last executing test programs: 1m12.828994966s ago: executing program 2 (id=2425): unshare$auto(0x40000080) socket(0xa, 0x5, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) socket(0x2, 0x3, 0xa) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x3, 0xa) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x200, 0x0) r1 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0xad00, 0x0) readv$auto(r1, &(0x7f0000000680)={0x0, 0xf000}, 0x3) 1m12.135342862s ago: executing program 2 (id=2419): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci1/force_suspend\x00', 0x121401, 0x0) write$auto_force_suspend_fops_hci_vhci(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), r2) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, 0x0, 0x40800) r3 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r3, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r3, 0xc0109207, 0x0) pread64$auto(r3, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 1m10.597010822s ago: executing program 2 (id=2420): openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x189400, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) bind$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x1, 0x2) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/statistics/dot11RTSFailureCount\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0x80) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x404d02, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/saved_cmdlines_size\x00', 0x208200, 0x0) r1 = socket(0x2, 0x1, 0x0) syz_genetlink_get_family_id$auto_l2tp(0x0, r1) landlock_add_rule$auto_LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000001200)="ff02b72201e4f10e3584943b300a67b2b32e9cadf97356065d79c0e6d98b081c46c281533dcc60b404e73b0b753e08f721b9518b9267b474e681163434dbb0b0882b79e6e6c6337ae81cfaf63654aaf46348b26756f1f16f0fd2e2d1664762f4b47a63eee60f527f7ed0f9b93ce5f69f3d0e028f6a9e5b55a37db7afd9fc4b3d9c261fe54b516f26d4a4dbd4a1e2b8a43a92288bafedf3673ee2367a4306793e5ccb83b668552525cf3023dc5340ae64ff56781af38af33f1fd41a4e2f88527e5d0373ccfa4935f4562a25ec6a087e85681ef856b6203da501086bdf35d034a0149a73715419228505dd0b2b162faebbc78a7332940dd307d687ea303587bc1d0e0f984e8aff29cea42609ea99ffd9cdbd682dc84939023155dd2c99cd534216ab2c03e5d3b09a24c71dd9e64a3e7368323161db41789215c0dcb2ef6b9f5f39c590378e4424c00aa09f02b415f24730579ce636bb2abce996d5f2a3a49ff7e2ea82de7e6f7d4b2e1d6fc13b9c0137df6d2c7c6c792c191f37d56e6c0a65985dfa95aa44b3aecc7d4cf27aaf1112003761de64c6e347e9e4e733f7625412c770aa3fb313011761075de60a0dfac10f0fd2c982625655ea451db6e914cd49c1c2b1a0fc68b8d78fb8b09f971768f3463a96c268f7c0f66e922ce29fe01fae3cdbbf408569af392fff6288c04b6ac497580fe30bf67314d39852089505a97e37da094dfefe9516017b6830d2ca9cd40dcee44aaf46a18d48f6618bf860c94aa2bdc2cafe0b566d6d51e595ec4714060bef712b0c55aafcda3a91e2362c70852105bc9c4f96a95a2cffe483f2861d8eaa8d7fef2956fa90cae7cbb5c758ee75ab46320ebfe81bac38f16e2a1123ae0c52aa10862fd7f1c683a9a7dd559ac7a41d7ea2ee80b939dae01d0772e1e4aa125dba174b203dac6822b3ff6327ae8bc1c38862dac44b8c16c1d201e2292eb6ff072ab95ca70a04f28770d940b870545db5c48a35b76872a8d56915166f26f9c4e9fed1b32f6607132d3236684e7014b331e261b5a8b3482f1c423708b640c2d753776ee7cb3557a2a16de199020452e403f423929a734c993aa2c976e4e84657e337308168f1898855204f827e0253ef526ad25717aa8fd7829e208777626848d00bdbbb20b42b93136e595174211849a62089e59d606fcc81e0179d0e4d5c1f41e9902fcee3a37d610286cfb4270dd9abb89d183db356245f6e0dd49f6058c84368af60d709221edd8ecf9ac4de76f022fdd7146c03878cea4bc680c3a0d83a0d4faf03cac132ccf0a1faba624d84094c224b4ed965626c72c35202173da1d2f21a2549118075490058a8f486cdceaee1f1ac97da16885021a5e09a7b54718c3d22f106a231958bc80c3f8482798b9222e3937bf8e314d4917925b0185f8314eb92c0c57c8bfb321404752e6a0b538948fdb622fbcd4db9a9fe53eba6fdc562f3d5bda6f5f0c937de5758b38ab232071a94d72cea20c9184106c0e69ae6f59929e92d3b4fd7a0fd69ae81c0679711a424904b6124d0ed5a9375f71a9ddfe6afa1b60495dc11754265d4e8aca2b7cb93f94a368e2e64faa4f9c933599a50fc1ba890034c5fdf409e1ac0fa053569abfb850533ad6b2d778f70c323bbe2d9e582df9429e36a160062c67c2efcad3425fa40c9ecff99731c5ecbd524ed407fdb2e97cc1274a5d4f62c533d781a5b05b24c192428e5312d2cae3b6e82b91835d92059f278dc6eccdd0cf9c982353443f98e0bdf1171c0dc0c75a9cf7f20692d8ce94d392fb4b9a44b378791dc4d5fa421469d4d6d851009a2bd0416e79f5c210b5ab4015a5e2c00c0d52a833e0b5cfb5b7a267e0b750f67999ea0f46dc7da84761b06ec480793f234f64b786f0f57ae9a277b8a9fd5ef9806bd40a0b738002a6e641c927817967c728fc8750ef91eefc4e9a4c5489e0928aaafe42e4acd95e90eaeca29cc9e80b7ed50c5494cb15bed3f4f867ae81bf7eeb6c23d3b4872689db27c0761c1546297c18afec91598dcfa228ba36979c744d9e28142de193c4a0a5366e3d0f9bbe33df17d6152a4d8154d5987e734e45027fbf8559b6012187ab4cdf5b5c88500ee544b0a3c0a0947988f25fc1e3007e4e0f659c757bf4a46d60c7d06debbe3db33f3a8fc16a38ae26ded37d80b988709191b10bdfbda93f38a00761360c3977e068552a215ad0a6e6c2bcfed4c60983575b450e27a0a1dba60cd88989d1885aea7a4f262abdf79f041661798ff996840eaa8c6c5707028886edbc386b93c501c61eaca1bc2b6cf224353b3b762d2b573e5e4351c8d1b61b5f7e351b7be616c3d8fd25f89063de2d57fc7f12943a256b7be49d02e568530e79851866938b3b638f297ec2071befbb0097942d60c52c2e62450f15400f6e4b278c2aac442a7fe55d8b91b48562b8bbcf3169e4cb1195f271fdde1ea4794ab3f2911680218eb81442f689913169566478226af53fbe976f02d66e4bbce5fc5eb207d110590481471fae058204385bcf87afb07bed0cbba7d4f4f5174d13b91ca62491bcfa41e0c2ddd0f4763fb74f4eef93d4d903889a8c9ab32338e10986723a3464b28dfc43d070252c04aabfc3f51fd595c9378ae8a458ab31a9b322b00e21dcd4f64d12e4d21e435e04d564dbe872c902260d326c2602503a8cf31a9552c434fae67b9bd31e273a5b95f9fcc27bdb0525e7835cad77ba42971007e7405bc5af5e3f7158baaeaa9f33f1ba7c6948795337802f4d888a5d0f9542dc129f6fcda78de5e69856a596297dfbac90fef02a23cab4e898a46077e83680076a1f821a502c469767db8dfde0c2da6339446072c6961ee7c01067833e62bd74e5e08cee534a2b7b4bc3dd887eef0e385e3f8a2e64309b46e0a0f584add629afe5dc20702ce62ea8fc9869dba40cdb3c67614a618bbd00303896f3328d664e3c40d8d6fa2c7320359bd8a971df73d6f9819dfffb2c9436959e7a81dfd5b1a180af543165e7b603b4e5b8abd3833af313fbc0d6dcf55a65bfc5938673cf4f3db27e9414988a3a383246ba5c9e678a6be7c3b18c257133cfac852f2a696c4873369bd87888a38ebfc91bb787e20978b1ce0f7654622718de3917dcc94926fb8b08ccf4e036358b9323f44f4ea909a1416e3904b3a508e3041311ff84f3d97b46dd52ac4e7e6f3f36ab0f5c8d6dade0d6f3e587778e8962b080bcd357728af3b842c637bdf58b3d299a23339f9101f079d954a0e1248270bae0977a261287943f0d96a95706591074b5c6d60e8126625b8c58a19b51da01a1403eef0a57a9b2b144772b53eb881bde9ee85cd9e9cc2ea7b792a551095521a2eedcfadb7fe01b30bcf5e05007dc3ced4b26d58a3fd567b5e9ec7edbd11653a300608d9d90d8aa7806dd1876fb6eb244a79088615768458ef501bd83a86d634dc0dcd3451fb1906b756e35fbc09a33c1cbf0559f4f9570f3330a90f85e1e6cc63aa1b0002313b33be48e0da821471d65f11df9fb0ca72bd0ffd4a577b9485b98d5902a419ee386946c039bd8f89fef6e9fe62016cf5f7f65439fde77539456c293487716d004bde8be44315d16dcc8e4194b5b8de6a68cae24bc1eb1013d1b6c7712bd809f3644dc8c68c46e98a2786753374d004f907330dffc96d38ac10e091d6a275de6b7b679c5abeabbfb8e20a9192bccdcfb1a8425fa98e79e2a719703aeaf5fe0085c79938d981f93a453709cfea2aa835a6eee439efc700ec4386783ddec1c6a3805ff07abb60cef08b7450c9f98ca5931ada3d6ef781779f2a87ef28d4e83cafecdb671cfddd8a7a01b9da8d999765514839899fd135e311854c0c96036823574f1370192873bf6d0142211abf35d93936e16c727a554daad7baccd2b94a46dba5bd4ee4f93e93e01e3708ddf8ffcb8a9294f6e682d8fc14a3c6f8be3bf00998317d2a6011c18572ae2541fde4ac0591058b68bf83498a3743fbaf1fbf604a4a4e221856b299c44e69cc04f60b661568a3087b315912c79677ba68b8942cc40e9cad750938c4b0532b9f7b91869e7950bc78eaa6f4d1369456e3ea155fc733f67eed2d6ec3246dd2967ab3126d24ee0e208c642f83e893416250e513478d8cd0aeeadfbea38437657d4ad2d4ab3ea9d80aa618b605d416ec91a68853b7ea31202f46ef85e0acc03021e871ddada287d871d656e04752ed1fcc1ce7c75c474f6353fb4459fdd63560d45320be045b0b21adcb710ee11631d1d33b722822980fe6c4dd62d94302c40495fb0546db3f5fbd5ffdad9e00d1781ab7521315aa2d50c7a4994b4dc9e19405b7dfe2b8c494e502f040b05b09204667597a89ec18e5af37cd384ab09f5dcc9ea9195bc1fe5e1115bd0b3216a0091558d3235a5ef8af7f03a10d4e3b6a16a251946da3661a9699b9059301ae072039ea9998c9b018f80c799c9b03cfe90aa3a460e4257ecb17a59d5f48d0782fae3580a44c41253e462de2736e542bbcc9d11e69e8c61987179285d8e2f7df8710bce3765edba877201c155371427274b094cece9b381b0f85b9e3c871a598135a8f674a91225cd3aca30d9f0b0f3062408c3257d6ecd2f1057cf55138343320fec279e74d91fe80cafe8c809e462c6fb006bc4523046cb4c82c29c1024c595bbba2ef8c8423d92e17ef4c98c61aaa7c8b4c7ad391e0adac0f7f98002e381c82acf21a51c475e520e8ec3415605ad9cec88e47a97b944821f21fe51839aac506ed07a35975ec140b453ab6d20cf02b5434ea3490dc00535dc43a129798f3d014672b45178d2cdf57242ecb3730f312708c92e80fda95ae5d1e8a1105055b87187441e6a01004e5df1662f4bf789f8212f4fd9f4da9424d8b53afd1eaee9fae3e845f49d9d1a05b464b262e324eec30a33764e883f2ef6247f170d98d3e173744aa45eab2b9b097e2437c38d0f6e068bd812d25e2fda49080c2bbc399043b9219f682ef833ce9335f7ed62be031f7d7b8586440c4b9223c3d2aa3083299544b01859c9763ce77bc56e5e85b6fb0882c051bebc3d7fd62d17cb6ef6023efa761fc69ab1997bb593df4fb72d294458736f3b80dc76e728379412b099a00876f3cefff9a62821ba3b7e130d8e4c37a13eec7caf29d9f5ebcc7546b0299b480aaf1fdcd4fa187a4f1ab80ae8bdfabe3e5bdb1a96ce225fa45f0743c261e0ce88bfd33b7f4eb6299c7ae940c5657494fb6fae4e412ea00fbd10243f02b20fff28e408c274dd1c2a8083bfd0b5750de382a0ac4e0d6f4b67c38bbf1df052cc234fcf350dd21fd814da2075b546a0d75910d0141e74fa6ced8387caf88e0db81a06f1017f302d2712422e2d6ada42f32ee30f85ceb14ebd74a56714bf103af0dd8107ee8753cda9ea062995d5a3ff77a740cc9fc95546b329bea87420fc9b1cd15499c8794833554fa59367e1fc38f6c331f09a2899c02ef838e4b4271f1c40bc979a835b532f414ff71044440b88a3846b4deecf6bce085878757800d5a99e70fd36faa69b97f22c338eadf43b89a60cf2a277c4a48223267529ebbff468c0de4ff6869a3c3bea79be066d960713c7e67c15ac6c1fe9d66f7e1e9a0b4f26e91f414bce8ec886b60ed10dc477ea7fe2cf01ee374765cdeadc3fb65ff371defe8d2083f71ef26ee82e25c8fe01faa3c5cb5476d80e2c531d817fcff26e5656f12d018267582ceefb6d2bd1792117ca0532023810415924f7cb471ae36857f8e1ed19c6e7cbc34edbd78a59cbc712036fdfa08b3b54c5ebfcd8d02aa8ace34cd3692ab507441800724e332cccabe", 0xfffff1bf) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) r2 = socket(0x2, 0x801, 0x84) bind$auto(0x3, 0x0, 0x6a) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x20, 0xffffffffffffffff, 0xffffffff}, 0x10) getsockopt$auto(r2, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x1000c0) 1m10.047971051s ago: executing program 2 (id=2421): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x6000, 0x810004, 0xfbb, 0xe17, r0, 0x8000) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/msr/perf_event_mux_interval_ms\x00', 0x982, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) mmap$auto(0x0, 0x400006, 0xdf, 0x809b72, 0x2, 0x8000) madvise$auto(0x1bfd, 0x101, 0xfffffff8) pipe2$auto(0x0, 0x80) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/nbd14/capability\x00', 0x180, 0x0) sendfile$auto(0x2, 0x3, 0x0, 0xc3e0) dup2$auto(0x5, 0x4) sendfile$auto(r2, r2, 0x0, 0x3) ptrace$auto(0x10, r1, 0x4, 0x7ff) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r3) sendmsg$auto_NL80211_CMD_NEW_KEY(r3, &(0x7f0000000100)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r4, 0x300, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4040000}, 0x800) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="1b1b3bb42b5db9d32352bad100b62a31960026bd7000fddbdf250323aa786929bcea8c000000"], 0x24}, 0x1, 0x0, 0x0, 0x50}, 0xc800) r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$auto(0x10, r7, 0x1, 0x7ff) 1m8.555807936s ago: executing program 3 (id=2424): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x2, 0x0, 0x1, 0x0) socket(0xa, 0x2, 0x3a) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) ptrace$auto(0x10, r2, 0x4, 0x8000040006) ptrace$auto(0x8, r2, 0x4, 0x8000000000000000) setsockopt$auto(r0, 0x401, 0x9, 0x0, 0x110) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r3, 0x80045010, &(0x7f0000004440)) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x101080, 0x0) lseek$auto(0x3, 0x742, 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' ', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) ioctl$auto(r4, 0x8946, 0x24) mmap$auto(0x10, 0xffffffffffffff81, 0x7fa4826e, 0x19, 0x2, 0x100000001) madvise$auto(0x4, 0x9, 0xffff) memfd_secret$auto(0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x20009, 0x20df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) 1m7.929826476s ago: executing program 2 (id=2426): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x106) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55) setsockopt$auto(r0, 0x1, 0x9, 0x0, 0xeb66) ioperm$auto(0x3, 0xe, 0x2000000000000149) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) shutdown$auto(0x200000003, 0x2) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x82, 0x0) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', 0x0, 0x10000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d80200", @ANYRES8, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f30"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x2400c090) ioctl$auto_VHOST_SET_OWNER(r1, 0xaf01, 0x5) socket(0xa, 0x801, 0x106) pipe2$auto(&(0x7f0000000040)=0x8, 0x4800) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) ioctl$auto_VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f00000000c0)=0x2f) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) mmap$auto(0x10000, 0x400005, 0x40000000000005, 0x9b72, 0xc76, 0x0) ioctl$auto_VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000000)={0x8}) acct$auto(&(0x7f0000000000)='/dev/cec31\x00') close_range$auto(0x2, 0x8, 0x0) setrlimit$auto(0x1000000007, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) 1m7.434700716s ago: executing program 2 (id=2427): sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x28, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@BATADV_ATTR_MCAST_FLAGS_PRIV={0x8, 0x27, 0x4}, @BATADV_ATTR_NEIGH_ADDRESS={0xa, 0x18, @remote}]}, 0x28}, 0x1, 0x0, 0x0, 0x4c894}, 0x24008000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) shmctl$auto_IPC_RMID(0x5, 0x0, &(0x7f00000005c0)={{0x0, 0x0, 0xee00, 0x4, 0x5, 0x56, 0x10}, 0x3d5, 0xb, 0x8000000000000001, 0x8, @inferred=0xffffffffffffffff, @raw=0x94, 0xf4bf, 0x0, &(0x7f0000000300)="a12b088d4581b9a1647317550deb79e83877a137d5bbdc64a6dcfb8755f5a544438615a750d9bb085d9382976b5d1085dffae3d8bbd59799f1d37279e6c6b047dca68c0332a68cd3090b9f09c68c5231097a929022bb65615ba575462f5ea05030c4e24ae091f21cde762960ca12af8b7f764f893587b3b1f4e8ab1a2dcd981fa4ceacad778196f7eb2cba7ad6be9b1ceade261f771a0a4cea405d6dd6a05ecaf0cfd1f0ecf54d4187a696fbbfba1602cb39b64e101cf48b72e50e7fcbc5fe7bcc986fa579d12cd2ae4b5e658d743794e911d82c6acd01d15a31aa424f07f1b64e65e0fa1c05c86eb56dac0f4271a9080d78", &(0x7f00000004c0)="dfadd126f7cd952d73e7fa3f47fd1adc1f776bb0bd893212e7c02e2a91e264a18322e2fbe2e5e541501fe89ff5a051bf0906429ea319c55fbb20428c48dc2e98d4b3a1550bd1f1d444f3014d97300c502fd3c12332750d92b8456e8bc1ef66d936f2b667273d28a54b3d3fe77a0b42101561fd41dc5de6bf3ae911e6b5b8a3d4e5bbf7f82536928b4adfc4f58ca39f0edfcdbe544a39a752c93d7823d205660910587b4f54f075fe72aefa22f0618278c969a31bef5897b6d0fe36d54739191a89f3894a2b6debd2de"}) sendmsg$auto_NFC_CMD_GET_TARGET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000180)={0x28, 0x0, 0x20, 0x70bd29, 0x25dfdbfb, {}, [@NFC_ATTR_LLC_PARAM_MIUX={0x6, 0x11, 0x8741}, @NFC_ATTR_LLC_SDP={0xc, 0x13, 0x0, 0x1, [@typed={0x8, 0x10f, 0x0, 0x0, @uid=r0}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x0) ppoll$auto(0x0, 0x4007f, 0x0, &(0x7f00000001c0)={0x6}, 0x8) mount$auto(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, &(0x7f00000001c0)) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1m6.807963264s ago: executing program 3 (id=2429): mmap$auto(0x0, 0x2020005, 0xffffffffffffffff, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, 0x0, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f00000000c0), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x20b}, 0x800009}, 0x5, 0x20000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/core/rps_default_mask\x00', 0x82, 0x0) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) memfd_create$auto(&(0x7f0000000040)='A^^\x02\x00\xef\x97\x8aY\x00\x00\xd2\x8c\xb05\x03\\\xb2\xbf247{\xde\t8\f\x00\x00\v\x00\x82\xcc\"K\xe1IIT\x00'/54, 0x5) fallocate$auto(0x3, 0x0, 0xe, 0x8ec5) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) socket(0xa, 0x1, 0x84) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) mmap$auto(0x800, 0x2000c, 0xdf, 0x20eb1, 0xffffffffffffffff, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0) mmap$auto(0x0, 0x2000f, 0xdf, 0xeb1, r1, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/038/001\x00', 0x882, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0x14, 0x944, 0x1ffe0, 0x8, 0x6, 0x4000007, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0x3, 0x6, 0x3, 0x40, 0x7, 0x1d, 0x309, 0x6, 0x4, 0x7fffffff, 0x3, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffff7ffff, 0x0, 0x2839bf5c, 0x4000000000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x800000000002, 0x9, 0x100000000000, 0x0, 0x0, 0x20000000000, 0xe, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x10, 0xfffffffffffffffe, 0x0, 0x19d, 0x0, 0x0, 0x8]}, 0x1fb, 0x81) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40881}, 0x24044855) r2 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0) 1m5.942121207s ago: executing program 3 (id=2432): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) r0 = bpf$auto_BPF_ITER_CREATE(0x21, 0x0, 0xfffffffd) rt_sigprocmask$auto(0x0, &(0x7f0000000000)={0xfffffffffffffe01}, 0x0, 0x8) (async) open(0x0, 0x0, 0x408) (async) mmap$auto(0x0, 0x400008, 0xdafb, 0x9b72, 0x2, 0x8000) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/loop7\x00', 0x14f340, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) (async) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, &(0x7f0000002780)={0x0, 0x0, &(0x7f0000002740)={&(0x7f0000000000)=ANY=[@ANYBLOB="a3000000", @ANYRES16=0x0, @ANYBLOB="47582bbd7000fcdbdf25040000002f0011005d2c134bbc"], 0x44}}, 0x4044000) (async) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="21020cbd70c031cd0ce401"], 0x14}, 0x1, 0x0, 0x0, 0x400c050}, 0x4000080) sendmmsg$auto(0x3, 0x0, 0x3, 0x894) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000014"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) r1 = socket(0x10, 0x2, 0x4) write$auto(r1, &(0x7f0000000000)='-\x00', 0x2fb) (async) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/netdevsim/netdevsim3/hwstats/l3/disable_ifindex\x00', 0x1242, 0x0) (async) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/neigh/batadv0/mcast_solicit\x00', 0x2000, 0x0) read$auto(r3, 0x0, 0x1ff) (async) write$auto(r2, 0x0, 0x9) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/fs/cifs/DebugData\x00', 0x2000, 0x0) (async) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/usb/usbmon/35u\x00', 0x20100, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x202002, 0x0) r4 = socket(0x10, 0x2, 0x4) socket(0x10, 0x2, 0xc) (async) write$auto(r4, 0x0, 0xfdef) sendmsg$auto_HSR_C_GET_NODE_STATUS(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000800fedbdf250300000008000200000000", @ANYRES32=0x0, @ANYBLOB="060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a000500aaaaaaaaaabb00000a00010000000000000000000a000100bbbbbbbbbbbb0000060006000f00000008000400010000880a000100aa"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x6004000) 1m4.907947919s ago: executing program 3 (id=2436): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x80000000009b7e, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000000)=@can={0x1d, r2}, 0x6a) mknod$auto(&(0x7f0000000040)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00'/263, 0x1, 0x4) close_range$auto(0x0, 0x5, 0x0) rename$auto(&(0x7f0000000180)='\xfd\x90\x8f2\x14\x92\x00\xbf\xdf\xcf\x9a\xae}\xd9\xf95\xc5gV\x82\f\xe5h\xfe\x83\xe4\xbe\x8c\x1f\xa5\xf1_T\xde\xf7\xd4\x83D\x9eXS\xd6\x90T\xc1v\xad#\xc4q\x8b\xed2\xadW:0\xef\x9c.=\xba\x0fy\x8f\xcd\xd6\xde\xa9i\xec\xe8\xca\x9f\xf3\x82b\xa2y\xa87J\xfc \xc5\xd8\x80\xba\xaaV\x8f{\x1f\x1b\xb0\n\x97\\\xa7\xe3\xdf\xc29-*;#r\xc8\xd1\x14RcF\x87\xe4\x1c\x1fGL\xa5\x19\x90\xd6\x8d*\xe6\b(\x1a\xea\x95\xdc\xa6)5\xae&yAl\x1e\xe3j Lp\x91\r\xed%\xafZ\xf8w\xf2}\xcdGS\xce\xb9\xdck\x86\x00.6\xe6{\xc1\x00\x1bW5\x81\xda!\xcb.O\xa9\xf3\xa7\x88+\xb9\xf3\x9a7\xa4\xe6)<\xa79\xa4\x87\\\xb4\xbf\v\x03\x87\xac\x87r\x02\x05\xdb\xe4\xde,V\xb6G\xba.WR\xe2<~\xdd\xb2\xe53hj_;\xa5qm\x92\xc7P\xc9.\x82w8\x1f\xfcX\xe4\x14\xc72cC\xd3\x00', &(0x7f0000000300)='v#\xd5\xaf>=\x14\xe6%\xf7\x8a\x8d\x9a\xae\x1a\xd6\xa8\xb8\x1d\xf5(\xb0\x1f\xbd\xcbV\n\"\xe3V\xfeP\xceN\xb2\xc32\xaf\xcc\x80\xfa\xf0\xd4\xd9|\xfe\x03y\xd16\x17\x99R\xca\xe5\xf4\xb4T\xfcv\xfc\xe6\x9cv\a\x00\xc2a\x16\xd1\x8a\x80\x90\x87\xa5s\x10\xed\x93\xd4\x15=\xc0\x1f\x0e\xb0\x18v}\x03!