0, 0x1, [@nested={0x4, 0x1}, @typed={0x4, 0x1}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f17790485908286dd"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc000) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x10008000) r2 = userfaultfd$auto(0x1) ioctl$auto(0x3, 0xc018aa3f, 0xf0b) sendmsg$auto_WG_CMD_SET_DEVICE(r2, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)={0x3c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfb, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0xfd}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'dvmrp0\x00'}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e23}, @WGDEVICE_A_PRIVATE_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x240080c0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80402, 0x0) keyctl$auto(0x5, 0xffffffffffffffff, 0x200008, 0x6, 0x3) keyctl$auto(0x3, 0xffffffffffffffff, 0x2, 0x3b, 0x9) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x80080, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x80002, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/platform/dummy_hcd.0/usb1/1-0:1.0/usb1-port1/quirks\x00', 0x103a42, 0x0) sendfile$auto(r3, r4, 0x0, 0x3) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0xb02, 0x0) read$auto(r5, &(0x7f00000003c0)=']%\'\x00', 0x5) socket(0x3, 0x6, 0x7) io_uring_setup$auto(0x6, 0x0) r6 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001100)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x80002, 0x0) r7 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0) ioctl$auto(r7, 0x800064ba, 0x1e6) write$auto(r6, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r8 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2, 0x0) read$auto(r8, &(0x7f0000000040)='/dev/snd/seq\x00', 0x7) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x2, 0x3, 0x1, 0x948b, 0x9, 0x1, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) 4.197159396s ago: executing program 0 (id=319): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x5, 0x7fff) socket(0x1e, 0x3, 0x80004183) setsockopt$auto(0x3, 0x10000000084, 0x21d, 0x0, 0x0) mmap$auto(0x0, 0x4, 0xa, 0x80000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000000), 0x210a85a50de492c9, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000640)={0x0, 0x1d, 0x803800, 0x2, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x6, 0x3, 0x7b, 0x0, 0x5, 0xfffffffffffffffd}, {0x100, 0x20001, 0x52, 0x85, 0x2, 0x400, 0x2072c2, 0xc, 0x100000000}}) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) timerfd_create$auto(0x9, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto(0x3, 0x40085400, 0x5) 3.857644713s ago: executing program 0 (id=320): timer_create$auto_CLOCK_TAI(0xb, 0x0, &(0x7f0000000fc0)=0xa) mmap$auto(0x0, 0x4020005, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/event0\x00', 0x2, 0x0) r1 = socket(0x11, 0x3, 0x9) sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x1e08, &(0x7f00000000c0)={&(0x7f0000000040)="4c0300006bba861b000004000000a32457895897071b", 0x800049}, 0x2, &(0x7f0000000180)="7b4dbd0b73c4065df26ac7a17a8819e4286a4b3f60af4903b692859664cb59bfbd90ed46", 0x5, 0x1}, 0x9}, 0x2, 0x108) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000cc0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_MPATH(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)={0x14, r3, 0x301, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x4048090) sendmsg$auto_NL80211_CMD_GET_STATION(r1, &(0x7f0000002240)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000002200)={&(0x7f0000002280)={0x1214, r3, 0x200, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_EMA_RNR_ELEMS={0x11fa, 0x145, 0x0, 0x1, [@nested={0x1106, 0x93, 0x0, 0x1, [@generic, @typed={0x8, 0x119, 0x0, 0x0, @uid}, @generic="ab869657611ff3c04570943a4719e38cb969b1cd5babafd2c455e0ce3e4a6753e770826676c7043e38b8de151f5c67dd42f6e6912ba9d837adaff7e936ed8d5ecc32a41651a5dcb41eea56e755a7277880a88ee50527cea08be763e889a55e3a75871abed2c00f0536ecbc63303d4a305cedf9063de2776ee8bd2e6372857bbad23cb406d851f2c540d989c4ce4bf8d2b7ab7f1fbde9", @typed={0x4, 0x6f}, @typed={0x8, 0x97, 0x0, 0x0, @u32=0x1ff}, @nested={0x4, 0x43}, @nested={0x4, 0x2b}, @generic="75c4c66dc52754ba3fd6627f756d9bfceaaf0da1b309e34662606fd4c514735123e4828da6d02467dbbfb412da7251f49496ae3ab4fc233b542ef9e3c337bc0aef5a6bc6c23feccaaa0988e60596c6b3", @generic="f90e9a462ce27adecbc571f344462bf590cd69c7062ded1e6f7e171f89db61931967c3553cd5ee9d2010ce71006ae7bb599c1dfcac28948c4f8d3bd8c96f3b873c66eda308e8765b8a5e6a1655478eb85fb8a7bd29d30b75e71ba3e9ca92698cc82d52cc18858a1cab1b36a63f1496f876cde08c8b75175b5443668e0fc74aa3486bd9a42732f5fca6ceeb5a9d7fb3ea8d4a2e87625bfcb0e0cfc173077c29cf46cb417548b68b734f62768867307d48560089af8ab7627566ac2b96ff3ae5dabbcddbd4e6eb6bf8d62b2be2fdc91c0473b8a3dd30d26a08f286ca0d4099547f115c40480be8a13754d73d9879393c110437dddda73efc88644092cb7f550f468a5a173c866233e7c70ff8bad1a925ea11381aaa59137a7bbf8c8ee18b9dc9f83f30568e2737f3e2c195921306202e55964da9137a4a271fc9a2bf71d7638cae533aae5808f81e40796e71b48aed75dde39258935a4c2035249057b772c54de3dc1edde0360f6db8ab92f28aa3f3699510cbe212c7138b2d3b561542e9b31f6cdc9335e032ce0cc2e2eb9bc7ad03879014dca620bd0abfae65589b47064d5178406e186cd1c9afe4216336373a0bba628725e160d2b093cd6a36f4a1323f672bf74deabf9d17152fa80bc37c3cdbee04c412b5307b0e63eca16510300acb6aa7ebd7a02d838e0ddf900c459cce4f9e8a6bcdc071865518fd244ddd7b7af0a725cf339a4f6222f8cfc519476a1d721b501f141fe5887f35ea92472eb6a4a67d3f86c9d20c0e5b70ece8b8228f0fb9feb30dd82a19e414f9eea481ba3f2891ccd4b87cef125a7be969b2e3809bff338d0bcdeb0ab812807541c3c9605c4da6966eec7ed98476d52aebfa95849bfd9dbaddb045e5e40d232ddc36c3b17b66058782fcd4201fe8b6b0ab3e09c815acd16e7908fa8fe108c75b5b501ec36436e98ac4f7017fae093466490dd06ef18e9406b130e82b413fdc3f97ffc44c00c9a398828fd9f1f9e65ccc3ee8a1dc33b6c838def9d7da7535b4736a730e99d343877e376f9db7dc62710b0aba8dc0aeb0bdb6f7f21a5e03897f3fedaf51804c19f71fe456ad42082711c8685f9ad545acf838fe2658e22407c5985f7cf1af46a5034cd71dfbe905d1f3780c16bd292b7fc1abf1f72aa602df79636373b2c66228633910104e203502854c4dc6e219337965a2d10c955a965156044da944aefff10e791866e528911b45683d50bc8431057290a8a607293298f050e97889770f39c796fa0e07d40d1b0106ee72c8d6b89c945a1dd0a6e89b6a0fd5794efd7ba079387fc2b3b75398d92707d4cac1d24d52acc66e564f94dafa296a8ada6487e1b6dc78e2cf0dc86250ac94eb29f14eeff43239a94e72ecb90c72890894fde3c6e7d63514712eb70d44427655550ed646d6cb17921415be75e6211f706256d5c6fb0235f6650a862fcd39636050e588ba58d459a609370d15b8bade339e533c07841323304c10187f3c1df5406a406dec22940710e9d22b651435e01a7127ee34f7e96996c898582a91ec58f370b84f94b2c7eea5ddd0c0a78b1b82709aa35e9424218a7204a7e4bdb94a26ca66f1afcc710d5e992d85cab0115030fa847f7228d882b117717913388e09dd38a29a1987c9387ba4d23921b82214efaa6f2c08ff4a6869129ac0b942175378875cce997bd307444dadbe6f65194f68cb9e2a1e20f4e81bb2ed30d30aaf251464205e00857e71ba2928b5f1d6857d89cbafdb6cb5f47bb5367d6f92d46fbd1ec8125d138f97554f3e0f0110c0d49f9ec77319730d2f618f0e9493c4c8a94d6b2c41d147635b02b366de914bc50c0dd062249de5525ef157e980fb31f47185f9c7d47b87f3d0bcf21d0726864e33af87684f0413b173a1cb77aea1af8ed61f3f9aa831d59ff2aee15bb0269ce1a9d0d90844f005698bd1ab445220d9e7b85483e20a70e80a8d5c1fb0cae6cceb8351a9a3bb163755cfbee47c94168b9ba4895d47b8aeabf1ea8374a941187bf2b1f16c50eb68fd42ea02488bf3f36f233e6e61b58d89608264ed3a76a7f5570a991ca022cc0bce8a894d20ab32d5508aab818cb987225c23938591c2b916626bfa000f8cee986e394c146cc831fcc20dd88b6cfb94869308494f9985dc660afce344366cc58efd8dc8171703f5639aeae8dc7468884667c6b9f6d0e65d296ebff114d84691c9b2fe40d4e48373a7f39c72a1f9fa54738dd984989aa55b6cb43e66fb8e8dc4b7426fc906d1644bbf34ca90aa04dc77264aea7d8b33df8c6d1696b0f690a2f17df8d1a128a4476537566a1b0d302aedcdab5d3de578b47c603592a29687223647776d1eb08c6bc1e3650808789214e329035ae9d6cfce4fbf7ca0d184a4ce6ea6e2a3db531a3c4299420cde0ae5dd083bfcaf09d9a7255cb39afa3ec1defc59eb1d84a3ee5f3e1d8cb21054bfe607137bd74098e8e64d30fd8561dbdc7c1038fa4b35a6449c023bcc4ef175d739b127071f3772c8b83e0152b5e422c736dc289d85dd71b361344595a8224f5bcc933b5f09d1940c64c5c165c9b43951a71293a6675bafd4a8bd1631331de40679f8a4914e3170fafd0c38657e791afb6ca8d5c028825539ce1814ed4023fb84c3a0ebd746dac51844e1665c80096a2e7178f5ea337a4b0d9ac8735135bfe31b22d27438e153d3558e83d9b1fd6277eb7055c7d31f094f94cff8b0ad55a6179b5e5b9ebe3a482a10ce9492473199b890e0e118f7db76fbb54d7d70fe4d52c0111f4c004445d451bdaecb63de7becdcb8122acd0ea48881b41efa46359b524ec2a4e96c42f5aae1c29f2924ea783561fe63a21e4bd1a7fe7d647a64bc982aeb382334bee4ec35b81aeedd1bb6bfffe2e128241924490a3aba53ab327075f352847dc365881feacaac2a08299da0413ef07d989f09ea921eb4b8979b11f07435c50a2f35f0cafae0409662d4799d2e1df393679013cb9b46dcc22e09fa72560587f7012e69c972d1efbeaa7e1fe9236832f1892ee8650ff1dd1b3944004668e5df97fabf5cb1ed701bf3f8f1e21027d3bb61b39b27372127b8d8012bcd4e6f0470e6c4c854ada4a2e9392a6464ecbba2a5292212e02d044efc751a54c612c144bd6c570763e159022f95daeb8695fd4850b310c9f915e7fcf5051302b94896fa0de2fff8796ce26ef9699a5a7bc73ee9d6e4db30e4b0145b6e2e610c8af281adf31346cc21a5ba7dcd4bb33ae05c6aae8f0791dba087c888d35730775ec39d0ac8bf316016d452e3e2e0af5fcc6bb4b53080d7ae830dc2d82aea4795dcadf50124f79014774a827b0402e8942173cb51b2d6432a8025713f7c43d12f236a120656a4ba6eb04a3d63ff1bc481bede941e3c631f9eb3473b26322304402641397f34c62ce837baf91b56a2dd9f0db47fb98df12ba126b760c219d90a292500f42d4db40645ea58a81c25c51067a947686b7018bb85f1d702dd70024e18a488e840654515fa59baf21c93dedb76d4cf7cf0b53661423bde2d669cf7092b214678196b222849ab4ce93c8a79dec5ff1cc0826a62aad31783bb763df21948af22ded9473182996b2dda242a03c0a83e23ab118ed52c3da798a06fcb4bbbb288321c7bcddc08d52175d885369eba0ff24aa0551cf28d3f049e560701dc26e4fa1fb976591aed1aa42def8578530e310d120ff364c716dbe51e49ffdf7f66a52d4b5e0474e6942716b5dd8b2d5a5e88ee224df42e7bbedfb8ba85f7b7aa4d34f6b231189cffc8a8bd9d12e7503b4da2e0687f29fccc6535d2cad8aed4ee3def8f82ea45c3bd261b6b2098a0597bad83c7531ee8c1b4451910869e84de54ce0bd9ff4cef627247254f63a8f29c1a806d02c8f01a31ef74fe5f68acd038cc22dbbc3db55c88b0f5bef3284f485994e8eb3c481a347b1fbe4f80cd74a1148ca4ac136e2031682f2bfe80bb25a4b067567e356bc484036a4463c76f7cd79a445787bbff67687de5dd901f009acf04a5374247867b6d2edda601eb0872ce8b4aa074578845ad381cea06abe70c50719c37a1ac38098f5b344ad2cab8895db3d96098248ec00307ab9337819f9b164b93b9460297f9ee0c06c235aede3db0e25dd1bc4c8c2c15b35fdcd5b40a9d67d8660a19a0aa67629973ae4cb680763cd298d02950d569a4218de1dc805445ddb0bd825f625bd49c1c07e7a640dc5f14e32aaad0eeda59748d7b23f5644de99d9fa3d58de96e1e88538110fa6d8a89db15a15aa7ae3b4725e05ed8acb859840372156c30903cf6424db3511c7553ea682264be0deb317667e88264a8a828e99a6624f34ef37cda914a24b41cd6839995a6fe80fb061dac2aca18649d1dba8c0fb575ba2c5738f01d9edf27186e4c6637c60dd15888bf9fe6905727514ed444fd476910a090170aaf10e2ef0289665d49428be5e7c38b1251c1ddceb6ffa5ddb36173829ebcd09f4ed933e83bd0210f6762074541791f12c7cb14dce3ab8764744f9d6cc307ece14908419ee1740a129f44ff4b05395921c17c868e5379a505ef90e0cade3c5fc9ce6b3769c6fbc954255d1762b0aac1604983b02efd5c1e688d6f42b399f33cce88f04c5bdbafe945a048ecd8cc3f1b87ba881c2ace987f72da1663433b0f2e6543f14694aa77910758f1b005fbb37a81ba0074cebc3d0df444e4d0e885610919371b2e9c742e47adc7ee342fcd4d3f6c3c03914903807e7535af276c82c3f637de193e16c406c98ac4dcd85176690c9479cd949d1a41bd95c0cbaff90da0a2f41b054fa6a71ec276598aec16230fb14972df3be170bdae0b0eb199091a52880f16bb054096257b7c77f7b8fb3d9e24381c33b6c3083c6bf1140c99498cc7f58d41a57116c8eb1d55efbfef11c44b4c9a1a65f3474ac8805b833b7ba1f83d42e97cf6c759580c0302b8c9f179ee6cfc63d179ff6fea6696e09fb8165e6548a4b06c4f46e6dddb9acf4beb40feff25205182e8cc210fe64d511e0753067876a77d212e3768e04e0fbc4472e78d931179d386d1d32314ffbc6fb815740f685787179dc1e71b0f999d22d86e8fa1d660ba7ea6b33e2300c118e44c6bc4c1193c6cc8bfbe148cb68e09598bd60acf1bbe0b1b183cf1ebcf1d8acdfdda4809e1b25f4fe12c1fb0136e2c26b8248abce43e1609dc9e69f74ed0075ddc7d7d3a09a0e94393979458b7f35743b20c32941037ffb2da2f20a35e51b28a31edb1e552758f41d6fc5bcf3254a2a2b722def1d14c67db1d98ccc3649d301b9d59cf8fa2dc56fcaafc55f5d0b025ca9d0f206265835093ab5ac47d58fdeab7642c4b8f36be0b4a3c05623a3f0c75fe42a6fd58d8845b6b7b812c299165400e1ee8580305ec076a5ac386ad951af8ec951d53583fd29769faa8bc8be18554fe4c253cc5c9f3db473ebd3a991edd54e1cccf7824b929b7d09b4ef0e4772d012a911a222895122e436ff20e19d2ea07b92d3943900135c32651dbe8e2243601e470ef1a46de49234f0d5fd09c626025e3beaddf43bc5c341a5056fbdced2163700a880c101eed584d250a3ade26957dcf4b11ad4b88490c254724e097d835698cf3d979b558066eddcc1945e4a928db77660a3e284e5f09080f6a997611efea636d671bec92744083e06c3f74e1271389a58a6ff39f5425c8dbe6ddc5b37fbc337c37183ab5ed93664fb09b5aa3d37a61ae1c28892e5af7287ef3c86a76aafd890adcef8a20cd119c10ed97f415afba2fcd0ef91c4f518621cf4d0bd17516757c2811be4b9581bb145fc1011597e5880dc83d9f2b"]}, @typed={0x14, 0x87, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @generic="2320e135cec012fd4c16d219224db664b12b3b131eff1f3b25c1803fbb06a9b2e5558943c83134f24556577cad57581caa20e082e59c1fcfddf932bd479a4473d2db37710a758b433bdf9929e370d96cfe01632e3ba03f7aca3a0fd3c787f411cbe45bb09726e28ef563fea894736322871abe04140234f5d952ae1320daaeafeb352e1bade43e16a288f824ff2aa87d1d214a648d44e984ef0723c478938897b8606f3e94b90ac26e40afcc2972b4a06d956f53f9ab555eab4f60027affbd9bce24dac3fbbf194db5ace9cec1d688a82f35dcb0fb9146ca5889"]}, @NL80211_ATTR_RADAR_BACKGROUND={0x4}]}, 0x1214}, 0x1, 0x0, 0x0, 0x4000000}, 0x81) ioctl$auto_EVIOCGMASK(r0, 0x80104592, &(0x7f0000000000)={0x11, 0x800004, 0x8}) mmap$auto(0x0, 0x2000c, 0x40, 0x20eb2, 0x40000000000a5, 0x7ffd) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/lapb3/operstate\x00', 0x80000, 0x0) openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) socket(0x10, 0x2, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r4, 0x5608, 0x1) unshare$auto(0x40000080) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000000000), 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) socket(0x23, 0x2, 0x0) ioctl$auto(0x3, 0x80000541b, 0x38) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) landlock_create_ruleset$auto(&(0x7f0000000140)={0xdaa0, 0x1, 0x9}, 0x9, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) 3.54533079s ago: executing program 3 (id=321): openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy0/misc\x00', 0x20a40, 0x0) read$auto(0x3, 0x0, 0x0) mknod$auto(&(0x7f0000000080)=':,\x00', 0xcb, 0xfffffffa) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00'], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) r0 = socket(0x10, 0x2, 0x4) pwrite64$auto(0xc8, &(0x7f0000000340)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdds\x1cJ\x99\x00:/\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\xadCl\x9e\xeb\xcd\vp\x99\x00\xc8eX\xdc3\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0A\x94\xa3\xaef\x87\xd8\x95I\xfd\xa8\t\xac\x87\xb7\x1d\xd5\x83\xdcyu]\xde\xbe\xbf$<.