\xf0I\xe3}\x90\x9b\x92[\xfe2<7\xd3\x81\x9a~\xcd\r\x19\x9e\x10(5\xfd\x8b\x82\xd4\xc85\xc3\x93t\t\xd0\x9d\xca^n\xf3\xcb>\x1bO\xcej\xe0\xef\xf2\xd7\xc2}\x18\xd9`AO\x95<\x9aH\vu\xae\xd4\xea\x12\xb8\xd1\n\x01\x83r\x85\xbf*\x18\xa7 S:R\x14\x89Z3\x94\x8bP)') sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4054}, 0x80c4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00'}) r3 = openat$auto_tracing_iter_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/trace_options\x00', 0x8000, 0x0) pread64$auto(r3, &(0x7f0000000ec0)='/sys/kernel/debug/dri/vkms/Virtual-1/edid_override\x00', 0x2, 0x40) mprotect$auto(0x2, 0x1, 0x2) r4 = socket$nl_generic(0x10, 0x3, 0x10) getsockopt$auto(r4, 0x1, 0x11, &(0x7f0000000180)='\'\x8f\x93S\xb2\xa1\x01J\x0e\x81P\a\x97RM\xd0\x10\xe5\xea\x84\'\xee@\x9b1\xc2Ud\xfdh+\xe8\xe2d\x9b\xcc\xd9\x80\x11\x85fO\x8eU\x06\x92\xea6\x03uO<\xbb\xd5\x83\x1b\x85\xe5\x11\xe7\x94\xa7\xf1\xb1\x86\xf0h\xc6A\x98\x8f\xbe@\xb3s\xbdy\fOi$\xc1+\xf8\xb4\x84U\x134O&\xf1\xa1\x93\xf8', &(0x7f0000000040)=0x82) mremap$auto(0x110c230000, 0x0, 0x101, 0x3, 0x0) r5 = landlock_create_ruleset$auto(&(0x7f0000000140)={0x79036af5, 0x200000000e321, 0x4000009}, 0x89, 0x0) getgroups$auto(0x5, 0x0) waitid$auto_P_PIDFD(0x3, r5, &(0x7f0000000280)={@_si_pad}, 0x9, &(0x7f0000000300)={{0x6, 0x2}, {0x9, 0x8}, 0x2, 0x100, 0x7, 0x100002, 0xffffffff80000001, 0x101, 0x6, 0x5, 0xffffffffffffffff, 0xd, 0x2f4, 0x101, 0x3, 0x2}) fcntl$getown(r5, 0x9) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/cgroup/delegate\x00', 0x80, 0x0) socket(0x18, 0xa, 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x8e102, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio0\x00', 0x1600, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x2, 0x80002, 0x73) 1m4.372016054s ago: executing program 3 (id=2438): openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, 0x0, 0x189400, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) bind$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x200000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x1, 0x2) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/statistics/dot11RTSFailureCount\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0x80) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x404d02, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_tracing_saved_cmdlines_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/saved_cmdlines_size\x00', 0x208200, 0x0) r1 = socket(0x2, 0x1, 0x0) syz_genetlink_get_family_id$auto_l2tp(0x0, r1) landlock_add_rule$auto_LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000001200)="ff02b72201e4f10e3584943b300a67b2b32e9cadf97356065d79c0e6d98b081c46c281533dcc60b404e73b0b753e08f721b9518b9267b474e681163434dbb0b0882b79e6e6c6337ae81cfaf63654aaf46348b26756f1f16f0fd2e2d1664762f4b47a63eee60f527f7ed0f9b93ce5f69f3d0e028f6a9e5b55a37db7afd9fc4b3d9c261fe54b516f26d4a4dbd4a1e2b8a43a92288bafedf3673ee2367a4306793e5ccb83b668552525cf3023dc5340ae64ff56781af38af33f1fd41a4e2f88527e5d0373ccfa4935f4562a25ec6a087e85681ef856b6203da501086bdf35d034a0149a73715419228505dd0b2b162faebbc78a7332940dd307d687ea303587bc1d0e0f984e8aff29cea42609ea99ffd9cdbd682dc84939023155dd2c99cd534216ab2c03e5d3b09a24c71dd9e64a3e7368323161db41789215c0dcb2ef6b9f5f39c590378e4424c00aa09f02b415f24730579ce636bb2abce996d5f2a3a49ff7e2ea82de7e6f7d4b2e1d6fc13b9c0137df6d2c7c6c792c191f37d56e6c0a65985dfa95aa44b3aecc7d4cf27aaf1112003761de64c6e347e9e4e733f7625412c770aa3fb313011761075de60a0dfac10f0fd2c982625655ea451db6e914cd49c1c2b1a0fc68b8d78fb8b09f971768f3463a96c268f7c0f66e922ce29fe01fae3cdbbf408569af392fff6288c04b6ac497580fe30bf67314d39852089505a97e37da094dfefe9516017b6830d2ca9cd40dcee44aaf46a18d48f6618bf860c94aa2bdc2cafe0b566d6d51e595ec4714060bef712b0c55aafcda3a91e2362c70852105bc9c4f96a95a2cffe483f2861d8eaa8d7fef2956fa90cae7cbb5c758ee75ab46320ebfe81bac38f16e2a1123ae0c52aa10862fd7f1c683a9a7dd559ac7a41d7ea2ee80b939dae01d0772e1e4aa125dba174b203dac6822b3ff6327ae8bc1c38862dac44b8c16c1d201e2292eb6ff072ab95ca70a04f28770d940b870545db5c48a35b76872a8d56915166f26f9c4e9fed1b32f6607132d3236684e7014b331e261b5a8b3482f1c423708b640c2d753776ee7cb3557a2a16de199020452e403f423929a734c993aa2c976e4e84657e337308168f1898855204f827e0253ef526ad25717aa8fd7829e208777626848d00bdbbb20b42b93136e595174211849a62089e59d606fcc81e0179d0e4d5c1f41e9902fcee3a37d610286cfb4270dd9abb89d183db356245f6e0dd49f6058c84368af60d709221edd8ecf9ac4de76f022fdd7146c03878cea4bc680c3a0d83a0d4faf03cac132ccf0a1faba624d84094c224b4ed965626c72c35202173da1d2f21a2549118075490058a8f486cdceaee1f1ac97da16885021a5e09a7b54718c3d22f106a231958bc80c3f8482798b9222e3937bf8e314d4917925b0185f8314eb92c0c57c8bfb321404752e6a0b538948fdb622fbcd4db9a9fe53eba6fdc562f3d5bda6f5f0c937de5758b38ab232071a94d72cea20c9184106c0e69ae6f59929e92d3b4fd7a0fd69ae81c0679711a424904b6124d0ed5a9375f71a9ddfe6afa1b60495dc11754265d4e8aca2b7cb93f94a368e2e64faa4f9c933599a50fc1ba890034c5fdf409e1ac0fa053569abfb850533ad6b2d778f70c323bbe2d9e582df9429e36a160062c67c2efcad3425fa40c9ecff99731c5ecbd524ed407fdb2e97cc1274a5d4f62c533d781a5b05b24c192428e5312d2cae3b6e82b91835d92059f278dc6eccdd0cf9c982353443f98e0bdf1171c0dc0c75a9cf7f20692d8ce94d392fb4b9a44b378791dc4d5fa421469d4d6d851009a2bd0416e79f5c210b5ab4015a5e2c00c0d52a833e0b5cfb5b7a267e0b750f67999ea0f46dc7da84761b06ec480793f234f64b786f0f57ae9a277b8a9fd5ef9806bd40a0b738002a6e641c927817967c728fc8750ef91eefc4e9a4c5489e0928aaafe42e4acd95e90eaeca29cc9e80b7ed50c5494cb15bed3f4f867ae81bf7eeb6c23d3b4872689db27c0761c1546297c18afec91598dcfa228ba36979c744d9e28142de193c4a0a5366e3d0f9bbe33df17d6152a4d8154d5987e734e45027fbf8559b6012187ab4cdf5b5c88500ee544b0a3c0a0947988f25fc1e3007e4e0f659c757bf4a46d60c7d06debbe3db33f3a8fc16a38ae26ded37d80b988709191b10bdfbda93f38a00761360c3977e068552a215ad0a6e6c2bcfed4c60983575b450e27a0a1dba60cd88989d1885aea7a4f262abdf79f041661798ff996840eaa8c6c5707028886edbc386b93c501c61eaca1bc2b6cf224353b3b762d2b573e5e4351c8d1b61b5f7e351b7be616c3d8fd25f89063de2d57fc7f12943a256b7be49d02e568530e79851866938b3b638f297ec2071befbb0097942d60c52c2e62450f15400f6e4b278c2aac442a7fe55d8b91b48562b8bbcf3169e4cb1195f271fdde1ea4794ab3f2911680218eb81442f689913169566478226af53fbe976f02d66e4bbce5fc5eb207d110590481471fae058204385bcf87afb07bed0cbba7d4f4f5174d13b91ca62491bcfa41e0c2ddd0f4763fb74f4eef93d4d903889a8c9ab32338e10986723a3464b28dfc43d070252c04aabfc3f51fd595c9378ae8a458ab31a9b322b00e21dcd4f64d12e4d21e435e04d564dbe872c902260d326c2602503a8cf31a9552c434fae67b9bd31e273a5b95f9fcc27bdb0525e7835cad77ba42971007e7405bc5af5e3f7158baaeaa9f33f1ba7c6948795337802f4d888a5d0f9542dc129f6fcda78de5e69856a596297dfbac90fef02a23cab4e898a46077e83680076a1f821a502c469767db8dfde0c2da6339446072c6961ee7c01067833e62bd74e5e08cee534a2b7b4bc3dd887eef0e385e3f8a2e64309b46e0a0f584add629afe5dc20702ce62ea8fc9869dba40cdb3c67614a618bbd00303896f3328d664e3c40d8d6fa2c7320359bd8a971df73d6f9819dfffb2c9436959e7a81dfd5b1a180af543165e7b603b4e5b8abd3833af313fbc0d6dcf55a65bfc5938673cf4f3db27e9414988a3a383246ba5c9e678a6be7c3b18c257133cfac852f2a696c4873369bd87888a38ebfc91bb787e20978b1ce0f7654622718de3917dcc94926fb8b08ccf4e036358b9323f44f4ea909a1416e3904b3a508e3041311ff84f3d97b46dd52ac4e7e6f3f36ab0f5c8d6dade0d6f3e587778e8962b080bcd357728af3b842c637bdf58b3d299a23339f9101f079d954a0e1248270bae0977a261287943f0d96a95706591074b5c6d60e8126625b8c58a19b51da01a1403eef0a57a9b2b144772b53eb881bde9ee85cd9e9cc2ea7b792a551095521a2eedcfadb7fe01b30bcf5e05007dc3ced4b26d58a3fd567b5e9ec7edbd11653a300608d9d90d8aa7806dd1876fb6eb244a79088615768458ef501bd83a86d634dc0dcd3451fb1906b756e35fbc09a33c1cbf0559f4f9570f3330a90f85e1e6cc63aa1b0002313b33be48e0da821471d65f11df9fb0ca72bd0ffd4a577b9485b98d5902a419ee386946c039bd8f89fef6e9fe62016cf5f7f65439fde77539456c293487716d004bde8be44315d16dcc8e4194b5b8de6a68cae24bc1eb1013d1b6c7712bd809f3644dc8c68c46e98a2786753374d004f907330dffc96d38ac10e091d6a275de6b7b679c5abeabbfb8e20a9192bccdcfb1a8425fa98e79e2a719703aeaf5fe0085c79938d981f93a453709cfea2aa835a6eee439efc700ec4386783ddec1c6a3805ff07abb60cef08b7450c9f98ca5931ada3d6ef781779f2a87ef28d4e83cafecdb671cfddd8a7a01b9da8d999765514839899fd135e311854c0c96036823574f1370192873bf6d0142211abf35d93936e16c727a554daad7baccd2b94a46dba5bd4ee4f93e93e01e3708ddf8ffcb8a9294f6e682d8fc14a3c6f8be3bf00998317d2a6011c18572ae2541fde4ac0591058b68bf83498a3743fbaf1fbf604a4a4e221856b299c44e69cc04f60b661568a3087b315912c79677ba68b8942cc40e9cad750938c4b0532b9f7b91869e7950bc78eaa6f4d1369456e3ea155fc733f67eed2d6ec3246dd2967ab3126d24ee0e208c642f83e893416250e513478d8cd0aeeadfbea38437657d4ad2d4ab3ea9d80aa618b605d416ec91a68853b7ea31202f46ef85e0acc03021e871ddada287d871d656e04752ed1fcc1ce7c75c474f6353fb4459fdd63560d45320be045b0b21adcb710ee11631d1d33b722822980fe6c4dd62d94302c40495fb0546db3f5fbd5ffdad9e00d1781ab7521315aa2d50c7a4994b4dc9e19405b7dfe2b8c494e502f040b05b09204667597a89ec18e5af37cd384ab09f5dcc9ea9195bc1fe5e1115bd0b3216a0091558d3235a5ef8af7f03a10d4e3b6a16a251946da3661a9699b9059301ae072039ea9998c9b018f80c799c9b03cfe90aa3a460e4257ecb17a59d5f48d0782fae3580a44c41253e462de2736e542bbcc9d11e69e8c61987179285d8e2f7df8710bce3765edba877201c155371427274b094cece9b381b0f85b9e3c871a598135a8f674a91225cd3aca30d9f0b0f3062408c3257d6ecd2f1057cf55138343320fec279e74d91fe80cafe8c809e462c6fb006bc4523046cb4c82c29c1024c595bbba2ef8c8423d92e17ef4c98c61aaa7c8b4c7ad391e0adac0f7f98002e381c82acf21a51c475e520e8ec3415605ad9cec88e47a97b944821f21fe51839aac506ed07a35975ec140b453ab6d20cf02b5434ea3490dc00535dc43a129798f3d014672b45178d2cdf57242ecb3730f312708c92e80fda95ae5d1e8a1105055b87187441e6a01004e5df1662f4bf789f8212f4fd9f4da9424d8b53afd1eaee9fae3e845f49d9d1a05b464b262e324eec30a33764e883f2ef6247f170d98d3e173744aa45eab2b9b097e2437c38d0f6e068bd812d25e2fda49080c2bbc399043b9219f682ef833ce9335f7ed62be031f7d7b8586440c4b9223c3d2aa3083299544b01859c9763ce77bc56e5e85b6fb0882c051bebc3d7fd62d17cb6ef6023efa761fc69ab1997bb593df4fb72d294458736f3b80dc76e728379412b099a00876f3cefff9a62821ba3b7e130d8e4c37a13eec7caf29d9f5ebcc7546b0299b480aaf1fdcd4fa187a4f1ab80ae8bdfabe3e5bdb1a96ce225fa45f0743c261e0ce88bfd33b7f4eb6299c7ae940c5657494fb6fae4e412ea00fbd10243f02b20fff28e408c274dd1c2a8083bfd0b5750de382a0ac4e0d6f4b67c38bbf1df052cc234fcf350dd21fd814da2075b546a0d75910d0141e74fa6ced8387caf88e0db81a06f1017f302d2712422e2d6ada42f32ee30f85ceb14ebd74a56714bf103af0dd8107ee8753cda9ea062995d5a3ff77a740cc9fc95546b329bea87420fc9b1cd15499c8794833554fa59367e1fc38f6c331f09a2899c02ef838e4b4271f1c40bc979a835b532f414ff71044440b88a3846b4deecf6bce085878757800d5a99e70fd36faa69b97f22c338eadf43b89a60cf2a277c4a48223267529ebbff468c0de4ff6869a3c3bea79be066d960713c7e67c15ac6c1fe9d66f7e1e9a0b4f26e91f414bce8ec886b60ed10dc477ea7fe2cf01ee374765cdeadc3fb65ff371defe8d2083f71ef26ee82e25c8fe01faa3c5cb5476d80e2c531d817fcff26e5656f12d018267582ceefb6d2bd1792117ca0532023810415924f7cb471ae36857f8e1ed19c6e7cbc34edbd78a59cbc712036fdfa08b3b54c5ebfcd8d02aa8ace34cd3692ab507441800724e332cccabe", 0xfffff1bf) close_range$auto(0x2, 0x8, 0x0) socket(0x80000000000000a, 0x2, 0x0) r2 = socket(0x2, 0x801, 0x84) bind$auto(0x3, 0x0, 0x6a) bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x20, 0xffffffffffffffff, 0xffffffff}, 0x10) getsockopt$auto(r2, 0x84, 0x6d, 0x0, &(0x7f0000000280)=0x1000c0) 1m3.78322443s ago: executing program 3 (id=2440): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb133", 0x930) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sg0\x00', 0x141040, 0x0) ioctl$auto_SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f0000000280)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x40000006, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r2, 0x0, 0x1ff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r3 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r3, 0x401c5820, 0x0) open(&(0x7f0000000280)='./file0\x00', 0x143242, 0x164) io_uring_setup$auto(0x8, 0x0) mremap$auto(0x200000000000, 0x4, 0x4, 0x3, 0x100000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x1, 0x0) io_uring_register$auto(0x2, 0x2, &(0x7f0000000040), 0x86) io_uring_register$auto(0x2, 0x6, &(0x7f0000000180), 0x86) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) 48.676257049s ago: executing program 32 (id=2440): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000001bc0)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb133", 0x930) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sg0\x00', 0x141040, 0x0) ioctl$auto_SCSI_IOCTL_PROBE_HOST(r1, 0x5385, &(0x7f0000000280)) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x40000006, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r2, 0x0, 0x1ff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r3 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r3, 0x401c5820, 0x0) open(&(0x7f0000000280)='./file0\x00', 0x143242, 0x164) io_uring_setup$auto(0x8, 0x0) mremap$auto(0x200000000000, 0x4, 0x4, 0x3, 0x100000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x1, 0x0) io_uring_register$auto(0x2, 0x2, &(0x7f0000000040), 0x86) io_uring_register$auto(0x2, 0x6, &(0x7f0000000180), 0x86) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) 23.394309079s ago: executing program 0 (id=2586): socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = openat$auto_force_suspend_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/bluetooth/hci1/force_suspend\x00', 0x121401, 0x0) write$auto_force_suspend_fops_hci_vhci(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, 0x0, 0x109001, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x8000000000000001) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/rpc/auth.unix.ip/flush\x00', 0x40d81, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000140), 0xcb00, 0x0) getpid() openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x2100, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, r2) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, 0x0, 0x40800) unshare$auto(0x40000080) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(0xffffffffffffffff, 0xc0109207, &(0x7f0000000100)={0x0, 0x2000004, 0x7}) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0xd) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/001/001\x00', 0x29202, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mlockall$auto(0x7) 22.314282467s ago: executing program 0 (id=2588): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) madvise$auto(0x7ffffffb, 0xfffffffffffffffe, 0xfffffeff) mmap$auto(0x0, 0x2020009, 0xa, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8000, 0x0) r1 = io_uring_setup$auto(0x8, 0x0) io_uring_register$auto(0x2, 0x5, &(0x7f0000000000), 0xe9) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/buffer_subbuf_size_kb\x00', 0x40200, 0x0) pidfd_send_signal$auto_PIDFD_SELF_THREAD_GROUP(0xffffffffffffb1e0, 0x4, &(0x7f0000000000)={@siginfo_0_0={0x7, 0xfffffffd, 0x9, @_sigpoll={0x53, r1}}}, 0x4) ioctl$auto_SNDCTL_TMR_CONTINUE(r0, 0x5404, &(0x7f0000000180)="697d37cbf26e92f6363e") 22.237328833s ago: executing program 0 (id=2589): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x1cbc00, 0x0) mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) mmap$auto(0x0, 0x4000005, 0xfffffffffffffe01, 0x8051, 0x3, 0x10000000008000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, 0x0) mmap$auto(0x0, 0x2020006, 0x9, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x2, 0x80000036) setsockopt$auto(0x400000000000003, 0x29, 0x2000d2, 0x0, 0x567) eventfd$auto(0x7f) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = socket(0xa, 0x5, 0x84) getsockopt$auto(r2, 0x84, 0x1f, 0x0, &(0x7f0000000080)=0x49b) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x0, 0x0) mmap$auto(0x0, 0x810004, 0x5, 0x8000000008011, r3, 0x8000) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000200)=""/36, 0x24) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x484800, 0x0) madvise$auto(0x0, 0x2003f2, 0x15) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/extra\x00', 0xa142, 0x0) r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000400)='/dev/binderfs/binder1\x00', 0x0, 0x0) ioctl$auto_BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000000)="fc1c4959f721a24583") close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x0, 0x1010001, 0x100000003) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000000), r5) 21.490498583s ago: executing program 0 (id=2590): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFSD_CMD_THREADS_GET(r0, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000001780)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44848}, 0x4000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r2, 0xffffffffffffffff, 0x4, 0x401, 0xffffffffffffffff, @relative_id=0x4f, 0xe600}, 0x2) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000019c0), r0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000002280)={0x0, 0x0, &(0x7f0000002240)={&(0x7f0000002080)={0x20, 0x0, 0x503, 0x70bd27, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x40) 21.381212043s ago: executing program 0 (id=2591): close_range$auto(0x2, 0xffffffffffffffff, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000040), 0xa9242, 0x0) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x2c, r1, 0x13, 0x70bd2c, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r3}, @NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x1}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0x9effffff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24004080}, 0x20040894) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto(0x3, 0xae41, r0) 21.189755456s ago: executing program 0 (id=2592): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000001bc0)="511f6572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105", 0x7af) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x40000006, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r1, 0x0, 0x1ff) 5.153445825s ago: executing program 33 (id=2592): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000001bc0)="511f6572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b20a40ffa168b91dde6727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e38782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105", 0x7af) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x40000006, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r1, 0x0, 0x1ff) 664.36579ms ago: executing program 1 (id=2633): socket$nl_generic(0x10, 0x3, 0x10) setresuid$auto(0x8, 0x0, 0x4) setpriority$auto(0x2, 0x8, 0x8) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/netfilter/nf_log\x00', 0x101000, 0x0) pread64$auto(r0, 0x0, 0x7, 0xffff) 607.62223ms ago: executing program 1 (id=2634): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r1 = openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000140), 0x60100, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) ioctl$auto_RTC_RD_TIME(0xffffffffffffffff, 0x80247009, &(0x7f0000000180)={0xd8bf, 0x5, 0x8, 0x9, 0x1, 0x4, 0x6, 0x3e06}) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x4, 0x0, 0x9a6, 0xa) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) write$auto(0xffffffffffffffff, 0x0, 0x56ec) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x3, 0x3, 0x7) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x7, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x8640, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) preadv$auto(0x3, 0x0, 0x3, 0x3, 0x10) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto(0x3, 0x0, 0x5) read$auto(r1, &(0x7f0000000000)='--j(.