}\x8b`\x04\xfc\xa2\xab\xb5]\x80\x00\xb9D\xc5\xbc\xf2a\xd66\xa5\xd3\xc1r\x96\x1e\x8db\x05=`\x01\x11\x04Tz\x87A$\x115\x95PUf\xa7\xfe\x19\x00\x82go}@W\xd5\xaej\x01\xbf>5n\x17S\xc0\x8a\xaf%O\xd1W\xa3ua+sUJ\xea\xf9\xb7p-\x128\x9d\xbaM_\xff\x1c\xc3sG\x04\xf2\xd3\xf3{;\xd4\xd7\x1c\x1dZ\xe9\xe9\xc9\x9cu5\xe9\xa2\xb3N\xd2\xc1\xc8\xa5\xadt\xd5BKD\x86\xeb%\a*\x06\xbb\x1e\xfb\x11U\f&\xcbP\xf1\xcf\xccb\xe8Wb\xc5ae\xe3\xf9l\xa9vK\xed\x8cL\xfb%g\x83;\xe1\xe2w\xd6\xaa6\x16\x8fx\x1a\xd7\xc8\xf4[\xbc\b\xe1Z\x92\x14Q\xdef\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000240)='/proc/fs/netfs/requests\x00', 0x40080, 0x0) pread64$auto(r2, 0x0, 0x810000003d, 0x8) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) openat$auto_u32_array_fops_file(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/netdevsim/netdevsim5/ports/0/udp_ports_table0\x00', 0x472881, 0x0) waitid$auto_P_PIDFD(0x3, 0xffffffffffffffff, &(0x7f0000000040)={@siginfo_0_0={0x2, 0x8, 0xf8, @_rt={0xffffffffffffffff, 0x0, @sival_ptr=&(0x7f0000000280)="79ca6170c72c9b5affac767c0127e58e38f3f407303ed544651fc514ea2bf3a8d8ec1b5efc99d62cbb8043d4582607afd440f400a4fdcd74a0d6cc759ee437d05a5a149e70f79615cb36ed421a"}}}, 0x20f5, &(0x7f0000000440)={{0x7, 0x800082}, {0x4, 0x2}, 0xc2, 0xfffffffffffffff1, 0x80000001, 0x9, 0x1, 0x3, 0x3, 0x501, 0xfff, 0x0, 0x3, 0x9, 0xc, 0xfffffffffffffffa}) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x86a7, 0x11, 0xfffffffe, 0x6, 0x30000000, 0x9, 0xffffffffffffffff, [0x0, 0x0, 0xffff], {0x6, 0x10001, 0x20000b, 0x2e1, 0x504, 0x1, 0x101, 0x6, 0x5}, {0xfff7ffff, 0x2, 0x52, 0x5, 0x10001, 0x440, 0x76c5, 0x8, 0x8000000000040000}}) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x800000002, &(0x7f0000000280)={&(0x7f0000000040), 0x1ffffffff}, 0x6, 0x0) r4 = socket(0xa, 0x3, 0x3a) ioctl$auto(r4, 0x890c, 0x1) mmap$auto(0x0, 0x4, 0x4000000000df, 0x1010, 0x4, 0x9) 3.495579658s ago: executing program 2 (id=322): mmap$auto(0x0, 0x9bc, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x1, 0x84) socket(0x23, 0x80805, 0x0) io_uring_setup$auto(0x3, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x1, 0x84) socket(0x2, 0x801, 0x106) socket(0x15, 0x5, 0x0) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) r0 = socket(0x10, 0x2, 0xf) r1 = bpf$auto(0x0, &(0x7f0000000200)=@bpf_attr_4={0x1e, r0, 0x5}, 0xd) bpf$auto(0x2, &(0x7f0000000080)=@iter_create={r1, 0x98}, 0x5) 3.095078431s ago: executing program 2 (id=323): close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x204880, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101200, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = socket(0x2, 0x1, 0x106) setsockopt$auto(r2, 0x0, 0xc, &(0x7f00000000c0)='l]U(\x01\t=\x1e\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00$\xa9\t{&\xc0\x14D\n\xa2\xad\xde\xb1\xd2\xadL\xa8\xf8\xcc\xea]d\v5\x0fr\xfc\a0\xe5\x1b\x81\xf3%6\x1f\xe8\rM\xc4\x0e\x1a\x12{\v\x1dTRL$\x02\xf3\xf0\x1eO\xb9^\xcdC\x13\xc6\x1b\xbd\xa37x\xa7.\xb1\x17', 0x4000fff) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r3, 0x0, 0x1ff) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x81}, 0x5) r4 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) write$auto_ftrace_subsystem_filter_fops_trace_events(r4, &(0x7f0000000040)="713aa6185ac801fb61dd46a6683a08cb0142bc8db012bd0efd3f1d3a0e425091f23ace6d9b069efd7496d3abf7f03f05e2e796a1f7864693d17aab92b2bf3a75f505bc8218533e636f2c1c90b9a56f1e65b204d293d6c98fbca52bcfe1e8be11626621ddec19a5195ec426d350dc4738f2710815ddab6729", 0x78) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x81a0ae8c, &(0x7f00000000c0)={0x2}) 2.747373096s ago: executing program 2 (id=324): open(&(0x7f00000000c0)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) unlink$auto(&(0x7f0000000340)='./file0\x00') unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setsockopt$auto(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x4) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x8000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/nr3/statistics/rx_crc_errors\x00', 0x2, 0x0) rseq$auto(&(0x7f0000000180)={0x9, 0x4, 0x9, 0x8, 0x800, 0x10001, "1192e8dbb6e6bb6eb3d4508f9656161ed1866bd096ae7309ef52f7e7e908d6d6c08e292e2f51448359c8c7076497761b8c83bbf5e30542159f4fba5391515d45185c0e93e9b617e4138741ae06e29518f18082c82f6c94d92935c39830eb0e104b7d40663b2f9cfc2cb18d3244b22e142e"}, 0x0, 0x7ff, 0x20) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram10\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r0, 0x8000) sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x57) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) getsockopt$auto(r1, 0x84, 0x7c, 0x0, &(0x7f0000000000)=0x7ffe) 2.506042857s ago: executing program 1 (id=325): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram10\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) r2 = socket(0x10, 0x2, 0x4) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'batadv0\x00'}) r3 = setfsuid$auto(0xee00) r4 = setfsuid$auto(0xee01) setresuid$auto(r3, r4, r3) msgctl$auto_MSG_STAT_ANY(0x762a, 0xd, &(0x7f0000000680)={{0x5, 0xee01, 0xee00, 0x4, 0x5, 0x6d, 0xb280}, &(0x7f0000000600)=0x2, 0x0, 0x7, 0x3, 0x9, 0x2, 0x2, 0x3, 0x13, 0x9a, @raw=0x7}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000700)={'gretap0\x00'}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wg0\x00'}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0xfdffffff, &(0x7f00000001c0)=@task_fd_query={0x0, r2, 0x800, 0x10008, 0x7, 0x1000049, r1, 0x9, 0xc3a000000000}, 0x6f3) getsockopt$auto_SO_BINDTOIFINDEX(r0, 0x8, 0x3e, &(0x7f0000000000)='g\x97.tap0\x00', &(0x7f0000000080)=0x6) sendmsg$auto_HWSIM_CMD_DEL_RADIO(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x4000050) sendmmsg$auto(r1, &(0x7f0000000280)={{&(0x7f0000000440)="936fe0677c51dffda50a7c33715683f6b75f72f393b4010016a002a8a66554ef33e27fcc02e07f8bc88dc15a51c431a46a9f492de75f567b449817323d474a0b36d3687917c57ab814d02a69477b1e03f0704c0a4f820500000000000000af977091a22418de014c206ef8b8e98a603d21dde78374bc8ee72de83ec12cee9e4c963f84a2ae1f2cb3e909bf131d4ea72fb313ab170000000000000000000000000000c13f583166b1392a35d8a4ed1282c2b02d19542b3f021d61598b669c0cb05c9fd1da2a26a160523959d0f752d7279f6a164869b3284ec68194b559b7880999538d7876f065c452b782f89bff43b155f8632be0f8438567613d1071b28c818c9ae6cb3201616c96827092ffb7bf1811de9eccb7d67ecddbe654cd8fc880ff759fc514caa284751d5908f008724c7558509151a29f315b2737a029895169291f73b18cbf652a0dd3ff607f7a8b24060cf0a8bdc8d3", 0x8, 0x0, 0x1000000009, 0x0, 0x1f, 0x101}, 0xe8}, 0x5, 0x2001fffd) setresuid$auto(0xffffffffffffffff, 0x8, 0x8000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0x7fffffff) sendmsg$auto_IEEE802154_LLSEC_LIST_SECLEVEL(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x40081) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001640), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_LEAVE_OCB(r8, &(0x7f0000001f00)={0x0, 0x0, &(0x7f0000001ec0)={0x0}, 0x1, 0x0, 0x0, 0x4008000}, 0x4000) sendmsg$auto_NL80211_CMD_SET_CQM(r1, &(0x7f000000a240)={0x0, 0x0, &(0x7f000000a200)={&(0x7f0000000340)=ANY=[@ANYBLOB="2400000063daa7e5379409cac580", @ANYRES16=r7, @ANYRES32=r5], 0x24}, 0x1, 0x0, 0x0, 0x800d808}, 0x20040871) write$auto(0x3, 0x0, 0x100000000) setresuid$auto(0xfffffffffffffffd, 0xfdffffffffffffff, 0xffffffffffffffff) setresuid$auto(0x0, 0xffffffffffffffff, 0xffffffffffffffff) unshare$auto(0x40000080) close_range$auto(0x2, 0xa, 0x0) 1.746738231s ago: executing program 0 (id=326): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd5/queue/iosched/writes_starved\x00', 0x80302, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r6 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r6, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) write$auto(0xca, 0x0, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000) r7 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r7, 0x107, 0x11, 0x0, 0x4) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x800) getdents$auto(0xffffffffffffffff, 0x0, 0x400018) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) ioctl$auto(r9, 0x2285, 0x1cfc4b42) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r8) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r8, 0x0, 0x4000000) sendmsg$auto_NL80211_CMD_SET_WIPHY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r5], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="13fd2bbd14c7323c91bb1844000008000300", @ANYRES32=r10], 0x24}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x82, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x6, 0x0) 1.637033638s ago: executing program 1 (id=327): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x5, 0x7fff) socket(0x1e, 0x3, 0x80004183) setsockopt$auto(0x3, 0x10000000084, 0x21d, 0x0, 0x0) mmap$auto(0x0, 0x4, 0xa, 0x80000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000000), 0x210a85a50de492c9, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000640)={0x0, 0x1d, 0x803800, 0x2, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x6, 0x3, 0x7b, 0x0, 0x5, 0xfffffffffffffffd}, {0x100, 0x20001, 0x52, 0x85, 0x2, 0x400, 0x2072c2, 0xc, 0x100000000}}) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x24040801) r3 = timerfd_create$auto(0x9, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c02, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto(0x3, 0x40085400, 0x5) write$auto_ucma_fops_ucma(r2, &(0x7f0000000140)="92df7c05cc7f3ca8", 0x8) 1.297359853s ago: executing program 1 (id=328): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x5, 0x7fff) socket(0x1e, 0x3, 0x80004183) setsockopt$auto(0x3, 0x10000000084, 0x21d, 0x0, 0x0) mmap$auto(0x0, 0x4, 0xa, 0x80000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000000), 0x210a85a50de492c9, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000640)={0x0, 0x1d, 0x803800, 0x2, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x6, 0x3, 0x7b, 0x0, 0x5, 0xfffffffffffffffd}, {0x100, 0x20001, 0x52, 0x85, 0x2, 0x400, 0x2072c2, 0xc, 0x100000000}}) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x24040801) r3 = timerfd_create$auto(0x9, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c02, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto(0x3, 0x40085400, 0x5) write$auto_ucma_fops_ucma(r2, &(0x7f0000000140)="92df7c05cc7f3ca8", 0x8) connect$auto(r2, &(0x7f0000000080)=@l2={0x1f, 0xffff, @any, 0x1}, 0x9) 1.286098494s ago: executing program 0 (id=329): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x5, 0x7fff) socket(0x1e, 0x3, 0x80004183) setsockopt$auto(0x3, 0x10000000084, 0x21d, 0x0, 0x0) mmap$auto(0x0, 0x4, 0xa, 0x80000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000000), 0x210a85a50de492c9, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000640)={0x0, 0x1d, 0x803800, 0x2, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x6, 0x3, 0x7b, 0x0, 0x5, 0xfffffffffffffffd}, {0x100, 0x20001, 0x52, 0x85, 0x2, 0x400, 0x2072c2, 0xc, 0x100000000}}) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x24040801) timerfd_create$auto(0x9, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto(0x3, 0x40085400, 0x5) 1.209119122s ago: executing program 3 (id=330): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000300), 0xffffffffffffffff) prctl$auto(0x23, 0x9, 0x2008, 0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="cb5b"], 0x14}, 0x1, 0x0, 0x0, 0x84}, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x4, 0x0, 0x0, 0x1009}, 0x7}, 0x3, 0x0) recvmmsg$auto(r0, 0x0, 0x7, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/nvme/parameters/io_queue_depth\x00', 0x20001, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sysfs$auto(0x9, 0xffffffffffffffff, 0x2000a4) r3 = socket(0x2, 0x3, 0xa) setsockopt$auto(r3, 0x0, 0x19, 0x0, 0x9) sendto$auto(0x3, 0x0, 0x18, 0x7, &(0x7f0000000180)=@hci={0x1f, 0xdd86, 0x7}, 0x22) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r4 = socket(0x29, 0x2, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socket(0x10, 0x2, 0x0) getsockopt$auto_SO_PEERCRED(r4, 0x2, 0x11, &(0x7f00000000c0)='}#%/\\-^\xb6\x00', &(0x7f0000000100)=0x8) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYRES8=r4, @ANYRESDEC=r3, @ANYRESHEX=r2, @ANYRES8=r0, @ANYRES8=r0], 0x1ac}, 0x1, 0x0, 0x0, 0x4001}, 0x40000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/irq/13/actions\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000001280)=""/4124, 0x101c) 989.645711ms ago: executing program 0 (id=331): open(&(0x7f00000000c0)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) unlink$auto(&(0x7f0000000340)='./file0\x00') unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) setsockopt$auto(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x4) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x8000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/nr3/statistics/rx_crc_errors\x00', 0x2, 0x0) rseq$auto(&(0x7f0000000180)={0x9, 0x4, 0x9, 0x8, 0x800, 0x10001, "1192e8dbb6e6bb6eb3d4508f9656161ed1866bd096ae7309ef52f7e7e908d6d6c08e292e2f51448359c8c7076497761b8c83bbf5e30542159f4fba5391515d45185c0e93e9b617e4138741ae06e29518f18082c82f6c94d92935c39830eb0e104b7d40663b2f9cfc2cb18d3244b22e142e"}, 0x0, 0x7ff, 0x20) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram10\x00', 0x14fe02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r0, 0x8000) sendmsg$auto_NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x1, 0x8000) r1 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x57) socketpair$auto(0xfffffffd, 0x5, 0xffffffff, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x7c, 0x0, 0x8) getsockopt$auto(r1, 0x84, 0x7c, 0x0, &(0x7f0000000000)=0x7ffe) 911.538162ms ago: executing program 1 (id=332): mmap$auto(0x0, 0x9bc, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socket(0xa, 0x1, 0x84) socket(0x23, 0x80805, 0x0) io_uring_setup$auto(0x3, 0x0) pipe$auto(0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) socket(0xa, 0x1, 0x84) socket(0x2, 0x801, 0x106) socket(0x15, 0x5, 0x0) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) r0 = socket(0x10, 0x2, 0xf) r1 = bpf$auto(0x0, &(0x7f0000000200)=@bpf_attr_4={0x1e, r0, 0x5}, 0xd) bpf$auto(0x2, &(0x7f0000000080)=@iter_create={r1, 0x98}, 0x5) 698.050416ms ago: executing program 1 (id=333): mmap$auto(0xb, 0x800000000000003, 0xffffffff, 0x12, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r0) mkdir$auto(&(0x7f0000000040)='./cgroup\x00', 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/cgroup.type\x00', 0x103042, 0x0) rmdir$auto(&(0x7f0000000080)='./cgroup\x00') 621.718518ms ago: executing program 2 (id=334): openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/current_tracer\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0xffffffffffffffff, &(0x7f0000000100)=@in={0x2, 0x3, @remote}, 0x69) socket(0x18, 0x5, 0x2) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/card0/pcm0c/sub0/status\x00', 0x41e400, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ram3\x00', 0x60743, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x100, 0x0) ioctl$auto_SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/sit0/ifindex\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x1000000001) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x202, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x40004}, 0x2) sendmsg$auto_BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x2000c004}, 0x4000080) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/013/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0xffff, 0x5, &(0x7f0000000240), 0xc694, 0x55b6, 0x80005, @stream_id=0x8, 0x2004b, 0xc, 0x0}) 526.384779ms ago: executing program 1 (id=335): r0 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) mmap$auto(0x0, 0x7, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x8000, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/devices\x00', 0x149180, 0x0) read$auto_tracing_stats_fops_trace(r2, &(0x7f0000000000)=""/43, 0xfedf) read$auto(r1, 0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) read$auto_ptdump_curusr_fops_(r0, 0x0, 0x0) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x102, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x131881, 0x0) write$auto(r3, 0x0, 0x81) keyctl$auto_KEYCTL_WATCH_KEY(0x20, 0x9, r1, 0x3, 0x7) ioctl$auto_XFS_IOC_PATH_TO_HANDLE(r0, 0xc0385869, 0x0) write$auto(0x3, 0x0, 0xfffffdef) 490.145806ms ago: executing program 3 (id=336): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x29, 0x5, 0x7fff) socket(0x1e, 0x3, 0x80004183) setsockopt$auto(0x3, 0x10000000084, 0x21d, 0x0, 0x0) mmap$auto(0x0, 0x4, 0xa, 0x80000000eb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000000), 0x210a85a50de492c9, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000640)={0x0, 0x1d, 0x803800, 0x2, 0x7, 0x400a, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x6, 0x3, 0x7b, 0x0, 0x5, 0xfffffffffffffffd}, {0x100, 0x20001, 0x52, 0x85, 0x2, 0x400, 0x2072c2, 0xc, 0x100000000}}) mmap$auto(0x0, 0x9, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, 0x0, 0x24040801) r3 = timerfd_create$auto(0x9, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r3, 0x4c02, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) ioctl$auto(0x3, 0x40085400, 0x5) write$auto_ucma_fops_ucma(r2, &(0x7f0000000140)="92df7c05cc7f3ca8", 0x8) 37.792006ms ago: executing program 3 (id=337): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket(0x10, 0x2, 0xff) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b4d", 0xfdef) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000140)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002180)=ANY=[@ANYBLOB="e0020000", @ANYRES16=r4, @ANYBLOB="01002ebd5100fbcbdf250100000004000180c802018004000680bd020480fc921cf096b39f43034e2db36a74c0ade1e6a4dafab35aa84881d05d1662bd8a8f48943ea4276b7e1465958d17dd9c9706336d0f4a94c7de9fa79cb659b67f43fa331b6f98fa8ad43a943eac1b528ba83992018ecb03ba5dba6660c32c87b1dc86b69a7f6e747504f11d7688a74c47a4ba4802228004003b0040028b8008002600", @ANYRES32=r3, @ANYBLOB="08006e00ac1414aa2c02bc8028029880220242804b8ef4dea62052d4391e1b7fcd2429f7195770e4ca6f21844850ff750ce04caf301dc66838e61817fb1f807d53f524a2ac569f0f1c754ec84650d22b883479398e9d766ecc3fa8de0f83e8f703cb19a0826ec7c4949c87bab590c6305dc6f742accc66d7f2c47d87ec1d7fde707f710037006af15d7fa2ec9194354a1069b7c806492e043fa1fdad718d351a10ddade114048ff1302faa59a651c349c5ec3cede0e3949d48b97b2bd1d493852ed30d3a7c2cead7511ef0c8d71cb13b68fb7475ceac2b9816379110f6b4d10d69aea84f032ee4c179ba7929c5d06329cbdf05000000040034804d001f800400f18004006c800d7112532deb3ef76f18436c6041ed69a31df55778585e94b7244ba30fca32a34652fd3f440a97d881a3e6c962f72b82c506b0f9531ca4e8321faaa8982bbdfd85000000e5007d800800e400", @ANYRES32=0x0, @ANYBLOB="0400af80cee0bd49dab2a617b70e1a2e040e6ba448f301800a8999cec0bec67eb0617ad3f9a0977d09fa35f0e26b923a2713f1104ff7a5b18a2629bbee5de69b17f06e13870462f79e9deb527b97fd65fc8b156b0f525dfca9340f14dc75ef0881c14f5b87a6c615ee754d72289dcac3c322002b00", @ANYRES32=0x0, @ANYBLOB="6000f68004004880f6c5cccd25852c755b4331229a68ba8457bb2c5bc855fc277901cc018a78610faf86906cfd8f50da20a3cfe74a23710a32b0bd28cfddfe8fbcc03a4f9178ec9a0400de8004004380040078800c00a700feffffffffffffff0000000000000000"], 0x2e0}, 0x1, 0x0, 0x0, 0x40}, 0x4) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000480)={{&(0x7f00000001c0)="8d10a50b60e1380b545f89c54bab4fbfb3e0feda7edd7e46ae550aa997ff56be56fea27cb83751daf5f24ad06844d84862e0d8ddb179f76038831d67eaac8ab77003e5fc4eaf9d788521bd99b2729d94e367eabcdce535dd22dee07e455f0d28213b56b89d026239a1a68f51487800b3643829c256b36302e01c43618a797b05025b5feebfc59d59d2d916fd4248245863a0fd01593abab17301a9c36f0ec8bcbd4d8e6757f5b19d5092696e8e3e7ae1179791a4d12d4b6e213364b1f45cbae151889a10e446fe3ddc6e35545780a45518a4", 0x3, &(0x7f00000003c0)={&(0x7f00000002c0)="a05773e17fc3f097c1dda9674cdda8495227c3f6143b1c9dae28868eb2521113ee53fe55139a6cafe81097998f467936029d7cc2a59bd8df4aac7fbffdb54dfbc4dabe4693db529a457b072d24a74a8cc4064a179611df8dbc3eb7d0d68f653f5c970fe5e8039b309bf88b2d95319ac03fe3fed98f97feb30230ed7bc44c009694c3a27e9526df2fdf2b2d30adf6f4e00f90211708f37043fdc4153b871250e305e2c21184eaa67cb94b2d8e79f89ec13959f9918ffa08e8a519c2ad073327cf5ae99cbd9397b8187ea2e9c37e5535d88c6ce6ca1e247930b3585aa92c14", 0x100}, 0x1, &(0x7f0000000400)="2491e2f933b13df8b9767a34918374d206e5f3c766ee0baae721e41d7b28fc255fc9387e8c68e335e84ca7720ac49cdfdff203042b32ffe2ddf3fee62aa25966f135af5acda0f5ee35af2663f7f69d40ea81d8bce8fc80c0add9", 0x1, 0x1}, 0x401}, 0x5, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x1, 0x0) ioctl$auto(r5, 0x4018620d, 0x9) getsockopt$auto_SO_TIMESTAMPING_OLD(r0, 0x401, 0x25, &(0x7f0000000040)='/dev/tty0\x00', &(0x7f0000000080)=0x7fffffff) mmap$auto(0xfffffffffffffffc, 0x6, 0xdf, 0xeb0, 0x401, 0x8000) mmap$auto(0x0, 0x101, 0x4000000000df, 0xeb1, 0x200000401, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x3, 0x4, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0xff, 0x403, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x400, 0x0) r6 = openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000040), 0x42001, 0x0) ioctl$auto(r6, 0x404c534a, 0x38) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bdi/250:0/read_ahead_kb\x00', 0x5e30523b26a2a748, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty19\x00', 0x800, 0x0) close_range$auto(0x2, 0x8, 0x0) 0s ago: executing program 2 (id=338): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000040)='./file0\x00', 0x2041, 0xfa) write$auto(r0, 0x0, 0xfffffdf1) ioctl$auto_FS_IOC_SETFLAGS2(r0, 0x40086602, 0x0) socket(0x2, 0x4, 0xff) read$auto_mon_fops_binary_mon_bin(r0, &(0x7f0000001080)=""/4097, 0x1001) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020005, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x600006, 0x19) r1 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/psaux\x00', 0x40000, 0x0) times$auto(&(0x7f0000000040)={0x100002b, 0x9, 0x1, 0x2}) poll$auto(&(0x7f0000000000)={r1, 0x3, 0x4}, 0xb, 0x7) madvise$auto(0x0, 0xfffffffffffeffff, 0x19) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/nbd2\x00', 0x40000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000006cc0), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_RECONFIGURE(r2, &(0x7f0000006d80)={0x0, 0x0, &(0x7f0000006d40)={&(0x7f0000006d00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf19030000000800010002"], 0x1c}}, 0x24044880) r4 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) writev$auto(0xffffffffffffffff, 0x0, 0xbf) fcntl$auto_F_NOTIFY(r4, 0x402, 0x0) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/net/rpc/gss_krb5_enctypes\x00', 0x1c9180, 0x0) read$auto_tracing_stats_fops_trace(r5, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) readv$auto(0x3, 0x0, 0xfffffffffffffffe) read$auto(0xffffffffffffffff, &(0x7f0000000000)='/proc/scsi/sg/def_reserved_size\x00', 0xff) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.141' (ED25519) to the list of known hosts. [ 74.282524][ T5617] cgroup: Unknown subsys name 'net' [ 74.417758][ T5617] cgroup: Unknown subsys name 'cpuset' [ 74.427032][ T5617] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 75.896834][ T5617] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 77.714712][ T5633] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 77.739958][ T5634] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 77.748818][ T5634] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 77.760736][ T5634] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 77.768474][ T5641] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 77.770187][ T5634] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 77.784462][ T5634] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 77.792241][ T5634] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 