{]%)\x00', 0x5) ioctl$auto_FS_IOC_ZERO_RANGE(r1, 0x40305839, 0x1) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) 374.895932ms ago: executing program 1 (id=2635): openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x60) 259.527537ms ago: executing program 1 (id=2636): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x106) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio0/set\x00', 0x80302, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback=0xac14140a}, 0x55) setsockopt$auto(r0, 0x1, 0x9, 0x0, 0xeb66) ioperm$auto(0x3, 0xe, 0x2000000000000149) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) shutdown$auto(0x200000003, 0x2) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x82, 0x0) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', 0x0, 0x10000, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/smbd_max_receive_size\x00', 0x103742, 0x0) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x2400c090) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) socket(0xa, 0x801, 0x106) pipe2$auto(&(0x7f0000000040)=0x8, 0x4800) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) ioctl$auto_VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f00000000c0)=0x2f) splice$auto(0x4, 0x0, 0x2, 0x0, 0x1000, 0xf) mmap$auto(0x10000, 0x400005, 0x40000000000005, 0x9b72, 0xc76, 0x0) ioctl$auto_VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000000)={0x8}) acct$auto(&(0x7f0000000000)='/dev/cec31\x00') close_range$auto(0x2, 0x8, 0x0) setrlimit$auto(0x1000000007, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb5, 0x401, 0x300000000000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) 91.838261ms ago: executing program 1 (id=2637): recvfrom$auto(0x3, 0x0, 0x800000000e, 0x13e, 0x0, 0xfffffffffffffffd) 0s ago: executing program 1 (id=2638): r0 = openat$auto_hwsim_fops_ps_(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy17/hwsim/ps\x00', 0x800, 0x0) write$auto(r0, 0x0, 0xffffffffffffff01) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) select$auto(0xe, 0x0, 0x0, &(0x7f0000000000)={[0x1ff, 0x9, 0x8, 0x1, 0x2, 0x4, 0x15f4da0e, 0x100, 0xd08, 0xc, 0x200000000000c, 0x0, 0x6d2f, 0xffffffffffffff00, 0x2, 0x4000000000000d]}, 0x0) socket(0x2c, 0x1, 0x4004) r1 = getsockopt$auto(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) read$auto_udf_dir_operations_udfdecl(r1, &(0x7f0000000140)=""/128, 0x80) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) fanotify_init$auto(0x5, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) madvise$auto(0x0, 0x20499d, 0x9) utimes$auto(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x1f, 0xa6}) kernel console output (not intermixed with test programs): frame+0x77/0x7f [ 783.453485][T16204] RIP: 0033:0x7f1bac78f749 [ 783.453505][T16204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 783.453530][T16204] RSP: 002b:00007f1bad5cb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 783.453552][T16204] RAX: ffffffffffffffda RBX: 00007f1bac9e5fa0 RCX: 00007f1bac78f749 [ 783.453569][T16204] RDX: 0000000000000004 RSI: 000000000000000d RDI: 0000000000000000 [ 783.453584][T16204] RBP: 00007f1bac813f91 R08: 0000000000000000 R09: 0000000000000008 [ 783.453604][T16204] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 783.453618][T16204] R13: 00007f1bac9e6038 R14: 00007f1bac9e5fa0 R15: 00007fff4797a6b8 [ 783.453650][T16204] [ 783.668688][ C1] vkms_vblank_simulate: vblank timer overrun [ 783.797627][T16212] FAULT_INJECTION: forcing a failure. [ 783.797627][T16212] name failslab, interval 1, probability 0, space 0, times 0 [ 783.810582][T16212] CPU: 1 UID: 0 PID: 16212 Comm: syz.0.2207 Not tainted syzkaller #0 PREEMPT(full) [ 783.810620][T16212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 783.810636][T16212] Call Trace: [ 783.810645][T16212] [ 783.810654][T16212] dump_stack_lvl+0x16c/0x1f0 [ 783.810690][T16212] should_fail_ex+0x512/0x640 [ 783.810730][T16212] should_failslab+0xc2/0x120 [ 783.810763][T16212] kmem_cache_alloc_node_noprof+0x78/0x770 [ 783.810789][T16212] ? __alloc_skb+0x2b2/0x380 [ 783.810833][T16212] ? __alloc_skb+0x2b2/0x380 [ 783.810871][T16212] __alloc_skb+0x2b2/0x380 [ 783.810913][T16212] ? __pfx___alloc_skb+0x10/0x10 [ 783.810965][T16212] tipc_buf_acquire+0x26/0xe0 [ 783.810991][T16212] named_prepare_buf+0x29/0x170 [ 783.811022][T16212] tipc_named_publish+0x1f2/0x770 [ 783.811064][T16212] tipc_nametbl_publish+0x17d/0x280 [ 783.811105][T16212] tipc_sk_publish+0x1d8/0x430 [ 783.811144][T16212] ? __pfx_tipc_sk_publish+0x10/0x10 [ 783.811183][T16212] ? tipc_group_create+0x4c0/0x660 [ 783.811217][T16212] tipc_setsockopt+0x991/0xdb0 [ 783.811257][T16212] ? __pfx_tipc_setsockopt+0x10/0x10 [ 783.811308][T16212] ? __pfx_tipc_setsockopt+0x10/0x10 [ 783.811348][T16212] do_sock_setsockopt+0xf3/0x1d0 [ 783.811388][T16212] __sys_setsockopt+0x120/0x1a0 [ 783.811418][T16212] __x64_sys_setsockopt+0xbd/0x160 [ 783.811444][T16212] ? do_syscall_64+0x91/0xfa0 [ 783.811475][T16212] ? lockdep_hardirqs_on+0x7c/0x110 [ 783.811506][T16212] do_syscall_64+0xcd/0xfa0 [ 783.811540][T16212] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 783.811571][T16212] RIP: 0033:0x7f1bac78f749 [ 783.811592][T16212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 783.811619][T16212] RSP: 002b:00007f1bad5cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 783.811645][T16212] RAX: ffffffffffffffda RBX: 00007f1bac9e5fa0 RCX: 00007f1bac78f749 [ 783.811663][T16212] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 783.811678][T16212] RBP: 00007f1bad5cb090 R08: 0000000000000014 R09: 0000000000000000 [ 783.811694][T16212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 783.811710][T16212] R13: 00007f1bac9e6038 R14: 00007f1bac9e5fa0 R15: 00007fff4797a6b8 [ 783.811749][T16212] [ 783.811760][T16212] tipc: Publication distribution failure [ 784.217548][T16217] ptrace attach of "./syz-executor exec"[16219] was attempted by "./syz-executor exec"[16217] [ 785.380495][T11734] Bluetooth: hci3: unexpected subevent 0x01 length: 1 < 18 [ 786.780769][T16280] FAULT_INJECTION: forcing a failure. [ 786.780769][T16280] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 786.867370][T16280] CPU: 1 UID: 0 PID: 16280 Comm: syz.2.2215 Not tainted syzkaller #0 PREEMPT(full) [ 786.867407][T16280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 786.867423][T16280] Call Trace: [ 786.867432][T16280] [ 786.867442][T16280] dump_stack_lvl+0x16c/0x1f0 [ 786.867479][T16280] should_fail_ex+0x512/0x640 [ 786.867524][T16280] _copy_to_user+0x32/0xd0 [ 786.867550][T16280] simple_read_from_buffer+0xcb/0x170 [ 786.867594][T16280] proc_fail_nth_read+0x197/0x240 [ 786.867623][T16280] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 786.867652][T16280] ? rw_verify_area+0xcf/0x6c0 [ 786.867676][T16280] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 786.867703][T16280] vfs_read+0x1e4/0xcf0 [ 786.867734][T16280] ? __pfx___mutex_lock+0x10/0x10 [ 786.867768][T16280] ? __pfx_vfs_read+0x10/0x10 [ 786.867803][T16280] ? __fget_files+0x20e/0x3c0 [ 786.867837][T16280] ksys_read+0x12a/0x250 [ 786.867864][T16280] ? __pfx_ksys_read+0x10/0x10 [ 786.867899][T16280] do_syscall_64+0xcd/0xfa0 [ 786.867933][T16280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 786.867959][T16280] RIP: 0033:0x7f6954b8e15c [ 786.867979][T16280] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 786.868004][T16280] RSP: 002b:00007f6955a55030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 786.868027][T16280] RAX: ffffffffffffffda RBX: 00007f6954de5fa0 RCX: 00007f6954b8e15c [ 786.868044][T16280] RDX: 000000000000000f RSI: 00007f6955a550a0 RDI: 0000000000000004 [ 786.868060][T16280] RBP: 00007f6955a55090 R08: 0000000000000000 R09: 0000000000000000 [ 786.868076][T16280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 786.868091][T16280] R13: 00007f6954de6038 R14: 00007f6954de5fa0 R15: 00007ffcc799c6f8 [ 786.868130][T16280] [ 787.809820][T16290] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 789.987841][T16314] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 790.024751][T16314] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 790.053108][T16314] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 790.093632][T16314] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 790.115086][T16314] CPU0 is offline. [ 791.174830][T11734] Bluetooth: hci0: command 0x0406 tx timeout [ 791.611020][T16345] FAULT_INJECTION: forcing a failure. [ 791.611020][T16345] name fail_futex, interval 1, probability 0, space 0, times 0 [ 791.681805][T16345] CPU: 1 UID: 0 PID: 16345 Comm: syz.2.2231 Not tainted syzkaller #0 PREEMPT(full) [ 791.681841][T16345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 791.681856][T16345] Call Trace: [ 791.681864][T16345] [ 791.681874][T16345] dump_stack_lvl+0x16c/0x1f0 [ 791.681911][T16345] should_fail_ex+0x512/0x640 [ 791.681954][T16345] get_futex_key+0x293/0x1560 [ 791.681988][T16345] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 791.682032][T16345] ? __pfx_get_futex_key+0x10/0x10 [ 791.682062][T16345] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 791.682107][T16345] ? ktime_add_safe+0x60/0x70 [ 791.682149][T16345] futex_lock_pi+0x1cc/0x7c0 [ 791.682193][T16345] ? __pfx_futex_lock_pi+0x10/0x10 [ 791.682231][T16345] ? __futex_wait+0x24b/0x2f0 [ 791.682261][T16345] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 791.682321][T16345] ? __pfx_futex_wake_mark+0x10/0x10 [ 791.682365][T16345] ? __might_fault+0xe3/0x190 [ 791.682390][T16345] ? __might_fault+0xe3/0x190 [ 791.682413][T16345] ? __might_fault+0x13b/0x190 [ 791.682446][T16345] do_futex+0x11a/0x350 [ 791.682481][T16345] ? __pfx_do_futex+0x10/0x10 [ 791.682524][T16345] __x64_sys_futex+0x1e0/0x4c0 [ 791.682563][T16345] ? __pfx___x64_sys_futex+0x10/0x10 [ 791.682599][T16345] ? xfd_validate_state+0x61/0x180 [ 791.682634][T16345] ? __pfx_ksys_write+0x10/0x10 [ 791.682671][T16345] do_syscall_64+0xcd/0xfa0 [ 791.682713][T16345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 791.682739][T16345] RIP: 0033:0x7f6954b8f749 [ 791.682759][T16345] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 791.682785][T16345] RSP: 002b:00007f6955a55038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 791.682808][T16345] RAX: ffffffffffffffda RBX: 00007f6954de5fa0 RCX: 00007f6954b8f749 [ 791.682824][T16345] RDX: 0000000000000004 RSI: 000000000000000d RDI: 0000000000000000 [ 791.682839][T16345] RBP: 00007f6954c13f91 R08: 0000000000000000 R09: 0000000000000008 [ 791.682854][T16345] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 791.682888][T16345] R13: 00007f6954de6038 R14: 00007f6954de5fa0 R15: 00007ffcc799c6f8 [ 791.682920][T16345] [ 792.165113][T11734] Bluetooth: hci2: command 0x0406 tx timeout [ 792.171251][T11734] Bluetooth: hci1: command 0x0406 tx timeout [ 792.177578][T11734] Bluetooth: hci3: command 0x0406 tx timeout [ 792.423175][T16354] FAULT_INJECTION: forcing a failure. [ 792.423175][T16354] name failslab, interval 1, probability 0, space 0, times 0 [ 792.471591][T16354] CPU: 1 UID: 0 PID: 16354 Comm: syz.3.2233 Not tainted syzkaller #0 PREEMPT(full) [ 792.471627][T16354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 792.471642][T16354] Call Trace: [ 792.471652][T16354] [ 792.471661][T16354] dump_stack_lvl+0x16c/0x1f0 [ 792.471697][T16354] should_fail_ex+0x512/0x640 [ 792.471745][T16354] ? fs_reclaim_acquire+0xae/0x150 [ 792.471781][T16354] should_failslab+0xc2/0x120 [ 792.471815][T16354] __kmalloc_noprof+0xdd/0x880 [ 792.471855][T16354] ? kfree+0x252/0x6d0 [ 792.471874][T16354] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 792.471911][T16354] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 792.471941][T16354] tomoyo_realpath_from_path+0xc2/0x6e0 [ 792.471979][T16354] tomoyo_check_open_permission+0x2ab/0x3c0 [ 792.472006][T16354] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 792.472061][T16354] ? do_raw_spin_lock+0x12c/0x2b0 [ 792.472109][T16354] tomoyo_file_open+0x6b/0x90 [ 792.472145][T16354] security_file_open+0x84/0x1e0 [ 792.472174][T16354] do_dentry_open+0x596/0x1530 [ 792.472212][T16354] vfs_open+0x82/0x3f0 [ 792.472252][T16354] path_openat+0x1de4/0x2cb0 [ 792.472290][T16354] ? __pfx_path_openat+0x10/0x10 [ 792.472321][T16354] ? __lock_acquire+0xb8a/0x1c90 [ 792.472360][T16354] do_filp_open+0x20b/0x470 [ 792.472388][T16354] ? __pfx_do_filp_open+0x10/0x10 [ 792.472439][T16354] ? alloc_fd+0x471/0x7d0 [ 792.472473][T16354] do_sys_openat2+0x11b/0x1d0 [ 792.472510][T16354] ? __pfx_do_sys_openat2+0x10/0x10 [ 792.472550][T16354] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 792.472600][T16354] __x64_sys_openat+0x174/0x210 [ 792.472639][T16354] ? __pfx___x64_sys_openat+0x10/0x10 [ 792.472690][T16354] do_syscall_64+0xcd/0xfa0 [ 792.472729][T16354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 792.472756][T16354] RIP: 0033:0x7f1fd478f749 [ 792.472776][T16354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 792.472802][T16354] RSP: 002b:00007f1fd563f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 792.472826][T16354] RAX: ffffffffffffffda RBX: 00007f1fd49e5fa0 RCX: 00007f1fd478f749 [ 792.472843][T16354] RDX: 000000000000c000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 792.472860][T16354] RBP: 00007f1fd4813f91 R08: 0000000000000000 R09: 0000000000000000 [ 792.472876][T16354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 792.472891][T16354] R13: 00007f1fd49e6038 R14: 00007f1fd49e5fa0 R15: 00007fff9a4f0ed8 [ 792.472942][T16354] [ 792.472952][T16354] ERROR: Out of memory at tomoyo_realpath_from_path. [ 793.217303][T16365] ptrace attach of "./syz-executor exec"[16366] was attempted by "./syz-executor exec"[16365] [ 794.035325][T16377] FAULT_INJECTION: forcing a failure. [ 794.035325][T16377] name failslab, interval 1, probability 0, space 0, times 0 [ 794.139403][T16377] CPU: 1 UID: 0 PID: 16377 Comm: syz.3.2238 Not tainted syzkaller #0 PREEMPT(full) [ 794.139438][T16377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 794.139454][T16377] Call Trace: [ 794.139462][T16377] [ 794.139472][T16377] dump_stack_lvl+0x16c/0x1f0 [ 794.139515][T16377] should_fail_ex+0x512/0x640 [ 794.139554][T16377] ? fs_reclaim_acquire+0xae/0x150 [ 794.139591][T16377] should_failslab+0xc2/0x120 [ 794.139629][T16377] __kmalloc_noprof+0xdd/0x880 [ 794.139671][T16377] ? tomoyo_encode2+0x100/0x3e0 [ 794.139706][T16377] ? tomoyo_encode2+0x100/0x3e0 [ 794.139731][T16377] tomoyo_encode2+0x100/0x3e0 [ 794.139764][T16377] tomoyo_encode+0x29/0x50 [ 794.139791][T16377] tomoyo_realpath_from_path+0x18f/0x6e0 [ 794.139831][T16377] tomoyo_get_exe+0x63/0xa0 [ 794.139868][T16377] tomoyo_write_control+0x689/0x1430 [ 794.139917][T16377] ? __pfx_tomoyo_write_control+0x10/0x10 [ 794.139960][T16377] ? __pfx_tomoyo_write+0x10/0x10 [ 794.139989][T16377] vfs_write+0x2a0/0x11d0 [ 794.140022][T16377] ? __pfx___mutex_lock+0x10/0x10 [ 794.140056][T16377] ? __pfx_vfs_write+0x10/0x10 [ 794.140092][T16377] ? __fget_files+0x20e/0x3c0 [ 794.140128][T16377] ksys_write+0x12a/0x250 [ 794.140155][T16377] ? __pfx_ksys_write+0x10/0x10 [ 794.140193][T16377] do_syscall_64+0xcd/0xfa0 [ 794.140227][T16377] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 794.140253][T16377] RIP: 0033:0x7f1fd478f749 [ 794.140273][T16377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 794.140298][T16377] RSP: 002b:00007f1fd561e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 794.140323][T16377] RAX: ffffffffffffffda RBX: 00007f1fd49e6090 RCX: 00007f1fd478f749 [ 794.140340][T16377] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 794.140356][T16377] RBP: 00007f1fd561e090 R08: 0000000000000000 R09: 0000000000000000 [ 794.140371][T16377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 794.140386][T16377] R13: 00007f1fd49e6128 R14: 00007f1fd49e6090 R15: 00007fff9a4f0ed8 [ 794.140420][T16377] [ 794.355578][T16377] ERROR: Out of memory at tomoyo_realpath_from_path. [ 794.998469][T16392] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(1869770799.1702047587.1932486252), cmd(16) [ 795.399348][T16400] ptrace attach of "./syz-executor exec"[16401] was attempted by "./syz-executor exec"[16400] [ 795.459566][T16403] FAULT_INJECTION: forcing a failure. [ 795.459566][T16403] name fail_futex, interval 1, probability 0, space 0, times 0 [ 795.554693][T16403] CPU: 1 UID: 0 PID: 16403 Comm: syz.1.2245 Not tainted syzkaller #0 PREEMPT(full) [ 795.554730][T16403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 795.554747][T16403] Call Trace: [ 795.554757][T16403] [ 795.554769][T16403] dump_stack_lvl+0x16c/0x1f0 [ 795.554806][T16403] should_fail_ex+0x512/0x640 [ 795.554856][T16403] get_futex_key+0x293/0x1560 [ 795.554891][T16403] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 795.554937][T16403] ? __pfx_get_futex_key+0x10/0x10 [ 795.554968][T16403] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 795.555013][T16403] ? ktime_add_safe+0x60/0x70 [ 795.555056][T16403] futex_lock_pi+0x1cc/0x7c0 [ 795.555101][T16403] ? __pfx_futex_lock_pi+0x10/0x10 [ 795.555140][T16403] ? __futex_wait+0x24b/0x2f0 [ 795.555171][T16403] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 795.555234][T16403] ? __pfx_futex_wake_mark+0x10/0x10 [ 795.555280][T16403] ? __might_fault+0xe3/0x190 [ 795.555306][T16403] ? __might_fault+0xe3/0x190 [ 795.555329][T16403] ? __might_fault+0x13b/0x190 [ 795.555364][T16403] do_futex+0x11a/0x350 [ 795.555401][T16403] ? __pfx_do_futex+0x10/0x10 [ 795.555453][T16403] __x64_sys_futex+0x1e0/0x4c0 [ 795.555495][T16403] ? __pfx___x64_sys_futex+0x10/0x10 [ 795.555532][T16403] ? xfd_validate_state+0x61/0x180 [ 795.555569][T16403] ? __pfx_ksys_write+0x10/0x10 [ 795.555608][T16403] do_syscall_64+0xcd/0xfa0 [ 795.555643][T16403] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 795.555669][T16403] RIP: 0033:0x7f24d898f749 [ 795.555690][T16403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 795.555716][T16403] RSP: 002b:00007f24d975a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 795.555740][T16403] RAX: ffffffffffffffda RBX: 00007f24d8be5fa0 RCX: 00007f24d898f749 [ 795.555758][T16403] RDX: 0000000000000004 RSI: 000000000000000d RDI: 0000000000000000 [ 795.555774][T16403] RBP: 00007f24d8a13f91 R08: 0000000000000000 R09: 0000000000000008 [ 795.555790][T16403] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 795.555806][T16403] R13: 00007f24d8be6038 R14: 00007f24d8be5fa0 R15: 00007ffd4f50e158 [ 795.555840][T16403] [ 799.503937][T16468] ptrace attach of "./syz-executor exec"[16472] was attempted by "./syz-executor exec"[16468] [ 801.443445][T16496] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 802.746654][T16515] FAULT_INJECTION: forcing a failure. [ 802.746654][T16515] name failslab, interval 1, probability 0, space 0, times 0 [ 802.759715][T16515] CPU: 1 UID: 0 PID: 16515 Comm: syz.0.2270 Not tainted syzkaller #0 PREEMPT(full) [ 802.759749][T16515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 802.759765][T16515] Call Trace: [ 802.759775][T16515] [ 802.759791][T16515] dump_stack_lvl+0x16c/0x1f0 [ 802.759829][T16515] should_fail_ex+0x512/0x640 [ 802.759872][T16515] should_failslab+0xc2/0x120 [ 802.759908][T16515] __kmalloc_cache_noprof+0x72/0x780 [ 802.759931][T16515] ? __tcp_get_metrics+0x1fc/0x6a0 [ 802.759959][T16515] ? tcp_get_metrics+0x7e0/0x1270 [ 802.759991][T16515] ? tcp_get_metrics+0x7e0/0x1270 [ 802.760017][T16515] tcp_get_metrics+0x7e0/0x1270 [ 802.760048][T16515] ? __pfx_tcp_get_metrics+0x10/0x10 [ 802.760100][T16515] tcp_update_metrics+0x3e7/0xe00 [ 802.760133][T16515] tcp_time_wait+0x8b6/0xff0 [ 802.760176][T16515] tcp_rcv_state_process+0x20de/0x6490 [ 802.760225][T16515] ? __pfx_tcp_rcv_state_process+0x10/0x10 [ 802.760276][T16515] ? do_raw_spin_lock+0x12c/0x2b0 [ 802.760320][T16515] ? __pfx_tcp_v4_do_rcv+0x10/0x10 [ 802.760357][T16515] ? tcp_v4_do_rcv+0x68e/0x10a0 [ 802.760393][T16515] tcp_v4_do_rcv+0x68e/0x10a0 [ 802.760432][T16515] ? __pfx_tcp_v4_do_rcv+0x10/0x10 [ 802.760468][T16515] __release_sock+0x361/0x450 [ 802.760495][T16515] ? __pfx_mptcp_schedule_work+0x10/0x10 [ 802.760526][T16515] release_sock+0x5a/0x220 [ 802.760551][T16515] mptcp_check_send_data_fin+0x248/0x440 [ 802.760583][T16515] __mptcp_close+0x90e/0xbe0 [ 802.760609][T16515] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 802.760654][T16515] ? __pfx___mptcp_close+0x10/0x10 [ 802.760681][T16515] ? __local_bh_enable_ip+0xa4/0x120 [ 802.760715][T16515] mptcp_close+0x28/0xe0 [ 802.760749][T16515] inet_release+0xed/0x200 [ 802.760797][T16515] __sock_release+0xb3/0x270 [ 802.760826][T16515] ? __pfx_sock_close+0x10/0x10 [ 802.760852][T16515] sock_close+0x1c/0x30 [ 802.760876][T16515] __fput+0x402/0xb70 [ 802.760914][T16515] ? _raw_spin_unlock_irq+0x23/0x50 [ 802.760945][T16515] task_work_run+0x150/0x240 [ 802.760986][T16515] ? __pfx_task_work_run+0x10/0x10 [ 802.761026][T16515] ? __pfx___do_sys_close_range+0x10/0x10 [ 802.761062][T16515] exit_to_user_mode_loop+0xec/0x130 [ 802.761102][T16515] do_syscall_64+0x426/0xfa0 [ 802.761136][T16515] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.761162][T16515] RIP: 0033:0x7f1bac78f749 [ 802.761182][T16515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 802.761207][T16515] RSP: 002b:00007f1bad5cb038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 802.761230][T16515] RAX: 0000000000000000 RBX: 00007f1bac9e5fa0 RCX: 00007f1bac78f749 [ 802.761246][T16515] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 802.761261][T16515] RBP: 00007f1bac813f91 R08: 0000000000000000 R09: 0000000000000000 [ 802.761277][T16515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 802.761292][T16515] R13: 00007f1bac9e6038 R14: 00007f1bac9e5fa0 R15: 00007fff4797a6b8 [ 802.761326][T16515] [ 806.807749][T16569] FAULT_INJECTION: forcing a failure. [ 806.807749][T16569] name failslab, interval 1, probability 0, space 0, times 0 [ 806.820509][T16569] CPU: 1 UID: 0 PID: 16569 Comm: syz.1.2283 Not tainted syzkaller #0 PREEMPT(full) [ 806.820551][T16569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 806.820568][T16569] Call Trace: [ 806.820578][T16569] [ 806.820589][T16569] dump_stack_lvl+0x16c/0x1f0 [ 806.820628][T16569] should_fail_ex+0x512/0x640 [ 806.820676][T16569] should_failslab+0xc2/0x120 [ 806.820715][T16569] __kmalloc_cache_noprof+0x72/0x780 [ 806.820741][T16569] ? __tcp_get_metrics+0x1fc/0x6a0 [ 806.820772][T16569] ? tcp_get_metrics+0x7e0/0x1270 [ 806.820807][T16569] ? tcp_get_metrics+0x7e0/0x1270 [ 806.820835][T16569] tcp_get_metrics+0x7e0/0x1270 [ 806.820868][T16569] ? __pfx_tcp_get_metrics+0x10/0x10 [ 806.820916][T16569] ? do_raw_spin_unlock+0x172/0x230 [ 806.820949][T16569] tcp_update_metrics+0x3e7/0xe00 [ 806.820984][T16569] tcp_time_wait+0x8b6/0xff0 [ 806.821032][T16569] tcp_rcv_state_process+0x20de/0x6490 [ 806.821072][T16569] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 806.821104][T16569] ? try_to_wake_up+0x160/0x1870 [ 806.821138][T16569] ? __pfx_tcp_rcv_state_process+0x10/0x10 [ 806.821194][T16569] ? do_raw_spin_lock+0x12c/0x2b0 [ 806.821241][T16569] ? __pfx_tcp_v4_do_rcv+0x10/0x10 [ 806.821281][T16569] ? tcp_v4_do_rcv+0x68e/0x10a0 [ 806.821320][T16569] tcp_v4_do_rcv+0x68e/0x10a0 [ 806.821361][T16569] ? __pfx_tcp_v4_do_rcv+0x10/0x10 [ 806.821402][T16569] __release_sock+0x361/0x450 [ 806.821430][T16569] ? __pfx_mptcp_schedule_work+0x10/0x10 [ 806.821462][T16569] release_sock+0x5a/0x220 [ 806.821489][T16569] mptcp_check_send_data_fin+0x248/0x440 [ 806.821523][T16569] __mptcp_close+0x90e/0xbe0 [ 806.821559][T16569] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 806.821607][T16569] ? __pfx___mptcp_close+0x10/0x10 [ 806.821637][T16569] ? __local_bh_enable_ip+0xa4/0x120 [ 806.821674][T16569] mptcp_close+0x28/0xe0 [ 806.821703][T16569] inet_release+0xed/0x200 [ 806.821745][T16569] __sock_release+0xb3/0x270 [ 806.821775][T16569] ? __pfx_sock_close+0x10/0x10 [ 806.821802][T16569] sock_close+0x1c/0x30 [ 806.821829][T16569] __fput+0x402/0xb70 [ 806.821868][T16569] ? _raw_spin_unlock_irq+0x23/0x50 [ 806.821901][T16569] task_work_run+0x150/0x240 [ 806.821946][T16569] ? __pfx_task_work_run+0x10/0x10 [ 806.821989][T16569] ? __pfx___do_sys_close_range+0x10/0x10 [ 806.822028][T16569] exit_to_user_mode_loop+0xec/0x130 [ 806.822072][T16569] do_syscall_64+0x426/0xfa0 [ 806.822108][T16569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 806.822136][T16569] RIP: 0033:0x7f24d898f749 [ 806.822159][T16569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 806.822186][T16569] RSP: 002b:00007f24d975a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 806.822212][T16569] RAX: 0000000000000000 RBX: 00007f24d8be5fa0 RCX: 00007f24d898f749 [ 806.822230][T16569] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 