77.799695][ T5644] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 77.809946][ T5643] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 77.809950][ T5644] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 77.812439][ T5634] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 77.818903][ T5644] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 77.827308][ T5634] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 77.835394][ T5644] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 77.838960][ T5643] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 77.850886][ T5634] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 77.856151][ T5643] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 77.861202][ T5634] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 77.869654][ T5643] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 79.432162][ T5630] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.439614][ T5630] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.448175][ T5630] bridge_slave_0: entered allmulticast mode [ 79.455564][ T5630] bridge_slave_0: entered promiscuous mode [ 79.481471][ T5629] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.488633][ T5629] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.496588][ T5629] bridge_slave_0: entered allmulticast mode [ 79.503730][ T5629] bridge_slave_0: entered promiscuous mode [ 79.512413][ T5630] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.519658][ T5630] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.526969][ T5630] bridge_slave_1: entered allmulticast mode [ 79.534052][ T5630] bridge_slave_1: entered promiscuous mode [ 79.559984][ T5629] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.567364][ T5629] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.574598][ T5629] bridge_slave_1: entered allmulticast mode [ 79.581696][ T5629] bridge_slave_1: entered promiscuous mode [ 79.641985][ T5628] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.649775][ T5628] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.657295][ T5628] bridge_slave_0: entered allmulticast mode [ 79.664879][ T5628] bridge_slave_0: entered promiscuous mode [ 79.684567][ T5630] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.701097][ T5628] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.708506][ T5628] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.716346][ T5628] bridge_slave_1: entered allmulticast mode [ 79.723382][ T5628] bridge_slave_1: entered promiscuous mode [ 79.732994][ T5629] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.744698][ T5630] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.773485][ T5629] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.831896][ T5631] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.839169][ T5631] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.846982][ T5631] bridge_slave_0: entered allmulticast mode [ 79.854254][ T5631] bridge_slave_0: entered promiscuous mode [ 79.864317][ T5628] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.884802][ T5630] team0: Port device team_slave_0 added [ 79.893455][ T5630] team0: Port device team_slave_1 added [ 79.900702][ T5631] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.900999][ T5633] Bluetooth: hci3: command tx timeout [ 79.907931][ T5631] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.921675][ T5631] bridge_slave_1: entered allmulticast mode [ 79.928982][ T5631] bridge_slave_1: entered promiscuous mode [ 79.938024][ T5628] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.949261][ T5629] team0: Port device team_slave_0 added [ 79.964199][ T5643] Bluetooth: hci1: command tx timeout [ 79.970776][ T4947] Bluetooth: hci0: command tx timeout [ 79.976715][ T5633] Bluetooth: hci2: command tx timeout [ 80.002488][ T5629] team0: Port device team_slave_1 added [ 80.009920][ T5630] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.017057][ T5630] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.043412][ T5630] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.089772][ T5630] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.096901][ T5630] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.123200][ T5630] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.137050][ T5631] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 80.149015][ T5628] team0: Port device team_slave_0 added [ 80.178394][ T5631] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 80.189654][ T5628] team0: Port device team_slave_1 added [ 80.196596][ T5629] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.204106][ T5629] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.230544][ T5629] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.243228][ T5629] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.250532][ T5629] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.276678][ T5629] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.349380][ T5628] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.356485][ T5628] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.383039][ T5628] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.396233][ T5628] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.403244][ T5628] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.429581][ T5628] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.442247][ T5631] team0: Port device team_slave_0 added [ 80.467154][ T5631] team0: Port device team_slave_1 added [ 80.487601][ T5630] hsr_slave_0: entered promiscuous mode [ 80.494242][ T5630] hsr_slave_1: entered promiscuous mode [ 80.567171][ T5629] hsr_slave_0: entered promiscuous mode [ 80.573475][ T5629] hsr_slave_1: entered promiscuous mode [ 80.579850][ T5629] debugfs: 'hsr0' already exists in 'hsr' [ 80.586007][ T5629] Cannot create hsr debugfs directory [ 80.604351][ T5628] hsr_slave_0: entered promiscuous mode [ 80.610585][ T5628] hsr_slave_1: entered promiscuous mode [ 80.616854][ T5628] debugfs: 'hsr0' already exists in 'hsr' [ 80.622689][ T5628] Cannot create hsr debugfs directory [ 80.629434][ T5631] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 80.636521][ T5631] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.662799][ T5631] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 80.675393][ T5631] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 80.682365][ T5631] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 80.708766][ T5631] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 80.891847][ T5631] hsr_slave_0: entered promiscuous mode [ 80.898369][ T5631] hsr_slave_1: entered promiscuous mode [ 80.905719][ T5631] debugfs: 'hsr0' already exists in 'hsr' [ 80.911495][ T5631] Cannot create hsr debugfs directory [ 81.216302][ T5630] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 81.231849][ T5630] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 81.241142][ T5630] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 81.251550][ T5630] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 81.261256][ T5630] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 81.271980][ T5630] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 81.280405][ T5630] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 81.290575][ T5630] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 81.380914][ T5628] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 81.392792][ T5628] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 81.420638][ T5628] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 81.431527][ T5628] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 81.440773][ T5628] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 81.450908][ T5628] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 81.461258][ T5628] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 81.471934][ T5628] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 81.548582][ T5629] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 81.561938][ T5629] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 81.573856][ T5629] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 81.585073][ T5629] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 81.593300][ T5629] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 81.603564][ T5629] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 81.628332][ T5629] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 81.638064][ T5629] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 81.716613][ T5631] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 81.728761][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 81.748795][ T5631] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 81.759791][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 81.768323][ T5631] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 81.779599][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 81.794479][ T5630] 8021q: adding VLAN 0 to HW filter on device bond0 [ 81.803672][ T5631] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 81.815087][ T5631] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 81.877407][ T5630] 8021q: adding VLAN 0 to HW filter on device team0 [ 81.916960][ T35] bridge0: port 1(bridge_slave_0) entered blocking state [ 81.924688][ T35] bridge0: port 1(bridge_slave_0) entered forwarding state [ 81.948036][ T35] bridge0: port 2(bridge_slave_1) entered blocking state [ 81.955226][ T35] bridge0: port 2(bridge_slave_1) entered forwarding state [ 81.964602][ T5633] Bluetooth: hci3: command tx timeout [ 82.010243][ T5628] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.044822][ T5633] Bluetooth: hci2: command tx timeout [ 82.050299][ T5643] Bluetooth: hci1: command tx timeout [ 82.055864][ T4947] Bluetooth: hci0: command tx timeout [ 82.106811][ T5629] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.125261][ T5628] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.145861][ T5631] 8021q: adding VLAN 0 to HW filter on device bond0 [ 82.180015][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.187282][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.217158][ T48] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.224375][ T48] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.260869][ T5629] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.277696][ T5631] 8021q: adding VLAN 0 to HW filter on device team0 [ 82.302312][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.309631][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.338581][ T1167] bridge0: port 1(bridge_slave_0) entered blocking state [ 82.345824][ T1167] bridge0: port 1(bridge_slave_0) entered forwarding state [ 82.363161][ T142] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.370422][ T142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 82.393715][ T142] bridge0: port 2(bridge_slave_1) entered blocking state [ 82.400904][ T142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.029047][ T5630] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.177863][ T5630] veth0_vlan: entered promiscuous mode [ 83.218989][ T5630] veth1_vlan: entered promiscuous mode [ 83.318367][ T5630] veth0_macvtap: entered promiscuous mode [ 83.348508][ T5630] veth1_macvtap: entered promiscuous mode [ 83.429937][ T5630] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.477217][ T5630] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.529605][ T142] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.547289][ T5631] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.560161][ T142] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.579964][ T142] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.595582][ T5628] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.624651][ T142] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.643255][ T5629] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.801618][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.815109][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.817293][ T5631] veth0_vlan: entered promiscuous mode [ 83.842038][ T5629] veth0_vlan: entered promiscuous mode [ 83.869608][ T5628] veth0_vlan: entered promiscuous mode [ 83.892888][ T183] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.900125][ T5631] veth1_vlan: entered promiscuous mode [ 83.901330][ T183] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.927464][ T5628] veth1_vlan: entered promiscuous mode [ 83.936076][ T5629] veth1_vlan: entered promiscuous mode [ 84.023571][ T5630] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 84.041885][ T5631] veth0_macvtap: entered promiscuous mode [ 84.052334][ T4947] Bluetooth: hci3: command tx timeout [ 84.060785][ T5629] veth0_macvtap: entered promiscuous mode [ 84.092861][ T5631] veth1_macvtap: entered promiscuous mode [ 84.110043][ T5629] veth1_macvtap: entered promiscuous mode [ 84.124282][ T4947] Bluetooth: hci0: command tx timeout [ 84.129821][ T5643] Bluetooth: hci1: command tx timeout [ 84.135493][ T5633] Bluetooth: hci2: command tx timeout [ 84.140695][ T5629] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.171547][ T5628] veth0_macvtap: entered promiscuous mode [ 84.191652][ T5629] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.231193][ T5628] veth1_macvtap: entered promiscuous mode [ 84.247155][ T183] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.256603][ T183] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.272280][ T5631] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.283519][ T183] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.295278][ T183] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.327429][ T5631] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.370334][ T183] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.380956][ T183] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.393144][ T5628] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 84.404874][ T183] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.414980][ T183] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.468589][ T5628] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 84.548996][ T5783] process 'syz.0.1' launched './file0' with NULL argv: empty string added [ 84.552652][ T142] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.584489][ T142] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.600527][ T142] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.638534][ T142] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 84.684889][ T142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.725751][ T142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.829341][ T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.854348][ T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 84.918927][ T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 84.944278][ T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.040555][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.052002][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.118651][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.130186][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.221011][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 85.243890][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 85.636604][ T5792] mmap: syz.1.2 (5792) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 85.848107][ T5795] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 86.042307][ T5795] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5'. [ 86.078558][ T5793] FAULT_INJECTION: forcing a failure. [ 86.078558][ T5793] name failslab, interval 1, probability 0, space 0, times 1 [ 86.107893][ T5802] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 86.139766][ T5633] Bluetooth: hci3: command tx timeout [ 86.144409][ T5793] CPU: 0 UID: 0 PID: 5793 Comm: syz.2.3 Not tainted syzkaller #0 PREEMPT(full) [ 86.144447][ T5793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 86.144471][ T5793] Call Trace: [ 86.144480][ T5793] [ 86.144490][ T5793] dump_stack_lvl+0x100/0x190 [ 86.144530][ T5793] should_fail_ex.cold+0x5/0xa [ 86.144566][ T5793] should_failslab+0xc2/0x120 [ 86.144599][ T5793] __kmalloc_cache_noprof+0x7a/0x6f0 [ 86.144640][ T5793] ? fscontext_alloc_log+0x4a/0x1b0 [ 86.144666][ T5793] ? nilfs_init_fs_context+0xbd/0x100 [ 86.144700][ T5793] fscontext_alloc_log+0x4a/0x1b0 [ 86.144728][ T5793] __x64_sys_fsopen+0x159/0x220 [ 86.144755][ T5793] do_syscall_64+0x10b/0xf80 [ 86.144780][ T5793] ? clear_bhb_loop+0x40/0x90 [ 86.144820][ T5793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 86.144848][ T5793] RIP: 0033:0x7fc210f9ce59 [ 86.144877][ T5793] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 86.144902][ T5793] RSP: 002b:00007fc211db8028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 86.144930][ T5793] RAX: ffffffffffffffda RBX: 00007fc211216090 RCX: 00007fc210f9ce59 [ 86.144948][ T5793] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 86.144964][ T5793] RBP: 00007fc211032d6f R08: 0000000000000000 R09: 0000000000000000 [ 86.144980][ T5793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 86.144996][ T5793] R13: 00007fc211216128 R14: 00007fc211216090 R15: 00007fff0b599458 [ 86.145031][ T5793] [ 86.234138][ T5643] Bluetooth: hci2: command tx timeout [ 86.252613][ T4947] Bluetooth: hci1: command tx timeout [ 86.263401][ T5634] Bluetooth: hci0: command tx timeout [ 86.973760][ T5795] Zero length message leads to an empty skb [ 87.945562][ T5815] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7'. [ 88.028973][ T5816] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7'. [ 88.080554][ T5818] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7'. [ 89.115202][ T5837] netlink: ct family unspecified [ 90.295287][ T5820] Process accounting resumed [ 92.063611][ T1240] cfg80211: failed to load regulatory.db [ 92.261156][ T5871] random: crng reseeded on system resumption [ 92.876607][ T5845] Process accounting resumed [ 93.483723][ T5890] netlink: 98 bytes leftover after parsing attributes in process `syz.2.22'. [ 93.568260][ T5891] netlink: 50 bytes leftover after parsing attributes in process `syz.2.22'. [ 93.715087][ T5882] : entered promiscuous mode [ 95.099450][ T5884] kexec: Could not allocate control_code_buffer [ 95.297640][ T5916] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 95.438240][ T5916] FAULT_INJECTION: forcing a failure. [ 95.438240][ T5916] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 95.478751][ T5919] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 95.489267][ T5916] CPU: 0 UID: 0 PID: 5916 Comm: syz.3.30 Not tainted syzkaller #0 PREEMPT(full) [ 95.489301][ T5916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 95.489310][ T5916] Call Trace: [ 95.489317][ T5916] [ 95.489323][ T5916] dump_stack_lvl+0x100/0x190 [ 95.489345][ T5916] should_fail_ex.cold+0x5/0xa [ 95.489365][ T5916] _copy_from_user+0x2e/0xd0 [ 95.489383][ T5916] proc_do_submiturb+0x1d8e/0x3820 [ 95.489419][ T5916] usbdev_ioctl+0x2adb/0x3aa0 [ 95.489443][ T5916] ? __pfx_usbdev_ioctl+0x10/0x10 [ 95.489468][ T5916] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 95.489491][ T5916] ? do_vfs_ioctl+0x226/0x13e0 [ 95.489507][ T5916] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 95.489527][ T5916] ? find_held_lock+0x2b/0x80 [ 95.489545][ T5916] ? __fget_files+0x215/0x3d0 [ 95.489561][ T5916] ? hook_file_ioctl_common+0x149/0x410 [ 95.489587][ T5916] ? __pfx_usbdev_ioctl+0x10/0x10 [ 95.489608][ T5916] __x64_sys_ioctl+0x18e/0x210 [ 95.489624][ T5916] do_syscall_64+0x10b/0xf80 [ 95.489638][ T5916] ? clear_bhb_loop+0x40/0x90 [ 95.489657][ T5916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.489672][ T5916] RIP: 0033:0x7f798d99ce59 [ 95.489686][ T5916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 95.489700][ T5916] RSP: 002b:00007f798e91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 95.489715][ T5916] RAX: ffffffffffffffda RBX: 00007f798dc15fa0 RCX: 00007f798d99ce59 [ 95.489725][ T5916] RDX: 0000200000000100 RSI: 000000008038550a RDI: 000000000000000a [ 95.489734][ T5916] RBP: 00007f798da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 95.489742][ T5916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 95.489751][ T5916] R13: 00007f798dc16038 R14: 00007f798dc15fa0 R15: 00007ffe04e9e3f8 [ 95.489771][ T5916] [ 95.990453][ T5919] netlink: 28 bytes leftover after parsing attributes in process `syz.2.31'. [ 97.541675][ T5953] ubi31: attaching mtd0 [ 97.546443][ T5953] ubi31: scanning is finished [ 97.546475][ T5953] ubi31: empty MTD device detected [ 100.655500][ T5953] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 100.679984][ T5953] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3518 bytes [ 100.703419][ T5953] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 100.729876][ T5953] ubi31: VID header offset: 514 (aligned 514), data offset: 578 [ 100.769788][ T5953] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 100.797205][ T5953] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 20 [ 100.821185][ T5953] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4078788727 [ 100.850648][ T5953] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 100.879285][ T5981] ubi31: background thread "ubi_bgt31d" started, PID 5981 [ 102.802229][ T6010] sg_write: data in/out 131052/209 bytes for SCSI command 0x67-- guessing data in; [ 102.802229][ T6010] program syz.2.42 not setting count and/or reply_len properly [ 102.986574][ T6007] FAULT_INJECTION: forcing a failure. [ 102.986574][ T6007] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 103.026318][ T6007] CPU: 0 UID: 0 PID: 6007 Comm: syz.0.43 Not tainted syzkaller #0 PREEMPT(full) [ 103.026357][ T6007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 103.026374][ T6007] Call Trace: [ 103.026383][ T6007] [ 103.026394][ T6007] dump_stack_lvl+0x100/0x190 [ 103.026430][ T6007] should_fail_ex.cold+0x5/0xa [ 103.026463][ T6007] _copy_to_user+0x32/0xd0 [ 103.026494][ T6007] do_pages_stat+0x559/0x7f0 [ 103.026542][ T6007] ? __pfx_do_pages_stat+0x10/0x10 [ 103.026591][ T6007] ? get_task_cred+0x17f/0x360 [ 103.026647][ T6007] ? do_raw_spin_unlock+0x145/0x1e0 [ 103.026687][ T6007] kernel_move_pages+0xecf/0x13f0 [ 103.026729][ T6007] ? do_futex+0x192/0x350 [ 103.026762][ T6007] ? __pfx_do_futex+0x10/0x10 [ 103.026795][ T6007] ? __pfx_kernel_move_pages+0x10/0x10 [ 103.026840][ T6007] ? __x64_sys_futex+0x34f/0x4d0 [ 103.026870][ T6007] ? __x64_sys_futex+0x358/0x4d0 [ 103.026905][ T6007] ? xfd_validate_state+0x129/0x190 [ 103.026944][ T6007] __x64_sys_move_pages+0xe0/0x1c0 [ 103.026983][ T6007] ? do_syscall_64+0x90/0xf80 [ 103.027010][ T6007] ? lockdep_hardirqs_on+0x78/0x100 [ 103.027055][ T6007] do_syscall_64+0x10b/0xf80 [ 103.027081][ T6007] ? clear_bhb_loop+0x40/0x90 [ 103.027116][ T6007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.027146][ T6007] RIP: 0033:0x7f1d0059ce59 [ 103.027169][ T6007] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 103.027196][ T6007] RSP: 002b:00007f1cfe7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 103.027223][ T6007] RAX: ffffffffffffffda RBX: 00007f1d00815fa0 RCX: 00007f1d0059ce59 [ 103.027241][ T6007] RDX: 0000000000000000 RSI: 0000000000020007 RDI: 0000000000000001 [ 103.027259][ T6007] RBP: 00007f1d00632d6f R08: 0000000000000000 R09: 8000000000000000 [ 103.027277][ T6007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 103.027295][ T6007] R13: 00007f1d00816038 R14: 00007f1d00815fa0 R15: 00007ffcd00e36e8 [ 103.027333][ T6007] [ 103.888505][ T6027] netlink: 8 bytes leftover after parsing attributes in process `syz.2.47'. [ 103.951105][ T6031] netlink: 8 bytes leftover after parsing attributes in process `syz.2.47'. [ 107.092360][ T6061] ubi: mtd0 is already attached to ubi31 [ 107.793076][ T6086] netlink: 8 bytes leftover after parsing attributes in process `syz.2.58'. [ 107.852965][ T6086] netlink: 8 bytes leftover after parsing attributes in process `syz.2.58'. [ 107.903666][ T6086] netlink: 8 bytes leftover after parsing attributes in process `syz.2.58'. [ 108.143565][ T6092] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 108.822980][ T6104] netlink: 8 bytes leftover after parsing attributes in process `syz.2.62'. [ 110.415205][ T6112] Process accounting resumed [ 110.932876][ T6107] Process accounting resumed [ 111.177325][ T6133] nbd: must specify at least one socket [ 111.230275][ T6133] netlink: 28 bytes leftover after parsing attributes in process `syz.2.69'. [ 111.280863][ T6136] netlink: 'syz.2.69': attribute type 1 has an invalid length. syzkaller syzkaller login: [ 112.470686][ T6155] netlink: 146 bytes leftover after parsing attributes in process `syz.3.73'. [ 116.081194][ T6176] Process accounting resumed [ 122.946245][ T6277] Process accounting resumed [ 123.443564][ T6279] Process accounting paused [ 124.650120][ T6326] FAULT_INJECTION: forcing a failure. [ 124.650120][ T6326] name fail_futex, interval 1, probability 0, space 0, times 1 [ 124.714510][ T6326] CPU: 1 UID: 0 PID: 6326 Comm: syz.0.100 Not tainted syzkaller #0 PREEMPT(full) [ 124.714534][ T6326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 124.714544][ T6326] Call Trace: [ 124.714550][ T6326] [ 124.714556][ T6326] dump_stack_lvl+0x100/0x190 [ 124.714579][ T6326] should_fail_ex.cold+0x5/0xa [ 124.714599][ T6326] get_futex_key+0x1d2/0x1510 [ 124.714618][ T6326] ? __pfx_get_futex_key+0x10/0x10 [ 124.714639][ T6326] futex_wait_setup+0x83/0x510 [ 124.714663][ T6326] __futex_wait+0x19f/0x300 [ 124.714687][ T6326] ? __pfx___futex_wait+0x10/0x10 [ 124.714709][ T6326] ? __pfx_futex_wake_mark+0x10/0x10 [ 124.714730][ T6326] ? futex_hash+0x2ad/0x370 [ 124.714746][ T6326] ? futex_hash+0x141/0x370 [ 124.714763][ T6326] futex_wait+0xe6/0x370 [ 124.714791][ T6326] ? __pfx_futex_wait+0x10/0x10 [ 124.714815][ T6326] ? __might_fault+0xc5/0x140 [ 124.714842][ T6326] do_futex+0x1ef/0x350 [ 124.714860][ T6326] ? __pfx_do_futex+0x10/0x10 [ 124.714877][ T6326] ? __sys_connect+0xe4/0x170 [ 124.714896][ T6326] __x64_sys_futex+0x34f/0x4d0 [ 124.714915][ T6326] ? __pfx___x64_sys_futex+0x10/0x10 [ 124.714941][ T6326] ? rcu_is_watching+0x12/0xc0 [ 124.714963][ T6326] do_syscall_64+0x10b/0xf80 [ 124.714977][ T6326] ? clear_bhb_loop+0x40/0x90 [ 124.714995][ T6326] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.715010][ T6326] RIP: 0033:0x7f1d0059ce59 [ 124.715023][ T6326] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 124.715049][ T6326] RSP: 002b:00007f1cfe7d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 124.715065][ T6326] RAX: ffffffffffffffda RBX: 00007f1d00816098 RCX: 00007f1d0059ce59 [ 124.715076][ T6326] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1d00816098 [ 124.715085][ T6326] RBP: 00007f1d00816090 R08: 0000000000000000 R09: 0000000000000000 [ 124.715094][ T6326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.715103][ T6326] R13: 00007f1d00816128 R14: 00007ffcd00e3600 R15: 00007ffcd00e36e8 [ 124.715122][ T6326] [ 126.788060][ T6363] netlink: 28 bytes leftover after parsing attributes in process `syz.0.105'. [ 128.226762][ T6352] Process accounting resumed [ 133.007794][ T1317] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.007904][ T1317] ieee802154 phy1 wpan1: encryption failed: -22 [ 137.162403][ T6494] random: crng reseeded on system resumption [ 137.490888][ T6494] hub 1-0:1.0: USB hub found [ 137.512824][ T6494] hub 1-0:1.0: 1 port detected [ 138.098452][ T6507] FAULT_INJECTION: forcing a failure. [ 138.098452][ T6507] name failslab, interval 1, probability 0, space 0, times 0 [ 138.130085][ T6507] CPU: 1 UID: 0 PID: 6507 Comm: syz.3.135 Not tainted syzkaller #0 PREEMPT(full) [ 138.130134][ T6507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 138.130151][ T6507] Call Trace: [ 138.130161][ T6507] [ 138.130172][ T6507] dump_stack_lvl+0x100/0x190 [ 138.130210][ T6507] should_fail_ex.cold+0x5/0xa [ 138.130248][ T6507] should_failslab+0xc2/0x120 [ 138.130283][ T6507] __kmalloc_cache_noprof+0x7a/0x6f0 [ 138.130325][ T6507] ? apply_subsystem_event_filter+0x54f/0x17b0 [ 138.130365][ T6507] ? append_filter_err+0x43a/0x620 [ 138.130409][ T6507] apply_subsystem_event_filter+0x54f/0x17b0 [ 138.130462][ T6507] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 138.130515][ T6507] ? _copy_from_user+0x59/0xd0 [ 138.130551][ T6507] subsystem_filter_write+0x95/0x120 [ 138.130595][ T6507] vfs_write+0x2aa/0x1070 [ 138.130629][ T6507] ? __pfx_subsystem_filter_write+0x10/0x10 [ 138.130674][ T6507] ? __pfx_vfs_write+0x10/0x10 [ 138.130706][ T6507] ? __fget_files+0x215/0x3d0 [ 138.130748][ T6507] ? __fget_files+0x21f/0x3d0 [ 138.130790][ T6507] ksys_write+0x12a/0x250 [ 138.130819][ T6507] ? __pfx_ksys_write+0x10/0x10 [ 138.130851][ T6507] ? rcu_is_watching+0x12/0xc0 [ 138.130890][ T6507] do_syscall_64+0x10b/0xf80 [ 138.130916][ T6507] ? clear_bhb_loop+0x40/0x90 [ 138.130951][ T6507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.130980][ T6507] RIP: 0033:0x7f798d99ce59 [ 138.131004][ T6507] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 138.131030][ T6507] RSP: 002b:00007f798e91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 138.131054][ T6507] RAX: ffffffffffffffda RBX: 00007f798dc15fa0 RCX: 00007f798d99ce59 [ 138.131070][ T6507] RDX: 0000000000000078 RSI: 0000200000000040 RDI: 0000000000000006 [ 138.131085][ T6507] RBP: 00007f798da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 138.131100][ T6507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.131114][ T6507] R13: 00007f798dc16038 R14: 00007f798dc15fa0 R15: 00007ffe04e9e3f8 [ 138.131159][ T6507] [ 139.495637][ T6519] FAULT_INJECTION: forcing a failure. [ 139.495637][ T6519] name failslab, interval 1, probability 0, space 0, times 0 [ 139.551636][ T6519] CPU: 0 UID: 0 PID: 6519 Comm: syz.2.138 Not tainted syzkaller #0 PREEMPT(full) [ 139.551676][ T6519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 139.551692][ T6519] Call Trace: [ 139.551701][ T6519] [ 139.551721][ T6519] dump_stack_lvl+0x100/0x190 [ 139.551767][ T6519] should_fail_ex.cold+0x5/0xa [ 139.551803][ T6519] should_failslab+0xc2/0x120 [ 139.551838][ T6519] __kmalloc_cache_noprof+0x7a/0x6f0 [ 139.551879][ T6519] ? apply_subsystem_event_filter+0x54f/0x17b0 [ 139.551920][ T6519] ? append_filter_err+0x43a/0x620 [ 139.551964][ T6519] apply_subsystem_event_filter+0x54f/0x17b0 [ 139.552017][ T6519] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 139.552068][ T6519] ? _copy_from_user+0x59/0xd0 [ 139.552104][ T6519] subsystem_filter_write+0x95/0x120 [ 139.552149][ T6519] vfs_write+0x2aa/0x1070 [ 139.552183][ T6519] ? __pfx_subsystem_filter_write+0x10/0x10 [ 139.552227][ T6519] ? __pfx_vfs_write+0x10/0x10 [ 139.552260][ T6519] ? __fget_files+0x215/0x3d0 [ 139.552303][ T6519] ? __fget_files+0x21f/0x3d0 [ 139.552347][ T6519] ksys_write+0x12a/0x250 [ 139.552379][ T6519] ? __pfx_ksys_write+0x10/0x10 [ 139.552416][ T6519] ? rcu_is_watching+0x12/0xc0 [ 139.552455][ T6519] do_syscall_64+0x10b/0xf80 [ 139.552485][ T6519] ? clear_bhb_loop+0x40/0x90 [ 139.552521][ T6519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.552551][ T6519] RIP: 0033:0x7fc210f9ce59 [ 139.552575][ T6519] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 139.552602][ T6519] RSP: 002b:00007fc211dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 139.552628][ T6519] RAX: ffffffffffffffda RBX: 00007fc211215fa0 RCX: 00007fc210f9ce59 [ 139.552648][ T6519] RDX: 0000000000000078 RSI: 0000200000000040 RDI: 0000000000000006 [ 139.552665][ T6519] RBP: 00007fc211032d6f R08: 0000000000000000 R09: 0000000000000000 [ 139.552682][ T6519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.552698][ T6519] R13: 00007fc211216038 R14: 00007fc211215fa0 R15: 00007fff0b599458 [ 139.552742][ T6519] [ 140.954425][ T6521] Process accounting paused [ 141.672033][ T6549] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 144.079280][ T6588] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 144.936322][ T6599] sysfs_service_op_show: Client not running :-5: [ 146.136198][ T6613] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 146.986961][ T6613] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.476342][ T6613] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 147.731852][ T6613] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 149.671601][ T6676] Process accounting resumed [ 150.160339][ T6696] FAULT_INJECTION: forcing a failure. [ 150.160339][ T6696] name failslab, interval 1, probability 0, space 0, times 0 [ 150.173350][ T6696] CPU: 0 UID: 0 PID: 6696 Comm: syz.3.174 Not tainted syzkaller #0 PREEMPT(full) [ 150.173389][ T6696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 150.173406][ T6696] Call Trace: [ 150.173415][ T6696] [ 150.173425][ T6696] dump_stack_lvl+0x100/0x190 [ 150.173459][ T6696] should_fail_ex.cold+0x5/0xa [ 150.173494][ T6696] should_failslab+0xc2/0x120 [ 150.173525][ T6696] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 150.173554][ T6696] ? apply_subsystem_event_filter+0x463/0x17b0 [ 150.173604][ T6696] kstrdup+0x51/0xe0 [ 150.173635][ T6696] apply_subsystem_event_filter+0x463/0x17b0 [ 150.173690][ T6696] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 150.173740][ T6696] ? _copy_from_user+0x59/0xd0 [ 150.173774][ T6696] subsystem_filter_write+0x95/0x120 [ 150.173817][ T6696] vfs_write+0x2aa/0x1070 [ 150.173870][ T6696] ? __pfx_subsystem_filter_write+0x10/0x10 [ 150.173914][ T6696] ? __pfx_vfs_write+0x10/0x10 [ 150.173942][ T6696] ? __fget_files+0x215/0x3d0 [ 150.173987][ T6696] ? __fget_files+0x21f/0x3d0 [ 150.174029][ T6696] ksys_write+0x12a/0x250 [ 150.174057][ T6696] ? __pfx_ksys_write+0x10/0x10 [ 150.174088][ T6696] ? rcu_is_watching+0x12/0xc0 [ 150.174125][ T6696] do_syscall_64+0x10b/0xf80 [ 150.174152][ T6696] ? clear_bhb_loop+0x40/0x90 [ 150.174187][ T6696] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.174215][ T6696] RIP: 0033:0x7f798d99ce59 [ 150.174237][ T6696] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 150.174263][ T6696] RSP: 002b:00007f798e91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 150.174290][ T6696] RAX: ffffffffffffffda RBX: 00007f798dc15fa0 RCX: 00007f798d99ce59 [ 150.174309][ T6696] RDX: 0000000000000078 RSI: 0000200000000040 RDI: 0000000000000006 [ 150.174325][ T6696] RBP: 00007f798da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 150.174342][ T6696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.174357][ T6696] R13: 00007f798dc16038 R14: 00007f798dc15fa0 R15: 00007ffe04e9e3f8 [ 150.174396][ T6696] [ 152.121018][ T6720] netlink: 20 bytes leftover after parsing attributes in process `syz.1.179'. [ 152.906147][ T6717] Process accounting resumed [ 152.967231][ T6720] Process accounting paused [ 153.248750][ T6735] FAULT_INJECTION: forcing a failure. [ 153.248750][ T6735] name failslab, interval 1, probability 0, space 0, times 0 [ 153.297467][ T6735] CPU: 0 UID: 0 PID: 6735 Comm: syz.3.183 Not tainted syzkaller #0 PREEMPT(full) [ 153.297507][ T6735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 153.297524][ T6735] Call Trace: [ 153.297533][ T6735] [ 153.297544][ T6735] dump_stack_lvl+0x100/0x190 [ 153.297582][ T6735] should_fail_ex.cold+0x5/0xa [ 153.297619][ T6735] should_failslab+0xc2/0x120 [ 153.297653][ T6735] __kmalloc_cache_noprof+0x7a/0x6f0 [ 153.297694][ T6735] ? sctp_endpoint_new+0xfc/0xb20 [ 153.297730][ T6735] ? __debug_object_init+0x2de/0x3d0 [ 153.297774][ T6735] sctp_endpoint_new+0xfc/0xb20 [ 153.297814][ T6735] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 153.297852][ T6735] ? lockdep_init_map_type+0x5c/0x250 [ 153.297883][ T6735] ? lockdep_init_map_type+0x5c/0x250 [ 153.297911][ T6735] ? lockdep_init_map_type+0x5c/0x250 [ 153.297944][ T6735] sctp_init_sock+0xe2b/0x1300 [ 153.297982][ T6735] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 153.298017][ T6735] sctp_v6_init_sock+0x16/0x70 [ 153.298051][ T6735] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 153.298085][ T6735] inet6_create+0xb21/0x12b0 [ 153.298128][ T6735] ? inet6_create+0x7f/0x12b0 [ 153.298172][ T6735] __sock_create+0x339/0x860 [ 153.298223][ T6735] __sys_socket+0x14d/0x260 [ 153.298251][ T6735] ? __pfx___sys_socket+0x10/0x10 [ 153.298276][ T6735] ? ksys_write+0x1ac/0x250 [ 153.298317][ T6735] __x64_sys_socket+0x72/0xb0 [ 153.298342][ T6735] ? lockdep_hardirqs_on+0x78/0x100 [ 153.298387][ T6735] do_syscall_64+0x10b/0xf80 [ 153.298412][ T6735] ? clear_bhb_loop+0x40/0x90 [ 153.298446][ T6735] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.298474][ T6735] RIP: 0033:0x7f798d99ce59 [ 153.298502][ T6735] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 153.298528][ T6735] RSP: 002b:00007f798e91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 153.298557][ T6735] RAX: ffffffffffffffda RBX: 00007f798dc15fa0 RCX: 00007f798d99ce59 [ 153.298577][ T6735] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 153.298594][ T6735] RBP: 00007f798da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 153.298609][ T6735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.298624][ T6735] R13: 00007f798dc16038 R14: 00007f798dc15fa0 R15: 00007ffe04e9e3f8 [ 153.298655][ T6735] [ 153.612701][ T6714] Process accounting resumed [ 153.628360][ T5634] Bluetooth: hci0: unexpected event 0x3e length: 508 > 260 [ 153.628400][ T5634] Bluetooth: hci0: unexpected subevent 0x02 length: 507 > 260 [ 153.687406][ T5634] Bluetooth: hci0: Dropping invalid advertising data [ 153.695635][ T5634] Bluetooth: hci0: unknown advertising packet type: 0xe9 [ 153.695670][ T5634] Bluetooth: hci0: Dropping invalid advertising data [ 153.709870][ T5634] Bluetooth: hci0: Malformed LE Event: 0x02 [ 153.810552][ T6742] FAULT_INJECTION: forcing a failure. [ 153.810552][ T6742] name failslab, interval 1, probability 0, space 0, times 0 [ 153.826099][ T6742] CPU: 0 UID: 0 PID: 6742 Comm: syz.0.186 Not tainted syzkaller #0 PREEMPT(full) [ 153.826136][ T6742] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 153.826154][ T6742] Call Trace: [ 153.826163][ T6742] [ 153.826172][ T6742] dump_stack_lvl+0x100/0x190 [ 153.826208][ T6742] should_fail_ex.cold+0x5/0xa [ 153.826244][ T6742] should_failslab+0xc2/0x120 [ 153.826277][ T6742] __kmalloc_cache_noprof+0x7a/0x6f0 [ 153.826317][ T6742] ? sctp_endpoint_new+0xfc/0xb20 [ 153.826349][ T6742] ? __debug_object_init+0x2de/0x3d0 [ 153.826376][ T6742] sctp_endpoint_new+0xfc/0xb20 [ 153.826406][ T6742] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 153.826438][ T6742] ? lockdep_init_map_type+0x5c/0x250 [ 153.826468][ T6742] ? lockdep_init_map_type+0x5c/0x250 [ 153.826490][ T6742] ? lockdep_init_map_type+0x5c/0x250 [ 153.826524][ T6742] sctp_init_sock+0xe2b/0x1300 [ 153.826556][ T6742] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 153.826588][ T6742] sctp_v6_init_sock+0x16/0x70 [ 153.826621][ T6742] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 153.826654][ T6742] inet6_create+0xb21/0x12b0 [ 153.826695][ T6742] ? inet6_create+0x7f/0x12b0 [ 153.826739][ T6742] __sock_create+0x339/0x860 [ 153.826789][ T6742] __sys_socket+0x14d/0x260 [ 153.826817][ T6742] ? __pfx___sys_socket+0x10/0x10 [ 153.826842][ T6742] ? ksys_write+0x1ac/0x250 [ 153.826884][ T6742] __x64_sys_socket+0x72/0xb0 [ 153.826910][ T6742] ? lockdep_hardirqs_on+0x78/0x100 [ 153.826960][ T6742] do_syscall_64+0x10b/0xf80 [ 153.826984][ T6742] ? clear_bhb_loop+0x40/0x90 [ 153.827027][ T6742] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.827054][ T6742] RIP: 0033:0x7f1d0059ce59 [ 153.827078][ T6742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 153.827104][ T6742] RSP: 002b:00007f1cfe7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 153.827128][ T6742] RAX: ffffffffffffffda RBX: 00007f1d00815fa0 RCX: 00007f1d0059ce59 [ 153.827145][ T6742] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 153.827161][ T6742] RBP: 00007f1d00632d6f R08: 0000000000000000 R09: 0000000000000000 [ 153.827177][ T6742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.827193][ T6742] R13: 00007f1d00816038 R14: 00007f1d00815fa0 R15: 00007ffcd00e36e8 [ 153.827230][ T6742] [ 156.552457][ T6772] bridge0: port 3(dummy0) entered blocking state [ 156.559248][ T6772] bridge0: port 3(dummy0) entered disabled state [ 156.566175][ T6772] dummy0: entered allmulticast mode [ 156.575100][ T6772] dummy0: entered promiscuous mode [ 156.581267][ T6772] bridge0: port 3(dummy0) entered blocking state [ 156.588951][ T6772] bridge0: port 3(dummy0) entered forwarding state [ 157.102082][ T6792] FAULT_INJECTION: forcing a failure. [ 157.102082][ T6792] name failslab, interval 1, probability 0, space 0, times 0 [ 157.145591][ T6792] CPU: 1 UID: 0 PID: 6792 Comm: syz.0.199 Not tainted syzkaller #0 PREEMPT(full) [ 157.145630][ T6792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 157.145647][ T6792] Call Trace: [ 157.145656][ T6792] [ 157.145666][ T6792] dump_stack_lvl+0x100/0x190 [ 157.145703][ T6792] should_fail_ex.cold+0x5/0xa [ 157.145739][ T6792] should_failslab+0xc2/0x120 [ 157.145772][ T6792] __kmalloc_cache_noprof+0x7a/0x6f0 [ 157.145814][ T6792] ? sctp_endpoint_new+0xfc/0xb20 [ 157.145849][ T6792] ? __debug_object_init+0x2de/0x3d0 [ 157.145883][ T6792] sctp_endpoint_new+0xfc/0xb20 [ 157.145923][ T6792] ? __pfx_sctp_endpoint_new+0x10/0x10 [ 157.145959][ T6792] ? lockdep_init_map_type+0x5c/0x250 [ 157.145989][ T6792] ? lockdep_init_map_type+0x5c/0x250 [ 157.146016][ T6792] ? lockdep_init_map_type+0x5c/0x250 [ 157.146051][ T6792] sctp_init_sock+0xe2b/0x1300 [ 157.146086][ T6792] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 157.146121][ T6792] sctp_v6_init_sock+0x16/0x70 [ 157.146153][ T6792] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 157.146185][ T6792] inet6_create+0xb21/0x12b0 [ 157.146222][ T6792] ? inet6_create+0x7f/0x12b0 [ 157.146263][ T6792] __sock_create+0x339/0x860 [ 157.146306][ T6792] __sys_socket+0x14d/0x260 [ 157.146328][ T6792] ? __pfx___sys_socket+0x10/0x10 [ 157.146356][ T6792] ? ksys_write+0x1ac/0x250 [ 157.146391][ T6792] __x64_sys_socket+0x72/0xb0 [ 157.146411][ T6792] ? lockdep_hardirqs_on+0x78/0x100 [ 157.146447][ T6792] do_syscall_64+0x10b/0xf80 [ 157.146466][ T6792] ? clear_bhb_loop+0x40/0x90 [ 157.146496][ T6792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.146527][ T6792] RIP: 0033:0x7f1d0059ce59 [ 157.146547][ T6792] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 157.146571][ T6792] RSP: 002b:00007f1cfe7f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 157.146595][ T6792] RAX: ffffffffffffffda RBX: 00007f1d00815fa0 RCX: 00007f1d0059ce59 [ 157.146612][ T6792] RDX: 0000000000000084 RSI: 0000000000000001 RDI: 000000000000000a [ 157.146625][ T6792] RBP: 00007f1d00632d6f R08: 0000000000000000 R09: 0000000000000000 [ 157.146640][ T6792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 157.146653][ T6792] R13: 00007f1d00816038 R14: 00007f1d00815fa0 R15: 00007ffcd00e36e8 [ 157.146684][ T6792] [ 158.102171][ T6805] FAULT_INJECTION: forcing a failure. [ 158.102171][ T6805] name failslab, interval 1, probability 0, space 0, times 0 [ 158.121190][ T6805] CPU: 1 UID: 0 PID: 6805 Comm: syz.3.202 Not tainted syzkaller #0 PREEMPT(full) [ 158.121230][ T6805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 158.121245][ T6805] Call Trace: [ 158.121254][ T6805] [ 158.121265][ T6805] dump_stack_lvl+0x100/0x190 [ 158.121302][ T6805] should_fail_ex.cold+0x5/0xa [ 158.121339][ T6805] should_failslab+0xc2/0x120 [ 158.121374][ T6805] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 158.121406][ T6805] ? apply_subsystem_event_filter+0x463/0x17b0 [ 158.121458][ T6805] kstrdup+0x51/0xe0 [ 158.121502][ T6805] apply_subsystem_event_filter+0x463/0x17b0 [ 158.121557][ T6805] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 158.121608][ T6805] ? _copy_from_user+0x59/0xd0 [ 158.121645][ T6805] subsystem_filter_write+0x95/0x120 [ 158.121688][ T6805] vfs_write+0x2aa/0x1070 [ 158.121722][ T6805] ? __pfx_subsystem_filter_write+0x10/0x10 [ 158.121766][ T6805] ? __pfx_vfs_write+0x10/0x10 [ 158.121798][ T6805] ? __fget_files+0x215/0x3d0 [ 158.121840][ T6805] ? __fget_files+0x21f/0x3d0 [ 158.121884][ T6805] ksys_write+0x12a/0x250 [ 158.121918][ T6805] ? __pfx_ksys_write+0x10/0x10 [ 158.121954][ T6805] ? rcu_is_watching+0x12/0xc0 [ 158.121993][ T6805] do_syscall_64+0x10b/0xf80 [ 158.122019][ T6805] ? clear_bhb_loop+0x40/0x90 [ 158.122054][ T6805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.122084][ T6805] RIP: 0033:0x7f798d99ce59 [ 158.122108][ T6805] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 158.122134][ T6805] RSP: 002b:00007f798e91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 158.122161][ T6805] RAX: ffffffffffffffda RBX: 00007f798dc15fa0 RCX: 00007f798d99ce59 [ 158.122179][ T6805] RDX: 0000000000000078 RSI: 0000200000000040 RDI: 0000000000000006 [ 158.122197][ T6805] RBP: 00007f798da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 158.122212][ T6805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.122227][ T6805] R13: 00007f798dc16038 R14: 00007f798dc15fa0 R15: 00007ffe04e9e3f8 [ 158.122262][ T6805] [ 159.182799][ T6827] syz.3.209 (6827): attempted to duplicate a private mapping with mremap. This is not supported. [ 159.481364][ T6832] FAULT_INJECTION: forcing a failure. [ 159.481364][ T6832] name failslab, interval 1, probability 0, space 0, times 0 [ 159.509815][ T6832] CPU: 0 UID: 0 PID: 6832 Comm: syz.2.210 Not tainted syzkaller #0 PREEMPT(full) [ 159.509838][ T6832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 159.509847][ T6832] Call Trace: [ 159.509853][ T6832] [ 159.509860][ T6832] dump_stack_lvl+0x100/0x190 [ 159.509882][ T6832] should_fail_ex.cold+0x5/0xa [ 159.509901][ T6832] ? __netlink_kernel_create+0x181/0x750 [ 159.509924][ T6832] should_failslab+0xc2/0x120 [ 159.509942][ T6832] __kmalloc_noprof+0xe0/0x850 [ 159.509961][ T6832] __netlink_kernel_create+0x181/0x750 [ 159.509984][ T6832] ? __pfx___netlink_kernel_create+0x10/0x10 [ 159.510005][ T6832] ? find_held_lock+0x2b/0x80 [ 159.510024][ T6832] ? audit_net_init+0x190/0x440 [ 159.510040][ T6832] ? audit_net_init+0x190/0x440 [ 159.510059][ T6832] audit_net_init+0x1ae/0x440 [ 159.510075][ T6832] ? __pfx_audit_net_init+0x10/0x10 [ 159.510091][ T6832] ? rcu_is_watching+0x12/0xc0 [ 159.510109][ T6832] ? __pfx_audit_receive+0x10/0x10 [ 159.510127][ T6832] ? __pfx_audit_multicast_bind+0x10/0x10 [ 159.510146][ T6832] ? __pfx_audit_multicast_unbind+0x10/0x10 [ 159.510166][ T6832] ? __kmalloc_noprof+0x320/0x850 [ 159.510183][ T6832] ? __pfx_audit_net_init+0x10/0x10 [ 159.510199][ T6832] ops_init+0x1e2/0x5f0 [ 159.510220][ T6832] setup_net+0x118/0x3a0 [ 159.510239][ T6832] ? __pfx_setup_net+0x10/0x10 [ 159.510258][ T6832] ? mutex_init_lockdep+0xf1/0x120 [ 159.510277][ T6832] copy_net_ns+0x46f/0x7c0 [ 159.510299][ T6832] create_new_namespaces+0x3ea/0xac0 [ 159.510330][ T6832] unshare_nsproxy_namespaces+0xf2/0x220 [ 159.510352][ T6832] ksys_unshare+0x438/0xab0 [ 159.510375][ T6832] ? __pfx_ksys_unshare+0x10/0x10 [ 159.510396][ T6832] ? xfd_validate_state+0x129/0x190 [ 159.510412][ T6832] ? exit_to_user_mode_loop+0xe2/0x4f0 [ 159.510433][ T6832] __x64_sys_unshare+0x31/0x40 [ 159.510453][ T6832] do_syscall_64+0x10b/0xf80 [ 159.510467][ T6832] ? clear_bhb_loop+0x40/0x90 [ 159.510485][ T6832] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.510500][ T6832] RIP: 0033:0x7fc210f9ce59 [ 159.510513][ T6832] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 159.510527][ T6832] RSP: 002b:00007fc211db8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 159.510541][ T6832] RAX: ffffffffffffffda RBX: 00007fc211216090 RCX: 00007fc210f9ce59 [ 159.510551][ T6832] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 159.510560][ T6832] RBP: 00007fc211032d6f R08: 0000000000000000 R09: 0000000000000000 [ 159.510569][ T6832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.510580][ T6832] R13: 00007fc211216128 R14: 00007fc211216090 R15: 00007fff0b599458 [ 159.510603][ T6832] [ 159.512208][ T6832] audit: cannot initialize netlink socket in namespace [ 159.974277][ T6834] random: crng reseeded on system resumption [ 160.797572][ T6849] input: jJǸ-9%vJ86 as /devices/virtual/input/input7 [ 161.713190][ T6860] FAULT_INJECTION: forcing a failure. [ 161.713190][ T6860] name failslab, interval 1, probability 0, space 0, times 0 [ 161.771628][ T6860] CPU: 1 UID: 0 PID: 6860 Comm: syz.1.215 Not tainted syzkaller #0 PREEMPT(full) [ 161.771667][ T6860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 161.771684][ T6860] Call Trace: [ 161.771693][ T6860] [ 161.771704][ T6860] dump_stack_lvl+0x100/0x190 [ 161.771742][ T6860] should_fail_ex.cold+0x5/0xa [ 161.771778][ T6860] ? tracing_log_err+0xb9/0x6a0 [ 161.771813][ T6860] should_failslab+0xc2/0x120 [ 161.771846][ T6860] __kmalloc_noprof+0xe0/0x850 [ 161.771883][ T6860] tracing_log_err+0xb9/0x6a0 [ 161.771927][ T6860] append_filter_err+0x399/0x620 [ 161.771969][ T6860] apply_subsystem_event_filter+0x727/0x17b0 [ 161.772021][ T6860] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 161.772066][ T6860] ? _copy_from_user+0x59/0xd0 [ 161.772101][ T6860] subsystem_filter_write+0x95/0x120 [ 161.772142][ T6860] vfs_write+0x2aa/0x1070 [ 161.772174][ T6860] ? __pfx_subsystem_filter_write+0x10/0x10 [ 161.772218][ T6860] ? __pfx_vfs_write+0x10/0x10 [ 161.772248][ T6860] ? __fget_files+0x215/0x3d0 [ 161.772287][ T6860] ? __fget_files+0x21f/0x3d0 [ 161.772330][ T6860] ksys_write+0x12a/0x250 [ 161.772362][ T6860] ? __pfx_ksys_write+0x10/0x10 [ 161.772394][ T6860] ? rcu_is_watching+0x12/0xc0 [ 161.772442][ T6860] do_syscall_64+0x10b/0xf80 [ 161.772468][ T6860] ? clear_bhb_loop+0x40/0x90 [ 161.772504][ T6860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 161.772532][ T6860] RIP: 0033:0x7fb035f9ce59 [ 161.772556][ T6860] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 161.772582][ T6860] RSP: 002b:00007fb036f1a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 161.772610][ T6860] RAX: ffffffffffffffda RBX: 00007fb036215fa0 RCX: 00007fb035f9ce59 [ 161.772628][ T6860] RDX: 0000000000000078 RSI: 0000200000000040 RDI: 0000000000000006 [ 161.772644][ T6860] RBP: 00007fb036032d6f R08: 0000000000000000 R09: 0000000000000000 [ 161.772659][ T6860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 161.772675][ T6860] R13: 00007fb036216038 R14: 00007fb036215fa0 R15: 00007fffc76c6438 [ 161.772713][ T6860] [ 163.598803][ T6894] EXT4-fs error (device sda1): trigger_test_error:130: comm syz.0.223: 7 [ 167.642964][ T5634] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 168.041473][ T6988] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 168.109426][ T6988] random: crng reseeded on system resumption [ 169.725934][ T5643] Bluetooth: hci3: command 0x2016 tx timeout [ 171.482183][ T7042] busy [ 171.805608][ T5643] Bluetooth: hci3: command 0x2016 tx timeout [ 175.435183][ T7110] netlink: 8 bytes leftover after parsing attributes in process `syz.2.264'. [ 175.558235][ T7092] Process accounting resumed [ 178.212994][ T7142] ecryptfs_parse_packet_length: Error parsing packet length [ 178.278767][ T7142] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 179.748159][ T7141] kexec: Could not allocate control_code_buffer [ 179.947126][ T7177] netlink: 350 bytes leftover after parsing attributes in process `syz.0.281'. [ 182.008107][ T7222] netlink: 504 bytes leftover after parsing attributes in process `syz.0.294'. [ 183.441469][ T7239] Process accounting paused [ 183.724910][ T7227] Process accounting paused [ 184.416256][ T7250] Process accounting resumed [ 184.706559][ T7275] FAULT_INJECTION: forcing a failure. [ 184.706559][ T7275] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 184.831645][ T7275] CPU: 0 UID: 0 PID: 7275 Comm: syz.2.307 Not tainted syzkaller #0 PREEMPT(full) [ 184.831687][ T7275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 184.831703][ T7275] Call Trace: [ 184.831711][ T7275] [ 184.831721][ T7275] dump_stack_lvl+0x100/0x190 [ 184.831779][ T7275] should_fail_ex.cold+0x5/0xa [ 184.831816][ T7275] _copy_to_user+0x32/0xd0 [ 184.831850][ T7275] do_pages_stat+0x559/0x7f0 [ 184.831898][ T7275] ? __pfx_do_pages_stat+0x10/0x10 [ 184.831938][ T7275] ? get_task_cred+0x17f/0x360 [ 184.831994][ T7275] ? do_raw_spin_unlock+0x145/0x1e0 [ 184.832031][ T7275] kernel_move_pages+0xecf/0x13f0 [ 184.832073][ T7275] ? do_futex+0x192/0x350 [ 184.832106][ T7275] ? __pfx_do_futex+0x10/0x10 [ 184.832139][ T7275] ? __pfx_kernel_move_pages+0x10/0x10 [ 184.832184][ T7275] ? __x64_sys_futex+0x34f/0x4d0 [ 184.832215][ T7275] ? __x64_sys_futex+0x358/0x4d0 [ 184.832249][ T7275] ? xfd_validate_state+0x129/0x190 [ 184.832288][ T7275] __x64_sys_move_pages+0xe0/0x1c0 [ 184.832326][ T7275] ? do_syscall_64+0x90/0xf80 [ 184.832352][ T7275] ? lockdep_hardirqs_on+0x78/0x100 [ 184.832398][ T7275] do_syscall_64+0x10b/0xf80 [ 184.832423][ T7275] ? clear_bhb_loop+0x40/0x90 [ 184.832459][ T7275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.832489][ T7275] RIP: 0033:0x7fc210f9ce59 [ 184.832526][ T7275] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 184.832554][ T7275] RSP: 002b:00007fc211dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 184.832581][ T7275] RAX: ffffffffffffffda RBX: 00007fc211215fa0 RCX: 00007fc210f9ce59 [ 184.832601][ T7275] RDX: 0000000000000000 RSI: 0000000000020007 RDI: 0000000000000001 [ 184.832618][ T7275] RBP: 00007fc211032d6f R08: 0000000000000000 R09: 8000000000000000 [ 184.832636][ T7275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.832654][ T7275] R13: 00007fc211216038 R14: 00007fc211215fa0 R15: 00007fff0b599458 [ 184.832687][ T7275] [ 185.509326][ T5634] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 186.524960][ T7310] zswap: compressor 000 not available [ 189.742366][ T7355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.326'. [ 189.797393][ T7356] netlink: 8 bytes leftover after parsing attributes in process `syz.0.326'. [ 189.850487][ T7357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.326'. [ 190.973217][ T7381] FAULT_INJECTION: forcing a failure. [ 190.973217][ T7381] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 191.022287][ T7381] CPU: 1 UID: 0 PID: 7381 Comm: syz.2.334 Not tainted syzkaller #0 PREEMPT(full) [ 191.022310][ T7381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 191.022319][ T7381] Call Trace: [ 191.022325][ T7381] [ 191.022337][ T7381] dump_stack_lvl+0x100/0x190 [ 191.022360][ T7381] should_fail_ex.cold+0x5/0xa [ 191.022380][ T7381] _copy_from_user+0x2e/0xd0 [ 191.022397][ T7381] proc_do_submiturb+0x1d8e/0x3820 [ 191.022432][ T7381] usbdev_ioctl+0x2adb/0x3aa0 [ 191.022456][ T7381] ? __pfx_usbdev_ioctl+0x10/0x10 [ 191.022480][ T7381] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 191.022507][ T7381] ? do_vfs_ioctl+0x226/0x13e0 [ 191.022522][ T7381] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 191.022542][ T7381] ? find_held_lock+0x2b/0x80 [ 191.022561][ T7381] ? __fget_files+0x215/0x3d0 [ 191.022578][ T7381] ? hook_file_ioctl_common+0x149/0x410 [ 191.022603][ T7381] ? __pfx_usbdev_ioctl+0x10/0x10 [ 191.022624][ T7381] __x64_sys_ioctl+0x18e/0x210 [ 191.022641][ T7381] do_syscall_64+0x10b/0xf80 [ 191.022655][ T7381] ? clear_bhb_loop+0x40/0x90 [ 191.022673][ T7381] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.022688][ T7381] RIP: 0033:0x7fc210f9ce59 [ 191.022702][ T7381] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 191.022716][ T7381] RSP: 002b:00007fc211dd9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 191.022730][ T7381] RAX: ffffffffffffffda RBX: 00007fc211215fa0 RCX: 00007fc210f9ce59 [ 191.022739][ T7381] RDX: 0000200000000100 RSI: 000000008038550a RDI: 000000000000000a [ 191.022748][ T7381] RBP: 00007fc211032d6f R08: 0000000000000000 R09: 0000000000000000 [ 191.022757][ T7381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.022766][ T7381] R13: 00007fc211216038 R14: 00007fc211215fa0 R15: 00007fff0b599458 [ 191.022786][ T7381] [ 191.377538][ T7393] ================================================================== [ 191.377551][ T7393] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x174a/0x1910 [ 191.377581][ T7393] Write of size 8 at addr ffffc90004921000 by task syz.3.337/7393 [ 191.377594][ T7393] [ 191.377602][ T7393] CPU: 0 UID: 0 PID: 7393 Comm: syz.3.337 Not tainted syzkaller #0 PREEMPT(full) [ 191.377619][ T7393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 191.377628][ T7393] Call Trace: [ 191.377634][ T7393] [ 191.377640][ T7393] dump_stack_lvl+0x100/0x190 [ 191.377656][ T7393] print_report+0x13d/0x4b0 [ 191.377677][ T7393] ? _raw_spin_lock_irqsave+0x52/0x60 [ 191.377701][ T7393] ? sys_fillrect+0x174a/0x1910 [ 191.377721][ T7393] kasan_report+0xdf/0x1d0 [ 191.377739][ T7393] ? sys_fillrect+0x174a/0x1910 [ 191.377762][ T7393] sys_fillrect+0x174a/0x1910 [ 191.377785][ T7393] ? irqentry_exit+0x24d/0x7e0 [ 191.377799][ T7393] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 191.377819][ T7393] bit_clear+0x17d/0x220 [ 191.377837][ T7393] ? __pfx_bit_clear+0x10/0x10 [ 191.377855][ T7393] ? fb_get_color_depth+0x120/0x250 [ 191.377873][ T7393] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 191.377896][ T7393] __fbcon_clear+0x633/0x760 [ 191.377912][ T7393] ? __pfx_bit_clear+0x10/0x10 [ 191.377931][ T7393] fbcon_scroll+0x48b/0x650 [ 191.377948][ T7393] con_scroll+0x464/0x690 [ 191.377971][ T7393] csi_ECMA.constprop.0+0x1238/0x3b60 [ 191.377985][ T7393] ? find_held_lock+0x2b/0x80 [ 191.378004][ T7393] ? __pfx_csi_ECMA.constprop.0+0x10/0x10 [ 191.378020][ T7393] do_con_write+0x3946/0x4a10 [ 191.378034][ T7393] ? trace_contention_end+0x122/0x170 [ 191.378053][ T7393] ? __pfx_do_con_write+0x10/0x10 [ 191.378071][ T7393] con_write+0x23/0xb0 [ 191.378083][ T7393] n_tty_write+0x431/0x11c0 [ 191.378103][ T7393] ? __pfx_n_tty_write+0x10/0x10 [ 191.378119][ T7393] ? trace_kmalloc+0xe3/0x110 [ 191.378136][ T7393] ? __pfx_woken_wake_function+0x10/0x10 [ 191.378157][ T7393] ? rcu_is_watching+0x12/0xc0 [ 191.378174][ T7393] ? file_tty_write.isra.0+0x694/0x890 [ 191.378196][ T7393] ? kfree+0x1dd/0x6c0 [ 191.378215][ T7393] ? __pfx_n_tty_write+0x10/0x10 [ 191.378231][ T7393] file_tty_write.isra.0+0x4d2/0x890 [ 191.378255][ T7393] redirected_tty_write+0xd4/0x120 [ 191.378277][ T7393] vfs_write+0x6ac/0x1070 [ 191.378293][ T7393] ? __pfx_redirected_tty_write+0x10/0x10 [ 191.378316][ T7393] ? __pfx_vfs_write+0x10/0x10 [ 191.378332][ T7393] ? find_held_lock+0x2b/0x80 [ 191.378354][ T7393] ksys_write+0x12a/0x250 [ 191.378371][ T7393] ? __pfx_ksys_write+0x10/0x10 [ 191.378388][ T7393] ? rcu_is_watching+0x12/0xc0 [ 191.378415][ T7393] do_syscall_64+0x10b/0xf80 [ 191.378429][ T7393] ? clear_bhb_loop+0x40/0x90 [ 191.378446][ T7393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.378461][ T7393] RIP: 0033:0x7f798d99ce59 [ 191.378474][ T7393] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 191.378489][ T7393] RSP: 002b:00007f798e91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 191.378504][ T7393] RAX: ffffffffffffffda RBX: 00007f798dc15fa0 RCX: 00007f798d99ce59 [ 191.378514][ T7393] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 191.378523][ T7393] RBP: 00007f798da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 191.378533][ T7393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.378542][ T7393] R13: 00007f798dc16038 R14: 00007f798dc15fa0 R15: 00007ffe04e9e3f8 [ 191.378556][ T7393] [ 191.378561][ T7393] [ 191.378565][ T7393] The buggy address belongs to a vmalloc virtual mapping [ 191.378591][ T7393] Memory state around the buggy address: [ 191.378599][ T7393] ffffc90004920f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 191.378613][ T7393] ffffc90004920f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 191.378623][ T7393] >ffffc90004921000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 191.378631][ T7393] ^ [ 191.378639][ T7393] ffffc90004921080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 191.378649][ T7393] ffffc90004921100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 191.378657][ T7393] ================================================================== [ 191.378667][ T7393] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 191.378677][ T7393] CPU: 0 UID: 0 PID: 7393 Comm: syz.3.337 Not tainted syzkaller #0 PREEMPT(full) [ 191.378701][ T7393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 191.378715][ T7393] Call Trace: [ 191.378723][ T7393] [ 191.378732][ T7393] dump_stack_lvl+0x100/0x190 [ 191.378761][ T7393] vpanic+0x552/0x970 [ 191.378782][ T7393] ? __pfx_vpanic+0x10/0x10 [ 191.378807][ T7393] ? __pfx_vprintk_emit+0x10/0x10 [ 191.378840][ T7393] ? sys_fillrect+0x174a/0x1910 [ 191.378862][ T7393] panic+0xd1/0xe0 [ 191.378874][ T7393] ? __pfx_panic+0x10/0x10 [ 191.378890][ T7393] ? sys_fillrect+0x174a/0x1910 [ 191.378916][ T7393] check_panic_on_warn.cold+0x19/0x34 [ 191.378932][ T7393] end_report.part.0+0x3a/0x90 [ 191.378952][ T7393] kasan_report.cold+0xe/0x18 [ 191.378972][ T7393] ? sys_fillrect+0x174a/0x1910 [ 191.378996][ T7393] sys_fillrect+0x174a/0x1910 [ 191.379020][ T7393] ? irqentry_exit+0x24d/0x7e0 [ 191.379035][ T7393] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 191.379055][ T7393] bit_clear+0x17d/0x220 [ 191.379078][ T7393] ? __pfx_bit_clear+0x10/0x10 [ 191.379097][ T7393] ? fb_get_color_depth+0x120/0x250 [ 191.379115][ T7393] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 191.379138][ T7393] __fbcon_clear+0x633/0x760 [ 191.379155][ T7393] ? __pfx_bit_clear+0x10/0x10 [ 191.379174][ T7393] fbcon_scroll+0x48b/0x650 [ 191.379191][ T7393] con_scroll+0x464/0x690 [ 191.379213][ T7393] csi_ECMA.constprop.0+0x1238/0x3b60 [ 191.379228][ T7393] ? find_held_lock+0x2b/0x80 [ 191.379247][ T7393] ? __pfx_csi_ECMA.constprop.0+0x10/0x10 [ 191.379263][ T7393] do_con_write+0x3946/0x4a10 [ 191.379277][ T7393] ? trace_contention_end+0x122/0x170 [ 191.379297][ T7393] ? __pfx_do_con_write+0x10/0x10 [ 191.379314][ T7393] con_write+0x23/0xb0 [ 191.379328][ T7393] n_tty_write+0x431/0x11c0 [ 191.379348][ T7393] ? __pfx_n_tty_write+0x10/0x10 [ 191.379364][ T7393] ? trace_kmalloc+0xe3/0x110 [ 191.379382][ T7393] ? __pfx_woken_wake_function+0x10/0x10 [ 191.379405][ T7393] ? rcu_is_watching+0x12/0xc0 [ 191.379423][ T7393] ? file_tty_write.isra.0+0x694/0x890 [ 191.379446][ T7393] ? kfree+0x1dd/0x6c0 [ 191.379466][ T7393] ? __pfx_n_tty_write+0x10/0x10 [ 191.379484][ T7393] file_tty_write.isra.0+0x4d2/0x890 [ 191.379508][ T7393] redirected_tty_write+0xd4/0x120 [ 191.379531][ T7393] vfs_write+0x6ac/0x1070 [ 191.379547][ T7393] ? __pfx_redirected_tty_write+0x10/0x10 [ 191.379570][ T7393] ? __pfx_vfs_write+0x10/0x10 [ 191.379586][ T7393] ? find_held_lock+0x2b/0x80 [ 191.379609][ T7393] ksys_write+0x12a/0x250 [ 191.379625][ T7393] ? __pfx_ksys_write+0x10/0x10 [ 191.379642][ T7393] ? rcu_is_watching+0x12/0xc0 [ 191.379660][ T7393] do_syscall_64+0x10b/0xf80 [ 191.379673][ T7393] ? clear_bhb_loop+0x40/0x90 [ 191.379689][ T7393] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.379704][ T7393] RIP: 0033:0x7f798d99ce59 [ 191.379716][ T7393] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 191.379730][ T7393] RSP: 002b:00007f798e91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 191.379744][ T7393] RAX: ffffffffffffffda RBX: 00007f798dc15fa0 RCX: 00007f798d99ce59 [ 191.379754][ T7393] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 191.379763][ T7393] RBP: 00007f798da32d6f R08: 0000000000000000 R09: 0000000000000000 [ 191.379773][ T7393] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.379782][ T7393] R13: 00007f798dc16038 R14: 00007f798dc15fa0 R15: 00007ffe04e9e3f8 [ 191.379797][ T7393] [ 191.380340][ T7393] Kernel Offset: disabled