806.822246][T16569] RBP: 00007f24d8a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 806.822263][T16569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 806.822282][T16569] R13: 00007f24d8be6038 R14: 00007f24d8be5fa0 R15: 00007ffd4f50e158 [ 806.822321][T16569] [ 807.192820][T16571] ptrace attach of "./syz-executor exec"[16572] was attempted by "./syz-executor exec"[16571] [ 814.070219][T16684] ptrace attach of "./syz-executor exec"[16687] was attempted by "./syz-executor exec"[16684] [ 814.808994][T16703] ======================================================= [ 814.808994][T16703] WARNING: The mand mount option has been deprecated and [ 814.808994][T16703] and is ignored by this kernel. Remove the mand [ 814.808994][T16703] option from the mount to silence this warning. [ 814.808994][T16703] ======================================================= [ 818.921405][T16764] FAULT_INJECTION: forcing a failure. [ 818.921405][T16764] name failslab, interval 1, probability 0, space 0, times 0 [ 819.143056][T16764] CPU: 1 UID: 0 PID: 16764 Comm: syz.1.2333 Not tainted syzkaller #0 PREEMPT(full) [ 819.143094][T16764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 819.143110][T16764] Call Trace: [ 819.143118][T16764] [ 819.143128][T16764] dump_stack_lvl+0x16c/0x1f0 [ 819.143164][T16764] should_fail_ex+0x512/0x640 [ 819.143204][T16764] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 819.143234][T16764] should_failslab+0xc2/0x120 [ 819.143273][T16764] kmem_cache_alloc_noprof+0x75/0x6e0 [ 819.143302][T16764] ? vm_area_alloc+0x1f/0x160 [ 819.143330][T16764] ? vm_area_alloc+0x1f/0x160 [ 819.143350][T16764] vm_area_alloc+0x1f/0x160 [ 819.143372][T16764] create_init_stack_vma+0x29/0x700 [ 819.143405][T16764] alloc_bprm+0x420/0x710 [ 819.143433][T16764] do_execveat_common.isra.0+0x1ce/0x610 [ 819.143466][T16764] __x64_sys_execve+0x8e/0xb0 [ 819.143502][T16764] do_syscall_64+0xcd/0xfa0 [ 819.143536][T16764] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 819.143561][T16764] RIP: 0033:0x7f24d898f749 [ 819.143582][T16764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 819.143608][T16764] RSP: 002b:00007f24d6bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 819.143634][T16764] RAX: ffffffffffffffda RBX: 00007f24d8be6180 RCX: 00007f24d898f749 [ 819.143652][T16764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 819.143667][T16764] RBP: 00007f24d8a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 819.143683][T16764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 819.143699][T16764] R13: 00007f24d8be6218 R14: 00007f24d8be6180 R15: 00007ffd4f50e158 [ 819.143732][T16764] [ 819.321929][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 819.328340][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 820.996425][T16803] FAULT_INJECTION: forcing a failure. [ 820.996425][T16803] name failslab, interval 1, probability 0, space 0, times 0 [ 821.081035][T16803] CPU: 1 UID: 0 PID: 16803 Comm: syz.0.2342 Not tainted syzkaller #0 PREEMPT(full) [ 821.081070][T16803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 821.081085][T16803] Call Trace: [ 821.081093][T16803] [ 821.081102][T16803] dump_stack_lvl+0x16c/0x1f0 [ 821.081137][T16803] should_fail_ex+0x512/0x640 [ 821.081180][T16803] should_failslab+0xc2/0x120 [ 821.081213][T16803] kmem_cache_alloc_node_noprof+0x78/0x770 [ 821.081240][T16803] ? __alloc_skb+0x2b2/0x380 [ 821.081284][T16803] ? __alloc_skb+0x2b2/0x380 [ 821.081328][T16803] __alloc_skb+0x2b2/0x380 [ 821.081366][T16803] ? __pfx___alloc_skb+0x10/0x10 [ 821.081403][T16803] ? sctp_bind_addrs_to_raw+0x2c9/0x3e0 [ 821.081440][T16803] _sctp_make_chunk+0x51/0x270 [ 821.081467][T16803] sctp_make_control+0x2f/0x2d0 [ 821.081493][T16803] sctp_make_init+0x6f0/0xdc0 [ 821.081528][T16803] ? __pfx_sctp_make_init+0x10/0x10 [ 821.081555][T16803] ? kernel_text_address+0x8d/0x100 [ 821.081580][T16803] ? unwind_get_return_address+0x59/0xa0 [ 821.081607][T16803] ? arch_stack_walk+0xa6/0x100 [ 821.081634][T16803] ? sctp_sm_lookup_event+0x15b/0x570 [ 821.081660][T16803] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 821.081690][T16803] sctp_sf_do_prm_asoc+0xbf/0x360 [ 821.081726][T16803] ? __pfx_sctp_pname+0x10/0x10 [ 821.081751][T16803] sctp_do_sm+0x181/0x5c80 [ 821.081780][T16803] ? kasan_save_stack+0x42/0x60 [ 821.081808][T16803] ? kasan_save_stack+0x33/0x60 [ 821.081835][T16803] ? kasan_save_track+0x14/0x30 [ 821.081863][T16803] ? __pfx_sctp_do_sm+0x10/0x10 [ 821.081883][T16803] ? sctp_sendmsg+0xe99/0x1e00 [ 821.081919][T16803] ? ____sys_sendmsg+0x973/0xc70 [ 821.081948][T16803] ? ___sys_sendmsg+0x134/0x1d0 [ 821.081969][T16803] ? __sys_sendmmsg+0x200/0x420 [ 821.081992][T16803] ? __x64_sys_sendmmsg+0x9c/0x100 [ 821.082015][T16803] ? do_syscall_64+0xcd/0xfa0 [ 821.082074][T16803] ? sk_leave_memory_pressure+0xdd/0x130 [ 821.082107][T16803] ? __sk_mem_raise_allocated+0x817/0x14b0 [ 821.082141][T16803] sctp_primitive_ASSOCIATE+0x9c/0xd0 [ 821.082184][T16803] sctp_sendmsg_to_asoc+0xa32/0x1bd0 [ 821.082218][T16803] ? sctp_assoc_set_primary+0x177/0x300 [ 821.082253][T16803] ? sctp_assoc_add_peer+0x252/0x1550 [ 821.082300][T16803] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 821.082332][T16803] ? sctp_connect_new_asoc+0x41e/0x770 [ 821.082370][T16803] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 821.082408][T16803] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 821.082445][T16803] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 821.082490][T16803] sctp_sendmsg+0xe99/0x1e00 [ 821.082535][T16803] ? __pfx_sctp_sendmsg+0x10/0x10 [ 821.082570][T16803] ? __pfx___might_resched+0x10/0x10 [ 821.082602][T16803] ? aa_sk_perm+0x2f4/0xb10 [ 821.082631][T16803] ? __pfx_aa_sk_perm+0x10/0x10 [ 821.082664][T16803] ? __pfx_sctp_sendmsg+0x10/0x10 [ 821.082702][T16803] inet_sendmsg+0x11c/0x140 [ 821.082741][T16803] ____sys_sendmsg+0x973/0xc70 [ 821.082775][T16803] ? __pfx_____sys_sendmsg+0x10/0x10 [ 821.082812][T16803] ? __pfx__kstrtoull+0x10/0x10 [ 821.082849][T16803] ___sys_sendmsg+0x134/0x1d0 [ 821.082875][T16803] ? __pfx____sys_sendmsg+0x10/0x10 [ 821.082914][T16803] ? find_held_lock+0x2b/0x80 [ 821.082959][T16803] __sys_sendmmsg+0x200/0x420 [ 821.082988][T16803] ? __pfx___sys_sendmmsg+0x10/0x10 [ 821.083023][T16803] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 821.083068][T16803] ? fput+0x9b/0xd0 [ 821.083102][T16803] ? ksys_write+0x1ac/0x250 [ 821.083128][T16803] ? __pfx_ksys_write+0x10/0x10 [ 821.083160][T16803] __x64_sys_sendmmsg+0x9c/0x100 [ 821.083185][T16803] ? lockdep_hardirqs_on+0x7c/0x110 [ 821.083215][T16803] do_syscall_64+0xcd/0xfa0 [ 821.083247][T16803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 821.083272][T16803] RIP: 0033:0x7f1bac78f749 [ 821.083298][T16803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 821.083322][T16803] RSP: 002b:00007f1bad5cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 821.083346][T16803] RAX: ffffffffffffffda RBX: 00007f1bac9e5fa0 RCX: 00007f1bac78f749 [ 821.083362][T16803] RDX: 0000000000000005 RSI: 0000200000000100 RDI: 0000000000000003 [ 821.083377][T16803] RBP: 00007f1bad5cb090 R08: 0000000000000000 R09: 0000000000000000 [ 821.083392][T16803] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000002 [ 821.083407][T16803] R13: 00007f1bac9e6038 R14: 00007f1bac9e5fa0 R15: 00007fff4797a6b8 [ 821.083440][T16803] [ 822.845252][T16832] capability: warning: `syz.0.2352' uses 32-bit capabilities (legacy support in use) [ 823.260419][T11734] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 823.270255][T11734] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 823.280044][T11734] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 823.288356][T11734] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 823.300867][T11734] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 823.714984][T16842] ptrace attach of "./syz-executor exec"[16845] was attempted by "./syz-executor exec"[16842] [ 825.082277][T15958] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 825.334679][T11734] Bluetooth: hci4: command tx timeout [ 825.400815][T15958] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 825.769509][T15958] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 825.792173][T16838] chnl_net:caif_netlink_parms(): no params data found [ 825.830809][T15958] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 826.282672][T16838] bridge0: port 1(bridge_slave_0) entered blocking state [ 826.325447][T16838] bridge0: port 1(bridge_slave_0) entered disabled state [ 826.355310][T16838] bridge_slave_0: entered allmulticast mode [ 826.384756][T16838] bridge_slave_0: entered promiscuous mode [ 826.526088][T16838] bridge0: port 2(bridge_slave_1) entered blocking state [ 826.574875][T16838] bridge0: port 2(bridge_slave_1) entered disabled state [ 826.582132][T16838] bridge_slave_1: entered allmulticast mode [ 826.677038][T16838] bridge_slave_1: entered promiscuous mode [ 826.888411][T16838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 826.931542][T15958] bridge_slave_1: left allmulticast mode [ 826.945814][T15958] bridge_slave_1: left promiscuous mode [ 826.973296][T15958] bridge0: port 2(bridge_slave_1) entered disabled state [ 827.036348][T15958] bridge_slave_0: left allmulticast mode [ 827.068289][T15958] bridge_slave_0: left promiscuous mode [ 827.096724][T15958] bridge0: port 1(bridge_slave_0) entered disabled state [ 827.416331][T11734] Bluetooth: hci4: command tx timeout [ 828.554925][T15958] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 828.585673][T15958] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 828.611206][T15958] bond0 (unregistering): Released all slaves [ 828.731114][T16838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 828.754145][T16902] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12 [ 828.816672][T16902] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12 [ 828.873163][T16902] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 828.988507][T16838] team0: Port device team_slave_0 added [ 829.063005][T16926] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2367'. [ 829.160499][T16838] team0: Port device team_slave_1 added [ 829.495574][T11734] Bluetooth: hci4: command tx timeout [ 829.547323][T16838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 829.554323][T16838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 829.697297][T16838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 829.784223][T15958] hsr_slave_0: left promiscuous mode [ 829.822917][T15958] hsr_slave_1: left promiscuous mode [ 829.930148][T15958] veth1_macvtap: left promiscuous mode [ 829.968740][T15958] veth0_macvtap: left promiscuous mode [ 829.998050][T15958] veth1_vlan: left promiscuous mode [ 830.003586][T15958] veth0_vlan: left promiscuous mode [ 831.329002][T15958] team0 (unregistering): Port device team_slave_1 removed [ 831.369715][T15958] team0 (unregistering): Port device team_slave_0 removed [ 831.577616][T11734] Bluetooth: hci4: command tx timeout [ 831.791967][T16838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 831.801697][T16838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 831.849136][T16838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 832.140293][T16838] hsr_slave_0: entered promiscuous mode [ 832.177056][T16838] hsr_slave_1: entered promiscuous mode [ 832.205749][T16838] debugfs: 'hsr0' already exists in 'hsr' [ 832.225407][T16838] Cannot create hsr debugfs directory [ 832.496698][T16971] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 832.639426][T16971] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 834.529378][T16982] FAULT_INJECTION: forcing a failure. [ 834.529378][T16982] name failslab, interval 1, probability 0, space 0, times 0 [ 834.643373][T16982] CPU: 1 UID: 0 PID: 16982 Comm: syz.2.2375 Not tainted syzkaller #0 PREEMPT(full) [ 834.643410][T16982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 834.643427][T16982] Call Trace: [ 834.643435][T16982] [ 834.643453][T16982] dump_stack_lvl+0x16c/0x1f0 [ 834.643490][T16982] should_fail_ex+0x512/0x640 [ 834.643531][T16982] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 834.643562][T16982] should_failslab+0xc2/0x120 [ 834.643598][T16982] kmem_cache_alloc_noprof+0x75/0x6e0 [ 834.643624][T16982] ? vm_area_alloc+0x1f/0x160 [ 834.643653][T16982] ? vm_area_alloc+0x1f/0x160 [ 834.643674][T16982] vm_area_alloc+0x1f/0x160 [ 834.643696][T16982] create_init_stack_vma+0x29/0x700 [ 834.643731][T16982] alloc_bprm+0x420/0x710 [ 834.643760][T16982] do_execveat_common.isra.0+0x1ce/0x610 [ 834.643794][T16982] __x64_sys_execve+0x8e/0xb0 [ 834.643822][T16982] do_syscall_64+0xcd/0xfa0 [ 834.643856][T16982] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 834.643883][T16982] RIP: 0033:0x7f6954b8f749 [ 834.643904][T16982] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 834.643929][T16982] RSP: 002b:00007f6955a34038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 834.643954][T16982] RAX: ffffffffffffffda RBX: 00007f6954de6090 RCX: 00007f6954b8f749 [ 834.643972][T16982] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 834.643987][T16982] RBP: 00007f6954c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 834.644003][T16982] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 834.644018][T16982] R13: 00007f6954de6128 R14: 00007f6954de6090 R15: 00007ffcc799c6f8 [ 834.644051][T16982] [ 835.196603][T16838] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 835.288610][T16838] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 835.348947][T16838] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 835.397789][T16838] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 835.829061][T17032] FAULT_INJECTION: forcing a failure. [ 835.829061][T17032] name failslab, interval 1, probability 0, space 0, times 0 [ 835.920860][T17032] CPU: 1 UID: 0 PID: 17032 Comm: syz.3.2386 Not tainted syzkaller #0 PREEMPT(full) [ 835.920895][T17032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 835.920910][T17032] Call Trace: [ 835.920919][T17032] [ 835.920928][T17032] dump_stack_lvl+0x16c/0x1f0 [ 835.920965][T17032] should_fail_ex+0x512/0x640 [ 835.921004][T17032] ? __kmalloc_noprof+0xca/0x880 [ 835.921055][T17032] should_failslab+0xc2/0x120 [ 835.921090][T17032] __kmalloc_noprof+0xdd/0x880 [ 835.921134][T17032] ? __pfx_sprintf+0x10/0x10 [ 835.921160][T17032] ? __x64_sys_openat+0x174/0x210 [ 835.921199][T17032] ? ima_write_template_field_data+0x5d/0x1f0 [ 835.921236][T17032] ? ima_write_template_field_data+0x5d/0x1f0 [ 835.921267][T17032] ima_write_template_field_data+0x5d/0x1f0 [ 835.921304][T17032] ima_eventdigest_init_common+0x154/0x430 [ 835.921339][T17032] ? __pfx_ima_eventdigest_init_common+0x10/0x10 [ 835.921391][T17032] ? trace_kmalloc+0x2b/0xd0 [ 835.921422][T17032] ? __kmalloc_noprof+0x34f/0x880 [ 835.921460][T17032] ? __pfx_prepend_path+0x10/0x10 [ 835.921495][T17032] ? ima_alloc_init_template+0x19d/0x720 [ 835.921525][T17032] ima_alloc_init_template+0x3a0/0x720 [ 835.921557][T17032] ima_store_measurement+0x1eb/0x5c0 [ 835.921585][T17032] ? __pfx_ima_store_measurement+0x10/0x10 [ 835.921611][T17032] ? vfs_getxattr_alloc+0xec/0x350 [ 835.921646][T17032] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 835.921688][T17032] process_measurement+0x1ddb/0x23e0 [ 835.921738][T17032] ? __pfx_process_measurement+0x10/0x10 [ 835.921787][T17032] ? rcu_read_unlock+0x17/0x60 [ 835.921849][T17032] ? seq_open+0x116/0x170 [ 835.921883][T17032] ? inode_to_bdi+0x9e/0x160 [ 835.921919][T17032] ima_file_check+0xc5/0x110 [ 835.921956][T17032] ? __pfx_ima_file_check+0x10/0x10 [ 835.922001][T17032] security_file_post_open+0x8e/0x210 [ 835.922029][T17032] path_openat+0x1404/0x2cb0 [ 835.922076][T17032] ? __pfx_path_openat+0x10/0x10 [ 835.922106][T17032] ? __lock_acquire+0xb8a/0x1c90 [ 835.922145][T17032] do_filp_open+0x20b/0x470 [ 835.922174][T17032] ? __pfx_do_filp_open+0x10/0x10 [ 835.922225][T17032] ? alloc_fd+0x471/0x7d0 [ 835.922259][T17032] do_sys_openat2+0x11b/0x1d0 [ 835.922297][T17032] ? __pfx_do_sys_openat2+0x10/0x10 [ 835.922338][T17032] ? __fget_files+0x20e/0x3c0 [ 835.922369][T17032] __x64_sys_openat+0x174/0x210 [ 835.922408][T17032] ? __pfx___x64_sys_openat+0x10/0x10 [ 835.922446][T17032] ? ksys_write+0x1ac/0x250 [ 835.922485][T17032] do_syscall_64+0xcd/0xfa0 [ 835.922518][T17032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 835.922544][T17032] RIP: 0033:0x7f1fd478f749 [ 835.922565][T17032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 835.922589][T17032] RSP: 002b:00007f1fd563f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 835.922612][T17032] RAX: ffffffffffffffda RBX: 00007f1fd49e5fa0 RCX: 00007f1fd478f749 [ 835.922630][T17032] RDX: 0000000000100242 RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 835.922660][T17032] RBP: 00007f1fd563f090 R08: 0000000000000000 R09: 0000000000000000 [ 835.922675][T17032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 835.922690][T17032] R13: 00007f1fd49e6038 R14: 00007f1fd49e5fa0 R15: 00007fff9a4f0ed8 [ 835.922725][T17032] [ 835.923631][ T30] audit: type=1804 audit(1763946933.646:5): pid=17032 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.3.2386" name="/newroot/sys/kernel/tracing/set_event_notrace_pid" dev="tracefs" ino=22 res=0 errno=0 [ 836.318778][T16838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 836.385708][T16838] 8021q: adding VLAN 0 to HW filter on device team0 [ 836.532919][T16838] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 836.562016][T16838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 836.654886][T15944] bridge0: port 1(bridge_slave_0) entered blocking state [ 836.662068][T15944] bridge0: port 1(bridge_slave_0) entered forwarding state [ 836.711473][T15944] bridge0: port 2(bridge_slave_1) entered blocking state [ 836.718723][T15944] bridge0: port 2(bridge_slave_1) entered forwarding state [ 837.553487][T16838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 837.805256][T16838] veth0_vlan: entered promiscuous mode [ 837.893968][T16838] veth1_vlan: entered promiscuous mode [ 838.068199][T16838] veth0_macvtap: entered promiscuous mode [ 838.249994][T16838] veth1_macvtap: entered promiscuous mode [ 838.404327][T16838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 838.531358][T16838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 838.614138][T15944] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 838.672520][T15944] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 838.733129][T15944] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 838.790111][T15944] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 839.282014][T15942] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 839.331459][T15942] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 839.497863][T15944] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 839.541020][T15944] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 839.550120][T17086] netlink: 186 bytes leftover after parsing attributes in process `syz.3.2395'. [ 841.431541][T17123] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 841.454919][T17123] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 841.476383][T17123] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 841.486201][T17123] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 841.505616][T17123] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 842.169395][T15956] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 842.506001][T15956] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 842.769948][T15956] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 843.189776][T15956] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 843.467054][T17144] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2402'. [ 843.581207][T17123] Bluetooth: hci0: command tx timeout [ 843.697693][T17144] ipvlan0: entered promiscuous mode [ 843.702989][T17144] ipvlan0: entered allmulticast mode [ 843.800878][T17144] veth0_vlan: entered allmulticast mode [ 844.323898][T15956] bridge_slave_1: left allmulticast mode [ 844.364082][T15956] bridge_slave_1: left promiscuous mode [ 844.405327][T15956] bridge0: port 2(bridge_slave_1) entered disabled state [ 844.475460][T15956] bridge_slave_0: left allmulticast mode [ 844.481160][T15956] bridge_slave_0: left promiscuous mode [ 844.517913][T15956] bridge0: port 1(bridge_slave_0) entered disabled state [ 845.565470][T15956] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 845.587479][T15956] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 845.609513][T15956] bond0 (unregistering): Released all slaves [ 845.654633][T17123] Bluetooth: hci0: command tx timeout [ 845.699190][T17121] chnl_net:caif_netlink_parms(): no params data found [ 846.961010][T15956] hsr_slave_0: left promiscuous mode [ 847.016268][T15956] hsr_slave_1: left promiscuous mode [ 847.093016][T15956] veth1_macvtap: left promiscuous mode [ 847.144622][T15956] veth0_macvtap: left promiscuous mode [ 847.170657][T15956] veth1_vlan: left promiscuous mode [ 847.195857][T15956] veth0_vlan: left promiscuous mode [ 847.734942][T11734] Bluetooth: hci0: command tx timeout [ 848.056907][T17123] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 848.435848][T15956] team0 (unregistering): Port device team_slave_1 removed [ 848.515882][T15956] team0 (unregistering): Port device team_slave_0 removed [ 849.341436][T17121] bridge0: port 1(bridge_slave_0) entered blocking state [ 849.387673][T17121] bridge0: port 1(bridge_slave_0) entered disabled state [ 849.419399][T17121] bridge_slave_0: entered allmulticast mode [ 849.436215][T17121] bridge_slave_0: entered promiscuous mode [ 849.466318][T17121] bridge0: port 2(bridge_slave_1) entered blocking state [ 849.473501][T17121] bridge0: port 2(bridge_slave_1) entered disabled state [ 849.525960][T17121] bridge_slave_1: entered allmulticast mode [ 849.553345][T17121] bridge_slave_1: entered promiscuous mode [ 849.642208][T17199] netlink: 'syz.3.2408': attribute type 1 has an invalid length. [ 849.674587][T17199] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2408'. [ 849.814839][T17123] Bluetooth: hci0: command tx timeout [ 849.823726][T17121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 849.872551][T17121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 849.940426][T17205] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2409'. [ 850.326382][T17121] team0: Port device team_slave_0 added [ 850.366536][T17121] team0: Port device team_slave_1 added [ 850.728430][T17121] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 850.763781][T17121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 850.884253][T17121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 851.089881][T17121] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 851.119385][T17121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 851.239694][T17121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 851.661085][T17121] hsr_slave_0: entered promiscuous mode [ 851.691083][T17121] hsr_slave_1: entered promiscuous mode [ 851.734386][T17121] debugfs: 'hsr0' already exists in 'hsr' [ 851.758966][T17121] Cannot create hsr debugfs directory [ 853.728973][T17259] ptrace attach of "./syz-executor exec"[17260] was attempted by "./syz-executor exec"[17259] [ 854.116899][T17121] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 854.176606][T17121] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 854.549797][T17121] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 854.642132][T17121] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 856.076555][T17121] 8021q: adding VLAN 0 to HW filter on device bond0 [ 856.235689][T17121] 8021q: adding VLAN 0 to HW filter on device team0 [ 856.476264][T15956] bridge0: port 1(bridge_slave_0) entered blocking state [ 856.483513][T15956] bridge0: port 1(bridge_slave_0) entered forwarding state [ 856.571168][T15956] bridge0: port 2(bridge_slave_1) entered blocking state [ 856.578407][T15956] bridge0: port 2(bridge_slave_1) entered forwarding state [ 858.124380][T17121] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 858.322980][T17121] veth0_vlan: entered promiscuous mode [ 858.410597][T17121] veth1_vlan: entered promiscuous mode [ 858.655917][T17121] veth0_macvtap: entered promiscuous mode [ 858.696813][T17123] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 858.731264][T17121] veth1_macvtap: entered promiscuous mode [ 858.969598][T17121] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 859.059173][T17121] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 859.168809][T15943] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 859.204366][T15943] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 859.395703][T15943] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 859.444172][T15943] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 859.528735][T17356] ptrace attach of "./syz-executor exec"[17358] was attempted by "./syz-executor exec"[17356] [ 860.047398][T15943] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 860.100283][T15943] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 860.313661][T15943] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 860.346148][T15943] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 860.471598][T17369] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2427'. [ 860.709038][T17374] netlink: 350 bytes leftover after parsing attributes in process `syz.0.2396'. [ 861.168171][T17379] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2429'. [ 862.312487][T11734] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 862.321814][T11734] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 862.330771][T11734] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 862.339114][T11734] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 862.352049][T11734] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 863.356740][T11734] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 863.356780][T11734] Bluetooth: hci4: unexpected subevent 0x0e length: 725 > 15 [ 863.373055][T11734] Bluetooth: hci4: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 863.408028][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 863.502926][T17397] chnl_net:caif_netlink_parms(): no params data found [ 863.638606][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 863.970126][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 864.046162][T17425] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 864.182170][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 864.375509][T11734] Bluetooth: hci2: command tx timeout [ 864.674842][T17397] bridge0: port 1(bridge_slave_0) entered blocking state [ 864.711221][T17397] bridge0: port 1(bridge_slave_0) entered disabled state [ 864.726131][T17397] bridge_slave_0: entered allmulticast mode [ 864.753402][T17397] bridge_slave_0: entered promiscuous mode [ 864.835225][T17397] bridge0: port 2(bridge_slave_1) entered blocking state [ 864.842551][T17397] bridge0: port 2(bridge_slave_1) entered disabled state [ 864.884884][T17397] bridge_slave_1: entered allmulticast mode [ 864.912850][T17397] bridge_slave_1: entered promiscuous mode [ 865.052370][T17397] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 865.114014][T17397] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 865.208367][T11734] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 865.208404][T11734] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15 [ 865.225851][T11734] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 865.327007][T17397] team0: Port device team_slave_0 added [ 865.353166][T17397] team0: Port device team_slave_1 added [ 865.429154][T17397] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 865.444069][T17397] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 865.503341][T17397] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 865.531442][T17397] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 865.547996][T17397] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 865.604697][T17397] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 865.785993][T17397] hsr_slave_0: entered promiscuous mode [ 865.802602][T17397] hsr_slave_1: entered promiscuous mode [ 865.827955][T17397] debugfs: 'hsr0' already exists in 'hsr' [ 865.847847][T17397] Cannot create hsr debugfs directory [ 866.065318][T17455] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2446'. [ 866.456124][T11734] Bluetooth: hci2: command tx timeout [ 866.565686][T11734] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 866.565723][T11734] Bluetooth: hci0: unexpected subevent 0x0e length: 725 > 15 [ 866.580904][T11734] Bluetooth: hci0: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 866.722957][T17463] bond0: option lacp_rate: mode dependency failed, not supported in mode balance-rr(0) [ 866.874389][T17466] FAULT_INJECTION: forcing a failure. [ 866.874389][T17466] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 866.889051][T17466] CPU: 1 UID: 0 PID: 17466 Comm: syz.1.2449 Not tainted syzkaller #0 PREEMPT(full) [ 866.889090][T17466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 866.889107][T17466] Call Trace: [ 866.889116][T17466] [ 866.889126][T17466] dump_stack_lvl+0x16c/0x1f0 [ 866.889166][T17466] should_fail_ex+0x512/0x640 [ 866.889213][T17466] _copy_from_iter+0x29f/0x1720 [ 866.889259][T17466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 866.889309][T17466] ? __pfx__copy_from_iter+0x10/0x10 [ 866.889361][T17466] ? alloc_pages_mpol+0x25a/0x550 [ 866.889400][T17466] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 866.889443][T17466] copy_page_from_iter+0xde/0x180 [ 866.889491][T17466] anon_pipe_write+0xed5/0x1bd0 [ 866.889536][T17466] ? futex_hash+0x250/0x380 [ 866.889576][T17466] ? __pfx_anon_pipe_write+0x10/0x10 [ 866.889610][T17466] ? common_file_perm+0x1a9/0x340 [ 866.889640][T17466] ? bpf_lsm_file_permission+0x9/0x10 [ 866.889673][T17466] ? security_file_permission+0x71/0x210 [ 866.889704][T17466] ? rw_verify_area+0xcf/0x6c0 [ 866.889732][T17466] vfs_write+0x7d3/0x11d0 [ 866.889762][T17466] ? __pfx_anon_pipe_write+0x10/0x10 [ 866.889798][T17466] ? __pfx_vfs_write+0x10/0x10 [ 866.889837][T17466] ? find_held_lock+0x2b/0x80 [ 866.889887][T17466] ksys_write+0x1f8/0x250 [ 866.889916][T17466] ? __pfx_ksys_write+0x10/0x10 [ 866.889955][T17466] do_syscall_64+0xcd/0xfa0 [ 866.889991][T17466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 866.890019][T17466] RIP: 0033:0x7f06a7b8f749 [ 866.890042][T17466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 866.890068][T17466] RSP: 002b:00007f06a8957038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 866.890094][T17466] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b8f749 [ 866.890112][T17466] RDX: 000000000400001f RSI: 0000000000000000 RDI: 0000000000000000 [ 866.890129][T17466] RBP: 00007f06a7c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 866.890145][T17466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 866.890162][T17466] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 866.890197][T17466] [ 867.363756][T17471] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2452'. [ 867.382992][T17471] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 867.400905][T17471] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 867.425521][T17471] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 867.432979][T17471] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 867.825574][T17481] FAULT_INJECTION: forcing a failure. [ 867.825574][T17481] name failslab, interval 1, probability 0, space 0, times 0 [ 867.887112][T17481] CPU: 1 UID: 0 PID: 17481 Comm: syz.0.2453 Not tainted syzkaller #0 PREEMPT(full) [ 867.887148][T17481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 867.887164][T17481] Call Trace: [ 867.887173][T17481] [ 867.887182][T17481] dump_stack_lvl+0x16c/0x1f0 [ 867.887219][T17481] should_fail_ex+0x512/0x640 [ 867.887260][T17481] ? fs_reclaim_acquire+0xae/0x150 [ 867.887298][T17481] should_failslab+0xc2/0x120 [ 867.887333][T17481] __kmalloc_noprof+0xdd/0x880 [ 867.887376][T17481] ? tomoyo_encode2+0x100/0x3e0 [ 867.887415][T17481] ? tomoyo_encode2+0x100/0x3e0 [ 867.887443][T17481] tomoyo_encode2+0x100/0x3e0 [ 867.887483][T17481] tomoyo_encode+0x29/0x50 [ 867.887512][T17481] tomoyo_realpath_from_path+0x18f/0x6e0 [ 867.887552][T17481] tomoyo_get_exe+0x63/0xa0 [ 867.887590][T17481] tomoyo_write_control+0x689/0x1430 [ 867.887642][T17481] ? __pfx_tomoyo_write_control+0x10/0x10 [ 867.887688][T17481] ? __pfx_tomoyo_write+0x10/0x10 [ 867.887717][T17481] vfs_write+0x2a0/0x11d0 [ 867.887751][T17481] ? __pfx___mutex_lock+0x10/0x10 [ 867.887785][T17481] ? __pfx_vfs_write+0x10/0x10 [ 867.887825][T17481] ? __fget_files+0x20e/0x3c0 [ 867.887861][T17481] ksys_write+0x12a/0x250 [ 867.887888][T17481] ? __pfx_ksys_write+0x10/0x10 [ 867.887928][T17481] do_syscall_64+0xcd/0xfa0 [ 867.887962][T17481] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 867.887989][T17481] RIP: 0033:0x7f837d58f749 [ 867.888010][T17481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 867.888035][T17481] RSP: 002b:00007f837e4a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 867.888059][T17481] RAX: ffffffffffffffda RBX: 00007f837d7e6090 RCX: 00007f837d58f749 [ 867.888076][T17481] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 867.888092][T17481] RBP: 00007f837e4a2090 R08: 0000000000000000 R09: 0000000000000000 [ 867.888108][T17481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 867.888123][T17481] R13: 00007f837d7e6128 R14: 00007f837d7e6090 R15: 00007ffc0c9e39e8 [ 867.888157][T17481] [ 867.891682][T17481] ERROR: Out of memory at tomoyo_realpath_from_path. [ 868.534745][T11734] Bluetooth: hci2: command tx timeout [ 868.699680][T17493] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 869.932196][T17517] kAFS: unparsable volume name [ 870.615328][T11734] Bluetooth: hci2: command tx timeout [ 871.582476][T17554] FAULT_INJECTION: forcing a failure. [ 871.582476][T17554] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 871.615462][T17554] CPU: 1 UID: 0 PID: 17554 Comm: syz.1.2471 Not tainted syzkaller #0 PREEMPT(full) [ 871.615499][T17554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 871.615515][T17554] Call Trace: [ 871.615524][T17554] [ 871.615533][T17554] dump_stack_lvl+0x16c/0x1f0 [ 871.615569][T17554] should_fail_ex+0x512/0x640 [ 871.615613][T17554] _copy_from_user+0x2e/0xd0 [ 871.615655][T17554] core_sys_select+0x35b/0xc20 [ 871.615689][T17554] ? __pfx_core_sys_select+0x10/0x10 [ 871.615720][T17554] ? proc_fail_nth_write+0x9f/0x220 [ 871.615772][T17554] ? do_sys_openat2+0x157/0x1d0 [ 871.615809][T17554] ? __pfx_do_sys_openat2+0x10/0x10 [ 871.615854][T17554] kern_select+0x15d/0x1e0 [ 871.615879][T17554] ? __pfx_kern_select+0x10/0x10 [ 871.615908][T17554] ? __pfx_ksys_write+0x10/0x10 [ 871.615942][T17554] __x64_sys_select+0xbd/0x160 [ 871.615966][T17554] ? do_syscall_64+0x91/0xfa0 [ 871.615997][T17554] ? lockdep_hardirqs_on+0x7c/0x110 [ 871.616028][T17554] do_syscall_64+0xcd/0xfa0 [ 871.616068][T17554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 871.616095][T17554] RIP: 0033:0x7f06a7b8f749 [ 871.616115][T17554] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 871.616141][T17554] RSP: 002b:00007f06a8957038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 871.616165][T17554] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b8f749 [ 871.616183][T17554] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 871.616198][T17554] RBP: 00007f06a8957090 R08: 0000000000000000 R09: 0000000000000000 [ 871.616214][T17554] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 871.616230][T17554] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 871.616263][T17554] [ 872.206420][T17559] mkiss: ax0: crc mode is auto. [ 872.337131][T17562] workqueue: max_active 110227046 requested for writeback is out of range, clamping between 1 and 2048 [ 872.867166][T17580] FAULT_INJECTION: forcing a failure. [ 872.867166][T17580] name failslab, interval 1, probability 0, space 0, times 0 [ 872.902770][T17580] CPU: 1 UID: 0 PID: 17580 Comm: syz.0.2478 Not tainted syzkaller #0 PREEMPT(full) [ 872.902803][T17580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 872.902819][T17580] Call Trace: [ 872.902827][T17580] [ 872.902836][T17580] dump_stack_lvl+0x16c/0x1f0 [ 872.902872][T17580] should_fail_ex+0x512/0x640 [ 872.902909][T17580] ? fs_reclaim_acquire+0xae/0x150 [ 872.902954][T17580] should_failslab+0xc2/0x120 [ 872.902987][T17580] __kmalloc_noprof+0xdd/0x880 [ 872.903028][T17580] ? tomoyo_encode2+0x100/0x3e0 [ 872.903061][T17580] ? tomoyo_encode2+0x100/0x3e0 [ 872.903088][T17580] tomoyo_encode2+0x100/0x3e0 [ 872.903119][T17580] tomoyo_encode+0x29/0x50 [ 872.903148][T17580] tomoyo_realpath_from_path+0x18f/0x6e0 [ 872.903181][T17580] ? tomoyo_profile+0x47/0x60 [ 872.903216][T17580] tomoyo_path_number_perm+0x245/0x580 [ 872.903239][T17580] ? tomoyo_path_number_perm+0x237/0x580 [ 872.903265][T17580] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 872.903291][T17580] ? find_held_lock+0x2b/0x80 [ 872.903343][T17580] ? find_held_lock+0x2b/0x80 [ 872.903367][T17580] ? hook_file_ioctl_common+0x145/0x410 [ 872.903400][T17580] ? __fget_files+0x20e/0x3c0 [ 872.903430][T17580] security_file_ioctl+0x9b/0x240 [ 872.903456][T17580] __x64_sys_ioctl+0xb7/0x210 [ 872.903494][T17580] do_syscall_64+0xcd/0xfa0 [ 872.903525][T17580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 872.903549][T17580] RIP: 0033:0x7f837d58f749 [ 872.903568][T17580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 872.903593][T17580] RSP: 002b:00007f837e4a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 872.903616][T17580] RAX: ffffffffffffffda RBX: 00007f837d7e6090 RCX: 00007f837d58f749 [ 872.903633][T17580] RDX: 0000000000000000 RSI: 0000000000001261 RDI: 000000000000000a [ 872.903648][T17580] RBP: 00007f837e4a2090 R08: 0000000000000000 R09: 0000000000000000 [ 872.903663][T17580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 872.903678][T17580] R13: 00007f837d7e6128 R14: 00007f837d7e6090 R15: 00007ffc0c9e39e8 [ 872.903711][T17580] [ 872.903733][T17580] ERROR: Out of memory at tomoyo_realpath_from_path. [ 877.036732][T17666] FAULT_INJECTION: forcing a failure. [ 877.036732][T17666] name fail_futex, interval 1, probability 0, space 0, times 0 [ 877.064826][T17666] CPU: 1 UID: 0 PID: 17666 Comm: syz.0.2494 Not tainted syzkaller #0 PREEMPT(full) [ 877.064863][T17666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 877.064879][T17666] Call Trace: [ 877.064888][T17666] [ 877.064899][T17666] dump_stack_lvl+0x16c/0x1f0 [ 877.064936][T17666] should_fail_ex+0x512/0x640 [ 877.064981][T17666] get_futex_key+0x293/0x1560 [ 877.065017][T17666] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 877.065062][T17666] ? __pfx_get_futex_key+0x10/0x10 [ 877.065092][T17666] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 877.065137][T17666] ? ktime_add_safe+0x60/0x70 [ 877.065180][T17666] futex_lock_pi+0x1cc/0x7c0 [ 877.065224][T17666] ? __pfx_futex_lock_pi+0x10/0x10 [ 877.065263][T17666] ? __futex_wait+0x24b/0x2f0 [ 877.065294][T17666] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 877.065356][T17666] ? __pfx_futex_wake_mark+0x10/0x10 [ 877.065401][T17666] ? __might_fault+0xe3/0x190 [ 877.065426][T17666] ? __might_fault+0xe3/0x190 [ 877.065450][T17666] ? __might_fault+0x13b/0x190 [ 877.065485][T17666] do_futex+0x11a/0x350 [ 877.065520][T17666] ? __pfx_do_futex+0x10/0x10 [ 877.065564][T17666] __x64_sys_futex+0x1e0/0x4c0 [ 877.065604][T17666] ? __pfx___x64_sys_futex+0x10/0x10 [ 877.065640][T17666] ? xfd_validate_state+0x61/0x180 [ 877.065684][T17666] ? __pfx_ksys_write+0x10/0x10 [ 877.065723][T17666] do_syscall_64+0xcd/0xfa0 [ 877.065757][T17666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 877.065785][T17666] RIP: 0033:0x7f837d58f749 [ 877.065805][T17666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 877.065831][T17666] RSP: 002b:00007f837e4c3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 877.065855][T17666] RAX: ffffffffffffffda RBX: 00007f837d7e5fa0 RCX: 00007f837d58f749 [ 877.065873][T17666] RDX: 0000000000000004 RSI: 000000000000000d RDI: 0000000000000000 [ 877.065889][T17666] RBP: 00007f837d613f91 R08: 0000000000000000 R09: 0000000000000008 [ 877.065905][T17666] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 877.065922][T17666] R13: 00007f837d7e6038 R14: 00007f837d7e5fa0 R15: 00007ffc0c9e39e8 [ 877.065955][T17666] [ 877.971654][T17671] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 879.434054][T17696] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2504'. [ 879.470311][T17696] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2504'. [ 879.715785][T17699] FAULT_INJECTION: forcing a failure. [ 879.715785][T17699] name failslab, interval 1, probability 0, space 0, times 0 [ 879.757139][T17699] CPU: 1 UID: 0 PID: 17699 Comm: syz.0.2505 Not tainted syzkaller #0 PREEMPT(full) [ 879.757174][T17699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 879.757189][T17699] Call Trace: [ 879.757198][T17699] [ 879.757207][T17699] dump_stack_lvl+0x16c/0x1f0 [ 879.757243][T17699] should_fail_ex+0x512/0x640 [ 879.757281][T17699] ? __kmalloc_cache_noprof+0x5f/0x780 [ 879.757309][T17699] should_failslab+0xc2/0x120 [ 879.757342][T17699] __kmalloc_cache_noprof+0x72/0x780 [ 879.757366][T17699] ? alloc_workqueue_attrs_noprof+0x40/0x100 [ 879.757412][T17699] ? alloc_workqueue_attrs_noprof+0x40/0x100 [ 879.757442][T17699] alloc_workqueue_attrs_noprof+0x40/0x100 [ 879.757473][T17699] padata_set_cpumask+0x373/0x510 [ 879.757513][T17699] store_cpumask+0x120/0x1a0 [ 879.757544][T17699] ? __pfx_store_cpumask+0x10/0x10 [ 879.757577][T17699] ? find_held_lock+0x2b/0x80 [ 879.757607][T17699] ? __pfx_store_cpumask+0x10/0x10 [ 879.757638][T17699] padata_sysfs_store+0x5c/0x90 [ 879.757670][T17699] ? __pfx_padata_sysfs_store+0x10/0x10 [ 879.757701][T17699] sysfs_kf_write+0xf2/0x150 [ 879.757731][T17699] kernfs_fop_write_iter+0x3af/0x570 [ 879.757753][T17699] ? __pfx_sysfs_kf_write+0x10/0x10 [ 879.757784][T17699] vfs_write+0x7d3/0x11d0 [ 879.757813][T17699] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 879.757838][T17699] ? __pfx___mutex_lock+0x10/0x10 [ 879.757871][T17699] ? __pfx_vfs_write+0x10/0x10 [ 879.757918][T17699] ksys_write+0x12a/0x250 [ 879.757945][T17699] ? __pfx_ksys_write+0x10/0x10 [ 879.757981][T17699] do_syscall_64+0xcd/0xfa0 [ 879.758014][T17699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 879.758039][T17699] RIP: 0033:0x7f837d58f749 [ 879.758058][T17699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 879.758082][T17699] RSP: 002b:00007f837e4c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 879.758105][T17699] RAX: ffffffffffffffda RBX: 00007f837d7e5fa0 RCX: 00007f837d58f749 [ 879.758122][T17699] RDX: 0000080000000000 RSI: 0000200000000040 RDI: 0000000000000003 [ 879.758138][T17699] RBP: 00007f837e4c3090 R08: 0000000000000000 R09: 0000000000000000 [ 879.758153][T17699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 879.758169][T17699] R13: 00007f837d7e6038 R14: 00007f837d7e5fa0 R15: 00007ffc0c9e39e8 [ 879.758202][T17699] [ 880.617908][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 880.624378][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 880.683384][T17123] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 880.693139][T17123] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 880.712479][T17123] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 880.721172][T17123] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 880.730356][T17123] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 881.005686][T17715] FAULT_INJECTION: forcing a failure. [ 881.005686][T17715] name failslab, interval 1, probability 0, space 0, times 0 [ 881.023847][T17715] CPU: 1 UID: 0 PID: 17715 Comm: syz.1.2509 Not tainted syzkaller #0 PREEMPT(full) [ 881.023881][T17715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 881.023897][T17715] Call Trace: [ 881.023905][T17715] [ 881.023915][T17715] dump_stack_lvl+0x16c/0x1f0 [ 881.023951][T17715] should_fail_ex+0x512/0x640 [ 881.023991][T17715] ? fs_reclaim_acquire+0xae/0x150 [ 881.024040][T17715] should_failslab+0xc2/0x120 [ 881.024074][T17715] __kmalloc_noprof+0xdd/0x880 [ 881.024113][T17715] ? kfree+0x252/0x6d0 [ 881.024132][T17715] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 881.024167][T17715] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 881.024196][T17715] tomoyo_realpath_from_path+0xc2/0x6e0 [ 881.024234][T17715] tomoyo_check_open_permission+0x2ab/0x3c0 [ 881.024260][T17715] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 881.024312][T17715] ? lock_acquire+0x179/0x350 [ 881.024354][T17715] ? find_held_lock+0x2b/0x80 [ 881.024380][T17715] ? mnt_get_write_access+0x52/0x2f0 [ 881.024418][T17715] tomoyo_file_open+0x6b/0x90 [ 881.024456][T17715] security_file_open+0x84/0x1e0 [ 881.024484][T17715] do_dentry_open+0x596/0x1530 [ 881.024522][T17715] vfs_open+0x82/0x3f0 [ 881.024561][T17715] path_openat+0x1de4/0x2cb0 [ 881.024599][T17715] ? __pfx_path_openat+0x10/0x10 [ 881.024635][T17715] do_filp_open+0x20b/0x470 [ 881.024662][T17715] ? __pfx_do_filp_open+0x10/0x10 [ 881.024711][T17715] ? _raw_spin_unlock+0x28/0x50 [ 881.024737][T17715] ? alloc_fd+0x471/0x7d0 [ 881.024769][T17715] do_sys_openat2+0x11b/0x1d0 [ 881.024806][T17715] ? __pfx_do_sys_openat2+0x10/0x10 [ 881.024846][T17715] ? __fget_files+0x20e/0x3c0 [ 881.024877][T17715] __x64_sys_open+0x153/0x1e0 [ 881.024914][T17715] ? __pfx___x64_sys_open+0x10/0x10 [ 881.024957][T17715] ? rcu_is_watching+0x12/0xc0 [ 881.024987][T17715] do_syscall_64+0xcd/0xfa0 [ 881.025020][T17715] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 881.025045][T17715] RIP: 0033:0x7f06a7b8f749 [ 881.025064][T17715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 881.025088][T17715] RSP: 002b:00007f06a5df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 881.025111][T17715] RAX: ffffffffffffffda RBX: 00007f06a7de6090 RCX: 00007f06a7b8f749 [ 881.025128][T17715] RDX: e1d2b27bdc14aad4 RSI: 0000000000004242 RDI: 0000000000000000 [ 881.025144][T17715] RBP: 00007f06a5df6090 R08: 0000000000000000 R09: 0000000000000000 [ 881.025159][T17715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 881.025174][T17715] R13: 00007f06a7de6128 R14: 00007f06a7de6090 R15: 00007ffde7d32a38 [ 881.025206][T17715] [ 881.807782][T17710] chnl_net:caif_netlink_parms(): no params data found [ 881.883051][T17715] ERROR: Out of memory at tomoyo_realpath_from_path. [ 882.009281][T17710] bridge0: port 1(bridge_slave_0) entered blocking state [ 882.025986][T17710] bridge0: port 1(bridge_slave_0) entered disabled state [ 882.035789][T17710] bridge_slave_0: entered allmulticast mode [ 882.053746][T17710] bridge_slave_0: entered promiscuous mode [ 882.073476][T17710] bridge0: port 2(bridge_slave_1) entered blocking state [ 882.104695][T17710] bridge0: port 2(bridge_slave_1) entered disabled state [ 882.136830][T17710] bridge_slave_1: entered allmulticast mode [ 882.164261][T17710] bridge_slave_1: entered promiscuous mode [ 882.260564][T17710] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 882.304242][T17710] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 882.428802][T17710] team0: Port device team_slave_0 added [ 882.450321][T17710] team0: Port device team_slave_1 added [ 882.561382][T17710] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 882.584918][T17710] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 882.684145][T17710] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 882.751447][T17710] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 882.779714][T11734] Bluetooth: hci1: command tx timeout [ 882.788133][T17710] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 882.893075][T17710] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 883.210710][T17710] hsr_slave_0: entered promiscuous mode [ 883.228030][T17710] hsr_slave_1: entered promiscuous mode [ 883.246139][T17710] debugfs: 'hsr0' already exists in 'hsr' [ 883.262172][T17710] Cannot create hsr debugfs directory [ 883.766087][T17739] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2514'. [ 884.859419][T11734] Bluetooth: hci1: command tx timeout [ 885.212091][T17758] netlink: 'syz.1.2519': attribute type 1 has an invalid length. [ 885.878627][T17774] FAULT_INJECTION: forcing a failure. [ 885.878627][T17774] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 885.916342][T17774] CPU: 1 UID: 0 PID: 17774 Comm: syz.1.2524 Not tainted syzkaller #0 PREEMPT(full) [ 885.916377][T17774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 885.916392][T17774] Call Trace: [ 885.916401][T17774] [ 885.916410][T17774] dump_stack_lvl+0x16c/0x1f0 [ 885.916446][T17774] should_fail_ex+0x512/0x640 [ 885.916488][T17774] _copy_to_user+0x32/0xd0 [ 885.916513][T17774] simple_read_from_buffer+0xcb/0x170 [ 885.916555][T17774] proc_fail_nth_read+0x197/0x240 [ 885.916583][T17774] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 885.916611][T17774] ? rw_verify_area+0xcf/0x6c0 [ 885.916634][T17774] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 885.916660][T17774] vfs_read+0x1e4/0xcf0 [ 885.916690][T17774] ? __pfx___mutex_lock+0x10/0x10 [ 885.916722][T17774] ? __pfx_vfs_read+0x10/0x10 [ 885.916755][T17774] ? __fget_files+0x20e/0x3c0 [ 885.916788][T17774] ksys_read+0x12a/0x250 [ 885.916813][T17774] ? __pfx_ksys_read+0x10/0x10 [ 885.916848][T17774] do_syscall_64+0xcd/0xfa0 [ 885.916880][T17774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 885.916904][T17774] RIP: 0033:0x7f06a7b8e15c [ 885.916924][T17774] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 885.916947][T17774] RSP: 002b:00007f06a8957030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 885.916970][T17774] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b8e15c [ 885.916987][T17774] RDX: 000000000000000f RSI: 00007f06a89570a0 RDI: 0000000000000006 [ 885.917002][T17774] RBP: 00007f06a8957090 R08: 0000000000000000 R09: 0000000000000000 [ 885.917017][T17774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 885.917032][T17774] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 885.917064][T17774] [ 886.103615][ C1] vkms_vblank_simulate: vblank timer overrun [ 886.954752][T11734] Bluetooth: hci1: command tx timeout [ 888.326953][T17799] netlink: 'syz.0.2528': attribute type 1 has an invalid length. [ 889.015262][T11734] Bluetooth: hci1: command tx timeout [ 890.702879][T17827] FAULT_INJECTION: forcing a failure. [ 890.702879][T17827] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 890.745190][T17827] CPU: 1 UID: 0 PID: 17827 Comm: syz.1.2538 Not tainted syzkaller #0 PREEMPT(full) [ 890.745225][T17827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 890.745241][T17827] Call Trace: [ 890.745250][T17827] [ 890.745260][T17827] dump_stack_lvl+0x16c/0x1f0 [ 890.745296][T17827] should_fail_ex+0x512/0x640 [ 890.745340][T17827] _copy_to_user+0x32/0xd0 [ 890.745366][T17827] simple_read_from_buffer+0xcb/0x170 [ 890.745409][T17827] proc_fail_nth_read+0x197/0x240 [ 890.745439][T17827] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 890.745469][T17827] ? rw_verify_area+0xcf/0x6c0 [ 890.745500][T17827] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 890.745529][T17827] vfs_read+0x1e4/0xcf0 [ 890.745559][T17827] ? __pfx___mutex_lock+0x10/0x10 [ 890.745594][T17827] ? __pfx_vfs_read+0x10/0x10 [ 890.745629][T17827] ? __fget_files+0x20e/0x3c0 [ 890.745664][T17827] ksys_read+0x12a/0x250 [ 890.745691][T17827] ? __pfx_ksys_read+0x10/0x10 [ 890.745728][T17827] do_syscall_64+0xcd/0xfa0 [ 890.745762][T17827] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 890.745788][T17827] RIP: 0033:0x7f06a7b8e15c [ 890.745808][T17827] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 890.745833][T17827] RSP: 002b:00007f06a8957030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 890.745858][T17827] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b8e15c [ 890.745875][T17827] RDX: 000000000000000f RSI: 00007f06a89570a0 RDI: 0000000000000004 [ 890.745890][T17827] RBP: 00007f06a8957090 R08: 0000000000000000 R09: 0000000000000000 [ 890.745906][T17827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 890.745921][T17827] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 890.745954][T17827] [ 890.933746][ C1] vkms_vblank_simulate: vblank timer overrun [ 891.520391][T17834] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 892.435017][T17851] FAULT_INJECTION: forcing a failure. [ 892.435017][T17851] name failslab, interval 1, probability 0, space 0, times 0 [ 892.454973][T17851] CPU: 1 UID: 0 PID: 17851 Comm: syz.1.2546 Not tainted syzkaller #0 PREEMPT(full) [ 892.455007][T17851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 892.455022][T17851] Call Trace: [ 892.455030][T17851] [ 892.455039][T17851] dump_stack_lvl+0x16c/0x1f0 [ 892.455074][T17851] should_fail_ex+0x512/0x640 [ 892.455112][T17851] ? __kmalloc_cache_noprof+0x5f/0x780 [ 892.455138][T17851] should_failslab+0xc2/0x120 [ 892.455172][T17851] __kmalloc_cache_noprof+0x72/0x780 [ 892.455196][T17851] ? allocate_cgrp_cset_links+0xca/0x230 [ 892.455226][T17851] ? allocate_cgrp_cset_links+0xca/0x230 [ 892.455250][T17851] allocate_cgrp_cset_links+0xca/0x230 [ 892.455279][T17851] find_css_set+0x785/0x1c70 [ 892.455320][T17851] ? __pfx_find_css_set+0x10/0x10 [ 892.455374][T17851] cgroup_migrate_prepare_dst+0x10b/0x7f0 [ 892.455427][T17851] cgroup_attach_task+0x3cc/0x730 [ 892.455466][T17851] ? __pfx_cgroup_attach_task+0x10/0x10 [ 892.455501][T17851] ? iput.part.0+0x181/0xb00 [ 892.455543][T17851] ? cgroup_attach_permissions+0x2a1/0x790 [ 892.455578][T17851] __cgroup_procs_write+0x452/0x780 [ 892.455622][T17851] ? __pfx___cgroup_procs_write+0x10/0x10 [ 892.455671][T17851] cgroup_procs_write+0x26/0x60 [ 892.455711][T17851] cgroup_file_write+0x1ef/0x790 [ 892.455739][T17851] ? __pfx_cgroup_procs_write+0x10/0x10 [ 892.455780][T17851] ? __pfx_cgroup_file_write+0x10/0x10 [ 892.455818][T17851] kernfs_fop_write_iter+0x3af/0x570 [ 892.455841][T17851] ? __pfx_cgroup_file_write+0x10/0x10 [ 892.455873][T17851] iter_file_splice_write+0xa24/0x12e0 [ 892.455919][T17851] ? __pfx_iter_file_splice_write+0x10/0x10 [ 892.455952][T17851] ? __pfx_copy_splice_read+0x10/0x10 [ 892.455992][T17851] ? __pfx_iter_file_splice_write+0x10/0x10 [ 892.456021][T17851] direct_splice_actor+0x192/0x6c0 [ 892.456050][T17851] splice_direct_to_actor+0x345/0xa30 [ 892.456077][T17851] ? __pfx_direct_splice_actor+0x10/0x10 [ 892.456109][T17851] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 892.456132][T17851] ? get_pid_task+0xfc/0x250 [ 892.456174][T17851] do_splice_direct+0x174/0x240 [ 892.456199][T17851] ? __pfx_do_splice_direct+0x10/0x10 [ 892.456225][T17851] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 892.456271][T17851] ? rw_verify_area+0xcf/0x6c0 [ 892.456298][T17851] do_sendfile+0xb06/0xe50 [ 892.456329][T17851] ? __pfx_do_sendfile+0x10/0x10 [ 892.456366][T17851] __x64_sys_sendfile64+0x1d8/0x220 [ 892.456402][T17851] ? ksys_write+0x1ac/0x250 [ 892.456428][T17851] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 892.456470][T17851] do_syscall_64+0xcd/0xfa0 [ 892.456504][T17851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 892.456529][T17851] RIP: 0033:0x7f06a7b8f749 [ 892.456549][T17851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 892.456572][T17851] RSP: 002b:00007f06a8957038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 892.456595][T17851] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b8f749 [ 892.456611][T17851] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 892.456626][T17851] RBP: 00007f06a8957090 R08: 0000000000000000 R09: 0000000000000000 [ 892.456641][T17851] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000002 [ 892.456656][T17851] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 892.456688][T17851] [ 892.791635][ C1] vkms_vblank_simulate: vblank timer overrun [ 892.980641][T17859] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2549'. [ 892.990967][T17859] veth1_macvtap: left promiscuous mode [ 893.185425][T17850] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2545'. [ 893.194972][T17850] : renamed from bond_slave_1 (while UP) [ 895.248557][T17886] FAULT_INJECTION: forcing a failure. [ 895.248557][T17886] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 895.270938][T17886] CPU: 1 UID: 0 PID: 17886 Comm: syz.0.2557 Not tainted syzkaller #0 PREEMPT(full) [ 895.270974][T17886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 895.270989][T17886] Call Trace: [ 895.270997][T17886] [ 895.271007][T17886] dump_stack_lvl+0x16c/0x1f0 [ 895.271043][T17886] should_fail_ex+0x512/0x640 [ 895.271088][T17886] _copy_from_user+0x2e/0xd0 [ 895.271131][T17886] kstrtouint_from_user+0xd6/0x1d0 [ 895.271163][T17886] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 895.271201][T17886] ? __lock_acquire+0xb8a/0x1c90 [ 895.271250][T17886] proc_fail_nth_write+0x83/0x220 [ 895.271279][T17886] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 895.271316][T17886] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 895.271343][T17886] vfs_write+0x2a0/0x11d0 [ 895.271376][T17886] ? __pfx___mutex_lock+0x10/0x10 [ 895.271410][T17886] ? __pfx_vfs_write+0x10/0x10 [ 895.271447][T17886] ? __fget_files+0x20e/0x3c0 [ 895.271482][T17886] ksys_write+0x12a/0x250 [ 895.271510][T17886] ? __pfx_ksys_write+0x10/0x10 [ 895.271547][T17886] do_syscall_64+0xcd/0xfa0 [ 895.271581][T17886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 895.271608][T17886] RIP: 0033:0x7f837d58e1ff [ 895.271628][T17886] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 895.271653][T17886] RSP: 002b:00007f837e4c3030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 895.271676][T17886] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f837d58e1ff [ 895.271693][T17886] RDX: 0000000000000001 RSI: 00007f837e4c3090 RDI: 0000000000000005 [ 895.271708][T17886] RBP: 00007f837e4c3090 R08: 0000000000000000 R09: 00007f837e4c2df7 [ 895.271724][T17886] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008 [ 895.271740][T17886] R13: 00007f837d7e6038 R14: 00007f837d7e5fa0 R15: 00007ffc0c9e39e8 [ 895.271773][T17886] [ 898.248017][T17923] FAULT_INJECTION: forcing a failure. [ 898.248017][T17923] name failslab, interval 1, probability 0, space 0, times 0 [ 898.275420][T17923] CPU: 1 UID: 0 PID: 17923 Comm: syz.0.2567 Not tainted syzkaller #0 PREEMPT(full) [ 898.275457][T17923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 898.275474][T17923] Call Trace: [ 898.275483][T17923] [ 898.275493][T17923] dump_stack_lvl+0x16c/0x1f0 [ 898.275530][T17923] should_fail_ex+0x512/0x640 [ 898.275570][T17923] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 898.275601][T17923] should_failslab+0xc2/0x120 [ 898.275637][T17923] kmem_cache_alloc_noprof+0x75/0x6e0 [ 898.275664][T17923] ? acpi_ut_allocate_object_desc_dbg+0x86/0x240 [ 898.275709][T17923] ? acpi_ut_allocate_object_desc_dbg+0x86/0x240 [ 898.275746][T17923] acpi_ut_allocate_object_desc_dbg+0x86/0x240 [ 898.275786][T17923] acpi_ut_create_internal_object_dbg+0x51/0x270 [ 898.275828][T17923] acpi_ut_create_integer_object+0x46/0xd0 [ 898.275866][T17923] acpi_ex_read_data_from_field+0x146/0xd50 [ 898.275893][T17923] ? acpi_ut_ptr_exit+0xfe/0x180 [ 898.275928][T17923] ? acpi_ut_value_exit+0xff/0x180 [ 898.275958][T17923] acpi_ex_resolve_node_to_value+0x767/0x9c0 [ 898.275992][T17923] ? __pfx_acpi_ex_resolve_node_to_value+0x10/0x10 [ 898.276029][T17923] ? acpi_ds_create_operand+0x267/0xc30 [ 898.276073][T17923] acpi_ex_resolve_to_value+0x509/0xcd0 [ 898.276104][T17923] ? __pfx_acpi_ex_resolve_to_value+0x10/0x10 [ 898.276134][T17923] ? __pfx_acpi_ns_lookup+0x10/0x10 [ 898.276160][T17923] ? acpi_ut_track_stack_ptr+0x114/0x180 [ 898.276192][T17923] acpi_ds_evaluate_name_path+0x311/0x4b0 [ 898.276233][T17923] ? __pfx_acpi_ds_evaluate_name_path+0x10/0x10 [ 898.276276][T17923] ? acpi_ps_get_next_namepath+0x202/0xa10 [ 898.276315][T17923] ? acpi_ut_trace_ptr+0x121/0x2a0 [ 898.276345][T17923] acpi_ds_exec_end_op+0xd99/0x1da0 [ 898.276388][T17923] ? __pfx_acpi_ds_exec_end_op+0x10/0x10 [ 898.276428][T17923] acpi_ps_parse_loop+0x5a6/0x2470 [ 898.276479][T17923] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 898.276517][T17923] ? kmem_cache_alloc_noprof+0x2a1/0x6e0 [ 898.276544][T17923] ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10 [ 898.276569][T17923] ? acpi_ut_create_thread_state+0x6d/0x170 [ 898.276620][T17923] acpi_ps_parse_aml+0x817/0x1170 [ 898.276668][T17923] acpi_ps_execute_method+0x5c4/0xe90 [ 898.276702][T17923] acpi_ns_evaluate+0x98c/0x16d0 [ 898.276738][T17923] acpi_evaluate_object+0x4ca/0xdf0 [ 898.276783][T17923] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 898.276823][T17923] ? __mutex_trylock_common+0xe9/0x250 [ 898.276867][T17923] acpi_evaluate_integer+0xdd/0x200 [ 898.276899][T17923] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 898.276950][T17923] ? __pfx_status_show+0x10/0x10 [ 898.276988][T17923] status_show+0xa0/0x120 [ 898.277024][T17923] ? __pfx_status_show+0x10/0x10 [ 898.277071][T17923] dev_attr_show+0x56/0xe0 [ 898.277112][T17923] ? __pfx_dev_attr_show+0x10/0x10 [ 898.277150][T17923] sysfs_kf_seq_show+0x216/0x3e0 [ 898.277187][T17923] seq_read_iter+0x50e/0x12d0 [ 898.277242][T17923] kernfs_fop_read_iter+0x46c/0x610 [ 898.277269][T17923] ? rw_verify_area+0xcf/0x6c0 [ 898.277297][T17923] vfs_read+0x8bf/0xcf0 [ 898.277329][T17923] ? __pfx___mutex_lock+0x10/0x10 [ 898.277365][T17923] ? __pfx_vfs_read+0x10/0x10 [ 898.277414][T17923] ksys_read+0x12a/0x250 [ 898.277442][T17923] ? __pfx_ksys_read+0x10/0x10 [ 898.277480][T17923] do_syscall_64+0xcd/0xfa0 [ 898.277514][T17923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 898.277541][T17923] RIP: 0033:0x7f837d58f749 [ 898.277563][T17923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 898.277589][T17923] RSP: 002b:00007f837e4c3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 898.277614][T17923] RAX: ffffffffffffffda RBX: 00007f837d7e5fa0 RCX: 00007f837d58f749 [ 898.277633][T17923] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 898.277650][T17923] RBP: 00007f837d613f91 R08: 0000000000000000 R09: 0000000000000000 [ 898.277666][T17923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 898.277682][T17923] R13: 00007f837d7e6038 R14: 00007f837d7e5fa0 R15: 00007ffc0c9e39e8 [ 898.277716][T17923] [ 898.277746][T17923] ACPI Error: Could not allocate an object descriptor (20250807/utobject-180) [ 899.266738][T17923] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250807/psparse-529) [ 899.665556][T17939] syz.0.2572 (17939): /proc/17938/oom_adj is deprecated, please use /proc/17938/oom_score_adj instead. [ 902.421931][T17966] bridge0: port 3(bond0) entered blocking state [ 902.435251][T17966] bridge0: port 3(bond0) entered disabled state [ 902.441756][T17966] bond0: entered allmulticast mode [ 902.460470][T17966] bond_slave_0: entered allmulticast mode [ 902.470588][T17966] : entered allmulticast mode [ 902.487400][T17966] bond0: entered promiscuous mode [ 902.502901][T17966] bond_slave_0: entered promiscuous mode [ 902.513211][T17966] : entered promiscuous mode [ 902.524088][T17966] bridge0: port 3(bond0) entered blocking state [ 902.530788][T17966] bridge0: port 3(bond0) entered forwarding state [ 904.895855][T18000] FAULT_INJECTION: forcing a failure. [ 904.895855][T18000] name failslab, interval 1, probability 0, space 0, times 0 [ 904.994332][T18000] CPU: 1 UID: 0 PID: 18000 Comm: syz.1.2587 Not tainted syzkaller #0 PREEMPT(full) [ 904.994367][T18000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 904.994383][T18000] Call Trace: [ 904.994391][T18000] [ 904.994400][T18000] dump_stack_lvl+0x16c/0x1f0 [ 904.994441][T18000] should_fail_ex+0x512/0x640 [ 904.994480][T18000] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 904.994510][T18000] should_failslab+0xc2/0x120 [ 904.994545][T18000] kmem_cache_alloc_noprof+0x75/0x6e0 [ 904.994571][T18000] ? getname_flags.part.0+0x4c/0x550 [ 904.994614][T18000] ? getname_flags.part.0+0x4c/0x550 [ 904.994650][T18000] getname_flags.part.0+0x4c/0x550 [ 904.994691][T18000] getname_flags+0x93/0xf0 [ 904.994717][T18000] do_sys_openat2+0xb8/0x1d0 [ 904.994755][T18000] ? __pfx_do_sys_openat2+0x10/0x10 [ 904.994796][T18000] ? __fget_files+0x20e/0x3c0 [ 904.994827][T18000] __x64_sys_openat+0x174/0x210 [ 904.994865][T18000] ? __pfx___x64_sys_openat+0x10/0x10 [ 904.994903][T18000] ? ksys_write+0x1ac/0x250 [ 904.994942][T18000] do_syscall_64+0xcd/0xfa0 [ 904.994976][T18000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 904.995002][T18000] RIP: 0033:0x7f06a7b8f749 [ 904.995022][T18000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 904.995048][T18000] RSP: 002b:00007f06a8957038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 904.995071][T18000] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b8f749 [ 904.995088][T18000] RDX: 000000000000cb00 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 904.995104][T18000] RBP: 00007f06a8957090 R08: 0000000000000000 R09: 0000000000000000 [ 904.995120][T18000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 904.995135][T18000] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 904.995168][T18000] [ 905.181326][ C1] vkms_vblank_simulate: vblank timer overrun [ 907.767780][T18031] FAULT_INJECTION: forcing a failure. [ 907.767780][T18031] name failslab, interval 1, probability 0, space 0, times 0 [ 907.816687][T18031] CPU: 1 UID: 0 PID: 18031 Comm: syz.1.2595 Not tainted syzkaller #0 PREEMPT(full) [ 907.816723][T18031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 907.816740][T18031] Call Trace: [ 907.816748][T18031] [ 907.816758][T18031] dump_stack_lvl+0x16c/0x1f0 [ 907.816795][T18031] should_fail_ex+0x512/0x640 [ 907.816835][T18031] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 907.816866][T18031] should_failslab+0xc2/0x120 [ 907.816902][T18031] kmem_cache_alloc_noprof+0x75/0x6e0 [ 907.816929][T18031] ? mm_alloc+0x1c/0xc0 [ 907.816964][T18031] ? mm_alloc+0x1c/0xc0 [ 907.816991][T18031] mm_alloc+0x1c/0xc0 [ 907.817019][T18031] alloc_bprm+0x2af/0x710 [ 907.817050][T18031] do_execveat_common.isra.0+0x1ce/0x610 [ 907.817085][T18031] __x64_sys_execve+0x8e/0xb0 [ 907.817113][T18031] do_syscall_64+0xcd/0xfa0 [ 907.817155][T18031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 907.817183][T18031] RIP: 0033:0x7f06a7b8f749 [ 907.817203][T18031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 907.817229][T18031] RSP: 002b:00007f06a8957038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 907.817253][T18031] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b8f749 [ 907.817270][T18031] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 907.817287][T18031] RBP: 00007f06a7c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 907.817303][T18031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 907.817322][T18031] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 907.817358][T18031] [ 907.987888][ C1] vkms_vblank_simulate: vblank timer overrun [ 908.601056][T18034] bridge0: port 3(bond0) entered blocking state [ 908.614766][T18034] bridge0: port 3(bond0) entered disabled state [ 908.625242][T18034] bond0: entered allmulticast mode [ 908.642114][T18034] bond_slave_0: entered allmulticast mode [ 908.652233][T18034] bond_slave_1: entered allmulticast mode [ 908.672227][T18034] bond0: entered promiscuous mode [ 908.683978][T18034] bond_slave_0: entered promiscuous mode [ 908.697091][T18034] bond_slave_1: entered promiscuous mode [ 908.709860][T18034] bridge0: port 3(bond0) entered blocking state [ 908.716389][T18034] bridge0: port 3(bond0) entered forwarding state [ 911.356214][T18051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2601'. [ 914.291954][T18076] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2609'. [ 915.243566][T18079] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 915.250085][T18079] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 915.270276][T18079] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 915.283792][T18079] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 915.292809][T18079] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 915.301608][T18079] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 915.311198][T18079] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 915.319071][T18079] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 915.328412][T18079] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 915.350762][T18079] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 915.357355][T18079] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 915.368802][T18079] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 915.376571][T18079] CPU0 is offline. [ 915.820849][T18093] FAULT_INJECTION: forcing a failure. [ 915.820849][T18093] name failslab, interval 1, probability 0, space 0, times 0 [ 915.833893][T18093] CPU: 1 UID: 0 PID: 18093 Comm: syz.1.2613 Not tainted syzkaller #0 PREEMPT(full) [ 915.833928][T18093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 915.833944][T18093] Call Trace: [ 915.833956][T18093] [ 915.833967][T18093] dump_stack_lvl+0x16c/0x1f0 [ 915.834006][T18093] should_fail_ex+0x512/0x640 [ 915.834045][T18093] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 915.834077][T18093] should_failslab+0xc2/0x120 [ 915.834112][T18093] kmem_cache_alloc_node_noprof+0x78/0x770 [ 915.834137][T18093] ? __alloc_skb+0x2b2/0x380 [ 915.834183][T18093] ? __alloc_skb+0x2b2/0x380 [ 915.834219][T18093] ? __pfx_netlink_insert+0x10/0x10 [ 915.834244][T18093] __alloc_skb+0x2b2/0x380 [ 915.834283][T18093] ? __pfx___alloc_skb+0x10/0x10 [ 915.834322][T18093] ? netlink_autobind.isra.0+0x158/0x370 [ 915.834356][T18093] netlink_alloc_large_skb+0x69/0x140 [ 915.834385][T18093] netlink_sendmsg+0x698/0xdd0 [ 915.834421][T18093] ? __pfx_netlink_sendmsg+0x10/0x10 [ 915.834452][T18093] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 915.834495][T18093] ____sys_sendmsg+0xa98/0xc70 [ 915.834529][T18093] ? copy_msghdr_from_user+0x10a/0x160 [ 915.834555][T18093] ? __pfx_____sys_sendmsg+0x10/0x10 [ 915.834643][T18093] ___sys_sendmsg+0x134/0x1d0 [ 915.834669][T18093] ? __pfx____sys_sendmsg+0x10/0x10 [ 915.834692][T18093] ? __lock_acquire+0x622/0x1c90 [ 915.834761][T18093] __sys_sendmsg+0x16d/0x220 [ 915.834786][T18093] ? __pfx___sys_sendmsg+0x10/0x10 [ 915.834830][T18093] do_syscall_64+0xcd/0xfa0 [ 915.834864][T18093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 915.834890][T18093] RIP: 0033:0x7f06a7b8f749 [ 915.834911][T18093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 915.834935][T18093] RSP: 002b:00007f06a8957038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 915.834959][T18093] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b8f749 [ 915.834975][T18093] RDX: 0000000000040000 RSI: 0000200000000240 RDI: 0000000000000006 [ 915.834990][T18093] RBP: 00007f06a8957090 R08: 0000000000000000 R09: 0000000000000000 [ 915.835012][T18093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 915.835027][T18093] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 915.835059][T18093] [ 916.223815][T18098] ovs_: entered promiscuous mode [ 916.292665][T18100] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2616'. [ 916.324695][T18100] team0: Port device team_slave_0 removed [ 916.457700][T11734] Bluetooth: hci4: command 0x0c1a tx timeout [ 916.473951][T18102] FAULT_INJECTION: forcing a failure. [ 916.473951][T18102] name failslab, interval 1, probability 0, space 0, times 0 [ 916.487139][T18102] CPU: 1 UID: 0 PID: 18102 Comm: syz.1.2617 Not tainted syzkaller #0 PREEMPT(full) [ 916.487174][T18102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 916.487190][T18102] Call Trace: [ 916.487199][T18102] [ 916.487209][T18102] dump_stack_lvl+0x16c/0x1f0 [ 916.487249][T18102] should_fail_ex+0x512/0x640 [ 916.487291][T18102] ? fs_reclaim_acquire+0xae/0x150 [ 916.487329][T18102] should_failslab+0xc2/0x120 [ 916.487366][T18102] kmem_cache_alloc_noprof+0x75/0x6e0 [ 916.487393][T18102] ? __pfx_map_id_range_down+0x10/0x10 [ 916.487426][T18102] ? security_inode_alloc+0x3b/0x2b0 [ 916.487473][T18102] ? security_inode_alloc+0x3b/0x2b0 [ 916.487513][T18102] security_inode_alloc+0x3b/0x2b0 [ 916.487555][T18102] inode_init_always_gfp+0xce4/0x1030 [ 916.487587][T18102] alloc_inode+0x86/0x240 [ 916.487623][T18102] sock_alloc+0x40/0x280 [ 916.487655][T18102] __sock_create+0xc1/0x8d0 [ 916.487696][T18102] __sys_socket+0x14d/0x260 [ 916.487777][T18102] ? __pfx___sys_socket+0x10/0x10 [ 916.487815][T18102] ? do_user_addr_fault+0x843/0x1370 [ 916.487845][T18102] __x64_sys_socket+0x72/0xb0 [ 916.487880][T18102] ? lockdep_hardirqs_on+0x7c/0x110 [ 916.487912][T18102] do_syscall_64+0xcd/0xfa0 [ 916.487947][T18102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 916.487974][T18102] RIP: 0033:0x7f06a7b91667 [ 916.487996][T18102] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 916.488022][T18102] RSP: 002b:00007f06a8955fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029 [ 916.488047][T18102] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b91667 [ 916.488064][T18102] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 916.488080][T18102] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000 [ 916.488096][T18102] R10: 00002000000000c0 R11: 0000000000000286 R12: 0000000000000000 [ 916.488113][T18102] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 916.488147][T18102] [ 916.488175][T18102] socket: no more sockets [ 916.869424][T18105] FAULT_INJECTION: forcing a failure. [ 916.869424][T18105] name failslab, interval 1, probability 0, space 0, times 0 [ 916.882362][T18105] CPU: 1 UID: 0 PID: 18105 Comm: syz.1.2618 Not tainted syzkaller #0 PREEMPT(full) [ 916.882396][T18105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 916.882412][T18105] Call Trace: [ 916.882427][T18105] [ 916.882437][T18105] dump_stack_lvl+0x16c/0x1f0 [ 916.882476][T18105] should_fail_ex+0x512/0x640 [ 916.882516][T18105] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 916.882547][T18105] should_failslab+0xc2/0x120 [ 916.882583][T18105] kmem_cache_alloc_noprof+0x75/0x6e0 [ 916.882608][T18105] ? __pfx_vma_modify_policy+0x10/0x10 [ 916.882635][T18105] ? __mpol_dup+0x74/0x380 [ 916.882679][T18105] ? __mpol_dup+0x74/0x380 [ 916.882715][T18105] __mpol_dup+0x74/0x380 [ 916.882753][T18105] ? __pfx___mpol_dup+0x10/0x10 [ 916.882800][T18105] mbind_range+0x2ad/0x570 [ 916.882844][T18105] do_mbind+0x83a/0xf20 [ 916.882894][T18105] ? __pfx_do_mbind+0x10/0x10 [ 916.882931][T18105] ? find_held_lock+0x2b/0x80 [ 916.882977][T18105] ? __pfx_get_nodes+0x10/0x10 [ 916.883008][T18105] ? __fget_files+0x20e/0x3c0 [ 916.883041][T18105] kernel_mbind+0x1e3/0x1f0 [ 916.883085][T18105] ? __pfx_kernel_mbind+0x10/0x10 [ 916.883138][T18105] do_syscall_64+0xcd/0xfa0 [ 916.883174][T18105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 916.883201][T18105] RIP: 0033:0x7f06a7b8f749 [ 916.883221][T18105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 916.883247][T18105] RSP: 002b:00007f06a8957038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 916.883272][T18105] RAX: ffffffffffffffda RBX: 00007f06a7de5fa0 RCX: 00007f06a7b8f749 [ 916.883290][T18105] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 916.883306][T18105] RBP: 00007f06a8957090 R08: 0000000000000006 R09: 0000000000000002 [ 916.883323][T18105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 916.883339][T18105] R13: 00007f06a7de6038 R14: 00007f06a7de5fa0 R15: 00007ffde7d32a38 [ 916.883374][T18105] [ 917.287632][T18111] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2621'. [ 917.335276][T11734] Bluetooth: hci2: command 0x0c1a tx timeout [ 917.341434][T11734] Bluetooth: hci0: command 0x0c1a tx timeout [ 917.416374][T11734] Bluetooth: hci1: command 0x0c1a tx timeout [ 917.588084][T18117] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2623'. [ 917.611093][T11734] Bluetooth: hci4: unexpected event 0x3e length: 726 > 260 [ 917.611128][T11734] Bluetooth: hci4: unexpected subevent 0x0d length: 725 > 260 [ 917.627026][T11734] Bluetooth: hci4: Unknown advertising packet type: 0x7f [ 917.627066][T11734] Bluetooth: hci4: adv larger than maximum supported [ 917.634221][T11734] Bluetooth: hci4: adv larger than maximum supported [ 917.642381][T11734] Bluetooth: hci4: Malformed LE Event: 0x0d [ 918.534782][T11734] Bluetooth: hci4: command 0x0c1a tx timeout [ 919.414851][T17123] Bluetooth: hci2: command 0x0c1a tx timeout [ 919.421859][T11734] Bluetooth: hci0: command 0x0c1a tx timeout [ 919.495260][T11734] Bluetooth: hci1: command 0x0c1a tx timeout [ 920.614673][T11734] Bluetooth: hci4: command 0x0c1a tx timeout [ 921.496172][T11734] Bluetooth: hci0: command 0x0c1a tx timeout [ 921.502345][T11734] Bluetooth: hci2: command 0x0c1a tx timeout [ 921.576052][T11734] Bluetooth: hci1: command 0x0c1a tx timeout [ 921.856290][T17123] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 921.866625][T17123] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 921.875681][T17123] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 921.883784][T17123] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 921.892076][T17123] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 922.158226][T18120] chnl_net:caif_netlink_parms(): no params data found [ 922.260960][T18120] bridge0: port 1(bridge_slave_0) entered blocking state [ 922.269352][T18120] bridge0: port 1(bridge_slave_0) entered disabled state [ 922.277226][T18120] bridge_slave_0: entered allmulticast mode [ 922.288082][T18120] bridge_slave_0: entered promiscuous mode [ 922.297319][T18120] bridge0: port 2(bridge_slave_1) entered blocking state [ 922.304841][T18120] bridge0: port 2(bridge_slave_1) entered disabled state [ 922.312161][T18120] bridge_slave_1: entered allmulticast mode [ 922.320330][T18120] bridge_slave_1: entered promiscuous mode [ 922.362155][T18120] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 922.376333][T18120] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 922.419337][T18120] team0: Port device team_slave_0 added [ 922.428488][T18120] team0: Port device team_slave_1 added [ 922.467464][T18120] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 922.475355][T18120] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 922.514732][T18120] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 922.552995][T18120] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 922.585980][T18120] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 922.684695][T18120] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 922.861063][T18120] hsr_slave_0: entered promiscuous mode [ 922.883298][T18120] hsr_slave_1: entered promiscuous mode [ 922.909832][T18120] debugfs: 'hsr0' already exists in 'hsr' [ 922.938337][T18120] Cannot create hsr debugfs directory [ 923.664055][T17123] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 923.673565][T17123] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 923.683952][T17123] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 923.692152][T17123] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 923.700568][T17123] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 923.977973][T17123] Bluetooth: hci3: command tx timeout [ 924.073261][T18145] FAULT_INJECTION: forcing a failure. [ 924.073261][T18145] name failslab, interval 1, probability 0, space 0, times 0 [ 924.104840][T18145] CPU: 1 UID: 0 PID: 18145 Comm: syz.1.2626 Not tainted syzkaller #0 PREEMPT(full) [ 924.104876][T18145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 924.104892][T18145] Call Trace: [ 924.104901][T18145] [ 924.104910][T18145] dump_stack_lvl+0x16c/0x1f0 [ 924.104947][T18145] should_fail_ex+0x512/0x640 [ 924.104987][T18145] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 924.105024][T18145] should_failslab+0xc2/0x120 [ 924.105059][T18145] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 924.105097][T18145] ? resume_store+0x1b8/0x460 [ 924.105128][T18145] ? kstrndup+0x6d/0x160 [ 924.105153][T18145] kstrndup+0x6d/0x160 [ 924.105188][T18145] resume_store+0x1b8/0x460 [ 924.105212][T18145] ? __pfx_resume_store+0x10/0x10 [ 924.105245][T18145] ? find_held_lock+0x2b/0x80 [ 924.105275][T18145] ? __pfx_resume_store+0x10/0x10 [ 924.105298][T18145] kobj_attr_store+0x58/0x80 [ 924.105330][T18145] ? __pfx_kobj_attr_store+0x10/0x10 [ 924.105363][T18145] sysfs_kf_write+0xf2/0x150 [ 924.105393][T18145] kernfs_fop_write_iter+0x3af/0x570 [ 924.105416][T18145] ? __pfx_sysfs_kf_write+0x10/0x10 [ 924.105447][T18145] vfs_write+0x7d3/0x11d0 [ 924.105476][T18145] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 924.105502][T18145] ? __pfx___mutex_lock+0x10/0x10 [ 924.105536][T18145] ? __pfx_vfs_write+0x10/0x10 [ 924.105584][T18145] ksys_write+0x12a/0x250 [ 924.105611][T18145] ? __pfx_ksys_write+0x10/0x10 [ 924.105648][T18145] do_syscall_64+0xcd/0xfa0 [ 924.105682][T18145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 924.105733][T18145] RIP: 0033:0x7f06a7b8f749 [ 924.105760][T18145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 924.105785][T18145] RSP: 002b:00007f06a5df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 924.105810][T18145] RAX: ffffffffffffffda RBX: 00007f06a7de6090 RCX: 00007f06a7b8f749 [ 924.105827][T18145] RDX: 0000000000100089 RSI: 0000000000000000 RDI: 0000000000000003 [ 924.105842][T18145] RBP: 00007f06a7c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 924.105858][T18145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 924.105874][T18145] R13: 00007f06a7de6128 R14: 00007f06a7de6090 R15: 00007ffde7d32a38 [ 924.105908][T18145] [ 924.619878][T18138] chnl_net:caif_netlink_parms(): no params data found [ 924.836635][T18138] bridge0: port 1(bridge_slave_0) entered blocking state [ 924.854258][T18138] bridge0: port 1(bridge_slave_0) entered disabled state [ 924.873618][T18138] bridge_slave_0: entered allmulticast mode [ 924.894825][T18138] bridge_slave_0: entered promiscuous mode [ 924.912586][T18138] bridge0: port 2(bridge_slave_1) entered blocking state [ 924.928993][T18138] bridge0: port 2(bridge_slave_1) entered disabled state [ 924.945710][T18138] bridge_slave_1: entered allmulticast mode [ 924.963424][T18138] bridge_slave_1: entered promiscuous mode [ 925.050911][T18138] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 925.086575][T18138] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 925.189118][T18138] team0: Port device team_slave_0 added [ 925.212893][T18138] team0: Port device team_slave_1 added [ 925.290523][T18138] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 925.307462][T18138] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 925.376587][T18138] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 925.400041][T18138] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 925.418816][T18138] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 925.482659][T18138] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 925.589480][T18138] hsr_slave_0: entered promiscuous mode [ 925.606151][T18138] hsr_slave_1: entered promiscuous mode [ 925.623262][T18138] debugfs: 'hsr0' already exists in 'hsr' [ 925.637239][T18138] Cannot create hsr debugfs directory [ 925.740856][T17123] Bluetooth: hci5: command tx timeout [ 926.057626][T17123] Bluetooth: hci3: command tx timeout [ 927.824399][T11734] Bluetooth: hci5: command tx timeout [ 928.134908][T11734] Bluetooth: hci3: command tx timeout [ 929.896679][T11734] Bluetooth: hci5: command tx timeout [ 930.214877][T17123] Bluetooth: hci3: command tx timeout [ 931.976271][T17123] Bluetooth: hci5: command tx timeout [ 939.763610][T11734] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 939.773902][T11734] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 939.782920][T11734] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 939.795897][T11734] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 939.803575][T11734] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 940.054348][T18197] chnl_net:caif_netlink_parms(): no params data found [ 940.155757][T18197] bridge0: port 1(bridge_slave_0) entered blocking state [ 940.163880][T18197] bridge0: port 1(bridge_slave_0) entered disabled state [ 940.173525][T18197] bridge_slave_0: entered allmulticast mode [ 940.186300][T18197] bridge_slave_0: entered promiscuous mode [ 940.196601][T18197] bridge0: port 2(bridge_slave_1) entered blocking state [ 940.203756][T18197] bridge0: port 2(bridge_slave_1) entered disabled state [ 940.211581][T18197] bridge_slave_1: entered allmulticast mode [ 940.219681][T18197] bridge_slave_1: entered promiscuous mode [ 940.259295][T18197] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 940.277049][T18197] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 940.323800][T18197] team0: Port device team_slave_0 added [ 940.333646][T18197] team0: Port device team_slave_1 added [ 940.368660][T18197] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 940.378297][T18197] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 940.407605][T18197] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 940.420691][T18197] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 940.428177][T18197] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 940.455204][T18197] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 940.510457][T18197] hsr_slave_0: entered promiscuous mode [ 940.520466][T18197] hsr_slave_1: entered promiscuous mode [ 940.528093][T18197] debugfs: 'hsr0' already exists in 'hsr' [ 940.533864][T18197] Cannot create hsr debugfs directory [ 941.894767][T17123] Bluetooth: hci6: command tx timeout [ 942.059474][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 942.070168][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 943.974762][T11734] Bluetooth: hci6: command tx timeout [ 946.054633][T17123] Bluetooth: hci6: command tx timeout [ 948.135971][T17123] Bluetooth: hci6: command tx timeout [ 982.295814][T11734] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 982.306890][T11734] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 982.315985][T11734] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 982.331055][T11734] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 982.338955][T11734] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 982.567898][T18212] chnl_net:caif_netlink_parms(): no params data found [ 982.658089][T18212] bridge0: port 1(bridge_slave_0) entered blocking state [ 982.667339][T18212] bridge0: port 1(bridge_slave_0) entered disabled state [ 982.675371][T18212] bridge_slave_0: entered allmulticast mode [ 982.682861][T18212] bridge_slave_0: entered promiscuous mode [ 982.691720][T18212] bridge0: port 2(bridge_slave_1) entered blocking state [ 982.700949][T18212] bridge0: port 2(bridge_slave_1) entered disabled state [ 982.708622][T18212] bridge_slave_1: entered allmulticast mode [ 982.716682][T18212] bridge_slave_1: entered promiscuous mode [ 982.752510][T18212] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 982.771382][T18212] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 982.808043][T18212] team0: Port device team_slave_0 added [ 982.817186][T18212] team0: Port device team_slave_1 added [ 982.850285][T18212] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 982.858162][T18212] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 982.888993][T18212] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 982.902002][T18212] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 982.909400][T18212] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 982.941737][T18212] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 982.998451][T18212] hsr_slave_0: entered promiscuous mode [ 983.005882][T18212] hsr_slave_1: entered promiscuous mode [ 983.012310][T18212] debugfs: 'hsr0' already exists in 'hsr' [ 983.037322][T18212] Cannot create hsr debugfs directory [ 983.429287][T11734] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 983.442339][T11734] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 983.451363][T11734] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 983.459581][T11734] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 983.467494][T11734] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 983.693672][T18223] chnl_net:caif_netlink_parms(): no params data found [ 983.784064][T18223] bridge0: port 1(bridge_slave_0) entered blocking state [ 983.793165][T18223] bridge0: port 1(bridge_slave_0) entered disabled state [ 983.801546][T18223] bridge_slave_0: entered allmulticast mode [ 983.809455][T18223] bridge_slave_0: entered promiscuous mode [ 983.818335][T18223] bridge0: port 2(bridge_slave_1) entered blocking state [ 983.826108][T18223] bridge0: port 2(bridge_slave_1) entered disabled state [ 983.833383][T18223] bridge_slave_1: entered allmulticast mode [ 983.841480][T18223] bridge_slave_1: entered promiscuous mode [ 983.882703][T18223] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 983.897783][T18223] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 983.935653][T18223] team0: Port device team_slave_0 added [ 983.944368][T18223] team0: Port device team_slave_1 added [ 983.988859][T18223] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 983.997640][T18223] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 984.025345][T18223] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 984.038363][T18223] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 984.045918][T18223] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 984.072916][T18223] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 984.130122][T18223] hsr_slave_0: entered promiscuous mode [ 984.138452][T18223] hsr_slave_1: entered promiscuous mode [ 984.145876][T18223] debugfs: 'hsr0' already exists in 'hsr' [ 984.151633][T18223] Cannot create hsr debugfs directory [ 984.374714][T17123] Bluetooth: hci7: command tx timeout [ 985.494648][T17123] Bluetooth: hci8: command tx timeout [ 986.454669][T17123] Bluetooth: hci7: command tx timeout [ 987.574628][T17123] Bluetooth: hci8: command tx timeout [ 988.534600][T17123] Bluetooth: hci7: command tx timeout [ 989.654669][T17123] Bluetooth: hci8: command tx timeout [ 990.614628][T17123] Bluetooth: hci7: command tx timeout [ 991.734692][T17123] Bluetooth: hci8: command tx timeout [ 999.822341][T11734] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1 [ 999.834658][T11734] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9 [ 999.848090][T11734] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9 [ 999.856483][T11734] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4 [ 999.865639][T11734] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2 [ 1000.103811][T18232] chnl_net:caif_netlink_parms(): no params data found [ 1000.196042][T18232] bridge0: port 1(bridge_slave_0) entered blocking state [ 1000.205555][T18232] bridge0: port 1(bridge_slave_0) entered disabled state [ 1000.212853][T18232] bridge_slave_0: entered allmulticast mode [ 1000.221418][T18232] bridge_slave_0: entered promiscuous mode [ 1000.230020][T18232] bridge0: port 2(bridge_slave_1) entered blocking state [ 1000.237617][T18232] bridge0: port 2(bridge_slave_1) entered disabled state [ 1000.245252][T18232] bridge_slave_1: entered allmulticast mode [ 1000.252801][T18232] bridge_slave_1: entered promiscuous mode [ 1000.299645][T18232] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1000.312791][T18232] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1000.351571][T18232] team0: Port device team_slave_0 added [ 1000.360816][T18232] team0: Port device team_slave_1 added [ 1000.401422][T18232] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1000.408736][T18232] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1000.436221][T18232] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1000.449060][T18232] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1000.456539][T18232] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1000.487371][T18232] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1000.542232][T18232] hsr_slave_0: entered promiscuous mode [ 1000.549764][T18232] hsr_slave_1: entered promiscuous mode [ 1000.556974][T18232] debugfs: 'hsr0' already exists in 'hsr' [ 1000.562731][T18232] Cannot create hsr debugfs directory [ 1001.894707][T17123] Bluetooth: hci9: command tx timeout [ 1003.499000][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1003.506338][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1003.974653][T17123] Bluetooth: hci9: command tx timeout [ 1006.054714][T17123] Bluetooth: hci9: command tx timeout [ 1008.134907][T17123] Bluetooth: hci9: command tx timeout [ 1013.095557][ T31] INFO: task kworker/u8:0:12 blocked for more than 143 seconds. [ 1013.103296][ T31] Not tainted syzkaller #0 [ 1013.115858][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1013.124949][ T31] task:kworker/u8:0 state:D stack:23544 pid:12 tgid:12 ppid:2 task_flags:0x4208060 flags:0x00080000 [ 1013.139676][ T31] Workqueue: netns cleanup_net SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1013.144822][ T31] Call Trace: [ 1013.154511][ T31] [ 1013.157540][ T31] __schedule+0x1190/0x5de0 [ 1013.162081][ T31] ? __lock_acquire+0x622/0x1c90 [ 1013.180162][ T31] ? __pfx___schedule+0x10/0x10 [ 1013.194919][ T31] ? find_held_lock+0x2b/0x80 [ 1013.199663][ T31] ? schedule+0x2d7/0x3a0 [ 1013.204022][ T31] schedule+0xe7/0x3a0 [ 1013.214664][ T31] schedule_timeout+0x257/0x290 [ 1013.219586][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1013.246727][ T31] ? mark_held_locks+0x49/0x80 [ 1013.251566][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 1013.264512][ T31] __wait_for_common+0x2fc/0x4e0 [ 1013.269530][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 1013.283031][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 1013.294833][ T31] remove_one+0x312/0x420 [ 1013.299214][ T31] ? find_next_child+0x18f/0x280 [ 1013.304197][ T31] __simple_recursive_removal+0x15b/0x610 [ 1013.334653][ T31] ? __pfx_remove_one+0x10/0x10 [ 1013.339607][ T31] debugfs_remove+0x5d/0x80 [ 1013.344126][ T31] nsim_dev_health_exit+0x3b/0xe0 [ 1013.364490][ T31] nsim_dev_reload_destroy+0x144/0x4d0 [ 1013.370038][ T31] nsim_dev_reload_down+0x6e/0xd0 [ 1013.385738][ T31] devlink_reload+0x1a1/0x7c0 [ 1013.390661][ T31] ? __pfx_devlink_reload+0x10/0x10 [ 1013.454919][ T31] devlink_pernet_pre_exit+0x1a0/0x2b0 [ 1013.460468][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 1013.534768][ T31] ? up_write+0x1b2/0x520 [ 1013.539192][ T31] ? kobject_put+0xab/0x5a0 [ 1013.543746][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 1013.574584][ T31] ops_undo_list+0x187/0xab0 [ 1013.579260][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 1013.604608][ T31] ? cleanup_net+0x347/0x8b0 [ 1013.609277][ T31] ? idr_destroy+0x62/0x2e0 [ 1013.613822][ T31] cleanup_net+0x41b/0x8b0 [ 1013.634496][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 1013.639515][ T31] ? rcu_is_watching+0x12/0xc0 [ 1013.644316][ T31] process_one_work+0x9cf/0x1b70 [ 1013.653397][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 1013.664652][ T31] ? __pfx_process_one_work+0x10/0x10 [ 1013.670105][ T31] ? assign_work+0x1a0/0x250 [ 1013.683610][ T31] worker_thread+0x6c8/0xf10 [ 1013.688645][ T31] ? __pfx_worker_thread+0x10/0x10 [ 1013.698142][ T31] kthread+0x3c5/0x780 [ 1013.702273][ T31] ? __pfx_kthread+0x10/0x10 [ 1013.707509][ T31] ? rcu_is_watching+0x12/0xc0 [ 1013.712305][ T31] ? __pfx_kthread+0x10/0x10 [ 1013.717283][ T31] ret_from_fork+0x675/0x7d0 [ 1013.721926][ T31] ? __pfx_kthread+0x10/0x10 [ 1013.727031][ T31] ret_from_fork_asm+0x1a/0x30 [ 1013.731859][ T31] [ 1013.742683][ T31] INFO: task syz-executor:17397 blocked for more than 144 seconds. [ 1013.751199][ T31] Not tainted syzkaller #0 [ 1013.771850][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1013.781490][ T31] task:syz-executor state:D stack:24808 pid:17397 tgid:17397 ppid:1 task_flags:0x400140 flags:0x00080002 [ 1013.795540][ T31] Call Trace: [ 1013.798852][ T31] [ 1013.801798][ T31] __schedule+0x1190/0x5de0 [ 1013.809370][ T31] ? check_path.constprop.0+0x24/0x50 [ 1013.815953][ T31] ? __lock_acquire+0x622/0x1c90 [ 1013.821028][ T31] ? __pfx___schedule+0x10/0x10 [ 1013.826428][ T31] ? find_held_lock+0x2b/0x80 [ 1013.831133][ T31] ? schedule+0x2d7/0x3a0 [ 1013.835869][ T31] ? device_del+0xa0/0x9f0 [ 1013.840333][ T31] schedule+0xe7/0x3a0 [ 1013.844878][ T31] schedule_preempt_disabled+0x13/0x30 [ 1013.850450][ T31] __mutex_lock+0x818/0x1060 [ 1013.855433][ T31] ? device_del+0xa0/0x9f0 [ 1013.859886][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1013.865523][ T31] ? mark_held_locks+0x49/0x80 [ 1013.870335][ T31] ? device_del+0xa0/0x9f0 [ 1013.875330][ T31] device_del+0xa0/0x9f0 [ 1013.879607][ T31] ? __pfx_ida_free+0x10/0x10 [ 1013.884319][ T31] ? __pfx_device_del+0x10/0x10 [ 1013.889890][ T31] device_unregister+0x1d/0xc0 [ 1013.897119][ T31] del_device_store+0x355/0x4a0 [ 1013.902034][ T31] ? __pfx_del_device_store+0x10/0x10 [ 1013.907996][ T31] ? find_held_lock+0x2b/0x80 [ 1013.912704][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 1013.921265][ T31] ? __pfx_del_device_store+0x10/0x10 [ 1013.927043][ T31] bus_attr_store+0x74/0xb0 [ 1013.931571][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 1013.937175][ T31] sysfs_kf_write+0xf2/0x150 [ 1013.941795][ T31] kernfs_fop_write_iter+0x3af/0x570 [ 1013.947626][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 1013.952880][ T31] vfs_write+0x7d3/0x11d0 [ 1013.957747][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1013.963602][ T31] ? __pfx_vfs_write+0x10/0x10 [ 1013.968912][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 1013.974166][ T31] ksys_write+0x12a/0x250 [ 1013.981031][ T31] ? __pfx_ksys_write+0x10/0x10 [ 1013.986262][ T31] do_syscall_64+0xcd/0xfa0 [ 1013.990801][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1013.997087][ T31] RIP: 0033:0x7f2335f8e1ff [ 1014.003085][ T31] RSP: 002b:00007fffc26bea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 1014.012019][ T31] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007f2335f8e1ff [ 1014.020291][ T31] RDX: 0000000000000001 RSI: 00007fffc26bead0 RDI: 0000000000000005 [ 1014.031063][ T31] RBP: 00007f23360152cb R08: 0000000000000000 R09: 00007fffc26be8d7 [ 1014.039466][ T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1014.047891][ T31] R13: 00007fffc26bead0 R14: 00007f2336d14620 R15: 0000000000000003 [ 1014.056563][ T31] [ 1014.074842][ T31] INFO: task syz.3.2440:17433 blocked for more than 144 seconds. [ 1014.082613][ T31] Not tainted syzkaller #0 [ 1014.101767][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1014.124488][ T31] task:syz.3.2440 state:D stack:28856 pid:17433 tgid:17424 ppid:5827 task_flags:0x400040 flags:0x00080002 [ 1014.155967][ T31] Call Trace: [ 1014.159297][ T31] [ 1014.162256][ T31] __schedule+0x1190/0x5de0 [ 1014.194577][ T31] ? check_path.constprop.0+0x24/0x50 [ 1014.200024][ T31] ? __lock_acquire+0x622/0x1c90 [ 1014.215927][ T31] ? __pfx___schedule+0x10/0x10 [ 1014.220855][ T31] ? find_held_lock+0x2b/0x80 [ 1014.234602][ T31] ? schedule+0x2d7/0x3a0 [ 1014.238997][ T31] ? devlink_health_report+0x6b4/0xb00 [ 1014.254852][ T31] schedule+0xe7/0x3a0 [ 1014.258985][ T31] schedule_preempt_disabled+0x13/0x30 [ 1014.275051][ T31] __mutex_lock+0x818/0x1060 [ 1014.279708][ T31] ? devlink_health_report+0x6b4/0xb00 [ 1014.295739][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1014.300852][ T31] ? devlink_health_report+0x6b4/0xb00 [ 1014.324488][ T31] devlink_health_report+0x6b4/0xb00 [ 1014.329858][ T31] ? __pfx_devlink_health_report+0x10/0x10 [ 1014.344705][ T31] ? _copy_from_user+0x59/0xd0 [ 1014.349626][ T31] nsim_dev_health_break_write+0x166/0x210 [ 1014.386633][ T31] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 1014.393040][ T31] full_proxy_write+0x131/0x1a0 [ 1014.398582][ T31] ? __pfx_full_proxy_write+0x10/0x10 [ 1014.403993][ T31] vfs_write+0x2a0/0x11d0 [ 1014.410315][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1014.415670][ T31] ? __pfx_vfs_write+0x10/0x10 [ 1014.420481][ T31] ? __fget_files+0x20e/0x3c0 [ 1014.442178][ T31] ksys_write+0x12a/0x250 [ 1014.453514][ T31] ? __pfx_ksys_write+0x10/0x10 [ 1014.463059][ T31] do_syscall_64+0xcd/0xfa0 [ 1014.470441][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1014.476688][ T31] RIP: 0033:0x7f1fd478f749 [ 1014.481123][ T31] RSP: 002b:00007f1fd55fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1014.490023][ T31] RAX: ffffffffffffffda RBX: 00007f1fd49e6180 RCX: 00007f1fd478f749 [ 1014.498282][ T31] RDX: 00000000000001ff RSI: 0000000000000000 RDI: 0000000000000002 [ 1014.506615][ T31] RBP: 00007f1fd4813f91 R08: 0000000000000000 R09: 0000000000000000 [ 1014.519373][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1014.527786][ T31] R13: 00007f1fd49e6218 R14: 00007f1fd49e6180 R15: 00007fff9a4f0ed8 [ 1014.536265][ T31] [ 1014.557981][ T31] [ 1014.557981][ T31] Showing all locks held in the system: [ 1014.572966][ T31] 6 locks held by kworker/u8:0/12: [ 1014.581312][ T31] #0: ffff88801ba9f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 [ 1014.592462][ T31] #1: ffffc90000117d00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 [ 1014.602827][ T31] #2: ffffffff900d5010 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x8b0 [ 1014.614170][ T31] #3: ffff88807aeba0e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x12c/0x2b0 [ 1014.625008][ T31] #4: ffff88807aebb250 (&devlink->lock_key){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x136/0x2b0 [ 1014.636031][ T31] #5: ffff88805ec5ae90 (&sb->s_type->i_mutex_key#3/2){+.+.}-{4:4}, at: __simple_recursive_removal+0x354/0x610 [ 1014.648509][ T31] 1 lock held by khungtaskd/31: [ 1014.653382][ T31] #0: ffffffff8e3c45e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0 [ 1014.663706][ T31] 2 locks held by getty/5584: [ 1014.668854][ T31] #0: ffff888034ab10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 1014.678951][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 [ 1014.692907][ T31] 5 locks held by syz-executor/17397: [ 1014.699091][ T31] #0: ffff888023fc0420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1014.708548][ T31] #1: ffff88805d467888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 1014.720355][ T31] #2: ffff888144725968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 1014.731236][ T31] #3: ffffffff8f66d208 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 1014.741948][ T31] #4: ffff88807aeba0e8 (&dev->mutex){....}-{4:4}, at: device_del+0xa0/0x9f0 [ 1014.751166][ T31] 3 locks held by syz.3.2440/17433: [ 1014.756864][ T31] #0: ffff88807fe0b7b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 1014.766758][ T31] #1: ffff8881412ea420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1014.776184][ T31] #2: ffff88807aebb250 (&devlink->lock_key){+.+.}-{4:4}, at: devlink_health_report+0x6b4/0xb00 [ 1014.787271][ T31] 1 lock held by syz.1.2450/17482: [ 1014.792401][ T31] #0: ffffffff8e3cfa40 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6e0 [ 1014.805407][ T31] 4 locks held by syz-executor/17710: [ 1014.810832][ T31] #0: ffff888023fc0420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1014.821908][ T31] #1: ffff888048543488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 1014.832216][ T31] #2: ffff888144725968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 1014.842555][ T31] #3: ffffffff8f66d208 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 1014.853322][ T31] 2 locks held by syz.0.2592/18023: [ 1014.859546][ T31] #0: ffff8881412ea420 (sb_writers#8){.+.+}-{0:0}, at: path_openat+0x1ec8/0x2cb0 [ 1014.869564][ T31] #1: ffff88805ec5ae90 (&sb->s_type->i_mutex_key#3){++++}-{4:4}, at: path_openat+0x818/0x2cb0 [ 1014.880341][ T31] 4 locks held by syz-executor/18120: [ 1014.886105][ T31] #0: ffff888023fc0420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1014.895441][ T31] #1: ffff88805cd13c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 1014.907819][ T31] #2: ffff888144725968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 1014.919105][ T31] #3: ffffffff8f66d208 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 1014.931497][ T31] 4 locks held by syz-executor/18138: [ 1014.937928][ T31] #0: ffff888023fc0420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1014.947393][ T31] #1: ffff88807ba14488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 1014.957473][ T31] #2: ffff888144725968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 1014.967902][ T31] #3: ffffffff8f66d208 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 1014.978667][ T31] 4 locks held by syz-executor/18197: [ 1014.984056][ T31] #0: ffff888023fc0420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1014.993644][ T31] #1: ffff88805d3c4488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 1015.003737][ T31] #2: ffff888144725968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 1015.014216][ T31] #3: ffffffff8f66d208 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 1015.030350][ T31] 4 locks held by syz-executor/18212: [ 1015.036526][ T31] #0: ffff888023fc0420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1015.045962][ T31] #1: ffff88805e667488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 1015.056037][ T31] #2: ffff888144725968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 1015.066682][ T31] #3: ffffffff8f66d208 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 1015.077287][ T31] 4 locks held by syz-executor/18223: [ 1015.082682][ T31] #0: ffff888023fc0420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1015.092453][ T31] #1: ffff88804a54f088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 1015.104190][ T31] #2: ffff888144725968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 1015.114697][ T31] #3: ffffffff8f66d208 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 1015.126793][ T31] 4 locks held by syz-executor/18232: [ 1015.132191][ T31] #0: ffff888023fc0420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 1015.145250][ T31] #1: ffff888025909888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 1015.155443][ T31] #2: ffff888144725968 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 1015.165820][ T31] #3: ffffffff8f66d208 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x4a0 [ 1015.183471][ T31] [ 1015.187672][ T31] ============================================= [ 1015.187672][ T31] [ 1015.196843][ T31] NMI backtrace for cpu 1 [ 1015.196862][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 1015.196890][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 1015.196905][ T31] Call Trace: [ 1015.196913][ T31] [ 1015.196922][ T31] dump_stack_lvl+0x116/0x1f0 [ 1015.196958][ T31] nmi_cpu_backtrace+0x27b/0x390 [ 1015.196997][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1015.197034][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300 [ 1015.197076][ T31] watchdog+0xf3f/0x1170 [ 1015.197103][ T31] ? rcu_is_watching+0x12/0xc0 [ 1015.197130][ T31] ? __pfx_watchdog+0x10/0x10 [ 1015.197151][ T31] ? lockdep_hardirqs_on+0x7c/0x110 [ 1015.197183][ T31] ? __kthread_parkme+0x19e/0x250 [ 1015.197215][ T31] ? __pfx_watchdog+0x10/0x10 [ 1015.197245][ T31] kthread+0x3c5/0x780 [ 1015.197281][ T31] ? __pfx_kthread+0x10/0x10 [ 1015.197318][ T31] ? rcu_is_watching+0x12/0xc0 [ 1015.197343][ T31] ? __pfx_kthread+0x10/0x10 [ 1015.197380][ T31] ret_from_fork+0x675/0x7d0 [ 1015.197416][ T31] ? __pfx_kthread+0x10/0x10 [ 1015.197452][ T31] ret_from_fork_asm+0x1a/0x30 [ 1015.197500][ T31]